Change TLSEXT_IDX_* values into an enum

Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index e2a2ff16b142f1036663684f6ca03541745a192f..c18fec33a6f1aa900fe2196f9267afe14ca921e5 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1650,24 +1650,26 @@ typedef struct raw_extension_st {
  * Extension index values NOTE: Any updates to these defines should be mirrored
  * with equivalent updates to ext_defs in extensions.c
  */
  * Extension index values NOTE: Any updates to these defines should be mirrored
  * with equivalent updates to ext_defs in extensions.c
  */

-#define TLSEXT_IDX_renegotiate                                   0
-#define TLSEXT_IDX_server_name                                   1
-#define TLSEXT_IDX_srp                                           2
-#define TLSEXT_IDX_ec_point_formats                              3
-#define TLSEXT_IDX_supported_groups                              4
-#define TLSEXT_IDX_session_ticket                                5
-#define TLSEXT_IDX_signature_algorithms                          6
-#define TLSEXT_IDX_status_request                                7
-#define TLSEXT_IDX_next_proto_neg                                8
-#define TLSEXT_IDX_application_layer_protocol_negotiation        9
-#define TLSEXT_IDX_use_srtp                                     10
-#define TLSEXT_IDX_encrypt_then_mac                             11
-#define TLSEXT_IDX_signed_certificate_timestamp                 12
-#define TLSEXT_IDX_extended_master_secret                       13
-#define TLSEXT_IDX_supported_versions                           14
-#define TLSEXT_IDX_key_share                                    15
-#define TLSEXT_IDX_cryptopro_bug                                16
-#define TLSEXT_IDX_padding                                      17
+typedef enum tlsext_index_en {
+    TLSEXT_IDX_renegotiate,
+    TLSEXT_IDX_server_name,
+    TLSEXT_IDX_srp,
+    TLSEXT_IDX_ec_point_formats,
+    TLSEXT_IDX_supported_groups,
+    TLSEXT_IDX_session_ticket,
+    TLSEXT_IDX_signature_algorithms,
+    TLSEXT_IDX_status_request,
+    TLSEXT_IDX_next_proto_neg,
+    TLSEXT_IDX_application_layer_protocol_negotiation,
+    TLSEXT_IDX_use_srtp,
+    TLSEXT_IDX_encrypt_then_mac,
+    TLSEXT_IDX_signed_certificate_timestamp,
+    TLSEXT_IDX_extended_master_secret,
+    TLSEXT_IDX_supported_versions,
+    TLSEXT_IDX_key_share,
+    TLSEXT_IDX_cryptopro_bug,
+    TLSEXT_IDX_padding
+} TLSEXT_INDEX;

 
 #define MAX_COMPRESSIONS_SIZE   255
 
 
 #define MAX_COMPRESSIONS_SIZE   255
 

diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 51f896560665f756adbabd9673c00ef48d66dea1..5c0dda411d586bfd6bdff4e53fe668ae22aafb41 100644 (file)
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -260,7 +260,7 @@ static int verify_extension(SSL *s, unsigned int context, unsigned int type,
 {
     size_t i;
     size_t builtin_num = OSSL_NELEM(ext_defs);
 {
     size_t i;
     size_t builtin_num = OSSL_NELEM(ext_defs);

-    EXTENSION_DEFINITION *thisext;
+    const EXTENSION_DEFINITION *thisext;

 
     for (i = 0, thisext = ext_defs; i < builtin_num; i++, thisext++) {
         if (type == thisext->type) {
 
     for (i = 0, thisext = ext_defs; i < builtin_num; i++, thisext++) {
         if (type == thisext->type) {


@@ -344,11 +344,10 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
                            RAW_EXTENSION **res, int *al)
 {
     PACKET extensions = *packet;
                            RAW_EXTENSION **res, int *al)
 {
     PACKET extensions = *packet;

-    size_t i = 0, idx;
-    int found = 0;
+    size_t i = 0;

     custom_ext_methods *exts = NULL;
     RAW_EXTENSION *raw_extensions = NULL;
     custom_ext_methods *exts = NULL;
     RAW_EXTENSION *raw_extensions = NULL;

-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

 
     /*
      * Initialise server side custom extensions. Client side is done during
 
     /*
      * Initialise server side custom extensions. Client side is done during


@@ -427,7 +426,7 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
  * or 0 on failure. In the event of a failure |*al| is populated with a suitable
  * alert code. If an extension is not present this counted as success.
  */
  * or 0 on failure. In the event of a failure |*al| is populated with a suitable
  * alert code. If an extension is not present this counted as success.
  */

-int tls_parse_extension(SSL *s, unsigned int idx, int context,
+int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context,

                         RAW_EXTENSION *exts, int *al)
 {
     RAW_EXTENSION *currext = &exts[idx];
                         RAW_EXTENSION *exts, int *al)
 {
     RAW_EXTENSION *currext = &exts[idx];


@@ -497,7 +496,7 @@ int tls_parse_extension(SSL *s, unsigned int idx, int context,
 int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)
 {
     size_t i, numexts = OSSL_NELEM(ext_defs);
 int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)
 {
     size_t i, numexts = OSSL_NELEM(ext_defs);

-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

 
     /* Calculate the number of extensions in the extensions list */
     if ((context & EXT_CLIENT_HELLO) != 0) {
 
     /* Calculate the number of extensions in the extensions list */
     if ((context & EXT_CLIENT_HELLO) != 0) {


@@ -508,7 +507,7 @@ int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)
 
     /* Parse each extension in turn */
     for (i = 0; i < numexts; i++) {
 
     /* Parse each extension in turn */
     for (i = 0; i < numexts; i++) {

-        if (!tls_parse_extension(s, loop, context, exts, al))
+        if (!tls_parse_extension(s, i, context, exts, al))

             return 0;
     }
 
             return 0;
     }
 


@@ -537,7 +536,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
 {
     size_t i;
     int addcustom = 0, min_version, max_version = 0, reason, tmpal;
 {
     size_t i;
     int addcustom = 0, min_version, max_version = 0, reason, tmpal;

-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

 
     /*
      * Normally if something goes wrong during construction it's an internal
 
     /*
      * Normally if something goes wrong during construction it's an internal


@@ -591,7 +590,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
         int (*construct)(SSL *s, WPACKET *pkt, int *al);
 
         /* Skip if not relevant for our context */
         int (*construct)(SSL *s, WPACKET *pkt, int *al);
 
         /* Skip if not relevant for our context */

-        if ((ext_defs[loop].context & context) == 0)
+        if ((thisexd->context & context) == 0)

             continue;
 
         construct = s->server ? thisexd->construct_stoc
             continue;
 
         construct = s->server ? thisexd->construct_stoc

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 9763c47ed34a34f2581ee6d69b2017ff7e1c414c..1eeae096d6cda54f01fbd4892a4b94b5e20c7828 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -413,7 +413,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al)
          * does nothing.
          */
         for (i = 0; i < srtp_pref; i++) {
          * does nothing.
          */
         for (i = 0; i < srtp_pref; i++) {

-            const SRTP_PROTECTION_PROFILE *sprof =
+            SRTP_PROTECTION_PROFILE *sprof =

                 sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
 
             if (sprof->id == id) {
                 sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
 
             if (sprof->id == id) {