ssl_cipher required fixing the types of the cipher masks. Bug: 132 Change-Id: I0428d853b25fe4674ac3cad87a8eb92c6c8659e3 Reviewed-on: https://boringssl-review.googlesource.com/17746 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>kris/onging/CECPQ3_patch15
@@ -18,9 +18,9 @@ add_library( | |||
s3_pkt.cc | |||
ssl_aead_ctx.c | |||
ssl_asn1.cc | |||
ssl_buffer.c | |||
ssl_cert.c | |||
ssl_cipher.c | |||
ssl_buffer.cc | |||
ssl_cert.cc | |||
ssl_cipher.cc | |||
ssl_ecdh.c | |||
ssl_file.c | |||
ssl_lib.c | |||
@@ -217,38 +217,38 @@ uint16_t ssl3_protocol_version(const SSL *ssl); | |||
/* Cipher suites. */ | |||
/* Bits for |algorithm_mkey| (key exchange algorithm). */ | |||
#define SSL_kRSA 0x00000001L | |||
#define SSL_kECDHE 0x00000002L | |||
#define SSL_kRSA 0x00000001u | |||
#define SSL_kECDHE 0x00000002u | |||
/* SSL_kPSK is only set for plain PSK, not ECDHE_PSK. */ | |||
#define SSL_kPSK 0x00000004L | |||
#define SSL_kGENERIC 0x00000008L | |||
#define SSL_kPSK 0x00000004u | |||
#define SSL_kGENERIC 0x00000008u | |||
/* Bits for |algorithm_auth| (server authentication). */ | |||
#define SSL_aRSA 0x00000001L | |||
#define SSL_aECDSA 0x00000002L | |||
#define SSL_aRSA 0x00000001u | |||
#define SSL_aECDSA 0x00000002u | |||
/* SSL_aPSK is set for both PSK and ECDHE_PSK. */ | |||
#define SSL_aPSK 0x00000004L | |||
#define SSL_aGENERIC 0x00000008L | |||
#define SSL_aPSK 0x00000004u | |||
#define SSL_aGENERIC 0x00000008u | |||
#define SSL_aCERT (SSL_aRSA | SSL_aECDSA) | |||
/* Bits for |algorithm_enc| (symmetric encryption). */ | |||
#define SSL_3DES 0x00000001L | |||
#define SSL_AES128 0x00000002L | |||
#define SSL_AES256 0x00000004L | |||
#define SSL_AES128GCM 0x00000008L | |||
#define SSL_AES256GCM 0x00000010L | |||
#define SSL_eNULL 0x00000020L | |||
#define SSL_CHACHA20POLY1305 0x00000040L | |||
#define SSL_3DES 0x00000001u | |||
#define SSL_AES128 0x00000002u | |||
#define SSL_AES256 0x00000004u | |||
#define SSL_AES128GCM 0x00000008u | |||
#define SSL_AES256GCM 0x00000010u | |||
#define SSL_eNULL 0x00000020u | |||
#define SSL_CHACHA20POLY1305 0x00000040u | |||
#define SSL_AES (SSL_AES128 | SSL_AES256 | SSL_AES128GCM | SSL_AES256GCM) | |||
/* Bits for |algorithm_mac| (symmetric authentication). */ | |||
#define SSL_SHA1 0x00000001L | |||
#define SSL_SHA256 0x00000002L | |||
#define SSL_SHA384 0x00000004L | |||
#define SSL_SHA1 0x00000001u | |||
#define SSL_SHA256 0x00000002u | |||
#define SSL_SHA384 0x00000004u | |||
/* SSL_AEAD is set for all AEADs. */ | |||
#define SSL_AEAD 0x00000008L | |||
#define SSL_AEAD 0x00000008u | |||
/* Bits for |algorithm_prf| (handshake digest). */ | |||
#define SSL_HANDSHAKE_MAC_DEFAULT 0x1 | |||
@@ -47,7 +47,7 @@ static int ensure_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) { | |||
} | |||
/* Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment. */ | |||
uint8_t *new_buf = OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1); | |||
uint8_t *new_buf = (uint8_t *)OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1); | |||
if (new_buf == NULL) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return 0; |
@@ -132,7 +132,7 @@ | |||
CERT *ssl_cert_new(const SSL_X509_METHOD *x509_method) { | |||
CERT *ret = OPENSSL_malloc(sizeof(CERT)); | |||
CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); | |||
if (ret == NULL) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return NULL; | |||
@@ -149,7 +149,7 @@ static CRYPTO_BUFFER *buffer_up_ref(CRYPTO_BUFFER *buffer) { | |||
} | |||
CERT *ssl_cert_dup(CERT *cert) { | |||
CERT *ret = OPENSSL_malloc(sizeof(CERT)); | |||
CERT *ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); | |||
if (ret == NULL) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return NULL; | |||
@@ -168,8 +168,8 @@ CERT *ssl_cert_dup(CERT *cert) { | |||
ret->x509_method = cert->x509_method; | |||
if (cert->sigalgs != NULL) { | |||
ret->sigalgs = | |||
BUF_memdup(cert->sigalgs, cert->num_sigalgs * sizeof(cert->sigalgs[0])); | |||
ret->sigalgs = (uint16_t *)BUF_memdup( | |||
cert->sigalgs, cert->num_sigalgs * sizeof(cert->sigalgs[0])); | |||
if (ret->sigalgs == NULL) { | |||
goto err; | |||
} | |||
@@ -496,7 +496,8 @@ int ssl_add_cert_chain(SSL *ssl, CBB *cbb) { | |||
CBB certs; | |||
if (!CBB_add_u24_length_prefixed(cbb, &certs)) { | |||
goto err; | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); | |||
return 0; | |||
} | |||
STACK_OF(CRYPTO_BUFFER) *chain = ssl->cert->chain; | |||
@@ -507,15 +508,12 @@ int ssl_add_cert_chain(SSL *ssl, CBB *cbb) { | |||
!CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer), | |||
CRYPTO_BUFFER_len(buffer)) || | |||
!CBB_flush(&certs)) { | |||
goto err; | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); | |||
return 0; | |||
} | |||
} | |||
return CBB_flush(cbb); | |||
err: | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); | |||
return 0; | |||
} | |||
/* ssl_cert_skip_to_spki parses a DER-encoded, X.509 certificate from |in| and |
@@ -631,8 +631,8 @@ static const CIPHER_ALIAS kCipherAliases[] = { | |||
static const size_t kCipherAliasesLen = OPENSSL_ARRAY_SIZE(kCipherAliases); | |||
static int ssl_cipher_id_cmp(const void *in_a, const void *in_b) { | |||
const SSL_CIPHER *a = in_a; | |||
const SSL_CIPHER *b = in_b; | |||
const SSL_CIPHER *a = reinterpret_cast<const SSL_CIPHER *>(in_a); | |||
const SSL_CIPHER *b = reinterpret_cast<const SSL_CIPHER *>(in_b); | |||
if (a->id > b->id) { | |||
return 1; | |||
@@ -647,8 +647,8 @@ const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) { | |||
SSL_CIPHER c; | |||
c.id = 0x03000000L | value; | |||
return bsearch(&c, kCiphers, kCiphersLen, sizeof(SSL_CIPHER), | |||
ssl_cipher_id_cmp); | |||
return reinterpret_cast<const SSL_CIPHER *>(bsearch( | |||
&c, kCiphers, kCiphersLen, sizeof(SSL_CIPHER), ssl_cipher_id_cmp)); | |||
} | |||
int ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead, | |||
@@ -1001,7 +1001,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, | |||
curr = curr->next; | |||
} | |||
number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); | |||
number_uses = (int *)OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); | |||
if (!number_uses) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return 0; | |||
@@ -1227,7 +1227,7 @@ int ssl_create_cipher_list( | |||
/* Now we have to collect the available ciphers from the compiled in ciphers. | |||
* We cannot get more than the number compiled in, so it is used for | |||
* allocation. */ | |||
co_list = OPENSSL_malloc(sizeof(CIPHER_ORDER) * kCiphersLen); | |||
co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * kCiphersLen); | |||
if (co_list == NULL) { | |||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); | |||
return 0; | |||
@@ -1314,7 +1314,7 @@ int ssl_create_cipher_list( | |||
goto err; | |||
} | |||
in_group_flags = OPENSSL_malloc(kCiphersLen); | |||
in_group_flags = (uint8_t *)OPENSSL_malloc(kCiphersLen); | |||
if (!in_group_flags) { | |||
goto err; | |||
} | |||
@@ -1332,12 +1332,13 @@ int ssl_create_cipher_list( | |||
OPENSSL_free(co_list); /* Not needed any longer */ | |||
co_list = NULL; | |||
pref_list = OPENSSL_malloc(sizeof(struct ssl_cipher_preference_list_st)); | |||
pref_list = (ssl_cipher_preference_list_st *)OPENSSL_malloc( | |||
sizeof(struct ssl_cipher_preference_list_st)); | |||
if (!pref_list) { | |||
goto err; | |||
} | |||
pref_list->ciphers = cipherstack; | |||
pref_list->in_group_flags = OPENSSL_malloc(num_in_group_flags); | |||
pref_list->in_group_flags = (uint8_t *)OPENSSL_malloc(num_in_group_flags); | |||
if (!pref_list->in_group_flags) { | |||
goto err; | |||
} | |||
@@ -1672,7 +1673,7 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, | |||
if (buf == NULL) { | |||
len = 128; | |||
buf = OPENSSL_malloc(len); | |||
buf = (char *)OPENSSL_malloc(len); | |||
if (buf == NULL) { | |||
return NULL; | |||
} |