Trim the DTLS write code slightly.
Change-Id: I0fb4152ed656a60fae3aa7922652df766d4978d7
Reviewed-on: https://boringssl-review.googlesource.com/8178
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 093bb69..78f566e 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -299,8 +299,8 @@
static const uint8_t kChangeCipherSpec[1] = {SSL3_MT_CCS};
int ret =
- dtls1_write_bytes(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, kChangeCipherSpec,
- sizeof(kChangeCipherSpec), use_epoch);
+ dtls1_write_record(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, kChangeCipherSpec,
+ sizeof(kChangeCipherSpec), use_epoch);
if (ret <= 0) {
return ret;
}
@@ -375,8 +375,8 @@
goto err;
}
- int write_ret = dtls1_write_bytes(ssl, SSL3_RT_HANDSHAKE, buf, len,
- use_epoch);
+ int write_ret =
+ dtls1_write_record(ssl, SSL3_RT_HANDSHAKE, buf, len, use_epoch);
if (write_ret <= 0) {
ret = write_ret;
goto err;
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 25205d2..b821ab3 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -125,9 +125,6 @@
#include "internal.h"
-static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
- unsigned int len, enum dtls1_use_epoch_t use_epoch);
-
int dtls1_get_record(SSL *ssl) {
again:
switch (ssl->s3->recv_shutdown) {
@@ -338,20 +335,26 @@
return -1;
}
- return dtls1_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf_, len,
- dtls1_use_current_epoch);
+ if (len < 0) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH);
+ return -1;
+ }
+
+ if (len == 0) {
+ return 0;
+ }
+
+ int ret = dtls1_write_record(ssl, SSL3_RT_APPLICATION_DATA, buf_, (size_t)len,
+ dtls1_use_current_epoch);
+ if (ret <= 0) {
+ return ret;
+ }
+ return len;
}
-/* Call this to write data in records of type 'type' It will return <= 0 if not
- * all data has been sent or non-blocking IO. */
-int dtls1_write_bytes(SSL *ssl, int type, const void *buf, int len,
- enum dtls1_use_epoch_t use_epoch) {
+int dtls1_write_record(SSL *ssl, int type, const uint8_t *buf, size_t len,
+ enum dtls1_use_epoch_t use_epoch) {
assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
- return do_dtls1_write(ssl, type, buf, len, use_epoch);
-}
-
-static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
- unsigned int len, enum dtls1_use_epoch_t use_epoch) {
/* There should never be a pending write buffer in DTLS. One can't write half
* a datagram, so the write buffer is always dropped in
* |ssl_write_buffer_flush|. */
@@ -371,10 +374,6 @@
return -1;
}
- if (len == 0) {
- return 0;
- }
-
size_t max_out = len + ssl_max_seal_overhead(ssl);
uint8_t *out;
size_t ciphertext_len;
@@ -390,13 +389,13 @@
if (ret <= 0) {
return ret;
}
- return (int)len;
+ return 1;
}
int dtls1_dispatch_alert(SSL *ssl) {
ssl->s3->alert_dispatch = 0;
- int ret = do_dtls1_write(ssl, SSL3_RT_ALERT, &ssl->s3->send_alert[0], 2,
- dtls1_use_current_epoch);
+ int ret = dtls1_write_record(ssl, SSL3_RT_ALERT, &ssl->s3->send_alert[0], 2,
+ dtls1_use_current_epoch);
if (ret <= 0) {
ssl->s3->alert_dispatch = 1;
return ret;
diff --git a/ssl/internal.h b/ssl/internal.h
index 07e4c98..e9cf918 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1062,8 +1062,11 @@
unsigned long frag_len);
int dtls1_write_app_data(SSL *ssl, const void *buf, int len);
-int dtls1_write_bytes(SSL *ssl, int type, const void *buf, int len,
- enum dtls1_use_epoch_t use_epoch);
+
+/* dtls1_write_record sends a record. It returns one on success and <= 0 on
+ * error. */
+int dtls1_write_record(SSL *ssl, int type, const uint8_t *buf, size_t len,
+ enum dtls1_use_epoch_t use_epoch);
int dtls1_send_change_cipher_spec(SSL *ssl, int a, int b);
int dtls1_send_finished(SSL *ssl, int a, int b, const char *sender, int slen);
