This makes the tls_process_state function a bit easier to read allows extending the read_incoming_tls_plaintext function later without making tls_process_state even longer. --- src/openvpn/ssl.c | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-)
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index e3101c7fa..01717559c 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -2612,6 +2612,28 @@ control_packet_needs_wkc(const struct key_state *ks) && (ks->send_reliable->packet_id == 1); } +static bool +read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks, interval_t *wakeup) +{ + ASSERT(buf_init(buf, 0)); + int status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE); + update_time(); + if (status == -1) + { + msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error"); + return false; + } + if (status == 1) + { + *state_change = true; + dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext"); + + /* More data may be available, wake up again asap to check. */ + *wakeup = 0; + } + return true; +} + static bool tls_process_state(struct tls_multi *multi, @@ -2705,24 +2727,10 @@ tls_process_state(struct tls_multi *multi, struct buffer *buf = &ks->plaintext_read_buf; if (!buf->len) { - int status; - - ASSERT(buf_init(buf, 0)); - status = key_state_read_plaintext(&ks->ks_ssl, buf, TLS_CHANNEL_BUF_SIZE); - update_time(); - if (status == -1) + if (!read_incoming_tls_plaintext(buf, ks, wakeup)) { - msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read error"); goto error; } - if (status == 1) - { - state_change = true; - dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext"); - - /* More data may be available, wake up again asap to check. */ - *wakeup = 0; - } } /* Send Key */ -- 2.32.0 (Apple Git-132) _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel