Move WANT_READ/WANT_WRITE codes to SSL

include/mbedtls/compat-1.3.h

@@ -1161,10 +1161,10 @@
 #define POLARSSL_ERR_NET_RECV_FAILED MBEDTLS_ERR_NET_RECV_FAILED
 #define POLARSSL_ERR_NET_SEND_FAILED MBEDTLS_ERR_NET_SEND_FAILED
 #define POLARSSL_ERR_NET_SOCKET_FAILED MBEDTLS_ERR_NET_SOCKET_FAILED
-#define POLARSSL_ERR_NET_TIMEOUT MBEDTLS_ERR_NET_TIMEOUT
+#define POLARSSL_ERR_NET_TIMEOUT MBEDTLS_ERR_SSL_TIMEOUT
 #define POLARSSL_ERR_NET_UNKNOWN_HOST MBEDTLS_ERR_NET_UNKNOWN_HOST
-#define POLARSSL_ERR_NET_WANT_READ MBEDTLS_ERR_NET_WANT_READ
-#define POLARSSL_ERR_NET_WANT_WRITE MBEDTLS_ERR_NET_WANT_WRITE
+#define POLARSSL_ERR_NET_WANT_READ MBEDTLS_ERR_SSL_WANT_READ
+#define POLARSSL_ERR_NET_WANT_WRITE MBEDTLS_ERR_SSL_WANT_WRITE
 #define POLARSSL_ERR_OID_BUF_TOO_SMALL MBEDTLS_ERR_OID_BUF_TOO_SMALL
 #define POLARSSL_ERR_OID_NOT_FOUND MBEDTLS_ERR_OID_NOT_FOUND
 #define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED

include/mbedtls/error.h

@@ -62,7 +62,7 @@
  * DES       1  0x0032-0x0032
  * CTR_DBRG  4  0x0034-0x003A
  * ENTROPY   3  0x003C-0x0040
- * NET      12  0x0042-0x0056   0x0011-0x0011
+ * NET       9  0x0042-0x0052
  * ENTROPY   1  0x0058-0x0058
  * ASN1      7  0x0060-0x006C
  * MD2       1  0x0070-0x0070
@@ -88,7 +88,7 @@
  * ECP       4   8 (Started from top)
  * MD        5   4
  * CIPHER    6   6
- * SSL       6   13 (Started from top)
+ * SSL       6   16 (Started from top)
  * SSL       7   31
  *
  * Module dependent error code (5 bits 0x.00.-0x.F8.)

include/mbedtls/net.h

@@ -30,6 +30,8 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#include "ssl.h"
+
 #include <stddef.h>
 #include <stdint.h>
 
@@ -41,10 +43,7 @@
 #define MBEDTLS_ERR_NET_RECV_FAILED                       -0x004C  /**< Reading information from the socket failed. */
 #define MBEDTLS_ERR_NET_SEND_FAILED                       -0x004E  /**< Sending information through the socket failed. */
 #define MBEDTLS_ERR_NET_CONN_RESET                        -0x0050  /**< Connection was reset by peer. */
-#define MBEDTLS_ERR_NET_WANT_READ                         -0x0052  /**< Connection requires a read call. */
-#define MBEDTLS_ERR_NET_WANT_WRITE                        -0x0054  /**< Connection requires a write call. */
-#define MBEDTLS_ERR_NET_UNKNOWN_HOST                      -0x0056  /**< Failed to get an IP address for the given hostname. */
-#define MBEDTLS_ERR_NET_TIMEOUT                           -0x0011  /**< The operation timed out. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST                      -0x0052  /**< Failed to get an IP address for the given hostname. */
 
 #define MBEDTLS_NET_LISTEN_BACKLOG         10 /**< The backlog that listen() should use. */
 
@@ -100,7 +99,7 @@ int mbedtls_net_bind( int *fd, const char *bind_ip, int port, int proto );
  *                  Must be at least 4 bytes, or 16 if IPv6 is supported
  *
  * \return          0 if successful, MBEDTLS_ERR_NET_ACCEPT_FAILED, or
- *                  MBEDTLS_ERR_NET_WANT_READ is bind_fd was set to
+ *                  MBEDTLS_ERR_SSL_WANT_READ is bind_fd was set to
  *                  non-blocking and accept() is blocking.
  *
  * \note            With UDP, connects the bind_fd to the client and just copy
@@ -148,8 +147,9 @@ void mbedtls_net_usleep( unsigned long usec );
  * \param len      Maximum length of the buffer
  *
  * \return         This function returns the number of bytes received,
- *                 or a non-zero error code; MBEDTLS_ERR_NET_WANT_READ
- *                 indicates read() is blocking.
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_READ indicates read() would be
+ *                 blocking.
  */
 int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
 
@@ -162,8 +162,9 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
  * \param len      The length of the buffer
  *
  * \return         This function returns the number of bytes sent,
- *                 or a non-zero error code; MBEDTLS_ERR_NET_WANT_WRITE
- *                 indicates write() is blocking.
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would be
+ *                 blocking.
  */
 int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
 
@@ -180,8 +181,8 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
  *
  * \return         This function returns the number of bytes received,
  *                 or a non-zero error code:
- *                 MBEDTLS_ERR_NET_TIMEOUT if the operation timed out,
- *                 MBEDTLS_ERR_NET_WANT_READ if interrupted by a signal.
+ *                 MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
+ *                 MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
  *
  * \note           This function will block (until data becomes available or
  *                 timeout is reached) even if the socket is set to

include/mbedtls/ssl.h

@@ -30,7 +30,6 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#include "net.h"
 #include "bignum.h"
 #include "ecp.h"
 
@@ -151,6 +150,9 @@
 #define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED             -0x6A80  /**< DTLS client must retry for hello verification */
 #define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL                  -0x6A00  /**< A buffer is too small to receive or write a message */
 #define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980  /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
+#define MBEDTLS_ERR_SSL_WANT_READ                         -0x6900  /**< Connection requires a read call. */
+#define MBEDTLS_ERR_SSL_WANT_WRITE                        -0x6880  /**< Connection requires a write call. */
+#define MBEDTLS_ERR_SSL_TIMEOUT                           -0x6800  /**< The operation timed out. */
 
 /*
  * Various constants
@@ -1269,7 +1271,7 @@ void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
  * \param p_bio    parameter (context) shared by BIO callbacks
  * \param f_send   write callback
  * \param f_recv   read callback
- * \param f_recv_timeout read callback with timeout.
+ * \param f_recv_timeout blocking read callback with timeout.
  *                 The last argument of the callback is the timeout in seconds
  *
  * \note           f_recv_timeout is required for DTLS, unless f_recv performs
@@ -2119,8 +2121,8 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session
  *
  * \param ssl      SSL context
  *
- * \return         0 if successful, MBEDTLS_ERR_NET_WANT_READ,
- *                 MBEDTLS_ERR_NET_WANT_WRITE, or a specific SSL error code.
+ * \return         0 if successful, MBEDTLS_ERR_SSL_WANT_READ,
+ *                 MBEDTLS_ERR_SSL_WANT_WRITE, or a specific SSL error code.
  */
 int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
 
@@ -2133,8 +2135,8 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
  *
  * \param ssl      SSL context
  *
- * \return         0 if successful, MBEDTLS_ERR_NET_WANT_READ,
- *                 MBEDTLS_ERR_NET_WANT_WRITE, or a specific SSL error code.
+ * \return         0 if successful, MBEDTLS_ERR_SSL_WANT_READ,
+ *                 MBEDTLS_ERR_SSL_WANT_WRITE, or a specific SSL error code.
  */
 int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
 
@@ -2174,7 +2176,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
  * \return         This function returns the number of bytes written,
  *                 or a negative error code.
  *
- * \note           When this function returns MBEDTLS_ERR_NET_WANT_WRITE,
+ * \note           When this function returns MBEDTLS_ERR_SSL_WANT_WRITE,
  *                 it must be called later with the *same* arguments,
  *                 until it returns a positive value.
  *