Name |
Date |
Size |
#Lines |
LOC |
||
---|---|---|---|---|---|---|
.. | - | - | ||||
README | D | 12-May-2024 | 3.3 KiB | 64 | 57 | |
extensions.c | D | 12-May-2024 | 60.8 KiB | 1,748 | 1,164 | |
extensions_clnt.c | D | 12-May-2024 | 66.9 KiB | 2,015 | 1,456 | |
extensions_cust.c | D | 12-May-2024 | 17.8 KiB | 535 | 388 | |
extensions_srvr.c | D | 12-May-2024 | 68.5 KiB | 1,982 | 1,459 | |
statem.c | D | 12-May-2024 | 30.2 KiB | 973 | 587 | |
statem.h | D | 12-May-2024 | 5.6 KiB | 158 | 82 | |
statem_clnt.c | D | 12-May-2024 | 123.2 KiB | 3,851 | 2,748 | |
statem_dtls.c | D | 12-May-2024 | 40.6 KiB | 1,282 | 866 | |
statem_lib.c | D | 12-May-2024 | 79.7 KiB | 2,442 | 1,685 | |
statem_local.h | D | 12-May-2024 | 21.7 KiB | 423 | 353 | |
statem_srvr.c | D | 12-May-2024 | 141.5 KiB | 4,300 | 3,049 |
README
1State Machine Design 2==================== 3 4This file provides some guidance on the thinking behind the design of the 5state machine code to aid future maintenance. 6 7The state machine code replaces an older state machine present in OpenSSL 8versions 1.0.2 and below. The new state machine has the following objectives: 9 - Remove duplication of state code between client and server 10 - Remove duplication of state code between TLS and DTLS 11 - Simplify transitions and bring the logic together in a single location 12 so that it is easier to validate 13 - Remove duplication of code between each of the message handling functions 14 - Receive a message first and then work out whether that is a valid 15 transition - not the other way around (the other way causes lots of issues 16 where we are expecting one type of message next but actually get something 17 else) 18 - Separate message flow state from handshake state (in order to better 19 understand each) 20 - message flow state = when to flush buffers; handling restarts in the 21 event of NBIO events; handling the common flow of steps for reading a 22 message and the common flow of steps for writing a message etc 23 - handshake state = what handshake message are we working on now 24 - Control complexity: only the state machine can change state: keep all 25 the state changes local to the state machine component 26 27The message flow state machine is divided into a reading sub-state machine and a 28writing sub-state machine. See the source comments in statem.c for a more 29detailed description of the various states and transitions possible. 30 31Conceptually the state machine component is designed as follows: 32 33 libssl 34 | 35---------------------------|-----statem.h-------------------------------------- 36 | 37 _______V____________________ 38 | | 39 | statem.c | 40 | | 41 | Core state machine code | 42 |____________________________| 43 statem_local.h ^ ^ 44 _________| |_______ 45 | | 46 _____________|____________ _____________|____________ 47 | | | | 48 | statem_clnt.c | | statem_srvr.c | 49 | | | | 50 | TLS/DTLS client specific | | TLS/DTLS server specific | 51 | state machine code | | state machine code | 52 |__________________________| |__________________________| 53 | |_______________|__ | 54 | ________________| | | 55 | | | | 56 ____________V_______V________ ________V______V_______________ 57 | | | | 58 | statem_lib.c | | statem_dtls.c | 59 | | | | 60 | Non core functions common | | Non core functions common to | 61 | to both servers and clients | | both DTLS servers and clients | 62 |_____________________________| |_______________________________| 63 64