|
Packit |
c4476c |
State Machine Design
|
|
Packit |
c4476c |
====================
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
This file provides some guidance on the thinking behind the design of the
|
|
Packit |
c4476c |
state machine code to aid future maintenance.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The state machine code replaces an older state machine present in OpenSSL
|
|
Packit |
c4476c |
versions 1.0.2 and below. The new state machine has the following objectives:
|
|
Packit |
c4476c |
- Remove duplication of state code between client and server
|
|
Packit |
c4476c |
- Remove duplication of state code between TLS and DTLS
|
|
Packit |
c4476c |
- Simplify transitions and bring the logic together in a single location
|
|
Packit |
c4476c |
so that it is easier to validate
|
|
Packit |
c4476c |
- Remove duplication of code between each of the message handling functions
|
|
Packit |
c4476c |
- Receive a message first and then work out whether that is a valid
|
|
Packit |
c4476c |
transition - not the other way around (the other way causes lots of issues
|
|
Packit |
c4476c |
where we are expecting one type of message next but actually get something
|
|
Packit |
c4476c |
else)
|
|
Packit |
c4476c |
- Separate message flow state from handshake state (in order to better
|
|
Packit |
c4476c |
understand each)
|
|
Packit |
c4476c |
- message flow state = when to flush buffers; handling restarts in the
|
|
Packit |
c4476c |
event of NBIO events; handling the common flow of steps for reading a
|
|
Packit |
c4476c |
message and the common flow of steps for writing a message etc
|
|
Packit |
c4476c |
- handshake state = what handshake message are we working on now
|
|
Packit |
c4476c |
- Control complexity: only the state machine can change state: keep all
|
|
Packit |
c4476c |
the state changes local to the state machine component
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The message flow state machine is divided into a reading sub-state machine and a
|
|
Packit |
c4476c |
writing sub-state machine. See the source comments in statem.c for a more
|
|
Packit |
c4476c |
detailed description of the various states and transitions possible.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Conceptually the state machine component is designed as follows:
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
libssl
|
|
Packit |
c4476c |
|
|
|
Packit |
c4476c |
---------------------------|-----statem.h--------------------------------------
|
|
Packit |
c4476c |
|
|
|
Packit |
c4476c |
_______V____________________
|
|
Packit |
c4476c |
| |
|
|
Packit |
c4476c |
| statem.c |
|
|
Packit |
c4476c |
| |
|
|
Packit |
c4476c |
| Core state machine code |
|
|
Packit |
c4476c |
|____________________________|
|
|
Packit |
c4476c |
statem_local.h ^ ^
|
|
Packit |
c4476c |
_________| |_______
|
|
Packit |
c4476c |
| |
|
|
Packit |
c4476c |
_____________|____________ _____________|____________
|
|
Packit |
c4476c |
| | | |
|
|
Packit |
c4476c |
| statem_clnt.c | | statem_srvr.c |
|
|
Packit |
c4476c |
| | | |
|
|
Packit |
c4476c |
| TLS/DTLS client specific | | TLS/DTLS server specific |
|
|
Packit |
c4476c |
| state machine code | | state machine code |
|
|
Packit |
c4476c |
|__________________________| |__________________________|
|
|
Packit |
c4476c |
| |_______________|__ |
|
|
Packit |
c4476c |
| ________________| | |
|
|
Packit |
c4476c |
| | | |
|
|
Packit |
c4476c |
____________V_______V________ ________V______V_______________
|
|
Packit |
c4476c |
| | | |
|
|
Packit |
c4476c |
| statem_both.c | | statem_dtls.c |
|
|
Packit |
c4476c |
| | | |
|
|
Packit |
c4476c |
| Non core functions common | | Non core functions common to |
|
|
Packit |
c4476c |
| to both servers and clients | | both DTLS servers and clients |
|
|
Packit |
c4476c |
|_____________________________| |_______________________________|
|
|
Packit |
c4476c |
|