From: Matt Caswell <matt@openssl.org>
Date: Wed, 12 Jul 2023 14:50:25 +0000 (+0100)
Subject: Fix ssl3_do_write() to correctly handle retries
X-Git-Tag: openssl-3.2.0-alpha1~406
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=404fb9965ed0dc7752d80f72c93358dfb45125c8;p=thirdparty%2Fopenssl.git

Fix ssl3_do_write() to correctly handle retries

A BIO is documented to return -1 on write retry - but sometimes they return
0. ssl3_do_write() was incorrectly handling a 0 response.

Fixes #21422

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21434)
---

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 635e84a764c..406788bbfc1 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -92,7 +92,7 @@ int ssl3_do_write(SSL_CONNECTION *s, int type)
 
     ret = ssl3_write_bytes(ssl, type, &s->init_buf->data[s->init_off],
                            s->init_num, &written);
-    if (ret < 0)
+    if (ret <= 0)
         return -1;
     if (type == SSL3_RT_HANDSHAKE)
         /*