Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 92c34509f0f20eadd397d6be1dfeab5190d174e6^! / . / hs20 / client / est.c
commit92c34509f0f20eadd397d6be1dfeab5190d174e6[log] [tgz]
authorDavid Benjamin <davidben@google.com>Mon Jun 13 12:22:05 2022 -0400
committerDavid Benjamin <davidben@google.com>Mon Jun 13 12:24:32 2022 -0400
tree0dd18c0cb786e596d3af3e2a4036a0937a37d7c2
parent2cae922f950875a38ad20fab6ae945f874de41bf [diff] [blame]
Remove a host of incorrect OPENSSL_IS_BORINGSSL ifdefs

The <openssl/buf.h> include is neccessary in both OpenSSL and BoringSSL
because the file uses BUF_MEM (IWYU). It's just that OpenSSL spells it
<openssl/buffer.h>, not matching the type, so use the compatible
spelling.

Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions are
calling into BoringSSL internals that we were only keeping around for
compatible with wpa_supplicant's incorrect use of the APIs. The correct
APIs are simply to just use the same code as OpenSSL and call the
DEFINE_STACK_OF macros.

(tls_openssl_ocsp.c needs to be rewritten entirely later, as the use of
<openssl/asn1t.h> is also quite dangerous, but I've left that alone for
now.)

Test: treehugger
Change-Id: Id923db6513f9e2833854322994aa3a113ee1579d

diff --git a/hs20/client/est.c b/hs20/client/est.c
index 97f9132..c3f27e1 100644
--- a/hs20/client/est.c
+++ b/hs20/client/est.c

@@ -17,9 +17,7 @@
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/opensslv.h>
-#ifdef OPENSSL_IS_BORINGSSL
-#include <openssl/buf.h>
-#endif /* OPENSSL_IS_BORINGSSL */
+#include <openssl/buffer.h>
 
 #include "common.h"
 #include "utils/base64.h"
@@ -220,9 +218,7 @@
 	} d;
 } AttrOrOID;
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
 DEFINE_STACK_OF(AttrOrOID)
-#endif
 
 typedef struct {
 	int type;
@@ -340,30 +336,13 @@
 	if (!csrattrs || ! csrattrs->attrs)
 		return;
 
-#ifdef OPENSSL_IS_BORINGSSL
-	num = sk_num(CHECKED_CAST(_STACK *, STACK_OF(AttrOrOID) *,
-				  csrattrs->attrs));
-	for (i = 0; i < num; i++) {
-		AttrOrOID *ao = sk_value(
-			CHECKED_CAST(_STACK *, const STACK_OF(AttrOrOID) *,
-				     csrattrs->attrs), i);
-		switch (ao->type) {
-		case 0:
-			add_csrattrs_oid(ctx, ao->d.oid, exts);
-			break;
-		case 1:
-			add_csrattrs_attr(ctx, ao->d.attribute, exts);
-			break;
-		}
-	}
-#else /* OPENSSL_IS_BORINGSSL */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 	num = sk_AttrOrOID_num(csrattrs->attrs);
 #else
 	num = SKM_sk_num(AttrOrOID, csrattrs->attrs);
 #endif
 	for (i = 0; i < num; i++) {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 		AttrOrOID *ao = sk_AttrOrOID_value(csrattrs->attrs, i);
 #else
 		AttrOrOID *ao = SKM_sk_value(AttrOrOID, csrattrs->attrs, i);
@@ -377,7 +356,6 @@
 			break;
 		}
 	}
-#endif /* OPENSSL_IS_BORINGSSL */
 }