Still advance handshake even on an empty write

A call to SSL_write() with a zero length buffer should still advance the
handshake. Applications (including s_client) may rely on this.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21578)

diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c
index 848b1b4f52359ee82477f1fda462e403190bbd83..f6bd738793f2db328426ac0ef8c6a4c57f4e48be 100644 (file)
--- a/ssl/quic/quic_impl.c
+++ b/ssl/quic/quic_impl.c
@@ -2076,9 +2076,6 @@ int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
 
     *written = 0;
 
-    if (len == 0)
-        return 1;
-
     if (!expect_quic_with_stream_lock(s, /*remote_init=*/0, &ctx))
         return 0;
 
@@ -2104,6 +2101,11 @@ int ossl_quic_write(SSL *s, const void *buf, size_t len, size_t *written)
         goto out;
     }
 
+    if (len == 0) {
+        ret = 1;
+        goto out;
+    }
+
     if (xso_blocking_mode(ctx.xso))
         ret = quic_write_blocking(&ctx, buf, len, written);
     else if (partial_write)