From 41d479e7df52b67e9590455c8b6185ba8108ece7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 29 Apr 2015 00:48:22 +0200
Subject: [PATCH] Split ssl_init() -> ssl_setup()
---
ChangeLog | 1 +
include/mbedtls/ssl.h | 12 ++++++++++--
library/ssl_tls.c | 12 +++++++++---
programs/ssl/dtls_client.c | 6 +++---
programs/ssl/dtls_server.c | 6 +++---
programs/ssl/mini_client.c | 10 +++++-----
programs/ssl/ssl_client1.c | 8 +++-----
programs/ssl/ssl_client2.c | 6 +++---
programs/ssl/ssl_fork_server.c | 4 ++--
programs/ssl/ssl_mail_client.c | 6 +++---
programs/ssl/ssl_pthread_server.c | 6 +++---
programs/ssl/ssl_server.c | 6 +++---
programs/ssl/ssl_server2.c | 6 +++---
programs/x509/cert_app.c | 5 +++--
tests/suites/test_suite_ssl.function | 4 +++-
15 files changed, 57 insertions(+), 41 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index c0afc058b6..036619d4f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,7 @@ API Changes
* Headers are now found in the 'mbedtls' directory (previously 'polarssl').
* The following _init() functions that could return errors have
been split into an _init() that returns void and another function:
+ mbedtls_ssl_init() -> mbedtls_ssl_setup()
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
mbedtls_gcm_init() -> mbedtls_gcm_setkey()
mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_init(_buf)()
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 0cdc537509..5f4e46e5e7 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1098,14 +1098,22 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
/**
* \brief Initialize an SSL context
- * (An individual SSL context is not thread-safe)
+ * Just makes the context ready for mbetls_ssl_setup() or
+ * mbedtls_ssl_free()
+ *
+ * \param ssl SSL context
+ */
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief Set up an SSL context for use
*
* \param ssl SSL context
*
* \return 0 if successful, or MBEDTLS_ERR_SSL_MALLOC_FAILED if
* memory allocation failed
*/
-int mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl );
/**
* \brief Reset an already initialized SSL context for re-use
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 55c04b5d7d..bb5ab3b0a5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4944,13 +4944,19 @@ static int ssl_cookie_check_dummy( void *ctx,
/*
* Initialize an SSL context
*/
-int mbedtls_ssl_init( mbedtls_ssl_context *ssl )
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
+{
+ memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
+}
+
+/*
+ * Setup an SSL context
+ */
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl )
{
int ret;
int len = MBEDTLS_SSL_BUFFER_LEN;
- memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
-
/*
* Sane defaults
*/
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 4a8642d5e7..4f82283575 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -104,7 +104,7 @@ int main( int argc, char *argv[] )
/*
* 0. Initialize the RNG and the session data
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -160,9 +160,9 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the DTLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 92170ebb3c..a4b86f76e6 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -103,7 +103,7 @@ int main( void )
mbedtls_ssl_cache_context cache;
#endif
- memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ssl_cookie_init( &cookie_ctx );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
@@ -190,9 +190,9 @@ int main( void )
printf( " . Setting up the DTLS data..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index ad9e851915..cab6e8d4c3 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -147,7 +147,7 @@ enum exit_codes
{
exit_ok = 0,
ctr_drbg_seed_failed,
- ssl_init_failed,
+ ssl_setup_failed,
socket_failed,
connect_failed,
x509_crt_parse_failed,
@@ -172,7 +172,7 @@ int main( void )
/*
* 0. Initialize and setup stuff
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &ca );
#endif
@@ -181,13 +181,13 @@ int main( void )
if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers, strlen( pers ) ) != 0 )
{
- ret = ssl_init_failed;
+ ret = ctr_drbg_seed_failed;
goto exit;
}
- if( mbedtls_ssl_init( &ssl ) != 0 )
+ if( mbedtls_ssl_setup( &ssl ) != 0 )
{
- ret = ssl_init_failed;
+ ret = ssl_setup_failed;
goto exit;
}
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 77a68e64c2..37c24a22c5 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -92,7 +92,7 @@ int main( void )
/*
* 0. Initialize the RNG and the session data
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -148,9 +148,9 @@ int main( void )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
@@ -278,8 +278,6 @@ exit:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
- memset( &ssl, 0, sizeof( ssl ) );
-
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 280b50d842..de6ff655b6 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -414,7 +414,7 @@ int main( int argc, char *argv[] )
* Make sure memory references are valid.
*/
server_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -1047,9 +1047,9 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
}
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 9f00310d7d..a0880e8635 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -248,9 +248,9 @@ int main( void )
goto exit;
}
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 78abc28648..6043b07d97 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -367,7 +367,7 @@ int main( int argc, char *argv[] )
* Make sure memory references are valid in case we exit early.
*/
server_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
memset( &buf, 0, sizeof( buf ) );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@@ -582,9 +582,9 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index b32ceda010..3432e5e790 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -133,7 +133,7 @@ static void *handle_ssl_connection( void *data )
mbedtls_ctr_drbg_context ctr_drbg;
/* Make sure memory references are valid */
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
@@ -158,9 +158,9 @@ static void *handle_ssl_connection( void *data )
*/
mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_init returned -0x%04x\n",
+ mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_setup returned -0x%04x\n",
thread_id, -ret );
goto thread_exit;
}
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index e8f765e5f6..bd68d3ddaf 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -103,7 +103,7 @@ int main( void )
mbedtls_ssl_cache_context cache;
#endif
- memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
+ mbedtls_ssl_init( &ssl );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
#endif
@@ -189,9 +189,9 @@ int main( void )
mbedtls_printf( " . Setting up the SSL data...." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f1dff60173..a7a37e8350 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -761,7 +761,7 @@ int main( int argc, char *argv[] )
* Make sure memory references are valid in case we exit early.
*/
listen_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
@@ -1518,9 +1518,9 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
}
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index ce58ab2c28..a13f9bc5f1 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -160,6 +160,7 @@ int main( int argc, char *argv[] )
*/
server_fd = 0;
mbedtls_ctr_drbg_init( &ctr_drbg );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -393,9 +394,9 @@ int main( int argc, char *argv[] )
/*
* 3. Setup stuff
*/
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index a25826a859..6d9a4c0817 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -13,7 +13,9 @@ void ssl_dtls_replay( char *prevs, char *new, int ret )
mbedtls_ssl_context ssl;
char *end_prevs = prevs + strlen( prevs ) + 1;
- TEST_ASSERT( mbedtls_ssl_init( &ssl ) == 0 );
+ mbedtls_ssl_init( &ssl );
+
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl ) == 0 );
TEST_ASSERT( mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM ) == 0 );
/* Read previous record numbers */