Bug 1292006 - ss->sec.isServer is a boolean, r=ekr
authorMartin Thomson <martin.thomson@gmail.com>
Thu, 04 Aug 2016 17:13:21 +1000
changeset 12468 e277aa9c4bdc2b8e791d9a1cd0874f213f5c9bb8
parent 12467 7b21ff6bd8e62cc7f02781302c57b6134a9eea79
child 12469 8119e8a86a3b26bcc2d32bbb37f0a3916761f720
push id1470
push usermartin.thomson@gmail.com
push dateMon, 15 Aug 2016 00:59:15 +0000
reviewersekr
bugs1292006
Bug 1292006 - ss->sec.isServer is a boolean, r=ekr
lib/ssl/ssl3con.c
lib/ssl/sslcon.c
lib/ssl/sslimpl.h
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -944,27 +944,25 @@ ssl3_config_match_init(sslSocket *ss)
     const ssl3CipherSuiteDef *cipher_def;
     SSLCipherAlgorithm cipher_alg;
     CK_MECHANISM_TYPE cipher_mech;
     SSLAuthType authType;
     SSLKEAType keaType;
     int i;
     int numPresent = 0;
     int numEnabled = 0;
-    PRBool isServer;
 
     PORT_Assert(ss);
     if (!ss) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return 0;
     }
     if (SSL_ALL_VERSIONS_DISABLED(&ss->vrange)) {
         return 0;
     }
-    isServer = (PRBool)(ss->sec.isServer != 0);
 
     for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
         suite = &ss->cipherSuites[i];
         if (suite->enabled) {
             ++numEnabled;
             /* We need the cipher defs to see if we have a token that can handle
              * this cipher.  It isn't part of the static definition.
              */
@@ -976,17 +974,17 @@ ssl3_config_match_init(sslSocket *ss)
             cipher_alg = bulk_cipher_defs[cipher_def->bulk_cipher_alg].calg;
             cipher_mech = ssl3_Alg2Mech(cipher_alg);
 
             /* Mark the suites that are backed by real tokens, certs and keys */
             suite->isPresent = PR_TRUE;
 
             authType = kea_defs[cipher_def->key_exchange_alg].authKeyType;
             if (authType != ssl_auth_null) {
-                if (isServer && !ssl_HasCert(ss, authType)) {
+                if (ss->sec.isServer && !ssl_HasCert(ss, authType)) {
                     suite->isPresent = PR_FALSE;
                 }
                 if (!PK11_TokenExists(auth_alg_defs[authType])) {
                     suite->isPresent = PR_FALSE;
                 }
             }
 
             keaType = kea_defs[cipher_def->key_exchange_alg].exchKeyType;
@@ -11524,17 +11522,17 @@ ssl3_HandleCertificate(sslSocket *ss, SS
 SECStatus
 ssl3_CompleteHandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
 {
     ssl3CertNode *c;
     ssl3CertNode *lastCert = NULL;
     PRInt32 remaining = 0;
     PRInt32 size;
     SECStatus rv;
-    PRBool isServer = (PRBool)(!!ss->sec.isServer);
+    PRBool isServer = ss->sec.isServer;
     PRBool isTLS;
     SSL3AlertDescription desc;
     int errCode = SSL_ERROR_RX_MALFORMED_CERTIFICATE;
     SECItem certItem;
 
     if (ss->sec.peerCert != NULL) {
         if (ss->sec.peerKey) {
             SECKEY_DestroyPublicKey(ss->sec.peerKey);
@@ -11690,17 +11688,17 @@ loser:
     (void)ssl_MapLowLevelError(errCode);
     return SECFailure;
 }
 
 static SECStatus
 ssl3_AuthCertificate(sslSocket *ss)
 {
     SECStatus rv;
-    PRBool isServer = (PRBool)(!!ss->sec.isServer);
+    PRBool isServer = ss->sec.isServer;
     int errCode;
 
     ss->ssl3.hs.authCertificatePending = PR_FALSE;
 
     PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all) ==
                 ssl_preinfo_all);
     /*
      * Ask caller-supplied callback function to validate cert chain.
--- a/lib/ssl/sslcon.c
+++ b/lib/ssl/sslcon.c
@@ -122,17 +122,17 @@ ssl_CheckConfigSanity(sslSocket *ss)
 SECStatus
 ssl_BeginClientHandshake(sslSocket *ss)
 {
     sslSessionID *sid;
     SECStatus rv;
 
     PORT_Assert(ss->opt.noLocks || ssl_Have1stHandshakeLock(ss));
 
-    ss->sec.isServer = 0;
+    ss->sec.isServer = PR_FALSE;
     ssl_ChooseSessionIDProcs(&ss->sec);
 
     rv = ssl_CheckConfigSanity(ss);
     if (rv != SECSuccess)
         goto loser;
 
     /* Get peer name of server */
     rv = ssl_GetPeerInfo(ss);
@@ -215,17 +215,17 @@ loser:
     return SECFailure;
 }
 
 SECStatus
 ssl_BeginServerHandshake(sslSocket *ss)
 {
     SECStatus rv;
 
-    ss->sec.isServer = 1;
+    ss->sec.isServer = PR_TRUE;
     ssl_ChooseSessionIDProcs(&ss->sec);
 
     rv = ssl_CheckConfigSanity(ss);
     if (rv != SECSuccess)
         goto loser;
 
     ss->handshake = ssl_GatherRecord1stHandshake;
     return SECSuccess;
--- a/lib/ssl/sslimpl.h
+++ b/lib/ssl/sslimpl.h
@@ -1157,17 +1157,17 @@ struct sslConnectInfoStr {
 
 /* Note: The entire content of this struct and whatever it points to gets
  * blown away by SSL_ResetHandshake().  This is "sec" as in "ss->sec".
  *
  * Unless otherwise specified below, the contents of this struct are
  * protected by firstHandshakeLock AND ssl3HandshakeLock.
  */
 struct sslSecurityInfoStr {
-    int isServer;       /* Spec Lock?*/
+    PRBool isServer;
     sslBuffer writeBuf; /*xmitBufLock*/
 
     int cipherType;
     int keyBits;
     int secretKeyBits;
     CERTCertificate *localCert;
     CERTCertificate *peerCert;
     SECKEYPublicKey *peerKey;