Introduce a step to prepare the BIO before writing

This removes some KTLS specific code from tls_retry_write_records().

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)

ssl/record/methods/ktls_meth.c

@@ -511,6 +511,28 @@ static int ktls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
     return 1;
 }
 
+static int ktls_prepare_write_bio(OSSL_RECORD_LAYER *rl, int type)
+{
+    /*
+     * To prevent coalescing of control and data messages,
+     * such as in buffer_write, we flush the BIO
+     */
+    if (type != SSL3_RT_APPLICATION_DATA) {
+        int ret, i = BIO_flush(rl->bio);
+
+        if (i <= 0) {
+            if (BIO_should_retry(rl->bio))
+                ret = OSSL_RECORD_RETURN_RETRY;
+            else
+                ret = OSSL_RECORD_RETURN_FATAL;
+            return ret;
+        }
+        BIO_set_ktls_ctrl_msg(rl->bio, type);
+    }
+
+    return OSSL_RECORD_RETURN_SUCCESS;
+}
+
 static struct record_functions_st ossl_ktls_funcs = {
     ktls_set_crypto_state,
     ktls_cipher,
@@ -528,7 +550,8 @@ static struct record_functions_st ossl_ktls_funcs = {
     ktls_prepare_record_header,
     NULL,
     ktls_prepare_for_encryption,
-    ktls_post_encryption_processing
+    ktls_post_encryption_processing,
+    ktls_prepare_write_bio
 };
 
 const OSSL_RECORD_METHOD ossl_ktls_record_method = {

ssl/record/methods/recmethod_local.h

@@ -130,6 +130,13 @@ struct record_functions_st
                                       OSSL_RECORD_TEMPLATE *thistempl,
                                       WPACKET *thispkt,
                                       SSL3_RECORD *thiswr);
+
+    /*
+     * Some record layer implementations need to do some custom preparation of
+     * the BIO before we write to it. KTLS does this to prevent coalescing of
+     * control and data messages.
+     */
+    int (*prepare_write_bio)(OSSL_RECORD_LAYER *rl, int type);
 };
 
 struct ossl_record_layer_st

ssl/record/methods/ssl3_meth.c

@@ -318,5 +318,6 @@ struct record_functions_st ssl_3_0_funcs = {
     tls_prepare_record_header_default,
     NULL,
     tls_prepare_for_encryption_default,
-    tls_post_encryption_processing_default
+    tls_post_encryption_processing_default,
+    NULL
 };

ssl/record/methods/tls13_meth.c

@@ -326,5 +326,6 @@ struct record_functions_st tls_1_3_funcs = {
     tls_prepare_record_header_default,
     tls13_add_record_padding,
     tls_prepare_for_encryption_default,
-    tls_post_encryption_processing_default
+    tls_post_encryption_processing_default,
+    NULL
 };

ssl/record/methods/tls1_meth.c

@@ -659,7 +659,8 @@ struct record_functions_st tls_1_funcs = {
     tls_prepare_record_header_default,
     NULL,
     tls_prepare_for_encryption_default,
-    tls_post_encryption_processing_default
+    tls_post_encryption_processing_default,
+    NULL
 };
 
 struct record_functions_st dtls_1_funcs = {
@@ -678,5 +679,6 @@ struct record_functions_st dtls_1_funcs = {
     NULL,
     NULL,
     NULL,
+    NULL,
     NULL
 };

ssl/record/methods/tls_common.c

@@ -1851,21 +1851,10 @@ int tls_retry_write_records(OSSL_RECORD_LAYER *rl)
 
         clear_sys_error();
         if (rl->bio != NULL) {
-            /*
-             * To prevent coalescing of control and data messages,
-             * such as in buffer_write, we flush the BIO
-             */
-            if (BIO_get_ktls_send(rl->bio)
-                    && thiswb->type != SSL3_RT_APPLICATION_DATA) {
-                i = BIO_flush(rl->bio);
-                if (i <= 0) {
-                    if (BIO_should_retry(rl->bio))
-                        ret = OSSL_RECORD_RETURN_RETRY;
-                    else
-                        ret = OSSL_RECORD_RETURN_FATAL;
+            if (rl->funcs->prepare_write_bio != NULL) {
+                ret = rl->funcs->prepare_write_bio(rl, thiswb->type);
+                if (ret != OSSL_RECORD_RETURN_SUCCESS)
                     return ret;
-                }
-                BIO_set_ktls_ctrl_msg(rl->bio, thiswb->type);
             }
             i = BIO_write(rl->bio, (char *)
                           &(SSL3_BUFFER_get_buf(thiswb)

ssl/record/methods/tlsany_meth.c

@@ -160,7 +160,8 @@ struct record_functions_st tls_any_funcs = {
     tls_prepare_record_header_default,
     NULL,
     tls_any_prepare_for_encryption,
-    tls_post_encryption_processing_default
+    tls_post_encryption_processing_default,
+    NULL
 };
 
 static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
@@ -189,5 +190,6 @@ struct record_functions_st dtls_any_funcs = {
     NULL,
     NULL,
     NULL,
+    NULL,
     NULL
 };