This makes the tls_process_state function a bit easier to read allows
extending the read_incoming_tls_plaintext function later without
making tls_process_state even longer.
---
src/openvpn/ssl.c | 38 +++++++++++++++++++++++---------------
1 file changed, 23 insertions(+), 15 deletions(-)
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index e3101c7fa..01717559c 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -2612,6 +2612,28 @@ control_packet_needs_wkc(const struct key_state *ks)
&& (ks->send_reliable->packet_id == 1);
}
+static bool
+read_incoming_tls_plaintext(struct buffer *buf, struct key_state *ks,
interval_t *wakeup)
+{
+ ASSERT(buf_init(buf, 0));
+ int status = key_state_read_plaintext(&ks->ks_ssl, buf,
TLS_CHANNEL_BUF_SIZE);
+ update_time();
+ if (status == -1)
+ {
+ msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext read
error");
+ return false;
+ }
+ if (status == 1)
+ {
+ *state_change = true;
+ dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
+
+ /* More data may be available, wake up again asap to check. */
+ *wakeup = 0;
+ }
+ return true;
+}
+
static bool
tls_process_state(struct tls_multi *multi,
@@ -2705,24 +2727,10 @@ tls_process_state(struct tls_multi *multi,
struct buffer *buf = &ks->plaintext_read_buf;
if (!buf->len)
{
- int status;
-
- ASSERT(buf_init(buf, 0));
- status = key_state_read_plaintext(&ks->ks_ssl, buf,
TLS_CHANNEL_BUF_SIZE);
- update_time();
- if (status == -1)
+ if (!read_incoming_tls_plaintext(buf, ks, wakeup))
{
- msg(D_TLS_ERRORS, "TLS Error: TLS object -> incoming plaintext
read error");
goto error;
}
- if (status == 1)
- {
- state_change = true;
- dmsg(D_TLS_DEBUG, "TLS -> Incoming Plaintext");
-
- /* More data may be available, wake up again asap to check. */
- *wakeup = 0;
- }
}
/* Send Key */
--
2.32.0 (Apple Git-132)
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
