Abstract away BIO_flush calls in the handshake.
This is the first part to removing the buffer BIO. The eventual end state is the SSL_PROTOCOL_METHOD is responsible for maintaining one flight's worth of messages. In TLS, it will just be a buffer containing the flight's ciphertext. In DTLS, it's the existing structure for retransmit purposes. There will be hooks: - add_message (synchronous) - add_change_cipher_spec (synchronous) - add_warning_alert (synchronous; needed until we lose SSLv3 client auth and TLS 1.3 draft 18; draft 19 will switch end_of_early_data to a handshake message) - write_flight (BIO; flush_flight will be renamed to this) This also preserves the exact return value of BIO_flush. Eventually all the BIO_write calls will be hidden behind BIO_flush to, to be consistent with other BIO-based calls, preserve the return value. BUG=72 Change-Id: I74cd23759a17356aab3bb475a8ea42bd2cd115c9 Reviewed-on: https://boringssl-review.googlesource.com/13222 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
44c1a65760
commit
8d5f9da2e3
@ -99,6 +99,14 @@ static int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
|
|||||||
return cipher->algorithm_enc != SSL_eNULL;
|
return cipher->algorithm_enc != SSL_eNULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int dtls1_flush_flight(SSL *ssl) {
|
||||||
|
int ret = BIO_flush(ssl->wbio);
|
||||||
|
if (ret <= 0) {
|
||||||
|
ssl->rwstate = SSL_WRITING;
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static void dtls1_expect_flight(SSL *ssl) { dtls1_start_timer(ssl); }
|
static void dtls1_expect_flight(SSL *ssl) { dtls1_start_timer(ssl); }
|
||||||
|
|
||||||
static void dtls1_received_flight(SSL *ssl) { dtls1_stop_timer(ssl); }
|
static void dtls1_received_flight(SSL *ssl) { dtls1_stop_timer(ssl); }
|
||||||
@ -154,6 +162,7 @@ static const SSL_PROTOCOL_METHOD kDTLSProtocolMethod = {
|
|||||||
dtls1_queue_message,
|
dtls1_queue_message,
|
||||||
dtls1_write_message,
|
dtls1_write_message,
|
||||||
dtls1_send_change_cipher_spec,
|
dtls1_send_change_cipher_spec,
|
||||||
|
dtls1_flush_flight,
|
||||||
dtls1_expect_flight,
|
dtls1_expect_flight,
|
||||||
dtls1_received_flight,
|
dtls1_received_flight,
|
||||||
dtls1_set_read_state,
|
dtls1_set_read_state,
|
||||||
|
@ -482,9 +482,8 @@ int ssl3_connect(SSL_HANDSHAKE *hs) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case SSL3_ST_CW_FLUSH:
|
case SSL3_ST_CW_FLUSH:
|
||||||
if (BIO_flush(ssl->wbio) <= 0) {
|
ret = ssl->method->flush_flight(ssl);
|
||||||
ssl->rwstate = SSL_WRITING;
|
if (ret <= 0) {
|
||||||
ret = -1;
|
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
hs->state = hs->next_state;
|
hs->state = hs->next_state;
|
||||||
|
@ -451,9 +451,8 @@ int ssl3_accept(SSL_HANDSHAKE *hs) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case SSL3_ST_SW_FLUSH:
|
case SSL3_ST_SW_FLUSH:
|
||||||
if (BIO_flush(ssl->wbio) <= 0) {
|
ret = ssl->method->flush_flight(ssl);
|
||||||
ssl->rwstate = SSL_WRITING;
|
if (ret <= 0) {
|
||||||
ret = -1;
|
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1346,6 +1346,9 @@ struct ssl_protocol_method_st {
|
|||||||
int (*write_message)(SSL *ssl);
|
int (*write_message)(SSL *ssl);
|
||||||
/* send_change_cipher_spec sends a ChangeCipherSpec message. */
|
/* send_change_cipher_spec sends a ChangeCipherSpec message. */
|
||||||
int (*send_change_cipher_spec)(SSL *ssl);
|
int (*send_change_cipher_spec)(SSL *ssl);
|
||||||
|
/* flush_flight flushes the current flight to the transport. It returns one on
|
||||||
|
* success and <= 0 on error. */
|
||||||
|
int (*flush_flight)(SSL *ssl);
|
||||||
/* expect_flight is called when the handshake expects a flight of messages from
|
/* expect_flight is called when the handshake expects a flight of messages from
|
||||||
* the peer. */
|
* the peer. */
|
||||||
void (*expect_flight)(SSL *ssl);
|
void (*expect_flight)(SSL *ssl);
|
||||||
|
@ -45,9 +45,8 @@ int tls13_handshake(SSL_HANDSHAKE *hs) {
|
|||||||
|
|
||||||
case ssl_hs_flush:
|
case ssl_hs_flush:
|
||||||
case ssl_hs_flush_and_read_message: {
|
case ssl_hs_flush_and_read_message: {
|
||||||
int ret = BIO_flush(ssl->wbio);
|
int ret = ssl->method->flush_flight(ssl);
|
||||||
if (ret <= 0) {
|
if (ret <= 0) {
|
||||||
ssl->rwstate = SSL_WRITING;
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
if (hs->wait != ssl_hs_flush_and_read_message) {
|
if (hs->wait != ssl_hs_flush_and_read_message) {
|
||||||
|
@ -100,6 +100,14 @@ static uint16_t ssl3_version_to_wire(uint16_t version) {
|
|||||||
|
|
||||||
static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }
|
static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }
|
||||||
|
|
||||||
|
static int ssl3_flush_flight(SSL *ssl) {
|
||||||
|
int ret = BIO_flush(ssl->wbio);
|
||||||
|
if (ret <= 0) {
|
||||||
|
ssl->rwstate = SSL_WRITING;
|
||||||
|
}
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
static void ssl3_expect_flight(SSL *ssl) {}
|
static void ssl3_expect_flight(SSL *ssl) {}
|
||||||
|
|
||||||
static void ssl3_received_flight(SSL *ssl) {}
|
static void ssl3_received_flight(SSL *ssl) {}
|
||||||
@ -150,6 +158,7 @@ static const SSL_PROTOCOL_METHOD kTLSProtocolMethod = {
|
|||||||
ssl3_queue_message,
|
ssl3_queue_message,
|
||||||
ssl3_write_message,
|
ssl3_write_message,
|
||||||
ssl3_send_change_cipher_spec,
|
ssl3_send_change_cipher_spec,
|
||||||
|
ssl3_flush_flight,
|
||||||
ssl3_expect_flight,
|
ssl3_expect_flight,
|
||||||
ssl3_received_flight,
|
ssl3_received_flight,
|
||||||
ssl3_set_read_state,
|
ssl3_set_read_state,
|
||||||
|
Loading…
Reference in New Issue
Block a user