diff options
| -rw-r--r-- | apps/s_client.c | 2 | ||||
| -rw-r--r-- | doc/man3/SSL_read_early.pod | 44 | ||||
| -rw-r--r-- | include/openssl/ssl.h | 6 | ||||
| -rw-r--r-- | ssl/ssl_err.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 2 | ||||
| -rw-r--r-- | test/sslapitest.c | 14 | ||||
| -rw-r--r-- | util/libssl.num | 2 |
7 files changed, 36 insertions, 36 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index fdfd90bf1e..b48c3066a7 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2375,7 +2375,7 @@ int s_client_main(int argc, char **argv) if (!BIO_read_ex(edfile, cbuf, BUFSIZZ, &readbytes)) finish = 1; - while (!SSL_write_early(con, cbuf, readbytes, &writtenbytes)) { + while (!SSL_write_early_data(con, cbuf, readbytes, &writtenbytes)) { switch (SSL_get_error(con, 0)) { case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_ASYNC: diff --git a/doc/man3/SSL_read_early.pod b/doc/man3/SSL_read_early.pod index 232f38626d..5639876673 100644 --- a/doc/man3/SSL_read_early.pod +++ b/doc/man3/SSL_read_early.pod @@ -7,7 +7,7 @@ SSL_CTX_set_max_early_data, SSL_get_max_early_data, SSL_CTX_get_max_early_data, SSL_SESSION_get_max_early_data, -SSL_write_early, +SSL_write_early_data, SSL_read_early_data, SSL_get_early_data_status - functions for sending and receiving early data @@ -22,7 +22,7 @@ SSL_get_early_data_status uint32_t SSL_get_max_early_data(const SSL_CTX *s); uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s); - int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written); + int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written); int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes); @@ -60,24 +60,24 @@ determine whether a session established with a server can be used to send early data. If the session cannot be used then this function will return 0. Otherwise it will return the maximum number of early data bytes that can be sent. -A client uses the function SSL_write_early() to send early data. This function -works in the same way as the L<SSL_write_ex(3)> function, but with a few -differences. Refer to the L<SSL_write_ex(3)> documentation for +A client uses the function SSL_write_early_data() to send early data. This +function works in the same way as the L<SSL_write_ex(3)> function, but with a +few differences. Refer to the L<SSL_write_ex(3)> documentation for information on how to write bytes to the underlying connection, and how to handle any errors that may arise. This page will detail the differences between -SSL_write_early() and L<SSL_write_ex(3)>. +SSL_write_early_data() and L<SSL_write_ex(3)>. -SSL_write_early() must be the first IO function called on a new connection, i.e. -it must occur before any calls to L<SSL_write_ex(3)>, L<SSL_read_ex(3)>, +SSL_write_early_data() must be the first IO function called on a new connection, +i.e. it must occur before any calls to L<SSL_write_ex(3)>, L<SSL_read_ex(3)>, L<SSL_connect(3)>, L<SSL_do_handshake(3)> or other similar functions. It may be called multiple times to stream data to the server, but the total number of bytes written must not exceed the value returned from -SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early() call has -completed successfully the client may interleave calls to L<SSL_read_ex(3)> and -L<SSL_read(3)> with calls to SSL_write_early() as required. +SSL_SESSION_get_max_early_data(). Once the initial SSL_write_early_data() call +has completed successfully the client may interleave calls to L<SSL_read_ex(3)> +and L<SSL_read(3)> with calls to SSL_write_early_data() as required. -If SSL_write_early() fails you should call L<SSL_get_error(3)> to determine the -correct course of action, as for L<SSL_write_ex(3)>. +If SSL_write_early_data() fails you should call L<SSL_get_error(3)> to determine +the correct course of action, as for L<SSL_write_ex(3)>. When the client no longer wishes to send any more early data then it should complete the handshake by calling a function such as L<SSL_connect(3)> or @@ -85,7 +85,7 @@ L<SSL_do_handshake(3)>. Alternatively you can call a standard write function such as L<SSL_write_ex(3)>, which will transparently complete the connection and write the requested data. -Only clients may call SSL_write_early(). +Only clients may call SSL_write_early_data(). A server may choose to ignore early data that has been sent to it. Once the connection has been completed you can determine whether the server accepted or @@ -95,10 +95,10 @@ was rejected or SSL_EARLY_DATA_NOT_SENT if no early data was sent. This function may be called by either the client or the server. A server uses the SSL_read_early_data() function to receive early data on a -connection. As for SSL_write_early() this must be the first IO function called -on a connection, i.e. it must occur before any calls to L<SSL_write_ex(3)>, -L<SSL_read_ex(3)>, L<SSL_accept(3)>, L<SSL_do_handshake(3)>, or other similar -functions. +connection. As for SSL_write_early_data() this must be the first IO function +called on a connection, i.e. it must occur before any calls to +L<SSL_write_ex(3)>, L<SSL_read_ex(3)>, L<SSL_accept(3)>, L<SSL_do_handshake(3)>, +or other similar functions. SSL_read_early_data() works in the same way as L<SSL_read_ex(3)> except for the differences noted here. Refer to the L<SSL_read_ex(3)> documentation for full @@ -127,9 +127,9 @@ or if the early data was rejected. =back -Once the initial SSL_write_early() call has completed successfully the client -may interleave calls to L<SSL_write_ex(3)> and L<SSL_write(3)> with calls to -SSL_read_early_data() as required. As noted above data sent via +Once the initial SSL_read_early_data() call has completed successfully the +server may interleave calls to L<SSL_write_ex(3)> and L<SSL_write(3)> with calls +to SSL_read_early_data() as required. As noted above data sent via L<SSL_write_ex(3)> or L<SSL_write(3)> in this way is sent to an unauthenticated client. @@ -166,7 +166,7 @@ with then the lower of the two values will apply. =head1 RETURN VALUES -SSL_write_early() returns 1 for success or 0 for failure. In the event of a +SSL_write_early_data() returns 1 for success or 0 for failure. In the event of a failure call L<SSL_get_error(3)> to determine the correct course of action. SSL_read_early_data() returns SSL_READ_EARLY_DATA_ERROR for failure, diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 1829c5b813..2b4464cb1b 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1625,8 +1625,8 @@ __owur int SSL_peek(SSL *ssl, void *buf, int num); __owur int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes); __owur int SSL_write(SSL *ssl, const void *buf, int num); __owur int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written); -__owur int SSL_write_early(SSL *s, const void *buf, size_t num, - size_t *written); +__owur int SSL_write_early_data(SSL *s, const void *buf, size_t num, + size_t *written); long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); long SSL_callback_ctrl(SSL *, int, void (*)(void)); long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); @@ -2311,7 +2311,7 @@ int ERR_load_SSL_strings(void); # define SSL_F_SSL_VALIDATE_CT 400 # define SSL_F_SSL_VERIFY_CERT_CHAIN 207 # define SSL_F_SSL_WRITE 208 -# define SSL_F_SSL_WRITE_EARLY 526 +# define SSL_F_SSL_WRITE_EARLY_DATA 526 # define SSL_F_SSL_WRITE_EARLY_FINISH 527 # define SSL_F_SSL_WRITE_EX 433 # define SSL_F_SSL_WRITE_INTERNAL 524 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 0a23218d8f..6fe8e6e8a6 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -255,7 +255,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL_VALIDATE_CT), "ssl_validate_ct"}, {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"}, {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"}, - {ERR_FUNC(SSL_F_SSL_WRITE_EARLY), "SSL_write_early"}, + {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_DATA), "SSL_write_early_data"}, {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "SSL_write_early_finish"}, {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"}, {ERR_FUNC(SSL_F_SSL_WRITE_INTERNAL), "ssl_write_internal"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9635989908..c3496e7b48 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1816,7 +1816,7 @@ int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written) return ret; } -int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written) +int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) { int ret; diff --git a/test/sslapitest.c b/test/sslapitest.c index 1cd850c1ce..253e2021fc 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -1604,7 +1604,7 @@ static int test_early_data_read_write(void) goto end; /* Write and read some early data */ - if (!SSL_write_early(clientssl, MSG1, strlen(MSG1), &written) + if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) || written != strlen(MSG1)) { printf("Failed writing early data message 1\n"); goto end; @@ -1641,7 +1641,7 @@ static int test_early_data_read_write(void) } /* Even after reading normal data, client should be able write early data */ - if (!SSL_write_early(clientssl, MSG3, strlen(MSG3), &written) + if (!SSL_write_early_data(clientssl, MSG3, strlen(MSG3), &written) || written != strlen(MSG3)) { printf("Failed writing early data message 3\n"); goto end; @@ -1701,7 +1701,7 @@ static int test_early_data_read_write(void) } /* Client and server should not be able to write early data now */ - if (SSL_write_early(clientssl, MSG6, strlen(MSG6), &written)) { + if (SSL_write_early_data(clientssl, MSG6, strlen(MSG6), &written)) { printf("Unexpected success writing early data\n"); goto end; } @@ -1745,7 +1745,7 @@ static int test_early_data_read_write(void) } /* Write and read some early data */ - if (!SSL_write_early(clientssl, MSG1, strlen(MSG1), &written) + if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) || written != strlen(MSG1)) { printf("Failed writing early data message 1\n"); goto end; @@ -1779,7 +1779,7 @@ static int test_early_data_read_write(void) } /* Client and server should not be able to write early data now */ - if (SSL_write_early(clientssl, MSG6, strlen(MSG6), &written)) { + if (SSL_write_early_data(clientssl, MSG6, strlen(MSG6), &written)) { printf("Unexpected success writing early data (2)\n"); goto end; } @@ -1847,7 +1847,7 @@ static int test_early_data_skip(void) } /* Write some early data */ - if (!SSL_write_early(clientssl, MSG1, strlen(MSG1), &written) + if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written) || written != strlen(MSG1)) { printf("Failed writing early data message 1\n"); goto end; @@ -2008,7 +2008,7 @@ static int test_early_data_not_expected(void) goto end; /* Write some early data */ - if (!SSL_write_early(clientssl, MSG1, strlen(MSG1), &written)) { + if (!SSL_write_early_data(clientssl, MSG1, strlen(MSG1), &written)) { printf("Unexpected failure writing message 1\n"); goto end; } diff --git a/util/libssl.num b/util/libssl.num index e288625253..3c024e4c73 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -428,7 +428,7 @@ SSL_set_max_early_data 428 1_1_1 EXIST::FUNCTION: SSL_CTX_set_max_early_data 429 1_1_1 EXIST::FUNCTION: SSL_get_max_early_data 430 1_1_1 EXIST::FUNCTION: SSL_CTX_get_max_early_data 431 1_1_1 EXIST::FUNCTION: -SSL_write_early 432 1_1_1 EXIST::FUNCTION: +SSL_write_early_data 432 1_1_1 EXIST::FUNCTION: SSL_read_early_data 433 1_1_1 EXIST::FUNCTION: SSL_get_early_data_status 434 1_1_1 EXIST::FUNCTION: SSL_SESSION_get_max_early_data 435 1_1_1 EXIST::FUNCTION: |