Bypass multiblock and send individual records when using KTLS.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10045)
2018-10-31 15:01:47 -04:00 · 2018-10-31 15:01:47 -04:00 · 54f30cb57c
commit 54f30cb57c
parent 2111f5c283
1 changed files with 1 additions and 0 deletions
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@ -426,6 +426,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
        len >= 4 * (max_send_fragment = ssl_get_max_send_fragment(s)) &&
        s->compress == NULL && s->msg_callback == NULL &&
        !SSL_WRITE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&
+        (BIO_get_ktls_send(s->wbio) == 0) &&
        EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) &
        EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
        unsigned char aad[13];