From 4be609a47140e25fdbfc3d9e16f9b33bd2747702 Mon Sep 17 00:00:00 2001 From: Li Jingyi Date: Tue, 17 May 2022 17:14:57 +0800 Subject: [PATCH 1/2] esp-tls: add api to free client session Free session with mbedtls api to avoid mem-leak --- components/esp-tls/esp_tls.c | 6 ++++++ components/esp-tls/esp_tls.h | 10 ++++++++++ components/esp-tls/esp_tls_mbedtls.c | 8 ++++++++ components/esp-tls/private_include/esp_tls_mbedtls.h | 5 +++++ 4 files changed, 29 insertions(+) diff --git a/components/esp-tls/esp_tls.c b/components/esp-tls/esp_tls.c index 29b14f508c..a72c6a2e1c 100644 --- a/components/esp-tls/esp_tls.c +++ b/components/esp-tls/esp_tls.c @@ -39,6 +39,7 @@ static const char *TAG = "esp-tls"; #define _esp_tls_conn_delete esp_mbedtls_conn_delete #define _esp_tls_net_init esp_mbedtls_net_init #define _esp_tls_get_client_session esp_mbedtls_get_client_session +#define _esp_tls_free_client_session esp_mbedtls_free_client_session #ifdef CONFIG_ESP_TLS_SERVER #define _esp_tls_server_session_create esp_mbedtls_server_session_create #define _esp_tls_server_session_delete esp_mbedtls_server_session_delete @@ -577,6 +578,11 @@ esp_tls_client_session_t *esp_tls_get_client_session(esp_tls_t *tls) { return _esp_tls_get_client_session(tls); } + +void esp_tls_free_client_session(esp_tls_client_session_t *client_session) +{ + _esp_tls_free_client_session(client_session); +} #endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */ diff --git a/components/esp-tls/esp_tls.h b/components/esp-tls/esp_tls.h index 588f70d83f..5b5b362802 100644 --- a/components/esp-tls/esp_tls.h +++ b/components/esp-tls/esp_tls.h @@ -688,6 +688,16 @@ esp_err_t esp_tls_plain_tcp_connect(const char *host, int hostlen, int port, con * NULL on Failure */ esp_tls_client_session_t *esp_tls_get_client_session(esp_tls_t *tls); + +/** + * @brief Free the client session + * + * This function should be called after esp_tls_get_client_session(). + * + * @param[in] client_session context as esp_tls_client_session_t + * + */ +void esp_tls_free_client_session(esp_tls_client_session_t *client_session); #endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */ #ifdef __cplusplus } diff --git a/components/esp-tls/esp_tls_mbedtls.c b/components/esp-tls/esp_tls_mbedtls.c index 3757480ebd..6c7f3fd5a1 100644 --- a/components/esp-tls/esp_tls_mbedtls.c +++ b/components/esp-tls/esp_tls_mbedtls.c @@ -151,6 +151,14 @@ esp_tls_client_session_t *esp_mbedtls_get_client_session(esp_tls_t *tls) return client_session; } + +void esp_mbedtls_free_client_session(esp_tls_client_session_t *client_session) +{ + if (client_session) { + mbedtls_ssl_session_free(&(client_session->saved_session)); + free(client_session); + } +} #endif /* CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS */ int esp_mbedtls_handshake(esp_tls_t *tls, const esp_tls_cfg_t *cfg) diff --git a/components/esp-tls/private_include/esp_tls_mbedtls.h b/components/esp-tls/private_include/esp_tls_mbedtls.h index c1c5d4f328..43dce58ad6 100644 --- a/components/esp-tls/private_include/esp_tls_mbedtls.h +++ b/components/esp-tls/private_include/esp_tls_mbedtls.h @@ -104,6 +104,11 @@ esp_err_t set_client_config(const char *hostname, size_t hostlen, esp_tls_cfg_t * Internal Callback for mbedtls_get_client_session */ esp_tls_client_session_t *esp_mbedtls_get_client_session(esp_tls_t *tls); + +/** + * Internal Callback for mbedtls_free_client_session + */ +void esp_mbedtls_free_client_session(esp_tls_client_session_t *client_session); #endif /** From 1191d9c8e6aaa210ac6da176bb7c0adaa9913b48 Mon Sep 17 00:00:00 2001 From: Li Jingyi Date: Sat, 14 May 2022 18:29:11 +0800 Subject: [PATCH 2/2] example: https_request update free client session api --- .../protocols/https_request/main/https_request_example_main.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/protocols/https_request/main/https_request_example_main.c b/examples/protocols/https_request/main/https_request_example_main.c index 6fa5fbaec9..c85a15fa9a 100644 --- a/examples/protocols/https_request/main/https_request_example_main.c +++ b/examples/protocols/https_request/main/https_request_example_main.c @@ -68,7 +68,7 @@ static const char REQUEST[] = "GET " WEB_URL " HTTP/1.1\r\n" extern const uint8_t server_root_cert_pem_start[] asm("_binary_server_root_cert_pem_start"); extern const uint8_t server_root_cert_pem_end[] asm("_binary_server_root_cert_pem_end"); #ifdef CONFIG_ESP_TLS_CLIENT_SESSION_TICKETS -esp_tls_client_session_t *tls_client_session = NULL; +static esp_tls_client_session_t *tls_client_session = NULL; #endif static void https_get_request(esp_tls_cfg_t cfg) { @@ -187,7 +187,7 @@ static void https_get_request_using_already_saved_session(void) .client_session = tls_client_session, }; https_get_request(cfg); - free(tls_client_session); + esp_tls_free_client_session(tls_client_session); tls_client_session = NULL; } #endif