kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7538122ca6
boringssl/ssl
History
David Benjamin 7538122ca6 Rework DTLS handshake message reassembly logic. 
Notably, drop all special cases around receiving a message in order and
receiving a full message. It makes things more complicated and was the source
of bugs (the MixCompleteMessageWithFragments tests added in this CL did not
pass before). Instead, every message goes through an hm_fragment, and
dtls1_get_message always checks buffered_messages to see if the next is
complete.

The downside is that we pay one more copy of the message data in the common
case. This is only during connection setup, so I think it's worth the
simplicity. (If we want to optimize later, we could either tighten
ssl3_get_message's interface to allow the handshake data being in the
hm_fragment's backing store rather than s->init_buf or swap out s->init_buf
with the hm_fragment's backing store when a mesasge completes.

This CL does not address ssl_read_bytes being an inappropriate API for DTLS.
Future work will revise the handshake/transport boundary to align better with
DTLS's needs. Also other problems that I've left as TODOs.

Change-Id: Ib4570d45634b5181ecf192894d735e8699b1c86b
Reviewed-on: https://boringssl-review.googlesource.com/3764
Reviewed-by: Adam Langley <agl@google.com>
2015-03-10 00:56:45 +00:00
..
pqueue Fix memory leak in pqueue_test. 2015-02-11 23:18:45 +00:00
test Rework DTLS handshake message reassembly logic. 2015-03-10 00:56:45 +00:00
CMakeLists.txt Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
d1_both.c Rework DTLS handshake message reassembly logic. 2015-03-10 00:56:45 +00:00
d1_clnt.c Switch SSL_GET_MESSAGE_HASH_MESSAGE to an enum. 2015-03-05 21:26:28 +00:00
d1_lib.c Handle failures in ssl3_finish_mac. 2015-02-17 21:01:37 +00:00
d1_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
d1_pkt.c Only retransmit on Finished if frag_off == 0. 2015-03-06 18:55:47 +00:00
d1_srtp.c Store SRTP_PROTECTION_PROFILES as const. 2015-01-14 22:10:08 +00:00
d1_srvr.c Remove BIO_should_retry checks in DTLS state machines. 2015-02-23 19:32:27 +00:00
s3_both.c Switch SSL_GET_MESSAGE_HASH_MESSAGE to an enum. 2015-03-05 21:26:28 +00:00
s3_clnt.c Switch SSL_GET_MESSAGE_HASH_MESSAGE to an enum. 2015-03-05 21:26:28 +00:00
s3_enc.c Handle failures in ssl3_finish_mac. 2015-02-17 21:01:37 +00:00
s3_lib.c Use SSL_MODE_SEND_FALLBACK_SCSV. 2015-02-20 23:44:09 +00:00
s3_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
s3_pkt.c Tidy up the alert-parsing code. 2015-02-23 19:34:52 +00:00
s3_srvr.c Switch SSL_GET_MESSAGE_HASH_MESSAGE to an enum. 2015-03-05 21:26:28 +00:00
ssl_algs.c Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
ssl_asn1.c Remove SSL_SESSION::cipher_id. 2015-01-14 21:10:55 +00:00
ssl_cert.c Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00
ssl_ciph.c Add SSL_CIPHER_get_rfc_name. 2015-02-09 17:31:28 -08:00
ssl_lib.c Add SSL_get_cipher_by_value. 2015-02-20 23:44:17 +00:00
ssl_locl.h Switch SSL_GET_MESSAGE_HASH_MESSAGE to an enum. 2015-03-05 21:26:28 +00:00
ssl_rsa.c Don't EVP_PKEY_copy_parameters when configuring cert and key. 2015-02-17 21:03:29 +00:00
ssl_sess.c Remove server-side HelloVerifyRequest support. 2015-02-17 20:50:08 +00:00
ssl_stat.c Remove server-side HelloVerifyRequest support. 2015-02-17 20:50:08 +00:00
ssl_test.c Use SSL_get_cipher_by_value in cipher_get_rfc_name tests. 2015-02-23 19:33:02 +00:00
ssl_txt.c Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00
t1_enc.c Don't delay-initialize legacy AEADs. 2015-03-05 21:25:05 +00:00
t1_lib.c Add some missing error failure checks. 2015-02-17 20:55:56 +00:00
t1_reneg.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00