diff options
| author | David Benjamin <davidben@chromium.org> | 2014-11-07 08:48:32 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-11-11 01:39:24 +0300 |
| commit | 60e799276419e843b6af13de69f26582a97ed67e (patch) | |
| tree | 6f8cf423e03eeb46df8266f828876bad03ecfa9d /ssl/d1_srvr.c | |
| parent | b044020f84803dca2878b84e314b4f74f13d4c80 (diff) | |
Remove DTLSv1_listen.
This was added in http://rt.openssl.org/Ticket/Display.html?id=2033 to support
a mode where a DTLS socket would statelessly perform the ClientHello /
HelloVerifyRequest portion of the handshake, to be handed off to a socket
specific to this peer address.
This is not used by WebRTC or other current consumers. If we need to support
something like this, it would be cleaner to do the listen portion (cookieless
ClientHello + HelloVerifyRequest) externally and then spin up an SSL instance
on receipt of a cookied ClientHello. This would require a slightly more complex
BIO to replay the second ClientHello but would avoid peppering the DTLS
handshake state with a special short-circuiting mode.
Change-Id: I7a413932edfb62f8b9368912a9a0621d4155f1aa
Reviewed-on: https://boringssl-review.googlesource.com/2220
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/d1_srvr.c')
| -rw-r--r-- | ssl/d1_srvr.c | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index e1c56167..28c75fcc 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -166,7 +166,6 @@ int dtls1_accept(SSL *s) unsigned long alg_a; int ret= -1; int new_state,state,skip=0; - int listen; ERR_clear_error(); ERR_clear_system_error(); @@ -175,15 +174,11 @@ int dtls1_accept(SSL *s) cb=s->info_callback; else if (s->ctx->info_callback != NULL) cb=s->ctx->info_callback; - - listen = s->d1->listen; /* init things to blank */ s->in_handshake++; if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - s->d1->listen = listen; - if (s->cert == NULL) { OPENSSL_PUT_ERROR(SSL, dtls1_accept, SSL_R_NO_CERTIFICATE_SET); @@ -295,27 +290,6 @@ int dtls1_accept(SSL *s) s->state = SSL3_ST_SW_SRVR_HELLO_A; s->init_num=0; - - /* Reflect ClientHello sequence to remain stateless while listening */ - if (listen) - { - memcpy(s->s3->write_sequence, s->s3->read_sequence, sizeof(s->s3->write_sequence)); - } - - /* If we're just listening, stop here */ - if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - ret = 2; - s->d1->listen = 0; - /* Set expected sequence numbers - * to continue the handshake. - */ - s->d1->handshake_read_seq = 2; - s->d1->handshake_write_seq = 1; - s->d1->next_handshake_write_seq = 1; - goto end; - } - break; case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A: |