OpenSSL: Remove extra BIO_write() call on TLS client

openssl_handshake() was checking only that in_data is not NULL and not
its length when determining whether to call BIO_write(). Extend that to
check the buffer length as well. In practice, this removes an
unnecessary BIO_write() call at the beginning of a TLS handshake on the
client side. This did not cause issues with OpenSSL versions up to
1.0.2, but that call seems to fail with the current OpenSSL 1.1.0
degvelopment snapshot. There is no need for that zero-length BIO_write()
call, so remove it.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index eff942cacd2cffb3a673dcbc6c9c14b3e83a7bf8..3015a152a331b5041f4a3b88a7130382b6dbbbb2 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2795,7 +2795,7 @@ openssl_handshake(struct tls_connection *conn, const struct wpabuf *in_data,
         * Give TLS handshake data from the server (if available) to OpenSSL
         * for processing.
         */
-       if (in_data &&
+       if (in_data && wpabuf_len(in_data) > 0 &&
            BIO_write(conn->ssl_in, wpabuf_head(in_data), wpabuf_len(in_data))
            < 0) {
                tls_show_errors(MSG_INFO, __func__,