Sfoglia il codice sorgente
Switch OPENSSL_COMPILE_ASSERT to static_assert in C++ code.
Clang for Windows does not like OPENSSL_COMPILE_ASSERT inside a function in C++. It complains that the struct is unused. I think we worked around this in C previously by making it expand to C11 _Static_assert when available. But libssl is now C++ and assumes a C++11-capable compiler. Use real static_assert. Bug: 132 Change-Id: I6aceb95360244bd2c80d194b80676483abb60519 Reviewed-on: https://boringssl-review.googlesource.com/17924 Reviewed-by: Adam Langley <agl@google.com>kris/onging/CECPQ3_patch15
David Benjamin
7 anni fa
committed by
Adam Langley
Adam Langley
7 ha cambiato i file con 41 aggiunte e 42 eliminazioni
-
+3 -4ssl/d1_both.cc
-
+2 -2ssl/handshake_client.cc
-
+2 -3ssl/ssl_aead_ctx.cc
-
+16 -14ssl/ssl_buffer.cc
-
+4 -4ssl/ssl_lib.cc
-
+2 -3ssl/ssl_privkey.cc
-
+12 -12ssl/t1_lib.cc
+ 3
- 4
ssl/d1_both.cc
Vedi File
| @@ -122,7 +122,6 @@ | |||
| #include <openssl/evp.h> | |||
| #include <openssl/mem.h> | |||
| #include <openssl/rand.h> | |||
| #include <openssl/type_check.h> | |||
| #include "../crypto/internal.h" | |||
| #include "internal.h" | |||
| @@ -538,9 +537,9 @@ int dtls1_finish_message(SSL *ssl, CBB *cbb, uint8_t **out_msg, | |||
| * it takes ownership of |data| and releases it with |OPENSSL_free| when | |||
| * done. */ | |||
| static int add_outgoing(SSL *ssl, int is_ccs, uint8_t *data, size_t len) { | |||
| OPENSSL_COMPILE_ASSERT(SSL_MAX_HANDSHAKE_FLIGHT < | |||
| (1 << 8 * sizeof(ssl->d1->outgoing_messages_len)), | |||
| outgoing_messages_len_is_too_small); | |||
| static_assert(SSL_MAX_HANDSHAKE_FLIGHT < | |||
| (1 << 8 * sizeof(ssl->d1->outgoing_messages_len)), | |||
| "outgoing_messages_len is too small"); | |||
| if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT) { | |||
| assert(0); | |||
| OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); | |||
+ 2
- 2
ssl/handshake_client.cc
Vedi File
| @@ -1512,8 +1512,8 @@ static int ssl3_send_client_certificate(SSL_HANDSHAKE *hs) { | |||
| return 1; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT(sizeof(size_t) >= sizeof(unsigned), | |||
| SIZE_T_IS_SMALLER_THAN_UNSIGNED); | |||
| static_assert(sizeof(size_t) >= sizeof(unsigned), | |||
| "size_t is smaller than unsigned"); | |||
| static int ssl3_send_client_key_exchange(SSL_HANDSHAKE *hs) { | |||
| SSL *const ssl = hs->ssl; | |||
+ 2
- 3
ssl/ssl_aead_ctx.cc
Vedi File
| @@ -20,7 +20,6 @@ | |||
| #include <openssl/aead.h> | |||
| #include <openssl/err.h> | |||
| #include <openssl/rand.h> | |||
| #include <openssl/type_check.h> | |||
| #include "../crypto/internal.h" | |||
| #include "internal.h" | |||
| @@ -78,8 +77,8 @@ SSL_AEAD_CTX *SSL_AEAD_CTX_new(enum evp_aead_direction_t direction, | |||
| } | |||
| assert(EVP_AEAD_nonce_length(aead) <= EVP_AEAD_MAX_NONCE_LENGTH); | |||
| OPENSSL_COMPILE_ASSERT(EVP_AEAD_MAX_NONCE_LENGTH < 256, | |||
| variable_nonce_len_doesnt_fit_in_uint8_t); | |||
| static_assert(EVP_AEAD_MAX_NONCE_LENGTH < 256, | |||
| "variable_nonce_len doesn't fit in uint8_t"); | |||
| aead_ctx->variable_nonce_len = (uint8_t)EVP_AEAD_nonce_length(aead); | |||
| if (mac_key_len == 0) { | |||
| assert(fixed_iv_len <= sizeof(aead_ctx->fixed_nonce)); | |||
+ 16
- 14
ssl/ssl_buffer.cc
Vedi File
| @@ -22,16 +22,17 @@ | |||
| #include <openssl/bio.h> | |||
| #include <openssl/err.h> | |||
| #include <openssl/mem.h> | |||
| #include <openssl/type_check.h> | |||
| #include "../crypto/internal.h" | |||
| #include "internal.h" | |||
| OPENSSL_COMPILE_ASSERT(0xffff <= INT_MAX, uint16_fits_in_int); | |||
| /* BIO uses int instead of size_t. No lengths will exceed uint16_t, so this will | |||
| * not overflow. */ | |||
| static_assert(0xffff <= INT_MAX, "uint16_t does not fit in int"); | |||
| OPENSSL_COMPILE_ASSERT((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0, | |||
| align_to_a_power_of_two); | |||
| static_assert((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0, | |||
| "SSL3_ALIGN_PAYLOAD must be a power of 2"); | |||
| /* ensure_buffer ensures |buf| has capacity at least |cap|, aligned such that | |||
| * data written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte | |||
| @@ -142,9 +143,9 @@ int ssl_read_buffer_extend_to(SSL *ssl, size_t len) { | |||
| ssl_read_buffer_discard(ssl); | |||
| if (SSL_is_dtls(ssl)) { | |||
| OPENSSL_COMPILE_ASSERT( | |||
| static_assert( | |||
| DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH <= 0xffff, | |||
| dtls_read_buffer_too_large); | |||
| "DTLS read buffer is too large"); | |||
| /* The |len| parameter is ignored in DTLS. */ | |||
| len = DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; | |||
| @@ -203,15 +204,16 @@ int ssl_write_buffer_is_pending(const SSL *ssl) { | |||
| return ssl->s3->write_buffer.len > 0; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT(SSL3_RT_HEADER_LENGTH * 2 + | |||
| SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 + | |||
| SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff, | |||
| maximum_tls_write_buffer_too_large); | |||
| static_assert(SSL3_RT_HEADER_LENGTH * 2 + | |||
| SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 + | |||
| SSL3_RT_MAX_PLAIN_LENGTH <= | |||
| 0xffff, | |||
| "maximum TLS write buffer is too large"); | |||
| OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH + | |||
| SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + | |||
| SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff, | |||
| maximum_dtls_write_buffer_too_large); | |||
| static_assert(DTLS1_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + | |||
| SSL3_RT_MAX_PLAIN_LENGTH <= | |||
| 0xffff, | |||
| "maximum DTLS write buffer is too large"); | |||
| int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) { | |||
| SSL3_BUFFER *buf = &ssl->s3->write_buffer; | |||
+ 4
- 4
ssl/ssl_lib.cc
Vedi File
| @@ -173,9 +173,9 @@ OPENSSL_DECLARE_ERROR_REASON(SSL, NO_CIPHERS_SPECIFIED) | |||
| /* Some error codes are special. Ensure the make_errors.go script never | |||
| * regresses this. */ | |||
| OPENSSL_COMPILE_ASSERT(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION == | |||
| SSL_AD_NO_RENEGOTIATION + SSL_AD_REASON_OFFSET, | |||
| ssl_alert_reason_code_mismatch); | |||
| static_assert(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION == | |||
| SSL_AD_NO_RENEGOTIATION + SSL_AD_REASON_OFFSET, | |||
| "alert reason code mismatch"); | |||
| /* kMaxHandshakeSize is the maximum size, in bytes, of a handshake message. */ | |||
| static const size_t kMaxHandshakeSize = (1u << 24) - 1; | |||
| @@ -1083,7 +1083,7 @@ static int set_session_id_context(CERT *cert, const uint8_t *sid_ctx, | |||
| return 0; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT(sizeof(cert->sid_ctx) < 256, sid_ctx_too_large); | |||
| static_assert(sizeof(cert->sid_ctx) < 256, "sid_ctx too large"); | |||
| cert->sid_ctx_length = (uint8_t)sid_ctx_len; | |||
| OPENSSL_memcpy(cert->sid_ctx, sid_ctx, sid_ctx_len); | |||
| return 1; | |||
+ 2
- 3
ssl/ssl_privkey.cc
Vedi File
| @@ -64,7 +64,6 @@ | |||
| #include <openssl/err.h> | |||
| #include <openssl/evp.h> | |||
| #include <openssl/mem.h> | |||
| #include <openssl/type_check.h> | |||
| #include "internal.h" | |||
| #include "../crypto/internal.h" | |||
| @@ -271,8 +270,8 @@ int SSL_set_private_key_digest_prefs(SSL *ssl, const int *digest_nids, | |||
| size_t num_digests) { | |||
| OPENSSL_free(ssl->cert->sigalgs); | |||
| OPENSSL_COMPILE_ASSERT(sizeof(int) >= 2 * sizeof(uint16_t), | |||
| digest_list_conversion_cannot_overflow); | |||
| static_assert(sizeof(int) >= 2 * sizeof(uint16_t), | |||
| "sigalgs allocation may overflow"); | |||
| ssl->cert->num_sigalgs = 0; | |||
| ssl->cert->sigalgs = | |||
+ 12
- 12
ssl/t1_lib.cc
Vedi File
| @@ -121,7 +121,6 @@ | |||
| #include <openssl/mem.h> | |||
| #include <openssl/nid.h> | |||
| #include <openssl/rand.h> | |||
| #include <openssl/type_check.h> | |||
| #include "internal.h" | |||
| #include "../crypto/internal.h" | |||
| @@ -2639,12 +2638,12 @@ static const struct tls_extension kExtensions[] = { | |||
| #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension)) | |||
| OPENSSL_COMPILE_ASSERT(kNumExtensions <= | |||
| sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8, | |||
| too_many_extensions_for_sent_bitset); | |||
| OPENSSL_COMPILE_ASSERT( | |||
| kNumExtensions <= sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8, | |||
| too_many_extensions_for_received_bitset); | |||
| static_assert(kNumExtensions <= | |||
| sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8, | |||
| "too many extensions for sent bitset"); | |||
| static_assert(kNumExtensions <= | |||
| sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8, | |||
| "too many extensions for received bitset"); | |||
| static const struct tls_extension *tls_extension_find(uint32_t *out_index, | |||
| uint16_t value) { | |||
| @@ -2960,8 +2959,8 @@ static int ssl_scan_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs, | |||
| continue; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT(kNumExtensions <= sizeof(hs->extensions.sent) * 8, | |||
| too_many_bits); | |||
| static_assert(kNumExtensions <= sizeof(hs->extensions.sent) * 8, | |||
| "too many bits"); | |||
| if (!(hs->extensions.sent & (1u << ext_index)) && | |||
| type != TLSEXT_TYPE_renegotiate) { | |||
| @@ -3486,9 +3485,9 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) { | |||
| return -1; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT( | |||
| static_assert( | |||
| sizeof(hs->new_session->original_handshake_hash) == EVP_MAX_MD_SIZE, | |||
| original_handshake_hash_is_too_small); | |||
| "original_handshake_hash is too small"); | |||
| size_t digest_len; | |||
| if (!SSL_TRANSCRIPT_get_hash(&hs->transcript, | |||
| @@ -3497,7 +3496,8 @@ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) { | |||
| return -1; | |||
| } | |||
| OPENSSL_COMPILE_ASSERT(EVP_MAX_MD_SIZE <= 0xff, max_md_size_is_too_large); | |||
| static_assert(EVP_MAX_MD_SIZE <= 0xff, | |||
| "EVP_MAX_MD_SIZE does not fit in uint8_t"); | |||
| hs->new_session->original_handshake_hash_len = (uint8_t)digest_len; | |||
| return 1; | |||