commit | 16285ea8004890acbcd4e43b8fa8c5b4dd3e6909 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@chromium.org> | Tue Nov 03 15:39:45 2015 -0500 |
committer | Adam Langley <agl@google.com> | Fri Nov 06 21:43:32 2015 +0000 |
tree | 37854182dd5e9264f17ad25e149da3e7e7e3f140 | |
parent | c81ee8b40c1fe19857a23b3014df0084c7675011 [diff] |
Rewrite DTLS handshake message sending logic. This fixes a number of bugs with the original logic: - If handshake messages are fragmented and writes need to be retried, frag_off gets completely confused. - The BIO_flush call didn't set rwstate, so it wasn't resumable at that point. - The msg_callback call gets garbage because the fragment header would get scribbled over the handshake buffer. The original logic was also extremely confusing with how it handles init_off. (init_off gets rewound to make room for the fragment header. Depending on where you pause, resuming may or may not have already been rewound.) For simplicity, just allocate a new buffer to assemble the fragment in and avoid clobbering the old one. I don't think it's worth the complexity to optimize that. If we want to optimize this sort of thing, not clobbering seems better anyway because the message may need to be retransmitted. We could avoid doing a copy when buffering the outgoing message for retransmission later. We do still need to track how far we are in sending the current message via init_off, so I haven't opted to disconnect this function from init_{buf,off,num} yet. Test the fix to the retry + fragment case by having the splitHandshake option to the state machine tests, in DTLS, also clamp the MTU to force handshake fragmentation. Change-Id: I66f634d6c752ea63649db8ed2f898f9cc2b13908 Reviewed-on: https://boringssl-review.googlesource.com/6421 Reviewed-by: Adam Langley <agl@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: