From cdd02f9665ef43126503307972e4389070a00a73 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 18 Jun 2025 16:57:02 -0600
Subject: [PATCH] Add check for reseed in ssl.c for HAVE_SELFTEST, similar to
 old FIPS bundles that do not have older random.c files

---
 src/ssl.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 16acfda1c..d69d2c32c 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -25514,7 +25514,7 @@ static int wolfSSL_RAND_InitMutex(void)
 #ifdef OPENSSL_EXTRA
 
 #if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
-    defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
+    ((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || defined(HAVE_SELFTEST))
 /* In older FIPS bundles add check for reseed here since it does not exist in
  * the older random.c certified files. */
 static pid_t currentRandPid = 0;
@@ -25533,7 +25533,9 @@ int wolfSSL_RAND_Init(void)
             ret = wc_InitRng(&globalRNG);
             if (ret == 0) {
             #if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
-                defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
+                ((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || \
+                 defined(HAVE_SELFTEST))
+
                 currentRandPid = getpid();
             #endif
                 initGlobalRNG = 1;
@@ -26014,7 +26016,8 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
          */
         if (initGlobalRNG) {
         #if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
-                defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
+                ((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || \
+                 defined(HAVE_SELFTEST))
             pid_t p;
 
             p = getpid();