Switch a bunch of things from int to bool.

Change-Id: I419c3a1459425fcd016c130d9699c5d89e66713c
Reviewed-on: https://boringssl-review.googlesource.com/21386
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc
index 3a31a02..daf62fc 100644
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc
@@ -259,9 +259,9 @@
   frag->reassembly = NULL;
 }
 
-// dtls1_is_current_message_complete returns one if the current handshake
-// message is complete and zero otherwise.
-static int dtls1_is_current_message_complete(const SSL *ssl) {
+// dtls1_is_current_message_complete returns whether the current handshake
+// message is complete.
+static bool dtls1_is_current_message_complete(const SSL *ssl) {
   hm_fragment *frag = ssl->d1->incoming_messages[ssl->d1->handshake_read_seq %
                                                  SSL_MAX_HANDSHAKE_FLIGHT];
   return frag != NULL && frag->reassembly == NULL;
@@ -480,8 +480,8 @@
   return false;
 }
 
-int dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
-                         CBS *out_body) {
+bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
+                          CBS *out_body) {
   OPENSSL_memset(out_hdr, 0x00, sizeof(struct hm_header_st));
 
   if (!CBS_get_u8(cbs, &out_hdr->type) ||
@@ -490,10 +490,10 @@
       !CBS_get_u24(cbs, &out_hdr->frag_off) ||
       !CBS_get_u24(cbs, &out_hdr->frag_len) ||
       !CBS_get_bytes(cbs, out_body, out_hdr->frag_len)) {
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
 int dtls1_read_change_cipher_spec(SSL *ssl) {
@@ -524,7 +524,7 @@
   ssl->d1->flight_has_reply = false;
 }
 
-int dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
+bool dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
   // Pick a modest size hint to save most of the |realloc| calls.
   if (!CBB_init(cbb, 64) ||
       !CBB_add_u8(cbb, type) ||
@@ -532,31 +532,29 @@
       !CBB_add_u16(cbb, ssl->d1->handshake_write_seq) ||
       !CBB_add_u24(cbb, 0 /* offset */) ||
       !CBB_add_u24_length_prefixed(cbb, body)) {
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
-int dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg) {
+bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg) {
   if (!CBBFinishArray(cbb, out_msg) ||
       out_msg->size() < DTLS1_HM_HEADER_LENGTH) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return 0;
+    return false;
   }
 
   // Fix up the header. Copy the fragment length into the total message
   // length.
   OPENSSL_memcpy(out_msg->data() + 1,
                  out_msg->data() + DTLS1_HM_HEADER_LENGTH - 3, 3);
-  return 1;
+  return true;
 }
 
 // add_outgoing adds a new handshake message or ChangeCipherSpec to the current
-// outgoing flight. It returns one on success and zero on error. In both cases,
-// it takes ownership of |data| and releases it with |OPENSSL_free| when
-// done.
-static int add_outgoing(SSL *ssl, int is_ccs, Array<uint8_t> data) {
+// outgoing flight. It returns true on success and false on error.
+static bool add_outgoing(SSL *ssl, int is_ccs, Array<uint8_t> data) {
   if (ssl->d1->outgoing_messages_complete) {
     // If we've begun writing a new flight, we received the peer flight. Discard
     // the timer and the our flight.
@@ -569,9 +567,9 @@
                 "outgoing_messages_len is too small");
   if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT ||
       data.size() > 0xffffffff) {
-    assert(0);
+    assert(false);
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return 0;
+    return false;
   }
 
   if (!is_ccs) {
@@ -580,7 +578,7 @@
     if (ssl->s3->hs != NULL &&
         !ssl->s3->hs->transcript.Update(data)) {
       OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-      return 0;
+      return false;
     }
     ssl->d1->handshake_write_seq++;
   }
@@ -594,24 +592,24 @@
   msg->is_ccs = is_ccs;
 
   ssl->d1->outgoing_messages_len++;
-  return 1;
+  return true;
 }
 
-int dtls1_add_message(SSL *ssl, Array<uint8_t> data) {
+bool dtls1_add_message(SSL *ssl, Array<uint8_t> data) {
   return add_outgoing(ssl, 0 /* handshake */, std::move(data));
 }
 
-int dtls1_add_change_cipher_spec(SSL *ssl) {
+bool dtls1_add_change_cipher_spec(SSL *ssl) {
   return add_outgoing(ssl, 1 /* ChangeCipherSpec */, Array<uint8_t>());
 }
 
-int dtls1_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
+bool dtls1_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
   // The |add_alert| path is only used for warning alerts for now, which DTLS
   // never sends. This will be implemented later once closure alerts are
   // converted.
-  assert(0);
+  assert(false);
   OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-  return 0;
+  return false;
 }
 
 // dtls1_update_mtu updates the current MTU from the BIO, ensuring it is above
@@ -740,9 +738,9 @@
 // seal_next_packet writes as much of the next flight as possible to |out| and
 // advances |ssl->d1->outgoing_written| and |ssl->d1->outgoing_offset| as
 // appropriate.
-static int seal_next_packet(SSL *ssl, uint8_t *out, size_t *out_len,
-                            size_t max_out) {
-  int made_progress = 0;
+static bool seal_next_packet(SSL *ssl, uint8_t *out, size_t *out_len,
+                             size_t max_out) {
+  bool made_progress = false;
   size_t total = 0;
   assert(ssl->d1->outgoing_written < ssl->d1->outgoing_messages_len);
   for (; ssl->d1->outgoing_written < ssl->d1->outgoing_messages_len;
@@ -753,7 +751,7 @@
     enum seal_result_t ret = seal_next_message(ssl, out, &len, max_out, msg);
     switch (ret) {
       case seal_error:
-        return 0;
+        return false;
 
       case seal_no_progress:
         goto packet_full;
@@ -763,7 +761,7 @@
         out += len;
         max_out -= len;
         total += len;
-        made_progress = 1;
+        made_progress = true;
 
         if (ret == seal_partial) {
           goto packet_full;
@@ -776,11 +774,11 @@
   // The MTU was too small to make any progress.
   if (!made_progress) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_MTU_TOO_SMALL);
-    return 0;
+    return false;
   }
 
   *out_len = total;
-  return 1;
+  return true;
 }
 
 static int send_flight(SSL *ssl) {
diff --git a/ssl/d1_lib.cc b/ssl/d1_lib.cc
index ec5d470..38bc5be 100644
--- a/ssl/d1_lib.cc
+++ b/ssl/d1_lib.cc
@@ -78,14 +78,14 @@
 // before failing the DTLS handshake.
 #define DTLS1_MAX_TIMEOUTS                     12
 
-int dtls1_new(SSL *ssl) {
+bool dtls1_new(SSL *ssl) {
   if (!ssl3_new(ssl)) {
-    return 0;
+    return false;
   }
   DTLS1_STATE *d1 = (DTLS1_STATE *)OPENSSL_malloc(sizeof *d1);
   if (d1 == NULL) {
     ssl3_free(ssl);
-    return 0;
+    return false;
   }
   OPENSSL_memset(d1, 0, sizeof *d1);
 
@@ -97,7 +97,7 @@
   // protocol version, and implement this pre-negotiation quirk in |SSL_version|
   // at the API boundary rather than in internal state.
   ssl->version = DTLS1_2_VERSION;
-  return 1;
+  return true;
 }
 
 void dtls1_free(SSL *ssl) {
@@ -133,21 +133,21 @@
   }
 }
 
-int dtls1_is_timer_expired(SSL *ssl) {
+bool dtls1_is_timer_expired(SSL *ssl) {
   struct timeval timeleft;
 
   // Get time left until timeout, return false if no timer running
   if (!DTLSv1_get_timeout(ssl, &timeleft)) {
-    return 0;
+    return false;
   }
 
   // Return false if timer is not expired yet
   if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
-    return 0;
+    return false;
   }
 
   // Timer expired, so return true
-  return 1;
+  return true;
 }
 
 static void dtls1_double_timeout(SSL *ssl) {
@@ -163,7 +163,7 @@
   ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
 }
 
-int dtls1_check_timeout_num(SSL *ssl) {
+bool dtls1_check_timeout_num(SSL *ssl) {
   ssl->d1->num_timeouts++;
 
   // Reduce MTU after 2 unsuccessful retransmissions
@@ -178,10 +178,10 @@
   if (ssl->d1->num_timeouts > DTLS1_MAX_TIMEOUTS) {
     // fail the connection, enough alerts have been sent
     OPENSSL_PUT_ERROR(SSL, SSL_R_READ_TIMEOUT_EXPIRED);
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
 }  // namespace bssl
diff --git a/ssl/dtls_method.cc b/ssl/dtls_method.cc
index daaec2d..a6156a1 100644
--- a/ssl/dtls_method.cc
+++ b/ssl/dtls_method.cc
@@ -68,7 +68,7 @@
 
 using namespace bssl;
 
-static int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
+static bool dtls1_supports_cipher(const SSL_CIPHER *cipher) {
   return cipher->algorithm_enc != SSL_eNULL;
 }
 
@@ -82,12 +82,12 @@
   }
 }
 
-static int dtls1_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
+static bool dtls1_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
   // Cipher changes are forbidden if the current epoch has leftover data.
   if (dtls_has_unprocessed_handshake_data(ssl)) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFERED_MESSAGES_ON_CIPHER_CHANGE);
     ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-    return 0;
+    return false;
   }
 
   ssl->d1->r_epoch++;
@@ -96,10 +96,11 @@
 
   Delete(ssl->s3->aead_read_ctx);
   ssl->s3->aead_read_ctx = aead_ctx.release();
-  return 1;
+  return true;
 }
 
-static int dtls1_set_write_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
+static bool dtls1_set_write_state(SSL *ssl,
+                                  UniquePtr<SSLAEADContext> aead_ctx) {
   ssl->d1->w_epoch++;
   OPENSSL_memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
                  sizeof(ssl->s3->write_sequence));
@@ -108,11 +109,11 @@
   Delete(ssl->d1->last_aead_write_ctx);
   ssl->d1->last_aead_write_ctx = ssl->s3->aead_write_ctx;
   ssl->s3->aead_write_ctx = aead_ctx.release();
-  return 1;
+  return true;
 }
 
 static const SSL_PROTOCOL_METHOD kDTLSProtocolMethod = {
-    1 /* is_dtls */,
+    true /* is_dtls */,
     dtls1_new,
     dtls1_free,
     dtls1_get_message,
diff --git a/ssl/handshake.cc b/ssl/handshake.cc
index 80b64f3..1e19e5c 100644
--- a/ssl/handshake.cc
+++ b/ssl/handshake.cc
@@ -160,25 +160,25 @@
 
 void ssl_handshake_free(SSL_HANDSHAKE *hs) { Delete(hs); }
 
-int ssl_check_message_type(SSL *ssl, const SSLMessage &msg, int type) {
+bool ssl_check_message_type(SSL *ssl, const SSLMessage &msg, int type) {
   if (msg.type != type) {
     ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
     OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
     ERR_add_error_dataf("got type %d, wanted type %d", msg.type, type);
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
-int ssl_add_message_cbb(SSL *ssl, CBB *cbb) {
+bool ssl_add_message_cbb(SSL *ssl, CBB *cbb) {
   Array<uint8_t> msg;
   if (!ssl->method->finish_message(ssl, cbb, &msg) ||
       !ssl->method->add_message(ssl, std::move(msg))) {
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
 size_t ssl_max_handshake_message_len(const SSL *ssl) {
diff --git a/ssl/internal.h b/ssl/internal.h
index b034b66..577b382 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1465,7 +1465,7 @@
 
 // ssl_check_message_type checks if |msg| has type |type|. If so it returns
 // one. Otherwise, it sends an alert and returns zero.
-int ssl_check_message_type(SSL *ssl, const SSLMessage &msg, int type);
+bool ssl_check_message_type(SSL *ssl, const SSLMessage &msg, int type);
 
 // ssl_run_handshake runs the TLS handshake. It returns one on success and <= 0
 // on error. It sets |out_early_return| to one if we've completed the handshake
@@ -1718,9 +1718,8 @@
 
 // |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
 struct SSL_PROTOCOL_METHOD {
-  // is_dtls is one if the protocol is DTLS and zero otherwise.
-  char is_dtls;
-  int (*ssl_new)(SSL *ssl);
+  bool is_dtls;
+  bool (*ssl_new)(SSL *ssl);
   void (*ssl_free)(SSL *ssl);
   // get_message sets |*out| to the current handshake message and returns true
   // if one has been received. It returns false if more input is needed.
@@ -1742,38 +1741,37 @@
   int (*write_app_data)(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
                         int len);
   int (*dispatch_alert)(SSL *ssl);
-  // supports_cipher returns one if |cipher| is supported by this protocol and
-  // zero otherwise.
-  int (*supports_cipher)(const SSL_CIPHER *cipher);
+  // supports_cipher returns whether |cipher| is supported by this protocol.
+  bool (*supports_cipher)(const SSL_CIPHER *cipher);
   // init_message begins a new handshake message of type |type|. |cbb| is the
   // root CBB to be passed into |finish_message|. |*body| is set to a child CBB
-  // the caller should write to. It returns one on success and zero on error.
-  int (*init_message)(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
+  // the caller should write to. It returns true on success and false on error.
+  bool (*init_message)(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
   // finish_message finishes a handshake message. It sets |*out_msg| to the
-  // serialized message. It returns one on success and zero on error.
-  int (*finish_message)(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
-  // add_message adds a handshake message to the pending flight. It returns one
-  // on success and zero on error.
-  int (*add_message)(SSL *ssl, Array<uint8_t> msg);
+  // serialized message. It returns true on success and false on error.
+  bool (*finish_message)(SSL *ssl, CBB *cbb, bssl::Array<uint8_t> *out_msg);
+  // add_message adds a handshake message to the pending flight. It returns
+  // true on success and false on error.
+  bool (*add_message)(SSL *ssl, bssl::Array<uint8_t> msg);
   // add_change_cipher_spec adds a ChangeCipherSpec record to the pending
-  // flight. It returns one on success and zero on error.
-  int (*add_change_cipher_spec)(SSL *ssl);
-  // add_alert adds an alert to the pending flight. It returns one on success
-  // and zero on error.
-  int (*add_alert)(SSL *ssl, uint8_t level, uint8_t desc);
+  // flight. It returns true on success and false on error.
+  bool (*add_change_cipher_spec)(SSL *ssl);
+  // add_alert adds an alert to the pending flight. It returns true on success
+  // and false on error.
+  bool (*add_alert)(SSL *ssl, uint8_t level, uint8_t desc);
   // flush_flight flushes the pending flight to the transport. It returns one on
   // success and <= 0 on error.
   int (*flush_flight)(SSL *ssl);
   // on_handshake_complete is called when the handshake is complete.
   void (*on_handshake_complete)(SSL *ssl);
   // set_read_state sets |ssl|'s read cipher state to |aead_ctx|. It returns
-  // one on success and zero if changing the read state is forbidden at this
+  // true on success and false if changing the read state is forbidden at this
   // point.
-  int (*set_read_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
+  bool (*set_read_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
   // set_write_state sets |ssl|'s write cipher state to |aead_ctx|. It returns
-  // one on success and zero if changing the write state is forbidden at this
+  // true on success and false if changing the write state is forbidden at this
   // point.
-  int (*set_write_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
+  bool (*set_write_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
 };
 
 // ssl_crypto_x509_method provides the |SSL_X509_METHOD| functions using
@@ -2703,29 +2701,29 @@
 int ssl3_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
                         int len);
 
-int ssl3_new(SSL *ssl);
+bool ssl3_new(SSL *ssl);
 void ssl3_free(SSL *ssl);
 
-int ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
-int ssl3_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
-int ssl3_add_message(SSL *ssl, Array<uint8_t> msg);
-int ssl3_add_change_cipher_spec(SSL *ssl);
-int ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
+bool ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
+bool ssl3_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
+bool ssl3_add_message(SSL *ssl, Array<uint8_t> msg);
+bool ssl3_add_change_cipher_spec(SSL *ssl);
+bool ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
 int ssl3_flush_flight(SSL *ssl);
 
-int dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
-int dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
-int dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
-int dtls1_add_change_cipher_spec(SSL *ssl);
-int dtls1_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
+bool dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
+bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
+bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
+bool dtls1_add_change_cipher_spec(SSL *ssl);
+bool dtls1_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
 int dtls1_flush_flight(SSL *ssl);
 
 // ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
-// the pending flight. It returns one on success and zero on error.
-int ssl_add_message_cbb(SSL *ssl, CBB *cbb);
+// the pending flight. It returns true on success and false on error.
+bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
 
-// ssl_hash_message incorporates |msg| into the handshake hash. It returns one
-// on success and zero on allocation failure.
+// ssl_hash_message incorporates |msg| into the handshake hash. It returns true
+// on success and false on allocation failure.
 bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
 
 // dtls1_get_record reads a new input record. On success, it places it in
@@ -2746,22 +2744,17 @@
 int dtls1_write_record(SSL *ssl, int type, const uint8_t *buf, size_t len,
                        enum dtls1_use_epoch_t use_epoch);
 
-int dtls1_send_finished(SSL *ssl, int a, int b, const char *sender, int slen);
 int dtls1_retransmit_outgoing_messages(SSL *ssl);
-void dtls1_clear_record_buffer(SSL *ssl);
-int dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
+bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
                          CBS *out_body);
-int dtls1_check_timeout_num(SSL *ssl);
-int dtls1_handshake_write(SSL *ssl);
+bool dtls1_check_timeout_num(SSL *ssl);
 
 void dtls1_start_timer(SSL *ssl);
 void dtls1_stop_timer(SSL *ssl);
-int dtls1_is_timer_expired(SSL *ssl);
+bool dtls1_is_timer_expired(SSL *ssl);
 unsigned int dtls1_min_mtu(void);
 
-int dtls1_new(SSL *ssl);
-int dtls1_accept(SSL *ssl);
-int dtls1_connect(SSL *ssl);
+bool dtls1_new(SSL *ssl);
 void dtls1_free(SSL *ssl);
 
 bool dtls1_get_message(SSL *ssl, SSLMessage *out);
diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc
index 1c6882e..376018d 100644
--- a/ssl/s3_both.cc
+++ b/ssl/s3_both.cc
@@ -132,15 +132,15 @@
 
 namespace bssl {
 
-static int add_record_to_flight(SSL *ssl, uint8_t type,
-                                Span<const uint8_t> in) {
+static bool add_record_to_flight(SSL *ssl, uint8_t type,
+                                 Span<const uint8_t> in) {
   // We'll never add a flight while in the process of writing it out.
   assert(ssl->s3->pending_flight_offset == 0);
 
   if (ssl->s3->pending_flight == NULL) {
     ssl->s3->pending_flight = BUF_MEM_new();
     if (ssl->s3->pending_flight == NULL) {
-      return 0;
+      return false;
     }
   }
 
@@ -148,7 +148,7 @@
   size_t new_cap = ssl->s3->pending_flight->length + max_out;
   if (max_out < in.size() || new_cap < max_out) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
-    return 0;
+    return false;
   }
 
   size_t len;
@@ -157,31 +157,31 @@
                        (uint8_t *)ssl->s3->pending_flight->data +
                            ssl->s3->pending_flight->length,
                        &len, max_out, type, in.data(), in.size())) {
-    return 0;
+    return false;
   }
 
   ssl->s3->pending_flight->length += len;
-  return 1;
+  return true;
 }
 
-int ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
+bool ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
   // Pick a modest size hint to save most of the |realloc| calls.
   if (!CBB_init(cbb, 64) ||
       !CBB_add_u8(cbb, type) ||
       !CBB_add_u24_length_prefixed(cbb, body)) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
     CBB_cleanup(cbb);
-    return 0;
+    return false;
   }
 
-  return 1;
+  return true;
 }
 
-int ssl3_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg) {
+bool ssl3_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg) {
   return CBBFinishArray(cbb, out_msg);
 }
 
-int ssl3_add_message(SSL *ssl, Array<uint8_t> msg) {
+bool ssl3_add_message(SSL *ssl, Array<uint8_t> msg) {
   // Add the message to the current flight, splitting into several records if
   // needed.
   Span<const uint8_t> rest = msg;
@@ -190,7 +190,7 @@
     rest = rest.subspan(chunk.size());
 
     if (!add_record_to_flight(ssl, SSL3_RT_HANDSHAKE, chunk)) {
-      return 0;
+      return false;
     }
   } while (!rest.empty());
 
@@ -199,33 +199,33 @@
   // hs.
   if (ssl->s3->hs != NULL &&
       !ssl->s3->hs->transcript.Update(msg)) {
-    return 0;
+    return false;
   }
-  return 1;
+  return true;
 }
 
-int ssl3_add_change_cipher_spec(SSL *ssl) {
+bool ssl3_add_change_cipher_spec(SSL *ssl) {
   static const uint8_t kChangeCipherSpec[1] = {SSL3_MT_CCS};
 
   if (!add_record_to_flight(ssl, SSL3_RT_CHANGE_CIPHER_SPEC,
                             kChangeCipherSpec)) {
-    return 0;
+    return false;
   }
 
   ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_CHANGE_CIPHER_SPEC,
                       kChangeCipherSpec);
-  return 1;
+  return true;
 }
 
-int ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
+bool ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
   uint8_t alert[2] = {level, desc};
   if (!add_record_to_flight(ssl, SSL3_RT_ALERT, alert)) {
-    return 0;
+    return false;
   }
 
   ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_ALERT, alert);
   ssl_do_info_callback(ssl, SSL_CB_WRITE_ALERT, ((int)level << 8) | desc);
-  return 1;
+  return true;
 }
 
 int ssl3_flush_flight(SSL *ssl) {
diff --git a/ssl/s3_lib.cc b/ssl/s3_lib.cc
index 4d3cbb1..f3f99fa 100644
--- a/ssl/s3_lib.cc
+++ b/ssl/s3_lib.cc
@@ -164,25 +164,25 @@
 
 namespace bssl {
 
-int ssl3_new(SSL *ssl) {
+bool ssl3_new(SSL *ssl) {
   UniquePtr<SSLAEADContext> aead_read_ctx =
       SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
   UniquePtr<SSLAEADContext> aead_write_ctx =
       SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
   if (!aead_read_ctx || !aead_write_ctx) {
-    return 0;
+    return false;
   }
 
   SSL3_STATE *s3 = (SSL3_STATE *)OPENSSL_malloc(sizeof *s3);
   if (s3 == NULL) {
-    return 0;
+    return false;
   }
   OPENSSL_memset(s3, 0, sizeof *s3);
 
   s3->hs = ssl_handshake_new(ssl);
   if (s3->hs == NULL) {
     OPENSSL_free(s3);
-    return 0;
+    return false;
   }
 
   s3->aead_read_ctx = aead_read_ctx.release();
@@ -195,7 +195,7 @@
   // protocol version, and implement this pre-negotiation quirk in |SSL_version|
   // at the API boundary rather than in internal state.
   ssl->version = TLS1_2_VERSION;
-  return 1;
+  return true;
 }
 
 void ssl3_free(SSL *ssl) {
diff --git a/ssl/tls_method.cc b/ssl/tls_method.cc
index b4d08a0..9cc79b5 100644
--- a/ssl/tls_method.cc
+++ b/ssl/tls_method.cc
@@ -67,7 +67,7 @@
 
 namespace bssl {
 
-static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }
+static bool ssl3_supports_cipher(const SSL_CIPHER *cipher) { return true; }
 
 static void ssl3_on_handshake_complete(SSL *ssl) {
   // The handshake should have released its final message.
@@ -84,7 +84,7 @@
   }
 }
 
-static int ssl3_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
+static bool ssl3_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
   // Cipher changes are forbidden if the current epoch has leftover data.
   //
   // TODO(davidben): ssl->s3->rrec.length should be impossible now. Remove it
@@ -92,26 +92,26 @@
   if (ssl->s3->rrec.length != 0 || tls_has_unprocessed_handshake_data(ssl)) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFERED_MESSAGES_ON_CIPHER_CHANGE);
     ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-    return 0;
+    return false;
   }
 
   OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
 
   Delete(ssl->s3->aead_read_ctx);
   ssl->s3->aead_read_ctx = aead_ctx.release();
-  return 1;
+  return true;
 }
 
-static int ssl3_set_write_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
+static bool ssl3_set_write_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
   OPENSSL_memset(ssl->s3->write_sequence, 0, sizeof(ssl->s3->write_sequence));
 
   Delete(ssl->s3->aead_write_ctx);
   ssl->s3->aead_write_ctx = aead_ctx.release();
-  return 1;
+  return true;
 }
 
 static const SSL_PROTOCOL_METHOD kTLSProtocolMethod = {
-    0 /* is_dtls */,
+    false /* is_dtls */,
     ssl3_new,
     ssl3_free,
     ssl3_get_message,