Create the write record layer method and object and use it

Make sure we set the write record layer method and create the object where appropriate. Move the newly restructured writing code into the record layer object. For now we are cheating and still accessing the underlying SSL_CONNECTION object. This will be removed in subsequent commits. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19198)
author: Matt Caswell <matt@openssl.org> 2022-08-19 17:54:09 +0200
committer: Matt Caswell <matt@openssl.org> 2022-09-23 15:43:24 +0200
commit: 2b71b042202d11854801682d48ccf4e4e34cd5cf (patch)
tree: 058aca485755d1945564780dea3f8fc8e17c2f3f /ssl/t1_enc.c
parent: Move initial TLS write record layer code into new structure (diff)
download: openssl-2b71b042202d11854801682d48ccf4e4e34cd5cf.tar.xz
openssl-2b71b042202d11854801682d48ccf4e4e34cd5cf.zip
1 files changed, 16 insertions, 5 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 920c8e028b..7c7876b7df 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -243,11 +243,11 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which)
             s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
 
         if (!ssl_set_new_record_layer(s, s->version,
-                                        OSSL_RECORD_DIRECTION_READ,
-                                        OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
-                                        key, cl, iv, (size_t)k, mac_secret,
-                                        mac_secret_size, c, taglen, mac_type,
-                                        m, comp)) {
+                                      OSSL_RECORD_DIRECTION_READ,
+                                      OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
+                                      key, cl, iv, (size_t)k, mac_secret,
+                                      mac_secret_size, c, taglen, mac_type,
+                                      m, comp)) {
             /* SSLfatal already called */
             goto err;
         }
@@ -270,6 +270,17 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which)
             s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_TLSTREE;
         else
             s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_TLSTREE;
+
+        if (!ssl_set_new_record_layer(s, s->version,
+                                      OSSL_RECORD_DIRECTION_WRITE,
+                                      OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
+                                      key, cl, iv, (size_t)k, mac_secret,
+                                      mac_secret_size, c, taglen, mac_type,
+                                      m, comp)) {
+            /* SSLfatal already called */
+            goto err;
+        }
+
         if (s->enc_write_ctx != NULL && !SSL_CONNECTION_IS_DTLS(s)) {
             reuse_dd = 1;
         } else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) {
author	Matt Caswell <matt@openssl.org>	2022-08-19 17:54:09 +0200
committer	Matt Caswell <matt@openssl.org>	2022-09-23 15:43:24 +0200
commit	2b71b042202d11854801682d48ccf4e4e34cd5cf (patch)
tree	058aca485755d1945564780dea3f8fc8e17c2f3f /ssl/t1_enc.c
parent	Move initial TLS write record layer code into new structure (diff)
download	openssl-2b71b042202d11854801682d48ccf4e4e34cd5cf.tar.xz openssl-2b71b042202d11854801682d48ccf4e4e34cd5cf.zip