Opaquify DTLS structs.

Nothing ever uses those structs. This to avoid having any structs in the
public header which use struct timeval.

In doing so, move the protocol version constants up to ssl.h so dtls1.h
may be empty. This also removes TLS1_get_version and TLS1_get_client_version
as they're unused and depend on TLS1_VERSION_MAJOR. This still lets tls1.h
be included independently from ssl.h (though I don't think anyone ever includes
it...).

Change-Id: Ieac8b90cf94f7f1e742a88bb75c0ee0aa4b1414c
Reviewed-on: https://boringssl-review.googlesource.com/4681
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-05-08 13:08:52 -04:00 committed by Adam Langley
parent dfb67134dc
commit 593047fd80
4 changed files with 137 additions and 195 deletions

View File

@ -1,179 +1,16 @@
/* ssl/dtls1.h */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
/* Copyright (c) 2015, Google Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com). */
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#ifndef OPENSSL_HEADER_DTLS1_H
#define OPENSSL_HEADER_DTLS1_H
#include <openssl/base.h>
#include <openssl/buf.h>
#include <openssl/pqueue.h>
#ifdef __cplusplus
extern "C" {
#endif
#define DTLS1_VERSION 0xFEFF
#define DTLS1_2_VERSION 0xFEFD
/* lengths of messages */
#define DTLS1_COOKIE_LENGTH 256
#define DTLS1_RT_HEADER_LENGTH 13
#define DTLS1_HM_HEADER_LENGTH 12
#define DTLS1_CCS_HEADER_LENGTH 1
#define DTLS1_AL_HEADER_LENGTH 2
typedef struct dtls1_bitmap_st {
/* map is a bit mask of the last 64 sequence numbers. Bit
* |1<<i| corresponds to |max_seq_num - i|. */
uint64_t map;
/* max_seq_num is the largest sequence number seen so far. It
* is a 64-bit value in big-endian encoding. */
uint8_t max_seq_num[8];
} DTLS1_BITMAP;
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |is_ccs| and |epoch| are only used in the latter and
* should be moved elsewhere. */
struct hm_header_st {
uint8_t type;
uint32_t msg_len;
uint16_t seq;
uint32_t frag_off;
uint32_t frag_len;
int is_ccs;
/* epoch, for buffered outgoing messages, is the epoch the message was
* originally sent in. */
uint16_t epoch;
};
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |fragment| and |reassembly| are only used in the former
* and should be moved elsewhere. */
typedef struct hm_fragment_st {
struct hm_header_st msg_header;
uint8_t *fragment;
uint8_t *reassembly;
} hm_fragment;
typedef struct dtls1_state_st {
/* send_cookie is true if we are resending the ClientHello
* with a cookie from a HelloVerifyRequest. */
unsigned int send_cookie;
uint8_t cookie[DTLS1_COOKIE_LENGTH];
size_t cookie_len;
/* The current data and handshake epoch. This is initially undefined, and
* starts at zero once the initial handshake is completed. */
uint16_t r_epoch;
uint16_t w_epoch;
/* records being received in the current epoch */
DTLS1_BITMAP bitmap;
/* handshake message numbers */
uint16_t handshake_write_seq;
uint16_t next_handshake_write_seq;
uint16_t handshake_read_seq;
/* save last sequence number for retransmissions */
uint8_t last_write_sequence[8];
/* buffered_messages is a priority queue of incoming handshake messages that
* have yet to be processed.
*
* TODO(davidben): This data structure may as well be a ring buffer of fixed
* size. */
pqueue buffered_messages;
/* send_messages is a priority queue of outgoing handshake messages sent in
* the most recent handshake flight.
*
* TODO(davidben): This data structure may as well be a STACK_OF(T). */
pqueue sent_messages;
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
/* num_timeouts is the number of times the retransmit timer has fired since
* the last time it was reset. */
unsigned int num_timeouts;
/* Indicates when the last handshake msg or heartbeat sent will
* timeout. Because of header issues on Windows, this cannot actually be a
* struct timeval. */
OPENSSL_timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
unsigned int change_cipher_spec_ok;
} DTLS1_STATE;
#ifdef __cplusplus
} /* extern C */
#endif
#endif /* OPENSSL_HEADER_DTLS1_H */
/* This header is provided in order to make compiling against code that expects
OpenSSL easier. */

View File

@ -176,6 +176,28 @@ extern "C" {
OPENSSL_EXPORT int SSL_library_init(void);
/* Protocol version constants */
#define SSL3_VERSION 0x0300
#define SSL3_VERSION_MAJOR 0x03
#define SSL3_VERSION_MINOR 0x00
#define TLS1_2_VERSION 0x0303
#define TLS1_2_VERSION_MAJOR 0x03
#define TLS1_2_VERSION_MINOR 0x03
#define TLS1_1_VERSION 0x0302
#define TLS1_1_VERSION_MAJOR 0x03
#define TLS1_1_VERSION_MINOR 0x02
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
#define TLS1_VERSION_MINOR 0x01
#define DTLS1_VERSION 0xFEFF
#define DTLS1_2_VERSION 0xFEFD
/* Cipher suites. */
/* An SSL_CIPHER represents a cipher suite. */
@ -2495,7 +2517,6 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
#include <openssl/ssl2.h>
#include <openssl/ssl3.h>
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
#include <openssl/dtls1.h> /* Datagram TLS */
#include <openssl/ssl23.h>
#include <openssl/srtp.h> /* Support for the use_srtp extension */

View File

@ -161,24 +161,6 @@ extern "C" {
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
#define TLS1_2_VERSION 0x0303
#define TLS1_2_VERSION_MAJOR 0x03
#define TLS1_2_VERSION_MINOR 0x03
#define TLS1_1_VERSION 0x0302
#define TLS1_1_VERSION_MAJOR 0x03
#define TLS1_1_VERSION_MINOR 0x02
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
#define TLS1_VERSION_MINOR 0x01
#define TLS1_get_version(s) \
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
#define TLS1_get_client_version(s) \
((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
#define TLS1_AD_DECRYPTION_FAILED 21
#define TLS1_AD_RECORD_OVERFLOW 22
#define TLS1_AD_UNKNOWN_CA 48 /* fatal */

View File

@ -145,6 +145,7 @@
#include <openssl/base.h>
#include <openssl/aead.h>
#include <openssl/pqueue.h>
#include <openssl/ssl.h>
#include <openssl/stack.h>
@ -647,6 +648,107 @@ struct ssl_aead_ctx_st {
char omit_version_in_ad;
};
/* lengths of messages */
#define DTLS1_COOKIE_LENGTH 256
#define DTLS1_RT_HEADER_LENGTH 13
#define DTLS1_HM_HEADER_LENGTH 12
#define DTLS1_CCS_HEADER_LENGTH 1
#define DTLS1_AL_HEADER_LENGTH 2
typedef struct dtls1_bitmap_st {
/* map is a bit mask of the last 64 sequence numbers. Bit
* |1<<i| corresponds to |max_seq_num - i|. */
uint64_t map;
/* max_seq_num is the largest sequence number seen so far. It
* is a 64-bit value in big-endian encoding. */
uint8_t max_seq_num[8];
} DTLS1_BITMAP;
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |is_ccs| and |epoch| are only used in the latter and
* should be moved elsewhere. */
struct hm_header_st {
uint8_t type;
uint32_t msg_len;
uint16_t seq;
uint32_t frag_off;
uint32_t frag_len;
int is_ccs;
/* epoch, for buffered outgoing messages, is the epoch the message was
* originally sent in. */
uint16_t epoch;
};
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |fragment| and |reassembly| are only used in the former
* and should be moved elsewhere. */
typedef struct hm_fragment_st {
struct hm_header_st msg_header;
uint8_t *fragment;
uint8_t *reassembly;
} hm_fragment;
typedef struct dtls1_state_st {
/* send_cookie is true if we are resending the ClientHello
* with a cookie from a HelloVerifyRequest. */
unsigned int send_cookie;
uint8_t cookie[DTLS1_COOKIE_LENGTH];
size_t cookie_len;
/* The current data and handshake epoch. This is initially undefined, and
* starts at zero once the initial handshake is completed. */
uint16_t r_epoch;
uint16_t w_epoch;
/* records being received in the current epoch */
DTLS1_BITMAP bitmap;
/* handshake message numbers */
uint16_t handshake_write_seq;
uint16_t next_handshake_write_seq;
uint16_t handshake_read_seq;
/* save last sequence number for retransmissions */
uint8_t last_write_sequence[8];
/* buffered_messages is a priority queue of incoming handshake messages that
* have yet to be processed.
*
* TODO(davidben): This data structure may as well be a ring buffer of fixed
* size. */
pqueue buffered_messages;
/* send_messages is a priority queue of outgoing handshake messages sent in
* the most recent handshake flight.
*
* TODO(davidben): This data structure may as well be a STACK_OF(T). */
pqueue sent_messages;
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
/* num_timeouts is the number of times the retransmit timer has fired since
* the last time it was reset. */
unsigned int num_timeouts;
/* Indicates when the last handshake msg or heartbeat sent will
* timeout. Because of header issues on Windows, this cannot actually be a
* struct timeval. */
OPENSSL_timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
unsigned int change_cipher_spec_ok;
} DTLS1_STATE;
extern const SSL_CIPHER ssl3_ciphers[];
extern const SSL3_ENC_METHOD TLSv1_enc_data;