7538122ca6
Notably, drop all special cases around receiving a message in order and receiving a full message. It makes things more complicated and was the source of bugs (the MixCompleteMessageWithFragments tests added in this CL did not pass before). Instead, every message goes through an hm_fragment, and dtls1_get_message always checks buffered_messages to see if the next is complete. The downside is that we pay one more copy of the message data in the common case. This is only during connection setup, so I think it's worth the simplicity. (If we want to optimize later, we could either tighten ssl3_get_message's interface to allow the handshake data being in the hm_fragment's backing store rather than s->init_buf or swap out s->init_buf with the hm_fragment's backing store when a mesasge completes. This CL does not address ssl_read_bytes being an inappropriate API for DTLS. Future work will revise the handshake/transport boundary to align better with DTLS's needs. Also other problems that I've left as TODOs. Change-Id: Ib4570d45634b5181ecf192894d735e8699b1c86b Reviewed-on: https://boringssl-review.googlesource.com/3764 Reviewed-by: Adam Langley <agl@google.com> |
||
---|---|---|
.. | ||
asn1.errordata | ||
bio.errordata | ||
bn.errordata | ||
buf.errordata | ||
cipher.errordata | ||
CMakeLists.txt | ||
conf.errordata | ||
crypto.errordata | ||
dh.errordata | ||
digest.errordata | ||
dsa.errordata | ||
ec.errordata | ||
ecdh.errordata | ||
ecdsa.errordata | ||
engine.errordata | ||
err_data_generate.go | ||
err_impl.c | ||
err_test.c | ||
err.c | ||
evp.errordata | ||
hkdf.errordata | ||
obj.errordata | ||
pem.errordata | ||
pkcs8.errordata | ||
rsa.errordata | ||
ssl.errordata | ||
x509.errordata | ||
x509v3.errordata |