From 3ef477c69f2fd39549123d7b0b869029b46cf989 Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Wed, 5 Feb 2014 13:57:10 +0100
Subject: [PATCH] s3_pkt.c: move ssl3_release_write_buffer to ssl3_write_bytes.

If application has more data than maximum fragment, hold to buffer
for whole write, as opposite to per-fragment strategy.
---
 ssl/s3_pkt.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index c3a061dac0..0b99ba44b2 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -654,6 +654,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
 		i=do_ssl3_write(s, type, &(buf[tot]), nw, 0);
 		if (i <= 0)
 			{
+			/* XXX should we ssl3_release_write_buffer if i<0? */
 			s->s3->wnum=tot;
 			return i;
 			}
@@ -665,7 +666,11 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
 			/* next chunk of data should get another prepended empty fragment
 			 * in ciphersuites with known-IV weakness: */
 			s->s3->empty_fragment_done = 0;
-			
+
+			if ((i==(int)n) && s->mode & SSL_MODE_RELEASE_BUFFERS &&
+				!SSL_IS_DTLS(s))
+				ssl3_release_write_buffer(s);
+
 			return tot+i;
 			}
 
@@ -995,9 +1000,6 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
 			{
 			wb->left=0;
 			wb->offset+=i;
-			if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
-				!SSL_IS_DTLS(s))
-				ssl3_release_write_buffer(s);
 			s->rwstate=SSL_NOTHING;
 			return(s->s3->wpend_ret);
 			}
-- 
2.40.0