]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2b71b04)
Move checking for alerts to dispatch out of the record layer
authorMatt Caswell <matt@openssl.org>
Mon, 22 Aug 2022 14:49:53 +0000 (15:49 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 23 Sep 2022 13:43:24 +0000 (14:43 +0100)
This isn't a record layer responsibility so should be removed from
write_records.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

ssl/record/methods/tls_common.c patch | blob | blame | history
ssl/record/rec_layer_s3.c patch | blob | blame | history

diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index 6a5b7c6696731e690009c409d7f89d1c9e7d7e76..e679d9fe6b929f0aa1c04977cf8b8093b7c27f85 100644 (file)
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -1310,7 +1310,7 @@ int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
     WPACKET *thispkt;
     SSL3_RECORD *thiswr;
     unsigned char *recordstart;
-    int i, mac_size, clear = 0;
+    int mac_size, clear = 0;
     int eivlen = 0;
     size_t align = 0;
     SSL3_BUFFER *wb;
@@ -1329,16 +1329,6 @@ int tls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
         goto err;
     }
 
-    /* If we have an alert to send, lets send it */
-    if (s->s3.alert_dispatch) {
-        i = ssl->method->ssl_dispatch_alert(ssl);
-        if (i <= 0) {
-            /* SSLfatal() already called if appropriate */
-            return i;
-        }
-        /* if it went, fall through and send more stuff */
-    }
-
     sess = s->session;
 
     if ((sess == NULL)
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index e6439ccda959d32d4470870f8c2136ec3c80d640..1b342b63667a5604f40ead46e6ac6ff9bf2108c4 100644 (file)
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -424,6 +424,16 @@ int ssl3_write_bytes(SSL *ssl, int type, const void *buf_, size_t len,
         return 1;
     }
 
+    /* If we have an alert to send, lets send it */
+    if (s->s3.alert_dispatch) {
+        i = ssl->method->ssl_dispatch_alert(ssl);
+        if (i <= 0) {
+            /* SSLfatal() already called if appropriate */
+            return i;
+        }
+        /* if it went, fall through and send more stuff */
+    }
+
     n = (len - tot);
 
     max_send_fragment = ssl_get_max_send_fragment(s);
Mirror of https://github.com/openssl/openssl.git