From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 5 Apr 2018 08:10:25 +0000 (+0000)
Subject: - Combine write of tcp length and tcp query for dns over tls.
X-Git-Tag: release-1.7.1rc1~63
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2be98b581a19a12b57058e7045239734fc05925a;p=thirdparty%2Funbound.git

- Combine write of tcp length and tcp query for dns over tls.


git-svn-id: file:///svn/unbound/trunk@4601 be551aaa-1e26-0410-a405-d3ace91eadb9
---

diff --git a/doc/Changelog b/doc/Changelog
index 25e8d308f..df5c20b50 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+5 April 2018: Wouter
+	- Combine write of tcp length and tcp query for dns over tls.
+
 3 April 2018: Wouter
 	- Fix #4043: make test fails due to v6 presentation issue in macOS.
 	- Fix unable to resolve after new WLAN connection, due to auth-zone
diff --git a/util/netevent.c b/util/netevent.c
index fc6f6a9ea..f0d72e038 100644
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -46,6 +46,7 @@
 #include "util/fptr_wlist.h"
 #include "sldns/pkthdr.h"
 #include "sldns/sbuffer.h"
+#include "sldns/str2wire.h"
 #include "dnstap/dnstap.h"
 #include "dnscrypt/dnscrypt.h"
 #ifdef HAVE_OPENSSL_SSL_H
@@ -1209,9 +1210,24 @@ ssl_handle_write(struct comm_point* c)
 	if(c->tcp_byte_count < sizeof(uint16_t)) {
 		uint16_t len = htons(sldns_buffer_limit(c->buffer));
 		ERR_clear_error();
-		r = SSL_write(c->ssl,
-			(void*)(((uint8_t*)&len)+c->tcp_byte_count),
-			(int)(sizeof(uint16_t)-c->tcp_byte_count));
+		if(sizeof(uint16_t)+sldns_buffer_remaining(c->buffer) <
+			LDNS_RR_BUF_SIZE) {
+			/* combine the tcp length and the query for write,
+			 * this emulates writev */
+			uint8_t buf[LDNS_RR_BUF_SIZE];
+			memmove(buf, &len, sizeof(uint16_t));
+			memmove(buf+sizeof(uint16_t),
+				sldns_buffer_current(c->buffer),
+				sldns_buffer_remaining(c->buffer));
+			r = SSL_write(c->ssl, (void*)(buf+c->tcp_byte_count),
+				(int)(sizeof(uint16_t)+
+				sldns_buffer_remaining(c->buffer)
+				- c->tcp_byte_count));
+		} else {
+			r = SSL_write(c->ssl,
+				(void*)(((uint8_t*)&len)+c->tcp_byte_count),
+				(int)(sizeof(uint16_t)-c->tcp_byte_count));
+		}
 		if(r <= 0) {
 			int want = SSL_get_error(c->ssl, r);
 			if(want == SSL_ERROR_ZERO_RETURN) {