aws-crt 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/aws-crt-ffi/CMakeLists.txt +49 -41
- data/aws-crt-ffi/crt/aws-c-auth/CMakeLists.txt +0 -10
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/credentials.h +3 -2
- data/aws-crt-ffi/crt/aws-c-auth/include/aws/auth/private/credentials_utils.h +4 -4
- data/aws-crt-ffi/crt/aws-c-auth/source/auth.c +1 -14
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_imds_client.c +206 -68
- data/aws-crt-ffi/crt/aws-c-auth/source/aws_signing.c +5 -0
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_cached.c +6 -6
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_default_chain.c +16 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_ecs.c +0 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_process.c +0 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_sts_web_identity.c +0 -1
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_provider_x509.c +10 -7
- data/aws-crt-ffi/crt/aws-c-auth/source/credentials_utils.c +35 -26
- data/aws-crt-ffi/crt/aws-c-auth/source/signable_chunk.c +3 -2
- data/aws-crt-ffi/crt/aws-c-auth/tests/CMakeLists.txt +3 -2
- data/aws-crt-ffi/crt/aws-c-auth/tests/aws_imds_client_test.c +1 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/credentials_provider_ecs_tests.c +3 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/credentials_provider_process_tests.c +65 -16
- data/aws-crt-ffi/crt/aws-c-auth/tests/credentials_tests.c +125 -0
- data/aws-crt-ffi/crt/aws-c-auth/tests/sigv4_signing_tests.c +68 -46
- data/aws-crt-ffi/crt/aws-c-cal/CMakeLists.txt +8 -3
- data/aws-crt-ffi/crt/aws-c-cal/bin/run_x_platform_fuzz_corpus/main.c +9 -0
- data/aws-crt-ffi/crt/aws-c-cal/builder.json +11 -3
- data/aws-crt-ffi/crt/aws-c-cal/cmake/aws-c-cal-config.cmake +14 -5
- data/aws-crt-ffi/crt/aws-c-cal/source/darwin/securityframework_ecc.c +6 -6
- data/aws-crt-ffi/crt/aws-c-cal/source/windows/bcrypt_ecc.c +12 -12
- data/aws-crt-ffi/crt/aws-c-cal/tests/test_case_helper.h +14 -14
- data/aws-crt-ffi/crt/aws-c-common/CMakeLists.txt +21 -1
- data/aws-crt-ffi/crt/aws-c-common/README.md +8 -0
- data/aws-crt-ffi/crt/aws-c-common/cmake/AwsCFlags.cmake +20 -5
- data/aws-crt-ffi/crt/aws-c-common/cmake/AwsFeatureTests.cmake +7 -1
- data/aws-crt-ffi/crt/aws-c-common/format-check.sh +1 -1
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/byte_buf.h +14 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/config.h.in +1 -0
- data/aws-crt-ffi/crt/{aws-c-auth/include/aws/auth → aws-c-common/include/aws/common}/external/cJSON.h +82 -74
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/json.h +335 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/logging.h +1 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/math.inl +2 -2
- data/aws-crt-ffi/crt/aws-c-common/include/aws/common/private/json_impl.h +22 -0
- data/aws-crt-ffi/crt/aws-c-common/include/aws/testing/aws_test_harness.h +2 -0
- data/aws-crt-ffi/crt/aws-c-common/source/byte_buf.c +36 -0
- data/aws-crt-ffi/crt/aws-c-common/source/common.c +5 -2
- data/aws-crt-ffi/crt/aws-c-common/source/external/cJSON.c +3113 -0
- data/aws-crt-ffi/crt/aws-c-common/source/file.c +9 -0
- data/aws-crt-ffi/crt/aws-c-common/source/json.c +348 -0
- data/aws-crt-ffi/crt/aws-c-common/source/logging.c +7 -2
- data/aws-crt-ffi/crt/aws-c-common/source/posix/system_info.c +8 -0
- data/aws-crt-ffi/crt/aws-c-common/source/ref_count.c +3 -1
- data/aws-crt-ffi/crt/aws-c-common/source/windows/file.c +47 -0
- data/aws-crt-ffi/crt/aws-c-common/source/windows/system_info.c +2 -1
- data/aws-crt-ffi/crt/aws-c-common/tests/CMakeLists.txt +5 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/byte_buf_test.c +69 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/json_test.c +134 -0
- data/aws-crt-ffi/crt/aws-c-common/tests/memtrace_test.c +6 -2
- data/aws-crt-ffi/crt/aws-c-event-stream/README.md +18 -35
- data/aws-crt-ffi/crt/aws-c-event-stream/include/aws/event-stream/event_stream.h +21 -2
- data/aws-crt-ffi/crt/aws-c-event-stream/include/aws/event-stream/event_stream_rpc_client.h +14 -2
- data/aws-crt-ffi/crt/aws-c-event-stream/include/aws/event-stream/event_stream_rpc_server.h +13 -0
- data/aws-crt-ffi/crt/aws-c-event-stream/include/aws/event-stream/private/event_stream_rpc_priv.h +7 -7
- data/aws-crt-ffi/crt/aws-c-event-stream/source/event_stream.c +257 -141
- data/aws-crt-ffi/crt/aws-c-event-stream/source/event_stream_channel_handler.c +1 -1
- data/aws-crt-ffi/crt/aws-c-event-stream/source/event_stream_rpc_client.c +31 -8
- data/aws-crt-ffi/crt/aws-c-event-stream/source/event_stream_rpc_server.c +63 -10
- data/aws-crt-ffi/crt/aws-c-event-stream/tests/CMakeLists.txt +2 -0
- data/aws-crt-ffi/crt/aws-c-event-stream/tests/event_stream_rpc_client_connection_test.c +157 -106
- data/aws-crt-ffi/crt/aws-c-event-stream/tests/event_stream_rpc_server_connection_test.c +168 -1
- data/aws-crt-ffi/crt/aws-c-event-stream/tests/message_deserializer_test.c +4 -2
- data/aws-crt-ffi/crt/aws-c-http/CMakeLists.txt +1 -0
- data/aws-crt-ffi/crt/aws-c-http/README.md +8 -0
- data/aws-crt-ffi/crt/aws-c-http/bin/elasticurl/main.c +1 -1
- data/aws-crt-ffi/crt/aws-c-http/builder.json +4 -3
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/connection.h +8 -1
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/connection_manager.h +45 -1
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/http2_stream_manager.h +63 -12
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/connection_impl.h +2 -1
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/h2_connection.h +20 -2
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/h2_frames.h +1 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/h2_stream.h +42 -13
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/http2_stream_manager_impl.h +17 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/http_impl.h +3 -0
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/random_access_set.h +10 -3
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/private/request_response_impl.h +3 -17
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/request_response.h +108 -4
- data/aws-crt-ffi/crt/aws-c-http/include/aws/http/statistics.h +22 -0
- data/aws-crt-ffi/crt/aws-c-http/source/connection.c +8 -3
- data/aws-crt-ffi/crt/aws-c-http/source/connection_manager.c +22 -3
- data/aws-crt-ffi/crt/aws-c-http/source/connection_monitor.c +32 -14
- data/aws-crt-ffi/crt/aws-c-http/source/h1_connection.c +14 -0
- data/aws-crt-ffi/crt/aws-c-http/source/h1_encoder.c +7 -4
- data/aws-crt-ffi/crt/aws-c-http/source/h2_connection.c +161 -45
- data/aws-crt-ffi/crt/aws-c-http/source/h2_decoder.c +37 -8
- data/aws-crt-ffi/crt/aws-c-http/source/h2_frames.c +13 -1
- data/aws-crt-ffi/crt/aws-c-http/source/h2_stream.c +345 -87
- data/aws-crt-ffi/crt/aws-c-http/source/hpack.c +3 -0
- data/aws-crt-ffi/crt/aws-c-http/source/http.c +3 -0
- data/aws-crt-ffi/crt/aws-c-http/source/http2_stream_manager.c +266 -39
- data/aws-crt-ffi/crt/aws-c-http/source/random_access_set.c +9 -3
- data/aws-crt-ffi/crt/aws-c-http/source/request_response.c +80 -20
- data/aws-crt-ffi/crt/aws-c-http/source/statistics.c +11 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/CMakeLists.txt +28 -1
- data/aws-crt-ffi/crt/aws-c-http/tests/fuzz/fuzz_h2_decoder_correct.c +5 -3
- data/aws-crt-ffi/crt/aws-c-http/tests/h2_test_helper.c +133 -29
- data/aws-crt-ffi/crt/aws-c-http/tests/h2_test_helper.h +6 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/py_localhost/README.md +40 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/py_localhost/non_tls_server.py +56 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/py_localhost/server.py +329 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/test_connection_manager.c +1 -1
- data/aws-crt-ffi/crt/aws-c-http/tests/test_connection_monitor.c +2 -2
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h1_client.c +47 -34
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h1_encoder.c +4 -4
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h1_server.c +15 -12
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h2_client.c +582 -25
- data/aws-crt-ffi/crt/aws-c-http/tests/test_h2_encoder.c +3 -3
- data/aws-crt-ffi/crt/aws-c-http/tests/test_localhost_integ.c +530 -0
- data/aws-crt-ffi/crt/aws-c-http/tests/test_stream_manager.c +459 -67
- data/aws-crt-ffi/crt/aws-c-io/CMakeLists.txt +4 -0
- data/aws-crt-ffi/crt/aws-c-io/builder.json +3 -2
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/channel.h +21 -0
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/io.h +3 -0
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/socket.h +6 -0
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/stream.h +35 -5
- data/aws-crt-ffi/crt/aws-c-io/include/aws/io/tls_channel_handler.h +211 -15
- data/aws-crt-ffi/crt/aws-c-io/source/channel.c +56 -30
- data/aws-crt-ffi/crt/aws-c-io/source/darwin/secure_transport_tls_channel_handler.c +0 -24
- data/aws-crt-ffi/crt/aws-c-io/source/io.c +9 -0
- data/aws-crt-ffi/crt/aws-c-io/source/{pkcs11.c → pkcs11_lib.c} +162 -22
- data/aws-crt-ffi/crt/aws-c-io/source/pkcs11_private.h +18 -20
- data/aws-crt-ffi/crt/aws-c-io/source/pkcs11_tls_op_handler.c +221 -0
- data/aws-crt-ffi/crt/aws-c-io/source/posix/socket.c +135 -81
- data/aws-crt-ffi/crt/aws-c-io/source/retry_strategy.c +12 -8
- data/aws-crt-ffi/crt/aws-c-io/source/s2n/s2n_tls_channel_handler.c +252 -215
- data/aws-crt-ffi/crt/aws-c-io/source/stream.c +65 -82
- data/aws-crt-ffi/crt/aws-c-io/source/tls_channel_handler.c +188 -57
- data/aws-crt-ffi/crt/aws-c-io/source/windows/iocp/socket.c +271 -256
- data/aws-crt-ffi/crt/aws-c-io/tests/CMakeLists.txt +21 -12
- data/aws-crt-ffi/crt/aws-c-io/tests/channel_test.c +32 -4
- data/aws-crt-ffi/crt/aws-c-io/tests/io_lib_test.c +37 -0
- data/aws-crt-ffi/crt/aws-c-io/tests/pkcs11_test.c +412 -93
- data/aws-crt-ffi/crt/aws-c-io/tests/resources/ec_unittests.crt +15 -0
- data/aws-crt-ffi/crt/aws-c-io/tests/resources/ec_unittests.key +5 -0
- data/aws-crt-ffi/crt/aws-c-io/tests/resources/ec_unittests.p12 +0 -0
- data/aws-crt-ffi/crt/aws-c-io/tests/resources/ec_unittests.p8 +5 -0
- data/aws-crt-ffi/crt/aws-c-io/tests/resources/generateCerts.sh +24 -15
- data/aws-crt-ffi/crt/aws-c-io/tests/socket_test.c +72 -1
- data/aws-crt-ffi/crt/s2n/CMakeLists.txt +6 -1
- data/aws-crt-ffi/crt/s2n/bindings/rust/Cargo.toml +1 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/generate/src/main.rs +105 -82
- data/aws-crt-ffi/crt/s2n/bindings/rust/generate.sh +1 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/Cargo.toml +2 -2
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls/src/raw/config.rs +1 -1
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-sys/Cargo.toml +1 -1
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-sys/build.rs +84 -30
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-sys/src/lib.rs +4 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/Cargo.toml +21 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/examples/certs/cert.pem +14 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/examples/certs/key.pem +8 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/examples/client.rs +45 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/examples/server.rs +60 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/src/lib.rs +150 -0
- data/aws-crt-ffi/crt/s2n/bindings/rust/s2n-tls-tokio/tests/handshake.rs +51 -0
- data/aws-crt-ffi/crt/s2n/crypto/s2n_drbg.c +98 -77
- data/aws-crt-ffi/crt/s2n/crypto/s2n_drbg.h +10 -7
- data/aws-crt-ffi/crt/s2n/crypto/s2n_openssl.h +2 -0
- data/aws-crt-ffi/crt/s2n/error/s2n_errno.c +1 -1
- data/aws-crt-ffi/crt/s2n/error/s2n_errno.h +1 -0
- data/aws-crt-ffi/crt/s2n/s2n.mk +7 -0
- data/aws-crt-ffi/crt/s2n/tests/cbmc/templates/scripts/repository.py +233 -0
- data/aws-crt-ffi/crt/s2n/tests/cbmc/templates/scripts/setup-proof.py +8 -7
- data/aws-crt-ffi/crt/s2n/tests/cbmc/templates/scripts/setup.py +17 -18
- data/aws-crt-ffi/crt/s2n/tests/cbmc/templates/scripts/util.py +41 -23
- data/aws-crt-ffi/crt/s2n/tests/fuzz/LD_PRELOAD/global_overrides.c +3 -3
- data/aws-crt-ffi/crt/s2n/tests/integration/s2n_client_endpoint_handshake_test.py +2 -2
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/Makefile +13 -42
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/README.md +6 -1
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/common.py +118 -53
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/configuration.py +108 -88
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/conftest.py +6 -3
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/constants.py +6 -4
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/fixtures.py +21 -12
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/global_flags.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/processes.py +62 -19
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/providers.py +304 -48
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_client_authentication.py +20 -11
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_cross_compatibility.py +41 -17
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_dynamic_record_sizes.py +6 -3
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_early_data.py +105 -48
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_external_psk.py +160 -76
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_fragmentation.py +59 -26
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_happy_path.py +42 -28
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_hello_retry_requests.py +33 -13
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_key_update.py +29 -11
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_ocsp.py +138 -0
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_pq_handshake.py +103 -36
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_session_resumption.py +52 -25
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_signature_algorithms.py +47 -21
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_sni_match.py +13 -9
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_sslyze.py +88 -17
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_version_negotiation.py +71 -22
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/test_well_known_endpoints.py +4 -3
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/tox.ini +1 -0
- data/aws-crt-ffi/crt/s2n/tests/integrationv2/utils.py +50 -15
- data/aws-crt-ffi/crt/s2n/tests/litani/CHANGELOG +131 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/CONTRIBUTING.md +16 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/README.md +36 -14
- data/aws-crt-ffi/crt/s2n/tests/litani/THIRD-PARTY +205 -41
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/bin/build-html-doc +7 -7
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/configure +27 -23
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/src/man/litani-add-job.scdoc +7 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/src/man/litani-dump-run.scdoc +7 -5
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/src/man/litani-transform-jobs.scdoc +248 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/src/man/litani.scdoc +2 -2
- data/aws-crt-ffi/crt/s2n/tests/litani/doc/templates/index.jinja.html +4 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/add-root-node/README +12 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/add-root-node/original-run.sh +52 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/add-root-node/run-all.py +71 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/no-standalone-transform/README +13 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/no-standalone-transform/run-1.sh +34 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/no-standalone-transform/run-2.sh +35 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/no-standalone-transform/run-3.sh +34 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/no-standalone-transform/run-all.py +60 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/README.md +10 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/assumptions.html +42 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/file.dat +7 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/histogram.dat +7 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/run-1.sh +41 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/run-2.sh +47 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/run-3.sh +41 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/run-all.py +34 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/fib-table.py +40 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/fib.plt +5 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/fib.py +32 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/sin-output.py +40 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/sin.plt +5 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/scripts/sin.py +30 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/templates/fib-table.jinja.html +45 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/examples/rich-output/templates/sin-output.jinja.html +30 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/add_job.py +55 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/graph.py +2 -2
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/litani.py +6 -1
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/litani_report.py +18 -21
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/ninja.py +2 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/run_printer.py +26 -7
- data/aws-crt-ffi/crt/s2n/tests/litani/lib/transform_jobs.py +84 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/litani +28 -33
- data/aws-crt-ffi/crt/s2n/tests/litani/script/release +220 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/templates/dashboard.jinja.html +78 -15
- data/aws-crt-ffi/crt/s2n/tests/litani/templates/pipeline.jinja.html +21 -5
- data/aws-crt-ffi/crt/s2n/tests/litani/test/README +15 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/run +56 -33
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/custom_stages.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/cwd.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/dump_run.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/graph_line_break.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/html_node.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/job_id_env.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/multiproc_dump_run.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/no_pool_serialize.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/no_pool_serialize_graph.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/no_timed_out.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/no_timed_out_timeout_ignored.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/no_timed_out_timeout_ok.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/pipeline_order.py +53 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/pool_serialize.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/pool_serialize_graph.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/single_pool.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out_subprocess.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out_subprocess_multi_shell.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out_subprocess_shell.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out_timeout_ignored.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/timed_out_timeout_ok.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/transform_delete_job.py +54 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/transform_modify_job.py +46 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/transform_no_change_job.py +44 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/e2e/tests/zero_pool.py +1 -0
- data/aws-crt-ffi/crt/s2n/tests/litani/test/run +82 -12
- data/aws-crt-ffi/crt/s2n/tests/s2n_test.h +58 -33
- data/aws-crt-ffi/crt/s2n/tests/testlib/s2n_key_schedule_testlib.c +18 -6
- data/aws-crt-ffi/crt/s2n/tests/testlib/s2n_pq_kat_test_utils.c +4 -4
- data/aws-crt-ffi/crt/s2n/tests/testlib/s2n_testlib.h +2 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_client_hello_retry_test.c +66 -2
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_connection_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_drbg_test.c +34 -14
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_fork_generation_number_test.c +28 -5
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_mem_usage_test.c +6 -0
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_override_openssl_random_test.c +1 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_random_test.c +60 -41
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_self_talk_broken_pipe_test.c +2 -2
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_handshake_early_data_test.c +3 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_hybrid_shared_secret_test.c +9 -1
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c +31 -130
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_key_schedule_test.c +2 -4
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_pq_handshake_test.c +11 -6
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_secrets_rfc8448_test.c +19 -21
- data/aws-crt-ffi/crt/s2n/tests/unit/s2n_tls13_secrets_test.c +109 -60
- data/aws-crt-ffi/crt/s2n/tls/s2n_config.c +1 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_config.h +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_connection.c +29 -24
- data/aws-crt-ffi/crt/s2n/tls/s2n_connection.h +5 -5
- data/aws-crt-ffi/crt/s2n/tls/s2n_handshake_hashes.h +1 -7
- data/aws-crt-ffi/crt/s2n/tls/s2n_handshake_io.c +2 -0
- data/aws-crt-ffi/crt/s2n/tls/s2n_handshake_transcript.c +0 -44
- data/aws-crt-ffi/crt/s2n/tls/s2n_internal.h +0 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_quic_support.h +1 -1
- data/aws-crt-ffi/crt/s2n/tls/s2n_tls13_key_schedule.c +1 -2
- data/aws-crt-ffi/crt/s2n/tls/s2n_tls13_secrets.c +84 -44
- data/aws-crt-ffi/crt/s2n/tls/s2n_tls13_secrets.h +3 -9
- data/aws-crt-ffi/crt/s2n/utils/s2n_blob.h +15 -8
- data/aws-crt-ffi/crt/s2n/utils/s2n_fork_detection.c +2 -6
- data/aws-crt-ffi/crt/s2n/utils/s2n_random.c +9 -9
- data/aws-crt-ffi/src/input_stream.c +32 -15
- data/ext/compile.rb +13 -5
- data/lib/aws-crt/platforms.rb +14 -5
- data/lib/aws-crt/string_blob.rb +3 -3
- metadata +61 -7
- data/aws-crt-ffi/crt/aws-c-auth/source/external/cJSON.c +0 -2987
- data/aws-crt-ffi/crt/aws-c-auth/tests/external/cJSON.c +0 -2986
- data/aws-crt-ffi/crt/aws-c-io/tests/error_test.c +0 -20
@@ -24,24 +24,6 @@
|
|
24
24
|
/* Length of the synthetic message header */
|
25
25
|
#define MESSAGE_HASH_HEADER_LENGTH 4
|
26
26
|
|
27
|
-
static S2N_RESULT s2n_tls13_calculate_digest(struct s2n_connection *conn, uint8_t *digest) {
|
28
|
-
RESULT_ENSURE_REF(conn);
|
29
|
-
RESULT_ENSURE_REF(digest);
|
30
|
-
|
31
|
-
s2n_hash_algorithm hash_algorithm = S2N_HASH_NONE;
|
32
|
-
RESULT_ENSURE_REF(conn->secure.cipher_suite);
|
33
|
-
RESULT_GUARD_POSIX(s2n_hmac_hash_alg(conn->secure.cipher_suite->prf_alg, &hash_algorithm));
|
34
|
-
|
35
|
-
uint8_t digest_size = 0;
|
36
|
-
RESULT_GUARD_POSIX(s2n_hash_digest_size(hash_algorithm, &digest_size));
|
37
|
-
|
38
|
-
RESULT_ENSURE_REF(conn->handshake.hashes);
|
39
|
-
struct s2n_hash_state *hash_state = &conn->handshake.hashes->hash_workspace;
|
40
|
-
RESULT_GUARD(s2n_handshake_copy_hash_state(conn, hash_algorithm, hash_state));
|
41
|
-
RESULT_GUARD_POSIX(s2n_hash_digest(hash_state, digest, digest_size));
|
42
|
-
return S2N_RESULT_OK;
|
43
|
-
}
|
44
|
-
|
45
27
|
int s2n_conn_update_handshake_hashes(struct s2n_connection *conn, struct s2n_blob *data)
|
46
28
|
{
|
47
29
|
POSIX_ENSURE_REF(conn);
|
@@ -91,32 +73,6 @@ int s2n_conn_update_handshake_hashes(struct s2n_connection *conn, struct s2n_blo
|
|
91
73
|
POSIX_GUARD(s2n_hash_update(&hashes->sha512, data->data, data->size));
|
92
74
|
}
|
93
75
|
|
94
|
-
/*
|
95
|
-
* TLS1.3 secret derivation requires specific transcript hash digests as inputs.
|
96
|
-
* Save the relevant hash state digests for later use.
|
97
|
-
*/
|
98
|
-
if (s2n_connection_get_protocol_version(conn) >= S2N_TLS13) {
|
99
|
-
switch(s2n_conn_get_current_message_type(conn)) {
|
100
|
-
case CLIENT_HELLO:
|
101
|
-
POSIX_ENSURE_REF(conn->secure.cipher_suite);
|
102
|
-
if (conn->secure.cipher_suite->prf_alg != S2N_HMAC_NONE) {
|
103
|
-
POSIX_GUARD_RESULT(s2n_tls13_calculate_digest(conn, hashes->client_hello_digest));
|
104
|
-
}
|
105
|
-
break;
|
106
|
-
case SERVER_HELLO:
|
107
|
-
POSIX_GUARD_RESULT(s2n_tls13_calculate_digest(conn, hashes->server_hello_digest));
|
108
|
-
break;
|
109
|
-
case SERVER_FINISHED:
|
110
|
-
POSIX_GUARD_RESULT(s2n_tls13_calculate_digest(conn, hashes->server_finished_digest));
|
111
|
-
break;
|
112
|
-
case CLIENT_FINISHED:
|
113
|
-
POSIX_GUARD_RESULT(s2n_tls13_calculate_digest(conn, hashes->client_finished_digest));
|
114
|
-
break;
|
115
|
-
default:
|
116
|
-
break;
|
117
|
-
}
|
118
|
-
}
|
119
|
-
|
120
76
|
return S2N_SUCCESS;
|
121
77
|
}
|
122
78
|
|
@@ -31,7 +31,7 @@
|
|
31
31
|
|
32
32
|
S2N_API int s2n_config_enable_quic(struct s2n_config *config);
|
33
33
|
S2N_API int s2n_connection_enable_quic(struct s2n_connection *conn);
|
34
|
-
bool s2n_connection_is_quic_enabled(struct s2n_connection *conn);
|
34
|
+
S2N_API bool s2n_connection_is_quic_enabled(struct s2n_connection *conn);
|
35
35
|
|
36
36
|
/*
|
37
37
|
* Set the data to be sent in the quic_transport_parameters extension.
|
@@ -313,7 +313,6 @@ S2N_RESULT s2n_tls13_key_schedule_update(struct s2n_connection *conn)
|
|
313
313
|
if (s2n_connection_get_protocol_version(conn) < S2N_TLS13) {
|
314
314
|
return S2N_RESULT_OK;
|
315
315
|
}
|
316
|
-
RESULT_GUARD(s2n_tls13_secrets_update(conn));
|
317
316
|
RESULT_ENSURE_REF(key_schedules[conn->mode]);
|
318
317
|
RESULT_GUARD(key_schedules[conn->mode](conn));
|
319
318
|
return S2N_RESULT_OK;
|
@@ -324,6 +323,6 @@ S2N_RESULT s2n_tls13_key_schedule_reset(struct s2n_connection *conn)
|
|
324
323
|
RESULT_ENSURE_REF(conn);
|
325
324
|
conn->client = &conn->initial;
|
326
325
|
conn->server = &conn->initial;
|
327
|
-
conn->secrets.tls13.
|
326
|
+
conn->secrets.tls13.extract_secret_type = S2N_NONE_SECRET;
|
328
327
|
return S2N_RESULT_OK;
|
329
328
|
}
|
@@ -100,6 +100,28 @@ S2N_RESULT s2n_tls13_empty_transcripts_init()
|
|
100
100
|
return S2N_RESULT_OK;
|
101
101
|
}
|
102
102
|
|
103
|
+
static S2N_RESULT s2n_calculate_transcript_digest(struct s2n_connection *conn)
|
104
|
+
{
|
105
|
+
RESULT_ENSURE_REF(conn);
|
106
|
+
RESULT_ENSURE_REF(conn->handshake.hashes);
|
107
|
+
|
108
|
+
s2n_hash_algorithm hash_algorithm = S2N_HASH_NONE;
|
109
|
+
RESULT_ENSURE_REF(conn->secure.cipher_suite);
|
110
|
+
RESULT_GUARD_POSIX(s2n_hmac_hash_alg(conn->secure.cipher_suite->prf_alg, &hash_algorithm));
|
111
|
+
|
112
|
+
uint8_t digest_size = 0;
|
113
|
+
RESULT_GUARD_POSIX(s2n_hash_digest_size(hash_algorithm, &digest_size));
|
114
|
+
|
115
|
+
struct s2n_blob digest = { 0 };
|
116
|
+
RESULT_GUARD_POSIX(s2n_blob_init(&digest, CONN_HASHES(conn)->transcript_hash_digest, digest_size));
|
117
|
+
|
118
|
+
struct s2n_hash_state *hash_state = &conn->handshake.hashes->hash_workspace;
|
119
|
+
RESULT_GUARD(s2n_handshake_copy_hash_state(conn, hash_algorithm, hash_state));
|
120
|
+
RESULT_GUARD_POSIX(s2n_hash_digest(hash_state, digest.data, digest.size));
|
121
|
+
|
122
|
+
return S2N_RESULT_OK;
|
123
|
+
}
|
124
|
+
|
103
125
|
static S2N_RESULT s2n_extract_secret(s2n_hmac_algorithm hmac_alg,
|
104
126
|
const struct s2n_blob *previous_secret_material, const struct s2n_blob *new_secret_material,
|
105
127
|
struct s2n_blob *output)
|
@@ -141,10 +163,22 @@ static S2N_RESULT s2n_derive_secret(s2n_hmac_algorithm hmac_alg,
|
|
141
163
|
return S2N_RESULT_OK;
|
142
164
|
}
|
143
165
|
|
144
|
-
static S2N_RESULT
|
145
|
-
const struct s2n_blob *
|
166
|
+
static S2N_RESULT s2n_derive_secret_with_context(struct s2n_connection *conn,
|
167
|
+
s2n_extract_secret_type_t input_secret_type, const struct s2n_blob *label, message_type_t transcript_end_msg,
|
168
|
+
struct s2n_blob *output)
|
146
169
|
{
|
147
|
-
|
170
|
+
RESULT_ENSURE(CONN_SECRETS(conn).extract_secret_type == input_secret_type, S2N_ERR_SECRET_SCHEDULE_STATE);
|
171
|
+
RESULT_ENSURE(s2n_conn_get_current_message_type(conn) == transcript_end_msg, S2N_ERR_SECRET_SCHEDULE_STATE);
|
172
|
+
RESULT_GUARD(s2n_derive_secret(CONN_HMAC_ALG(conn), &CONN_SECRET(conn, extract_secret),
|
173
|
+
label, &CONN_HASH(conn, transcript_hash_digest), output));
|
174
|
+
return S2N_RESULT_OK;
|
175
|
+
}
|
176
|
+
|
177
|
+
static S2N_RESULT s2n_derive_secret_without_context(struct s2n_connection *conn,
|
178
|
+
s2n_extract_secret_type_t input_secret_type, struct s2n_blob *output)
|
179
|
+
{
|
180
|
+
RESULT_ENSURE(CONN_SECRETS(conn).extract_secret_type == input_secret_type, S2N_ERR_SECRET_SCHEDULE_STATE);
|
181
|
+
RESULT_GUARD(s2n_derive_secret(CONN_HMAC_ALG(conn), &CONN_SECRET(conn, extract_secret),
|
148
182
|
&s2n_tls13_label_derived_secret, &EMPTY_CONTEXT(CONN_HMAC_ALG(conn)), output));
|
149
183
|
return S2N_RESULT_OK;
|
150
184
|
}
|
@@ -242,7 +276,7 @@ static S2N_RESULT s2n_extract_early_secret_for_schedule(struct s2n_connection *c
|
|
242
276
|
RESULT_GUARD(s2n_extract_secret(hmac_alg,
|
243
277
|
&ZERO_VALUE(hmac_alg),
|
244
278
|
&ZERO_VALUE(hmac_alg),
|
245
|
-
&CONN_SECRET(conn,
|
279
|
+
&CONN_SECRET(conn, extract_secret)));
|
246
280
|
return S2N_RESULT_OK;
|
247
281
|
}
|
248
282
|
|
@@ -252,7 +286,7 @@ static S2N_RESULT s2n_extract_early_secret_for_schedule(struct s2n_connection *c
|
|
252
286
|
* Use the early secret stored on the PSK.
|
253
287
|
*/
|
254
288
|
RESULT_ENSURE_EQ(hmac_alg, psk->hmac_alg);
|
255
|
-
RESULT_CHECKED_MEMCPY(CONN_SECRETS(conn).
|
289
|
+
RESULT_CHECKED_MEMCPY(CONN_SECRETS(conn).extract_secret, psk->early_secret.data, psk->early_secret.size);
|
256
290
|
return S2N_RESULT_OK;
|
257
291
|
}
|
258
292
|
|
@@ -285,10 +319,10 @@ S2N_RESULT s2n_derive_binder_key(struct s2n_psk *psk, struct s2n_blob *output)
|
|
285
319
|
*/
|
286
320
|
static S2N_RESULT s2n_derive_client_early_traffic_secret(struct s2n_connection *conn, struct s2n_blob *output)
|
287
321
|
{
|
288
|
-
RESULT_GUARD(
|
289
|
-
|
322
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
323
|
+
S2N_EARLY_SECRET,
|
290
324
|
&s2n_tls13_label_client_early_traffic_secret,
|
291
|
-
|
325
|
+
CLIENT_HELLO,
|
292
326
|
output));
|
293
327
|
return S2N_RESULT_OK;
|
294
328
|
}
|
@@ -307,7 +341,7 @@ static S2N_RESULT s2n_extract_handshake_secret(struct s2n_connection *conn)
|
|
307
341
|
struct s2n_blob derived_secret = { 0 };
|
308
342
|
uint8_t derived_secret_bytes[S2N_TLS13_SECRET_MAX_LEN] = { 0 };
|
309
343
|
RESULT_GUARD_POSIX(s2n_blob_init(&derived_secret, derived_secret_bytes, S2N_TLS13_SECRET_MAX_LEN));
|
310
|
-
RESULT_GUARD(
|
344
|
+
RESULT_GUARD(s2n_derive_secret_without_context(conn, S2N_EARLY_SECRET, &derived_secret));
|
311
345
|
|
312
346
|
DEFER_CLEANUP(struct s2n_blob shared_secret = { 0 }, s2n_blob_zeroize_free);
|
313
347
|
RESULT_GUARD_POSIX(s2n_tls13_compute_shared_secret(conn, &shared_secret));
|
@@ -315,7 +349,7 @@ static S2N_RESULT s2n_extract_handshake_secret(struct s2n_connection *conn)
|
|
315
349
|
RESULT_GUARD(s2n_extract_secret(CONN_HMAC_ALG(conn),
|
316
350
|
&derived_secret,
|
317
351
|
&shared_secret,
|
318
|
-
&CONN_SECRET(conn,
|
352
|
+
&CONN_SECRET(conn, extract_secret)));
|
319
353
|
|
320
354
|
return S2N_RESULT_OK;
|
321
355
|
}
|
@@ -329,10 +363,10 @@ static S2N_RESULT s2n_extract_handshake_secret(struct s2n_connection *conn)
|
|
329
363
|
*/
|
330
364
|
static S2N_RESULT s2n_derive_client_handshake_traffic_secret(struct s2n_connection *conn, struct s2n_blob *output)
|
331
365
|
{
|
332
|
-
RESULT_GUARD(
|
333
|
-
|
366
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
367
|
+
S2N_HANDSHAKE_SECRET,
|
334
368
|
&s2n_tls13_label_client_handshake_traffic_secret,
|
335
|
-
|
369
|
+
SERVER_HELLO,
|
336
370
|
output));
|
337
371
|
|
338
372
|
/*
|
@@ -358,10 +392,10 @@ static S2N_RESULT s2n_derive_client_handshake_traffic_secret(struct s2n_connecti
|
|
358
392
|
*/
|
359
393
|
static S2N_RESULT s2n_derive_server_handshake_traffic_secret(struct s2n_connection *conn, struct s2n_blob *output)
|
360
394
|
{
|
361
|
-
RESULT_GUARD(
|
362
|
-
|
395
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
396
|
+
S2N_HANDSHAKE_SECRET,
|
363
397
|
&s2n_tls13_label_server_handshake_traffic_secret,
|
364
|
-
|
398
|
+
SERVER_HELLO,
|
365
399
|
output));
|
366
400
|
|
367
401
|
/*
|
@@ -391,12 +425,12 @@ static S2N_RESULT s2n_extract_master_secret(struct s2n_connection *conn)
|
|
391
425
|
struct s2n_blob derived_secret = { 0 };
|
392
426
|
uint8_t derived_secret_bytes[S2N_TLS13_SECRET_MAX_LEN] = { 0 };
|
393
427
|
RESULT_GUARD_POSIX(s2n_blob_init(&derived_secret, derived_secret_bytes, S2N_TLS13_SECRET_MAX_LEN));
|
394
|
-
RESULT_GUARD(
|
428
|
+
RESULT_GUARD(s2n_derive_secret_without_context(conn, S2N_HANDSHAKE_SECRET, &derived_secret));
|
395
429
|
|
396
430
|
RESULT_GUARD(s2n_extract_secret(CONN_HMAC_ALG(conn),
|
397
431
|
&derived_secret,
|
398
432
|
&ZERO_VALUE(CONN_HMAC_ALG(conn)),
|
399
|
-
&CONN_SECRET(conn,
|
433
|
+
&CONN_SECRET(conn, extract_secret)));
|
400
434
|
return S2N_RESULT_OK;
|
401
435
|
}
|
402
436
|
|
@@ -409,12 +443,11 @@ static S2N_RESULT s2n_extract_master_secret(struct s2n_connection *conn)
|
|
409
443
|
*/
|
410
444
|
static S2N_RESULT s2n_derive_client_application_traffic_secret(struct s2n_connection *conn, struct s2n_blob *output)
|
411
445
|
{
|
412
|
-
RESULT_GUARD(
|
413
|
-
|
446
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
447
|
+
S2N_MASTER_SECRET,
|
414
448
|
&s2n_tls13_label_client_application_traffic_secret,
|
415
|
-
|
449
|
+
SERVER_FINISHED,
|
416
450
|
output));
|
417
|
-
RESULT_CHECKED_MEMCPY(CONN_SECRETS(conn).client_app_secret, output->data, output->size);
|
418
451
|
return S2N_RESULT_OK;
|
419
452
|
}
|
420
453
|
|
@@ -427,12 +460,11 @@ static S2N_RESULT s2n_derive_client_application_traffic_secret(struct s2n_connec
|
|
427
460
|
*/
|
428
461
|
static S2N_RESULT s2n_derive_server_application_traffic_secret(struct s2n_connection *conn, struct s2n_blob *output)
|
429
462
|
{
|
430
|
-
RESULT_GUARD(
|
431
|
-
|
463
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
464
|
+
S2N_MASTER_SECRET,
|
432
465
|
&s2n_tls13_label_server_application_traffic_secret,
|
433
|
-
|
466
|
+
SERVER_FINISHED,
|
434
467
|
output));
|
435
|
-
RESULT_CHECKED_MEMCPY(CONN_SECRETS(conn).server_app_secret, output->data, output->size);
|
436
468
|
return S2N_RESULT_OK;
|
437
469
|
}
|
438
470
|
|
@@ -445,10 +477,10 @@ static S2N_RESULT s2n_derive_server_application_traffic_secret(struct s2n_connec
|
|
445
477
|
*/
|
446
478
|
S2N_RESULT s2n_derive_resumption_master_secret(struct s2n_connection *conn)
|
447
479
|
{
|
448
|
-
RESULT_GUARD(
|
449
|
-
|
480
|
+
RESULT_GUARD(s2n_derive_secret_with_context(conn,
|
481
|
+
S2N_MASTER_SECRET,
|
450
482
|
&s2n_tls13_label_resumption_master_secret,
|
451
|
-
|
483
|
+
CLIENT_FINISHED,
|
452
484
|
&CONN_SECRET(conn, resumption_master_secret)));
|
453
485
|
return S2N_RESULT_OK;
|
454
486
|
}
|
@@ -469,12 +501,13 @@ S2N_RESULT s2n_tls13_extract_secret(struct s2n_connection *conn, s2n_extract_sec
|
|
469
501
|
RESULT_ENSURE_GTE(secret_type, 0);
|
470
502
|
RESULT_ENSURE_LT(secret_type, s2n_array_len(extract_methods));
|
471
503
|
|
472
|
-
s2n_extract_secret_type_t next_secret_type = CONN_SECRETS(conn).
|
504
|
+
s2n_extract_secret_type_t next_secret_type = CONN_SECRETS(conn).extract_secret_type + 1;
|
473
505
|
for (s2n_extract_secret_type_t i = next_secret_type; i <= secret_type; i++) {
|
474
506
|
RESULT_ENSURE_REF(extract_methods[i]);
|
475
507
|
RESULT_GUARD(extract_methods[i](conn));
|
476
|
-
CONN_SECRETS(conn).
|
508
|
+
CONN_SECRETS(conn).extract_secret_type = i;
|
477
509
|
}
|
510
|
+
|
478
511
|
return S2N_RESULT_OK;
|
479
512
|
}
|
480
513
|
|
@@ -517,12 +550,11 @@ S2N_RESULT s2n_tls13_secrets_clean(struct s2n_connection *conn)
|
|
517
550
|
* A compromised secret additionally compromises all secrets derived from it,
|
518
551
|
* so these are the most sensitive secrets.
|
519
552
|
*/
|
520
|
-
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn,
|
521
|
-
|
522
|
-
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn, master_secret)));
|
523
|
-
conn->secrets.tls13.secrets_state = S2N_NONE_SECRET;
|
553
|
+
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn, extract_secret)));
|
554
|
+
conn->secrets.tls13.extract_secret_type = S2N_NONE_SECRET;
|
524
555
|
|
525
556
|
/* Wipe other secrets no longer needed */
|
557
|
+
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn, client_early_secret)));
|
526
558
|
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn, client_handshake_secret)));
|
527
559
|
RESULT_GUARD_POSIX(s2n_blob_zero(&CONN_SECRET(conn, server_handshake_secret)));
|
528
560
|
|
@@ -532,25 +564,37 @@ S2N_RESULT s2n_tls13_secrets_clean(struct s2n_connection *conn)
|
|
532
564
|
S2N_RESULT s2n_tls13_secrets_update(struct s2n_connection *conn)
|
533
565
|
{
|
534
566
|
RESULT_ENSURE_REF(conn);
|
567
|
+
if (s2n_connection_get_protocol_version(conn) < S2N_TLS13) {
|
568
|
+
return S2N_RESULT_OK;
|
569
|
+
}
|
535
570
|
RESULT_ENSURE_REF(conn->secure.cipher_suite);
|
536
571
|
|
537
572
|
message_type_t message_type = s2n_conn_get_current_message_type(conn);
|
538
573
|
switch(message_type) {
|
574
|
+
case CLIENT_HELLO:
|
575
|
+
if (conn->early_data_state == S2N_EARLY_DATA_REQUESTED
|
576
|
+
|| conn->early_data_state == S2N_EARLY_DATA_ACCEPTED) {
|
577
|
+
RESULT_GUARD(s2n_calculate_transcript_digest(conn));
|
578
|
+
RESULT_GUARD(s2n_tls13_derive_secret(conn, S2N_EARLY_SECRET,
|
579
|
+
S2N_CLIENT, &CONN_SECRET(conn, client_early_secret)));
|
580
|
+
}
|
581
|
+
break;
|
539
582
|
case SERVER_HELLO:
|
583
|
+
RESULT_GUARD(s2n_calculate_transcript_digest(conn));
|
540
584
|
RESULT_GUARD(s2n_tls13_derive_secret(conn, S2N_HANDSHAKE_SECRET,
|
541
585
|
S2N_CLIENT, &CONN_SECRET(conn, client_handshake_secret)));
|
542
586
|
RESULT_GUARD(s2n_tls13_derive_secret(conn, S2N_HANDSHAKE_SECRET,
|
543
587
|
S2N_SERVER, &CONN_SECRET(conn, server_handshake_secret)));
|
544
|
-
RESULT_ENSURE_EQ(CONN_SECRETS(conn).secrets_state, S2N_HANDSHAKE_SECRET);
|
545
588
|
break;
|
546
589
|
case SERVER_FINISHED:
|
590
|
+
RESULT_GUARD(s2n_calculate_transcript_digest(conn));
|
547
591
|
RESULT_GUARD(s2n_tls13_derive_secret(conn, S2N_MASTER_SECRET,
|
548
592
|
S2N_CLIENT, &CONN_SECRET(conn, client_app_secret)));
|
549
593
|
RESULT_GUARD(s2n_tls13_derive_secret(conn, S2N_MASTER_SECRET,
|
550
594
|
S2N_SERVER, &CONN_SECRET(conn, server_app_secret)));
|
551
|
-
RESULT_ENSURE_EQ(CONN_SECRETS(conn).secrets_state, S2N_MASTER_SECRET);
|
552
595
|
break;
|
553
596
|
case CLIENT_FINISHED:
|
597
|
+
RESULT_GUARD(s2n_calculate_transcript_digest(conn));
|
554
598
|
RESULT_GUARD(s2n_derive_resumption_master_secret(conn));
|
555
599
|
break;
|
556
600
|
default:
|
@@ -566,18 +610,14 @@ S2N_RESULT s2n_tls13_secrets_get(struct s2n_connection *conn, s2n_extract_secret
|
|
566
610
|
RESULT_ENSURE_REF(secret);
|
567
611
|
|
568
612
|
uint8_t *secrets[][2] = {
|
613
|
+
[S2N_EARLY_SECRET] = { NULL, CONN_SECRETS(conn).client_early_secret },
|
569
614
|
[S2N_HANDSHAKE_SECRET] = { CONN_SECRETS(conn).server_handshake_secret, CONN_SECRETS(conn).client_handshake_secret },
|
570
615
|
[S2N_MASTER_SECRET] = { CONN_SECRETS(conn).server_app_secret, CONN_SECRETS(conn).client_app_secret },
|
571
616
|
};
|
572
617
|
RESULT_ENSURE_GT(secret_type, S2N_NONE_SECRET);
|
573
618
|
RESULT_ENSURE_LT(secret_type, s2n_array_len(secrets));
|
574
|
-
|
575
|
-
|
576
|
-
RESULT_GUARD(s2n_tls13_derive_secret(conn, secret_type, mode, secret));
|
577
|
-
return S2N_RESULT_OK;
|
578
|
-
}
|
579
|
-
|
580
|
-
RESULT_ENSURE_GTE(CONN_SECRETS(conn).secrets_state, secret_type);
|
619
|
+
RESULT_ENSURE_LTE(secret_type, CONN_SECRETS(conn).extract_secret_type);
|
620
|
+
RESULT_ENSURE_REF(secrets[secret_type][mode]);
|
581
621
|
|
582
622
|
secret->size = s2n_get_hash_len(CONN_HMAC_ALG(conn));
|
583
623
|
RESULT_CHECKED_MEMCPY(secret->data, secrets[secret_type][mode], secret->size);
|
@@ -31,26 +31,20 @@ typedef enum {
|
|
31
31
|
} s2n_extract_secret_type_t;
|
32
32
|
|
33
33
|
struct s2n_tls13_secrets {
|
34
|
-
uint8_t
|
34
|
+
uint8_t extract_secret[S2N_TLS13_SECRET_MAX_LEN];
|
35
|
+
s2n_extract_secret_type_t extract_secret_type;
|
35
36
|
|
36
|
-
uint8_t
|
37
|
+
uint8_t client_early_secret[S2N_TLS13_SECRET_MAX_LEN];
|
37
38
|
uint8_t client_handshake_secret[S2N_TLS13_SECRET_MAX_LEN];
|
38
39
|
uint8_t server_handshake_secret[S2N_TLS13_SECRET_MAX_LEN];
|
39
40
|
|
40
|
-
uint8_t master_secret[S2N_TLS13_SECRET_MAX_LEN];
|
41
41
|
uint8_t client_app_secret[S2N_TLS13_SECRET_MAX_LEN];
|
42
42
|
uint8_t server_app_secret[S2N_TLS13_SECRET_MAX_LEN];
|
43
43
|
uint8_t resumption_master_secret[S2N_TLS13_SECRET_MAX_LEN];
|
44
|
-
|
45
|
-
s2n_extract_secret_type_t secrets_state;
|
46
44
|
};
|
47
45
|
|
48
46
|
S2N_RESULT s2n_tls13_empty_transcripts_init();
|
49
47
|
|
50
|
-
S2N_RESULT s2n_tls13_extract_secret(struct s2n_connection *conn, s2n_extract_secret_type_t secret_type);
|
51
|
-
S2N_RESULT s2n_tls13_derive_secret(struct s2n_connection *conn, s2n_extract_secret_type_t secret_type,
|
52
|
-
s2n_mode mode, struct s2n_blob *secret);
|
53
|
-
|
54
48
|
S2N_RESULT s2n_tls13_secrets_update(struct s2n_connection *conn);
|
55
49
|
S2N_RESULT s2n_tls13_secrets_get(struct s2n_connection *conn, s2n_extract_secret_type_t secret_type,
|
56
50
|
s2n_mode mode, struct s2n_blob *secret);
|
@@ -47,21 +47,28 @@ extern int s2n_blob_char_to_lower(struct s2n_blob *b);
|
|
47
47
|
extern int s2n_hex_string_to_bytes(const uint8_t *str, struct s2n_blob *blob);
|
48
48
|
extern int s2n_blob_slice(const struct s2n_blob *b, struct s2n_blob *slice, uint32_t offset, uint32_t size);
|
49
49
|
|
50
|
-
#define s2n_stack_blob(name, requested_size, maximum)
|
51
|
-
size_t name ## _requested_size = (requested_size);
|
52
|
-
uint8_t name ## _buf[(maximum)] = {0};
|
53
|
-
POSIX_ENSURE_LTE(name ## _requested_size, (maximum));
|
54
|
-
struct s2n_blob name = {0};
|
50
|
+
#define s2n_stack_blob(name, requested_size, maximum) \
|
51
|
+
size_t name ## _requested_size = (requested_size); \
|
52
|
+
uint8_t name ## _buf[(maximum)] = {0}; \
|
53
|
+
POSIX_ENSURE_LTE(name ## _requested_size, (maximum)); \
|
54
|
+
struct s2n_blob name = {0}; \
|
55
55
|
POSIX_GUARD(s2n_blob_init(&name, name ## _buf, name ## _requested_size))
|
56
56
|
|
57
|
-
#define
|
58
|
-
|
57
|
+
#define RESULT_STACK_BLOB(name, requested_size, maximum) \
|
58
|
+
size_t name ## _requested_size = (requested_size); \
|
59
|
+
uint8_t name ## _buf[(maximum)] = {0}; \
|
60
|
+
RESULT_ENSURE_LTE(name ## _requested_size, (maximum)); \
|
61
|
+
struct s2n_blob name = {0}; \
|
62
|
+
RESULT_GUARD_POSIX(s2n_blob_init(&name, name ## _buf, name ## _requested_size))
|
63
|
+
|
64
|
+
#define S2N_BLOB_LABEL(name, str) \
|
65
|
+
static uint8_t name##_data[] = str; \
|
59
66
|
const struct s2n_blob name = { .data = name##_data, .size = sizeof(name##_data) - 1 };
|
60
67
|
|
61
68
|
/* The S2N_BLOB_FROM_HEX macro creates a s2n_blob with the contents of a hex string.
|
62
69
|
* It is allocated on a stack so there no need to free after use.
|
63
70
|
* hex should be a const char[]. This function checks against using char*,
|
64
71
|
* because sizeof needs to refer to the buffer length rather than a pointer size */
|
65
|
-
#define S2N_BLOB_FROM_HEX( name, hex )
|
72
|
+
#define S2N_BLOB_FROM_HEX( name, hex ) \
|
66
73
|
s2n_stack_blob(name, (sizeof(hex) - 1) / 2, (sizeof(hex) - 1) / 2); \
|
67
74
|
POSIX_GUARD(s2n_hex_string_to_bytes((const uint8_t*)hex, &name));
|
@@ -42,10 +42,6 @@
|
|
42
42
|
#include <unistd.h>
|
43
43
|
|
44
44
|
|
45
|
-
#if defined(S2N_MINHERIT_SUPPORTED) && defined(S2N_MADVISE_SUPPORTED)
|
46
|
-
#error "Both S2N_MINHERIT_SUPPORTED and S2N_MADVISE_SUPPORTED are defined. This should not be possible."
|
47
|
-
#endif
|
48
|
-
|
49
45
|
#if defined(S2N_MADVISE_SUPPORTED) && defined(MADV_WIPEONFORK)
|
50
46
|
#if (MADV_WIPEONFORK != 18)
|
51
47
|
#error "MADV_WIPEONFORK is not 18"
|
@@ -298,9 +294,9 @@ S2N_RESULT s2n_get_fork_generation_number(uint64_t *return_fork_generation_numbe
|
|
298
294
|
return S2N_RESULT_OK;
|
299
295
|
}
|
300
296
|
|
301
|
-
static void s2n_cleanup_cb_munmap(void
|
297
|
+
static void s2n_cleanup_cb_munmap(void **probe_addr)
|
302
298
|
{
|
303
|
-
munmap(probe_addr, (size_t) sysconf(_SC_PAGESIZE));
|
299
|
+
munmap(*probe_addr, (size_t) sysconf(_SC_PAGESIZE));
|
304
300
|
}
|
305
301
|
|
306
302
|
/* Run-time probe checking whether the system supports the MADV_WIPEONFORK fork
|
@@ -144,8 +144,8 @@ static inline S2N_RESULT s2n_defend_if_forked(void)
|
|
144
144
|
/* Clean up the old drbg first */
|
145
145
|
RESULT_GUARD(s2n_rand_cleanup_thread());
|
146
146
|
/* Instantiate the new ones */
|
147
|
-
|
148
|
-
|
147
|
+
RESULT_GUARD(s2n_drbg_instantiate(&per_thread_public_drbg, &public, S2N_AES_128_CTR_NO_DF_PR));
|
148
|
+
RESULT_GUARD(s2n_drbg_instantiate(&per_thread_private_drbg, &private, S2N_AES_128_CTR_NO_DF_PR));
|
149
149
|
zero_if_forked_ptr = zeroed_when_forked_page;
|
150
150
|
zero_if_forked = 1;
|
151
151
|
}
|
@@ -165,7 +165,7 @@ S2N_RESULT s2n_get_public_random_data(struct s2n_blob *blob)
|
|
165
165
|
|
166
166
|
RESULT_GUARD_POSIX(s2n_blob_slice(blob, &slice, offset, MIN(remaining, S2N_DRBG_GENERATE_LIMIT)));;
|
167
167
|
|
168
|
-
|
168
|
+
RESULT_GUARD(s2n_drbg_generate(&per_thread_public_drbg, &slice));
|
169
169
|
|
170
170
|
remaining -= slice.size;
|
171
171
|
offset += slice.size;
|
@@ -186,7 +186,7 @@ S2N_RESULT s2n_get_private_random_data(struct s2n_blob *blob)
|
|
186
186
|
|
187
187
|
RESULT_GUARD_POSIX(s2n_blob_slice(blob, &slice, offset, MIN(remaining, S2N_DRBG_GENERATE_LIMIT)));;
|
188
188
|
|
189
|
-
|
189
|
+
RESULT_GUARD(s2n_drbg_generate(&per_thread_private_drbg, &slice));
|
190
190
|
|
191
191
|
remaining -= slice.size;
|
192
192
|
offset += slice.size;
|
@@ -197,13 +197,13 @@ S2N_RESULT s2n_get_private_random_data(struct s2n_blob *blob)
|
|
197
197
|
|
198
198
|
S2N_RESULT s2n_get_public_random_bytes_used(uint64_t *bytes_used)
|
199
199
|
{
|
200
|
-
|
200
|
+
RESULT_GUARD(s2n_drbg_bytes_used(&per_thread_public_drbg, bytes_used));
|
201
201
|
return S2N_RESULT_OK;
|
202
202
|
}
|
203
203
|
|
204
204
|
S2N_RESULT s2n_get_private_random_bytes_used(uint64_t *bytes_used)
|
205
205
|
{
|
206
|
-
|
206
|
+
RESULT_GUARD(s2n_drbg_bytes_used(&per_thread_private_drbg, bytes_used));
|
207
207
|
return S2N_RESULT_OK;
|
208
208
|
}
|
209
209
|
|
@@ -439,8 +439,8 @@ S2N_RESULT s2n_rand_cleanup(void)
|
|
439
439
|
|
440
440
|
S2N_RESULT s2n_rand_cleanup_thread(void)
|
441
441
|
{
|
442
|
-
|
443
|
-
|
442
|
+
RESULT_GUARD(s2n_drbg_wipe(&per_thread_private_drbg));
|
443
|
+
RESULT_GUARD(s2n_drbg_wipe(&per_thread_public_drbg));
|
444
444
|
|
445
445
|
return S2N_RESULT_OK;
|
446
446
|
}
|
@@ -452,7 +452,7 @@ S2N_RESULT s2n_rand_cleanup_thread(void)
|
|
452
452
|
S2N_RESULT s2n_set_private_drbg_for_test(struct s2n_drbg drbg)
|
453
453
|
{
|
454
454
|
RESULT_ENSURE(s2n_in_unit_test(), S2N_ERR_NOT_IN_UNIT_TEST);
|
455
|
-
|
455
|
+
RESULT_GUARD(s2n_drbg_wipe(&per_thread_private_drbg));
|
456
456
|
|
457
457
|
per_thread_private_drbg = drbg;
|
458
458
|
return S2N_RESULT_OK;
|
@@ -54,28 +54,37 @@ static int s_external_input_stream_seek(
|
|
54
54
|
struct aws_input_stream *stream,
|
55
55
|
aws_off_t offset,
|
56
56
|
enum aws_stream_seek_basis basis) {
|
57
|
-
|
58
|
-
|
57
|
+
aws_crt_input_stream *impl = stream->impl;
|
58
|
+
aws_external_input_stream ext_stream = impl->impl;
|
59
|
+
return ext_stream.seek(ext_stream.user_data, (int64_t)offset, (aws_crt_input_stream_seek_basis)basis);
|
59
60
|
}
|
60
61
|
|
61
62
|
static int s_external_input_stream_read(struct aws_input_stream *stream, struct aws_byte_buf *dest) {
|
62
|
-
|
63
|
-
|
63
|
+
aws_crt_input_stream *impl = stream->impl;
|
64
|
+
aws_external_input_stream ext_stream = impl->impl;
|
65
|
+
return ext_stream.read(ext_stream.user_data, dest->buffer, dest->capacity);
|
64
66
|
}
|
65
67
|
|
66
68
|
static int s_external_input_stream_get_status(struct aws_input_stream *stream, struct aws_stream_status *status) {
|
67
|
-
|
68
|
-
|
69
|
+
aws_crt_input_stream *impl = stream->impl;
|
70
|
+
aws_external_input_stream ext_stream = impl->impl;
|
71
|
+
return ext_stream.get_status(ext_stream.user_data, (aws_crt_input_stream_status *)status);
|
69
72
|
}
|
70
73
|
|
71
74
|
static int s_external_input_stream_get_length(struct aws_input_stream *stream, int64_t *out_length) {
|
72
|
-
|
73
|
-
|
75
|
+
aws_crt_input_stream *impl = stream->impl;
|
76
|
+
aws_external_input_stream ext_stream = impl->impl;
|
77
|
+
return ext_stream.get_length(ext_stream.user_data, out_length);
|
74
78
|
}
|
75
79
|
|
76
|
-
static void
|
77
|
-
|
78
|
-
|
80
|
+
static void s_external_input_stream_acquire(struct aws_input_stream *stream) {
|
81
|
+
aws_crt_input_stream *impl = stream->impl;
|
82
|
+
aws_crt_resource_acquire(&impl->resource);
|
83
|
+
}
|
84
|
+
|
85
|
+
static void s_external_input_stream_release(struct aws_input_stream *stream) {
|
86
|
+
aws_crt_input_stream *impl = stream->impl;
|
87
|
+
aws_crt_resource_release(&impl->resource);
|
79
88
|
}
|
80
89
|
|
81
90
|
static struct aws_input_stream_vtable s_external_input_stream_vtable = {
|
@@ -83,23 +92,31 @@ static struct aws_input_stream_vtable s_external_input_stream_vtable = {
|
|
83
92
|
.read = s_external_input_stream_read,
|
84
93
|
.get_status = s_external_input_stream_get_status,
|
85
94
|
.get_length = s_external_input_stream_get_length,
|
86
|
-
.
|
95
|
+
.acquire = s_external_input_stream_acquire,
|
96
|
+
.release = s_external_input_stream_release,
|
87
97
|
};
|
88
98
|
|
99
|
+
static void s_external_input_stream_destroy(void *user_data) {
|
100
|
+
aws_external_input_stream *ext_stream = user_data;
|
101
|
+
ext_stream->destroy(ext_stream->user_data);
|
102
|
+
}
|
103
|
+
|
89
104
|
aws_crt_input_stream *aws_crt_input_stream_new(const aws_crt_input_stream_options *options) {
|
90
105
|
aws_crt_input_stream *stream = aws_crt_resource_new(sizeof(aws_crt_input_stream));
|
91
106
|
AWS_ZERO_STRUCT(stream->stream);
|
92
107
|
AWS_ZERO_STRUCT(stream->impl);
|
93
108
|
|
94
109
|
stream->impl = *options;
|
95
|
-
stream->stream.
|
96
|
-
stream->stream.impl = &stream->impl;
|
110
|
+
stream->stream.impl = &stream;
|
97
111
|
stream->stream.vtable = &s_external_input_stream_vtable;
|
112
|
+
|
113
|
+
aws_crt_resource_set_user_data(&stream->resource, &stream->impl, s_external_input_stream_destroy);
|
114
|
+
|
98
115
|
return stream;
|
99
116
|
}
|
100
117
|
|
101
118
|
void aws_crt_input_stream_release(aws_crt_input_stream *stream) {
|
102
|
-
|
119
|
+
aws_input_stream_release(&stream->stream);
|
103
120
|
aws_crt_resource_release(&stream->resource);
|
104
121
|
}
|
105
122
|
|
data/ext/compile.rb
CHANGED
@@ -41,15 +41,16 @@ def find_file(name, search_dirs, base_dir)
|
|
41
41
|
end
|
42
42
|
|
43
43
|
# Compile bin to expected location
|
44
|
-
def compile_bin
|
45
|
-
platform =
|
44
|
+
def compile_bin(cpu = host_cpu)
|
45
|
+
platform = target_platform(cpu)
|
46
46
|
native_dir = File.expand_path('../aws-crt-ffi', File.dirname(__FILE__))
|
47
|
-
|
47
|
+
tmp_dir = File.expand_path("../tmp/#{platform.cpu}", File.dirname(__FILE__))
|
48
|
+
tmp_build_dir = File.expand_path('build', tmp_dir)
|
48
49
|
|
49
50
|
# We need cmake to "install" aws-crt-ffi so that the binaries end up in a
|
50
51
|
# predictable location. But cmake still adds subdirectories we don't want,
|
51
52
|
# so we'll "install" under tmp, and manually copy to bin/ after that.
|
52
|
-
tmp_install_dir = File.expand_path('
|
53
|
+
tmp_install_dir = File.expand_path('install', tmp_dir)
|
53
54
|
|
54
55
|
build_type = 'RelWithDebInfo'
|
55
56
|
|
@@ -59,8 +60,15 @@ def compile_bin
|
|
59
60
|
"-B#{tmp_build_dir}",
|
60
61
|
"-DCMAKE_INSTALL_PREFIX=#{tmp_install_dir}",
|
61
62
|
"-DCMAKE_BUILD_TYPE=#{build_type}",
|
63
|
+
'-DBUILD_TESTING=OFF',
|
62
64
|
]
|
63
65
|
|
66
|
+
# macOS can cross-compile for arm64 or x86_64.
|
67
|
+
# This lets us prepare both types of gems from either type of machine.
|
68
|
+
if platform.os == 'darwin'
|
69
|
+
config_cmd.append("-DCMAKE_OSX_ARCHITECTURES=#{platform.cpu}")
|
70
|
+
end
|
71
|
+
|
64
72
|
build_cmd = [
|
65
73
|
CMAKE,
|
66
74
|
'--build', tmp_build_dir,
|
@@ -87,5 +95,5 @@ def compile_bin
|
|
87
95
|
'lib', # some unix variants
|
88
96
|
]
|
89
97
|
tmp_path = find_file(bin_name, search_dirs, tmp_install_dir)
|
90
|
-
FileUtils.cp(tmp_path, bin_dir)
|
98
|
+
FileUtils.cp(tmp_path, bin_dir, verbose: true)
|
91
99
|
end
|