1*b0d17251SchristosState Machine Design 2*b0d17251Schristos==================== 3*b0d17251Schristos 4*b0d17251SchristosThis file provides some guidance on the thinking behind the design of the 5*b0d17251Schristosstate machine code to aid future maintenance. 6*b0d17251Schristos 7*b0d17251SchristosThe state machine code replaces an older state machine present in OpenSSL 8*b0d17251Schristosversions 1.0.2 and below. The new state machine has the following objectives: 9*b0d17251Schristos 10*b0d17251Schristos - Remove duplication of state code between client and server 11*b0d17251Schristos - Remove duplication of state code between TLS and DTLS 12*b0d17251Schristos - Simplify transitions and bring the logic together in a single location 13*b0d17251Schristos so that it is easier to validate 14*b0d17251Schristos - Remove duplication of code between each of the message handling functions 15*b0d17251Schristos - Receive a message first and then work out whether that is a valid 16*b0d17251Schristos transition - not the other way around (the other way causes lots of issues 17*b0d17251Schristos where we are expecting one type of message next but actually get something 18*b0d17251Schristos else) 19*b0d17251Schristos - Separate message flow state from handshake state (in order to better 20*b0d17251Schristos understand each) 21*b0d17251Schristos * message flow state = when to flush buffers; handling restarts in the 22*b0d17251Schristos event of NBIO events; handling the common flow of steps for reading a 23*b0d17251Schristos message and the common flow of steps for writing a message etc 24*b0d17251Schristos * handshake state = what handshake message are we working on now 25*b0d17251Schristos - Control complexity: only the state machine can change state: keep all 26*b0d17251Schristos the state changes local to the state machine component 27*b0d17251Schristos 28*b0d17251SchristosThe message flow state machine is divided into a reading sub-state machine and a 29*b0d17251Schristoswriting sub-state machine. See the source comments in statem.c for a more 30*b0d17251Schristosdetailed description of the various states and transitions possible. 31*b0d17251Schristos 32*b0d17251SchristosConceptually the state machine component is designed as follows: 33*b0d17251Schristos 34*b0d17251Schristos libssl 35*b0d17251Schristos | 36*b0d17251Schristos -------------------------|-----statem.h------------------------------------ 37*b0d17251Schristos | 38*b0d17251Schristos _______V____________________ 39*b0d17251Schristos | | 40*b0d17251Schristos | statem.c | 41*b0d17251Schristos | | 42*b0d17251Schristos | Core state machine code | 43*b0d17251Schristos |____________________________| 44*b0d17251Schristos statem_local.h ^ ^ 45*b0d17251Schristos _________| |_______ 46*b0d17251Schristos | | 47*b0d17251Schristos _____________|____________ _____________|____________ 48*b0d17251Schristos | | | | 49*b0d17251Schristos | statem_clnt.c | | statem_srvr.c | 50*b0d17251Schristos | | | | 51*b0d17251Schristos | TLS/DTLS client specific | | TLS/DTLS server specific | 52*b0d17251Schristos | state machine code | | state machine code | 53*b0d17251Schristos |__________________________| |__________________________| 54*b0d17251Schristos | |_______________|__ | 55*b0d17251Schristos | ________________| | | 56*b0d17251Schristos | | | | 57*b0d17251Schristos ____________V_______V________ ________V______V_______________ 58*b0d17251Schristos | | | | 59*b0d17251Schristos | statem_lib.c | | statem_dtls.c | 60*b0d17251Schristos | | | | 61*b0d17251Schristos | Non core functions common | | Non core functions common to | 62*b0d17251Schristos | to both servers and clients | | both DTLS servers and clients | 63*b0d17251Schristos |_____________________________| |_______________________________| 64