Remove unnecessary "extern" from function declarations

codebuild/bin/grep_simple_mistakes.sh

@@ -177,8 +177,6 @@ for dir in $S2N_ERROR_IF_FREE; do
   done
 done
 
-#############################################
-
 #############################################
 ## Assert all ".[c|h]" source files have the correct file mode.
 #############################################
@@ -191,6 +189,17 @@ if [[ -n $S2N_FILES_WITH_WRONG_MODE ]]; then
   printf "\\033[31;1mPlease run \`find s2n-tls/ -name '*.c' -o -name '*.h' -exec chmod 644 {} \\;\` to fix all file modes.\\033[0m\\n"
 fi
 
+#############################################
+## Assert "extern" is not added to function declarations unnecessarily.
+#############################################
+S2N_FILES_ASSERT_NO_UNNECESSARY_EXTERNS=$(find "$PWD" -type f -name "s2n*.[h]" \! -path "*/api/*" \! -path "*/bindings/*")
+S2N_UNNECESSARY_EXTERNS=$(grep -REs "extern (.*?) (.*?)\(" $S2N_FILES_ASSERT_NO_UNNECESSARY_EXTERNS)
+if [[ -n $S2N_UNNECESSARY_EXTERNS ]]; then
+  FAILED=1
+  echo "Found unnecessary 'extern' in function declaration"
+  echo "$S2N_UNNECESSARY_EXTERNS"
+fi
+
 if [ $FAILED == 1 ]; then
   printf "\\033[31;1mFAILED Grep For Simple Mistakes check\\033[0m\\n"
   exit -1

crypto/s2n_cipher.h

@@ -88,8 +88,8 @@ struct s2n_cipher {
     int (*destroy_key)(struct s2n_session_key *key);
 };
 
-extern int s2n_session_key_alloc(struct s2n_session_key *key);
-extern int s2n_session_key_free(struct s2n_session_key *key);
+int s2n_session_key_alloc(struct s2n_session_key *key);
+int s2n_session_key_free(struct s2n_session_key *key);
 
 extern const struct s2n_cipher s2n_null_cipher;
 extern const struct s2n_cipher s2n_rc4;

crypto/s2n_dhe.h

@@ -24,12 +24,12 @@ struct s2n_dh_params {
     DH *dh;
 };
 
-extern int s2n_pkcs3_to_dh_params(struct s2n_dh_params *dh_params, struct s2n_blob *pkcs3);
-extern int s2n_dh_p_g_Ys_to_dh_params(struct s2n_dh_params *server_dh_params, struct s2n_blob *p, struct s2n_blob *g, struct s2n_blob *ys);
-extern int s2n_dh_params_to_p_g_Ys(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *out, struct s2n_blob *output);
-extern int s2n_dh_compute_shared_secret_as_server(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *Yc_in, struct s2n_blob *shared_key);
-extern int s2n_dh_compute_shared_secret_as_client(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *Yc_out, struct s2n_blob *shared_key);
-extern int s2n_dh_params_copy(struct s2n_dh_params *from, struct s2n_dh_params *to);
-extern int s2n_dh_params_check(struct s2n_dh_params *dh_params);
-extern int s2n_dh_generate_ephemeral_key(struct s2n_dh_params *dh_params);
-extern int s2n_dh_params_free(struct s2n_dh_params *dh_params);
+int s2n_pkcs3_to_dh_params(struct s2n_dh_params *dh_params, struct s2n_blob *pkcs3);
+int s2n_dh_p_g_Ys_to_dh_params(struct s2n_dh_params *server_dh_params, struct s2n_blob *p, struct s2n_blob *g, struct s2n_blob *ys);
+int s2n_dh_params_to_p_g_Ys(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *out, struct s2n_blob *output);
+int s2n_dh_compute_shared_secret_as_server(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *Yc_in, struct s2n_blob *shared_key);
+int s2n_dh_compute_shared_secret_as_client(struct s2n_dh_params *server_dh_params, struct s2n_stuffer *Yc_out, struct s2n_blob *shared_key);
+int s2n_dh_params_copy(struct s2n_dh_params *from, struct s2n_dh_params *to);
+int s2n_dh_params_check(struct s2n_dh_params *dh_params);
+int s2n_dh_generate_ephemeral_key(struct s2n_dh_params *dh_params);
+int s2n_dh_params_free(struct s2n_dh_params *dh_params);

crypto/s2n_ecdsa.h

@@ -43,8 +43,8 @@ struct s2n_ecdsa_key {
 typedef struct s2n_ecdsa_key s2n_ecdsa_public_key;
 typedef struct s2n_ecdsa_key s2n_ecdsa_private_key;
 
-extern int s2n_ecdsa_pkey_init(struct s2n_pkey *pkey);
-extern int s2n_ecdsa_pkey_matches_curve(const struct s2n_ecdsa_key *ecdsa_key, const struct s2n_ecc_named_curve *curve);
+int s2n_ecdsa_pkey_init(struct s2n_pkey *pkey);
+int s2n_ecdsa_pkey_matches_curve(const struct s2n_ecdsa_key *ecdsa_key, const struct s2n_ecc_named_curve *curve);
 
-extern int s2n_evp_pkey_to_ecdsa_public_key(s2n_ecdsa_public_key *ecdsa_key, EVP_PKEY *pkey);
-extern int s2n_evp_pkey_to_ecdsa_private_key(s2n_ecdsa_private_key *ecdsa_key, EVP_PKEY *pkey);
+int s2n_evp_pkey_to_ecdsa_public_key(s2n_ecdsa_public_key *ecdsa_key, EVP_PKEY *pkey);
+int s2n_evp_pkey_to_ecdsa_private_key(s2n_ecdsa_private_key *ecdsa_key, EVP_PKEY *pkey);

crypto/s2n_evp.h

@@ -52,5 +52,5 @@ struct s2n_evp_hmac_state {
 #define S2N_EVP_PKEY_CTX_set_signature_md(ctx, md) \
     EVP_PKEY_CTX_set_signature_md(ctx, (EVP_MD *) (uintptr_t) md)
 
-extern int s2n_digest_allow_md5_for_fips(struct s2n_evp_digest *evp_digest);
-extern S2N_RESULT s2n_digest_is_md5_allowed_for_fips(struct s2n_evp_digest *evp_digest, bool *out);
+int s2n_digest_allow_md5_for_fips(struct s2n_evp_digest *evp_digest);
+S2N_RESULT s2n_digest_is_md5_allowed_for_fips(struct s2n_evp_digest *evp_digest, bool *out);

crypto/s2n_fips.h

@@ -19,6 +19,6 @@
 
 #pragma once
 
-extern int s2n_fips_init(void);
-extern int s2n_is_in_fips_mode(void);
+int s2n_fips_init(void);
+int s2n_is_in_fips_mode(void);
 bool s2n_libcrypto_is_fips(void);

crypto/s2n_hash.h

@@ -88,18 +88,18 @@ struct s2n_hash {
 
 bool s2n_hash_evp_fully_supported();
 const EVP_MD *s2n_hash_alg_to_evp_md(s2n_hash_algorithm alg);
-extern int s2n_hash_digest_size(s2n_hash_algorithm alg, uint8_t *out);
-extern int s2n_hash_block_size(s2n_hash_algorithm alg, uint64_t *block_size);
-extern bool s2n_hash_is_available(s2n_hash_algorithm alg);
-extern int s2n_hash_is_ready_for_input(struct s2n_hash_state *state);
-extern int s2n_hash_new(struct s2n_hash_state *state);
+int s2n_hash_digest_size(s2n_hash_algorithm alg, uint8_t *out);
+int s2n_hash_block_size(s2n_hash_algorithm alg, uint64_t *block_size);
+bool s2n_hash_is_available(s2n_hash_algorithm alg);
+int s2n_hash_is_ready_for_input(struct s2n_hash_state *state);
+int s2n_hash_new(struct s2n_hash_state *state);
 S2N_RESULT s2n_hash_state_validate(struct s2n_hash_state *state);
-extern int s2n_hash_allow_md5_for_fips(struct s2n_hash_state *state);
-extern int s2n_hash_init(struct s2n_hash_state *state, s2n_hash_algorithm alg);
-extern int s2n_hash_update(struct s2n_hash_state *state, const void *data, uint32_t size);
-extern int s2n_hash_digest(struct s2n_hash_state *state, void *out, uint32_t size);
-extern int s2n_hash_copy(struct s2n_hash_state *to, struct s2n_hash_state *from);
-extern int s2n_hash_reset(struct s2n_hash_state *state);
-extern int s2n_hash_free(struct s2n_hash_state *state);
-extern int s2n_hash_get_currently_in_hash_total(struct s2n_hash_state *state, uint64_t *out);
-extern int s2n_hash_const_time_get_currently_in_hash_block(struct s2n_hash_state *state, uint64_t *out);
+int s2n_hash_allow_md5_for_fips(struct s2n_hash_state *state);
+int s2n_hash_init(struct s2n_hash_state *state, s2n_hash_algorithm alg);
+int s2n_hash_update(struct s2n_hash_state *state, const void *data, uint32_t size);
+int s2n_hash_digest(struct s2n_hash_state *state, void *out, uint32_t size);
+int s2n_hash_copy(struct s2n_hash_state *to, struct s2n_hash_state *from);
+int s2n_hash_reset(struct s2n_hash_state *state);
+int s2n_hash_free(struct s2n_hash_state *state);
+int s2n_hash_get_currently_in_hash_total(struct s2n_hash_state *state, uint64_t *out);
+int s2n_hash_const_time_get_currently_in_hash_block(struct s2n_hash_state *state, uint64_t *out);

crypto/s2n_hkdf.h

@@ -20,11 +20,11 @@
 #include "crypto/s2n_hmac.h"
 #include "utils/s2n_blob.h"
 
-extern int s2n_hkdf(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *salt,
+int s2n_hkdf(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *salt,
         const struct s2n_blob *key, const struct s2n_blob *info, struct s2n_blob *output);
 
-extern int s2n_hkdf_extract(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *salt,
+int s2n_hkdf_extract(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *salt,
         const struct s2n_blob *key, struct s2n_blob *pseudo_rand_key);
 
-extern int s2n_hkdf_expand_label(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *secret, const struct s2n_blob *label,
+int s2n_hkdf_expand_label(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *secret, const struct s2n_blob *label,
         const struct s2n_blob *context, struct s2n_blob *output);

crypto/s2n_hmac.h

@@ -60,20 +60,20 @@ struct s2n_hmac_evp_backup {
     struct s2n_hash_evp_digest outer_just_key;
 };
 
-extern int s2n_hmac_digest_size(s2n_hmac_algorithm alg, uint8_t *out);
-extern bool s2n_hmac_is_available(s2n_hmac_algorithm alg);
-extern int s2n_hmac_hash_alg(s2n_hmac_algorithm hmac_alg, s2n_hash_algorithm *out);
-extern int s2n_hash_hmac_alg(s2n_hash_algorithm hash_alg, s2n_hmac_algorithm *out);
+int s2n_hmac_digest_size(s2n_hmac_algorithm alg, uint8_t *out);
+bool s2n_hmac_is_available(s2n_hmac_algorithm alg);
+int s2n_hmac_hash_alg(s2n_hmac_algorithm hmac_alg, s2n_hash_algorithm *out);
+int s2n_hash_hmac_alg(s2n_hash_algorithm hash_alg, s2n_hmac_algorithm *out);
 
-extern int s2n_hmac_new(struct s2n_hmac_state *state);
+int s2n_hmac_new(struct s2n_hmac_state *state);
 S2N_RESULT s2n_hmac_state_validate(struct s2n_hmac_state *state);
-extern int s2n_hmac_init(struct s2n_hmac_state *state, s2n_hmac_algorithm alg, const void *key, uint32_t klen);
-extern int s2n_hmac_update(struct s2n_hmac_state *state, const void *in, uint32_t size);
-extern int s2n_hmac_digest(struct s2n_hmac_state *state, void *out, uint32_t size);
-extern int s2n_hmac_digest_two_compression_rounds(struct s2n_hmac_state *state, void *out, uint32_t size);
-extern int s2n_hmac_digest_verify(const void *a, const void *b, uint32_t len);
-extern int s2n_hmac_free(struct s2n_hmac_state *state);
-extern int s2n_hmac_reset(struct s2n_hmac_state *state);
-extern int s2n_hmac_copy(struct s2n_hmac_state *to, struct s2n_hmac_state *from);
-extern int s2n_hmac_save_evp_hash_state(struct s2n_hmac_evp_backup* backup, struct s2n_hmac_state* hmac);
-extern int s2n_hmac_restore_evp_hash_state(struct s2n_hmac_evp_backup* backup, struct s2n_hmac_state* hmac);
+int s2n_hmac_init(struct s2n_hmac_state *state, s2n_hmac_algorithm alg, const void *key, uint32_t klen);
+int s2n_hmac_update(struct s2n_hmac_state *state, const void *in, uint32_t size);
+int s2n_hmac_digest(struct s2n_hmac_state *state, void *out, uint32_t size);
+int s2n_hmac_digest_two_compression_rounds(struct s2n_hmac_state *state, void *out, uint32_t size);
+int s2n_hmac_digest_verify(const void *a, const void *b, uint32_t len);
+int s2n_hmac_free(struct s2n_hmac_state *state);
+int s2n_hmac_reset(struct s2n_hmac_state *state);
+int s2n_hmac_copy(struct s2n_hmac_state *to, struct s2n_hmac_state *from);
+int s2n_hmac_save_evp_hash_state(struct s2n_hmac_evp_backup* backup, struct s2n_hmac_state* hmac);
+int s2n_hmac_restore_evp_hash_state(struct s2n_hmac_evp_backup* backup, struct s2n_hmac_state* hmac);

crypto/s2n_rsa.h

@@ -43,7 +43,7 @@ RSA *s2n_unsafe_rsa_get_non_const(const struct s2n_rsa_key *rsa_key);
 typedef struct s2n_rsa_key s2n_rsa_public_key;
 typedef struct s2n_rsa_key s2n_rsa_private_key;
 
-extern int s2n_rsa_pkey_init(struct s2n_pkey *pkey);
+int s2n_rsa_pkey_init(struct s2n_pkey *pkey);
 
-extern int s2n_evp_pkey_to_rsa_public_key(s2n_rsa_public_key *rsa_key, EVP_PKEY *pkey);
-extern int s2n_evp_pkey_to_rsa_private_key(s2n_rsa_private_key *rsa_key, EVP_PKEY *pkey);
+int s2n_evp_pkey_to_rsa_public_key(s2n_rsa_public_key *rsa_key, EVP_PKEY *pkey);
+int s2n_evp_pkey_to_rsa_private_key(s2n_rsa_private_key *rsa_key, EVP_PKEY *pkey);

crypto/s2n_sequence.h

@@ -18,5 +18,5 @@
 #include "crypto/s2n_sequence.h"
 #include "utils/s2n_blob.h"
 
-extern int s2n_increment_sequence_number(struct s2n_blob *sequence_number);
+int s2n_increment_sequence_number(struct s2n_blob *sequence_number);
 int s2n_sequence_number_to_uint64(struct s2n_blob *sequence_number, uint64_t *output);

docs/DEVELOPMENT-GUIDE.md

@@ -270,16 +270,16 @@ To further encourage stream-oriented programming, the stuffer is also the place
 
 ```c
 /* Read and write integers in network order */
-extern int s2n_stuffer_read_uint8(struct s2n_stuffer *stuffer, uint8_t *u);
-extern int s2n_stuffer_read_uint16(struct s2n_stuffer *stuffer, uint16_t *u);
-extern int s2n_stuffer_read_uint24(struct s2n_stuffer *stuffer, uint32_t *u);
-extern int s2n_stuffer_read_uint32(struct s2n_stuffer *stuffer, uint32_t *u);
-extern int s2n_stuffer_read_uint64(struct s2n_stuffer *stuffer, uint64_t *u);
-extern int s2n_stuffer_write_uint8(struct s2n_stuffer *stuffer, uint8_t u);
-extern int s2n_stuffer_write_uint16(struct s2n_stuffer *stuffer, uint16_t u);
-extern int s2n_stuffer_write_uint24(struct s2n_stuffer *stuffer, uint32_t u);
-extern int s2n_stuffer_write_uint32(struct s2n_stuffer *stuffer, uint32_t u);
-extern int s2n_stuffer_write_uint64(struct s2n_stuffer *stuffer, uint64_t u);
+int s2n_stuffer_read_uint8(struct s2n_stuffer *stuffer, uint8_t *u);
+int s2n_stuffer_read_uint16(struct s2n_stuffer *stuffer, uint16_t *u);
+int s2n_stuffer_read_uint24(struct s2n_stuffer *stuffer, uint32_t *u);
+int s2n_stuffer_read_uint32(struct s2n_stuffer *stuffer, uint32_t *u);
+int s2n_stuffer_read_uint64(struct s2n_stuffer *stuffer, uint64_t *u);
+int s2n_stuffer_write_uint8(struct s2n_stuffer *stuffer, uint8_t u);
+int s2n_stuffer_write_uint16(struct s2n_stuffer *stuffer, uint16_t u);
+int s2n_stuffer_write_uint24(struct s2n_stuffer *stuffer, uint32_t u);
+int s2n_stuffer_write_uint32(struct s2n_stuffer *stuffer, uint32_t u);
+int s2n_stuffer_write_uint64(struct s2n_stuffer *stuffer, uint64_t u);
 ```
 
 and there are other utility functions for handling base64 encoding to and from a stuffer, or text manipulation - like tokenization. The idea is to implement basic serializing just once, rather than spread out and duplicated across the message parsers, and to maximize the declarative nature of the I/O. For example, this code parses a TLS record header:

error/s2n_errno.h

@@ -355,10 +355,10 @@ struct s2n_stacktrace {
     int trace_size;
 };
 
-extern bool s2n_stack_traces_enabled();
-extern int s2n_stack_traces_enabled_set(bool newval);
+bool s2n_stack_traces_enabled();
+int s2n_stack_traces_enabled_set(bool newval);
 
-extern int s2n_calculate_stacktrace(void);
-extern int s2n_print_stacktrace(FILE *fptr);
-extern int s2n_free_stacktrace(void);
-extern int s2n_get_stacktrace(struct s2n_stacktrace *trace);
+int s2n_calculate_stacktrace(void);
+int s2n_print_stacktrace(FILE *fptr);
+int s2n_free_stacktrace(void);
+int s2n_get_stacktrace(struct s2n_stacktrace *trace);