commit df13d5c7a6e0e4678075f948499530654ff65d5b
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Apr 25 20:39:48 2018 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Thu Apr 26 10:00:40 2018 +0200
tree e9a0fd98bbf892550845a351b63636e9780b1190
parent 9b562d5c3671354d61193c285eaf5e50d62d64e4

Pass the SSL context to async callbacks

When a handshake step starts an asynchronous operation, the
application needs to know which SSL connection the operation is for,
so that when the operation completes, the application can wake that
connection up. Therefore the async start callbacks need to take the
SSL context as an argument. It isn't enough to let them set a cookie
in the SSL connection, the application needs to be able to find the
right SSL connection later.

Also pass the SSL context to the other callbacks for consistency. Add
a new field to the handshake that the application can use to store a
per-connection context. This new field replaces the former
context (operation_ctx) that was created by the start function and
passed to the resume function.

Add a boolean flag to the handshake structure to track whether an
asynchronous operation is in progress. This is more robust than
relying on the application to set a non-null application context.

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index aa48b45..2c6eef8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6485,13 +6485,28 @@
     mbedtls_ssl_async_decrypt_t *f_async_decrypt,
     mbedtls_ssl_async_resume_t *f_async_resume,
     mbedtls_ssl_async_cancel_t *f_async_cancel,
-    void *connection_ctx )
+    void *async_config_data )
 {
     conf->f_async_sign_start = f_async_sign;
     conf->f_async_decrypt_start = f_async_decrypt;
     conf->f_async_resume = f_async_resume;
     conf->f_async_cancel = f_async_cancel;
-    conf->p_async_connection_ctx = connection_ctx;
+    conf->p_async_config_data = async_config_data;
+}
+
+void *mbedtls_ssl_async_get_data( mbedtls_ssl_context *ssl )
+{
+    if( ssl->handshake == NULL )
+        return( NULL );
+    else
+        return( ssl->handshake->user_async_ctx );
+}
+
+void mbedtls_ssl_async_set_data( mbedtls_ssl_context *ssl,
+                                 void *ctx )
+{
+    if( ssl->handshake != NULL )
+        ssl->handshake->user_async_ctx = ctx;
 }
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 
@@ -7433,6 +7448,14 @@
     if( handshake == NULL )
         return;
 
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+    if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 )
+    {
+        ssl->conf->f_async_cancel( ssl->conf->p_async_config_data, ssl );
+        handshake->async_in_progress = 0;
+    }
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
     defined(MBEDTLS_SSL_PROTO_TLS1_1)
     mbedtls_md5_free(    &handshake->fin_md5  );
@@ -7495,15 +7518,6 @@
     }
 #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */
 
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-    if( ssl->conf->f_async_cancel != NULL &&
-        handshake->p_async_operation_ctx != NULL )
-    {
-        ssl->conf->f_async_cancel( ssl->conf->p_async_connection_ctx,
-                                   handshake->p_async_operation_ctx );
-    }
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     mbedtls_free( handshake->verify_cookie );
     mbedtls_free( handshake->hs_msg );