Move SSL_MODE_RELEASE_BUFFERS into the read record layer

This resolves an outstanding "TODO" item.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index 4c999c52e83443cad3fbbfa6f0ebaa2b1a0b9898..34497f4cc05d95c13b5a4aafa04732e9108bb631 100644 (file)
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -298,7 +298,7 @@ int tls_default_read_n(OSSL_RECORD_LAYER *rl, size_t n, size_t max, int extend,
 
         if (ret <= OSSL_RECORD_RETURN_RETRY) {
             rb->left = left;
-            if (rl->mode & SSL_MODE_RELEASE_BUFFERS && !rl->isdtls)
+            if ((rl->mode & SSL_MODE_RELEASE_BUFFERS) != 0 && !rl->isdtls)
                 if (len + left == 0)
                     rlayer_release_read_buffer(rl);
             return ret;
@@ -990,6 +990,11 @@ int tls_release_record(OSSL_RECORD_LAYER *rl, void *rechandle)
 
     rl->num_released++;
 
+    if (rl->curr_rec == rl->num_released
+            && (rl->mode & SSL_MODE_RELEASE_BUFFERS) != 0
+            && SSL3_BUFFER_get_left(&rl->rbuf) == 0)
+        rlayer_release_read_buffer(rl);
+
     return OSSL_RECORD_RETURN_SUCCESS;
 }
 

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index e41c3a1698b83435fe6fe1939832ce7d2594f9ca..16247031bb19679856f588099554c2ab0e43803f 100644 (file)
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1368,13 +1368,6 @@ int ssl3_read_bytes(SSL *ssl, int type, int *recvd_type, unsigned char *buf,
             /* We must have read empty records. Get more data */
             goto start;
         }
-        /* TODO(RECLAYER): FIX ME */
-#if 0
-        if (!peek && curr_rec == s->rlayer.num_recs
-            && (s->mode & SSL_MODE_RELEASE_BUFFERS)
-            && SSL3_BUFFER_get_left(rbuf) == 0)
-            ssl3_release_read_buffer(s);
-#endif
         *readbytes = totalbytes;
         return 1;
     }