Use more scopers.
Change-Id: I34dd0a57efd5435fcdc59a3c7b1ce806bc0cbb3e
Reviewed-on: https://boringssl-review.googlesource.com/21946
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index f5d1202..c8e6c94 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -208,13 +208,12 @@
void ssl_set_read_error(SSL* ssl) {
ssl->s3->read_shutdown = ssl_shutdown_error;
- ERR_SAVE_STATE_free(ssl->s3->read_error);
- ssl->s3->read_error = ERR_save_state();
+ ssl->s3->read_error.reset(ERR_save_state());
}
static bool check_read_error(const SSL *ssl) {
if (ssl->s3->read_shutdown == ssl_shutdown_error) {
- ERR_restore_state(ssl->s3->read_error);
+ ERR_restore_state(ssl->s3->read_error.get());
return false;
}
return true;
@@ -300,16 +299,16 @@
// A client may see new sessions on abbreviated handshakes if the server
// decides to renew the ticket. Once the handshake is completed, it should be
// inserted into the cache.
- if (ssl->s3->established_session != ssl->session ||
+ if (ssl->s3->established_session.get() != ssl->session ||
(!ssl->server && hs->ticket_expected)) {
if (use_internal_cache) {
- SSL_CTX_add_session(ctx, ssl->s3->established_session);
+ SSL_CTX_add_session(ctx, ssl->s3->established_session.get());
}
if (ctx->new_session_cb != NULL) {
- SSL_SESSION_up_ref(ssl->s3->established_session);
- if (!ctx->new_session_cb(ssl, ssl->s3->established_session)) {
+ SSL_SESSION_up_ref(ssl->s3->established_session.get());
+ if (!ctx->new_session_cb(ssl, ssl->s3->established_session.get())) {
// |new_session_cb|'s return value signals whether it took ownership.
- SSL_SESSION_free(ssl->s3->established_session);
+ SSL_SESSION_free(ssl->s3->established_session.get());
}
}
}
@@ -860,7 +859,7 @@
}
// Run the handshake.
- SSL_HANDSHAKE *hs = ssl->s3->hs;
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
bool early_return = false;
int ret = ssl_run_handshake(hs, &early_return);
@@ -872,8 +871,7 @@
// Destroy the handshake object if the handshake has completely finished.
if (!early_return) {
- ssl_handshake_free(ssl->s3->hs);
- ssl->s3->hs = NULL;
+ ssl->s3->hs.reset();
}
return 1;
@@ -943,12 +941,12 @@
}
// Begin a new handshake.
- if (ssl->s3->hs != NULL) {
+ if (ssl->s3->hs != nullptr) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0;
}
ssl->s3->hs = ssl_handshake_new(ssl);
- if (ssl->s3->hs == NULL) {
+ if (ssl->s3->hs == nullptr) {
return 0;
}
@@ -1125,7 +1123,7 @@
// time out because the peer never received our close_notify. Report to
// the caller that the channel has fully shut down.
if (ssl->s3->read_shutdown == ssl_shutdown_error) {
- ERR_restore_state(ssl->s3->read_error);
+ ERR_restore_state(ssl->s3->read_error.get());
return -1;
}
ssl->s3->read_shutdown = ssl_shutdown_close_notify;
@@ -1190,7 +1188,7 @@
}
void SSL_reset_early_data_reject(SSL *ssl) {
- SSL_HANDSHAKE *hs = ssl->s3->hs;
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
if (hs == NULL ||
hs->wait != ssl_hs_early_data_rejected) {
abort();
@@ -1863,7 +1861,7 @@
return ssl->tlsext_hostname;
}
- return ssl->s3->hostname;
+ return ssl->s3->hostname.get();
}
int SSL_get_servername_type(const SSL *ssl) {
@@ -1996,8 +1994,8 @@
void SSL_get0_next_proto_negotiated(const SSL *ssl, const uint8_t **out_data,
unsigned *out_len) {
- *out_data = ssl->s3->next_proto_negotiated;
- *out_len = ssl->s3->next_proto_negotiated_len;
+ *out_data = ssl->s3->next_proto_negotiated.data();
+ *out_len = ssl->s3->next_proto_negotiated.size();
}
void SSL_CTX_set_next_protos_advertised_cb(
@@ -2054,8 +2052,8 @@
*out_data = ssl->s3->hs->early_session->early_alpn;
*out_len = ssl->s3->hs->early_session->early_alpn_len;
} else {
- *out_data = ssl->s3->alpn_selected;
- *out_len = ssl->s3->alpn_selected_len;
+ *out_data = ssl->s3->alpn_selected.data();
+ *out_len = ssl->s3->alpn_selected.size();
}
}
@@ -2434,7 +2432,7 @@
// This returns false once all the handshake state has been finalized, to
// allow callbacks and getters based on SSL_in_init to return the correct
// values.
- SSL_HANDSHAKE *hs = ssl->s3->hs;
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
return hs != nullptr && !hs->handshake_finalized;
}
@@ -2547,7 +2545,7 @@
}
const SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl) {
- SSL_HANDSHAKE *hs = ssl->s3->hs;
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
if (hs == NULL) {
return NULL;
}
@@ -2574,10 +2572,10 @@
// In OpenSSL, reusing a client |SSL| with |SSL_clear| causes the previously
// established session to be offered the next time around. wpa_supplicant
// depends on this behavior, so emulate it.
- SSL_SESSION *session = NULL;
+ UniquePtr<SSL_SESSION> session;
if (!ssl->server && ssl->s3->established_session != NULL) {
- session = ssl->s3->established_session;
- SSL_SESSION_up_ref(session);
+ session.reset(ssl->s3->established_session.get());
+ SSL_SESSION_up_ref(session.get());
}
// TODO(davidben): Some state on |ssl| is reset both in |SSL_new| and
@@ -2602,7 +2600,6 @@
ssl->method->ssl_free(ssl);
if (!ssl->method->ssl_new(ssl)) {
- SSL_SESSION_free(session);
return 0;
}
@@ -2610,9 +2607,8 @@
ssl->d1->mtu = mtu;
}
- if (session != NULL) {
- SSL_set_session(ssl, session);
- SSL_SESSION_free(session);
+ if (session != nullptr) {
+ SSL_set_session(ssl, session.get());
}
return 1;
