Convert SSL BIO to use SSL_write_ex().

We also modify the SSL_get_error() function to handle the fact that with
SSL_write_ex() the error return is 0 not -1, and fix some bugs in the
SSL BIO reading.

Reviewed-by: Rich Salz <rsalz@openssl.org>

1 files changed, 5 insertions, 13 deletions

diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index d64451c704..e2769e1d6a 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -28,7 +28,7 @@ typedef struct bio_ssl_st {
     /* re-negotiate every time the total number of bytes is this size */
     int num_renegotiates;
     unsigned long renegotiate_count;
-    unsigned long byte_count;
+    size_t byte_count;
     unsigned long renegotiate_timeout;
     unsigned long last_time;
 } BIO_SSL;
@@ -112,7 +112,7 @@ static int ssl_read(BIO *b, char *buf, size_t size, size_t *readbytes)
 
     switch (SSL_get_error(ssl, ret)) {
     case SSL_ERROR_NONE:
-        if (ret <= 0)
+        if (*readbytes == 0)
             break;
         if (sb->renegotiate_count > 0) {
             sb->byte_count += *readbytes;
@@ -179,17 +179,14 @@ static int ssl_write(BIO *b, const char *buf, size_t size, size_t *written)
 
     BIO_clear_retry_flags(b);
 
-    if (size > INT_MAX)
-        size = INT_MAX;
-
-    ret = SSL_write(ssl, buf, size);
+    ret = SSL_write_ex(ssl, buf, size, written);
 
     switch (SSL_get_error(ssl, ret)) {
     case SSL_ERROR_NONE:
-        if (ret <= 0)
+        if (*written == 0)
             break;
         if (bs->renegotiate_count > 0) {
-            bs->byte_count += ret;
+            bs->byte_count += *written;
             if (bs->byte_count > bs->renegotiate_count) {
                 bs->byte_count = 0;
                 bs->num_renegotiates++;
@@ -229,11 +226,6 @@ static int ssl_write(BIO *b, const char *buf, size_t size, size_t *written)
 
     BIO_set_retry_reason(b, retry_reason);
 
-    if (ret > 0) {
-        *written = ret;
-        ret = 1;
-    }
-
     return ret;
 }