Split the context allocation out from the configuration. This will allow

us to properly report errors that occur during configuration processing.

Discussed with tedu@

diff --git a/lib/libressl/ressl.c b/lib/libressl/ressl.c
index dc82f32..08ec061 100644 (file)
--- a/lib/libressl/ressl.c
+++ b/lib/libressl/ressl.c
@@ -65,21 +65,29 @@ ressl_set_error(struct ressl *ctx, char *fmt, ...)
 }
 
 struct ressl *
-ressl_new(struct ressl_config *config)
+ressl_new(void)
 {
        struct ressl *ctx;
 
        if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
                return (NULL);
 
+       ctx->config = &ressl_config_default;
+
+       ressl_reset(ctx);
+
+       return (ctx);
+}
+
+int
+ressl_configure(struct ressl *ctx, struct ressl_config *config)
+{
        if (config == NULL)
                config = &ressl_config_default;
 
        ctx->config = config;
 
-       ressl_reset(ctx);
-
-       return (ctx);
+       return (0);
 }
 
 void

diff --git a/lib/libressl/ressl.h b/lib/libressl/ressl.h
index a1d2200..766335a 100644 (file)
--- a/lib/libressl/ressl.h
+++ b/lib/libressl/ressl.h
@@ -36,7 +36,8 @@ void ressl_config_set_verify_depth(struct ressl_config *config,
 void ressl_config_insecure_no_verify(struct ressl_config *config);
 void ressl_config_verify(struct ressl_config *config);
 
-struct ressl *ressl_new(struct ressl_config *config);
+struct ressl *ressl_new(void);
+int ressl_configure(struct ressl *ctx, struct ressl_config *config);
 void ressl_reset(struct ressl *ctx);
 void ressl_free(struct ressl *ctx);