Use uint32_t consistently for flags.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2024-12-18 22:43:41 +08:00 · 2015-07-14 23:19:11 +01:00 · 2015-07-14 23:19:11 +01:00 · f7d5348710
commit f7d5348710
parent 0bc2f36555
4 changed files with 18 additions and 18 deletions
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@ -124,11 +124,11 @@ struct ssl_conf_ctx_st {
    SSL_CTX *ctx;
    SSL *ssl;
    /* Pointer to SSL or SSL_CTX options field or NULL if none */
-    unsigned long *poptions;
+    uint32_t *poptions;
    /* Certificate filenames for each type */
    char *cert_filename[SSL_PKEY_NUM];
    /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */
-    unsigned int *pcert_flags;
+    uint32_t *pcert_flags;
    /* Current flag table being worked on */
    const ssl_flag_tbl *tbl;
    /* Size of table */
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -1937,7 +1937,7 @@ void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher)
 {
    CERT_PKEY *cpk;
    CERT *c = s->cert;
-    int *pvalid = s->s3->tmp.valid_flags;
+    uint32_t *pvalid = s->s3->tmp.valid_flags;
    int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
    int rsa_enc_export, dh_rsa_export, dh_dsa_export;
    int rsa_tmp_export, dh_tmp_export, kl;
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@ -662,7 +662,7 @@ struct ssl_session_st {
 # ifndef OPENSSL_NO_SRP
    char *srp_username;
 # endif
-    long flags;
+    uint32_t flags;
 };

 /* Extended master secret support */
@ -720,7 +720,7 @@ struct ssl_ctx_st {
     * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
     * means only SSL_accept which cache SSL_SESSIONS.
     */
-    int session_cache_mode;
+    uint32_t session_cache_mode;
    /*
     * If timeout is not 0, it is the default timeout value set when
     * SSL_new() is called.  This has been put in to make life easier to set
@ -806,8 +806,8 @@ struct ssl_ctx_st {
     * SSL_new)
     */

-    unsigned long options;
-    unsigned long mode;
+    uint32_t options;
+    uint32_t mode;
    long max_cert_list;

    struct cert_st /* CERT */ *cert;
@ -818,7 +818,7 @@ struct ssl_ctx_st {
                          const void *buf, size_t len, SSL *ssl, void *arg);
    void *msg_callback_arg;

-    int verify_mode;
+    uint32_t verify_mode;
    unsigned int sid_ctx_length;
    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
    /* called 'verify_callback' in the SSL */
@ -1019,7 +1019,7 @@ struct ssl_st {
     * These are the ones being used, the ones in SSL_SESSION are the ones to
     * be 'copied' into these ones
     */
-    int mac_flags;
+    uint32_t mac_flags;
    EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
    EVP_MD_CTX *read_hash;      /* used for mac generation */
    COMP_CTX *compress;         /* compression */
@ -1045,7 +1045,7 @@ struct ssl_st {
     * 0 don't care about verify failure.
     * 1 fail if verify fails
     */
-    int verify_mode;
+    uint32_t verify_mode;
    /* fail if callback returns 0 */
    int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
    /* optional informational callback */
@ -1077,9 +1077,9 @@ struct ssl_st {
    STACK_OF(X509_NAME) *client_CA;
    int references;
    /* protocol behaviour */
-    unsigned long options;
+    uint32_t options;
    /* API behaviour */
-    unsigned long mode;
+    uint32_t mode;
    long max_cert_list;
    int first_packet;
    /* what was passed, used for SSLv3/TLS rollback check */
@ -1287,7 +1287,7 @@ typedef struct ssl3_state_st {
         * SSL session: e.g. appropriate curve, signature algorithms etc.
         * If zero it can't be used at all.
         */
-        int valid_flags[SSL_PKEY_NUM];
+        uint32_t valid_flags[SSL_PKEY_NUM];
        /*
         * For servers the following masks are for the key and auth algorithms
         * that are supported by the certs below. For clients they are masks of
@ -1475,7 +1475,7 @@ typedef struct {
     * Per-connection flags relating to this extension type: not used if
     * part of an SSL_CTX structure.
     */
-    unsigned short ext_flags;
+    uint32_t ext_flags;
    custom_ext_add_cb add_cb;
    custom_ext_free_cb free_cb;
    void *add_arg;
@ -1526,7 +1526,7 @@ typedef struct cert_st {
    int ecdh_tmp_auto;
 # endif
    /* Flags related to certificates */
-    unsigned int cert_flags;
+    uint32_t cert_flags;
    CERT_PKEY pkeys[SSL_PKEY_NUM];
    /*
     * Certificate types (received or sent) in certificate request message.
@ -1656,7 +1656,7 @@ typedef struct ssl3_enc_method {
                                   const unsigned char *, size_t,
                                   int use_context);
    /* Various flags indicating protocol version requirements */
-    unsigned int enc_flags;
+    uint32_t enc_flags;
    /* Handshake header length */
    unsigned int hhlen;
    /* Set the handshake header */
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -3459,7 +3459,7 @@ int tls1_process_sigalgs(SSL *s)
    size_t i;
    const EVP_MD *md;
    const EVP_MD **pmd = s->s3->tmp.md;
-    int *pvalid = s->s3->tmp.valid_flags;
+    uint32_t *pvalid = s->s3->tmp.valid_flags;
    CERT *c = s->cert;
    TLS_SIGALGS *sigptr;
    if (!tls1_set_shared_sigalgs(s))
@ -3890,7 +3890,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
    int check_flags = 0, strict_mode;
    CERT_PKEY *cpk = NULL;
    CERT *c = s->cert;
-    int *pvalid;
+    uint32_t *pvalid;
    unsigned int suiteb_flags = tls1_suiteb(s);
    /* idx == -1 means checking server chains */
    if (idx != -1) {