From 50b085039216e45e5d510d4519347eea7b7f7679 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Tue, 6 Jan 2015 20:18:47 +0000
Subject: [PATCH] Kill static dtls_pkt

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---
 cstp.c                 |  5 +++++
 dtls.c                 | 18 +++++++-----------
 library.c              |  1 +
 openconnect-internal.h | 11 +++++++----
 4 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/cstp.c b/cstp.c
index dee4f2fc..6ac31378 100644
--- a/cstp.c
+++ b/cstp.c
@@ -623,6 +623,11 @@ static int cstp_reconnect(struct openconnect_info *vpninfo)
 	timeout = vpninfo->reconnect_timeout;
 	interval = vpninfo->reconnect_interval;
 
+	free(vpninfo->dtls_pkt);
+	vpninfo->dtls_pkt = NULL;
+	free(vpninfo->tun_pkt);
+	vpninfo->tun_pkt = NULL;
+
 	while ((ret = openconnect_make_cstp_connection(vpninfo))) {
 		if (timeout <= 0)
 			return ret;
diff --git a/dtls.c b/dtls.c
index c44f99cd..1556fa32 100644
--- a/dtls.c
+++ b/dtls.c
@@ -677,9 +677,6 @@ int openconnect_setup_dtls(struct openconnect_info *vpninfo, int dtls_attempt_pe
 	return 0;
 }
 
-static struct pkt *dtls_pkt;
-static int dtls_pkt_max;
-
 int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
 {
 	int work_done = 0;
@@ -712,16 +709,15 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
 		int len = vpninfo->ip_info.mtu;
 		unsigned char *buf;
 
-		if (!dtls_pkt || len > dtls_pkt_max) {
-			realloc_inplace(dtls_pkt, sizeof(struct pkt) + len);
-			if (!dtls_pkt) {
+		if (!vpninfo->dtls_pkt) {
+			vpninfo->dtls_pkt = malloc(sizeof(struct pkt) + len);
+			if (!vpninfo->dtls_pkt) {
 				vpn_progress(vpninfo, PRG_ERR, "Allocation failed\n");
 				break;
 			}
-			dtls_pkt_max = len;
 		}
 
-		buf = dtls_pkt->data - 1;
+		buf = vpninfo->dtls_pkt->data - 1;
 		len = DTLS_RECV(vpninfo->dtls_ssl, buf, len + 1);
 		if (len <= 0)
 			break;
@@ -734,9 +730,9 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
 
 		switch (buf[0]) {
 		case AC_PKT_DATA:
-			dtls_pkt->len = len - 1;
-			queue_packet(&vpninfo->incoming_queue, dtls_pkt);
-			dtls_pkt = NULL;
+			vpninfo->dtls_pkt->len = len - 1;
+			queue_packet(&vpninfo->incoming_queue, vpninfo->dtls_pkt);
+			vpninfo->dtls_pkt = NULL;
 			work_done = 1;
 			break;
 
diff --git a/library.c b/library.c
index add732e2..877848ba 100644
--- a/library.c
+++ b/library.c
@@ -294,6 +294,7 @@ void openconnect_vpninfo_free(struct openconnect_info *vpninfo)
 
 	free(vpninfo->deflate_pkt);
 	free(vpninfo->tun_pkt);
+	free(vpninfo->dtls_pkt);
 	free(vpninfo);
 }
 
diff --git a/openconnect-internal.h b/openconnect-internal.h
index 5ba1a507..0d024f4c 100644
--- a/openconnect-internal.h
+++ b/openconnect-internal.h
@@ -352,11 +352,14 @@ struct openconnect_info {
 	struct pin_cache *pin_cache;
 	struct keepalive_info ssl_times;
 	int owe_ssl_dpd_response;
-	int deflate_pkt_size;
-	struct pkt *deflate_pkt;
-	struct pkt *current_ssl_pkt;
-	struct pkt *pending_deflated_pkt;
 
+	int deflate_pkt_size;			/* It may need to be larger than MTU */
+	struct pkt *deflate_pkt;		/* For compressing outbound packets into */
+	struct pkt *pending_deflated_pkt;	/* The original packet associated with above */
+	struct pkt *current_ssl_pkt;		/* Partially sent SSL packet */
+
+	/* Packet buffers for receiving into */
+	struct pkt *dtls_pkt;
 	struct pkt *tun_pkt;
 
 	z_stream inflate_strm;