SSL3_STATE ints to bools.
Change-Id: I0f153a3e22f960f2b600919b6bacac76b7a95093
Reviewed-on: https://boringssl-review.googlesource.com/19944
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc
index cb447df..321e01d 100644
--- a/ssl/d1_both.cc
+++ b/ssl/d1_both.cc
@@ -431,7 +431,7 @@
if (!ssl->s3->has_message) {
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HANDSHAKE, frag->data,
frag->msg_len + DTLS1_HM_HEADER_LENGTH);
- ssl->s3->has_message = 1;
+ ssl->s3->has_message = true;
}
return true;
}
@@ -443,7 +443,7 @@
dtls1_hm_fragment_free(ssl->d1->incoming_messages[index]);
ssl->d1->incoming_messages[index] = NULL;
ssl->d1->handshake_read_seq++;
- ssl->s3->has_message = 0;
+ ssl->s3->has_message = false;
// If we previously sent a flight, mark it as having a reply, so
// |on_handshake_complete| can manage post-handshake retransmission.
if (ssl->d1->outgoing_messages_complete) {
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index 49d931b..3469017 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -581,7 +581,7 @@
ssl->version = server_version;
// At this point, the connection's version is known and ssl->version is
// fixed. Begin enforcing the record-layer version.
- ssl->s3->have_version = 1;
+ ssl->s3->have_version = true;
} else if (server_version != ssl->version) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
@@ -630,7 +630,7 @@
ssl->session->session_id_length != 0 &&
CBS_mem_equal(&session_id, ssl->session->session_id,
ssl->session->session_id_length)) {
- ssl->s3->session_reused = 1;
+ ssl->s3->session_reused = true;
} else {
// The session wasn't resumed. Create a fresh SSL_SESSION to
// fill out.
@@ -1695,7 +1695,7 @@
}
hs->handshake_finalized = true;
- ssl->s3->initial_handshake_complete = 1;
+ ssl->s3->initial_handshake_complete = true;
ssl_update_cache(hs, SSL_SESS_CACHE_CLIENT);
hs->state = state_done;
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index eeb9f7f..f196db0 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -275,7 +275,7 @@
// At this point, the connection's version is known and |ssl->version| is
// fixed. Begin enforcing the record-layer version.
- ssl->s3->have_version = 1;
+ ssl->s3->have_version = true;
// Handle FALLBACK_SCSV.
if (ssl_client_cipher_list_contains_cipher(client_hello,
@@ -607,7 +607,7 @@
// Use the old session.
hs->ticket_expected = renew_ticket;
ssl->session = session.release();
- ssl->s3->session_reused = 1;
+ ssl->s3->session_reused = true;
} else {
hs->ticket_expected = tickets_supported;
ssl_set_session(ssl, NULL);
@@ -695,7 +695,7 @@
// known attack while we fix ChannelID itself.
if (ssl->s3->tlsext_channel_id_valid &&
(hs->new_cipher->algorithm_mkey & SSL_kECDHE) == 0) {
- ssl->s3->tlsext_channel_id_valid = 0;
+ ssl->s3->tlsext_channel_id_valid = false;
}
// If this is a resumption and the original handshake didn't support
@@ -703,7 +703,7 @@
// session and so cannot resume with ChannelIDs.
if (ssl->session != NULL &&
ssl->session->original_handshake_hash_len == 0) {
- ssl->s3->tlsext_channel_id_valid = 0;
+ ssl->s3->tlsext_channel_id_valid = false;
}
struct OPENSSL_timeval now;
@@ -1569,7 +1569,7 @@
}
hs->handshake_finalized = true;
- ssl->s3->initial_handshake_complete = 1;
+ ssl->s3->initial_handshake_complete = true;
ssl_update_cache(hs, SSL_SESS_CACHE_SERVER);
hs->state = state_done;
diff --git a/ssl/internal.h b/ssl/internal.h
index 03b7f8b..b59de99 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -1567,8 +1567,8 @@
uint8_t sid_ctx_length;
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH];
- // If enable_early_data is non-zero, early data can be sent and accepted.
- unsigned enable_early_data:1;
+ // If enable_early_data is true, early data can be sent and accepted.
+ bool enable_early_data:1;
};
// ssl_crypto_x509_method provides the |SSL_X509_METHOD| functions using
@@ -1655,45 +1655,45 @@
// skip_early_data instructs the record layer to skip unexpected early data
// messages when 0RTT is rejected.
- unsigned skip_early_data:1;
+ bool skip_early_data:1;
// have_version is true if the connection's final version is known. Otherwise
// the version has not been negotiated yet.
- unsigned have_version:1;
+ bool have_version:1;
// v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
// and future messages should use the record layer.
- unsigned v2_hello_done:1;
+ bool v2_hello_done:1;
// is_v2_hello is true if the current handshake message was derived from a
// V2ClientHello rather than received from the peer directly.
- unsigned is_v2_hello:1;
+ bool is_v2_hello:1;
// has_message is true if the current handshake message has been returned
// at least once by |get_message| and false otherwise.
- unsigned has_message:1;
+ bool has_message:1;
// initial_handshake_complete is true if the initial handshake has
// completed.
- unsigned initial_handshake_complete:1;
+ bool initial_handshake_complete:1;
// session_reused indicates whether a session was resumed.
- unsigned session_reused:1;
+ bool session_reused:1;
- unsigned send_connection_binding:1;
+ bool send_connection_binding:1;
// In a client, this means that the server supported Channel ID and that a
// Channel ID was sent. In a server it means that we echoed support for
// Channel IDs and that tlsext_channel_id will be valid after the
// handshake.
- unsigned tlsext_channel_id_valid:1;
+ bool tlsext_channel_id_valid:1;
- // key_update_pending is one if we have a KeyUpdate acknowledgment
+ // key_update_pending is true if we have a KeyUpdate acknowledgment
// outstanding.
- unsigned key_update_pending:1;
+ bool key_update_pending:1;
- // wpend_pending is one if we have a pending write outstanding.
- unsigned wpend_pending:1;
+ // wpend_pending is true if we have a pending write outstanding.
+ bool wpend_pending:1;
uint8_t send_alert[2];
diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc
index 624ea24..dfa8bfa 100644
--- a/ssl/s3_both.cc
+++ b/ssl/s3_both.cc
@@ -518,7 +518,7 @@
ssl_read_buffer_consume(ssl, 2 + msg_length);
ssl_read_buffer_discard(ssl);
- ssl->s3->is_v2_hello = 1;
+ ssl->s3->is_v2_hello = true;
return 1;
}
@@ -553,7 +553,7 @@
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HANDSHAKE,
CBS_data(&out->raw), CBS_len(&out->raw));
}
- ssl->s3->has_message = 1;
+ ssl->s3->has_message = true;
}
return true;
}
@@ -590,7 +590,7 @@
if (ssl->server && !ssl->s3->v2_hello_done) {
int ret = read_v2_client_hello(ssl);
if (ret > 0) {
- ssl->s3->v2_hello_done = 1;
+ ssl->s3->v2_hello_done = true;
}
return ret;
}
@@ -610,8 +610,8 @@
OPENSSL_memmove(ssl->init_buf->data, ssl->init_buf->data + CBS_len(&msg.raw),
ssl->init_buf->length - CBS_len(&msg.raw));
ssl->init_buf->length -= CBS_len(&msg.raw);
- ssl->s3->is_v2_hello = 0;
- ssl->s3->has_message = 0;
+ ssl->s3->is_v2_hello = false;
+ ssl->s3->has_message = false;
// Post-handshake messages are rare, so release the buffer after every
// message. During the handshake, |on_handshake_complete| will release it.
diff --git a/ssl/s3_pkt.cc b/ssl/s3_pkt.cc
index 9051b40..7afe3dd 100644
--- a/ssl/s3_pkt.cc
+++ b/ssl/s3_pkt.cc
@@ -273,7 +273,7 @@
if (ret <= 0) {
return ret;
}
- ssl->s3->wpend_pending = 0;
+ ssl->s3->wpend_pending = false;
return ssl->s3->wpend_ret;
}
@@ -333,7 +333,7 @@
// Now that we've made progress on the connection, uncork KeyUpdate
// acknowledgments.
- ssl->s3->key_update_pending = 0;
+ ssl->s3->key_update_pending = false;
// Memorize arguments so that ssl3_write_pending can detect bad write retries
// later.
@@ -341,7 +341,7 @@
ssl->s3->wpend_buf = buf;
ssl->s3->wpend_type = type;
ssl->s3->wpend_ret = len;
- ssl->s3->wpend_pending = 1;
+ ssl->s3->wpend_pending = true;
// We now just need to write the buffer.
return ssl3_write_pending(ssl, type, buf, len);
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
index ed97561..ee2cd89 100644
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@@ -1090,7 +1090,7 @@
// Discard any unfinished writes from the perspective of |SSL_write|'s
// retry. The handshake will transparently flush out the pending record
// (discarded by the server) to keep the framing correct.
- ssl->s3->wpend_pending = 0;
+ ssl->s3->wpend_pending = false;
}
static int bio_retry_reason_to_error(int reason) {
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 301096f..a978fb3 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -805,7 +805,7 @@
*out_alert = SSL_AD_HANDSHAKE_FAILURE;
return 0;
}
- ssl->s3->send_connection_binding = 1;
+ ssl->s3->send_connection_binding = true;
return 1;
}
@@ -840,7 +840,7 @@
return 0;
}
- ssl->s3->send_connection_binding = 1;
+ ssl->s3->send_connection_binding = true;
return 1;
}
@@ -1547,7 +1547,7 @@
// https://tools.ietf.org/html/draft-balfanz-tls-channelid-01
static void ext_channel_id_init(SSL_HANDSHAKE *hs) {
- hs->ssl->s3->tlsext_channel_id_valid = 0;
+ hs->ssl->s3->tlsext_channel_id_valid = false;
}
static int ext_channel_id_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
@@ -1579,7 +1579,7 @@
return 0;
}
- ssl->s3->tlsext_channel_id_valid = 1;
+ ssl->s3->tlsext_channel_id_valid = true;
return 1;
}
@@ -1596,7 +1596,7 @@
return 0;
}
- ssl->s3->tlsext_channel_id_valid = 1;
+ ssl->s3->tlsext_channel_id_valid = true;
return 1;
}
@@ -3373,7 +3373,7 @@
if (!sig_ok) {
OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
- ssl->s3->tlsext_channel_id_valid = 0;
+ ssl->s3->tlsext_channel_id_valid = false;
return 0;
}
diff --git a/ssl/tls13_both.cc b/ssl/tls13_both.cc
index 1b031d5..10b944f 100644
--- a/ssl/tls13_both.cc
+++ b/ssl/tls13_both.cc
@@ -520,7 +520,7 @@
// wire. This prevents us from accumulating write obligations when read and
// write progress at different rates. See draft-ietf-tls-tls13-18, section
// 4.5.3.
- ssl->s3->key_update_pending = 1;
+ ssl->s3->key_update_pending = true;
}
return 1;
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index 717a34d..df79960 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -285,7 +285,7 @@
return ssl_hs_error;
}
- ssl->s3->session_reused = 1;
+ ssl->s3->session_reused = true;
// Only authentication information carries over in TLS 1.3.
hs->new_session = SSL_SESSION_dup(ssl->session, SSL_SESSION_DUP_AUTH_ONLY);
if (!hs->new_session) {
diff --git a/ssl/tls13_server.cc b/ssl/tls13_server.cc
index 969f2ec..a46d0c8 100644
--- a/ssl/tls13_server.cc
+++ b/ssl/tls13_server.cc
@@ -59,10 +59,10 @@
static const uint8_t kZeroes[EVP_MAX_MD_SIZE] = {0};
-static int resolve_ecdhe_secret(SSL_HANDSHAKE *hs, int *out_need_retry,
+static int resolve_ecdhe_secret(SSL_HANDSHAKE *hs, bool *out_need_retry,
SSL_CLIENT_HELLO *client_hello) {
SSL *const ssl = hs->ssl;
- *out_need_retry = 0;
+ *out_need_retry = false;
// We only support connections that include an ECDHE key exchange.
CBS key_share;
@@ -85,7 +85,7 @@
}
if (!found_key_share) {
- *out_need_retry = 1;
+ *out_need_retry = true;
return 0;
}
@@ -394,7 +394,7 @@
return ssl_hs_error;
}
- ssl->s3->session_reused = 1;
+ ssl->s3->session_reused = true;
// Resumption incorporates fresh key material, so refresh the timeout.
ssl_session_renew_timeout(ssl, hs->new_session.get(),
@@ -456,15 +456,15 @@
return ssl_hs_error;
}
} else if (hs->early_data_offered) {
- ssl->s3->skip_early_data = 1;
+ ssl->s3->skip_early_data = true;
}
// Resolve ECDHE and incorporate it into the secret.
- int need_retry;
+ bool need_retry;
if (!resolve_ecdhe_secret(hs, &need_retry, &client_hello)) {
if (need_retry) {
ssl->early_data_accepted = 0;
- ssl->s3->skip_early_data = 1;
+ ssl->s3->skip_early_data = true;
ssl->method->next_message(ssl);
hs->tls13_state = state_send_hello_retry_request;
return ssl_hs_ok;
@@ -514,7 +514,7 @@
return ssl_hs_error;
}
- int need_retry;
+ bool need_retry;
if (!resolve_ecdhe_secret(hs, &need_retry, &client_hello)) {
if (need_retry) {
// Only send one HelloRetryRequest.
diff --git a/ssl/tls_record.cc b/ssl/tls_record.cc
index eed6431..043ec62 100644
--- a/ssl/tls_record.cc
+++ b/ssl/tls_record.cc
@@ -265,7 +265,7 @@
return ssl_open_record_error;
}
- ssl->s3->skip_early_data = 0;
+ ssl->s3->skip_early_data = false;
if (!ssl_record_sequence_update(ssl->s3->read_sequence, 8)) {
*out_alert = SSL_AD_INTERNAL_ERROR;