1 files changed, 34 insertions, 3 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index c5e2faf3fc..fb75419ac5 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.8 2019/02/28 17:56:43 jsing Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.9 2019/02/28 18:20:38 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -270,6 +270,7 @@ int
 tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len)
 {
        struct tls13_ctx *ctx = ssl->internal->tls13;
+        size_t n, sent;
        ssize_t ret;
        if (ctx == NULL || !ctx->handshake_completed) {
@@ -287,6 +288,36 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len)
                return -1;
        }
-        ret = tls13_write_application_data(ctx->rl, buf, len);
+        /*
-        return tls13_legacy_return_code(ssl, ret);
+         * The TLSv1.3 record layer write behaviour is the same as
+         * SSL_MODE_ENABLE_PARTIAL_WRITE.
+         */
+        if (ssl->internal->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {
+                ret = tls13_write_application_data(ctx->rl, buf, len);
+                return tls13_legacy_return_code(ssl, ret);
+        }
+        /*
+         * In the non-SSL_MODE_ENABLE_PARTIAL_WRITE case we have to loop until
+         * we have written out all of the requested data.
+         */
+        sent = S3I(ssl)->wnum;
+        if (len < sent) {
+                SSLerror(ssl, SSL_R_BAD_LENGTH); 
+                return -1;
+        }
+        n = len - sent;
+        for (;;) {
+                if (n == 0) {
+                        S3I(ssl)->wnum = 0;
+                        return sent;
+                }
+                if ((ret = tls13_write_application_data(ctx->rl,
+                    &buf[sent], n)) <= 0) {
+                        S3I(ssl)->wnum = sent;
+                        return tls13_legacy_return_code(ssl, ret);
+                }
+                sent += ret;
+                n -= ret;
+        }
 }

diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index c5e2faf3fc..fb75419ac5 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_lib.c,v 1.8 2019/02/28 17:56:43 jsing Exp $ */	1	/* $OpenBSD: tls13_lib.c,v 1.9 2019/02/28 18:20:38 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -270,6 +270,7 @@ int
270	tls13_legacy_write_bytes(SSL ssl, int type, const void buf, int len)	270	tls13_legacy_write_bytes(SSL ssl, int type, const void buf, int len)
271	{	271	{
272	struct tls13_ctx *ctx = ssl->internal->tls13;	272	struct tls13_ctx *ctx = ssl->internal->tls13;
		273	size_t n, sent;
273	ssize_t ret;	274	ssize_t ret;
274		275
275	if (ctx == NULL \|\| !ctx->handshake_completed) {	276	if (ctx == NULL \|\| !ctx->handshake_completed) {
@@ -287,6 +288,36 @@ tls13_legacy_write_bytes(SSL ssl, int type, const void buf, int len)
287	return -1;	288	return -1;
288	}	289	}
289		290
290	ret = tls13_write_application_data(ctx->rl, buf, len);	291	/*
291	return tls13_legacy_return_code(ssl, ret);	292	* The TLSv1.3 record layer write behaviour is the same as
		293	* SSL_MODE_ENABLE_PARTIAL_WRITE.
		294	*/
		295	if (ssl->internal->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) {
		296	ret = tls13_write_application_data(ctx->rl, buf, len);
		297	return tls13_legacy_return_code(ssl, ret);
		298	}
		299
		300	/*
		301	* In the non-SSL_MODE_ENABLE_PARTIAL_WRITE case we have to loop until
		302	* we have written out all of the requested data.
		303	*/
		304	sent = S3I(ssl)->wnum;
		305	if (len < sent) {
		306	SSLerror(ssl, SSL_R_BAD_LENGTH);
		307	return -1;
		308	}
		309	n = len - sent;
		310	for (;;) {
		311	if (n == 0) {
		312	S3I(ssl)->wnum = 0;
		313	return sent;
		314	}
		315	if ((ret = tls13_write_application_data(ctx->rl,
		316	&buf[sent], n)) <= 0) {
		317	S3I(ssl)->wnum = sent;
		318	return tls13_legacy_return_code(ssl, ret);
		319	}
		320	sent += ret;
		321	n -= ret;
		322	}
292	}	323	}