boringssl/include/openssl/dtls1.h
David Benjamin 0afbcc05e6 Remove buffering out records from the next epoch.
It was only ever enabled for handshake and alert messages. The comments cite
renego as a use case though even then I'm not clear on why. The only use I see
is if, say, the Finished message and ClientKeyExchange came in out-of-order.
DTLS is unreliable so leaning on retransmit seems fine, and usually flights
will be packed into one packet where possible. NSS doesn't have any such
buffer and doesn't seem to have problems.

The buffering mechanism is also rather dubious. It stows away the entire packet
and read buffer---all 16K of it---and there may have been other records in that
packet.

Change-Id: Ic3b7bf817be380dc73102eec62c690ed093e6667
Reviewed-on: https://boringssl-review.googlesource.com/4238
Reviewed-by: Adam Langley <agl@google.com>
2015-04-06 20:51:24 +00:00

196 lines
6.3 KiB
C

/* ssl/dtls1.h */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com). */
#ifndef OPENSSL_HEADER_DTLS1_H
#define OPENSSL_HEADER_DTLS1_H
#include <openssl/base.h>
#include <openssl/buf.h>
#include <openssl/pqueue.h>
#ifdef __cplusplus
extern "C" {
#endif
#define DTLS1_VERSION 0xFEFF
#define DTLS1_2_VERSION 0xFEFD
/* lengths of messages */
#define DTLS1_COOKIE_LENGTH 256
#define DTLS1_RT_HEADER_LENGTH 13
#define DTLS1_HM_HEADER_LENGTH 12
#define DTLS1_CCS_HEADER_LENGTH 1
#define DTLS1_AL_HEADER_LENGTH 2
typedef struct dtls1_bitmap_st {
/* map is a bit mask of the last 64 sequence numbers. Bit
* |1<<i| corresponds to |max_seq_num - i|. */
uint64_t map;
/* max_seq_num is the largest sequence number seen so far. It
* is a 64-bit value in big-endian encoding. */
uint8_t max_seq_num[8];
} DTLS1_BITMAP;
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |is_ccs| and |epoch| are only used in the latter and
* should be moved elsewhere. */
struct hm_header_st {
uint8_t type;
uint32_t msg_len;
uint16_t seq;
uint32_t frag_off;
uint32_t frag_len;
int is_ccs;
/* epoch, for buffered outgoing messages, is the epoch the message was
* originally sent in. */
uint16_t epoch;
};
typedef struct record_pqueue_st {
uint16_t epoch;
pqueue q;
} record_pqueue;
/* TODO(davidben): This structure is used for both incoming messages and
* outgoing messages. |fragment| and |reassembly| are only used in the former
* and should be moved elsewhere. */
typedef struct hm_fragment_st {
struct hm_header_st msg_header;
uint8_t *fragment;
uint8_t *reassembly;
} hm_fragment;
typedef struct dtls1_state_st {
/* send_cookie is true if we are resending the ClientHello
* with a cookie from a HelloVerifyRequest. */
unsigned int send_cookie;
uint8_t cookie[DTLS1_COOKIE_LENGTH];
size_t cookie_len;
/* The current data and handshake epoch. This is initially undefined, and
* starts at zero once the initial handshake is completed. */
uint16_t r_epoch;
uint16_t w_epoch;
/* records being received in the current epoch */
DTLS1_BITMAP bitmap;
/* handshake message numbers */
uint16_t handshake_write_seq;
uint16_t next_handshake_write_seq;
uint16_t handshake_read_seq;
/* save last sequence number for retransmissions */
uint8_t last_write_sequence[8];
/* buffered_messages is a priority queue of incoming handshake messages that
* have yet to be processed.
*
* TODO(davidben): This data structure may as well be a ring buffer of fixed
* size. */
pqueue buffered_messages;
/* send_messages is a priority queue of outgoing handshake messages sent in
* the most recent handshake flight.
*
* TODO(davidben): This data structure may as well be a STACK_OF(T). */
pqueue sent_messages;
/* Buffered application records. Only for records between CCS and Finished to
* prevent either protocol violation or unnecessary message loss. */
record_pqueue buffered_app_data;
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
/* num_timeouts is the number of times the retransmit timer has fired since
* the last time it was reset. */
unsigned int num_timeouts;
/* Indicates when the last handshake msg or heartbeat sent will
* timeout. Because of header issues on Windows, this cannot actually be a
* struct timeval. */
OPENSSL_timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
unsigned int change_cipher_spec_ok;
} DTLS1_STATE;
typedef struct dtls1_record_data_st {
uint8_t *packet;
unsigned int packet_length;
SSL3_BUFFER rbuf;
SSL3_RECORD rrec;
} DTLS1_RECORD_DATA;
#ifdef __cplusplus
} /* extern C */
#endif
#endif /* OPENSSL_HEADER_DTLS1_H */