Fold away SSL_PROTOCOL_METHOD hooks shared between TLS and DTLS. The ctrl hooks are left alone since they should just go away. Simplifying the cipher story will happen in the next CL. BUG=468889 Change-Id: I979971c90f59c55cd5d17554f1253158b114f18b Reviewed-on: https://boringssl-review.googlesource.com/4957 Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/d1_both.c b/ssl/d1_both.c index b6f26e3..ac35a66 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c
@@ -883,9 +883,3 @@ n2l3(data, msg_hdr->frag_off); n2l3(data, msg_hdr->frag_len); } - -int dtls1_shutdown(SSL *s) { - int ret; - ret = ssl3_shutdown(s); - return ret; -}
diff --git a/ssl/d1_meth.c b/ssl/d1_meth.c index 2646603..eb30b0e 100644 --- a/ssl/d1_meth.c +++ b/ssl/d1_meth.c
@@ -64,10 +64,6 @@ dtls1_free, dtls1_accept, dtls1_connect, - ssl3_read, - ssl3_peek, - ssl3_write, - dtls1_shutdown, dtls1_get_message, dtls1_read_app_data, dtls1_read_close_notify, @@ -75,7 +71,6 @@ dtls1_dispatch_alert, ssl3_ctrl, ssl3_ctx_ctrl, - ssl3_pending, ssl3_num_ciphers, dtls1_get_cipher, DTLS1_HM_HEADER_LENGTH,
diff --git a/ssl/internal.h b/ssl/internal.h index c5501d2..db26528 100644 --- a/ssl/internal.h +++ b/ssl/internal.h
@@ -637,10 +637,6 @@ void (*ssl_free)(SSL *s); int (*ssl_accept)(SSL *s); int (*ssl_connect)(SSL *s); - int (*ssl_read)(SSL *s, void *buf, int len); - int (*ssl_peek)(SSL *s, void *buf, int len); - int (*ssl_write)(SSL *s, const void *buf, int len); - int (*ssl_shutdown)(SSL *s); long (*ssl_get_message)(SSL *s, int header_state, int body_state, int msg_type, long max, enum ssl_hash_message_t hash_message, int *ok); @@ -650,7 +646,6 @@ int (*ssl_dispatch_alert)(SSL *s); long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg); long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg); - int (*ssl_pending)(const SSL *s); size_t (*num_ciphers)(void); const SSL_CIPHER *(*get_cipher)(size_t i); /* Handshake header length */ @@ -926,13 +921,8 @@ void ssl3_free(SSL *s); int ssl3_accept(SSL *s); int ssl3_connect(SSL *s); -int ssl3_read(SSL *s, void *buf, int len); -int ssl3_peek(SSL *s, void *buf, int len); -int ssl3_write(SSL *s, const void *buf, int len); -int ssl3_shutdown(SSL *s); long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg); long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg); -int ssl3_pending(const SSL *s); /* ssl3_record_sequence_update increments the sequence number in |seq|. It * returns one on success and zero on wraparound. */ @@ -1020,7 +1010,6 @@ int dtls1_accept(SSL *s); int dtls1_connect(SSL *s); void dtls1_free(SSL *s); -int dtls1_shutdown(SSL *s); long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, enum ssl_hash_message_t hash_message, int *ok);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 0c04788..16b533c 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c
@@ -501,15 +501,6 @@ return &ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - i]; } -int ssl3_pending(const SSL *s) { - if (s->rstate == SSL_ST_READ_BODY) { - return 0; - } - - return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length - : 0; -} - int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) { uint8_t *p = (uint8_t *)s->init_buf->data; *(p++) = htype; @@ -1117,69 +1108,6 @@ return 1; } -int ssl3_shutdown(SSL *s) { - int ret; - - /* Do nothing if configured not to send a close_notify. */ - if (s->quiet_shutdown) { - s->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN; - return 1; - } - - if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { - s->shutdown |= SSL_SENT_SHUTDOWN; - ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); - - /* our shutdown alert has been sent now, and if it still needs to be - * written, s->s3->alert_dispatch will be true */ - if (s->s3->alert_dispatch) { - return -1; /* return WANT_WRITE */ - } - } else if (s->s3->alert_dispatch) { - /* resend it if not sent */ - ret = s->method->ssl_dispatch_alert(s); - if (ret == -1) { - /* we only get to return -1 here the 2nd/Nth invocation, we must have - * already signalled return 0 upon a previous invoation, return - * WANT_WRITE */ - return ret; - } - } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { - /* If we are waiting for a close from our peer, we are closed */ - s->method->ssl_read_close_notify(s); - if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { - return -1; /* return WANT_READ */ - } - } - - if (s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN) && - !s->s3->alert_dispatch) { - return 1; - } else { - return 0; - } -} - -int ssl3_write(SSL *s, const void *buf, int len) { - ERR_clear_system_error(); - - return s->method->ssl_write_app_data(s, buf, len); -} - -static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) { - ERR_clear_system_error(); - - return s->method->ssl_read_app_data(s, buf, len, peek); -} - -int ssl3_read(SSL *s, void *buf, int len) { - return ssl3_read_internal(s, buf, len, 0); -} - -int ssl3_peek(SSL *s, void *buf, int len) { - return ssl3_read_internal(s, buf, len, 1); -} - /* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and * handshake macs if required. */ uint32_t ssl_get_algorithm2(SSL *s) {
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c index 67bc888..b69dc97 100644 --- a/ssl/s3_meth.c +++ b/ssl/s3_meth.c
@@ -63,10 +63,6 @@ ssl3_free, ssl3_accept, ssl3_connect, - ssl3_read, - ssl3_peek, - ssl3_write, - ssl3_shutdown, ssl3_get_message, ssl3_read_app_data, ssl3_read_close_notify, @@ -74,7 +70,6 @@ ssl3_dispatch_alert, ssl3_ctrl, ssl3_ctx_ctrl, - ssl3_pending, ssl3_num_ciphers, ssl3_get_cipher, SSL3_HM_HEADER_LENGTH,
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c3997a9..7149861 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c
@@ -759,7 +759,12 @@ void SSL_set_read_ahead(SSL *s, int yes) { } int SSL_pending(const SSL *s) { - return s->method->ssl_pending(s); + if (s->rstate == SSL_ST_READ_BODY) { + return 0; + } + + return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length + : 0; } X509 *SSL_get_peer_certificate(const SSL *s) { @@ -882,7 +887,8 @@ return 0; } - return s->method->ssl_read(s, buf, num); + ERR_clear_system_error(); + return s->method->ssl_read_app_data(s, buf, num, 0); } int SSL_peek(SSL *s, void *buf, int num) { @@ -895,7 +901,8 @@ return 0; } - return s->method->ssl_peek(s, buf, num); + ERR_clear_system_error(); + return s->method->ssl_read_app_data(s, buf, num, 1); } int SSL_write(SSL *s, const void *buf, int num) { @@ -910,7 +917,8 @@ return -1; } - return s->method->ssl_write(s, buf, num); + ERR_clear_system_error(); + return s->method->ssl_write_app_data(s, buf, num); } int SSL_shutdown(SSL *s) { @@ -924,11 +932,48 @@ return -1; } - if (!SSL_in_init(s)) { - return s->method->ssl_shutdown(s); + if (SSL_in_init(s)) { + return 1; } - return 1; + /* Do nothing if configured not to send a close_notify. */ + if (s->quiet_shutdown) { + s->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN; + return 1; + } + + if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { + s->shutdown |= SSL_SENT_SHUTDOWN; + ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); + + /* our shutdown alert has been sent now, and if it still needs to be + * written, s->s3->alert_dispatch will be true */ + if (s->s3->alert_dispatch) { + return -1; /* return WANT_WRITE */ + } + } else if (s->s3->alert_dispatch) { + /* resend it if not sent */ + int ret = s->method->ssl_dispatch_alert(s); + if (ret == -1) { + /* we only get to return -1 here the 2nd/Nth invocation, we must have + * already signalled return 0 upon a previous invoation, return + * WANT_WRITE */ + return ret; + } + } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { + /* If we are waiting for a close from our peer, we are closed */ + s->method->ssl_read_close_notify(s); + if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { + return -1; /* return WANT_READ */ + } + } + + if (s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN) && + !s->s3->alert_dispatch) { + return 1; + } else { + return 0; + } } int SSL_renegotiate(SSL *ssl) {