diff --git a/examples/client/client.c b/examples/client/client.c index 92ad394d2..26cfbfdf6 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -780,7 +780,7 @@ THREAD_RETURN WOLFSSH_THREAD client_test(void* args) err_sys("If setting priv key, need pub key."); } - ret = ClientSetPrivateKey(privKeyName, userEcc); + ret = ClientSetPrivateKey(privKeyName, userEcc, NULL); if (ret != 0) { err_sys("Error setting private key"); } @@ -788,12 +788,12 @@ THREAD_RETURN WOLFSSH_THREAD client_test(void* args) #ifdef WOLFSSH_CERTS /* passed in certificate to use */ if (certName) { - ret = ClientUseCert(certName); + ret = ClientUseCert(certName, NULL); } else #endif if (pubKeyName) { - ret = ClientUsePubKey(pubKeyName, userEcc); + ret = ClientUsePubKey(pubKeyName, userEcc, NULL); } if (ret != 0) { err_sys("Error setting public key"); @@ -1079,7 +1079,7 @@ THREAD_RETURN WOLFSSH_THREAD client_test(void* args) err_sys("Closing client stream failed"); } - ClientFreeBuffers(pubKeyName, privKeyName); + ClientFreeBuffers(pubKeyName, privKeyName, NULL); #if !defined(WOLFSSH_NO_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif diff --git a/examples/client/common.c b/examples/client/common.c index 302dea58f..c4281ab4f 100644 --- a/examples/client/common.c +++ b/examples/client/common.c @@ -241,7 +241,8 @@ static const unsigned int hanselPrivateEccSz = 223; #if defined(WOLFSSH_CERTS) -static int load_der_file(const char* filename, byte** out, word32* outSz) +static int load_der_file(const char* filename, byte** out, word32* outSz, + void* heap) { WFILE* file; byte* in; @@ -267,7 +268,7 @@ static int load_der_file(const char* filename, byte** out, word32* outSz) return -1; } - in = (byte*)WMALLOC(inSz, NULL, 0); + in = (byte*)WMALLOC(inSz, heap, 0); if (in == NULL) { WFCLOSE(NULL, file); return -1; @@ -276,7 +277,7 @@ static int load_der_file(const char* filename, byte** out, word32* outSz) ret = (int)WFREAD(NULL, in, 1, inSz, file); if (ret <= 0 || (word32)ret != inSz) { ret = -1; - WFREE(in, NULL, 0); + WFREE(in, heap, 0); in = 0; inSz = 0; } @@ -652,19 +653,20 @@ int ClientSetEcho(int type) /* Set certificate to use and public key. * returns 0 on success */ -int ClientUseCert(const char* certName) +int ClientUseCert(const char* certName, void* heap) { int ret = 0; if (certName != NULL) { #ifdef WOLFSSH_CERTS - ret = load_der_file(certName, &userPublicKey, &userPublicKeySz); + ret = load_der_file(certName, &userPublicKey, &userPublicKeySz, heap); if (ret == 0) { userPublicKeyType = publicKeyType; userPublicKeyTypeSz = (word32)WSTRLEN((const char*)publicKeyType); pubKeyLoaded = 1; } #else + (void)heap; fprintf(stderr, "Certificate support not compiled in"); ret = WS_NOT_COMPILED; #endif @@ -676,7 +678,7 @@ int ClientUseCert(const char* certName) /* Reads the private key to use from file name privKeyName. * returns 0 on success */ -int ClientSetPrivateKey(const char* privKeyName, int userEcc) +int ClientSetPrivateKey(const char* privKeyName, int userEcc, void* heap) { int ret = 0; @@ -685,14 +687,14 @@ int ClientSetPrivateKey(const char* privKeyName, int userEcc) #ifndef WOLFSSH_NO_ECC ret = wolfSSH_ReadKey_buffer(hanselPrivateEcc, hanselPrivateEccSz, WOLFSSH_FORMAT_ASN1, &userPrivateKey, &userPrivateKeySz, - &userPrivateKeyType, &userPrivateKeyTypeSz, NULL); + &userPrivateKeyType, &userPrivateKeyTypeSz, heap); #endif } else { #ifndef WOLFSSH_NO_RSA ret = wolfSSH_ReadKey_buffer(hanselPrivateRsa, hanselPrivateRsaSz, WOLFSSH_FORMAT_ASN1, &userPrivateKey, &userPrivateKeySz, - &userPrivateKeyType, &userPrivateKeyTypeSz, NULL); + &userPrivateKeyType, &userPrivateKeyTypeSz, heap); #endif } isPrivate = 1; @@ -703,7 +705,7 @@ int ClientSetPrivateKey(const char* privKeyName, int userEcc) ret = wolfSSH_ReadKey_file(privKeyName, (byte**)&userPrivateKey, &userPrivateKeySz, (const byte**)&userPrivateKeyType, &userPrivateKeyTypeSz, - &isPrivate, NULL); + &isPrivate, heap); #else printf("file system not compiled in!\n"); ret = NOT_COMPILED_IN; @@ -716,7 +718,7 @@ int ClientSetPrivateKey(const char* privKeyName, int userEcc) /* Set public key to use * returns 0 on success */ -int ClientUsePubKey(const char* pubKeyName, int userEcc) +int ClientUsePubKey(const char* pubKeyName, int userEcc, void* heap) { int ret = 0; @@ -729,7 +731,7 @@ int ClientUsePubKey(const char* pubKeyName, int userEcc) ret = wolfSSH_ReadKey_buffer((const byte*)hanselPublicEcc, (word32)strlen(hanselPublicEcc), WOLFSSH_FORMAT_SSH, &p, &userPublicKeySz, - &userPublicKeyType, &userPublicKeyTypeSz, NULL); + &userPublicKeyType, &userPublicKeyTypeSz, heap); #endif } else { @@ -737,7 +739,7 @@ int ClientUsePubKey(const char* pubKeyName, int userEcc) ret = wolfSSH_ReadKey_buffer((const byte*)hanselPublicRsa, (word32)strlen(hanselPublicRsa), WOLFSSH_FORMAT_SSH, &p, &userPublicKeySz, - &userPublicKeyType, &userPublicKeyTypeSz, NULL); + &userPublicKeyType, &userPublicKeyTypeSz, heap); #endif } isPrivate = 1; @@ -748,7 +750,7 @@ int ClientUsePubKey(const char* pubKeyName, int userEcc) ret = wolfSSH_ReadKey_file(pubKeyName, &userPublicKey, &userPublicKeySz, (const byte**)&userPublicKeyType, &userPublicKeyTypeSz, - &isPrivate, NULL); + &isPrivate, heap); #else printf("file system not compiled in!\n"); ret = -1; @@ -771,7 +773,7 @@ int ClientLoadCA(WOLFSSH_CTX* ctx, const char* caCert) byte* der = NULL; word32 derSz; - ret = load_der_file(caCert, &der, &derSz); + ret = load_der_file(caCert, &der, &derSz, ctx->heap); if (ret == 0) { if (wolfSSH_CTX_AddRootCert_buffer(ctx, der, derSz, WOLFSSH_FORMAT_ASN1) != WS_SUCCESS) { @@ -790,13 +792,14 @@ int ClientLoadCA(WOLFSSH_CTX* ctx, const char* caCert) } -void ClientFreeBuffers(const char* pubKeyName, const char* privKeyName) +void ClientFreeBuffers(const char* pubKeyName, const char* privKeyName, + void* heap) { if (pubKeyName != NULL && userPublicKey != NULL) { - WFREE(userPublicKey, NULL, DYNTYPE_PRIVKEY); + WFREE(userPublicKey, heap, DYNTYPE_PRIVKEY); } if (privKeyName != NULL && userPrivateKey != NULL) { - WFREE(userPrivateKey, NULL, DYNTYPE_PRIVKEY); + WFREE(userPrivateKey, heap, DYNTYPE_PRIVKEY); } } diff --git a/examples/client/common.h b/examples/client/common.h index d27d22f1d..395d4288a 100644 --- a/examples/client/common.h +++ b/examples/client/common.h @@ -21,16 +21,17 @@ #ifndef WOLFSSH_COMMON_H #define WOLFSSH_COMMON_H int ClientLoadCA(WOLFSSH_CTX* ctx, const char* caCert); -int ClientUsePubKey(const char* pubKeyName, int userEcc); -int ClientSetPrivateKey(const char* privKeyName, int userEcc); -int ClientUseCert(const char* certName); +int ClientUsePubKey(const char* pubKeyName, int userEcc, void* heap); +int ClientSetPrivateKey(const char* privKeyName, int userEcc, void* heap); +int ClientUseCert(const char* certName, void* heap); int ClientSetEcho(int type); int ClientUserAuth(byte authType, WS_UserAuthData* authData, void* ctx); int ClientPublicKeyCheck(const byte* pubKey, word32 pubKeySz, void* ctx); void ClientIPOverride(int flag); -void ClientFreeBuffers(const char* pubKeyName, const char* privKeyName); +void ClientFreeBuffers(const char* pubKeyName, const char* privKeyName, + void* heap); #endif /* WOLFSSH_COMMON_H */ diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 721eeda4f..0951c13c3 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -609,6 +609,87 @@ static int termios_show(int fd) #endif /* SHELL_DEBUG */ +#ifdef WOLFSSH_STATIC_MEMORY + #ifndef WOLFSSL_STATIC_MEMORY + #error Requires the static memory functions from wolfSSL + #endif + #if defined(WOLFSSH_SCP) || defined(WOLFSSH_SHELL) || defined(WOLFSSH_FWD) + #warning Static memory configuration for SFTP, results may vary. + #endif + typedef WOLFSSL_HEAP_HINT ES_HEAP_HINT; + + /* This static buffer is tuned for building with SFTP only. The static + * buffer size is calulated by multiplying the pairs of sizeList items + * and distList items and summing (32*64 + 128*118 + ...) and adding + * the sum of the distList values times the sizeof wc_Memory (rounded up + * to a word, 24). This total was 288kb plus change, rounded up to 289. */ + #ifndef ES_STATIC_SIZES + #define ES_STATIC_SIZES 32,128,384,800,3120,8400,17552,32846,131072 + #endif + #ifndef ES_STATIC_DISTS + #define ES_STATIC_DISTS 64,118,3,4,6,2,2,2,1 + #endif + #ifndef ES_STATIC_LISTSZ + #define ES_STATIC_LISTSZ 9 + #endif + #ifndef ES_STATIC_BUFSZ + #define ES_STATIC_BUFSZ (289*1024) + #endif + static const word32 static_sizeList[] = {ES_STATIC_SIZES}; + static const word32 static_distList[] = {ES_STATIC_DISTS}; + static byte static_buffer[ES_STATIC_BUFSZ]; + + static void wolfSSH_MemoryPrintStats(ES_HEAP_HINT* hint) + { + if (hint != NULL) { + word16 i; + WOLFSSL_MEM_STATS stats; + + wolfSSL_GetMemStats(hint->memory, &stats); + + /* print to stderr so is on the same pipe as WOLFSSL_DEBUG */ + fprintf(stderr, "Total mallocs = %d\n", stats.totalAlloc); + fprintf(stderr, "Total frees = %d\n", stats.totalFr); + fprintf(stderr, "Current mallocs = %d\n", stats.curAlloc); + fprintf(stderr, "Available IO = %d\n", stats.avaIO); + fprintf(stderr, "Max con. handshakes = %d\n", stats.maxHa); + fprintf(stderr, "Max con. IO = %d\n", stats.maxIO); + fprintf(stderr, "State of memory blocks: size : available\n"); + for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) { + fprintf(stderr, " %8d : %d\n", + stats.blockSz[i], stats.avaBlock[i]); + } + } + } + + static void wolfSSH_MemoryConnPrintStats(ES_HEAP_HINT* hint) + { + if (hint != NULL) { + WOLFSSL_MEM_CONN_STATS* stats = hint->stats; + + /* fill out statistics if wanted and WOLFMEM_TRACK_STATS flag */ + if (hint->memory->flag & WOLFMEM_TRACK_STATS + && hint->stats != NULL) { + fprintf(stderr, "peak connection memory = %d\n", + stats->peakMem); + fprintf(stderr, "current memory in use = %d\n", + stats->curMem); + fprintf(stderr, "peak connection allocs = %d\n", + stats->peakAlloc); + fprintf(stderr, "current connection allocs = %d\n", + stats->curAlloc); + fprintf(stderr, "total connection allocs = %d\n", + stats->totalAlloc); + fprintf(stderr, "total connection frees = %d\n\n", + stats->totalFr); + } + } + } +#else + typedef void ES_HEAP_HINT; +#endif + + int ChildRunning = 0; #ifdef WOLFSSH_SHELL @@ -1419,6 +1500,11 @@ static THREAD_RETURN WOLFSSH_THREAD server_worker(void* vArgs) threadCtx->fwdCbCtx.originName = NULL; } #endif + +#ifdef WOLFSSH_STATIC_MEMORY + wolfSSH_MemoryConnPrintStats(threadCtx->ssh->ctx->heap); +#endif + wolfSSH_free(threadCtx->ssh); if (ret != 0) { @@ -2192,6 +2278,7 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) word32 defaultHighwater = EXAMPLE_HIGHWATER_MARK; word32 threadCount = 0; const char* keyList = NULL; + ES_HEAP_HINT* heap = NULL; int multipleConnections = 1; int userEcc = 0; int peerEcc = 0; @@ -2329,7 +2416,21 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) ES_ERROR("Couldn't initialize wolfSSH.\n"); } - ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, NULL); + #ifdef WOLFSSH_STATIC_MEMORY + { + int ret; + + ret = wc_LoadStaticMemory_ex(&heap, + ES_STATIC_LISTSZ, static_sizeList, static_distList, + static_buffer, sizeof(static_buffer), + WOLFMEM_GENERAL|WOLFMEM_TRACK_STATS, 0); + if (ret != 0) { + ES_ERROR("Couldn't set up static memory pool.\n"); + } + } + #endif /* WOLFSSH_STATIC_MEMORY */ + + ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_SERVER, heap); if (ctx == NULL) { ES_ERROR("Couldn't allocate SSH CTX data.\n"); } @@ -2573,6 +2674,9 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) WFREE(threadCtx, NULL, 0); ES_ERROR("Couldn't allocate SSH data.\n"); } + #ifdef WOLFSSH_STATIC_MEMORY + wolfSSH_MemoryConnPrintStats(heap); + #endif wolfSSH_SetUserAuthCtx(ssh, &pwMapList); /* Use the session object for its own highwater callback ctx */ if (defaultHighwater > 0) { @@ -2649,6 +2753,10 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) wc_FreeMutex(&doneLock); PwMapListDelete(&pwMapList); wolfSSH_CTX_free(ctx); +#ifdef WOLFSSH_STATIC_MEMORY + wolfSSH_MemoryPrintStats(heap); +#endif + if (wolfSSH_Cleanup() != WS_SUCCESS) { ES_ERROR("Couldn't clean up wolfSSH.\n"); } diff --git a/examples/scpclient/scpclient.c b/examples/scpclient/scpclient.c index 5e404e4d2..c0cc7602b 100644 --- a/examples/scpclient/scpclient.c +++ b/examples/scpclient/scpclient.c @@ -217,7 +217,7 @@ THREAD_RETURN WOLFSSH_THREAD scp_client(void* args) err_sys("Empty path values"); } - ret = ClientSetPrivateKey(privKeyName, 0); + ret = ClientSetPrivateKey(privKeyName, 0, NULL); if (ret != 0) { err_sys("Error setting private key"); } @@ -225,12 +225,12 @@ THREAD_RETURN WOLFSSH_THREAD scp_client(void* args) #ifdef WOLFSSH_CERTS /* passed in certificate to use */ if (certName) { - ret = ClientUseCert(certName); + ret = ClientUseCert(certName, NULL); } else #endif { - ret = ClientUsePubKey(pubKeyName, 0); + ret = ClientUsePubKey(pubKeyName, 0, NULL); } if (ret != 0) { err_sys("Error setting public key"); @@ -327,7 +327,7 @@ THREAD_RETURN WOLFSSH_THREAD scp_client(void* args) if (ret != WS_SUCCESS && ret != WS_SOCKET_ERROR_E) err_sys("Closing scp stream failed. Connection could have been closed by peer"); - ClientFreeBuffers(pubKeyName, privKeyName); + ClientFreeBuffers(pubKeyName, privKeyName, NULL); #if !defined(WOLFSSH_NO_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif diff --git a/examples/sftpclient/sftpclient.c b/examples/sftpclient/sftpclient.c index 5bb412f25..edc036011 100644 --- a/examples/sftpclient/sftpclient.c +++ b/examples/sftpclient/sftpclient.c @@ -63,6 +63,36 @@ static char* workingDir; #define AUTOPILOT_PUT 2 +#ifdef WOLFSSH_STATIC_MEMORY + #include + + typedef WOLFSSL_HEAP_HINT SFTPC_HEAP_HINT; + + /* This static buffer is tuned for building with SFTP only. The static + * buffer size is calulated by multiplying the pairs of sizeList items + * and distList items and summing (32*50 + 128*100 + ...) and adding + * the sum of the distList values times the sizeof wc_Memory (rounded up + * to a word, 24). This total was 268kb plus change, rounded up to 269. */ + #ifndef SFTPC_STATIC_SIZES + #define SFTPC_STATIC_SIZES 64,128,384,800,3120,8400,17552,33104,131072 + #endif + #ifndef SFTPC_STATIC_DISTS + #define SFTPC_STATIC_DISTS 60,100,4,6,5,2,1,2,1 + #endif + #ifndef SFTPC_STATIC_LISTSZ + #define SFTPC_STATIC_LISTSZ 9 + #endif + #ifndef SFTPC_STATIC_BUFSZ + #define SFTPC_STATIC_BUFSZ (269*1024) + #endif + static const word32 static_sizeList[] = {SFTPC_STATIC_SIZES}; + static const word32 static_distList[] = {SFTPC_STATIC_DISTS}; + static byte static_buffer[SFTPC_STATIC_BUFSZ]; +#else /* WOLFSSH_STATIC_MEMORY */ + typedef void SFTPC_HEAP_HINT; +#endif /* WOLFSSH_STATIC_MEMORY */ + + static void err_msg(const char* s) { printf("%s\n", s); @@ -1143,7 +1173,7 @@ THREAD_RETURN WOLFSSH_THREAD sftpclient_test(void* args) char* pubKeyName = NULL; char* certName = NULL; char* caCert = NULL; - + SFTPC_HEAP_HINT* heap = NULL; int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; @@ -1263,7 +1293,17 @@ THREAD_RETURN WOLFSSH_THREAD sftpclient_test(void* args) } #endif - ret = ClientSetPrivateKey(privKeyName, userEcc); +#ifdef WOLFSSH_STATIC_MEMORY + ret = wc_LoadStaticMemory_ex(&heap, + SFTPC_STATIC_LISTSZ, static_sizeList, static_distList, + static_buffer, sizeof(static_buffer), + WOLFMEM_GENERAL, 0); + if (ret != 0) { + err_sys("Couldn't set up static memory pool.\n"); + } +#endif /* WOLFSSH_STATIC_MEMORY */ + + ret = ClientSetPrivateKey(privKeyName, userEcc, heap); if (ret != 0) { err_sys("Error setting private key"); } @@ -1271,18 +1311,18 @@ THREAD_RETURN WOLFSSH_THREAD sftpclient_test(void* args) #ifdef WOLFSSH_CERTS /* passed in certificate to use */ if (certName) { - ret = ClientUseCert(certName); + ret = ClientUseCert(certName, heap); } else #endif { - ret = ClientUsePubKey(pubKeyName, 0); + ret = ClientUsePubKey(pubKeyName, 0, heap); } if (ret != 0) { err_sys("Error setting public key"); } - ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL); + ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, heap); if (ctx == NULL) err_sys("Couldn't create wolfSSH client context."); @@ -1394,7 +1434,7 @@ THREAD_RETURN WOLFSSH_THREAD sftpclient_test(void* args) ((func_args*)args)->return_code = ret; } - ClientFreeBuffers(pubKeyName, privKeyName); + ClientFreeBuffers(pubKeyName, privKeyName, heap); #if !defined(WOLFSSH_NO_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif diff --git a/src/internal.c b/src/internal.c index 727a39907..9fd60abd7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -948,6 +948,30 @@ WOLFSSH* SshInit(WOLFSSH* ssh, WOLFSSH_CTX* ctx) return ssh; heap = ctx->heap; +#ifdef WOLFSSH_STATIC_MEMORY + if (heap != NULL) { + WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)heap; + + if (hint->memory->flag & WOLFMEM_TRACK_STATS) { + WOLFSSL_MEM_CONN_STATS* stats = NULL; + + stats = (WOLFSSL_MEM_CONN_STATS*)WMALLOC( + sizeof(WOLFSSL_MEM_CONN_STATS), + heap, DYNTYPE_SSH); + if (stats == NULL) { + WLOG(WS_LOG_DEBUG, "SshInit: Cannot track memory stats.\n"); + return NULL; + } + + XMEMSET(stats, 0, sizeof(WOLFSSL_MEM_CONN_STATS)); + if (hint->stats != NULL) { + WFREE(hint->stats, heap, DYNTYPE_SSH); + } + hint->stats = stats; + } + } +#endif /* WOLFSSH_STATIC_MEMORY */ + handshake = HandshakeInfoNew(heap); rng = (WC_RNG*)WMALLOC(sizeof(WC_RNG), heap, DYNTYPE_RNG); @@ -1125,6 +1149,16 @@ void SshResourceFree(WOLFSSH* ssh, void* heap) ssh->modesSz = 0; } #endif +#ifdef WOLFSSH_STATIC_MEMORY + if (heap) { + WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)heap; + if (hint->memory->flag & WOLFMEM_TRACK_STATS + && hint->stats != NULL) { + WFREE(hint->stats, heap, DYNTYPE_SSH); + hint->stats = NULL; + } + } +#endif }