From d56b4c3f89ad3ee28dc62a22cffe2c85ced19830 Mon Sep 17 00:00:00 2001 From: Yang Tse Date: Wed, 18 Jan 2012 23:39:30 +0100 Subject: [PATCH] ssl session caching: fix compiler warnings --- lib/share.c | 16 ++++++---------- lib/share.h | 11 +++++------ lib/sslgen.c | 39 ++++++++++++++++----------------------- lib/sslgen.h | 8 ++++---- lib/transfer.c | 4 ++-- lib/url.c | 8 +++----- lib/urldata.h | 6 +++--- 7 files changed, 39 insertions(+), 53 deletions(-) diff --git a/lib/share.c b/lib/share.c index a89e15e3dc5cf0..839b33e60f295b 100644 --- a/lib/share.c +++ b/lib/share.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -88,8 +88,8 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) case CURL_LOCK_DATA_SSL_SESSION: #ifdef USE_SSL if(!share->sslsession) { - share->nsslsession = 8; - share->sslsession = calloc(share->nsslsession, + share->max_ssl_sessions = 8; + share->sslsession = calloc(share->max_ssl_sessions, sizeof(struct curl_ssl_session)); share->sessionage = 0; if(!share->sslsession) @@ -132,11 +132,7 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) case CURL_LOCK_DATA_SSL_SESSION: #ifdef USE_SSL - if(share->sslsession) { - free(share->sslsession); - share->sslsession = NULL; - share->nsslsession = 0; - } + Curl_safefree(share->sslsession); break; #else return CURLSHE_NOT_BUILT_IN; @@ -202,8 +198,8 @@ curl_share_cleanup(CURLSH *sh) #ifdef USE_SSL if(share->sslsession) { - unsigned int i; - for(i = 0; i < share->nsslsession; ++i) + size_t i; + for(i = 0; i < share->max_ssl_sessions; i++) Curl_ssl_kill_session(&(share->sslsession[i])); free(share->sslsession); } diff --git a/lib/share.h b/lib/share.h index 3148ed00b51517..b9e6c2538980d0 100644 --- a/lib/share.h +++ b/lib/share.h @@ -1,6 +1,5 @@ -#ifndef __CURL_SHARE_H -#define __CURL_SHARE_H - +#ifndef HEADER_CURL_SHARE_H +#define HEADER_CURL_SHARE_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -8,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -51,7 +50,7 @@ struct Curl_share { #endif struct curl_ssl_session *sslsession; - unsigned int nsslsession; + size_t max_ssl_sessions; long sessionage; }; @@ -59,4 +58,4 @@ CURLSHcode Curl_share_lock (struct SessionHandle *, curl_lock_data, curl_lock_access); CURLSHcode Curl_share_unlock (struct SessionHandle *, curl_lock_data); -#endif /* __CURL_SHARE_H */ +#endif /* HEADER_CURL_SHARE_H */ diff --git a/lib/sslgen.c b/lib/sslgen.c index 87493922357246..a77fd787409fbf 100644 --- a/lib/sslgen.c +++ b/lib/sslgen.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -235,7 +235,7 @@ int Curl_ssl_getsessionid(struct connectdata *conn, { struct curl_ssl_session *check; struct SessionHandle *data = conn->data; - long i; + size_t i; long *general_age; bool no_match = TRUE; @@ -253,7 +253,7 @@ int Curl_ssl_getsessionid(struct connectdata *conn, else general_age = &data->state.sessionage; - for(i=0; i< data->set.ssl.numsessions; i++) { + for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) { check = &data->state.session[i]; if(!check->sessionid) /* not session ID means blank entry */ @@ -282,7 +282,7 @@ int Curl_ssl_getsessionid(struct connectdata *conn, /* * Kill a single session ID entry in the cache. */ -int Curl_ssl_kill_session(struct curl_ssl_session *session) +void Curl_ssl_kill_session(struct curl_ssl_session *session) { if(session->sessionid) { /* defensive check */ @@ -290,18 +290,13 @@ int Curl_ssl_kill_session(struct curl_ssl_session *session) /* free the ID the SSL-layer specific way */ curlssl_session_free(session->sessionid); - session->sessionid=NULL; + session->sessionid = NULL; session->age = 0; /* fresh */ Curl_free_ssl_config(&session->ssl_config); Curl_safefree(session->name); - session->name = NULL; /* no name */ - - return 0; /* ok */ } - else - return 1; } /* @@ -309,14 +304,13 @@ int Curl_ssl_kill_session(struct curl_ssl_session *session) */ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid) { - int i; + size_t i; struct SessionHandle *data=conn->data; if(SSLSESSION_SHARED(data)) - Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, - CURL_LOCK_ACCESS_SINGLE); + Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); - for(i=0; i< data->set.ssl.numsessions; i++) { + for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) { struct curl_ssl_session *check = &data->state.session[i]; if(check->sessionid == ssl_sessionid) { @@ -339,7 +333,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, void *ssl_sessionid, size_t idsize) { - long i; + size_t i; struct SessionHandle *data=conn->data; /* the mother of all structs */ struct curl_ssl_session *store = &data->state.session[0]; long oldest_age=data->state.session[0].age; /* zero if unused */ @@ -367,14 +361,14 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, } /* find an empty slot for us, or find the oldest */ - for(i=1; (iset.ssl.numsessions) && + for(i = 1; (i < data->set.ssl.max_ssl_sessions) && data->state.session[i].sessionid; i++) { if(data->state.session[i].age < oldest_age) { oldest_age = data->state.session[i].age; store = &data->state.session[i]; } } - if(i == data->set.ssl.numsessions) + if(i == data->set.ssl.max_ssl_sessions) /* cache is full, we must "kill" the oldest entry! */ Curl_ssl_kill_session(store); else @@ -407,16 +401,15 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, void Curl_ssl_close_all(struct SessionHandle *data) { - long i; + size_t i; /* kill the session ID cache if not shared */ if(data->state.session && !SSLSESSION_SHARED(data)) { - for(i=0; i< data->set.ssl.numsessions; i++) + for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) /* the single-killer function handles empty table slots */ Curl_ssl_kill_session(&data->state.session[i]); /* free the cache data */ - free(data->state.session); - data->state.session = NULL; + Curl_safefree(data->state.session); } curlssl_close_all(data); @@ -466,7 +459,7 @@ struct curl_slist *Curl_ssl_engines_list(struct SessionHandle *data) * This sets up a session ID cache to the specified size. Make sure this code * is agnostic to what underlying SSL technology we use. */ -CURLcode Curl_ssl_initsessions(struct SessionHandle *data, long amount) +CURLcode Curl_ssl_initsessions(struct SessionHandle *data, size_t amount) { struct curl_ssl_session *session; @@ -479,7 +472,7 @@ CURLcode Curl_ssl_initsessions(struct SessionHandle *data, long amount) return CURLE_OUT_OF_MEMORY; /* store the info in the SSL section */ - data->set.ssl.numsessions = amount; + data->set.ssl.max_ssl_sessions = amount; data->state.session = session; data->state.sessionage = 1; /* this is brand new */ return CURLE_OK; diff --git a/lib/sslgen.h b/lib/sslgen.h index 5168176181c712..1984a0d53e7cae 100644 --- a/lib/sslgen.h +++ b/lib/sslgen.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -47,7 +47,7 @@ CURLcode Curl_ssl_set_engine_default(struct SessionHandle *data); struct curl_slist *Curl_ssl_engines_list(struct SessionHandle *data); /* init the SSL session ID cache */ -CURLcode Curl_ssl_initsessions(struct SessionHandle *, long); +CURLcode Curl_ssl_initsessions(struct SessionHandle *, size_t); size_t Curl_ssl_version(char *buffer, size_t size); bool Curl_ssl_data_pending(const struct connectdata *conn, int connindex); @@ -65,7 +65,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, void *ssl_sessionid, size_t idsize); /* Kill a single session ID entry in the cache */ -int Curl_ssl_kill_session(struct curl_ssl_session *session); +void Curl_ssl_kill_session(struct curl_ssl_session *session); /* delete a session from the cache */ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid); @@ -90,7 +90,7 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid); #define Curl_ssl_check_cxn(x) 0 #define Curl_ssl_free_certinfo(x) Curl_nop_stmt #define Curl_ssl_connect_nonblocking(x,y,z) CURLE_NOT_BUILT_IN -#define Curl_ssl_kill_session(x) 0 +#define Curl_ssl_kill_session(x) Curl_nop_stmt #endif #endif /* HEADER_CURL_SSLGEN_H */ diff --git a/lib/transfer.c b/lib/transfer.c index e293e8ba247d8d..d6061be588426c 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1420,9 +1420,9 @@ CURLcode Curl_pretransfer(struct SessionHandle *data) } /* Init the SSL session ID cache here. We do it here since we want to do it - after the *_setopt() calls (that could change the size of the cache) but + after the *_setopt() calls (that could specify the size of the cache) but before any transfer takes place. */ - res = Curl_ssl_initsessions(data, data->set.ssl.numsessions); + res = Curl_ssl_initsessions(data, data->set.ssl.max_ssl_sessions); if(res) return res; diff --git a/lib/url.c b/lib/url.c index d9dec701b7ac5a..fd46a7e0327713 100644 --- a/lib/url.c +++ b/lib/url.c @@ -683,7 +683,7 @@ CURLcode Curl_init_userdefined(struct UserDefined *set) set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */ /* Set the default size of the SSL session ID cache */ - set->ssl.numsessions = 5; + set->ssl.max_ssl_sessions = 5; set->proxyport = CURL_DEFAULT_PROXY_PORT; /* from url.h */ set->proxytype = CURLPROXY_HTTP; /* defaults to HTTP proxy */ @@ -2106,10 +2106,8 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, data->cookies = NULL; #endif - if(data->share->sslsession == data->state.session) { + if(data->share->sslsession == data->state.session) data->state.session = NULL; - data->set.ssl.numsessions = 0; - } data->share->dirty--; @@ -2143,7 +2141,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, } #endif /* CURL_DISABLE_HTTP */ if(data->share->sslsession) { - data->set.ssl.numsessions = data->share->nsslsession; + data->set.ssl.max_ssl_sessions = data->share->max_ssl_sessions; data->state.session = data->share->sslsession; } Curl_share_unlock(data, CURL_LOCK_DATA_SHARE); diff --git a/lib/urldata.h b/lib/urldata.h index be7b1e3205a486..adabf5b73b1ae9 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -299,7 +299,7 @@ struct ssl_config_data { char *random_file; /* path to file containing "random" data */ char *egdsocket; /* path to file containing the EGD daemon socket */ char *cipher_list; /* list of ciphers to use */ - long numsessions; /* SSL session id cache size */ + size_t max_ssl_sessions; /* SSL session id cache size */ curl_ssl_ctx_callback fsslctx; /* function to initialize ssl ctx */ void *fsslctxp; /* parameter for call back */ bool sessionid; /* cache session IDs or not */ @@ -1140,7 +1140,7 @@ struct UrlState { following not keep sending user+password... This is strdup() data. */ - struct curl_ssl_session *session; /* array of 'numsessions' size */ + struct curl_ssl_session *session; /* array of 'max_ssl_sessions' size */ long sessionage; /* number of the most recent session */ char *tempwrite; /* allocated buffer to keep data in when a write callback returns to make the connection paused */