gitlab-grpc 1.42.1.gitlab

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2288) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +1 -0
  3. data/Makefile +3004 -0
  4. data/etc/roots.pem +4337 -0
  5. data/include/grpc/byte_buffer.h +27 -0
  6. data/include/grpc/byte_buffer_reader.h +26 -0
  7. data/include/grpc/census.h +40 -0
  8. data/include/grpc/compression.h +75 -0
  9. data/include/grpc/event_engine/README.md +38 -0
  10. data/include/grpc/event_engine/endpoint_config.h +43 -0
  11. data/include/grpc/event_engine/event_engine.h +375 -0
  12. data/include/grpc/event_engine/internal/memory_allocator_impl.h +98 -0
  13. data/include/grpc/event_engine/memory_allocator.h +210 -0
  14. data/include/grpc/event_engine/port.h +39 -0
  15. data/include/grpc/fork.h +26 -0
  16. data/include/grpc/grpc.h +579 -0
  17. data/include/grpc/grpc_cronet.h +38 -0
  18. data/include/grpc/grpc_posix.h +62 -0
  19. data/include/grpc/grpc_security.h +1142 -0
  20. data/include/grpc/grpc_security_constants.h +165 -0
  21. data/include/grpc/impl/codegen/README.md +22 -0
  22. data/include/grpc/impl/codegen/atm.h +97 -0
  23. data/include/grpc/impl/codegen/atm_gcc_atomic.h +93 -0
  24. data/include/grpc/impl/codegen/atm_gcc_sync.h +87 -0
  25. data/include/grpc/impl/codegen/atm_windows.h +134 -0
  26. data/include/grpc/impl/codegen/byte_buffer.h +103 -0
  27. data/include/grpc/impl/codegen/byte_buffer_reader.h +44 -0
  28. data/include/grpc/impl/codegen/compression_types.h +110 -0
  29. data/include/grpc/impl/codegen/connectivity_state.h +46 -0
  30. data/include/grpc/impl/codegen/fork.h +50 -0
  31. data/include/grpc/impl/codegen/gpr_slice.h +71 -0
  32. data/include/grpc/impl/codegen/gpr_types.h +61 -0
  33. data/include/grpc/impl/codegen/grpc_types.h +813 -0
  34. data/include/grpc/impl/codegen/log.h +112 -0
  35. data/include/grpc/impl/codegen/port_platform.h +719 -0
  36. data/include/grpc/impl/codegen/propagation_bits.h +54 -0
  37. data/include/grpc/impl/codegen/slice.h +129 -0
  38. data/include/grpc/impl/codegen/status.h +156 -0
  39. data/include/grpc/impl/codegen/sync.h +68 -0
  40. data/include/grpc/impl/codegen/sync_abseil.h +38 -0
  41. data/include/grpc/impl/codegen/sync_custom.h +40 -0
  42. data/include/grpc/impl/codegen/sync_generic.h +51 -0
  43. data/include/grpc/impl/codegen/sync_posix.h +54 -0
  44. data/include/grpc/impl/codegen/sync_windows.h +42 -0
  45. data/include/grpc/load_reporting.h +48 -0
  46. data/include/grpc/module.modulemap +64 -0
  47. data/include/grpc/slice.h +172 -0
  48. data/include/grpc/slice_buffer.h +84 -0
  49. data/include/grpc/status.h +26 -0
  50. data/include/grpc/support/alloc.h +52 -0
  51. data/include/grpc/support/atm.h +26 -0
  52. data/include/grpc/support/atm_gcc_atomic.h +26 -0
  53. data/include/grpc/support/atm_gcc_sync.h +26 -0
  54. data/include/grpc/support/atm_windows.h +26 -0
  55. data/include/grpc/support/cpu.h +44 -0
  56. data/include/grpc/support/log.h +26 -0
  57. data/include/grpc/support/log_windows.h +38 -0
  58. data/include/grpc/support/port_platform.h +24 -0
  59. data/include/grpc/support/string_util.h +51 -0
  60. data/include/grpc/support/sync.h +282 -0
  61. data/include/grpc/support/sync_abseil.h +26 -0
  62. data/include/grpc/support/sync_custom.h +26 -0
  63. data/include/grpc/support/sync_generic.h +26 -0
  64. data/include/grpc/support/sync_posix.h +26 -0
  65. data/include/grpc/support/sync_windows.h +26 -0
  66. data/include/grpc/support/thd_id.h +44 -0
  67. data/include/grpc/support/time.h +92 -0
  68. data/include/grpc/support/workaround_list.h +31 -0
  69. data/src/core/ext/filters/census/grpc_context.cc +39 -0
  70. data/src/core/ext/filters/client_channel/backend_metric.cc +80 -0
  71. data/src/core/ext/filters/client_channel/backend_metric.h +36 -0
  72. data/src/core/ext/filters/client_channel/backup_poller.cc +183 -0
  73. data/src/core/ext/filters/client_channel/backup_poller.h +42 -0
  74. data/src/core/ext/filters/client_channel/channel_connectivity.cc +220 -0
  75. data/src/core/ext/filters/client_channel/client_channel.cc +3119 -0
  76. data/src/core/ext/filters/client_channel/client_channel.h +581 -0
  77. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +96 -0
  78. data/src/core/ext/filters/client_channel/client_channel_channelz.h +75 -0
  79. data/src/core/ext/filters/client_channel/client_channel_factory.cc +56 -0
  80. data/src/core/ext/filters/client_channel/client_channel_factory.h +46 -0
  81. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +74 -0
  82. data/src/core/ext/filters/client_channel/config_selector.cc +59 -0
  83. data/src/core/ext/filters/client_channel/config_selector.h +145 -0
  84. data/src/core/ext/filters/client_channel/connector.h +79 -0
  85. data/src/core/ext/filters/client_channel/dynamic_filters.cc +190 -0
  86. data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
  87. data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +83 -0
  88. data/src/core/ext/filters/client_channel/global_subchannel_pool.h +72 -0
  89. data/src/core/ext/filters/client_channel/health/health_check_client.cc +619 -0
  90. data/src/core/ext/filters/client_channel/health/health_check_client.h +177 -0
  91. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +392 -0
  92. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +42 -0
  93. data/src/core/ext/filters/client_channel/http_proxy.cc +234 -0
  94. data/src/core/ext/filters/client_channel/http_proxy.h +28 -0
  95. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +96 -0
  96. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +101 -0
  97. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +304 -0
  98. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +83 -0
  99. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +148 -0
  100. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +29 -0
  101. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1866 -0
  102. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +47 -0
  103. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +76 -0
  104. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +37 -0
  105. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +44 -0
  106. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +83 -0
  107. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +93 -0
  108. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +76 -0
  109. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +192 -0
  110. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +74 -0
  111. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +522 -0
  112. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +918 -0
  113. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +757 -0
  114. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +37 -0
  115. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2502 -0
  116. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +503 -0
  117. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +426 -0
  118. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +741 -0
  119. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +745 -0
  120. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +60 -0
  121. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
  122. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +795 -0
  123. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +701 -0
  124. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1362 -0
  125. data/src/core/ext/filters/client_channel/lb_policy.cc +131 -0
  126. data/src/core/ext/filters/client_channel/lb_policy.h +425 -0
  127. data/src/core/ext/filters/client_channel/lb_policy_factory.h +48 -0
  128. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +185 -0
  129. data/src/core/ext/filters/client_channel/lb_policy_registry.h +65 -0
  130. data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +56 -0
  131. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +58 -0
  132. data/src/core/ext/filters/client_channel/proxy_mapper.h +54 -0
  133. data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +89 -0
  134. data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +50 -0
  135. data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +139 -0
  136. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +526 -0
  137. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +74 -0
  138. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc +31 -0
  139. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +110 -0
  140. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +902 -0
  141. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +1203 -0
  142. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +122 -0
  143. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc +28 -0
  144. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +29 -0
  145. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +34 -0
  146. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +28 -0
  147. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +29 -0
  148. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +332 -0
  149. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +380 -0
  150. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +95 -0
  151. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +384 -0
  152. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +195 -0
  153. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +1002 -0
  154. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
  155. data/src/core/ext/filters/client_channel/resolver.cc +87 -0
  156. data/src/core/ext/filters/client_channel/resolver.h +136 -0
  157. data/src/core/ext/filters/client_channel/resolver_factory.h +75 -0
  158. data/src/core/ext/filters/client_channel/resolver_registry.cc +195 -0
  159. data/src/core/ext/filters/client_channel/resolver_registry.h +89 -0
  160. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +189 -0
  161. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +99 -0
  162. data/src/core/ext/filters/client_channel/retry_filter.cc +2573 -0
  163. data/src/core/ext/filters/client_channel/retry_filter.h +30 -0
  164. data/src/core/ext/filters/client_channel/retry_service_config.cc +316 -0
  165. data/src/core/ext/filters/client_channel/retry_service_config.h +96 -0
  166. data/src/core/ext/filters/client_channel/retry_throttle.cc +162 -0
  167. data/src/core/ext/filters/client_channel/retry_throttle.h +79 -0
  168. data/src/core/ext/filters/client_channel/server_address.cc +170 -0
  169. data/src/core/ext/filters/client_channel/server_address.h +144 -0
  170. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +156 -0
  171. data/src/core/ext/filters/client_channel/subchannel.cc +1021 -0
  172. data/src/core/ext/filters/client_channel/subchannel.h +382 -0
  173. data/src/core/ext/filters/client_channel/subchannel_interface.h +130 -0
  174. data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +126 -0
  175. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +106 -0
  176. data/src/core/ext/filters/client_idle/client_idle_filter.cc +264 -0
  177. data/src/core/ext/filters/client_idle/idle_filter_state.cc +96 -0
  178. data/src/core/ext/filters/client_idle/idle_filter_state.h +66 -0
  179. data/src/core/ext/filters/deadline/deadline_filter.cc +391 -0
  180. data/src/core/ext/filters/deadline/deadline_filter.h +86 -0
  181. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +503 -0
  182. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
  183. data/src/core/ext/filters/fault_injection/service_config_parser.cc +181 -0
  184. data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
  185. data/src/core/ext/filters/http/client/http_client_filter.cc +604 -0
  186. data/src/core/ext/filters/http/client/http_client_filter.h +31 -0
  187. data/src/core/ext/filters/http/client_authority_filter.cc +159 -0
  188. data/src/core/ext/filters/http/client_authority_filter.h +34 -0
  189. data/src/core/ext/filters/http/http_filters_plugin.cc +90 -0
  190. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +553 -0
  191. data/src/core/ext/filters/http/message_compress/message_compress_filter.h +53 -0
  192. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +398 -0
  193. data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +31 -0
  194. data/src/core/ext/filters/http/server/http_server_filter.cc +537 -0
  195. data/src/core/ext/filters/http/server/http_server_filter.h +29 -0
  196. data/src/core/ext/filters/max_age/max_age_filter.cc +560 -0
  197. data/src/core/ext/filters/max_age/max_age_filter.h +26 -0
  198. data/src/core/ext/filters/message_size/message_size_filter.cc +402 -0
  199. data/src/core/ext/filters/message_size/message_size_filter.h +66 -0
  200. data/src/core/ext/service_config/service_config.cc +227 -0
  201. data/src/core/ext/service_config/service_config.h +127 -0
  202. data/src/core/ext/service_config/service_config_call_data.h +72 -0
  203. data/src/core/ext/service_config/service_config_parser.cc +89 -0
  204. data/src/core/ext/service_config/service_config_parser.h +97 -0
  205. data/src/core/ext/transport/chttp2/alpn/alpn.cc +45 -0
  206. data/src/core/ext/transport/chttp2/alpn/alpn.h +36 -0
  207. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +276 -0
  208. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +77 -0
  209. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +119 -0
  210. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +95 -0
  211. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +189 -0
  212. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +923 -0
  213. data/src/core/ext/transport/chttp2/server/chttp2_server.h +47 -0
  214. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +53 -0
  215. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +83 -0
  216. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +125 -0
  217. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +252 -0
  218. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +57 -0
  219. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +231 -0
  220. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +42 -0
  221. data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +37 -0
  222. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +3351 -0
  223. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +66 -0
  224. data/src/core/ext/transport/chttp2/transport/context_list.cc +68 -0
  225. data/src/core/ext/transport/chttp2/transport/context_list.h +52 -0
  226. data/src/core/ext/transport/chttp2/transport/flow_control.cc +430 -0
  227. data/src/core/ext/transport/chttp2/transport/flow_control.h +488 -0
  228. data/src/core/ext/transport/chttp2/transport/frame.h +47 -0
  229. data/src/core/ext/transport/chttp2/transport/frame_data.cc +308 -0
  230. data/src/core/ext/transport/chttp2/transport/frame_data.h +83 -0
  231. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +187 -0
  232. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +63 -0
  233. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +132 -0
  234. data/src/core/ext/transport/chttp2/transport/frame_ping.h +46 -0
  235. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +118 -0
  236. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +51 -0
  237. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +273 -0
  238. data/src/core/ext/transport/chttp2/transport/frame_settings.h +62 -0
  239. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +123 -0
  240. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +43 -0
  241. data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
  242. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +546 -0
  243. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +277 -0
  244. data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
  245. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
  246. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
  247. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +1454 -0
  248. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +136 -0
  249. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +146 -0
  250. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +137 -0
  251. data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
  252. data/src/core/ext/transport/chttp2/transport/hpack_utils.h +30 -0
  253. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +62 -0
  254. data/src/core/ext/transport/chttp2/transport/http2_settings.h +61 -0
  255. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +92 -0
  256. data/src/core/ext/transport/chttp2/transport/huffsyms.h +32 -0
  257. data/src/core/ext/transport/chttp2/transport/internal.h +892 -0
  258. data/src/core/ext/transport/chttp2/transport/parsing.cc +651 -0
  259. data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
  260. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +216 -0
  261. data/src/core/ext/transport/chttp2/transport/stream_map.cc +177 -0
  262. data/src/core/ext/transport/chttp2/transport/stream_map.h +67 -0
  263. data/src/core/ext/transport/chttp2/transport/varint.cc +62 -0
  264. data/src/core/ext/transport/chttp2/transport/varint.h +71 -0
  265. data/src/core/ext/transport/chttp2/transport/writing.cc +716 -0
  266. data/src/core/ext/transport/inproc/inproc_plugin.cc +28 -0
  267. data/src/core/ext/transport/inproc/inproc_transport.cc +1360 -0
  268. data/src/core/ext/transport/inproc/inproc_transport.h +35 -0
  269. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
  270. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1591 -0
  271. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
  272. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
  273. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
  274. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +66 -0
  275. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +243 -0
  276. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +955 -0
  277. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +371 -0
  278. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1554 -0
  279. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -0
  280. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +271 -0
  281. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +494 -0
  282. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +2116 -0
  283. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +35 -0
  284. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +83 -0
  285. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +56 -0
  286. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +370 -0
  287. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +124 -0
  288. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +470 -0
  289. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +35 -0
  290. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +94 -0
  291. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +382 -0
  292. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1295 -0
  293. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +103 -0
  294. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +418 -0
  295. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +34 -0
  296. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +84 -0
  297. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
  298. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +161 -0
  299. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +241 -0
  300. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +917 -0
  301. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +171 -0
  302. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +830 -0
  303. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +36 -0
  304. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +94 -0
  305. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +244 -0
  306. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +1089 -0
  307. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +27 -0
  308. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +71 -0
  309. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +46 -0
  310. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +133 -0
  311. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +34 -0
  312. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +101 -0
  313. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +43 -0
  314. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +132 -0
  315. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +35 -0
  316. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +96 -0
  317. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +90 -0
  318. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +261 -0
  319. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +125 -0
  320. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +462 -0
  321. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +112 -0
  322. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +397 -0
  323. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +33 -0
  324. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +79 -0
  325. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +138 -0
  326. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +640 -0
  327. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +161 -0
  328. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +680 -0
  329. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +48 -0
  330. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +177 -0
  331. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +42 -0
  332. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +127 -0
  333. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
  334. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +536 -0
  335. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +153 -0
  336. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +550 -0
  337. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +185 -0
  338. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +738 -0
  339. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +82 -0
  340. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +312 -0
  341. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +960 -0
  342. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +4213 -0
  343. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +60 -0
  344. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +177 -0
  345. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +49 -0
  346. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +134 -0
  347. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
  348. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +73 -0
  349. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
  350. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +298 -0
  351. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +79 -0
  352. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +303 -0
  353. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +42 -0
  354. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +123 -0
  355. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +403 -0
  356. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1785 -0
  357. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +19 -0
  358. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +35 -0
  359. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +130 -0
  360. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +559 -0
  361. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +73 -0
  362. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +237 -0
  363. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +148 -0
  364. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +674 -0
  365. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +27 -0
  366. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +62 -0
  367. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +25 -0
  368. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +62 -0
  369. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +146 -0
  370. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +535 -0
  371. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +27 -0
  372. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +62 -0
  373. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +27 -0
  374. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +62 -0
  375. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +54 -0
  376. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +163 -0
  377. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +27 -0
  378. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +62 -0
  379. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +27 -0
  380. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +62 -0
  381. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +121 -0
  382. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +468 -0
  383. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +60 -0
  384. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +205 -0
  385. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +48 -0
  386. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +144 -0
  387. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
  388. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +96 -0
  389. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +35 -0
  390. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +90 -0
  391. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +34 -0
  392. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +84 -0
  393. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +65 -0
  394. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +184 -0
  395. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +53 -0
  396. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +158 -0
  397. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
  398. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +136 -0
  399. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +63 -0
  400. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +225 -0
  401. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +88 -0
  402. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +343 -0
  403. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +90 -0
  404. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +313 -0
  405. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +17 -0
  406. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +36 -0
  407. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +40 -0
  408. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +111 -0
  409. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +51 -0
  410. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +148 -0
  411. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +30 -0
  412. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +74 -0
  413. data/src/core/ext/upb-generated/google/api/annotations.upb.c +18 -0
  414. data/src/core/ext/upb-generated/google/api/annotations.upb.h +30 -0
  415. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
  416. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +896 -0
  417. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +251 -0
  418. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +943 -0
  419. data/src/core/ext/upb-generated/google/api/http.upb.c +66 -0
  420. data/src/core/ext/upb-generated/google/api/http.upb.h +228 -0
  421. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +27 -0
  422. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +70 -0
  423. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +486 -0
  424. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +2047 -0
  425. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +27 -0
  426. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +70 -0
  427. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +22 -0
  428. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +62 -0
  429. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +79 -0
  430. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +231 -0
  431. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +27 -0
  432. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +70 -0
  433. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +106 -0
  434. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +346 -0
  435. data/src/core/ext/upb-generated/google/rpc/status.upb.c +33 -0
  436. data/src/core/ext/upb-generated/google/rpc/status.upb.h +87 -0
  437. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +49 -0
  438. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +127 -0
  439. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +212 -0
  440. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +805 -0
  441. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +42 -0
  442. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +137 -0
  443. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +36 -0
  444. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +108 -0
  445. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +141 -0
  446. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +507 -0
  447. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +55 -0
  448. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +154 -0
  449. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
  450. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +140 -0
  451. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +29 -0
  452. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +70 -0
  453. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
  454. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
  455. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
  456. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +77 -0
  457. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +27 -0
  458. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +66 -0
  459. data/src/core/ext/upb-generated/validate/validate.upb.c +464 -0
  460. data/src/core/ext/upb-generated/validate/validate.upb.h +2447 -0
  461. data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +58 -0
  462. data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +182 -0
  463. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
  464. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +66 -0
  465. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
  466. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +155 -0
  467. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
  468. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +90 -0
  469. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
  470. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +100 -0
  471. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
  472. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +178 -0
  473. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
  474. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +91 -0
  475. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +58 -0
  476. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +130 -0
  477. data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +33 -0
  478. data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +83 -0
  479. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
  480. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
  481. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +46 -0
  482. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
  483. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
  484. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
  485. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +252 -0
  486. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
  487. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +424 -0
  488. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +120 -0
  489. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
  490. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
  491. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +596 -0
  492. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +155 -0
  493. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
  494. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
  495. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
  496. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
  497. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
  498. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
  499. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
  500. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
  501. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +313 -0
  502. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +150 -0
  503. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +144 -0
  504. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
  505. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
  506. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
  507. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
  508. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
  509. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
  510. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
  511. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +236 -0
  512. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
  513. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
  514. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
  515. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +300 -0
  516. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +100 -0
  517. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
  518. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
  519. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +59 -0
  520. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +40 -0
  521. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
  522. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
  523. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +72 -0
  524. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
  525. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +52 -0
  526. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +35 -0
  527. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
  528. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
  529. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +140 -0
  530. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +60 -0
  531. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
  532. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
  533. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
  534. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
  535. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +205 -0
  536. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +60 -0
  537. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +201 -0
  538. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
  539. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +90 -0
  540. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +35 -0
  541. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +67 -0
  542. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
  543. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
  544. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
  545. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +152 -0
  546. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +75 -0
  547. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +115 -0
  548. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +45 -0
  549. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +982 -0
  550. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +295 -0
  551. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
  552. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
  553. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
  554. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
  555. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
  556. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
  557. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
  558. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
  559. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +123 -0
  560. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
  561. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +79 -0
  562. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
  563. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +567 -0
  564. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +125 -0
  565. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
  566. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
  567. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +196 -0
  568. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +60 -0
  569. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
  570. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
  571. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +251 -0
  572. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
  573. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
  574. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
  575. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
  576. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
  577. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
  578. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
  579. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
  580. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
  581. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
  582. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
  583. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
  584. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
  585. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
  586. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
  587. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
  588. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
  589. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +163 -0
  590. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +55 -0
  591. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +64 -0
  592. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +50 -0
  593. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +65 -0
  594. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
  595. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
  596. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
  597. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
  598. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
  599. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
  600. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
  601. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +76 -0
  602. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
  603. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
  604. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
  605. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
  606. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
  607. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
  608. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
  609. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
  610. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
  611. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
  612. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
  613. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
  614. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
  615. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
  616. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
  617. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
  618. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
  619. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
  620. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
  621. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
  622. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
  623. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
  624. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
  625. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
  626. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
  627. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
  628. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
  629. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
  630. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
  631. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
  632. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
  633. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
  634. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
  635. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
  636. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
  637. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
  638. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
  639. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
  640. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
  641. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +71 -0
  642. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
  643. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +52 -0
  644. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
  645. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +34 -0
  646. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
  647. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +51 -0
  648. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
  649. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +44 -0
  650. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
  651. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +332 -0
  652. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
  653. data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +75 -0
  654. data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +50 -0
  655. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +43 -0
  656. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
  657. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +63 -0
  658. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
  659. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +46 -0
  660. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
  661. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +50 -0
  662. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
  663. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +68 -0
  664. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
  665. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +51 -0
  666. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
  667. data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +45 -0
  668. data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +35 -0
  669. data/src/core/ext/xds/certificate_provider_factory.h +61 -0
  670. data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
  671. data/src/core/ext/xds/certificate_provider_registry.h +57 -0
  672. data/src/core/ext/xds/certificate_provider_store.cc +87 -0
  673. data/src/core/ext/xds/certificate_provider_store.h +112 -0
  674. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
  675. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
  676. data/src/core/ext/xds/xds_api.cc +3965 -0
  677. data/src/core/ext/xds/xds_api.h +744 -0
  678. data/src/core/ext/xds/xds_bootstrap.cc +471 -0
  679. data/src/core/ext/xds/xds_bootstrap.h +125 -0
  680. data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
  681. data/src/core/ext/xds/xds_certificate_provider.h +151 -0
  682. data/src/core/ext/xds/xds_channel_args.h +32 -0
  683. data/src/core/ext/xds/xds_channel_stack_modifier.cc +113 -0
  684. data/src/core/ext/xds/xds_channel_stack_modifier.h +52 -0
  685. data/src/core/ext/xds/xds_client.cc +2791 -0
  686. data/src/core/ext/xds/xds_client.h +380 -0
  687. data/src/core/ext/xds/xds_client_stats.cc +160 -0
  688. data/src/core/ext/xds/xds_client_stats.h +240 -0
  689. data/src/core/ext/xds/xds_http_fault_filter.cc +227 -0
  690. data/src/core/ext/xds/xds_http_fault_filter.h +64 -0
  691. data/src/core/ext/xds/xds_http_filters.cc +116 -0
  692. data/src/core/ext/xds/xds_http_filters.h +133 -0
  693. data/src/core/ext/xds/xds_server_config_fetcher.cc +544 -0
  694. data/src/core/lib/address_utils/parse_address.cc +320 -0
  695. data/src/core/lib/address_utils/parse_address.h +77 -0
  696. data/src/core/lib/address_utils/sockaddr_utils.cc +412 -0
  697. data/src/core/lib/address_utils/sockaddr_utils.h +110 -0
  698. data/src/core/lib/avl/avl.cc +306 -0
  699. data/src/core/lib/avl/avl.h +94 -0
  700. data/src/core/lib/backoff/backoff.cc +78 -0
  701. data/src/core/lib/backoff/backoff.h +89 -0
  702. data/src/core/lib/channel/call_tracer.h +85 -0
  703. data/src/core/lib/channel/channel_args.cc +400 -0
  704. data/src/core/lib/channel/channel_args.h +143 -0
  705. data/src/core/lib/channel/channel_stack.cc +267 -0
  706. data/src/core/lib/channel/channel_stack.h +312 -0
  707. data/src/core/lib/channel/channel_stack_builder.cc +313 -0
  708. data/src/core/lib/channel/channel_stack_builder.h +158 -0
  709. data/src/core/lib/channel/channel_trace.cc +193 -0
  710. data/src/core/lib/channel/channel_trace.h +135 -0
  711. data/src/core/lib/channel/channelz.cc +596 -0
  712. data/src/core/lib/channel/channelz.h +357 -0
  713. data/src/core/lib/channel/channelz_registry.cc +285 -0
  714. data/src/core/lib/channel/channelz_registry.h +99 -0
  715. data/src/core/lib/channel/connected_channel.cc +245 -0
  716. data/src/core/lib/channel/connected_channel.h +33 -0
  717. data/src/core/lib/channel/context.h +52 -0
  718. data/src/core/lib/channel/handshaker.cc +222 -0
  719. data/src/core/lib/channel/handshaker.h +161 -0
  720. data/src/core/lib/channel/handshaker_factory.h +50 -0
  721. data/src/core/lib/channel/handshaker_registry.cc +50 -0
  722. data/src/core/lib/channel/handshaker_registry.h +71 -0
  723. data/src/core/lib/channel/status_util.cc +109 -0
  724. data/src/core/lib/channel/status_util.h +67 -0
  725. data/src/core/lib/compression/algorithm_metadata.h +62 -0
  726. data/src/core/lib/compression/compression.cc +183 -0
  727. data/src/core/lib/compression/compression_args.cc +138 -0
  728. data/src/core/lib/compression/compression_args.h +56 -0
  729. data/src/core/lib/compression/compression_internal.cc +283 -0
  730. data/src/core/lib/compression/compression_internal.h +97 -0
  731. data/src/core/lib/compression/message_compress.cc +192 -0
  732. data/src/core/lib/compression/message_compress.h +40 -0
  733. data/src/core/lib/compression/stream_compression.cc +81 -0
  734. data/src/core/lib/compression/stream_compression.h +117 -0
  735. data/src/core/lib/compression/stream_compression_gzip.cc +231 -0
  736. data/src/core/lib/compression/stream_compression_gzip.h +28 -0
  737. data/src/core/lib/compression/stream_compression_identity.cc +91 -0
  738. data/src/core/lib/compression/stream_compression_identity.h +29 -0
  739. data/src/core/lib/config/core_configuration.cc +96 -0
  740. data/src/core/lib/config/core_configuration.h +146 -0
  741. data/src/core/lib/debug/stats.cc +172 -0
  742. data/src/core/lib/debug/stats.h +71 -0
  743. data/src/core/lib/debug/stats_data.cc +689 -0
  744. data/src/core/lib/debug/stats_data.h +556 -0
  745. data/src/core/lib/debug/trace.cc +155 -0
  746. data/src/core/lib/debug/trace.h +132 -0
  747. data/src/core/lib/event_engine/endpoint_config.cc +45 -0
  748. data/src/core/lib/event_engine/endpoint_config_internal.h +42 -0
  749. data/src/core/lib/event_engine/event_engine.cc +50 -0
  750. data/src/core/lib/event_engine/sockaddr.cc +40 -0
  751. data/src/core/lib/event_engine/sockaddr.h +44 -0
  752. data/src/core/lib/gpr/alloc.cc +76 -0
  753. data/src/core/lib/gpr/alloc.h +28 -0
  754. data/src/core/lib/gpr/atm.cc +35 -0
  755. data/src/core/lib/gpr/cpu_iphone.cc +44 -0
  756. data/src/core/lib/gpr/cpu_linux.cc +82 -0
  757. data/src/core/lib/gpr/cpu_posix.cc +83 -0
  758. data/src/core/lib/gpr/cpu_windows.cc +33 -0
  759. data/src/core/lib/gpr/env.h +40 -0
  760. data/src/core/lib/gpr/env_linux.cc +75 -0
  761. data/src/core/lib/gpr/env_posix.cc +46 -0
  762. data/src/core/lib/gpr/env_windows.cc +74 -0
  763. data/src/core/lib/gpr/log.cc +140 -0
  764. data/src/core/lib/gpr/log_android.cc +77 -0
  765. data/src/core/lib/gpr/log_linux.cc +114 -0
  766. data/src/core/lib/gpr/log_posix.cc +110 -0
  767. data/src/core/lib/gpr/log_windows.cc +116 -0
  768. data/src/core/lib/gpr/murmur_hash.cc +82 -0
  769. data/src/core/lib/gpr/murmur_hash.h +29 -0
  770. data/src/core/lib/gpr/spinlock.h +53 -0
  771. data/src/core/lib/gpr/string.cc +343 -0
  772. data/src/core/lib/gpr/string.h +112 -0
  773. data/src/core/lib/gpr/string_posix.cc +72 -0
  774. data/src/core/lib/gpr/string_util_windows.cc +82 -0
  775. data/src/core/lib/gpr/string_windows.cc +69 -0
  776. data/src/core/lib/gpr/string_windows.h +32 -0
  777. data/src/core/lib/gpr/sync.cc +124 -0
  778. data/src/core/lib/gpr/sync_abseil.cc +114 -0
  779. data/src/core/lib/gpr/sync_posix.cc +170 -0
  780. data/src/core/lib/gpr/sync_windows.cc +120 -0
  781. data/src/core/lib/gpr/time.cc +264 -0
  782. data/src/core/lib/gpr/time_posix.cc +186 -0
  783. data/src/core/lib/gpr/time_precise.cc +168 -0
  784. data/src/core/lib/gpr/time_precise.h +70 -0
  785. data/src/core/lib/gpr/time_windows.cc +99 -0
  786. data/src/core/lib/gpr/tls.h +151 -0
  787. data/src/core/lib/gpr/tmpfile.h +32 -0
  788. data/src/core/lib/gpr/tmpfile_msys.cc +58 -0
  789. data/src/core/lib/gpr/tmpfile_posix.cc +69 -0
  790. data/src/core/lib/gpr/tmpfile_windows.cc +69 -0
  791. data/src/core/lib/gpr/useful.h +113 -0
  792. data/src/core/lib/gpr/wrap_memcpy.cc +43 -0
  793. data/src/core/lib/gprpp/arena.cc +104 -0
  794. data/src/core/lib/gprpp/arena.h +131 -0
  795. data/src/core/lib/gprpp/atomic_utils.h +47 -0
  796. data/src/core/lib/gprpp/bitset.h +188 -0
  797. data/src/core/lib/gprpp/chunked_vector.h +211 -0
  798. data/src/core/lib/gprpp/construct_destruct.h +39 -0
  799. data/src/core/lib/gprpp/debug_location.h +53 -0
  800. data/src/core/lib/gprpp/dual_ref_counted.h +330 -0
  801. data/src/core/lib/gprpp/examine_stack.cc +43 -0
  802. data/src/core/lib/gprpp/examine_stack.h +46 -0
  803. data/src/core/lib/gprpp/fork.cc +244 -0
  804. data/src/core/lib/gprpp/fork.h +103 -0
  805. data/src/core/lib/gprpp/global_config.h +95 -0
  806. data/src/core/lib/gprpp/global_config_custom.h +29 -0
  807. data/src/core/lib/gprpp/global_config_env.cc +137 -0
  808. data/src/core/lib/gprpp/global_config_env.h +131 -0
  809. data/src/core/lib/gprpp/global_config_generic.h +44 -0
  810. data/src/core/lib/gprpp/host_port.cc +112 -0
  811. data/src/core/lib/gprpp/host_port.h +56 -0
  812. data/src/core/lib/gprpp/manual_constructor.h +216 -0
  813. data/src/core/lib/gprpp/match.h +73 -0
  814. data/src/core/lib/gprpp/memory.h +57 -0
  815. data/src/core/lib/gprpp/mpscq.cc +108 -0
  816. data/src/core/lib/gprpp/mpscq.h +99 -0
  817. data/src/core/lib/gprpp/orphanable.h +125 -0
  818. data/src/core/lib/gprpp/overload.h +59 -0
  819. data/src/core/lib/gprpp/ref_counted.h +349 -0
  820. data/src/core/lib/gprpp/ref_counted_ptr.h +353 -0
  821. data/src/core/lib/gprpp/stat.h +38 -0
  822. data/src/core/lib/gprpp/stat_posix.cc +49 -0
  823. data/src/core/lib/gprpp/stat_windows.cc +48 -0
  824. data/src/core/lib/gprpp/status_helper.cc +427 -0
  825. data/src/core/lib/gprpp/status_helper.h +194 -0
  826. data/src/core/lib/gprpp/sync.h +198 -0
  827. data/src/core/lib/gprpp/table.h +411 -0
  828. data/src/core/lib/gprpp/thd.h +174 -0
  829. data/src/core/lib/gprpp/thd_posix.cc +209 -0
  830. data/src/core/lib/gprpp/thd_windows.cc +171 -0
  831. data/src/core/lib/gprpp/time_util.cc +77 -0
  832. data/src/core/lib/gprpp/time_util.h +42 -0
  833. data/src/core/lib/http/format_request.cc +104 -0
  834. data/src/core/lib/http/format_request.h +35 -0
  835. data/src/core/lib/http/httpcli.cc +324 -0
  836. data/src/core/lib/http/httpcli.h +128 -0
  837. data/src/core/lib/http/httpcli_security_connector.cc +215 -0
  838. data/src/core/lib/http/parser.cc +392 -0
  839. data/src/core/lib/http/parser.h +114 -0
  840. data/src/core/lib/iomgr/block_annotate.h +57 -0
  841. data/src/core/lib/iomgr/buffer_list.cc +307 -0
  842. data/src/core/lib/iomgr/buffer_list.h +163 -0
  843. data/src/core/lib/iomgr/call_combiner.cc +281 -0
  844. data/src/core/lib/iomgr/call_combiner.h +215 -0
  845. data/src/core/lib/iomgr/cfstream_handle.cc +210 -0
  846. data/src/core/lib/iomgr/cfstream_handle.h +90 -0
  847. data/src/core/lib/iomgr/closure.h +256 -0
  848. data/src/core/lib/iomgr/combiner.cc +328 -0
  849. data/src/core/lib/iomgr/combiner.h +89 -0
  850. data/src/core/lib/iomgr/dualstack_socket_posix.cc +48 -0
  851. data/src/core/lib/iomgr/dynamic_annotations.h +67 -0
  852. data/src/core/lib/iomgr/endpoint.cc +67 -0
  853. data/src/core/lib/iomgr/endpoint.h +108 -0
  854. data/src/core/lib/iomgr/endpoint_cfstream.cc +389 -0
  855. data/src/core/lib/iomgr/endpoint_cfstream.h +49 -0
  856. data/src/core/lib/iomgr/endpoint_pair.h +34 -0
  857. data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +32 -0
  858. data/src/core/lib/iomgr/endpoint_pair_posix.cc +77 -0
  859. data/src/core/lib/iomgr/endpoint_pair_windows.cc +95 -0
  860. data/src/core/lib/iomgr/error.cc +985 -0
  861. data/src/core/lib/iomgr/error.h +442 -0
  862. data/src/core/lib/iomgr/error_cfstream.cc +59 -0
  863. data/src/core/lib/iomgr/error_cfstream.h +31 -0
  864. data/src/core/lib/iomgr/error_internal.h +66 -0
  865. data/src/core/lib/iomgr/ev_apple.cc +359 -0
  866. data/src/core/lib/iomgr/ev_apple.h +43 -0
  867. data/src/core/lib/iomgr/ev_epoll1_linux.cc +1364 -0
  868. data/src/core/lib/iomgr/ev_epoll1_linux.h +31 -0
  869. data/src/core/lib/iomgr/ev_epollex_linux.cc +1654 -0
  870. data/src/core/lib/iomgr/ev_epollex_linux.h +30 -0
  871. data/src/core/lib/iomgr/ev_poll_posix.cc +1430 -0
  872. data/src/core/lib/iomgr/ev_poll_posix.h +29 -0
  873. data/src/core/lib/iomgr/ev_posix.cc +417 -0
  874. data/src/core/lib/iomgr/ev_posix.h +207 -0
  875. data/src/core/lib/iomgr/ev_windows.cc +30 -0
  876. data/src/core/lib/iomgr/event_engine/closure.cc +77 -0
  877. data/src/core/lib/iomgr/event_engine/closure.h +42 -0
  878. data/src/core/lib/iomgr/event_engine/endpoint.cc +173 -0
  879. data/src/core/lib/iomgr/event_engine/endpoint.h +52 -0
  880. data/src/core/lib/iomgr/event_engine/iomgr.cc +104 -0
  881. data/src/core/lib/iomgr/event_engine/iomgr.h +42 -0
  882. data/src/core/lib/iomgr/event_engine/pollset.cc +88 -0
  883. data/src/core/lib/iomgr/event_engine/pollset.h +25 -0
  884. data/src/core/lib/iomgr/event_engine/promise.h +51 -0
  885. data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +41 -0
  886. data/src/core/lib/iomgr/event_engine/resolved_address_internal.h +35 -0
  887. data/src/core/lib/iomgr/event_engine/resolver.cc +114 -0
  888. data/src/core/lib/iomgr/event_engine/tcp.cc +293 -0
  889. data/src/core/lib/iomgr/event_engine/timer.cc +62 -0
  890. data/src/core/lib/iomgr/exec_ctx.cc +227 -0
  891. data/src/core/lib/iomgr/exec_ctx.h +375 -0
  892. data/src/core/lib/iomgr/executor/mpmcqueue.cc +182 -0
  893. data/src/core/lib/iomgr/executor/mpmcqueue.h +171 -0
  894. data/src/core/lib/iomgr/executor/threadpool.cc +136 -0
  895. data/src/core/lib/iomgr/executor/threadpool.h +150 -0
  896. data/src/core/lib/iomgr/executor.cc +455 -0
  897. data/src/core/lib/iomgr/executor.h +122 -0
  898. data/src/core/lib/iomgr/fork_posix.cc +119 -0
  899. data/src/core/lib/iomgr/fork_windows.cc +41 -0
  900. data/src/core/lib/iomgr/gethostname.h +26 -0
  901. data/src/core/lib/iomgr/gethostname_fallback.cc +30 -0
  902. data/src/core/lib/iomgr/gethostname_host_name_max.cc +40 -0
  903. data/src/core/lib/iomgr/gethostname_sysconf.cc +40 -0
  904. data/src/core/lib/iomgr/grpc_if_nametoindex.h +30 -0
  905. data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +42 -0
  906. data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +38 -0
  907. data/src/core/lib/iomgr/internal_errqueue.cc +68 -0
  908. data/src/core/lib/iomgr/internal_errqueue.h +191 -0
  909. data/src/core/lib/iomgr/iocp_windows.cc +158 -0
  910. data/src/core/lib/iomgr/iocp_windows.h +48 -0
  911. data/src/core/lib/iomgr/iomgr.cc +196 -0
  912. data/src/core/lib/iomgr/iomgr.h +60 -0
  913. data/src/core/lib/iomgr/iomgr_custom.cc +79 -0
  914. data/src/core/lib/iomgr/iomgr_custom.h +49 -0
  915. data/src/core/lib/iomgr/iomgr_internal.cc +53 -0
  916. data/src/core/lib/iomgr/iomgr_internal.h +74 -0
  917. data/src/core/lib/iomgr/iomgr_posix.cc +90 -0
  918. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +200 -0
  919. data/src/core/lib/iomgr/iomgr_windows.cc +105 -0
  920. data/src/core/lib/iomgr/is_epollexclusive_available.cc +119 -0
  921. data/src/core/lib/iomgr/is_epollexclusive_available.h +36 -0
  922. data/src/core/lib/iomgr/load_file.cc +81 -0
  923. data/src/core/lib/iomgr/load_file.h +35 -0
  924. data/src/core/lib/iomgr/lockfree_event.cc +278 -0
  925. data/src/core/lib/iomgr/lockfree_event.h +72 -0
  926. data/src/core/lib/iomgr/nameser.h +106 -0
  927. data/src/core/lib/iomgr/polling_entity.cc +96 -0
  928. data/src/core/lib/iomgr/polling_entity.h +68 -0
  929. data/src/core/lib/iomgr/pollset.cc +56 -0
  930. data/src/core/lib/iomgr/pollset.h +99 -0
  931. data/src/core/lib/iomgr/pollset_custom.cc +105 -0
  932. data/src/core/lib/iomgr/pollset_custom.h +37 -0
  933. data/src/core/lib/iomgr/pollset_set.cc +55 -0
  934. data/src/core/lib/iomgr/pollset_set.h +55 -0
  935. data/src/core/lib/iomgr/pollset_set_custom.cc +47 -0
  936. data/src/core/lib/iomgr/pollset_set_custom.h +26 -0
  937. data/src/core/lib/iomgr/pollset_set_windows.cc +52 -0
  938. data/src/core/lib/iomgr/pollset_set_windows.h +26 -0
  939. data/src/core/lib/iomgr/pollset_windows.cc +243 -0
  940. data/src/core/lib/iomgr/pollset_windows.h +70 -0
  941. data/src/core/lib/iomgr/port.h +221 -0
  942. data/src/core/lib/iomgr/python_util.h +47 -0
  943. data/src/core/lib/iomgr/resolve_address.cc +55 -0
  944. data/src/core/lib/iomgr/resolve_address.h +83 -0
  945. data/src/core/lib/iomgr/resolve_address_custom.cc +169 -0
  946. data/src/core/lib/iomgr/resolve_address_custom.h +44 -0
  947. data/src/core/lib/iomgr/resolve_address_posix.cc +170 -0
  948. data/src/core/lib/iomgr/resolve_address_windows.cc +152 -0
  949. data/src/core/lib/iomgr/resource_quota.cc +1106 -0
  950. data/src/core/lib/iomgr/resource_quota.h +226 -0
  951. data/src/core/lib/iomgr/sockaddr.h +33 -0
  952. data/src/core/lib/iomgr/sockaddr_posix.h +55 -0
  953. data/src/core/lib/iomgr/sockaddr_windows.h +55 -0
  954. data/src/core/lib/iomgr/socket_factory_posix.cc +95 -0
  955. data/src/core/lib/iomgr/socket_factory_posix.h +69 -0
  956. data/src/core/lib/iomgr/socket_mutator.cc +97 -0
  957. data/src/core/lib/iomgr/socket_mutator.h +84 -0
  958. data/src/core/lib/iomgr/socket_utils.h +47 -0
  959. data/src/core/lib/iomgr/socket_utils_common_posix.cc +515 -0
  960. data/src/core/lib/iomgr/socket_utils_linux.cc +42 -0
  961. data/src/core/lib/iomgr/socket_utils_posix.cc +58 -0
  962. data/src/core/lib/iomgr/socket_utils_posix.h +163 -0
  963. data/src/core/lib/iomgr/socket_utils_windows.cc +47 -0
  964. data/src/core/lib/iomgr/socket_windows.cc +202 -0
  965. data/src/core/lib/iomgr/socket_windows.h +127 -0
  966. data/src/core/lib/iomgr/sys_epoll_wrapper.h +30 -0
  967. data/src/core/lib/iomgr/tcp_client.cc +38 -0
  968. data/src/core/lib/iomgr/tcp_client.h +56 -0
  969. data/src/core/lib/iomgr/tcp_client_cfstream.cc +205 -0
  970. data/src/core/lib/iomgr/tcp_client_custom.cc +152 -0
  971. data/src/core/lib/iomgr/tcp_client_posix.cc +360 -0
  972. data/src/core/lib/iomgr/tcp_client_posix.h +70 -0
  973. data/src/core/lib/iomgr/tcp_client_windows.cc +241 -0
  974. data/src/core/lib/iomgr/tcp_custom.cc +377 -0
  975. data/src/core/lib/iomgr/tcp_custom.h +86 -0
  976. data/src/core/lib/iomgr/tcp_posix.cc +1848 -0
  977. data/src/core/lib/iomgr/tcp_posix.h +67 -0
  978. data/src/core/lib/iomgr/tcp_server.cc +79 -0
  979. data/src/core/lib/iomgr/tcp_server.h +149 -0
  980. data/src/core/lib/iomgr/tcp_server_custom.cc +467 -0
  981. data/src/core/lib/iomgr/tcp_server_posix.cc +645 -0
  982. data/src/core/lib/iomgr/tcp_server_utils_posix.h +128 -0
  983. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +223 -0
  984. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +175 -0
  985. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +36 -0
  986. data/src/core/lib/iomgr/tcp_server_windows.cc +568 -0
  987. data/src/core/lib/iomgr/tcp_windows.cc +530 -0
  988. data/src/core/lib/iomgr/tcp_windows.h +54 -0
  989. data/src/core/lib/iomgr/time_averaged_stats.cc +64 -0
  990. data/src/core/lib/iomgr/time_averaged_stats.h +72 -0
  991. data/src/core/lib/iomgr/timer.cc +46 -0
  992. data/src/core/lib/iomgr/timer.h +131 -0
  993. data/src/core/lib/iomgr/timer_custom.cc +96 -0
  994. data/src/core/lib/iomgr/timer_custom.h +43 -0
  995. data/src/core/lib/iomgr/timer_generic.cc +718 -0
  996. data/src/core/lib/iomgr/timer_generic.h +40 -0
  997. data/src/core/lib/iomgr/timer_heap.cc +134 -0
  998. data/src/core/lib/iomgr/timer_heap.h +43 -0
  999. data/src/core/lib/iomgr/timer_manager.cc +363 -0
  1000. data/src/core/lib/iomgr/timer_manager.h +41 -0
  1001. data/src/core/lib/iomgr/unix_sockets_posix.cc +108 -0
  1002. data/src/core/lib/iomgr/unix_sockets_posix.h +49 -0
  1003. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +62 -0
  1004. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +82 -0
  1005. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +39 -0
  1006. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +99 -0
  1007. data/src/core/lib/iomgr/wakeup_fd_pipe.h +28 -0
  1008. data/src/core/lib/iomgr/wakeup_fd_posix.cc +70 -0
  1009. data/src/core/lib/iomgr/wakeup_fd_posix.h +98 -0
  1010. data/src/core/lib/iomgr/work_serializer.cc +155 -0
  1011. data/src/core/lib/iomgr/work_serializer.h +81 -0
  1012. data/src/core/lib/json/json.h +250 -0
  1013. data/src/core/lib/json/json_reader.cc +849 -0
  1014. data/src/core/lib/json/json_util.cc +126 -0
  1015. data/src/core/lib/json/json_util.h +154 -0
  1016. data/src/core/lib/json/json_writer.cc +335 -0
  1017. data/src/core/lib/matchers/matchers.cc +327 -0
  1018. data/src/core/lib/matchers/matchers.h +160 -0
  1019. data/src/core/lib/profiling/basic_timers.cc +295 -0
  1020. data/src/core/lib/profiling/stap_timers.cc +50 -0
  1021. data/src/core/lib/profiling/timers.h +94 -0
  1022. data/src/core/lib/security/authorization/authorization_engine.h +44 -0
  1023. data/src/core/lib/security/authorization/authorization_policy_provider.h +33 -0
  1024. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +46 -0
  1025. data/src/core/lib/security/authorization/evaluate_args.cc +213 -0
  1026. data/src/core/lib/security/authorization/evaluate_args.h +91 -0
  1027. data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +171 -0
  1028. data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
  1029. data/src/core/lib/security/context/security_context.cc +325 -0
  1030. data/src/core/lib/security/context/security_context.h +152 -0
  1031. data/src/core/lib/security/credentials/alts/alts_credentials.cc +111 -0
  1032. data/src/core/lib/security/credentials/alts/alts_credentials.h +109 -0
  1033. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +72 -0
  1034. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +57 -0
  1035. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +68 -0
  1036. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +33 -0
  1037. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +102 -0
  1038. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +127 -0
  1039. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +46 -0
  1040. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +75 -0
  1041. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +59 -0
  1042. data/src/core/lib/security/credentials/composite/composite_credentials.cc +230 -0
  1043. data/src/core/lib/security/credentials/composite/composite_credentials.h +106 -0
  1044. data/src/core/lib/security/credentials/credentials.cc +164 -0
  1045. data/src/core/lib/security/credentials/credentials.h +291 -0
  1046. data/src/core/lib/security/credentials/credentials_metadata.cc +61 -0
  1047. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +404 -0
  1048. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +81 -0
  1049. data/src/core/lib/security/credentials/external/aws_request_signer.cc +214 -0
  1050. data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
  1051. data/src/core/lib/security/credentials/external/external_account_credentials.cc +527 -0
  1052. data/src/core/lib/security/credentials/external/external_account_credentials.h +122 -0
  1053. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +136 -0
  1054. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +49 -0
  1055. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +211 -0
  1056. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +60 -0
  1057. data/src/core/lib/security/credentials/fake/fake_credentials.cc +113 -0
  1058. data/src/core/lib/security/credentials/fake/fake_credentials.h +87 -0
  1059. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +42 -0
  1060. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +465 -0
  1061. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +87 -0
  1062. data/src/core/lib/security/credentials/iam/iam_credentials.cc +81 -0
  1063. data/src/core/lib/security/credentials/iam/iam_credentials.h +49 -0
  1064. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
  1065. data/src/core/lib/security/credentials/jwt/json_token.cc +288 -0
  1066. data/src/core/lib/security/credentials/jwt/json_token.h +76 -0
  1067. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +192 -0
  1068. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +89 -0
  1069. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +922 -0
  1070. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +122 -0
  1071. data/src/core/lib/security/credentials/local/local_credentials.cc +65 -0
  1072. data/src/core/lib/security/credentials/local/local_credentials.h +61 -0
  1073. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +753 -0
  1074. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +173 -0
  1075. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +267 -0
  1076. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +72 -0
  1077. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +385 -0
  1078. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +108 -0
  1079. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +348 -0
  1080. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +217 -0
  1081. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +455 -0
  1082. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +147 -0
  1083. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +177 -0
  1084. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +193 -0
  1085. data/src/core/lib/security/credentials/tls/tls_credentials.cc +133 -0
  1086. data/src/core/lib/security/credentials/tls/tls_credentials.h +62 -0
  1087. data/src/core/lib/security/credentials/tls/tls_utils.cc +123 -0
  1088. data/src/core/lib/security/credentials/tls/tls_utils.h +51 -0
  1089. data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
  1090. data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
  1091. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +311 -0
  1092. data/src/core/lib/security/security_connector/alts/alts_security_connector.h +76 -0
  1093. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +327 -0
  1094. data/src/core/lib/security/security_connector/fake/fake_security_connector.h +45 -0
  1095. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
  1096. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +97 -0
  1097. data/src/core/lib/security/security_connector/load_system_roots.h +33 -0
  1098. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +33 -0
  1099. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +171 -0
  1100. data/src/core/lib/security/security_connector/load_system_roots_linux.h +46 -0
  1101. data/src/core/lib/security/security_connector/local/local_security_connector.cc +294 -0
  1102. data/src/core/lib/security/security_connector/local/local_security_connector.h +59 -0
  1103. data/src/core/lib/security/security_connector/security_connector.cc +137 -0
  1104. data/src/core/lib/security/security_connector/security_connector.h +183 -0
  1105. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +453 -0
  1106. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +81 -0
  1107. data/src/core/lib/security/security_connector/ssl_utils.cc +611 -0
  1108. data/src/core/lib/security/security_connector/ssl_utils.h +188 -0
  1109. data/src/core/lib/security/security_connector/ssl_utils_config.cc +32 -0
  1110. data/src/core/lib/security/security_connector/ssl_utils_config.h +30 -0
  1111. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +667 -0
  1112. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +243 -0
  1113. data/src/core/lib/security/transport/auth_filters.h +36 -0
  1114. data/src/core/lib/security/transport/client_auth_filter.cc +473 -0
  1115. data/src/core/lib/security/transport/secure_endpoint.cc +442 -0
  1116. data/src/core/lib/security/transport/secure_endpoint.h +42 -0
  1117. data/src/core/lib/security/transport/security_handshaker.cc +642 -0
  1118. data/src/core/lib/security/transport/security_handshaker.h +46 -0
  1119. data/src/core/lib/security/transport/server_auth_filter.cc +331 -0
  1120. data/src/core/lib/security/transport/tsi_error.cc +28 -0
  1121. data/src/core/lib/security/transport/tsi_error.h +30 -0
  1122. data/src/core/lib/security/util/json_util.cc +70 -0
  1123. data/src/core/lib/security/util/json_util.h +45 -0
  1124. data/src/core/lib/slice/b64.cc +239 -0
  1125. data/src/core/lib/slice/b64.h +50 -0
  1126. data/src/core/lib/slice/percent_encoding.cc +212 -0
  1127. data/src/core/lib/slice/percent_encoding.h +66 -0
  1128. data/src/core/lib/slice/slice.cc +592 -0
  1129. data/src/core/lib/slice/slice_api.cc +39 -0
  1130. data/src/core/lib/slice/slice_buffer.cc +413 -0
  1131. data/src/core/lib/slice/slice_intern.cc +367 -0
  1132. data/src/core/lib/slice/slice_internal.h +123 -0
  1133. data/src/core/lib/slice/slice_refcount.cc +17 -0
  1134. data/src/core/lib/slice/slice_refcount.h +121 -0
  1135. data/src/core/lib/slice/slice_refcount_base.h +173 -0
  1136. data/src/core/lib/slice/slice_split.cc +100 -0
  1137. data/src/core/lib/slice/slice_split.h +40 -0
  1138. data/src/core/lib/slice/slice_string_helpers.cc +44 -0
  1139. data/src/core/lib/slice/slice_string_helpers.h +38 -0
  1140. data/src/core/lib/slice/slice_utils.h +200 -0
  1141. data/src/core/lib/slice/static_slice.cc +529 -0
  1142. data/src/core/lib/slice/static_slice.h +331 -0
  1143. data/src/core/lib/surface/api_trace.cc +25 -0
  1144. data/src/core/lib/surface/api_trace.h +53 -0
  1145. data/src/core/lib/surface/builtins.cc +49 -0
  1146. data/src/core/lib/surface/builtins.h +26 -0
  1147. data/src/core/lib/surface/byte_buffer.cc +92 -0
  1148. data/src/core/lib/surface/byte_buffer_reader.cc +101 -0
  1149. data/src/core/lib/surface/call.cc +2056 -0
  1150. data/src/core/lib/surface/call.h +131 -0
  1151. data/src/core/lib/surface/call_details.cc +41 -0
  1152. data/src/core/lib/surface/call_log_batch.cc +111 -0
  1153. data/src/core/lib/surface/call_test_only.h +43 -0
  1154. data/src/core/lib/surface/channel.cc +535 -0
  1155. data/src/core/lib/surface/channel.h +178 -0
  1156. data/src/core/lib/surface/channel_init.cc +56 -0
  1157. data/src/core/lib/surface/channel_init.h +86 -0
  1158. data/src/core/lib/surface/channel_ping.cc +63 -0
  1159. data/src/core/lib/surface/channel_stack_type.cc +59 -0
  1160. data/src/core/lib/surface/channel_stack_type.h +47 -0
  1161. data/src/core/lib/surface/completion_queue.cc +1429 -0
  1162. data/src/core/lib/surface/completion_queue.h +98 -0
  1163. data/src/core/lib/surface/completion_queue_factory.cc +88 -0
  1164. data/src/core/lib/surface/completion_queue_factory.h +39 -0
  1165. data/src/core/lib/surface/event_string.cc +62 -0
  1166. data/src/core/lib/surface/event_string.h +31 -0
  1167. data/src/core/lib/surface/init.cc +220 -0
  1168. data/src/core/lib/surface/init.h +35 -0
  1169. data/src/core/lib/surface/init_secure.cc +103 -0
  1170. data/src/core/lib/surface/lame_client.cc +192 -0
  1171. data/src/core/lib/surface/lame_client.h +33 -0
  1172. data/src/core/lib/surface/metadata_array.cc +36 -0
  1173. data/src/core/lib/surface/server.cc +1608 -0
  1174. data/src/core/lib/surface/server.h +497 -0
  1175. data/src/core/lib/surface/validate_metadata.cc +136 -0
  1176. data/src/core/lib/surface/validate_metadata.h +45 -0
  1177. data/src/core/lib/surface/version.cc +28 -0
  1178. data/src/core/lib/transport/bdp_estimator.cc +87 -0
  1179. data/src/core/lib/transport/bdp_estimator.h +95 -0
  1180. data/src/core/lib/transport/byte_stream.cc +158 -0
  1181. data/src/core/lib/transport/byte_stream.h +166 -0
  1182. data/src/core/lib/transport/connectivity_state.cc +188 -0
  1183. data/src/core/lib/transport/connectivity_state.h +145 -0
  1184. data/src/core/lib/transport/error_utils.cc +191 -0
  1185. data/src/core/lib/transport/error_utils.h +58 -0
  1186. data/src/core/lib/transport/http2_errors.h +41 -0
  1187. data/src/core/lib/transport/metadata.cc +714 -0
  1188. data/src/core/lib/transport/metadata.h +449 -0
  1189. data/src/core/lib/transport/metadata_batch.cc +94 -0
  1190. data/src/core/lib/transport/metadata_batch.h +1055 -0
  1191. data/src/core/lib/transport/parsed_metadata.h +263 -0
  1192. data/src/core/lib/transport/pid_controller.cc +51 -0
  1193. data/src/core/lib/transport/pid_controller.h +116 -0
  1194. data/src/core/lib/transport/static_metadata.cc +1117 -0
  1195. data/src/core/lib/transport/static_metadata.h +340 -0
  1196. data/src/core/lib/transport/status_conversion.cc +92 -0
  1197. data/src/core/lib/transport/status_conversion.h +38 -0
  1198. data/src/core/lib/transport/status_metadata.cc +63 -0
  1199. data/src/core/lib/transport/status_metadata.h +48 -0
  1200. data/src/core/lib/transport/timeout_encoding.cc +151 -0
  1201. data/src/core/lib/transport/timeout_encoding.h +38 -0
  1202. data/src/core/lib/transport/transport.cc +261 -0
  1203. data/src/core/lib/transport/transport.h +471 -0
  1204. data/src/core/lib/transport/transport_impl.h +71 -0
  1205. data/src/core/lib/transport/transport_op_string.cc +189 -0
  1206. data/src/core/lib/uri/uri_parser.cc +191 -0
  1207. data/src/core/lib/uri/uri_parser.h +87 -0
  1208. data/src/core/plugin_registry/grpc_plugin_registry.cc +197 -0
  1209. data/src/core/tsi/alts/crypt/aes_gcm.cc +690 -0
  1210. data/src/core/tsi/alts/crypt/gsec.cc +190 -0
  1211. data/src/core/tsi/alts/crypt/gsec.h +459 -0
  1212. data/src/core/tsi/alts/frame_protector/alts_counter.cc +118 -0
  1213. data/src/core/tsi/alts/frame_protector/alts_counter.h +98 -0
  1214. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +66 -0
  1215. data/src/core/tsi/alts/frame_protector/alts_crypter.h +255 -0
  1216. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +408 -0
  1217. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +55 -0
  1218. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +114 -0
  1219. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +114 -0
  1220. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +105 -0
  1221. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +103 -0
  1222. data/src/core/tsi/alts/frame_protector/frame_handler.cc +219 -0
  1223. data/src/core/tsi/alts/frame_protector/frame_handler.h +236 -0
  1224. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +903 -0
  1225. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +160 -0
  1226. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +83 -0
  1227. data/src/core/tsi/alts/handshaker/alts_shared_resource.h +73 -0
  1228. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +705 -0
  1229. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +104 -0
  1230. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +89 -0
  1231. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +64 -0
  1232. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +53 -0
  1233. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +223 -0
  1234. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +171 -0
  1235. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +226 -0
  1236. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +54 -0
  1237. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +144 -0
  1238. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +49 -0
  1239. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +91 -0
  1240. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +174 -0
  1241. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +99 -0
  1242. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +478 -0
  1243. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +199 -0
  1244. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +307 -0
  1245. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +57 -0
  1246. data/src/core/tsi/fake_transport_security.cc +809 -0
  1247. data/src/core/tsi/fake_transport_security.h +47 -0
  1248. data/src/core/tsi/local_transport_security.cc +178 -0
  1249. data/src/core/tsi/local_transport_security.h +50 -0
  1250. data/src/core/tsi/ssl/session_cache/ssl_session.h +71 -0
  1251. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +57 -0
  1252. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +179 -0
  1253. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +92 -0
  1254. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +75 -0
  1255. data/src/core/tsi/ssl_transport_security.cc +2260 -0
  1256. data/src/core/tsi/ssl_transport_security.h +366 -0
  1257. data/src/core/tsi/ssl_types.h +42 -0
  1258. data/src/core/tsi/transport_security.cc +384 -0
  1259. data/src/core/tsi/transport_security.h +142 -0
  1260. data/src/core/tsi/transport_security_grpc.cc +73 -0
  1261. data/src/core/tsi/transport_security_grpc.h +80 -0
  1262. data/src/core/tsi/transport_security_interface.h +507 -0
  1263. data/src/ruby/bin/math_client.rb +140 -0
  1264. data/src/ruby/bin/math_pb.rb +34 -0
  1265. data/src/ruby/bin/math_server.rb +191 -0
  1266. data/src/ruby/bin/math_services_pb.rb +51 -0
  1267. data/src/ruby/bin/noproto_client.rb +93 -0
  1268. data/src/ruby/bin/noproto_server.rb +97 -0
  1269. data/src/ruby/ext/grpc/ext-export.clang +1 -0
  1270. data/src/ruby/ext/grpc/ext-export.gcc +6 -0
  1271. data/src/ruby/ext/grpc/extconf.rb +129 -0
  1272. data/src/ruby/ext/grpc/extconf.rb.orig +130 -0
  1273. data/src/ruby/ext/grpc/extconf.rb.rej +18 -0
  1274. data/src/ruby/ext/grpc/rb_byte_buffer.c +65 -0
  1275. data/src/ruby/ext/grpc/rb_byte_buffer.h +35 -0
  1276. data/src/ruby/ext/grpc/rb_call.c +1051 -0
  1277. data/src/ruby/ext/grpc/rb_call.h +57 -0
  1278. data/src/ruby/ext/grpc/rb_call_credentials.c +341 -0
  1279. data/src/ruby/ext/grpc/rb_call_credentials.h +31 -0
  1280. data/src/ruby/ext/grpc/rb_channel.c +846 -0
  1281. data/src/ruby/ext/grpc/rb_channel.h +34 -0
  1282. data/src/ruby/ext/grpc/rb_channel_args.c +155 -0
  1283. data/src/ruby/ext/grpc/rb_channel_args.h +38 -0
  1284. data/src/ruby/ext/grpc/rb_channel_credentials.c +286 -0
  1285. data/src/ruby/ext/grpc/rb_channel_credentials.h +37 -0
  1286. data/src/ruby/ext/grpc/rb_completion_queue.c +101 -0
  1287. data/src/ruby/ext/grpc/rb_completion_queue.h +36 -0
  1288. data/src/ruby/ext/grpc/rb_compression_options.c +471 -0
  1289. data/src/ruby/ext/grpc/rb_compression_options.h +29 -0
  1290. data/src/ruby/ext/grpc/rb_enable_cpp.cc +22 -0
  1291. data/src/ruby/ext/grpc/rb_event_thread.c +145 -0
  1292. data/src/ruby/ext/grpc/rb_event_thread.h +21 -0
  1293. data/src/ruby/ext/grpc/rb_grpc.c +333 -0
  1294. data/src/ruby/ext/grpc/rb_grpc.h +77 -0
  1295. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +605 -0
  1296. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +913 -0
  1297. data/src/ruby/ext/grpc/rb_loader.c +57 -0
  1298. data/src/ruby/ext/grpc/rb_loader.h +25 -0
  1299. data/src/ruby/ext/grpc/rb_server.c +385 -0
  1300. data/src/ruby/ext/grpc/rb_server.h +32 -0
  1301. data/src/ruby/ext/grpc/rb_server_credentials.c +259 -0
  1302. data/src/ruby/ext/grpc/rb_server_credentials.h +37 -0
  1303. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +218 -0
  1304. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +37 -0
  1305. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +170 -0
  1306. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +37 -0
  1307. data/src/ruby/lib/grpc/core/status_codes.rb +135 -0
  1308. data/src/ruby/lib/grpc/core/time_consts.rb +56 -0
  1309. data/src/ruby/lib/grpc/errors.rb +277 -0
  1310. data/src/ruby/lib/grpc/generic/active_call.rb +669 -0
  1311. data/src/ruby/lib/grpc/generic/bidi_call.rb +233 -0
  1312. data/src/ruby/lib/grpc/generic/client_stub.rb +503 -0
  1313. data/src/ruby/lib/grpc/generic/interceptor_registry.rb +53 -0
  1314. data/src/ruby/lib/grpc/generic/interceptors.rb +186 -0
  1315. data/src/ruby/lib/grpc/generic/rpc_desc.rb +204 -0
  1316. data/src/ruby/lib/grpc/generic/rpc_server.rb +551 -0
  1317. data/src/ruby/lib/grpc/generic/service.rb +211 -0
  1318. data/src/ruby/lib/grpc/google_rpc_status_utils.rb +40 -0
  1319. data/src/ruby/lib/grpc/grpc.rb +24 -0
  1320. data/src/ruby/lib/grpc/logconfig.rb +44 -0
  1321. data/src/ruby/lib/grpc/notifier.rb +45 -0
  1322. data/src/ruby/lib/grpc/structs.rb +15 -0
  1323. data/src/ruby/lib/grpc/version.rb +18 -0
  1324. data/src/ruby/lib/grpc.rb +37 -0
  1325. data/src/ruby/pb/README.md +42 -0
  1326. data/src/ruby/pb/generate_proto_ruby.sh +51 -0
  1327. data/src/ruby/pb/grpc/health/checker.rb +75 -0
  1328. data/src/ruby/pb/grpc/health/v1/health_pb.rb +31 -0
  1329. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +62 -0
  1330. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +44 -0
  1331. data/src/ruby/pb/grpc/testing/metrics_pb.rb +28 -0
  1332. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +49 -0
  1333. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +17 -0
  1334. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +145 -0
  1335. data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +16 -0
  1336. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +152 -0
  1337. data/src/ruby/spec/call_credentials_spec.rb +42 -0
  1338. data/src/ruby/spec/call_spec.rb +180 -0
  1339. data/src/ruby/spec/channel_connection_spec.rb +126 -0
  1340. data/src/ruby/spec/channel_credentials_spec.rb +124 -0
  1341. data/src/ruby/spec/channel_spec.rb +245 -0
  1342. data/src/ruby/spec/client_auth_spec.rb +152 -0
  1343. data/src/ruby/spec/client_server_spec.rb +664 -0
  1344. data/src/ruby/spec/compression_options_spec.rb +149 -0
  1345. data/src/ruby/spec/debug_message_spec.rb +134 -0
  1346. data/src/ruby/spec/error_sanity_spec.rb +49 -0
  1347. data/src/ruby/spec/errors_spec.rb +142 -0
  1348. data/src/ruby/spec/errors_spec.rb.rej +11 -0
  1349. data/src/ruby/spec/generic/active_call_spec.rb +683 -0
  1350. data/src/ruby/spec/generic/client_interceptors_spec.rb +153 -0
  1351. data/src/ruby/spec/generic/client_stub_spec.rb +1083 -0
  1352. data/src/ruby/spec/generic/interceptor_registry_spec.rb +65 -0
  1353. data/src/ruby/spec/generic/rpc_desc_spec.rb +374 -0
  1354. data/src/ruby/spec/generic/rpc_server_pool_spec.rb +127 -0
  1355. data/src/ruby/spec/generic/rpc_server_spec.rb +748 -0
  1356. data/src/ruby/spec/generic/server_interceptors_spec.rb +218 -0
  1357. data/src/ruby/spec/generic/service_spec.rb +263 -0
  1358. data/src/ruby/spec/google_rpc_status_utils_spec.rb +282 -0
  1359. data/src/ruby/spec/pb/codegen/grpc/testing/package_options.proto +28 -0
  1360. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import.proto +22 -0
  1361. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
  1362. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +41 -0
  1363. data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
  1364. data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
  1365. data/src/ruby/spec/pb/codegen/package_option_spec.rb +98 -0
  1366. data/src/ruby/spec/pb/duplicate/codegen_spec.rb +57 -0
  1367. data/src/ruby/spec/pb/health/checker_spec.rb +236 -0
  1368. data/src/ruby/spec/server_credentials_spec.rb +104 -0
  1369. data/src/ruby/spec/server_spec.rb +231 -0
  1370. data/src/ruby/spec/spec_helper.rb +61 -0
  1371. data/src/ruby/spec/support/helpers.rb +107 -0
  1372. data/src/ruby/spec/support/services.rb +160 -0
  1373. data/src/ruby/spec/testdata/README +1 -0
  1374. data/src/ruby/spec/testdata/ca.pem +20 -0
  1375. data/src/ruby/spec/testdata/client.key +28 -0
  1376. data/src/ruby/spec/testdata/client.pem +20 -0
  1377. data/src/ruby/spec/testdata/server1.key +28 -0
  1378. data/src/ruby/spec/testdata/server1.pem +22 -0
  1379. data/src/ruby/spec/time_consts_spec.rb +74 -0
  1380. data/src/ruby/spec/user_agent_spec.rb +74 -0
  1381. data/third_party/abseil-cpp/absl/algorithm/algorithm.h +159 -0
  1382. data/third_party/abseil-cpp/absl/algorithm/container.h +1764 -0
  1383. data/third_party/abseil-cpp/absl/base/attributes.h +702 -0
  1384. data/third_party/abseil-cpp/absl/base/call_once.h +219 -0
  1385. data/third_party/abseil-cpp/absl/base/casts.h +187 -0
  1386. data/third_party/abseil-cpp/absl/base/config.h +742 -0
  1387. data/third_party/abseil-cpp/absl/base/const_init.h +76 -0
  1388. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +496 -0
  1389. data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +200 -0
  1390. data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +107 -0
  1391. data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +94 -0
  1392. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +169 -0
  1393. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
  1394. data/third_party/abseil-cpp/absl/base/internal/endian.h +327 -0
  1395. data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
  1396. data/third_party/abseil-cpp/absl/base/internal/exponential_biased.cc +93 -0
  1397. data/third_party/abseil-cpp/absl/base/internal/exponential_biased.h +130 -0
  1398. data/third_party/abseil-cpp/absl/base/internal/hide_ptr.h +51 -0
  1399. data/third_party/abseil-cpp/absl/base/internal/identity.h +37 -0
  1400. data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +107 -0
  1401. data/third_party/abseil-cpp/absl/base/internal/invoke.h +187 -0
  1402. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
  1403. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
  1404. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +134 -0
  1405. data/third_party/abseil-cpp/absl/base/internal/per_thread_tls.h +52 -0
  1406. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +242 -0
  1407. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +195 -0
  1408. data/third_party/abseil-cpp/absl/base/internal/scheduling_mode.h +58 -0
  1409. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +229 -0
  1410. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +246 -0
  1411. data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +35 -0
  1412. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +74 -0
  1413. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +46 -0
  1414. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.cc +81 -0
  1415. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +93 -0
  1416. data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +37 -0
  1417. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +439 -0
  1418. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +74 -0
  1419. data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +271 -0
  1420. data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +155 -0
  1421. data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +265 -0
  1422. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +212 -0
  1423. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.h +75 -0
  1424. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +68 -0
  1425. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +82 -0
  1426. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +138 -0
  1427. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +124 -0
  1428. data/third_party/abseil-cpp/absl/base/log_severity.cc +27 -0
  1429. data/third_party/abseil-cpp/absl/base/log_severity.h +121 -0
  1430. data/third_party/abseil-cpp/absl/base/macros.h +158 -0
  1431. data/third_party/abseil-cpp/absl/base/optimization.h +244 -0
  1432. data/third_party/abseil-cpp/absl/base/options.h +238 -0
  1433. data/third_party/abseil-cpp/absl/base/policy_checks.h +111 -0
  1434. data/third_party/abseil-cpp/absl/base/port.h +25 -0
  1435. data/third_party/abseil-cpp/absl/base/thread_annotations.h +335 -0
  1436. data/third_party/abseil-cpp/absl/container/fixed_array.h +532 -0
  1437. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
  1438. data/third_party/abseil-cpp/absl/container/inlined_vector.h +847 -0
  1439. data/third_party/abseil-cpp/absl/container/internal/common.h +206 -0
  1440. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +290 -0
  1441. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +460 -0
  1442. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +161 -0
  1443. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +208 -0
  1444. data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
  1445. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +274 -0
  1446. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +322 -0
  1447. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +31 -0
  1448. data/third_party/abseil-cpp/absl/container/internal/have_sse.h +50 -0
  1449. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +967 -0
  1450. data/third_party/abseil-cpp/absl/container/internal/layout.h +743 -0
  1451. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
  1452. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +61 -0
  1453. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1903 -0
  1454. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +139 -0
  1455. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
  1456. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1949 -0
  1457. data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
  1458. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +382 -0
  1459. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +134 -0
  1460. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +199 -0
  1461. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +134 -0
  1462. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +80 -0
  1463. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +108 -0
  1464. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +253 -0
  1465. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
  1466. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +93 -0
  1467. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +346 -0
  1468. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +147 -0
  1469. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +173 -0
  1470. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
  1471. data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +140 -0
  1472. data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
  1473. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +36 -0
  1474. data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
  1475. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
  1476. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1560 -0
  1477. data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
  1478. data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
  1479. data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
  1480. data/third_party/abseil-cpp/absl/functional/function_ref.h +139 -0
  1481. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
  1482. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
  1483. data/third_party/abseil-cpp/absl/hash/hash.h +325 -0
  1484. data/third_party/abseil-cpp/absl/hash/internal/city.cc +349 -0
  1485. data/third_party/abseil-cpp/absl/hash/internal/city.h +78 -0
  1486. data/third_party/abseil-cpp/absl/hash/internal/hash.cc +70 -0
  1487. data/third_party/abseil-cpp/absl/hash/internal/hash.h +1045 -0
  1488. data/third_party/abseil-cpp/absl/hash/internal/wyhash.cc +111 -0
  1489. data/third_party/abseil-cpp/absl/hash/internal/wyhash.h +48 -0
  1490. data/third_party/abseil-cpp/absl/memory/memory.h +699 -0
  1491. data/third_party/abseil-cpp/absl/meta/type_traits.h +767 -0
  1492. data/third_party/abseil-cpp/absl/numeric/bits.h +177 -0
  1493. data/third_party/abseil-cpp/absl/numeric/int128.cc +390 -0
  1494. data/third_party/abseil-cpp/absl/numeric/int128.h +1092 -0
  1495. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +302 -0
  1496. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +308 -0
  1497. data/third_party/abseil-cpp/absl/numeric/internal/bits.h +358 -0
  1498. data/third_party/abseil-cpp/absl/numeric/internal/representation.h +55 -0
  1499. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +69 -0
  1500. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +396 -0
  1501. data/third_party/abseil-cpp/absl/status/status.cc +452 -0
  1502. data/third_party/abseil-cpp/absl/status/status.h +878 -0
  1503. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +38 -0
  1504. data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
  1505. data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
  1506. data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
  1507. data/third_party/abseil-cpp/absl/strings/ascii.cc +200 -0
  1508. data/third_party/abseil-cpp/absl/strings/ascii.h +242 -0
  1509. data/third_party/abseil-cpp/absl/strings/charconv.cc +984 -0
  1510. data/third_party/abseil-cpp/absl/strings/charconv.h +119 -0
  1511. data/third_party/abseil-cpp/absl/strings/cord.cc +1953 -0
  1512. data/third_party/abseil-cpp/absl/strings/cord.h +1394 -0
  1513. data/third_party/abseil-cpp/absl/strings/escaping.cc +949 -0
  1514. data/third_party/abseil-cpp/absl/strings/escaping.h +164 -0
  1515. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +156 -0
  1516. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +359 -0
  1517. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +423 -0
  1518. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +504 -0
  1519. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.h +99 -0
  1520. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +83 -0
  1521. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +543 -0
  1522. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +146 -0
  1523. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +897 -0
  1524. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +589 -0
  1525. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +114 -0
  1526. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +180 -0
  1527. data/third_party/abseil-cpp/absl/strings/internal/escaping.h +58 -0
  1528. data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +112 -0
  1529. data/third_party/abseil-cpp/absl/strings/internal/memutil.h +148 -0
  1530. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +36 -0
  1531. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +89 -0
  1532. data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +73 -0
  1533. data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +248 -0
  1534. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +488 -0
  1535. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +518 -0
  1536. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +259 -0
  1537. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +217 -0
  1538. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +333 -0
  1539. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +75 -0
  1540. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +427 -0
  1541. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +1423 -0
  1542. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +37 -0
  1543. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
  1544. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +96 -0
  1545. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +350 -0
  1546. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +349 -0
  1547. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +314 -0
  1548. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +430 -0
  1549. data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +64 -0
  1550. data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +53 -0
  1551. data/third_party/abseil-cpp/absl/strings/internal/utf8.h +50 -0
  1552. data/third_party/abseil-cpp/absl/strings/match.cc +43 -0
  1553. data/third_party/abseil-cpp/absl/strings/match.h +100 -0
  1554. data/third_party/abseil-cpp/absl/strings/numbers.cc +1093 -0
  1555. data/third_party/abseil-cpp/absl/strings/numbers.h +266 -0
  1556. data/third_party/abseil-cpp/absl/strings/str_cat.cc +246 -0
  1557. data/third_party/abseil-cpp/absl/strings/str_cat.h +408 -0
  1558. data/third_party/abseil-cpp/absl/strings/str_format.h +813 -0
  1559. data/third_party/abseil-cpp/absl/strings/str_join.h +293 -0
  1560. data/third_party/abseil-cpp/absl/strings/str_replace.cc +82 -0
  1561. data/third_party/abseil-cpp/absl/strings/str_replace.h +219 -0
  1562. data/third_party/abseil-cpp/absl/strings/str_split.cc +139 -0
  1563. data/third_party/abseil-cpp/absl/strings/str_split.h +548 -0
  1564. data/third_party/abseil-cpp/absl/strings/string_view.cc +235 -0
  1565. data/third_party/abseil-cpp/absl/strings/string_view.h +629 -0
  1566. data/third_party/abseil-cpp/absl/strings/strip.h +91 -0
  1567. data/third_party/abseil-cpp/absl/strings/substitute.cc +171 -0
  1568. data/third_party/abseil-cpp/absl/strings/substitute.h +696 -0
  1569. data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
  1570. data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
  1571. data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +57 -0
  1572. data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +99 -0
  1573. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
  1574. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
  1575. data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +154 -0
  1576. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +698 -0
  1577. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
  1578. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +156 -0
  1579. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
  1580. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
  1581. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +428 -0
  1582. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +155 -0
  1583. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2751 -0
  1584. data/third_party/abseil-cpp/absl/synchronization/mutex.h +1082 -0
  1585. data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
  1586. data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
  1587. data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
  1588. data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
  1589. data/third_party/abseil-cpp/absl/time/clock.cc +585 -0
  1590. data/third_party/abseil-cpp/absl/time/clock.h +74 -0
  1591. data/third_party/abseil-cpp/absl/time/duration.cc +954 -0
  1592. data/third_party/abseil-cpp/absl/time/format.cc +160 -0
  1593. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
  1594. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +628 -0
  1595. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +386 -0
  1596. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
  1597. data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
  1598. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
  1599. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
  1600. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1029 -0
  1601. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
  1602. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
  1603. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +113 -0
  1604. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
  1605. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +965 -0
  1606. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +137 -0
  1607. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +315 -0
  1608. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
  1609. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
  1610. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
  1611. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
  1612. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
  1613. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +116 -0
  1614. data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
  1615. data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
  1616. data/third_party/abseil-cpp/absl/time/time.cc +500 -0
  1617. data/third_party/abseil-cpp/absl/time/time.h +1585 -0
  1618. data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +48 -0
  1619. data/third_party/abseil-cpp/absl/types/bad_optional_access.h +78 -0
  1620. data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
  1621. data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
  1622. data/third_party/abseil-cpp/absl/types/internal/optional.h +396 -0
  1623. data/third_party/abseil-cpp/absl/types/internal/span.h +128 -0
  1624. data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
  1625. data/third_party/abseil-cpp/absl/types/optional.h +776 -0
  1626. data/third_party/abseil-cpp/absl/types/span.h +726 -0
  1627. data/third_party/abseil-cpp/absl/types/variant.h +866 -0
  1628. data/third_party/abseil-cpp/absl/utility/utility.h +350 -0
  1629. data/third_party/address_sorting/address_sorting.c +375 -0
  1630. data/third_party/address_sorting/address_sorting_internal.h +70 -0
  1631. data/third_party/address_sorting/address_sorting_posix.c +98 -0
  1632. data/third_party/address_sorting/address_sorting_windows.c +95 -0
  1633. data/third_party/address_sorting/include/address_sorting/address_sorting.h +115 -0
  1634. data/third_party/boringssl-with-bazel/err_data.c +1489 -0
  1635. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +276 -0
  1636. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +122 -0
  1637. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +91 -0
  1638. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +87 -0
  1639. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +195 -0
  1640. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +266 -0
  1641. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +88 -0
  1642. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +420 -0
  1643. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +298 -0
  1644. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +288 -0
  1645. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +77 -0
  1646. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +83 -0
  1647. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +650 -0
  1648. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +266 -0
  1649. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +212 -0
  1650. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +163 -0
  1651. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +264 -0
  1652. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +236 -0
  1653. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +440 -0
  1654. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +80 -0
  1655. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +105 -0
  1656. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +15 -0
  1657. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +93 -0
  1658. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +97 -0
  1659. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +91 -0
  1660. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +196 -0
  1661. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +1193 -0
  1662. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +709 -0
  1663. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +233 -0
  1664. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +332 -0
  1665. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +129 -0
  1666. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +281 -0
  1667. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +206 -0
  1668. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +469 -0
  1669. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +702 -0
  1670. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +324 -0
  1671. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +541 -0
  1672. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +275 -0
  1673. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +311 -0
  1674. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +192 -0
  1675. data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +111 -0
  1676. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +483 -0
  1677. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +115 -0
  1678. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +192 -0
  1679. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +122 -0
  1680. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +156 -0
  1681. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +57 -0
  1682. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +470 -0
  1683. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +172 -0
  1684. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +52 -0
  1685. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +264 -0
  1686. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +728 -0
  1687. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +711 -0
  1688. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +96 -0
  1689. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +155 -0
  1690. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +175 -0
  1691. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +45 -0
  1692. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +127 -0
  1693. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +152 -0
  1694. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesccm.c +447 -0
  1695. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +283 -0
  1696. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +891 -0
  1697. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +343 -0
  1698. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +85 -0
  1699. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +462 -0
  1700. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +87 -0
  1701. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +601 -0
  1702. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +226 -0
  1703. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +338 -0
  1704. data/third_party/boringssl-with-bazel/src/crypto/cmac/cmac.c +278 -0
  1705. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +821 -0
  1706. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +127 -0
  1707. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +31 -0
  1708. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-fuchsia.c +55 -0
  1709. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-linux.c +62 -0
  1710. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
  1711. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +229 -0
  1712. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.h +201 -0
  1713. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +38 -0
  1714. data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +291 -0
  1715. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +38 -0
  1716. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +226 -0
  1717. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +2159 -0
  1718. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +7872 -0
  1719. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +146 -0
  1720. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +539 -0
  1721. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +160 -0
  1722. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +272 -0
  1723. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +268 -0
  1724. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +946 -0
  1725. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +390 -0
  1726. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
  1727. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +559 -0
  1728. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +95 -0
  1729. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +385 -0
  1730. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +56 -0
  1731. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +124 -0
  1732. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +267 -0
  1733. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +99 -0
  1734. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +857 -0
  1735. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +58 -0
  1736. data/third_party/boringssl-with-bazel/src/crypto/evp/digestsign.c +231 -0
  1737. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +456 -0
  1738. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +547 -0
  1739. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +484 -0
  1740. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +269 -0
  1741. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +277 -0
  1742. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +286 -0
  1743. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +255 -0
  1744. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +104 -0
  1745. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +221 -0
  1746. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +648 -0
  1747. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +194 -0
  1748. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +110 -0
  1749. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +248 -0
  1750. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +146 -0
  1751. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +489 -0
  1752. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +211 -0
  1753. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +151 -0
  1754. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +261 -0
  1755. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
  1756. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
  1757. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +238 -0
  1758. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +236 -0
  1759. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +122 -0
  1760. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +266 -0
  1761. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +316 -0
  1762. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c +541 -0
  1763. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +438 -0
  1764. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +230 -0
  1765. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +200 -0
  1766. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +236 -0
  1767. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +902 -0
  1768. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +87 -0
  1769. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +1288 -0
  1770. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +378 -0
  1771. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +326 -0
  1772. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +711 -0
  1773. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +715 -0
  1774. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c +146 -0
  1775. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +502 -0
  1776. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +186 -0
  1777. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +749 -0
  1778. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +1064 -0
  1779. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +341 -0
  1780. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +226 -0
  1781. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +104 -0
  1782. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +364 -0
  1783. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +498 -0
  1784. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +284 -0
  1785. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +636 -0
  1786. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +1473 -0
  1787. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_des.c +237 -0
  1788. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +128 -0
  1789. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +89 -0
  1790. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +784 -0
  1791. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +238 -0
  1792. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +217 -0
  1793. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +456 -0
  1794. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +282 -0
  1795. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +304 -0
  1796. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +112 -0
  1797. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +195 -0
  1798. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +1268 -0
  1799. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +472 -0
  1800. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +524 -0
  1801. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +100 -0
  1802. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +772 -0
  1803. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +328 -0
  1804. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +1180 -0
  1805. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9497 -0
  1806. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +633 -0
  1807. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.h +153 -0
  1808. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +740 -0
  1809. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
  1810. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +175 -0
  1811. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +357 -0
  1812. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +270 -0
  1813. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +255 -0
  1814. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +270 -0
  1815. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +122 -0
  1816. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +339 -0
  1817. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +39 -0
  1818. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +32 -0
  1819. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +228 -0
  1820. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +240 -0
  1821. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +37 -0
  1822. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +284 -0
  1823. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +178 -0
  1824. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +203 -0
  1825. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +201 -0
  1826. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +733 -0
  1827. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
  1828. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +420 -0
  1829. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +97 -0
  1830. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +91 -0
  1831. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +202 -0
  1832. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
  1833. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
  1834. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
  1835. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +184 -0
  1836. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +457 -0
  1837. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +401 -0
  1838. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +243 -0
  1839. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +131 -0
  1840. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +695 -0
  1841. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +935 -0
  1842. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +1416 -0
  1843. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +79 -0
  1844. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +874 -0
  1845. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +53 -0
  1846. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +361 -0
  1847. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +357 -0
  1848. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +321 -0
  1849. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +508 -0
  1850. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +39 -0
  1851. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +165 -0
  1852. data/third_party/boringssl-with-bazel/src/crypto/hkdf/hkdf.c +112 -0
  1853. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +618 -0
  1854. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +2198 -0
  1855. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +68 -0
  1856. data/third_party/boringssl-with-bazel/src/crypto/internal.h +959 -0
  1857. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
  1858. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +353 -0
  1859. data/third_party/boringssl-with-bazel/src/crypto/mem.c +392 -0
  1860. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +553 -0
  1861. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +11585 -0
  1862. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +122 -0
  1863. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +252 -0
  1864. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +358 -0
  1865. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +769 -0
  1866. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +87 -0
  1867. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +255 -0
  1868. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +214 -0
  1869. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +65 -0
  1870. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +65 -0
  1871. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +58 -0
  1872. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +164 -0
  1873. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +526 -0
  1874. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +138 -0
  1875. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +316 -0
  1876. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +530 -0
  1877. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1383 -0
  1878. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +41 -0
  1879. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +321 -0
  1880. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +307 -0
  1881. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +860 -0
  1882. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +45 -0
  1883. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +221 -0
  1884. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +56 -0
  1885. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +46 -0
  1886. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +34 -0
  1887. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
  1888. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +74 -0
  1889. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +73 -0
  1890. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +98 -0
  1891. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +67 -0
  1892. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +53 -0
  1893. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +324 -0
  1894. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +22 -0
  1895. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +82 -0
  1896. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +425 -0
  1897. data/third_party/boringssl-with-bazel/src/crypto/thread.c +110 -0
  1898. data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +59 -0
  1899. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +182 -0
  1900. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +260 -0
  1901. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +318 -0
  1902. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1399 -0
  1903. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +858 -0
  1904. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
  1905. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +96 -0
  1906. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +128 -0
  1907. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +118 -0
  1908. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +163 -0
  1909. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +842 -0
  1910. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +459 -0
  1911. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +277 -0
  1912. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +83 -0
  1913. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +398 -0
  1914. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
  1915. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +400 -0
  1916. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +130 -0
  1917. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +246 -0
  1918. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +365 -0
  1919. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +116 -0
  1920. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +90 -0
  1921. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +358 -0
  1922. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +461 -0
  1923. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +106 -0
  1924. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +103 -0
  1925. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +212 -0
  1926. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +830 -0
  1927. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +199 -0
  1928. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +304 -0
  1929. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +240 -0
  1930. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +331 -0
  1931. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +204 -0
  1932. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +281 -0
  1933. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +2456 -0
  1934. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +651 -0
  1935. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +284 -0
  1936. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +388 -0
  1937. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +84 -0
  1938. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +137 -0
  1939. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +153 -0
  1940. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +386 -0
  1941. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +98 -0
  1942. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +565 -0
  1943. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +77 -0
  1944. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +98 -0
  1945. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +544 -0
  1946. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +106 -0
  1947. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +217 -0
  1948. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +106 -0
  1949. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +94 -0
  1950. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +80 -0
  1951. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +71 -0
  1952. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +394 -0
  1953. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +201 -0
  1954. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +138 -0
  1955. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +84 -0
  1956. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +287 -0
  1957. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +132 -0
  1958. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +217 -0
  1959. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +155 -0
  1960. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +131 -0
  1961. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +189 -0
  1962. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +843 -0
  1963. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +226 -0
  1964. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +72 -0
  1965. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +639 -0
  1966. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +133 -0
  1967. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +144 -0
  1968. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +468 -0
  1969. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +501 -0
  1970. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +563 -0
  1971. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +106 -0
  1972. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +148 -0
  1973. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +266 -0
  1974. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +121 -0
  1975. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +218 -0
  1976. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +91 -0
  1977. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +362 -0
  1978. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +558 -0
  1979. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +68 -0
  1980. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +289 -0
  1981. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +57 -0
  1982. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +139 -0
  1983. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +154 -0
  1984. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +230 -0
  1985. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +929 -0
  1986. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +156 -0
  1987. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1437 -0
  1988. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +480 -0
  1989. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +207 -0
  1990. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +240 -0
  1991. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +1321 -0
  1992. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +18 -0
  1993. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +718 -0
  1994. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +628 -0
  1995. data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +190 -0
  1996. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +939 -0
  1997. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
  1998. data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +93 -0
  1999. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1057 -0
  2000. data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +137 -0
  2001. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +18 -0
  2002. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +586 -0
  2003. data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +96 -0
  2004. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +41 -0
  2005. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +661 -0
  2006. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +91 -0
  2007. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +183 -0
  2008. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +202 -0
  2009. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +169 -0
  2010. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +201 -0
  2011. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +183 -0
  2012. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +361 -0
  2013. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +348 -0
  2014. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +457 -0
  2015. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +16 -0
  2016. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +18 -0
  2017. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +442 -0
  2018. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +372 -0
  2019. data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +118 -0
  2020. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +238 -0
  2021. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +109 -0
  2022. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +466 -0
  2023. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1109 -0
  2024. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +99 -0
  2025. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +203 -0
  2026. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +68 -0
  2027. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +186 -0
  2028. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +350 -0
  2029. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +102 -0
  2030. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +16 -0
  2031. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +81 -0
  2032. data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +108 -0
  2033. data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +109 -0
  2034. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +184 -0
  2035. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +4259 -0
  2036. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +256 -0
  2037. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +18 -0
  2038. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +18 -0
  2039. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +70 -0
  2040. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +18 -0
  2041. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +18 -0
  2042. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +483 -0
  2043. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +18 -0
  2044. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +240 -0
  2045. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +277 -0
  2046. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +49 -0
  2047. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +102 -0
  2048. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +114 -0
  2049. data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +96 -0
  2050. data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +108 -0
  2051. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +859 -0
  2052. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +16 -0
  2053. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +294 -0
  2054. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +37 -0
  2055. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +222 -0
  2056. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +18 -0
  2057. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +5606 -0
  2058. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +333 -0
  2059. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +542 -0
  2060. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +191 -0
  2061. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +647 -0
  2062. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +310 -0
  2063. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +90 -0
  2064. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2450 -0
  2065. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +18 -0
  2066. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1020 -0
  2067. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +192 -0
  2068. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +835 -0
  2069. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +268 -0
  2070. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +273 -0
  2071. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +232 -0
  2072. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +200 -0
  2073. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +353 -0
  2074. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +1084 -0
  2075. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +4325 -0
  2076. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +986 -0
  2077. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +758 -0
  2078. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +1986 -0
  2079. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1956 -0
  2080. data/third_party/boringssl-with-bazel/src/ssl/internal.h +3953 -0
  2081. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +730 -0
  2082. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +219 -0
  2083. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +453 -0
  2084. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +432 -0
  2085. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +896 -0
  2086. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +306 -0
  2087. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +1014 -0
  2088. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +1717 -0
  2089. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +585 -0
  2090. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +400 -0
  2091. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +3068 -0
  2092. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +837 -0
  2093. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +1342 -0
  2094. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +233 -0
  2095. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +272 -0
  2096. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +398 -0
  2097. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +1363 -0
  2098. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +384 -0
  2099. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +733 -0
  2100. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +1122 -0
  2101. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +582 -0
  2102. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +1349 -0
  2103. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +319 -0
  2104. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +705 -0
  2105. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +981 -0
  2106. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +619 -0
  2107. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3147 -0
  2108. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1226 -0
  2109. data/third_party/cares/ares_build.h +223 -0
  2110. data/third_party/cares/cares/ares.h +670 -0
  2111. data/third_party/cares/cares/ares__close_sockets.c +61 -0
  2112. data/third_party/cares/cares/ares__get_hostent.c +261 -0
  2113. data/third_party/cares/cares/ares__read_line.c +73 -0
  2114. data/third_party/cares/cares/ares__timeval.c +111 -0
  2115. data/third_party/cares/cares/ares_cancel.c +63 -0
  2116. data/third_party/cares/cares/ares_create_query.c +206 -0
  2117. data/third_party/cares/cares/ares_data.c +222 -0
  2118. data/third_party/cares/cares/ares_data.h +72 -0
  2119. data/third_party/cares/cares/ares_destroy.c +113 -0
  2120. data/third_party/cares/cares/ares_dns.h +103 -0
  2121. data/third_party/cares/cares/ares_expand_name.c +209 -0
  2122. data/third_party/cares/cares/ares_expand_string.c +70 -0
  2123. data/third_party/cares/cares/ares_fds.c +59 -0
  2124. data/third_party/cares/cares/ares_free_hostent.c +41 -0
  2125. data/third_party/cares/cares/ares_free_string.c +25 -0
  2126. data/third_party/cares/cares/ares_getenv.c +30 -0
  2127. data/third_party/cares/cares/ares_getenv.h +26 -0
  2128. data/third_party/cares/cares/ares_gethostbyaddr.c +294 -0
  2129. data/third_party/cares/cares/ares_gethostbyname.c +529 -0
  2130. data/third_party/cares/cares/ares_getnameinfo.c +453 -0
  2131. data/third_party/cares/cares/ares_getopt.c +122 -0
  2132. data/third_party/cares/cares/ares_getopt.h +53 -0
  2133. data/third_party/cares/cares/ares_getsock.c +66 -0
  2134. data/third_party/cares/cares/ares_inet_net_pton.h +25 -0
  2135. data/third_party/cares/cares/ares_init.c +2615 -0
  2136. data/third_party/cares/cares/ares_iphlpapi.h +221 -0
  2137. data/third_party/cares/cares/ares_ipv6.h +78 -0
  2138. data/third_party/cares/cares/ares_library_init.c +195 -0
  2139. data/third_party/cares/cares/ares_library_init.h +43 -0
  2140. data/third_party/cares/cares/ares_llist.c +63 -0
  2141. data/third_party/cares/cares/ares_llist.h +39 -0
  2142. data/third_party/cares/cares/ares_mkquery.c +24 -0
  2143. data/third_party/cares/cares/ares_nowarn.c +260 -0
  2144. data/third_party/cares/cares/ares_nowarn.h +61 -0
  2145. data/third_party/cares/cares/ares_options.c +406 -0
  2146. data/third_party/cares/cares/ares_parse_a_reply.c +264 -0
  2147. data/third_party/cares/cares/ares_parse_aaaa_reply.c +264 -0
  2148. data/third_party/cares/cares/ares_parse_mx_reply.c +170 -0
  2149. data/third_party/cares/cares/ares_parse_naptr_reply.c +194 -0
  2150. data/third_party/cares/cares/ares_parse_ns_reply.c +183 -0
  2151. data/third_party/cares/cares/ares_parse_ptr_reply.c +221 -0
  2152. data/third_party/cares/cares/ares_parse_soa_reply.c +133 -0
  2153. data/third_party/cares/cares/ares_parse_srv_reply.c +179 -0
  2154. data/third_party/cares/cares/ares_parse_txt_reply.c +220 -0
  2155. data/third_party/cares/cares/ares_platform.c +11042 -0
  2156. data/third_party/cares/cares/ares_platform.h +43 -0
  2157. data/third_party/cares/cares/ares_private.h +382 -0
  2158. data/third_party/cares/cares/ares_process.c +1473 -0
  2159. data/third_party/cares/cares/ares_query.c +186 -0
  2160. data/third_party/cares/cares/ares_rules.h +125 -0
  2161. data/third_party/cares/cares/ares_search.c +323 -0
  2162. data/third_party/cares/cares/ares_send.c +137 -0
  2163. data/third_party/cares/cares/ares_setup.h +217 -0
  2164. data/third_party/cares/cares/ares_strcasecmp.c +66 -0
  2165. data/third_party/cares/cares/ares_strcasecmp.h +30 -0
  2166. data/third_party/cares/cares/ares_strdup.c +49 -0
  2167. data/third_party/cares/cares/ares_strdup.h +24 -0
  2168. data/third_party/cares/cares/ares_strerror.c +56 -0
  2169. data/third_party/cares/cares/ares_strsplit.c +174 -0
  2170. data/third_party/cares/cares/ares_strsplit.h +43 -0
  2171. data/third_party/cares/cares/ares_timeout.c +88 -0
  2172. data/third_party/cares/cares/ares_version.c +11 -0
  2173. data/third_party/cares/cares/ares_version.h +24 -0
  2174. data/third_party/cares/cares/ares_writev.c +79 -0
  2175. data/third_party/cares/cares/bitncmp.c +59 -0
  2176. data/third_party/cares/cares/bitncmp.h +26 -0
  2177. data/third_party/cares/cares/config-win32.h +351 -0
  2178. data/third_party/cares/cares/inet_net_pton.c +450 -0
  2179. data/third_party/cares/cares/inet_ntop.c +207 -0
  2180. data/third_party/cares/cares/setup_once.h +554 -0
  2181. data/third_party/cares/cares/windows_port.c +22 -0
  2182. data/third_party/cares/config_darwin/ares_config.h +428 -0
  2183. data/third_party/cares/config_freebsd/ares_config.h +505 -0
  2184. data/third_party/cares/config_linux/ares_config.h +461 -0
  2185. data/third_party/cares/config_openbsd/ares_config.h +505 -0
  2186. data/third_party/re2/re2/bitmap256.h +117 -0
  2187. data/third_party/re2/re2/bitstate.cc +385 -0
  2188. data/third_party/re2/re2/compile.cc +1261 -0
  2189. data/third_party/re2/re2/dfa.cc +2118 -0
  2190. data/third_party/re2/re2/filtered_re2.cc +137 -0
  2191. data/third_party/re2/re2/filtered_re2.h +114 -0
  2192. data/third_party/re2/re2/mimics_pcre.cc +197 -0
  2193. data/third_party/re2/re2/nfa.cc +713 -0
  2194. data/third_party/re2/re2/onepass.cc +623 -0
  2195. data/third_party/re2/re2/parse.cc +2483 -0
  2196. data/third_party/re2/re2/perl_groups.cc +119 -0
  2197. data/third_party/re2/re2/pod_array.h +55 -0
  2198. data/third_party/re2/re2/prefilter.cc +711 -0
  2199. data/third_party/re2/re2/prefilter.h +108 -0
  2200. data/third_party/re2/re2/prefilter_tree.cc +407 -0
  2201. data/third_party/re2/re2/prefilter_tree.h +139 -0
  2202. data/third_party/re2/re2/prog.cc +1166 -0
  2203. data/third_party/re2/re2/prog.h +455 -0
  2204. data/third_party/re2/re2/re2.cc +1331 -0
  2205. data/third_party/re2/re2/re2.h +1017 -0
  2206. data/third_party/re2/re2/regexp.cc +987 -0
  2207. data/third_party/re2/re2/regexp.h +665 -0
  2208. data/third_party/re2/re2/set.cc +176 -0
  2209. data/third_party/re2/re2/set.h +85 -0
  2210. data/third_party/re2/re2/simplify.cc +665 -0
  2211. data/third_party/re2/re2/sparse_array.h +392 -0
  2212. data/third_party/re2/re2/sparse_set.h +264 -0
  2213. data/third_party/re2/re2/stringpiece.cc +65 -0
  2214. data/third_party/re2/re2/stringpiece.h +210 -0
  2215. data/third_party/re2/re2/tostring.cc +351 -0
  2216. data/third_party/re2/re2/unicode_casefold.cc +582 -0
  2217. data/third_party/re2/re2/unicode_casefold.h +78 -0
  2218. data/third_party/re2/re2/unicode_groups.cc +6269 -0
  2219. data/third_party/re2/re2/unicode_groups.h +67 -0
  2220. data/third_party/re2/re2/walker-inl.h +246 -0
  2221. data/third_party/re2/util/benchmark.h +156 -0
  2222. data/third_party/re2/util/flags.h +26 -0
  2223. data/third_party/re2/util/logging.h +109 -0
  2224. data/third_party/re2/util/malloc_counter.h +19 -0
  2225. data/third_party/re2/util/mix.h +41 -0
  2226. data/third_party/re2/util/mutex.h +148 -0
  2227. data/third_party/re2/util/pcre.cc +1025 -0
  2228. data/third_party/re2/util/pcre.h +681 -0
  2229. data/third_party/re2/util/rune.cc +260 -0
  2230. data/third_party/re2/util/strutil.cc +149 -0
  2231. data/third_party/re2/util/strutil.h +21 -0
  2232. data/third_party/re2/util/test.h +50 -0
  2233. data/third_party/re2/util/utf.h +44 -0
  2234. data/third_party/re2/util/util.h +42 -0
  2235. data/third_party/upb/upb/decode.c +771 -0
  2236. data/third_party/upb/upb/decode.h +68 -0
  2237. data/third_party/upb/upb/decode_fast.c +1053 -0
  2238. data/third_party/upb/upb/decode_fast.h +153 -0
  2239. data/third_party/upb/upb/decode_internal.h +193 -0
  2240. data/third_party/upb/upb/def.c +2168 -0
  2241. data/third_party/upb/upb/def.h +337 -0
  2242. data/third_party/upb/upb/def.hpp +468 -0
  2243. data/third_party/upb/upb/encode.c +511 -0
  2244. data/third_party/upb/upb/encode.h +73 -0
  2245. data/third_party/upb/upb/msg.c +397 -0
  2246. data/third_party/upb/upb/msg.h +108 -0
  2247. data/third_party/upb/upb/msg_internal.h +687 -0
  2248. data/third_party/upb/upb/port_def.inc +253 -0
  2249. data/third_party/upb/upb/port_undef.inc +61 -0
  2250. data/third_party/upb/upb/reflection.c +400 -0
  2251. data/third_party/upb/upb/reflection.h +196 -0
  2252. data/third_party/upb/upb/reflection.hpp +37 -0
  2253. data/third_party/upb/upb/table.c +842 -0
  2254. data/third_party/upb/upb/table_internal.h +351 -0
  2255. data/third_party/upb/upb/text_encode.c +449 -0
  2256. data/third_party/upb/upb/text_encode.h +64 -0
  2257. data/third_party/upb/upb/upb.c +315 -0
  2258. data/third_party/upb/upb/upb.h +367 -0
  2259. data/third_party/upb/upb/upb.hpp +112 -0
  2260. data/third_party/upb/upb/upb_internal.h +58 -0
  2261. data/third_party/xxhash/xxhash.h +5325 -0
  2262. data/third_party/zlib/adler32.c +186 -0
  2263. data/third_party/zlib/compress.c +86 -0
  2264. data/third_party/zlib/crc32.c +442 -0
  2265. data/third_party/zlib/crc32.h +441 -0
  2266. data/third_party/zlib/deflate.c +2163 -0
  2267. data/third_party/zlib/deflate.h +349 -0
  2268. data/third_party/zlib/gzclose.c +25 -0
  2269. data/third_party/zlib/gzguts.h +218 -0
  2270. data/third_party/zlib/gzlib.c +637 -0
  2271. data/third_party/zlib/gzread.c +654 -0
  2272. data/third_party/zlib/gzwrite.c +665 -0
  2273. data/third_party/zlib/infback.c +640 -0
  2274. data/third_party/zlib/inffast.c +323 -0
  2275. data/third_party/zlib/inffast.h +11 -0
  2276. data/third_party/zlib/inffixed.h +94 -0
  2277. data/third_party/zlib/inflate.c +1561 -0
  2278. data/third_party/zlib/inflate.h +125 -0
  2279. data/third_party/zlib/inftrees.c +304 -0
  2280. data/third_party/zlib/inftrees.h +62 -0
  2281. data/third_party/zlib/trees.c +1203 -0
  2282. data/third_party/zlib/trees.h +128 -0
  2283. data/third_party/zlib/uncompr.c +93 -0
  2284. data/third_party/zlib/zconf.h +534 -0
  2285. data/third_party/zlib/zlib.h +1912 -0
  2286. data/third_party/zlib/zutil.c +325 -0
  2287. data/third_party/zlib/zutil.h +271 -0
  2288. metadata +2563 -0
@@ -0,0 +1,4325 @@
1
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
+ * All rights reserved.
3
+ *
4
+ * This package is an SSL implementation written
5
+ * by Eric Young (eay@cryptsoft.com).
6
+ * The implementation was written so as to conform with Netscapes SSL.
7
+ *
8
+ * This library is free for commercial and non-commercial use as long as
9
+ * the following conditions are aheared to. The following conditions
10
+ * apply to all code found in this distribution, be it the RC4, RSA,
11
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
+ * included with this distribution is covered by the same copyright terms
13
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
+ *
15
+ * Copyright remains Eric Young's, and as such any Copyright notices in
16
+ * the code are not to be removed.
17
+ * If this package is used in a product, Eric Young should be given attribution
18
+ * as the author of the parts of the library used.
19
+ * This can be in the form of a textual message at program startup or
20
+ * in documentation (online or textual) provided with the package.
21
+ *
22
+ * Redistribution and use in source and binary forms, with or without
23
+ * modification, are permitted provided that the following conditions
24
+ * are met:
25
+ * 1. Redistributions of source code must retain the copyright
26
+ * notice, this list of conditions and the following disclaimer.
27
+ * 2. Redistributions in binary form must reproduce the above copyright
28
+ * notice, this list of conditions and the following disclaimer in the
29
+ * documentation and/or other materials provided with the distribution.
30
+ * 3. All advertising materials mentioning features or use of this software
31
+ * must display the following acknowledgement:
32
+ * "This product includes cryptographic software written by
33
+ * Eric Young (eay@cryptsoft.com)"
34
+ * The word 'cryptographic' can be left out if the rouines from the library
35
+ * being used are not cryptographic related :-).
36
+ * 4. If you include any Windows specific code (or a derivative thereof) from
37
+ * the apps directory (application code) you must include an acknowledgement:
38
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
+ *
40
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
+ * SUCH DAMAGE.
51
+ *
52
+ * The licence and distribution terms for any publically available version or
53
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
54
+ * copied and put under another distribution licence
55
+ * [including the GNU Public Licence.]
56
+ */
57
+ /* ====================================================================
58
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
+ *
60
+ * Redistribution and use in source and binary forms, with or without
61
+ * modification, are permitted provided that the following conditions
62
+ * are met:
63
+ *
64
+ * 1. Redistributions of source code must retain the above copyright
65
+ * notice, this list of conditions and the following disclaimer.
66
+ *
67
+ * 2. Redistributions in binary form must reproduce the above copyright
68
+ * notice, this list of conditions and the following disclaimer in
69
+ * the documentation and/or other materials provided with the
70
+ * distribution.
71
+ *
72
+ * 3. All advertising materials mentioning features or use of this
73
+ * software must display the following acknowledgment:
74
+ * "This product includes software developed by the OpenSSL Project
75
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
+ *
77
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
+ * endorse or promote products derived from this software without
79
+ * prior written permission. For written permission, please contact
80
+ * openssl-core@openssl.org.
81
+ *
82
+ * 5. Products derived from this software may not be called "OpenSSL"
83
+ * nor may "OpenSSL" appear in their names without prior written
84
+ * permission of the OpenSSL Project.
85
+ *
86
+ * 6. Redistributions of any form whatsoever must retain the following
87
+ * acknowledgment:
88
+ * "This product includes software developed by the OpenSSL Project
89
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
+ *
91
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
103
+ * ====================================================================
104
+ *
105
+ * This product includes cryptographic software written by Eric Young
106
+ * (eay@cryptsoft.com). This product includes software written by Tim
107
+ * Hudson (tjh@cryptsoft.com). */
108
+
109
+ #include <openssl/ssl.h>
110
+
111
+ #include <assert.h>
112
+ #include <limits.h>
113
+ #include <stdlib.h>
114
+ #include <string.h>
115
+
116
+ #include <algorithm>
117
+ #include <utility>
118
+
119
+ #include <openssl/aead.h>
120
+ #include <openssl/bytestring.h>
121
+ #include <openssl/chacha.h>
122
+ #include <openssl/curve25519.h>
123
+ #include <openssl/digest.h>
124
+ #include <openssl/err.h>
125
+ #include <openssl/evp.h>
126
+ #include <openssl/hmac.h>
127
+ #include <openssl/hpke.h>
128
+ #include <openssl/mem.h>
129
+ #include <openssl/nid.h>
130
+ #include <openssl/rand.h>
131
+
132
+ #include "../crypto/internal.h"
133
+ #include "internal.h"
134
+
135
+
136
+ BSSL_NAMESPACE_BEGIN
137
+
138
+ static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs);
139
+ static bool ssl_check_serverhello_tlsext(SSL_HANDSHAKE *hs);
140
+
141
+ static int compare_uint16_t(const void *p1, const void *p2) {
142
+ uint16_t u1 = *((const uint16_t *)p1);
143
+ uint16_t u2 = *((const uint16_t *)p2);
144
+ if (u1 < u2) {
145
+ return -1;
146
+ } else if (u1 > u2) {
147
+ return 1;
148
+ } else {
149
+ return 0;
150
+ }
151
+ }
152
+
153
+ // Per http://tools.ietf.org/html/rfc5246#section-7.4.1.4, there may not be
154
+ // more than one extension of the same type in a ClientHello or ServerHello.
155
+ // This function does an initial scan over the extensions block to filter those
156
+ // out.
157
+ static bool tls1_check_duplicate_extensions(const CBS *cbs) {
158
+ // First pass: count the extensions.
159
+ size_t num_extensions = 0;
160
+ CBS extensions = *cbs;
161
+ while (CBS_len(&extensions) > 0) {
162
+ uint16_t type;
163
+ CBS extension;
164
+
165
+ if (!CBS_get_u16(&extensions, &type) ||
166
+ !CBS_get_u16_length_prefixed(&extensions, &extension)) {
167
+ return false;
168
+ }
169
+
170
+ num_extensions++;
171
+ }
172
+
173
+ if (num_extensions == 0) {
174
+ return true;
175
+ }
176
+
177
+ Array<uint16_t> extension_types;
178
+ if (!extension_types.Init(num_extensions)) {
179
+ return false;
180
+ }
181
+
182
+ // Second pass: gather the extension types.
183
+ extensions = *cbs;
184
+ for (size_t i = 0; i < extension_types.size(); i++) {
185
+ CBS extension;
186
+
187
+ if (!CBS_get_u16(&extensions, &extension_types[i]) ||
188
+ !CBS_get_u16_length_prefixed(&extensions, &extension)) {
189
+ // This should not happen.
190
+ return false;
191
+ }
192
+ }
193
+ assert(CBS_len(&extensions) == 0);
194
+
195
+ // Sort the extensions and make sure there are no duplicates.
196
+ qsort(extension_types.data(), extension_types.size(), sizeof(uint16_t),
197
+ compare_uint16_t);
198
+ for (size_t i = 1; i < num_extensions; i++) {
199
+ if (extension_types[i - 1] == extension_types[i]) {
200
+ return false;
201
+ }
202
+ }
203
+
204
+ return true;
205
+ }
206
+
207
+ static bool is_post_quantum_group(uint16_t id) {
208
+ return id == SSL_CURVE_CECPQ2;
209
+ }
210
+
211
+ bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
212
+ Span<const uint8_t> body) {
213
+ CBS cbs = body;
214
+ if (!ssl_parse_client_hello_with_trailing_data(ssl, &cbs, out) ||
215
+ CBS_len(&cbs) != 0) {
216
+ return false;
217
+ }
218
+ return true;
219
+ }
220
+
221
+ bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
222
+ SSL_CLIENT_HELLO *out) {
223
+ OPENSSL_memset(out, 0, sizeof(*out));
224
+ out->ssl = const_cast<SSL *>(ssl);
225
+
226
+ CBS copy = *cbs;
227
+ CBS random, session_id;
228
+ if (!CBS_get_u16(cbs, &out->version) ||
229
+ !CBS_get_bytes(cbs, &random, SSL3_RANDOM_SIZE) ||
230
+ !CBS_get_u8_length_prefixed(cbs, &session_id) ||
231
+ CBS_len(&session_id) > SSL_MAX_SSL_SESSION_ID_LENGTH) {
232
+ return false;
233
+ }
234
+
235
+ out->random = CBS_data(&random);
236
+ out->random_len = CBS_len(&random);
237
+ out->session_id = CBS_data(&session_id);
238
+ out->session_id_len = CBS_len(&session_id);
239
+
240
+ // Skip past DTLS cookie
241
+ if (SSL_is_dtls(out->ssl)) {
242
+ CBS cookie;
243
+ if (!CBS_get_u8_length_prefixed(cbs, &cookie) ||
244
+ CBS_len(&cookie) > DTLS1_COOKIE_LENGTH) {
245
+ return false;
246
+ }
247
+ }
248
+
249
+ CBS cipher_suites, compression_methods;
250
+ if (!CBS_get_u16_length_prefixed(cbs, &cipher_suites) ||
251
+ CBS_len(&cipher_suites) < 2 || (CBS_len(&cipher_suites) & 1) != 0 ||
252
+ !CBS_get_u8_length_prefixed(cbs, &compression_methods) ||
253
+ CBS_len(&compression_methods) < 1) {
254
+ return false;
255
+ }
256
+
257
+ out->cipher_suites = CBS_data(&cipher_suites);
258
+ out->cipher_suites_len = CBS_len(&cipher_suites);
259
+ out->compression_methods = CBS_data(&compression_methods);
260
+ out->compression_methods_len = CBS_len(&compression_methods);
261
+
262
+ // If the ClientHello ends here then it's valid, but doesn't have any
263
+ // extensions.
264
+ if (CBS_len(cbs) == 0) {
265
+ out->extensions = nullptr;
266
+ out->extensions_len = 0;
267
+ } else {
268
+ // Extract extensions and check it is valid.
269
+ CBS extensions;
270
+ if (!CBS_get_u16_length_prefixed(cbs, &extensions) ||
271
+ !tls1_check_duplicate_extensions(&extensions)) {
272
+ return false;
273
+ }
274
+ out->extensions = CBS_data(&extensions);
275
+ out->extensions_len = CBS_len(&extensions);
276
+ }
277
+
278
+ out->client_hello = CBS_data(&copy);
279
+ out->client_hello_len = CBS_len(&copy) - CBS_len(cbs);
280
+ return true;
281
+ }
282
+
283
+ bool ssl_client_hello_get_extension(const SSL_CLIENT_HELLO *client_hello,
284
+ CBS *out, uint16_t extension_type) {
285
+ CBS extensions;
286
+ CBS_init(&extensions, client_hello->extensions, client_hello->extensions_len);
287
+ while (CBS_len(&extensions) != 0) {
288
+ // Decode the next extension.
289
+ uint16_t type;
290
+ CBS extension;
291
+ if (!CBS_get_u16(&extensions, &type) ||
292
+ !CBS_get_u16_length_prefixed(&extensions, &extension)) {
293
+ return false;
294
+ }
295
+
296
+ if (type == extension_type) {
297
+ *out = extension;
298
+ return true;
299
+ }
300
+ }
301
+
302
+ return false;
303
+ }
304
+
305
+ static const uint16_t kDefaultGroups[] = {
306
+ SSL_CURVE_X25519,
307
+ SSL_CURVE_SECP256R1,
308
+ SSL_CURVE_SECP384R1,
309
+ };
310
+
311
+ Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *hs) {
312
+ if (!hs->config->supported_group_list.empty()) {
313
+ return hs->config->supported_group_list;
314
+ }
315
+ return Span<const uint16_t>(kDefaultGroups);
316
+ }
317
+
318
+ bool tls1_get_shared_group(SSL_HANDSHAKE *hs, uint16_t *out_group_id) {
319
+ SSL *const ssl = hs->ssl;
320
+ assert(ssl->server);
321
+
322
+ // Clients are not required to send a supported_groups extension. In this
323
+ // case, the server is free to pick any group it likes. See RFC 4492,
324
+ // section 4, paragraph 3.
325
+ //
326
+ // However, in the interests of compatibility, we will skip ECDH if the
327
+ // client didn't send an extension because we can't be sure that they'll
328
+ // support our favoured group. Thus we do not special-case an emtpy
329
+ // |peer_supported_group_list|.
330
+
331
+ Span<const uint16_t> groups = tls1_get_grouplist(hs);
332
+ Span<const uint16_t> pref, supp;
333
+ if (ssl->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
334
+ pref = groups;
335
+ supp = hs->peer_supported_group_list;
336
+ } else {
337
+ pref = hs->peer_supported_group_list;
338
+ supp = groups;
339
+ }
340
+
341
+ for (uint16_t pref_group : pref) {
342
+ for (uint16_t supp_group : supp) {
343
+ if (pref_group == supp_group &&
344
+ // CECPQ2(b) doesn't fit in the u8-length-prefixed ECPoint field in
345
+ // TLS 1.2 and below.
346
+ (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
347
+ !is_post_quantum_group(pref_group))) {
348
+ *out_group_id = pref_group;
349
+ return true;
350
+ }
351
+ }
352
+ }
353
+
354
+ return false;
355
+ }
356
+
357
+ bool tls1_set_curves(Array<uint16_t> *out_group_ids, Span<const int> curves) {
358
+ Array<uint16_t> group_ids;
359
+ if (!group_ids.Init(curves.size())) {
360
+ return false;
361
+ }
362
+
363
+ for (size_t i = 0; i < curves.size(); i++) {
364
+ if (!ssl_nid_to_group_id(&group_ids[i], curves[i])) {
365
+ return false;
366
+ }
367
+ }
368
+
369
+ *out_group_ids = std::move(group_ids);
370
+ return true;
371
+ }
372
+
373
+ bool tls1_set_curves_list(Array<uint16_t> *out_group_ids, const char *curves) {
374
+ // Count the number of curves in the list.
375
+ size_t count = 0;
376
+ const char *ptr = curves, *col;
377
+ do {
378
+ col = strchr(ptr, ':');
379
+ count++;
380
+ if (col) {
381
+ ptr = col + 1;
382
+ }
383
+ } while (col);
384
+
385
+ Array<uint16_t> group_ids;
386
+ if (!group_ids.Init(count)) {
387
+ return false;
388
+ }
389
+
390
+ size_t i = 0;
391
+ ptr = curves;
392
+ do {
393
+ col = strchr(ptr, ':');
394
+ if (!ssl_name_to_group_id(&group_ids[i++], ptr,
395
+ col ? (size_t)(col - ptr) : strlen(ptr))) {
396
+ return false;
397
+ }
398
+ if (col) {
399
+ ptr = col + 1;
400
+ }
401
+ } while (col);
402
+
403
+ assert(i == count);
404
+ *out_group_ids = std::move(group_ids);
405
+ return true;
406
+ }
407
+
408
+ bool tls1_check_group_id(const SSL_HANDSHAKE *hs, uint16_t group_id) {
409
+ if (is_post_quantum_group(group_id) &&
410
+ ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
411
+ // CECPQ2(b) requires TLS 1.3.
412
+ return false;
413
+ }
414
+
415
+ // We internally assume zero is never allocated as a group ID.
416
+ if (group_id == 0) {
417
+ return false;
418
+ }
419
+
420
+ for (uint16_t supported : tls1_get_grouplist(hs)) {
421
+ if (supported == group_id) {
422
+ return true;
423
+ }
424
+ }
425
+
426
+ return false;
427
+ }
428
+
429
+ // kVerifySignatureAlgorithms is the default list of accepted signature
430
+ // algorithms for verifying.
431
+ static const uint16_t kVerifySignatureAlgorithms[] = {
432
+ // List our preferred algorithms first.
433
+ SSL_SIGN_ECDSA_SECP256R1_SHA256,
434
+ SSL_SIGN_RSA_PSS_RSAE_SHA256,
435
+ SSL_SIGN_RSA_PKCS1_SHA256,
436
+
437
+ // Larger hashes are acceptable.
438
+ SSL_SIGN_ECDSA_SECP384R1_SHA384,
439
+ SSL_SIGN_RSA_PSS_RSAE_SHA384,
440
+ SSL_SIGN_RSA_PKCS1_SHA384,
441
+
442
+ SSL_SIGN_RSA_PSS_RSAE_SHA512,
443
+ SSL_SIGN_RSA_PKCS1_SHA512,
444
+
445
+ // For now, SHA-1 is still accepted but least preferable.
446
+ SSL_SIGN_RSA_PKCS1_SHA1,
447
+ };
448
+
449
+ // kSignSignatureAlgorithms is the default list of supported signature
450
+ // algorithms for signing.
451
+ static const uint16_t kSignSignatureAlgorithms[] = {
452
+ // List our preferred algorithms first.
453
+ SSL_SIGN_ED25519,
454
+ SSL_SIGN_ECDSA_SECP256R1_SHA256,
455
+ SSL_SIGN_RSA_PSS_RSAE_SHA256,
456
+ SSL_SIGN_RSA_PKCS1_SHA256,
457
+
458
+ // If needed, sign larger hashes.
459
+ //
460
+ // TODO(davidben): Determine which of these may be pruned.
461
+ SSL_SIGN_ECDSA_SECP384R1_SHA384,
462
+ SSL_SIGN_RSA_PSS_RSAE_SHA384,
463
+ SSL_SIGN_RSA_PKCS1_SHA384,
464
+
465
+ SSL_SIGN_ECDSA_SECP521R1_SHA512,
466
+ SSL_SIGN_RSA_PSS_RSAE_SHA512,
467
+ SSL_SIGN_RSA_PKCS1_SHA512,
468
+
469
+ // If the peer supports nothing else, sign with SHA-1.
470
+ SSL_SIGN_ECDSA_SHA1,
471
+ SSL_SIGN_RSA_PKCS1_SHA1,
472
+ };
473
+
474
+ static Span<const uint16_t> tls12_get_verify_sigalgs(const SSL_HANDSHAKE *hs) {
475
+ if (hs->config->verify_sigalgs.empty()) {
476
+ return Span<const uint16_t>(kVerifySignatureAlgorithms);
477
+ }
478
+ return hs->config->verify_sigalgs;
479
+ }
480
+
481
+ bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out) {
482
+ for (uint16_t sigalg : tls12_get_verify_sigalgs(hs)) {
483
+ if (!CBB_add_u16(out, sigalg)) {
484
+ return false;
485
+ }
486
+ }
487
+ return true;
488
+ }
489
+
490
+ bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
491
+ uint16_t sigalg) {
492
+ for (uint16_t verify_sigalg : tls12_get_verify_sigalgs(hs)) {
493
+ if (verify_sigalg == sigalg) {
494
+ return true;
495
+ }
496
+ }
497
+
498
+ OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE);
499
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
500
+ return false;
501
+ }
502
+
503
+ // tls_extension represents a TLS extension that is handled internally.
504
+ //
505
+ // The parse callbacks receive a |CBS| that contains the contents of the
506
+ // extension (i.e. not including the type and length bytes). If an extension is
507
+ // not received then the parse callbacks will be called with a NULL CBS so that
508
+ // they can do any processing needed to handle the absence of an extension.
509
+ //
510
+ // The add callbacks receive a |CBB| to which the extension can be appended but
511
+ // the function is responsible for appending the type and length bytes too.
512
+ //
513
+ // |add_clienthello| may be called multiple times and must not mutate |hs|. It
514
+ // is additionally passed two output |CBB|s. If the extension is the same
515
+ // independent of the value of |type|, the callback may write to
516
+ // |out_compressible| instead of |out|. When serializing the ClientHelloInner,
517
+ // all compressible extensions will be made continguous and replaced with
518
+ // ech_outer_extensions when encrypted. When serializing the ClientHelloOuter
519
+ // or not offering ECH, |out| will be equal to |out_compressible|, so writing to
520
+ // |out_compressible| still works.
521
+ //
522
+ // Note the |parse_serverhello| and |add_serverhello| callbacks refer to the
523
+ // TLS 1.2 ServerHello. In TLS 1.3, these callbacks act on EncryptedExtensions,
524
+ // with ServerHello extensions handled elsewhere in the handshake.
525
+ //
526
+ // All callbacks return true for success and false for error. If a parse
527
+ // function returns zero then a fatal alert with value |*out_alert| will be
528
+ // sent. If |*out_alert| isn't set, then a |decode_error| alert will be sent.
529
+ struct tls_extension {
530
+ uint16_t value;
531
+
532
+ bool (*add_clienthello)(const SSL_HANDSHAKE *hs, CBB *out,
533
+ CBB *out_compressible, ssl_client_hello_type_t type);
534
+ bool (*parse_serverhello)(SSL_HANDSHAKE *hs, uint8_t *out_alert,
535
+ CBS *contents);
536
+
537
+ bool (*parse_clienthello)(SSL_HANDSHAKE *hs, uint8_t *out_alert,
538
+ CBS *contents);
539
+ bool (*add_serverhello)(SSL_HANDSHAKE *hs, CBB *out);
540
+ };
541
+
542
+ static bool forbid_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
543
+ CBS *contents) {
544
+ if (contents != NULL) {
545
+ // Servers MUST NOT send this extension.
546
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
547
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
548
+ return false;
549
+ }
550
+
551
+ return true;
552
+ }
553
+
554
+ static bool ignore_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
555
+ CBS *contents) {
556
+ // This extension from the client is handled elsewhere.
557
+ return true;
558
+ }
559
+
560
+ static bool dont_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
561
+ return true;
562
+ }
563
+
564
+ // Server name indication (SNI).
565
+ //
566
+ // https://tools.ietf.org/html/rfc6066#section-3.
567
+
568
+ static bool ext_sni_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
569
+ CBB *out_compressible,
570
+ ssl_client_hello_type_t type) {
571
+ const SSL *const ssl = hs->ssl;
572
+ // If offering ECH, send the public name instead of the configured name.
573
+ Span<const uint8_t> hostname;
574
+ if (type == ssl_client_hello_outer) {
575
+ hostname = hs->selected_ech_config->public_name;
576
+ } else {
577
+ if (ssl->hostname == nullptr) {
578
+ return true;
579
+ }
580
+ hostname =
581
+ MakeConstSpan(reinterpret_cast<const uint8_t *>(ssl->hostname.get()),
582
+ strlen(ssl->hostname.get()));
583
+ }
584
+
585
+ CBB contents, server_name_list, name;
586
+ if (!CBB_add_u16(out, TLSEXT_TYPE_server_name) ||
587
+ !CBB_add_u16_length_prefixed(out, &contents) ||
588
+ !CBB_add_u16_length_prefixed(&contents, &server_name_list) ||
589
+ !CBB_add_u8(&server_name_list, TLSEXT_NAMETYPE_host_name) ||
590
+ !CBB_add_u16_length_prefixed(&server_name_list, &name) ||
591
+ !CBB_add_bytes(&name, hostname.data(), hostname.size()) ||
592
+ !CBB_flush(out)) {
593
+ return false;
594
+ }
595
+
596
+ return true;
597
+ }
598
+
599
+ static bool ext_sni_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
600
+ CBS *contents) {
601
+ // The server may acknowledge SNI with an empty extension. We check the syntax
602
+ // but otherwise ignore this signal.
603
+ return contents == NULL || CBS_len(contents) == 0;
604
+ }
605
+
606
+ static bool ext_sni_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
607
+ CBS *contents) {
608
+ // SNI has already been parsed earlier in the handshake. See |extract_sni|.
609
+ return true;
610
+ }
611
+
612
+ static bool ext_sni_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
613
+ if (hs->ssl->s3->session_reused ||
614
+ !hs->should_ack_sni) {
615
+ return true;
616
+ }
617
+
618
+ if (!CBB_add_u16(out, TLSEXT_TYPE_server_name) ||
619
+ !CBB_add_u16(out, 0 /* length */)) {
620
+ return false;
621
+ }
622
+
623
+ return true;
624
+ }
625
+
626
+
627
+ // Encrypted ClientHello (ECH)
628
+ //
629
+ // https://tools.ietf.org/html/draft-ietf-tls-esni-13
630
+
631
+ static bool ext_ech_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
632
+ CBB *out_compressible,
633
+ ssl_client_hello_type_t type) {
634
+ if (type == ssl_client_hello_inner) {
635
+ if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
636
+ !CBB_add_u16(out, /* length */ 1) ||
637
+ !CBB_add_u8(out, ECH_CLIENT_INNER)) {
638
+ return false;
639
+ }
640
+ return true;
641
+ }
642
+
643
+ if (hs->ech_client_outer.empty()) {
644
+ return true;
645
+ }
646
+
647
+ CBB ech_body;
648
+ if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
649
+ !CBB_add_u16_length_prefixed(out, &ech_body) ||
650
+ !CBB_add_u8(&ech_body, ECH_CLIENT_OUTER) ||
651
+ !CBB_add_bytes(&ech_body, hs->ech_client_outer.data(),
652
+ hs->ech_client_outer.size()) ||
653
+ !CBB_flush(out)) {
654
+ return false;
655
+ }
656
+ return true;
657
+ }
658
+
659
+ static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
660
+ CBS *contents) {
661
+ SSL *const ssl = hs->ssl;
662
+ if (contents == NULL) {
663
+ return true;
664
+ }
665
+
666
+ // The ECH extension may not be sent in TLS 1.2 ServerHello, only TLS 1.3
667
+ // EncryptedExtensions. It also may not be sent in response to an inner ECH
668
+ // extension.
669
+ if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
670
+ ssl->s3->ech_status == ssl_ech_accepted) {
671
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
672
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
673
+ return false;
674
+ }
675
+
676
+ if (!ssl_is_valid_ech_config_list(*contents)) {
677
+ *out_alert = SSL_AD_DECODE_ERROR;
678
+ return false;
679
+ }
680
+
681
+ if (ssl->s3->ech_status == ssl_ech_rejected &&
682
+ !hs->ech_retry_configs.CopyFrom(*contents)) {
683
+ *out_alert = SSL_AD_INTERNAL_ERROR;
684
+ return false;
685
+ }
686
+
687
+ return true;
688
+ }
689
+
690
+ static bool ext_ech_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
691
+ CBS *contents) {
692
+ if (contents == nullptr) {
693
+ return true;
694
+ }
695
+
696
+ uint8_t type;
697
+ if (!CBS_get_u8(contents, &type)) {
698
+ return false;
699
+ }
700
+ if (type == ECH_CLIENT_OUTER) {
701
+ // Outer ECH extensions are handled outside the callback.
702
+ return true;
703
+ }
704
+ if (type != ECH_CLIENT_INNER || CBS_len(contents) != 0) {
705
+ return false;
706
+ }
707
+
708
+ hs->ech_is_inner = true;
709
+ return true;
710
+ }
711
+
712
+ static bool ext_ech_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
713
+ SSL *const ssl = hs->ssl;
714
+ if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
715
+ ssl->s3->ech_status == ssl_ech_accepted || //
716
+ hs->ech_keys == nullptr) {
717
+ return true;
718
+ }
719
+
720
+ // Write the list of retry configs to |out|. Note |SSL_CTX_set1_ech_keys|
721
+ // ensures |ech_keys| contains at least one retry config.
722
+ CBB body, retry_configs;
723
+ if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
724
+ !CBB_add_u16_length_prefixed(out, &body) ||
725
+ !CBB_add_u16_length_prefixed(&body, &retry_configs)) {
726
+ return false;
727
+ }
728
+ for (const auto &config : hs->ech_keys->configs) {
729
+ if (!config->is_retry_config()) {
730
+ continue;
731
+ }
732
+ if (!CBB_add_bytes(&retry_configs, config->ech_config().raw.data(),
733
+ config->ech_config().raw.size())) {
734
+ return false;
735
+ }
736
+ }
737
+ return CBB_flush(out);
738
+ }
739
+
740
+
741
+ // Renegotiation indication.
742
+ //
743
+ // https://tools.ietf.org/html/rfc5746
744
+
745
+ static bool ext_ri_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
746
+ CBB *out_compressible,
747
+ ssl_client_hello_type_t type) {
748
+ const SSL *const ssl = hs->ssl;
749
+ // Renegotiation indication is not necessary in TLS 1.3.
750
+ if (hs->min_version >= TLS1_3_VERSION ||
751
+ type == ssl_client_hello_inner) {
752
+ return true;
753
+ }
754
+
755
+ assert(ssl->s3->initial_handshake_complete ==
756
+ (ssl->s3->previous_client_finished_len != 0));
757
+
758
+ CBB contents, prev_finished;
759
+ if (!CBB_add_u16(out, TLSEXT_TYPE_renegotiate) ||
760
+ !CBB_add_u16_length_prefixed(out, &contents) ||
761
+ !CBB_add_u8_length_prefixed(&contents, &prev_finished) ||
762
+ !CBB_add_bytes(&prev_finished, ssl->s3->previous_client_finished,
763
+ ssl->s3->previous_client_finished_len) ||
764
+ !CBB_flush(out)) {
765
+ return false;
766
+ }
767
+
768
+ return true;
769
+ }
770
+
771
+ static bool ext_ri_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
772
+ CBS *contents) {
773
+ SSL *const ssl = hs->ssl;
774
+ if (contents != NULL && ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
775
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
776
+ return false;
777
+ }
778
+
779
+ // Servers may not switch between omitting the extension and supporting it.
780
+ // See RFC 5746, sections 3.5 and 4.2.
781
+ if (ssl->s3->initial_handshake_complete &&
782
+ (contents != NULL) != ssl->s3->send_connection_binding) {
783
+ *out_alert = SSL_AD_HANDSHAKE_FAILURE;
784
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
785
+ return false;
786
+ }
787
+
788
+ if (contents == NULL) {
789
+ // Strictly speaking, if we want to avoid an attack we should *always* see
790
+ // RI even on initial ServerHello because the client doesn't see any
791
+ // renegotiation during an attack. However this would mean we could not
792
+ // connect to any server which doesn't support RI.
793
+ //
794
+ // OpenSSL has |SSL_OP_LEGACY_SERVER_CONNECT| to control this, but in
795
+ // practical terms every client sets it so it's just assumed here.
796
+ return true;
797
+ }
798
+
799
+ const size_t expected_len = ssl->s3->previous_client_finished_len +
800
+ ssl->s3->previous_server_finished_len;
801
+
802
+ // Check for logic errors
803
+ assert(!expected_len || ssl->s3->previous_client_finished_len);
804
+ assert(!expected_len || ssl->s3->previous_server_finished_len);
805
+ assert(ssl->s3->initial_handshake_complete ==
806
+ (ssl->s3->previous_client_finished_len != 0));
807
+ assert(ssl->s3->initial_handshake_complete ==
808
+ (ssl->s3->previous_server_finished_len != 0));
809
+
810
+ // Parse out the extension contents.
811
+ CBS renegotiated_connection;
812
+ if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) ||
813
+ CBS_len(contents) != 0) {
814
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR);
815
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
816
+ return false;
817
+ }
818
+
819
+ // Check that the extension matches.
820
+ if (CBS_len(&renegotiated_connection) != expected_len) {
821
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
822
+ *out_alert = SSL_AD_HANDSHAKE_FAILURE;
823
+ return false;
824
+ }
825
+
826
+ const uint8_t *d = CBS_data(&renegotiated_connection);
827
+ bool ok = CRYPTO_memcmp(d, ssl->s3->previous_client_finished,
828
+ ssl->s3->previous_client_finished_len) == 0;
829
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
830
+ ok = true;
831
+ #endif
832
+ if (!ok) {
833
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
834
+ *out_alert = SSL_AD_HANDSHAKE_FAILURE;
835
+ return false;
836
+ }
837
+ d += ssl->s3->previous_client_finished_len;
838
+
839
+ ok = CRYPTO_memcmp(d, ssl->s3->previous_server_finished,
840
+ ssl->s3->previous_server_finished_len) == 0;
841
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
842
+ ok = true;
843
+ #endif
844
+ if (!ok) {
845
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
846
+ *out_alert = SSL_AD_HANDSHAKE_FAILURE;
847
+ return false;
848
+ }
849
+ ssl->s3->send_connection_binding = true;
850
+
851
+ return true;
852
+ }
853
+
854
+ static bool ext_ri_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
855
+ CBS *contents) {
856
+ SSL *const ssl = hs->ssl;
857
+ // Renegotiation isn't supported as a server so this function should never be
858
+ // called after the initial handshake.
859
+ assert(!ssl->s3->initial_handshake_complete);
860
+
861
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
862
+ return true;
863
+ }
864
+
865
+ if (contents == NULL) {
866
+ return true;
867
+ }
868
+
869
+ CBS renegotiated_connection;
870
+ if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) ||
871
+ CBS_len(contents) != 0) {
872
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR);
873
+ return false;
874
+ }
875
+
876
+ // Check that the extension matches. We do not support renegotiation as a
877
+ // server, so this must be empty.
878
+ if (CBS_len(&renegotiated_connection) != 0) {
879
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
880
+ *out_alert = SSL_AD_HANDSHAKE_FAILURE;
881
+ return false;
882
+ }
883
+
884
+ ssl->s3->send_connection_binding = true;
885
+
886
+ return true;
887
+ }
888
+
889
+ static bool ext_ri_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
890
+ SSL *const ssl = hs->ssl;
891
+ // Renegotiation isn't supported as a server so this function should never be
892
+ // called after the initial handshake.
893
+ assert(!ssl->s3->initial_handshake_complete);
894
+
895
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
896
+ return true;
897
+ }
898
+
899
+ if (!CBB_add_u16(out, TLSEXT_TYPE_renegotiate) ||
900
+ !CBB_add_u16(out, 1 /* length */) ||
901
+ !CBB_add_u8(out, 0 /* empty renegotiation info */)) {
902
+ return false;
903
+ }
904
+
905
+ return true;
906
+ }
907
+
908
+
909
+ // Extended Master Secret.
910
+ //
911
+ // https://tools.ietf.org/html/rfc7627
912
+
913
+ static bool ext_ems_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
914
+ CBB *out_compressible,
915
+ ssl_client_hello_type_t type) {
916
+ // Extended master secret is not necessary in TLS 1.3.
917
+ if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner) {
918
+ return true;
919
+ }
920
+
921
+ if (!CBB_add_u16(out, TLSEXT_TYPE_extended_master_secret) ||
922
+ !CBB_add_u16(out, 0 /* length */)) {
923
+ return false;
924
+ }
925
+
926
+ return true;
927
+ }
928
+
929
+ static bool ext_ems_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
930
+ CBS *contents) {
931
+ SSL *const ssl = hs->ssl;
932
+
933
+ if (contents != NULL) {
934
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
935
+ CBS_len(contents) != 0) {
936
+ return false;
937
+ }
938
+
939
+ hs->extended_master_secret = true;
940
+ }
941
+
942
+ // Whether EMS is negotiated may not change on renegotiation.
943
+ if (ssl->s3->established_session != nullptr &&
944
+ hs->extended_master_secret !=
945
+ !!ssl->s3->established_session->extended_master_secret) {
946
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_EMS_MISMATCH);
947
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
948
+ return false;
949
+ }
950
+
951
+ return true;
952
+ }
953
+
954
+ static bool ext_ems_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
955
+ CBS *contents) {
956
+ if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
957
+ return true;
958
+ }
959
+
960
+ if (contents == NULL) {
961
+ return true;
962
+ }
963
+
964
+ if (CBS_len(contents) != 0) {
965
+ return false;
966
+ }
967
+
968
+ hs->extended_master_secret = true;
969
+ return true;
970
+ }
971
+
972
+ static bool ext_ems_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
973
+ if (!hs->extended_master_secret) {
974
+ return true;
975
+ }
976
+
977
+ if (!CBB_add_u16(out, TLSEXT_TYPE_extended_master_secret) ||
978
+ !CBB_add_u16(out, 0 /* length */)) {
979
+ return false;
980
+ }
981
+
982
+ return true;
983
+ }
984
+
985
+
986
+ // Session tickets.
987
+ //
988
+ // https://tools.ietf.org/html/rfc5077
989
+
990
+ static bool ext_ticket_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
991
+ CBB *out_compressible,
992
+ ssl_client_hello_type_t type) {
993
+ const SSL *const ssl = hs->ssl;
994
+ // TLS 1.3 uses a different ticket extension.
995
+ if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner ||
996
+ SSL_get_options(ssl) & SSL_OP_NO_TICKET) {
997
+ return true;
998
+ }
999
+
1000
+ Span<const uint8_t> ticket;
1001
+
1002
+ // Renegotiation does not participate in session resumption. However, still
1003
+ // advertise the extension to avoid potentially breaking servers which carry
1004
+ // over the state from the previous handshake, such as OpenSSL servers
1005
+ // without upstream's 3c3f0259238594d77264a78944d409f2127642c4.
1006
+ if (!ssl->s3->initial_handshake_complete &&
1007
+ ssl->session != nullptr &&
1008
+ !ssl->session->ticket.empty() &&
1009
+ // Don't send TLS 1.3 session tickets in the ticket extension.
1010
+ ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION) {
1011
+ ticket = ssl->session->ticket;
1012
+ }
1013
+
1014
+ CBB ticket_cbb;
1015
+ if (!CBB_add_u16(out, TLSEXT_TYPE_session_ticket) ||
1016
+ !CBB_add_u16_length_prefixed(out, &ticket_cbb) ||
1017
+ !CBB_add_bytes(&ticket_cbb, ticket.data(), ticket.size()) ||
1018
+ !CBB_flush(out)) {
1019
+ return false;
1020
+ }
1021
+
1022
+ return true;
1023
+ }
1024
+
1025
+ static bool ext_ticket_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1026
+ CBS *contents) {
1027
+ SSL *const ssl = hs->ssl;
1028
+ if (contents == NULL) {
1029
+ return true;
1030
+ }
1031
+
1032
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1033
+ return false;
1034
+ }
1035
+
1036
+ // If |SSL_OP_NO_TICKET| is set then no extension will have been sent and
1037
+ // this function should never be called, even if the server tries to send the
1038
+ // extension.
1039
+ assert((SSL_get_options(ssl) & SSL_OP_NO_TICKET) == 0);
1040
+
1041
+ if (CBS_len(contents) != 0) {
1042
+ return false;
1043
+ }
1044
+
1045
+ hs->ticket_expected = true;
1046
+ return true;
1047
+ }
1048
+
1049
+ static bool ext_ticket_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1050
+ if (!hs->ticket_expected) {
1051
+ return true;
1052
+ }
1053
+
1054
+ // If |SSL_OP_NO_TICKET| is set, |ticket_expected| should never be true.
1055
+ assert((SSL_get_options(hs->ssl) & SSL_OP_NO_TICKET) == 0);
1056
+
1057
+ if (!CBB_add_u16(out, TLSEXT_TYPE_session_ticket) ||
1058
+ !CBB_add_u16(out, 0 /* length */)) {
1059
+ return false;
1060
+ }
1061
+
1062
+ return true;
1063
+ }
1064
+
1065
+
1066
+ // Signature Algorithms.
1067
+ //
1068
+ // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
1069
+
1070
+ static bool ext_sigalgs_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1071
+ CBB *out_compressible,
1072
+ ssl_client_hello_type_t type) {
1073
+ if (hs->max_version < TLS1_2_VERSION) {
1074
+ return true;
1075
+ }
1076
+
1077
+ CBB contents, sigalgs_cbb;
1078
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_signature_algorithms) ||
1079
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1080
+ !CBB_add_u16_length_prefixed(&contents, &sigalgs_cbb) ||
1081
+ !tls12_add_verify_sigalgs(hs, &sigalgs_cbb) ||
1082
+ !CBB_flush(out_compressible)) {
1083
+ return false;
1084
+ }
1085
+
1086
+ return true;
1087
+ }
1088
+
1089
+ static bool ext_sigalgs_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1090
+ CBS *contents) {
1091
+ hs->peer_sigalgs.Reset();
1092
+ if (contents == NULL) {
1093
+ return true;
1094
+ }
1095
+
1096
+ CBS supported_signature_algorithms;
1097
+ if (!CBS_get_u16_length_prefixed(contents, &supported_signature_algorithms) ||
1098
+ CBS_len(contents) != 0 ||
1099
+ !tls1_parse_peer_sigalgs(hs, &supported_signature_algorithms)) {
1100
+ return false;
1101
+ }
1102
+
1103
+ return true;
1104
+ }
1105
+
1106
+
1107
+ // OCSP Stapling.
1108
+ //
1109
+ // https://tools.ietf.org/html/rfc6066#section-8
1110
+
1111
+ static bool ext_ocsp_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1112
+ CBB *out_compressible,
1113
+ ssl_client_hello_type_t type) {
1114
+ if (!hs->config->ocsp_stapling_enabled) {
1115
+ return true;
1116
+ }
1117
+
1118
+ CBB contents;
1119
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_status_request) ||
1120
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1121
+ !CBB_add_u8(&contents, TLSEXT_STATUSTYPE_ocsp) ||
1122
+ !CBB_add_u16(&contents, 0 /* empty responder ID list */) ||
1123
+ !CBB_add_u16(&contents, 0 /* empty request extensions */) ||
1124
+ !CBB_flush(out_compressible)) {
1125
+ return false;
1126
+ }
1127
+
1128
+ return true;
1129
+ }
1130
+
1131
+ static bool ext_ocsp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1132
+ CBS *contents) {
1133
+ SSL *const ssl = hs->ssl;
1134
+ if (contents == NULL) {
1135
+ return true;
1136
+ }
1137
+
1138
+ // TLS 1.3 OCSP responses are included in the Certificate extensions.
1139
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1140
+ return false;
1141
+ }
1142
+
1143
+ // OCSP stapling is forbidden on non-certificate ciphers.
1144
+ if (CBS_len(contents) != 0 ||
1145
+ !ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
1146
+ return false;
1147
+ }
1148
+
1149
+ // Note this does not check for resumption in TLS 1.2. Sending
1150
+ // status_request here does not make sense, but OpenSSL does so and the
1151
+ // specification does not say anything. Tolerate it but ignore it.
1152
+
1153
+ hs->certificate_status_expected = true;
1154
+ return true;
1155
+ }
1156
+
1157
+ static bool ext_ocsp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1158
+ CBS *contents) {
1159
+ if (contents == NULL) {
1160
+ return true;
1161
+ }
1162
+
1163
+ uint8_t status_type;
1164
+ if (!CBS_get_u8(contents, &status_type)) {
1165
+ return false;
1166
+ }
1167
+
1168
+ // We cannot decide whether OCSP stapling will occur yet because the correct
1169
+ // SSL_CTX might not have been selected.
1170
+ hs->ocsp_stapling_requested = status_type == TLSEXT_STATUSTYPE_ocsp;
1171
+
1172
+ return true;
1173
+ }
1174
+
1175
+ static bool ext_ocsp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1176
+ SSL *const ssl = hs->ssl;
1177
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
1178
+ !hs->ocsp_stapling_requested || hs->config->cert->ocsp_response == NULL ||
1179
+ ssl->s3->session_reused ||
1180
+ !ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
1181
+ return true;
1182
+ }
1183
+
1184
+ hs->certificate_status_expected = true;
1185
+
1186
+ return CBB_add_u16(out, TLSEXT_TYPE_status_request) &&
1187
+ CBB_add_u16(out, 0 /* length */);
1188
+ }
1189
+
1190
+
1191
+ // Next protocol negotiation.
1192
+ //
1193
+ // https://htmlpreview.github.io/?https://github.com/agl/technotes/blob/master/nextprotoneg.html
1194
+
1195
+ static bool ext_npn_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1196
+ CBB *out_compressible,
1197
+ ssl_client_hello_type_t type) {
1198
+ const SSL *const ssl = hs->ssl;
1199
+ if (ssl->ctx->next_proto_select_cb == NULL ||
1200
+ // Do not allow NPN to change on renegotiation.
1201
+ ssl->s3->initial_handshake_complete ||
1202
+ // NPN is not defined in DTLS or TLS 1.3.
1203
+ SSL_is_dtls(ssl) || hs->min_version >= TLS1_3_VERSION ||
1204
+ type == ssl_client_hello_inner) {
1205
+ return true;
1206
+ }
1207
+
1208
+ if (!CBB_add_u16(out, TLSEXT_TYPE_next_proto_neg) ||
1209
+ !CBB_add_u16(out, 0 /* length */)) {
1210
+ return false;
1211
+ }
1212
+
1213
+ return true;
1214
+ }
1215
+
1216
+ static bool ext_npn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1217
+ CBS *contents) {
1218
+ SSL *const ssl = hs->ssl;
1219
+ if (contents == NULL) {
1220
+ return true;
1221
+ }
1222
+
1223
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1224
+ return false;
1225
+ }
1226
+
1227
+ // If any of these are false then we should never have sent the NPN
1228
+ // extension in the ClientHello and thus this function should never have been
1229
+ // called.
1230
+ assert(!ssl->s3->initial_handshake_complete);
1231
+ assert(!SSL_is_dtls(ssl));
1232
+ assert(ssl->ctx->next_proto_select_cb != NULL);
1233
+
1234
+ if (!ssl->s3->alpn_selected.empty()) {
1235
+ // NPN and ALPN may not be negotiated in the same connection.
1236
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1237
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN);
1238
+ return false;
1239
+ }
1240
+
1241
+ const uint8_t *const orig_contents = CBS_data(contents);
1242
+ const size_t orig_len = CBS_len(contents);
1243
+
1244
+ while (CBS_len(contents) != 0) {
1245
+ CBS proto;
1246
+ if (!CBS_get_u8_length_prefixed(contents, &proto) ||
1247
+ CBS_len(&proto) == 0) {
1248
+ return false;
1249
+ }
1250
+ }
1251
+
1252
+ uint8_t *selected;
1253
+ uint8_t selected_len;
1254
+ if (ssl->ctx->next_proto_select_cb(
1255
+ ssl, &selected, &selected_len, orig_contents, orig_len,
1256
+ ssl->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK ||
1257
+ !ssl->s3->next_proto_negotiated.CopyFrom(
1258
+ MakeConstSpan(selected, selected_len))) {
1259
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1260
+ return false;
1261
+ }
1262
+
1263
+ hs->next_proto_neg_seen = true;
1264
+ return true;
1265
+ }
1266
+
1267
+ static bool ext_npn_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1268
+ CBS *contents) {
1269
+ SSL *const ssl = hs->ssl;
1270
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1271
+ return true;
1272
+ }
1273
+
1274
+ if (contents != NULL && CBS_len(contents) != 0) {
1275
+ return false;
1276
+ }
1277
+
1278
+ if (contents == NULL ||
1279
+ ssl->s3->initial_handshake_complete ||
1280
+ ssl->ctx->next_protos_advertised_cb == NULL ||
1281
+ SSL_is_dtls(ssl)) {
1282
+ return true;
1283
+ }
1284
+
1285
+ hs->next_proto_neg_seen = true;
1286
+ return true;
1287
+ }
1288
+
1289
+ static bool ext_npn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1290
+ SSL *const ssl = hs->ssl;
1291
+ // |next_proto_neg_seen| might have been cleared when an ALPN extension was
1292
+ // parsed.
1293
+ if (!hs->next_proto_neg_seen) {
1294
+ return true;
1295
+ }
1296
+
1297
+ const uint8_t *npa;
1298
+ unsigned npa_len;
1299
+
1300
+ if (ssl->ctx->next_protos_advertised_cb(
1301
+ ssl, &npa, &npa_len, ssl->ctx->next_protos_advertised_cb_arg) !=
1302
+ SSL_TLSEXT_ERR_OK) {
1303
+ hs->next_proto_neg_seen = false;
1304
+ return true;
1305
+ }
1306
+
1307
+ CBB contents;
1308
+ if (!CBB_add_u16(out, TLSEXT_TYPE_next_proto_neg) ||
1309
+ !CBB_add_u16_length_prefixed(out, &contents) ||
1310
+ !CBB_add_bytes(&contents, npa, npa_len) ||
1311
+ !CBB_flush(out)) {
1312
+ return false;
1313
+ }
1314
+
1315
+ return true;
1316
+ }
1317
+
1318
+
1319
+ // Signed certificate timestamps.
1320
+ //
1321
+ // https://tools.ietf.org/html/rfc6962#section-3.3.1
1322
+
1323
+ static bool ext_sct_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1324
+ CBB *out_compressible,
1325
+ ssl_client_hello_type_t type) {
1326
+ if (!hs->config->signed_cert_timestamps_enabled) {
1327
+ return true;
1328
+ }
1329
+
1330
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_certificate_timestamp) ||
1331
+ !CBB_add_u16(out_compressible, 0 /* length */)) {
1332
+ return false;
1333
+ }
1334
+
1335
+ return true;
1336
+ }
1337
+
1338
+ static bool ext_sct_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1339
+ CBS *contents) {
1340
+ SSL *const ssl = hs->ssl;
1341
+ if (contents == NULL) {
1342
+ return true;
1343
+ }
1344
+
1345
+ // TLS 1.3 SCTs are included in the Certificate extensions.
1346
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1347
+ *out_alert = SSL_AD_DECODE_ERROR;
1348
+ return false;
1349
+ }
1350
+
1351
+ // If this is false then we should never have sent the SCT extension in the
1352
+ // ClientHello and thus this function should never have been called.
1353
+ assert(hs->config->signed_cert_timestamps_enabled);
1354
+
1355
+ if (!ssl_is_sct_list_valid(contents)) {
1356
+ *out_alert = SSL_AD_DECODE_ERROR;
1357
+ return false;
1358
+ }
1359
+
1360
+ // Session resumption uses the original session information. The extension
1361
+ // should not be sent on resumption, but RFC 6962 did not make it a
1362
+ // requirement, so tolerate this.
1363
+ //
1364
+ // TODO(davidben): Enforce this anyway.
1365
+ if (!ssl->s3->session_reused) {
1366
+ hs->new_session->signed_cert_timestamp_list.reset(
1367
+ CRYPTO_BUFFER_new_from_CBS(contents, ssl->ctx->pool));
1368
+ if (hs->new_session->signed_cert_timestamp_list == nullptr) {
1369
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1370
+ return false;
1371
+ }
1372
+ }
1373
+
1374
+ return true;
1375
+ }
1376
+
1377
+ static bool ext_sct_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1378
+ CBS *contents) {
1379
+ if (contents == NULL) {
1380
+ return true;
1381
+ }
1382
+
1383
+ if (CBS_len(contents) != 0) {
1384
+ return false;
1385
+ }
1386
+
1387
+ hs->scts_requested = true;
1388
+ return true;
1389
+ }
1390
+
1391
+ static bool ext_sct_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1392
+ SSL *const ssl = hs->ssl;
1393
+ // The extension shouldn't be sent when resuming sessions.
1394
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION || ssl->s3->session_reused ||
1395
+ hs->config->cert->signed_cert_timestamp_list == NULL) {
1396
+ return true;
1397
+ }
1398
+
1399
+ CBB contents;
1400
+ return CBB_add_u16(out, TLSEXT_TYPE_certificate_timestamp) &&
1401
+ CBB_add_u16_length_prefixed(out, &contents) &&
1402
+ CBB_add_bytes(
1403
+ &contents,
1404
+ CRYPTO_BUFFER_data(
1405
+ hs->config->cert->signed_cert_timestamp_list.get()),
1406
+ CRYPTO_BUFFER_len(
1407
+ hs->config->cert->signed_cert_timestamp_list.get())) &&
1408
+ CBB_flush(out);
1409
+ }
1410
+
1411
+
1412
+ // Application-level Protocol Negotiation.
1413
+ //
1414
+ // https://tools.ietf.org/html/rfc7301
1415
+
1416
+ static bool ext_alpn_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1417
+ CBB *out_compressible,
1418
+ ssl_client_hello_type_t type) {
1419
+ const SSL *const ssl = hs->ssl;
1420
+ if (hs->config->alpn_client_proto_list.empty() && ssl->quic_method) {
1421
+ // ALPN MUST be used with QUIC.
1422
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1423
+ return false;
1424
+ }
1425
+
1426
+ if (hs->config->alpn_client_proto_list.empty() ||
1427
+ ssl->s3->initial_handshake_complete) {
1428
+ return true;
1429
+ }
1430
+
1431
+ CBB contents, proto_list;
1432
+ if (!CBB_add_u16(out_compressible,
1433
+ TLSEXT_TYPE_application_layer_protocol_negotiation) ||
1434
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1435
+ !CBB_add_u16_length_prefixed(&contents, &proto_list) ||
1436
+ !CBB_add_bytes(&proto_list, hs->config->alpn_client_proto_list.data(),
1437
+ hs->config->alpn_client_proto_list.size()) ||
1438
+ !CBB_flush(out_compressible)) {
1439
+ return false;
1440
+ }
1441
+
1442
+ return true;
1443
+ }
1444
+
1445
+ static bool ext_alpn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1446
+ CBS *contents) {
1447
+ SSL *const ssl = hs->ssl;
1448
+ if (contents == NULL) {
1449
+ if (ssl->quic_method) {
1450
+ // ALPN is required when QUIC is used.
1451
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1452
+ *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1453
+ return false;
1454
+ }
1455
+ return true;
1456
+ }
1457
+
1458
+ assert(!ssl->s3->initial_handshake_complete);
1459
+ assert(!hs->config->alpn_client_proto_list.empty());
1460
+
1461
+ if (hs->next_proto_neg_seen) {
1462
+ // NPN and ALPN may not be negotiated in the same connection.
1463
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1464
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN);
1465
+ return false;
1466
+ }
1467
+
1468
+ // The extension data consists of a ProtocolNameList which must have
1469
+ // exactly one ProtocolName. Each of these is length-prefixed.
1470
+ CBS protocol_name_list, protocol_name;
1471
+ if (!CBS_get_u16_length_prefixed(contents, &protocol_name_list) ||
1472
+ CBS_len(contents) != 0 ||
1473
+ !CBS_get_u8_length_prefixed(&protocol_name_list, &protocol_name) ||
1474
+ // Empty protocol names are forbidden.
1475
+ CBS_len(&protocol_name) == 0 ||
1476
+ CBS_len(&protocol_name_list) != 0) {
1477
+ return false;
1478
+ }
1479
+
1480
+ if (!ssl_is_alpn_protocol_allowed(hs, protocol_name)) {
1481
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
1482
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1483
+ return false;
1484
+ }
1485
+
1486
+ if (!ssl->s3->alpn_selected.CopyFrom(protocol_name)) {
1487
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1488
+ return false;
1489
+ }
1490
+
1491
+ return true;
1492
+ }
1493
+
1494
+ bool ssl_is_valid_alpn_list(Span<const uint8_t> in) {
1495
+ CBS protocol_name_list = in;
1496
+ if (CBS_len(&protocol_name_list) == 0) {
1497
+ return false;
1498
+ }
1499
+ while (CBS_len(&protocol_name_list) > 0) {
1500
+ CBS protocol_name;
1501
+ if (!CBS_get_u8_length_prefixed(&protocol_name_list, &protocol_name) ||
1502
+ // Empty protocol names are forbidden.
1503
+ CBS_len(&protocol_name) == 0) {
1504
+ return false;
1505
+ }
1506
+ }
1507
+ return true;
1508
+ }
1509
+
1510
+ bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
1511
+ Span<const uint8_t> protocol) {
1512
+ if (hs->config->alpn_client_proto_list.empty()) {
1513
+ return false;
1514
+ }
1515
+
1516
+ if (hs->ssl->ctx->allow_unknown_alpn_protos) {
1517
+ return true;
1518
+ }
1519
+
1520
+ // Check that the protocol name is one of the ones we advertised.
1521
+ CBS client_protocol_name_list =
1522
+ MakeConstSpan(hs->config->alpn_client_proto_list),
1523
+ client_protocol_name;
1524
+ while (CBS_len(&client_protocol_name_list) > 0) {
1525
+ if (!CBS_get_u8_length_prefixed(&client_protocol_name_list,
1526
+ &client_protocol_name)) {
1527
+ return false;
1528
+ }
1529
+
1530
+ if (client_protocol_name == protocol) {
1531
+ return true;
1532
+ }
1533
+ }
1534
+
1535
+ return false;
1536
+ }
1537
+
1538
+ bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1539
+ const SSL_CLIENT_HELLO *client_hello) {
1540
+ SSL *const ssl = hs->ssl;
1541
+ CBS contents;
1542
+ if (ssl->ctx->alpn_select_cb == NULL ||
1543
+ !ssl_client_hello_get_extension(
1544
+ client_hello, &contents,
1545
+ TLSEXT_TYPE_application_layer_protocol_negotiation)) {
1546
+ if (ssl->quic_method) {
1547
+ // ALPN is required when QUIC is used.
1548
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1549
+ *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1550
+ return false;
1551
+ }
1552
+ // Ignore ALPN if not configured or no extension was supplied.
1553
+ return true;
1554
+ }
1555
+
1556
+ // ALPN takes precedence over NPN.
1557
+ hs->next_proto_neg_seen = false;
1558
+
1559
+ CBS protocol_name_list;
1560
+ if (!CBS_get_u16_length_prefixed(&contents, &protocol_name_list) ||
1561
+ CBS_len(&contents) != 0 ||
1562
+ !ssl_is_valid_alpn_list(protocol_name_list)) {
1563
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
1564
+ *out_alert = SSL_AD_DECODE_ERROR;
1565
+ return false;
1566
+ }
1567
+
1568
+ const uint8_t *selected;
1569
+ uint8_t selected_len;
1570
+ int ret = ssl->ctx->alpn_select_cb(
1571
+ ssl, &selected, &selected_len, CBS_data(&protocol_name_list),
1572
+ CBS_len(&protocol_name_list), ssl->ctx->alpn_select_cb_arg);
1573
+ // ALPN is required when QUIC is used.
1574
+ if (ssl->quic_method &&
1575
+ (ret == SSL_TLSEXT_ERR_NOACK || ret == SSL_TLSEXT_ERR_ALERT_WARNING)) {
1576
+ ret = SSL_TLSEXT_ERR_ALERT_FATAL;
1577
+ }
1578
+ switch (ret) {
1579
+ case SSL_TLSEXT_ERR_OK:
1580
+ if (selected_len == 0) {
1581
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
1582
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1583
+ return false;
1584
+ }
1585
+ if (!ssl->s3->alpn_selected.CopyFrom(
1586
+ MakeConstSpan(selected, selected_len))) {
1587
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1588
+ return false;
1589
+ }
1590
+ break;
1591
+ case SSL_TLSEXT_ERR_NOACK:
1592
+ case SSL_TLSEXT_ERR_ALERT_WARNING:
1593
+ break;
1594
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
1595
+ *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1596
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1597
+ return false;
1598
+ default:
1599
+ // Invalid return value.
1600
+ *out_alert = SSL_AD_INTERNAL_ERROR;
1601
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1602
+ return false;
1603
+ }
1604
+
1605
+ return true;
1606
+ }
1607
+
1608
+ static bool ext_alpn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1609
+ SSL *const ssl = hs->ssl;
1610
+ if (ssl->s3->alpn_selected.empty()) {
1611
+ return true;
1612
+ }
1613
+
1614
+ CBB contents, proto_list, proto;
1615
+ if (!CBB_add_u16(out, TLSEXT_TYPE_application_layer_protocol_negotiation) ||
1616
+ !CBB_add_u16_length_prefixed(out, &contents) ||
1617
+ !CBB_add_u16_length_prefixed(&contents, &proto_list) ||
1618
+ !CBB_add_u8_length_prefixed(&proto_list, &proto) ||
1619
+ !CBB_add_bytes(&proto, ssl->s3->alpn_selected.data(),
1620
+ ssl->s3->alpn_selected.size()) ||
1621
+ !CBB_flush(out)) {
1622
+ return false;
1623
+ }
1624
+
1625
+ return true;
1626
+ }
1627
+
1628
+
1629
+ // Channel ID.
1630
+ //
1631
+ // https://tools.ietf.org/html/draft-balfanz-tls-channelid-01
1632
+
1633
+ static bool ext_channel_id_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1634
+ CBB *out_compressible,
1635
+ ssl_client_hello_type_t type) {
1636
+ const SSL *const ssl = hs->ssl;
1637
+ if (!hs->config->channel_id_private || SSL_is_dtls(ssl) ||
1638
+ // Don't offer Channel ID in ClientHelloOuter. ClientHelloOuter handshakes
1639
+ // are not authenticated for the name that can learn the Channel ID.
1640
+ //
1641
+ // We could alternatively offer the extension but sign with a random key.
1642
+ // For other extensions, we try to align |ssl_client_hello_outer| and
1643
+ // |ssl_client_hello_unencrypted|, to improve the effectiveness of ECH
1644
+ // GREASE. However, Channel ID is deprecated and unlikely to be used with
1645
+ // ECH, so do the simplest thing.
1646
+ type == ssl_client_hello_outer) {
1647
+ return true;
1648
+ }
1649
+
1650
+ if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
1651
+ !CBB_add_u16(out, 0 /* length */)) {
1652
+ return false;
1653
+ }
1654
+
1655
+ return true;
1656
+ }
1657
+
1658
+ static bool ext_channel_id_parse_serverhello(SSL_HANDSHAKE *hs,
1659
+ uint8_t *out_alert,
1660
+ CBS *contents) {
1661
+ if (contents == NULL) {
1662
+ return true;
1663
+ }
1664
+
1665
+ assert(!SSL_is_dtls(hs->ssl));
1666
+ assert(hs->config->channel_id_private);
1667
+
1668
+ if (CBS_len(contents) != 0) {
1669
+ return false;
1670
+ }
1671
+
1672
+ hs->channel_id_negotiated = true;
1673
+ return true;
1674
+ }
1675
+
1676
+ static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs,
1677
+ uint8_t *out_alert,
1678
+ CBS *contents) {
1679
+ SSL *const ssl = hs->ssl;
1680
+ if (contents == NULL || !hs->config->channel_id_enabled || SSL_is_dtls(ssl)) {
1681
+ return true;
1682
+ }
1683
+
1684
+ if (CBS_len(contents) != 0) {
1685
+ return false;
1686
+ }
1687
+
1688
+ hs->channel_id_negotiated = true;
1689
+ return true;
1690
+ }
1691
+
1692
+ static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1693
+ if (!hs->channel_id_negotiated) {
1694
+ return true;
1695
+ }
1696
+
1697
+ if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
1698
+ !CBB_add_u16(out, 0 /* length */)) {
1699
+ return false;
1700
+ }
1701
+
1702
+ return true;
1703
+ }
1704
+
1705
+
1706
+ // Secure Real-time Transport Protocol (SRTP) extension.
1707
+ //
1708
+ // https://tools.ietf.org/html/rfc5764
1709
+
1710
+ static bool ext_srtp_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1711
+ CBB *out_compressible,
1712
+ ssl_client_hello_type_t type) {
1713
+ const SSL *const ssl = hs->ssl;
1714
+ const STACK_OF(SRTP_PROTECTION_PROFILE) *profiles =
1715
+ SSL_get_srtp_profiles(ssl);
1716
+ if (profiles == NULL ||
1717
+ sk_SRTP_PROTECTION_PROFILE_num(profiles) == 0 ||
1718
+ !SSL_is_dtls(ssl)) {
1719
+ return true;
1720
+ }
1721
+
1722
+ CBB contents, profile_ids;
1723
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_srtp) ||
1724
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1725
+ !CBB_add_u16_length_prefixed(&contents, &profile_ids)) {
1726
+ return false;
1727
+ }
1728
+
1729
+ for (const SRTP_PROTECTION_PROFILE *profile : profiles) {
1730
+ if (!CBB_add_u16(&profile_ids, profile->id)) {
1731
+ return false;
1732
+ }
1733
+ }
1734
+
1735
+ if (!CBB_add_u8(&contents, 0 /* empty use_mki value */) ||
1736
+ !CBB_flush(out_compressible)) {
1737
+ return false;
1738
+ }
1739
+
1740
+ return true;
1741
+ }
1742
+
1743
+ static bool ext_srtp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1744
+ CBS *contents) {
1745
+ SSL *const ssl = hs->ssl;
1746
+ if (contents == NULL) {
1747
+ return true;
1748
+ }
1749
+
1750
+ // The extension consists of a u16-prefixed profile ID list containing a
1751
+ // single uint16_t profile ID, then followed by a u8-prefixed srtp_mki field.
1752
+ //
1753
+ // See https://tools.ietf.org/html/rfc5764#section-4.1.1
1754
+ assert(SSL_is_dtls(ssl));
1755
+ CBS profile_ids, srtp_mki;
1756
+ uint16_t profile_id;
1757
+ if (!CBS_get_u16_length_prefixed(contents, &profile_ids) ||
1758
+ !CBS_get_u16(&profile_ids, &profile_id) ||
1759
+ CBS_len(&profile_ids) != 0 ||
1760
+ !CBS_get_u8_length_prefixed(contents, &srtp_mki) ||
1761
+ CBS_len(contents) != 0) {
1762
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1763
+ return false;
1764
+ }
1765
+
1766
+ if (CBS_len(&srtp_mki) != 0) {
1767
+ // Must be no MKI, since we never offer one.
1768
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_MKI_VALUE);
1769
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1770
+ return false;
1771
+ }
1772
+
1773
+ // Check to see if the server gave us something we support and offered.
1774
+ for (const SRTP_PROTECTION_PROFILE *profile : SSL_get_srtp_profiles(ssl)) {
1775
+ if (profile->id == profile_id) {
1776
+ ssl->s3->srtp_profile = profile;
1777
+ return true;
1778
+ }
1779
+ }
1780
+
1781
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1782
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1783
+ return false;
1784
+ }
1785
+
1786
+ static bool ext_srtp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1787
+ CBS *contents) {
1788
+ SSL *const ssl = hs->ssl;
1789
+ // DTLS-SRTP is only defined for DTLS.
1790
+ if (contents == NULL || !SSL_is_dtls(ssl)) {
1791
+ return true;
1792
+ }
1793
+
1794
+ CBS profile_ids, srtp_mki;
1795
+ if (!CBS_get_u16_length_prefixed(contents, &profile_ids) ||
1796
+ CBS_len(&profile_ids) < 2 ||
1797
+ !CBS_get_u8_length_prefixed(contents, &srtp_mki) ||
1798
+ CBS_len(contents) != 0) {
1799
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1800
+ return false;
1801
+ }
1802
+ // Discard the MKI value for now.
1803
+
1804
+ const STACK_OF(SRTP_PROTECTION_PROFILE) *server_profiles =
1805
+ SSL_get_srtp_profiles(ssl);
1806
+
1807
+ // Pick the server's most preferred profile.
1808
+ for (const SRTP_PROTECTION_PROFILE *server_profile : server_profiles) {
1809
+ CBS profile_ids_tmp;
1810
+ CBS_init(&profile_ids_tmp, CBS_data(&profile_ids), CBS_len(&profile_ids));
1811
+
1812
+ while (CBS_len(&profile_ids_tmp) > 0) {
1813
+ uint16_t profile_id;
1814
+ if (!CBS_get_u16(&profile_ids_tmp, &profile_id)) {
1815
+ return false;
1816
+ }
1817
+
1818
+ if (server_profile->id == profile_id) {
1819
+ ssl->s3->srtp_profile = server_profile;
1820
+ return true;
1821
+ }
1822
+ }
1823
+ }
1824
+
1825
+ return true;
1826
+ }
1827
+
1828
+ static bool ext_srtp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1829
+ SSL *const ssl = hs->ssl;
1830
+ if (ssl->s3->srtp_profile == NULL) {
1831
+ return true;
1832
+ }
1833
+
1834
+ assert(SSL_is_dtls(ssl));
1835
+ CBB contents, profile_ids;
1836
+ if (!CBB_add_u16(out, TLSEXT_TYPE_srtp) ||
1837
+ !CBB_add_u16_length_prefixed(out, &contents) ||
1838
+ !CBB_add_u16_length_prefixed(&contents, &profile_ids) ||
1839
+ !CBB_add_u16(&profile_ids, ssl->s3->srtp_profile->id) ||
1840
+ !CBB_add_u8(&contents, 0 /* empty MKI */) ||
1841
+ !CBB_flush(out)) {
1842
+ return false;
1843
+ }
1844
+
1845
+ return true;
1846
+ }
1847
+
1848
+
1849
+ // EC point formats.
1850
+ //
1851
+ // https://tools.ietf.org/html/rfc4492#section-5.1.2
1852
+
1853
+ static bool ext_ec_point_add_extension(const SSL_HANDSHAKE *hs, CBB *out) {
1854
+ CBB contents, formats;
1855
+ if (!CBB_add_u16(out, TLSEXT_TYPE_ec_point_formats) ||
1856
+ !CBB_add_u16_length_prefixed(out, &contents) ||
1857
+ !CBB_add_u8_length_prefixed(&contents, &formats) ||
1858
+ !CBB_add_u8(&formats, TLSEXT_ECPOINTFORMAT_uncompressed) ||
1859
+ !CBB_flush(out)) {
1860
+ return false;
1861
+ }
1862
+
1863
+ return true;
1864
+ }
1865
+
1866
+ static bool ext_ec_point_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1867
+ CBB *out_compressible,
1868
+ ssl_client_hello_type_t type) {
1869
+ // The point format extension is unnecessary in TLS 1.3.
1870
+ if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner) {
1871
+ return true;
1872
+ }
1873
+
1874
+ return ext_ec_point_add_extension(hs, out);
1875
+ }
1876
+
1877
+ static bool ext_ec_point_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1878
+ CBS *contents) {
1879
+ if (contents == NULL) {
1880
+ return true;
1881
+ }
1882
+
1883
+ if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
1884
+ return false;
1885
+ }
1886
+
1887
+ CBS ec_point_format_list;
1888
+ if (!CBS_get_u8_length_prefixed(contents, &ec_point_format_list) ||
1889
+ CBS_len(contents) != 0) {
1890
+ return false;
1891
+ }
1892
+
1893
+ // Per RFC 4492, section 5.1.2, implementations MUST support the uncompressed
1894
+ // point format.
1895
+ if (OPENSSL_memchr(CBS_data(&ec_point_format_list),
1896
+ TLSEXT_ECPOINTFORMAT_uncompressed,
1897
+ CBS_len(&ec_point_format_list)) == NULL) {
1898
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1899
+ return false;
1900
+ }
1901
+
1902
+ return true;
1903
+ }
1904
+
1905
+ static bool ext_ec_point_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1906
+ CBS *contents) {
1907
+ if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
1908
+ return true;
1909
+ }
1910
+
1911
+ return ext_ec_point_parse_serverhello(hs, out_alert, contents);
1912
+ }
1913
+
1914
+ static bool ext_ec_point_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1915
+ SSL *const ssl = hs->ssl;
1916
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1917
+ return true;
1918
+ }
1919
+
1920
+ const uint32_t alg_k = hs->new_cipher->algorithm_mkey;
1921
+ const uint32_t alg_a = hs->new_cipher->algorithm_auth;
1922
+ const bool using_ecc = (alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA);
1923
+
1924
+ if (!using_ecc) {
1925
+ return true;
1926
+ }
1927
+
1928
+ return ext_ec_point_add_extension(hs, out);
1929
+ }
1930
+
1931
+
1932
+ // Pre Shared Key
1933
+ //
1934
+ // https://tools.ietf.org/html/rfc8446#section-4.2.11
1935
+
1936
+ static bool should_offer_psk(const SSL_HANDSHAKE *hs,
1937
+ ssl_client_hello_type_t type) {
1938
+ const SSL *const ssl = hs->ssl;
1939
+ if (hs->max_version < TLS1_3_VERSION || ssl->session == nullptr ||
1940
+ ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION ||
1941
+ // TODO(https://crbug.com/boringssl/275): Should we synthesize a
1942
+ // placeholder PSK, at least when we offer early data? Otherwise
1943
+ // ClientHelloOuter will contain an early_data extension without a
1944
+ // pre_shared_key extension and potentially break the recovery flow.
1945
+ type == ssl_client_hello_outer) {
1946
+ return false;
1947
+ }
1948
+
1949
+ // Per RFC 8446 section 4.1.4, skip offering the session if the selected
1950
+ // cipher in HelloRetryRequest does not match. This avoids performing the
1951
+ // transcript hash transformation for multiple hashes.
1952
+ if (ssl->s3->used_hello_retry_request &&
1953
+ ssl->session->cipher->algorithm_prf != hs->new_cipher->algorithm_prf) {
1954
+ return false;
1955
+ }
1956
+
1957
+ return true;
1958
+ }
1959
+
1960
+ static size_t ext_pre_shared_key_clienthello_length(
1961
+ const SSL_HANDSHAKE *hs, ssl_client_hello_type_t type) {
1962
+ const SSL *const ssl = hs->ssl;
1963
+ if (!should_offer_psk(hs, type)) {
1964
+ return 0;
1965
+ }
1966
+
1967
+ size_t binder_len = EVP_MD_size(ssl_session_get_digest(ssl->session.get()));
1968
+ return 15 + ssl->session->ticket.size() + binder_len;
1969
+ }
1970
+
1971
+ static bool ext_pre_shared_key_add_clienthello(const SSL_HANDSHAKE *hs,
1972
+ CBB *out, bool *out_needs_binder,
1973
+ ssl_client_hello_type_t type) {
1974
+ const SSL *const ssl = hs->ssl;
1975
+ *out_needs_binder = false;
1976
+ if (!should_offer_psk(hs, type)) {
1977
+ return true;
1978
+ }
1979
+
1980
+ struct OPENSSL_timeval now;
1981
+ ssl_get_current_time(ssl, &now);
1982
+ uint32_t ticket_age = 1000 * (now.tv_sec - ssl->session->time);
1983
+ uint32_t obfuscated_ticket_age = ticket_age + ssl->session->ticket_age_add;
1984
+
1985
+ // Fill in a placeholder zero binder of the appropriate length. It will be
1986
+ // computed and filled in later after length prefixes are computed.
1987
+ size_t binder_len = EVP_MD_size(ssl_session_get_digest(ssl->session.get()));
1988
+
1989
+ CBB contents, identity, ticket, binders, binder;
1990
+ if (!CBB_add_u16(out, TLSEXT_TYPE_pre_shared_key) ||
1991
+ !CBB_add_u16_length_prefixed(out, &contents) ||
1992
+ !CBB_add_u16_length_prefixed(&contents, &identity) ||
1993
+ !CBB_add_u16_length_prefixed(&identity, &ticket) ||
1994
+ !CBB_add_bytes(&ticket, ssl->session->ticket.data(),
1995
+ ssl->session->ticket.size()) ||
1996
+ !CBB_add_u32(&identity, obfuscated_ticket_age) ||
1997
+ !CBB_add_u16_length_prefixed(&contents, &binders) ||
1998
+ !CBB_add_u8_length_prefixed(&binders, &binder) ||
1999
+ !CBB_add_zeros(&binder, binder_len)) {
2000
+ return false;
2001
+ }
2002
+
2003
+ *out_needs_binder = true;
2004
+ return CBB_flush(out);
2005
+ }
2006
+
2007
+ bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
2008
+ uint8_t *out_alert,
2009
+ CBS *contents) {
2010
+ uint16_t psk_id;
2011
+ if (!CBS_get_u16(contents, &psk_id) ||
2012
+ CBS_len(contents) != 0) {
2013
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2014
+ *out_alert = SSL_AD_DECODE_ERROR;
2015
+ return false;
2016
+ }
2017
+
2018
+ // We only advertise one PSK identity, so the only legal index is zero.
2019
+ if (psk_id != 0) {
2020
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND);
2021
+ *out_alert = SSL_AD_UNKNOWN_PSK_IDENTITY;
2022
+ return false;
2023
+ }
2024
+
2025
+ return true;
2026
+ }
2027
+
2028
+ bool ssl_ext_pre_shared_key_parse_clienthello(
2029
+ SSL_HANDSHAKE *hs, CBS *out_ticket, CBS *out_binders,
2030
+ uint32_t *out_obfuscated_ticket_age, uint8_t *out_alert,
2031
+ const SSL_CLIENT_HELLO *client_hello, CBS *contents) {
2032
+ // Verify that the pre_shared_key extension is the last extension in
2033
+ // ClientHello.
2034
+ if (CBS_data(contents) + CBS_len(contents) !=
2035
+ client_hello->extensions + client_hello->extensions_len) {
2036
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PRE_SHARED_KEY_MUST_BE_LAST);
2037
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2038
+ return false;
2039
+ }
2040
+
2041
+ // We only process the first PSK identity since we don't support pure PSK.
2042
+ CBS identities, binders;
2043
+ if (!CBS_get_u16_length_prefixed(contents, &identities) ||
2044
+ !CBS_get_u16_length_prefixed(&identities, out_ticket) ||
2045
+ !CBS_get_u32(&identities, out_obfuscated_ticket_age) ||
2046
+ !CBS_get_u16_length_prefixed(contents, &binders) ||
2047
+ CBS_len(&binders) == 0 ||
2048
+ CBS_len(contents) != 0) {
2049
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2050
+ *out_alert = SSL_AD_DECODE_ERROR;
2051
+ return false;
2052
+ }
2053
+
2054
+ *out_binders = binders;
2055
+
2056
+ // Check the syntax of the remaining identities, but do not process them.
2057
+ size_t num_identities = 1;
2058
+ while (CBS_len(&identities) != 0) {
2059
+ CBS unused_ticket;
2060
+ uint32_t unused_obfuscated_ticket_age;
2061
+ if (!CBS_get_u16_length_prefixed(&identities, &unused_ticket) ||
2062
+ !CBS_get_u32(&identities, &unused_obfuscated_ticket_age)) {
2063
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2064
+ *out_alert = SSL_AD_DECODE_ERROR;
2065
+ return false;
2066
+ }
2067
+
2068
+ num_identities++;
2069
+ }
2070
+
2071
+ // Check the syntax of the binders. The value will be checked later if
2072
+ // resuming.
2073
+ size_t num_binders = 0;
2074
+ while (CBS_len(&binders) != 0) {
2075
+ CBS binder;
2076
+ if (!CBS_get_u8_length_prefixed(&binders, &binder)) {
2077
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2078
+ *out_alert = SSL_AD_DECODE_ERROR;
2079
+ return false;
2080
+ }
2081
+
2082
+ num_binders++;
2083
+ }
2084
+
2085
+ if (num_identities != num_binders) {
2086
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_BINDER_COUNT_MISMATCH);
2087
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2088
+ return false;
2089
+ }
2090
+
2091
+ return true;
2092
+ }
2093
+
2094
+ bool ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2095
+ if (!hs->ssl->s3->session_reused) {
2096
+ return true;
2097
+ }
2098
+
2099
+ CBB contents;
2100
+ if (!CBB_add_u16(out, TLSEXT_TYPE_pre_shared_key) ||
2101
+ !CBB_add_u16_length_prefixed(out, &contents) ||
2102
+ // We only consider the first identity for resumption
2103
+ !CBB_add_u16(&contents, 0) ||
2104
+ !CBB_flush(out)) {
2105
+ return false;
2106
+ }
2107
+
2108
+ return true;
2109
+ }
2110
+
2111
+
2112
+ // Pre-Shared Key Exchange Modes
2113
+ //
2114
+ // https://tools.ietf.org/html/rfc8446#section-4.2.9
2115
+
2116
+ static bool ext_psk_key_exchange_modes_add_clienthello(
2117
+ const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2118
+ ssl_client_hello_type_t type) {
2119
+ if (hs->max_version < TLS1_3_VERSION) {
2120
+ return true;
2121
+ }
2122
+
2123
+ CBB contents, ke_modes;
2124
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_psk_key_exchange_modes) ||
2125
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2126
+ !CBB_add_u8_length_prefixed(&contents, &ke_modes) ||
2127
+ !CBB_add_u8(&ke_modes, SSL_PSK_DHE_KE)) {
2128
+ return false;
2129
+ }
2130
+
2131
+ return CBB_flush(out_compressible);
2132
+ }
2133
+
2134
+ static bool ext_psk_key_exchange_modes_parse_clienthello(SSL_HANDSHAKE *hs,
2135
+ uint8_t *out_alert,
2136
+ CBS *contents) {
2137
+ if (contents == NULL) {
2138
+ return true;
2139
+ }
2140
+
2141
+ CBS ke_modes;
2142
+ if (!CBS_get_u8_length_prefixed(contents, &ke_modes) ||
2143
+ CBS_len(&ke_modes) == 0 ||
2144
+ CBS_len(contents) != 0) {
2145
+ *out_alert = SSL_AD_DECODE_ERROR;
2146
+ return false;
2147
+ }
2148
+
2149
+ // We only support tickets with PSK_DHE_KE.
2150
+ hs->accept_psk_mode = OPENSSL_memchr(CBS_data(&ke_modes), SSL_PSK_DHE_KE,
2151
+ CBS_len(&ke_modes)) != NULL;
2152
+
2153
+ return true;
2154
+ }
2155
+
2156
+
2157
+ // Early Data Indication
2158
+ //
2159
+ // https://tools.ietf.org/html/rfc8446#section-4.2.10
2160
+
2161
+ static bool ext_early_data_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2162
+ CBB *out_compressible,
2163
+ ssl_client_hello_type_t type) {
2164
+ const SSL *const ssl = hs->ssl;
2165
+ // The second ClientHello never offers early data, and we must have already
2166
+ // filled in |early_data_reason| by this point.
2167
+ if (ssl->s3->used_hello_retry_request) {
2168
+ assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
2169
+ return true;
2170
+ }
2171
+
2172
+ if (!hs->early_data_offered) {
2173
+ return true;
2174
+ }
2175
+
2176
+ // If offering ECH, the extension only applies to ClientHelloInner, but we
2177
+ // send the extension in both ClientHellos. This ensures that, if the server
2178
+ // handshakes with ClientHelloOuter, it can skip past early data. See
2179
+ // draft-ietf-tls-esni-13, section 6.1.
2180
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_early_data) ||
2181
+ !CBB_add_u16(out_compressible, 0) ||
2182
+ !CBB_flush(out_compressible)) {
2183
+ return false;
2184
+ }
2185
+
2186
+ return true;
2187
+ }
2188
+
2189
+ static bool ext_early_data_parse_serverhello(SSL_HANDSHAKE *hs,
2190
+ uint8_t *out_alert,
2191
+ CBS *contents) {
2192
+ SSL *const ssl = hs->ssl;
2193
+ if (contents == NULL) {
2194
+ if (hs->early_data_offered && !ssl->s3->used_hello_retry_request) {
2195
+ ssl->s3->early_data_reason = ssl->s3->session_reused
2196
+ ? ssl_early_data_peer_declined
2197
+ : ssl_early_data_session_not_resumed;
2198
+ } else {
2199
+ // We already filled in |early_data_reason| when declining to offer 0-RTT
2200
+ // or handling the implicit HelloRetryRequest reject.
2201
+ assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
2202
+ }
2203
+ return true;
2204
+ }
2205
+
2206
+ // If we received an HRR, the second ClientHello never offers early data, so
2207
+ // the extensions logic will automatically reject early data extensions as
2208
+ // unsolicited. This covered by the ServerAcceptsEarlyDataOnHRR test.
2209
+ assert(!ssl->s3->used_hello_retry_request);
2210
+
2211
+ if (CBS_len(contents) != 0) {
2212
+ *out_alert = SSL_AD_DECODE_ERROR;
2213
+ return false;
2214
+ }
2215
+
2216
+ if (!ssl->s3->session_reused) {
2217
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2218
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
2219
+ return false;
2220
+ }
2221
+
2222
+ ssl->s3->early_data_reason = ssl_early_data_accepted;
2223
+ ssl->s3->early_data_accepted = true;
2224
+ return true;
2225
+ }
2226
+
2227
+ static bool ext_early_data_parse_clienthello(SSL_HANDSHAKE *hs,
2228
+ uint8_t *out_alert, CBS *contents) {
2229
+ SSL *const ssl = hs->ssl;
2230
+ if (contents == NULL ||
2231
+ ssl_protocol_version(ssl) < TLS1_3_VERSION) {
2232
+ return true;
2233
+ }
2234
+
2235
+ if (CBS_len(contents) != 0) {
2236
+ *out_alert = SSL_AD_DECODE_ERROR;
2237
+ return false;
2238
+ }
2239
+
2240
+ hs->early_data_offered = true;
2241
+ return true;
2242
+ }
2243
+
2244
+ static bool ext_early_data_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2245
+ if (!hs->ssl->s3->early_data_accepted) {
2246
+ return true;
2247
+ }
2248
+
2249
+ if (!CBB_add_u16(out, TLSEXT_TYPE_early_data) ||
2250
+ !CBB_add_u16(out, 0) ||
2251
+ !CBB_flush(out)) {
2252
+ return false;
2253
+ }
2254
+
2255
+ return true;
2256
+ }
2257
+
2258
+
2259
+ // Key Share
2260
+ //
2261
+ // https://tools.ietf.org/html/rfc8446#section-4.2.8
2262
+
2263
+ bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id) {
2264
+ SSL *const ssl = hs->ssl;
2265
+ hs->key_shares[0].reset();
2266
+ hs->key_shares[1].reset();
2267
+ hs->key_share_bytes.Reset();
2268
+
2269
+ if (hs->max_version < TLS1_3_VERSION) {
2270
+ return true;
2271
+ }
2272
+
2273
+ bssl::ScopedCBB cbb;
2274
+ if (!CBB_init(cbb.get(), 64)) {
2275
+ return false;
2276
+ }
2277
+
2278
+ if (override_group_id == 0 && ssl->ctx->grease_enabled) {
2279
+ // Add a fake group. See RFC 8701.
2280
+ if (!CBB_add_u16(cbb.get(), ssl_get_grease_value(hs, ssl_grease_group)) ||
2281
+ !CBB_add_u16(cbb.get(), 1 /* length */) ||
2282
+ !CBB_add_u8(cbb.get(), 0 /* one byte key share */)) {
2283
+ return false;
2284
+ }
2285
+ }
2286
+
2287
+ uint16_t group_id = override_group_id;
2288
+ uint16_t second_group_id = 0;
2289
+ if (override_group_id == 0) {
2290
+ // Predict the most preferred group.
2291
+ Span<const uint16_t> groups = tls1_get_grouplist(hs);
2292
+ if (groups.empty()) {
2293
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_GROUPS_SPECIFIED);
2294
+ return false;
2295
+ }
2296
+
2297
+ group_id = groups[0];
2298
+
2299
+ if (is_post_quantum_group(group_id) && groups.size() >= 2) {
2300
+ // CECPQ2(b) is not sent as the only initial key share. We'll include the
2301
+ // 2nd preference group too to avoid round-trips.
2302
+ second_group_id = groups[1];
2303
+ assert(second_group_id != group_id);
2304
+ }
2305
+ }
2306
+
2307
+ CBB key_exchange;
2308
+ hs->key_shares[0] = SSLKeyShare::Create(group_id);
2309
+ if (!hs->key_shares[0] || //
2310
+ !CBB_add_u16(cbb.get(), group_id) ||
2311
+ !CBB_add_u16_length_prefixed(cbb.get(), &key_exchange) ||
2312
+ !hs->key_shares[0]->Offer(&key_exchange)) {
2313
+ return false;
2314
+ }
2315
+
2316
+ if (second_group_id != 0) {
2317
+ hs->key_shares[1] = SSLKeyShare::Create(second_group_id);
2318
+ if (!hs->key_shares[1] || //
2319
+ !CBB_add_u16(cbb.get(), second_group_id) ||
2320
+ !CBB_add_u16_length_prefixed(cbb.get(), &key_exchange) ||
2321
+ !hs->key_shares[1]->Offer(&key_exchange)) {
2322
+ return false;
2323
+ }
2324
+ }
2325
+
2326
+ return CBBFinishArray(cbb.get(), &hs->key_share_bytes);
2327
+ }
2328
+
2329
+ static bool ext_key_share_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2330
+ CBB *out_compressible,
2331
+ ssl_client_hello_type_t type) {
2332
+ if (hs->max_version < TLS1_3_VERSION) {
2333
+ return true;
2334
+ }
2335
+
2336
+ assert(!hs->key_share_bytes.empty());
2337
+ CBB contents, kse_bytes;
2338
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_key_share) ||
2339
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2340
+ !CBB_add_u16_length_prefixed(&contents, &kse_bytes) ||
2341
+ !CBB_add_bytes(&kse_bytes, hs->key_share_bytes.data(),
2342
+ hs->key_share_bytes.size()) ||
2343
+ !CBB_flush(out_compressible)) {
2344
+ return false;
2345
+ }
2346
+
2347
+ return true;
2348
+ }
2349
+
2350
+ bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
2351
+ Array<uint8_t> *out_secret,
2352
+ uint8_t *out_alert, CBS *contents) {
2353
+ CBS peer_key;
2354
+ uint16_t group_id;
2355
+ if (!CBS_get_u16(contents, &group_id) ||
2356
+ !CBS_get_u16_length_prefixed(contents, &peer_key) ||
2357
+ CBS_len(contents) != 0) {
2358
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2359
+ *out_alert = SSL_AD_DECODE_ERROR;
2360
+ return false;
2361
+ }
2362
+
2363
+ SSLKeyShare *key_share = hs->key_shares[0].get();
2364
+ if (key_share->GroupID() != group_id) {
2365
+ if (!hs->key_shares[1] || hs->key_shares[1]->GroupID() != group_id) {
2366
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2367
+ OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
2368
+ return false;
2369
+ }
2370
+ key_share = hs->key_shares[1].get();
2371
+ }
2372
+
2373
+ if (!key_share->Finish(out_secret, out_alert, peer_key)) {
2374
+ *out_alert = SSL_AD_INTERNAL_ERROR;
2375
+ return false;
2376
+ }
2377
+
2378
+ hs->new_session->group_id = group_id;
2379
+ hs->key_shares[0].reset();
2380
+ hs->key_shares[1].reset();
2381
+ return true;
2382
+ }
2383
+
2384
+ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
2385
+ Span<const uint8_t> *out_peer_key,
2386
+ uint8_t *out_alert,
2387
+ const SSL_CLIENT_HELLO *client_hello) {
2388
+ // We only support connections that include an ECDHE key exchange.
2389
+ CBS contents;
2390
+ if (!ssl_client_hello_get_extension(client_hello, &contents,
2391
+ TLSEXT_TYPE_key_share)) {
2392
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_KEY_SHARE);
2393
+ *out_alert = SSL_AD_MISSING_EXTENSION;
2394
+ return false;
2395
+ }
2396
+
2397
+ CBS key_shares;
2398
+ if (!CBS_get_u16_length_prefixed(&contents, &key_shares) ||
2399
+ CBS_len(&contents) != 0) {
2400
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2401
+ return false;
2402
+ }
2403
+
2404
+ // Find the corresponding key share.
2405
+ const uint16_t group_id = hs->new_session->group_id;
2406
+ CBS peer_key;
2407
+ CBS_init(&peer_key, nullptr, 0);
2408
+ while (CBS_len(&key_shares) > 0) {
2409
+ uint16_t id;
2410
+ CBS peer_key_tmp;
2411
+ if (!CBS_get_u16(&key_shares, &id) ||
2412
+ !CBS_get_u16_length_prefixed(&key_shares, &peer_key_tmp) ||
2413
+ CBS_len(&peer_key_tmp) == 0) {
2414
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2415
+ return false;
2416
+ }
2417
+
2418
+ if (id == group_id) {
2419
+ if (CBS_len(&peer_key) != 0) {
2420
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_KEY_SHARE);
2421
+ *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2422
+ return false;
2423
+ }
2424
+
2425
+ peer_key = peer_key_tmp;
2426
+ // Continue parsing the structure to keep peers honest.
2427
+ }
2428
+ }
2429
+
2430
+ if (out_peer_key != nullptr) {
2431
+ *out_peer_key = peer_key;
2432
+ }
2433
+ *out_found = CBS_len(&peer_key) != 0;
2434
+ return true;
2435
+ }
2436
+
2437
+ bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2438
+ CBB kse_bytes, public_key;
2439
+ if (!CBB_add_u16(out, TLSEXT_TYPE_key_share) ||
2440
+ !CBB_add_u16_length_prefixed(out, &kse_bytes) ||
2441
+ !CBB_add_u16(&kse_bytes, hs->new_session->group_id) ||
2442
+ !CBB_add_u16_length_prefixed(&kse_bytes, &public_key) ||
2443
+ !CBB_add_bytes(&public_key, hs->ecdh_public_key.data(),
2444
+ hs->ecdh_public_key.size()) ||
2445
+ !CBB_flush(out)) {
2446
+ return false;
2447
+ }
2448
+ return true;
2449
+ }
2450
+
2451
+
2452
+ // Supported Versions
2453
+ //
2454
+ // https://tools.ietf.org/html/rfc8446#section-4.2.1
2455
+
2456
+ static bool ext_supported_versions_add_clienthello(
2457
+ const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2458
+ ssl_client_hello_type_t type) {
2459
+ const SSL *const ssl = hs->ssl;
2460
+ if (hs->max_version <= TLS1_2_VERSION) {
2461
+ return true;
2462
+ }
2463
+
2464
+ // supported_versions is compressible in ECH if ClientHelloOuter already
2465
+ // requires TLS 1.3. Otherwise the extensions differ in the older versions.
2466
+ if (hs->min_version >= TLS1_3_VERSION) {
2467
+ out = out_compressible;
2468
+ }
2469
+
2470
+ CBB contents, versions;
2471
+ if (!CBB_add_u16(out, TLSEXT_TYPE_supported_versions) ||
2472
+ !CBB_add_u16_length_prefixed(out, &contents) ||
2473
+ !CBB_add_u8_length_prefixed(&contents, &versions)) {
2474
+ return false;
2475
+ }
2476
+
2477
+ // Add a fake version. See RFC 8701.
2478
+ if (ssl->ctx->grease_enabled &&
2479
+ !CBB_add_u16(&versions, ssl_get_grease_value(hs, ssl_grease_version))) {
2480
+ return false;
2481
+ }
2482
+
2483
+ // Encrypted ClientHellos requires TLS 1.3 or later.
2484
+ uint16_t extra_min_version =
2485
+ type == ssl_client_hello_inner ? TLS1_3_VERSION : 0;
2486
+ if (!ssl_add_supported_versions(hs, &versions, extra_min_version) ||
2487
+ !CBB_flush(out)) {
2488
+ return false;
2489
+ }
2490
+
2491
+ return true;
2492
+ }
2493
+
2494
+
2495
+ // Cookie
2496
+ //
2497
+ // https://tools.ietf.org/html/rfc8446#section-4.2.2
2498
+
2499
+ static bool ext_cookie_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2500
+ CBB *out_compressible,
2501
+ ssl_client_hello_type_t type) {
2502
+ if (hs->cookie.empty()) {
2503
+ return true;
2504
+ }
2505
+
2506
+ CBB contents, cookie;
2507
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_cookie) ||
2508
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2509
+ !CBB_add_u16_length_prefixed(&contents, &cookie) ||
2510
+ !CBB_add_bytes(&cookie, hs->cookie.data(), hs->cookie.size()) ||
2511
+ !CBB_flush(out_compressible)) {
2512
+ return false;
2513
+ }
2514
+
2515
+ return true;
2516
+ }
2517
+
2518
+
2519
+ // Supported Groups
2520
+ //
2521
+ // https://tools.ietf.org/html/rfc4492#section-5.1.1
2522
+ // https://tools.ietf.org/html/rfc8446#section-4.2.7
2523
+
2524
+ static bool ext_supported_groups_add_clienthello(const SSL_HANDSHAKE *hs,
2525
+ CBB *out,
2526
+ CBB *out_compressible,
2527
+ ssl_client_hello_type_t type) {
2528
+ const SSL *const ssl = hs->ssl;
2529
+ CBB contents, groups_bytes;
2530
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_supported_groups) ||
2531
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2532
+ !CBB_add_u16_length_prefixed(&contents, &groups_bytes)) {
2533
+ return false;
2534
+ }
2535
+
2536
+ // Add a fake group. See RFC 8701.
2537
+ if (ssl->ctx->grease_enabled &&
2538
+ !CBB_add_u16(&groups_bytes,
2539
+ ssl_get_grease_value(hs, ssl_grease_group))) {
2540
+ return false;
2541
+ }
2542
+
2543
+ for (uint16_t group : tls1_get_grouplist(hs)) {
2544
+ if (is_post_quantum_group(group) &&
2545
+ hs->max_version < TLS1_3_VERSION) {
2546
+ continue;
2547
+ }
2548
+ if (!CBB_add_u16(&groups_bytes, group)) {
2549
+ return false;
2550
+ }
2551
+ }
2552
+
2553
+ return CBB_flush(out_compressible);
2554
+ }
2555
+
2556
+ static bool ext_supported_groups_parse_serverhello(SSL_HANDSHAKE *hs,
2557
+ uint8_t *out_alert,
2558
+ CBS *contents) {
2559
+ // This extension is not expected to be echoed by servers in TLS 1.2, but some
2560
+ // BigIP servers send it nonetheless, so do not enforce this.
2561
+ return true;
2562
+ }
2563
+
2564
+ static bool parse_u16_array(const CBS *cbs, Array<uint16_t> *out) {
2565
+ CBS copy = *cbs;
2566
+ if ((CBS_len(&copy) & 1) != 0) {
2567
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2568
+ return false;
2569
+ }
2570
+
2571
+ Array<uint16_t> ret;
2572
+ if (!ret.Init(CBS_len(&copy) / 2)) {
2573
+ return false;
2574
+ }
2575
+ for (size_t i = 0; i < ret.size(); i++) {
2576
+ if (!CBS_get_u16(&copy, &ret[i])) {
2577
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
2578
+ return false;
2579
+ }
2580
+ }
2581
+
2582
+ assert(CBS_len(&copy) == 0);
2583
+ *out = std::move(ret);
2584
+ return 1;
2585
+ }
2586
+
2587
+ static bool ext_supported_groups_parse_clienthello(SSL_HANDSHAKE *hs,
2588
+ uint8_t *out_alert,
2589
+ CBS *contents) {
2590
+ if (contents == NULL) {
2591
+ return true;
2592
+ }
2593
+
2594
+ CBS supported_group_list;
2595
+ if (!CBS_get_u16_length_prefixed(contents, &supported_group_list) ||
2596
+ CBS_len(&supported_group_list) == 0 ||
2597
+ CBS_len(contents) != 0 ||
2598
+ !parse_u16_array(&supported_group_list, &hs->peer_supported_group_list)) {
2599
+ return false;
2600
+ }
2601
+
2602
+ return true;
2603
+ }
2604
+
2605
+
2606
+ // QUIC Transport Parameters
2607
+
2608
+ static bool ext_quic_transport_params_add_clienthello_impl(
2609
+ const SSL_HANDSHAKE *hs, CBB *out, bool use_legacy_codepoint) {
2610
+ if (hs->config->quic_transport_params.empty() && !hs->ssl->quic_method) {
2611
+ return true;
2612
+ }
2613
+ if (hs->config->quic_transport_params.empty() || !hs->ssl->quic_method) {
2614
+ // QUIC Transport Parameters must be sent over QUIC, and they must not be
2615
+ // sent over non-QUIC transports. If transport params are set, then
2616
+ // SSL(_CTX)_set_quic_method must also be called.
2617
+ OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2618
+ return false;
2619
+ }
2620
+ assert(hs->min_version > TLS1_2_VERSION);
2621
+ if (use_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2622
+ // Do nothing, we'll send the other codepoint.
2623
+ return true;
2624
+ }
2625
+
2626
+ uint16_t extension_type = TLSEXT_TYPE_quic_transport_parameters;
2627
+ if (hs->config->quic_use_legacy_codepoint) {
2628
+ extension_type = TLSEXT_TYPE_quic_transport_parameters_legacy;
2629
+ }
2630
+
2631
+ CBB contents;
2632
+ if (!CBB_add_u16(out, extension_type) ||
2633
+ !CBB_add_u16_length_prefixed(out, &contents) ||
2634
+ !CBB_add_bytes(&contents, hs->config->quic_transport_params.data(),
2635
+ hs->config->quic_transport_params.size()) ||
2636
+ !CBB_flush(out)) {
2637
+ return false;
2638
+ }
2639
+ return true;
2640
+ }
2641
+
2642
+ static bool ext_quic_transport_params_add_clienthello(
2643
+ const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2644
+ ssl_client_hello_type_t type) {
2645
+ return ext_quic_transport_params_add_clienthello_impl(
2646
+ hs, out_compressible, /*use_legacy_codepoint=*/false);
2647
+ }
2648
+
2649
+ static bool ext_quic_transport_params_add_clienthello_legacy(
2650
+ const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2651
+ ssl_client_hello_type_t type) {
2652
+ return ext_quic_transport_params_add_clienthello_impl(
2653
+ hs, out_compressible, /*use_legacy_codepoint=*/true);
2654
+ }
2655
+
2656
+ static bool ext_quic_transport_params_parse_serverhello_impl(
2657
+ SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents,
2658
+ bool used_legacy_codepoint) {
2659
+ SSL *const ssl = hs->ssl;
2660
+ if (contents == nullptr) {
2661
+ if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2662
+ // Silently ignore because we expect the other QUIC codepoint.
2663
+ return true;
2664
+ }
2665
+ if (!ssl->quic_method) {
2666
+ return true;
2667
+ }
2668
+ *out_alert = SSL_AD_MISSING_EXTENSION;
2669
+ return false;
2670
+ }
2671
+ // The extensions parser will check for unsolicited extensions before
2672
+ // calling the callback.
2673
+ assert(ssl->quic_method != nullptr);
2674
+ assert(ssl_protocol_version(ssl) == TLS1_3_VERSION);
2675
+ assert(used_legacy_codepoint == hs->config->quic_use_legacy_codepoint);
2676
+ return ssl->s3->peer_quic_transport_params.CopyFrom(*contents);
2677
+ }
2678
+
2679
+ static bool ext_quic_transport_params_parse_serverhello(SSL_HANDSHAKE *hs,
2680
+ uint8_t *out_alert,
2681
+ CBS *contents) {
2682
+ return ext_quic_transport_params_parse_serverhello_impl(
2683
+ hs, out_alert, contents, /*used_legacy_codepoint=*/false);
2684
+ }
2685
+
2686
+ static bool ext_quic_transport_params_parse_serverhello_legacy(
2687
+ SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) {
2688
+ return ext_quic_transport_params_parse_serverhello_impl(
2689
+ hs, out_alert, contents, /*used_legacy_codepoint=*/true);
2690
+ }
2691
+
2692
+ static bool ext_quic_transport_params_parse_clienthello_impl(
2693
+ SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents,
2694
+ bool used_legacy_codepoint) {
2695
+ SSL *const ssl = hs->ssl;
2696
+ if (!contents) {
2697
+ if (!ssl->quic_method) {
2698
+ if (hs->config->quic_transport_params.empty()) {
2699
+ return true;
2700
+ }
2701
+ // QUIC transport parameters must not be set if |ssl| is not configured
2702
+ // for QUIC.
2703
+ OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2704
+ *out_alert = SSL_AD_INTERNAL_ERROR;
2705
+ return false;
2706
+ }
2707
+ if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2708
+ // Silently ignore because we expect the other QUIC codepoint.
2709
+ return true;
2710
+ }
2711
+ *out_alert = SSL_AD_MISSING_EXTENSION;
2712
+ return false;
2713
+ }
2714
+ if (!ssl->quic_method) {
2715
+ if (used_legacy_codepoint) {
2716
+ // Ignore the legacy private-use codepoint because that could be sent
2717
+ // to mean something else than QUIC transport parameters.
2718
+ return true;
2719
+ }
2720
+ // Fail if we received the codepoint registered with IANA for QUIC
2721
+ // because that is not allowed outside of QUIC.
2722
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2723
+ return false;
2724
+ }
2725
+ assert(ssl_protocol_version(ssl) == TLS1_3_VERSION);
2726
+ if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2727
+ // Silently ignore because we expect the other QUIC codepoint.
2728
+ return true;
2729
+ }
2730
+ return ssl->s3->peer_quic_transport_params.CopyFrom(*contents);
2731
+ }
2732
+
2733
+ static bool ext_quic_transport_params_parse_clienthello(SSL_HANDSHAKE *hs,
2734
+ uint8_t *out_alert,
2735
+ CBS *contents) {
2736
+ return ext_quic_transport_params_parse_clienthello_impl(
2737
+ hs, out_alert, contents, /*used_legacy_codepoint=*/false);
2738
+ }
2739
+
2740
+ static bool ext_quic_transport_params_parse_clienthello_legacy(
2741
+ SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) {
2742
+ return ext_quic_transport_params_parse_clienthello_impl(
2743
+ hs, out_alert, contents, /*used_legacy_codepoint=*/true);
2744
+ }
2745
+
2746
+ static bool ext_quic_transport_params_add_serverhello_impl(
2747
+ SSL_HANDSHAKE *hs, CBB *out, bool use_legacy_codepoint) {
2748
+ if (hs->ssl->quic_method == nullptr && use_legacy_codepoint) {
2749
+ // Ignore the legacy private-use codepoint because that could be sent
2750
+ // to mean something else than QUIC transport parameters.
2751
+ return true;
2752
+ }
2753
+ assert(hs->ssl->quic_method != nullptr);
2754
+ if (hs->config->quic_transport_params.empty()) {
2755
+ // Transport parameters must be set when using QUIC.
2756
+ OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2757
+ return false;
2758
+ }
2759
+ if (use_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2760
+ // Do nothing, we'll send the other codepoint.
2761
+ return true;
2762
+ }
2763
+
2764
+ uint16_t extension_type = TLSEXT_TYPE_quic_transport_parameters;
2765
+ if (hs->config->quic_use_legacy_codepoint) {
2766
+ extension_type = TLSEXT_TYPE_quic_transport_parameters_legacy;
2767
+ }
2768
+
2769
+ CBB contents;
2770
+ if (!CBB_add_u16(out, extension_type) ||
2771
+ !CBB_add_u16_length_prefixed(out, &contents) ||
2772
+ !CBB_add_bytes(&contents, hs->config->quic_transport_params.data(),
2773
+ hs->config->quic_transport_params.size()) ||
2774
+ !CBB_flush(out)) {
2775
+ return false;
2776
+ }
2777
+
2778
+ return true;
2779
+ }
2780
+
2781
+ static bool ext_quic_transport_params_add_serverhello(SSL_HANDSHAKE *hs,
2782
+ CBB *out) {
2783
+ return ext_quic_transport_params_add_serverhello_impl(
2784
+ hs, out, /*use_legacy_codepoint=*/false);
2785
+ }
2786
+
2787
+ static bool ext_quic_transport_params_add_serverhello_legacy(SSL_HANDSHAKE *hs,
2788
+ CBB *out) {
2789
+ return ext_quic_transport_params_add_serverhello_impl(
2790
+ hs, out, /*use_legacy_codepoint=*/true);
2791
+ }
2792
+
2793
+ // Delegated credentials.
2794
+ //
2795
+ // https://tools.ietf.org/html/draft-ietf-tls-subcerts
2796
+
2797
+ static bool ext_delegated_credential_add_clienthello(
2798
+ const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2799
+ ssl_client_hello_type_t type) {
2800
+ return true;
2801
+ }
2802
+
2803
+ static bool ext_delegated_credential_parse_clienthello(SSL_HANDSHAKE *hs,
2804
+ uint8_t *out_alert,
2805
+ CBS *contents) {
2806
+ if (contents == nullptr || ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
2807
+ // Don't use delegated credentials unless we're negotiating TLS 1.3 or
2808
+ // higher.
2809
+ return true;
2810
+ }
2811
+
2812
+ // The contents of the extension are the signature algorithms the client will
2813
+ // accept for a delegated credential.
2814
+ CBS sigalg_list;
2815
+ if (!CBS_get_u16_length_prefixed(contents, &sigalg_list) ||
2816
+ CBS_len(&sigalg_list) == 0 ||
2817
+ CBS_len(contents) != 0 ||
2818
+ !parse_u16_array(&sigalg_list, &hs->peer_delegated_credential_sigalgs)) {
2819
+ return false;
2820
+ }
2821
+
2822
+ hs->delegated_credential_requested = true;
2823
+ return true;
2824
+ }
2825
+
2826
+ // Certificate compression
2827
+
2828
+ static bool cert_compression_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2829
+ CBB *out_compressible,
2830
+ ssl_client_hello_type_t type) {
2831
+ bool first = true;
2832
+ CBB contents, algs;
2833
+
2834
+ for (const auto &alg : hs->ssl->ctx->cert_compression_algs) {
2835
+ if (alg.decompress == nullptr) {
2836
+ continue;
2837
+ }
2838
+
2839
+ if (first &&
2840
+ (!CBB_add_u16(out_compressible, TLSEXT_TYPE_cert_compression) ||
2841
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2842
+ !CBB_add_u8_length_prefixed(&contents, &algs))) {
2843
+ return false;
2844
+ }
2845
+ first = false;
2846
+ if (!CBB_add_u16(&algs, alg.alg_id)) {
2847
+ return false;
2848
+ }
2849
+ }
2850
+
2851
+ return first || CBB_flush(out_compressible);
2852
+ }
2853
+
2854
+ static bool cert_compression_parse_serverhello(SSL_HANDSHAKE *hs,
2855
+ uint8_t *out_alert,
2856
+ CBS *contents) {
2857
+ if (contents == nullptr) {
2858
+ return true;
2859
+ }
2860
+
2861
+ // The server may not echo this extension. Any server to client negotiation is
2862
+ // advertised in the CertificateRequest message.
2863
+ return false;
2864
+ }
2865
+
2866
+ static bool cert_compression_parse_clienthello(SSL_HANDSHAKE *hs,
2867
+ uint8_t *out_alert,
2868
+ CBS *contents) {
2869
+ if (contents == nullptr) {
2870
+ return true;
2871
+ }
2872
+
2873
+ const SSL_CTX *ctx = hs->ssl->ctx.get();
2874
+ const size_t num_algs = ctx->cert_compression_algs.size();
2875
+
2876
+ CBS alg_ids;
2877
+ if (!CBS_get_u8_length_prefixed(contents, &alg_ids) ||
2878
+ CBS_len(contents) != 0 ||
2879
+ CBS_len(&alg_ids) == 0 ||
2880
+ CBS_len(&alg_ids) % 2 == 1) {
2881
+ return false;
2882
+ }
2883
+
2884
+ const size_t num_given_alg_ids = CBS_len(&alg_ids) / 2;
2885
+ Array<uint16_t> given_alg_ids;
2886
+ if (!given_alg_ids.Init(num_given_alg_ids)) {
2887
+ return false;
2888
+ }
2889
+
2890
+ size_t best_index = num_algs;
2891
+ size_t given_alg_idx = 0;
2892
+
2893
+ while (CBS_len(&alg_ids) > 0) {
2894
+ uint16_t alg_id;
2895
+ if (!CBS_get_u16(&alg_ids, &alg_id)) {
2896
+ return false;
2897
+ }
2898
+
2899
+ given_alg_ids[given_alg_idx++] = alg_id;
2900
+
2901
+ for (size_t i = 0; i < num_algs; i++) {
2902
+ const auto &alg = ctx->cert_compression_algs[i];
2903
+ if (alg.alg_id == alg_id && alg.compress != nullptr) {
2904
+ if (i < best_index) {
2905
+ best_index = i;
2906
+ }
2907
+ break;
2908
+ }
2909
+ }
2910
+ }
2911
+
2912
+ qsort(given_alg_ids.data(), given_alg_ids.size(), sizeof(uint16_t),
2913
+ compare_uint16_t);
2914
+ for (size_t i = 1; i < num_given_alg_ids; i++) {
2915
+ if (given_alg_ids[i - 1] == given_alg_ids[i]) {
2916
+ return false;
2917
+ }
2918
+ }
2919
+
2920
+ if (best_index < num_algs &&
2921
+ ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
2922
+ hs->cert_compression_negotiated = true;
2923
+ hs->cert_compression_alg_id = ctx->cert_compression_algs[best_index].alg_id;
2924
+ }
2925
+
2926
+ return true;
2927
+ }
2928
+
2929
+ static bool cert_compression_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2930
+ return true;
2931
+ }
2932
+
2933
+ // Application-level Protocol Settings
2934
+ //
2935
+ // https://tools.ietf.org/html/draft-vvv-tls-alps-01
2936
+
2937
+ bool ssl_get_local_application_settings(const SSL_HANDSHAKE *hs,
2938
+ Span<const uint8_t> *out_settings,
2939
+ Span<const uint8_t> protocol) {
2940
+ for (const ALPSConfig &config : hs->config->alps_configs) {
2941
+ if (protocol == config.protocol) {
2942
+ *out_settings = config.settings;
2943
+ return true;
2944
+ }
2945
+ }
2946
+ return false;
2947
+ }
2948
+
2949
+ static bool ext_alps_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2950
+ CBB *out_compressible,
2951
+ ssl_client_hello_type_t type) {
2952
+ const SSL *const ssl = hs->ssl;
2953
+ if (// ALPS requires TLS 1.3.
2954
+ hs->max_version < TLS1_3_VERSION ||
2955
+ // Do not offer ALPS without ALPN.
2956
+ hs->config->alpn_client_proto_list.empty() ||
2957
+ // Do not offer ALPS if not configured.
2958
+ hs->config->alps_configs.empty() ||
2959
+ // Do not offer ALPS on renegotiation handshakes.
2960
+ ssl->s3->initial_handshake_complete) {
2961
+ return true;
2962
+ }
2963
+
2964
+ CBB contents, proto_list, proto;
2965
+ if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_application_settings) ||
2966
+ !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2967
+ !CBB_add_u16_length_prefixed(&contents, &proto_list)) {
2968
+ return false;
2969
+ }
2970
+
2971
+ for (const ALPSConfig &config : hs->config->alps_configs) {
2972
+ if (!CBB_add_u8_length_prefixed(&proto_list, &proto) ||
2973
+ !CBB_add_bytes(&proto, config.protocol.data(),
2974
+ config.protocol.size())) {
2975
+ return false;
2976
+ }
2977
+ }
2978
+
2979
+ return CBB_flush(out_compressible);
2980
+ }
2981
+
2982
+ static bool ext_alps_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
2983
+ CBS *contents) {
2984
+ SSL *const ssl = hs->ssl;
2985
+ if (contents == nullptr) {
2986
+ return true;
2987
+ }
2988
+
2989
+ assert(!ssl->s3->initial_handshake_complete);
2990
+ assert(!hs->config->alpn_client_proto_list.empty());
2991
+ assert(!hs->config->alps_configs.empty());
2992
+
2993
+ // ALPS requires TLS 1.3.
2994
+ if (ssl_protocol_version(ssl) < TLS1_3_VERSION) {
2995
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2996
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
2997
+ return false;
2998
+ }
2999
+
3000
+ // Note extension callbacks may run in any order, so we defer checking
3001
+ // consistency with ALPN to |ssl_check_serverhello_tlsext|.
3002
+ if (!hs->new_session->peer_application_settings.CopyFrom(*contents)) {
3003
+ *out_alert = SSL_AD_INTERNAL_ERROR;
3004
+ return false;
3005
+ }
3006
+
3007
+ hs->new_session->has_application_settings = true;
3008
+ return true;
3009
+ }
3010
+
3011
+ static bool ext_alps_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
3012
+ SSL *const ssl = hs->ssl;
3013
+ // If early data is accepted, we omit the ALPS extension. It is implicitly
3014
+ // carried over from the previous connection.
3015
+ if (hs->new_session == nullptr ||
3016
+ !hs->new_session->has_application_settings ||
3017
+ ssl->s3->early_data_accepted) {
3018
+ return true;
3019
+ }
3020
+
3021
+ CBB contents;
3022
+ if (!CBB_add_u16(out, TLSEXT_TYPE_application_settings) ||
3023
+ !CBB_add_u16_length_prefixed(out, &contents) ||
3024
+ !CBB_add_bytes(&contents,
3025
+ hs->new_session->local_application_settings.data(),
3026
+ hs->new_session->local_application_settings.size()) ||
3027
+ !CBB_flush(out)) {
3028
+ return false;
3029
+ }
3030
+
3031
+ return true;
3032
+ }
3033
+
3034
+ bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
3035
+ const SSL_CLIENT_HELLO *client_hello) {
3036
+ SSL *const ssl = hs->ssl;
3037
+ if (ssl->s3->alpn_selected.empty()) {
3038
+ return true;
3039
+ }
3040
+
3041
+ // If we negotiate ALPN over TLS 1.3, try to negotiate ALPS.
3042
+ CBS alps_contents;
3043
+ Span<const uint8_t> settings;
3044
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION &&
3045
+ ssl_get_local_application_settings(hs, &settings,
3046
+ ssl->s3->alpn_selected) &&
3047
+ ssl_client_hello_get_extension(client_hello, &alps_contents,
3048
+ TLSEXT_TYPE_application_settings)) {
3049
+ // Check if the client supports ALPS with the selected ALPN.
3050
+ bool found = false;
3051
+ CBS alps_list;
3052
+ if (!CBS_get_u16_length_prefixed(&alps_contents, &alps_list) ||
3053
+ CBS_len(&alps_contents) != 0 ||
3054
+ CBS_len(&alps_list) == 0) {
3055
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
3056
+ *out_alert = SSL_AD_DECODE_ERROR;
3057
+ return false;
3058
+ }
3059
+ while (CBS_len(&alps_list) > 0) {
3060
+ CBS protocol_name;
3061
+ if (!CBS_get_u8_length_prefixed(&alps_list, &protocol_name) ||
3062
+ // Empty protocol names are forbidden.
3063
+ CBS_len(&protocol_name) == 0) {
3064
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
3065
+ *out_alert = SSL_AD_DECODE_ERROR;
3066
+ return false;
3067
+ }
3068
+ if (protocol_name == MakeConstSpan(ssl->s3->alpn_selected)) {
3069
+ found = true;
3070
+ }
3071
+ }
3072
+
3073
+ // Negotiate ALPS if both client also supports ALPS for this protocol.
3074
+ if (found) {
3075
+ hs->new_session->has_application_settings = true;
3076
+ if (!hs->new_session->local_application_settings.CopyFrom(settings)) {
3077
+ *out_alert = SSL_AD_INTERNAL_ERROR;
3078
+ return false;
3079
+ }
3080
+ }
3081
+ }
3082
+
3083
+ return true;
3084
+ }
3085
+
3086
+ // kExtensions contains all the supported extensions.
3087
+ static const struct tls_extension kExtensions[] = {
3088
+ {
3089
+ TLSEXT_TYPE_server_name,
3090
+ ext_sni_add_clienthello,
3091
+ ext_sni_parse_serverhello,
3092
+ ext_sni_parse_clienthello,
3093
+ ext_sni_add_serverhello,
3094
+ },
3095
+ {
3096
+ TLSEXT_TYPE_encrypted_client_hello,
3097
+ ext_ech_add_clienthello,
3098
+ ext_ech_parse_serverhello,
3099
+ ext_ech_parse_clienthello,
3100
+ ext_ech_add_serverhello,
3101
+ },
3102
+ {
3103
+ TLSEXT_TYPE_extended_master_secret,
3104
+ ext_ems_add_clienthello,
3105
+ ext_ems_parse_serverhello,
3106
+ ext_ems_parse_clienthello,
3107
+ ext_ems_add_serverhello,
3108
+ },
3109
+ {
3110
+ TLSEXT_TYPE_renegotiate,
3111
+ ext_ri_add_clienthello,
3112
+ ext_ri_parse_serverhello,
3113
+ ext_ri_parse_clienthello,
3114
+ ext_ri_add_serverhello,
3115
+ },
3116
+ {
3117
+ TLSEXT_TYPE_supported_groups,
3118
+ ext_supported_groups_add_clienthello,
3119
+ ext_supported_groups_parse_serverhello,
3120
+ ext_supported_groups_parse_clienthello,
3121
+ dont_add_serverhello,
3122
+ },
3123
+ {
3124
+ TLSEXT_TYPE_ec_point_formats,
3125
+ ext_ec_point_add_clienthello,
3126
+ ext_ec_point_parse_serverhello,
3127
+ ext_ec_point_parse_clienthello,
3128
+ ext_ec_point_add_serverhello,
3129
+ },
3130
+ {
3131
+ TLSEXT_TYPE_session_ticket,
3132
+ ext_ticket_add_clienthello,
3133
+ ext_ticket_parse_serverhello,
3134
+ // Ticket extension client parsing is handled in ssl_session.c
3135
+ ignore_parse_clienthello,
3136
+ ext_ticket_add_serverhello,
3137
+ },
3138
+ {
3139
+ TLSEXT_TYPE_application_layer_protocol_negotiation,
3140
+ ext_alpn_add_clienthello,
3141
+ ext_alpn_parse_serverhello,
3142
+ // ALPN is negotiated late in |ssl_negotiate_alpn|.
3143
+ ignore_parse_clienthello,
3144
+ ext_alpn_add_serverhello,
3145
+ },
3146
+ {
3147
+ TLSEXT_TYPE_status_request,
3148
+ ext_ocsp_add_clienthello,
3149
+ ext_ocsp_parse_serverhello,
3150
+ ext_ocsp_parse_clienthello,
3151
+ ext_ocsp_add_serverhello,
3152
+ },
3153
+ {
3154
+ TLSEXT_TYPE_signature_algorithms,
3155
+ ext_sigalgs_add_clienthello,
3156
+ forbid_parse_serverhello,
3157
+ ext_sigalgs_parse_clienthello,
3158
+ dont_add_serverhello,
3159
+ },
3160
+ {
3161
+ TLSEXT_TYPE_next_proto_neg,
3162
+ ext_npn_add_clienthello,
3163
+ ext_npn_parse_serverhello,
3164
+ ext_npn_parse_clienthello,
3165
+ ext_npn_add_serverhello,
3166
+ },
3167
+ {
3168
+ TLSEXT_TYPE_certificate_timestamp,
3169
+ ext_sct_add_clienthello,
3170
+ ext_sct_parse_serverhello,
3171
+ ext_sct_parse_clienthello,
3172
+ ext_sct_add_serverhello,
3173
+ },
3174
+ {
3175
+ TLSEXT_TYPE_channel_id,
3176
+ ext_channel_id_add_clienthello,
3177
+ ext_channel_id_parse_serverhello,
3178
+ ext_channel_id_parse_clienthello,
3179
+ ext_channel_id_add_serverhello,
3180
+ },
3181
+ {
3182
+ TLSEXT_TYPE_srtp,
3183
+ ext_srtp_add_clienthello,
3184
+ ext_srtp_parse_serverhello,
3185
+ ext_srtp_parse_clienthello,
3186
+ ext_srtp_add_serverhello,
3187
+ },
3188
+ {
3189
+ TLSEXT_TYPE_key_share,
3190
+ ext_key_share_add_clienthello,
3191
+ forbid_parse_serverhello,
3192
+ ignore_parse_clienthello,
3193
+ dont_add_serverhello,
3194
+ },
3195
+ {
3196
+ TLSEXT_TYPE_psk_key_exchange_modes,
3197
+ ext_psk_key_exchange_modes_add_clienthello,
3198
+ forbid_parse_serverhello,
3199
+ ext_psk_key_exchange_modes_parse_clienthello,
3200
+ dont_add_serverhello,
3201
+ },
3202
+ {
3203
+ TLSEXT_TYPE_early_data,
3204
+ ext_early_data_add_clienthello,
3205
+ ext_early_data_parse_serverhello,
3206
+ ext_early_data_parse_clienthello,
3207
+ ext_early_data_add_serverhello,
3208
+ },
3209
+ {
3210
+ TLSEXT_TYPE_supported_versions,
3211
+ ext_supported_versions_add_clienthello,
3212
+ forbid_parse_serverhello,
3213
+ ignore_parse_clienthello,
3214
+ dont_add_serverhello,
3215
+ },
3216
+ {
3217
+ TLSEXT_TYPE_cookie,
3218
+ ext_cookie_add_clienthello,
3219
+ forbid_parse_serverhello,
3220
+ ignore_parse_clienthello,
3221
+ dont_add_serverhello,
3222
+ },
3223
+ {
3224
+ TLSEXT_TYPE_quic_transport_parameters,
3225
+ ext_quic_transport_params_add_clienthello,
3226
+ ext_quic_transport_params_parse_serverhello,
3227
+ ext_quic_transport_params_parse_clienthello,
3228
+ ext_quic_transport_params_add_serverhello,
3229
+ },
3230
+ {
3231
+ TLSEXT_TYPE_quic_transport_parameters_legacy,
3232
+ ext_quic_transport_params_add_clienthello_legacy,
3233
+ ext_quic_transport_params_parse_serverhello_legacy,
3234
+ ext_quic_transport_params_parse_clienthello_legacy,
3235
+ ext_quic_transport_params_add_serverhello_legacy,
3236
+ },
3237
+ {
3238
+ TLSEXT_TYPE_cert_compression,
3239
+ cert_compression_add_clienthello,
3240
+ cert_compression_parse_serverhello,
3241
+ cert_compression_parse_clienthello,
3242
+ cert_compression_add_serverhello,
3243
+ },
3244
+ {
3245
+ TLSEXT_TYPE_delegated_credential,
3246
+ ext_delegated_credential_add_clienthello,
3247
+ forbid_parse_serverhello,
3248
+ ext_delegated_credential_parse_clienthello,
3249
+ dont_add_serverhello,
3250
+ },
3251
+ {
3252
+ TLSEXT_TYPE_application_settings,
3253
+ ext_alps_add_clienthello,
3254
+ ext_alps_parse_serverhello,
3255
+ // ALPS is negotiated late in |ssl_negotiate_alpn|.
3256
+ ignore_parse_clienthello,
3257
+ ext_alps_add_serverhello,
3258
+ },
3259
+ };
3260
+
3261
+ #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension))
3262
+
3263
+ static_assert(kNumExtensions <=
3264
+ sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8,
3265
+ "too many extensions for sent bitset");
3266
+ static_assert(kNumExtensions <=
3267
+ sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8,
3268
+ "too many extensions for received bitset");
3269
+
3270
+ bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs) {
3271
+ if (!hs->config->permute_extensions) {
3272
+ return true;
3273
+ }
3274
+
3275
+ static_assert(kNumExtensions <= UINT8_MAX,
3276
+ "extensions_permutation type is too small");
3277
+ uint32_t seeds[kNumExtensions - 1];
3278
+ Array<uint8_t> permutation;
3279
+ if (!RAND_bytes(reinterpret_cast<uint8_t *>(seeds), sizeof(seeds)) ||
3280
+ !permutation.Init(kNumExtensions)) {
3281
+ return false;
3282
+ }
3283
+ for (size_t i = 0; i < kNumExtensions; i++) {
3284
+ permutation[i] = i;
3285
+ }
3286
+ for (size_t i = kNumExtensions - 1; i > 0; i--) {
3287
+ // Set element |i| to a randomly-selected element 0 <= j <= i.
3288
+ std::swap(permutation[i], permutation[seeds[i - 1] % (i + 1)]);
3289
+ }
3290
+ hs->extension_permutation = std::move(permutation);
3291
+ return true;
3292
+ }
3293
+
3294
+ static const struct tls_extension *tls_extension_find(uint32_t *out_index,
3295
+ uint16_t value) {
3296
+ unsigned i;
3297
+ for (i = 0; i < kNumExtensions; i++) {
3298
+ if (kExtensions[i].value == value) {
3299
+ *out_index = i;
3300
+ return &kExtensions[i];
3301
+ }
3302
+ }
3303
+
3304
+ return NULL;
3305
+ }
3306
+
3307
+ static bool add_padding_extension(CBB *cbb, uint16_t ext, size_t len) {
3308
+ CBB child;
3309
+ if (!CBB_add_u16(cbb, ext) || //
3310
+ !CBB_add_u16_length_prefixed(cbb, &child) ||
3311
+ !CBB_add_zeros(&child, len)) {
3312
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3313
+ return false;
3314
+ }
3315
+ return CBB_flush(cbb);
3316
+ }
3317
+
3318
+ static bool ssl_add_clienthello_tlsext_inner(SSL_HANDSHAKE *hs, CBB *out,
3319
+ CBB *out_encoded,
3320
+ bool *out_needs_psk_binder) {
3321
+ // When writing ClientHelloInner, we construct the real and encoded
3322
+ // ClientHellos concurrently, to handle compression. Uncompressed extensions
3323
+ // are written to |extensions| and copied to |extensions_encoded|. Compressed
3324
+ // extensions are buffered in |compressed| and written to the end. (ECH can
3325
+ // only compress continguous extensions.)
3326
+ SSL *const ssl = hs->ssl;
3327
+ bssl::ScopedCBB compressed, outer_extensions;
3328
+ CBB extensions, extensions_encoded;
3329
+ if (!CBB_add_u16_length_prefixed(out, &extensions) ||
3330
+ !CBB_add_u16_length_prefixed(out_encoded, &extensions_encoded) ||
3331
+ !CBB_init(compressed.get(), 64) ||
3332
+ !CBB_init(outer_extensions.get(), 64)) {
3333
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3334
+ return false;
3335
+ }
3336
+
3337
+ hs->inner_extensions_sent = 0;
3338
+
3339
+ if (ssl->ctx->grease_enabled) {
3340
+ // Add a fake empty extension. See RFC 8701. This always matches
3341
+ // |ssl_add_clienthello_tlsext|, so compress it.
3342
+ uint16_t grease_ext = ssl_get_grease_value(hs, ssl_grease_extension1);
3343
+ if (!add_padding_extension(compressed.get(), grease_ext, 0) ||
3344
+ !CBB_add_u16(outer_extensions.get(), grease_ext)) {
3345
+ return false;
3346
+ }
3347
+ }
3348
+
3349
+ for (size_t unpermuted = 0; unpermuted < kNumExtensions; unpermuted++) {
3350
+ size_t i = hs->extension_permutation.empty()
3351
+ ? unpermuted
3352
+ : hs->extension_permutation[unpermuted];
3353
+ const size_t len_before = CBB_len(&extensions);
3354
+ const size_t len_compressed_before = CBB_len(compressed.get());
3355
+ if (!kExtensions[i].add_clienthello(hs, &extensions, compressed.get(),
3356
+ ssl_client_hello_inner)) {
3357
+ OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3358
+ ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3359
+ return false;
3360
+ }
3361
+
3362
+ const size_t bytes_written = CBB_len(&extensions) - len_before;
3363
+ const size_t bytes_written_compressed =
3364
+ CBB_len(compressed.get()) - len_compressed_before;
3365
+ // The callback may write to at most one output.
3366
+ assert(bytes_written == 0 || bytes_written_compressed == 0);
3367
+ if (bytes_written != 0 || bytes_written_compressed != 0) {
3368
+ hs->inner_extensions_sent |= (1u << i);
3369
+ }
3370
+ // If compressed, update the running ech_outer_extensions extension.
3371
+ if (bytes_written_compressed != 0 &&
3372
+ !CBB_add_u16(outer_extensions.get(), kExtensions[i].value)) {
3373
+ return false;
3374
+ }
3375
+ }
3376
+
3377
+ if (ssl->ctx->grease_enabled) {
3378
+ // Add a fake non-empty extension. See RFC 8701. This always matches
3379
+ // |ssl_add_clienthello_tlsext|, so compress it.
3380
+ uint16_t grease_ext = ssl_get_grease_value(hs, ssl_grease_extension2);
3381
+ if (!add_padding_extension(compressed.get(), grease_ext, 1) ||
3382
+ !CBB_add_u16(outer_extensions.get(), grease_ext)) {
3383
+ return false;
3384
+ }
3385
+ }
3386
+
3387
+ // Uncompressed extensions are encoded as-is.
3388
+ if (!CBB_add_bytes(&extensions_encoded, CBB_data(&extensions),
3389
+ CBB_len(&extensions))) {
3390
+ return false;
3391
+ }
3392
+
3393
+ // Flush all the compressed extensions.
3394
+ if (CBB_len(compressed.get()) != 0) {
3395
+ CBB extension, child;
3396
+ // Copy them as-is in the real ClientHelloInner.
3397
+ if (!CBB_add_bytes(&extensions, CBB_data(compressed.get()),
3398
+ CBB_len(compressed.get())) ||
3399
+ // Replace with ech_outer_extensions in the encoded form.
3400
+ !CBB_add_u16(&extensions_encoded, TLSEXT_TYPE_ech_outer_extensions) ||
3401
+ !CBB_add_u16_length_prefixed(&extensions_encoded, &extension) ||
3402
+ !CBB_add_u8_length_prefixed(&extension, &child) ||
3403
+ !CBB_add_bytes(&child, CBB_data(outer_extensions.get()),
3404
+ CBB_len(outer_extensions.get())) ||
3405
+ !CBB_flush(&extensions_encoded)) {
3406
+ return false;
3407
+ }
3408
+ }
3409
+
3410
+ // The PSK extension must be last. It is never compressed. Note, if there is a
3411
+ // binder, the caller will need to update both ClientHelloInner and
3412
+ // EncodedClientHelloInner after computing it.
3413
+ const size_t len_before = CBB_len(&extensions);
3414
+ if (!ext_pre_shared_key_add_clienthello(hs, &extensions, out_needs_psk_binder,
3415
+ ssl_client_hello_inner) ||
3416
+ !CBB_add_bytes(&extensions_encoded, CBB_data(&extensions) + len_before,
3417
+ CBB_len(&extensions) - len_before) ||
3418
+ !CBB_flush(out) || //
3419
+ !CBB_flush(out_encoded)) {
3420
+ return false;
3421
+ }
3422
+
3423
+ return true;
3424
+ }
3425
+
3426
+ bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
3427
+ bool *out_needs_psk_binder,
3428
+ ssl_client_hello_type_t type,
3429
+ size_t header_len) {
3430
+ *out_needs_psk_binder = false;
3431
+
3432
+ if (type == ssl_client_hello_inner) {
3433
+ return ssl_add_clienthello_tlsext_inner(hs, out, out_encoded,
3434
+ out_needs_psk_binder);
3435
+ }
3436
+
3437
+ assert(out_encoded == nullptr); // Only ClientHelloInner needs two outputs.
3438
+ SSL *const ssl = hs->ssl;
3439
+ CBB extensions;
3440
+ if (!CBB_add_u16_length_prefixed(out, &extensions)) {
3441
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3442
+ return false;
3443
+ }
3444
+
3445
+ // Note we may send multiple ClientHellos for DTLS HelloVerifyRequest and TLS
3446
+ // 1.3 HelloRetryRequest. For the latter, the extensions may change, so it is
3447
+ // important to reset this value.
3448
+ hs->extensions.sent = 0;
3449
+
3450
+ // Add a fake empty extension. See RFC 8701.
3451
+ if (ssl->ctx->grease_enabled &&
3452
+ !add_padding_extension(
3453
+ &extensions, ssl_get_grease_value(hs, ssl_grease_extension1), 0)) {
3454
+ return false;
3455
+ }
3456
+
3457
+ bool last_was_empty = false;
3458
+ for (size_t unpermuted = 0; unpermuted < kNumExtensions; unpermuted++) {
3459
+ size_t i = hs->extension_permutation.empty()
3460
+ ? unpermuted
3461
+ : hs->extension_permutation[unpermuted];
3462
+ const size_t len_before = CBB_len(&extensions);
3463
+ if (!kExtensions[i].add_clienthello(hs, &extensions, &extensions, type)) {
3464
+ OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3465
+ ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3466
+ return false;
3467
+ }
3468
+
3469
+ const size_t bytes_written = CBB_len(&extensions) - len_before;
3470
+ if (bytes_written != 0) {
3471
+ hs->extensions.sent |= (1u << i);
3472
+ }
3473
+ // If the difference in lengths is only four bytes then the extension had
3474
+ // an empty body.
3475
+ last_was_empty = (bytes_written == 4);
3476
+ }
3477
+
3478
+ if (ssl->ctx->grease_enabled) {
3479
+ // Add a fake non-empty extension. See RFC 8701.
3480
+ if (!add_padding_extension(
3481
+ &extensions, ssl_get_grease_value(hs, ssl_grease_extension2), 1)) {
3482
+ return false;
3483
+ }
3484
+ last_was_empty = false;
3485
+ }
3486
+
3487
+ // In cleartext ClientHellos, we add the padding extension to work around
3488
+ // bugs. We also apply this padding to ClientHelloOuter, to keep the wire
3489
+ // images aligned.
3490
+ size_t psk_extension_len = ext_pre_shared_key_clienthello_length(hs, type);
3491
+ if (!SSL_is_dtls(ssl) && !ssl->quic_method &&
3492
+ !ssl->s3->used_hello_retry_request) {
3493
+ header_len +=
3494
+ SSL3_HM_HEADER_LENGTH + 2 + CBB_len(&extensions) + psk_extension_len;
3495
+ size_t padding_len = 0;
3496
+
3497
+ // The final extension must be non-empty. WebSphere Application
3498
+ // Server 7.0 is intolerant to the last extension being zero-length. See
3499
+ // https://crbug.com/363583.
3500
+ if (last_was_empty && psk_extension_len == 0) {
3501
+ padding_len = 1;
3502
+ // The addition of the padding extension may push us into the F5 bug.
3503
+ header_len += 4 + padding_len;
3504
+ }
3505
+
3506
+ // Add padding to workaround bugs in F5 terminators. See RFC 7685.
3507
+ //
3508
+ // NB: because this code works out the length of all existing extensions
3509
+ // it MUST always appear last (save for any PSK extension).
3510
+ if (header_len > 0xff && header_len < 0x200) {
3511
+ // If our calculations already included a padding extension, remove that
3512
+ // factor because we're about to change its length.
3513
+ if (padding_len != 0) {
3514
+ header_len -= 4 + padding_len;
3515
+ }
3516
+ padding_len = 0x200 - header_len;
3517
+ // Extensions take at least four bytes to encode. Always include at least
3518
+ // one byte of data if including the extension. WebSphere Application
3519
+ // Server 7.0 is intolerant to the last extension being zero-length. See
3520
+ // https://crbug.com/363583.
3521
+ if (padding_len >= 4 + 1) {
3522
+ padding_len -= 4;
3523
+ } else {
3524
+ padding_len = 1;
3525
+ }
3526
+ }
3527
+
3528
+ if (padding_len != 0 &&
3529
+ !add_padding_extension(&extensions, TLSEXT_TYPE_padding, padding_len)) {
3530
+ return false;
3531
+ }
3532
+ }
3533
+
3534
+ // The PSK extension must be last, including after the padding.
3535
+ const size_t len_before = CBB_len(&extensions);
3536
+ if (!ext_pre_shared_key_add_clienthello(hs, &extensions, out_needs_psk_binder,
3537
+ type)) {
3538
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3539
+ return false;
3540
+ }
3541
+ assert(psk_extension_len == CBB_len(&extensions) - len_before);
3542
+ (void)len_before; // |assert| is omitted in release builds.
3543
+
3544
+ // Discard empty extensions blocks.
3545
+ if (CBB_len(&extensions) == 0) {
3546
+ CBB_discard_child(out);
3547
+ }
3548
+
3549
+ return CBB_flush(out);
3550
+ }
3551
+
3552
+ bool ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out) {
3553
+ SSL *const ssl = hs->ssl;
3554
+ CBB extensions;
3555
+ if (!CBB_add_u16_length_prefixed(out, &extensions)) {
3556
+ goto err;
3557
+ }
3558
+
3559
+ for (unsigned i = 0; i < kNumExtensions; i++) {
3560
+ if (!(hs->extensions.received & (1u << i))) {
3561
+ // Don't send extensions that were not received.
3562
+ continue;
3563
+ }
3564
+
3565
+ if (!kExtensions[i].add_serverhello(hs, &extensions)) {
3566
+ OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3567
+ ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3568
+ goto err;
3569
+ }
3570
+ }
3571
+
3572
+ // Discard empty extensions blocks before TLS 1.3.
3573
+ if (ssl_protocol_version(ssl) < TLS1_3_VERSION &&
3574
+ CBB_len(&extensions) == 0) {
3575
+ CBB_discard_child(out);
3576
+ }
3577
+
3578
+ return CBB_flush(out);
3579
+
3580
+ err:
3581
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3582
+ return false;
3583
+ }
3584
+
3585
+ static bool ssl_scan_clienthello_tlsext(SSL_HANDSHAKE *hs,
3586
+ const SSL_CLIENT_HELLO *client_hello,
3587
+ int *out_alert) {
3588
+ hs->extensions.received = 0;
3589
+ CBS extensions;
3590
+ CBS_init(&extensions, client_hello->extensions, client_hello->extensions_len);
3591
+ while (CBS_len(&extensions) != 0) {
3592
+ uint16_t type;
3593
+ CBS extension;
3594
+
3595
+ // Decode the next extension.
3596
+ if (!CBS_get_u16(&extensions, &type) ||
3597
+ !CBS_get_u16_length_prefixed(&extensions, &extension)) {
3598
+ *out_alert = SSL_AD_DECODE_ERROR;
3599
+ return false;
3600
+ }
3601
+
3602
+ unsigned ext_index;
3603
+ const struct tls_extension *const ext =
3604
+ tls_extension_find(&ext_index, type);
3605
+ if (ext == NULL) {
3606
+ continue;
3607
+ }
3608
+
3609
+ hs->extensions.received |= (1u << ext_index);
3610
+ uint8_t alert = SSL_AD_DECODE_ERROR;
3611
+ if (!ext->parse_clienthello(hs, &alert, &extension)) {
3612
+ *out_alert = alert;
3613
+ OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
3614
+ ERR_add_error_dataf("extension %u", (unsigned)type);
3615
+ return false;
3616
+ }
3617
+ }
3618
+
3619
+ for (size_t i = 0; i < kNumExtensions; i++) {
3620
+ if (hs->extensions.received & (1u << i)) {
3621
+ continue;
3622
+ }
3623
+
3624
+ CBS *contents = NULL, fake_contents;
3625
+ static const uint8_t kFakeRenegotiateExtension[] = {0};
3626
+ if (kExtensions[i].value == TLSEXT_TYPE_renegotiate &&
3627
+ ssl_client_cipher_list_contains_cipher(client_hello,
3628
+ SSL3_CK_SCSV & 0xffff)) {
3629
+ // The renegotiation SCSV was received so pretend that we received a
3630
+ // renegotiation extension.
3631
+ CBS_init(&fake_contents, kFakeRenegotiateExtension,
3632
+ sizeof(kFakeRenegotiateExtension));
3633
+ contents = &fake_contents;
3634
+ hs->extensions.received |= (1u << i);
3635
+ }
3636
+
3637
+ // Extension wasn't observed so call the callback with a NULL
3638
+ // parameter.
3639
+ uint8_t alert = SSL_AD_DECODE_ERROR;
3640
+ if (!kExtensions[i].parse_clienthello(hs, &alert, contents)) {
3641
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_EXTENSION);
3642
+ ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3643
+ *out_alert = alert;
3644
+ return false;
3645
+ }
3646
+ }
3647
+
3648
+ return true;
3649
+ }
3650
+
3651
+ bool ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
3652
+ const SSL_CLIENT_HELLO *client_hello) {
3653
+ SSL *const ssl = hs->ssl;
3654
+ int alert = SSL_AD_DECODE_ERROR;
3655
+ if (!ssl_scan_clienthello_tlsext(hs, client_hello, &alert)) {
3656
+ ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
3657
+ return false;
3658
+ }
3659
+
3660
+ if (!ssl_check_clienthello_tlsext(hs)) {
3661
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_TLSEXT);
3662
+ return false;
3663
+ }
3664
+
3665
+ return true;
3666
+ }
3667
+
3668
+ static bool ssl_scan_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs,
3669
+ int *out_alert) {
3670
+ CBS extensions = *cbs;
3671
+ if (!tls1_check_duplicate_extensions(&extensions)) {
3672
+ *out_alert = SSL_AD_DECODE_ERROR;
3673
+ return false;
3674
+ }
3675
+
3676
+ uint32_t received = 0;
3677
+ while (CBS_len(&extensions) != 0) {
3678
+ uint16_t type;
3679
+ CBS extension;
3680
+
3681
+ // Decode the next extension.
3682
+ if (!CBS_get_u16(&extensions, &type) ||
3683
+ !CBS_get_u16_length_prefixed(&extensions, &extension)) {
3684
+ *out_alert = SSL_AD_DECODE_ERROR;
3685
+ return false;
3686
+ }
3687
+
3688
+ unsigned ext_index;
3689
+ const struct tls_extension *const ext =
3690
+ tls_extension_find(&ext_index, type);
3691
+
3692
+ if (ext == NULL) {
3693
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
3694
+ ERR_add_error_dataf("extension %u", (unsigned)type);
3695
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
3696
+ return false;
3697
+ }
3698
+
3699
+ static_assert(kNumExtensions <= sizeof(hs->extensions.sent) * 8,
3700
+ "too many bits");
3701
+
3702
+ if (!(hs->extensions.sent & (1u << ext_index))) {
3703
+ // If the extension was never sent then it is illegal.
3704
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
3705
+ ERR_add_error_dataf("extension :%u", (unsigned)type);
3706
+ *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
3707
+ return false;
3708
+ }
3709
+
3710
+ received |= (1u << ext_index);
3711
+
3712
+ uint8_t alert = SSL_AD_DECODE_ERROR;
3713
+ if (!ext->parse_serverhello(hs, &alert, &extension)) {
3714
+ OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
3715
+ ERR_add_error_dataf("extension %u", (unsigned)type);
3716
+ *out_alert = alert;
3717
+ return false;
3718
+ }
3719
+ }
3720
+
3721
+ for (size_t i = 0; i < kNumExtensions; i++) {
3722
+ if (!(received & (1u << i))) {
3723
+ // Extension wasn't observed so call the callback with a NULL
3724
+ // parameter.
3725
+ uint8_t alert = SSL_AD_DECODE_ERROR;
3726
+ if (!kExtensions[i].parse_serverhello(hs, &alert, NULL)) {
3727
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_EXTENSION);
3728
+ ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3729
+ *out_alert = alert;
3730
+ return false;
3731
+ }
3732
+ }
3733
+ }
3734
+
3735
+ return true;
3736
+ }
3737
+
3738
+ static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) {
3739
+ SSL *const ssl = hs->ssl;
3740
+ int ret = SSL_TLSEXT_ERR_NOACK;
3741
+ int al = SSL_AD_UNRECOGNIZED_NAME;
3742
+ if (ssl->ctx->servername_callback != 0) {
3743
+ ret = ssl->ctx->servername_callback(ssl, &al, ssl->ctx->servername_arg);
3744
+ } else if (ssl->session_ctx->servername_callback != 0) {
3745
+ ret = ssl->session_ctx->servername_callback(
3746
+ ssl, &al, ssl->session_ctx->servername_arg);
3747
+ }
3748
+
3749
+ switch (ret) {
3750
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
3751
+ ssl_send_alert(ssl, SSL3_AL_FATAL, al);
3752
+ return false;
3753
+
3754
+ case SSL_TLSEXT_ERR_NOACK:
3755
+ hs->should_ack_sni = false;
3756
+ return true;
3757
+
3758
+ default:
3759
+ return true;
3760
+ }
3761
+ }
3762
+
3763
+ static bool ssl_check_serverhello_tlsext(SSL_HANDSHAKE *hs) {
3764
+ SSL *const ssl = hs->ssl;
3765
+ // ALPS and ALPN have a dependency between each other, so we defer checking
3766
+ // consistency to after the callbacks run.
3767
+ if (hs->new_session != nullptr && hs->new_session->has_application_settings) {
3768
+ // ALPN must be negotiated.
3769
+ if (ssl->s3->alpn_selected.empty()) {
3770
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_ALPS_WITHOUT_ALPN);
3771
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
3772
+ return false;
3773
+ }
3774
+
3775
+ // The negotiated protocol must be one of the ones we advertised for ALPS.
3776
+ Span<const uint8_t> settings;
3777
+ if (!ssl_get_local_application_settings(hs, &settings,
3778
+ ssl->s3->alpn_selected)) {
3779
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
3780
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
3781
+ return false;
3782
+ }
3783
+
3784
+ if (!hs->new_session->local_application_settings.CopyFrom(settings)) {
3785
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
3786
+ return false;
3787
+ }
3788
+ }
3789
+
3790
+ return true;
3791
+ }
3792
+
3793
+ bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs) {
3794
+ SSL *const ssl = hs->ssl;
3795
+ int alert = SSL_AD_DECODE_ERROR;
3796
+ if (!ssl_scan_serverhello_tlsext(hs, cbs, &alert)) {
3797
+ ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
3798
+ return false;
3799
+ }
3800
+
3801
+ if (!ssl_check_serverhello_tlsext(hs)) {
3802
+ return false;
3803
+ }
3804
+
3805
+ return true;
3806
+ }
3807
+
3808
+ static enum ssl_ticket_aead_result_t decrypt_ticket_with_cipher_ctx(
3809
+ Array<uint8_t> *out, EVP_CIPHER_CTX *cipher_ctx, HMAC_CTX *hmac_ctx,
3810
+ Span<const uint8_t> ticket) {
3811
+ size_t iv_len = EVP_CIPHER_CTX_iv_length(cipher_ctx);
3812
+
3813
+ // Check the MAC at the end of the ticket.
3814
+ uint8_t mac[EVP_MAX_MD_SIZE];
3815
+ size_t mac_len = HMAC_size(hmac_ctx);
3816
+ if (ticket.size() < SSL_TICKET_KEY_NAME_LEN + iv_len + 1 + mac_len) {
3817
+ // The ticket must be large enough for key name, IV, data, and MAC.
3818
+ return ssl_ticket_aead_ignore_ticket;
3819
+ }
3820
+ // Split the ticket into the ticket and the MAC.
3821
+ auto ticket_mac = ticket.last(mac_len);
3822
+ ticket = ticket.first(ticket.size() - mac_len);
3823
+ HMAC_Update(hmac_ctx, ticket.data(), ticket.size());
3824
+ HMAC_Final(hmac_ctx, mac, NULL);
3825
+ assert(mac_len == ticket_mac.size());
3826
+ bool mac_ok = CRYPTO_memcmp(mac, ticket_mac.data(), mac_len) == 0;
3827
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
3828
+ mac_ok = true;
3829
+ #endif
3830
+ if (!mac_ok) {
3831
+ return ssl_ticket_aead_ignore_ticket;
3832
+ }
3833
+
3834
+ // Decrypt the session data.
3835
+ auto ciphertext = ticket.subspan(SSL_TICKET_KEY_NAME_LEN + iv_len);
3836
+ Array<uint8_t> plaintext;
3837
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
3838
+ if (!plaintext.CopyFrom(ciphertext)) {
3839
+ return ssl_ticket_aead_error;
3840
+ }
3841
+ #else
3842
+ if (ciphertext.size() >= INT_MAX) {
3843
+ return ssl_ticket_aead_ignore_ticket;
3844
+ }
3845
+ if (!plaintext.Init(ciphertext.size())) {
3846
+ return ssl_ticket_aead_error;
3847
+ }
3848
+ int len1, len2;
3849
+ if (!EVP_DecryptUpdate(cipher_ctx, plaintext.data(), &len1, ciphertext.data(),
3850
+ (int)ciphertext.size()) ||
3851
+ !EVP_DecryptFinal_ex(cipher_ctx, plaintext.data() + len1, &len2)) {
3852
+ ERR_clear_error();
3853
+ return ssl_ticket_aead_ignore_ticket;
3854
+ }
3855
+ plaintext.Shrink(static_cast<size_t>(len1) + len2);
3856
+ #endif
3857
+
3858
+ *out = std::move(plaintext);
3859
+ return ssl_ticket_aead_success;
3860
+ }
3861
+
3862
+ static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_cb(
3863
+ SSL_HANDSHAKE *hs, Array<uint8_t> *out, bool *out_renew_ticket,
3864
+ Span<const uint8_t> ticket) {
3865
+ assert(ticket.size() >= SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH);
3866
+ ScopedEVP_CIPHER_CTX cipher_ctx;
3867
+ ScopedHMAC_CTX hmac_ctx;
3868
+ auto name = ticket.subspan(0, SSL_TICKET_KEY_NAME_LEN);
3869
+ // The actual IV is shorter, but the length is determined by the callback's
3870
+ // chosen cipher. Instead we pass in |EVP_MAX_IV_LENGTH| worth of IV to ensure
3871
+ // the callback has enough.
3872
+ auto iv = ticket.subspan(SSL_TICKET_KEY_NAME_LEN, EVP_MAX_IV_LENGTH);
3873
+ int cb_ret = hs->ssl->session_ctx->ticket_key_cb(
3874
+ hs->ssl, const_cast<uint8_t *>(name.data()),
3875
+ const_cast<uint8_t *>(iv.data()), cipher_ctx.get(), hmac_ctx.get(),
3876
+ 0 /* decrypt */);
3877
+ if (cb_ret < 0) {
3878
+ return ssl_ticket_aead_error;
3879
+ } else if (cb_ret == 0) {
3880
+ return ssl_ticket_aead_ignore_ticket;
3881
+ } else if (cb_ret == 2) {
3882
+ *out_renew_ticket = true;
3883
+ } else {
3884
+ assert(cb_ret == 1);
3885
+ }
3886
+ return decrypt_ticket_with_cipher_ctx(out, cipher_ctx.get(), hmac_ctx.get(),
3887
+ ticket);
3888
+ }
3889
+
3890
+ static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_ticket_keys(
3891
+ SSL_HANDSHAKE *hs, Array<uint8_t> *out, Span<const uint8_t> ticket) {
3892
+ assert(ticket.size() >= SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH);
3893
+ SSL_CTX *ctx = hs->ssl->session_ctx.get();
3894
+
3895
+ // Rotate the ticket key if necessary.
3896
+ if (!ssl_ctx_rotate_ticket_encryption_key(ctx)) {
3897
+ return ssl_ticket_aead_error;
3898
+ }
3899
+
3900
+ const EVP_CIPHER *cipher = EVP_aes_128_cbc();
3901
+ auto name = ticket.subspan(0, SSL_TICKET_KEY_NAME_LEN);
3902
+ auto iv =
3903
+ ticket.subspan(SSL_TICKET_KEY_NAME_LEN, EVP_CIPHER_iv_length(cipher));
3904
+
3905
+ // Pick the matching ticket key and decrypt.
3906
+ ScopedEVP_CIPHER_CTX cipher_ctx;
3907
+ ScopedHMAC_CTX hmac_ctx;
3908
+ {
3909
+ MutexReadLock lock(&ctx->lock);
3910
+ const TicketKey *key;
3911
+ if (ctx->ticket_key_current && name == ctx->ticket_key_current->name) {
3912
+ key = ctx->ticket_key_current.get();
3913
+ } else if (ctx->ticket_key_prev && name == ctx->ticket_key_prev->name) {
3914
+ key = ctx->ticket_key_prev.get();
3915
+ } else {
3916
+ return ssl_ticket_aead_ignore_ticket;
3917
+ }
3918
+ if (!HMAC_Init_ex(hmac_ctx.get(), key->hmac_key, sizeof(key->hmac_key),
3919
+ tlsext_tick_md(), NULL) ||
3920
+ !EVP_DecryptInit_ex(cipher_ctx.get(), cipher, NULL,
3921
+ key->aes_key, iv.data())) {
3922
+ return ssl_ticket_aead_error;
3923
+ }
3924
+ }
3925
+ return decrypt_ticket_with_cipher_ctx(out, cipher_ctx.get(), hmac_ctx.get(),
3926
+ ticket);
3927
+ }
3928
+
3929
+ static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_method(
3930
+ SSL_HANDSHAKE *hs, Array<uint8_t> *out, bool *out_renew_ticket,
3931
+ Span<const uint8_t> ticket) {
3932
+ Array<uint8_t> plaintext;
3933
+ if (!plaintext.Init(ticket.size())) {
3934
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
3935
+ return ssl_ticket_aead_error;
3936
+ }
3937
+
3938
+ size_t plaintext_len;
3939
+ const enum ssl_ticket_aead_result_t result =
3940
+ hs->ssl->session_ctx->ticket_aead_method->open(
3941
+ hs->ssl, plaintext.data(), &plaintext_len, ticket.size(),
3942
+ ticket.data(), ticket.size());
3943
+ if (result != ssl_ticket_aead_success) {
3944
+ return result;
3945
+ }
3946
+
3947
+ plaintext.Shrink(plaintext_len);
3948
+ *out = std::move(plaintext);
3949
+ return ssl_ticket_aead_success;
3950
+ }
3951
+
3952
+ enum ssl_ticket_aead_result_t ssl_process_ticket(
3953
+ SSL_HANDSHAKE *hs, UniquePtr<SSL_SESSION> *out_session,
3954
+ bool *out_renew_ticket, Span<const uint8_t> ticket,
3955
+ Span<const uint8_t> session_id) {
3956
+ SSL *const ssl = hs->ssl;
3957
+ *out_renew_ticket = false;
3958
+ out_session->reset();
3959
+
3960
+ if ((SSL_get_options(hs->ssl) & SSL_OP_NO_TICKET) ||
3961
+ session_id.size() > SSL_MAX_SSL_SESSION_ID_LENGTH) {
3962
+ return ssl_ticket_aead_ignore_ticket;
3963
+ }
3964
+
3965
+ // Tickets in TLS 1.3 are tied into pre-shared keys (PSKs), unlike in TLS 1.2
3966
+ // where that concept doesn't exist. The |decrypted_psk| and |ignore_psk|
3967
+ // hints only apply to PSKs. We check the version to determine which this is.
3968
+ const bool is_psk = ssl_protocol_version(ssl) >= TLS1_3_VERSION;
3969
+
3970
+ Array<uint8_t> plaintext;
3971
+ enum ssl_ticket_aead_result_t result;
3972
+ SSL_HANDSHAKE_HINTS *const hints = hs->hints.get();
3973
+ if (is_psk && hints && !hs->hints_requested &&
3974
+ !hints->decrypted_psk.empty()) {
3975
+ result = plaintext.CopyFrom(hints->decrypted_psk) ? ssl_ticket_aead_success
3976
+ : ssl_ticket_aead_error;
3977
+ } else if (is_psk && hints && !hs->hints_requested && hints->ignore_psk) {
3978
+ result = ssl_ticket_aead_ignore_ticket;
3979
+ } else if (ssl->session_ctx->ticket_aead_method != NULL) {
3980
+ result = ssl_decrypt_ticket_with_method(hs, &plaintext, out_renew_ticket,
3981
+ ticket);
3982
+ } else {
3983
+ // Ensure there is room for the key name and the largest IV |ticket_key_cb|
3984
+ // may try to consume. The real limit may be lower, but the maximum IV
3985
+ // length should be well under the minimum size for the session material and
3986
+ // HMAC.
3987
+ if (ticket.size() < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) {
3988
+ result = ssl_ticket_aead_ignore_ticket;
3989
+ } else if (ssl->session_ctx->ticket_key_cb != NULL) {
3990
+ result =
3991
+ ssl_decrypt_ticket_with_cb(hs, &plaintext, out_renew_ticket, ticket);
3992
+ } else {
3993
+ result = ssl_decrypt_ticket_with_ticket_keys(hs, &plaintext, ticket);
3994
+ }
3995
+ }
3996
+
3997
+ if (is_psk && hints && hs->hints_requested) {
3998
+ if (result == ssl_ticket_aead_ignore_ticket) {
3999
+ hints->ignore_psk = true;
4000
+ } else if (result == ssl_ticket_aead_success &&
4001
+ !hints->decrypted_psk.CopyFrom(plaintext)) {
4002
+ return ssl_ticket_aead_error;
4003
+ }
4004
+ }
4005
+
4006
+ if (result != ssl_ticket_aead_success) {
4007
+ return result;
4008
+ }
4009
+
4010
+ // Decode the session.
4011
+ UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
4012
+ plaintext.data(), plaintext.size(), ssl->ctx.get()));
4013
+ if (!session) {
4014
+ ERR_clear_error(); // Don't leave an error on the queue.
4015
+ return ssl_ticket_aead_ignore_ticket;
4016
+ }
4017
+
4018
+ // Envoy's tests expect the session to have a session ID that matches the
4019
+ // placeholder used by the client. It's unclear whether this is a good idea,
4020
+ // but we maintain it for now.
4021
+ SHA256(ticket.data(), ticket.size(), session->session_id);
4022
+ // Other consumers may expect a non-empty session ID to indicate resumption.
4023
+ session->session_id_length = SHA256_DIGEST_LENGTH;
4024
+
4025
+ *out_session = std::move(session);
4026
+ return ssl_ticket_aead_success;
4027
+ }
4028
+
4029
+ bool tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *in_sigalgs) {
4030
+ // Extension ignored for inappropriate versions
4031
+ if (ssl_protocol_version(hs->ssl) < TLS1_2_VERSION) {
4032
+ return true;
4033
+ }
4034
+
4035
+ // In all contexts, the signature algorithms list may not be empty. (It may be
4036
+ // omitted by clients in TLS 1.2, but then the entire extension is omitted.)
4037
+ return CBS_len(in_sigalgs) != 0 &&
4038
+ parse_u16_array(in_sigalgs, &hs->peer_sigalgs);
4039
+ }
4040
+
4041
+ bool tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey) {
4042
+ switch (EVP_PKEY_id(pkey)) {
4043
+ case EVP_PKEY_RSA:
4044
+ *out = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
4045
+ return true;
4046
+ case EVP_PKEY_EC:
4047
+ *out = SSL_SIGN_ECDSA_SHA1;
4048
+ return true;
4049
+ default:
4050
+ return false;
4051
+ }
4052
+ }
4053
+
4054
+ bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out) {
4055
+ SSL *const ssl = hs->ssl;
4056
+ CERT *cert = hs->config->cert.get();
4057
+ DC *dc = cert->dc.get();
4058
+
4059
+ // Before TLS 1.2, the signature algorithm isn't negotiated as part of the
4060
+ // handshake.
4061
+ if (ssl_protocol_version(ssl) < TLS1_2_VERSION) {
4062
+ if (!tls1_get_legacy_signature_algorithm(out, hs->local_pubkey.get())) {
4063
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
4064
+ return false;
4065
+ }
4066
+ return true;
4067
+ }
4068
+
4069
+ Span<const uint16_t> sigalgs = kSignSignatureAlgorithms;
4070
+ if (ssl_signing_with_dc(hs)) {
4071
+ sigalgs = MakeConstSpan(&dc->expected_cert_verify_algorithm, 1);
4072
+ } else if (!cert->sigalgs.empty()) {
4073
+ sigalgs = cert->sigalgs;
4074
+ }
4075
+
4076
+ Span<const uint16_t> peer_sigalgs = tls1_get_peer_verify_algorithms(hs);
4077
+
4078
+ for (uint16_t sigalg : sigalgs) {
4079
+ // SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal value and should never be
4080
+ // negotiated.
4081
+ if (sigalg == SSL_SIGN_RSA_PKCS1_MD5_SHA1 ||
4082
+ !ssl_private_key_supports_signature_algorithm(hs, sigalg)) {
4083
+ continue;
4084
+ }
4085
+
4086
+ for (uint16_t peer_sigalg : peer_sigalgs) {
4087
+ if (sigalg == peer_sigalg) {
4088
+ *out = sigalg;
4089
+ return true;
4090
+ }
4091
+ }
4092
+ }
4093
+
4094
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
4095
+ return false;
4096
+ }
4097
+
4098
+ Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs) {
4099
+ Span<const uint16_t> peer_sigalgs = hs->peer_sigalgs;
4100
+ if (peer_sigalgs.empty() && ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
4101
+ // If the client didn't specify any signature_algorithms extension then
4102
+ // we can assume that it supports SHA1. See
4103
+ // http://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
4104
+ static const uint16_t kDefaultPeerAlgorithms[] = {SSL_SIGN_RSA_PKCS1_SHA1,
4105
+ SSL_SIGN_ECDSA_SHA1};
4106
+ peer_sigalgs = kDefaultPeerAlgorithms;
4107
+ }
4108
+ return peer_sigalgs;
4109
+ }
4110
+
4111
+ bool tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
4112
+ SSL *const ssl = hs->ssl;
4113
+ // A Channel ID handshake message is structured to contain multiple
4114
+ // extensions, but the only one that can be present is Channel ID.
4115
+ uint16_t extension_type;
4116
+ CBS channel_id = msg.body, extension;
4117
+ if (!CBS_get_u16(&channel_id, &extension_type) ||
4118
+ !CBS_get_u16_length_prefixed(&channel_id, &extension) ||
4119
+ CBS_len(&channel_id) != 0 ||
4120
+ extension_type != TLSEXT_TYPE_channel_id ||
4121
+ CBS_len(&extension) != TLSEXT_CHANNEL_ID_SIZE) {
4122
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
4123
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
4124
+ return false;
4125
+ }
4126
+
4127
+ UniquePtr<EC_GROUP> p256(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
4128
+ if (!p256) {
4129
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_P256_SUPPORT);
4130
+ return false;
4131
+ }
4132
+
4133
+ UniquePtr<ECDSA_SIG> sig(ECDSA_SIG_new());
4134
+ UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
4135
+ if (!sig || !x || !y) {
4136
+ return false;
4137
+ }
4138
+
4139
+ const uint8_t *p = CBS_data(&extension);
4140
+ if (BN_bin2bn(p + 0, 32, x.get()) == NULL ||
4141
+ BN_bin2bn(p + 32, 32, y.get()) == NULL ||
4142
+ BN_bin2bn(p + 64, 32, sig->r) == NULL ||
4143
+ BN_bin2bn(p + 96, 32, sig->s) == NULL) {
4144
+ return false;
4145
+ }
4146
+
4147
+ UniquePtr<EC_KEY> key(EC_KEY_new());
4148
+ UniquePtr<EC_POINT> point(EC_POINT_new(p256.get()));
4149
+ if (!key || !point ||
4150
+ !EC_POINT_set_affine_coordinates_GFp(p256.get(), point.get(), x.get(),
4151
+ y.get(), nullptr) ||
4152
+ !EC_KEY_set_group(key.get(), p256.get()) ||
4153
+ !EC_KEY_set_public_key(key.get(), point.get())) {
4154
+ return false;
4155
+ }
4156
+
4157
+ uint8_t digest[EVP_MAX_MD_SIZE];
4158
+ size_t digest_len;
4159
+ if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
4160
+ return false;
4161
+ }
4162
+
4163
+ bool sig_ok = ECDSA_do_verify(digest, digest_len, sig.get(), key.get());
4164
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
4165
+ sig_ok = true;
4166
+ ERR_clear_error();
4167
+ #endif
4168
+ if (!sig_ok) {
4169
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
4170
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
4171
+ return false;
4172
+ }
4173
+
4174
+ OPENSSL_memcpy(ssl->s3->channel_id, p, 64);
4175
+ ssl->s3->channel_id_valid = true;
4176
+ return true;
4177
+ }
4178
+
4179
+ bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) {
4180
+ uint8_t digest[EVP_MAX_MD_SIZE];
4181
+ size_t digest_len;
4182
+ if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
4183
+ return false;
4184
+ }
4185
+
4186
+ EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(hs->config->channel_id_private.get());
4187
+ if (ec_key == nullptr) {
4188
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
4189
+ return false;
4190
+ }
4191
+
4192
+ UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
4193
+ if (!x || !y ||
4194
+ !EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key),
4195
+ EC_KEY_get0_public_key(ec_key),
4196
+ x.get(), y.get(), nullptr)) {
4197
+ return false;
4198
+ }
4199
+
4200
+ UniquePtr<ECDSA_SIG> sig(ECDSA_do_sign(digest, digest_len, ec_key));
4201
+ if (!sig) {
4202
+ return false;
4203
+ }
4204
+
4205
+ CBB child;
4206
+ if (!CBB_add_u16(cbb, TLSEXT_TYPE_channel_id) ||
4207
+ !CBB_add_u16_length_prefixed(cbb, &child) ||
4208
+ !BN_bn2cbb_padded(&child, 32, x.get()) ||
4209
+ !BN_bn2cbb_padded(&child, 32, y.get()) ||
4210
+ !BN_bn2cbb_padded(&child, 32, sig->r) ||
4211
+ !BN_bn2cbb_padded(&child, 32, sig->s) ||
4212
+ !CBB_flush(cbb)) {
4213
+ return false;
4214
+ }
4215
+
4216
+ return true;
4217
+ }
4218
+
4219
+ bool tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len) {
4220
+ SSL *const ssl = hs->ssl;
4221
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
4222
+ Array<uint8_t> msg;
4223
+ if (!tls13_get_cert_verify_signature_input(hs, &msg,
4224
+ ssl_cert_verify_channel_id)) {
4225
+ return false;
4226
+ }
4227
+ SHA256(msg.data(), msg.size(), out);
4228
+ *out_len = SHA256_DIGEST_LENGTH;
4229
+ return true;
4230
+ }
4231
+
4232
+ SHA256_CTX ctx;
4233
+
4234
+ SHA256_Init(&ctx);
4235
+ static const char kClientIDMagic[] = "TLS Channel ID signature";
4236
+ SHA256_Update(&ctx, kClientIDMagic, sizeof(kClientIDMagic));
4237
+
4238
+ if (ssl->session != NULL) {
4239
+ static const char kResumptionMagic[] = "Resumption";
4240
+ SHA256_Update(&ctx, kResumptionMagic, sizeof(kResumptionMagic));
4241
+ if (ssl->session->original_handshake_hash_len == 0) {
4242
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
4243
+ return false;
4244
+ }
4245
+ SHA256_Update(&ctx, ssl->session->original_handshake_hash,
4246
+ ssl->session->original_handshake_hash_len);
4247
+ }
4248
+
4249
+ uint8_t hs_hash[EVP_MAX_MD_SIZE];
4250
+ size_t hs_hash_len;
4251
+ if (!hs->transcript.GetHash(hs_hash, &hs_hash_len)) {
4252
+ return false;
4253
+ }
4254
+ SHA256_Update(&ctx, hs_hash, (size_t)hs_hash_len);
4255
+ SHA256_Final(out, &ctx);
4256
+ *out_len = SHA256_DIGEST_LENGTH;
4257
+ return true;
4258
+ }
4259
+
4260
+ bool tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) {
4261
+ SSL *const ssl = hs->ssl;
4262
+ // This function should never be called for a resumed session because the
4263
+ // handshake hashes that we wish to record are for the original, full
4264
+ // handshake.
4265
+ if (ssl->session != NULL) {
4266
+ return false;
4267
+ }
4268
+
4269
+ static_assert(
4270
+ sizeof(hs->new_session->original_handshake_hash) == EVP_MAX_MD_SIZE,
4271
+ "original_handshake_hash is too small");
4272
+
4273
+ size_t digest_len;
4274
+ if (!hs->transcript.GetHash(hs->new_session->original_handshake_hash,
4275
+ &digest_len)) {
4276
+ return false;
4277
+ }
4278
+
4279
+ static_assert(EVP_MAX_MD_SIZE <= 0xff,
4280
+ "EVP_MAX_MD_SIZE does not fit in uint8_t");
4281
+ hs->new_session->original_handshake_hash_len = (uint8_t)digest_len;
4282
+
4283
+ return true;
4284
+ }
4285
+
4286
+ bool ssl_is_sct_list_valid(const CBS *contents) {
4287
+ // Shallow parse the SCT list for sanity. By the RFC
4288
+ // (https://tools.ietf.org/html/rfc6962#section-3.3) neither the list nor any
4289
+ // of the SCTs may be empty.
4290
+ CBS copy = *contents;
4291
+ CBS sct_list;
4292
+ if (!CBS_get_u16_length_prefixed(&copy, &sct_list) ||
4293
+ CBS_len(&copy) != 0 ||
4294
+ CBS_len(&sct_list) == 0) {
4295
+ return false;
4296
+ }
4297
+
4298
+ while (CBS_len(&sct_list) > 0) {
4299
+ CBS sct;
4300
+ if (!CBS_get_u16_length_prefixed(&sct_list, &sct) ||
4301
+ CBS_len(&sct) == 0) {
4302
+ return false;
4303
+ }
4304
+ }
4305
+
4306
+ return true;
4307
+ }
4308
+
4309
+ BSSL_NAMESPACE_END
4310
+
4311
+ using namespace bssl;
4312
+
4313
+ int SSL_early_callback_ctx_extension_get(const SSL_CLIENT_HELLO *client_hello,
4314
+ uint16_t extension_type,
4315
+ const uint8_t **out_data,
4316
+ size_t *out_len) {
4317
+ CBS cbs;
4318
+ if (!ssl_client_hello_get_extension(client_hello, &cbs, extension_type)) {
4319
+ return 0;
4320
+ }
4321
+
4322
+ *out_data = CBS_data(&cbs);
4323
+ *out_len = CBS_len(&cbs);
4324
+ return 1;
4325
+ }