kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Switch tls13_client and tls13_server to C++.

Browse Source 
And, with that, stage one is complete. ssl/internal.h may include C++.

Bug: 132
Change-Id: I0cb89f0ed5f4be36632a50744a80321595dc921c
Reviewed-on: https://boringssl-review.googlesource.com/17768
Reviewed-by: Steven Valdez <svaldez@google.com>
This commit is contained in:
David Benjamin 2017-07-12 23:00:28 -04:00
parent 81678aabd7
commit d304a2f1ac
3 changed files with 29 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/CMakeLists.txt
View File

@ -35,9 +35,9 @@ add_library(
tls_method.cc
tls_record.cc
tls13_both.cc
tls13_client.c
tls13_client.cc
tls13_enc.cc
tls13_server.c
tls13_server.cc
)
target_link_libraries(ssl crypto)

32
ssl/tls13_client.c → ssl/tls13_client.cc
View File

@ -382,8 +382,8 @@ static enum ssl_hs_wait_t do_process_encrypted_extensions(SSL_HANDSHAKE *hs) {
/* Store the negotiated ALPN in the session. */
if (ssl->s3->alpn_selected != NULL) {
hs->new_session->early_alpn =
BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
if (hs->new_session->early_alpn == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
@ -645,7 +645,8 @@ static enum ssl_hs_wait_t do_complete_second_flight(SSL_HANDSHAKE *hs) {
enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs) {
while (hs->tls13_state != state_done) {
enum ssl_hs_wait_t ret = ssl_hs_error;
enum client_hs_state_t state = hs->tls13_state;
enum client_hs_state_t state =
static_cast<enum client_hs_state_t>(hs->tls13_state);
switch (state) {
case state_process_hello_retry_request:
ret = do_process_hello_retry_request(hs);
@ -703,14 +704,13 @@ enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs) {
}
int tls13_process_new_session_ticket(SSL *ssl) {
int ret = 0;
SSL_SESSION *session = SSL_SESSION_dup(ssl->s3->established_session,
SSL_SESSION_INCLUDE_NONAUTH);
if (session == NULL) {
bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_dup(
ssl->s3->established_session, SSL_SESSION_INCLUDE_NONAUTH));
if (!session) {
return 0;
}
ssl_session_rebase_time(ssl, session);
ssl_session_rebase_time(ssl, session.get());
uint32_t server_timeout;
CBS cbs, ticket, extensions;
@ -723,7 +723,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
CBS_len(&cbs) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
goto err;
return 0;
}
/* Cap the renewable lifetime by the server advertised value. This avoids
@ -745,7 +745,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
OPENSSL_ARRAY_SIZE(ext_types),
1 /* ignore unknown */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
goto err;
return 0;
}
if (have_early_data_info && ssl->cert->enable_early_data) {
@ -753,7 +753,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
CBS_len(&early_data_info) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
goto err;
return 0;
}
}
@ -761,16 +761,12 @@ int tls13_process_new_session_ticket(SSL *ssl) {
session->not_resumable = 0;
if (ssl->ctx->new_session_cb != NULL &&
ssl->ctx->new_session_cb(ssl, session)) {
ssl->ctx->new_session_cb(ssl, session.get())) {
/* |new_session_cb|'s return value signals that it took ownership. */
session = NULL;
session.release();
}
ret = 1;
err:
SSL_SESSION_free(session);
return ret;
return 1;
}
void ssl_clear_tls13_state(SSL_HANDSHAKE *hs) {

17
ssl/tls13_server.c → ssl/tls13_server.cc
View File

@ -12,6 +12,13 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
/* Per C99, various stdint.h macros are unavailable in C++ unless some macros
* are defined. C++11 overruled this decision, but older Android NDKs still
* require it. */
#if !defined(__STDC_LIMIT_MACROS)
#define __STDC_LIMIT_MACROS
#endif
#include <openssl/ssl.h>
#include <assert.h>
@ -417,8 +424,8 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
/* Store the initial negotiated ALPN in the session. */
if (ssl->s3->alpn_selected != NULL) {
hs->new_session->early_alpn =
BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
if (hs->new_session->early_alpn == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
@ -670,7 +677,8 @@ static enum ssl_hs_wait_t do_send_server_finished(SSL_HANDSHAKE *hs) {
*
* TODO(davidben): This will need to be updated for DTLS 1.3. */
assert(!SSL_is_dtls(hs->ssl));
uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, hs->hash_len};
assert(hs->hash_len <= 0xff);
uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, static_cast<uint8_t>(hs->hash_len)};
if (!SSL_TRANSCRIPT_update(&hs->transcript, header, sizeof(header)) ||
!SSL_TRANSCRIPT_update(&hs->transcript, hs->expected_client_finished,
hs->hash_len) ||
@ -832,7 +840,8 @@ static enum ssl_hs_wait_t do_send_new_session_ticket(SSL_HANDSHAKE *hs) {
enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
while (hs->tls13_state != state_done) {
enum ssl_hs_wait_t ret = ssl_hs_error;
enum server_hs_state_t state = hs->tls13_state;
enum server_hs_state_t state =
static_cast<enum server_hs_state_t>(hs->tls13_state);
switch (state) {
case state_select_parameters:
ret = do_select_parameters(hs);