From: Arne Schwabe <arne@rfc2549.org>
Date: Fri, 22 Apr 2022 14:29:46 +0000 (+0200)
Subject: Extract read_incoming_tls_ciphertext into function
X-Git-Tag: v2.6_beta1~212
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8b9b8f91b76af59e26edee46f1a1f4eebdca762b;p=thirdparty%2Fopenvpn.git

Extract read_incoming_tls_ciphertext into function

This makes the code a bit more structured and easier to read.
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20220422142953.3805364-12-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24152.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 37eee8b9b..e54977f5a 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2524,6 +2524,37 @@ session_skip_to_pre_start(struct tls_session *session,
     return session_move_pre_start(session, ks, true);
 }
 
+/**
+ * Read incoming ciphertext and passes it to the buffer of the SSL library.
+ * Returns false if an error is encountered that should abort the session.
+ */
+static bool
+read_incoming_tls_ciphertext(struct buffer *buf, struct key_state *ks,
+                             bool *state_change)
+{
+    int status = 0;
+    if (buf->len)
+    {
+        status = key_state_write_ciphertext(&ks->ks_ssl, buf);
+        if (status == -1)
+        {
+            msg(D_TLS_ERRORS,
+                "TLS Error: Incoming Ciphertext -> TLS object write error");
+            return false;
+        }
+    }
+    else
+    {
+        status = 1;
+    }
+    if (status == 1)
+    {
+        reliable_mark_deleted(ks->rec_reliable, buf);
+        *state_change = true;
+        dmsg(D_TLS_DEBUG, "Incoming Ciphertext -> TLS");
+    }
+    return true;
+}
 
 
 static bool
@@ -2594,27 +2625,9 @@ tls_process_state(struct tls_multi *multi,
     struct reliable_entry *entry = reliable_get_entry_sequenced(ks->rec_reliable);
     if (entry)
     {
-        struct buffer *buf = &entry->buf;
-        int status = 0;
-        if (buf->len)
-        {
-            status = key_state_write_ciphertext(&ks->ks_ssl, buf);
-            if (status == -1)
-            {
-                msg(D_TLS_ERRORS,
-                    "TLS Error: Incoming Ciphertext -> TLS object write error");
-                goto error;
-            }
-        }
-        else
-        {
-            status = 1;
-        }
-        if (status == 1)
+        if (!read_incoming_tls_ciphertext(&entry->buf, ks, &state_change))
         {
-            reliable_mark_deleted(ks->rec_reliable, buf);
-            state_change = true;
-            dmsg(D_TLS_DEBUG, "Incoming Ciphertext -> TLS");
+            goto error;
         }
     }