make suites at context level on demand only

2015-03-10 16:09:16 -07:00
parent 7e2931e5fa
commit ab874d70db
3 changed files with 20 additions and 7 deletions
--- a/src/internal.c
+++ b/src/internal.c
@@ -410,10 +410,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
    }
 #endif

-    /* remove DH later if server didn't set, add psk later */
-    InitSuites(&ctx->suites, method->version, TRUE, FALSE, TRUE, ctx->haveNTRU,
-               ctx->haveECDSAsig, ctx->haveStaticECC, method->side);
-
    return 0;
 }

@@ -422,6 +418,8 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
 void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
 {
    XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD);
+    if (ctx->suites)
+        XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES);

 #ifndef NO_CERTS
    XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
@@ -1658,7 +1656,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
        WOLFSSL_MSG("Suites Memory error");
        return MEMORY_E;
    }
-    *ssl->suites = ctx->suites;
+    if (ctx->suites)
+        *ssl->suites = *ctx->suites;
+    else
+        XMEMSET(ssl->suites, 0, sizeof(Suites));


 #ifndef NO_CERTS
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -4898,7 +4898,19 @@ int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
 int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list)
 {
    WOLFSSL_ENTER("wolfSSL_CTX_set_cipher_list");
-    return (SetCipherList(&ctx->suites, list)) ? SSL_SUCCESS : SSL_FAILURE;
+
+    /* alloc/init on demand only */
+    if (ctx->suites == NULL) {
+        ctx->suites = (Suites*)XMALLOC(sizeof(Suites), ctx->heap,
+                                       DYNAMIC_TYPE_SUITES);
+        if (ctx->suites == NULL) {
+            WOLFSSL_MSG("Memory alloc for Suites failed");
+            return SSL_FAILURE;
+        }
+        XMEMSET(ctx->suites, 0, sizeof(Suites));
+    }
+
+    return (SetCipherList(ctx->suites, list)) ? SSL_SUCCESS : SSL_FAILURE;
 }


--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1425,7 +1425,7 @@ struct WOLFSSL_CTX {
    buffer      serverDH_G;
    WOLFSSL_CERT_MANAGER* cm;      /* our cert manager, ctx owns SSL will use */
 #endif
-    Suites      suites;
+    Suites*     suites;           /* make dynamic, user may not need/set */
    void*       heap;             /* for user memory overrides */
    byte        verifyPeer;
    byte        verifyNone;