1*66bae5e7SchristosState Machine Design 2*66bae5e7Schristos==================== 3*66bae5e7Schristos 4*66bae5e7SchristosThis file provides some guidance on the thinking behind the design of the 5*66bae5e7Schristosstate machine code to aid future maintenance. 6*66bae5e7Schristos 7*66bae5e7SchristosThe state machine code replaces an older state machine present in OpenSSL 8*66bae5e7Schristosversions 1.0.2 and below. The new state machine has the following objectives: 9*66bae5e7Schristos 10*66bae5e7Schristos - Remove duplication of state code between client and server 11*66bae5e7Schristos - Remove duplication of state code between TLS and DTLS 12*66bae5e7Schristos - Simplify transitions and bring the logic together in a single location 13*66bae5e7Schristos so that it is easier to validate 14*66bae5e7Schristos - Remove duplication of code between each of the message handling functions 15*66bae5e7Schristos - Receive a message first and then work out whether that is a valid 16*66bae5e7Schristos transition - not the other way around (the other way causes lots of issues 17*66bae5e7Schristos where we are expecting one type of message next but actually get something 18*66bae5e7Schristos else) 19*66bae5e7Schristos - Separate message flow state from handshake state (in order to better 20*66bae5e7Schristos understand each) 21*66bae5e7Schristos * message flow state = when to flush buffers; handling restarts in the 22*66bae5e7Schristos event of NBIO events; handling the common flow of steps for reading a 23*66bae5e7Schristos message and the common flow of steps for writing a message etc 24*66bae5e7Schristos * handshake state = what handshake message are we working on now 25*66bae5e7Schristos - Control complexity: only the state machine can change state: keep all 26*66bae5e7Schristos the state changes local to the state machine component 27*66bae5e7Schristos 28*66bae5e7SchristosThe message flow state machine is divided into a reading sub-state machine and a 29*66bae5e7Schristoswriting sub-state machine. See the source comments in statem.c for a more 30*66bae5e7Schristosdetailed description of the various states and transitions possible. 31*66bae5e7Schristos 32*66bae5e7SchristosConceptually the state machine component is designed as follows: 33*66bae5e7Schristos 34*66bae5e7Schristos libssl 35*66bae5e7Schristos | 36*66bae5e7Schristos -------------------------|-----statem.h------------------------------------ 37*66bae5e7Schristos | 38*66bae5e7Schristos _______V____________________ 39*66bae5e7Schristos | | 40*66bae5e7Schristos | statem.c | 41*66bae5e7Schristos | | 42*66bae5e7Schristos | Core state machine code | 43*66bae5e7Schristos |____________________________| 44*66bae5e7Schristos statem_local.h ^ ^ 45*66bae5e7Schristos _________| |_______ 46*66bae5e7Schristos | | 47*66bae5e7Schristos _____________|____________ _____________|____________ 48*66bae5e7Schristos | | | | 49*66bae5e7Schristos | statem_clnt.c | | statem_srvr.c | 50*66bae5e7Schristos | | | | 51*66bae5e7Schristos | TLS/DTLS client specific | | TLS/DTLS server specific | 52*66bae5e7Schristos | state machine code | | state machine code | 53*66bae5e7Schristos |__________________________| |__________________________| 54*66bae5e7Schristos | |_______________|__ | 55*66bae5e7Schristos | ________________| | | 56*66bae5e7Schristos | | | | 57*66bae5e7Schristos ____________V_______V________ ________V______V_______________ 58*66bae5e7Schristos | | | | 59*66bae5e7Schristos | statem_lib.c | | statem_dtls.c | 60*66bae5e7Schristos | | | | 61*66bae5e7Schristos | Non core functions common | | Non core functions common to | 62*66bae5e7Schristos | to both servers and clients | | both DTLS servers and clients | 63*66bae5e7Schristos |_____________________________| |_______________________________| 64