changed var arrays to alloca

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@138 9a5d90b5-6617-0410-8a86-bb477d3ed2e3

ssl/bigint.h

@@ -19,8 +19,8 @@
 #ifndef BIGINT_HEADER
 #define BIGINT_HEADER
 
-#include "os_port.h"
 #include "crypto.h"
+#include "os_port.h"
 #include "bigint_impl.h"
 
 #ifndef CONFIG_BIGINT_CHECK_ON

ssl/openssl.c

@@ -180,10 +180,12 @@ void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
 int SSL_library_init(void ) { return 1; }
 void SSL_load_error_strings(void ) {}
 void ERR_print_errors_fp(FILE *fp) {}
+#ifndef CONFIG_SSL_SKELETON_MODE
 long SSL_CTX_get_timeout(const SSL_CTX *ssl_ctx) { 
                             return CONFIG_SSL_EXPIRY_TIME*3600; }
 long SSL_CTX_set_timeout(SSL_CTX *ssl_ctx, long t) { 
                             return SSL_CTX_get_timeout(ssl_ctx); }
+#endif
 void BIO_printf(FILE *f, const char *format, ...)
 {
     va_list(ap);

ssl/os_port.h

@@ -87,6 +87,7 @@ extern "C" {
 #define strdup(A)               _strdup(A)
 #define chroot(A)               _chdir(A)
 #define chdir(A)                _chdir(A)
+#define alloca(A)                _alloca(A)
 #ifndef lseek
 #define lseek(A,B,C)            _lseek(A,B,C)
 #endif
@@ -166,6 +167,29 @@ void exit_now(const char *format, ...) __attribute((noreturn));
 void exit_now(const char *format, ...);
 #endif
 
+/* Mutexing definitions */
+#if defined(CONFIG_SSL_CTX_MUTEXING)
+#if defined(WIN32)
+#define SSL_CTX_MUTEX_TYPE          HANDLE
+#define SSL_CTX_MUTEX_INIT(A)       A=CreateMutex(0, FALSE, 0)
+#define SSL_CTX_MUTEX_DESTROY(A)    CloseHandle(A)
+#define SSL_CTX_LOCK(A)             WaitForSingleObject(A, INFINITE)
+#define SSL_CTX_UNLOCK(A)           ReleaseMutex(A)
+#else 
+#include <pthread.h>
+#define SSL_CTX_MUTEX_TYPE          pthread_mutex_t
+#define SSL_CTX_MUTEX_INIT(A)       pthread_mutex_init(&A, NULL)
+#define SSL_CTX_MUTEX_DESTROY(A)    pthread_mutex_destroy(&A)
+#define SSL_CTX_LOCK(A)             pthread_mutex_lock(&A)
+#define SSL_CTX_UNLOCK(A)           pthread_mutex_unlock(&A)
+#endif
+#else   /* no mutexing */
+#define SSL_CTX_MUTEX_INIT(A)
+#define SSL_CTX_MUTEX_DESTROY(A)
+#define SSL_CTX_LOCK(A)
+#define SSL_CTX_UNLOCK(A)
+#endif
+
 #ifdef __cplusplus
 }
 #endif

ssl/rsa.c

@@ -128,11 +128,7 @@ int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data,
     const int byte_size = ctx->num_octets;
     int i, size;
     bigint *decrypted_bi, *dat_bi;
-#ifndef WIN32
-    uint8_t block[byte_size];
-#else
-    uint8_t *block = (uint8_t *)malloc(byte_size);
-#endif
+    uint8_t *block = (uint8_t *)alloca(byte_size);
 
     memset(out_data, 0, byte_size); /* initialise */
 
@@ -169,9 +165,6 @@ int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data,
     if (size > 0)
         memcpy(out_data, &block[i], size);
     
-#ifdef WIN32
-    free(block);
-#endif
     return size ? size : -1;
 }
 
@@ -264,11 +257,7 @@ bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
     int i, size;
     bigint *decrypted_bi, *dat_bi;
     bigint *bir = NULL;
-#ifndef WIN32
-    uint8_t block[sig_len];
-#else
-    uint8_t *block = (uint8_t *)malloc(sig_len);
-#endif
+    uint8_t *block = (uint8_t *)alloca(sig_len);
 
     /* decrypt */
     dat_bi = bi_import(ctx, sig, sig_len);
@@ -296,10 +285,6 @@ bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
         }
     }
 
-#ifdef WIN32
-    free(block);
-#endif
-
     /* save a few bytes of memory */
     bi_clear_cache(ctx);
     return bir;

ssl/tls1.c

@@ -307,7 +307,6 @@ EXP_FUNC int STDCALL ssl_read(SSL *ssl, uint8_t **in_data)
  */
 EXP_FUNC int STDCALL ssl_write(SSL *ssl, const uint8_t *out_data, int out_len)
 {
-
     int n = out_len, nw, i, tot = 0;
 
     /* maximum size of a TLS packet is around 16kB, so fragment */
@@ -624,11 +623,7 @@ static void add_hmac_digest(SSL *ssl, int mode, uint8_t *hmac_header,
         const uint8_t *buf, int buf_len, uint8_t *hmac_buf)
 {
     int hmac_len = buf_len + 8 + SSL_RECORD_SIZE;
-#ifndef WIN32
-    uint8_t t_buf[hmac_len+10];
-#else
-    uint8_t *t_buf = (uint8_t *)malloc(hmac_len+10);
-#endif
+    uint8_t *t_buf = (uint8_t *)alloca(hmac_len+10);
 
     memcpy(t_buf, (mode == SSL_SERVER_WRITE || mode == SSL_CLIENT_WRITE) ? 
                     ssl->write_sequence : ssl->read_sequence, 8);
@@ -664,9 +659,6 @@ static void add_hmac_digest(SSL *ssl, int mode, uint8_t *hmac_header,
     }
     print_blob("hmac", hmac_buf, SHA1_SIZE);
 #endif
-#ifdef WIN32
-    free(t_buf);
-#endif
 }
 
 /**
@@ -1520,7 +1512,7 @@ void disposable_free(SSL *ssl)
 {
     if (ssl->dc)
     {
-	free(ssl->dc->key_block);
+	    free(ssl->dc->key_block);
         memset(ssl->dc, 0, sizeof(DISPOSABLE_CTX));
         free(ssl->dc);
         ssl->dc = NULL;

ssl/tls1.h

@@ -32,29 +32,6 @@ extern "C" {
 #include "crypto.h"
 #include "crypto_misc.h"
 
-/* Mutexing definitions */
-#if defined(CONFIG_SSL_CTX_MUTEXING)
-#if defined(WIN32)
-#define SSL_CTX_MUTEX_TYPE          HANDLE
-#define SSL_CTX_MUTEX_INIT(A)       A=CreateMutex(0, FALSE, 0)
-#define SSL_CTX_MUTEX_DESTROY(A)    CloseHandle(A)
-#define SSL_CTX_LOCK(A)             WaitForSingleObject(A, INFINITE)
-#define SSL_CTX_UNLOCK(A)           ReleaseMutex(A)
-#else 
-#include <pthread.h>
-#define SSL_CTX_MUTEX_TYPE          pthread_mutex_t
-#define SSL_CTX_MUTEX_INIT(A)       pthread_mutex_init(&A, NULL)
-#define SSL_CTX_MUTEX_DESTROY(A)    pthread_mutex_destroy(&A)
-#define SSL_CTX_LOCK(A)             pthread_mutex_lock(&A)
-#define SSL_CTX_UNLOCK(A)           pthread_mutex_unlock(&A)
-#endif
-#else   /* no mutexing */
-#define SSL_CTX_MUTEX_INIT(A)
-#define SSL_CTX_MUTEX_DESTROY(A)
-#define SSL_CTX_LOCK(A)
-#define SSL_CTX_UNLOCK(A)
-#endif
-
 #define SSL_RANDOM_SIZE             32
 #define SSL_SECRET_SIZE             48
 #define SSL_FINISHED_HASH_SIZE      12