From 0238d8f4ffedd650163b71629d12b0fc744f1b83 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Wed, 12 Jul 2017 17:35:14 -0400
Subject: [PATCH] Switch more files to C++.

Bug: 132
Change-Id: I2b0c87262a5a529ea264ea8ce2d11c2dba0ec1c8
Reviewed-on: https://boringssl-review.googlesource.com/17766
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
---
 ssl/CMakeLists.txt                          | 12 ++--
 ssl/{ssl_session.c => ssl_session.cc}       | 72 +++++++++------------
 ssl/{ssl_stat.c => ssl_stat.cc}             |  0
 ssl/{ssl_transcript.c => ssl_transcript.cc} |  0
 ssl/{ssl_versions.c => ssl_versions.cc}     |  0
 ssl/{t1_enc.c => t1_enc.cc}                 |  4 +-
 ssl/{tls_method.c => tls_method.cc}         |  0
 7 files changed, 38 insertions(+), 50 deletions(-)
 rename ssl/{ssl_session.c => ssl_session.cc} (95%)
 rename ssl/{ssl_stat.c => ssl_stat.cc} (100%)
 rename ssl/{ssl_transcript.c => ssl_transcript.cc} (100%)
 rename ssl/{ssl_versions.c => ssl_versions.cc} (100%)
 rename ssl/{t1_enc.c => t1_enc.cc} (99%)
 rename ssl/{tls_method.c => tls_method.cc} (100%)

diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index d2fe8497..eb0aa326 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -25,14 +25,14 @@ add_library(
   ssl_file.cc
   ssl_lib.cc
   ssl_privkey.cc
-  ssl_session.c
-  ssl_stat.c
-  ssl_transcript.c
-  ssl_versions.c
+  ssl_session.cc
+  ssl_stat.cc
+  ssl_transcript.cc
+  ssl_versions.cc
   ssl_x509.cc
-  t1_enc.c
+  t1_enc.cc
   t1_lib.c
-  tls_method.c
+  tls_method.cc
   tls_record.c
   tls13_both.c
   tls13_client.c
diff --git a/ssl/ssl_session.c b/ssl/ssl_session.cc
similarity index 95%
rename from ssl/ssl_session.c
rename to ssl/ssl_session.cc
index 3e2c9f49..9cb78cc2 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.cc
@@ -161,7 +161,7 @@ static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *session);
 static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *session, int lock);
 
 SSL_SESSION *ssl_session_new(const SSL_X509_METHOD *x509_method) {
-  SSL_SESSION *session = OPENSSL_malloc(sizeof(SSL_SESSION));
+  SSL_SESSION *session = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
   if (session == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;
@@ -228,8 +228,8 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) {
 
   new_session->ocsp_response_length = session->ocsp_response_length;
   if (session->ocsp_response != NULL) {
-    new_session->ocsp_response = BUF_memdup(session->ocsp_response,
-                                            session->ocsp_response_length);
+    new_session->ocsp_response = (uint8_t *)BUF_memdup(
+        session->ocsp_response, session->ocsp_response_length);
     if (new_session->ocsp_response == NULL) {
       goto err;
     }
@@ -238,9 +238,9 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) {
   new_session->tlsext_signed_cert_timestamp_list_length =
       session->tlsext_signed_cert_timestamp_list_length;
   if (session->tlsext_signed_cert_timestamp_list != NULL) {
-    new_session->tlsext_signed_cert_timestamp_list =
-        BUF_memdup(session->tlsext_signed_cert_timestamp_list,
-                   session->tlsext_signed_cert_timestamp_list_length);
+    new_session->tlsext_signed_cert_timestamp_list = (uint8_t *)BUF_memdup(
+        session->tlsext_signed_cert_timestamp_list,
+        session->tlsext_signed_cert_timestamp_list_length);
     if (new_session->tlsext_signed_cert_timestamp_list == NULL) {
       goto err;
     }
@@ -283,7 +283,7 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) {
 
     if (session->early_alpn != NULL) {
       new_session->early_alpn =
-          BUF_memdup(session->early_alpn, session->early_alpn_len);
+          (uint8_t *)BUF_memdup(session->early_alpn, session->early_alpn_len);
       if (new_session->early_alpn == NULL) {
         goto err;
       }
@@ -295,7 +295,7 @@ SSL_SESSION *SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) {
   if (dup_flags & SSL_SESSION_INCLUDE_TICKET) {
     if (session->tlsext_tick != NULL) {
       new_session->tlsext_tick =
-          BUF_memdup(session->tlsext_tick, session->tlsext_ticklen);
+          (uint8_t *)BUF_memdup(session->tlsext_tick, session->tlsext_ticklen);
       if (new_session->tlsext_tick == NULL) {
         goto err;
       }
@@ -595,12 +595,8 @@ err:
 static int ssl_encrypt_ticket_with_cipher_ctx(SSL *ssl, CBB *out,
                                               const uint8_t *session_buf,
                                               size_t session_len) {
-  int ret = 0;
-
-  EVP_CIPHER_CTX ctx;
-  EVP_CIPHER_CTX_init(&ctx);
-  HMAC_CTX hctx;
-  HMAC_CTX_init(&hctx);
+  bssl::ScopedEVP_CIPHER_CTX ctx;
+  bssl::ScopedHMAC_CTX hctx;
 
   /* If the session is too long, emit a dummy value rather than abort the
    * connection. */
@@ -608,11 +604,8 @@ static int ssl_encrypt_ticket_with_cipher_ctx(SSL *ssl, CBB *out,
       16 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE;
   if (session_len > 0xffff - kMaxTicketOverhead) {
     static const char kTicketPlaceholder[] = "TICKET TOO LARGE";
-    if (CBB_add_bytes(out, (const uint8_t *)kTicketPlaceholder,
-                      strlen(kTicketPlaceholder))) {
-      ret = 1;
-    }
-    goto err;
+    return CBB_add_bytes(out, (const uint8_t *)kTicketPlaceholder,
+                         strlen(kTicketPlaceholder));
   }
 
   /* Initialize HMAC and cipher contexts. If callback present it does all the
@@ -621,26 +614,26 @@ static int ssl_encrypt_ticket_with_cipher_ctx(SSL *ssl, CBB *out,
   uint8_t iv[EVP_MAX_IV_LENGTH];
   uint8_t key_name[16];
   if (tctx->tlsext_ticket_key_cb != NULL) {
-    if (tctx->tlsext_ticket_key_cb(ssl, key_name, iv, &ctx, &hctx,
+    if (tctx->tlsext_ticket_key_cb(ssl, key_name, iv, ctx.get(), hctx.get(),
                                    1 /* encrypt */) < 0) {
-      goto err;
+      return 0;
     }
   } else {
     if (!RAND_bytes(iv, 16) ||
-        !EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+        !EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_cbc(), NULL,
                             tctx->tlsext_tick_aes_key, iv) ||
-        !HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16, tlsext_tick_md(),
-                      NULL)) {
-      goto err;
+        !HMAC_Init_ex(hctx.get(), tctx->tlsext_tick_hmac_key, 16,
+                      tlsext_tick_md(), NULL)) {
+      return 0;
     }
     OPENSSL_memcpy(key_name, tctx->tlsext_tick_key_name, 16);
   }
 
   uint8_t *ptr;
   if (!CBB_add_bytes(out, key_name, 16) ||
-      !CBB_add_bytes(out, iv, EVP_CIPHER_CTX_iv_length(&ctx)) ||
+      !CBB_add_bytes(out, iv, EVP_CIPHER_CTX_iv_length(ctx.get())) ||
       !CBB_reserve(out, &ptr, session_len + EVP_MAX_BLOCK_LENGTH)) {
-    goto err;
+    return 0;
   }
 
   size_t total = 0;
@@ -649,33 +642,28 @@ static int ssl_encrypt_ticket_with_cipher_ctx(SSL *ssl, CBB *out,
   total = session_len;
 #else
   int len;
-  if (!EVP_EncryptUpdate(&ctx, ptr + total, &len, session_buf, session_len)) {
-    goto err;
+  if (!EVP_EncryptUpdate(ctx.get(), ptr + total, &len, session_buf, session_len)) {
+    return 0;
   }
   total += len;
-  if (!EVP_EncryptFinal_ex(&ctx, ptr + total, &len)) {
-    goto err;
+  if (!EVP_EncryptFinal_ex(ctx.get(), ptr + total, &len)) {
+    return 0;
   }
   total += len;
 #endif
   if (!CBB_did_write(out, total)) {
-    goto err;
+    return 0;
   }
 
   unsigned hlen;
-  if (!HMAC_Update(&hctx, CBB_data(out), CBB_len(out)) ||
+  if (!HMAC_Update(hctx.get(), CBB_data(out), CBB_len(out)) ||
       !CBB_reserve(out, &ptr, EVP_MAX_MD_SIZE) ||
-      !HMAC_Final(&hctx, ptr, &hlen) ||
+      !HMAC_Final(hctx.get(), ptr, &hlen) ||
       !CBB_did_write(out, hlen)) {
-    goto err;
+    return 0;
   }
 
-  ret = 1;
-
-err:
-  EVP_CIPHER_CTX_cleanup(&ctx);
-  HMAC_CTX_cleanup(&hctx);
-  return ret;
+  return 1;
 }
 
 static int ssl_encrypt_ticket_with_method(SSL *ssl, CBB *out,
@@ -1027,7 +1015,7 @@ typedef struct timeout_param_st {
 } TIMEOUT_PARAM;
 
 static void timeout_doall_arg(SSL_SESSION *session, void *void_param) {
-  TIMEOUT_PARAM *param = void_param;
+  TIMEOUT_PARAM *param = reinterpret_cast<TIMEOUT_PARAM *>(void_param);
 
   if (param->time == 0 ||
       session->time + session->timeout < session->time ||
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.cc
similarity index 100%
rename from ssl/ssl_stat.c
rename to ssl/ssl_stat.cc
diff --git a/ssl/ssl_transcript.c b/ssl/ssl_transcript.cc
similarity index 100%
rename from ssl/ssl_transcript.c
rename to ssl/ssl_transcript.cc
diff --git a/ssl/ssl_versions.c b/ssl/ssl_versions.cc
similarity index 100%
rename from ssl/ssl_versions.c
rename to ssl/ssl_versions.cc
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.cc
similarity index 99%
rename from ssl/t1_enc.c
rename to ssl/t1_enc.cc
index 6aa5e0c1..c2242405 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.cc
@@ -365,7 +365,7 @@ static int tls1_setup_key_block(SSL_HANDSHAKE *hs) {
 
   size_t key_block_len = SSL_get_key_block_len(ssl);
 
-  uint8_t *keyblock = OPENSSL_malloc(key_block_len);
+  uint8_t *keyblock = (uint8_t *)OPENSSL_malloc(key_block_len);
   if (keyblock == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;
@@ -533,7 +533,7 @@ int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
     }
     seed_len += 2 + context_len;
   }
-  uint8_t *seed = OPENSSL_malloc(seed_len);
+  uint8_t *seed = (uint8_t *)OPENSSL_malloc(seed_len);
   if (seed == NULL) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
     return 0;
diff --git a/ssl/tls_method.c b/ssl/tls_method.cc
similarity index 100%
rename from ssl/tls_method.c
rename to ssl/tls_method.cc