Remove DTLS processed_rcds queue.

When DTLS handshake records are received from the next epoch, we will
potentially queue them on the unprocessed_rcds queue - this is usually
a Finished message that has been received without the ChangeCipherSuite
(CCS) message (which may have been dropped or reordered).

After the epoch increments (due to the CCS being received), the current
code processes all records on the unprocessed queue and immediate queues
them on the processed queue, which dtls1_get_record() then pulls from.
This form of processing only adds more complexity and another queue.

Instead, once the epoch increments, pull a single record from the
unprocessed queue and process it, allowing the contents to be consumed
by the caller. We repeat this process until the unprocessed queue is
empty, at which point we go back to consuming messages from the wire.

ok inoguchi@ tb@

1 files changed, 2 insertions, 3 deletions

diff --git a/src/lib/libssl/dtls_locl.h b/src/lib/libssl/dtls_locl.h
index 9e0699d098..bc28ce8559 100644
--- a/src/lib/libssl/dtls_locl.h
+++ b/src/lib/libssl/dtls_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dtls_locl.h,v 1.2 2021/07/19 08:42:24 jsing Exp $ */
+/* $OpenBSD: dtls_locl.h,v 1.3 2021/07/21 08:42:14 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -151,9 +151,8 @@ typedef struct dtls1_state_internal_st {
 
         unsigned short handshake_read_seq;
 
-        /* Received handshake records (processed and unprocessed) */
+        /* Received handshake records (unprocessed) */
         record_pqueue unprocessed_rcds;
-        record_pqueue processed_rcds;
 
         /* Buffered handshake messages */
         struct _pqueue *buffered_messages;