diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 41a001054b..a915fef731 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -2880,9 +2880,9 @@ get_create_tls_context(dig_query_t *query, const bool is_https, } #endif /* HAVE_LIBNGHTTP2 */ - sess_cache = isc_tlsctx_client_session_cache_new( - mctx, ctx, - ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE); + isc_tlsctx_client_session_cache_create( + mctx, ctx, ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE, + &sess_cache); result = isc_tlsctx_cache_add( query->lookup->tls_ctx_cache, tlsctxname, transport, diff --git a/lib/dns/transport.c b/lib/dns/transport.c index c565b972ca..9c6a123081 100644 --- a/lib/dns/transport.c +++ b/lib/dns/transport.c @@ -498,9 +498,10 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, isc_tlsctx_enable_dot_client_alpn(tlsctx); - sess_cache = isc_tlsctx_client_session_cache_new( + isc_tlsctx_client_session_cache_create( mctx, tlsctx, - ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE); + ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE, + &sess_cache); found_store = NULL; result = isc_tlsctx_cache_add(tlsctx_cache, tlsname, diff --git a/lib/isc/include/isc/tls.h b/lib/isc/include/isc/tls.h index 113d603229..6da0361a1f 100644 --- a/lib/isc/include/isc/tls.h +++ b/lib/isc/include/isc/tls.h @@ -320,9 +320,10 @@ typedef struct isc_tlsctx_client_session_cache isc_tlsctx_client_session_cache_t * comparable to or surpass the size of a typical DNS message. */ -isc_tlsctx_client_session_cache_t * -isc_tlsctx_client_session_cache_new(isc_mem_t *mctx, isc_tlsctx_t *ctx, - const size_t max_entries); +void +isc_tlsctx_client_session_cache_create( + isc_mem_t *mctx, isc_tlsctx_t *ctx, const size_t max_entries, + isc_tlsctx_client_session_cache_t **cachep); /*%< * Create a new TLS client session cache object. * @@ -330,6 +331,7 @@ isc_tlsctx_client_session_cache_new(isc_mem_t *mctx, isc_tlsctx_t *ctx, *\li 'mctx' is a valid memory context object; *\li 'ctx' is a valid TLS context object; *\li 'max_entries' is a positive number; + *\li 'cachep' is a valid pointer to a pointer which must be equal to NULL. */ void diff --git a/lib/isc/tls.c b/lib/isc/tls.c index 6a9605928c..8c4768c46b 100644 --- a/lib/isc/tls.c +++ b/lib/isc/tls.c @@ -1465,13 +1465,15 @@ struct isc_tlsctx_client_session_cache { isc_mutex_t lock; }; -isc_tlsctx_client_session_cache_t * -isc_tlsctx_client_session_cache_new(isc_mem_t *mctx, isc_tlsctx_t *ctx, - const size_t max_entries) { +void +isc_tlsctx_client_session_cache_create( + isc_mem_t *mctx, isc_tlsctx_t *ctx, const size_t max_entries, + isc_tlsctx_client_session_cache_t **cachep) { isc_tlsctx_client_session_cache_t *nc; REQUIRE(ctx != NULL); REQUIRE(max_entries > 0); + REQUIRE(cachep != NULL && *cachep == NULL); nc = isc_mem_get(mctx, sizeof(*nc)); @@ -1486,7 +1488,7 @@ isc_tlsctx_client_session_cache_new(isc_mem_t *mctx, isc_tlsctx_t *ctx, nc->magic = TLSCTX_CLIENT_SESSION_CACHE_MAGIC; - return (nc); + *cachep = nc; } void diff --git a/tests/isc/doh_test.c b/tests/isc/doh_test.c index fca204c307..c1e08b2071 100644 --- a/tests/isc/doh_test.c +++ b/tests/isc/doh_test.c @@ -319,9 +319,10 @@ setup_test(void **state) { client_tlsctx = NULL; isc_tlsctx_createclient(&client_tlsctx); isc_tlsctx_enable_http2client_alpn(client_tlsctx); - client_sess_cache = isc_tlsctx_client_session_cache_new( + isc_tlsctx_client_session_cache_create( mctx, client_tlsctx, - ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE); + ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE, + &client_sess_cache); isc_quota_init(&listener_quota, 0); atomic_store(&check_listener_quota, false); diff --git a/tests/isc/netmgr_common.c b/tests/isc/netmgr_common.c index cd4e8f28c0..ce8aff3b65 100644 --- a/tests/isc/netmgr_common.c +++ b/tests/isc/netmgr_common.c @@ -186,9 +186,10 @@ setup_netmgr_test(void **state) { isc_tlsctx_enable_dot_client_alpn(tcp_connect_tlsctx); - tcp_tlsctx_client_sess_cache = isc_tlsctx_client_session_cache_new( + isc_tlsctx_client_session_cache_create( mctx, tcp_connect_tlsctx, - ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE); + ISC_TLSCTX_CLIENT_SESSION_CACHE_DEFAULT_SIZE, + &tcp_tlsctx_client_sess_cache); return (0); }