Change TLSEXT_IDX_* values into an enum

Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich Salz Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-12-07 17:21:48 +00:00 · 2016-12-07 17:21:48 +00:00 · d270de322c
commit d270de322c
parent 1266eefdb6
3 changed files with 29 additions and 28 deletions
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@ -1650,24 +1650,26 @@ typedef struct raw_extension_st {
 * Extension index values NOTE: Any updates to these defines should be mirrored
 * with equivalent updates to ext_defs in extensions.c
 */
-#define TLSEXT_IDX_renegotiate                                   0
-#define TLSEXT_IDX_server_name                                   1
-#define TLSEXT_IDX_srp                                           2
-#define TLSEXT_IDX_ec_point_formats                              3
-#define TLSEXT_IDX_supported_groups                              4
-#define TLSEXT_IDX_session_ticket                                5
-#define TLSEXT_IDX_signature_algorithms                          6
-#define TLSEXT_IDX_status_request                                7
-#define TLSEXT_IDX_next_proto_neg                                8
-#define TLSEXT_IDX_application_layer_protocol_negotiation        9
-#define TLSEXT_IDX_use_srtp                                     10
-#define TLSEXT_IDX_encrypt_then_mac                             11
-#define TLSEXT_IDX_signed_certificate_timestamp                 12
-#define TLSEXT_IDX_extended_master_secret                       13
-#define TLSEXT_IDX_supported_versions                           14
-#define TLSEXT_IDX_key_share                                    15
-#define TLSEXT_IDX_cryptopro_bug                                16
-#define TLSEXT_IDX_padding                                      17
+typedef enum tlsext_index_en {
+    TLSEXT_IDX_renegotiate,
+    TLSEXT_IDX_server_name,
+    TLSEXT_IDX_srp,
+    TLSEXT_IDX_ec_point_formats,
+    TLSEXT_IDX_supported_groups,
+    TLSEXT_IDX_session_ticket,
+    TLSEXT_IDX_signature_algorithms,
+    TLSEXT_IDX_status_request,
+    TLSEXT_IDX_next_proto_neg,
+    TLSEXT_IDX_application_layer_protocol_negotiation,
+    TLSEXT_IDX_use_srtp,
+    TLSEXT_IDX_encrypt_then_mac,
+    TLSEXT_IDX_signed_certificate_timestamp,
+    TLSEXT_IDX_extended_master_secret,
+    TLSEXT_IDX_supported_versions,
+    TLSEXT_IDX_key_share,
+    TLSEXT_IDX_cryptopro_bug,
+    TLSEXT_IDX_padding
+} TLSEXT_INDEX;

 #define MAX_COMPRESSIONS_SIZE   255

--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@ -260,7 +260,7 @@ static int verify_extension(SSL *s, unsigned int context, unsigned int type,
 {
    size_t i;
    size_t builtin_num = OSSL_NELEM(ext_defs);
-    EXTENSION_DEFINITION *thisext;
+    const EXTENSION_DEFINITION *thisext;

    for (i = 0, thisext = ext_defs; i < builtin_num; i++, thisext++) {
        if (type == thisext->type) {
@ -344,11 +344,10 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
                           RAW_EXTENSION **res, int *al)
 {
    PACKET extensions = *packet;
-    size_t i = 0, idx;
-    int found = 0;
+    size_t i = 0;
    custom_ext_methods *exts = NULL;
    RAW_EXTENSION *raw_extensions = NULL;
-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

    /*
     * Initialise server side custom extensions. Client side is done during
@ -427,7 +426,7 @@ int tls_collect_extensions(SSL *s, PACKET *packet, unsigned int context,
 * or 0 on failure. In the event of a failure |*al| is populated with a suitable
 * alert code. If an extension is not present this counted as success.
 */
-int tls_parse_extension(SSL *s, unsigned int idx, int context,
+int tls_parse_extension(SSL *s, TLSEXT_INDEX idx, int context,
                        RAW_EXTENSION *exts, int *al)
 {
    RAW_EXTENSION *currext = &exts[idx];
@ -497,7 +496,7 @@ int tls_parse_extension(SSL *s, unsigned int idx, int context,
 int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)
 {
    size_t i, numexts = OSSL_NELEM(ext_defs);
-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

    /* Calculate the number of extensions in the extensions list */
    if ((context & EXT_CLIENT_HELLO) != 0) {
@ -508,7 +507,7 @@ int tls_parse_all_extensions(SSL *s, int context, RAW_EXTENSION *exts, int *al)

    /* Parse each extension in turn */
    for (i = 0; i < numexts; i++) {
-        if (!tls_parse_extension(s, loop, context, exts, al))
+        if (!tls_parse_extension(s, i, context, exts, al))
            return 0;
    }

@ -537,7 +536,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
 {
    size_t i;
    int addcustom = 0, min_version, max_version = 0, reason, tmpal;
-    EXTENSION_DEFINITION *thisexd;
+    const EXTENSION_DEFINITION *thisexd;

    /*
     * Normally if something goes wrong during construction it's an internal
@ -591,7 +590,7 @@ int tls_construct_extensions(SSL *s, WPACKET *pkt, unsigned int context,
        int (*construct)(SSL *s, WPACKET *pkt, int *al);

        /* Skip if not relevant for our context */
-        if ((ext_defs[loop].context & context) == 0)
+        if ((thisexd->context & context) == 0)
            continue;

        construct = s->server ? thisexd->construct_stoc
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@ -413,7 +413,7 @@ int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, int *al)
         * does nothing.
         */
        for (i = 0; i < srtp_pref; i++) {
-            const SRTP_PROTECTION_PROFILE *sprof =
+            SRTP_PROTECTION_PROFILE *sprof =
                sk_SRTP_PROTECTION_PROFILE_value(srvr, i);

            if (sprof->id == id) {