From: Stefan Eissing <stefan@eissing.org>
Date: Tue, 6 Dec 2022 07:47:32 +0000 (+0100)
Subject: wolfssl: remove special BIO return code handling
X-Git-Tag: curl-7_87_0~59
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2d3e20a2fc1d96680b15b8abdc3304ae45d307a9;p=thirdparty%2Fcurl.git

wolfssl: remove special BIO return code handling

- rely solely on the retry flag in BIO, similar to OpenSSL vtls
  implementation.

Ref: https://github.com/curl/curl/pull/10021#issuecomment-1336147053

Closes #10033
---

diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index aaac828ab7..7cc4774e83 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -94,7 +94,6 @@
 struct ssl_backend_data {
   SSL_CTX* ctx;
   SSL*     handle;
-  CURLcode io_result;
 };
 
 #ifdef OPENSSL_EXTRA
@@ -308,19 +307,8 @@ static int bio_cf_out_write(WOLFSSL_BIO *bio, const char *buf, int blen)
   DEBUGASSERT(data);
   nwritten = Curl_conn_cf_send(cf->next, data, buf, blen, &result);
   wolfSSL_BIO_clear_retry_flags(bio);
-  /* wolfSSL is limited in error handling and SSL_read() will
-   * return WANT_READ, even though retry was not indicated by
-   * the installed BIO. */
-  connssl->backend->io_result = result;
-  if(nwritten < 0) {
-    if(CURLE_AGAIN == result) {
-      BIO_set_retry_read(bio);
-      nwritten = 0;
-    }
-    else {
-      nwritten = -1;
-    }
-  }
+  if(nwritten < 0 && CURLE_AGAIN == result)
+    BIO_set_retry_read(bio);
   return (int)nwritten;
 }
 
@@ -339,19 +327,8 @@ static int bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen)
 
   nread = Curl_conn_cf_recv(cf->next, data, buf, blen, &result);
   wolfSSL_BIO_clear_retry_flags(bio);
-  /* wolfSSL is limited in error handling and SSL_read() will
-   * return WANT_READ, even though retry was not indicated by
-   * the installed BIO. */
-  connssl->backend->io_result = result;
-  if(nread < 0) {
-    if(CURLE_AGAIN == result) {
-      BIO_set_retry_read(bio);
-      nread = 0;
-    }
-    else {
-      nread = -1;
-    }
-  }
+  if(nread < 0 && CURLE_AGAIN == result)
+    BIO_set_retry_read(bio);
   return (int)nread;
 }
 
@@ -794,10 +771,7 @@ wolfssl_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
     char error_buffer[WOLFSSL_MAX_ERROR_SZ];
     int  detail = SSL_get_error(backend->handle, ret);
 
-    if(backend->io_result != CURLE_OK && backend->io_result != CURLE_AGAIN) {
-      return backend->io_result;
-    }
-    else if(SSL_ERROR_WANT_READ == detail) {
+    if(SSL_ERROR_WANT_READ == detail) {
       connssl->connecting_state = ssl_connect_2_reading;
       return CURLE_OK;
     }
@@ -1025,10 +999,6 @@ static ssize_t wolfssl_send(struct Curl_cfilter *cf,
   if(rc <= 0) {
     int err = SSL_get_error(backend->handle, rc);
 
-    if(backend->io_result != CURLE_OK && backend->io_result != CURLE_AGAIN) {
-      *curlcode = backend->io_result;
-      return -1;
-    }
     switch(err) {
     case SSL_ERROR_WANT_READ:
     case SSL_ERROR_WANT_WRITE:
@@ -1091,10 +1061,6 @@ static ssize_t wolfssl_recv(struct Curl_cfilter *cf,
   if(nread <= 0) {
     int err = SSL_get_error(backend->handle, nread);
 
-    if(backend->io_result != CURLE_OK && backend->io_result != CURLE_AGAIN) {
-      *curlcode = backend->io_result;
-      return -1;
-    }
     switch(err) {
     case SSL_ERROR_ZERO_RETURN: /* no more data */
       break;