The ctrl hooks are left alone since they should just go away. Simplifying the cipher story will happen in the next CL. BUG=468889 Change-Id: I979971c90f59c55cd5d17554f1253158b114f18b Reviewed-on: https://boringssl-review.googlesource.com/4957 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
@@ -883,9 +883,3 @@ void dtls1_get_message_header(uint8_t *data, | |||
n2l3(data, msg_hdr->frag_off); | |||
n2l3(data, msg_hdr->frag_len); | |||
} | |||
int dtls1_shutdown(SSL *s) { | |||
int ret; | |||
ret = ssl3_shutdown(s); | |||
return ret; | |||
} |
@@ -64,10 +64,6 @@ static const SSL_PROTOCOL_METHOD DTLS_protocol_method = { | |||
dtls1_free, | |||
dtls1_accept, | |||
dtls1_connect, | |||
ssl3_read, | |||
ssl3_peek, | |||
ssl3_write, | |||
dtls1_shutdown, | |||
dtls1_get_message, | |||
dtls1_read_app_data, | |||
dtls1_read_close_notify, | |||
@@ -75,7 +71,6 @@ static const SSL_PROTOCOL_METHOD DTLS_protocol_method = { | |||
dtls1_dispatch_alert, | |||
ssl3_ctrl, | |||
ssl3_ctx_ctrl, | |||
ssl3_pending, | |||
ssl3_num_ciphers, | |||
dtls1_get_cipher, | |||
DTLS1_HM_HEADER_LENGTH, | |||
@@ -637,10 +637,6 @@ struct ssl_protocol_method_st { | |||
void (*ssl_free)(SSL *s); | |||
int (*ssl_accept)(SSL *s); | |||
int (*ssl_connect)(SSL *s); | |||
int (*ssl_read)(SSL *s, void *buf, int len); | |||
int (*ssl_peek)(SSL *s, void *buf, int len); | |||
int (*ssl_write)(SSL *s, const void *buf, int len); | |||
int (*ssl_shutdown)(SSL *s); | |||
long (*ssl_get_message)(SSL *s, int header_state, int body_state, | |||
int msg_type, long max, | |||
enum ssl_hash_message_t hash_message, int *ok); | |||
@@ -650,7 +646,6 @@ struct ssl_protocol_method_st { | |||
int (*ssl_dispatch_alert)(SSL *s); | |||
long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg); | |||
long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg); | |||
int (*ssl_pending)(const SSL *s); | |||
size_t (*num_ciphers)(void); | |||
const SSL_CIPHER *(*get_cipher)(size_t i); | |||
/* Handshake header length */ | |||
@@ -926,13 +921,8 @@ int ssl3_new(SSL *s); | |||
void ssl3_free(SSL *s); | |||
int ssl3_accept(SSL *s); | |||
int ssl3_connect(SSL *s); | |||
int ssl3_read(SSL *s, void *buf, int len); | |||
int ssl3_peek(SSL *s, void *buf, int len); | |||
int ssl3_write(SSL *s, const void *buf, int len); | |||
int ssl3_shutdown(SSL *s); | |||
long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg); | |||
long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg); | |||
int ssl3_pending(const SSL *s); | |||
/* ssl3_record_sequence_update increments the sequence number in |seq|. It | |||
* returns one on success and zero on wraparound. */ | |||
@@ -1020,7 +1010,6 @@ int dtls1_new(SSL *s); | |||
int dtls1_accept(SSL *s); | |||
int dtls1_connect(SSL *s); | |||
void dtls1_free(SSL *s); | |||
int dtls1_shutdown(SSL *s); | |||
long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, | |||
enum ssl_hash_message_t hash_message, int *ok); | |||
@@ -501,15 +501,6 @@ const SSL_CIPHER *ssl3_get_cipher(size_t i) { | |||
return &ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - i]; | |||
} | |||
int ssl3_pending(const SSL *s) { | |||
if (s->rstate == SSL_ST_READ_BODY) { | |||
return 0; | |||
} | |||
return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length | |||
: 0; | |||
} | |||
int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) { | |||
uint8_t *p = (uint8_t *)s->init_buf->data; | |||
*(p++) = htype; | |||
@@ -1117,69 +1108,6 @@ static int ssl3_set_req_cert_type(CERT *c, const uint8_t *p, size_t len) { | |||
return 1; | |||
} | |||
int ssl3_shutdown(SSL *s) { | |||
int ret; | |||
/* Do nothing if configured not to send a close_notify. */ | |||
if (s->quiet_shutdown) { | |||
s->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN; | |||
return 1; | |||
} | |||
if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { | |||
s->shutdown |= SSL_SENT_SHUTDOWN; | |||
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); | |||
/* our shutdown alert has been sent now, and if it still needs to be | |||
* written, s->s3->alert_dispatch will be true */ | |||
if (s->s3->alert_dispatch) { | |||
return -1; /* return WANT_WRITE */ | |||
} | |||
} else if (s->s3->alert_dispatch) { | |||
/* resend it if not sent */ | |||
ret = s->method->ssl_dispatch_alert(s); | |||
if (ret == -1) { | |||
/* we only get to return -1 here the 2nd/Nth invocation, we must have | |||
* already signalled return 0 upon a previous invoation, return | |||
* WANT_WRITE */ | |||
return ret; | |||
} | |||
} else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | |||
/* If we are waiting for a close from our peer, we are closed */ | |||
s->method->ssl_read_close_notify(s); | |||
if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | |||
return -1; /* return WANT_READ */ | |||
} | |||
} | |||
if (s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN) && | |||
!s->s3->alert_dispatch) { | |||
return 1; | |||
} else { | |||
return 0; | |||
} | |||
} | |||
int ssl3_write(SSL *s, const void *buf, int len) { | |||
ERR_clear_system_error(); | |||
return s->method->ssl_write_app_data(s, buf, len); | |||
} | |||
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek) { | |||
ERR_clear_system_error(); | |||
return s->method->ssl_read_app_data(s, buf, len, peek); | |||
} | |||
int ssl3_read(SSL *s, void *buf, int len) { | |||
return ssl3_read_internal(s, buf, len, 0); | |||
} | |||
int ssl3_peek(SSL *s, void *buf, int len) { | |||
return ssl3_read_internal(s, buf, len, 1); | |||
} | |||
/* If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and | |||
* handshake macs if required. */ | |||
uint32_t ssl_get_algorithm2(SSL *s) { | |||
@@ -63,10 +63,6 @@ static const SSL_PROTOCOL_METHOD TLS_protocol_method = { | |||
ssl3_free, | |||
ssl3_accept, | |||
ssl3_connect, | |||
ssl3_read, | |||
ssl3_peek, | |||
ssl3_write, | |||
ssl3_shutdown, | |||
ssl3_get_message, | |||
ssl3_read_app_data, | |||
ssl3_read_close_notify, | |||
@@ -74,7 +70,6 @@ static const SSL_PROTOCOL_METHOD TLS_protocol_method = { | |||
ssl3_dispatch_alert, | |||
ssl3_ctrl, | |||
ssl3_ctx_ctrl, | |||
ssl3_pending, | |||
ssl3_num_ciphers, | |||
ssl3_get_cipher, | |||
SSL3_HM_HEADER_LENGTH, | |||
@@ -759,7 +759,12 @@ void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes) { } | |||
void SSL_set_read_ahead(SSL *s, int yes) { } | |||
int SSL_pending(const SSL *s) { | |||
return s->method->ssl_pending(s); | |||
if (s->rstate == SSL_ST_READ_BODY) { | |||
return 0; | |||
} | |||
return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length | |||
: 0; | |||
} | |||
X509 *SSL_get_peer_certificate(const SSL *s) { | |||
@@ -882,7 +887,8 @@ int SSL_read(SSL *s, void *buf, int num) { | |||
return 0; | |||
} | |||
return s->method->ssl_read(s, buf, num); | |||
ERR_clear_system_error(); | |||
return s->method->ssl_read_app_data(s, buf, num, 0); | |||
} | |||
int SSL_peek(SSL *s, void *buf, int num) { | |||
@@ -895,7 +901,8 @@ int SSL_peek(SSL *s, void *buf, int num) { | |||
return 0; | |||
} | |||
return s->method->ssl_peek(s, buf, num); | |||
ERR_clear_system_error(); | |||
return s->method->ssl_read_app_data(s, buf, num, 1); | |||
} | |||
int SSL_write(SSL *s, const void *buf, int num) { | |||
@@ -910,7 +917,8 @@ int SSL_write(SSL *s, const void *buf, int num) { | |||
return -1; | |||
} | |||
return s->method->ssl_write(s, buf, num); | |||
ERR_clear_system_error(); | |||
return s->method->ssl_write_app_data(s, buf, num); | |||
} | |||
int SSL_shutdown(SSL *s) { | |||
@@ -924,11 +932,48 @@ int SSL_shutdown(SSL *s) { | |||
return -1; | |||
} | |||
if (!SSL_in_init(s)) { | |||
return s->method->ssl_shutdown(s); | |||
if (SSL_in_init(s)) { | |||
return 1; | |||
} | |||
/* Do nothing if configured not to send a close_notify. */ | |||
if (s->quiet_shutdown) { | |||
s->shutdown = SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN; | |||
return 1; | |||
} | |||
return 1; | |||
if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { | |||
s->shutdown |= SSL_SENT_SHUTDOWN; | |||
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); | |||
/* our shutdown alert has been sent now, and if it still needs to be | |||
* written, s->s3->alert_dispatch will be true */ | |||
if (s->s3->alert_dispatch) { | |||
return -1; /* return WANT_WRITE */ | |||
} | |||
} else if (s->s3->alert_dispatch) { | |||
/* resend it if not sent */ | |||
int ret = s->method->ssl_dispatch_alert(s); | |||
if (ret == -1) { | |||
/* we only get to return -1 here the 2nd/Nth invocation, we must have | |||
* already signalled return 0 upon a previous invoation, return | |||
* WANT_WRITE */ | |||
return ret; | |||
} | |||
} else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | |||
/* If we are waiting for a close from our peer, we are closed */ | |||
s->method->ssl_read_close_notify(s); | |||
if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | |||
return -1; /* return WANT_READ */ | |||
} | |||
} | |||
if (s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN) && | |||
!s->s3->alert_dispatch) { | |||
return 1; | |||
} else { | |||
return 0; | |||
} | |||
} | |||
int SSL_renegotiate(SSL *ssl) { | |||