提交 3eaa4170 编写于 作者: M Matt Caswell

Make SSL_write_early_finish() an internal only function

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2737)
上级 5f982038
......@@ -1626,7 +1626,6 @@ __owur int SSL_write(SSL *ssl, const void *buf, int num);
__owur int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written);
__owur int SSL_write_early(SSL *s, const void *buf, size_t num,
size_t *written);
__owur int SSL_write_early_finish(SSL *s);
long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
long SSL_callback_ctrl(SSL *, int, void (*)(void));
long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
......
......@@ -105,6 +105,8 @@ static const struct {
},
};
static int ssl_write_early_finish(SSL *s);
static int dane_ctx_enable(struct dane_ctx_st *dctx)
{
const EVP_MD **mdevp;
......@@ -1753,7 +1755,7 @@ int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written)
* We're still writing early data. We need to stop that so we can write
* normal data
*/
if (!SSL_write_early_finish(s))
if (!ssl_write_early_finish(s))
return 0;
} else if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY
|| s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY) {
......@@ -1853,7 +1855,7 @@ int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written)
}
}
int SSL_write_early_finish(SSL *s)
static int ssl_write_early_finish(SSL *s)
{
int ret;
......@@ -3242,21 +3244,14 @@ int SSL_do_handshake(SSL *s)
return -1;
}
if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY
|| s->early_data_state == SSL_EARLY_DATA_READ_RETRY) {
/*
* We skip this if we were called via SSL_read_early() or
* SSL_write_early()
*/
if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {
int edfin;
if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {
int edfin;
edfin = SSL_write_early_finish(s);
if (edfin <= 0)
return edfin;
}
ossl_statem_set_in_init(s, 1);
edfin = ssl_write_early_finish(s);
if (edfin <= 0)
return edfin;
}
ossl_statem_check_finish_init(s, -1);
s->method->ssl_renegotiate_check(s, 0);
......
......@@ -168,9 +168,21 @@ int ossl_statem_skip_early_data(SSL *s)
return 1;
}
/*
* Called when we are in SSL_read*(), SSL_write*(), or SSL_accept()
* /SSL_connect()/SSL_do_handshake(). Used to test whether we are in an early
* data state and whether we should attempt to move the handshake on if so.
* |send| is 1 if we are attempting to send data (SSL_write*()), 0 if we are
* attempting to read data (SSL_read*()), or -1 if we are in SSL_do_handshake()
* or similar.
*/
void ossl_statem_check_finish_init(SSL *s, int send)
{
if (!s->server) {
if (send == -1) {
if (s->statem.hand_state == TLS_ST_PENDING_EARLY_DATA_END
|| s->statem.hand_state == TLS_ST_EARLY_DATA)
ossl_statem_set_in_init(s, 1);
} else if (!s->server) {
if ((send && s->statem.hand_state == TLS_ST_PENDING_EARLY_DATA_END
&& s->early_data_state != SSL_EARLY_DATA_WRITING)
|| (!send && s->statem.hand_state == TLS_ST_EARLY_DATA))
......
......@@ -429,7 +429,6 @@ SSL_CTX_set_max_early_data 429 1_1_1 EXIST::FUNCTION:
SSL_get_max_early_data 430 1_1_1 EXIST::FUNCTION:
SSL_CTX_get_max_early_data 431 1_1_1 EXIST::FUNCTION:
SSL_write_early 432 1_1_1 EXIST::FUNCTION:
SSL_write_early_finish 433 1_1_1 EXIST::FUNCTION:
SSL_read_early 434 1_1_1 EXIST::FUNCTION:
SSL_get_early_data_status 435 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get_max_early_data 436 1_1_1 EXIST::FUNCTION:
SSL_read_early 433 1_1_1 EXIST::FUNCTION:
SSL_get_early_data_status 434 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get_max_early_data 435 1_1_1 EXIST::FUNCTION:
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册