| Index: runtime/bin/secure_socket_boringssl.cc
|
| diff --git a/runtime/bin/secure_socket_boringssl.cc b/runtime/bin/secure_socket_boringssl.cc
|
| index 83f96d2b0ad08f44c43139ac813591c845b1eee0..68d68ee2ee0c71d99becb23c5f60780c82a47e8f 100644
|
| --- a/runtime/bin/secure_socket_boringssl.cc
|
| +++ b/runtime/bin/secure_socket_boringssl.cc
|
| @@ -5,8 +5,7 @@
|
| #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED)
|
|
|
| #include "platform/globals.h"
|
| -#if defined(TARGET_OS_ANDROID) || \
|
| - defined(TARGET_OS_LINUX) || \
|
| +#if defined(TARGET_OS_ANDROID) || defined(TARGET_OS_LINUX) || \
|
| defined(TARGET_OS_WINDOWS)
|
|
|
| #include "bin/secure_socket.h"
|
| @@ -117,18 +116,16 @@ static SSLFilter* GetFilter(Dart_NativeArguments args) {
|
| SSLFilter* filter;
|
| Dart_Handle dart_this = ThrowIfError(Dart_GetNativeArgument(args, 0));
|
| ASSERT(Dart_IsInstance(dart_this));
|
| - ThrowIfError(Dart_GetNativeInstanceField(
|
| - dart_this,
|
| - kSSLFilterNativeFieldIndex,
|
| - reinterpret_cast<intptr_t*>(&filter)));
|
| + ThrowIfError(
|
| + Dart_GetNativeInstanceField(dart_this, kSSLFilterNativeFieldIndex,
|
| + reinterpret_cast<intptr_t*>(&filter)));
|
| return filter;
|
| }
|
|
|
|
|
| -static void DeleteFilter(
|
| - void* isolate_data,
|
| - Dart_WeakPersistentHandle handle,
|
| - void* context_pointer) {
|
| +static void DeleteFilter(void* isolate_data,
|
| + Dart_WeakPersistentHandle handle,
|
| + void* context_pointer) {
|
| SSLFilter* filter = reinterpret_cast<SSLFilter*>(context_pointer);
|
| filter->Release();
|
| }
|
| @@ -139,15 +136,12 @@ static Dart_Handle SetFilter(Dart_NativeArguments args, SSLFilter* filter) {
|
| Dart_Handle dart_this = Dart_GetNativeArgument(args, 0);
|
| RETURN_IF_ERROR(dart_this);
|
| ASSERT(Dart_IsInstance(dart_this));
|
| - Dart_Handle err = Dart_SetNativeInstanceField(
|
| - dart_this,
|
| - kSSLFilterNativeFieldIndex,
|
| - reinterpret_cast<intptr_t>(filter));
|
| + Dart_Handle err =
|
| + Dart_SetNativeInstanceField(dart_this, kSSLFilterNativeFieldIndex,
|
| + reinterpret_cast<intptr_t>(filter));
|
| RETURN_IF_ERROR(err);
|
| - Dart_NewWeakPersistentHandle(dart_this,
|
| - reinterpret_cast<void*>(filter),
|
| - sizeof(*filter),
|
| - DeleteFilter);
|
| + Dart_NewWeakPersistentHandle(dart_this, reinterpret_cast<void*>(filter),
|
| + sizeof(*filter), DeleteFilter);
|
| return Dart_Null();
|
| }
|
|
|
| @@ -156,18 +150,16 @@ static SSLContext* GetSecurityContext(Dart_NativeArguments args) {
|
| SSLContext* context;
|
| Dart_Handle dart_this = ThrowIfError(Dart_GetNativeArgument(args, 0));
|
| ASSERT(Dart_IsInstance(dart_this));
|
| - ThrowIfError(Dart_GetNativeInstanceField(
|
| - dart_this,
|
| - kSecurityContextNativeFieldIndex,
|
| - reinterpret_cast<intptr_t*>(&context)));
|
| + ThrowIfError(
|
| + Dart_GetNativeInstanceField(dart_this, kSecurityContextNativeFieldIndex,
|
| + reinterpret_cast<intptr_t*>(&context)));
|
| return context;
|
| }
|
|
|
|
|
| -static void DeleteSecurityContext(
|
| - void* isolate_data,
|
| - Dart_WeakPersistentHandle handle,
|
| - void* context_pointer) {
|
| +static void DeleteSecurityContext(void* isolate_data,
|
| + Dart_WeakPersistentHandle handle,
|
| + void* context_pointer) {
|
| SSLContext* context = static_cast<SSLContext*>(context_pointer);
|
| delete context;
|
| }
|
| @@ -179,14 +171,11 @@ static Dart_Handle SetSecurityContext(Dart_NativeArguments args,
|
| Dart_Handle dart_this = Dart_GetNativeArgument(args, 0);
|
| RETURN_IF_ERROR(dart_this);
|
| ASSERT(Dart_IsInstance(dart_this));
|
| - Dart_Handle err = Dart_SetNativeInstanceField(
|
| - dart_this,
|
| - kSecurityContextNativeFieldIndex,
|
| - reinterpret_cast<intptr_t>(context));
|
| + Dart_Handle err =
|
| + Dart_SetNativeInstanceField(dart_this, kSecurityContextNativeFieldIndex,
|
| + reinterpret_cast<intptr_t>(context));
|
| RETURN_IF_ERROR(err);
|
| - Dart_NewWeakPersistentHandle(dart_this,
|
| - context,
|
| - approximate_size_of_context,
|
| + Dart_NewWeakPersistentHandle(dart_this, context, approximate_size_of_context,
|
| DeleteSecurityContext);
|
| return Dart_Null();
|
| }
|
| @@ -196,10 +185,9 @@ static X509* GetX509Certificate(Dart_NativeArguments args) {
|
| X509* certificate;
|
| Dart_Handle dart_this = ThrowIfError(Dart_GetNativeArgument(args, 0));
|
| ASSERT(Dart_IsInstance(dart_this));
|
| - ThrowIfError(Dart_GetNativeInstanceField(
|
| - dart_this,
|
| - kX509NativeFieldIndex,
|
| - reinterpret_cast<intptr_t*>(&certificate)));
|
| + ThrowIfError(
|
| + Dart_GetNativeInstanceField(dart_this, kX509NativeFieldIndex,
|
| + reinterpret_cast<intptr_t*>(&certificate)));
|
| return certificate;
|
| }
|
|
|
| @@ -237,8 +225,7 @@ void FUNCTION_NAME(SecureSocket_Connect)(Dart_NativeArguments args) {
|
| DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 4));
|
| bool require_client_certificate =
|
| DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 5));
|
| - Dart_Handle protocols_handle =
|
| - ThrowIfError(Dart_GetNativeArgument(args, 6));
|
| + Dart_Handle protocols_handle = ThrowIfError(Dart_GetNativeArgument(args, 6));
|
|
|
| const char* host_name = NULL;
|
| // TODO(whesse): Is truncating a Dart string containing \0 what we want?
|
| @@ -247,8 +234,7 @@ void FUNCTION_NAME(SecureSocket_Connect)(Dart_NativeArguments args) {
|
| SSLContext* context = NULL;
|
| if (!Dart_IsNull(context_object)) {
|
| ThrowIfError(Dart_GetNativeInstanceField(
|
| - context_object,
|
| - kSecurityContextNativeFieldIndex,
|
| + context_object, kSecurityContextNativeFieldIndex,
|
| reinterpret_cast<intptr_t*>(&context)));
|
| }
|
|
|
| @@ -256,12 +242,9 @@ void FUNCTION_NAME(SecureSocket_Connect)(Dart_NativeArguments args) {
|
| // It will have the correct length encoding of the protocols array.
|
| ASSERT(!Dart_IsNull(protocols_handle));
|
|
|
| - GetFilter(args)->Connect(host_name,
|
| - context->context(),
|
| - is_server,
|
| + GetFilter(args)->Connect(host_name, context->context(), is_server,
|
| request_client_certificate,
|
| - require_client_certificate,
|
| - protocols_handle);
|
| + require_client_certificate, protocols_handle);
|
| }
|
|
|
|
|
| @@ -295,8 +278,7 @@ void FUNCTION_NAME(SecureSocket_Renegotiate)(Dart_NativeArguments args) {
|
| DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 2));
|
| bool require_client_certificate =
|
| DartUtils::GetBooleanValue(Dart_GetNativeArgument(args, 3));
|
| - GetFilter(args)->Renegotiate(use_session_cache,
|
| - request_client_certificate,
|
| + GetFilter(args)->Renegotiate(use_session_cache, request_client_certificate,
|
| require_client_certificate);
|
| }
|
|
|
| @@ -315,8 +297,7 @@ void FUNCTION_NAME(SecureSocket_RegisterHandshakeCompleteCallback)(
|
|
|
| void FUNCTION_NAME(SecureSocket_RegisterBadCertificateCallback)(
|
| Dart_NativeArguments args) {
|
| - Dart_Handle callback =
|
| - ThrowIfError(Dart_GetNativeArgument(args, 1));
|
| + Dart_Handle callback = ThrowIfError(Dart_GetNativeArgument(args, 1));
|
| if (!Dart_IsClosure(callback) && !Dart_IsNull(callback)) {
|
| Dart_ThrowException(DartUtils::NewDartArgumentError(
|
| "Illegal argument to RegisterBadCertificateCallback"));
|
| @@ -325,8 +306,7 @@ void FUNCTION_NAME(SecureSocket_RegisterBadCertificateCallback)(
|
| }
|
|
|
|
|
| -void FUNCTION_NAME(SecureSocket_PeerCertificate)
|
| - (Dart_NativeArguments args) {
|
| +void FUNCTION_NAME(SecureSocket_PeerCertificate)(Dart_NativeArguments args) {
|
| Dart_Handle cert = ThrowIfError(GetFilter(args)->PeerCertificate());
|
| Dart_SetReturnValue(args, cert);
|
| }
|
| @@ -342,10 +322,9 @@ void FUNCTION_NAME(SecureSocket_FilterPointer)(Dart_NativeArguments args) {
|
| }
|
|
|
|
|
| -static void ReleaseCertificate(
|
| - void* isolate_data,
|
| - Dart_WeakPersistentHandle handle,
|
| - void* context_pointer) {
|
| +static void ReleaseCertificate(void* isolate_data,
|
| + Dart_WeakPersistentHandle handle,
|
| + void* context_pointer) {
|
| X509* cert = reinterpret_cast<X509*>(context_pointer);
|
| X509_free(cert);
|
| }
|
| @@ -365,7 +344,7 @@ static Dart_Handle WrappedX509Certificate(X509* certificate) {
|
| X509_free(certificate);
|
| return x509_type;
|
| }
|
| - Dart_Handle arguments[] = { NULL };
|
| + Dart_Handle arguments[] = {NULL};
|
| Dart_Handle result =
|
| Dart_New(x509_type, DartUtils::NewString("_"), 0, arguments);
|
| if (Dart_IsError(result)) {
|
| @@ -374,15 +353,12 @@ static Dart_Handle WrappedX509Certificate(X509* certificate) {
|
| }
|
| ASSERT(Dart_IsInstance(result));
|
| Dart_Handle status = Dart_SetNativeInstanceField(
|
| - result,
|
| - kX509NativeFieldIndex,
|
| - reinterpret_cast<intptr_t>(certificate));
|
| + result, kX509NativeFieldIndex, reinterpret_cast<intptr_t>(certificate));
|
| if (Dart_IsError(status)) {
|
| X509_free(certificate);
|
| return status;
|
| }
|
| - Dart_NewWeakPersistentHandle(result,
|
| - reinterpret_cast<void*>(certificate),
|
| + Dart_NewWeakPersistentHandle(result, reinterpret_cast<void*>(certificate),
|
| approximate_size_of_certificate,
|
| ReleaseCertificate);
|
| return result;
|
| @@ -399,8 +375,8 @@ int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx) {
|
| }
|
| X509* certificate = X509_STORE_CTX_get_current_cert(store_ctx);
|
| int ssl_index = SSL_get_ex_data_X509_STORE_CTX_idx();
|
| - SSL* ssl = static_cast<SSL*>(
|
| - X509_STORE_CTX_get_ex_data(store_ctx, ssl_index));
|
| + SSL* ssl =
|
| + static_cast<SSL*>(X509_STORE_CTX_get_ex_data(store_ctx, ssl_index));
|
| SSLFilter* filter = static_cast<SSLFilter*>(
|
| SSL_get_ex_data(ssl, SSLFilter::filter_ssl_index));
|
| Dart_Handle callback = filter->bad_certificate_callback();
|
| @@ -484,8 +460,8 @@ class ScopedMemBIO {
|
| public:
|
| explicit ScopedMemBIO(Dart_Handle object) {
|
| if (!Dart_IsTypedData(object) && !Dart_IsList(object)) {
|
| - Dart_ThrowException(DartUtils::NewDartArgumentError(
|
| - "Argument is not a List<int>"));
|
| + Dart_ThrowException(
|
| + DartUtils::NewDartArgumentError("Argument is not a List<int>"));
|
| }
|
|
|
| uint8_t* bytes = NULL;
|
| @@ -495,10 +471,7 @@ class ScopedMemBIO {
|
| is_typed_data = true;
|
| Dart_TypedData_Type typ;
|
| ThrowIfError(Dart_TypedDataAcquireData(
|
| - object,
|
| - &typ,
|
| - reinterpret_cast<void**>(&bytes),
|
| - &bytes_len));
|
| + object, &typ, reinterpret_cast<void**>(&bytes), &bytes_len));
|
| } else {
|
| ASSERT(Dart_IsList(object));
|
| ThrowIfError(Dart_ListLength(object, &bytes_len));
|
| @@ -541,7 +514,7 @@ class ScopedMemBIO {
|
| DISALLOW_COPY_AND_ASSIGN(ScopedMemBIO);
|
| };
|
|
|
| -template<typename T, void (*free_func)(T*)>
|
| +template <typename T, void (*free_func)(T*)>
|
| class ScopedSSLType {
|
| public:
|
| explicit ScopedSSLType(T* obj) : obj_(obj) {}
|
| @@ -568,7 +541,7 @@ class ScopedSSLType {
|
| DISALLOW_COPY_AND_ASSIGN(ScopedSSLType);
|
| };
|
|
|
| -template<typename T, typename E, void (*func)(E*)>
|
| +template <typename T, typename E, void (*func)(E*)>
|
| class ScopedSSLStackType {
|
| public:
|
| explicit ScopedSSLStackType(T* obj) : obj_(obj) {}
|
| @@ -576,7 +549,7 @@ class ScopedSSLStackType {
|
| ~ScopedSSLStackType() {
|
| if (obj_ != NULL) {
|
| sk_pop_free(reinterpret_cast<_STACK*>(obj_),
|
| - reinterpret_cast<void (*)(void *)>(func));
|
| + reinterpret_cast<void (*)(void*)>(func));
|
| }
|
| }
|
|
|
| @@ -614,8 +587,8 @@ static EVP_PKEY* GetPrivateKeyPKCS12(BIO* bio, const char* password) {
|
| }
|
|
|
| EVP_PKEY* key = NULL;
|
| - X509 *cert = NULL;
|
| - STACK_OF(X509) *ca_certs = NULL;
|
| + X509* cert = NULL;
|
| + STACK_OF(X509)* ca_certs = NULL;
|
| int status = PKCS12_parse(p12.get(), password, &key, &cert, &ca_certs);
|
| if (status == 0) {
|
| return NULL;
|
| @@ -629,8 +602,8 @@ static EVP_PKEY* GetPrivateKeyPKCS12(BIO* bio, const char* password) {
|
|
|
|
|
| static EVP_PKEY* GetPrivateKey(BIO* bio, const char* password) {
|
| - EVP_PKEY *key = PEM_read_bio_PrivateKey(
|
| - bio, NULL, PasswordCallback, const_cast<char*>(password));
|
| + EVP_PKEY* key = PEM_read_bio_PrivateKey(bio, NULL, PasswordCallback,
|
| + const_cast<char*>(password));
|
| if (key == NULL) {
|
| // We try reading data as PKCS12 only if reading as PEM was unsuccessful and
|
| // if there is no indication that the data is malformed PEM. We assume the
|
| @@ -658,13 +631,13 @@ static const char* GetPasswordArgument(Dart_NativeArguments args,
|
| ThrowIfError(Dart_StringToCString(password_object, &password));
|
| if (strlen(password) > PEM_BUFSIZE - 1) {
|
| Dart_ThrowException(DartUtils::NewDartArgumentError(
|
| - "Password length is greater than 1023 (PEM_BUFSIZE)"));
|
| + "Password length is greater than 1023 (PEM_BUFSIZE)"));
|
| }
|
| } else if (Dart_IsNull(password_object)) {
|
| password = "";
|
| } else {
|
| - Dart_ThrowException(DartUtils::NewDartArgumentError(
|
| - "Password is not a String or null"));
|
| + Dart_ThrowException(
|
| + DartUtils::NewDartArgumentError("Password is not a String or null"));
|
| }
|
| return password;
|
| }
|
| @@ -678,7 +651,7 @@ void FUNCTION_NAME(SecurityContext_UsePrivateKeyBytes)(
|
| int status;
|
| {
|
| ScopedMemBIO bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
|
| - EVP_PKEY *key = GetPrivateKey(bio.bio(), password);
|
| + EVP_PKEY* key = GetPrivateKey(bio.bio(), password);
|
| status = SSL_CTX_use_PrivateKey(context->context(), key);
|
| // SSL_CTX_use_PrivateKey increments the reference count of key on success,
|
| // so we have to call EVP_PKEY_free on both success and failure.
|
| @@ -701,8 +674,8 @@ static int SetTrustedCertificatesBytesPKCS12(SSL_CTX* context,
|
| }
|
|
|
| EVP_PKEY* key = NULL;
|
| - X509 *cert = NULL;
|
| - STACK_OF(X509) *ca_certs = NULL;
|
| + X509* cert = NULL;
|
| + STACK_OF(X509)* ca_certs = NULL;
|
| int status = PKCS12_parse(p12.get(), password, &key, &cert, &ca_certs);
|
| if (status == 0) {
|
| return status;
|
| @@ -779,12 +752,10 @@ void FUNCTION_NAME(SecurityContext_SetTrustedCertificatesBytes)(
|
| int status;
|
| {
|
| ScopedMemBIO bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
|
| - status = SetTrustedCertificatesBytes(
|
| - context->context(), bio.bio(), password);
|
| + status =
|
| + SetTrustedCertificatesBytes(context->context(), bio.bio(), password);
|
| }
|
| - CheckStatus(status,
|
| - "TlsException",
|
| - "Failure in setTrustedCertificatesBytes");
|
| + CheckStatus(status, "TlsException", "Failure in setTrustedCertificatesBytes");
|
| }
|
|
|
|
|
| @@ -914,8 +885,8 @@ static int UseChainBytesPKCS12(SSL_CTX* context,
|
| }
|
|
|
| EVP_PKEY* key = NULL;
|
| - X509 *cert = NULL;
|
| - STACK_OF(X509) *ca_certs = NULL;
|
| + X509* cert = NULL;
|
| + STACK_OF(X509)* ca_certs = NULL;
|
| int status = PKCS12_parse(p12.get(), password, &key, &cert, &ca_certs);
|
| if (status == 0) {
|
| return status;
|
| @@ -1010,9 +981,7 @@ void FUNCTION_NAME(SecurityContext_UseCertificateChainBytes)(
|
| ScopedMemBIO bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
|
| status = UseChainBytes(context->context(), bio.bio(), password);
|
| }
|
| - CheckStatus(status,
|
| - "TlsException",
|
| - "Failure in useCertificateChainBytes");
|
| + CheckStatus(status, "TlsException", "Failure in useCertificateChainBytes");
|
| }
|
|
|
|
|
| @@ -1025,8 +994,8 @@ static int SetClientAuthoritiesPKCS12(SSL_CTX* context,
|
| }
|
|
|
| EVP_PKEY* key = NULL;
|
| - X509 *cert = NULL;
|
| - STACK_OF(X509) *ca_certs = NULL;
|
| + X509* cert = NULL;
|
| + STACK_OF(X509)* ca_certs = NULL;
|
| int status = PKCS12_parse(p12.get(), password, &key, &cert, &ca_certs);
|
| if (status == 0) {
|
| return status;
|
| @@ -1097,19 +1066,15 @@ void FUNCTION_NAME(SecurityContext_SetClientAuthoritiesBytes)(
|
| status = SetClientAuthorities(context->context(), bio.bio(), password);
|
| }
|
|
|
| - CheckStatus(status,
|
| - "TlsException",
|
| - "Failure in setClientAuthoritiesBytes");
|
| + CheckStatus(status, "TlsException", "Failure in setClientAuthoritiesBytes");
|
| }
|
|
|
|
|
| void FUNCTION_NAME(SecurityContext_SetAlpnProtocols)(
|
| Dart_NativeArguments args) {
|
| SSLContext* context = GetSecurityContext(args);
|
| - Dart_Handle protocols_handle =
|
| - ThrowIfError(Dart_GetNativeArgument(args, 1));
|
| - Dart_Handle is_server_handle =
|
| - ThrowIfError(Dart_GetNativeArgument(args, 2));
|
| + Dart_Handle protocols_handle = ThrowIfError(Dart_GetNativeArgument(args, 1));
|
| + Dart_Handle is_server_handle = ThrowIfError(Dart_GetNativeArgument(args, 2));
|
| if (Dart_IsBoolean(is_server_handle)) {
|
| bool is_server = DartUtils::GetBooleanValue(is_server_handle);
|
| SetAlpnProtocolList(protocols_handle, NULL, context, is_server);
|
| @@ -1120,8 +1085,7 @@ void FUNCTION_NAME(SecurityContext_SetAlpnProtocols)(
|
| }
|
|
|
|
|
| -void FUNCTION_NAME(X509_Subject)(
|
| - Dart_NativeArguments args) {
|
| +void FUNCTION_NAME(X509_Subject)(Dart_NativeArguments args) {
|
| X509* certificate = GetX509Certificate(args);
|
| X509_NAME* subject = X509_get_subject_name(certificate);
|
| char* subject_string = X509_NAME_oneline(subject, NULL, 0);
|
| @@ -1130,8 +1094,7 @@ void FUNCTION_NAME(X509_Subject)(
|
| }
|
|
|
|
|
| -void FUNCTION_NAME(X509_Issuer)(
|
| - Dart_NativeArguments args) {
|
| +void FUNCTION_NAME(X509_Issuer)(Dart_NativeArguments args) {
|
| X509* certificate = GetX509Certificate(args);
|
| X509_NAME* issuer = X509_get_issuer_name(certificate);
|
| char* issuer_string = X509_NAME_oneline(issuer, NULL, 0);
|
| @@ -1153,16 +1116,14 @@ static Dart_Handle ASN1TimeToMilliseconds(ASN1_TIME* aTime) {
|
| return Dart_NewInteger((86400LL * days + seconds) * 1000LL);
|
| }
|
|
|
| -void FUNCTION_NAME(X509_StartValidity)(
|
| - Dart_NativeArguments args) {
|
| +void FUNCTION_NAME(X509_StartValidity)(Dart_NativeArguments args) {
|
| X509* certificate = GetX509Certificate(args);
|
| ASN1_TIME* not_before = X509_get_notBefore(certificate);
|
| Dart_SetReturnValue(args, ASN1TimeToMilliseconds(not_before));
|
| }
|
|
|
|
|
| -void FUNCTION_NAME(X509_EndValidity)(
|
| - Dart_NativeArguments args) {
|
| +void FUNCTION_NAME(X509_EndValidity)(Dart_NativeArguments args) {
|
| X509* certificate = GetX509Certificate(args);
|
| ASN1_TIME* not_after = X509_get_notAfter(certificate);
|
| Dart_SetReturnValue(args, ASN1TimeToMilliseconds(not_after));
|
| @@ -1204,8 +1165,8 @@ CObject* SSLFilter::ProcessFilterRequest(const CObjectArray& request) {
|
| }
|
|
|
| if (filter->ProcessAllBuffers(starts, ends, in_handshake)) {
|
| - CObjectArray* result = new CObjectArray(
|
| - CObject::NewArray(SSLFilter::kNumBuffers * 2));
|
| + CObjectArray* result =
|
| + new CObjectArray(CObject::NewArray(SSLFilter::kNumBuffers * 2));
|
| for (int i = 0; i < SSLFilter::kNumBuffers; ++i) {
|
| result->SetAt(2 * i, new CObjectInt32(CObject::NewInt32(starts[i])));
|
| result->SetAt(2 * i + 1, new CObjectInt32(CObject::NewInt32(ends[i])));
|
| @@ -1245,18 +1206,18 @@ bool SSLFilter::ProcessAllBuffers(int starts[kNumBuffers],
|
| // Then, since the last free byte is at position start - 2,
|
| // the interval is [end, size - 1).
|
| int buffer_end = (start == 0) ? size - 1 : size;
|
| - int bytes = (i == kReadPlaintext) ?
|
| - ProcessReadPlaintextBuffer(end, buffer_end) :
|
| - ProcessWriteEncryptedBuffer(end, buffer_end);
|
| + int bytes = (i == kReadPlaintext)
|
| + ? ProcessReadPlaintextBuffer(end, buffer_end)
|
| + : ProcessWriteEncryptedBuffer(end, buffer_end);
|
| if (bytes < 0) return false;
|
| end += bytes;
|
| ASSERT(end <= size);
|
| if (end == size) end = 0;
|
| }
|
| if (start > end + 1) {
|
| - int bytes = (i == kReadPlaintext) ?
|
| - ProcessReadPlaintextBuffer(end, start - 1) :
|
| - ProcessWriteEncryptedBuffer(end, start - 1);
|
| + int bytes = (i == kReadPlaintext)
|
| + ? ProcessReadPlaintextBuffer(end, start - 1)
|
| + : ProcessWriteEncryptedBuffer(end, start - 1);
|
| if (bytes < 0) return false;
|
| end += bytes;
|
| ASSERT(end < start);
|
| @@ -1270,18 +1231,18 @@ bool SSLFilter::ProcessAllBuffers(int starts[kNumBuffers],
|
| if (end < start) {
|
| // Data may be split into two segments. In this case,
|
| // the first is [start, size).
|
| - int bytes = (i == kReadEncrypted) ?
|
| - ProcessReadEncryptedBuffer(start, size) :
|
| - ProcessWritePlaintextBuffer(start, size);
|
| + int bytes = (i == kReadEncrypted)
|
| + ? ProcessReadEncryptedBuffer(start, size)
|
| + : ProcessWritePlaintextBuffer(start, size);
|
| if (bytes < 0) return false;
|
| start += bytes;
|
| ASSERT(start <= size);
|
| if (start == size) start = 0;
|
| }
|
| if (start < end) {
|
| - int bytes = (i == kReadEncrypted) ?
|
| - ProcessReadEncryptedBuffer(start, end) :
|
| - ProcessWritePlaintextBuffer(start, end);
|
| + int bytes = (i == kReadEncrypted)
|
| + ? ProcessReadEncryptedBuffer(start, end)
|
| + : ProcessWritePlaintextBuffer(start, end);
|
| if (bytes < 0) return false;
|
| start += bytes;
|
| ASSERT(start <= end);
|
| @@ -1325,8 +1286,8 @@ Dart_Handle SSLFilter::InitializeBuffers(Dart_Handle dart_this) {
|
| RETURN_IF_ERROR(secure_filter_impl_type);
|
| Dart_Handle size_string = DartUtils::NewString("SIZE");
|
| RETURN_IF_ERROR(size_string);
|
| - Dart_Handle dart_buffer_size = Dart_GetField(
|
| - secure_filter_impl_type, size_string);
|
| + Dart_Handle dart_buffer_size =
|
| + Dart_GetField(secure_filter_impl_type, size_string);
|
| RETURN_IF_ERROR(dart_buffer_size);
|
|
|
| int64_t buffer_size = 0;
|
| @@ -1336,8 +1297,8 @@ Dart_Handle SSLFilter::InitializeBuffers(Dart_Handle dart_this) {
|
| Dart_Handle encrypted_size_string = DartUtils::NewString("ENCRYPTED_SIZE");
|
| RETURN_IF_ERROR(encrypted_size_string);
|
|
|
| - Dart_Handle dart_encrypted_buffer_size = Dart_GetField(
|
| - secure_filter_impl_type, encrypted_size_string);
|
| + Dart_Handle dart_encrypted_buffer_size =
|
| + Dart_GetField(secure_filter_impl_type, encrypted_size_string);
|
| RETURN_IF_ERROR(dart_encrypted_buffer_size);
|
|
|
| int64_t encrypted_buffer_size = 0;
|
| @@ -1429,12 +1390,12 @@ Dart_Handle SSLFilter::PeerCertificate() {
|
| }
|
|
|
|
|
| -int AlpnCallback(SSL *ssl,
|
| - const uint8_t **out,
|
| - uint8_t *outlen,
|
| - const uint8_t *in,
|
| +int AlpnCallback(SSL* ssl,
|
| + const uint8_t** out,
|
| + uint8_t* outlen,
|
| + const uint8_t* in,
|
| unsigned int inlen,
|
| - void *arg) {
|
| + void* arg) {
|
| // 'in' and 'arg' are sequences of (length, data) strings with 1-byte lengths.
|
| // 'arg' is 0-terminated. Finds the first string in 'arg' that is in 'in'.
|
| uint8_t* server_list = static_cast<uint8_t*>(arg);
|
| @@ -1473,10 +1434,8 @@ static void SetAlpnProtocolList(Dart_Handle protocols_handle,
|
| int status;
|
|
|
| Dart_Handle result = Dart_TypedDataAcquireData(
|
| - protocols_handle,
|
| - &protocols_type,
|
| - reinterpret_cast<void**>(&protocol_string),
|
| - &protocol_string_len);
|
| + protocols_handle, &protocols_type,
|
| + reinterpret_cast<void**>(&protocol_string), &protocol_string_len);
|
| if (Dart_IsError(result)) {
|
| Dart_PropagateError(result);
|
| }
|
| @@ -1499,8 +1458,8 @@ static void SetAlpnProtocolList(Dart_Handle protocols_handle,
|
| static_cast<uint8_t*>(malloc(protocol_string_len + 1));
|
| memmove(protocol_string_copy, protocol_string, protocol_string_len);
|
| protocol_string_copy[protocol_string_len] = '\0';
|
| - SSL_CTX_set_alpn_select_cb(
|
| - context->context(), AlpnCallback, protocol_string_copy);
|
| + SSL_CTX_set_alpn_select_cb(context->context(), AlpnCallback,
|
| + protocol_string_copy);
|
| context->set_alpn_protocol_string(protocol_string_copy);
|
| } else {
|
| // The function makes a local copy of protocol_string, which it owns.
|
| @@ -1510,8 +1469,8 @@ static void SetAlpnProtocolList(Dart_Handle protocols_handle,
|
| } else {
|
| ASSERT(context != NULL);
|
| ASSERT(ssl == NULL);
|
| - status = SSL_CTX_set_alpn_protos(
|
| - context->context(), protocol_string, protocol_string_len);
|
| + status = SSL_CTX_set_alpn_protos(context->context(), protocol_string,
|
| + protocol_string_len);
|
| }
|
| ASSERT(status == 0); // The function returns a non-standard status.
|
| }
|
| @@ -1545,7 +1504,7 @@ void SSLFilter::Connect(const char* hostname,
|
|
|
| if (is_server_) {
|
| int certificate_mode =
|
| - request_client_certificate ? SSL_VERIFY_PEER : SSL_VERIFY_NONE;
|
| + request_client_certificate ? SSL_VERIFY_PEER : SSL_VERIFY_NONE;
|
| if (require_client_certificate) {
|
| certificate_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
|
| }
|
| @@ -1558,9 +1517,9 @@ void SSLFilter::Connect(const char* hostname,
|
| // against the certificate presented by the server.
|
| X509_VERIFY_PARAM* certificate_checking_parameters = SSL_get0_param(ssl_);
|
| hostname_ = strdup(hostname);
|
| - X509_VERIFY_PARAM_set_flags(certificate_checking_parameters,
|
| - X509_V_FLAG_PARTIAL_CHAIN |
|
| - X509_V_FLAG_TRUSTED_FIRST);
|
| + X509_VERIFY_PARAM_set_flags(
|
| + certificate_checking_parameters,
|
| + X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_TRUSTED_FIRST);
|
| X509_VERIFY_PARAM_set_hostflags(certificate_checking_parameters, 0);
|
| status = X509_VERIFY_PARAM_set1_host(certificate_checking_parameters,
|
| hostname_, strlen(hostname_));
|
| @@ -1597,7 +1556,7 @@ void SSLFilter::Connect(const char* hostname,
|
| }
|
|
|
|
|
| -int printErrorCallback(const char *str, size_t len, void *ctx) {
|
| +int printErrorCallback(const char* str, size_t len, void* ctx) {
|
| Log::PrintErr("%.*s\n", static_cast<int>(len), str);
|
| return 1;
|
| }
|
| @@ -1617,9 +1576,9 @@ void SSLFilter::Handshake() {
|
| in_handshake_ = true;
|
| return;
|
| }
|
| - CheckStatus(status,
|
| - "HandshakeException",
|
| - is_server_ ? "Handshake error in server" : "Handshake error in client");
|
| + CheckStatus(status, "HandshakeException", is_server_
|
| + ? "Handshake error in server"
|
| + : "Handshake error in client");
|
| // Handshake succeeded.
|
| if (in_handshake_) {
|
| // TODO(24071): Check return value of SSL_get_verify_result, this
|
| @@ -1721,8 +1680,7 @@ int SSLFilter::ProcessReadPlaintextBuffer(int start, int end) {
|
| int bytes_processed = 0;
|
| if (length > 0) {
|
| bytes_processed = SSL_read(
|
| - ssl_,
|
| - reinterpret_cast<char*>((buffers_[kReadPlaintext] + start)),
|
| + ssl_, reinterpret_cast<char*>((buffers_[kReadPlaintext] + start)),
|
| length);
|
| if (bytes_processed < 0) {
|
| int error = SSL_get_error(ssl_, bytes_processed);
|
| @@ -1736,8 +1694,8 @@ int SSLFilter::ProcessReadPlaintextBuffer(int start, int end) {
|
|
|
| int SSLFilter::ProcessWritePlaintextBuffer(int start, int end) {
|
| int length = end - start;
|
| - int bytes_processed = SSL_write(
|
| - ssl_, buffers_[kWritePlaintext] + start, length);
|
| + int bytes_processed =
|
| + SSL_write(ssl_, buffers_[kWritePlaintext] + start, length);
|
| if (bytes_processed < 0) {
|
| if (SSL_LOG_DATA) {
|
| Log::Print("SSL_write returned error %d\n", bytes_processed);
|
| @@ -1751,8 +1709,8 @@ int SSLFilter::ProcessWritePlaintextBuffer(int start, int end) {
|
| /* Read encrypted data from the circular buffer to the filter */
|
| int SSLFilter::ProcessReadEncryptedBuffer(int start, int end) {
|
| int length = end - start;
|
| - if (SSL_LOG_DATA) Log::Print(
|
| - "Entering ProcessReadEncryptedBuffer with %d bytes\n", length);
|
| + if (SSL_LOG_DATA)
|
| + Log::Print("Entering ProcessReadEncryptedBuffer with %d bytes\n", length);
|
| int bytes_processed = 0;
|
| if (length > 0) {
|
| bytes_processed =
|
| @@ -1760,14 +1718,15 @@ int SSLFilter::ProcessReadEncryptedBuffer(int start, int end) {
|
| if (bytes_processed <= 0) {
|
| bool retry = BIO_should_retry(socket_side_);
|
| if (!retry) {
|
| - if (SSL_LOG_DATA) Log::Print(
|
| - "BIO_write failed in ReadEncryptedBuffer\n");
|
| + if (SSL_LOG_DATA)
|
| + Log::Print("BIO_write failed in ReadEncryptedBuffer\n");
|
| }
|
| bytes_processed = 0;
|
| }
|
| }
|
| - if (SSL_LOG_DATA) Log::Print(
|
| - "Leaving ProcessReadEncryptedBuffer wrote %d bytes\n", bytes_processed);
|
| + if (SSL_LOG_DATA)
|
| + Log::Print("Leaving ProcessReadEncryptedBuffer wrote %d bytes\n",
|
| + bytes_processed);
|
| return bytes_processed;
|
| }
|
|
|
| @@ -1776,16 +1735,17 @@ int SSLFilter::ProcessWriteEncryptedBuffer(int start, int end) {
|
| int length = end - start;
|
| int bytes_processed = 0;
|
| if (length > 0) {
|
| - bytes_processed = BIO_read(socket_side_,
|
| - buffers_[kWriteEncrypted] + start,
|
| - length);
|
| + bytes_processed =
|
| + BIO_read(socket_side_, buffers_[kWriteEncrypted] + start, length);
|
| if (bytes_processed < 0) {
|
| - if (SSL_LOG_DATA) Log::Print(
|
| - "WriteEncrypted BIO_read returned error %d\n", bytes_processed);
|
| + if (SSL_LOG_DATA)
|
| + Log::Print("WriteEncrypted BIO_read returned error %d\n",
|
| + bytes_processed);
|
| return 0;
|
| } else {
|
| - if (SSL_LOG_DATA) Log::Print(
|
| - "WriteEncrypted BIO_read wrote %d bytes\n", bytes_processed);
|
| + if (SSL_LOG_DATA)
|
| + Log::Print("WriteEncrypted BIO_read wrote %d bytes\n",
|
| + bytes_processed);
|
| }
|
| }
|
| return bytes_processed;
|
|
|
Chromium Code Reviews
Issue 2480793002:
clang-format runtime/bin (Closed)
