From b93fa3144ae79b1e5a856261afcf620b4e1c5b48 Mon Sep 17 00:00:00 2001
From: Deomid Ryabkov <rojer@cesanta.com>
Date: Wed, 9 Dec 2015 09:43:41 +0000
Subject: [PATCH] First cut of TLS support for LWIP event manager

    PUBLISHED_FROM=98cf23ea090ffb4e83edd4d600bee57dfd7d94d4
---
 mongoose.c | 21 ++++++++++++++++-----
 mongoose.h |  3 +++
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/mongoose.c b/mongoose.c
index d03c43505..aa04cbc4f 100644
--- a/mongoose.c
+++ b/mongoose.c
@@ -1954,8 +1954,13 @@ void mg_if_poll(struct mg_connection *nc, time_t now) {
 
 static void mg_destroy_conn(struct mg_connection *conn) {
   mg_if_destroy_conn(conn);
+#ifdef MG_ENABLE_SSL
+  if (conn->ssl != NULL) SSL_free(conn->ssl);
+  if (conn->ssl_ctx != NULL) SSL_CTX_free(conn->ssl_ctx);
+#endif
   mbuf_free(&conn->recv_mbuf);
   mbuf_free(&conn->send_mbuf);
+  memset(conn, 0, sizeof(*conn));
   MG_FREE(conn);
 }
 
@@ -2124,6 +2129,11 @@ MG_INTERNAL struct mg_connection *mg_create_connection(
      * doesn't compile with pedantic ansi flags.
      */
     conn->recv_mbuf_limit = ~0;
+    if (!mg_if_create_conn(conn)) {
+      MG_FREE(conn);
+      conn = NULL;
+      MG_SET_PTRPTR(opts.error_string, "failed init connection");
+    }
   } else {
     MG_SET_PTRPTR(opts.error_string, "failed create connection");
   }
@@ -2336,7 +2346,7 @@ static int mg_use_cert(SSL_CTX *ctx, const char *pem_file) {
 const char *mg_set_ssl(struct mg_connection *nc, const char *cert,
                        const char *ca_cert) {
   const char *result = NULL;
-  DBG(("%p %s %s", nc, cert, ca_cert));
+  DBG(("%p %s %s", nc, (cert ? cert : ""), (ca_cert ? ca_cert : "")));
 
   if ((nc->flags & MG_F_LISTENING) &&
       (nc->ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) {
@@ -2874,12 +2884,13 @@ void mg_if_recved(struct mg_connection *nc, size_t len) {
   (void) len;
 }
 
+int mg_if_create_conn(struct mg_connection *nc) {
+  (void) nc;
+  return 1;
+}
+
 void mg_if_destroy_conn(struct mg_connection *nc) {
   if (nc->sock == INVALID_SOCKET) return;
-#ifdef MG_ENABLE_SSL
-  if (nc->ssl != NULL) SSL_free(nc->ssl);
-  if (nc->ssl_ctx != NULL) SSL_CTX_free(nc->ssl_ctx);
-#endif
   if (!(nc->flags & MG_F_UDP)) {
     closesocket(nc->sock);
   } else {
diff --git a/mongoose.h b/mongoose.h
index a795bbf21..8d56a9c42 100644
--- a/mongoose.h
+++ b/mongoose.h
@@ -1179,6 +1179,9 @@ void mg_if_poll(struct mg_connection *nc, time_t now);
 /* Deliver a TIMER event to the connection. */
 void mg_if_timer(struct mg_connection *c, time_t now);
 
+/* Perform interface-related connection initialization. Return 1 on success. */
+int mg_if_create_conn(struct mg_connection *nc);
+
 /* Perform interface-related cleanup on connection before destruction. */
 void mg_if_destroy_conn(struct mg_connection *nc);
 
-- 
GitLab