Google Git
Sign in
boringssl/boringssl/d7ac1438140d3bb05376d57b0b5d73e53fa11cdc^!/.
commit
d7ac1438140d3bb05376d57b0b5d73e53fa11cdc
[log]
author
David Benjamin <davidben@google.com>
Thu Mar 10 00:41:25 2016 -0500
committer
David Benjamin <davidben@google.com>
Sat Mar 26 20:09:37 2016 +0000
tree
7896735376b2f672d80332fc01418a34a7d5791f
parent
282511d7eb7ef506c68d21be483f888cac913bb9 [diff]
Lift the handshake driving in write_bytes up to SSL_write.

This removes one use of in_handshake and consolidates some DTLS and TLS
code.

Change-Id: Ibbdd38360a983dabfb7b18c7bd59cb5e316b2adb
Reviewed-on: https://boringssl-review.googlesource.com/7435
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 3d1631b..ad67902 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c

@@ -458,39 +458,24 @@
 }
 
 int dtls1_write_app_data(SSL *ssl, const void *buf_, int len) {
-  int i;
-
-  if (SSL_in_init(ssl) && !ssl->in_handshake) {
-    i = ssl->handshake_func(ssl);
-    if (i < 0) {
-      return i;
-    }
-    if (i == 0) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
-      return -1;
-    }
-  }
+  assert(!SSL_in_init(ssl));
 
   if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_DTLS_MESSAGE_TOO_BIG);
     return -1;
   }
 
-  i = dtls1_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf_, len,
-                        dtls1_use_current_epoch);
-  return i;
+  return dtls1_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf_, len,
+                           dtls1_use_current_epoch);
 }
 
 /* Call this to write data in records of type 'type' It will return <= 0 if not
  * all data has been sent or non-blocking IO. */
 int dtls1_write_bytes(SSL *ssl, int type, const void *buf, int len,
                       enum dtls1_use_epoch_t use_epoch) {
-  int i;
-
   assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
   ssl->rwstate = SSL_NOTHING;
-  i = do_dtls1_write(ssl, type, buf, len, use_epoch);
-  return i;
+  return do_dtls1_write(ssl, type, buf, len, use_epoch);
 }
 
 static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 4ce6603..90f0d44 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -182,6 +182,8 @@
 }
 
 int ssl3_write_app_data(SSL *ssl, const void *buf, int len) {
+  assert(!SSL_in_init(ssl) || SSL_in_false_start(ssl));
+
   return ssl3_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len);
 }
 
@@ -196,17 +198,6 @@
   tot = ssl->s3->wnum;
   ssl->s3->wnum = 0;
 
-  if (!ssl->in_handshake && SSL_in_init(ssl) && !SSL_in_false_start(ssl)) {
-    int ret = ssl->handshake_func(ssl);
-    if (ret < 0) {
-      return ret;
-    }
-    if (ret == 0) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
-      return -1;
-    }
-  }
-
   /* Ensure that if we end up with a smaller value of data to write out than
    * the the original len from a write which didn't complete for non-blocking
    * I/O and also somehow ended up avoiding the check for this in

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d1ea2fe..f9ce9db 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -628,6 +628,19 @@
   }
 
   ERR_clear_system_error();
+
+  /* If necessary, complete the handshake implicitly. */
+  if (SSL_in_init(ssl) && !SSL_in_false_start(ssl)) {
+    int ret = SSL_do_handshake(ssl);
+    if (ret < 0) {
+      return ret;
+    }
+    if (ret == 0) {
+      OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
+      return -1;
+    }
+  }
+
   return ssl->method->ssl_write_app_data(ssl, buf, num);
 }