Switch more things to bools.
Change-Id: I11e3cf9be7757fcf1dd50ca8d6d449aa83edf71f Reviewed-on: https://boringssl-review.googlesource.com/21604 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
664e99a648
commit
7e58c5ef20
@ -1988,11 +1988,6 @@ struct SSLContext {
|
|||||||
uint8_t *psk, unsigned int max_psk_len);
|
uint8_t *psk, unsigned int max_psk_len);
|
||||||
|
|
||||||
|
|
||||||
// retain_only_sha256_of_client_certs is true if we should compute the SHA256
|
|
||||||
// hash of the peer's certificate and then discard it to save memory and
|
|
||||||
// session space. Only effective on the server side.
|
|
||||||
char retain_only_sha256_of_client_certs;
|
|
||||||
|
|
||||||
// Next protocol negotiation information
|
// Next protocol negotiation information
|
||||||
// (for experimental NPN extension).
|
// (for experimental NPN extension).
|
||||||
|
|
||||||
@ -2059,32 +2054,37 @@ struct SSLContext {
|
|||||||
uint16_t *verify_sigalgs;
|
uint16_t *verify_sigalgs;
|
||||||
size_t num_verify_sigalgs;
|
size_t num_verify_sigalgs;
|
||||||
|
|
||||||
|
// retain_only_sha256_of_client_certs is true if we should compute the SHA256
|
||||||
|
// hash of the peer's certificate and then discard it to save memory and
|
||||||
|
// session space. Only effective on the server side.
|
||||||
|
bool retain_only_sha256_of_client_certs:1;
|
||||||
|
|
||||||
// quiet_shutdown is true if the connection should not send a close_notify on
|
// quiet_shutdown is true if the connection should not send a close_notify on
|
||||||
// shutdown.
|
// shutdown.
|
||||||
unsigned quiet_shutdown:1;
|
bool quiet_shutdown:1;
|
||||||
|
|
||||||
// ocsp_stapling_enabled is only used by client connections and indicates
|
// ocsp_stapling_enabled is only used by client connections and indicates
|
||||||
// whether OCSP stapling will be requested.
|
// whether OCSP stapling will be requested.
|
||||||
unsigned ocsp_stapling_enabled:1;
|
bool ocsp_stapling_enabled:1;
|
||||||
|
|
||||||
// If true, a client will request certificate timestamps.
|
// If true, a client will request certificate timestamps.
|
||||||
unsigned signed_cert_timestamps_enabled:1;
|
bool signed_cert_timestamps_enabled:1;
|
||||||
|
|
||||||
// tlsext_channel_id_enabled is one if Channel ID is enabled and zero
|
// tlsext_channel_id_enabled is one if Channel ID is enabled and zero
|
||||||
// otherwise. For a server, means that we'll accept Channel IDs from clients.
|
// otherwise. For a server, means that we'll accept Channel IDs from clients.
|
||||||
// For a client, means that we'll advertise support.
|
// For a client, means that we'll advertise support.
|
||||||
unsigned tlsext_channel_id_enabled:1;
|
bool tlsext_channel_id_enabled:1;
|
||||||
|
|
||||||
// grease_enabled is one if draft-davidben-tls-grease-01 is enabled and zero
|
// grease_enabled is one if draft-davidben-tls-grease-01 is enabled and zero
|
||||||
// otherwise.
|
// otherwise.
|
||||||
unsigned grease_enabled:1;
|
bool grease_enabled:1;
|
||||||
|
|
||||||
// allow_unknown_alpn_protos is one if the client allows unsolicited ALPN
|
// allow_unknown_alpn_protos is one if the client allows unsolicited ALPN
|
||||||
// protocols from the peer.
|
// protocols from the peer.
|
||||||
unsigned allow_unknown_alpn_protos:1;
|
bool allow_unknown_alpn_protos:1;
|
||||||
|
|
||||||
// ed25519_enabled is one if Ed25519 is advertised in the handshake.
|
// ed25519_enabled is one if Ed25519 is advertised in the handshake.
|
||||||
unsigned ed25519_enabled:1;
|
bool ed25519_enabled:1;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct SSL3_RECORD {
|
struct SSL3_RECORD {
|
||||||
@ -2529,31 +2529,31 @@ struct SSLConnection {
|
|||||||
// server is true iff the this SSL* is the server half. Note: before the SSL*
|
// server is true iff the this SSL* is the server half. Note: before the SSL*
|
||||||
// is initialized by either SSL_set_accept_state or SSL_set_connect_state,
|
// is initialized by either SSL_set_accept_state or SSL_set_connect_state,
|
||||||
// the side is not determined. In this state, server is always false.
|
// the side is not determined. In this state, server is always false.
|
||||||
unsigned server:1;
|
bool server:1;
|
||||||
|
|
||||||
// quiet_shutdown is true if the connection should not send a close_notify on
|
// quiet_shutdown is true if the connection should not send a close_notify on
|
||||||
// shutdown.
|
// shutdown.
|
||||||
unsigned quiet_shutdown:1;
|
bool quiet_shutdown:1;
|
||||||
|
|
||||||
// Enable signed certificate time stamps. Currently client only.
|
// Enable signed certificate time stamps. Currently client only.
|
||||||
unsigned signed_cert_timestamps_enabled:1;
|
bool signed_cert_timestamps_enabled:1;
|
||||||
|
|
||||||
// ocsp_stapling_enabled is only used by client connections and indicates
|
// ocsp_stapling_enabled is only used by client connections and indicates
|
||||||
// whether OCSP stapling will be requested.
|
// whether OCSP stapling will be requested.
|
||||||
unsigned ocsp_stapling_enabled:1;
|
bool ocsp_stapling_enabled:1;
|
||||||
|
|
||||||
// tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server,
|
// tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server,
|
||||||
// means that we'll accept Channel IDs from clients. For a client, means that
|
// means that we'll accept Channel IDs from clients. For a client, means that
|
||||||
// we'll advertise support.
|
// we'll advertise support.
|
||||||
unsigned tlsext_channel_id_enabled:1;
|
bool tlsext_channel_id_enabled:1;
|
||||||
|
|
||||||
// retain_only_sha256_of_client_certs is true if we should compute the SHA256
|
// retain_only_sha256_of_client_certs is true if we should compute the SHA256
|
||||||
// hash of the peer's certificate and then discard it to save memory and
|
// hash of the peer's certificate and then discard it to save memory and
|
||||||
// session space. Only effective on the server side.
|
// session space. Only effective on the server side.
|
||||||
unsigned retain_only_sha256_of_client_certs:1;
|
bool retain_only_sha256_of_client_certs:1;
|
||||||
|
|
||||||
// early_data_accepted is true if early data was accepted by the server.
|
// early_data_accepted is true if early data was accepted by the server.
|
||||||
unsigned early_data_accepted:1;
|
bool early_data_accepted:1;
|
||||||
};
|
};
|
||||||
|
|
||||||
// From draft-ietf-tls-tls13-18, used in determining PSK modes.
|
// From draft-ietf-tls-tls13-18, used in determining PSK modes.
|
||||||
|
@ -744,12 +744,12 @@ void SSL_free(SSL *ssl) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void SSL_set_connect_state(SSL *ssl) {
|
void SSL_set_connect_state(SSL *ssl) {
|
||||||
ssl->server = 0;
|
ssl->server = false;
|
||||||
ssl->do_handshake = ssl_client_handshake;
|
ssl->do_handshake = ssl_client_handshake;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSL_set_accept_state(SSL *ssl) {
|
void SSL_set_accept_state(SSL *ssl) {
|
||||||
ssl->server = 1;
|
ssl->server = true;
|
||||||
ssl->do_handshake = ssl_server_handshake;
|
ssl->do_handshake = ssl_server_handshake;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1795,19 +1795,19 @@ void SSL_set_custom_verify(
|
|||||||
}
|
}
|
||||||
|
|
||||||
void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx) {
|
void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx) {
|
||||||
ctx->signed_cert_timestamps_enabled = 1;
|
ctx->signed_cert_timestamps_enabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSL_enable_signed_cert_timestamps(SSL *ssl) {
|
void SSL_enable_signed_cert_timestamps(SSL *ssl) {
|
||||||
ssl->signed_cert_timestamps_enabled = 1;
|
ssl->signed_cert_timestamps_enabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx) {
|
void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx) {
|
||||||
ctx->ocsp_stapling_enabled = 1;
|
ctx->ocsp_stapling_enabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSL_enable_ocsp_stapling(SSL *ssl) {
|
void SSL_enable_ocsp_stapling(SSL *ssl) {
|
||||||
ssl->ocsp_stapling_enabled = 1;
|
ssl->ocsp_stapling_enabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, const uint8_t **out,
|
void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, const uint8_t **out,
|
||||||
@ -2004,7 +2004,7 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) {
|
|||||||
EVP_PKEY_free(ctx->tlsext_channel_id_private);
|
EVP_PKEY_free(ctx->tlsext_channel_id_private);
|
||||||
EVP_PKEY_up_ref(private_key);
|
EVP_PKEY_up_ref(private_key);
|
||||||
ctx->tlsext_channel_id_private = private_key;
|
ctx->tlsext_channel_id_private = private_key;
|
||||||
ctx->tlsext_channel_id_enabled = 1;
|
ctx->tlsext_channel_id_enabled = true;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -2018,7 +2018,7 @@ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) {
|
|||||||
EVP_PKEY_free(ssl->tlsext_channel_id_private);
|
EVP_PKEY_free(ssl->tlsext_channel_id_private);
|
||||||
EVP_PKEY_up_ref(private_key);
|
EVP_PKEY_up_ref(private_key);
|
||||||
ssl->tlsext_channel_id_private = private_key;
|
ssl->tlsext_channel_id_private = private_key;
|
||||||
ssl->tlsext_channel_id_enabled = 1;
|
ssl->tlsext_channel_id_enabled = true;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
@ -2033,7 +2033,7 @@ static int ext_early_data_parse_serverhello(SSL_HANDSHAKE *hs,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ssl->early_data_accepted = 1;
|
ssl->early_data_accepted = true;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -384,7 +384,7 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
|
|||||||
ssl->s3->alpn_selected_len == session->early_alpn_len &&
|
ssl->s3->alpn_selected_len == session->early_alpn_len &&
|
||||||
OPENSSL_memcmp(ssl->s3->alpn_selected, session->early_alpn,
|
OPENSSL_memcmp(ssl->s3->alpn_selected, session->early_alpn,
|
||||||
ssl->s3->alpn_selected_len) == 0) {
|
ssl->s3->alpn_selected_len) == 0) {
|
||||||
ssl->early_data_accepted = 1;
|
ssl->early_data_accepted = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (hs->new_session == NULL) {
|
if (hs->new_session == NULL) {
|
||||||
@ -452,7 +452,7 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
|
|||||||
bool need_retry;
|
bool need_retry;
|
||||||
if (!resolve_ecdhe_secret(hs, &need_retry, &client_hello)) {
|
if (!resolve_ecdhe_secret(hs, &need_retry, &client_hello)) {
|
||||||
if (need_retry) {
|
if (need_retry) {
|
||||||
ssl->early_data_accepted = 0;
|
ssl->early_data_accepted = false;
|
||||||
ssl->s3->skip_early_data = true;
|
ssl->s3->skip_early_data = true;
|
||||||
ssl->method->next_message(ssl);
|
ssl->method->next_message(ssl);
|
||||||
hs->tls13_state = state_send_hello_retry_request;
|
hs->tls13_state = state_send_hello_retry_request;
|
||||||
|
Loading…
Reference in New Issue
Block a user