Benjamin Kaduk 2aaa0b146b Restore sensible "sess_accept" counter tracking 6 lat temu
..
README f0de395950 Add a state machine README 9 lat temu
extensions.c 2aaa0b146b Restore sensible "sess_accept" counter tracking 6 lat temu
extensions_clnt.c b5b993b229 Use the same min-max version range on the client consistently 6 lat temu
extensions_cust.c 6738bf1417 Update copyright year 6 lat temu
extensions_srvr.c 51256b34d8 Send a NewSessionTicket after using an external PSK 6 lat temu
statem.c 6839a7a7f4 Fix a possible recursion in SSLfatal handling 6 lat temu
statem.h de9e884b2f Tolerate encrypted or plaintext alerts 6 lat temu
statem_clnt.c e45620140f Don't call the client_cert_cb immediately in TLSv1.3 6 lat temu
statem_dtls.c a925e7dbf4 Don't memcpy the contents of an empty fragment 6 lat temu
statem_lib.c e45620140f Don't call the client_cert_cb immediately in TLSv1.3 6 lat temu
statem_locl.h 5d67110173 Don't calculate the Finished MAC twice 6 lat temu
statem_srvr.c 01666a8c1d Fix a DTLS memory leak 6 lat temu

README

State Machine Design
====================

This file provides some guidance on the thinking behind the design of the
state machine code to aid future maintenance.

The state machine code replaces an older state machine present in OpenSSL
versions 1.0.2 and below. The new state machine has the following objectives:
- Remove duplication of state code between client and server
- Remove duplication of state code between TLS and DTLS
- Simplify transitions and bring the logic together in a single location
so that it is easier to validate
- Remove duplication of code between each of the message handling functions
- Receive a message first and then work out whether that is a valid
transition - not the other way around (the other way causes lots of issues
where we are expecting one type of message next but actually get something
else)
- Separate message flow state from handshake state (in order to better
understand each)
- message flow state = when to flush buffers; handling restarts in the
event of NBIO events; handling the common flow of steps for reading a
message and the common flow of steps for writing a message etc
- handshake state = what handshake message are we working on now
- Control complexity: only the state machine can change state: keep all
the state changes local to the state machine component

The message flow state machine is divided into a reading sub-state machine and a
writing sub-state machine. See the source comments in statem.c for a more
detailed description of the various states and transitions possible.

Conceptually the state machine component is designed as follows:

libssl
|
---------------------------|-----statem.h--------------------------------------
|
_______V____________________
| |
| statem.c |
| |
| Core state machine code |
|____________________________|
statem_locl.h ^ ^
_________| |_______
| |
_____________|____________ _____________|____________
| | | |
| statem_clnt.c | | statem_srvr.c |
| | | |
| TLS/DTLS client specific | | TLS/DTLS server specific |
| state machine code | | state machine code |
|__________________________| |__________________________|
| |_______________|__ |
| ________________| | |
| | | |
____________V_______V________ ________V______V_______________
| | | |
| statem_both.c | | statem_dtls.c |
| | | |
| Non core functions common | | Non core functions common to |
| to both servers and clients | | both DTLS servers and clients |
|_____________________________| |_______________________________|