From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Fri, 16 Apr 2021 16:08:50 +0000 (+0200)
Subject: lib-ssl-iostream: iostream-openssl - Add OPENSSL_IOSTREAM_SYNC_TYPE_NONE.
X-Git-Tag: 2.3.18~290
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b4a2da442ddec9240931d393020c25c2210ac23d;p=thirdparty%2Fdovecot%2Fcore.git

lib-ssl-iostream: iostream-openssl - Add OPENSSL_IOSTREAM_SYNC_TYPE_NONE.

This is useful for calling openssl_iostream_handle_error() while avoiding
processing more I/O.
---

diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c
index ab5f3dd819..130f368451 100644
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -537,6 +537,8 @@ int openssl_iostream_bio_sync(struct ssl_iostream *ssl_io,
 {
 	int ret;
 
+	i_assert(type != OPENSSL_IOSTREAM_SYNC_TYPE_NONE);
+
 	ret = openssl_iostream_bio_output(ssl_io);
 	if (ret >= 0 && openssl_iostream_bio_input(ssl_io, type) > 0)
 		ret = 1;
@@ -565,7 +567,8 @@ int openssl_iostream_handle_error(struct ssl_iostream *ssl_io, int ret,
 	err = SSL_get_error(ssl_io->ssl, ret);
 	switch (err) {
 	case SSL_ERROR_WANT_WRITE:
-		if (openssl_iostream_bio_sync(ssl_io, type) == 0) {
+		if (type != OPENSSL_IOSTREAM_SYNC_TYPE_NONE &&
+		    openssl_iostream_bio_sync(ssl_io, type) == 0) {
 			if (type != OPENSSL_IOSTREAM_SYNC_TYPE_WRITE)
 				i_panic("SSL ostream buffer size not unlimited");
 			return 0;
@@ -574,14 +577,19 @@ int openssl_iostream_handle_error(struct ssl_iostream *ssl_io, int ret,
 			openssl_iostream_closed(ssl_io);
 			return -1;
 		}
+		if (type == OPENSSL_IOSTREAM_SYNC_TYPE_NONE)
+			return 0;
 		return 1;
 	case SSL_ERROR_WANT_READ:
 		ssl_io->want_read = TRUE;
-		(void)openssl_iostream_bio_sync(ssl_io, type);
+		if (type != OPENSSL_IOSTREAM_SYNC_TYPE_NONE)
+			(void)openssl_iostream_bio_sync(ssl_io, type);
 		if (ssl_io->closed) {
 			openssl_iostream_closed(ssl_io);
 			return -1;
 		}
+		if (type == OPENSSL_IOSTREAM_SYNC_TYPE_NONE)
+			return 0;
 		return ssl_io->want_read ? 0 : 1;
 	case SSL_ERROR_SYSCALL:
 		/* eat up the error queue */
diff --git a/src/lib-ssl-iostream/iostream-openssl.h b/src/lib-ssl-iostream/iostream-openssl.h
index 70f9649fc7..4449668050 100644
--- a/src/lib-ssl-iostream/iostream-openssl.h
+++ b/src/lib-ssl-iostream/iostream-openssl.h
@@ -9,6 +9,7 @@
 #  define ASN1_STRING_get0_data(str) ASN1_STRING_data(str)
 #endif
 enum openssl_iostream_sync_type {
+	OPENSSL_IOSTREAM_SYNC_TYPE_NONE,
 	OPENSSL_IOSTREAM_SYNC_TYPE_FIRST_READ,
 	OPENSSL_IOSTREAM_SYNC_TYPE_CONTINUE_READ,
 	OPENSSL_IOSTREAM_SYNC_TYPE_WRITE,