Tidy up the DTLS code's blocking-mode retransmits.
Move this logic out of dtls1_read_bytes and into dtls1_get_record. Only trigger
it when reading from the buffer fails. The other one shouldn't be necessary.
This exists to handle the blocking BIO case when the
BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT signal triggers, so we only need to do it when
timeouts actually trigger.
There also doesn't seem to be a need for most of the machinery. The
BIO_set_flags call seems to be working around a deficiency in the underlying
BIO. There also shouldn't be a need to check the handshake state as there
wouldn't be a timer to restart otherwise.
Change-Id: Ic901ccfb5b82aeb409d16a9d32c04741410ad6d7
Reviewed-on: https://boringssl-review.googlesource.com/8122
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 34eeddb..2a1017d 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -114,6 +114,7 @@
#include <assert.h>
#include <string.h>
+#include <openssl/bio.h>
#include <openssl/buf.h>
#include <openssl/mem.h>
#include <openssl/evp.h>
@@ -144,6 +145,14 @@
/* Read a new packet if there is no unconsumed one. */
if (ssl_read_buffer_len(ssl) == 0) {
int ret = ssl_read_buffer_extend_to(ssl, 0 /* unused */);
+ if (ret < 0 && dtls1_is_timer_expired(ssl)) {
+ /* For blocking BIOs, retransmits must be handled internally. */
+ int timeout_ret = DTLSv1_handle_timeout(ssl);
+ if (timeout_ret <= 0) {
+ return timeout_ret;
+ }
+ goto again;
+ }
if (ret <= 0) {
return ret;
}
@@ -264,22 +273,11 @@
* ssl->s3->rrec.length - number of bytes. */
rr = &ssl->s3->rrec;
- /* Check for timeout */
- if (DTLSv1_handle_timeout(ssl) > 0) {
- goto start;
- }
-
/* get new packet if necessary */
if (rr->length == 0) {
ret = dtls1_get_record(ssl);
if (ret <= 0) {
- ret = dtls1_read_failed(ssl, ret);
- /* anything other than a timeout is an error */
- if (ret <= 0) {
- return ret;
- } else {
- goto start;
- }
+ return ret;
}
}
