|
Name |
|
Date |
Size |
#Lines |
LOC |
| .. | | - | - |
| README | D | 12-May-2024 | 3.3 KiB | 64 | 57 |
| extensions.c | D | 12-May-2024 | 60.8 KiB | 1,748 | 1,164 |
| extensions_clnt.c | D | 12-May-2024 | 66.9 KiB | 2,015 | 1,456 |
| extensions_cust.c | D | 12-May-2024 | 17.8 KiB | 535 | 388 |
| extensions_srvr.c | D | 12-May-2024 | 68.5 KiB | 1,982 | 1,459 |
| statem.c | D | 12-May-2024 | 30.2 KiB | 973 | 587 |
| statem.h | D | 12-May-2024 | 5.6 KiB | 158 | 82 |
| statem_clnt.c | D | 12-May-2024 | 123.2 KiB | 3,851 | 2,748 |
| statem_dtls.c | D | 12-May-2024 | 40.6 KiB | 1,282 | 866 |
| statem_lib.c | D | 12-May-2024 | 79.7 KiB | 2,442 | 1,685 |
| statem_local.h | D | 12-May-2024 | 21.7 KiB | 423 | 353 |
| statem_srvr.c | D | 12-May-2024 | 141.5 KiB | 4,300 | 3,049 |
README
1State Machine Design
2====================
3
4This file provides some guidance on the thinking behind the design of the
5state machine code to aid future maintenance.
6
7The state machine code replaces an older state machine present in OpenSSL
8versions 1.0.2 and below. The new state machine has the following objectives:
9 - Remove duplication of state code between client and server
10 - Remove duplication of state code between TLS and DTLS
11 - Simplify transitions and bring the logic together in a single location
12 so that it is easier to validate
13 - Remove duplication of code between each of the message handling functions
14 - Receive a message first and then work out whether that is a valid
15 transition - not the other way around (the other way causes lots of issues
16 where we are expecting one type of message next but actually get something
17 else)
18 - Separate message flow state from handshake state (in order to better
19 understand each)
20 - message flow state = when to flush buffers; handling restarts in the
21 event of NBIO events; handling the common flow of steps for reading a
22 message and the common flow of steps for writing a message etc
23 - handshake state = what handshake message are we working on now
24 - Control complexity: only the state machine can change state: keep all
25 the state changes local to the state machine component
26
27The message flow state machine is divided into a reading sub-state machine and a
28writing sub-state machine. See the source comments in statem.c for a more
29detailed description of the various states and transitions possible.
30
31Conceptually the state machine component is designed as follows:
32
33 libssl
34 |
35---------------------------|-----statem.h--------------------------------------
36 |
37 _______V____________________
38 | |
39 | statem.c |
40 | |
41 | Core state machine code |
42 |____________________________|
43 statem_local.h ^ ^
44 _________| |_______
45 | |
46 _____________|____________ _____________|____________
47 | | | |
48 | statem_clnt.c | | statem_srvr.c |
49 | | | |
50 | TLS/DTLS client specific | | TLS/DTLS server specific |
51 | state machine code | | state machine code |
52 |__________________________| |__________________________|
53 | |_______________|__ |
54 | ________________| | |
55 | | | |
56 ____________V_______V________ ________V______V_______________
57 | | | |
58 | statem_lib.c | | statem_dtls.c |
59 | | | |
60 | Non core functions common | | Non core functions common to |
61 | to both servers and clients | | both DTLS servers and clients |
62 |_____________________________| |_______________________________|
63
64