lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Allocate ssl_config out of ssl_setup()

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard
2015-05-04 14:56:36 +02:00
parent cd523e2a5e
commit def0bbe3ab
15 changed files with 154 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
programs/ssl/dtls_client.c
View File

@ -92,6 +92,7 @@ int main( int argc, char *argv[] )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
((void) argc);
@ -105,6 +106,7 @@ int main( int argc, char *argv[] )
* 0. Initialize the RNG and the session data
*/
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@ -123,7 +125,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " ok\n" );
/*
* 0. Initialize certificates
* 0. Load certificates
*/
mbedtls_printf( " . Loading the CA root certificate ..." );
fflush( stdout );
@ -160,7 +162,13 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the DTLS structure..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -322,6 +330,7 @@ exit:
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

11
programs/ssl/dtls_server.c
View File

@ -97,6 +97,7 @@ int main( void )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
#if defined(MBEDTLS_SSL_CACHE_C)
@ -104,6 +105,7 @@ int main( void )
#endif
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ssl_cookie_init( &cookie_ctx );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
@ -190,7 +192,13 @@ int main( void )
printf( " . Setting up the DTLS data..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -391,6 +399,7 @@ exit:
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ssl_cookie_free( &cookie_ctx );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free( &cache );

12
programs/ssl/mini_client.c
View File

@ -147,6 +147,7 @@ enum exit_codes
{
exit_ok = 0,
ctr_drbg_seed_failed,
ssl_config_default_failed,
ssl_setup_failed,
socket_failed,
connect_failed,
@ -167,12 +168,14 @@ int main( void )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ctr_drbg_init( &ctr_drbg );
/*
* 0. Initialize and setup stuff
*/
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &ca );
#endif
@ -185,7 +188,13 @@ int main( void )
goto exit;
}
if( mbedtls_ssl_setup( &ssl ) != 0 )
if( mbedtls_ssl_config_defaults( &conf ) != 0 )
{
ret = ssl_config_defaults_failed;
goto exit;
}
if( mbedtls_ssl_setup( &ssl, &conf ) != 0 )
{
ret = ssl_setup_failed;
goto exit;
@ -260,6 +269,7 @@ exit:
mbedtls_net_close( server_fd );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(MBEDTLS_X509_CRT_PARSE_C)

11
programs/ssl/ssl_client1.c
View File

@ -83,6 +83,7 @@ int main( void )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
#if defined(MBEDTLS_DEBUG_C)
@ -93,6 +94,7 @@ int main( void )
* 0. Initialize the RNG and the session data
*/
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@ -148,7 +150,13 @@ int main( void )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -275,6 +283,7 @@ exit:
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

11
programs/ssl/ssl_client2.c
View File

@ -401,6 +401,7 @@ int main( int argc, char *argv[] )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ssl_session saved_session;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt cacert;
@ -415,6 +416,7 @@ int main( int argc, char *argv[] )
*/
server_fd = 0;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -1047,7 +1049,13 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
@ -1581,6 +1589,7 @@ exit:
#endif
mbedtls_ssl_session_free( &saved_session );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

14
programs/ssl/ssl_fork_server.c
View File

@ -103,11 +103,12 @@ int main( void )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_entropy_init( &entropy );
mbedtls_pk_init( &pkey );
mbedtls_x509_crt_init( &srvcert );
@ -248,7 +249,13 @@ int main( void )
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -373,6 +380,7 @@ exit:
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

11
programs/ssl/ssl_mail_client.c
View File

@ -355,6 +355,7 @@ int main( int argc, char *argv[] )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
mbedtls_pk_context pkey;
@ -368,6 +369,7 @@ int main( int argc, char *argv[] )
*/
server_fd = 0;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &buf, 0, sizeof( buf ) );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@ -582,7 +584,13 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -821,6 +829,7 @@ exit:
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

12
programs/ssl/ssl_pthread_server.c
View File

@ -130,10 +130,12 @@ static void *handle_ssl_connection( void *data )
unsigned char buf[1024];
char pers[50];
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_ctr_drbg_context ctr_drbg;
/* Make sure memory references are valid */
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
@ -158,7 +160,14 @@ static void *handle_ssl_connection( void *data )
*/
mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
thread_id, -ret );
goto thread_exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_setup returned -0x%04x\n",
thread_id, -ret );
@ -314,6 +323,7 @@ thread_exit:
mbedtls_net_close( client_fd );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
thread_info->thread_complete = 1;

11
programs/ssl/ssl_server.c
View File

@ -97,6 +97,7 @@ int main( void )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
#if defined(MBEDTLS_SSL_CACHE_C)
@ -104,6 +105,7 @@ int main( void )
#endif
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
#endif
@ -189,7 +191,13 @@ int main( void )
mbedtls_printf( " . Setting up the SSL data...." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
@ -369,6 +377,7 @@ exit:
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_free( &cache );
#endif

11
programs/ssl/ssl_server2.c
View File

@ -722,6 +722,7 @@ int main( int argc, char *argv[] )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_SSL_RENEGOTIATION)
unsigned char renego_period[8] = { 0 };
#endif
@ -762,6 +763,7 @@ int main( int argc, char *argv[] )
*/
listen_fd = 0;
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
@ -1518,7 +1520,13 @@ int main( int argc, char *argv[] )
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
@ -2205,6 +2213,7 @@ exit:
#endif
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );

29
programs/x509/cert_app.c
View File

@ -146,6 +146,7 @@ int main( int argc, char *argv[] )
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
mbedtls_x509_crt cacert;
mbedtls_x509_crt clicert;
mbedtls_x509_crl cacrl;
@ -161,6 +162,7 @@ int main( int argc, char *argv[] )
server_fd = 0;
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
@ -372,7 +374,7 @@ int main( int argc, char *argv[] )
strlen( pers ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
goto exit;
goto ssl_exit;
}
mbedtls_printf( " ok\n" );
@ -388,16 +390,22 @@ int main( int argc, char *argv[] )
opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
goto exit;
goto ssl_exit;
}
/*
* 3. Setup stuff
*/
if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
goto ssl_exit;
}
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
@ -417,14 +425,14 @@ int main( int argc, char *argv[] )
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
goto ssl_exit;
}
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
goto ssl_exit;
}
#endif
@ -436,8 +444,7 @@ int main( int argc, char *argv[] )
if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret );
mbedtls_ssl_free( &ssl );
goto exit;
goto ssl_exit;
}
}
@ -452,14 +459,16 @@ int main( int argc, char *argv[] )
if( ret == -1 )
{
mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret );
mbedtls_ssl_free( &ssl );
goto exit;
goto ssl_exit;
}
mbedtls_printf( "%s\n", buf );
mbedtls_ssl_close_notify( &ssl );
ssl_exit:
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );
}
else
goto usage;