commit 144bc224e978bea0f667ebff647683c14c120d3f
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Apr 17 20:39:07 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Apr 17 20:39:07 2015 +0200
tree 8780124c5699e3088ece62eca2cf5412ee6bf05f
parent 53c76c07de26b0541321a87d6ec60061a638b042
parent a2fce21ae5b5bd74c66e305f864ff5875cf9df81

Merge branch 'mbedtls-1.3' into development

* commit 'a2fce21':
  Fix potential NULL dereference on bad usage

Conflicts:
	library/ssl_tls.c

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3dccb43..85a2622 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6327,38 +6327,17 @@
 }
 
 /*
- * Send application data to be encrypted by the SSL layer
+ * Send application data to be encrypted by the SSL layer,
+ * taking care of max fragment length and buffer size
  */
-#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-static int ssl_write_real( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
-#else
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
-#endif
+static int ssl_write_real( mbedtls_ssl_context *ssl,
+                           const unsigned char *buf, size_t len )
 {
     int ret;
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
     unsigned int max_len;
 #endif
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) );
-
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 )
-    {
-        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
-        return( ret );
-    }
-#endif
-
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
-    {
-        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
-            return( ret );
-        }
-    }
-
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
     /*
      * Assume mfl_code is correct since it was checked when set
@@ -6411,8 +6390,6 @@
         }
     }
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) );
-
     return( (int) len );
 }
 
@@ -6424,7 +6401,8 @@
  * remember wether we already did the split or not.
  */
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
+static int ssl_write_split( mbedtls_ssl_context *ssl,
+                            const unsigned char *buf, size_t len )
 {
     int ret;
 
@@ -6453,6 +6431,43 @@
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
 
 /*
+ * Write application data (public-facing wrapper)
+ */
+int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
+        return( ret );
+    }
+#endif
+
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_handshake", ret );
+            return( ret );
+        }
+    }
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    ret = ssl_write_split( ssl, buf, len );
+#else
+    ret = ssl_write_real( ssl, buf, len );
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) );
+
+    return( ret );
+}
+
+/*
  * Notify the peer that the connection is being closed
  */
 int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl )