Switch tls13_client and tls13_server to C++.
And, with that, stage one is complete. ssl/internal.h may include C++.
Bug: 132
Change-Id: I0cb89f0ed5f4be36632a50744a80321595dc921c
Reviewed-on: https://boringssl-review.googlesource.com/17768
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index 5d76fdf..b6f4451 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -35,9 +35,9 @@
tls_method.cc
tls_record.cc
tls13_both.cc
- tls13_client.c
+ tls13_client.cc
tls13_enc.cc
- tls13_server.c
+ tls13_server.cc
)
target_link_libraries(ssl crypto)
diff --git a/ssl/tls13_client.c b/ssl/tls13_client.cc
similarity index 97%
rename from ssl/tls13_client.c
rename to ssl/tls13_client.cc
index c92b539..7f961bf 100644
--- a/ssl/tls13_client.c
+++ b/ssl/tls13_client.cc
@@ -382,8 +382,8 @@
/* Store the negotiated ALPN in the session. */
if (ssl->s3->alpn_selected != NULL) {
- hs->new_session->early_alpn =
- BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
+ hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
+ ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
if (hs->new_session->early_alpn == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
@@ -645,7 +645,8 @@
enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs) {
while (hs->tls13_state != state_done) {
enum ssl_hs_wait_t ret = ssl_hs_error;
- enum client_hs_state_t state = hs->tls13_state;
+ enum client_hs_state_t state =
+ static_cast<enum client_hs_state_t>(hs->tls13_state);
switch (state) {
case state_process_hello_retry_request:
ret = do_process_hello_retry_request(hs);
@@ -703,14 +704,13 @@
}
int tls13_process_new_session_ticket(SSL *ssl) {
- int ret = 0;
- SSL_SESSION *session = SSL_SESSION_dup(ssl->s3->established_session,
- SSL_SESSION_INCLUDE_NONAUTH);
- if (session == NULL) {
+ bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_dup(
+ ssl->s3->established_session, SSL_SESSION_INCLUDE_NONAUTH));
+ if (!session) {
return 0;
}
- ssl_session_rebase_time(ssl, session);
+ ssl_session_rebase_time(ssl, session.get());
uint32_t server_timeout;
CBS cbs, ticket, extensions;
@@ -723,7 +723,7 @@
CBS_len(&cbs) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- goto err;
+ return 0;
}
/* Cap the renewable lifetime by the server advertised value. This avoids
@@ -745,7 +745,7 @@
OPENSSL_ARRAY_SIZE(ext_types),
1 /* ignore unknown */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
- goto err;
+ return 0;
}
if (have_early_data_info && ssl->cert->enable_early_data) {
@@ -753,7 +753,7 @@
CBS_len(&early_data_info) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
- goto err;
+ return 0;
}
}
@@ -761,16 +761,12 @@
session->not_resumable = 0;
if (ssl->ctx->new_session_cb != NULL &&
- ssl->ctx->new_session_cb(ssl, session)) {
+ ssl->ctx->new_session_cb(ssl, session.get())) {
/* |new_session_cb|'s return value signals that it took ownership. */
- session = NULL;
+ session.release();
}
- ret = 1;
-
-err:
- SSL_SESSION_free(session);
- return ret;
+ return 1;
}
void ssl_clear_tls13_state(SSL_HANDSHAKE *hs) {
diff --git a/ssl/tls13_server.c b/ssl/tls13_server.cc
similarity index 97%
rename from ssl/tls13_server.c
rename to ssl/tls13_server.cc
index 25a7c2c..4e66016 100644
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.cc
@@ -12,6 +12,13 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+/* Per C99, various stdint.h macros are unavailable in C++ unless some macros
+ * are defined. C++11 overruled this decision, but older Android NDKs still
+ * require it. */
+#if !defined(__STDC_LIMIT_MACROS)
+#define __STDC_LIMIT_MACROS
+#endif
+
#include <openssl/ssl.h>
#include <assert.h>
@@ -417,8 +424,8 @@
/* Store the initial negotiated ALPN in the session. */
if (ssl->s3->alpn_selected != NULL) {
- hs->new_session->early_alpn =
- BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
+ hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
+ ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
if (hs->new_session->early_alpn == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
@@ -670,7 +677,8 @@
*
* TODO(davidben): This will need to be updated for DTLS 1.3. */
assert(!SSL_is_dtls(hs->ssl));
- uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, hs->hash_len};
+ assert(hs->hash_len <= 0xff);
+ uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, static_cast<uint8_t>(hs->hash_len)};
if (!SSL_TRANSCRIPT_update(&hs->transcript, header, sizeof(header)) ||
!SSL_TRANSCRIPT_update(&hs->transcript, hs->expected_client_finished,
hs->hash_len) ||
@@ -832,7 +840,8 @@
enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
while (hs->tls13_state != state_done) {
enum ssl_hs_wait_t ret = ssl_hs_error;
- enum server_hs_state_t state = hs->tls13_state;
+ enum server_hs_state_t state =
+ static_cast<enum server_hs_state_t>(hs->tls13_state);
switch (state) {
case state_select_parameters:
ret = do_select_parameters(hs);
