From 7e2f15593307fc374a9a0b62d562093d20e0f4aa Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 23 Jan 2020 03:17:40 +0000 Subject: Switch back to a function pointer for ssl_pending. This will allow the TLSv1.3 stack to provide its own implementation. Nuke a completely bogus comment from SSL_pending() whilst here. ok beck@ --- src/lib/libssl/ssl_lib.c | 12 ++---------- src/lib/libssl/ssl_locl.h | 7 ++++--- src/lib/libssl/ssl_methods.c | 19 ++++++++++++++++++- 3 files changed, 24 insertions(+), 14 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index a667b5d294..1b141b6e2c 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.208 2020/01/21 04:45:18 tb Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.209 2020/01/23 03:17:40 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -802,15 +802,7 @@ SSL_get_read_ahead(const SSL *s) int SSL_pending(const SSL *s) { - /* - * SSL_pending cannot work properly if read-ahead is enabled - * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), - * and it is impossible to fix since SSL_pending cannot report - * errors that may be observed while scanning the new data. - * (Note that SSL_pending() is often used as a boolean value, - * so we'd better not return -1.) - */ - return (ssl3_pending(s)); + return (s->method->internal->ssl_pending(s)); } X509 * diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 1c60f10684..8649f651fa 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.252 2020/01/22 15:47:22 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.253 2020/01/23 03:17:40 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -391,8 +391,9 @@ typedef struct ssl_method_internal_st { long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long max, int *ok); - int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, - int len, int peek); + int (*ssl_pending)(const SSL *s); + int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len, + int peek); int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len); const struct ssl_method_st *(*get_ssl_method)(int version); diff --git a/src/lib/libssl/ssl_methods.c b/src/lib/libssl/ssl_methods.c index 30838f7407..355cd8823a 100644 --- a/src/lib/libssl/ssl_methods.c +++ b/src/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.8 2020/01/22 15:47:22 jsing Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.9 2020/01/23 03:17:40 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,6 +75,7 @@ static const SSL_METHOD_INTERNAL DTLSv1_client_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = dtls1_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, .ssl3_enc = &DTLSv1_enc_data, @@ -127,6 +128,7 @@ static const SSL_METHOD_INTERNAL DTLSv1_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = dtls1_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, .ssl3_enc = &DTLSv1_enc_data, @@ -177,6 +179,7 @@ static const SSL_METHOD_INTERNAL DTLSv1_server_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = dtls1_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, .ssl3_enc = &DTLSv1_enc_data, @@ -228,6 +231,7 @@ static const SSL_METHOD_INTERNAL TLS_client_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -259,6 +263,7 @@ static const SSL_METHOD_INTERNAL TLS_legacy_client_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -289,6 +294,7 @@ static const SSL_METHOD_INTERNAL TLSv1_client_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_enc_data, @@ -319,6 +325,7 @@ static const SSL_METHOD_INTERNAL TLSv1_1_client_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_1_enc_data, @@ -349,6 +356,7 @@ static const SSL_METHOD_INTERNAL TLSv1_2_client_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -433,6 +441,7 @@ static const SSL_METHOD_INTERNAL TLS_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -463,6 +472,7 @@ static const SSL_METHOD_INTERNAL TLSv1_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_enc_data, @@ -493,6 +503,7 @@ static const SSL_METHOD_INTERNAL TLSv1_1_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_1_enc_data, @@ -523,6 +534,7 @@ static const SSL_METHOD_INTERNAL TLSv1_2_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -596,6 +608,7 @@ static const SSL_METHOD_INTERNAL TLS_server_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -627,6 +640,7 @@ static const SSL_METHOD_INTERNAL TLS_legacy_server_method_internal_data = { .ssl_renegotiate = ssl_undefined_function, .ssl_renegotiate_check = ssl_ok, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, @@ -657,6 +671,7 @@ static const SSL_METHOD_INTERNAL TLSv1_server_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_enc_data, @@ -687,6 +702,7 @@ static const SSL_METHOD_INTERNAL TLSv1_1_server_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_1_enc_data, @@ -717,6 +733,7 @@ static const SSL_METHOD_INTERNAL TLSv1_2_server_method_internal_data = { .ssl_renegotiate = ssl3_renegotiate, .ssl_renegotiate_check = ssl3_renegotiate_check, .ssl_get_message = ssl3_get_message, + .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, .ssl3_enc = &TLSv1_2_enc_data, -- cgit v1.2.3-55-g6feb