commit ed10e2ab8741f3686a9e26175da4e3b2861e79cc
author Gilles Peskine <Gilles.Peskine@arm.com> Fri May 16 14:24:50 2025 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Fri May 16 14:24:50 2025 +0200
tree 39d08b736fe1cadb3bd8728863fe338587fc5644
parent 060c70e3abafcd0d949cc818d36e00e692c69922

Note functions that store the RNG callback in a context

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 960200f..3cdddf7 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2255,6 +2255,10 @@
 /**
  * \brief          Set the random number generator callback
  *
+ * \note           The callback with its parameter must remain valid as
+ *                 long as there is an SSL context that uses the
+ *                 SSL configuration.
+ *
  * \param conf     SSL configuration
  * \param f_rng    RNG function (mandatory)
  * \param p_rng    RNG parameter

include/mbedtls/ssl_ticket.h

diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index bf3bc76..9f7e440 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -98,7 +98,9 @@
  *
  * \param ctx       Context to be set up
  * \param f_rng     RNG callback function (mandatory)
- * \param p_rng     RNG callback context
+ * \param p_rng     RNG callback context.
+ *                  Note that the RNG callback must remain valid
+ *                  until the ticket context is freed.
  * \param cipher    AEAD cipher to use for ticket protection.
  *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
  * \param lifetime  Tickets lifetime in seconds