Use ssl_force_want_read() in the DTLS code.

Also mop up some mostly unhelpful comments while here. ok beck@ tb@
author: jsing <> 2021-10-25 10:09:28 +0000
committer: jsing <> 2021-10-25 10:09:28 +0000
commit: ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452 (patch)
tree: 708ee9c17db413f47b181607dd993676182e3daa /src
parent: b56105c2617b86206d3688dd7940aa6e553af6e1 (diff)
download: openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.tar.gz
openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.tar.bz2
openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.zip
3 files changed, 15 insertions, 44 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 7aea85a4c4..9601a39e3a 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.113 2021/10/23 13:36:03 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.114 2021/10/25 10:09:28 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -654,14 +654,9 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                         * Application data while renegotiating is allowed.
                         * Try reading again.
                         */
-                        BIO *bio;
                        S3I(s)->in_read_app_data = 2;
-                        bio = SSL_get_rbio(s);
+                        ssl_force_want_read(s);
-                        s->internal->rwstate = SSL_READING;
+                        return -1;
-                        BIO_clear_retry_flags(bio);
-                        BIO_set_retry_read(bio);
-                        return (-1);
                } else {
                        /* Not certain if this is the right error handling */
                        al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -714,17 +709,8 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                                }
                                if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
-                                        if (S3I(s)->rbuf.left == 0) /* no read-ahead left? */
+                                        if (S3I(s)->rbuf.left == 0) {
-                                        {
+                                                ssl_force_want_read(s);
-                                                BIO *bio;
-                                                /* In the case where we try to read application data,
-                                                 * but we trigger an SSL handshake, we return -1 with
-                                                 * the retry option set.  Otherwise renegotiation may
-                                                 * cause nasty problems in the blocking world */
-                                                s->internal->rwstate = SSL_READING;
-                                                bio = SSL_get_rbio(s);
-                                                BIO_clear_retry_flags(bio);
-                                                BIO_set_retry_read(bio);
                                                return (-1);
                                        }
                                }
@@ -851,17 +837,8 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                }
                if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
-                        if (S3I(s)->rbuf.left == 0) /* no read-ahead left? */
+                        if (S3I(s)->rbuf.left == 0) {
-                        {
+                                ssl_force_want_read(s);
-                                BIO *bio;
-                                /* In the case where we try to read application data,
-                                 * but we trigger an SSL handshake, we return -1 with
-                                 * the retry option set.  Otherwise renegotiation may
-                                 * cause nasty problems in the blocking world */
-                                s->internal->rwstate = SSL_READING;
-                                bio = SSL_get_rbio(s);
-                                BIO_clear_retry_flags(bio);
-                                BIO_set_retry_read(bio);
                                return (-1);
                        }
                }
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 01c22762ef..27bf5ec41f 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.367 2021/10/25 10:01:46 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.368 2021/10/25 10:09:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1372,6 +1372,8 @@ int ssl3_renegotiate(SSL *ssl);
 int ssl3_renegotiate_check(SSL *ssl);
+void ssl_force_want_read(SSL *s);
 int ssl3_dispatch_alert(SSL *s);
 int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 049a7df3c3..8a5f97e5c7 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.50 2021/08/30 19:25:43 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.51 2021/10/25 10:09:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -127,14 +127,15 @@ static int ssl3_get_record(SSL *s);
 * Force a WANT_READ return for certain error conditions where
 * we don't want to spin internally.
 */
-static void
+void
 ssl_force_want_read(SSL *s)
 {
-        BIO * bio;
+        BIO *bio;
        bio = SSL_get_rbio(s);
        BIO_clear_retry_flags(bio);
        BIO_set_retry_read(bio);
        s->internal->rwstate = SSL_READING;
 }
@@ -931,11 +932,6 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                                if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
                                        if (S3I(s)->rbuf.left == 0) {
-                                                /* no read-ahead left? */
-                        /* In the case where we try to read application data,
-                         * but we trigger an SSL handshake, we return -1 with
-                         * the retry option set.  Otherwise renegotiation may
-                         * cause nasty problems in the blocking world */
                                                ssl_force_want_read(s);
                                                return (-1);
                                        }
@@ -1079,11 +1075,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                }
                if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
-                        if (S3I(s)->rbuf.left == 0) { /* no read-ahead left? */
+                        if (S3I(s)->rbuf.left == 0) {
-                                /* In the case where we try to read application data,
-                                 * but we trigger an SSL handshake, we return -1 with
-                                 * the retry option set.  Otherwise renegotiation may
-                                 * cause nasty problems in the blocking world */
                                ssl_force_want_read(s);
                                return (-1);
                        }
author	jsing <>	2021-10-25 10:09:28 +0000
committer	jsing <>	2021-10-25 10:09:28 +0000
commit	ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452 (patch)
tree	708ee9c17db413f47b181607dd993676182e3daa /src
parent	b56105c2617b86206d3688dd7940aa6e553af6e1 (diff)
download	openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.tar.gz openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.tar.bz2 openbsd-ca06f0eb8077fb22dbd7cd11aa65d4c1e3b1c452.zip