generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use uint32_t consistently for flags.

Browse Source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2015-07-14 23:19:11 +01:00
parent 0bc2f36555
commit f7d5348710
4 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/ssl_conf.c
View File

@@ -124,11 +124,11 @@ struct ssl_conf_ctx_st {
SSL_CTX *ctx; SSL_CTX *ctx;
SSL *ssl; SSL *ssl;
/* Pointer to SSL or SSL_CTX options field or NULL if none */ /* Pointer to SSL or SSL_CTX options field or NULL if none */
unsigned long *poptions; uint32_t *poptions;
/* Certificate filenames for each type */ /* Certificate filenames for each type */
char *cert_filename[SSL_PKEY_NUM]; char *cert_filename[SSL_PKEY_NUM];
/* Pointer to SSL or SSL_CTX cert_flags or NULL if none */ /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */
unsigned int *pcert_flags; uint32_t *pcert_flags;
/* Current flag table being worked on */ /* Current flag table being worked on */
const ssl_flag_tbl *tbl; const ssl_flag_tbl *tbl;
/* Size of table */ /* Size of table */

2
ssl/ssl_lib.c
View File

@@ -1937,7 +1937,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher)
{ {
CERT_PKEY *cpk; CERT_PKEY *cpk;
CERT *c = s->cert; CERT *c = s->cert;
int *pvalid = s->s3->tmp.valid_flags; uint32_t *pvalid = s->s3->tmp.valid_flags;
int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
int rsa_enc_export, dh_rsa_export, dh_dsa_export; int rsa_enc_export, dh_rsa_export, dh_dsa_export;
int rsa_tmp_export, dh_tmp_export, kl; int rsa_tmp_export, dh_tmp_export, kl;

26
ssl/ssl_locl.h
View File

@@ -662,7 +662,7 @@ struct ssl_session_st {
# ifndef OPENSSL_NO_SRP # ifndef OPENSSL_NO_SRP
char *srp_username; char *srp_username;
# endif # endif
long flags; uint32_t flags;
}; };
/* Extended master secret support */ /* Extended master secret support */
@@ -720,7 +720,7 @@ struct ssl_ctx_st {
* SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
* means only SSL_accept which cache SSL_SESSIONS. * means only SSL_accept which cache SSL_SESSIONS.
*/ */
int session_cache_mode; uint32_t session_cache_mode;
/* /*
* If timeout is not 0, it is the default timeout value set when * If timeout is not 0, it is the default timeout value set when
* SSL_new() is called. This has been put in to make life easier to set * SSL_new() is called. This has been put in to make life easier to set
@@ -806,8 +806,8 @@ struct ssl_ctx_st {
* SSL_new) * SSL_new)
*/ */
unsigned long options; uint32_t options;
unsigned long mode; uint32_t mode;
long max_cert_list; long max_cert_list;
struct cert_st /* CERT */ *cert; struct cert_st /* CERT */ *cert;
@@ -818,7 +818,7 @@ struct ssl_ctx_st {
const void *buf, size_t len, SSL *ssl, void *arg); const void *buf, size_t len, SSL *ssl, void *arg);
void *msg_callback_arg; void *msg_callback_arg;
int verify_mode; uint32_t verify_mode;
unsigned int sid_ctx_length; unsigned int sid_ctx_length;
unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
/* called 'verify_callback' in the SSL */ /* called 'verify_callback' in the SSL */
@@ -1019,7 +1019,7 @@ struct ssl_st {
* These are the ones being used, the ones in SSL_SESSION are the ones to * These are the ones being used, the ones in SSL_SESSION are the ones to
* be 'copied' into these ones * be 'copied' into these ones
*/ */
int mac_flags; uint32_t mac_flags;
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
EVP_MD_CTX *read_hash; /* used for mac generation */ EVP_MD_CTX *read_hash; /* used for mac generation */
COMP_CTX *compress; /* compression */ COMP_CTX *compress; /* compression */
@@ -1045,7 +1045,7 @@ struct ssl_st {
* 0 don't care about verify failure. * 0 don't care about verify failure.
* 1 fail if verify fails * 1 fail if verify fails
*/ */
int verify_mode; uint32_t verify_mode;
/* fail if callback returns 0 */ /* fail if callback returns 0 */
int (*verify_callback) (int ok, X509_STORE_CTX *ctx); int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
/* optional informational callback */ /* optional informational callback */
@@ -1077,9 +1077,9 @@ struct ssl_st {
STACK_OF(X509_NAME) *client_CA; STACK_OF(X509_NAME) *client_CA;
int references; int references;
/* protocol behaviour */ /* protocol behaviour */
unsigned long options; uint32_t options;
/* API behaviour */ /* API behaviour */
unsigned long mode; uint32_t mode;
long max_cert_list; long max_cert_list;
int first_packet; int first_packet;
/* what was passed, used for SSLv3/TLS rollback check */ /* what was passed, used for SSLv3/TLS rollback check */
@@ -1287,7 +1287,7 @@ typedef struct ssl3_state_st {
* SSL session: e.g. appropriate curve, signature algorithms etc. * SSL session: e.g. appropriate curve, signature algorithms etc.
* If zero it can't be used at all. * If zero it can't be used at all.
*/ */
int valid_flags[SSL_PKEY_NUM]; uint32_t valid_flags[SSL_PKEY_NUM];
/* /*
* For servers the following masks are for the key and auth algorithms * For servers the following masks are for the key and auth algorithms
* that are supported by the certs below. For clients they are masks of * that are supported by the certs below. For clients they are masks of
@@ -1475,7 +1475,7 @@ typedef struct {
* Per-connection flags relating to this extension type: not used if * Per-connection flags relating to this extension type: not used if
* part of an SSL_CTX structure. * part of an SSL_CTX structure.
*/ */
unsigned short ext_flags; uint32_t ext_flags;
custom_ext_add_cb add_cb; custom_ext_add_cb add_cb;
custom_ext_free_cb free_cb; custom_ext_free_cb free_cb;
void *add_arg; void *add_arg;
@@ -1526,7 +1526,7 @@ typedef struct cert_st {
int ecdh_tmp_auto; int ecdh_tmp_auto;
# endif # endif
/* Flags related to certificates */ /* Flags related to certificates */
unsigned int cert_flags; uint32_t cert_flags;
CERT_PKEY pkeys[SSL_PKEY_NUM]; CERT_PKEY pkeys[SSL_PKEY_NUM];
/* /*
* Certificate types (received or sent) in certificate request message. * Certificate types (received or sent) in certificate request message.
@@ -1656,7 +1656,7 @@ typedef struct ssl3_enc_method {
const unsigned char *, size_t, const unsigned char *, size_t,
int use_context); int use_context);
/* Various flags indicating protocol version requirements */ /* Various flags indicating protocol version requirements */
unsigned int enc_flags; uint32_t enc_flags;
/* Handshake header length */ /* Handshake header length */
unsigned int hhlen; unsigned int hhlen;
/* Set the handshake header */ /* Set the handshake header */

4
ssl/t1_lib.c
View File

@@ -3459,7 +3459,7 @@ int tls1_process_sigalgs(SSL *s)
size_t i; size_t i;
const EVP_MD *md; const EVP_MD *md;
const EVP_MD **pmd = s->s3->tmp.md; const EVP_MD **pmd = s->s3->tmp.md;
int *pvalid = s->s3->tmp.valid_flags; uint32_t *pvalid = s->s3->tmp.valid_flags;
CERT *c = s->cert; CERT *c = s->cert;
TLS_SIGALGS *sigptr; TLS_SIGALGS *sigptr;
if (!tls1_set_shared_sigalgs(s)) if (!tls1_set_shared_sigalgs(s))
@@ -3890,7 +3890,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
int check_flags = 0, strict_mode; int check_flags = 0, strict_mode;
CERT_PKEY *cpk = NULL; CERT_PKEY *cpk = NULL;
CERT *c = s->cert; CERT *c = s->cert;
int *pvalid; uint32_t *pvalid;
unsigned int suiteb_flags = tls1_suiteb(s); unsigned int suiteb_flags = tls1_suiteb(s);
/* idx == -1 means checking server chains */ /* idx == -1 means checking server chains */
if (idx != -1) { if (idx != -1) {