From c325504de78f1158bf30d6d6bebb7a6744f20ba1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?=
 <moisesguimaraesm@gmail.com>
Date: Fri, 12 Sep 2014 13:28:15 -0300
Subject: [PATCH] ssl: refactoring CyaSSL_DSA_do_sign to reduce stack usage:
 --- variable tmpRNG moved to the heap (sizeof(RNG) saved)

---
 src/ssl.c | 59 +++++++++++++++++++++++++++++++++----------------------
 1 file changed, 36 insertions(+), 23 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index a8b1cf65f..8a8b45457 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -11025,36 +11025,50 @@ int CyaSSL_RSA_size(const CYASSL_RSA* rsa)
 int CyaSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
                        CYASSL_DSA* dsa)
 {
-    RNG    tmpRNG;
-    RNG*   rng = &tmpRNG;
+    int    ret = SSL_FATAL_ERROR;
+    RNG*   rng = NULL;
+#ifdef CYASSL_SMALL_STACK
+    RNG*   tmpRNG = NULL;
+#else
+    RNG    tmpRNG[1];
+#endif
 
     CYASSL_MSG("CyaSSL_DSA_do_sign");
 
-    if (d == NULL || sigRet == NULL || dsa == NULL) {
+    if (d == NULL || sigRet == NULL || dsa == NULL)
         CYASSL_MSG("Bad function arguments");
-        return SSL_FATAL_ERROR;
-    }
-
-    if (dsa->inSet == 0) {
+    else if (dsa->inSet == 0)
         CYASSL_MSG("No DSA internal set");
-        return SSL_FATAL_ERROR;
-    }
-
-    if (InitRng(&tmpRNG) != 0) {
-        CYASSL_MSG("Bad RNG Init, trying global");
-        if (initGlobalRNG == 0) {
-            CYASSL_MSG("Global RNG no Init");
+    else {
+    #ifdef CYASSL_SMALL_STACK
+        tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (tmpRNG == NULL)
             return SSL_FATAL_ERROR;
+    #endif
+
+        if (InitRng(tmpRNG) == 0)
+            rng = tmpRNG;
+        else {
+            CYASSL_MSG("Bad RNG Init, trying global");
+            if (initGlobalRNG == 0)
+                CYASSL_MSG("Global RNG no Init");
+            else
+                rng = &globalRNG;
         }
-        rng = &globalRNG;
+
+        if (rng) {
+            if (DsaSign(d, sigRet, (DsaKey*)dsa->internal, rng) < 0)
+                CYASSL_MSG("DsaSign failed");
+            else
+                ret = SSL_SUCCESS;
+        }
+
+    #ifdef CYASSL_SMALL_STACK
+        XFREE(RNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
     }
 
-    if (DsaSign(d, sigRet, (DsaKey*)dsa->internal, rng) < 0) {
-        CYASSL_MSG("DsaSign failed");
-        return SSL_FATAL_ERROR;
-    }
-
-    return SSL_SUCCESS;
+    return ret;
 }
 #endif /* NO_DSA */
 
@@ -11103,9 +11117,8 @@ int CyaSSL_RSA_sign(int type, const unsigned char* m,
 
         if (outLen == 0)
             CYASSL_MSG("Bad RSA size");
-        else if (InitRng(tmpRNG) == 0) {
+        else if (InitRng(tmpRNG) == 0)
             rng = tmpRNG;
-        }
         else {
             CYASSL_MSG("Bad RNG Init, trying global");