max_send_fragment = ssl_get_max_send_fragment(s);
split_send_fragment = ssl_get_split_send_fragment(s);
- /*
- * Ask the record layer how it would like to split the amount of data that
- * we have, and how many of those records it would like in one go.
- */
- maxpipes = s->rlayer.wrlmethod->get_max_records(s->rlayer.wrl, type, n,
- max_send_fragment,
- &split_send_fragment);
- /*
- * If max_pipelines is 0 then this means "undefined" and we default to
- * whatever the record layer wants to do. Otherwise we use the smallest
- * value from the number requested by the record layer, and max number
- * configured by the user.
- */
- if (s->max_pipelines > 0 && maxpipes > s->max_pipelines)
- maxpipes = s->max_pipelines;
-
- if (maxpipes > SSL_MAX_PIPELINES)
- maxpipes = SSL_MAX_PIPELINES;
-
-
-#if 0
- /* TODO(RECLAYER): FIX ME */
- if (maxpipes == 0
- || s->enc_write_ctx == NULL
- || (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(s->enc_write_ctx))
- & EVP_CIPH_FLAG_PIPELINE) == 0
- || !SSL_USE_EXPLICIT_IV(s))
- maxpipes = 1;
-#endif
if (max_send_fragment == 0
|| split_send_fragment == 0
|| split_send_fragment > max_send_fragment) {
for (;;) {
size_t tmppipelen, remain;
- size_t numpipes, j, lensofar = 0;
+ size_t j, lensofar = 0;
- if (n == 0)
- numpipes = 1;
- else
- numpipes = ((n - 1) / split_send_fragment) + 1;
- if (numpipes > maxpipes)
- numpipes = maxpipes;
+ /*
+ * Ask the record layer how it would like to split the amount of data
+ * that we have, and how many of those records it would like in one go.
+ */
+ maxpipes = s->rlayer.wrlmethod->get_max_records(s->rlayer.wrl, type, n,
+ max_send_fragment,
+ &split_send_fragment);
+ /*
+ * If max_pipelines is 0 then this means "undefined" and we default to
+ * whatever the record layer wants to do. Otherwise we use the smallest
+ * value from the number requested by the record layer, and max number
+ * configured by the user.
+ */
+ if (s->max_pipelines > 0 && maxpipes > s->max_pipelines)
+ maxpipes = s->max_pipelines;
+
+ if (maxpipes > SSL_MAX_PIPELINES)
+ maxpipes = SSL_MAX_PIPELINES;
+
+ if (split_send_fragment > max_send_fragment) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
- if (n / numpipes >= split_send_fragment) {
+ if (n / maxpipes >= split_send_fragment) {
/*
* We have enough data to completely fill all available
* pipelines
*/
- for (j = 0; j < numpipes; j++) {
+ for (j = 0; j < maxpipes; j++) {
tmpls[j].type = type;
tmpls[j].version = recversion;
tmpls[j].buf = &(buf[tot]) + (j * split_send_fragment);
tmpls[j].buflen = split_send_fragment;
}
/* Remember how much data we are going to be sending */
- s->rlayer.wpend_tot = numpipes * split_send_fragment;
+ s->rlayer.wpend_tot = maxpipes * split_send_fragment;
} else {
/* We can partially fill all available pipelines */
- tmppipelen = n / numpipes;
- remain = n % numpipes;
+ tmppipelen = n / maxpipes;
+ remain = n % maxpipes;
/*
* If there is a remainder we add an extra byte to the first few
* pipelines
*/
if (remain > 0)
tmppipelen++;
- for (j = 0; j < numpipes; j++) {
+ for (j = 0; j < maxpipes; j++) {
tmpls[j].type = type;
tmpls[j].version = recversion;
tmpls[j].buf = &(buf[tot]) + lensofar;
}
i = HANDLE_RLAYER_WRITE_RETURN(s,
- s->rlayer.wrlmethod->write_records(s->rlayer.wrl, tmpls, numpipes));
+ s->rlayer.wrlmethod->write_records(s->rlayer.wrl, tmpls, maxpipes));
if (i <= 0) {
/* SSLfatal() already called if appropriate */
s->rlayer.wnum = tot;
};
static const OSSL_RECORD_METHOD *ssl_select_next_record_layer(SSL_CONNECTION *s,
+ int direction,
int level)
{
#endif
/* Default to the current OSSL_RECORD_METHOD */
- return s->rlayer.rrlmethod;
+ return direction == OSSL_RECORD_DIRECTION_READ ? s->rlayer.rrlmethod
+ : s->rlayer.wrlmethod;
}
static int ssl_post_record_layer_select(SSL_CONNECTION *s, int direction)
SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
const OSSL_RECORD_METHOD *meth;
int use_etm, stream_mac = 0, tlstree = 0;
- unsigned int maxfrag = SSL3_RT_MAX_PLAIN_LENGTH;
+ unsigned int maxfrag = (direction == OSSL_RECORD_DIRECTION_WRITE)
+ ? ssl_get_max_send_fragment(s)
+ : SSL3_RT_MAX_PLAIN_LENGTH;
int use_early_data = 0;
uint32_t max_early_data;
+ COMP_METHOD *compm = (comp == NULL) ? NULL : comp->method;
- meth = ssl_select_next_record_layer(s, level);
+ meth = ssl_select_next_record_layer(s, direction, level);
if (direction == OSSL_RECORD_DIRECTION_READ) {
thismethod = &s->rlayer.rrlmethod;
*set++ = OSSL_PARAM_construct_int(OSSL_LIBSSL_RECORD_LAYER_PARAM_TLSTREE,
&tlstree);
- if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session))
+ /*
+ * We only need to do this for the read side. The write side should already
+ * have the correct value due to the ssl_get_max_send_fragment() call above
+ */
+ if (direction == OSSL_RECORD_DIRECTION_READ
+ && s->session != NULL
+ && USE_MAX_FRAGMENT_LENGTH_EXT(s->session))
maxfrag = GET_MAX_FRAGMENT_LENGTH(s->session);
+
if (maxfrag != SSL3_RT_MAX_PLAIN_LENGTH)
*set++ = OSSL_PARAM_construct_uint(OSSL_LIBSSL_RECORD_LAYER_PARAM_MAX_FRAG_LEN,
&maxfrag);
s->server, direction, level, epoch,
key, keylen, iv, ivlen, mackey,
mackeylen, ciph, taglen, mactype, md,
- comp, prev, thisbio, next, NULL, NULL,
+ compm, prev, thisbio, next, NULL, NULL,
settings, options, rlayer_dispatch_tmp,
s, &newrl);
BIO_free(prev);