Message ID | 20220422142953.3805364-15-arne@rfc2549.org |
---|---|
State | Changes Requested |
Headers | show |
Series | Stateless three-way handshake and control channel improvements | expand |
NACK, compile error. > Arne Schwabe <arne@rfc2549.org> hat am 22.04.2022 16:29 geschrieben: > > > This makes the tls_process_state function a bit easier to read allows missing "and" after read? > extending the read_incoming_tls_plaintext function later without > making tls_process_state even longer. > --- > src/openvpn/ssl.c | 38 +++++++++++++++++++++++--------------- > 1 file changed, 23 insertions(+), 15 deletions(-) > > diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c > index e3101c7fa..01717559c 100644 > --- a/src/openvpn/ssl.c > +++ b/src/openvpn/ssl.c > @@ -2612,6 +2612,28 @@ control_packet_needs_wkc(const struct key_state *ks) > && (ks->send_reliable->packet_id == 1); > } > > +static bool > +read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks, interval_t *wakeup) > +{ > + ASSERT(buf_init(buf, 0)); > + int status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE); > + update_time(); > + if (status == -1) > + { > + msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error"); > + return false; > + } > + if (status == 1) > + { > + *state_change = true; ssl.c: In function ‘read_incoming_tls_plaintext’: ssl.c:2628:10: error: ‘state_change’ undeclared (first use in this function); did you mean ‘state_name’? 2628 | *state_change = true; | ^~~~~~~~~~~~ | state_name > + dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext"); > + > + /* More data may be available, wake up again asap to check. */ > + *wakeup = 0; > + } > + return true; > +} > + > > static bool > tls_process_state(struct tls_multi *multi, Regards, -- Frank Lichtenheld
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index e3101c7fa..01717559c 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -2612,6 +2612,28 @@ control_packet_needs_wkc(const struct key_state *ks) && (ks->send_reliable->packet_id == 1); } +static bool +read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks, interval_t *wakeup) +{ + ASSERT(buf_init(buf, 0)); + int status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE); + update_time(); + if (status == -1) + { + msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error"); + return false; + } + if (status == 1) + { + *state_change = true; + dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext"); + + /* More data may be available, wake up again asap to check. */ + *wakeup = 0; + } + return true; +} + static bool tls_process_state(struct tls_multi *multi, @@ -2705,24 +2727,10 @@ tls_process_state(struct tls_multi *multi, struct buffer *buf = &ks->plaintext_read_buf; if (!buf->len) { - int status; - - ASSERT(buf_init(buf, 0)); - status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE); - update_time(); - if (status == -1) + if (!read_incoming_tls_plaintext(buf, ks, wakeup)) { - msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error"); goto error; } - if (status == 1) - { - state_change = true; - dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext"); - - /* More data may be available, wake up again asap to check. */ - *wakeup = 0; - } } /* Send Key */