On Tue, Oct 6, 2015 at 6:00 PM, Yann Ylavic <[email protected]> wrote: > On Tue, Oct 6, 2015 at 5:44 PM, Joe Orton <[email protected]> wrote: >> >> Hence In the server case, it seems reasonable to rely on BIO_flush() >> being called at the "right" times during the handshake. Modulo the odd >> bug! >> >> But ssl/s3_clnt.c is not following that coding style at all, and it only >> does a flush after completing the handshake. So I'd say the right thing >> here is to FLUSH after every packet which comes through the write BIO >> when the SSL state machine is in the middle of a "connect", i.e. >> handshake as client. >> >> tl;dr: I think Yann's patch should be right if the test is switched from >> "always flush if !SSL_is_init_finished(ssl)" to "always flush if >> SSL_in_connect_init(ssl)"??? > > Yes, I came to the same conclusion, but decided to use > SSL_is_init_finished(ssl) anyway because for the server case it seems > that openssl uses it own buffering mechanism to avoid writing small > chunks (after the client-hello is received), so possibly we could rely > on it (this also simplifies the logic).
Also it seems that for the SSL_ST_RENEGOTIATE state in ssl3_accept(), buffering is disabled by openssl (at least in 1.0.2d). SSL_is_init_finished(ssl) should catch this case too... Regards, Yann.
