A bunch more scopers.

Change-Id: I5c8dbfec4a404d8d1501725a90b383eb3e05c664
Reviewed-on: https://boringssl-review.googlesource.com/29591
Reviewed-by: Adam Langley <agl@google.com>

ssl/d1_srtp.cc

@@ -158,8 +158,9 @@ static int find_profile_by_name(const char *profile_name,
   return 0;
 }
 
-static int ssl_ctx_make_profiles(const char *profiles_string,
-                                 STACK_OF(SRTP_PROTECTION_PROFILE) **out) {
+static int ssl_ctx_make_profiles(
+    const char *profiles_string,
+    UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> *out) {
   UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> profiles(
       sk_SRTP_PROTECTION_PROFILE_new_null());
   if (profiles == nullptr) {
@@ -188,8 +189,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string,
     }
   } while (col);
 
-  sk_SRTP_PROTECTION_PROFILE_free(*out);
-  *out = profiles.release();
+  *out = std::move(profiles);
   return 1;
 }
 
@@ -212,8 +212,9 @@ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl) {
     return nullptr;
   }
 
-  return ssl->config->srtp_profiles != nullptr ? ssl->config->srtp_profiles
-                                               : ssl->ctx->srtp_profiles;
+  return ssl->config->srtp_profiles != nullptr
+             ? ssl->config->srtp_profiles.get()
+             : ssl->ctx->srtp_profiles.get();
 }
 
 const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *ssl) {

ssl/handshake_server.cc

@@ -535,8 +535,9 @@ static enum ssl_hs_wait_t do_select_certificate(SSL_HANDSHAKE *hs) {
 
   // Negotiate the cipher suite. This must be done after |cert_cb| so the
   // certificate is finalized.
-  SSLCipherPreferenceList *prefs =
-      hs->config->cipher_list ? hs->config->cipher_list : ssl->ctx->cipher_list;
+  SSLCipherPreferenceList *prefs = hs->config->cipher_list
+                                       ? hs->config->cipher_list.get()
+                                       : ssl->ctx->cipher_list.get();
   hs->new_cipher = ssl3_choose_cipher(hs, &client_hello, prefs);
   if (hs->new_cipher == NULL) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER);
@@ -788,11 +789,12 @@ static enum ssl_hs_wait_t do_send_server_certificate(SSL_HANDSHAKE *hs) {
 
     // PSK ciphers begin with an identity hint.
     if (alg_a & SSL_aPSK) {
-      size_t len = (hs->config->psk_identity_hint == NULL)
+      size_t len = hs->config->psk_identity_hint == nullptr
                        ? 0
-                       : strlen(hs->config->psk_identity_hint);
+                       : strlen(hs->config->psk_identity_hint.get());
       if (!CBB_add_u16_length_prefixed(cbb.get(), &child) ||
-          !CBB_add_bytes(&child, (const uint8_t *)hs->config->psk_identity_hint,
+          !CBB_add_bytes(&child,
+                         (const uint8_t *)hs->config->psk_identity_hint.get(),
                          len)) {
         return ssl_hs_error;
       }

ssl/internal.h

@@ -524,7 +524,7 @@ const EVP_MD *ssl_get_handshake_digest(uint16_t version,
 // true on success and false on failure. If |strict| is true, nonsense will be
 // rejected. If false, nonsense will be silently ignored. An empty result is
 // considered an error regardless of |strict|.
-bool ssl_create_cipher_list(SSLCipherPreferenceList **out_cipher_list,
+bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
                             const char *rule_str, bool strict);
 
 // ssl_cipher_get_value returns the cipher suite id of |cipher|.
@@ -2417,11 +2417,11 @@ struct SSL_CONFIG {
   X509_VERIFY_PARAM *param = nullptr;
 
   // crypto
-  SSLCipherPreferenceList *cipher_list = nullptr;
+  UniquePtr<SSLCipherPreferenceList> cipher_list;
 
   // This is used to hold the local certificate used (i.e. the server
   // certificate for a server or the client certificate for a client).
-  CERT *cert = nullptr;
+  UniquePtr<CERT> cert;
 
   int (*verify_callback)(int ok,
                          X509_STORE_CTX *ctx) =
@@ -2431,47 +2431,40 @@ struct SSL_CONFIG {
       SSL *ssl, uint8_t *out_alert) = nullptr;
   // Server-only: psk_identity_hint is the identity hint to send in
   // PSK-based key exchanges.
-  char *psk_identity_hint = nullptr;
+  UniquePtr<char> psk_identity_hint;
 
-  unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
-                                      char *identity,
-                                      unsigned int max_identity_len,
-                                      uint8_t *psk,
-                                      unsigned int max_psk_len) = nullptr;
-  unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
-                                      uint8_t *psk,
-                                      unsigned int max_psk_len) = nullptr;
+  unsigned (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
+                                  unsigned max_identity_len, uint8_t *psk,
+                                  unsigned max_psk_len) = nullptr;
+  unsigned (*psk_server_callback)(SSL *ssl, const char *identity, uint8_t *psk,
+                                  unsigned max_psk_len) = nullptr;
 
   // for server side, keep the list of CA_dn we can use
-  STACK_OF(CRYPTO_BUFFER) *client_CA = nullptr;
+  UniquePtr<STACK_OF(CRYPTO_BUFFER)> client_CA;
 
   // cached_x509_client_CA is a cache of parsed versions of the elements of
   // |client_CA|.
   STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
 
   uint16_t dummy_pq_padding_len = 0;
-  size_t supported_group_list_len = 0;
-  uint16_t *supported_group_list = nullptr;  // our list
+  Array<uint16_t> supported_group_list;  // our list
 
   // The client's Channel ID private key.
-  EVP_PKEY *tlsext_channel_id_private = nullptr;
+  UniquePtr<EVP_PKEY> tlsext_channel_id_private;
 
   // For a client, this contains the list of supported protocols in wire
   // format.
-  uint8_t *alpn_client_proto_list = nullptr;
-  unsigned alpn_client_proto_list_len = 0;
+  Array<uint8_t> alpn_client_proto_list;
 
   // Contains a list of supported Token Binding key parameters.
-  uint8_t *token_binding_params = nullptr;
-  size_t token_binding_params_len = 0;
+  Array<uint8_t> token_binding_params;
 
   // Contains the QUIC transport params that this endpoint will send.
-  uint8_t *quic_transport_params = nullptr;
-  size_t quic_transport_params_len = 0;
+  Array<uint8_t> quic_transport_params;
 
   // srtp_profiles is the list of configured SRTP protection profiles for
   // DTLS-SRTP.
-  STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles = nullptr;
+  UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
 
   // verify_mode is a bitmask of |SSL_VERIFY_*| values.
   uint8_t verify_mode = SSL_VERIFY_NONE;
@@ -2712,19 +2705,16 @@ int tls1_check_group_id(const SSL_HANDSHAKE *ssl, uint16_t group_id);
 // found, it returns zero.
 int tls1_get_shared_group(SSL_HANDSHAKE *hs, uint16_t *out_group_id);
 
-// tls1_set_curves converts the array of |ncurves| NIDs pointed to by |curves|
-// into a newly allocated array of TLS group IDs. On success, the function
-// returns one and writes the array to |*out_group_ids| and its size to
-// |*out_group_ids_len|. Otherwise, it returns zero.
-int tls1_set_curves(uint16_t **out_group_ids, size_t *out_group_ids_len,
-                    const int *curves, size_t ncurves);
+// tls1_set_curves converts the array of NIDs in |curves| into a newly allocated
+// array of TLS group IDs. On success, the function returns true and writes the
+// array to |*out_group_ids|. Otherwise, it returns false.
+bool tls1_set_curves(Array<uint16_t> *out_group_ids, Span<const int> curves);
 
 // tls1_set_curves_list converts the string of curves pointed to by |curves|
 // into a newly allocated array of TLS group IDs. On success, the function
-// returns one and writes the array to |*out_group_ids| and its size to
-// |*out_group_ids_len|. Otherwise, it returns zero.
-int tls1_set_curves_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
-                         const char *curves);
+// returns true and writes the array to |*out_group_ids|. Otherwise, it returns
+// false.
+bool tls1_set_curves_list(Array<uint16_t> *out_group_ids, const char *curves);
 
 // ssl_add_clienthello_tlsext writes ClientHello extensions to |out|. It
 // returns one on success and zero on failure. The |header_len| argument is the
@@ -2840,7 +2830,7 @@ struct ssl_ctx_st {
   // configuration.
   tls13_variant_t tls13_variant = tls13_default;
 
-  bssl::SSLCipherPreferenceList *cipher_list = nullptr;
+  bssl::UniquePtr<bssl::SSLCipherPreferenceList> cipher_list;
 
   X509_STORE *cert_store = nullptr;
   LHASH_OF(SSL_SESSION) *sessions = nullptr;
@@ -2914,7 +2904,7 @@ struct ssl_ctx_st {
   void (*info_callback)(const SSL *ssl, int type, int value) = nullptr;
 
   // what we put in client cert requests
-  STACK_OF(CRYPTO_BUFFER) *client_CA = nullptr;
+  bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> client_CA;
 
   // cached_x509_client_CA is a cache of parsed versions of the elements of
   // |client_CA|.
@@ -2930,7 +2920,7 @@ struct ssl_ctx_st {
   uint32_t mode = SSL_MODE_NO_AUTO_CHAIN;
   uint32_t max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
 
-  bssl::CERT *cert = nullptr;
+  bssl::UniquePtr<bssl::CERT> cert;
 
   // callback that allows applications to peek at protocol messages
   void (*msg_callback)(int write_p, int version, int content_type,
@@ -2976,7 +2966,7 @@ struct ssl_ctx_st {
 
   // Server-only: psk_identity_hint is the default identity hint to send in
   // PSK-based key exchanges.
-  char *psk_identity_hint = nullptr;
+  bssl::UniquePtr<char> psk_identity_hint;
 
   unsigned (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
                                   unsigned max_identity_len, uint8_t *psk,
@@ -3018,21 +3008,19 @@ struct ssl_ctx_st {
 
   // For a client, this contains the list of supported protocols in wire
   // format.
-  uint8_t *alpn_client_proto_list = nullptr;
-  unsigned alpn_client_proto_list_len = 0;
+  bssl::Array<uint8_t> alpn_client_proto_list;
 
   // SRTP profiles we are willing to do from RFC 5764
-  STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles = nullptr;
+  bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
 
   // Defined compression algorithms for certificates.
   STACK_OF(CertCompressionAlg) *cert_compression_algs = nullptr;
 
   // Supported group values inherited by SSL structure
-  size_t supported_group_list_len = 0;
-  uint16_t *supported_group_list = nullptr;
+  bssl::Array<uint16_t> supported_group_list;
 
   // The client's Channel ID private key.
-  EVP_PKEY *tlsext_channel_id_private = nullptr;
+  bssl::UniquePtr<EVP_PKEY> tlsext_channel_id_private;
 
   // keylog_callback, if not NULL, is the key logging callback. See
   // |SSL_CTX_set_keylog_callback|.
@@ -3058,8 +3046,7 @@ struct ssl_ctx_st {
 
   // verify_sigalgs, if not empty, is the set of signature algorithms
   // accepted from the peer in decreasing order of preference.
-  uint16_t *verify_sigalgs = nullptr;
-  size_t num_verify_sigalgs = 0;
+  bssl::Array<uint16_t> verify_sigalgs;
 
   // retain_only_sha256_of_client_certs is true if we should compute the SHA256
   // hash of the peer's certificate and then discard it to save memory and

ssl/ssl_cert.cc

@@ -656,11 +656,11 @@ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
 }
 
 bool ssl_has_client_CAs(const SSL_CONFIG *cfg) {
-  STACK_OF(CRYPTO_BUFFER) *names = cfg->client_CA;
-  if (names == NULL) {
-    names = cfg->ssl->ctx->client_CA;
+  const STACK_OF(CRYPTO_BUFFER) *names = cfg->client_CA.get();
+  if (names == nullptr) {
+    names = cfg->ssl->ctx->client_CA.get();
   }
-  if (names == NULL) {
+  if (names == nullptr) {
     return false;
   }
   return sk_CRYPTO_BUFFER_num(names) > 0;
@@ -672,9 +672,9 @@ int ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb) {
     return 0;
   }
 
-  STACK_OF(CRYPTO_BUFFER) *names = hs->config->client_CA;
+  const STACK_OF(CRYPTO_BUFFER) *names = hs->config->client_CA.get();
   if (names == NULL) {
-    names = hs->ssl->ctx->client_CA;
+    names = hs->ssl->ctx->client_CA.get();
   }
   if (names == NULL) {
     return CBB_flush(cbb);
@@ -760,14 +760,14 @@ int SSL_set_chain_and_key(SSL *ssl, CRYPTO_BUFFER *const *certs,
   if (!ssl->config) {
     return 0;
   }
-  return cert_set_chain_and_key(ssl->config->cert, certs, num_certs, privkey,
-                                privkey_method);
+  return cert_set_chain_and_key(ssl->config->cert.get(), certs, num_certs,
+                                privkey, privkey_method);
 }
 
 int SSL_CTX_set_chain_and_key(SSL_CTX *ctx, CRYPTO_BUFFER *const *certs,
                               size_t num_certs, EVP_PKEY *privkey,
                               const SSL_PRIVATE_KEY_METHOD *privkey_method) {
-  return cert_set_chain_and_key(ctx->cert, certs, num_certs, privkey,
+  return cert_set_chain_and_key(ctx->cert.get(), certs, num_certs, privkey,
                                 privkey_method);
 }
 
@@ -778,7 +778,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, size_t der_len,
     return 0;
   }
 
-  return ssl_set_cert(ctx->cert, std::move(buffer));
+  return ssl_set_cert(ctx->cert.get(), std::move(buffer));
 }
 
 int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {
@@ -787,19 +787,19 @@ int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {
     return 0;
   }
 
-  return ssl_set_cert(ssl->config->cert, std::move(buffer));
+  return ssl_set_cert(ssl->config->cert.get(), std::move(buffer));
 }
 
 void SSL_CTX_set_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, void *arg),
                          void *arg) {
-  ssl_cert_set_cert_cb(ctx->cert, cb, arg);
+  ssl_cert_set_cert_cb(ctx->cert.get(), cb, arg);
 }
 
 void SSL_set_cert_cb(SSL *ssl, int (*cb)(SSL *ssl, void *arg), void *arg) {
   if (!ssl->config) {
     return;
   }
-  ssl_cert_set_cert_cb(ssl->config->cert, cb, arg);
+  ssl_cert_set_cert_cb(ssl->config->cert.get(), cb, arg);
 }
 
 const STACK_OF(CRYPTO_BUFFER) *SSL_get0_peer_certificates(const SSL *ssl) {
@@ -834,15 +834,16 @@ static int set_signed_cert_timestamp_list(CERT *cert, const uint8_t *list,
 
 int SSL_CTX_set_signed_cert_timestamp_list(SSL_CTX *ctx, const uint8_t *list,
                                            size_t list_len) {
-  return set_signed_cert_timestamp_list(ctx->cert, list, list_len);
+  return set_signed_cert_timestamp_list(ctx->cert.get(), list, list_len);
 }
 
 int SSL_set_signed_cert_timestamp_list(SSL *ssl, const uint8_t *list,
                                        size_t list_len) {
   if (!ssl->config) {
     return 0;
   }
-  return set_signed_cert_timestamp_list(ssl->config->cert, list, list_len);
+  return set_signed_cert_timestamp_list(ssl->config->cert.get(), list,
+                                        list_len);
 }
 
 int SSL_CTX_set_ocsp_response(SSL_CTX *ctx, const uint8_t *response,
@@ -864,15 +865,13 @@ int SSL_set_ocsp_response(SSL *ssl, const uint8_t *response,
 
 void SSL_CTX_set0_client_CAs(SSL_CTX *ctx, STACK_OF(CRYPTO_BUFFER) *name_list) {
   ctx->x509_method->ssl_ctx_flush_cached_client_CA(ctx);
-  sk_CRYPTO_BUFFER_pop_free(ctx->client_CA, CRYPTO_BUFFER_free);
-  ctx->client_CA = name_list;
+  ctx->client_CA.reset(name_list);
 }
 
 void SSL_set0_client_CAs(SSL *ssl, STACK_OF(CRYPTO_BUFFER) *name_list) {
   if (!ssl->config) {
     return;
   }
   ssl->ctx->x509_method->ssl_flush_cached_client_CA(ssl->config.get());
-  sk_CRYPTO_BUFFER_pop_free(ssl->config->client_CA, CRYPTO_BUFFER_free);
-  ssl->config->client_CA = name_list;
+  ssl->config->client_CA.reset(name_list);
 }

ssl/ssl_cipher.cc

@@ -1137,7 +1137,7 @@ static bool ssl_cipher_process_rulestr(const char *rule_str,
   return true;
 }
 
-bool ssl_create_cipher_list(SSLCipherPreferenceList **out_cipher_list,
+bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
                             const char *rule_str, bool strict) {
   // Return with error if nothing to do.
   if (rule_str == NULL || out_cipher_list == NULL) {
@@ -1255,10 +1255,7 @@ bool ssl_create_cipher_list(SSLCipherPreferenceList **out_cipher_list,
     return false;
   }
 
-  if (*out_cipher_list) {
-    Delete(*out_cipher_list);
-  }
-  *out_cipher_list = pref_list.release();
+  *out_cipher_list = std::move(pref_list);
 
   // Configuring an empty cipher list is an error but still updates the
   // output.