diff options
author | Matt Caswell <matt@openssl.org> | 2016-02-12 12:03:58 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-03-07 21:39:27 +0000 |
commit | 49580f25b3e6239a277c9fc2708c0354f419ec17 (patch) | |
tree | 999a9deacba23fb70b41ab170aca8f2a21650e4e /ssl | |
parent | dad78fb13d790cd06afd6e88067c038d22d7780f (diff) |
Add an SSL_has_pending() function
This is similar to SSL_pending() but just returns a 1 if there is data
pending in the internal OpenSSL buffers or 0 otherwise (as opposed to
SSL_pending() which returns the number of bytes available). Unlike
SSL_pending() this will work even if "read_ahead" is set (which is the
case if you are using read pipelining, or if you are doing DTLS). A 1
return value means that we have unprocessed data. It does *not* necessarily
indicate that there will be application data returned from a call to
SSL_read(). The unprocessed data may not be application data or there
could be errors when we attempt to parse the records.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 4 | ||||
-rw-r--r-- | ssl/record/record.h | 4 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 16 |
3 files changed, 20 insertions, 4 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 83f5cf56db..fb396b9f72 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -186,12 +186,12 @@ void RECORD_LAYER_release(RECORD_LAYER *rl) SSL3_RECORD_release(rl->rrec, SSL_MAX_PIPELINES); } -int RECORD_LAYER_read_pending(RECORD_LAYER *rl) +int RECORD_LAYER_read_pending(const RECORD_LAYER *rl) { return SSL3_BUFFER_get_left(&rl->rbuf) != 0; } -int RECORD_LAYER_write_pending(RECORD_LAYER *rl) +int RECORD_LAYER_write_pending(const RECORD_LAYER *rl) { return (rl->numwpipes > 0) && SSL3_BUFFER_get_left(&rl->wbuf[rl->numwpipes-1]) != 0; diff --git a/ssl/record/record.h b/ssl/record/record.h index a1febc5551..c8c73d8470 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -322,8 +322,8 @@ typedef struct record_layer_st { void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s); void RECORD_LAYER_clear(RECORD_LAYER *rl); void RECORD_LAYER_release(RECORD_LAYER *rl); -int RECORD_LAYER_read_pending(RECORD_LAYER *rl); -int RECORD_LAYER_write_pending(RECORD_LAYER *rl); +int RECORD_LAYER_read_pending(const RECORD_LAYER *rl); +int RECORD_LAYER_write_pending(const RECORD_LAYER *rl); int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len); void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl); void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 4df8339979..89d228600c 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1310,6 +1310,22 @@ int SSL_pending(const SSL *s) return (s->method->ssl_pending(s)); } +int SSL_has_pending(const SSL *s) +{ + /* + * Similar to SSL_pending() but returns a 1 to indicate that we have + * unprocessed data available or 0 otherwise (as opposed to the number of + * bytes available). Unlike SSL_pending() this will take into account + * read_ahead data. A 1 return simply indicates that we have unprocessed + * data. That data may not result in any application data, or we may fail + * to parse the records for some reason. + */ + if (SSL_pending(s)) + return 1; + + return RECORD_LAYER_read_pending(&s->rlayer); +} + X509 *SSL_get_peer_certificate(const SSL *s) { X509 *r; |