Don't use ssl3_write_pending in DTLS.
That function doesn't do anything useful for DTLS. It's meant for tracking the
rest of the record we've already committed to by writing half of one. But one
cannot write half a datagram, so DTLS never tracks this. Just call
ssl_write_buffer_flush straight and don't touch wpend_*.
Change-Id: Ibe191907d64c955c7cfeefba26f5c11ad5e4b939
Reviewed-on: https://boringssl-review.googlesource.com/6418
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 1cb2ac6..c50b315 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -249,6 +249,23 @@
}
}
+static int ssl3_write_pending(SSL *s, int type, const uint8_t *buf,
+ unsigned int len) {
+ if (s->s3->wpend_tot > (int)len ||
+ (s->s3->wpend_buf != buf &&
+ !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
+ s->s3->wpend_type != type) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_WRITE_RETRY);
+ return -1;
+ }
+
+ int ret = ssl_write_buffer_flush(s);
+ if (ret <= 0) {
+ return ret;
+ }
+ return s->s3->wpend_ret;
+}
+
/* do_ssl3_write writes an SSL record of the given type. */
static int do_ssl3_write(SSL *s, int type, const uint8_t *buf, unsigned len) {
/* If there is still data from the previous record, flush it. */
@@ -298,22 +315,6 @@
return ssl3_write_pending(s, type, buf, len);
}
-int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len) {
- if (s->s3->wpend_tot > (int)len ||
- (s->s3->wpend_buf != buf &&
- !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
- s->s3->wpend_type != type) {
- OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_WRITE_RETRY);
- return -1;
- }
-
- int ret = ssl_write_buffer_flush(s);
- if (ret <= 0) {
- return ret;
- }
- return s->s3->wpend_ret;
-}
-
/* ssl3_expect_change_cipher_spec informs the record layer that a
* ChangeCipherSpec record is required at this point. If a Handshake record is
* received before ChangeCipherSpec, the connection will fail. Moreover, if
