From 89765039246492e31ffb68c874b94a43c78d3acb Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 28 Feb 2019 18:20:38 +0000 Subject: Implement non-SSL_MODE_ENABLE_PARTIAL_WRITE in tls13_legacy_write_bytes(). In non-SSL_MODE_ENABLE_PARTIAL_WRITE mode we have to write out all the things and only return success once all of the data has been sent. ok inoguchi@ tb@ --- src/lib/libssl/tls13_lib.c | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index c5e2faf3fc..fb75419ac5 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.8 2019/02/28 17:56:43 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.9 2019/02/28 18:20:38 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -270,6 +270,7 @@ int tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len) { struct tls13_ctx *ctx = ssl->internal->tls13; + size_t n, sent; ssize_t ret; if (ctx == NULL || !ctx->handshake_completed) { @@ -287,6 +288,36 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len) return -1; } - ret = tls13_write_application_data(ctx->rl, buf, len); - return tls13_legacy_return_code(ssl, ret); + /* + * The TLSv1.3 record layer write behaviour is the same as + * SSL_MODE_ENABLE_PARTIAL_WRITE. + */ + if (ssl->internal->mode & SSL_MODE_ENABLE_PARTIAL_WRITE) { + ret = tls13_write_application_data(ctx->rl, buf, len); + return tls13_legacy_return_code(ssl, ret); + } + + /* + * In the non-SSL_MODE_ENABLE_PARTIAL_WRITE case we have to loop until + * we have written out all of the requested data. + */ + sent = S3I(ssl)->wnum; + if (len < sent) { + SSLerror(ssl, SSL_R_BAD_LENGTH); + return -1; + } + n = len - sent; + for (;;) { + if (n == 0) { + S3I(ssl)->wnum = 0; + return sent; + } + if ((ret = tls13_write_application_data(ctx->rl, + &buf[sent], n)) <= 0) { + S3I(ssl)->wnum = sent; + return tls13_legacy_return_code(ssl, ret); + } + sent += ret; + n -= ret; + } } -- cgit v1.2.3-55-g6feb