Replace Scoped* heap types with bssl::UniquePtr.
Unlike the Scoped* types, bssl::UniquePtr is available to C++ users, and
offered for a large variety of types. The 'extern "C++"' trick is used
to make the C++ bits digestible to C callers that wrap header files in
'extern "C"'.
Change-Id: Ifbca4c2997d6628e33028c7d7620c72aff0f862e
Reviewed-on: https://boringssl-review.googlesource.com/10521
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 1bf0b24..78900e9 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -31,7 +31,6 @@
#include <openssl/x509.h>
#include "internal.h"
-#include "test/scoped_types.h"
#include "../crypto/internal.h"
#include "../crypto/test/test_util.h"
@@ -320,7 +319,7 @@
}
static bool TestCipherRule(const CipherTest &t) {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
@@ -352,7 +351,7 @@
}
static bool TestRuleDoesNotIncludeNull(const char *rule) {
- ScopedSSL_CTX ctx(SSL_CTX_new(SSLv23_server_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(SSLv23_server_method()));
if (!ctx) {
return false;
}
@@ -370,7 +369,7 @@
}
static bool TestRuleDoesNotIncludeCECPQ1(const char *rule) {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
@@ -395,7 +394,7 @@
}
for (const char *rule : kBadRules) {
- ScopedSSL_CTX ctx(SSL_CTX_new(SSLv23_server_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(SSLv23_server_method()));
if (!ctx) {
return false;
}
@@ -631,7 +630,7 @@
}
// Verify the SSL_SESSION decodes.
- ScopedSSL_SESSION session(SSL_SESSION_from_bytes(input.data(), input.size()));
+ bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(input.data(), input.size()));
if (!session) {
fprintf(stderr, "SSL_SESSION_from_bytes failed\n");
return false;
@@ -639,7 +638,7 @@
// Verify the SSL_SESSION encoding round-trips.
size_t encoded_len;
- ScopedOpenSSLBytes encoded;
+ bssl::UniquePtr<uint8_t> encoded;
uint8_t *encoded_raw;
if (!SSL_SESSION_to_bytes(session.get(), &encoded_raw, &encoded_len)) {
fprintf(stderr, "SSL_SESSION_to_bytes failed\n");
@@ -700,7 +699,7 @@
}
// Verify that the SSL_SESSION fails to decode.
- ScopedSSL_SESSION session(SSL_SESSION_from_bytes(input.data(), input.size()));
+ bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(input.data(), input.size()));
if (session) {
fprintf(stderr, "SSL_SESSION_from_bytes unexpectedly succeeded\n");
return false;
@@ -711,7 +710,7 @@
static bool TestDefaultVersion(uint16_t min_version, uint16_t max_version,
const SSL_METHOD *(*method)(void)) {
- ScopedSSL_CTX ctx(SSL_CTX_new(method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(method()));
if (!ctx) {
return false;
}
@@ -728,7 +727,7 @@
if (cipher == NULL) {
return false;
}
- ScopedOpenSSLString rfc_name(SSL_CIPHER_get_rfc_name(cipher));
+ bssl::UniquePtr<char> rfc_name(SSL_CIPHER_get_rfc_name(cipher));
if (!rfc_name) {
return false;
}
@@ -794,12 +793,12 @@
// CreateSessionWithTicket returns a sample |SSL_SESSION| with the ticket
// replaced for one of length |ticket_len| or nullptr on failure.
-static ScopedSSL_SESSION CreateSessionWithTicket(size_t ticket_len) {
+static bssl::UniquePtr<SSL_SESSION> CreateSessionWithTicket(size_t ticket_len) {
std::vector<uint8_t> der;
if (!DecodeBase64(&der, kOpenSSLSession)) {
return nullptr;
}
- ScopedSSL_SESSION session(SSL_SESSION_from_bytes(der.data(), der.size()));
+ bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(der.data(), der.size()));
if (!session) {
return nullptr;
}
@@ -819,7 +818,7 @@
}
static bool GetClientHello(SSL *ssl, std::vector<uint8_t> *out) {
- ScopedBIO bio(BIO_new(BIO_s_mem()));
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
if (!bio) {
return false;
}
@@ -846,12 +845,12 @@
// |ticket_len| and records the ClientHello. It returns the length of the
// ClientHello, not including the record header, on success and zero on error.
static size_t GetClientHelloLen(size_t ticket_len) {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_SESSION session = CreateSessionWithTicket(ticket_len);
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_SESSION> session = CreateSessionWithTicket(ticket_len);
if (!ctx || !session) {
return 0;
}
- ScopedSSL ssl(SSL_new(ctx.get()));
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
if (!ssl || !SSL_set_session(ssl.get(), session.get())) {
return 0;
}
@@ -916,11 +915,11 @@
// Test that |SSL_get_client_CA_list| echoes back the configured parameter even
// before configuring as a server.
static bool TestClientCAList() {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
- ScopedSSL ssl(SSL_new(ctx.get()));
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
if (!ssl) {
return false;
}
@@ -974,8 +973,8 @@
return actual == expected_copy;
}
-static ScopedSSL_SESSION CreateTestSession(uint32_t number) {
- ScopedSSL_SESSION ret(SSL_SESSION_new());
+static bssl::UniquePtr<SSL_SESSION> CreateTestSession(uint32_t number) {
+ bssl::UniquePtr<SSL_SESSION> ret(SSL_SESSION_new());
if (!ret) {
return nullptr;
}
@@ -988,15 +987,15 @@
// Test that the internal session cache behaves as expected.
static bool TestInternalSessionCache() {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
// Prepare 10 test sessions.
- std::vector<ScopedSSL_SESSION> sessions;
+ std::vector<bssl::UniquePtr<SSL_SESSION>> sessions;
for (int i = 0; i < 10; i++) {
- ScopedSSL_SESSION session = CreateTestSession(i);
+ bssl::UniquePtr<SSL_SESSION> session = CreateTestSession(i);
if (!session) {
return false;
}
@@ -1032,7 +1031,7 @@
// Although collisions should be impossible (256-bit session IDs), the cache
// must handle them gracefully.
- ScopedSSL_SESSION collision(CreateTestSession(7));
+ bssl::UniquePtr<SSL_SESSION> collision(CreateTestSession(7));
if (!collision || !SSL_CTX_add_session(ctx.get(), collision.get())) {
return false;
}
@@ -1075,7 +1074,7 @@
return static_cast<uint16_t>(seq >> 48);
}
-static ScopedX509 GetTestCertificate() {
+static bssl::UniquePtr<X509> GetTestCertificate() {
static const char kCertPEM[] =
"-----BEGIN CERTIFICATE-----\n"
"MIICWDCCAcGgAwIBAgIJAPuwTC6rEJsMMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\n"
@@ -1092,11 +1091,11 @@
"T5oQpHL9z/cCDLAKCKRa4uV0fhEdOWBqyR9p8y5jJtye72t6CuFUV5iqcpF4BH4f\n"
"j2VNHwsSrJwkD4QUGlUtH7vwnQmyCFxZMmWAJg==\n"
"-----END CERTIFICATE-----\n";
- ScopedBIO bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
- return ScopedX509(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
+ return bssl::UniquePtr<X509>(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
}
-static ScopedEVP_PKEY GetTestKey() {
+static bssl::UniquePtr<EVP_PKEY> GetTestKey() {
static const char kKeyPEM[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
"MIICXgIBAAKBgQDYK8imMuRi/03z0K1Zi0WnvfFHvwlYeyK9Na6XJYaUoIDAtB92\n"
@@ -1113,12 +1112,12 @@
"tfDwbqkta4xcux67//khAkEAvvRXLHTaa6VFzTaiiO8SaFsHV3lQyXOtMrBpB5jd\n"
"moZWgjHvB2W9Ckn7sDqsPB+U2tyX0joDdQEyuiMECDY8oQ==\n"
"-----END RSA PRIVATE KEY-----\n";
- ScopedBIO bio(BIO_new_mem_buf(kKeyPEM, strlen(kKeyPEM)));
- return ScopedEVP_PKEY(
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kKeyPEM, strlen(kKeyPEM)));
+ return bssl::UniquePtr<EVP_PKEY>(
PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr));
}
-static ScopedX509 GetECDSATestCertificate() {
+static bssl::UniquePtr<X509> GetECDSATestCertificate() {
static const char kCertPEM[] =
"-----BEGIN CERTIFICATE-----\n"
"MIIBzzCCAXagAwIBAgIJANlMBNpJfb/rMAkGByqGSM49BAEwRTELMAkGA1UEBhMC\n"
@@ -1132,26 +1131,26 @@
"BgcqhkjOPQQBA0gAMEUCIQDyoDVeUTo2w4J5m+4nUIWOcAZ0lVfSKXQA9L4Vh13E\n"
"BwIgfB55FGohg/B6dGh5XxSZmmi08cueFV7mHzJSYV51yRQ=\n"
"-----END CERTIFICATE-----\n";
- ScopedBIO bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
- return ScopedX509(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kCertPEM, strlen(kCertPEM)));
+ return bssl::UniquePtr<X509>(PEM_read_bio_X509(bio.get(), nullptr, nullptr, nullptr));
}
-static ScopedEVP_PKEY GetECDSATestKey() {
+static bssl::UniquePtr<EVP_PKEY> GetECDSATestKey() {
static const char kKeyPEM[] =
"-----BEGIN PRIVATE KEY-----\n"
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgBw8IcnrUoEqc3VnJ\n"
"TYlodwi1b8ldMHcO6NHJzgqLtGqhRANCAATmK2niv2Wfl74vHg2UikzVl2u3qR4N\n"
"Rvvdqakendy6WgHn1peoChj5w8SjHlbifINI2xYaHPUdfvGULUvPciLB\n"
"-----END PRIVATE KEY-----\n";
- ScopedBIO bio(BIO_new_mem_buf(kKeyPEM, strlen(kKeyPEM)));
- return ScopedEVP_PKEY(
+ bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kKeyPEM, strlen(kKeyPEM)));
+ return bssl::UniquePtr<EVP_PKEY>(
PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr));
}
-static bool ConnectClientAndServer(ScopedSSL *out_client, ScopedSSL *out_server,
+static bool ConnectClientAndServer(bssl::UniquePtr<SSL> *out_client, bssl::UniquePtr<SSL> *out_server,
SSL_CTX *client_ctx, SSL_CTX *server_ctx,
SSL_SESSION *session) {
- ScopedSSL client(SSL_new(client_ctx)), server(SSL_new(server_ctx));
+ bssl::UniquePtr<SSL> client(SSL_new(client_ctx)), server(SSL_new(server_ctx));
if (!client || !server) {
return false;
}
@@ -1199,21 +1198,21 @@
}
static bool TestSequenceNumber(bool dtls) {
- ScopedSSL_CTX client_ctx(SSL_CTX_new(dtls ? DTLS_method() : TLS_method()));
- ScopedSSL_CTX server_ctx(SSL_CTX_new(dtls ? DTLS_method() : TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(dtls ? DTLS_method() : TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(dtls ? DTLS_method() : TLS_method()));
if (!client_ctx || !server_ctx) {
return false;
}
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get())) {
return false;
}
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx.get(),
server_ctx.get(), nullptr /* no session */)) {
return false;
@@ -1268,21 +1267,21 @@
}
static bool TestOneSidedShutdown() {
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
if (!client_ctx || !server_ctx) {
return false;
}
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get())) {
return false;
}
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx.get(),
server_ctx.get(), nullptr /* no session */)) {
return false;
@@ -1323,28 +1322,28 @@
return true;
}
static bool TestSessionDuplication() {
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
if (!client_ctx || !server_ctx) {
return false;
}
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get())) {
return false;
}
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx.get(),
server_ctx.get(), nullptr /* no session */)) {
return false;
}
SSL_SESSION *session0 = SSL_get_session(client.get());
- ScopedSSL_SESSION session1(SSL_SESSION_dup(session0, SSL_SESSION_DUP_ALL));
+ bssl::UniquePtr<SSL_SESSION> session1(SSL_SESSION_dup(session0, SSL_SESSION_DUP_ALL));
if (!session1) {
return false;
}
@@ -1355,12 +1354,12 @@
if (!SSL_SESSION_to_bytes(session0, &s0_bytes, &s0_len)) {
return false;
}
- ScopedOpenSSLBytes free_s0(s0_bytes);
+ bssl::UniquePtr<uint8_t> free_s0(s0_bytes);
if (!SSL_SESSION_to_bytes(session1.get(), &s1_bytes, &s1_len)) {
return false;
}
- ScopedOpenSSLBytes free_s1(s1_bytes);
+ bssl::UniquePtr<uint8_t> free_s1(s1_bytes);
return s0_len == s1_len && memcmp(s0_bytes, s1_bytes, s0_len) == 0;
}
@@ -1383,13 +1382,13 @@
}
static bool TestSetFD() {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
// Test setting different read and write FDs.
- ScopedSSL ssl(SSL_new(ctx.get()));
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
if (!ssl ||
!SSL_set_rfd(ssl.get(), 1) ||
!SSL_set_wfd(ssl.get(), 2) ||
@@ -1466,13 +1465,13 @@
}
static bool TestSetBIO() {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
- ScopedSSL ssl(SSL_new(ctx.get()));
- ScopedBIO bio1(BIO_new(BIO_s_mem())), bio2(BIO_new(BIO_s_mem())),
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
+ bssl::UniquePtr<BIO> bio1(BIO_new(BIO_s_mem())), bio2(BIO_new(BIO_s_mem())),
bio3(BIO_new(BIO_s_mem()));
if (!ssl || !bio1 || !bio2 || !bio3) {
return false;
@@ -1529,15 +1528,15 @@
static int VerifySucceed(X509_STORE_CTX *store_ctx, void *arg) { return 1; }
static bool TestGetPeerCertificate() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key) {
return false;
}
for (uint16_t version : kVersions) {
// Configure both client and server to accept any certificate.
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx ||
!SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(ctx.get(), key.get())) {
@@ -1549,14 +1548,14 @@
ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
SSL_CTX_set_cert_verify_callback(ctx.get(), VerifySucceed, NULL);
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
nullptr /* no session */)) {
return false;
}
// Client and server should both see the leaf certificate.
- ScopedX509 peer(SSL_get_peer_certificate(server.get()));
+ bssl::UniquePtr<X509> peer(SSL_get_peer_certificate(server.get()));
if (!peer || X509_cmp(cert.get(), peer.get()) != 0) {
fprintf(stderr, "%x: Server peer certificate did not match.\n", version);
return false;
@@ -1585,8 +1584,8 @@
}
static bool TestRetainOnlySHA256OfCerts() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key) {
return false;
}
@@ -1596,7 +1595,7 @@
if (cert_der_len < 0) {
return false;
}
- ScopedOpenSSLBytes free_cert_der(cert_der);
+ bssl::UniquePtr<uint8_t> free_cert_der(cert_der);
uint8_t cert_sha256[SHA256_DIGEST_LENGTH];
SHA256(cert_der, cert_der_len, cert_sha256);
@@ -1604,7 +1603,7 @@
for (uint16_t version : kVersions) {
// Configure both client and server to accept any certificate, but the
// server must retain only the SHA-256 of the peer.
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx ||
!SSL_CTX_use_certificate(ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(ctx.get(), key.get())) {
@@ -1617,14 +1616,14 @@
SSL_CTX_set_cert_verify_callback(ctx.get(), VerifySucceed, NULL);
SSL_CTX_set_retain_only_sha256_of_client_certs(ctx.get(), 1);
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, ctx.get(), ctx.get(),
nullptr /* no session */)) {
return false;
}
// The peer certificate has been dropped.
- ScopedX509 peer(SSL_get_peer_certificate(server.get()));
+ bssl::UniquePtr<X509> peer(SSL_get_peer_certificate(server.get()));
if (peer) {
fprintf(stderr, "%x: Peer certificate was retained.\n", version);
return false;
@@ -1647,7 +1646,7 @@
static bool ClientHelloMatches(uint16_t version, const uint8_t *expected,
size_t expected_len) {
- ScopedSSL_CTX ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method()));
if (!ctx) {
return false;
}
@@ -1657,7 +1656,7 @@
if (!SSL_CTX_set_cipher_list(ctx.get(), "!RC4:CHACHA20:ALL")) {
return false;
}
- ScopedSSL ssl(SSL_new(ctx.get()));
+ bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get()));
if (!ssl) {
return false;
}
@@ -1814,7 +1813,7 @@
return true;
}
-static ScopedSSL_SESSION g_last_session;
+static bssl::UniquePtr<SSL_SESSION> g_last_session;
static int SaveLastSession(SSL *ssl, SSL_SESSION *session) {
// Save the most recent session.
@@ -1822,13 +1821,13 @@
return 1;
}
-static ScopedSSL_SESSION CreateClientSession(SSL_CTX *client_ctx,
+static bssl::UniquePtr<SSL_SESSION> CreateClientSession(SSL_CTX *client_ctx,
SSL_CTX *server_ctx) {
g_last_session = nullptr;
SSL_CTX_sess_set_new_cb(client_ctx, SaveLastSession);
// Connect client and server to get a session.
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx, server_ctx,
nullptr /* no session */)) {
fprintf(stderr, "Failed to connect client and server.\n");
@@ -1850,7 +1849,7 @@
static bool ExpectSessionReused(SSL_CTX *client_ctx, SSL_CTX *server_ctx,
SSL_SESSION *session,
bool reused) {
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx,
server_ctx, session)) {
fprintf(stderr, "Failed to connect client and server.\n");
@@ -1873,8 +1872,8 @@
}
static bool TestSessionIDContext() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key) {
return false;
}
@@ -1883,8 +1882,8 @@
static const uint8_t kContext2[] = {2};
for (uint16_t version : kVersions) {
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
if (!server_ctx || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get()) ||
@@ -1901,7 +1900,7 @@
SSL_CTX_set_max_version(server_ctx.get(), version);
SSL_CTX_set_session_cache_mode(server_ctx.get(), SSL_SESS_CACHE_BOTH);
- ScopedSSL_SESSION session =
+ bssl::UniquePtr<SSL_SESSION> session =
CreateClientSession(client_ctx.get(), server_ctx.get());
if (!session) {
fprintf(stderr, "Error getting session (version = %04x).\n", version);
@@ -1939,15 +1938,15 @@
}
static bool TestSessionTimeout() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
if (!cert || !key) {
return false;
}
for (uint16_t version : kVersions) {
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
if (!server_ctx || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get())) {
@@ -1963,7 +1962,7 @@
SSL_CTX_set_session_cache_mode(server_ctx.get(), SSL_SESS_CACHE_BOTH);
SSL_CTX_set_current_time_cb(server_ctx.get(), CurrentTimeCallback);
- ScopedSSL_SESSION session =
+ bssl::UniquePtr<SSL_SESSION> session =
CreateClientSession(client_ctx.get(), server_ctx.get());
if (!session) {
fprintf(stderr, "Error getting session (version = %04x).\n", version);
@@ -1999,10 +1998,10 @@
}
static bool TestSNICallback() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
- ScopedX509 cert2 = GetECDSATestCertificate();
- ScopedEVP_PKEY key2 = GetECDSATestKey();
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
+ bssl::UniquePtr<X509> cert2 = GetECDSATestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key2 = GetECDSATestKey();
if (!cert || !key || !cert2 || !key2) {
return false;
}
@@ -2016,9 +2015,9 @@
static const uint16_t kECDSAWithSHA256 = SSL_SIGN_ECDSA_SECP256R1_SHA256;
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX server_ctx2(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> server_ctx2(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
if (!server_ctx || !server_ctx2 || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get()) ||
@@ -2043,7 +2042,7 @@
SSL_CTX_set_tlsext_servername_callback(server_ctx.get(), SwitchContext);
SSL_CTX_set_tlsext_servername_arg(server_ctx.get(), server_ctx2.get());
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx.get(),
server_ctx.get(), nullptr)) {
fprintf(stderr, "Handshake failed at version %04x.\n", version);
@@ -2051,7 +2050,7 @@
}
// The client should have received |cert2|.
- ScopedX509 peer(SSL_get_peer_certificate(client.get()));
+ bssl::UniquePtr<X509> peer(SSL_get_peer_certificate(client.get()));
if (!peer ||
X509_cmp(peer.get(), cert2.get()) != 0) {
fprintf(stderr, "Incorrect certificate received at version %04x.\n",
@@ -2071,10 +2070,10 @@
// TestEarlyCallbackVersionSwitch tests that the early callback can swap the
// maximum version.
static bool TestEarlyCallbackVersionSwitch() {
- ScopedX509 cert = GetTestCertificate();
- ScopedEVP_PKEY key = GetTestKey();
- ScopedSSL_CTX server_ctx(SSL_CTX_new(TLS_method()));
- ScopedSSL_CTX client_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<X509> cert = GetTestCertificate();
+ bssl::UniquePtr<EVP_PKEY> key = GetTestKey();
+ bssl::UniquePtr<SSL_CTX> server_ctx(SSL_CTX_new(TLS_method()));
+ bssl::UniquePtr<SSL_CTX> client_ctx(SSL_CTX_new(TLS_method()));
if (!cert || !key || !server_ctx || !client_ctx ||
!SSL_CTX_use_certificate(server_ctx.get(), cert.get()) ||
!SSL_CTX_use_PrivateKey(server_ctx.get(), key.get())) {
@@ -2086,7 +2085,7 @@
SSL_CTX_set_select_certificate_cb(server_ctx.get(), SetMaxVersion);
- ScopedSSL client, server;
+ bssl::UniquePtr<SSL> client, server;
if (!ConnectClientAndServer(&client, &server, client_ctx.get(),
server_ctx.get(), nullptr)) {
return false;
diff --git a/ssl/test/async_bio.cc b/ssl/test/async_bio.cc
index 7a5737b..605b33a 100644
--- a/ssl/test/async_bio.cc
+++ b/ssl/test/async_bio.cc
@@ -17,6 +17,7 @@
#include <errno.h>
#include <string.h>
+#include <openssl/bio.h>
#include <openssl/mem.h>
@@ -150,12 +151,12 @@
} // namespace
-ScopedBIO AsyncBioCreate() {
- return ScopedBIO(BIO_new(&g_async_bio_method));
+bssl::UniquePtr<BIO> AsyncBioCreate() {
+ return bssl::UniquePtr<BIO>(BIO_new(&g_async_bio_method));
}
-ScopedBIO AsyncBioCreateDatagram() {
- ScopedBIO ret(BIO_new(&g_async_bio_method));
+bssl::UniquePtr<BIO> AsyncBioCreateDatagram() {
+ bssl::UniquePtr<BIO> ret(BIO_new(&g_async_bio_method));
if (!ret) {
return nullptr;
}
diff --git a/ssl/test/async_bio.h b/ssl/test/async_bio.h
index fbc4016..9974139 100644
--- a/ssl/test/async_bio.h
+++ b/ssl/test/async_bio.h
@@ -17,20 +17,18 @@
#include <openssl/bio.h>
-#include "../../crypto/test/scoped_types.h"
-
// AsyncBioCreate creates a filter BIO for testing asynchronous state
// machines which consume a stream socket. Reads and writes will fail
// and return EAGAIN unless explicitly allowed. Each async BIO has a
// read quota and a write quota. Initially both are zero. As each is
// incremented, bytes are allowed to flow through the BIO.
-ScopedBIO AsyncBioCreate();
+bssl::UniquePtr<BIO> AsyncBioCreate();
// AsyncBioCreateDatagram creates a filter BIO for testing for
// asynchronous state machines which consume datagram sockets. The read
// and write quota count in packets rather than bytes.
-ScopedBIO AsyncBioCreateDatagram();
+bssl::UniquePtr<BIO> AsyncBioCreateDatagram();
// AsyncBioAllowRead increments |bio|'s read quota by |count|.
void AsyncBioAllowRead(BIO *bio, size_t count);
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index f9ab913..ff77b63 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -46,21 +46,22 @@
#include <openssl/c++/digest.h>
#include <openssl/cipher.h>
#include <openssl/crypto.h>
+#include <openssl/dh.h>
#include <openssl/err.h>
+#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/nid.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
+#include <openssl/x509.h>
#include <memory>
#include <string>
#include <vector>
#include "../../crypto/internal.h"
-#include "../../crypto/test/scoped_types.h"
#include "async_bio.h"
#include "packeted_bio.h"
-#include "scoped_types.h"
#include "test_config.h"
namespace bssl {
@@ -89,20 +90,20 @@
BIO *async_bio = nullptr;
// packeted_bio is the packeted BIO which simulates read timeouts.
BIO *packeted_bio = nullptr;
- ScopedEVP_PKEY channel_id;
+ bssl::UniquePtr<EVP_PKEY> channel_id;
bool cert_ready = false;
- ScopedSSL_SESSION session;
- ScopedSSL_SESSION pending_session;
+ bssl::UniquePtr<SSL_SESSION> session;
+ bssl::UniquePtr<SSL_SESSION> pending_session;
bool early_callback_called = false;
bool handshake_done = false;
// private_key is the underlying private key used when testing custom keys.
- ScopedEVP_PKEY private_key;
+ bssl::UniquePtr<EVP_PKEY> private_key;
std::vector<uint8_t> private_key_result;
// private_key_retries is the number of times an asynchronous private key
// operation has been retried.
unsigned private_key_retries = 0;
bool got_new_session = false;
- ScopedSSL_SESSION new_session;
+ bssl::UniquePtr<SSL_SESSION> new_session;
bool ticket_decrypt_done = false;
bool alpn_select_done = false;
};
@@ -136,20 +137,21 @@
return (TestState *)SSL_get_ex_data(ssl, g_state_index);
}
-static ScopedX509 LoadCertificate(const std::string &file) {
- ScopedBIO bio(BIO_new(BIO_s_file()));
+static bssl::UniquePtr<X509> LoadCertificate(const std::string &file) {
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_file()));
if (!bio || !BIO_read_filename(bio.get(), file.c_str())) {
return nullptr;
}
- return ScopedX509(PEM_read_bio_X509(bio.get(), NULL, NULL, NULL));
+ return bssl::UniquePtr<X509>(PEM_read_bio_X509(bio.get(), NULL, NULL, NULL));
}
-static ScopedEVP_PKEY LoadPrivateKey(const std::string &file) {
- ScopedBIO bio(BIO_new(BIO_s_file()));
+static bssl::UniquePtr<EVP_PKEY> LoadPrivateKey(const std::string &file) {
+ bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_file()));
if (!bio || !BIO_read_filename(bio.get(), file.c_str())) {
return nullptr;
}
- return ScopedEVP_PKEY(PEM_read_bio_PrivateKey(bio.get(), NULL, NULL, NULL));
+ return bssl::UniquePtr<EVP_PKEY>(
+ PEM_read_bio_PrivateKey(bio.get(), NULL, NULL, NULL));
}
static int AsyncPrivateKeyType(SSL *ssl) {
@@ -317,8 +319,8 @@
}
};
-static bool GetCertificate(SSL *ssl, ScopedX509 *out_x509,
- ScopedEVP_PKEY *out_pkey) {
+static bool GetCertificate(SSL *ssl, bssl::UniquePtr<X509> *out_x509,
+ bssl::UniquePtr<EVP_PKEY> *out_pkey) {
const TestConfig *config = GetTestConfig(ssl);
if (!config->digest_prefs.empty()) {
@@ -372,8 +374,8 @@
}
static bool InstallCertificate(SSL *ssl) {
- ScopedX509 x509;
- ScopedEVP_PKEY pkey;
+ bssl::UniquePtr<X509> x509;
+ bssl::UniquePtr<EVP_PKEY> pkey;
if (!GetCertificate(ssl, &x509, &pkey)) {
return false;
}
@@ -453,8 +455,8 @@
return -1;
}
- ScopedX509 x509;
- ScopedEVP_PKEY pkey;
+ bssl::UniquePtr<X509> x509;
+ bssl::UniquePtr<EVP_PKEY> pkey;
if (!GetCertificate(ssl, &x509, &pkey)) {
return -1;
}
@@ -799,8 +801,8 @@
const int sock_;
};
-static ScopedSSL_CTX SetupCtx(const TestConfig *config) {
- ScopedSSL_CTX ssl_ctx(SSL_CTX_new(
+static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) {
+ bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(
config->is_dtls ? DTLS_method() : TLS_method()));
if (!ssl_ctx) {
return nullptr;
@@ -831,7 +833,7 @@
return nullptr;
}
- ScopedDH dh(DH_get_2048_256(NULL));
+ bssl::UniquePtr<DH> dh(DH_get_2048_256(NULL));
if (!dh) {
return nullptr;
}
@@ -973,7 +975,8 @@
AsyncBioAllowWrite(test_state->async_bio, 1);
return true;
case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP: {
- ScopedEVP_PKEY pkey = LoadPrivateKey(GetTestConfig(ssl)->send_channel_id);
+ bssl::UniquePtr<EVP_PKEY> pkey =
+ LoadPrivateKey(GetTestConfig(ssl)->send_channel_id);
if (!pkey) {
return false;
}
@@ -1256,10 +1259,10 @@
// true and sets |*out_session| to the negotiated SSL session. If the test is a
// resumption attempt, |is_resume| is true and |session| is the session from the
// previous exchange.
-static bool DoExchange(ScopedSSL_SESSION *out_session, SSL_CTX *ssl_ctx,
- const TestConfig *config, bool is_resume,
- SSL_SESSION *session) {
- ScopedSSL ssl(SSL_new(ssl_ctx));
+static bool DoExchange(bssl::UniquePtr<SSL_SESSION> *out_session,
+ SSL_CTX *ssl_ctx, const TestConfig *config,
+ bool is_resume, SSL_SESSION *session) {
+ bssl::UniquePtr<SSL> ssl(SSL_new(ssl_ctx));
if (!ssl) {
return false;
}
@@ -1319,7 +1322,7 @@
SSL_enable_tls_channel_id(ssl.get());
if (!config->async) {
// The async case will be supplied by |ChannelIdCallback|.
- ScopedEVP_PKEY pkey = LoadPrivateKey(config->send_channel_id);
+ bssl::UniquePtr<EVP_PKEY> pkey = LoadPrivateKey(config->send_channel_id);
if (!pkey || !SSL_set1_tls_channel_id(ssl.get(), pkey.get())) {
return false;
}
@@ -1412,12 +1415,12 @@
}
SocketCloser closer(sock);
- ScopedBIO bio(BIO_new_socket(sock, BIO_NOCLOSE));
+ bssl::UniquePtr<BIO> bio(BIO_new_socket(sock, BIO_NOCLOSE));
if (!bio) {
return false;
}
if (config->is_dtls) {
- ScopedBIO packeted = PacketedBioCreate(!config->async);
+ bssl::UniquePtr<BIO> packeted = PacketedBioCreate(!config->async);
if (!packeted) {
return false;
}
@@ -1426,7 +1429,7 @@
bio = std::move(packeted);
}
if (config->async) {
- ScopedBIO async_scoped =
+ bssl::UniquePtr<BIO> async_scoped =
config->is_dtls ? AsyncBioCreateDatagram() : AsyncBioCreate();
if (!async_scoped) {
return false;
@@ -1692,13 +1695,13 @@
return Usage(argv[0]);
}
- ScopedSSL_CTX ssl_ctx = SetupCtx(&config);
+ bssl::UniquePtr<SSL_CTX> ssl_ctx = SetupCtx(&config);
if (!ssl_ctx) {
ERR_print_errors_fp(stderr);
return 1;
}
- ScopedSSL_SESSION session;
+ bssl::UniquePtr<SSL_SESSION> session;
for (int i = 0; i < config.resume_count + 1; i++) {
bool is_resume = i > 0;
if (is_resume && !config.is_server && !session) {
@@ -1706,7 +1709,7 @@
return 1;
}
- ScopedSSL_SESSION offer_session = std::move(session);
+ bssl::UniquePtr<SSL_SESSION> offer_session = std::move(session);
if (!DoExchange(&session, ssl_ctx.get(), &config, is_resume,
offer_session.get())) {
fprintf(stderr, "Connection %d failed.\n", i + 1);
diff --git a/ssl/test/packeted_bio.cc b/ssl/test/packeted_bio.cc
index b0982b0..f7267fc 100644
--- a/ssl/test/packeted_bio.cc
+++ b/ssl/test/packeted_bio.cc
@@ -272,8 +272,8 @@
} // namespace
-ScopedBIO PacketedBioCreate(bool advance_clock) {
- ScopedBIO bio(BIO_new(&g_packeted_bio_method));
+bssl::UniquePtr<BIO> PacketedBioCreate(bool advance_clock) {
+ bssl::UniquePtr<BIO> bio(BIO_new(&g_packeted_bio_method));
if (!bio) {
return nullptr;
}
diff --git a/ssl/test/packeted_bio.h b/ssl/test/packeted_bio.h
index 9bab635..07930d4 100644
--- a/ssl/test/packeted_bio.h
+++ b/ssl/test/packeted_bio.h
@@ -18,8 +18,6 @@
#include <openssl/base.h>
#include <openssl/bio.h>
-#include "../../crypto/test/scoped_types.h"
-
#if defined(OPENSSL_WINDOWS)
OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <winsock2.h>
@@ -38,7 +36,7 @@
// continues reading, subject to the read deadline. Otherwise, it fails
// immediately. The caller must then call |PacketedBioAdvanceClock| before
// retrying |BIO_read|.
-ScopedBIO PacketedBioCreate(bool advance_clock);
+bssl::UniquePtr<BIO> PacketedBioCreate(bool advance_clock);
// PacketedBioGetClock returns the current time for |bio|.
timeval PacketedBioGetClock(const BIO *bio);
diff --git a/ssl/test/scoped_types.h b/ssl/test/scoped_types.h
deleted file mode 100644
index 7e92cee..0000000
--- a/ssl/test/scoped_types.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/* Copyright (c) 2015, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#ifndef OPENSSL_HEADER_SSL_TEST_SCOPED_TYPES_H
-#define OPENSSL_HEADER_SSL_TEST_SCOPED_TYPES_H
-
-#include <openssl/ssl.h>
-
-#include "../../crypto/test/scoped_types.h"
-
-
-using ScopedSSL = ScopedOpenSSLType<SSL, SSL_free>;
-using ScopedSSL_CTX = ScopedOpenSSLType<SSL_CTX, SSL_CTX_free>;
-using ScopedSSL_SESSION = ScopedOpenSSLType<SSL_SESSION, SSL_SESSION_free>;
-
-
-#endif // OPENSSL_HEADER_SSL_TEST_SCOPED_TYPES_H
