Convert a few more ints to bools in libssl.
There was even a bug where we returned -1 out of a function whose
callers use !.
Change-Id: Ic815ea9f013bcbca41ef84b9ffa9fb867f716aa6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58465
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc
index 5b61eba..979ac59 100644
--- a/ssl/ssl_session.cc
+++ b/ssl/ssl_session.cc
@@ -400,7 +400,7 @@
return true;
}
-int ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx) {
+bool ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx) {
OPENSSL_timeval now;
ssl_ctx_get_current_time(ctx, &now);
{
@@ -412,7 +412,7 @@
ctx->ticket_key_current->next_rotation_tv_sec > now.tv_sec) &&
(!ctx->ticket_key_prev ||
ctx->ticket_key_prev->next_rotation_tv_sec > now.tv_sec)) {
- return 1;
+ return true;
}
}
@@ -423,7 +423,7 @@
// The current key has not been initialized or it is expired.
auto new_key = bssl::MakeUnique<TicketKey>();
if (!new_key) {
- return 0;
+ return false;
}
RAND_bytes(new_key->name, 16);
RAND_bytes(new_key->hmac_key, 16);
@@ -447,7 +447,7 @@
ctx->ticket_key_prev.reset();
}
- return 1;
+ return true;
}
static int ssl_encrypt_ticket_with_cipher_ctx(SSL_HANDSHAKE *hs, CBB *out,
@@ -560,30 +560,28 @@
return 1;
}
-int ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
+bool ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
const SSL_SESSION *session) {
// Serialize the SSL_SESSION to be encoded into the ticket.
- uint8_t *session_buf = NULL;
+ uint8_t *session_buf = nullptr;
size_t session_len;
if (!SSL_SESSION_to_bytes_for_ticket(session, &session_buf, &session_len)) {
- return -1;
+ return false;
}
+ bssl::UniquePtr<uint8_t> free_session_buf(session_buf);
- int ret = 0;
if (hs->ssl->session_ctx->ticket_aead_method) {
- ret = ssl_encrypt_ticket_with_method(hs, out, session_buf, session_len);
+ return ssl_encrypt_ticket_with_method(hs, out, session_buf, session_len);
} else {
- ret = ssl_encrypt_ticket_with_cipher_ctx(hs, out, session_buf, session_len);
+ return ssl_encrypt_ticket_with_cipher_ctx(hs, out, session_buf,
+ session_len);
}
-
- OPENSSL_free(session_buf);
- return ret;
}
-int ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
- const SSL_SESSION *session) {
+bool ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
+ const SSL_SESSION *session) {
if (session == NULL) {
- return 0;
+ return false;
}
return session->sid_ctx_length == hs->config->cert->sid_ctx_length &&
@@ -591,9 +589,9 @@
hs->config->cert->sid_ctx_length) == 0;
}
-int ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session) {
+bool ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session) {
if (session == NULL) {
- return 0;
+ return false;
}
struct OPENSSL_timeval now;
@@ -601,14 +599,14 @@
// Reject tickets from the future to avoid underflow.
if (now.tv_sec < session->time) {
- return 0;
+ return false;
}
return session->timeout > now.tv_sec - session->time;
}
-int ssl_session_is_resumable(const SSL_HANDSHAKE *hs,
- const SSL_SESSION *session) {
+bool ssl_session_is_resumable(const SSL_HANDSHAKE *hs,
+ const SSL_SESSION *session) {
const SSL *const ssl = hs->ssl;
return ssl_session_is_context_valid(hs, session) &&
// The session must have been created by the same type of end point as
