commit def0bbe3ab22e687416046122c5fb8ca7eff0e36
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon May 04 14:56:36 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu May 07 10:19:13 2015 +0100
tree 8d47dbd04ba1bce74a65d5a7c685be98654eb846
parent cd523e2a5e02c75a695a10b59663ba8207bc295b

Allocate ssl_config out of ssl_setup()

programs/x509/cert_app.c

diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index a13f9bc..971dae1 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -146,6 +146,7 @@
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
     mbedtls_ssl_context ssl;
+    mbedtls_ssl_config conf;
     mbedtls_x509_crt cacert;
     mbedtls_x509_crt clicert;
     mbedtls_x509_crl cacrl;
@@ -161,6 +162,7 @@
     server_fd = 0;
     mbedtls_ctr_drbg_init( &ctr_drbg );
     mbedtls_ssl_init( &ssl );
+    mbedtls_ssl_config_init( &conf );
     mbedtls_x509_crt_init( &cacert );
     mbedtls_x509_crt_init( &clicert );
 #if defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -372,7 +374,7 @@
                                    strlen( pers ) ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-            goto exit;
+            goto ssl_exit;
         }
 
         mbedtls_printf( " ok\n" );
@@ -388,16 +390,22 @@
                                  opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_net_connect returned %d\n\n", ret );
-            goto exit;
+            goto ssl_exit;
         }
 
         /*
          * 3. Setup stuff
          */
-        if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
+        if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+        {
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
+            goto exit;
+        }
+
+        if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_setup returned %d\n\n", ret );
-            goto exit;
+            goto ssl_exit;
         }
 
         mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
@@ -417,14 +425,14 @@
         if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
-            goto exit;
+            goto ssl_exit;
         }
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
         if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
-            goto exit;
+            goto ssl_exit;
         }
 #endif
 
@@ -436,8 +444,7 @@
             if( ret != MBEDTLS_ERR_NET_WANT_READ && ret != MBEDTLS_ERR_NET_WANT_WRITE )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned %d\n\n", ret );
-                mbedtls_ssl_free( &ssl );
-                goto exit;
+                goto ssl_exit;
             }
         }
 
@@ -452,14 +459,16 @@
         if( ret == -1 )
         {
             mbedtls_printf( " failed\n  !  mbedtls_x509_crt_info returned %d\n\n", ret );
-            mbedtls_ssl_free( &ssl );
-            goto exit;
+            goto ssl_exit;
         }
 
         mbedtls_printf( "%s\n", buf );
 
         mbedtls_ssl_close_notify( &ssl );
+
+ssl_exit:
         mbedtls_ssl_free( &ssl );
+        mbedtls_ssl_config_free( &conf );
     }
     else
         goto usage;