Split ssl_init() -> ssl_setup()
diff --git a/ChangeLog b/ChangeLog
index c0afc05..036619d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,7 @@
* Headers are now found in the 'mbedtls' directory (previously 'polarssl').
* The following _init() functions that could return errors have
been split into an _init() that returns void and another function:
+ mbedtls_ssl_init() -> mbedtls_ssl_setup()
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
mbedtls_gcm_init() -> mbedtls_gcm_setkey()
mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_init(_buf)()
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 0cdc537..5f4e46e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1098,14 +1098,22 @@
/**
* \brief Initialize an SSL context
- * (An individual SSL context is not thread-safe)
+ * Just makes the context ready for mbetls_ssl_setup() or
+ * mbedtls_ssl_free()
+ *
+ * \param ssl SSL context
+ */
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief Set up an SSL context for use
*
* \param ssl SSL context
*
* \return 0 if successful, or MBEDTLS_ERR_SSL_MALLOC_FAILED if
* memory allocation failed
*/
-int mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl );
/**
* \brief Reset an already initialized SSL context for re-use
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 55c04b5..bb5ab3b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4944,13 +4944,19 @@
/*
* Initialize an SSL context
*/
-int mbedtls_ssl_init( mbedtls_ssl_context *ssl )
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
+{
+ memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
+}
+
+/*
+ * Setup an SSL context
+ */
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl )
{
int ret;
int len = MBEDTLS_SSL_BUFFER_LEN;
- memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
-
/*
* Sane defaults
*/
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 4a8642d..4f82283 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -104,7 +104,7 @@
/*
* 0. Initialize the RNG and the session data
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -160,9 +160,9 @@
mbedtls_printf( " . Setting up the DTLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 92170eb..a4b86f7 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -103,7 +103,7 @@
mbedtls_ssl_cache_context cache;
#endif
- memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ssl_cookie_init( &cookie_ctx );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
@@ -190,9 +190,9 @@
printf( " . Setting up the DTLS data..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index ad9e851..cab6e8d 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -147,7 +147,7 @@
{
exit_ok = 0,
ctr_drbg_seed_failed,
- ssl_init_failed,
+ ssl_setup_failed,
socket_failed,
connect_failed,
x509_crt_parse_failed,
@@ -172,7 +172,7 @@
/*
* 0. Initialize and setup stuff
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &ca );
#endif
@@ -181,13 +181,13 @@
if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers, strlen( pers ) ) != 0 )
{
- ret = ssl_init_failed;
+ ret = ctr_drbg_seed_failed;
goto exit;
}
- if( mbedtls_ssl_init( &ssl ) != 0 )
+ if( mbedtls_ssl_setup( &ssl ) != 0 )
{
- ret = ssl_init_failed;
+ ret = ssl_setup_failed;
goto exit;
}
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 77a68e6..37c24a2 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -92,7 +92,7 @@
/*
* 0. Initialize the RNG and the session data
*/
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_ctr_drbg_init( &ctr_drbg );
@@ -148,9 +148,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
@@ -278,8 +278,6 @@
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
- memset( &ssl, 0, sizeof( ssl ) );
-
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 280b50d..de6ff65 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -414,7 +414,7 @@
* Make sure memory references are valid.
*/
server_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -1047,9 +1047,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
}
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 9f00310..a0880e8 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -248,9 +248,9 @@
goto exit;
}
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 78abc28..6043b07 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -367,7 +367,7 @@
* Make sure memory references are valid in case we exit early.
*/
server_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
memset( &buf, 0, sizeof( buf ) );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
@@ -582,9 +582,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index b32ceda..3432e5e 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -133,7 +133,7 @@
mbedtls_ctr_drbg_context ctr_drbg;
/* Make sure memory references are valid */
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_snprintf( pers, sizeof(pers), "SSL Pthread Thread %d", thread_id );
@@ -158,9 +158,9 @@
*/
mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_init returned -0x%04x\n",
+ mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_setup returned -0x%04x\n",
thread_id, -ret );
goto thread_exit;
}
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index e8f765e..bd68d3d 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -103,7 +103,7 @@
mbedtls_ssl_cache_context cache;
#endif
- memset( &ssl, 0, sizeof(mbedtls_ssl_context) );
+ mbedtls_ssl_init( &ssl );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_cache_init( &cache );
#endif
@@ -189,9 +189,9 @@
mbedtls_printf( " . Setting up the SSL data...." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f1dff60..a7a37e8 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -761,7 +761,7 @@
* Make sure memory references are valid in case we exit early.
*/
listen_fd = 0;
- memset( &ssl, 0, sizeof( mbedtls_ssl_context ) );
+ mbedtls_ssl_init( &ssl );
mbedtls_ctr_drbg_init( &ctr_drbg );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_init( &cacert );
@@ -1518,9 +1518,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned -0x%x\n\n", -ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret );
goto exit;
}
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index ce58ab2..a13f9bc 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -160,6 +160,7 @@
*/
server_fd = 0;
mbedtls_ctr_drbg_init( &ctr_drbg );
+ mbedtls_ssl_init( &ssl );
mbedtls_x509_crt_init( &cacert );
mbedtls_x509_crt_init( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -393,9 +394,9 @@
/*
* 3. Setup stuff
*/
- if( ( ret = mbedtls_ssl_init( &ssl ) ) != 0 )
+ if( ( ret = mbedtls_ssl_setup( &ssl ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_init returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret );
goto exit;
}
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index a25826a..6d9a4c0 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -13,7 +13,9 @@
mbedtls_ssl_context ssl;
char *end_prevs = prevs + strlen( prevs ) + 1;
- TEST_ASSERT( mbedtls_ssl_init( &ssl ) == 0 );
+ mbedtls_ssl_init( &ssl );
+
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl ) == 0 );
TEST_ASSERT( mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM ) == 0 );
/* Read previous record numbers */