Encapsulate access to s->s3->wbuf

Reviewed-by: Richard Levitte <levitte@openssl.org>

ssl/d1_pkt.c

@@ -1444,11 +1444,13 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
     SSL3_BUFFER *wb;
     SSL_SESSION *sess;
 
+    wb = RECORD_LAYER_get_wbuf(&s->rlayer);
+
     /*
      * first check if there is a SSL3_BUFFER still being written out.  This
      * will happen with non blocking IO
      */
-    if (s->s3->wbuf.left != 0) {
+    if (SSL3_BUFFER_get_left(wb) != 0) {
         OPENSSL_assert(0);      /* XDTLS: want to see if we ever get here */
         return (ssl3_write_pending(s, type, buf, len));
     }
@@ -1465,7 +1467,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
         return 0;
 
     wr = &(s->s3->wrec);
-    wb = &(s->s3->wbuf);
     sess = s->session;
 
     if ((sess == NULL) ||

ssl/record/rec_layer.h

@@ -127,3 +127,4 @@ typedef struct record_layer_st {
 #define RECORD_LAYER_set_read_ahead(rl, ra)     ((rl)->read_ahead = (ra))
 #define RECORD_LAYER_get_read_ahead(rl)         ((rl)->read_ahead)
 #define RECORD_LAYER_get_rbuf(rl)               (&(rl)->rbuf)
+#define RECORD_LAYER_get_wbuf(rl)               (&(rl)->s->s3->wbuf)

ssl/s3_both.c

@@ -619,6 +619,9 @@ int ssl3_setup_write_buffer(SSL *s)
 {
     unsigned char *p;
     size_t len, align = 0, headerlen;
+    SSL3_BUFFER *wb;
+
+    wb = RECORD_LAYER_get_wbuf(&s->rlayer);
 
     if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
         headerlen = DTLS1_RT_HEADER_LENGTH + 1;
@@ -629,7 +632,7 @@ int ssl3_setup_write_buffer(SSL *s)
     align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
 #endif
 
-    if (s->s3->wbuf.buf == NULL) {
+    if (wb->buf == NULL) {
         len = s->max_send_fragment
             + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
 #ifndef OPENSSL_NO_COMP
@@ -641,8 +644,8 @@ int ssl3_setup_write_buffer(SSL *s)
 
         if ((p = OPENSSL_malloc(len)) == NULL)
             goto err;
-        s->s3->wbuf.buf = p;
+        wb->buf = p;
-        s->s3->wbuf.len = len;
+        wb->len = len;
     }
 
     return 1;
@@ -663,9 +666,13 @@ int ssl3_setup_buffers(SSL *s)
 
 int ssl3_release_write_buffer(SSL *s)
 {
-    if (s->s3->wbuf.buf != NULL) {
+    SSL3_BUFFER *wb;
-        OPENSSL_free(s->s3->wbuf.buf);
+
-        s->s3->wbuf.buf = NULL;
+    wb = RECORD_LAYER_get_wbuf(&s->rlayer);
+
+    if (wb->buf != NULL) {
+        OPENSSL_free(wb->buf);
+        wb->buf = NULL;
     }
     return 1;
 }

ssl/s3_lib.c

@@ -3131,7 +3131,7 @@ void ssl3_free(SSL *s)
         return;
 
     ssl3_cleanup_key_block(s);
-    if (s->s3->wbuf.buf != NULL)
+    if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_wbuf(&s->rlayer)))
         ssl3_release_write_buffer(s);
     if (s->s3->rrec.comp != NULL)
         OPENSSL_free(s->s3->rrec.comp);
@@ -3188,8 +3188,8 @@ void ssl3_clear(SSL *s)
 # endif                         /* !OPENSSL_NO_EC */
 #endif                          /* !OPENSSL_NO_TLSEXT */
 
-    wp = s->s3->wbuf.buf;
+    wp = SSL3_BUFFER_get_buf(RECORD_LAYER_get_wbuf(&s->rlayer));
-    wlen = s->s3->wbuf.len;
+    wlen = SSL3_BUFFER_get_len(RECORD_LAYER_get_wbuf(&s->rlayer));
     init_extra = s->s3->init_extra;
     BIO_free(s->s3->handshake_buffer);
     s->s3->handshake_buffer = NULL;
@@ -3203,8 +3203,8 @@ void ssl3_clear(SSL *s)
     }
 #endif
     memset(s->s3, 0, sizeof *s->s3);
-    s->s3->wbuf.buf = wp;
+    SSL3_BUFFER_set_buf(RECORD_LAYER_get_wbuf(&s->rlayer), wp);
-    s->s3->wbuf.len = wlen;
+    SSL3_BUFFER_set_len(RECORD_LAYER_get_wbuf(&s->rlayer), wlen);
     s->s3->init_extra = init_extra;
 
     ssl_free_wbio_buffer(s);
@@ -4488,8 +4488,9 @@ int ssl3_renegotiate_check(SSL *s)
     int ret = 0;
 
     if (s->s3->renegotiate) {
-        if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) &&
+        if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0)
-            (s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
+            && (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0)
+            && !SSL_in_init(s)) {
             /*
              * if we are the server, and we have sent a 'RENEGOTIATE'
              * message, we need to go to SSL_ST_ACCEPT.

ssl/s3_pkt.c

@@ -645,7 +645,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
 #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
     unsigned int max_send_fragment;
 #endif
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
+    SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);
     int i;
     unsigned int u_len = (unsigned int)len;
 
@@ -875,7 +875,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
     int eivlen;
     long align = 0;
     SSL3_RECORD *wr;
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
+    SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);
     SSL_SESSION *sess;
 
     /*
@@ -1100,7 +1100,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
                        unsigned int len)
 {
     int i;
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
+    SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);
 
 /* XXXX */
     if ((s->s3->wpend_tot > (int)len)
@@ -1715,8 +1715,10 @@ int ssl3_send_alert(SSL *s, int level, int desc)
     s->s3->alert_dispatch = 1;
     s->s3->send_alert[0] = level;
     s->s3->send_alert[1] = desc;
-    if (s->s3->wbuf.left == 0)  /* data still being written out? */
+    if (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0) {
+        /* data still being written out? */
         return s->method->ssl_dispatch_alert(s);
+    }
     /*
      * else data is still being written out, we will get written some time in
      * the future

ssl/ssl_lib.c

@@ -257,6 +257,7 @@ int SSL_clear(SSL *s)
      * that right?
      */
     RECORD_LAYER_set_read_ahead(&s->rlayer, read_ahead);
+    RECORD_LAYER_set_ssl(&s->rlayer, s);
 
     return (1);
 }