From e33b9b0a87e22bce1569e4327b7a00ab5864e4da Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Mon, 26 Jan 2015 01:27:22 -0500 Subject: [PATCH] Remove dtls1_timeout_st. All but one field is a no-op. Change-Id: Ib7bc59a12ce792d5e42fb6e04a4aff54f42643a9 Reviewed-on: https://boringssl-review.googlesource.com/3213 Reviewed-by: Adam Langley --- include/openssl/dtls1.h | 22 +++------------------- ssl/d1_lib.c | 21 ++++++++++++--------- 2 files changed, 15 insertions(+), 28 deletions(-) diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h index 17321b0e..e3c3cfd0 100644 --- a/include/openssl/dtls1.h +++ b/include/openssl/dtls1.h @@ -121,18 +121,6 @@ struct ccs_header_st unsigned short seq; }; -struct dtls1_timeout_st - { - /* Number of read timeouts so far */ - unsigned int read_timeouts; - - /* Number of write timeouts so far */ - unsigned int write_timeouts; - - /* Number of alerts received so far */ - unsigned int num_alerts; - }; - typedef struct record_pqueue_st { unsigned short epoch; @@ -200,7 +188,9 @@ typedef struct dtls1_state_st struct hm_header_st w_msg_hdr; struct hm_header_st r_msg_hdr; - struct dtls1_timeout_st timeout; + /* num_timeouts is the number of times the retransmit timer + * has fired since the last time it was reset. */ + unsigned int num_timeouts; /* Indicates when the last handshake msg or heartbeat sent will * timeout. Because of header issues on Windows, this cannot actually @@ -230,12 +220,6 @@ typedef struct dtls1_record_data_st #endif -/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */ -#define DTLS1_TMO_READ_COUNT 2 -#define DTLS1_TMO_WRITE_COUNT 2 - -#define DTLS1_TMO_ALERT_COUNT 12 - #ifdef __cplusplus } #endif diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index a41a4395..dcf86e51 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -72,6 +72,14 @@ #include "ssl_locl.h" +/* DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire + * before starting to decrease the MTU. */ +#define DTLS1_MTU_TIMEOUTS 2 + +/* DTLS1_MAX_TIMEOUTS is the maximum number of timeouts to expire + * before failing the DTLS handshake. */ +#define DTLS1_MAX_TIMEOUTS 12 + static void get_current_time(SSL *ssl, OPENSSL_timeval *out_clock); static OPENSSL_timeval *dtls1_get_timeout(SSL *s, OPENSSL_timeval *timeleft); static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len); @@ -344,7 +352,7 @@ void dtls1_double_timeout(SSL *s) { void dtls1_stop_timer(SSL *s) { /* Reset everything */ - memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st)); + s->d1->num_timeouts = 0; memset(&s->d1->next_timeout, 0, sizeof(OPENSSL_timeval)); s->d1->timeout_duration = 1; BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, @@ -354,10 +362,10 @@ void dtls1_stop_timer(SSL *s) { } int dtls1_check_timeout_num(SSL *s) { - s->d1->timeout.num_alerts++; + s->d1->num_timeouts++; /* Reduce MTU after 2 unsuccessful retransmissions */ - if (s->d1->timeout.num_alerts > 2 && + if (s->d1->num_timeouts > DTLS1_MTU_TIMEOUTS && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) { long mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL); @@ -366,7 +374,7 @@ int dtls1_check_timeout_num(SSL *s) { } } - if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) { + if (s->d1->num_timeouts > DTLS1_MAX_TIMEOUTS) { /* fail the connection, enough alerts have been sent */ OPENSSL_PUT_ERROR(SSL, dtls1_check_timeout_num, SSL_R_READ_TIMEOUT_EXPIRED); return -1; @@ -387,11 +395,6 @@ int dtls1_handle_timeout(SSL *s) { return -1; } - s->d1->timeout.read_timeouts++; - if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) { - s->d1->timeout.read_timeouts = 1; - } - dtls1_start_timer(s); return dtls1_retransmit_buffered_messages(s); }