[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Mon Jul 27 14:05:18 UTC 2015


The branch master has been updated
       via  57787ac81444938a876f185cdd73875c8f53e208 (commit)
      from  f4ee22be03bb8318b1e0f00e116be231ba12fdef (commit)


- Log -----------------------------------------------------------------
commit 57787ac81444938a876f185cdd73875c8f53e208
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Jul 21 00:02:39 2015 +0100

    Remove support for SSL3_FLAGS_DELAY_CLIENT_FINISHED
    
    This flag was not set anywhere within the codebase (only read). It could
    only be set by an app reaching directly into s->s3->flags and setting it
    directly. However that method became impossible when libssl was opaquified.
    
    Even in 1.0.2/1.0.1 if an app set the flag directly it is only relevant to
    ssl3_connect(), which calls SSL_clear() during initialisation that clears
    any flag settings. Therefore it could take effect if the app set the flag
    after the handshake has started but before it completed. It seems quite
    unlikely that any apps really do this (especially as it is completely
    undocumented).
    
    The purpose of the flag is suppress flushing of the write bio on the client
    side at the end of the handshake after the client has written the Finished
    message whilst resuming a session. This enables the client to send
    application data as part of the same flight as the Finished message.
    
    This flag also controls the setting of a second flag SSL3_FLAGS_POP_BUFFER.
    There is an interesting comment in the code about this second flag in the
    implementation of ssl3_write:
    
    	/* This is an experimental flag that sends the
    	 * last handshake message in the same packet as the first
    	 * use data - used to see if it helps the TCP protocol during
    	 * session-id reuse */
    
    It seems the experiment did not work because as far as I can tell nothing
    is using this code. The above comment has been in the code since SSLeay.
    
    This commit removes support for SSL3_FLAGS_DELAY_CLIENT_FINISHED, as well
    as the associated SSL3_FLAGS_POP_BUFFER.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                |  6 ++++++
 include/openssl/ssl3.h |  4 ++--
 ssl/d1_clnt.c          | 22 ++--------------------
 ssl/s3_clnt.c          | 16 ++--------------
 ssl/s3_lib.c           | 44 +-------------------------------------------
 ssl/ssl_locl.h         |  1 -
 6 files changed, 13 insertions(+), 80 deletions(-)

diff --git a/CHANGES b/CHANGES
index a06b1e4..1526aec 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,12 @@
  _______________
 
  Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]
+  *) Dropped support for the SSL3_FLAGS_DELAY_CLIENT_FINISHED flag. This SSLeay
+     era flag was never set throughout the codebase (only read). Also removed
+     SSL3_FLAGS_POP_BUFFER which was only used if
+     SSL3_FLAGS_DELAY_CLIENT_FINISHED was also set.
+     [Matt Caswell]
+
   *) Changed the default name options in the "ca", "crl", "req" and "x509"
      to be "oneline" instead of "compat".
      [Richard Levitte]
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index d56105e..43df925 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -360,10 +360,10 @@ extern "C" {
 # define SSL3_CT_NUMBER                  9
 
 # define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
-# define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
-# define SSL3_FLAGS_POP_BUFFER                   0x0004
+
 /* Removed from OpenSSL 1.1.0 */
 # define TLS1_FLAGS_TLS_PADDING_BUG              0x0
+
 # define TLS1_FLAGS_SKIP_CERT_VERIFY             0x0010
 /*
  * Set when the handshake is ready to process peer's ChangeCipherSpec message.
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 8940abc..fde0def 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -604,8 +604,6 @@ int dtls1_connect(SSL *s)
                 goto end;
             s->state = SSL3_ST_CW_FLUSH;
 
-            /* clear flags */
-            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
             if (s->hit) {
                 s->s3->tmp.next_state = SSL_ST_OK;
 #ifndef OPENSSL_NO_SCTP
@@ -614,17 +612,6 @@ int dtls1_connect(SSL *s)
                     s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
                 }
 #endif
-                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                    s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                        s->d1->next_state = SSL_ST_OK;
-                        s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                    }
-#endif
-                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                    s->s3->delay_buf_pop_ret = 0;
-                }
             } else {
 #ifndef OPENSSL_NO_SCTP
                 /*
@@ -711,13 +698,8 @@ int dtls1_connect(SSL *s)
             /* clean a few things up */
             ssl3_cleanup_key_block(s);
 
-            /*
-             * If we are not 'joining' the last two packets, remove the
-             * buffering now
-             */
-            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-                ssl_free_wbio_buffer(s);
-            /* else do it later in ssl3_write */
+            /* Remove the buffering */
+            ssl_free_wbio_buffer(s);
 
             s->init_num = 0;
             s->renegotiate = 0;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 1a925a7..04af851 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -518,15 +518,8 @@ int ssl3_connect(SSL *s)
                 goto end;
             s->state = SSL3_ST_CW_FLUSH;
 
-            /* clear flags */
-            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
             if (s->hit) {
                 s->s3->tmp.next_state = SSL_ST_OK;
-                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                    s->state = SSL_ST_OK;
-                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                    s->s3->delay_buf_pop_ret = 0;
-                }
             } else {
                 /*
                  * Allow NewSessionTicket if ticket expected
@@ -589,13 +582,8 @@ int ssl3_connect(SSL *s)
             BUF_MEM_free(s->init_buf);
             s->init_buf = NULL;
 
-            /*
-             * If we are not 'joining' the last two packets, remove the
-             * buffering now
-             */
-            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-                ssl_free_wbio_buffer(s);
-            /* else do it later in ssl3_write */
+            /* remove the buffering */
+            ssl_free_wbio_buffer(s);
 
             s->init_num = 0;
             s->renegotiate = 0;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 54c902d..8b7c52a 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4131,54 +4131,12 @@ int ssl3_shutdown(SSL *s)
 
 int ssl3_write(SSL *s, const void *buf, int len)
 {
-    int ret, n;
-
-#if 0
-    if (s->shutdown & SSL_SEND_SHUTDOWN) {
-        s->rwstate = SSL_NOTHING;
-        return (0);
-    }
-#endif
     clear_sys_error();
     if (s->s3->renegotiate)
         ssl3_renegotiate_check(s);
 
-    /*
-     * This is an experimental flag that sends the last handshake message in
-     * the same packet as the first use data - used to see if it helps the
-     * TCP protocol during session-id reuse
-     */
-    /* The second test is because the buffer may have been removed */
-    if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
-        /* First time through, we write into the buffer */
-        if (s->s3->delay_buf_pop_ret == 0) {
-            ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len);
-            if (ret <= 0)
-                return (ret);
-
-            s->s3->delay_buf_pop_ret = ret;
-        }
-
-        s->rwstate = SSL_WRITING;
-        n = BIO_flush(s->wbio);
-        if (n <= 0)
-            return (n);
-        s->rwstate = SSL_NOTHING;
-
-        /* We have flushed the buffer, so remove it */
-        ssl_free_wbio_buffer(s);
-        s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-
-        ret = s->s3->delay_buf_pop_ret;
-        s->s3->delay_buf_pop_ret = 0;
-    } else {
-        ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+    return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
                                          buf, len);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    return (ret);
 }
 
 static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 2672918..1cdcb8b 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1184,7 +1184,6 @@ struct ssl_st {
 
 typedef struct ssl3_state_st {
     long flags;
-    int delay_buf_pop_ret;
     int read_mac_secret_size;
     unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
     int write_mac_secret_size;


More information about the openssl-commits mailing list