From: Matt Caswell <matt@openssl.org>
Date: Wed, 12 Jul 2023 14:50:25 +0000 (+0100)
Subject: Fix ssl3_do_write() to correctly handle retries
X-Git-Tag: openssl-3.1.2~26
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=034ea1d00e5816f35c3e4799d5c122e198e14b59;p=thirdparty%2Fopenssl.git

Fix ssl3_do_write() to correctly handle retries

A BIO is documented to return -1 on write retry - but sometimes they return
0. ssl3_do_write() was incorrectly handling a 0 response.

Fixes #21422

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21435)
---

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 71da19fd9ca..14b5345a039 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -47,7 +47,7 @@ int ssl3_do_write(SSL *s, int type)
 
     ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
                            s->init_num, &written);
-    if (ret < 0)
+    if (ret <= 0)
         return -1;
     if (type == SSL3_RT_HANDSHAKE)
         /*