Remove DTLSv1_listen.
This was added in http://rt.openssl.org/Ticket/Display.html?id=2033 to support
a mode where a DTLS socket would statelessly perform the ClientHello /
HelloVerifyRequest portion of the handshake, to be handed off to a socket
specific to this peer address.
This is not used by WebRTC or other current consumers. If we need to support
something like this, it would be cleaner to do the listen portion (cookieless
ClientHello + HelloVerifyRequest) externally and then spin up an SSL instance
on receipt of a cookied ClientHello. This would require a slightly more complex
BIO to replay the second ClientHello but would avoid peppering the DTLS
handshake state with a special short-circuiting mode.
Change-Id: I7a413932edfb62f8b9368912a9a0621d4155f1aa
Reviewed-on: https://boringssl-review.googlesource.com/2220
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
index a9e3ada..2069aed 100644
--- a/include/openssl/dtls1.h
+++ b/include/openssl/dtls1.h
@@ -209,9 +209,6 @@
*/
record_pqueue buffered_app_data;
- /* Is set when listening for new connections with dtls1_listen() */
- unsigned int listen;
-
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 31ff5db..a08b412 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1645,7 +1645,6 @@
#define DTLS_CTRL_GET_TIMEOUT 73
#define DTLS_CTRL_HANDLE_TIMEOUT 74
-#define DTLS_CTRL_LISTEN 75
#define SSL_CTRL_GET_RI_SUPPORT 76
#define SSL_CTRL_CLEAR_OPTIONS 77
@@ -1690,8 +1689,6 @@
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
#define DTLSv1_handle_timeout(ssl) \
SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-#define DTLSv1_listen(ssl, peer) \
- SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
#define SSL_session_reused(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 82d4a86..327a1ac 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -483,9 +483,7 @@
memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
- /* Don't change sequence numbers while listening */
- if (!s->d1->listen)
- s->d1->handshake_read_seq++;
+ s->d1->handshake_read_seq++;
return s->init_num;
@@ -850,10 +848,8 @@
/*
* if this is a future (or stale) message it gets buffered
* (or dropped)--no further processing at this time
- * While listening, we accept seq 1 (ClientHello with cookie)
- * although we're still expecting seq 0 (ClientHello)
*/
- if (msg_hdr.seq != s->d1->handshake_read_seq && !(s->d1->listen && msg_hdr.seq == 1))
+ if (msg_hdr.seq != s->d1->handshake_read_seq)
return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
len = msg_hdr.msg_len;
@@ -1206,8 +1202,7 @@
dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
unsigned long len, unsigned long frag_off, unsigned long frag_len)
{
- /* Don't change sequence numbers while listening */
- if (frag_off == 0 && !s->d1->listen)
+ if (frag_off == 0)
{
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
s->d1->next_handshake_write_seq++;
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 650d8e7..cc7980f 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -75,7 +75,6 @@
static OPENSSL_timeval* dtls1_get_timeout(SSL *s, OPENSSL_timeval* timeleft);
static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
static int dtls1_handshake_write(SSL *s, enum should_add_to_finished_hash should_add_to_finished_hash);
-int dtls1_listen(SSL *s, struct sockaddr *client);
static void dtls1_add_to_finished_hash(SSL *s);
SSL3_ENC_METHOD DTLSv1_enc_data={
@@ -295,9 +294,6 @@
case DTLS_CTRL_HANDLE_TIMEOUT:
ret = dtls1_handle_timeout(s);
break;
- case DTLS_CTRL_LISTEN:
- ret = dtls1_listen(s, parg);
- break;
default:
ret = ssl3_ctrl(s, cmd, larg, parg);
@@ -481,20 +477,6 @@
#endif
}
-int dtls1_listen(SSL *s, struct sockaddr *client)
- {
- int ret;
-
- SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
- s->d1->listen = 1;
-
- ret = SSL_accept(s);
- if (ret <= 0) return ret;
-
- BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_GET_PEER, 0, &client);
- return 1;
- }
-
static void dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
{
unsigned char *p = (unsigned char *)s->init_buf->data;
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 0ecbb2e..a5a27f1 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -644,32 +644,24 @@
goto again; /* get another record */
}
- /* Check whether this is a repeat, or aged record.
- * Don't check if we're listening and this message is
- * a ClientHello. They can look as if they're replayed,
- * since they arrive from different connections and
- * would be dropped unnecessarily.
- */
- if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
- *p == SSL3_MT_CLIENT_HELLO) &&
- !dtls1_record_replay_check(s, bitmap))
- {
- rr->length = 0;
- s->packet_length=0; /* dump this record */
- goto again; /* get another record */
- }
+ /* Check whether this is a repeat, or aged record. */
+ if (!dtls1_record_replay_check(s, bitmap))
+ {
+ rr->length = 0;
+ s->packet_length=0; /* dump this record */
+ goto again; /* get another record */
+ }
/* just read a 0 length packet */
if (rr->length == 0) goto again;
/* If this record is from the next epoch (either HM or ALERT),
* and a handshake is currently in progress, buffer it since it
- * cannot be processed at this time. However, do not buffer
- * anything while listening.
+ * cannot be processed at this time.
*/
if (is_next_epoch)
{
- if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen)
+ if (SSL_in_init(s) || s->in_handshake)
{
dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
}
@@ -799,12 +791,6 @@
}
}
- if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE)
- {
- rr->length = 0;
- goto start;
- }
-
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index e1c5616..28c75fc 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -166,7 +166,6 @@
unsigned long alg_a;
int ret= -1;
int new_state,state,skip=0;
- int listen;
ERR_clear_error();
ERR_clear_system_error();
@@ -175,15 +174,11 @@
cb=s->info_callback;
else if (s->ctx->info_callback != NULL)
cb=s->ctx->info_callback;
-
- listen = s->d1->listen;
/* init things to blank */
s->in_handshake++;
if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
- s->d1->listen = listen;
-
if (s->cert == NULL)
{
OPENSSL_PUT_ERROR(SSL, dtls1_accept, SSL_R_NO_CERTIFICATE_SET);
@@ -295,27 +290,6 @@
s->state = SSL3_ST_SW_SRVR_HELLO_A;
s->init_num=0;
-
- /* Reflect ClientHello sequence to remain stateless while listening */
- if (listen)
- {
- memcpy(s->s3->write_sequence, s->s3->read_sequence, sizeof(s->s3->write_sequence));
- }
-
- /* If we're just listening, stop here */
- if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A)
- {
- ret = 2;
- s->d1->listen = 0;
- /* Set expected sequence numbers
- * to continue the handshake.
- */
- s->d1->handshake_read_seq = 2;
- s->d1->handshake_write_seq = 1;
- s->d1->next_handshake_write_seq = 1;
- goto end;
- }
-
break;
case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
