Remove remaining old listen code

The old implementation of DTLSv1_listen which has now been replaced still
had a few vestiges scattered throughout the code. This commit removes them.

Reviewed-by: Andy Polyakov <appro@openssl.org>

ssl/d1_both.c

@@ -530,10 +530,9 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
 
     memset(msg_hdr, 0, sizeof(*msg_hdr));
 
-    /* Don't change sequence numbers while listening */
-    if (!s->d1->listen)
     s->d1->handshake_read_seq++;
 
+
     s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
     return s->init_num;
 
@@ -946,8 +945,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, int mt, long max, int *ok)
      * While listening, we accept seq 1 (ClientHello with cookie)
      * although we're still expecting seq 0 (ClientHello)
      */
-    if (msg_hdr.seq != s->d1->handshake_read_seq
+    if (msg_hdr.seq != s->d1->handshake_read_seq)
-        && !(s->d1->listen && msg_hdr.seq == 1))
         return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
 
     if (frag_len && frag_len < len)
@@ -1300,8 +1298,7 @@ void dtls1_set_message_header(SSL *s, unsigned char *p,
                                         unsigned long frag_off,
                                         unsigned long frag_len)
 {
-    /* Don't change sequence numbers while listening */
+    if (frag_off == 0) {
-    if (frag_off == 0 && !s->d1->listen) {
         s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
         s->d1->next_handshake_write_seq++;
     }

ssl/d1_srvr.c

@@ -165,7 +165,6 @@ int dtls1_accept(SSL *s)
     unsigned long alg_k;
     int ret = -1;
     int new_state, state, skip = 0;
-    int listen;
 #ifndef OPENSSL_NO_SCTP
     unsigned char sctpauthkey[64];
     char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
@@ -180,8 +179,6 @@ int dtls1_accept(SSL *s)
     else if (s->ctx->info_callback != NULL)
         cb = s->ctx->info_callback;
 
-    listen = s->d1->listen;
-
     /* init things to blank */
     s->in_handshake++;
     if (!SSL_in_init(s) || SSL_in_before(s)) {
@@ -189,7 +186,6 @@ int dtls1_accept(SSL *s)
             return -1;
     }
 
-    s->d1->listen = listen;
 #ifndef OPENSSL_NO_SCTP
     /*
      * Notify SCTP BIO socket to enter handshake mode and prevent stream
@@ -327,28 +323,6 @@ int dtls1_accept(SSL *s)
                 s->state = SSL3_ST_SW_SRVR_HELLO_A;
 
             s->init_num = 0;
-
-            /*
-             * Reflect ClientHello sequence to remain stateless while
-             * listening
-             */
-            if (listen) {
-                DTLS_RECORD_LAYER_resync_write(&s->rlayer);
-            }
-
-            /* If we're just listening, stop here */
-            if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
-                ret = 2;
-                s->d1->listen = 0;
-                /*
-                 * Set expected sequence numbers to continue the handshake.
-                 */
-                s->d1->handshake_read_seq = 2;
-                s->d1->handshake_write_seq = 1;
-                s->d1->next_handshake_write_seq = 1;
-                goto end;
-            }
-
             break;
 
         case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:

ssl/record/rec_layer_d1.c

@@ -511,11 +511,6 @@ int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
         }
     }
 
-    if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
-        SSL3_RECORD_set_length(rr, 0);
-        goto start;
-    }
-
     /* we now have a packet which can be read and processed */
 
     if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,

ssl/record/ssl3_record.c

@@ -1508,18 +1508,8 @@ int dtls1_get_record(SSL *s)
     /* Only do replay check if no SCTP bio */
     if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
 #endif
-        /*
+        /* Check whether this is a repeat, or aged record. */
-         * Check whether this is a repeat, or aged record. Don't check if
+        if (!dtls1_record_replay_check(s, bitmap)) {
-         * we're listening and this message is a ClientHello. They can look
-         * as if they're replayed, since they arrive from different
-         * connections and would be dropped unnecessarily.
-         */
-        if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
-              RECORD_LAYER_get_packet_length(&s->rlayer)
-                  > DTLS1_RT_HEADER_LENGTH &&
-              RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]
-                  == SSL3_MT_CLIENT_HELLO) &&
-            !dtls1_record_replay_check(s, bitmap)) {
             rr->length = 0;
             RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
             goto again;         /* get another record */
@@ -1535,11 +1525,10 @@ int dtls1_get_record(SSL *s)
     /*
      * If this record is from the next epoch (either HM or ALERT), and a
      * handshake is currently in progress, buffer it since it cannot be
-     * processed at this time. However, do not buffer anything while
+     * processed at this time.
-     * listening.
      */
     if (is_next_epoch) {
-        if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
+        if ((SSL_in_init(s) || s->in_handshake)) {
             if (dtls1_buffer_record
                 (s, &(DTLS_RECORD_LAYER_get_unprocessed_rcds(&s->rlayer)),
                 rr->seq_num) < 0)

ssl/ssl_locl.h

@@ -1431,8 +1431,6 @@ typedef struct dtls1_state_st {
     /* Buffered (sent) handshake records */
     pqueue sent_messages;
 
-    /* Is set when listening for new connections with dtls1_listen() */
-    unsigned int listen;
     unsigned int link_mtu;      /* max on-the-wire DTLS packet size */
     unsigned int mtu;           /* max DTLS packet size */
     struct hm_header_st w_msg_hdr;