1*4724848cSchristosState Machine Design 2*4724848cSchristos==================== 3*4724848cSchristos 4*4724848cSchristosThis file provides some guidance on the thinking behind the design of the 5*4724848cSchristosstate machine code to aid future maintenance. 6*4724848cSchristos 7*4724848cSchristosThe state machine code replaces an older state machine present in OpenSSL 8*4724848cSchristosversions 1.0.2 and below. The new state machine has the following objectives: 9*4724848cSchristos - Remove duplication of state code between client and server 10*4724848cSchristos - Remove duplication of state code between TLS and DTLS 11*4724848cSchristos - Simplify transitions and bring the logic together in a single location 12*4724848cSchristos so that it is easier to validate 13*4724848cSchristos - Remove duplication of code between each of the message handling functions 14*4724848cSchristos - Receive a message first and then work out whether that is a valid 15*4724848cSchristos transition - not the other way around (the other way causes lots of issues 16*4724848cSchristos where we are expecting one type of message next but actually get something 17*4724848cSchristos else) 18*4724848cSchristos - Separate message flow state from handshake state (in order to better 19*4724848cSchristos understand each) 20*4724848cSchristos - message flow state = when to flush buffers; handling restarts in the 21*4724848cSchristos event of NBIO events; handling the common flow of steps for reading a 22*4724848cSchristos message and the common flow of steps for writing a message etc 23*4724848cSchristos - handshake state = what handshake message are we working on now 24*4724848cSchristos - Control complexity: only the state machine can change state: keep all 25*4724848cSchristos the state changes local to the state machine component 26*4724848cSchristos 27*4724848cSchristosThe message flow state machine is divided into a reading sub-state machine and a 28*4724848cSchristoswriting sub-state machine. See the source comments in statem.c for a more 29*4724848cSchristosdetailed description of the various states and transitions possible. 30*4724848cSchristos 31*4724848cSchristosConceptually the state machine component is designed as follows: 32*4724848cSchristos 33*4724848cSchristos libssl 34*4724848cSchristos | 35*4724848cSchristos---------------------------|-----statem.h-------------------------------------- 36*4724848cSchristos | 37*4724848cSchristos _______V____________________ 38*4724848cSchristos | | 39*4724848cSchristos | statem.c | 40*4724848cSchristos | | 41*4724848cSchristos | Core state machine code | 42*4724848cSchristos |____________________________| 43*4724848cSchristos statem_local.h ^ ^ 44*4724848cSchristos _________| |_______ 45*4724848cSchristos | | 46*4724848cSchristos _____________|____________ _____________|____________ 47*4724848cSchristos | | | | 48*4724848cSchristos | statem_clnt.c | | statem_srvr.c | 49*4724848cSchristos | | | | 50*4724848cSchristos | TLS/DTLS client specific | | TLS/DTLS server specific | 51*4724848cSchristos | state machine code | | state machine code | 52*4724848cSchristos |__________________________| |__________________________| 53*4724848cSchristos | |_______________|__ | 54*4724848cSchristos | ________________| | | 55*4724848cSchristos | | | | 56*4724848cSchristos ____________V_______V________ ________V______V_______________ 57*4724848cSchristos | | | | 58*4724848cSchristos | statem_lib.c | | statem_dtls.c | 59*4724848cSchristos | | | | 60*4724848cSchristos | Non core functions common | | Non core functions common to | 61*4724848cSchristos | to both servers and clients | | both DTLS servers and clients | 62*4724848cSchristos |_____________________________| |_______________________________| 63*4724848cSchristos 64