[openssl] master update
kaduk at mit.edu
kaduk at mit.edu
Thu Jul 29 17:33:49 UTC 2021
The branch master has been updated
via b5557666bda56ce4b9464a3dbc65e2a1fa1e482b (commit)
from b5e2b1d8447645b296375bc69b010ac4fedb07ac (commit)
- Log -----------------------------------------------------------------
commit b5557666bda56ce4b9464a3dbc65e2a1fa1e482b
Author: yangyangtiantianlonglong <yangtianlong1224 at 163.com>
Date: Sun Jul 25 11:43:16 2021 +0800
Fix dtls timeout dead code
Delete dtls timeout dead code in dtls1_handle_timeout
Fix: #15559
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/16151)
-----------------------------------------------------------------------
Summary of changes:
include/openssl/dtls1.h | 4 ----
ssl/d1_lib.c | 13 ++++---------
ssl/ssl_local.h | 12 ++----------
3 files changed, 6 insertions(+), 23 deletions(-)
diff --git a/include/openssl/dtls1.h b/include/openssl/dtls1.h
index 985e409725..5dc6b5419c 100644
--- a/include/openssl/dtls1.h
+++ b/include/openssl/dtls1.h
@@ -49,10 +49,6 @@ extern "C" {
# define DTLS1_AL_HEADER_LENGTH 2
-/* Timeout multipliers */
-# define DTLS1_TMO_READ_COUNT 2
-# define DTLS1_TMO_WRITE_COUNT 2
-
# define DTLS1_TMO_ALERT_COUNT 12
#ifdef __cplusplus
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index a986252866..95a34093c9 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -352,7 +352,7 @@ static void dtls1_double_timeout(SSL *s)
void dtls1_stop_timer(SSL *s)
{
/* Reset everything */
- memset(&s->d1->timeout, 0, sizeof(s->d1->timeout));
+ s->d1->timeout_num_alerts = 0;
memset(&s->d1->next_timeout, 0, sizeof(s->d1->next_timeout));
s->d1->timeout_duration_us = 1000000;
BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
@@ -365,10 +365,10 @@ int dtls1_check_timeout_num(SSL *s)
{
size_t mtu;
- s->d1->timeout.num_alerts++;
+ s->d1->timeout_num_alerts++;
/* Reduce MTU after 2 unsuccessful retransmissions */
- if (s->d1->timeout.num_alerts > 2
+ if (s->d1->timeout_num_alerts > 2
&& !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
@@ -376,7 +376,7 @@ int dtls1_check_timeout_num(SSL *s)
s->d1->mtu = mtu;
}
- if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
+ if (s->d1->timeout_num_alerts > DTLS1_TMO_ALERT_COUNT) {
/* fail the connection, enough alerts have been sent */
SSLfatal(s, SSL_AD_NO_ALERT, SSL_R_READ_TIMEOUT_EXPIRED);
return -1;
@@ -402,11 +402,6 @@ int dtls1_handle_timeout(SSL *s)
return -1;
}
- s->d1->timeout.read_timeouts++;
- if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
- s->d1->timeout.read_timeouts = 1;
- }
-
dtls1_start_timer(s);
/* Calls SSLfatal() if required */
return dtls1_retransmit_buffered_messages(s);
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index dd82314602..ce93049180 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -1862,15 +1862,6 @@ struct hm_header_st {
struct dtls1_retransmit_state saved_retransmit_state;
};
-struct dtls1_timeout_st {
- /* Number of read timeouts so far */
- unsigned int read_timeouts;
- /* Number of write timeouts so far */
- unsigned int write_timeouts;
- /* Number of alerts received so far */
- unsigned int num_alerts;
-};
-
typedef struct hm_fragment_st {
struct hm_header_st msg_header;
unsigned char *fragment;
@@ -1916,7 +1907,8 @@ typedef struct dtls1_state_st {
size_t mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
struct hm_header_st r_msg_hdr;
- struct dtls1_timeout_st timeout;
+ /* Number of alerts received so far */
+ unsigned int timeout_num_alerts;
/*
* Indicates when the last handshake msg sent will timeout
*/
More information about the openssl-commits
mailing list