Convert comments in ssl.
That's the last of it!
Change-Id: I93d1f5ab7e95b2ad105c34b24297a0bf77625263
Reviewed-on: https://boringssl-review.googlesource.com/19784
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index 37bf372..5a0902d 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -199,14 +199,14 @@
state_done,
};
-/* ssl_get_client_disabled sets |*out_mask_a| and |*out_mask_k| to masks of
- * disabled algorithms. */
+// ssl_get_client_disabled sets |*out_mask_a| and |*out_mask_k| to masks of
+// disabled algorithms.
static void ssl_get_client_disabled(SSL *ssl, uint32_t *out_mask_a,
uint32_t *out_mask_k) {
*out_mask_a = 0;
*out_mask_k = 0;
- /* PSK requires a client callback. */
+ // PSK requires a client callback.
if (ssl->psk_client_callback == NULL) {
*out_mask_a |= SSL_aPSK;
*out_mask_k |= SSL_kPSK;
@@ -223,14 +223,14 @@
return 0;
}
- /* Add a fake cipher suite. See draft-davidben-tls-grease-01. */
+ // Add a fake cipher suite. See draft-davidben-tls-grease-01.
if (ssl->ctx->grease_enabled &&
!CBB_add_u16(&child, ssl_get_grease_value(ssl, ssl_grease_cipher))) {
return 0;
}
- /* Add TLS 1.3 ciphers. Order ChaCha20-Poly1305 relative to AES-GCM based on
- * hardware support. */
+ // Add TLS 1.3 ciphers. Order ChaCha20-Poly1305 relative to AES-GCM based on
+ // hardware support.
if (hs->max_version >= TLS1_3_VERSION) {
if (!EVP_has_aes_hardware() &&
!CBB_add_u16(&child, TLS1_CK_CHACHA20_POLY1305_SHA256 & 0xffff)) {
@@ -249,7 +249,7 @@
if (hs->min_version < TLS1_3_VERSION) {
int any_enabled = 0;
for (const SSL_CIPHER *cipher : SSL_get_ciphers(ssl)) {
- /* Skip disabled ciphers */
+ // Skip disabled ciphers
if ((cipher->algorithm_mkey & mask_k) ||
(cipher->algorithm_auth & mask_a)) {
continue;
@@ -264,15 +264,15 @@
}
}
- /* If all ciphers were disabled, return the error to the caller. */
+ // If all ciphers were disabled, return the error to the caller.
if (!any_enabled && hs->max_version < TLS1_3_VERSION) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CIPHERS_AVAILABLE);
return 0;
}
}
- /* For SSLv3, the SCSV is added. Otherwise the renegotiation extension is
- * added. */
+ // For SSLv3, the SCSV is added. Otherwise the renegotiation extension is
+ // added.
if (hs->max_version == SSL3_VERSION &&
!ssl->s3->initial_handshake_complete) {
if (!CBB_add_u16(&child, SSL3_CK_SCSV & 0xffff)) {
@@ -297,7 +297,7 @@
return 0;
}
- /* Renegotiations do not participate in session resumption. */
+ // Renegotiations do not participate in session resumption.
int has_session_id = ssl->session != NULL &&
!ssl->s3->initial_handshake_complete &&
ssl->session->session_id_length > 0;
@@ -315,8 +315,8 @@
return 0;
}
} else {
- /* In TLS 1.3 experimental encodings, send a fake placeholder session ID
- * when we do not otherwise have one to send. */
+ // In TLS 1.3 experimental encodings, send a fake placeholder session ID
+ // when we do not otherwise have one to send.
if (hs->max_version >= TLS1_3_VERSION &&
ssl->tls13_variant == tls13_experiment &&
!CBB_add_bytes(&child, hs->session_id, hs->session_id_len)) {
@@ -346,8 +346,8 @@
return 0;
}
- /* Now that the length prefixes have been computed, fill in the placeholder
- * PSK binder. */
+ // Now that the length prefixes have been computed, fill in the placeholder
+ // PSK binder.
if (hs->needs_psk_binder &&
!tls13_write_psk_binder(hs, msg, len)) {
OPENSSL_free(msg);
@@ -374,8 +374,8 @@
return 0;
}
- /* The server version may also be in the supported_versions extension if
- * applicable. */
+ // The server version may also be in the supported_versions extension if
+ // applicable.
if (msg.type != SSL3_MT_SERVER_HELLO || *out != TLS1_2_VERSION) {
return 1;
}
@@ -390,7 +390,7 @@
return 0;
}
- /* The extensions block may not be present. */
+ // The extensions block may not be present.
if (CBS_len(&server_hello) == 0) {
return 1;
}
@@ -433,14 +433,14 @@
ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_START, 1);
- /* Freeze the version range. */
+ // Freeze the version range.
if (!ssl_get_version_range(ssl, &hs->min_version, &hs->max_version)) {
return ssl_hs_error;
}
- /* Always advertise the ClientHello version from the original maximum version,
- * even on renegotiation. The static RSA key exchange uses this field, and
- * some servers fail when it changes across handshakes. */
+ // Always advertise the ClientHello version from the original maximum version,
+ // even on renegotiation. The static RSA key exchange uses this field, and
+ // some servers fail when it changes across handshakes.
if (SSL_is_dtls(hs->ssl)) {
hs->client_version =
hs->max_version >= TLS1_2_VERSION ? DTLS1_2_VERSION : DTLS1_VERSION;
@@ -449,8 +449,8 @@
hs->max_version >= TLS1_2_VERSION ? TLS1_2_VERSION : hs->max_version;
}
- /* If the configured session has expired or was created at a disabled
- * version, drop it. */
+ // If the configured session has expired or was created at a disabled
+ // version, drop it.
if (ssl->session != NULL) {
if (ssl->session->is_server ||
!ssl_supports_version(hs, ssl->session->ssl_version) ||
@@ -466,8 +466,8 @@
return ssl_hs_error;
}
- /* Initialize a random session ID for the experimental TLS 1.3 variant
- * requiring a session id. */
+ // Initialize a random session ID for the experimental TLS 1.3 variant
+ // requiring a session id.
if (ssl->tls13_variant == tls13_experiment) {
hs->session_id_len = sizeof(hs->session_id);
if (!RAND_bytes(hs->session_id, hs->session_id_len)) {
@@ -505,8 +505,8 @@
return ssl_hs_error;
}
- /* Stash the early data session, so connection properties may be queried out
- * of it. */
+ // Stash the early data session, so connection properties may be queried out
+ // of it.
hs->in_early_data = 1;
SSL_SESSION_up_ref(ssl->session);
hs->early_session.reset(ssl->session);
@@ -547,7 +547,7 @@
ssl->method->next_message(ssl);
- /* DTLS resets the handshake buffer after HelloVerifyRequest. */
+ // DTLS resets the handshake buffer after HelloVerifyRequest.
if (!hs->transcript.Init()) {
return ssl_hs_error;
}
@@ -581,8 +581,8 @@
assert(ssl->s3->have_version == ssl->s3->initial_handshake_complete);
if (!ssl->s3->have_version) {
ssl->version = server_version;
- /* At this point, the connection's version is known and ssl->version is
- * fixed. Begin enforcing the record-layer version. */
+ // At this point, the connection's version is known and ssl->version is
+ // fixed. Begin enforcing the record-layer version.
ssl->s3->have_version = 1;
} else if (server_version != ssl->version) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION);
@@ -621,12 +621,12 @@
return ssl_hs_error;
}
- /* Copy over the server random. */
+ // Copy over the server random.
OPENSSL_memcpy(ssl->s3->server_random, CBS_data(&server_random),
SSL3_RANDOM_SIZE);
- /* TODO(davidben): Implement the TLS 1.1 and 1.2 downgrade sentinels once TLS
- * 1.3 is finalized and we are not implementing a draft version. */
+ // TODO(davidben): Implement the TLS 1.1 and 1.2 downgrade sentinels once TLS
+ // 1.3 is finalized and we are not implementing a draft version.
if (!ssl->s3->initial_handshake_complete && ssl->session != NULL &&
ssl->session->session_id_length != 0 &&
@@ -634,14 +634,14 @@
ssl->session->session_id_length)) {
ssl->s3->session_reused = 1;
} else {
- /* The session wasn't resumed. Create a fresh SSL_SESSION to
- * fill out. */
+ // The session wasn't resumed. Create a fresh SSL_SESSION to
+ // fill out.
ssl_set_session(ssl, NULL);
if (!ssl_get_new_session(hs, 0 /* client */)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
}
- /* Note: session_id could be empty. */
+ // Note: session_id could be empty.
hs->new_session->session_id_length = CBS_len(&session_id);
OPENSSL_memcpy(hs->new_session->session_id, CBS_data(&session_id),
CBS_len(&session_id));
@@ -649,13 +649,13 @@
const SSL_CIPHER *cipher = SSL_get_cipher_by_value(cipher_suite);
if (cipher == NULL) {
- /* unknown cipher */
+ // unknown cipher
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CIPHER_RETURNED);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
return ssl_hs_error;
}
- /* The cipher must be allowed in the selected version and enabled. */
+ // The cipher must be allowed in the selected version and enabled.
uint32_t mask_a, mask_k;
ssl_get_client_disabled(ssl, &mask_a, &mask_k);
if ((cipher->algorithm_mkey & mask_k) || (cipher->algorithm_auth & mask_a) ||
@@ -679,7 +679,7 @@
return ssl_hs_error;
}
if (!ssl_session_is_context_valid(ssl, ssl->session)) {
- /* This is actually a client application bug. */
+ // This is actually a client application bug.
OPENSSL_PUT_ERROR(SSL,
SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
@@ -690,38 +690,38 @@
}
hs->new_cipher = cipher;
- /* Now that the cipher is known, initialize the handshake hash and hash the
- * ServerHello. */
+ // Now that the cipher is known, initialize the handshake hash and hash the
+ // ServerHello.
if (!hs->transcript.InitHash(ssl3_protocol_version(ssl), hs->new_cipher) ||
!ssl_hash_message(hs, msg)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return ssl_hs_error;
}
- /* If doing a full handshake, the server may request a client certificate
- * which requires hashing the handshake transcript. Otherwise, the handshake
- * buffer may be released. */
+ // If doing a full handshake, the server may request a client certificate
+ // which requires hashing the handshake transcript. Otherwise, the handshake
+ // buffer may be released.
if (ssl->session != NULL ||
!ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
hs->transcript.FreeBuffer();
}
- /* Only the NULL compression algorithm is supported. */
+ // Only the NULL compression algorithm is supported.
if (compression_method != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
return ssl_hs_error;
}
- /* TLS extensions */
+ // TLS extensions
if (!ssl_parse_serverhello_tlsext(hs, &server_hello)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
return ssl_hs_error;
}
- /* There should be nothing left over in the record. */
+ // There should be nothing left over in the record.
if (CBS_len(&server_hello) != 0) {
- /* wrong packet length */
+ // wrong packet length
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
return ssl_hs_error;
@@ -823,8 +823,8 @@
}
if (msg.type != SSL3_MT_CERTIFICATE_STATUS) {
- /* A server may send status_request in ServerHello and then change
- * its mind about sending CertificateStatus. */
+ // A server may send status_request in ServerHello and then change its mind
+ // about sending CertificateStatus.
hs->state = state_verify_server_certificate;
return ssl_hs_ok;
}
@@ -887,7 +887,7 @@
}
if (msg.type != SSL3_MT_SERVER_KEY_EXCHANGE) {
- /* Some ciphers (pure PSK) have an optional ServerKeyExchange message. */
+ // Some ciphers (pure PSK) have an optional ServerKeyExchange message.
if (ssl_cipher_requires_server_key_exchange(hs->new_cipher)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
@@ -908,7 +908,7 @@
if (alg_a & SSL_aPSK) {
CBS psk_identity_hint;
- /* Each of the PSK key exchanges begins with a psk_identity_hint. */
+ // Each of the PSK key exchanges begins with a psk_identity_hint.
if (!CBS_get_u16_length_prefixed(&server_key_exchange,
&psk_identity_hint)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
@@ -916,13 +916,13 @@
return ssl_hs_error;
}
- /* Store PSK identity hint for later use, hint is used in
- * ssl3_send_client_key_exchange. Assume that the maximum length of a PSK
- * identity hint can be as long as the maximum length of a PSK identity.
- * Also do not allow NULL characters; identities are saved as C strings.
- *
- * TODO(davidben): Should invalid hints be ignored? It's a hint rather than
- * a specific identity. */
+ // Store PSK identity hint for later use, hint is used in
+ // ssl3_send_client_key_exchange. Assume that the maximum length of a PSK
+ // identity hint can be as long as the maximum length of a PSK identity.
+ // Also do not allow NULL characters; identities are saved as C strings.
+ //
+ // TODO(davidben): Should invalid hints be ignored? It's a hint rather than
+ // a specific identity.
if (CBS_len(&psk_identity_hint) > PSK_MAX_IDENTITY_LEN ||
CBS_contains_zero_byte(&psk_identity_hint)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG);
@@ -930,11 +930,11 @@
return ssl_hs_error;
}
- /* Save non-empty identity hints as a C string. Empty identity hints we
- * treat as missing. Plain PSK makes it possible to send either no hint
- * (omit ServerKeyExchange) or an empty hint, while ECDHE_PSK can only spell
- * empty hint. Having different capabilities is odd, so we interpret empty
- * and missing as identical. */
+ // Save non-empty identity hints as a C string. Empty identity hints we
+ // treat as missing. Plain PSK makes it possible to send either no hint
+ // (omit ServerKeyExchange) or an empty hint, while ECDHE_PSK can only spell
+ // empty hint. Having different capabilities is odd, so we interpret empty
+ // and missing as identical.
char *raw = nullptr;
if (CBS_len(&psk_identity_hint) != 0 &&
!CBS_strdup(&psk_identity_hint, &raw)) {
@@ -946,7 +946,7 @@
}
if (alg_k & SSL_kECDHE) {
- /* Parse the server parameters. */
+ // Parse the server parameters.
uint8_t group_type;
uint16_t group_id;
CBS point;
@@ -960,14 +960,14 @@
}
hs->new_session->group_id = group_id;
- /* Ensure the group is consistent with preferences. */
+ // Ensure the group is consistent with preferences.
if (!tls1_check_group_id(ssl, group_id)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
return ssl_hs_error;
}
- /* Initialize ECDH and save the peer public key for later. */
+ // Initialize ECDH and save the peer public key for later.
hs->key_share = SSLKeyShare::Create(group_id);
if (!hs->key_share ||
!CBS_stow(&point, &hs->peer_key, &hs->peer_key_len)) {
@@ -979,14 +979,14 @@
return ssl_hs_error;
}
- /* At this point, |server_key_exchange| contains the signature, if any, while
- * |msg.body| contains the entire message. From that, derive a CBS containing
- * just the parameter. */
+ // At this point, |server_key_exchange| contains the signature, if any, while
+ // |msg.body| contains the entire message. From that, derive a CBS containing
+ // just the parameter.
CBS parameter;
CBS_init(¶meter, CBS_data(&msg.body),
CBS_len(&msg.body) - CBS_len(&server_key_exchange));
- /* ServerKeyExchange should be signed by the server's public key. */
+ // ServerKeyExchange should be signed by the server's public key.
if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
uint16_t signature_algorithm = 0;
if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
@@ -1008,7 +1008,7 @@
return ssl_hs_error;
}
- /* The last field in |server_key_exchange| is the signature. */
+ // The last field in |server_key_exchange| is the signature.
CBS signature;
if (!CBS_get_u16_length_prefixed(&server_key_exchange, &signature) ||
CBS_len(&server_key_exchange) != 0) {
@@ -1044,13 +1044,13 @@
ERR_clear_error();
#endif
if (!sig_ok) {
- /* bad signature */
+ // bad signature
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
return ssl_hs_error;
}
} else {
- /* PSK ciphers are the only supported certificate-less ciphers. */
+ // PSK ciphers are the only supported certificate-less ciphers.
assert(alg_a == SSL_aPSK);
if (CBS_len(&server_key_exchange) > 0) {
@@ -1079,8 +1079,8 @@
}
if (msg.type == SSL3_MT_SERVER_HELLO_DONE) {
- /* If we get here we don't need the handshake buffer as we won't be doing
- * client auth. */
+ // If we get here we don't need the handshake buffer as we won't be doing
+ // client auth.
hs->transcript.FreeBuffer();
hs->state = state_read_server_hello_done;
return ssl_hs_ok;
@@ -1091,7 +1091,7 @@
return ssl_hs_error;
}
- /* Get the certificate types. */
+ // Get the certificate types.
CBS body = msg.body, certificate_types;
if (!CBS_get_u8_length_prefixed(&body, &certificate_types)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
@@ -1150,7 +1150,7 @@
return ssl_hs_error;
}
- /* ServerHelloDone is empty. */
+ // ServerHelloDone is empty.
if (CBS_len(&msg.body) != 0) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
@@ -1165,13 +1165,13 @@
static enum ssl_hs_wait_t do_send_client_certificate(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- /* The peer didn't request a certificate. */
+ // The peer didn't request a certificate.
if (!hs->cert_request) {
hs->state = state_send_client_key_exchange;
return ssl_hs_ok;
}
- /* Call cert_cb to update the certificate. */
+ // Call cert_cb to update the certificate.
if (ssl->cert->cert_cb != NULL) {
int rv = ssl->cert->cert_cb(ssl, ssl->cert->cert_cb_arg);
if (rv == 0) {
@@ -1186,10 +1186,10 @@
}
if (!ssl_has_certificate(ssl)) {
- /* Without a client certificate, the handshake buffer may be released. */
+ // Without a client certificate, the handshake buffer may be released.
hs->transcript.FreeBuffer();
- /* In SSL 3.0, the Certificate message is replaced with a warning alert. */
+ // In SSL 3.0, the Certificate message is replaced with a warning alert.
if (ssl->version == SSL3_VERSION) {
if (!ssl->method->add_alert(ssl, SSL3_AL_WARNING,
SSL_AD_NO_CERTIFICATE)) {
@@ -1227,7 +1227,7 @@
uint32_t alg_k = hs->new_cipher->algorithm_mkey;
uint32_t alg_a = hs->new_cipher->algorithm_auth;
- /* If using a PSK key exchange, prepare the pre-shared key. */
+ // If using a PSK key exchange, prepare the pre-shared key.
unsigned psk_len = 0;
uint8_t psk[PSK_MAX_PSK_LEN];
if (alg_a & SSL_aPSK) {
@@ -1255,7 +1255,7 @@
goto err;
}
- /* Write out psk_identity. */
+ // Write out psk_identity.
CBB child;
if (!CBB_add_u16_length_prefixed(&body, &child) ||
!CBB_add_bytes(&child, (const uint8_t *)identity,
@@ -1265,7 +1265,7 @@
}
}
- /* Depending on the key exchange method, compute |pms| and |pms_len|. */
+ // Depending on the key exchange method, compute |pms| and |pms_len|.
if (alg_k & SSL_kRSA) {
pms_len = SSL_MAX_MASTER_KEY_LENGTH;
pms = (uint8_t *)OPENSSL_malloc(pms_len);
@@ -1288,7 +1288,7 @@
CBB child, *enc_pms = &body;
size_t enc_pms_len;
- /* In TLS, there is a length prefix. */
+ // In TLS, there is a length prefix.
if (ssl->version > SSL3_VERSION) {
if (!CBB_add_u16_length_prefixed(&body, &child)) {
goto err;
@@ -1305,13 +1305,13 @@
goto err;
}
} else if (alg_k & SSL_kECDHE) {
- /* Generate a keypair and serialize the public half. */
+ // Generate a keypair and serialize the public half.
CBB child;
if (!CBB_add_u8_length_prefixed(&body, &child)) {
goto err;
}
- /* Compute the premaster. */
+ // Compute the premaster.
uint8_t alert = SSL_AD_DECODE_ERROR;
if (!hs->key_share->Accept(&child, &pms, &pms_len, &alert, hs->peer_key,
hs->peer_key_len)) {
@@ -1322,14 +1322,14 @@
goto err;
}
- /* The key exchange state may now be discarded. */
+ // The key exchange state may now be discarded.
hs->key_share.reset();
OPENSSL_free(hs->peer_key);
hs->peer_key = NULL;
hs->peer_key_len = 0;
} else if (alg_k & SSL_kPSK) {
- /* For plain PSK, other_secret is a block of 0s with the same length as
- * the pre-shared key. */
+ // For plain PSK, other_secret is a block of 0s with the same length as
+ // the pre-shared key.
pms_len = psk_len;
pms = (uint8_t *)OPENSSL_malloc(pms_len);
if (pms == NULL) {
@@ -1343,8 +1343,8 @@
goto err;
}
- /* For a PSK cipher suite, other_secret is combined with the pre-shared
- * key. */
+ // For a PSK cipher suite, other_secret is combined with the pre-shared
+ // key.
if (alg_a & SSL_aPSK) {
ScopedCBB pms_cbb;
CBB child;
@@ -1366,8 +1366,8 @@
pms_len = new_pms_len;
}
- /* The message must be added to the finished hash before calculating the
- * master secret. */
+ // The message must be added to the finished hash before calculating the
+ // master secret.
if (!ssl_add_message_cbb(ssl, cbb.get())) {
goto err;
}
@@ -1414,14 +1414,14 @@
return ssl_hs_error;
}
if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
- /* Write out the digest type in TLS 1.2. */
+ // Write out the digest type in TLS 1.2.
if (!CBB_add_u16(&body, signature_algorithm)) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return ssl_hs_error;
}
}
- /* Set aside space for the signature. */
+ // Set aside space for the signature.
const size_t max_sig_len = EVP_PKEY_size(hs->local_pubkey.get());
uint8_t *ptr;
if (!CBB_add_u16_length_prefixed(&body, &child) ||
@@ -1430,8 +1430,8 @@
}
size_t sig_len = max_sig_len;
- /* The SSL3 construction for CertificateVerify does not decompose into a
- * single final digest and signature, and must be special-cased. */
+ // The SSL3 construction for CertificateVerify does not decompose into a
+ // single final digest and signature, and must be special-cased.
if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
if (ssl->cert->key_method != NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY);
@@ -1470,7 +1470,7 @@
return ssl_hs_error;
}
- /* The handshake buffer is no longer necessary. */
+ // The handshake buffer is no longer necessary.
hs->transcript.FreeBuffer();
hs->state = state_send_second_client_flight;
@@ -1553,9 +1553,9 @@
return ssl_hs_ok;
}
- /* This is a full handshake. If it involves ChannelID, then record the
- * handshake hashes at this point in the session so that any resumption of
- * this session with ChannelID can sign those hashes. */
+ // This is a full handshake. If it involves ChannelID, then record the
+ // handshake hashes at this point in the session so that any resumption of
+ // this session with ChannelID can sign those hashes.
if (!tls1_record_handshake_hashes_for_channel_id(hs)) {
return ssl_hs_error;
}
@@ -1564,8 +1564,7 @@
if ((SSL_get_mode(ssl) & SSL_MODE_ENABLE_FALSE_START) &&
ssl3_can_false_start(ssl) &&
- /* No False Start on renegotiation (would complicate the state
- * machine). */
+ // No False Start on renegotiation (would complicate the state machine).
!ssl->s3->initial_handshake_complete) {
hs->in_false_start = 1;
hs->can_early_write = 1;
@@ -1604,9 +1603,9 @@
}
if (CBS_len(&ticket) == 0) {
- /* RFC 5077 allows a server to change its mind and send no ticket after
- * negotiating the extension. The value of |ticket_expected| is checked in
- * |ssl_update_cache| so is cleared here to avoid an unnecessary update. */
+ // RFC 5077 allows a server to change its mind and send no ticket after
+ // negotiating the extension. The value of |ticket_expected| is checked in
+ // |ssl_update_cache| so is cleared here to avoid an unnecessary update.
hs->ticket_expected = 0;
ssl->method->next_message(ssl);
hs->state = state_process_change_cipher_spec;
@@ -1616,20 +1615,20 @@
SSL_SESSION *session = hs->new_session.get();
UniquePtr<SSL_SESSION> renewed_session;
if (ssl->session != NULL) {
- /* The server is sending a new ticket for an existing session. Sessions are
- * immutable once established, so duplicate all but the ticket of the
- * existing session. */
+ // The server is sending a new ticket for an existing session. Sessions are
+ // immutable once established, so duplicate all but the ticket of the
+ // existing session.
renewed_session =
SSL_SESSION_dup(ssl->session, SSL_SESSION_INCLUDE_NONAUTH);
if (!renewed_session) {
- /* This should never happen. */
+ // This should never happen.
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return ssl_hs_error;
}
session = renewed_session.get();
}
- /* |tlsext_tick_lifetime_hint| is measured from when the ticket was issued. */
+ // |tlsext_tick_lifetime_hint| is measured from when the ticket was issued.
ssl_session_rebase_time(ssl, session);
if (!CBS_stow(&ticket, &session->tlsext_tick, &session->tlsext_ticklen)) {
@@ -1638,9 +1637,9 @@
}
session->tlsext_tick_lifetime_hint = tlsext_tick_lifetime_hint;
- /* Generate a session ID for this session based on the session ticket. We use
- * the session ID mechanism for detecting ticket resumption. This also fits in
- * with assumptions elsewhere in OpenSSL.*/
+ // Generate a session ID for this session based on the session ticket. We use
+ // the session ID mechanism for detecting ticket resumption. This also fits in
+ // with assumptions elsewhere in OpenSSL.
if (!EVP_Digest(CBS_data(&ticket), CBS_len(&ticket),
session->session_id, &session->session_id_length,
EVP_sha256(), NULL)) {
@@ -1693,16 +1692,16 @@
SSL_SESSION_up_ref(ssl->session);
ssl->s3->established_session = ssl->session;
} else {
- /* We make a copy of the session in order to maintain the immutability
- * of the new established_session due to False Start. The caller may
- * have taken a reference to the temporary session. */
+ // We make a copy of the session in order to maintain the immutability
+ // of the new established_session due to False Start. The caller may
+ // have taken a reference to the temporary session.
ssl->s3->established_session =
SSL_SESSION_dup(hs->new_session.get(), SSL_SESSION_DUP_ALL)
.release();
if (ssl->s3->established_session == NULL) {
return ssl_hs_error;
}
- /* Renegotiations do not participate in session resumption. */
+ // Renegotiations do not participate in session resumption.
if (!ssl->s3->initial_handshake_complete) {
ssl->s3->established_session->not_resumable = 0;
}