From e1ec4729b48cc991a5b2175e4dfe98ef759cdcb8 Mon Sep 17 00:00:00 2001
From: Matthew Parlane <parlane@gmail.com>
Date: Thu, 27 Feb 2014 21:05:18 +1300
Subject: [PATCH] Initialise entropy correctly for ssl.

---
 .../IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp     | 18 +++++++++++++++++-
 .../Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h  |  2 ++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp
index f25972ba51..0ce5f7c3a6 100644
--- a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp
+++ b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.cpp
@@ -148,7 +148,21 @@ bool CWII_IPC_HLE_Device_net_ssl::IOCtlV(u32 _CommandAddress)
 			}
 
 			entropy_init(&_SSL[sslID].entropy);
-			ssl_set_rng(&_SSL[sslID].ctx, entropy_func, &_SSL[sslID].entropy);
+			const char* pers = "dolphin-emu";
+			ret = ctr_drbg_init(&_SSL[sslID].ctr_drbg, entropy_func,
+			                    &_SSL[sslID].entropy,
+			                    (const unsigned char*)pers,
+			                    strlen(pers));
+			if (ret)
+			{
+				ssl_free(&_SSL[sslID].ctx);
+				// Cleanup possibly dirty ctx
+				memset(&_SSL[sslID].ctx, 0, sizeof(ssl_context));
+				entropy_free(&_SSL[sslID].entropy);
+				goto _SSL_NEW_ERROR;
+			}
+
+			ssl_set_rng(&_SSL[sslID].ctx, ctr_drbg_random, &_SSL[sslID].ctr_drbg);
 
 			// For some reason we can't use TLSv1.2, v1.1 and below are fine!
 			ssl_set_max_version(&_SSL[sslID].ctx, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_2);
@@ -191,6 +205,8 @@ _SSL_NEW_ERROR:
 			ssl_session_free(&_SSL[sslID].session);
 			ssl_free(&_SSL[sslID].ctx);
 
+			entropy_free(&_SSL[sslID].entropy);
+			
 			x509_crt_free(&_SSL[sslID].cacert);
 			x509_crt_free(&_SSL[sslID].clicert);
 
diff --git a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h
index 145a49e955..8039d6a5b3 100644
--- a/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h
+++ b/Source/Core/Core/IPC_HLE/WII_IPC_HLE_Device_net_ssl.h
@@ -4,6 +4,7 @@
 
 #pragma once
 
+#include <polarssl/ctr_drbg.h>
 #include <polarssl/entropy.h>
 #include <polarssl/net.h>
 #include <polarssl/ssl.h>
@@ -58,6 +59,7 @@ typedef struct
 	ssl_context ctx;
 	ssl_session session;
 	entropy_context entropy;
+	ctr_drbg_context ctr_drbg;
 	x509_crt cacert;
 	x509_crt clicert;
 	pk_context pk;