This is an automated email from the ASF dual-hosted git repository.
mochen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new ce7410c97a Clean up some linter warnings in SSLNetVConnection (#11937)
ce7410c97a is described below
commit ce7410c97ae5c41d47cea1b03048e1ba931cbcf3
Author: Mo Chen <[email protected]>
AuthorDate: Mon Jan 13 15:39:57 2025 -0600
Clean up some linter warnings in SSLNetVConnection (#11937)
* Remove unused #includes
* Use C++20 instead of C typedefs
* Convert some #define constants to constexpr
---
src/api/InkAPI.cc | 2 +-
src/iocore/net/P_SSLNetVConnection.h | 31 ++++++++++++++-----------------
src/iocore/net/SSLNetVConnection.cc | 12 +++++-------
3 files changed, 20 insertions(+), 25 deletions(-)
diff --git a/src/api/InkAPI.cc b/src/api/InkAPI.cc
index 8a2ffdd459..a1925e848c 100644
--- a/src/api/InkAPI.cc
+++ b/src/api/InkAPI.cc
@@ -7916,7 +7916,7 @@ TSVConnTunnel(TSVConn sslp)
SSLNetVConnection *ssl_vc = dynamic_cast<SSLNetVConnection *>(vc);
TSReturnCode zret = TS_SUCCESS;
if (nullptr != ssl_vc) {
- ssl_vc->hookOpRequested = SSL_HOOK_OP_TUNNEL;
+ ssl_vc->hookOpRequested = SslVConnOp::SSL_HOOK_OP_TUNNEL;
} else {
zret = TS_ERROR;
}
diff --git a/src/iocore/net/P_SSLNetVConnection.h
b/src/iocore/net/P_SSLNetVConnection.h
index 2babaeb0d6..e9a959d948 100644
--- a/src/iocore/net/P_SSLNetVConnection.h
+++ b/src/iocore/net/P_SSLNetVConnection.h
@@ -31,10 +31,8 @@
****************************************************************************/
#pragma once
-#include "tscore/ink_platform.h"
#include "ts/apidefs.h"
-#include "../eventsystem/P_EventSystem.h"
#include "P_UnixNetVConnection.h"
#include "P_UnixNet.h"
#include "iocore/net/TLSALPNSupport.h"
@@ -68,7 +66,7 @@
#define SSL_TLSEXT_ERR_NOACK 3
#endif
-#define SSL_OP_HANDSHAKE 0x16
+constexpr char SSL_OP_HANDSHAKE = 0x16;
// TS-2503: dynamic TLS record sizing
// For smaller records, we should also reserve space for various TCP options
@@ -76,19 +74,18 @@
// (another 20-60 bytes on average, depending on the negotiated ciphersuite
[2]).
// All in all: 1500 - 40 (IP) - 20 (TCP) - 40 (TCP options) - TLS overhead
(60-100)
// For larger records, the size is determined by TLS protocol record size
-#define SSL_DEF_TLS_RECORD_SIZE 1300 // 1500 - 40 (IP) - 20 (TCP) -
40 (TCP options) - TLS overhead (60-100)
-#define SSL_MAX_TLS_RECORD_SIZE 16383 // 2^14 - 1
-#define SSL_DEF_TLS_RECORD_BYTE_THRESHOLD 1000000
-#define SSL_DEF_TLS_RECORD_MSEC_THRESHOLD 1000
+constexpr uint32_t SSL_DEF_TLS_RECORD_SIZE = 1300; // 1500 - 40 (IP)
- 20 (TCP) - 40 (TCP options) - TLS overhead (60-100)
+constexpr uint32_t SSL_MAX_TLS_RECORD_SIZE = 16383; // 2^14 - 1
+constexpr int64_t SSL_DEF_TLS_RECORD_BYTE_THRESHOLD = 1000000;
+constexpr int SSL_DEF_TLS_RECORD_MSEC_THRESHOLD = 1000;
struct SSLCertLookup;
-typedef enum {
- SSL_HOOK_OP_DEFAULT, ///< Null / initialization value.
Do normal processing.
- SSL_HOOK_OP_TUNNEL, ///< Switch to blind tunnel
- SSL_HOOK_OP_TERMINATE, ///< Termination connection /
transaction.
- SSL_HOOK_OP_LAST = SSL_HOOK_OP_TERMINATE ///< End marker value.
-} SslVConnOp;
+enum class SslVConnOp {
+ SSL_HOOK_OP_DEFAULT, ///< Null / initialization value. Do normal processing.
+ SSL_HOOK_OP_TUNNEL, ///< Switch to blind tunnel
+ SSL_HOOK_OP_TERMINATE ///< Termination connection / transaction.
+};
enum class SSLHandshakeStatus { SSL_HANDSHAKE_ONGOING, SSL_HANDSHAKE_DONE,
SSL_HANDSHAKE_ERROR };
@@ -109,7 +106,7 @@ class SSLNetVConnection : public UnixNetVConnection,
public TLSEventSupport,
public TLSBasicSupport
{
- typedef UnixNetVConnection super; ///< Parent type.
+ using super = UnixNetVConnection; ///< Parent type.
public:
int sslStartHandShake(int event, int &err) override;
@@ -237,7 +234,7 @@ public:
std::shared_ptr<SSL_SESSION> client_sess = nullptr;
/// Set by asynchronous hooks to request a specific operation.
- SslVConnOp hookOpRequested = SSL_HOOK_OP_DEFAULT;
+ SslVConnOp hookOpRequested = SslVConnOp::SSL_HOOK_OP_DEFAULT;
// noncopyable
SSLNetVConnection(const SSLNetVConnection &) = delete;
@@ -326,7 +323,7 @@ protected:
bool
_is_tunneling_requested() const override
{
- return SSL_HOOK_OP_TUNNEL == hookOpRequested;
+ return SslVConnOp::SSL_HOOK_OP_TUNNEL == hookOpRequested;
}
void
_switch_to_tunneling_mode() override
@@ -386,6 +383,6 @@ private:
void _out_context_tunnel() override;
};
-typedef int (SSLNetVConnection::*SSLNetVConnHandler)(int, void *);
+using SSLNetVConnHandler = int (SSLNetVConnection::*)(int, void *);
extern ClassAllocator<SSLNetVConnection> sslNetVCAllocator;
diff --git a/src/iocore/net/SSLNetVConnection.cc
b/src/iocore/net/SSLNetVConnection.cc
index 12055c6ca7..efbd16b6a1 100644
--- a/src/iocore/net/SSLNetVConnection.cc
+++ b/src/iocore/net/SSLNetVConnection.cc
@@ -23,12 +23,10 @@
#include "iocore/net/NetVConnection.h"
#include "tscore/ink_config.h"
-#include "tscore/EventNotify.h"
#include "tscore/Layout.h"
#include "tscore/InkErrno.h"
#include "tscore/TSSystemState.h"
-#include "api/InkAPIInternal.h" // Added to include the ssl_hook definitions
#include "iocore/net/ProxyProtocol.h"
#include "iocore/net/SSLSNIConfig.h"
@@ -918,7 +916,7 @@ SSLNetVConnection::clear()
sslTotalBytesSent = 0;
sslClientRenegotiationAbort = false;
- hookOpRequested = SSL_HOOK_OP_DEFAULT;
+ hookOpRequested = SslVConnOp::SSL_HOOK_OP_DEFAULT;
free_handshake_buffers();
super::clear();
@@ -1034,7 +1032,7 @@ SSLNetVConnection::sslStartHandShake(int event, int &err)
this->ssl = nullptr;
return EVENT_DONE;
} else {
- hookOpRequested = SSL_HOOK_OP_TUNNEL;
+ hookOpRequested = SslVConnOp::SSL_HOOK_OP_TUNNEL;
}
}
@@ -1194,7 +1192,7 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
// without data replay.
// Note we can't arrive here if a hook is active.
- if (SSL_HOOK_OP_TUNNEL == hookOpRequested) {
+ if (SslVConnOp::SSL_HOOK_OP_TUNNEL == hookOpRequested) {
this->attributes = HttpProxyPort::TRANSPORT_BLIND_TUNNEL;
SSL_free(this->ssl);
this->ssl = nullptr;
@@ -1203,7 +1201,7 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
// we get out of this callback, and then will shuffle
// over the buffered handshake packets to the O.S.
return EVENT_DONE;
- } else if (SSL_HOOK_OP_TERMINATE == hookOpRequested) {
+ } else if (SslVConnOp::SSL_HOOK_OP_TERMINATE == hookOpRequested) {
sslHandshakeStatus = SSLHandshakeStatus::SSL_HANDSHAKE_DONE;
return EVENT_DONE;
}
@@ -1395,7 +1393,7 @@ SSLNetVConnection::sslServerHandShakeEvent(int &err)
case SSL_ERROR_PENDING_CERTIFICATE:
#endif
#if defined(SSL_ERROR_WANT_SNI_RESOLVE) || defined(SSL_ERROR_WANT_X509_LOOKUP)
|| defined(SSL_ERROR_PENDING_CERTIFICATE)
- if (this->attributes == HttpProxyPort::TRANSPORT_BLIND_TUNNEL ||
SSL_HOOK_OP_TUNNEL == hookOpRequested) {
+ if (this->attributes == HttpProxyPort::TRANSPORT_BLIND_TUNNEL ||
SslVConnOp::SSL_HOOK_OP_TUNNEL == hookOpRequested) {
this->attributes = HttpProxyPort::TRANSPORT_BLIND_TUNNEL;
sslHandshakeStatus = SSLHandshakeStatus::SSL_HANDSHAKE_ONGOING;
return EVENT_CONT;
