commit cfc11c23209f91eb92fba223d23a7fc0eb3b7bd4
author David Benjamin <davidben@google.com> Tue Jul 18 22:45:18 2017 -0400
committer David Benjamin <davidben@google.com> Thu Jul 20 03:17:06 2017 +0000
tree 304a72bca146cfabf918e6b735d80c356a7fff11
parent 86e95b852eb4a1e43116cb6951b450b78bd52b4b

C++-ify SSL_AEAD_CTX.

This adds several utilities as replacements for new and delete and makes
bssl::UniquePtr work with our private types.

Later work can convert more incrementally. I did this one more
aggressively to see how it'd work. Unfortunately, in doing so, I needed
to remove the NULL SSL_AEAD_CTX "method" receiver trick to appease
clang. The null cipher is now represented by a concrete SSL_AEAD_CTX.
The long-lived references to SSL_AEAD_CTX are not yet in types with
constructors, so they still bare Delete rather than UniquePtr for now.

Though this does mean we may be able to move the sequence number into
SSLAEADContext later which is one less object for DTLS to carry around.

Bug: 132
Change-Id: I506b404addafb692055d5709b0ca6d5439a4e6be
Reviewed-on: https://boringssl-review.googlesource.com/18164
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

ssl/dtls_method.cc

diff --git a/ssl/dtls_method.cc b/ssl/dtls_method.cc
index 426c6a8..245f1c3 100644
--- a/ssl/dtls_method.cc
+++ b/ssl/dtls_method.cc
@@ -78,12 +78,11 @@
 
 static void dtls1_received_flight(SSL *ssl) { dtls1_stop_timer(ssl); }
 
-static int dtls1_set_read_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
+static int dtls1_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
   /* Cipher changes are illegal when there are buffered incoming messages. */
   if (dtls_has_incoming_messages(ssl)) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFERED_MESSAGES_ON_CIPHER_CHANGE);
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-    SSL_AEAD_CTX_free(aead_ctx);
     return 0;
   }
 
@@ -91,19 +90,20 @@
   OPENSSL_memset(&ssl->d1->bitmap, 0, sizeof(ssl->d1->bitmap));
   OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
 
-  SSL_AEAD_CTX_free(ssl->s3->aead_read_ctx);
-  ssl->s3->aead_read_ctx = aead_ctx;
+  Delete(ssl->s3->aead_read_ctx);
+  ssl->s3->aead_read_ctx = aead_ctx.release();
   return 1;
 }
 
-static int dtls1_set_write_state(SSL *ssl, SSL_AEAD_CTX *aead_ctx) {
+static int dtls1_set_write_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
   ssl->d1->w_epoch++;
   OPENSSL_memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
                  sizeof(ssl->s3->write_sequence));
   OPENSSL_memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
 
-  SSL_AEAD_CTX_free(ssl->s3->aead_write_ctx);
-  ssl->s3->aead_write_ctx = aead_ctx;
+  Delete(ssl->d1->last_aead_write_ctx);
+  ssl->d1->last_aead_write_ctx = ssl->s3->aead_write_ctx;
+  ssl->s3->aead_write_ctx = aead_ctx.release();
   return 1;
 }