[openssl-dev] State machine rewrite
John Foley
foleyj at cisco.com
Fri Sep 11 15:07:27 UTC 2015
+1
It's great to see improvements in the state machine along with
consolidated handlers for TLS/DTLS. Having said that, have you
considered using a state transition table instead of long switch
statements to enforce the state transition rules? This would improve
the maintainability of the code. Here's a trivial example:
http://www.gedan.net/2008/09/08/finite-state-machine-matrix-style-c-implementation/
On 09/11/2015 10:34 AM, Matt Caswell wrote:
> I've just opened a github pull request to show recent work I have been
> doing on rewriting the OpenSSL state machine (for version 1.1.0). See:
> https://github.com/openssl/openssl/pull/394
>
> My objectives for the rewrite were:
>
> - Remove duplication of state code between client and server
> - Remove duplication of state code between TLS and DTLS
> - Simplify transitions and bring the logic together in a single location
> so that it is easier to validate
> - Remove duplication of code between each of the message handling functions
> - Receive a message first and then work out whether that is a valid
> transition - not the other way around (the other way causes lots of
> issues where we are expecting one type of message next but actually get
> something else)
> - Separate message flow state from handshake state (in order to better
> understand each)
> - message flow state = when to flush buffers; handling restarts in the
> event of NBIO events; handling the common flow of steps for reading a
> message and the common flow of steps for writing a message etc
> - handshake state = what handshake message are we working on now
> - Control complexity: only the state machine can change state: keep all
> the state changes local to the state machine component
>
> The message flow state machine is divided into a reading sub-state
> machine and a writing sub-state machine. See the source comments in
> ssl/statem/statem.c for a more detailed description of the various
> states and transitions possible. Also see ssl/statem/README for
> additional info.
>
> One issue is that the patch as it is currently removes support for
> DTLSv1_listen. I have another patch to add that back in (in a completely
> different way) - but it needs a bit more work yet.
>
> I am interested in hearing any feedback you may have on the code
> (ideally as comments in the pull request). I would also be keen to hear
> of any problems you might encounter whilst using this code. You can
> check it out from my github repo:
> https://github.com/mattcaswell/openssl
>
> See the state-machine-rewrite branch.
>
> Thanks
>
> Matt
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
More information about the openssl-dev
mailing list