Switch tls13_client and tls13_server to C++.

And, with that, stage one is complete. ssl/internal.h may include C++. Bug: 132 Change-Id: I0cb89f0ed5f4be36632a50744a80321595dc921c Reviewed-on: https://boringssl-review.googlesource.com/17768 Reviewed-by: Steven Valdez <svaldez@google.com>
преди 7 години · d304a2f1ac
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -35,9 +35,9 @@ add_library(
  tls_method.cc
  tls_record.cc
  tls13_both.cc
  tls13_client.c
  tls13_client.cc
  tls13_enc.cc
  tls13_server.c
  tls13_server.cc
 )

 target_link_libraries(ssl crypto)
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -382,8 +382,8 @@ static enum ssl_hs_wait_t do_process_encrypted_extensions(SSL_HANDSHAKE *hs) {

  /* Store the negotiated ALPN in the session. */
  if (ssl->s3->alpn_selected != NULL) {
    hs->new_session->early_alpn =
        BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
    hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
        ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
    if (hs->new_session->early_alpn == NULL) {
      ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
      return ssl_hs_error;
@@ -645,7 +645,8 @@ static enum ssl_hs_wait_t do_complete_second_flight(SSL_HANDSHAKE *hs) {
 enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs) {
  while (hs->tls13_state != state_done) {
    enum ssl_hs_wait_t ret = ssl_hs_error;
    enum client_hs_state_t state = hs->tls13_state;
    enum client_hs_state_t state =
        static_cast<enum client_hs_state_t>(hs->tls13_state);
    switch (state) {
      case state_process_hello_retry_request:
        ret = do_process_hello_retry_request(hs);
@@ -703,14 +704,13 @@ enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs) {
 }

 int tls13_process_new_session_ticket(SSL *ssl) {
  int ret = 0;
  SSL_SESSION *session = SSL_SESSION_dup(ssl->s3->established_session,
                                         SSL_SESSION_INCLUDE_NONAUTH);
  if (session == NULL) {
  bssl::UniquePtr<SSL_SESSION> session(SSL_SESSION_dup(
      ssl->s3->established_session, SSL_SESSION_INCLUDE_NONAUTH));
  if (!session) {
    return 0;
  }

  ssl_session_rebase_time(ssl, session);
  ssl_session_rebase_time(ssl, session.get());

  uint32_t server_timeout;
  CBS cbs, ticket, extensions;
@@ -723,7 +723,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
      CBS_len(&cbs) != 0) {
    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
    OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
    goto err;
    return 0;
  }

  /* Cap the renewable lifetime by the server advertised value. This avoids
@@ -745,7 +745,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
                            OPENSSL_ARRAY_SIZE(ext_types),
                            1 /* ignore unknown */)) {
    ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
    goto err;
    return 0;
  }

  if (have_early_data_info && ssl->cert->enable_early_data) {
@@ -753,7 +753,7 @@ int tls13_process_new_session_ticket(SSL *ssl) {
        CBS_len(&early_data_info) != 0) {
      ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
      OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
      goto err;
      return 0;
    }
  }

@@ -761,16 +761,12 @@ int tls13_process_new_session_ticket(SSL *ssl) {
  session->not_resumable = 0;

  if (ssl->ctx->new_session_cb != NULL &&
      ssl->ctx->new_session_cb(ssl, session)) {
      ssl->ctx->new_session_cb(ssl, session.get())) {
    /* |new_session_cb|'s return value signals that it took ownership. */
    session = NULL;
    session.release();
  }

  ret = 1;

 err:
  SSL_SESSION_free(session);
  return ret;
  return 1;
 }

 void ssl_clear_tls13_state(SSL_HANDSHAKE *hs) {
--- a/ssl/tls13_server.cc
+++ b/ssl/tls13_server.cc
@@ -12,6 +12,13 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 /* Per C99, various stdint.h macros are unavailable in C++ unless some macros
 * are defined. C++11 overruled this decision, but older Android NDKs still
 * require it. */
 #if !defined(__STDC_LIMIT_MACROS)
 #define __STDC_LIMIT_MACROS
 #endif

 #include <openssl/ssl.h>

 #include <assert.h>
@@ -417,8 +424,8 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {

  /* Store the initial negotiated ALPN in the session. */
  if (ssl->s3->alpn_selected != NULL) {
    hs->new_session->early_alpn =
        BUF_memdup(ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
    hs->new_session->early_alpn = (uint8_t *)BUF_memdup(
        ssl->s3->alpn_selected, ssl->s3->alpn_selected_len);
    if (hs->new_session->early_alpn == NULL) {
      ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
      return ssl_hs_error;
@@ -670,7 +677,8 @@ static enum ssl_hs_wait_t do_send_server_finished(SSL_HANDSHAKE *hs) {
     *
     * TODO(davidben): This will need to be updated for DTLS 1.3. */
    assert(!SSL_is_dtls(hs->ssl));
    uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, hs->hash_len};
    assert(hs->hash_len <= 0xff);
    uint8_t header[4] = {SSL3_MT_FINISHED, 0, 0, static_cast<uint8_t>(hs->hash_len)};
    if (!SSL_TRANSCRIPT_update(&hs->transcript, header, sizeof(header)) ||
        !SSL_TRANSCRIPT_update(&hs->transcript, hs->expected_client_finished,
                               hs->hash_len) ||
@@ -832,7 +840,8 @@ static enum ssl_hs_wait_t do_send_new_session_ticket(SSL_HANDSHAKE *hs) {
 enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
  while (hs->tls13_state != state_done) {
    enum ssl_hs_wait_t ret = ssl_hs_error;
    enum server_hs_state_t state = hs->tls13_state;
    enum server_hs_state_t state =
        static_cast<enum server_hs_state_t>(hs->tls13_state);
    switch (state) {
      case state_select_parameters:
        ret = do_select_parameters(hs);