Add helpers and all regress tests are passed

diff --git a/bufferevent_mbedtls.c b/bufferevent_mbedtls.c
index ca96f723f35e00811b6366efca12eccf81ad83c0..95859bd3ac0abcb7b1ca6c530be537a636924525 100644 (file)
--- a/bufferevent_mbedtls.c
+++ b/bufferevent_mbedtls.c
@@ -47,7 +47,7 @@
 #include "mm-internal.h"
 
 struct mbedtls_context {
-       mbedtls_ssl_context *ssl;
+       mbedtls_dyncontext *ssl;
        mbedtls_net_context net;
 };
 static void *
@@ -65,7 +65,7 @@ mbedtls_context_free(void *ssl, int flags)
 {
        struct mbedtls_context *ctx = ssl;
        if (flags & BEV_OPT_CLOSE_ON_FREE)
-               mbedtls_ssl_free(ctx->ssl);
+               bufferevent_mbedtls_dyncontext_free(ctx->ssl);
        mm_free(ctx);
 }
 static int
@@ -309,7 +309,7 @@ bufferevent_get_mbedtls_error(struct bufferevent *bufev)
 static struct le_ssl_ops le_mbedtls_ops = {
        mbedtls_context_init,
        mbedtls_context_free,
-       (void (*)(void *))mbedtls_ssl_free,
+       (void (*)(void *))bufferevent_mbedtls_dyncontext_free,
        mbedtls_context_renegotiate,
        mbedtls_context_write,
        mbedtls_context_read,
@@ -352,7 +352,7 @@ bufferevent_mbedtls_filter_new(struct event_base *base,
 
 err:
        if (options & BEV_OPT_CLOSE_ON_FREE)
-               mbedtls_ssl_free(ssl);
+               bufferevent_mbedtls_dyncontext_free(ssl);
        return NULL;
 }
 
@@ -407,3 +407,19 @@ bufferevent_mbedtls_socket_new(struct event_base *base, evutil_socket_t fd,
 err:
        return NULL;
 }
+
+mbedtls_dyncontext *
+bufferevent_mbedtls_dyncontext_new(struct mbedtls_ssl_config *conf)
+{
+       mbedtls_dyncontext *ctx = mm_calloc(1, sizeof(*ctx));
+       mbedtls_ssl_init(ctx);
+       mbedtls_ssl_setup(ctx, conf);
+       return ctx;
+}
+
+void
+bufferevent_mbedtls_dyncontext_free(mbedtls_dyncontext *ctx)
+{
+       mbedtls_ssl_free(ctx);
+       mm_free(ctx);
+}

diff --git a/include/event2/bufferevent_ssl.h b/include/event2/bufferevent_ssl.h
index 8cc35732034e55f25c2ee6518d4bad78c26e5fa9..009de2be93b47daa2199331634c2b00f4a1d67b3 100644 (file)
--- a/include/event2/bufferevent_ssl.h
+++ b/include/event2/bufferevent_ssl.h
@@ -183,6 +183,9 @@ unsigned long bufferevent_get_openssl_error(struct bufferevent *bev);
 #endif
 #if defined(EVENT__HAVE_MBEDTLS) || defined(EVENT_IN_DOXYGEN_)
 struct mbedtls_ssl_context;
+struct mbedtls_ssl_config;
+typedef struct mbedtls_ssl_context mbedtls_dyncontext;
+
 /**
    Create a new SSL bufferevent to send its data over another bufferevent.
 
@@ -198,7 +201,7 @@ EVENT2_EXPORT_SYMBOL
 struct bufferevent *
 bufferevent_mbedtls_filter_new(struct event_base *base,
     struct bufferevent *underlying,
-    struct mbedtls_ssl_context *ssl,
+    mbedtls_dyncontext *ssl,
     enum bufferevent_ssl_state state,
     int options);
 
@@ -216,7 +219,7 @@ EVENT2_EXPORT_SYMBOL
 struct bufferevent *
 bufferevent_mbedtls_socket_new(struct event_base *base,
     evutil_socket_t fd,
-    struct mbedtls_ssl_context *ssl,
+    mbedtls_dyncontext *ssl,
     enum bufferevent_ssl_state state,
     int options);
 
@@ -249,10 +252,20 @@ bufferevent_mbedtls_get_ssl(struct bufferevent *bufev);
 EVENT2_EXPORT_SYMBOL
 int bufferevent_mbedtls_renegotiate(struct bufferevent *bev);
 
-/** Return the most recent OpenSSL error reported on an SSL bufferevent. */
+/** Return the most recent MbedTLS error reported on an SSL bufferevent. */
 EVENT2_EXPORT_SYMBOL
 unsigned long bufferevent_get_mbedtls_error(struct bufferevent *bev);
 
+/** Create a new heap-based MbedTLS context for use it in bufferevent_mbedtls_* functions */
+EVENT2_EXPORT_SYMBOL
+mbedtls_dyncontext *
+bufferevent_mbedtls_dyncontext_new(struct mbedtls_ssl_config *conf);
+
+/** Deallocate heap-based MbedTLS context */
+EVENT2_EXPORT_SYMBOL
+void
+bufferevent_mbedtls_dyncontext_free(mbedtls_dyncontext *ctx);
+
 #endif
 
 #ifdef __cplusplus

diff --git a/test/regress.h b/test/regress.h
index 829af4a7f69f284aba323ea2f2a4b8f9c88864bd..d9d2707ec9a774441298c39b9030c1d4439037cd 100644 (file)
--- a/test/regress.h
+++ b/test/regress.h
@@ -146,7 +146,6 @@ void init_ssl(void);
 #ifdef EVENT__HAVE_MBEDTLS
 #include <mbedtls/ssl.h>
 mbedtls_ssl_config *get_mbedtls_config(int endpoint);
-mbedtls_ssl_context *mbedtls_ssl_new(mbedtls_ssl_config *config);
 #endif
 
 void * basic_test_setup(const struct testcase_t *testcase);

diff --git a/test/regress_http.c b/test/regress_http.c
index 0e971c0a66c4849fb74018aaf98d72cb8dbf85e0..511ab53f8a326cfb9ed8d9fdaf797cd356bec1e4 100644 (file)
--- a/test/regress_http.c
+++ b/test/regress_http.c
@@ -168,7 +168,7 @@ https_bev(struct event_base *base, void *arg)
 static struct bufferevent *
 https_mbedtls_bev(struct event_base *base, void *arg)
 {
-       mbedtls_ssl_context *ssl = mbedtls_ssl_new(get_mbedtls_config(MBEDTLS_SSL_IS_SERVER));
+       mbedtls_dyncontext *ssl = bufferevent_mbedtls_dyncontext_new(get_mbedtls_config(MBEDTLS_SSL_IS_SERVER));
        return bufferevent_mbedtls_socket_new(
                base, -1, ssl, BUFFEREVENT_SSL_ACCEPTING,
                BEV_OPT_CLOSE_ON_FREE);
@@ -558,7 +558,7 @@ create_bev(struct event_base *base, evutil_socket_t fd, int ssl_mask, int flags_
 #endif
        } else if (ssl_mask & HTTP_MBEDTLS) {
 #ifdef EVENT__HAVE_MBEDTLS
-               mbedtls_ssl_context *ssl = mbedtls_ssl_new(get_mbedtls_config(MBEDTLS_SSL_IS_CLIENT));
+               mbedtls_dyncontext *ssl = bufferevent_mbedtls_dyncontext_new(get_mbedtls_config(MBEDTLS_SSL_IS_CLIENT));
                if (ssl_mask & HTTP_SSL_FILTER) {
                        struct bufferevent *underlying =
                        bufferevent_socket_new(base, fd, flags);

diff --git a/test/regress_mbedtls.c b/test/regress_mbedtls.c
index 748f156ac691b145f7d57b3b434adb5fa6904fd6..3de435545029c96402c6dabb79a8a95ff4183246 100644 (file)
--- a/test/regress_mbedtls.c
+++ b/test/regress_mbedtls.c
@@ -51,7 +51,7 @@
 #undef SSL_get_peer_certificate
 #define SSL_get_peer_certificate mbedtls_ssl_get_peer_cert
 #define SSL_get1_peer_certificate mbedtls_ssl_get_peer_cert
-#define SSL_new mbedtls_ssl_new
+#define SSL_new bufferevent_mbedtls_dyncontext_new
 #define SSL_use_certificate(a, b) \
        do {                          \
        } while (0);
@@ -80,8 +80,6 @@ const struct testcase_setup_t mbedtls_setup = {
 #define ssl_setup mbedtls_setup
 #include "regress_ssl.c"
 static mbedtls_ssl_config *the_mbedtls_conf[2] = {NULL, NULL};
-static mbedtls_ssl_context *the_mbedtls_ctx[1024] = {NULL};
-static int the_mbedtls_ctx_count = 0;
 static mbedtls_entropy_context entropy;
 static mbedtls_ctr_drbg_context ctr_drbg;
 static mbedtls_x509_crt *the_cert;
@@ -282,7 +280,6 @@ mbedtls_test_setup(const struct testcase_t *testcase)
 static int
 mbedtls_test_cleanup(const struct testcase_t *testcase, void *ptr)
 {
-       int i;
        int ret = basic_test_cleanup(testcase, ptr);
        if (!ret) {
                return ret;
@@ -303,9 +300,6 @@ mbedtls_test_cleanup(const struct testcase_t *testcase, void *ptr)
        mbedtls_pk_free(the_key);
        free(the_key);
 
-       for (i = 0; i < the_mbedtls_ctx_count; i++) {
-               mbedtls_ssl_free(the_mbedtls_ctx[i]);
-       }
        if (the_mbedtls_conf[0]) {
                mbedtls_ssl_config_free(the_mbedtls_conf[0]);
                free(the_mbedtls_conf[0]);
@@ -320,16 +314,6 @@ mbedtls_test_cleanup(const struct testcase_t *testcase, void *ptr)
        return 1;
 }
 
-mbedtls_ssl_context *
-mbedtls_ssl_new(mbedtls_ssl_config *config)
-{
-       mbedtls_ssl_context *ssl = malloc(sizeof(*ssl));
-       mbedtls_ssl_init(ssl);
-       mbedtls_ssl_setup(ssl, config);
-       the_mbedtls_ctx[the_mbedtls_ctx_count++] = ssl;
-       return ssl;
-}
-
 static int
 bio_rwcount_read(void *ctx, unsigned char *out, size_t outlen)
 {