Add SSL_early_data_reason_string.

QUICHE has a switch-case converting ssl_early_data_reason_t to a string for logging. This causes a lot of churn when we add a new value. Instead, add a function for this. Bump BORINGSSL_API_VERSION so we can easily land a CL in QUICHE to start using the function without coordinating repositories. Change-Id: I176ca07b4f75a3ea7153a387219459665062aad9 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/43724 Reviewed-by: Nick Harper <nharper@chromium.org> Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>
4 years ago · fa9796ece4
parent 07827156c9
commit fa9796ece4
4 changed files with 44 additions and 46 deletions
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@ -187,7 +187,7 @@ extern "C" {
 // A consumer may use this symbol in the preprocessor to temporarily build
 // against multiple revisions of BoringSSL at the same time. It is not
 // recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 11
+#define BORINGSSL_API_VERSION 12

 #if defined(BORINGSSL_SHARED_LIBRARY)

--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@ -3549,6 +3549,11 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
 OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
    const SSL *ssl);

+// SSL_early_data_reason_string returns a string representation for |reason|, or
+// NULL if |reason| is unknown. This function may be used for logging.
+OPENSSL_EXPORT const char *SSL_early_data_reason_string(
+    enum ssl_early_data_reason_t reason);
+

 // Alerts.
 //
--- a/ssl/ssl_lib.cc
+++ b/ssl/ssl_lib.cc
@ -1294,6 +1294,43 @@ enum ssl_early_data_reason_t SSL_get_early_data_reason(const SSL *ssl) {
  return ssl->s3->early_data_reason;
 }

+const char *SSL_early_data_reason_string(enum ssl_early_data_reason_t reason) {
+  switch (reason) {
+    case ssl_early_data_unknown:
+      return "unknown";
+    case ssl_early_data_disabled:
+      return "disabled";
+    case ssl_early_data_accepted:
+      return "accepted";
+    case ssl_early_data_protocol_version:
+      return "protocol_version";
+    case ssl_early_data_peer_declined:
+      return "peer_declined";
+    case ssl_early_data_no_session_offered:
+      return "no_session_offered";
+    case ssl_early_data_session_not_resumed:
+      return "session_not_resumed";
+    case ssl_early_data_unsupported_for_session:
+      return "unsupported_for_session";
+    case ssl_early_data_hello_retry_request:
+      return "hello_retry_request";
+    case ssl_early_data_alpn_mismatch:
+      return "alpn_mismatch";
+    case ssl_early_data_channel_id:
+      return "channel_id";
+    case ssl_early_data_token_binding:
+      return "token_binding";
+    case ssl_early_data_ticket_age_skew:
+      return "ticket_age_skew";
+    case ssl_early_data_quic_parameter_mismatch:
+      return "quic_parameter_mismatch";
+    case ssl_early_data_alps_mismatch:
+      return "alps_mismatch";
+  }
+
+  return nullptr;
+}
+
 static int bio_retry_reason_to_error(int reason) {
  switch (reason) {
    case BIO_RR_CONNECT:
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@ -396,50 +396,6 @@ static bool CheckAuthProperties(SSL *ssl, bool is_resume,
  return true;
 }

-static const char *EarlyDataReasonToString(ssl_early_data_reason_t reason) {
-  if (reason > ssl_early_data_reason_max_value) {
-    fprintf(stderr, "ssl_early_data_reason_max_value is out of date.\n");
-    abort();
-  }
-
-  switch (reason) {
-    case ssl_early_data_unknown:
-      return "unknown";
-    case ssl_early_data_disabled:
-      return "disabled";
-    case ssl_early_data_accepted:
-      return "accepted";
-    case ssl_early_data_protocol_version:
-      return "protocol_version";
-    case ssl_early_data_peer_declined:
-      return "peer_declined";
-    case ssl_early_data_no_session_offered:
-      return "no_session_offered";
-    case ssl_early_data_session_not_resumed:
-      return "session_not_resumed";
-    case ssl_early_data_unsupported_for_session:
-      return "unsupported_for_session";
-    case ssl_early_data_hello_retry_request:
-      return "hello_retry_request";
-    case ssl_early_data_alpn_mismatch:
-      return "alpn_mismatch";
-    case ssl_early_data_channel_id:
-      return "channel_id";
-    case ssl_early_data_token_binding:
-      return "token_binding";
-    case ssl_early_data_ticket_age_skew:
-      return "ticket_age_skew";
-    case ssl_early_data_quic_parameter_mismatch:
-      return "quic_parameter_mismatch";
-    case ssl_early_data_alps_mismatch:
-      return "alps_mismatch";
-  }
-
-  fprintf(stderr, "Unknown ssl_early_data_reason_t value %d.\n",
-          static_cast<int>(reason));
-  abort();
-}
-
 // CheckHandshakeProperties checks, immediately after |ssl| completes its
 // initial handshake (or False Starts), whether all the properties are
 // consistent with the test configuration and invariants.
@ -677,7 +633,7 @@ static bool CheckHandshakeProperties(SSL *ssl, bool is_resume,
    }

    const char *early_data_reason =
-        EarlyDataReasonToString(SSL_get_early_data_reason(ssl));
+        SSL_early_data_reason_string(SSL_get_early_data_reason(ssl));
    if (!config->expect_early_data_reason.empty() &&
        config->expect_early_data_reason != early_data_reason) {
      fprintf(stderr, "Early data reason was \"%s\", expected \"%s\"\n",