fixes #456 TLS configuration object hold

fixes #776 Configuration of mbedTLS should warn about license
author: Garrett D'Amore <garrett@damore.org> 2018-11-05 17:21:34 -0800
committer: Garrett D'Amore <garrett@damore.org> 2018-11-05 18:09:35 -0800
commit: 3cc0bb37e3543052f336abe1d3349ff095f72ae2 (patch)
tree: 048163a5c66029c4837be4ac93a56f0790df8dc4 /src/supplemental
parent: 77984b14a65c0a7387c97f3d36f947dd17358744 (diff)
download: nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.tar.gz
nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.tar.bz2
nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.zip
5 files changed, 20 insertions, 1 deletions
diff --git a/src/supplemental/http/http_client.c b/src/supplemental/http/http_client.c
index a8260705..c70b7a63 100644
--- a/src/supplemental/http/http_client.c
+++ b/src/supplemental/http/http_client.c
@@ -223,6 +223,7 @@ nni_http_client_get_tls(nni_http_client *c, struct nng_tls_config **tlsp)
 		nni_mtx_unlock(&c->mtx);
 		return (NNG_EINVAL);
 	}
+	nni_tls_config_hold(c->tls);
 	*tlsp = c->tls;
 	nni_mtx_unlock(&c->mtx);
 	return (0);
diff --git a/src/supplemental/http/http_server.c b/src/supplemental/http/http_server.c
index cdbfe3e6..b7ca9f7e 100644
--- a/src/supplemental/http/http_server.c
+++ b/src/supplemental/http/http_server.c
@@ -1799,6 +1799,7 @@ nni_http_server_get_tls(nni_http_server *s, nng_tls_config **tp)
 		nni_mtx_unlock(&s->mtx);
 		return (NNG_EINVAL);
 	}
+	nni_tls_config_hold(s->tls);
 	*tp = s->tls;
 	nni_mtx_unlock(&s->mtx);
 	return (0);
diff --git a/src/supplemental/tls/CMakeLists.txt b/src/supplemental/tls/CMakeLists.txt
index 3d1e6d02..111ff70f 100644
--- a/src/supplemental/tls/CMakeLists.txt
+++ b/src/supplemental/tls/CMakeLists.txt
@@ -19,7 +19,13 @@ set(_HDRS supplemental/tls/tls.h)
 # For now we only support the ARM mbedTLS library.
 if (NNG_SUPP_TLS_MBEDTLS)
 
-	Find_Package(mbedTLS REQUIRED)
+    message(WARNING "
+        ************************************************************
+        Linking against mbedTLS changes license terms (Apache 2.0).
+        Consult a lawyer and the license files for details.
+        ************************************************************")
+
+	find_package(mbedTLS REQUIRED)
 	set(_LIBS ${MBEDTLS_LIBRARIES})
 	set(_INCS ${MBEDTLS_INCLUDE_DIR})
 	list(APPEND _SRCS supplemental/tls/mbedtls/tls.c)
diff --git a/src/supplemental/tls/mbedtls/tls.c b/src/supplemental/tls/mbedtls/tls.c
index 8f38df64..f7431ac6 100644
--- a/src/supplemental/tls/mbedtls/tls.c
+++ b/src/supplemental/tls/mbedtls/tls.c
@@ -1013,3 +1013,9 @@ nng_tls_config_free(nng_tls_config *cfg)
 {
 	nni_tls_config_fini(cfg);
 }
+
+void
+nng_tls_config_hold(nng_tls_config *cfg)
+{
+	nni_tls_config_hold(cfg);
+}
diff --git a/src/supplemental/tls/tls.h b/src/supplemental/tls/tls.h
index 62da9618..5983f3b6 100644
--- a/src/supplemental/tls/tls.h
+++ b/src/supplemental/tls/tls.h
@@ -41,6 +41,11 @@ typedef enum nng_tls_auth_mode {
 // with multiple pipes or services/servers.
 NNG_DECL int nng_tls_config_alloc(nng_tls_config **, nng_tls_mode);
 
+// nng_tls_config_hold increments the reference count on the TLS
+// configuration object.  The hold can be dropped by calling
+// nng_tls_config_free later.
+NNG_DECL void nng_tls_config_hold(nng_tls_config *);
+
 // nng_tls_config_free drops the reference count on the TLS
 // configuration object, and if zero, deallocates it.
 NNG_DECL void nng_tls_config_free(nng_tls_config *);
author	Garrett D'Amore <garrett@damore.org>	2018-11-05 17:21:34 -0800
committer	Garrett D'Amore <garrett@damore.org>	2018-11-05 18:09:35 -0800
commit	3cc0bb37e3543052f336abe1d3349ff095f72ae2 (patch)
tree	048163a5c66029c4837be4ac93a56f0790df8dc4 /src/supplemental
parent	77984b14a65c0a7387c97f3d36f947dd17358744 (diff)
download	nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.tar.gz nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.tar.bz2 nng-3cc0bb37e3543052f336abe1d3349ff095f72ae2.zip