Commit 8051ab2b authored by Matt Caswell's avatar Matt Caswell
Browse files

Convert SSL BIO to use SSL_write_ex(). 



We also modify the SSL_get_error() function to handle the fact that with
SSL_write_ex() the error return is 0 not -1, and fix some bugs in the
SSL BIO reading.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 8b0e934a

ssl/bio_ssl.c

+5 −13
Original line number Diff line number Diff line
@@ -28,7 +28,7 @@ typedef struct bio_ssl_st { 
    /* re-negotiate every time the total number of bytes is this size */

    int num_renegotiates;

    unsigned long renegotiate_count;

    unsigned long byte_count;

    size_t byte_count;

    unsigned long renegotiate_timeout;

    unsigned long last_time;

} BIO_SSL;
@@ -112,7 +112,7 @@ static int ssl_read(BIO *b, char *buf, size_t size, size_t *readbytes) 


    switch (SSL_get_error(ssl, ret)) {

    case SSL_ERROR_NONE:

        if (ret <= 0)

        if (*readbytes == 0)

            break;

        if (sb->renegotiate_count > 0) {

            sb->byte_count += *readbytes;
@@ -179,17 +179,14 @@ static int ssl_write(BIO *b, const char *buf, size_t size, size_t *written) 


    BIO_clear_retry_flags(b);



    if (size > INT_MAX)

        size = INT_MAX;



    ret = SSL_write(ssl, buf, size);

    ret = SSL_write_ex(ssl, buf, size, written);



    switch (SSL_get_error(ssl, ret)) {

    case SSL_ERROR_NONE:

        if (ret <= 0)

        if (*written == 0)

            break;

        if (bs->renegotiate_count > 0) {

            bs->byte_count += ret;

            bs->byte_count += *written;

            if (bs->byte_count > bs->renegotiate_count) {

                bs->byte_count = 0;

                bs->num_renegotiates++;
@@ -229,11 +226,6 @@ static int ssl_write(BIO *b, const char *buf, size_t size, size_t *written) 


    BIO_set_retry_reason(b, retry_reason);



    if (ret > 0) {

        *written = ret;

        ret = 1;

    }



    return ret;

}

ssl/ssl_lib.c

+56 −59
Original line number Diff line number Diff line
@@ -3002,7 +3002,6 @@ int SSL_get_error(const SSL *s, int i) 
            return (SSL_ERROR_SSL);

    }



    if (i < 0) {

    if (SSL_want_read(s)) {

        bio = SSL_get_rbio(s);

        if (BIO_should_read(bio))
@@ -3061,13 +3060,11 @@ int SSL_get_error(const SSL *s, int i) 
    if (SSL_want_async_job(s)) {

        return SSL_ERROR_WANT_ASYNC_JOB;

    }

    }



    if (i == 0) {

    if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&

        (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))

        return (SSL_ERROR_ZERO_RETURN);

    }



    return (SSL_ERROR_SYSCALL);

}