Split ssl_read_bytes hook into app_data and close_notify hooks.
This still needs significant work, especially the close_notify half, but
clarify the interface and get *_read_bytes out of SSL_PROTOCOL_METHOD.
read_bytes is an implementation detail of those two and get_message
rather than both an implementation detail of get_message for handshake
and a (wholly inappropriate) exposed interface for the other two.
BUG=468889
Change-Id: I7dd23869e0b7c3532ceb2e9dd31ca25ea31128e7
Reviewed-on: https://boringssl-review.googlesource.com/4956
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 3eb26c5..b6f26e3 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -404,8 +404,7 @@
uint8_t discard[256];
while (frag_len > 0) {
size_t chunk = frag_len < sizeof(discard) ? frag_len : sizeof(discard);
- int ret = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, discard, chunk,
- 0);
+ int ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, discard, chunk, 0);
if (ret != chunk) {
return 0;
}
@@ -480,8 +479,8 @@
* body across two records. Change this interface to consume the fragment in
* one pass. */
uint8_t header[DTLS1_HM_HEADER_LENGTH];
- int ret = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, header,
- DTLS1_HM_HEADER_LENGTH, 0);
+ int ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, header,
+ DTLS1_HM_HEADER_LENGTH, 0);
if (ret <= 0) {
return ret;
}
@@ -533,8 +532,8 @@
assert(msg_len > 0);
/* Read the body of the fragment. */
- ret = s->method->ssl_read_bytes(
- s, SSL3_RT_HANDSHAKE, frag->fragment + frag_off, frag_len, 0);
+ ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, frag->fragment + frag_off,
+ frag_len, 0);
if (ret != frag_len) {
OPENSSL_PUT_ERROR(SSL, dtls1_process_fragment, SSL_R_UNEXPECTED_MESSAGE);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
diff --git a/ssl/d1_meth.c b/ssl/d1_meth.c
index 276290d..2646603 100644
--- a/ssl/d1_meth.c
+++ b/ssl/d1_meth.c
@@ -69,7 +69,8 @@
ssl3_write,
dtls1_shutdown,
dtls1_get_message,
- dtls1_read_bytes,
+ dtls1_read_app_data,
+ dtls1_read_close_notify,
dtls1_write_app_data,
dtls1_dispatch_alert,
ssl3_ctrl,
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index b0fd0dc..553499f 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -388,6 +388,14 @@
return 1;
}
+int dtls1_read_app_data(SSL *ssl, uint8_t *buf, int len, int peek) {
+ return dtls1_read_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+}
+
+void dtls1_read_close_notify(SSL *ssl) {
+ dtls1_read_bytes(ssl, 0, NULL, 0, 0);
+}
+
/* Return up to 'len' payload bytes received in 'type' records.
* 'type' is one of the following:
*
diff --git a/ssl/internal.h b/ssl/internal.h
index 2c7c1b1..c5501d2 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -644,7 +644,8 @@
long (*ssl_get_message)(SSL *s, int header_state, int body_state,
int msg_type, long max,
enum ssl_hash_message_t hash_message, int *ok);
- int (*ssl_read_bytes)(SSL *s, int type, uint8_t *buf, int len, int peek);
+ int (*ssl_read_app_data)(SSL *s, uint8_t *buf, int len, int peek);
+ void (*ssl_read_close_notify)(SSL *s);
int (*ssl_write_app_data)(SSL *s, const void *buf_, int len);
int (*ssl_dispatch_alert)(SSL *s);
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
@@ -897,6 +898,8 @@
const SSL_CIPHER *ssl3_get_cipher(size_t i);
int ssl3_dispatch_alert(SSL *s);
int ssl3_expect_change_cipher_spec(SSL *s);
+int ssl3_read_app_data(SSL *ssl, uint8_t *buf, int len, int peek);
+void ssl3_read_close_notify(SSL *ssl);
int ssl3_read_bytes(SSL *s, int type, uint8_t *buf, int len, int peek);
int ssl3_write_app_data(SSL *ssl, const void *buf, int len);
int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
@@ -947,6 +950,8 @@
int dtls1_do_write(SSL *s, int type, enum dtls1_use_epoch_t use_epoch);
int ssl3_read_n(SSL *s, int n, int extend);
+int dtls1_read_app_data(SSL *ssl, uint8_t *buf, int len, int peek);
+void dtls1_read_close_notify(SSL *ssl);
int dtls1_read_bytes(SSL *s, int type, uint8_t *buf, int len, int peek);
int ssl3_write_pending(SSL *s, int type, const uint8_t *buf, unsigned int len);
void dtls1_set_message_header(SSL *s, uint8_t mt, unsigned long len,
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 2222c06..0fdf90f 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -357,8 +357,8 @@
for (;;) {
while (s->init_num < 4) {
- int bytes_read = s->method->ssl_read_bytes(
- s, SSL3_RT_HANDSHAKE, &p[s->init_num], 4 - s->init_num, 0);
+ int bytes_read = ssl3_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num],
+ 4 - s->init_num, 0);
if (bytes_read <= 0) {
*ok = 0;
return bytes_read;
@@ -413,8 +413,8 @@
p = s->init_msg;
n = s->s3->tmp.message_size - s->init_num;
while (n > 0) {
- int bytes_read =
- s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num], n, 0);
+ int bytes_read = ssl3_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num], n,
+ 0);
if (bytes_read <= 0) {
s->rwstate = SSL_READING;
*ok = 0;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 092f21b..0c04788 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1146,7 +1146,7 @@
}
} else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
/* If we are waiting for a close from our peer, we are closed */
- s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
+ s->method->ssl_read_close_notify(s);
if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
return -1; /* return WANT_READ */
}
@@ -1169,7 +1169,7 @@
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) {
ERR_clear_system_error();
- return s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+ return s->method->ssl_read_app_data(s, buf, len, peek);
}
int ssl3_read(SSL *s, void *buf, int len) {
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c
index 308c942..67bc888 100644
--- a/ssl/s3_meth.c
+++ b/ssl/s3_meth.c
@@ -68,7 +68,8 @@
ssl3_write,
ssl3_shutdown,
ssl3_get_message,
- ssl3_read_bytes,
+ ssl3_read_app_data,
+ ssl3_read_close_notify,
ssl3_write_app_data,
ssl3_dispatch_alert,
ssl3_ctrl,
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index d898cf2..4a9ae83 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -671,6 +671,14 @@
return 1;
}
+int ssl3_read_app_data(SSL *ssl, uint8_t *buf, int len, int peek) {
+ return ssl3_read_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len, peek);
+}
+
+void ssl3_read_close_notify(SSL *ssl) {
+ ssl3_read_bytes(ssl, 0, NULL, 0, 0);
+}
+
/* Return up to 'len' payload bytes received in 'type' records.
* 'type' is one of the following:
*
