Topic: [SOLVED] Passing void *user from wolfSSL_new() to XMALLOC()

Hi All,

We have created a custom implementation of XMALLOC() that uses the 'type' argument to divert some requests into conventional glibc malloc(), and others into our internal mechanism.

Our internal mechanism wants to return an address that's an offset relative to 'void *heap' passed to XMALLOC().

In short, we want to use 'void *heap' for our own purposes, and set this prior to every call to wolfSSL_new().

Is this possible?
A.

Share

Re: [SOLVED] Passing void *user from wolfSSL_new() to XMALLOC()

Hi Andrew,

Yes that is possible. We have that there specifically for custom XMALLOC solutions. On standard systems we generally just pass in NULL for the heap pointer and it is not used.

We have a custom solution that uses that pointer as a "hint" and to track memory that has been handed out vs memory available when using a fixed amount of static memory as opposed to dynamic memory. You can use that pointer in your custom implementation for whatever purpose you deem relevant.


Warm Regards,

Kaleb

Re: [SOLVED] Passing void *user from wolfSSL_new() to XMALLOC()

Thanks Kaleb.

I couldn't quite see how ctx->heap could be continually modified, so I've created an 'installer' script that unpacks the wolfSSL ZIP, inserts a trivial API call into ssl.c and ssl.h:-

void __setCTXHeap(WOLFSSL_CTX* ctx, void *heap)

enables XMALLOC_USER, configures and builds.

All now seems to be working.

Regards,
A.

Share

Re: [SOLVED] Passing void *user from wolfSSL_new() to XMALLOC()

Hi Andrew,

Glad to hear you got it all working, thanks for providing feedback!

- Kaleb

Re: [SOLVED] Passing void *user from wolfSSL_new() to XMALLOC()

An additional question on this topic if I may:-

Currently, our implementation does not specifically call wolfSSL_free() when an SSL/TLS connection ends.  Instead, the memory used by the WOLFSSL structure and its subordinate structures is automatically reclaimed by an entirely separate mechanism when tracking of the TCP flow is purged.

As far as I can see this is OK, and there would not be unforeseen consequences by allowing large numbers of SSL connections to come and go without calling wolfSSL_free().

Is my assessment correct?
A.

Share