Don't pass the async config data to async callbacks
The config data is in the SSL config, so callbacks can retrieve it
from there, with the new function mbedtls_ssl_conf_get_async_config_data.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 60ce5d4..2e5a1b8 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -594,8 +594,6 @@
* from step 2, with `digestAlgorithm` obtained by calling
* mbedtls_oid_get_oid_by_md() on \p md_alg.
*
- * \param config_data The configuration data parameter passed to
- * mbedtls_ssl_conf_async_private_cb().
* \param ssl The SSL connection instance. It should not be
* modified other than via mbedtls_ssl_async_set_data().
* \param cert Certificate containing the public key.
@@ -615,8 +613,7 @@
* \return Any other error indicates a fatal failure and is
* propagated up the call chain.
*/
-typedef int mbedtls_ssl_async_sign_t( void *config_data,
- mbedtls_ssl_context *ssl,
+typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
mbedtls_md_type_t md_alg,
const unsigned char *hash,
@@ -646,8 +643,6 @@
* store an operation context for later retrieval
* by the resume callback.
*
- * \param config_data The configuration data parameter passed to
- * mbedtls_ssl_conf_async_private_cb().
* \param ssl The SSL connection instance. It should not be
* modified other than via mbedtls_ssl_async_set_data().
* \param cert Certificate containing the public key.
@@ -666,8 +661,7 @@
* \return Any other error indicates a fatal failure and is
* propagated up the call chain.
*/
-typedef int mbedtls_ssl_async_decrypt_t( void *config_data,
- mbedtls_ssl_context *ssl,
+typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
const unsigned char *input,
size_t input_len );
@@ -691,8 +685,6 @@
* It may call mbedtls_ssl_async_set_data() to modify this
* context.
*
- * \param config_data The configuration data parameter passed to
- * mbedtls_ssl_conf_async_private_cb().
* \param ssl The SSL connection instance. It should not be
* modified other than via mbedtls_ssl_async_set_data().
* \param output Buffer containing the output (signature or decrypted
@@ -709,8 +701,7 @@
* \return Any other error means that the operation is aborted.
* The SSL handshake is aborted.
*/
-typedef int mbedtls_ssl_async_resume_t( void *config_data,
- mbedtls_ssl_context *ssl,
+typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl,
unsigned char *output,
size_t *output_len,
size_t output_size );
@@ -724,13 +715,10 @@
* This function may call mbedtls_ssl_async_get_data() to
* retrieve an operation context set by the start callback.
*
- * \param config_data The configuration data parameter passed to
- * mbedtls_ssl_conf_async_private_cb().
* \param ssl The SSL connection instance. It should not be
* modified.
*/
-typedef void mbedtls_ssl_async_cancel_t( void *config_data,
- mbedtls_ssl_context *ssl );
+typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
/*
@@ -856,7 +844,7 @@
#endif /* MBEDTLS_X509_CRT_PARSE_C */
mbedtls_ssl_async_resume_t *f_async_resume; /*!< resume asynchronous operation */
mbedtls_ssl_async_cancel_t *f_async_cancel; /*!< cancel asynchronous operation */
- void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb() and passed to the callbacks. */
+ void *p_async_config_data; /*!< Configuration data set by mbedtls_ssl_conf_async_private_cb(). */
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
@@ -1531,9 +1519,10 @@
* the description of ::mbedtls_ssl_async_cancel_t
* for more information. This may be \c NULL if
* no cleanup is needed.
- * \param config_data A pointer to configuration data which will be
- * passed to the callbacks. The library stores and
- * passes back this value without dereferencing it.
+ * \param config_data A pointer to configuration data which can be
+ * retrieved with
+ * mbedtls_ssl_conf_get_async_config_data(). The
+ * library stores this value without dereferencing it.
*/
void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf,
mbedtls_ssl_async_sign_t *f_async_sign,
@@ -1543,6 +1532,16 @@
void *config_data );
/**
+ * \brief Retrieve the configuration data set by
+ * mbedtls_ssl_conf_async_private_cb().
+ *
+ * \param conf SSL configuration context
+ * \return The configuration data set by
+ * mbedtls_ssl_conf_async_private_cb().
+ */
+void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf );
+
+/**
* \brief Retrieve the asynchronous operation user context.
*
* \note This function may only be called while a handshake
@@ -1555,7 +1554,7 @@
* has not been called during the current handshake yet,
* this function returns \c NULL.
*/
-void *mbedtls_ssl_async_get_data( mbedtls_ssl_context *ssl );
+void *mbedtls_ssl_async_get_data( const mbedtls_ssl_context *ssl );
/**
* \brief Retrieve the asynchronous operation user context.
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 6819e7a..5439f6d 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2847,7 +2847,7 @@
unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2;
size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_MAX_CONTENT_LEN
- sig_start );
- int ret = ssl->conf->f_async_resume( ssl->conf->p_async_config_data, ssl,
+ int ret = ssl->conf->f_async_resume( ssl,
sig_start, signature_len, sig_max_len );
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
{
@@ -3174,8 +3174,7 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( ssl->conf->f_async_sign_start != NULL )
{
- ret = ssl->conf->f_async_sign_start( ssl->conf->p_async_config_data,
- ssl,
+ ret = ssl->conf->f_async_sign_start( ssl,
mbedtls_ssl_own_cert( ssl ),
md_alg, hash, hashlen );
switch( ret )
@@ -3402,7 +3401,7 @@
size_t *peer_pmslen,
size_t peer_pmssize )
{
- int ret = ssl->conf->f_async_resume( ssl->conf->p_async_config_data, ssl,
+ int ret = ssl->conf->f_async_resume( ssl,
peer_pms, peer_pmslen, peer_pmssize );
if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS )
{
@@ -3465,8 +3464,7 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( ssl->conf->f_async_decrypt_start != NULL )
{
- ret = ssl->conf->f_async_decrypt_start( ssl->conf->p_async_config_data,
- ssl,
+ ret = ssl->conf->f_async_decrypt_start( ssl,
mbedtls_ssl_own_cert( ssl ),
p, len );
switch( ret )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2c6eef8..04f3458 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6494,7 +6494,12 @@
conf->p_async_config_data = async_config_data;
}
-void *mbedtls_ssl_async_get_data( mbedtls_ssl_context *ssl )
+void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf )
+{
+ return( conf->p_async_config_data );
+}
+
+void *mbedtls_ssl_async_get_data( const mbedtls_ssl_context *ssl )
{
if( ssl->handshake == NULL )
return( NULL );
@@ -7451,7 +7456,7 @@
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
{
- ssl->conf->f_async_cancel( ssl->conf->p_async_config_data, ssl );
+ ssl->conf->f_async_cancel( ssl );
handshake->async_in_progress = 0;
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f96040e..272eecd 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -941,15 +941,15 @@
unsigned remaining_delay;
} ssl_async_operation_context_t;
-static int ssl_async_start( void *config_data_arg,
- mbedtls_ssl_context *ssl,
+static int ssl_async_start( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
ssl_async_operation_type_t op_type,
mbedtls_md_type_t md_alg,
const unsigned char *input,
size_t input_len )
{
- ssl_async_key_context_t *config_data = config_data_arg;
+ ssl_async_key_context_t *config_data =
+ mbedtls_ssl_conf_get_async_config_data( ssl->conf );
size_t slot;
ssl_async_operation_context_t *ctx = NULL;
const char *op_name = ssl_async_operation_names[op_type];
@@ -1000,37 +1000,35 @@
return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS );
}
-static int ssl_async_sign( void *config_data_arg,
- mbedtls_ssl_context *ssl,
+static int ssl_async_sign( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
mbedtls_md_type_t md_alg,
const unsigned char *hash,
size_t hash_len )
{
- return( ssl_async_start( config_data_arg, ssl, cert,
+ return( ssl_async_start( ssl, cert,
ASYNC_OP_SIGN, md_alg,
hash, hash_len ) );
}
-static int ssl_async_decrypt( void *config_data_arg,
- mbedtls_ssl_context *ssl,
+static int ssl_async_decrypt( mbedtls_ssl_context *ssl,
mbedtls_x509_crt *cert,
const unsigned char *input,
size_t input_len )
{
- return( ssl_async_start( config_data_arg, ssl, cert,
+ return( ssl_async_start( ssl, cert,
ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE,
input, input_len ) );
}
-static int ssl_async_resume( void *config_data_arg,
- mbedtls_ssl_context *ssl,
+static int ssl_async_resume( mbedtls_ssl_context *ssl,
unsigned char *output,
size_t *output_len,
size_t output_size )
{
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
- ssl_async_key_context_t *config_data = config_data_arg;
+ ssl_async_key_context_t *config_data =
+ mbedtls_ssl_conf_get_async_config_data( ssl->conf );
ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot];
int ret;
const char *op_name = NULL;
@@ -1080,11 +1078,9 @@
return( ret );
}
-static void ssl_async_cancel( void *config_data_arg,
- mbedtls_ssl_context *ssl )
+static void ssl_async_cancel( mbedtls_ssl_context *ssl )
{
ssl_async_operation_context_t *ctx = mbedtls_ssl_async_get_data( ssl );
- (void) config_data_arg;
mbedtls_printf( "Async cancel callback.\n" );
mbedtls_free( ctx );
}