From f7d5348710ad4f26a97458b102f0c2854e4a0520 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 14 Jul 2015 23:19:11 +0100 Subject: [PATCH] Use uint32_t consistently for flags. Reviewed-by: Rich Salz --- ssl/ssl_conf.c | 4 ++-- ssl/ssl_lib.c | 2 +- ssl/ssl_locl.h | 26 +++++++++++++------------- ssl/t1_lib.c | 4 ++-- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 65ff0218d7..819e7306f1 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -124,11 +124,11 @@ struct ssl_conf_ctx_st { SSL_CTX *ctx; SSL *ssl; /* Pointer to SSL or SSL_CTX options field or NULL if none */ - unsigned long *poptions; + uint32_t *poptions; /* Certificate filenames for each type */ char *cert_filename[SSL_PKEY_NUM]; /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */ - unsigned int *pcert_flags; + uint32_t *pcert_flags; /* Current flag table being worked on */ const ssl_flag_tbl *tbl; /* Size of table */ diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index ceba30f83c..d20d95be70 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1937,7 +1937,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher) { CERT_PKEY *cpk; CERT *c = s->cert; - int *pvalid = s->s3->tmp.valid_flags; + uint32_t *pvalid = s->s3->tmp.valid_flags; int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign; int rsa_enc_export, dh_rsa_export, dh_dsa_export; int rsa_tmp_export, dh_tmp_export, kl; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 3507d9ab40..2672918ba6 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -662,7 +662,7 @@ struct ssl_session_st { # ifndef OPENSSL_NO_SRP char *srp_username; # endif - long flags; + uint32_t flags; }; /* Extended master secret support */ @@ -720,7 +720,7 @@ struct ssl_ctx_st { * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which * means only SSL_accept which cache SSL_SESSIONS. */ - int session_cache_mode; + uint32_t session_cache_mode; /* * If timeout is not 0, it is the default timeout value set when * SSL_new() is called. This has been put in to make life easier to set @@ -806,8 +806,8 @@ struct ssl_ctx_st { * SSL_new) */ - unsigned long options; - unsigned long mode; + uint32_t options; + uint32_t mode; long max_cert_list; struct cert_st /* CERT */ *cert; @@ -818,7 +818,7 @@ struct ssl_ctx_st { const void *buf, size_t len, SSL *ssl, void *arg); void *msg_callback_arg; - int verify_mode; + uint32_t verify_mode; unsigned int sid_ctx_length; unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; /* called 'verify_callback' in the SSL */ @@ -1019,7 +1019,7 @@ struct ssl_st { * These are the ones being used, the ones in SSL_SESSION are the ones to * be 'copied' into these ones */ - int mac_flags; + uint32_t mac_flags; EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ EVP_MD_CTX *read_hash; /* used for mac generation */ COMP_CTX *compress; /* compression */ @@ -1045,7 +1045,7 @@ struct ssl_st { * 0 don't care about verify failure. * 1 fail if verify fails */ - int verify_mode; + uint32_t verify_mode; /* fail if callback returns 0 */ int (*verify_callback) (int ok, X509_STORE_CTX *ctx); /* optional informational callback */ @@ -1077,9 +1077,9 @@ struct ssl_st { STACK_OF(X509_NAME) *client_CA; int references; /* protocol behaviour */ - unsigned long options; + uint32_t options; /* API behaviour */ - unsigned long mode; + uint32_t mode; long max_cert_list; int first_packet; /* what was passed, used for SSLv3/TLS rollback check */ @@ -1287,7 +1287,7 @@ typedef struct ssl3_state_st { * SSL session: e.g. appropriate curve, signature algorithms etc. * If zero it can't be used at all. */ - int valid_flags[SSL_PKEY_NUM]; + uint32_t valid_flags[SSL_PKEY_NUM]; /* * For servers the following masks are for the key and auth algorithms * that are supported by the certs below. For clients they are masks of @@ -1475,7 +1475,7 @@ typedef struct { * Per-connection flags relating to this extension type: not used if * part of an SSL_CTX structure. */ - unsigned short ext_flags; + uint32_t ext_flags; custom_ext_add_cb add_cb; custom_ext_free_cb free_cb; void *add_arg; @@ -1526,7 +1526,7 @@ typedef struct cert_st { int ecdh_tmp_auto; # endif /* Flags related to certificates */ - unsigned int cert_flags; + uint32_t cert_flags; CERT_PKEY pkeys[SSL_PKEY_NUM]; /* * Certificate types (received or sent) in certificate request message. @@ -1656,7 +1656,7 @@ typedef struct ssl3_enc_method { const unsigned char *, size_t, int use_context); /* Various flags indicating protocol version requirements */ - unsigned int enc_flags; + uint32_t enc_flags; /* Handshake header length */ unsigned int hhlen; /* Set the handshake header */ diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 402047a237..f08eb84ad1 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3459,7 +3459,7 @@ int tls1_process_sigalgs(SSL *s) size_t i; const EVP_MD *md; const EVP_MD **pmd = s->s3->tmp.md; - int *pvalid = s->s3->tmp.valid_flags; + uint32_t *pvalid = s->s3->tmp.valid_flags; CERT *c = s->cert; TLS_SIGALGS *sigptr; if (!tls1_set_shared_sigalgs(s)) @@ -3890,7 +3890,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain, int check_flags = 0, strict_mode; CERT_PKEY *cpk = NULL; CERT *c = s->cert; - int *pvalid; + uint32_t *pvalid; unsigned int suiteb_flags = tls1_suiteb(s); /* idx == -1 means checking server chains */ if (idx != -1) { -- 2.40.0