rl->numwpipes = numwpipes;
if (len == 0) {
- if (SSL_CONNECTION_IS_DTLS(s))
+ if (rl->isdtls)
headerlen = DTLS1_RT_HEADER_LENGTH + 1;
else
headerlen = SSL3_RT_HEADER_LENGTH;
* buffers. We assume we're so doomed that we won't even be able
* to send an alert.
*/
- SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
+ RLAYERfatal(rl, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
return 0;
}
} else {
/* Check we don't have pending data waiting to write */
if (!ossl_assert(rl->nextwbuf >= rl->numwpipes
|| SSL3_BUFFER_get_left(&rl->wbuf[rl->nextwbuf]) == 0)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
goto err;
}
} else {
mac_size = EVP_MD_CTX_get_size(s->write_hash);
if (mac_size < 0) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
}
* smaller. It is wasteful to allocate a full sized buffer here
*/
if (!tls_setup_write_buffer(rl, numtempl + prefix, 0)) {
- /* SSLfatal() already called */
- return -1;
+ /* RLAYERfatal() already called */
+ goto err;
}
}
using_ktls = BIO_get_ktls_send(rl->bio);
if (!ossl_assert(!using_ktls || !prefix)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
if (!WPACKET_init_static_len(&pkt[0], SSL3_BUFFER_get_buf(wb),
SSL3_BUFFER_get_len(wb), 0)
|| !WPACKET_allocate_bytes(&pkt[0], align, NULL)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
wpinited = 1;
if (!WPACKET_init_static_len(thispkt, SSL3_BUFFER_get_buf(wb),
SSL3_BUFFER_get_len(wb), 0)
|| !WPACKET_allocate_bytes(thispkt, align, NULL)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
wpinited++;
if (mode == EVP_CIPH_CBC_MODE) {
eivlen = EVP_CIPHER_CTX_get_iv_length(s->enc_write_ctx);
if (eivlen < 0) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
goto err;
}
if (eivlen <= 1)
|| (maxcomplen > 0
&& !WPACKET_reserve_bytes(thispkt, maxcomplen,
&compressdata)))) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
if (s->compress != NULL) {
if (!ssl3_do_compress(s, thiswr)
|| !WPACKET_allocate_bytes(thispkt, thiswr->length, NULL)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_COMPRESSION_FAILURE);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_COMPRESSION_FAILURE);
goto err;
}
} else {
SSL3_RECORD_reset_data(&wr[j]);
} else {
if (!WPACKET_memcpy(thispkt, thiswr->input, thiswr->length)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
SSL3_RECORD_reset_input(&wr[j]);
size_t rlen, max_send_fragment;
if (!WPACKET_put_bytes_u8(thispkt, thistempl->type)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
SSL3_RECORD_add_length(thiswr, 1);
if (padding > max_padding)
padding = max_padding;
if (!WPACKET_memset(thispkt, 0, padding)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR,
+ ERR_R_INTERNAL_ERROR);
goto err;
}
SSL3_RECORD_add_length(thiswr, padding);
if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)
|| !ssl->method->ssl3_enc->mac(s, thiswr, mac, 1)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
}
if (!WPACKET_reserve_bytes(thispkt,
SSL_RT_MAX_CIPHER_BLOCK_SIZE,
NULL)
- /*
- * We also need next the amount of bytes written to this
- * sub-packet
- */
- || !WPACKET_get_length(thispkt, &len)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- goto err;
+ /*
+ * We also need next the amount of bytes written to this
+ * sub-packet
+ */
+ || !WPACKET_get_length(thispkt, &len)) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ goto err;
}
/* Get a pointer to the start of this record excluding header */
* send early data - so we need to use the tls13enc function.
*/
if (tls13_enc(s, wr, numtempl, 1, NULL, mac_size) < 1) {
- if (!ossl_statem_in_error(s)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- }
+ if (!ossl_statem_in_error(s))
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
} else {
if (!using_ktls) {
if (prefix) {
if (ssl->method->ssl3_enc->enc(s, wr, 1, 1, NULL, mac_size) < 1) {
- if (!ossl_statem_in_error(s)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- }
+ if (!ossl_statem_in_error(s))
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
}
if (ssl->method->ssl3_enc->enc(s, wr + prefix, numtempl, 1, NULL,
mac_size) < 1) {
- if (!ossl_statem_in_error(s)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- }
+ if (!ossl_statem_in_error(s))
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
}
&& !WPACKET_allocate_bytes(thispkt,
thiswr->length - origlen,
NULL))) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
if (rl->use_etm && mac_size != 0) {
if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)
|| !ssl->method->ssl3_enc->mac(s, thiswr, mac, 1)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
SSL3_RECORD_add_length(thiswr, mac_size);
if (!WPACKET_get_length(thispkt, &len)
|| !WPACKET_close(thispkt)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
}
if (!WPACKET_finish(thispkt)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
err:
for (j = 0; j < wpinited; j++)
WPACKET_cleanup(&pkt[j]);
- return -1;
+ return OSSL_RECORD_RETURN_FATAL;
}
-/* if SSL3_BUFFER_get_left() != 0, we need to call this
- *
- * Return values are as per SSL_write()
- */
int tls_retry_write_records(OSSL_RECORD_LAYER *rl)
{
- int i;
+ int i, ret;
SSL3_BUFFER *thiswb;
size_t tmpwrit = 0;
- SSL_CONNECTION *s = rl->cbarg;
if (rl->nextwbuf >= rl->numwpipes)
- return 1;
+ return OSSL_RECORD_RETURN_SUCCESS;
for (;;) {
thiswb = &rl->wbuf[rl->nextwbuf];
clear_sys_error();
if (rl->bio != NULL) {
- s->rwstate = SSL_WRITING;
-
/*
* To prevent coalescing of control and data messages,
* such as in buffer_write, we flush the BIO
if (BIO_get_ktls_send(rl->bio)
&& thiswb->type != SSL3_RT_APPLICATION_DATA) {
i = BIO_flush(rl->bio);
- if (i <= 0)
- return i;
+ if (i <= 0) {
+ if (BIO_should_retry(rl->bio))
+ ret = OSSL_RECORD_RETURN_RETRY;
+ else
+ ret = OSSL_RECORD_RETURN_FATAL;
+ return ret;
+ }
BIO_set_ktls_ctrl_msg(rl->bio, thiswb->type);
}
i = BIO_write(rl->bio, (char *)
&(SSL3_BUFFER_get_buf(thiswb)
[SSL3_BUFFER_get_offset(thiswb)]),
(unsigned int)SSL3_BUFFER_get_left(thiswb));
- if (i >= 0)
+ if (i >= 0) {
tmpwrit = i;
+ if (i == 0 && BIO_should_retry(rl->bio))
+ ret = OSSL_RECORD_RETURN_RETRY;
+ else
+ ret = OSSL_RECORD_RETURN_SUCCESS;
+ } else {
+ if (BIO_should_retry(rl->bio))
+ ret = OSSL_RECORD_RETURN_RETRY;
+ else
+ ret = OSSL_RECORD_RETURN_FATAL;
+ }
} else {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BIO_NOT_SET);
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_BIO_NOT_SET);
+ ret = OSSL_RECORD_RETURN_FATAL;
i = -1;
}
SSL3_BUFFER_add_offset(thiswb, tmpwrit);
if (++(rl->nextwbuf) < rl->numwpipes)
continue;
- s->rwstate = SSL_NOTHING;
if (rl->nextwbuf == rl->numwpipes
&& (rl->mode & SSL_MODE_RELEASE_BUFFERS) != 0)
tls_release_write_buffer(rl);
- return 1;
+ return OSSL_RECORD_RETURN_SUCCESS;
} else if (i <= 0) {
if (rl->isdtls) {
/*
tls_release_write_buffer(rl);
}
- return i;
+ return ret;
}
SSL3_BUFFER_add_offset(thiswb, tmpwrit);
SSL3_BUFFER_sub_left(thiswb, tmpwrit);