Switch OPENSSL_COMPILE_ASSERT to static_assert in C++ code.

Clang for Windows does not like OPENSSL_COMPILE_ASSERT inside a function
in C++. It complains that the struct is unused. I think we worked around
this in C previously by making it expand to C11 _Static_assert when
available.

But libssl is now C++ and assumes a C++11-capable compiler. Use real
static_assert.

Bug: 132
Change-Id: I6aceb95360244bd2c80d194b80676483abb60519
Reviewed-on: https://boringssl-review.googlesource.com/17924
Reviewed-by: Adam Langley <agl@google.com>

ssl/d1_both.cc

diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc
index f25c2be..ee0ec4f 100644
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc
@@ -122,7 +122,6 @@
 #include <openssl/evp.h>
 #include <openssl/mem.h>
 #include <openssl/rand.h>
-#include <openssl/type_check.h>
 
 #include "../crypto/internal.h"
 #include "internal.h"
@@ -538,9 +537,9 @@
  * it takes ownership of |data| and releases it with |OPENSSL_free| when
  * done. */
 static int add_outgoing(SSL *ssl, int is_ccs, uint8_t *data, size_t len) {
-  OPENSSL_COMPILE_ASSERT(SSL_MAX_HANDSHAKE_FLIGHT <
-                             (1 << 8 * sizeof(ssl->d1->outgoing_messages_len)),
-                         outgoing_messages_len_is_too_small);
+  static_assert(SSL_MAX_HANDSHAKE_FLIGHT <
+                    (1 << 8 * sizeof(ssl->d1->outgoing_messages_len)),
+                "outgoing_messages_len is too small");
   if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT) {
     assert(0);
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);

ssl/handshake_client.cc

diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index dfb9c92..9efbf0a 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -1512,8 +1512,8 @@
   return 1;
 }
 
-OPENSSL_COMPILE_ASSERT(sizeof(size_t) >= sizeof(unsigned),
-                       SIZE_T_IS_SMALLER_THAN_UNSIGNED);
+static_assert(sizeof(size_t) >= sizeof(unsigned),
+              "size_t is smaller than unsigned");
 
 static int ssl3_send_client_key_exchange(SSL_HANDSHAKE *hs) {
   SSL *const ssl = hs->ssl;

ssl/ssl_aead_ctx.cc

diff --git a/ssl/ssl_aead_ctx.cc b/ssl/ssl_aead_ctx.cc
index b78b06b..5264a65 100644
--- a/ssl/ssl_aead_ctx.cc
+++ b/ssl/ssl_aead_ctx.cc
@@ -20,7 +20,6 @@
 #include <openssl/aead.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
-#include <openssl/type_check.h>
 
 #include "../crypto/internal.h"
 #include "internal.h"
@@ -78,8 +77,8 @@
   }
 
   assert(EVP_AEAD_nonce_length(aead) <= EVP_AEAD_MAX_NONCE_LENGTH);
-  OPENSSL_COMPILE_ASSERT(EVP_AEAD_MAX_NONCE_LENGTH < 256,
-                         variable_nonce_len_doesnt_fit_in_uint8_t);
+  static_assert(EVP_AEAD_MAX_NONCE_LENGTH < 256,
+                "variable_nonce_len doesn't fit in uint8_t");
   aead_ctx->variable_nonce_len = (uint8_t)EVP_AEAD_nonce_length(aead);
   if (mac_key_len == 0) {
     assert(fixed_iv_len <= sizeof(aead_ctx->fixed_nonce));

ssl/ssl_buffer.cc

diff --git a/ssl/ssl_buffer.cc b/ssl/ssl_buffer.cc
index e6fd4e8..579899b 100644
--- a/ssl/ssl_buffer.cc
+++ b/ssl/ssl_buffer.cc
@@ -22,16 +22,17 @@
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
-#include <openssl/type_check.h>
 
 #include "../crypto/internal.h"
 #include "internal.h"
 
 
-OPENSSL_COMPILE_ASSERT(0xffff <= INT_MAX, uint16_fits_in_int);
+/* BIO uses int instead of size_t. No lengths will exceed uint16_t, so this will
+ * not overflow. */
+static_assert(0xffff <= INT_MAX, "uint16_t does not fit in int");
 
-OPENSSL_COMPILE_ASSERT((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,
-                       align_to_a_power_of_two);
+static_assert((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,
+              "SSL3_ALIGN_PAYLOAD must be a power of 2");
 
 /* ensure_buffer ensures |buf| has capacity at least |cap|, aligned such that
  * data written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte
@@ -142,9 +143,9 @@
   ssl_read_buffer_discard(ssl);
 
   if (SSL_is_dtls(ssl)) {
-    OPENSSL_COMPILE_ASSERT(
+    static_assert(
         DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH <= 0xffff,
-        dtls_read_buffer_too_large);
+        "DTLS read buffer is too large");
 
     /* The |len| parameter is ignored in DTLS. */
     len = DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
@@ -203,15 +204,16 @@
   return ssl->s3->write_buffer.len > 0;
 }
 
-OPENSSL_COMPILE_ASSERT(SSL3_RT_HEADER_LENGTH * 2 +
-                           SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 +
-                           SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff,
-                       maximum_tls_write_buffer_too_large);
+static_assert(SSL3_RT_HEADER_LENGTH * 2 +
+                      SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 +
+                      SSL3_RT_MAX_PLAIN_LENGTH <=
+                  0xffff,
+              "maximum TLS write buffer is too large");
 
-OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH +
-                           SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD +
-                           SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff,
-                       maximum_dtls_write_buffer_too_large);
+static_assert(DTLS1_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD +
+                      SSL3_RT_MAX_PLAIN_LENGTH <=
+                  0xffff,
+              "maximum DTLS write buffer is too large");
 
 int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) {
   SSL3_BUFFER *buf = &ssl->s3->write_buffer;

ssl/ssl_lib.cc

diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index 346f2c1..7441925 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -173,9 +173,9 @@
 
 /* Some error codes are special. Ensure the make_errors.go script never
  * regresses this. */
-OPENSSL_COMPILE_ASSERT(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ==
-                           SSL_AD_NO_RENEGOTIATION + SSL_AD_REASON_OFFSET,
-                       ssl_alert_reason_code_mismatch);
+static_assert(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ==
+                  SSL_AD_NO_RENEGOTIATION + SSL_AD_REASON_OFFSET,
+              "alert reason code mismatch");
 
 /* kMaxHandshakeSize is the maximum size, in bytes, of a handshake message. */
 static const size_t kMaxHandshakeSize = (1u << 24) - 1;
@@ -1083,7 +1083,7 @@
     return 0;
   }
 
-  OPENSSL_COMPILE_ASSERT(sizeof(cert->sid_ctx) < 256, sid_ctx_too_large);
+  static_assert(sizeof(cert->sid_ctx) < 256, "sid_ctx too large");
   cert->sid_ctx_length = (uint8_t)sid_ctx_len;
   OPENSSL_memcpy(cert->sid_ctx, sid_ctx, sid_ctx_len);
   return 1;

ssl/ssl_privkey.cc

diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index c5994c9..5b620f8 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -64,7 +64,6 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/mem.h>
-#include <openssl/type_check.h>
 
 #include "internal.h"
 #include "../crypto/internal.h"
@@ -271,8 +270,8 @@
                                      size_t num_digests) {
   OPENSSL_free(ssl->cert->sigalgs);
 
-  OPENSSL_COMPILE_ASSERT(sizeof(int) >= 2 * sizeof(uint16_t),
-                         digest_list_conversion_cannot_overflow);
+  static_assert(sizeof(int) >= 2 * sizeof(uint16_t),
+                "sigalgs allocation may overflow");
 
   ssl->cert->num_sigalgs = 0;
   ssl->cert->sigalgs =

ssl/t1_lib.cc

diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index fb0c8dd..76469eb 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -121,7 +121,6 @@
 #include <openssl/mem.h>
 #include <openssl/nid.h>
 #include <openssl/rand.h>
-#include <openssl/type_check.h>
 
 #include "internal.h"
 #include "../crypto/internal.h"
@@ -2639,12 +2638,12 @@
 
 #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension))
 
-OPENSSL_COMPILE_ASSERT(kNumExtensions <=
-                           sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8,
-                       too_many_extensions_for_sent_bitset);
-OPENSSL_COMPILE_ASSERT(
-    kNumExtensions <= sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8,
-    too_many_extensions_for_received_bitset);
+static_assert(kNumExtensions <=
+                  sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8,
+              "too many extensions for sent bitset");
+static_assert(kNumExtensions <=
+                  sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8,
+              "too many extensions for received bitset");
 
 static const struct tls_extension *tls_extension_find(uint32_t *out_index,
                                                       uint16_t value) {
@@ -2960,8 +2959,8 @@
       continue;
     }
 
-    OPENSSL_COMPILE_ASSERT(kNumExtensions <= sizeof(hs->extensions.sent) * 8,
-                           too_many_bits);
+    static_assert(kNumExtensions <= sizeof(hs->extensions.sent) * 8,
+                  "too many bits");
 
     if (!(hs->extensions.sent & (1u << ext_index)) &&
         type != TLSEXT_TYPE_renegotiate) {
@@ -3486,9 +3485,9 @@
     return -1;
   }
 
-  OPENSSL_COMPILE_ASSERT(
+  static_assert(
       sizeof(hs->new_session->original_handshake_hash) == EVP_MAX_MD_SIZE,
-      original_handshake_hash_is_too_small);
+      "original_handshake_hash is too small");
 
   size_t digest_len;
   if (!SSL_TRANSCRIPT_get_hash(&hs->transcript,
@@ -3497,7 +3496,8 @@
     return -1;
   }
 
-  OPENSSL_COMPILE_ASSERT(EVP_MAX_MD_SIZE <= 0xff, max_md_size_is_too_large);
+  static_assert(EVP_MAX_MD_SIZE <= 0xff,
+                "EVP_MAX_MD_SIZE does not fit in uint8_t");
   hs->new_session->original_handshake_hash_len = (uint8_t)digest_len;
 
   return 1;