[Openvpn-devel,24/28] Extract read_incoming_tls_plaintext into its own function

Message ID 20220422142953.3805364-15-arne@rfc2549.org
State Changes Requested
Headers show
Series
  • Stateless three-way handshake and control channel improvements
Related show

Commit Message

Arne Schwabe April 22, 2022, 2:29 p.m.
This makes the tls_process_state function a bit easier to read allows
extending the read_incoming_tls_plaintext function later without
making tls_process_state even longer.
---
 src/openvpn/ssl.c | 38 +++++++++++++++++++++++---------------
 1 file changed, 23 insertions(+), 15 deletions(-)

Comments

Frank Lichtenheld May 3, 2022, 10:09 a.m. | #1
NACK, compile error.

> Arne Schwabe <arne@rfc2549.org> hat am 22.04.2022 16:29 geschrieben:
> 
>  
> This makes the tls_process_state function a bit easier to read allows

missing "and" after read?

> extending the read_incoming_tls_plaintext function later without
> making tls_process_state even longer.
> ---
>  src/openvpn/ssl.c | 38 +++++++++++++++++++++++---------------
>  1 file changed, 23 insertions(+), 15 deletions(-)
> 
> diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
> index e3101c7fa..01717559c 100644
> --- a/src/openvpn/ssl.c
> +++ b/src/openvpn/ssl.c
> @@ -2612,6 +2612,28 @@ control_packet_needs_wkc(const struct key_state *ks)
>             && (ks->send_reliable->packet_id == 1);
>  }
>  
> +static bool
> +read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks, interval_t *wakeup)
> +{
> +    ASSERT(buf_init(buf, 0));
> +    int status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE);
> +    update_time();
> +    if (status == -1)
> +    {
> +        msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error");
> +        return false;
> +    }
> +    if (status == 1)
> +    {
> +        *state_change = true;

ssl.c: In function ‘read_incoming_tls_plaintext’:
ssl.c:2628:10: error: ‘state_change’ undeclared (first use in this function); did you mean ‘state_name’?
 2628 |         *state_change = true;
      |          ^~~~~~~~~~~~
      |          state_name

> +        dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
> +
> +        /* More data may be available, wake up again asap to check. */
> +        *wakeup = 0;
> +    }
> +    return true;
> +}
> +
>  
>  static bool
>  tls_process_state(struct tls_multi *multi,

Regards,
--
Frank Lichtenheld

Patch

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index e3101c7fa..01717559c 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2612,6 +2612,28 @@  control_packet_needs_wkc(const struct key_state *ks)
            && (ks->send_reliable->packet_id == 1);
 }
 
+static bool
+read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks, interval_t *wakeup)
+{
+    ASSERT(buf_init(buf, 0));
+    int status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE);
+    update_time();
+    if (status == -1)
+    {
+        msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error");
+        return false;
+    }
+    if (status == 1)
+    {
+        *state_change = true;
+        dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
+
+        /* More data may be available, wake up again asap to check. */
+        *wakeup = 0;
+    }
+    return true;
+}
+
 
 static bool
 tls_process_state(struct tls_multi *multi,
@@ -2705,24 +2727,10 @@  tls_process_state(struct tls_multi *multi,
     struct buffer *buf = &ks->plaintext_read_buf;
     if (!buf->len)
     {
-        int status;
-
-        ASSERT(buf_init(buf, 0));
-        status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE);
-        update_time();
-        if (status == -1)
+        if (!read_incoming_tls_plaintext(buf, ks, wakeup))
         {
-            msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error");
             goto error;
         }
-        if (status == 1)
-        {
-            state_change = true;
-            dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
-
-            /* More data may be available, wake up again asap to check. */
-            *wakeup = 0;
-        }
     }
 
     /* Send Key */