Remove support for SSL3_FLAGS_DELAY_CLIENT_FINISHED

This flag was not set anywhere within the codebase (only read). It could only be set by an app reaching directly into s->s3->flags and setting it directly. However that method became impossible when libssl was opaquified. Even in 1.0.2/1.0.1 if an app set the flag directly it is only relevant to ssl3_connect(), which calls SSL_clear() during initialisation that clears any flag settings. Therefore it could take effect if the app set the flag after the handshake has started but before it completed. It seems quite unlikely that any apps really do this (especially as it is completely undocumented). The purpose of the flag is suppress flushing of the write bio on the client side at the end of the handshake after the client has written the Finished message whilst resuming a session. This enables the client to send application data as part of the same flight as the Finished message. This flag also controls the setting of a second flag SSL3_FLAGS_POP_BUFFER. There is an interesting comment in the code about this second flag in the implementation of ssl3_write: /* This is an experimental flag that sends the * last handshake message in the same packet as the first * use data - used to see if it helps the TCP protocol during * session-id reuse */ It seems the experiment did not work because as far as I can tell nothing is using this code. The above comment has been in the code since SSLeay. This commit removes support for SSL3_FLAGS_DELAY_CLIENT_FINISHED, as well as the associated SSL3_FLAGS_POP_BUFFER. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-07-21 00:02:39 +0100
committer: Matt Caswell <matt@openssl.org> 2015-07-27 15:00:05 +0100
commit: 57787ac81444938a876f185cdd73875c8f53e208 (patch)
tree: 1b6f66591c0117283b801ae50cd73f5c2ee4e6aa /ssl/d1_clnt.c
parent: f4ee22be03bb8318b1e0f00e116be231ba12fdef (diff)
1 files changed, 2 insertions, 20 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 8940abc41f..fde0defef9 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -604,8 +604,6 @@ int dtls1_connect(SSL *s)
                 goto end;
             s->state = SSL3_ST_CW_FLUSH;
 
-            /* clear flags */
-            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
             if (s->hit) {
                 s->s3->tmp.next_state = SSL_ST_OK;
 #ifndef OPENSSL_NO_SCTP
@@ -614,17 +612,6 @@ int dtls1_connect(SSL *s)
                     s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
                 }
 #endif
-                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                    s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                        s->d1->next_state = SSL_ST_OK;
-                        s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                    }
-#endif
-                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                    s->s3->delay_buf_pop_ret = 0;
-                }
             } else {
 #ifndef OPENSSL_NO_SCTP
                 /*
@@ -711,13 +698,8 @@ int dtls1_connect(SSL *s)
             /* clean a few things up */
             ssl3_cleanup_key_block(s);
 
-            /*
-             * If we are not 'joining' the last two packets, remove the
-             * buffering now
-             */
-            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-                ssl_free_wbio_buffer(s);
-            /* else do it later in ssl3_write */
+            /* Remove the buffering */
+            ssl_free_wbio_buffer(s);
 
             s->init_num = 0;
             s->renegotiate = 0;
author	Matt Caswell <matt@openssl.org>	2015-07-21 00:02:39 +0100
committer	Matt Caswell <matt@openssl.org>	2015-07-27 15:00:05 +0100
commit	57787ac81444938a876f185cdd73875c8f53e208 (patch)
tree	1b6f66591c0117283b801ae50cd73f5c2ee4e6aa /ssl/d1_clnt.c
parent	f4ee22be03bb8318b1e0f00e116be231ba12fdef (diff)