Always process handshake records in full.
This removes the last place where non-app-data hooks leave anything
uncomsumed in rrec. (There is still a place where non-app-data hooks see
a non-empty rrec an entrance. read_app_data calls into read_handshake.
That'll be fixed in a later patch in this series.)
This should not change behavior, though some error codes may change due
to some processing happening in a slightly different order.
Since we do this in a few places, this adds a BUF_MEM_append with tests.
Change-Id: I9fe1fc0103e47f90e3c9f4acfe638927aecdeff6
Reviewed-on: https://boringssl-review.googlesource.com/21345
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 88161ad..c975337 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -924,28 +924,27 @@
}
}
- bool got_handshake = false;
- int ret = ssl->method->read_app_data(ssl, &got_handshake, (uint8_t *)buf,
- num, peek);
- if (ret > 0 || !got_handshake) {
- ssl->s3->key_update_count = 0;
- return ret;
- }
-
- // If we received an interrupt in early read (the end_of_early_data alert),
- // loop again for the handshake to process it.
- if (SSL_in_init(ssl)) {
- continue;
- }
-
+ // Process any buffered post-handshake messages.
SSLMessage msg;
- while (ssl->method->get_message(ssl, &msg)) {
+ if (ssl->method->get_message(ssl, &msg)) {
// Handle the post-handshake message and try again.
if (!ssl_do_post_handshake(ssl, msg)) {
return -1;
}
ssl->method->next_message(ssl);
+ continue; // Loop again. We may have begun a new handshake.
}
+
+ bool got_handshake = false;
+ int ret = ssl->method->read_app_data(ssl, &got_handshake, (uint8_t *)buf,
+ num, peek);
+ if (got_handshake) {
+ continue; // Loop again to process the handshake data.
+ }
+ if (ret > 0) {
+ ssl->s3->key_update_count = 0;
+ }
+ return ret;
}
}
