grpc-flamingo 1.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1318) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +1 -0
  3. data/Makefile +23896 -0
  4. data/etc/roots.pem +4475 -0
  5. data/include/grpc/byte_buffer.h +27 -0
  6. data/include/grpc/byte_buffer_reader.h +26 -0
  7. data/include/grpc/census.h +40 -0
  8. data/include/grpc/compression.h +75 -0
  9. data/include/grpc/fork.h +26 -0
  10. data/include/grpc/grpc.h +469 -0
  11. data/include/grpc/grpc_cronet.h +38 -0
  12. data/include/grpc/grpc_posix.h +67 -0
  13. data/include/grpc/grpc_security.h +495 -0
  14. data/include/grpc/grpc_security_constants.h +107 -0
  15. data/include/grpc/impl/codegen/atm.h +95 -0
  16. data/include/grpc/impl/codegen/atm_gcc_atomic.h +91 -0
  17. data/include/grpc/impl/codegen/atm_gcc_sync.h +83 -0
  18. data/include/grpc/impl/codegen/atm_windows.h +126 -0
  19. data/include/grpc/impl/codegen/byte_buffer.h +88 -0
  20. data/include/grpc/impl/codegen/byte_buffer_reader.h +42 -0
  21. data/include/grpc/impl/codegen/compression_types.h +107 -0
  22. data/include/grpc/impl/codegen/connectivity_state.h +44 -0
  23. data/include/grpc/impl/codegen/fork.h +48 -0
  24. data/include/grpc/impl/codegen/gpr_slice.h +69 -0
  25. data/include/grpc/impl/codegen/gpr_types.h +59 -0
  26. data/include/grpc/impl/codegen/grpc_types.h +669 -0
  27. data/include/grpc/impl/codegen/port_platform.h +507 -0
  28. data/include/grpc/impl/codegen/propagation_bits.h +52 -0
  29. data/include/grpc/impl/codegen/slice.h +147 -0
  30. data/include/grpc/impl/codegen/status.h +153 -0
  31. data/include/grpc/impl/codegen/sync.h +63 -0
  32. data/include/grpc/impl/codegen/sync_custom.h +38 -0
  33. data/include/grpc/impl/codegen/sync_generic.h +48 -0
  34. data/include/grpc/impl/codegen/sync_posix.h +34 -0
  35. data/include/grpc/impl/codegen/sync_windows.h +36 -0
  36. data/include/grpc/load_reporting.h +48 -0
  37. data/include/grpc/module.modulemap +74 -0
  38. data/include/grpc/slice.h +172 -0
  39. data/include/grpc/slice_buffer.h +84 -0
  40. data/include/grpc/status.h +26 -0
  41. data/include/grpc/support/alloc.h +68 -0
  42. data/include/grpc/support/atm.h +26 -0
  43. data/include/grpc/support/atm_gcc_atomic.h +26 -0
  44. data/include/grpc/support/atm_gcc_sync.h +26 -0
  45. data/include/grpc/support/atm_windows.h +26 -0
  46. data/include/grpc/support/cpu.h +44 -0
  47. data/include/grpc/support/log.h +104 -0
  48. data/include/grpc/support/log_windows.h +38 -0
  49. data/include/grpc/support/port_platform.h +24 -0
  50. data/include/grpc/support/string_util.h +49 -0
  51. data/include/grpc/support/sync.h +298 -0
  52. data/include/grpc/support/sync_custom.h +26 -0
  53. data/include/grpc/support/sync_generic.h +26 -0
  54. data/include/grpc/support/sync_posix.h +26 -0
  55. data/include/grpc/support/sync_windows.h +26 -0
  56. data/include/grpc/support/thd_id.h +44 -0
  57. data/include/grpc/support/time.h +92 -0
  58. data/include/grpc/support/workaround_list.h +31 -0
  59. data/src/boringssl/err_data.c +1348 -0
  60. data/src/core/ext/census/grpc_context.cc +38 -0
  61. data/src/core/ext/filters/client_channel/backup_poller.cc +174 -0
  62. data/src/core/ext/filters/client_channel/backup_poller.h +35 -0
  63. data/src/core/ext/filters/client_channel/channel_connectivity.cc +248 -0
  64. data/src/core/ext/filters/client_channel/client_channel.cc +3209 -0
  65. data/src/core/ext/filters/client_channel/client_channel.h +57 -0
  66. data/src/core/ext/filters/client_channel/client_channel_factory.cc +67 -0
  67. data/src/core/ext/filters/client_channel/client_channel_factory.h +74 -0
  68. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +62 -0
  69. data/src/core/ext/filters/client_channel/connector.cc +41 -0
  70. data/src/core/ext/filters/client_channel/connector.h +73 -0
  71. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +370 -0
  72. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +34 -0
  73. data/src/core/ext/filters/client_channel/http_proxy.cc +195 -0
  74. data/src/core/ext/filters/client_channel/http_proxy.h +24 -0
  75. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +138 -0
  76. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +29 -0
  77. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1906 -0
  78. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +36 -0
  79. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +108 -0
  80. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +152 -0
  81. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +67 -0
  82. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +304 -0
  83. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +88 -0
  84. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +102 -0
  85. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +190 -0
  86. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +591 -0
  87. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +687 -0
  88. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +253 -0
  89. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +136 -0
  90. data/src/core/ext/filters/client_channel/lb_policy.cc +59 -0
  91. data/src/core/ext/filters/client_channel/lb_policy.h +201 -0
  92. data/src/core/ext/filters/client_channel/lb_policy_factory.cc +155 -0
  93. data/src/core/ext/filters/client_channel/lb_policy_factory.h +127 -0
  94. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +97 -0
  95. data/src/core/ext/filters/client_channel/lb_policy_registry.h +54 -0
  96. data/src/core/ext/filters/client_channel/method_params.cc +178 -0
  97. data/src/core/ext/filters/client_channel/method_params.h +74 -0
  98. data/src/core/ext/filters/client_channel/parse_address.cc +192 -0
  99. data/src/core/ext/filters/client_channel/parse_address.h +50 -0
  100. data/src/core/ext/filters/client_channel/proxy_mapper.cc +48 -0
  101. data/src/core/ext/filters/client_channel/proxy_mapper.h +74 -0
  102. data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +122 -0
  103. data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +44 -0
  104. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +493 -0
  105. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +53 -0
  106. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +351 -0
  107. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +593 -0
  108. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +74 -0
  109. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +59 -0
  110. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +340 -0
  111. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +297 -0
  112. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +83 -0
  113. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +214 -0
  114. data/src/core/ext/filters/client_channel/resolver.cc +35 -0
  115. data/src/core/ext/filters/client_channel/resolver.h +134 -0
  116. data/src/core/ext/filters/client_channel/resolver_factory.h +71 -0
  117. data/src/core/ext/filters/client_channel/resolver_registry.cc +178 -0
  118. data/src/core/ext/filters/client_channel/resolver_registry.h +83 -0
  119. data/src/core/ext/filters/client_channel/retry_throttle.cc +191 -0
  120. data/src/core/ext/filters/client_channel/retry_throttle.h +77 -0
  121. data/src/core/ext/filters/client_channel/subchannel.cc +815 -0
  122. data/src/core/ext/filters/client_channel/subchannel.h +183 -0
  123. data/src/core/ext/filters/client_channel/subchannel_index.cc +254 -0
  124. data/src/core/ext/filters/client_channel/subchannel_index.h +79 -0
  125. data/src/core/ext/filters/client_channel/uri_parser.cc +314 -0
  126. data/src/core/ext/filters/client_channel/uri_parser.h +50 -0
  127. data/src/core/ext/filters/deadline/deadline_filter.cc +386 -0
  128. data/src/core/ext/filters/deadline/deadline_filter.h +93 -0
  129. data/src/core/ext/filters/http/client/http_client_filter.cc +558 -0
  130. data/src/core/ext/filters/http/client/http_client_filter.h +31 -0
  131. data/src/core/ext/filters/http/client_authority_filter.cc +156 -0
  132. data/src/core/ext/filters/http/client_authority_filter.h +34 -0
  133. data/src/core/ext/filters/http/http_filters_plugin.cc +89 -0
  134. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +499 -0
  135. data/src/core/ext/filters/http/message_compress/message_compress_filter.h +53 -0
  136. data/src/core/ext/filters/http/server/http_server_filter.cc +434 -0
  137. data/src/core/ext/filters/http/server/http_server_filter.h +29 -0
  138. data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +222 -0
  139. data/src/core/ext/filters/load_reporting/server_load_reporting_filter.h +30 -0
  140. data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +71 -0
  141. data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.h +61 -0
  142. data/src/core/ext/filters/max_age/max_age_filter.cc +543 -0
  143. data/src/core/ext/filters/max_age/max_age_filter.h +26 -0
  144. data/src/core/ext/filters/message_size/message_size_filter.cc +324 -0
  145. data/src/core/ext/filters/message_size/message_size_filter.h +26 -0
  146. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +208 -0
  147. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +27 -0
  148. data/src/core/ext/filters/workarounds/workaround_utils.cc +53 -0
  149. data/src/core/ext/filters/workarounds/workaround_utils.h +39 -0
  150. data/src/core/ext/transport/chttp2/alpn/alpn.cc +44 -0
  151. data/src/core/ext/transport/chttp2/alpn/alpn.h +36 -0
  152. data/src/core/ext/transport/chttp2/client/authority.cc +42 -0
  153. data/src/core/ext/transport/chttp2/client/authority.h +36 -0
  154. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +229 -0
  155. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +28 -0
  156. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +110 -0
  157. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +79 -0
  158. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +230 -0
  159. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +353 -0
  160. data/src/core/ext/transport/chttp2/server/chttp2_server.h +33 -0
  161. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +45 -0
  162. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +74 -0
  163. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +89 -0
  164. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +249 -0
  165. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +56 -0
  166. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +231 -0
  167. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +41 -0
  168. data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +35 -0
  169. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +3102 -0
  170. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +45 -0
  171. data/src/core/ext/transport/chttp2/transport/flow_control.cc +405 -0
  172. data/src/core/ext/transport/chttp2/transport/flow_control.h +482 -0
  173. data/src/core/ext/transport/chttp2/transport/frame.h +47 -0
  174. data/src/core/ext/transport/chttp2/transport/frame_data.cc +314 -0
  175. data/src/core/ext/transport/chttp2/transport/frame_data.h +84 -0
  176. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +186 -0
  177. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +62 -0
  178. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +131 -0
  179. data/src/core/ext/transport/chttp2/transport/frame_ping.h +45 -0
  180. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +112 -0
  181. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +43 -0
  182. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +238 -0
  183. data/src/core/ext/transport/chttp2/transport/frame_settings.h +60 -0
  184. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +122 -0
  185. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +45 -0
  186. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +699 -0
  187. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +95 -0
  188. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +1680 -0
  189. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +109 -0
  190. data/src/core/ext/transport/chttp2/transport/hpack_table.cc +368 -0
  191. data/src/core/ext/transport/chttp2/transport/hpack_table.h +95 -0
  192. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +62 -0
  193. data/src/core/ext/transport/chttp2/transport/http2_settings.h +62 -0
  194. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +92 -0
  195. data/src/core/ext/transport/chttp2/transport/huffsyms.h +33 -0
  196. data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +73 -0
  197. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +49 -0
  198. data/src/core/ext/transport/chttp2/transport/internal.h +799 -0
  199. data/src/core/ext/transport/chttp2/transport/parsing.cc +745 -0
  200. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +216 -0
  201. data/src/core/ext/transport/chttp2/transport/stream_map.cc +167 -0
  202. data/src/core/ext/transport/chttp2/transport/stream_map.h +68 -0
  203. data/src/core/ext/transport/chttp2/transport/varint.cc +56 -0
  204. data/src/core/ext/transport/chttp2/transport/varint.h +60 -0
  205. data/src/core/ext/transport/chttp2/transport/writing.cc +641 -0
  206. data/src/core/ext/transport/inproc/inproc_plugin.cc +28 -0
  207. data/src/core/ext/transport/inproc/inproc_transport.cc +1240 -0
  208. data/src/core/ext/transport/inproc/inproc_transport.h +35 -0
  209. data/src/core/lib/avl/avl.cc +306 -0
  210. data/src/core/lib/avl/avl.h +94 -0
  211. data/src/core/lib/backoff/backoff.cc +78 -0
  212. data/src/core/lib/backoff/backoff.h +89 -0
  213. data/src/core/lib/channel/channel_args.cc +413 -0
  214. data/src/core/lib/channel/channel_args.h +127 -0
  215. data/src/core/lib/channel/channel_stack.cc +258 -0
  216. data/src/core/lib/channel/channel_stack.h +280 -0
  217. data/src/core/lib/channel/channel_stack_builder.cc +314 -0
  218. data/src/core/lib/channel/channel_stack_builder.h +160 -0
  219. data/src/core/lib/channel/channel_trace.cc +239 -0
  220. data/src/core/lib/channel/channel_trace.h +133 -0
  221. data/src/core/lib/channel/channel_trace_registry.cc +80 -0
  222. data/src/core/lib/channel/channel_trace_registry.h +43 -0
  223. data/src/core/lib/channel/connected_channel.cc +236 -0
  224. data/src/core/lib/channel/connected_channel.h +34 -0
  225. data/src/core/lib/channel/context.h +49 -0
  226. data/src/core/lib/channel/handshaker.cc +259 -0
  227. data/src/core/lib/channel/handshaker.h +166 -0
  228. data/src/core/lib/channel/handshaker_factory.cc +41 -0
  229. data/src/core/lib/channel/handshaker_factory.h +50 -0
  230. data/src/core/lib/channel/handshaker_registry.cc +97 -0
  231. data/src/core/lib/channel/handshaker_registry.h +48 -0
  232. data/src/core/lib/channel/status_util.cc +100 -0
  233. data/src/core/lib/channel/status_util.h +58 -0
  234. data/src/core/lib/compression/algorithm_metadata.h +61 -0
  235. data/src/core/lib/compression/compression.cc +174 -0
  236. data/src/core/lib/compression/compression_internal.cc +276 -0
  237. data/src/core/lib/compression/compression_internal.h +88 -0
  238. data/src/core/lib/compression/message_compress.cc +187 -0
  239. data/src/core/lib/compression/message_compress.h +40 -0
  240. data/src/core/lib/compression/stream_compression.cc +79 -0
  241. data/src/core/lib/compression/stream_compression.h +116 -0
  242. data/src/core/lib/compression/stream_compression_gzip.cc +230 -0
  243. data/src/core/lib/compression/stream_compression_gzip.h +28 -0
  244. data/src/core/lib/compression/stream_compression_identity.cc +94 -0
  245. data/src/core/lib/compression/stream_compression_identity.h +29 -0
  246. data/src/core/lib/debug/stats.cc +178 -0
  247. data/src/core/lib/debug/stats.h +61 -0
  248. data/src/core/lib/debug/stats_data.cc +682 -0
  249. data/src/core/lib/debug/stats_data.h +435 -0
  250. data/src/core/lib/debug/trace.cc +144 -0
  251. data/src/core/lib/debug/trace.h +104 -0
  252. data/src/core/lib/gpr/alloc.cc +99 -0
  253. data/src/core/lib/gpr/arena.cc +152 -0
  254. data/src/core/lib/gpr/arena.h +41 -0
  255. data/src/core/lib/gpr/atm.cc +35 -0
  256. data/src/core/lib/gpr/cpu_iphone.cc +36 -0
  257. data/src/core/lib/gpr/cpu_linux.cc +82 -0
  258. data/src/core/lib/gpr/cpu_posix.cc +81 -0
  259. data/src/core/lib/gpr/cpu_windows.cc +33 -0
  260. data/src/core/lib/gpr/env.h +43 -0
  261. data/src/core/lib/gpr/env_linux.cc +82 -0
  262. data/src/core/lib/gpr/env_posix.cc +47 -0
  263. data/src/core/lib/gpr/env_windows.cc +72 -0
  264. data/src/core/lib/gpr/fork.cc +78 -0
  265. data/src/core/lib/gpr/fork.h +35 -0
  266. data/src/core/lib/gpr/host_port.cc +98 -0
  267. data/src/core/lib/gpr/host_port.h +43 -0
  268. data/src/core/lib/gpr/log.cc +96 -0
  269. data/src/core/lib/gpr/log_android.cc +72 -0
  270. data/src/core/lib/gpr/log_linux.cc +93 -0
  271. data/src/core/lib/gpr/log_posix.cc +90 -0
  272. data/src/core/lib/gpr/log_windows.cc +97 -0
  273. data/src/core/lib/gpr/mpscq.cc +117 -0
  274. data/src/core/lib/gpr/mpscq.h +86 -0
  275. data/src/core/lib/gpr/murmur_hash.cc +80 -0
  276. data/src/core/lib/gpr/murmur_hash.h +29 -0
  277. data/src/core/lib/gpr/spinlock.h +46 -0
  278. data/src/core/lib/gpr/string.cc +319 -0
  279. data/src/core/lib/gpr/string.h +109 -0
  280. data/src/core/lib/gpr/string_posix.cc +72 -0
  281. data/src/core/lib/gpr/string_util_windows.cc +82 -0
  282. data/src/core/lib/gpr/string_windows.cc +69 -0
  283. data/src/core/lib/gpr/string_windows.h +32 -0
  284. data/src/core/lib/gpr/sync.cc +124 -0
  285. data/src/core/lib/gpr/sync_posix.cc +107 -0
  286. data/src/core/lib/gpr/sync_windows.cc +118 -0
  287. data/src/core/lib/gpr/time.cc +251 -0
  288. data/src/core/lib/gpr/time_posix.cc +167 -0
  289. data/src/core/lib/gpr/time_precise.cc +78 -0
  290. data/src/core/lib/gpr/time_precise.h +29 -0
  291. data/src/core/lib/gpr/time_windows.cc +98 -0
  292. data/src/core/lib/gpr/tls.h +68 -0
  293. data/src/core/lib/gpr/tls_gcc.h +52 -0
  294. data/src/core/lib/gpr/tls_msvc.h +52 -0
  295. data/src/core/lib/gpr/tls_pthread.cc +30 -0
  296. data/src/core/lib/gpr/tls_pthread.h +56 -0
  297. data/src/core/lib/gpr/tmpfile.h +32 -0
  298. data/src/core/lib/gpr/tmpfile_msys.cc +58 -0
  299. data/src/core/lib/gpr/tmpfile_posix.cc +70 -0
  300. data/src/core/lib/gpr/tmpfile_windows.cc +69 -0
  301. data/src/core/lib/gpr/useful.h +65 -0
  302. data/src/core/lib/gpr/wrap_memcpy.cc +42 -0
  303. data/src/core/lib/gprpp/abstract.h +34 -0
  304. data/src/core/lib/gprpp/atomic.h +30 -0
  305. data/src/core/lib/gprpp/atomic_with_atm.h +57 -0
  306. data/src/core/lib/gprpp/atomic_with_std.h +35 -0
  307. data/src/core/lib/gprpp/debug_location.h +52 -0
  308. data/src/core/lib/gprpp/inlined_vector.h +136 -0
  309. data/src/core/lib/gprpp/manual_constructor.h +213 -0
  310. data/src/core/lib/gprpp/memory.h +111 -0
  311. data/src/core/lib/gprpp/orphanable.h +199 -0
  312. data/src/core/lib/gprpp/ref_counted.h +169 -0
  313. data/src/core/lib/gprpp/ref_counted_ptr.h +112 -0
  314. data/src/core/lib/gprpp/thd.h +135 -0
  315. data/src/core/lib/gprpp/thd_posix.cc +209 -0
  316. data/src/core/lib/gprpp/thd_windows.cc +162 -0
  317. data/src/core/lib/http/format_request.cc +122 -0
  318. data/src/core/lib/http/format_request.h +34 -0
  319. data/src/core/lib/http/httpcli.cc +303 -0
  320. data/src/core/lib/http/httpcli.h +127 -0
  321. data/src/core/lib/http/httpcli_security_connector.cc +202 -0
  322. data/src/core/lib/http/parser.cc +371 -0
  323. data/src/core/lib/http/parser.h +113 -0
  324. data/src/core/lib/iomgr/block_annotate.h +57 -0
  325. data/src/core/lib/iomgr/call_combiner.cc +212 -0
  326. data/src/core/lib/iomgr/call_combiner.h +112 -0
  327. data/src/core/lib/iomgr/closure.h +351 -0
  328. data/src/core/lib/iomgr/combiner.cc +358 -0
  329. data/src/core/lib/iomgr/combiner.h +66 -0
  330. data/src/core/lib/iomgr/endpoint.cc +63 -0
  331. data/src/core/lib/iomgr/endpoint.h +98 -0
  332. data/src/core/lib/iomgr/endpoint_pair.h +34 -0
  333. data/src/core/lib/iomgr/endpoint_pair_posix.cc +73 -0
  334. data/src/core/lib/iomgr/endpoint_pair_uv.cc +40 -0
  335. data/src/core/lib/iomgr/endpoint_pair_windows.cc +87 -0
  336. data/src/core/lib/iomgr/error.cc +793 -0
  337. data/src/core/lib/iomgr/error.h +207 -0
  338. data/src/core/lib/iomgr/error_internal.h +63 -0
  339. data/src/core/lib/iomgr/ev_epoll1_linux.cc +1248 -0
  340. data/src/core/lib/iomgr/ev_epoll1_linux.h +31 -0
  341. data/src/core/lib/iomgr/ev_epollex_linux.cc +1494 -0
  342. data/src/core/lib/iomgr/ev_epollex_linux.h +30 -0
  343. data/src/core/lib/iomgr/ev_epollsig_linux.cc +1735 -0
  344. data/src/core/lib/iomgr/ev_epollsig_linux.h +35 -0
  345. data/src/core/lib/iomgr/ev_poll_posix.cc +1758 -0
  346. data/src/core/lib/iomgr/ev_poll_posix.h +29 -0
  347. data/src/core/lib/iomgr/ev_posix.cc +330 -0
  348. data/src/core/lib/iomgr/ev_posix.h +145 -0
  349. data/src/core/lib/iomgr/ev_windows.cc +30 -0
  350. data/src/core/lib/iomgr/exec_ctx.cc +147 -0
  351. data/src/core/lib/iomgr/exec_ctx.h +210 -0
  352. data/src/core/lib/iomgr/executor.cc +301 -0
  353. data/src/core/lib/iomgr/executor.h +50 -0
  354. data/src/core/lib/iomgr/fork_posix.cc +89 -0
  355. data/src/core/lib/iomgr/fork_windows.cc +41 -0
  356. data/src/core/lib/iomgr/gethostname.h +26 -0
  357. data/src/core/lib/iomgr/gethostname_fallback.cc +30 -0
  358. data/src/core/lib/iomgr/gethostname_host_name_max.cc +40 -0
  359. data/src/core/lib/iomgr/gethostname_sysconf.cc +40 -0
  360. data/src/core/lib/iomgr/iocp_windows.cc +152 -0
  361. data/src/core/lib/iomgr/iocp_windows.h +48 -0
  362. data/src/core/lib/iomgr/iomgr.cc +178 -0
  363. data/src/core/lib/iomgr/iomgr.h +36 -0
  364. data/src/core/lib/iomgr/iomgr_custom.cc +63 -0
  365. data/src/core/lib/iomgr/iomgr_custom.h +47 -0
  366. data/src/core/lib/iomgr/iomgr_internal.cc +43 -0
  367. data/src/core/lib/iomgr/iomgr_internal.h +57 -0
  368. data/src/core/lib/iomgr/iomgr_posix.cc +67 -0
  369. data/src/core/lib/iomgr/iomgr_posix.h +26 -0
  370. data/src/core/lib/iomgr/iomgr_uv.cc +40 -0
  371. data/src/core/lib/iomgr/iomgr_windows.cc +87 -0
  372. data/src/core/lib/iomgr/is_epollexclusive_available.cc +104 -0
  373. data/src/core/lib/iomgr/is_epollexclusive_available.h +36 -0
  374. data/src/core/lib/iomgr/load_file.cc +80 -0
  375. data/src/core/lib/iomgr/load_file.h +35 -0
  376. data/src/core/lib/iomgr/lockfree_event.cc +250 -0
  377. data/src/core/lib/iomgr/lockfree_event.h +72 -0
  378. data/src/core/lib/iomgr/nameser.h +106 -0
  379. data/src/core/lib/iomgr/network_status_tracker.cc +36 -0
  380. data/src/core/lib/iomgr/network_status_tracker.h +32 -0
  381. data/src/core/lib/iomgr/polling_entity.cc +87 -0
  382. data/src/core/lib/iomgr/polling_entity.h +68 -0
  383. data/src/core/lib/iomgr/pollset.cc +56 -0
  384. data/src/core/lib/iomgr/pollset.h +99 -0
  385. data/src/core/lib/iomgr/pollset_custom.cc +106 -0
  386. data/src/core/lib/iomgr/pollset_custom.h +35 -0
  387. data/src/core/lib/iomgr/pollset_set.cc +55 -0
  388. data/src/core/lib/iomgr/pollset_set.h +55 -0
  389. data/src/core/lib/iomgr/pollset_set_custom.cc +48 -0
  390. data/src/core/lib/iomgr/pollset_set_custom.h +26 -0
  391. data/src/core/lib/iomgr/pollset_set_windows.cc +51 -0
  392. data/src/core/lib/iomgr/pollset_set_windows.h +26 -0
  393. data/src/core/lib/iomgr/pollset_uv.cc +93 -0
  394. data/src/core/lib/iomgr/pollset_windows.cc +229 -0
  395. data/src/core/lib/iomgr/pollset_windows.h +70 -0
  396. data/src/core/lib/iomgr/port.h +147 -0
  397. data/src/core/lib/iomgr/resolve_address.cc +50 -0
  398. data/src/core/lib/iomgr/resolve_address.h +83 -0
  399. data/src/core/lib/iomgr/resolve_address_custom.cc +187 -0
  400. data/src/core/lib/iomgr/resolve_address_custom.h +43 -0
  401. data/src/core/lib/iomgr/resolve_address_posix.cc +180 -0
  402. data/src/core/lib/iomgr/resolve_address_windows.cc +165 -0
  403. data/src/core/lib/iomgr/resource_quota.cc +871 -0
  404. data/src/core/lib/iomgr/resource_quota.h +142 -0
  405. data/src/core/lib/iomgr/sockaddr.h +32 -0
  406. data/src/core/lib/iomgr/sockaddr_custom.h +54 -0
  407. data/src/core/lib/iomgr/sockaddr_posix.h +55 -0
  408. data/src/core/lib/iomgr/sockaddr_utils.cc +298 -0
  409. data/src/core/lib/iomgr/sockaddr_utils.h +84 -0
  410. data/src/core/lib/iomgr/sockaddr_windows.h +55 -0
  411. data/src/core/lib/iomgr/socket_factory_posix.cc +94 -0
  412. data/src/core/lib/iomgr/socket_factory_posix.h +69 -0
  413. data/src/core/lib/iomgr/socket_mutator.cc +83 -0
  414. data/src/core/lib/iomgr/socket_mutator.h +61 -0
  415. data/src/core/lib/iomgr/socket_utils.h +38 -0
  416. data/src/core/lib/iomgr/socket_utils_common_posix.cc +327 -0
  417. data/src/core/lib/iomgr/socket_utils_linux.cc +43 -0
  418. data/src/core/lib/iomgr/socket_utils_posix.cc +59 -0
  419. data/src/core/lib/iomgr/socket_utils_posix.h +134 -0
  420. data/src/core/lib/iomgr/socket_utils_uv.cc +45 -0
  421. data/src/core/lib/iomgr/socket_utils_windows.cc +43 -0
  422. data/src/core/lib/iomgr/socket_windows.cc +151 -0
  423. data/src/core/lib/iomgr/socket_windows.h +113 -0
  424. data/src/core/lib/iomgr/sys_epoll_wrapper.h +30 -0
  425. data/src/core/lib/iomgr/tcp_client.cc +36 -0
  426. data/src/core/lib/iomgr/tcp_client.h +52 -0
  427. data/src/core/lib/iomgr/tcp_client_custom.cc +151 -0
  428. data/src/core/lib/iomgr/tcp_client_posix.cc +359 -0
  429. data/src/core/lib/iomgr/tcp_client_posix.h +68 -0
  430. data/src/core/lib/iomgr/tcp_client_windows.cc +231 -0
  431. data/src/core/lib/iomgr/tcp_custom.cc +365 -0
  432. data/src/core/lib/iomgr/tcp_custom.h +81 -0
  433. data/src/core/lib/iomgr/tcp_posix.cc +814 -0
  434. data/src/core/lib/iomgr/tcp_posix.h +57 -0
  435. data/src/core/lib/iomgr/tcp_server.cc +73 -0
  436. data/src/core/lib/iomgr/tcp_server.h +122 -0
  437. data/src/core/lib/iomgr/tcp_server_custom.cc +472 -0
  438. data/src/core/lib/iomgr/tcp_server_posix.cc +582 -0
  439. data/src/core/lib/iomgr/tcp_server_utils_posix.h +122 -0
  440. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +208 -0
  441. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +184 -0
  442. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +36 -0
  443. data/src/core/lib/iomgr/tcp_server_windows.cc +559 -0
  444. data/src/core/lib/iomgr/tcp_uv.cc +417 -0
  445. data/src/core/lib/iomgr/tcp_windows.cc +455 -0
  446. data/src/core/lib/iomgr/tcp_windows.h +51 -0
  447. data/src/core/lib/iomgr/time_averaged_stats.cc +64 -0
  448. data/src/core/lib/iomgr/time_averaged_stats.h +73 -0
  449. data/src/core/lib/iomgr/timer.cc +45 -0
  450. data/src/core/lib/iomgr/timer.h +125 -0
  451. data/src/core/lib/iomgr/timer_custom.cc +93 -0
  452. data/src/core/lib/iomgr/timer_custom.h +43 -0
  453. data/src/core/lib/iomgr/timer_generic.cc +663 -0
  454. data/src/core/lib/iomgr/timer_heap.cc +135 -0
  455. data/src/core/lib/iomgr/timer_heap.h +44 -0
  456. data/src/core/lib/iomgr/timer_manager.cc +347 -0
  457. data/src/core/lib/iomgr/timer_manager.h +39 -0
  458. data/src/core/lib/iomgr/timer_uv.cc +63 -0
  459. data/src/core/lib/iomgr/udp_server.cc +692 -0
  460. data/src/core/lib/iomgr/udp_server.h +103 -0
  461. data/src/core/lib/iomgr/unix_sockets_posix.cc +104 -0
  462. data/src/core/lib/iomgr/unix_sockets_posix.h +43 -0
  463. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +49 -0
  464. data/src/core/lib/iomgr/wakeup_fd_cv.cc +107 -0
  465. data/src/core/lib/iomgr/wakeup_fd_cv.h +69 -0
  466. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +83 -0
  467. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +38 -0
  468. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +100 -0
  469. data/src/core/lib/iomgr/wakeup_fd_pipe.h +28 -0
  470. data/src/core/lib/iomgr/wakeup_fd_posix.cc +87 -0
  471. data/src/core/lib/iomgr/wakeup_fd_posix.h +96 -0
  472. data/src/core/lib/json/json.cc +86 -0
  473. data/src/core/lib/json/json.h +94 -0
  474. data/src/core/lib/json/json_common.h +34 -0
  475. data/src/core/lib/json/json_reader.cc +663 -0
  476. data/src/core/lib/json/json_reader.h +146 -0
  477. data/src/core/lib/json/json_string.cc +367 -0
  478. data/src/core/lib/json/json_writer.cc +245 -0
  479. data/src/core/lib/json/json_writer.h +84 -0
  480. data/src/core/lib/profiling/basic_timers.cc +286 -0
  481. data/src/core/lib/profiling/stap_timers.cc +50 -0
  482. data/src/core/lib/profiling/timers.h +94 -0
  483. data/src/core/lib/security/context/security_context.cc +348 -0
  484. data/src/core/lib/security/context/security_context.h +115 -0
  485. data/src/core/lib/security/credentials/alts/alts_credentials.cc +119 -0
  486. data/src/core/lib/security/credentials/alts/alts_credentials.h +102 -0
  487. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +72 -0
  488. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +57 -0
  489. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +67 -0
  490. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +33 -0
  491. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +114 -0
  492. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +126 -0
  493. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +46 -0
  494. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +112 -0
  495. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +58 -0
  496. data/src/core/lib/security/credentials/composite/composite_credentials.cc +269 -0
  497. data/src/core/lib/security/credentials/composite/composite_credentials.h +59 -0
  498. data/src/core/lib/security/credentials/credentials.cc +286 -0
  499. data/src/core/lib/security/credentials/credentials.h +246 -0
  500. data/src/core/lib/security/credentials/credentials_metadata.cc +62 -0
  501. data/src/core/lib/security/credentials/fake/fake_credentials.cc +136 -0
  502. data/src/core/lib/security/credentials/fake/fake_credentials.h +64 -0
  503. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +41 -0
  504. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +322 -0
  505. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +45 -0
  506. data/src/core/lib/security/credentials/iam/iam_credentials.cc +86 -0
  507. data/src/core/lib/security/credentials/iam/iam_credentials.h +31 -0
  508. data/src/core/lib/security/credentials/jwt/json_token.cc +314 -0
  509. data/src/core/lib/security/credentials/jwt/json_token.h +75 -0
  510. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +190 -0
  511. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +49 -0
  512. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +934 -0
  513. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +123 -0
  514. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +532 -0
  515. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +106 -0
  516. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +271 -0
  517. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +46 -0
  518. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +349 -0
  519. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +54 -0
  520. data/src/core/lib/security/security_connector/alts_security_connector.cc +287 -0
  521. data/src/core/lib/security/security_connector/alts_security_connector.h +69 -0
  522. data/src/core/lib/security/security_connector/security_connector.cc +1200 -0
  523. data/src/core/lib/security/security_connector/security_connector.h +283 -0
  524. data/src/core/lib/security/transport/auth_filters.h +37 -0
  525. data/src/core/lib/security/transport/client_auth_filter.cc +418 -0
  526. data/src/core/lib/security/transport/secure_endpoint.cc +429 -0
  527. data/src/core/lib/security/transport/secure_endpoint.h +41 -0
  528. data/src/core/lib/security/transport/security_handshaker.cc +526 -0
  529. data/src/core/lib/security/transport/security_handshaker.h +34 -0
  530. data/src/core/lib/security/transport/server_auth_filter.cc +269 -0
  531. data/src/core/lib/security/transport/target_authority_table.cc +75 -0
  532. data/src/core/lib/security/transport/target_authority_table.h +40 -0
  533. data/src/core/lib/security/transport/tsi_error.cc +29 -0
  534. data/src/core/lib/security/transport/tsi_error.h +29 -0
  535. data/src/core/lib/security/util/json_util.cc +48 -0
  536. data/src/core/lib/security/util/json_util.h +42 -0
  537. data/src/core/lib/slice/b64.cc +240 -0
  538. data/src/core/lib/slice/b64.h +51 -0
  539. data/src/core/lib/slice/percent_encoding.cc +169 -0
  540. data/src/core/lib/slice/percent_encoding.h +65 -0
  541. data/src/core/lib/slice/slice.cc +489 -0
  542. data/src/core/lib/slice/slice_buffer.cc +359 -0
  543. data/src/core/lib/slice/slice_hash_table.h +201 -0
  544. data/src/core/lib/slice/slice_intern.cc +332 -0
  545. data/src/core/lib/slice/slice_internal.h +49 -0
  546. data/src/core/lib/slice/slice_string_helpers.cc +118 -0
  547. data/src/core/lib/slice/slice_string_helpers.h +47 -0
  548. data/src/core/lib/slice/slice_weak_hash_table.h +105 -0
  549. data/src/core/lib/surface/api_trace.cc +24 -0
  550. data/src/core/lib/surface/api_trace.h +52 -0
  551. data/src/core/lib/surface/byte_buffer.cc +92 -0
  552. data/src/core/lib/surface/byte_buffer_reader.cc +129 -0
  553. data/src/core/lib/surface/call.cc +2002 -0
  554. data/src/core/lib/surface/call.h +109 -0
  555. data/src/core/lib/surface/call_details.cc +42 -0
  556. data/src/core/lib/surface/call_log_batch.cc +120 -0
  557. data/src/core/lib/surface/call_test_only.h +43 -0
  558. data/src/core/lib/surface/channel.cc +450 -0
  559. data/src/core/lib/surface/channel.h +83 -0
  560. data/src/core/lib/surface/channel_init.cc +109 -0
  561. data/src/core/lib/surface/channel_init.h +73 -0
  562. data/src/core/lib/surface/channel_ping.cc +65 -0
  563. data/src/core/lib/surface/channel_stack_type.cc +58 -0
  564. data/src/core/lib/surface/channel_stack_type.h +47 -0
  565. data/src/core/lib/surface/completion_queue.cc +1262 -0
  566. data/src/core/lib/surface/completion_queue.h +93 -0
  567. data/src/core/lib/surface/completion_queue_factory.cc +79 -0
  568. data/src/core/lib/surface/completion_queue_factory.h +38 -0
  569. data/src/core/lib/surface/event_string.cc +68 -0
  570. data/src/core/lib/surface/event_string.h +29 -0
  571. data/src/core/lib/surface/init.cc +196 -0
  572. data/src/core/lib/surface/init.h +27 -0
  573. data/src/core/lib/surface/init_secure.cc +81 -0
  574. data/src/core/lib/surface/lame_client.cc +180 -0
  575. data/src/core/lib/surface/lame_client.h +28 -0
  576. data/src/core/lib/surface/metadata_array.cc +36 -0
  577. data/src/core/lib/surface/server.cc +1445 -0
  578. data/src/core/lib/surface/server.h +58 -0
  579. data/src/core/lib/surface/validate_metadata.cc +95 -0
  580. data/src/core/lib/surface/validate_metadata.h +30 -0
  581. data/src/core/lib/surface/version.cc +28 -0
  582. data/src/core/lib/transport/bdp_estimator.cc +87 -0
  583. data/src/core/lib/transport/bdp_estimator.h +94 -0
  584. data/src/core/lib/transport/byte_stream.cc +160 -0
  585. data/src/core/lib/transport/byte_stream.h +164 -0
  586. data/src/core/lib/transport/connectivity_state.cc +196 -0
  587. data/src/core/lib/transport/connectivity_state.h +87 -0
  588. data/src/core/lib/transport/error_utils.cc +118 -0
  589. data/src/core/lib/transport/error_utils.h +46 -0
  590. data/src/core/lib/transport/http2_errors.h +41 -0
  591. data/src/core/lib/transport/metadata.cc +539 -0
  592. data/src/core/lib/transport/metadata.h +165 -0
  593. data/src/core/lib/transport/metadata_batch.cc +329 -0
  594. data/src/core/lib/transport/metadata_batch.h +150 -0
  595. data/src/core/lib/transport/pid_controller.cc +51 -0
  596. data/src/core/lib/transport/pid_controller.h +116 -0
  597. data/src/core/lib/transport/service_config.cc +106 -0
  598. data/src/core/lib/transport/service_config.h +249 -0
  599. data/src/core/lib/transport/static_metadata.cc +601 -0
  600. data/src/core/lib/transport/static_metadata.h +603 -0
  601. data/src/core/lib/transport/status_conversion.cc +100 -0
  602. data/src/core/lib/transport/status_conversion.h +38 -0
  603. data/src/core/lib/transport/status_metadata.cc +54 -0
  604. data/src/core/lib/transport/status_metadata.h +30 -0
  605. data/src/core/lib/transport/timeout_encoding.cc +144 -0
  606. data/src/core/lib/transport/timeout_encoding.h +37 -0
  607. data/src/core/lib/transport/transport.cc +278 -0
  608. data/src/core/lib/transport/transport.h +378 -0
  609. data/src/core/lib/transport/transport_impl.h +71 -0
  610. data/src/core/lib/transport/transport_op_string.cc +214 -0
  611. data/src/core/plugin_registry/grpc_plugin_registry.cc +97 -0
  612. data/src/core/tsi/alts/crypt/aes_gcm.cc +687 -0
  613. data/src/core/tsi/alts/crypt/gsec.cc +189 -0
  614. data/src/core/tsi/alts/crypt/gsec.h +454 -0
  615. data/src/core/tsi/alts/frame_protector/alts_counter.cc +118 -0
  616. data/src/core/tsi/alts/frame_protector/alts_counter.h +98 -0
  617. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +66 -0
  618. data/src/core/tsi/alts/frame_protector/alts_crypter.h +255 -0
  619. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +407 -0
  620. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +55 -0
  621. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +114 -0
  622. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +114 -0
  623. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +105 -0
  624. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +103 -0
  625. data/src/core/tsi/alts/frame_protector/frame_handler.cc +218 -0
  626. data/src/core/tsi/alts/frame_protector/frame_handler.h +236 -0
  627. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +316 -0
  628. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +137 -0
  629. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc +520 -0
  630. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h +323 -0
  631. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc +143 -0
  632. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h +149 -0
  633. data/src/core/tsi/alts/handshaker/alts_tsi_event.cc +73 -0
  634. data/src/core/tsi/alts/handshaker/alts_tsi_event.h +93 -0
  635. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +483 -0
  636. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +83 -0
  637. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +52 -0
  638. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +58 -0
  639. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +52 -0
  640. data/src/core/tsi/alts/handshaker/altscontext.pb.c +48 -0
  641. data/src/core/tsi/alts/handshaker/altscontext.pb.h +64 -0
  642. data/src/core/tsi/alts/handshaker/handshaker.pb.c +123 -0
  643. data/src/core/tsi/alts/handshaker/handshaker.pb.h +255 -0
  644. data/src/core/tsi/alts/handshaker/transport_security_common.pb.c +50 -0
  645. data/src/core/tsi/alts/handshaker/transport_security_common.pb.h +78 -0
  646. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +196 -0
  647. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +163 -0
  648. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +180 -0
  649. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +52 -0
  650. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +144 -0
  651. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +49 -0
  652. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +91 -0
  653. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +174 -0
  654. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +100 -0
  655. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +476 -0
  656. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +199 -0
  657. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +296 -0
  658. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +52 -0
  659. data/src/core/tsi/alts_transport_security.cc +63 -0
  660. data/src/core/tsi/alts_transport_security.h +47 -0
  661. data/src/core/tsi/fake_transport_security.cc +787 -0
  662. data/src/core/tsi/fake_transport_security.h +45 -0
  663. data/src/core/tsi/ssl/session_cache/ssl_session.h +73 -0
  664. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +58 -0
  665. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +211 -0
  666. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +93 -0
  667. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +76 -0
  668. data/src/core/tsi/ssl_transport_security.cc +1831 -0
  669. data/src/core/tsi/ssl_transport_security.h +314 -0
  670. data/src/core/tsi/ssl_types.h +42 -0
  671. data/src/core/tsi/transport_security.cc +326 -0
  672. data/src/core/tsi/transport_security.h +127 -0
  673. data/src/core/tsi/transport_security_adapter.cc +235 -0
  674. data/src/core/tsi/transport_security_adapter.h +41 -0
  675. data/src/core/tsi/transport_security_grpc.cc +66 -0
  676. data/src/core/tsi/transport_security_grpc.h +74 -0
  677. data/src/core/tsi/transport_security_interface.h +454 -0
  678. data/src/ruby/bin/apis/google/protobuf/empty.rb +29 -0
  679. data/src/ruby/bin/apis/pubsub_demo.rb +241 -0
  680. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +159 -0
  681. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +88 -0
  682. data/src/ruby/bin/math_client.rb +132 -0
  683. data/src/ruby/bin/math_pb.rb +32 -0
  684. data/src/ruby/bin/math_server.rb +191 -0
  685. data/src/ruby/bin/math_services_pb.rb +51 -0
  686. data/src/ruby/bin/noproto_client.rb +93 -0
  687. data/src/ruby/bin/noproto_server.rb +97 -0
  688. data/src/ruby/ext/grpc/extconf.rb +118 -0
  689. data/src/ruby/ext/grpc/rb_byte_buffer.c +64 -0
  690. data/src/ruby/ext/grpc/rb_byte_buffer.h +35 -0
  691. data/src/ruby/ext/grpc/rb_call.c +1041 -0
  692. data/src/ruby/ext/grpc/rb_call.h +53 -0
  693. data/src/ruby/ext/grpc/rb_call_credentials.c +290 -0
  694. data/src/ruby/ext/grpc/rb_call_credentials.h +31 -0
  695. data/src/ruby/ext/grpc/rb_channel.c +828 -0
  696. data/src/ruby/ext/grpc/rb_channel.h +34 -0
  697. data/src/ruby/ext/grpc/rb_channel_args.c +155 -0
  698. data/src/ruby/ext/grpc/rb_channel_args.h +38 -0
  699. data/src/ruby/ext/grpc/rb_channel_credentials.c +263 -0
  700. data/src/ruby/ext/grpc/rb_channel_credentials.h +32 -0
  701. data/src/ruby/ext/grpc/rb_completion_queue.c +100 -0
  702. data/src/ruby/ext/grpc/rb_completion_queue.h +36 -0
  703. data/src/ruby/ext/grpc/rb_compression_options.c +468 -0
  704. data/src/ruby/ext/grpc/rb_compression_options.h +29 -0
  705. data/src/ruby/ext/grpc/rb_event_thread.c +141 -0
  706. data/src/ruby/ext/grpc/rb_event_thread.h +21 -0
  707. data/src/ruby/ext/grpc/rb_grpc.c +340 -0
  708. data/src/ruby/ext/grpc/rb_grpc.h +72 -0
  709. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +507 -0
  710. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +766 -0
  711. data/src/ruby/ext/grpc/rb_loader.c +57 -0
  712. data/src/ruby/ext/grpc/rb_loader.h +25 -0
  713. data/src/ruby/ext/grpc/rb_server.c +366 -0
  714. data/src/ruby/ext/grpc/rb_server.h +32 -0
  715. data/src/ruby/ext/grpc/rb_server_credentials.c +243 -0
  716. data/src/ruby/ext/grpc/rb_server_credentials.h +32 -0
  717. data/src/ruby/lib/grpc/core/time_consts.rb +56 -0
  718. data/src/ruby/lib/grpc/errors.rb +201 -0
  719. data/src/ruby/lib/grpc/generic/active_call.rb +674 -0
  720. data/src/ruby/lib/grpc/generic/bidi_call.rb +233 -0
  721. data/src/ruby/lib/grpc/generic/client_stub.rb +501 -0
  722. data/src/ruby/lib/grpc/generic/interceptor_registry.rb +53 -0
  723. data/src/ruby/lib/grpc/generic/interceptors.rb +186 -0
  724. data/src/ruby/lib/grpc/generic/rpc_desc.rb +204 -0
  725. data/src/ruby/lib/grpc/generic/rpc_server.rb +490 -0
  726. data/src/ruby/lib/grpc/generic/service.rb +210 -0
  727. data/src/ruby/lib/grpc/google_rpc_status_utils.rb +35 -0
  728. data/src/ruby/lib/grpc/grpc.rb +24 -0
  729. data/src/ruby/lib/grpc/logconfig.rb +44 -0
  730. data/src/ruby/lib/grpc/notifier.rb +45 -0
  731. data/src/ruby/lib/grpc/version.rb +18 -0
  732. data/src/ruby/lib/grpc.rb +35 -0
  733. data/src/ruby/pb/README.md +42 -0
  734. data/src/ruby/pb/generate_proto_ruby.sh +43 -0
  735. data/src/ruby/pb/grpc/health/checker.rb +76 -0
  736. data/src/ruby/pb/grpc/health/v1/health_pb.rb +28 -0
  737. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +41 -0
  738. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +44 -0
  739. data/src/ruby/pb/grpc/testing/metrics_pb.rb +28 -0
  740. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +49 -0
  741. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +15 -0
  742. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +82 -0
  743. data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +14 -0
  744. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +102 -0
  745. data/src/ruby/pb/test/client.rb +764 -0
  746. data/src/ruby/pb/test/server.rb +252 -0
  747. data/src/ruby/spec/call_credentials_spec.rb +42 -0
  748. data/src/ruby/spec/call_spec.rb +180 -0
  749. data/src/ruby/spec/channel_connection_spec.rb +126 -0
  750. data/src/ruby/spec/channel_credentials_spec.rb +82 -0
  751. data/src/ruby/spec/channel_spec.rb +190 -0
  752. data/src/ruby/spec/client_auth_spec.rb +137 -0
  753. data/src/ruby/spec/client_server_spec.rb +664 -0
  754. data/src/ruby/spec/compression_options_spec.rb +149 -0
  755. data/src/ruby/spec/error_sanity_spec.rb +49 -0
  756. data/src/ruby/spec/generic/active_call_spec.rb +672 -0
  757. data/src/ruby/spec/generic/client_interceptors_spec.rb +153 -0
  758. data/src/ruby/spec/generic/client_stub_spec.rb +1067 -0
  759. data/src/ruby/spec/generic/interceptor_registry_spec.rb +65 -0
  760. data/src/ruby/spec/generic/rpc_desc_spec.rb +374 -0
  761. data/src/ruby/spec/generic/rpc_server_pool_spec.rb +127 -0
  762. data/src/ruby/spec/generic/rpc_server_spec.rb +726 -0
  763. data/src/ruby/spec/generic/server_interceptors_spec.rb +218 -0
  764. data/src/ruby/spec/generic/service_spec.rb +261 -0
  765. data/src/ruby/spec/google_rpc_status_utils_spec.rb +293 -0
  766. data/src/ruby/spec/pb/duplicate/codegen_spec.rb +56 -0
  767. data/src/ruby/spec/pb/health/checker_spec.rb +236 -0
  768. data/src/ruby/spec/pb/package_with_underscore/checker_spec.rb +54 -0
  769. data/src/ruby/spec/pb/package_with_underscore/data.proto +23 -0
  770. data/src/ruby/spec/pb/package_with_underscore/service.proto +23 -0
  771. data/src/ruby/spec/server_credentials_spec.rb +79 -0
  772. data/src/ruby/spec/server_spec.rb +209 -0
  773. data/src/ruby/spec/spec_helper.rb +60 -0
  774. data/src/ruby/spec/support/helpers.rb +107 -0
  775. data/src/ruby/spec/support/services.rb +147 -0
  776. data/src/ruby/spec/testdata/README +1 -0
  777. data/src/ruby/spec/testdata/ca.pem +15 -0
  778. data/src/ruby/spec/testdata/client.key +16 -0
  779. data/src/ruby/spec/testdata/client.pem +14 -0
  780. data/src/ruby/spec/testdata/server1.key +16 -0
  781. data/src/ruby/spec/testdata/server1.pem +16 -0
  782. data/src/ruby/spec/time_consts_spec.rb +74 -0
  783. data/third_party/address_sorting/address_sorting.c +369 -0
  784. data/third_party/address_sorting/address_sorting_internal.h +70 -0
  785. data/third_party/address_sorting/address_sorting_posix.c +97 -0
  786. data/third_party/address_sorting/address_sorting_windows.c +55 -0
  787. data/third_party/address_sorting/include/address_sorting/address_sorting.h +110 -0
  788. data/third_party/boringssl/crypto/asn1/a_bitstr.c +271 -0
  789. data/third_party/boringssl/crypto/asn1/a_bool.c +110 -0
  790. data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +297 -0
  791. data/third_party/boringssl/crypto/asn1/a_dup.c +111 -0
  792. data/third_party/boringssl/crypto/asn1/a_enum.c +195 -0
  793. data/third_party/boringssl/crypto/asn1/a_gentm.c +261 -0
  794. data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +150 -0
  795. data/third_party/boringssl/crypto/asn1/a_int.c +474 -0
  796. data/third_party/boringssl/crypto/asn1/a_mbstr.c +409 -0
  797. data/third_party/boringssl/crypto/asn1/a_object.c +275 -0
  798. data/third_party/boringssl/crypto/asn1/a_octet.c +77 -0
  799. data/third_party/boringssl/crypto/asn1/a_print.c +93 -0
  800. data/third_party/boringssl/crypto/asn1/a_strnid.c +312 -0
  801. data/third_party/boringssl/crypto/asn1/a_time.c +213 -0
  802. data/third_party/boringssl/crypto/asn1/a_type.c +151 -0
  803. data/third_party/boringssl/crypto/asn1/a_utctm.c +303 -0
  804. data/third_party/boringssl/crypto/asn1/a_utf8.c +234 -0
  805. data/third_party/boringssl/crypto/asn1/asn1_lib.c +442 -0
  806. data/third_party/boringssl/crypto/asn1/asn1_locl.h +101 -0
  807. data/third_party/boringssl/crypto/asn1/asn1_par.c +80 -0
  808. data/third_party/boringssl/crypto/asn1/asn_pack.c +105 -0
  809. data/third_party/boringssl/crypto/asn1/f_enum.c +93 -0
  810. data/third_party/boringssl/crypto/asn1/f_int.c +97 -0
  811. data/third_party/boringssl/crypto/asn1/f_string.c +91 -0
  812. data/third_party/boringssl/crypto/asn1/tasn_dec.c +1223 -0
  813. data/third_party/boringssl/crypto/asn1/tasn_enc.c +662 -0
  814. data/third_party/boringssl/crypto/asn1/tasn_fre.c +244 -0
  815. data/third_party/boringssl/crypto/asn1/tasn_new.c +387 -0
  816. data/third_party/boringssl/crypto/asn1/tasn_typ.c +131 -0
  817. data/third_party/boringssl/crypto/asn1/tasn_utl.c +280 -0
  818. data/third_party/boringssl/crypto/asn1/time_support.c +206 -0
  819. data/third_party/boringssl/crypto/base64/base64.c +466 -0
  820. data/third_party/boringssl/crypto/bio/bio.c +636 -0
  821. data/third_party/boringssl/crypto/bio/bio_mem.c +330 -0
  822. data/third_party/boringssl/crypto/bio/connect.c +542 -0
  823. data/third_party/boringssl/crypto/bio/fd.c +275 -0
  824. data/third_party/boringssl/crypto/bio/file.c +313 -0
  825. data/third_party/boringssl/crypto/bio/hexdump.c +192 -0
  826. data/third_party/boringssl/crypto/bio/internal.h +111 -0
  827. data/third_party/boringssl/crypto/bio/pair.c +489 -0
  828. data/third_party/boringssl/crypto/bio/printf.c +115 -0
  829. data/third_party/boringssl/crypto/bio/socket.c +202 -0
  830. data/third_party/boringssl/crypto/bio/socket_helper.c +114 -0
  831. data/third_party/boringssl/crypto/bn_extra/bn_asn1.c +64 -0
  832. data/third_party/boringssl/crypto/bn_extra/convert.c +465 -0
  833. data/third_party/boringssl/crypto/buf/buf.c +231 -0
  834. data/third_party/boringssl/crypto/bytestring/asn1_compat.c +52 -0
  835. data/third_party/boringssl/crypto/bytestring/ber.c +264 -0
  836. data/third_party/boringssl/crypto/bytestring/cbb.c +568 -0
  837. data/third_party/boringssl/crypto/bytestring/cbs.c +487 -0
  838. data/third_party/boringssl/crypto/bytestring/internal.h +75 -0
  839. data/third_party/boringssl/crypto/chacha/chacha.c +167 -0
  840. data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +114 -0
  841. data/third_party/boringssl/crypto/cipher_extra/derive_key.c +152 -0
  842. data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
  843. data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
  844. data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
  845. data/third_party/boringssl/crypto/cipher_extra/e_null.c +85 -0
  846. data/third_party/boringssl/crypto/cipher_extra/e_rc2.c +460 -0
  847. data/third_party/boringssl/crypto/cipher_extra/e_rc4.c +87 -0
  848. data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +460 -0
  849. data/third_party/boringssl/crypto/cipher_extra/e_tls.c +681 -0
  850. data/third_party/boringssl/crypto/cipher_extra/internal.h +128 -0
  851. data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
  852. data/third_party/boringssl/crypto/cmac/cmac.c +241 -0
  853. data/third_party/boringssl/crypto/conf/conf.c +803 -0
  854. data/third_party/boringssl/crypto/conf/conf_def.h +127 -0
  855. data/third_party/boringssl/crypto/conf/internal.h +31 -0
  856. data/third_party/boringssl/crypto/cpu-aarch64-linux.c +61 -0
  857. data/third_party/boringssl/crypto/cpu-arm-linux.c +363 -0
  858. data/third_party/boringssl/crypto/cpu-arm.c +38 -0
  859. data/third_party/boringssl/crypto/cpu-intel.c +288 -0
  860. data/third_party/boringssl/crypto/cpu-ppc64le.c +38 -0
  861. data/third_party/boringssl/crypto/crypto.c +198 -0
  862. data/third_party/boringssl/crypto/curve25519/spake25519.c +539 -0
  863. data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +247 -0
  864. data/third_party/boringssl/crypto/dh/check.c +217 -0
  865. data/third_party/boringssl/crypto/dh/dh.c +519 -0
  866. data/third_party/boringssl/crypto/dh/dh_asn1.c +160 -0
  867. data/third_party/boringssl/crypto/dh/params.c +93 -0
  868. data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
  869. data/third_party/boringssl/crypto/dsa/dsa.c +984 -0
  870. data/third_party/boringssl/crypto/dsa/dsa_asn1.c +339 -0
  871. data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +563 -0
  872. data/third_party/boringssl/crypto/ecdh/ecdh.c +161 -0
  873. data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +275 -0
  874. data/third_party/boringssl/crypto/engine/engine.c +98 -0
  875. data/third_party/boringssl/crypto/err/err.c +847 -0
  876. data/third_party/boringssl/crypto/err/internal.h +58 -0
  877. data/third_party/boringssl/crypto/evp/digestsign.c +231 -0
  878. data/third_party/boringssl/crypto/evp/evp.c +362 -0
  879. data/third_party/boringssl/crypto/evp/evp_asn1.c +337 -0
  880. data/third_party/boringssl/crypto/evp/evp_ctx.c +446 -0
  881. data/third_party/boringssl/crypto/evp/internal.h +252 -0
  882. data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +268 -0
  883. data/third_party/boringssl/crypto/evp/p_ec.c +239 -0
  884. data/third_party/boringssl/crypto/evp/p_ec_asn1.c +256 -0
  885. data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
  886. data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
  887. data/third_party/boringssl/crypto/evp/p_rsa.c +634 -0
  888. data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +189 -0
  889. data/third_party/boringssl/crypto/evp/pbkdf.c +146 -0
  890. data/third_party/boringssl/crypto/evp/print.c +489 -0
  891. data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
  892. data/third_party/boringssl/crypto/evp/sign.c +151 -0
  893. data/third_party/boringssl/crypto/ex_data.c +261 -0
  894. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +1100 -0
  895. data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
  896. data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +138 -0
  897. data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +112 -0
  898. data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
  899. data/third_party/boringssl/crypto/fipsmodule/bn/add.c +371 -0
  900. data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +540 -0
  901. data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +370 -0
  902. data/third_party/boringssl/crypto/fipsmodule/bn/bytes.c +269 -0
  903. data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +254 -0
  904. data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +303 -0
  905. data/third_party/boringssl/crypto/fipsmodule/bn/div.c +733 -0
  906. data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +1390 -0
  907. data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +627 -0
  908. data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +710 -0
  909. data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +413 -0
  910. data/third_party/boringssl/crypto/fipsmodule/bn/jacobi.c +146 -0
  911. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +483 -0
  912. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +207 -0
  913. data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +902 -0
  914. data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +894 -0
  915. data/third_party/boringssl/crypto/fipsmodule/bn/random.c +299 -0
  916. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +254 -0
  917. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +53 -0
  918. data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +305 -0
  919. data/third_party/boringssl/crypto/fipsmodule/bn/sqrt.c +502 -0
  920. data/third_party/boringssl/crypto/fipsmodule/cipher/aead.c +284 -0
  921. data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +615 -0
  922. data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +1437 -0
  923. data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +233 -0
  924. data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +129 -0
  925. data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
  926. data/third_party/boringssl/crypto/fipsmodule/des/des.c +785 -0
  927. data/third_party/boringssl/crypto/fipsmodule/des/internal.h +238 -0
  928. data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +256 -0
  929. data/third_party/boringssl/crypto/fipsmodule/digest/digests.c +280 -0
  930. data/third_party/boringssl/crypto/fipsmodule/digest/internal.h +112 -0
  931. data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +268 -0
  932. data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +943 -0
  933. data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +517 -0
  934. data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +277 -0
  935. data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +316 -0
  936. data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +404 -0
  937. data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +1131 -0
  938. data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +1674 -0
  939. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9543 -0
  940. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +456 -0
  941. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +113 -0
  942. data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +1052 -0
  943. data/third_party/boringssl/crypto/fipsmodule/ec/util-64.c +109 -0
  944. data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +474 -0
  945. data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +442 -0
  946. data/third_party/boringssl/crypto/fipsmodule/hmac/hmac.c +228 -0
  947. data/third_party/boringssl/crypto/fipsmodule/is_fips.c +27 -0
  948. data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +254 -0
  949. data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +298 -0
  950. data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +211 -0
  951. data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +234 -0
  952. data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +220 -0
  953. data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +1063 -0
  954. data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +384 -0
  955. data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +95 -0
  956. data/third_party/boringssl/crypto/fipsmodule/modes/polyval.c +91 -0
  957. data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +200 -0
  958. data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
  959. data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +358 -0
  960. data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +302 -0
  961. data/third_party/boringssl/crypto/fipsmodule/rsa/blinding.c +263 -0
  962. data/third_party/boringssl/crypto/fipsmodule/rsa/internal.h +131 -0
  963. data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +692 -0
  964. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +857 -0
  965. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +1051 -0
  966. data/third_party/boringssl/crypto/fipsmodule/sha/sha1-altivec.c +361 -0
  967. data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +375 -0
  968. data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +337 -0
  969. data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +608 -0
  970. data/third_party/boringssl/crypto/hkdf/hkdf.c +112 -0
  971. data/third_party/boringssl/crypto/internal.h +676 -0
  972. data/third_party/boringssl/crypto/lhash/lhash.c +336 -0
  973. data/third_party/boringssl/crypto/mem.c +237 -0
  974. data/third_party/boringssl/crypto/obj/obj.c +621 -0
  975. data/third_party/boringssl/crypto/obj/obj_dat.h +6244 -0
  976. data/third_party/boringssl/crypto/obj/obj_xref.c +122 -0
  977. data/third_party/boringssl/crypto/pem/pem_all.c +262 -0
  978. data/third_party/boringssl/crypto/pem/pem_info.c +379 -0
  979. data/third_party/boringssl/crypto/pem/pem_lib.c +776 -0
  980. data/third_party/boringssl/crypto/pem/pem_oth.c +88 -0
  981. data/third_party/boringssl/crypto/pem/pem_pk8.c +258 -0
  982. data/third_party/boringssl/crypto/pem/pem_pkey.c +227 -0
  983. data/third_party/boringssl/crypto/pem/pem_x509.c +65 -0
  984. data/third_party/boringssl/crypto/pem/pem_xaux.c +65 -0
  985. data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
  986. data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
  987. data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +233 -0
  988. data/third_party/boringssl/crypto/pkcs8/internal.h +120 -0
  989. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +307 -0
  990. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +513 -0
  991. data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
  992. data/third_party/boringssl/crypto/poly1305/internal.h +41 -0
  993. data/third_party/boringssl/crypto/poly1305/poly1305.c +318 -0
  994. data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +304 -0
  995. data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +839 -0
  996. data/third_party/boringssl/crypto/pool/internal.h +45 -0
  997. data/third_party/boringssl/crypto/pool/pool.c +200 -0
  998. data/third_party/boringssl/crypto/rand_extra/deterministic.c +48 -0
  999. data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
  1000. data/third_party/boringssl/crypto/rand_extra/fuchsia.c +43 -0
  1001. data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
  1002. data/third_party/boringssl/crypto/rand_extra/windows.c +53 -0
  1003. data/third_party/boringssl/crypto/rc4/rc4.c +98 -0
  1004. data/third_party/boringssl/crypto/refcount_c11.c +67 -0
  1005. data/third_party/boringssl/crypto/refcount_lock.c +53 -0
  1006. data/third_party/boringssl/crypto/rsa_extra/rsa_asn1.c +325 -0
  1007. data/third_party/boringssl/crypto/stack/stack.c +380 -0
  1008. data/third_party/boringssl/crypto/thread.c +110 -0
  1009. data/third_party/boringssl/crypto/thread_none.c +59 -0
  1010. data/third_party/boringssl/crypto/thread_pthread.c +176 -0
  1011. data/third_party/boringssl/crypto/thread_win.c +237 -0
  1012. data/third_party/boringssl/crypto/x509/a_digest.c +96 -0
  1013. data/third_party/boringssl/crypto/x509/a_sign.c +128 -0
  1014. data/third_party/boringssl/crypto/x509/a_strex.c +633 -0
  1015. data/third_party/boringssl/crypto/x509/a_verify.c +115 -0
  1016. data/third_party/boringssl/crypto/x509/algorithm.c +153 -0
  1017. data/third_party/boringssl/crypto/x509/asn1_gen.c +841 -0
  1018. data/third_party/boringssl/crypto/x509/by_dir.c +451 -0
  1019. data/third_party/boringssl/crypto/x509/by_file.c +274 -0
  1020. data/third_party/boringssl/crypto/x509/charmap.h +15 -0
  1021. data/third_party/boringssl/crypto/x509/i2d_pr.c +83 -0
  1022. data/third_party/boringssl/crypto/x509/internal.h +66 -0
  1023. data/third_party/boringssl/crypto/x509/rsa_pss.c +385 -0
  1024. data/third_party/boringssl/crypto/x509/t_crl.c +128 -0
  1025. data/third_party/boringssl/crypto/x509/t_req.c +246 -0
  1026. data/third_party/boringssl/crypto/x509/t_x509.c +547 -0
  1027. data/third_party/boringssl/crypto/x509/t_x509a.c +111 -0
  1028. data/third_party/boringssl/crypto/x509/vpm_int.h +70 -0
  1029. data/third_party/boringssl/crypto/x509/x509.c +157 -0
  1030. data/third_party/boringssl/crypto/x509/x509_att.c +381 -0
  1031. data/third_party/boringssl/crypto/x509/x509_cmp.c +477 -0
  1032. data/third_party/boringssl/crypto/x509/x509_d2.c +106 -0
  1033. data/third_party/boringssl/crypto/x509/x509_def.c +103 -0
  1034. data/third_party/boringssl/crypto/x509/x509_ext.c +206 -0
  1035. data/third_party/boringssl/crypto/x509/x509_lu.c +725 -0
  1036. data/third_party/boringssl/crypto/x509/x509_obj.c +198 -0
  1037. data/third_party/boringssl/crypto/x509/x509_r2x.c +117 -0
  1038. data/third_party/boringssl/crypto/x509/x509_req.c +322 -0
  1039. data/third_party/boringssl/crypto/x509/x509_set.c +164 -0
  1040. data/third_party/boringssl/crypto/x509/x509_trs.c +326 -0
  1041. data/third_party/boringssl/crypto/x509/x509_txt.c +205 -0
  1042. data/third_party/boringssl/crypto/x509/x509_v3.c +278 -0
  1043. data/third_party/boringssl/crypto/x509/x509_vfy.c +2472 -0
  1044. data/third_party/boringssl/crypto/x509/x509_vpm.c +648 -0
  1045. data/third_party/boringssl/crypto/x509/x509cset.c +170 -0
  1046. data/third_party/boringssl/crypto/x509/x509name.c +389 -0
  1047. data/third_party/boringssl/crypto/x509/x509rset.c +81 -0
  1048. data/third_party/boringssl/crypto/x509/x509spki.c +137 -0
  1049. data/third_party/boringssl/crypto/x509/x_algor.c +151 -0
  1050. data/third_party/boringssl/crypto/x509/x_all.c +501 -0
  1051. data/third_party/boringssl/crypto/x509/x_attrib.c +111 -0
  1052. data/third_party/boringssl/crypto/x509/x_crl.c +541 -0
  1053. data/third_party/boringssl/crypto/x509/x_exten.c +75 -0
  1054. data/third_party/boringssl/crypto/x509/x_info.c +98 -0
  1055. data/third_party/boringssl/crypto/x509/x_name.c +541 -0
  1056. data/third_party/boringssl/crypto/x509/x_pkey.c +106 -0
  1057. data/third_party/boringssl/crypto/x509/x_pubkey.c +368 -0
  1058. data/third_party/boringssl/crypto/x509/x_req.c +109 -0
  1059. data/third_party/boringssl/crypto/x509/x_sig.c +69 -0
  1060. data/third_party/boringssl/crypto/x509/x_spki.c +80 -0
  1061. data/third_party/boringssl/crypto/x509/x_val.c +69 -0
  1062. data/third_party/boringssl/crypto/x509/x_x509.c +328 -0
  1063. data/third_party/boringssl/crypto/x509/x_x509a.c +198 -0
  1064. data/third_party/boringssl/crypto/x509v3/ext_dat.h +143 -0
  1065. data/third_party/boringssl/crypto/x509v3/pcy_cache.c +284 -0
  1066. data/third_party/boringssl/crypto/x509v3/pcy_data.c +130 -0
  1067. data/third_party/boringssl/crypto/x509v3/pcy_int.h +217 -0
  1068. data/third_party/boringssl/crypto/x509v3/pcy_lib.c +155 -0
  1069. data/third_party/boringssl/crypto/x509v3/pcy_map.c +130 -0
  1070. data/third_party/boringssl/crypto/x509v3/pcy_node.c +188 -0
  1071. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +840 -0
  1072. data/third_party/boringssl/crypto/x509v3/v3_akey.c +204 -0
  1073. data/third_party/boringssl/crypto/x509v3/v3_akeya.c +72 -0
  1074. data/third_party/boringssl/crypto/x509v3/v3_alt.c +623 -0
  1075. data/third_party/boringssl/crypto/x509v3/v3_bcons.c +133 -0
  1076. data/third_party/boringssl/crypto/x509v3/v3_bitst.c +141 -0
  1077. data/third_party/boringssl/crypto/x509v3/v3_conf.c +462 -0
  1078. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +502 -0
  1079. data/third_party/boringssl/crypto/x509v3/v3_crld.c +561 -0
  1080. data/third_party/boringssl/crypto/x509v3/v3_enum.c +100 -0
  1081. data/third_party/boringssl/crypto/x509v3/v3_extku.c +148 -0
  1082. data/third_party/boringssl/crypto/x509v3/v3_genn.c +251 -0
  1083. data/third_party/boringssl/crypto/x509v3/v3_ia5.c +122 -0
  1084. data/third_party/boringssl/crypto/x509v3/v3_info.c +219 -0
  1085. data/third_party/boringssl/crypto/x509v3/v3_int.c +91 -0
  1086. data/third_party/boringssl/crypto/x509v3/v3_lib.c +370 -0
  1087. data/third_party/boringssl/crypto/x509v3/v3_ncons.c +501 -0
  1088. data/third_party/boringssl/crypto/x509v3/v3_pci.c +287 -0
  1089. data/third_party/boringssl/crypto/x509v3/v3_pcia.c +57 -0
  1090. data/third_party/boringssl/crypto/x509v3/v3_pcons.c +139 -0
  1091. data/third_party/boringssl/crypto/x509v3/v3_pku.c +110 -0
  1092. data/third_party/boringssl/crypto/x509v3/v3_pmaps.c +154 -0
  1093. data/third_party/boringssl/crypto/x509v3/v3_prn.c +229 -0
  1094. data/third_party/boringssl/crypto/x509v3/v3_purp.c +866 -0
  1095. data/third_party/boringssl/crypto/x509v3/v3_skey.c +152 -0
  1096. data/third_party/boringssl/crypto/x509v3/v3_sxnet.c +274 -0
  1097. data/third_party/boringssl/crypto/x509v3/v3_utl.c +1352 -0
  1098. data/third_party/boringssl/include/openssl/aead.h +423 -0
  1099. data/third_party/boringssl/include/openssl/aes.h +170 -0
  1100. data/third_party/boringssl/include/openssl/arm_arch.h +121 -0
  1101. data/third_party/boringssl/include/openssl/asn1.h +982 -0
  1102. data/third_party/boringssl/include/openssl/asn1_mac.h +18 -0
  1103. data/third_party/boringssl/include/openssl/asn1t.h +892 -0
  1104. data/third_party/boringssl/include/openssl/base.h +468 -0
  1105. data/third_party/boringssl/include/openssl/base64.h +187 -0
  1106. data/third_party/boringssl/include/openssl/bio.h +902 -0
  1107. data/third_party/boringssl/include/openssl/blowfish.h +93 -0
  1108. data/third_party/boringssl/include/openssl/bn.h +975 -0
  1109. data/third_party/boringssl/include/openssl/buf.h +137 -0
  1110. data/third_party/boringssl/include/openssl/buffer.h +18 -0
  1111. data/third_party/boringssl/include/openssl/bytestring.h +480 -0
  1112. data/third_party/boringssl/include/openssl/cast.h +96 -0
  1113. data/third_party/boringssl/include/openssl/chacha.h +41 -0
  1114. data/third_party/boringssl/include/openssl/cipher.h +608 -0
  1115. data/third_party/boringssl/include/openssl/cmac.h +87 -0
  1116. data/third_party/boringssl/include/openssl/conf.h +183 -0
  1117. data/third_party/boringssl/include/openssl/cpu.h +196 -0
  1118. data/third_party/boringssl/include/openssl/crypto.h +118 -0
  1119. data/third_party/boringssl/include/openssl/curve25519.h +201 -0
  1120. data/third_party/boringssl/include/openssl/des.h +177 -0
  1121. data/third_party/boringssl/include/openssl/dh.h +298 -0
  1122. data/third_party/boringssl/include/openssl/digest.h +316 -0
  1123. data/third_party/boringssl/include/openssl/dsa.h +435 -0
  1124. data/third_party/boringssl/include/openssl/dtls1.h +16 -0
  1125. data/third_party/boringssl/include/openssl/ec.h +407 -0
  1126. data/third_party/boringssl/include/openssl/ec_key.h +341 -0
  1127. data/third_party/boringssl/include/openssl/ecdh.h +101 -0
  1128. data/third_party/boringssl/include/openssl/ecdsa.h +199 -0
  1129. data/third_party/boringssl/include/openssl/engine.h +109 -0
  1130. data/third_party/boringssl/include/openssl/err.h +458 -0
  1131. data/third_party/boringssl/include/openssl/evp.h +873 -0
  1132. data/third_party/boringssl/include/openssl/ex_data.h +203 -0
  1133. data/third_party/boringssl/include/openssl/hkdf.h +64 -0
  1134. data/third_party/boringssl/include/openssl/hmac.h +186 -0
  1135. data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
  1136. data/third_party/boringssl/include/openssl/lhash.h +174 -0
  1137. data/third_party/boringssl/include/openssl/lhash_macros.h +174 -0
  1138. data/third_party/boringssl/include/openssl/md4.h +106 -0
  1139. data/third_party/boringssl/include/openssl/md5.h +107 -0
  1140. data/third_party/boringssl/include/openssl/mem.h +156 -0
  1141. data/third_party/boringssl/include/openssl/nid.h +4242 -0
  1142. data/third_party/boringssl/include/openssl/obj.h +233 -0
  1143. data/third_party/boringssl/include/openssl/obj_mac.h +18 -0
  1144. data/third_party/boringssl/include/openssl/objects.h +18 -0
  1145. data/third_party/boringssl/include/openssl/opensslconf.h +67 -0
  1146. data/third_party/boringssl/include/openssl/opensslv.h +18 -0
  1147. data/third_party/boringssl/include/openssl/ossl_typ.h +18 -0
  1148. data/third_party/boringssl/include/openssl/pem.h +397 -0
  1149. data/third_party/boringssl/include/openssl/pkcs12.h +18 -0
  1150. data/third_party/boringssl/include/openssl/pkcs7.h +82 -0
  1151. data/third_party/boringssl/include/openssl/pkcs8.h +230 -0
  1152. data/third_party/boringssl/include/openssl/poly1305.h +51 -0
  1153. data/third_party/boringssl/include/openssl/pool.h +91 -0
  1154. data/third_party/boringssl/include/openssl/rand.h +125 -0
  1155. data/third_party/boringssl/include/openssl/rc4.h +96 -0
  1156. data/third_party/boringssl/include/openssl/ripemd.h +107 -0
  1157. data/third_party/boringssl/include/openssl/rsa.h +731 -0
  1158. data/third_party/boringssl/include/openssl/safestack.h +16 -0
  1159. data/third_party/boringssl/include/openssl/sha.h +256 -0
  1160. data/third_party/boringssl/include/openssl/span.h +191 -0
  1161. data/third_party/boringssl/include/openssl/srtp.h +18 -0
  1162. data/third_party/boringssl/include/openssl/ssl.h +4592 -0
  1163. data/third_party/boringssl/include/openssl/ssl3.h +333 -0
  1164. data/third_party/boringssl/include/openssl/stack.h +485 -0
  1165. data/third_party/boringssl/include/openssl/thread.h +191 -0
  1166. data/third_party/boringssl/include/openssl/tls1.h +610 -0
  1167. data/third_party/boringssl/include/openssl/type_check.h +91 -0
  1168. data/third_party/boringssl/include/openssl/x509.h +1176 -0
  1169. data/third_party/boringssl/include/openssl/x509_vfy.h +614 -0
  1170. data/third_party/boringssl/include/openssl/x509v3.h +826 -0
  1171. data/third_party/boringssl/ssl/bio_ssl.cc +179 -0
  1172. data/third_party/boringssl/ssl/custom_extensions.cc +265 -0
  1173. data/third_party/boringssl/ssl/d1_both.cc +837 -0
  1174. data/third_party/boringssl/ssl/d1_lib.cc +267 -0
  1175. data/third_party/boringssl/ssl/d1_pkt.cc +274 -0
  1176. data/third_party/boringssl/ssl/d1_srtp.cc +232 -0
  1177. data/third_party/boringssl/ssl/dtls_method.cc +193 -0
  1178. data/third_party/boringssl/ssl/dtls_record.cc +353 -0
  1179. data/third_party/boringssl/ssl/handshake.cc +616 -0
  1180. data/third_party/boringssl/ssl/handshake_client.cc +1836 -0
  1181. data/third_party/boringssl/ssl/handshake_server.cc +1662 -0
  1182. data/third_party/boringssl/ssl/internal.h +3011 -0
  1183. data/third_party/boringssl/ssl/s3_both.cc +585 -0
  1184. data/third_party/boringssl/ssl/s3_lib.cc +224 -0
  1185. data/third_party/boringssl/ssl/s3_pkt.cc +443 -0
  1186. data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
  1187. data/third_party/boringssl/ssl/ssl_asn1.cc +840 -0
  1188. data/third_party/boringssl/ssl/ssl_buffer.cc +286 -0
  1189. data/third_party/boringssl/ssl/ssl_cert.cc +913 -0
  1190. data/third_party/boringssl/ssl/ssl_cipher.cc +1777 -0
  1191. data/third_party/boringssl/ssl/ssl_file.cc +583 -0
  1192. data/third_party/boringssl/ssl/ssl_key_share.cc +250 -0
  1193. data/third_party/boringssl/ssl/ssl_lib.cc +2650 -0
  1194. data/third_party/boringssl/ssl/ssl_privkey.cc +488 -0
  1195. data/third_party/boringssl/ssl/ssl_session.cc +1221 -0
  1196. data/third_party/boringssl/ssl/ssl_stat.cc +224 -0
  1197. data/third_party/boringssl/ssl/ssl_transcript.cc +398 -0
  1198. data/third_party/boringssl/ssl/ssl_versions.cc +472 -0
  1199. data/third_party/boringssl/ssl/ssl_x509.cc +1299 -0
  1200. data/third_party/boringssl/ssl/t1_enc.cc +503 -0
  1201. data/third_party/boringssl/ssl/t1_lib.cc +3457 -0
  1202. data/third_party/boringssl/ssl/tls13_both.cc +551 -0
  1203. data/third_party/boringssl/ssl/tls13_client.cc +977 -0
  1204. data/third_party/boringssl/ssl/tls13_enc.cc +563 -0
  1205. data/third_party/boringssl/ssl/tls13_server.cc +1068 -0
  1206. data/third_party/boringssl/ssl/tls_method.cc +291 -0
  1207. data/third_party/boringssl/ssl/tls_record.cc +712 -0
  1208. data/third_party/boringssl/third_party/fiat/curve25519.c +5062 -0
  1209. data/third_party/boringssl/third_party/fiat/internal.h +142 -0
  1210. data/third_party/cares/ares_build.h +223 -0
  1211. data/third_party/cares/cares/ares.h +658 -0
  1212. data/third_party/cares/cares/ares__close_sockets.c +61 -0
  1213. data/third_party/cares/cares/ares__get_hostent.c +261 -0
  1214. data/third_party/cares/cares/ares__read_line.c +73 -0
  1215. data/third_party/cares/cares/ares__timeval.c +111 -0
  1216. data/third_party/cares/cares/ares_cancel.c +63 -0
  1217. data/third_party/cares/cares/ares_create_query.c +202 -0
  1218. data/third_party/cares/cares/ares_data.c +221 -0
  1219. data/third_party/cares/cares/ares_data.h +72 -0
  1220. data/third_party/cares/cares/ares_destroy.c +108 -0
  1221. data/third_party/cares/cares/ares_dns.h +103 -0
  1222. data/third_party/cares/cares/ares_expand_name.c +209 -0
  1223. data/third_party/cares/cares/ares_expand_string.c +70 -0
  1224. data/third_party/cares/cares/ares_fds.c +59 -0
  1225. data/third_party/cares/cares/ares_free_hostent.c +41 -0
  1226. data/third_party/cares/cares/ares_free_string.c +25 -0
  1227. data/third_party/cares/cares/ares_getenv.c +30 -0
  1228. data/third_party/cares/cares/ares_getenv.h +26 -0
  1229. data/third_party/cares/cares/ares_gethostbyaddr.c +294 -0
  1230. data/third_party/cares/cares/ares_gethostbyname.c +518 -0
  1231. data/third_party/cares/cares/ares_getnameinfo.c +442 -0
  1232. data/third_party/cares/cares/ares_getopt.c +122 -0
  1233. data/third_party/cares/cares/ares_getopt.h +53 -0
  1234. data/third_party/cares/cares/ares_getsock.c +66 -0
  1235. data/third_party/cares/cares/ares_inet_net_pton.h +25 -0
  1236. data/third_party/cares/cares/ares_init.c +2514 -0
  1237. data/third_party/cares/cares/ares_iphlpapi.h +221 -0
  1238. data/third_party/cares/cares/ares_ipv6.h +78 -0
  1239. data/third_party/cares/cares/ares_library_init.c +177 -0
  1240. data/third_party/cares/cares/ares_library_init.h +43 -0
  1241. data/third_party/cares/cares/ares_llist.c +63 -0
  1242. data/third_party/cares/cares/ares_llist.h +39 -0
  1243. data/third_party/cares/cares/ares_mkquery.c +24 -0
  1244. data/third_party/cares/cares/ares_nowarn.c +260 -0
  1245. data/third_party/cares/cares/ares_nowarn.h +61 -0
  1246. data/third_party/cares/cares/ares_options.c +402 -0
  1247. data/third_party/cares/cares/ares_parse_a_reply.c +264 -0
  1248. data/third_party/cares/cares/ares_parse_aaaa_reply.c +264 -0
  1249. data/third_party/cares/cares/ares_parse_mx_reply.c +170 -0
  1250. data/third_party/cares/cares/ares_parse_naptr_reply.c +193 -0
  1251. data/third_party/cares/cares/ares_parse_ns_reply.c +183 -0
  1252. data/third_party/cares/cares/ares_parse_ptr_reply.c +219 -0
  1253. data/third_party/cares/cares/ares_parse_soa_reply.c +133 -0
  1254. data/third_party/cares/cares/ares_parse_srv_reply.c +179 -0
  1255. data/third_party/cares/cares/ares_parse_txt_reply.c +220 -0
  1256. data/third_party/cares/cares/ares_platform.c +11035 -0
  1257. data/third_party/cares/cares/ares_platform.h +43 -0
  1258. data/third_party/cares/cares/ares_private.h +374 -0
  1259. data/third_party/cares/cares/ares_process.c +1448 -0
  1260. data/third_party/cares/cares/ares_query.c +186 -0
  1261. data/third_party/cares/cares/ares_rules.h +125 -0
  1262. data/third_party/cares/cares/ares_search.c +316 -0
  1263. data/third_party/cares/cares/ares_send.c +131 -0
  1264. data/third_party/cares/cares/ares_setup.h +217 -0
  1265. data/third_party/cares/cares/ares_strcasecmp.c +66 -0
  1266. data/third_party/cares/cares/ares_strcasecmp.h +30 -0
  1267. data/third_party/cares/cares/ares_strdup.c +49 -0
  1268. data/third_party/cares/cares/ares_strdup.h +24 -0
  1269. data/third_party/cares/cares/ares_strerror.c +56 -0
  1270. data/third_party/cares/cares/ares_timeout.c +88 -0
  1271. data/third_party/cares/cares/ares_version.c +11 -0
  1272. data/third_party/cares/cares/ares_version.h +24 -0
  1273. data/third_party/cares/cares/ares_writev.c +79 -0
  1274. data/third_party/cares/cares/bitncmp.c +59 -0
  1275. data/third_party/cares/cares/bitncmp.h +26 -0
  1276. data/third_party/cares/cares/config-win32.h +351 -0
  1277. data/third_party/cares/cares/inet_net_pton.c +450 -0
  1278. data/third_party/cares/cares/inet_ntop.c +208 -0
  1279. data/third_party/cares/cares/setup_once.h +554 -0
  1280. data/third_party/cares/cares/windows_port.c +22 -0
  1281. data/third_party/cares/config_darwin/ares_config.h +425 -0
  1282. data/third_party/cares/config_freebsd/ares_config.h +502 -0
  1283. data/third_party/cares/config_linux/ares_config.h +458 -0
  1284. data/third_party/cares/config_openbsd/ares_config.h +502 -0
  1285. data/third_party/nanopb/pb.h +579 -0
  1286. data/third_party/nanopb/pb_common.c +97 -0
  1287. data/third_party/nanopb/pb_common.h +42 -0
  1288. data/third_party/nanopb/pb_decode.c +1347 -0
  1289. data/third_party/nanopb/pb_decode.h +149 -0
  1290. data/third_party/nanopb/pb_encode.c +696 -0
  1291. data/third_party/nanopb/pb_encode.h +154 -0
  1292. data/third_party/zlib/adler32.c +186 -0
  1293. data/third_party/zlib/compress.c +86 -0
  1294. data/third_party/zlib/crc32.c +442 -0
  1295. data/third_party/zlib/crc32.h +441 -0
  1296. data/third_party/zlib/deflate.c +2163 -0
  1297. data/third_party/zlib/deflate.h +349 -0
  1298. data/third_party/zlib/gzclose.c +25 -0
  1299. data/third_party/zlib/gzguts.h +218 -0
  1300. data/third_party/zlib/gzlib.c +637 -0
  1301. data/third_party/zlib/gzread.c +654 -0
  1302. data/third_party/zlib/gzwrite.c +665 -0
  1303. data/third_party/zlib/infback.c +640 -0
  1304. data/third_party/zlib/inffast.c +323 -0
  1305. data/third_party/zlib/inffast.h +11 -0
  1306. data/third_party/zlib/inffixed.h +94 -0
  1307. data/third_party/zlib/inflate.c +1561 -0
  1308. data/third_party/zlib/inflate.h +125 -0
  1309. data/third_party/zlib/inftrees.c +304 -0
  1310. data/third_party/zlib/inftrees.h +62 -0
  1311. data/third_party/zlib/trees.c +1203 -0
  1312. data/third_party/zlib/trees.h +128 -0
  1313. data/third_party/zlib/uncompr.c +93 -0
  1314. data/third_party/zlib/zconf.h +534 -0
  1315. data/third_party/zlib/zlib.h +1912 -0
  1316. data/third_party/zlib/zutil.c +325 -0
  1317. data/third_party/zlib/zutil.h +271 -0
  1318. metadata +1586 -0
@@ -0,0 +1,3011 @@
1
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
+ * All rights reserved.
3
+ *
4
+ * This package is an SSL implementation written
5
+ * by Eric Young (eay@cryptsoft.com).
6
+ * The implementation was written so as to conform with Netscapes SSL.
7
+ *
8
+ * This library is free for commercial and non-commercial use as long as
9
+ * the following conditions are aheared to. The following conditions
10
+ * apply to all code found in this distribution, be it the RC4, RSA,
11
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
+ * included with this distribution is covered by the same copyright terms
13
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
+ *
15
+ * Copyright remains Eric Young's, and as such any Copyright notices in
16
+ * the code are not to be removed.
17
+ * If this package is used in a product, Eric Young should be given attribution
18
+ * as the author of the parts of the library used.
19
+ * This can be in the form of a textual message at program startup or
20
+ * in documentation (online or textual) provided with the package.
21
+ *
22
+ * Redistribution and use in source and binary forms, with or without
23
+ * modification, are permitted provided that the following conditions
24
+ * are met:
25
+ * 1. Redistributions of source code must retain the copyright
26
+ * notice, this list of conditions and the following disclaimer.
27
+ * 2. Redistributions in binary form must reproduce the above copyright
28
+ * notice, this list of conditions and the following disclaimer in the
29
+ * documentation and/or other materials provided with the distribution.
30
+ * 3. All advertising materials mentioning features or use of this software
31
+ * must display the following acknowledgement:
32
+ * "This product includes cryptographic software written by
33
+ * Eric Young (eay@cryptsoft.com)"
34
+ * The word 'cryptographic' can be left out if the rouines from the library
35
+ * being used are not cryptographic related :-).
36
+ * 4. If you include any Windows specific code (or a derivative thereof) from
37
+ * the apps directory (application code) you must include an acknowledgement:
38
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
+ *
40
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
+ * SUCH DAMAGE.
51
+ *
52
+ * The licence and distribution terms for any publically available version or
53
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
54
+ * copied and put under another distribution licence
55
+ * [including the GNU Public Licence.]
56
+ */
57
+ /* ====================================================================
58
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
+ *
60
+ * Redistribution and use in source and binary forms, with or without
61
+ * modification, are permitted provided that the following conditions
62
+ * are met:
63
+ *
64
+ * 1. Redistributions of source code must retain the above copyright
65
+ * notice, this list of conditions and the following disclaimer.
66
+ *
67
+ * 2. Redistributions in binary form must reproduce the above copyright
68
+ * notice, this list of conditions and the following disclaimer in
69
+ * the documentation and/or other materials provided with the
70
+ * distribution.
71
+ *
72
+ * 3. All advertising materials mentioning features or use of this
73
+ * software must display the following acknowledgment:
74
+ * "This product includes software developed by the OpenSSL Project
75
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
+ *
77
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
+ * endorse or promote products derived from this software without
79
+ * prior written permission. For written permission, please contact
80
+ * openssl-core@openssl.org.
81
+ *
82
+ * 5. Products derived from this software may not be called "OpenSSL"
83
+ * nor may "OpenSSL" appear in their names without prior written
84
+ * permission of the OpenSSL Project.
85
+ *
86
+ * 6. Redistributions of any form whatsoever must retain the following
87
+ * acknowledgment:
88
+ * "This product includes software developed by the OpenSSL Project
89
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
+ *
91
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
103
+ * ====================================================================
104
+ *
105
+ * This product includes cryptographic software written by Eric Young
106
+ * (eay@cryptsoft.com). This product includes software written by Tim
107
+ * Hudson (tjh@cryptsoft.com).
108
+ *
109
+ */
110
+ /* ====================================================================
111
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
+ * ECC cipher suite support in OpenSSL originally developed by
113
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114
+ */
115
+ /* ====================================================================
116
+ * Copyright 2005 Nokia. All rights reserved.
117
+ *
118
+ * The portions of the attached software ("Contribution") is developed by
119
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120
+ * license.
121
+ *
122
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124
+ * support (see RFC 4279) to OpenSSL.
125
+ *
126
+ * No patent licenses or other rights except those expressly stated in
127
+ * the OpenSSL open source license shall be deemed granted or received
128
+ * expressly, by implication, estoppel, or otherwise.
129
+ *
130
+ * No assurances are provided by Nokia that the Contribution does not
131
+ * infringe the patent or other intellectual property rights of any third
132
+ * party or that the license provides you with all the necessary rights
133
+ * to make use of the Contribution.
134
+ *
135
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139
+ * OTHERWISE.
140
+ */
141
+
142
+ #ifndef OPENSSL_HEADER_SSL_INTERNAL_H
143
+ #define OPENSSL_HEADER_SSL_INTERNAL_H
144
+
145
+ #include <openssl/base.h>
146
+
147
+ #include <stdlib.h>
148
+
149
+ #include <limits>
150
+ #include <new>
151
+ #include <type_traits>
152
+ #include <utility>
153
+
154
+ #include <openssl/aead.h>
155
+ #include <openssl/err.h>
156
+ #include <openssl/lhash.h>
157
+ #include <openssl/mem.h>
158
+ #include <openssl/ssl.h>
159
+ #include <openssl/span.h>
160
+ #include <openssl/stack.h>
161
+
162
+ #include "../crypto/err/internal.h"
163
+ #include "../crypto/internal.h"
164
+
165
+
166
+ #if defined(OPENSSL_WINDOWS)
167
+ // Windows defines struct timeval in winsock2.h.
168
+ OPENSSL_MSVC_PRAGMA(warning(push, 3))
169
+ #include <winsock2.h>
170
+ OPENSSL_MSVC_PRAGMA(warning(pop))
171
+ #else
172
+ #include <sys/time.h>
173
+ #endif
174
+
175
+
176
+ namespace bssl {
177
+
178
+ struct SSL_HANDSHAKE;
179
+ struct SSL_PROTOCOL_METHOD;
180
+
181
+ // C++ utilities.
182
+
183
+ // New behaves like |new| but uses |OPENSSL_malloc| for memory allocation. It
184
+ // returns nullptr on allocation error. It only implements single-object
185
+ // allocation and not new T[n].
186
+ //
187
+ // Note: unlike |new|, this does not support non-public constructors.
188
+ template <typename T, typename... Args>
189
+ T *New(Args &&... args) {
190
+ void *t = OPENSSL_malloc(sizeof(T));
191
+ if (t == nullptr) {
192
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
193
+ return nullptr;
194
+ }
195
+ return new (t) T(std::forward<Args>(args)...);
196
+ }
197
+
198
+ // Delete behaves like |delete| but uses |OPENSSL_free| to release memory.
199
+ //
200
+ // Note: unlike |delete| this does not support non-public destructors.
201
+ template <typename T>
202
+ void Delete(T *t) {
203
+ if (t != nullptr) {
204
+ t->~T();
205
+ OPENSSL_free(t);
206
+ }
207
+ }
208
+
209
+ // All types with kAllowUniquePtr set may be used with UniquePtr. Other types
210
+ // may be C structs which require a |BORINGSSL_MAKE_DELETER| registration.
211
+ namespace internal {
212
+ template <typename T>
213
+ struct DeleterImpl<T, typename std::enable_if<T::kAllowUniquePtr>::type> {
214
+ static void Free(T *t) { Delete(t); }
215
+ };
216
+ }
217
+
218
+ // MakeUnique behaves like |std::make_unique| but returns nullptr on allocation
219
+ // error.
220
+ template <typename T, typename... Args>
221
+ UniquePtr<T> MakeUnique(Args &&... args) {
222
+ return UniquePtr<T>(New<T>(std::forward<Args>(args)...));
223
+ }
224
+
225
+ #if defined(BORINGSSL_ALLOW_CXX_RUNTIME)
226
+ #define HAS_VIRTUAL_DESTRUCTOR
227
+ #define PURE_VIRTUAL = 0
228
+ #else
229
+ // HAS_VIRTUAL_DESTRUCTOR should be declared in any base class which defines a
230
+ // virtual destructor. This avoids a dependency on |_ZdlPv| and prevents the
231
+ // class from being used with |delete|.
232
+ #define HAS_VIRTUAL_DESTRUCTOR \
233
+ void operator delete(void *) { abort(); }
234
+
235
+ // PURE_VIRTUAL should be used instead of = 0 when defining pure-virtual
236
+ // functions. This avoids a dependency on |__cxa_pure_virtual| but loses
237
+ // compile-time checking.
238
+ #define PURE_VIRTUAL { abort(); }
239
+ #endif
240
+
241
+ // CONSTEXPR_ARRAY works around a VS 2015 bug where ranged for loops don't work
242
+ // on constexpr arrays.
243
+ #if defined(_MSC_VER) && !defined(__clang__) && _MSC_VER < 1910
244
+ #define CONSTEXPR_ARRAY const
245
+ #else
246
+ #define CONSTEXPR_ARRAY constexpr
247
+ #endif
248
+
249
+ // Array<T> is an owning array of elements of |T|.
250
+ template <typename T>
251
+ class Array {
252
+ public:
253
+ // Array's default constructor creates an empty array.
254
+ Array() {}
255
+ Array(const Array &) = delete;
256
+ Array(Array &&other) { *this = std::move(other); }
257
+
258
+ ~Array() { Reset(); }
259
+
260
+ Array &operator=(const Array &) = delete;
261
+ Array &operator=(Array &&other) {
262
+ Reset();
263
+ other.Release(&data_, &size_);
264
+ return *this;
265
+ }
266
+
267
+ const T *data() const { return data_; }
268
+ T *data() { return data_; }
269
+ size_t size() const { return size_; }
270
+ bool empty() const { return size_ == 0; }
271
+
272
+ const T &operator[](size_t i) const { return data_[i]; }
273
+ T &operator[](size_t i) { return data_[i]; }
274
+
275
+ T *begin() { return data_; }
276
+ const T *cbegin() const { return data_; }
277
+ T *end() { return data_ + size_; }
278
+ const T *cend() const { return data_ + size_; }
279
+
280
+ void Reset() { Reset(nullptr, 0); }
281
+
282
+ // Reset releases the current contents of the array and takes ownership of the
283
+ // raw pointer supplied by the caller.
284
+ void Reset(T *new_data, size_t new_size) {
285
+ for (size_t i = 0; i < size_; i++) {
286
+ data_[i].~T();
287
+ }
288
+ OPENSSL_free(data_);
289
+ data_ = new_data;
290
+ size_ = new_size;
291
+ }
292
+
293
+ // Release releases ownership of the array to a raw pointer supplied by the
294
+ // caller.
295
+ void Release(T **out, size_t *out_size) {
296
+ *out = data_;
297
+ *out_size = size_;
298
+ data_ = nullptr;
299
+ size_ = 0;
300
+ }
301
+
302
+ // Init replaces the array with a newly-allocated array of |new_size|
303
+ // default-constructed copies of |T|. It returns true on success and false on
304
+ // error.
305
+ //
306
+ // Note that if |T| is a primitive type like |uint8_t|, it is uninitialized.
307
+ bool Init(size_t new_size) {
308
+ Reset();
309
+ if (new_size == 0) {
310
+ return true;
311
+ }
312
+
313
+ if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
314
+ OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
315
+ return false;
316
+ }
317
+ data_ = reinterpret_cast<T*>(OPENSSL_malloc(new_size * sizeof(T)));
318
+ if (data_ == nullptr) {
319
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
320
+ return false;
321
+ }
322
+ size_ = new_size;
323
+ for (size_t i = 0; i < size_; i++) {
324
+ new (&data_[i]) T;
325
+ }
326
+ return true;
327
+ }
328
+
329
+ // CopyFrom replaces the array with a newly-allocated copy of |in|. It returns
330
+ // true on success and false on error.
331
+ bool CopyFrom(Span<const uint8_t> in) {
332
+ if (!Init(in.size())) {
333
+ return false;
334
+ }
335
+ OPENSSL_memcpy(data_, in.data(), in.size());
336
+ return true;
337
+ }
338
+
339
+ private:
340
+ T *data_ = nullptr;
341
+ size_t size_ = 0;
342
+ };
343
+
344
+ // CBBFinishArray behaves like |CBB_finish| but stores the result in an Array.
345
+ bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out);
346
+
347
+
348
+ // Protocol versions.
349
+ //
350
+ // Due to DTLS's historical wire version differences and to support multiple
351
+ // variants of the same protocol during development, we maintain two notions of
352
+ // version.
353
+ //
354
+ // The "version" or "wire version" is the actual 16-bit value that appears on
355
+ // the wire. It uniquely identifies a version and is also used at API
356
+ // boundaries. The set of supported versions differs between TLS and DTLS. Wire
357
+ // versions are opaque values and may not be compared numerically.
358
+ //
359
+ // The "protocol version" identifies the high-level handshake variant being
360
+ // used. DTLS versions map to the corresponding TLS versions. Draft TLS 1.3
361
+ // variants all map to TLS 1.3. Protocol versions are sequential and may be
362
+ // compared numerically.
363
+
364
+ // ssl_protocol_version_from_wire sets |*out| to the protocol version
365
+ // corresponding to wire version |version| and returns true. If |version| is not
366
+ // a valid TLS or DTLS version, it returns false.
367
+ //
368
+ // Note this simultaneously handles both DTLS and TLS. Use one of the
369
+ // higher-level functions below for most operations.
370
+ bool ssl_protocol_version_from_wire(uint16_t *out, uint16_t version);
371
+
372
+ // ssl_get_version_range sets |*out_min_version| and |*out_max_version| to the
373
+ // minimum and maximum enabled protocol versions, respectively.
374
+ bool ssl_get_version_range(const SSL *ssl, uint16_t *out_min_version,
375
+ uint16_t *out_max_version);
376
+
377
+ // ssl_supports_version returns whether |hs| supports |version|.
378
+ bool ssl_supports_version(SSL_HANDSHAKE *hs, uint16_t version);
379
+
380
+ // ssl_add_supported_versions writes the supported versions of |hs| to |cbb|, in
381
+ // decreasing preference order.
382
+ bool ssl_add_supported_versions(SSL_HANDSHAKE *hs, CBB *cbb);
383
+
384
+ // ssl_negotiate_version negotiates a common version based on |hs|'s preferences
385
+ // and the peer preference list in |peer_versions|. On success, it returns true
386
+ // and sets |*out_version| to the selected version. Otherwise, it returns false
387
+ // and sets |*out_alert| to an alert to send.
388
+ bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
389
+ uint16_t *out_version, const CBS *peer_versions);
390
+
391
+ // ssl_protocol_version returns |ssl|'s protocol version. It is an error to
392
+ // call this function before the version is determined.
393
+ uint16_t ssl_protocol_version(const SSL *ssl);
394
+
395
+ // ssl_is_draft21 returns whether the version corresponds to a draft21 TLS 1.3
396
+ // variant.
397
+ bool ssl_is_draft21(uint16_t version);
398
+
399
+ // ssl_is_draft22 returns whether the version corresponds to a draft22 TLS 1.3
400
+ // variant.
401
+ bool ssl_is_draft22(uint16_t version);
402
+
403
+ // ssl_is_resumption_experiment returns whether the version corresponds to a
404
+ // TLS 1.3 resumption experiment.
405
+ bool ssl_is_resumption_experiment(uint16_t version);
406
+
407
+ // ssl_is_resumption_variant returns whether the version corresponds to a
408
+ // TLS 1.3 resumption experiment.
409
+ bool ssl_is_resumption_variant(enum tls13_variant_t variant);
410
+
411
+ // ssl_is_resumption_client_ccs_experiment returns whether the version
412
+ // corresponds to a TLS 1.3 resumption experiment that sends a client CCS.
413
+ bool ssl_is_resumption_client_ccs_experiment(uint16_t version);
414
+
415
+ // ssl_is_resumption_record_version_experiment returns whether the version
416
+ // corresponds to a TLS 1.3 resumption experiment that modifies the record
417
+ // version.
418
+ bool ssl_is_resumption_record_version_experiment(uint16_t version);
419
+
420
+
421
+ // Cipher suites.
422
+
423
+ } // namespace bssl
424
+
425
+ struct ssl_cipher_st {
426
+ // name is the OpenSSL name for the cipher.
427
+ const char *name;
428
+ // standard_name is the IETF name for the cipher.
429
+ const char *standard_name;
430
+ // id is the cipher suite value bitwise OR-d with 0x03000000.
431
+ uint32_t id;
432
+
433
+ // algorithm_* determine the cipher suite. See constants below for the values.
434
+ uint32_t algorithm_mkey;
435
+ uint32_t algorithm_auth;
436
+ uint32_t algorithm_enc;
437
+ uint32_t algorithm_mac;
438
+ uint32_t algorithm_prf;
439
+ };
440
+
441
+ namespace bssl {
442
+
443
+ // Bits for |algorithm_mkey| (key exchange algorithm).
444
+ #define SSL_kRSA 0x00000001u
445
+ #define SSL_kECDHE 0x00000002u
446
+ // SSL_kPSK is only set for plain PSK, not ECDHE_PSK.
447
+ #define SSL_kPSK 0x00000004u
448
+ #define SSL_kGENERIC 0x00000008u
449
+
450
+ // Bits for |algorithm_auth| (server authentication).
451
+ #define SSL_aRSA 0x00000001u
452
+ #define SSL_aECDSA 0x00000002u
453
+ // SSL_aPSK is set for both PSK and ECDHE_PSK.
454
+ #define SSL_aPSK 0x00000004u
455
+ #define SSL_aGENERIC 0x00000008u
456
+
457
+ #define SSL_aCERT (SSL_aRSA | SSL_aECDSA)
458
+
459
+ // Bits for |algorithm_enc| (symmetric encryption).
460
+ #define SSL_3DES 0x00000001u
461
+ #define SSL_AES128 0x00000002u
462
+ #define SSL_AES256 0x00000004u
463
+ #define SSL_AES128GCM 0x00000008u
464
+ #define SSL_AES256GCM 0x00000010u
465
+ #define SSL_eNULL 0x00000020u
466
+ #define SSL_CHACHA20POLY1305 0x00000040u
467
+
468
+ #define SSL_AES (SSL_AES128 | SSL_AES256 | SSL_AES128GCM | SSL_AES256GCM)
469
+
470
+ // Bits for |algorithm_mac| (symmetric authentication).
471
+ #define SSL_SHA1 0x00000001u
472
+ #define SSL_SHA256 0x00000002u
473
+ #define SSL_SHA384 0x00000004u
474
+ // SSL_AEAD is set for all AEADs.
475
+ #define SSL_AEAD 0x00000008u
476
+
477
+ // Bits for |algorithm_prf| (handshake digest).
478
+ #define SSL_HANDSHAKE_MAC_DEFAULT 0x1
479
+ #define SSL_HANDSHAKE_MAC_SHA256 0x2
480
+ #define SSL_HANDSHAKE_MAC_SHA384 0x4
481
+
482
+ // SSL_MAX_DIGEST is the number of digest types which exist. When adding a new
483
+ // one, update the table in ssl_cipher.c.
484
+ #define SSL_MAX_DIGEST 4
485
+
486
+ // ssl_cipher_get_evp_aead sets |*out_aead| to point to the correct EVP_AEAD
487
+ // object for |cipher| protocol version |version|. It sets |*out_mac_secret_len|
488
+ // and |*out_fixed_iv_len| to the MAC key length and fixed IV length,
489
+ // respectively. The MAC key length is zero except for legacy block and stream
490
+ // ciphers. It returns true on success and false on error.
491
+ bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
492
+ size_t *out_mac_secret_len,
493
+ size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
494
+ uint16_t version, int is_dtls);
495
+
496
+ // ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
497
+ // |cipher|.
498
+ const EVP_MD *ssl_get_handshake_digest(uint16_t version,
499
+ const SSL_CIPHER *cipher);
500
+
501
+ // ssl_create_cipher_list evaluates |rule_str|. It sets |*out_cipher_list| to a
502
+ // newly-allocated |ssl_cipher_preference_list_st| containing the result. It
503
+ // returns true on success and false on failure. If |strict| is true, nonsense
504
+ // will be rejected. If false, nonsense will be silently ignored. An empty
505
+ // result is considered an error regardless of |strict|.
506
+ bool ssl_create_cipher_list(
507
+ struct ssl_cipher_preference_list_st **out_cipher_list,
508
+ const char *rule_str, bool strict);
509
+
510
+ // ssl_cipher_get_value returns the cipher suite id of |cipher|.
511
+ uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher);
512
+
513
+ // ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
514
+ // values suitable for use with |key| in TLS 1.2 and below.
515
+ uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key);
516
+
517
+ // ssl_cipher_uses_certificate_auth returns whether |cipher| authenticates the
518
+ // server and, optionally, the client with a certificate.
519
+ bool ssl_cipher_uses_certificate_auth(const SSL_CIPHER *cipher);
520
+
521
+ // ssl_cipher_requires_server_key_exchange returns whether |cipher| requires a
522
+ // ServerKeyExchange message.
523
+ //
524
+ // This function may return false while still allowing |cipher| an optional
525
+ // ServerKeyExchange. This is the case for plain PSK ciphers.
526
+ bool ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher);
527
+
528
+ // ssl_cipher_get_record_split_len, for TLS 1.0 CBC mode ciphers, returns the
529
+ // length of an encrypted 1-byte record, for use in record-splitting. Otherwise
530
+ // it returns zero.
531
+ size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher);
532
+
533
+
534
+ // Transcript layer.
535
+
536
+ // SSLTranscript maintains the handshake transcript as a combination of a
537
+ // buffer and running hash.
538
+ class SSLTranscript {
539
+ public:
540
+ SSLTranscript();
541
+ ~SSLTranscript();
542
+
543
+ // Init initializes the handshake transcript. If called on an existing
544
+ // transcript, it resets the transcript and hash. It returns true on success
545
+ // and false on failure.
546
+ bool Init();
547
+
548
+ // InitHash initializes the handshake hash based on the PRF and contents of
549
+ // the handshake transcript. Subsequent calls to |Update| will update the
550
+ // rolling hash. It returns one on success and zero on failure. It is an error
551
+ // to call this function after the handshake buffer is released.
552
+ bool InitHash(uint16_t version, const SSL_CIPHER *cipher);
553
+
554
+ // UpdateForHelloRetryRequest resets the rolling hash with the
555
+ // HelloRetryRequest construction. It returns true on success and false on
556
+ // failure. It is an error to call this function before the handshake buffer
557
+ // is released.
558
+ bool UpdateForHelloRetryRequest();
559
+
560
+ // CopyHashContext copies the hash context into |ctx| and returns true on
561
+ // success.
562
+ bool CopyHashContext(EVP_MD_CTX *ctx);
563
+
564
+ Span<const uint8_t> buffer() {
565
+ return MakeConstSpan(reinterpret_cast<const uint8_t *>(buffer_->data),
566
+ buffer_->length);
567
+ }
568
+
569
+ // FreeBuffer releases the handshake buffer. Subsequent calls to
570
+ // |Update| will not update the handshake buffer.
571
+ void FreeBuffer();
572
+
573
+ // DigestLen returns the length of the PRF hash.
574
+ size_t DigestLen() const;
575
+
576
+ // Digest returns the PRF hash. For TLS 1.1 and below, this is
577
+ // |EVP_md5_sha1|.
578
+ const EVP_MD *Digest() const;
579
+
580
+ // Update adds |in| to the handshake buffer and handshake hash, whichever is
581
+ // enabled. It returns true on success and false on failure.
582
+ bool Update(Span<const uint8_t> in);
583
+
584
+ // GetHash writes the handshake hash to |out| which must have room for at
585
+ // least |DigestLen| bytes. On success, it returns true and sets |*out_len| to
586
+ // the number of bytes written. Otherwise, it returns false.
587
+ bool GetHash(uint8_t *out, size_t *out_len);
588
+
589
+ // GetSSL3CertVerifyHash writes the SSL 3.0 CertificateVerify hash into the
590
+ // bytes pointed to by |out| and writes the number of bytes to
591
+ // |*out_len|. |out| must have room for |EVP_MAX_MD_SIZE| bytes. It returns
592
+ // one on success and zero on failure.
593
+ bool GetSSL3CertVerifyHash(uint8_t *out, size_t *out_len,
594
+ const SSL_SESSION *session,
595
+ uint16_t signature_algorithm);
596
+
597
+ // GetFinishedMAC computes the MAC for the Finished message into the bytes
598
+ // pointed by |out| and writes the number of bytes to |*out_len|. |out| must
599
+ // have room for |EVP_MAX_MD_SIZE| bytes. It returns true on success and false
600
+ // on failure.
601
+ bool GetFinishedMAC(uint8_t *out, size_t *out_len, const SSL_SESSION *session,
602
+ bool from_server);
603
+
604
+ private:
605
+ // buffer_, if non-null, contains the handshake transcript.
606
+ UniquePtr<BUF_MEM> buffer_;
607
+ // hash, if initialized with an |EVP_MD|, maintains the handshake hash. For
608
+ // TLS 1.1 and below, it is the SHA-1 half.
609
+ ScopedEVP_MD_CTX hash_;
610
+ // md5, if initialized with an |EVP_MD|, maintains the MD5 half of the
611
+ // handshake hash for TLS 1.1 and below.
612
+ ScopedEVP_MD_CTX md5_;
613
+ };
614
+
615
+ // tls1_prf computes the PRF function for |ssl|. It fills |out|, using |secret|
616
+ // as the secret and |label| as the label. |seed1| and |seed2| are concatenated
617
+ // to form the seed parameter. It returns true on success and false on failure.
618
+ bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
619
+ Span<const uint8_t> secret, Span<const char> label,
620
+ Span<const uint8_t> seed1, Span<const uint8_t> seed2);
621
+
622
+
623
+ // Encryption layer.
624
+
625
+ // SSLAEADContext contains information about an AEAD that is being used to
626
+ // encrypt an SSL connection.
627
+ class SSLAEADContext {
628
+ public:
629
+ SSLAEADContext(uint16_t version, bool is_dtls, const SSL_CIPHER *cipher);
630
+ ~SSLAEADContext();
631
+ static constexpr bool kAllowUniquePtr = true;
632
+
633
+ SSLAEADContext(const SSLAEADContext &&) = delete;
634
+ SSLAEADContext &operator=(const SSLAEADContext &&) = delete;
635
+
636
+ // CreateNullCipher creates an |SSLAEADContext| for the null cipher.
637
+ static UniquePtr<SSLAEADContext> CreateNullCipher(bool is_dtls);
638
+
639
+ // Create creates an |SSLAEADContext| using the supplied key material. It
640
+ // returns nullptr on error. Only one of |Open| or |Seal| may be used with the
641
+ // resulting object, depending on |direction|. |version| is the normalized
642
+ // protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
643
+ static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
644
+ uint16_t version, int is_dtls,
645
+ const SSL_CIPHER *cipher,
646
+ Span<const uint8_t> enc_key,
647
+ Span<const uint8_t> mac_key,
648
+ Span<const uint8_t> fixed_iv);
649
+
650
+ // SetVersionIfNullCipher sets the version the SSLAEADContext for the null
651
+ // cipher, to make version-specific determinations in the record layer prior
652
+ // to a cipher being selected.
653
+ void SetVersionIfNullCipher(uint16_t version);
654
+
655
+ // ProtocolVersion returns the protocol version associated with this
656
+ // SSLAEADContext. It can only be called once |version_| has been set to a
657
+ // valid value.
658
+ uint16_t ProtocolVersion() const;
659
+
660
+ // RecordVersion returns the record version that should be used with this
661
+ // SSLAEADContext for record construction and crypto.
662
+ uint16_t RecordVersion() const;
663
+
664
+ const SSL_CIPHER *cipher() const { return cipher_; }
665
+
666
+ // is_null_cipher returns true if this is the null cipher.
667
+ bool is_null_cipher() const { return !cipher_; }
668
+
669
+ // ExplicitNonceLen returns the length of the explicit nonce.
670
+ size_t ExplicitNonceLen() const;
671
+
672
+ // MaxOverhead returns the maximum overhead of calling |Seal|.
673
+ size_t MaxOverhead() const;
674
+
675
+ // SuffixLen calculates the suffix length written by |SealScatter| and writes
676
+ // it to |*out_suffix_len|. It returns true on success and false on error.
677
+ // |in_len| and |extra_in_len| should equal the argument of the same names
678
+ // passed to |SealScatter|.
679
+ bool SuffixLen(size_t *out_suffix_len, size_t in_len,
680
+ size_t extra_in_len) const;
681
+
682
+ // Open authenticates and decrypts |in| in-place. On success, it sets |*out|
683
+ // to the plaintext in |in| and returns true. Otherwise, it returns
684
+ // false. The output will always be |ExplicitNonceLen| bytes ahead of |in|.
685
+ bool Open(Span<uint8_t> *out, uint8_t type, uint16_t record_version,
686
+ const uint8_t seqnum[8], Span<uint8_t> in);
687
+
688
+ // Seal encrypts and authenticates |in_len| bytes from |in| and writes the
689
+ // result to |out|. It returns true on success and false on error.
690
+ //
691
+ // If |in| and |out| alias then |out| + |ExplicitNonceLen| must be == |in|.
692
+ bool Seal(uint8_t *out, size_t *out_len, size_t max_out, uint8_t type,
693
+ uint16_t record_version, const uint8_t seqnum[8], const uint8_t *in,
694
+ size_t in_len);
695
+
696
+ // SealScatter encrypts and authenticates |in_len| bytes from |in| and splits
697
+ // the result between |out_prefix|, |out| and |out_suffix|. It returns one on
698
+ // success and zero on error.
699
+ //
700
+ // On successful return, exactly |ExplicitNonceLen| bytes are written to
701
+ // |out_prefix|, |in_len| bytes to |out|, and |SuffixLen| bytes to
702
+ // |out_suffix|.
703
+ //
704
+ // |extra_in| may point to an additional plaintext buffer. If present,
705
+ // |extra_in_len| additional bytes are encrypted and authenticated, and the
706
+ // ciphertext is written to the beginning of |out_suffix|. |SuffixLen| should
707
+ // be used to size |out_suffix| accordingly.
708
+ //
709
+ // If |in| and |out| alias then |out| must be == |in|. Other arguments may not
710
+ // alias anything.
711
+ bool SealScatter(uint8_t *out_prefix, uint8_t *out, uint8_t *out_suffix,
712
+ uint8_t type, uint16_t record_version,
713
+ const uint8_t seqnum[8], const uint8_t *in, size_t in_len,
714
+ const uint8_t *extra_in, size_t extra_in_len);
715
+
716
+ bool GetIV(const uint8_t **out_iv, size_t *out_iv_len) const;
717
+
718
+ private:
719
+ // GetAdditionalData writes the additional data into |out| and returns the
720
+ // number of bytes written.
721
+ size_t GetAdditionalData(uint8_t out[13], uint8_t type,
722
+ uint16_t record_version, const uint8_t seqnum[8],
723
+ size_t plaintext_len);
724
+
725
+ const SSL_CIPHER *cipher_;
726
+ ScopedEVP_AEAD_CTX ctx_;
727
+ // fixed_nonce_ contains any bytes of the nonce that are fixed for all
728
+ // records.
729
+ uint8_t fixed_nonce_[12];
730
+ uint8_t fixed_nonce_len_ = 0, variable_nonce_len_ = 0;
731
+ // version_ is the wire version that should be used with this AEAD.
732
+ uint16_t version_;
733
+ // is_dtls_ is whether DTLS is being used with this AEAD.
734
+ bool is_dtls_;
735
+ // variable_nonce_included_in_record_ is true if the variable nonce
736
+ // for a record is included as a prefix before the ciphertext.
737
+ bool variable_nonce_included_in_record_ : 1;
738
+ // random_variable_nonce_ is true if the variable nonce is
739
+ // randomly generated, rather than derived from the sequence
740
+ // number.
741
+ bool random_variable_nonce_ : 1;
742
+ // omit_length_in_ad_ is true if the length should be omitted in the
743
+ // AEAD's ad parameter.
744
+ bool omit_length_in_ad_ : 1;
745
+ // omit_version_in_ad_ is true if the version should be omitted
746
+ // in the AEAD's ad parameter.
747
+ bool omit_version_in_ad_ : 1;
748
+ // omit_ad_ is true if the AEAD's ad parameter should be omitted.
749
+ bool omit_ad_ : 1;
750
+ // xor_fixed_nonce_ is true if the fixed nonce should be XOR'd into the
751
+ // variable nonce rather than prepended.
752
+ bool xor_fixed_nonce_ : 1;
753
+ };
754
+
755
+
756
+ // DTLS replay bitmap.
757
+
758
+ // DTLS1_BITMAP maintains a sliding window of 64 sequence numbers to detect
759
+ // replayed packets. It should be initialized by zeroing every field.
760
+ struct DTLS1_BITMAP {
761
+ // map is a bit mask of the last 64 sequence numbers. Bit
762
+ // |1<<i| corresponds to |max_seq_num - i|.
763
+ uint64_t map = 0;
764
+ // max_seq_num is the largest sequence number seen so far as a 64-bit
765
+ // integer.
766
+ uint64_t max_seq_num = 0;
767
+ };
768
+
769
+
770
+ // Record layer.
771
+
772
+ // ssl_record_sequence_update increments the sequence number in |seq|. It
773
+ // returns one on success and zero on wraparound.
774
+ int ssl_record_sequence_update(uint8_t *seq, size_t seq_len);
775
+
776
+ // ssl_record_prefix_len returns the length of the prefix before the ciphertext
777
+ // of a record for |ssl|.
778
+ //
779
+ // TODO(davidben): Expose this as part of public API once the high-level
780
+ // buffer-free APIs are available.
781
+ size_t ssl_record_prefix_len(const SSL *ssl);
782
+
783
+ enum ssl_open_record_t {
784
+ ssl_open_record_success,
785
+ ssl_open_record_discard,
786
+ ssl_open_record_partial,
787
+ ssl_open_record_close_notify,
788
+ ssl_open_record_error,
789
+ };
790
+
791
+ // tls_open_record decrypts a record from |in| in-place.
792
+ //
793
+ // If the input did not contain a complete record, it returns
794
+ // |ssl_open_record_partial|. It sets |*out_consumed| to the total number of
795
+ // bytes necessary. It is guaranteed that a successful call to |tls_open_record|
796
+ // will consume at least that many bytes.
797
+ //
798
+ // Otherwise, it sets |*out_consumed| to the number of bytes of input
799
+ // consumed. Note that input may be consumed on all return codes if a record was
800
+ // decrypted.
801
+ //
802
+ // On success, it returns |ssl_open_record_success|. It sets |*out_type| to the
803
+ // record type and |*out| to the record body in |in|. Note that |*out| may be
804
+ // empty.
805
+ //
806
+ // If a record was successfully processed but should be discarded, it returns
807
+ // |ssl_open_record_discard|.
808
+ //
809
+ // If a record was successfully processed but is a close_notify, it returns
810
+ // |ssl_open_record_close_notify|.
811
+ //
812
+ // On failure or fatal alert, it returns |ssl_open_record_error| and sets
813
+ // |*out_alert| to an alert to emit, or zero if no alert should be emitted.
814
+ enum ssl_open_record_t tls_open_record(SSL *ssl, uint8_t *out_type,
815
+ Span<uint8_t> *out, size_t *out_consumed,
816
+ uint8_t *out_alert, Span<uint8_t> in);
817
+
818
+ // dtls_open_record implements |tls_open_record| for DTLS. It only returns
819
+ // |ssl_open_record_partial| if |in| was empty and sets |*out_consumed| to
820
+ // zero. The caller should read one packet and try again.
821
+ enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
822
+ Span<uint8_t> *out,
823
+ size_t *out_consumed,
824
+ uint8_t *out_alert, Span<uint8_t> in);
825
+
826
+ // ssl_seal_align_prefix_len returns the length of the prefix before the start
827
+ // of the bulk of the ciphertext when sealing a record with |ssl|. Callers may
828
+ // use this to align buffers.
829
+ //
830
+ // Note when TLS 1.0 CBC record-splitting is enabled, this includes the one byte
831
+ // record and is the offset into second record's ciphertext. Thus sealing a
832
+ // small record may result in a smaller output than this value.
833
+ //
834
+ // TODO(davidben): Is this alignment valuable? Record-splitting makes this a
835
+ // mess.
836
+ size_t ssl_seal_align_prefix_len(const SSL *ssl);
837
+
838
+ // tls_seal_record seals a new record of type |type| and body |in| and writes it
839
+ // to |out|. At most |max_out| bytes will be written. It returns one on success
840
+ // and zero on error. If enabled, |tls_seal_record| implements TLS 1.0 CBC 1/n-1
841
+ // record splitting and may write two records concatenated.
842
+ //
843
+ // For a large record, the bulk of the ciphertext will begin
844
+ // |ssl_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
845
+ // improve performance. It writes at most |in_len| + |SSL_max_seal_overhead|
846
+ // bytes to |out|.
847
+ //
848
+ // |in| and |out| may not alias.
849
+ int tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
850
+ uint8_t type, const uint8_t *in, size_t in_len);
851
+
852
+ enum dtls1_use_epoch_t {
853
+ dtls1_use_previous_epoch,
854
+ dtls1_use_current_epoch,
855
+ };
856
+
857
+ // dtls_max_seal_overhead returns the maximum overhead, in bytes, of sealing a
858
+ // record.
859
+ size_t dtls_max_seal_overhead(const SSL *ssl, enum dtls1_use_epoch_t use_epoch);
860
+
861
+ // dtls_seal_prefix_len returns the number of bytes of prefix to reserve in
862
+ // front of the plaintext when sealing a record in-place.
863
+ size_t dtls_seal_prefix_len(const SSL *ssl, enum dtls1_use_epoch_t use_epoch);
864
+
865
+ // dtls_seal_record implements |tls_seal_record| for DTLS. |use_epoch| selects
866
+ // which epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out|
867
+ // may alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
868
+ // ahead of |out|.
869
+ int dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
870
+ uint8_t type, const uint8_t *in, size_t in_len,
871
+ enum dtls1_use_epoch_t use_epoch);
872
+
873
+ // ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
874
+ // state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
875
+ // |ssl_open_record_close_notify|, or |ssl_open_record_fatal_alert| as
876
+ // appropriate.
877
+ enum ssl_open_record_t ssl_process_alert(SSL *ssl, uint8_t *out_alert,
878
+ Span<const uint8_t> in);
879
+
880
+
881
+ // Private key operations.
882
+
883
+ // ssl_has_private_key returns one if |ssl| has a private key
884
+ // configured and zero otherwise.
885
+ int ssl_has_private_key(const SSL *ssl);
886
+
887
+ // ssl_private_key_* perform the corresponding operation on
888
+ // |SSL_PRIVATE_KEY_METHOD|. If there is a custom private key configured, they
889
+ // call the corresponding function or |complete| depending on whether there is a
890
+ // pending operation. Otherwise, they implement the operation with
891
+ // |EVP_PKEY|.
892
+
893
+ enum ssl_private_key_result_t ssl_private_key_sign(
894
+ SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, size_t max_out,
895
+ uint16_t sigalg, Span<const uint8_t> in);
896
+
897
+ enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,
898
+ uint8_t *out,
899
+ size_t *out_len,
900
+ size_t max_out,
901
+ Span<const uint8_t> in);
902
+
903
+ // ssl_private_key_supports_signature_algorithm returns whether |hs|'s private
904
+ // key supports |sigalg|.
905
+ bool ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
906
+ uint16_t sigalg);
907
+
908
+ // ssl_public_key_verify verifies that the |signature| is valid for the public
909
+ // key |pkey| and input |in|, using the signature algorithm |sigalg|.
910
+ bool ssl_public_key_verify(SSL *ssl, Span<const uint8_t> signature,
911
+ uint16_t sigalg, EVP_PKEY *pkey,
912
+ Span<const uint8_t> in);
913
+
914
+
915
+ // Custom extensions
916
+
917
+ } // namespace bssl
918
+
919
+ // |SSL_CUSTOM_EXTENSION| is a structure that contains information about
920
+ // custom-extension callbacks. It is defined unnamespaced for compatibility with
921
+ // |STACK_OF(SSL_CUSTOM_EXTENSION)|.
922
+ typedef struct ssl_custom_extension {
923
+ SSL_custom_ext_add_cb add_callback;
924
+ void *add_arg;
925
+ SSL_custom_ext_free_cb free_callback;
926
+ SSL_custom_ext_parse_cb parse_callback;
927
+ void *parse_arg;
928
+ uint16_t value;
929
+ } SSL_CUSTOM_EXTENSION;
930
+
931
+ DEFINE_STACK_OF(SSL_CUSTOM_EXTENSION)
932
+
933
+ namespace bssl {
934
+
935
+ void SSL_CUSTOM_EXTENSION_free(SSL_CUSTOM_EXTENSION *custom_extension);
936
+
937
+ int custom_ext_add_clienthello(SSL_HANDSHAKE *hs, CBB *extensions);
938
+ int custom_ext_parse_serverhello(SSL_HANDSHAKE *hs, int *out_alert,
939
+ uint16_t value, const CBS *extension);
940
+ int custom_ext_parse_clienthello(SSL_HANDSHAKE *hs, int *out_alert,
941
+ uint16_t value, const CBS *extension);
942
+ int custom_ext_add_serverhello(SSL_HANDSHAKE *hs, CBB *extensions);
943
+
944
+
945
+ // Key shares.
946
+
947
+ // SSLKeyShare abstracts over Diffie-Hellman-like key exchanges.
948
+ class SSLKeyShare {
949
+ public:
950
+ virtual ~SSLKeyShare() {}
951
+ static constexpr bool kAllowUniquePtr = true;
952
+ HAS_VIRTUAL_DESTRUCTOR
953
+
954
+ // Create returns a SSLKeyShare instance for use with group |group_id| or
955
+ // nullptr on error.
956
+ static UniquePtr<SSLKeyShare> Create(uint16_t group_id);
957
+
958
+ // GroupID returns the group ID.
959
+ virtual uint16_t GroupID() const PURE_VIRTUAL;
960
+
961
+ // Offer generates a keypair and writes the public value to
962
+ // |out_public_key|. It returns true on success and false on error.
963
+ virtual bool Offer(CBB *out_public_key) PURE_VIRTUAL;
964
+
965
+ // Accept performs a key exchange against the |peer_key| generated by |offer|.
966
+ // On success, it returns true, writes the public value to |out_public_key|,
967
+ // and sets |*out_secret| the shared secret. On failure, it returns false and
968
+ // sets |*out_alert| to an alert to send to the peer.
969
+ //
970
+ // The default implementation calls |Offer| and then |Finish|, assuming a key
971
+ // exchange protocol where the peers are symmetric.
972
+ virtual bool Accept(CBB *out_public_key, Array<uint8_t> *out_secret,
973
+ uint8_t *out_alert, Span<const uint8_t> peer_key);
974
+
975
+ // Finish performs a key exchange against the |peer_key| generated by
976
+ // |Accept|. On success, it returns true and sets |*out_secret| to the shared
977
+ // secret. On failure, it returns zero and sets |*out_alert| to an alert to
978
+ // send to the peer.
979
+ virtual bool Finish(Array<uint8_t> *out_secret, uint8_t *out_alert,
980
+ Span<const uint8_t> peer_key) PURE_VIRTUAL;
981
+ };
982
+
983
+ // ssl_nid_to_group_id looks up the group corresponding to |nid|. On success, it
984
+ // sets |*out_group_id| to the group ID and returns one. Otherwise, it returns
985
+ // zero.
986
+ int ssl_nid_to_group_id(uint16_t *out_group_id, int nid);
987
+
988
+ // ssl_name_to_group_id looks up the group corresponding to the |name| string
989
+ // of length |len|. On success, it sets |*out_group_id| to the group ID and
990
+ // returns one. Otherwise, it returns zero.
991
+ int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len);
992
+
993
+
994
+ // Handshake messages.
995
+
996
+ struct SSLMessage {
997
+ bool is_v2_hello;
998
+ uint8_t type;
999
+ CBS body;
1000
+ // raw is the entire serialized handshake message, including the TLS or DTLS
1001
+ // message header.
1002
+ CBS raw;
1003
+ };
1004
+
1005
+ // SSL_MAX_HANDSHAKE_FLIGHT is the number of messages, including
1006
+ // ChangeCipherSpec, in the longest handshake flight. Currently this is the
1007
+ // client's second leg in a full handshake when client certificates, NPN, and
1008
+ // Channel ID, are all enabled.
1009
+ #define SSL_MAX_HANDSHAKE_FLIGHT 7
1010
+
1011
+ extern const uint8_t kHelloRetryRequest[SSL3_RANDOM_SIZE];
1012
+
1013
+ // ssl_max_handshake_message_len returns the maximum number of bytes permitted
1014
+ // in a handshake message for |ssl|.
1015
+ size_t ssl_max_handshake_message_len(const SSL *ssl);
1016
+
1017
+ // tls_can_accept_handshake_data returns whether |ssl| is able to accept more
1018
+ // data into handshake buffer.
1019
+ bool tls_can_accept_handshake_data(const SSL *ssl, uint8_t *out_alert);
1020
+
1021
+ // tls_has_unprocessed_handshake_data returns whether there is buffered
1022
+ // handshake data that has not been consumed by |get_message|.
1023
+ bool tls_has_unprocessed_handshake_data(const SSL *ssl);
1024
+
1025
+ // dtls_has_unprocessed_handshake_data behaves like
1026
+ // |tls_has_unprocessed_handshake_data| for DTLS.
1027
+ bool dtls_has_unprocessed_handshake_data(const SSL *ssl);
1028
+
1029
+ struct DTLS_OUTGOING_MESSAGE {
1030
+ DTLS_OUTGOING_MESSAGE() {}
1031
+ DTLS_OUTGOING_MESSAGE(const DTLS_OUTGOING_MESSAGE &) = delete;
1032
+ DTLS_OUTGOING_MESSAGE &operator=(const DTLS_OUTGOING_MESSAGE &) = delete;
1033
+ ~DTLS_OUTGOING_MESSAGE() { Clear(); }
1034
+
1035
+ void Clear();
1036
+
1037
+ uint8_t *data = nullptr;
1038
+ uint32_t len = 0;
1039
+ uint16_t epoch = 0;
1040
+ bool is_ccs = false;
1041
+ };
1042
+
1043
+ // dtls_clear_outgoing_messages releases all buffered outgoing messages.
1044
+ void dtls_clear_outgoing_messages(SSL *ssl);
1045
+
1046
+
1047
+ // Callbacks.
1048
+
1049
+ // ssl_do_info_callback calls |ssl|'s info callback, if set.
1050
+ void ssl_do_info_callback(const SSL *ssl, int type, int value);
1051
+
1052
+ // ssl_do_msg_callback calls |ssl|'s message callback, if set.
1053
+ void ssl_do_msg_callback(SSL *ssl, int is_write, int content_type,
1054
+ Span<const uint8_t> in);
1055
+
1056
+
1057
+ // Transport buffers.
1058
+
1059
+ class SSLBuffer {
1060
+ public:
1061
+ SSLBuffer() {}
1062
+ ~SSLBuffer() { Clear(); }
1063
+
1064
+ SSLBuffer(const SSLBuffer &) = delete;
1065
+ SSLBuffer &operator=(const SSLBuffer &) = delete;
1066
+
1067
+ uint8_t *data() { return buf_ + offset_; }
1068
+ size_t size() const { return size_; }
1069
+ bool empty() const { return size_ == 0; }
1070
+ size_t cap() const { return cap_; }
1071
+
1072
+ Span<uint8_t> span() { return MakeSpan(data(), size()); }
1073
+
1074
+ Span<uint8_t> remaining() {
1075
+ return MakeSpan(data() + size(), cap() - size());
1076
+ }
1077
+
1078
+ // Clear releases the buffer.
1079
+ void Clear();
1080
+
1081
+ // EnsureCap ensures the buffer has capacity at least |new_cap|, aligned such
1082
+ // that data written after |header_len| is aligned to a
1083
+ // |SSL3_ALIGN_PAYLOAD|-byte boundary. It returns true on success and false
1084
+ // on error.
1085
+ bool EnsureCap(size_t header_len, size_t new_cap);
1086
+
1087
+ // DidWrite extends the buffer by |len|. The caller must have filled in to
1088
+ // this point.
1089
+ void DidWrite(size_t len);
1090
+
1091
+ // Consume consumes |len| bytes from the front of the buffer. The memory
1092
+ // consumed will remain valid until the next call to |DiscardConsumed| or
1093
+ // |Clear|.
1094
+ void Consume(size_t len);
1095
+
1096
+ // DiscardConsumed discards the consumed bytes from the buffer. If the buffer
1097
+ // is now empty, it releases memory used by it.
1098
+ void DiscardConsumed();
1099
+
1100
+ private:
1101
+ // buf_ is the memory allocated for this buffer.
1102
+ uint8_t *buf_ = nullptr;
1103
+ // offset_ is the offset into |buf_| which the buffer contents start at.
1104
+ uint16_t offset_ = 0;
1105
+ // size_ is the size of the buffer contents from |buf_| + |offset_|.
1106
+ uint16_t size_ = 0;
1107
+ // cap_ is how much memory beyond |buf_| + |offset_| is available.
1108
+ uint16_t cap_ = 0;
1109
+ };
1110
+
1111
+ // ssl_read_buffer_extend_to extends the read buffer to the desired length. For
1112
+ // TLS, it reads to the end of the buffer until the buffer is |len| bytes
1113
+ // long. For DTLS, it reads a new packet and ignores |len|. It returns one on
1114
+ // success, zero on EOF, and a negative number on error.
1115
+ //
1116
+ // It is an error to call |ssl_read_buffer_extend_to| in DTLS when the buffer is
1117
+ // non-empty.
1118
+ int ssl_read_buffer_extend_to(SSL *ssl, size_t len);
1119
+
1120
+ // ssl_handle_open_record handles the result of passing |ssl->s3->read_buffer|
1121
+ // to a record-processing function. If |ret| is a success or if the caller
1122
+ // should retry, it returns one and sets |*out_retry|. Otherwise, it returns <=
1123
+ // 0.
1124
+ int ssl_handle_open_record(SSL *ssl, bool *out_retry, ssl_open_record_t ret,
1125
+ size_t consumed, uint8_t alert);
1126
+
1127
+ // ssl_write_buffer_flush flushes the write buffer to the transport. It returns
1128
+ // one on success and <= 0 on error. For DTLS, whether or not the write
1129
+ // succeeds, the write buffer will be cleared.
1130
+ int ssl_write_buffer_flush(SSL *ssl);
1131
+
1132
+
1133
+ // Certificate functions.
1134
+
1135
+ // ssl_has_certificate returns one if a certificate and private key are
1136
+ // configured and zero otherwise.
1137
+ int ssl_has_certificate(const SSL *ssl);
1138
+
1139
+ // ssl_parse_cert_chain parses a certificate list from |cbs| in the format used
1140
+ // by a TLS Certificate message. On success, it advances |cbs| and returns
1141
+ // true. Otherwise, it returns false and sets |*out_alert| to an alert to send
1142
+ // to the peer.
1143
+ //
1144
+ // If the list is non-empty then |*out_chain| and |*out_pubkey| will be set to
1145
+ // the certificate chain and the leaf certificate's public key
1146
+ // respectively. Otherwise, both will be set to nullptr.
1147
+ //
1148
+ // If the list is non-empty and |out_leaf_sha256| is non-NULL, it writes the
1149
+ // SHA-256 hash of the leaf to |out_leaf_sha256|.
1150
+ bool ssl_parse_cert_chain(uint8_t *out_alert,
1151
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> *out_chain,
1152
+ UniquePtr<EVP_PKEY> *out_pubkey,
1153
+ uint8_t *out_leaf_sha256, CBS *cbs,
1154
+ CRYPTO_BUFFER_POOL *pool);
1155
+
1156
+ // ssl_add_cert_chain adds |ssl|'s certificate chain to |cbb| in the format used
1157
+ // by a TLS Certificate message. If there is no certificate chain, it emits an
1158
+ // empty certificate list. It returns one on success and zero on error.
1159
+ int ssl_add_cert_chain(SSL *ssl, CBB *cbb);
1160
+
1161
+ // ssl_cert_check_digital_signature_key_usage parses the DER-encoded, X.509
1162
+ // certificate in |in| and returns one if doesn't specify a key usage or, if it
1163
+ // does, if it includes digitalSignature. Otherwise it pushes to the error
1164
+ // queue and returns zero.
1165
+ int ssl_cert_check_digital_signature_key_usage(const CBS *in);
1166
+
1167
+ // ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
1168
+ // certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
1169
+ // nullptr and pushes to the error queue.
1170
+ UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
1171
+
1172
+ // ssl_parse_client_CA_list parses a CA list from |cbs| in the format used by a
1173
+ // TLS CertificateRequest message. On success, it returns a newly-allocated
1174
+ // |CRYPTO_BUFFER| list and advances |cbs|. Otherwise, it returns nullptr and
1175
+ // sets |*out_alert| to an alert to send to the peer.
1176
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
1177
+ uint8_t *out_alert,
1178
+ CBS *cbs);
1179
+
1180
+ // ssl_has_client_CAs returns there are configured CAs.
1181
+ bool ssl_has_client_CAs(SSL *ssl);
1182
+
1183
+ // ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
1184
+ // used by a TLS CertificateRequest message. It returns one on success and zero
1185
+ // on error.
1186
+ int ssl_add_client_CA_list(SSL *ssl, CBB *cbb);
1187
+
1188
+ // ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
1189
+ // a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
1190
+ // an error on the error queue.
1191
+ int ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
1192
+ const CRYPTO_BUFFER *leaf);
1193
+
1194
+ // ssl_on_certificate_selected is called once the certificate has been selected.
1195
+ // It finalizes the certificate and initializes |hs->local_pubkey|. It returns
1196
+ // one on success and zero on error.
1197
+ int ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
1198
+
1199
+
1200
+ // TLS 1.3 key derivation.
1201
+
1202
+ // tls13_init_key_schedule initializes the handshake hash and key derivation
1203
+ // state, and incorporates the PSK. The cipher suite and PRF hash must have been
1204
+ // selected at this point. It returns one on success and zero on error.
1205
+ int tls13_init_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
1206
+ size_t psk_len);
1207
+
1208
+ // tls13_init_early_key_schedule initializes the handshake hash and key
1209
+ // derivation state from the resumption secret and incorporates the PSK to
1210
+ // derive the early secrets. It returns one on success and zero on error.
1211
+ int tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *psk,
1212
+ size_t psk_len);
1213
+
1214
+ // tls13_advance_key_schedule incorporates |in| into the key schedule with
1215
+ // HKDF-Extract. It returns one on success and zero on error.
1216
+ int tls13_advance_key_schedule(SSL_HANDSHAKE *hs, const uint8_t *in,
1217
+ size_t len);
1218
+
1219
+ // tls13_set_traffic_key sets the read or write traffic keys to
1220
+ // |traffic_secret|. It returns one on success and zero on error.
1221
+ int tls13_set_traffic_key(SSL *ssl, enum evp_aead_direction_t direction,
1222
+ const uint8_t *traffic_secret,
1223
+ size_t traffic_secret_len);
1224
+
1225
+ // tls13_derive_early_secrets derives the early traffic secret. It returns one
1226
+ // on success and zero on error.
1227
+ int tls13_derive_early_secrets(SSL_HANDSHAKE *hs);
1228
+
1229
+ // tls13_derive_handshake_secrets derives the handshake traffic secret. It
1230
+ // returns one on success and zero on error.
1231
+ int tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
1232
+
1233
+ // tls13_rotate_traffic_key derives the next read or write traffic secret. It
1234
+ // returns one on success and zero on error.
1235
+ int tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction);
1236
+
1237
+ // tls13_derive_application_secrets derives the initial application data traffic
1238
+ // and exporter secrets based on the handshake transcripts and |master_secret|.
1239
+ // It returns one on success and zero on error.
1240
+ int tls13_derive_application_secrets(SSL_HANDSHAKE *hs);
1241
+
1242
+ // tls13_derive_resumption_secret derives the |resumption_secret|.
1243
+ int tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
1244
+
1245
+ // tls13_export_keying_material provides an exporter interface to use the
1246
+ // |exporter_secret|.
1247
+ int tls13_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
1248
+ const char *label, size_t label_len,
1249
+ const uint8_t *context, size_t context_len,
1250
+ int use_context);
1251
+
1252
+ // tls13_finished_mac calculates the MAC of the handshake transcript to verify
1253
+ // the integrity of the Finished message, and stores the result in |out| and
1254
+ // length in |out_len|. |is_server| is 1 if this is for the Server Finished and
1255
+ // 0 for the Client Finished.
1256
+ int tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out,
1257
+ size_t *out_len, int is_server);
1258
+
1259
+ // tls13_derive_session_psk calculates the PSK for this session based on the
1260
+ // resumption master secret and |nonce|. It returns true on success, and false
1261
+ // on failure.
1262
+ bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce);
1263
+
1264
+ // tls13_write_psk_binder calculates the PSK binder value and replaces the last
1265
+ // bytes of |msg| with the resulting value. It returns 1 on success, and 0 on
1266
+ // failure.
1267
+ int tls13_write_psk_binder(SSL_HANDSHAKE *hs, uint8_t *msg, size_t len);
1268
+
1269
+ // tls13_verify_psk_binder verifies that the handshake transcript, truncated
1270
+ // up to the binders has a valid signature using the value of |session|'s
1271
+ // resumption secret. It returns 1 on success, and 0 on failure.
1272
+ int tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
1273
+ const SSLMessage &msg, CBS *binders);
1274
+
1275
+
1276
+ // Handshake functions.
1277
+
1278
+ enum ssl_hs_wait_t {
1279
+ ssl_hs_error,
1280
+ ssl_hs_ok,
1281
+ ssl_hs_read_server_hello,
1282
+ ssl_hs_read_message,
1283
+ ssl_hs_flush,
1284
+ ssl_hs_certificate_selection_pending,
1285
+ ssl_hs_x509_lookup,
1286
+ ssl_hs_channel_id_lookup,
1287
+ ssl_hs_private_key_operation,
1288
+ ssl_hs_pending_session,
1289
+ ssl_hs_pending_ticket,
1290
+ ssl_hs_early_return,
1291
+ ssl_hs_early_data_rejected,
1292
+ ssl_hs_read_end_of_early_data,
1293
+ ssl_hs_read_change_cipher_spec,
1294
+ ssl_hs_certificate_verify,
1295
+ };
1296
+
1297
+ struct SSL_HANDSHAKE {
1298
+ explicit SSL_HANDSHAKE(SSL *ssl);
1299
+ ~SSL_HANDSHAKE();
1300
+ static constexpr bool kAllowUniquePtr = true;
1301
+
1302
+ // ssl is a non-owning pointer to the parent |SSL| object.
1303
+ SSL *ssl;
1304
+
1305
+ // wait contains the operation the handshake is currently blocking on or
1306
+ // |ssl_hs_ok| if none.
1307
+ enum ssl_hs_wait_t wait = ssl_hs_ok;
1308
+
1309
+ // state is the internal state for the TLS 1.2 and below handshake. Its
1310
+ // values depend on |do_handshake| but the starting state is always zero.
1311
+ int state = 0;
1312
+
1313
+ // tls13_state is the internal state for the TLS 1.3 handshake. Its values
1314
+ // depend on |do_handshake| but the starting state is always zero.
1315
+ int tls13_state = 0;
1316
+
1317
+ // min_version is the minimum accepted protocol version, taking account both
1318
+ // |SSL_OP_NO_*| and |SSL_CTX_set_min_proto_version| APIs.
1319
+ uint16_t min_version = 0;
1320
+
1321
+ // max_version is the maximum accepted protocol version, taking account both
1322
+ // |SSL_OP_NO_*| and |SSL_CTX_set_max_proto_version| APIs.
1323
+ uint16_t max_version = 0;
1324
+
1325
+ // session_id is the session ID in the ClientHello, used for the experimental
1326
+ // TLS 1.3 variant.
1327
+ uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
1328
+ uint8_t session_id_len = 0;
1329
+
1330
+ size_t hash_len = 0;
1331
+ uint8_t secret[EVP_MAX_MD_SIZE] = {0};
1332
+ uint8_t early_traffic_secret[EVP_MAX_MD_SIZE] = {0};
1333
+ uint8_t client_handshake_secret[EVP_MAX_MD_SIZE] = {0};
1334
+ uint8_t server_handshake_secret[EVP_MAX_MD_SIZE] = {0};
1335
+ uint8_t client_traffic_secret_0[EVP_MAX_MD_SIZE] = {0};
1336
+ uint8_t server_traffic_secret_0[EVP_MAX_MD_SIZE] = {0};
1337
+ uint8_t expected_client_finished[EVP_MAX_MD_SIZE] = {0};
1338
+
1339
+ union {
1340
+ // sent is a bitset where the bits correspond to elements of kExtensions
1341
+ // in t1_lib.c. Each bit is set if that extension was sent in a
1342
+ // ClientHello. It's not used by servers.
1343
+ uint32_t sent = 0;
1344
+ // received is a bitset, like |sent|, but is used by servers to record
1345
+ // which extensions were received from a client.
1346
+ uint32_t received;
1347
+ } extensions;
1348
+
1349
+ union {
1350
+ // sent is a bitset where the bits correspond to elements of
1351
+ // |client_custom_extensions| in the |SSL_CTX|. Each bit is set if that
1352
+ // extension was sent in a ClientHello. It's not used by servers.
1353
+ uint16_t sent = 0;
1354
+ // received is a bitset, like |sent|, but is used by servers to record
1355
+ // which custom extensions were received from a client. The bits here
1356
+ // correspond to |server_custom_extensions|.
1357
+ uint16_t received;
1358
+ } custom_extensions;
1359
+
1360
+ // retry_group is the group ID selected by the server in HelloRetryRequest in
1361
+ // TLS 1.3.
1362
+ uint16_t retry_group = 0;
1363
+
1364
+ // error, if |wait| is |ssl_hs_error|, is the error the handshake failed on.
1365
+ UniquePtr<ERR_SAVE_STATE> error;
1366
+
1367
+ // key_share is the current key exchange instance.
1368
+ UniquePtr<SSLKeyShare> key_share;
1369
+
1370
+ // transcript is the current handshake transcript.
1371
+ SSLTranscript transcript;
1372
+
1373
+ // cookie is the value of the cookie received from the server, if any.
1374
+ Array<uint8_t> cookie;
1375
+
1376
+ // key_share_bytes is the value of the previously sent KeyShare extension by
1377
+ // the client in TLS 1.3.
1378
+ Array<uint8_t> key_share_bytes;
1379
+
1380
+ // ecdh_public_key, for servers, is the key share to be sent to the client in
1381
+ // TLS 1.3.
1382
+ Array<uint8_t> ecdh_public_key;
1383
+
1384
+ // peer_sigalgs are the signature algorithms that the peer supports. These are
1385
+ // taken from the contents of the signature algorithms extension for a server
1386
+ // or from the CertificateRequest for a client.
1387
+ Array<uint16_t> peer_sigalgs;
1388
+
1389
+ // peer_supported_group_list contains the supported group IDs advertised by
1390
+ // the peer. This is only set on the server's end. The server does not
1391
+ // advertise this extension to the client.
1392
+ Array<uint16_t> peer_supported_group_list;
1393
+
1394
+ // peer_key is the peer's ECDH key for a TLS 1.2 client.
1395
+ Array<uint8_t> peer_key;
1396
+
1397
+ // server_params, in a TLS 1.2 server, stores the ServerKeyExchange
1398
+ // parameters. It has client and server randoms prepended for signing
1399
+ // convenience.
1400
+ Array<uint8_t> server_params;
1401
+
1402
+ // peer_psk_identity_hint, on the client, is the psk_identity_hint sent by the
1403
+ // server when using a TLS 1.2 PSK key exchange.
1404
+ UniquePtr<char> peer_psk_identity_hint;
1405
+
1406
+ // ca_names, on the client, contains the list of CAs received in a
1407
+ // CertificateRequest message.
1408
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names;
1409
+
1410
+ // cached_x509_ca_names contains a cache of parsed versions of the elements of
1411
+ // |ca_names|. This pointer is left non-owning so only
1412
+ // |ssl_crypto_x509_method| needs to link against crypto/x509.
1413
+ STACK_OF(X509_NAME) *cached_x509_ca_names = nullptr;
1414
+
1415
+ // certificate_types, on the client, contains the set of certificate types
1416
+ // received in a CertificateRequest message.
1417
+ Array<uint8_t> certificate_types;
1418
+
1419
+ // local_pubkey is the public key we are authenticating as.
1420
+ UniquePtr<EVP_PKEY> local_pubkey;
1421
+
1422
+ // peer_pubkey is the public key parsed from the peer's leaf certificate.
1423
+ UniquePtr<EVP_PKEY> peer_pubkey;
1424
+
1425
+ // new_session is the new mutable session being established by the current
1426
+ // handshake. It should not be cached.
1427
+ UniquePtr<SSL_SESSION> new_session;
1428
+
1429
+ // early_session is the session corresponding to the current 0-RTT state on
1430
+ // the client if |in_early_data| is true.
1431
+ UniquePtr<SSL_SESSION> early_session;
1432
+
1433
+ // new_cipher is the cipher being negotiated in this handshake.
1434
+ const SSL_CIPHER *new_cipher = nullptr;
1435
+
1436
+ // key_block is the record-layer key block for TLS 1.2 and earlier.
1437
+ Array<uint8_t> key_block;
1438
+
1439
+ // scts_requested is true if the SCT extension is in the ClientHello.
1440
+ bool scts_requested:1;
1441
+
1442
+ // needs_psk_binder is true if the ClientHello has a placeholder PSK binder to
1443
+ // be filled in.
1444
+ bool needs_psk_binder:1;
1445
+
1446
+ bool received_hello_retry_request:1;
1447
+ bool sent_hello_retry_request:1;
1448
+
1449
+ bool received_custom_extension:1;
1450
+
1451
+ // handshake_finalized is true once the handshake has completed, at which
1452
+ // point accessors should use the established state.
1453
+ bool handshake_finalized:1;
1454
+
1455
+ // accept_psk_mode stores whether the client's PSK mode is compatible with our
1456
+ // preferences.
1457
+ bool accept_psk_mode:1;
1458
+
1459
+ // cert_request is true if a client certificate was requested.
1460
+ bool cert_request:1;
1461
+
1462
+ // certificate_status_expected is true if OCSP stapling was negotiated and the
1463
+ // server is expected to send a CertificateStatus message. (This is used on
1464
+ // both the client and server sides.)
1465
+ bool certificate_status_expected:1;
1466
+
1467
+ // ocsp_stapling_requested is true if a client requested OCSP stapling.
1468
+ bool ocsp_stapling_requested:1;
1469
+
1470
+ // should_ack_sni is used by a server and indicates that the SNI extension
1471
+ // should be echoed in the ServerHello.
1472
+ bool should_ack_sni:1;
1473
+
1474
+ // in_false_start is true if there is a pending client handshake in False
1475
+ // Start. The client may write data at this point.
1476
+ bool in_false_start:1;
1477
+
1478
+ // in_early_data is true if there is a pending handshake that has progressed
1479
+ // enough to send and receive early data.
1480
+ bool in_early_data:1;
1481
+
1482
+ // early_data_offered is true if the client sent the early_data extension.
1483
+ bool early_data_offered:1;
1484
+
1485
+ // can_early_read is true if application data may be read at this point in the
1486
+ // handshake.
1487
+ bool can_early_read:1;
1488
+
1489
+ // can_early_write is true if application data may be written at this point in
1490
+ // the handshake.
1491
+ bool can_early_write:1;
1492
+
1493
+ // next_proto_neg_seen is one of NPN was negotiated.
1494
+ bool next_proto_neg_seen:1;
1495
+
1496
+ // ticket_expected is true if a TLS 1.2 NewSessionTicket message is to be sent
1497
+ // or received.
1498
+ bool ticket_expected:1;
1499
+
1500
+ // extended_master_secret is true if the extended master secret extension is
1501
+ // negotiated in this handshake.
1502
+ bool extended_master_secret:1;
1503
+
1504
+ // pending_private_key_op is true if there is a pending private key operation
1505
+ // in progress.
1506
+ bool pending_private_key_op:1;
1507
+
1508
+ // client_version is the value sent or received in the ClientHello version.
1509
+ uint16_t client_version = 0;
1510
+
1511
+ // early_data_read is the amount of early data that has been read by the
1512
+ // record layer.
1513
+ uint16_t early_data_read = 0;
1514
+
1515
+ // early_data_written is the amount of early data that has been written by the
1516
+ // record layer.
1517
+ uint16_t early_data_written = 0;
1518
+ };
1519
+
1520
+ UniquePtr<SSL_HANDSHAKE> ssl_handshake_new(SSL *ssl);
1521
+
1522
+ // ssl_check_message_type checks if |msg| has type |type|. If so it returns
1523
+ // one. Otherwise, it sends an alert and returns zero.
1524
+ bool ssl_check_message_type(SSL *ssl, const SSLMessage &msg, int type);
1525
+
1526
+ // ssl_run_handshake runs the TLS handshake. It returns one on success and <= 0
1527
+ // on error. It sets |out_early_return| to one if we've completed the handshake
1528
+ // early.
1529
+ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return);
1530
+
1531
+ // The following are implementations of |do_handshake| for the client and
1532
+ // server.
1533
+ enum ssl_hs_wait_t ssl_client_handshake(SSL_HANDSHAKE *hs);
1534
+ enum ssl_hs_wait_t ssl_server_handshake(SSL_HANDSHAKE *hs);
1535
+ enum ssl_hs_wait_t tls13_client_handshake(SSL_HANDSHAKE *hs);
1536
+ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs);
1537
+
1538
+ // The following functions return human-readable representations of the TLS
1539
+ // handshake states for debugging.
1540
+ const char *ssl_client_handshake_state(SSL_HANDSHAKE *hs);
1541
+ const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
1542
+ const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
1543
+ const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
1544
+
1545
+ // tls13_post_handshake processes a post-handshake message. It returns one on
1546
+ // success and zero on failure.
1547
+ int tls13_post_handshake(SSL *ssl, const SSLMessage &msg);
1548
+
1549
+ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
1550
+ int allow_anonymous);
1551
+ int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg);
1552
+
1553
+ // tls13_process_finished processes |msg| as a Finished message from the
1554
+ // peer. If |use_saved_value| is one, the verify_data is compared against
1555
+ // |hs->expected_client_finished| rather than computed fresh.
1556
+ int tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
1557
+ int use_saved_value);
1558
+
1559
+ int tls13_add_certificate(SSL_HANDSHAKE *hs);
1560
+
1561
+ // tls13_add_certificate_verify adds a TLS 1.3 CertificateVerify message to the
1562
+ // handshake. If it returns |ssl_private_key_retry|, it should be called again
1563
+ // to retry when the signing operation is completed.
1564
+ enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs);
1565
+
1566
+ int tls13_add_finished(SSL_HANDSHAKE *hs);
1567
+ int tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg);
1568
+
1569
+ bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
1570
+ Array<uint8_t> *out_secret,
1571
+ uint8_t *out_alert, CBS *contents);
1572
+ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
1573
+ Array<uint8_t> *out_secret,
1574
+ uint8_t *out_alert, CBS *contents);
1575
+ bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
1576
+
1577
+ bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
1578
+ uint8_t *out_alert,
1579
+ CBS *contents);
1580
+ bool ssl_ext_pre_shared_key_parse_clienthello(
1581
+ SSL_HANDSHAKE *hs, CBS *out_ticket, CBS *out_binders,
1582
+ uint32_t *out_obfuscated_ticket_age, uint8_t *out_alert, CBS *contents);
1583
+ bool ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
1584
+
1585
+ // ssl_is_sct_list_valid does a shallow parse of the SCT list in |contents| and
1586
+ // returns one iff it's valid.
1587
+ int ssl_is_sct_list_valid(const CBS *contents);
1588
+
1589
+ int ssl_write_client_hello(SSL_HANDSHAKE *hs);
1590
+
1591
+ enum ssl_cert_verify_context_t {
1592
+ ssl_cert_verify_server,
1593
+ ssl_cert_verify_client,
1594
+ ssl_cert_verify_channel_id,
1595
+ };
1596
+
1597
+ // tls13_get_cert_verify_signature_input generates the message to be signed for
1598
+ // TLS 1.3's CertificateVerify message. |cert_verify_context| determines the
1599
+ // type of signature. It sets |*out| to a newly allocated buffer containing the
1600
+ // result. This function returns true on success and false on failure.
1601
+ bool tls13_get_cert_verify_signature_input(
1602
+ SSL_HANDSHAKE *hs, Array<uint8_t> *out,
1603
+ enum ssl_cert_verify_context_t cert_verify_context);
1604
+
1605
+ // ssl_is_alpn_protocol_allowed returns whether |protocol| is a valid server
1606
+ // selection for |ssl|'s client preferences.
1607
+ bool ssl_is_alpn_protocol_allowed(const SSL *ssl, Span<const uint8_t> protocol);
1608
+
1609
+ // ssl_negotiate_alpn negotiates the ALPN extension, if applicable. It returns
1610
+ // true on successful negotiation or if nothing was negotiated. It returns false
1611
+ // and sets |*out_alert| to an alert on error.
1612
+ bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1613
+ const SSL_CLIENT_HELLO *client_hello);
1614
+
1615
+ struct SSL_EXTENSION_TYPE {
1616
+ uint16_t type;
1617
+ bool *out_present;
1618
+ CBS *out_data;
1619
+ };
1620
+
1621
+ // ssl_parse_extensions parses a TLS extensions block out of |cbs| and advances
1622
+ // it. It writes the parsed extensions to pointers denoted by |ext_types|. On
1623
+ // success, it fills in the |out_present| and |out_data| fields and returns one.
1624
+ // Otherwise, it sets |*out_alert| to an alert to send and returns zero. Unknown
1625
+ // extensions are rejected unless |ignore_unknown| is 1.
1626
+ int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
1627
+ const SSL_EXTENSION_TYPE *ext_types,
1628
+ size_t num_ext_types, int ignore_unknown);
1629
+
1630
+ // ssl_verify_peer_cert verifies the peer certificate for |hs|.
1631
+ enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
1632
+
1633
+ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
1634
+ bool ssl_send_finished(SSL_HANDSHAKE *hs);
1635
+ bool ssl_output_cert_chain(SSL *ssl);
1636
+
1637
+
1638
+ // SSLKEYLOGFILE functions.
1639
+
1640
+ // ssl_log_secret logs |secret| with label |label|, if logging is enabled for
1641
+ // |ssl|. It returns one on success and zero on failure.
1642
+ int ssl_log_secret(const SSL *ssl, const char *label, const uint8_t *secret,
1643
+ size_t secret_len);
1644
+
1645
+
1646
+ // ClientHello functions.
1647
+
1648
+ int ssl_client_hello_init(SSL *ssl, SSL_CLIENT_HELLO *out,
1649
+ const SSLMessage &msg);
1650
+
1651
+ int ssl_client_hello_get_extension(const SSL_CLIENT_HELLO *client_hello,
1652
+ CBS *out, uint16_t extension_type);
1653
+
1654
+ int ssl_client_cipher_list_contains_cipher(const SSL_CLIENT_HELLO *client_hello,
1655
+ uint16_t id);
1656
+
1657
+
1658
+ // GREASE.
1659
+
1660
+ enum ssl_grease_index_t {
1661
+ ssl_grease_cipher = 0,
1662
+ ssl_grease_group,
1663
+ ssl_grease_extension1,
1664
+ ssl_grease_extension2,
1665
+ ssl_grease_version,
1666
+ ssl_grease_ticket_extension,
1667
+ };
1668
+
1669
+ // ssl_get_grease_value returns a GREASE value for |ssl|. For a given
1670
+ // connection, the values for each index will be deterministic. This allows the
1671
+ // same ClientHello be sent twice for a HelloRetryRequest or the same group be
1672
+ // advertised in both supported_groups and key_shares.
1673
+ uint16_t ssl_get_grease_value(const SSL *ssl, enum ssl_grease_index_t index);
1674
+
1675
+
1676
+ // Signature algorithms.
1677
+
1678
+ // tls1_parse_peer_sigalgs parses |sigalgs| as the list of peer signature
1679
+ // algorithms and saves them on |hs|. It returns one on success and zero on
1680
+ // error.
1681
+ int tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *sigalgs);
1682
+
1683
+ // tls1_get_legacy_signature_algorithm sets |*out| to the signature algorithm
1684
+ // that should be used with |pkey| in TLS 1.1 and earlier. It returns one on
1685
+ // success and zero if |pkey| may not be used at those versions.
1686
+ int tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey);
1687
+
1688
+ // tls1_choose_signature_algorithm sets |*out| to a signature algorithm for use
1689
+ // with |hs|'s private key based on the peer's preferences and the algorithms
1690
+ // supported. It returns one on success and zero on error.
1691
+ int tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out);
1692
+
1693
+ // tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
1694
+ // peer signature to |out|. It returns one on success and zero on error.
1695
+ int tls12_add_verify_sigalgs(const SSL *ssl, CBB *out);
1696
+
1697
+ // tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
1698
+ // signature. It returns one on success and zero on error, setting |*out_alert|
1699
+ // to an alert to send.
1700
+ int tls12_check_peer_sigalg(SSL *ssl, uint8_t *out_alert, uint16_t sigalg);
1701
+
1702
+
1703
+ // Underdocumented functions.
1704
+ //
1705
+ // Functions below here haven't been touched up and may be underdocumented.
1706
+
1707
+ #define TLSEXT_CHANNEL_ID_SIZE 128
1708
+
1709
+ // From RFC4492, used in encoding the curve type in ECParameters
1710
+ #define NAMED_CURVE_TYPE 3
1711
+
1712
+ struct CERT {
1713
+ EVP_PKEY *privatekey;
1714
+
1715
+ // chain contains the certificate chain, with the leaf at the beginning. The
1716
+ // first element of |chain| may be NULL to indicate that the leaf certificate
1717
+ // has not yet been set.
1718
+ // If |chain| != NULL -> len(chain) >= 1
1719
+ // If |chain[0]| == NULL -> len(chain) >= 2.
1720
+ // |chain[1..]| != NULL
1721
+ STACK_OF(CRYPTO_BUFFER) *chain;
1722
+
1723
+ // x509_chain may contain a parsed copy of |chain[1..]|. This is only used as
1724
+ // a cache in order to implement “get0” functions that return a non-owning
1725
+ // pointer to the certificate chain.
1726
+ STACK_OF(X509) *x509_chain;
1727
+
1728
+ // x509_leaf may contain a parsed copy of the first element of |chain|. This
1729
+ // is only used as a cache in order to implement “get0” functions that return
1730
+ // a non-owning pointer to the certificate chain.
1731
+ X509 *x509_leaf;
1732
+
1733
+ // x509_stash contains the last |X509| object append to the chain. This is a
1734
+ // workaround for some third-party code that continue to use an |X509| object
1735
+ // even after passing ownership with an “add0” function.
1736
+ X509 *x509_stash;
1737
+
1738
+ // key_method, if non-NULL, is a set of callbacks to call for private key
1739
+ // operations.
1740
+ const SSL_PRIVATE_KEY_METHOD *key_method;
1741
+
1742
+ // x509_method contains pointers to functions that might deal with |X509|
1743
+ // compatibility, or might be a no-op, depending on the application.
1744
+ const SSL_X509_METHOD *x509_method;
1745
+
1746
+ // sigalgs, if non-NULL, is the set of signature algorithms supported by
1747
+ // |privatekey| in decreasing order of preference.
1748
+ uint16_t *sigalgs;
1749
+ size_t num_sigalgs;
1750
+
1751
+ // Certificate setup callback: if set is called whenever a
1752
+ // certificate may be required (client or server). the callback
1753
+ // can then examine any appropriate parameters and setup any
1754
+ // certificates required. This allows advanced applications
1755
+ // to select certificates on the fly: for example based on
1756
+ // supported signature algorithms or curves.
1757
+ int (*cert_cb)(SSL *ssl, void *arg);
1758
+ void *cert_cb_arg;
1759
+
1760
+ // Optional X509_STORE for certificate validation. If NULL the parent SSL_CTX
1761
+ // store is used instead.
1762
+ X509_STORE *verify_store;
1763
+
1764
+ // Signed certificate timestamp list to be sent to the client, if requested
1765
+ CRYPTO_BUFFER *signed_cert_timestamp_list;
1766
+
1767
+ // OCSP response to be sent to the client, if requested.
1768
+ CRYPTO_BUFFER *ocsp_response;
1769
+
1770
+ // sid_ctx partitions the session space within a shared session cache or
1771
+ // ticket key. Only sessions with a matching value will be accepted.
1772
+ uint8_t sid_ctx_length;
1773
+ uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH];
1774
+
1775
+ // If enable_early_data is true, early data can be sent and accepted.
1776
+ bool enable_early_data:1;
1777
+ };
1778
+
1779
+ // |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
1780
+ struct SSL_PROTOCOL_METHOD {
1781
+ bool is_dtls;
1782
+ bool (*ssl_new)(SSL *ssl);
1783
+ void (*ssl_free)(SSL *ssl);
1784
+ // get_message sets |*out| to the current handshake message and returns true
1785
+ // if one has been received. It returns false if more input is needed.
1786
+ bool (*get_message)(SSL *ssl, SSLMessage *out);
1787
+ // next_message is called to release the current handshake message.
1788
+ void (*next_message)(SSL *ssl);
1789
+ // Use the |ssl_open_handshake| wrapper.
1790
+ ssl_open_record_t (*open_handshake)(SSL *ssl, size_t *out_consumed,
1791
+ uint8_t *out_alert, Span<uint8_t> in);
1792
+ // Use the |ssl_open_change_cipher_spec| wrapper.
1793
+ ssl_open_record_t (*open_change_cipher_spec)(SSL *ssl, size_t *out_consumed,
1794
+ uint8_t *out_alert,
1795
+ Span<uint8_t> in);
1796
+ // Use the |ssl_open_app_data| wrapper.
1797
+ ssl_open_record_t (*open_app_data)(SSL *ssl, Span<uint8_t> *out,
1798
+ size_t *out_consumed, uint8_t *out_alert,
1799
+ Span<uint8_t> in);
1800
+ int (*write_app_data)(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
1801
+ int len);
1802
+ int (*dispatch_alert)(SSL *ssl);
1803
+ // init_message begins a new handshake message of type |type|. |cbb| is the
1804
+ // root CBB to be passed into |finish_message|. |*body| is set to a child CBB
1805
+ // the caller should write to. It returns true on success and false on error.
1806
+ bool (*init_message)(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
1807
+ // finish_message finishes a handshake message. It sets |*out_msg| to the
1808
+ // serialized message. It returns true on success and false on error.
1809
+ bool (*finish_message)(SSL *ssl, CBB *cbb, bssl::Array<uint8_t> *out_msg);
1810
+ // add_message adds a handshake message to the pending flight. It returns
1811
+ // true on success and false on error.
1812
+ bool (*add_message)(SSL *ssl, bssl::Array<uint8_t> msg);
1813
+ // add_change_cipher_spec adds a ChangeCipherSpec record to the pending
1814
+ // flight. It returns true on success and false on error.
1815
+ bool (*add_change_cipher_spec)(SSL *ssl);
1816
+ // add_alert adds an alert to the pending flight. It returns true on success
1817
+ // and false on error.
1818
+ bool (*add_alert)(SSL *ssl, uint8_t level, uint8_t desc);
1819
+ // flush_flight flushes the pending flight to the transport. It returns one on
1820
+ // success and <= 0 on error.
1821
+ int (*flush_flight)(SSL *ssl);
1822
+ // on_handshake_complete is called when the handshake is complete.
1823
+ void (*on_handshake_complete)(SSL *ssl);
1824
+ // set_read_state sets |ssl|'s read cipher state to |aead_ctx|. It returns
1825
+ // true on success and false if changing the read state is forbidden at this
1826
+ // point.
1827
+ bool (*set_read_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
1828
+ // set_write_state sets |ssl|'s write cipher state to |aead_ctx|. It returns
1829
+ // true on success and false if changing the write state is forbidden at this
1830
+ // point.
1831
+ bool (*set_write_state)(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx);
1832
+ };
1833
+
1834
+ // The following wrappers call |open_*| but handle |read_shutdown| correctly.
1835
+
1836
+ // ssl_open_handshake processes a record from |in| for reading a handshake
1837
+ // message.
1838
+ ssl_open_record_t ssl_open_handshake(SSL *ssl, size_t *out_consumed,
1839
+ uint8_t *out_alert, Span<uint8_t> in);
1840
+
1841
+ // ssl_open_change_cipher_spec processes a record from |in| for reading a
1842
+ // ChangeCipherSpec.
1843
+ ssl_open_record_t ssl_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
1844
+ uint8_t *out_alert,
1845
+ Span<uint8_t> in);
1846
+
1847
+ // ssl_open_app_data processes a record from |in| for reading application data.
1848
+ // On success, it returns |ssl_open_record_success| and sets |*out| to the
1849
+ // input. If it encounters a post-handshake message, it returns
1850
+ // |ssl_open_record_discard|. The caller should then retry, after processing any
1851
+ // messages received with |get_message|.
1852
+ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
1853
+ size_t *out_consumed, uint8_t *out_alert,
1854
+ Span<uint8_t> in);
1855
+
1856
+ // ssl_crypto_x509_method provides the |SSL_X509_METHOD| functions using
1857
+ // crypto/x509.
1858
+ extern const SSL_X509_METHOD ssl_crypto_x509_method;
1859
+
1860
+ // ssl_noop_x509_method provides the |SSL_X509_METHOD| functions that avoid
1861
+ // crypto/x509.
1862
+ extern const SSL_X509_METHOD ssl_noop_x509_method;
1863
+
1864
+ // ssl_cipher_preference_list_st contains a list of SSL_CIPHERs with
1865
+ // equal-preference groups. For TLS clients, the groups are moot because the
1866
+ // server picks the cipher and groups cannot be expressed on the wire. However,
1867
+ // for servers, the equal-preference groups allow the client's preferences to
1868
+ // be partially respected. (This only has an effect with
1869
+ // SSL_OP_CIPHER_SERVER_PREFERENCE).
1870
+ //
1871
+ // The equal-preference groups are expressed by grouping SSL_CIPHERs together.
1872
+ // All elements of a group have the same priority: no ordering is expressed
1873
+ // within a group.
1874
+ //
1875
+ // The values in |ciphers| are in one-to-one correspondence with
1876
+ // |in_group_flags|. (That is, sk_SSL_CIPHER_num(ciphers) is the number of
1877
+ // bytes in |in_group_flags|.) The bytes in |in_group_flags| are either 1, to
1878
+ // indicate that the corresponding SSL_CIPHER is not the last element of a
1879
+ // group, or 0 to indicate that it is.
1880
+ //
1881
+ // For example, if |in_group_flags| contains all zeros then that indicates a
1882
+ // traditional, fully-ordered preference. Every SSL_CIPHER is the last element
1883
+ // of the group (i.e. they are all in a one-element group).
1884
+ //
1885
+ // For a more complex example, consider:
1886
+ // ciphers: A B C D E F
1887
+ // in_group_flags: 1 1 0 0 1 0
1888
+ //
1889
+ // That would express the following, order:
1890
+ //
1891
+ // A E
1892
+ // B -> D -> F
1893
+ // C
1894
+ struct ssl_cipher_preference_list_st {
1895
+ STACK_OF(SSL_CIPHER) *ciphers;
1896
+ uint8_t *in_group_flags;
1897
+ };
1898
+
1899
+ struct tlsext_ticket_key {
1900
+ static constexpr bool kAllowUniquePtr = true;
1901
+
1902
+ uint8_t name[SSL_TICKET_KEY_NAME_LEN];
1903
+ uint8_t hmac_key[16];
1904
+ uint8_t aes_key[16];
1905
+ // next_rotation_tv_sec is the time (in seconds from the epoch) when the
1906
+ // current key should be superseded by a new key, or the time when a previous
1907
+ // key should be dropped. If zero, then the key should not be automatically
1908
+ // rotated.
1909
+ uint64_t next_rotation_tv_sec;
1910
+ };
1911
+
1912
+ } // namespace bssl
1913
+
1914
+ DECLARE_LHASH_OF(SSL_SESSION)
1915
+
1916
+ namespace bssl {
1917
+
1918
+ // SSLContext backs the public |SSL_CTX| type. Due to compatibility constraints,
1919
+ // it is a base class for |ssl_ctx_st|.
1920
+ struct SSLContext {
1921
+ const SSL_PROTOCOL_METHOD *method;
1922
+ const SSL_X509_METHOD *x509_method;
1923
+
1924
+ // lock is used to protect various operations on this object.
1925
+ CRYPTO_MUTEX lock;
1926
+
1927
+ // conf_max_version is the maximum acceptable protocol version configured by
1928
+ // |SSL_CTX_set_max_proto_version|. Note this version is normalized in DTLS
1929
+ // and is further constrainted by |SSL_OP_NO_*|.
1930
+ uint16_t conf_max_version;
1931
+
1932
+ // conf_min_version is the minimum acceptable protocol version configured by
1933
+ // |SSL_CTX_set_min_proto_version|. Note this version is normalized in DTLS
1934
+ // and is further constrainted by |SSL_OP_NO_*|.
1935
+ uint16_t conf_min_version;
1936
+
1937
+ // tls13_variant is the variant of TLS 1.3 we are using for this
1938
+ // configuration.
1939
+ enum tls13_variant_t tls13_variant;
1940
+
1941
+ struct ssl_cipher_preference_list_st *cipher_list;
1942
+
1943
+ X509_STORE *cert_store;
1944
+ LHASH_OF(SSL_SESSION) *sessions;
1945
+ // Most session-ids that will be cached, default is
1946
+ // SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
1947
+ unsigned long session_cache_size;
1948
+ SSL_SESSION *session_cache_head;
1949
+ SSL_SESSION *session_cache_tail;
1950
+
1951
+ // handshakes_since_cache_flush is the number of successful handshakes since
1952
+ // the last cache flush.
1953
+ int handshakes_since_cache_flush;
1954
+
1955
+ // This can have one of 2 values, ored together,
1956
+ // SSL_SESS_CACHE_CLIENT,
1957
+ // SSL_SESS_CACHE_SERVER,
1958
+ // Default is SSL_SESSION_CACHE_SERVER, which means only
1959
+ // SSL_accept which cache SSL_SESSIONS.
1960
+ int session_cache_mode;
1961
+
1962
+ // session_timeout is the default lifetime for new sessions in TLS 1.2 and
1963
+ // earlier, in seconds.
1964
+ uint32_t session_timeout;
1965
+
1966
+ // session_psk_dhe_timeout is the default lifetime for new sessions in TLS
1967
+ // 1.3, in seconds.
1968
+ uint32_t session_psk_dhe_timeout;
1969
+
1970
+ // If this callback is not null, it will be called each time a session id is
1971
+ // added to the cache. If this function returns 1, it means that the
1972
+ // callback will do a SSL_SESSION_free() when it has finished using it.
1973
+ // Otherwise, on 0, it means the callback has finished with it. If
1974
+ // remove_session_cb is not null, it will be called when a session-id is
1975
+ // removed from the cache. After the call, OpenSSL will SSL_SESSION_free()
1976
+ // it.
1977
+ int (*new_session_cb)(SSL *ssl, SSL_SESSION *sess);
1978
+ void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *sess);
1979
+ SSL_SESSION *(*get_session_cb)(SSL *ssl, const uint8_t *data, int len,
1980
+ int *copy);
1981
+ SSL_SESSION *(*get_session_cb_legacy)(SSL *ssl, uint8_t *data, int len,
1982
+ int *copy);
1983
+
1984
+ CRYPTO_refcount_t references;
1985
+
1986
+ // if defined, these override the X509_verify_cert() calls
1987
+ int (*app_verify_callback)(X509_STORE_CTX *store_ctx, void *arg);
1988
+ void *app_verify_arg;
1989
+
1990
+ enum ssl_verify_result_t (*custom_verify_callback)(SSL *ssl,
1991
+ uint8_t *out_alert);
1992
+
1993
+ // Default password callback.
1994
+ pem_password_cb *default_passwd_callback;
1995
+
1996
+ // Default password callback user data.
1997
+ void *default_passwd_callback_userdata;
1998
+
1999
+ // get client cert callback
2000
+ int (*client_cert_cb)(SSL *ssl, X509 **out_x509, EVP_PKEY **out_pkey);
2001
+
2002
+ // get channel id callback
2003
+ void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey);
2004
+
2005
+ CRYPTO_EX_DATA ex_data;
2006
+
2007
+ // custom_*_extensions stores any callback sets for custom extensions. Note
2008
+ // that these pointers will be NULL if the stack would otherwise be empty.
2009
+ STACK_OF(SSL_CUSTOM_EXTENSION) *client_custom_extensions;
2010
+ STACK_OF(SSL_CUSTOM_EXTENSION) *server_custom_extensions;
2011
+
2012
+ // Default values used when no per-SSL value is defined follow
2013
+
2014
+ void (*info_callback)(const SSL *ssl, int type, int value);
2015
+
2016
+ // what we put in client cert requests
2017
+ STACK_OF(CRYPTO_BUFFER) *client_CA;
2018
+
2019
+ // cached_x509_client_CA is a cache of parsed versions of the elements of
2020
+ // |client_CA|.
2021
+ STACK_OF(X509_NAME) *cached_x509_client_CA;
2022
+
2023
+
2024
+ // Default values to use in SSL structures follow (these are copied by
2025
+ // SSL_new)
2026
+
2027
+ uint32_t options;
2028
+ uint32_t mode;
2029
+ uint32_t max_cert_list;
2030
+
2031
+ CERT *cert;
2032
+
2033
+ // callback that allows applications to peek at protocol messages
2034
+ void (*msg_callback)(int write_p, int version, int content_type,
2035
+ const void *buf, size_t len, SSL *ssl, void *arg);
2036
+ void *msg_callback_arg;
2037
+
2038
+ int verify_mode;
2039
+ int (*default_verify_callback)(
2040
+ int ok, X509_STORE_CTX *ctx); // called 'verify_callback' in the SSL
2041
+
2042
+ X509_VERIFY_PARAM *param;
2043
+
2044
+ // select_certificate_cb is called before most ClientHello processing and
2045
+ // before the decision whether to resume a session is made. See
2046
+ // |ssl_select_cert_result_t| for details of the return values.
2047
+ enum ssl_select_cert_result_t (*select_certificate_cb)(
2048
+ const SSL_CLIENT_HELLO *);
2049
+
2050
+ // dos_protection_cb is called once the resumption decision for a ClientHello
2051
+ // has been made. It returns one to continue the handshake or zero to
2052
+ // abort.
2053
+ int (*dos_protection_cb) (const SSL_CLIENT_HELLO *);
2054
+
2055
+ // Maximum amount of data to send in one fragment. actual record size can be
2056
+ // more than this due to padding and MAC overheads.
2057
+ uint16_t max_send_fragment;
2058
+
2059
+ // TLS extensions servername callback
2060
+ int (*tlsext_servername_callback)(SSL *, int *, void *);
2061
+ void *tlsext_servername_arg;
2062
+
2063
+ // RFC 4507 session ticket keys. |tlsext_ticket_key_current| may be NULL
2064
+ // before the first handshake and |tlsext_ticket_key_prev| may be NULL at any
2065
+ // time. Automatically generated ticket keys are rotated as needed at
2066
+ // handshake time. Hence, all access must be synchronized through |lock|.
2067
+ struct tlsext_ticket_key *tlsext_ticket_key_current;
2068
+ struct tlsext_ticket_key *tlsext_ticket_key_prev;
2069
+
2070
+ // Callback to support customisation of ticket key setting
2071
+ int (*tlsext_ticket_key_cb)(SSL *ssl, uint8_t *name, uint8_t *iv,
2072
+ EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
2073
+
2074
+ // Server-only: psk_identity_hint is the default identity hint to send in
2075
+ // PSK-based key exchanges.
2076
+ char *psk_identity_hint;
2077
+
2078
+ unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
2079
+ char *identity,
2080
+ unsigned int max_identity_len,
2081
+ uint8_t *psk, unsigned int max_psk_len);
2082
+ unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
2083
+ uint8_t *psk, unsigned int max_psk_len);
2084
+
2085
+
2086
+ // Next protocol negotiation information
2087
+ // (for experimental NPN extension).
2088
+
2089
+ // For a server, this contains a callback function by which the set of
2090
+ // advertised protocols can be provided.
2091
+ int (*next_protos_advertised_cb)(SSL *ssl, const uint8_t **out,
2092
+ unsigned *out_len, void *arg);
2093
+ void *next_protos_advertised_cb_arg;
2094
+ // For a client, this contains a callback function that selects the
2095
+ // next protocol from the list provided by the server.
2096
+ int (*next_proto_select_cb)(SSL *ssl, uint8_t **out, uint8_t *out_len,
2097
+ const uint8_t *in, unsigned in_len, void *arg);
2098
+ void *next_proto_select_cb_arg;
2099
+
2100
+ // ALPN information
2101
+ // (we are in the process of transitioning from NPN to ALPN.)
2102
+
2103
+ // For a server, this contains a callback function that allows the
2104
+ // server to select the protocol for the connection.
2105
+ // out: on successful return, this must point to the raw protocol
2106
+ // name (without the length prefix).
2107
+ // outlen: on successful return, this contains the length of |*out|.
2108
+ // in: points to the client's list of supported protocols in
2109
+ // wire-format.
2110
+ // inlen: the length of |in|.
2111
+ int (*alpn_select_cb)(SSL *ssl, const uint8_t **out, uint8_t *out_len,
2112
+ const uint8_t *in, unsigned in_len, void *arg);
2113
+ void *alpn_select_cb_arg;
2114
+
2115
+ // For a client, this contains the list of supported protocols in wire
2116
+ // format.
2117
+ uint8_t *alpn_client_proto_list;
2118
+ unsigned alpn_client_proto_list_len;
2119
+
2120
+ // SRTP profiles we are willing to do from RFC 5764
2121
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
2122
+
2123
+ // Supported group values inherited by SSL structure
2124
+ size_t supported_group_list_len;
2125
+ uint16_t *supported_group_list;
2126
+
2127
+ // The client's Channel ID private key.
2128
+ EVP_PKEY *tlsext_channel_id_private;
2129
+
2130
+ // keylog_callback, if not NULL, is the key logging callback. See
2131
+ // |SSL_CTX_set_keylog_callback|.
2132
+ void (*keylog_callback)(const SSL *ssl, const char *line);
2133
+
2134
+ // current_time_cb, if not NULL, is the function to use to get the current
2135
+ // time. It sets |*out_clock| to the current time. The |ssl| argument is
2136
+ // always NULL. See |SSL_CTX_set_current_time_cb|.
2137
+ void (*current_time_cb)(const SSL *ssl, struct timeval *out_clock);
2138
+
2139
+ // pool is used for all |CRYPTO_BUFFER|s in case we wish to share certificate
2140
+ // memory.
2141
+ CRYPTO_BUFFER_POOL *pool;
2142
+
2143
+ // ticket_aead_method contains function pointers for opening and sealing
2144
+ // session tickets.
2145
+ const SSL_TICKET_AEAD_METHOD *ticket_aead_method;
2146
+
2147
+ // verify_sigalgs, if not empty, is the set of signature algorithms
2148
+ // accepted from the peer in decreasing order of preference.
2149
+ uint16_t *verify_sigalgs;
2150
+ size_t num_verify_sigalgs;
2151
+
2152
+ // retain_only_sha256_of_client_certs is true if we should compute the SHA256
2153
+ // hash of the peer's certificate and then discard it to save memory and
2154
+ // session space. Only effective on the server side.
2155
+ bool retain_only_sha256_of_client_certs:1;
2156
+
2157
+ // quiet_shutdown is true if the connection should not send a close_notify on
2158
+ // shutdown.
2159
+ bool quiet_shutdown:1;
2160
+
2161
+ // ocsp_stapling_enabled is only used by client connections and indicates
2162
+ // whether OCSP stapling will be requested.
2163
+ bool ocsp_stapling_enabled:1;
2164
+
2165
+ // If true, a client will request certificate timestamps.
2166
+ bool signed_cert_timestamps_enabled:1;
2167
+
2168
+ // tlsext_channel_id_enabled is one if Channel ID is enabled and zero
2169
+ // otherwise. For a server, means that we'll accept Channel IDs from clients.
2170
+ // For a client, means that we'll advertise support.
2171
+ bool tlsext_channel_id_enabled:1;
2172
+
2173
+ // grease_enabled is one if draft-davidben-tls-grease-01 is enabled and zero
2174
+ // otherwise.
2175
+ bool grease_enabled:1;
2176
+
2177
+ // allow_unknown_alpn_protos is one if the client allows unsolicited ALPN
2178
+ // protocols from the peer.
2179
+ bool allow_unknown_alpn_protos:1;
2180
+
2181
+ // ed25519_enabled is one if Ed25519 is advertised in the handshake.
2182
+ bool ed25519_enabled:1;
2183
+ };
2184
+
2185
+ // An ssl_shutdown_t describes the shutdown state of one end of the connection,
2186
+ // whether it is alive or has been shutdown via close_notify or fatal alert.
2187
+ enum ssl_shutdown_t {
2188
+ ssl_shutdown_none = 0,
2189
+ ssl_shutdown_close_notify = 1,
2190
+ ssl_shutdown_error = 2,
2191
+ };
2192
+
2193
+ struct SSL3_STATE {
2194
+ static constexpr bool kAllowUniquePtr = true;
2195
+
2196
+ SSL3_STATE();
2197
+ ~SSL3_STATE();
2198
+
2199
+ uint8_t read_sequence[8] = {0};
2200
+ uint8_t write_sequence[8] = {0};
2201
+
2202
+ uint8_t server_random[SSL3_RANDOM_SIZE] = {0};
2203
+ uint8_t client_random[SSL3_RANDOM_SIZE] = {0};
2204
+
2205
+ // read_buffer holds data from the transport to be processed.
2206
+ SSLBuffer read_buffer;
2207
+ // write_buffer holds data to be written to the transport.
2208
+ SSLBuffer write_buffer;
2209
+
2210
+ // pending_app_data is the unconsumed application data. It points into
2211
+ // |read_buffer|.
2212
+ Span<uint8_t> pending_app_data;
2213
+
2214
+ // partial write - check the numbers match
2215
+ unsigned int wnum = 0; // number of bytes sent so far
2216
+ int wpend_tot = 0; // number bytes written
2217
+ int wpend_type = 0;
2218
+ int wpend_ret = 0; // number of bytes submitted
2219
+ const uint8_t *wpend_buf = nullptr;
2220
+
2221
+ // read_shutdown is the shutdown state for the read half of the connection.
2222
+ enum ssl_shutdown_t read_shutdown = ssl_shutdown_none;
2223
+
2224
+ // write_shutdown is the shutdown state for the write half of the connection.
2225
+ enum ssl_shutdown_t write_shutdown = ssl_shutdown_none;
2226
+
2227
+ // read_error, if |read_shutdown| is |ssl_shutdown_error|, is the error for
2228
+ // the receive half of the connection.
2229
+ UniquePtr<ERR_SAVE_STATE> read_error;
2230
+
2231
+ int alert_dispatch = 0;
2232
+
2233
+ int total_renegotiations = 0;
2234
+
2235
+ // This holds a variable that indicates what we were doing when a 0 or -1 is
2236
+ // returned. This is needed for non-blocking IO so we know what request
2237
+ // needs re-doing when in SSL_accept or SSL_connect
2238
+ int rwstate = SSL_NOTHING;
2239
+
2240
+ // early_data_skipped is the amount of early data that has been skipped by the
2241
+ // record layer.
2242
+ uint16_t early_data_skipped = 0;
2243
+
2244
+ // empty_record_count is the number of consecutive empty records received.
2245
+ uint8_t empty_record_count = 0;
2246
+
2247
+ // warning_alert_count is the number of consecutive warning alerts
2248
+ // received.
2249
+ uint8_t warning_alert_count = 0;
2250
+
2251
+ // key_update_count is the number of consecutive KeyUpdates received.
2252
+ uint8_t key_update_count = 0;
2253
+
2254
+ // skip_early_data instructs the record layer to skip unexpected early data
2255
+ // messages when 0RTT is rejected.
2256
+ bool skip_early_data:1;
2257
+
2258
+ // have_version is true if the connection's final version is known. Otherwise
2259
+ // the version has not been negotiated yet.
2260
+ bool have_version:1;
2261
+
2262
+ // v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
2263
+ // and future messages should use the record layer.
2264
+ bool v2_hello_done:1;
2265
+
2266
+ // is_v2_hello is true if the current handshake message was derived from a
2267
+ // V2ClientHello rather than received from the peer directly.
2268
+ bool is_v2_hello:1;
2269
+
2270
+ // has_message is true if the current handshake message has been returned
2271
+ // at least once by |get_message| and false otherwise.
2272
+ bool has_message:1;
2273
+
2274
+ // initial_handshake_complete is true if the initial handshake has
2275
+ // completed.
2276
+ bool initial_handshake_complete:1;
2277
+
2278
+ // session_reused indicates whether a session was resumed.
2279
+ bool session_reused:1;
2280
+
2281
+ bool send_connection_binding:1;
2282
+
2283
+ // In a client, this means that the server supported Channel ID and that a
2284
+ // Channel ID was sent. In a server it means that we echoed support for
2285
+ // Channel IDs and that tlsext_channel_id will be valid after the
2286
+ // handshake.
2287
+ bool tlsext_channel_id_valid:1;
2288
+
2289
+ // key_update_pending is true if we have a KeyUpdate acknowledgment
2290
+ // outstanding.
2291
+ bool key_update_pending:1;
2292
+
2293
+ // wpend_pending is true if we have a pending write outstanding.
2294
+ bool wpend_pending:1;
2295
+
2296
+ uint8_t send_alert[2] = {0};
2297
+
2298
+ // hs_buf is the buffer of handshake data to process.
2299
+ UniquePtr<BUF_MEM> hs_buf;
2300
+
2301
+ // pending_flight is the pending outgoing flight. This is used to flush each
2302
+ // handshake flight in a single write. |write_buffer| must be written out
2303
+ // before this data.
2304
+ UniquePtr<BUF_MEM> pending_flight;
2305
+
2306
+ // pending_flight_offset is the number of bytes of |pending_flight| which have
2307
+ // been successfully written.
2308
+ uint32_t pending_flight_offset = 0;
2309
+
2310
+ // aead_read_ctx is the current read cipher state.
2311
+ UniquePtr<SSLAEADContext> aead_read_ctx;
2312
+
2313
+ // aead_write_ctx is the current write cipher state.
2314
+ UniquePtr<SSLAEADContext> aead_write_ctx;
2315
+
2316
+ // hs is the handshake state for the current handshake or NULL if there isn't
2317
+ // one.
2318
+ UniquePtr<SSL_HANDSHAKE> hs;
2319
+
2320
+ uint8_t write_traffic_secret[EVP_MAX_MD_SIZE] = {0};
2321
+ uint8_t read_traffic_secret[EVP_MAX_MD_SIZE] = {0};
2322
+ uint8_t exporter_secret[EVP_MAX_MD_SIZE] = {0};
2323
+ uint8_t early_exporter_secret[EVP_MAX_MD_SIZE] = {0};
2324
+ uint8_t write_traffic_secret_len = 0;
2325
+ uint8_t read_traffic_secret_len = 0;
2326
+ uint8_t exporter_secret_len = 0;
2327
+ uint8_t early_exporter_secret_len = 0;
2328
+
2329
+ // Connection binding to prevent renegotiation attacks
2330
+ uint8_t previous_client_finished[12] = {0};
2331
+ uint8_t previous_client_finished_len = 0;
2332
+ uint8_t previous_server_finished_len = 0;
2333
+ uint8_t previous_server_finished[12] = {0};
2334
+
2335
+ // established_session is the session established by the connection. This
2336
+ // session is only filled upon the completion of the handshake and is
2337
+ // immutable.
2338
+ UniquePtr<SSL_SESSION> established_session;
2339
+
2340
+ // Next protocol negotiation. For the client, this is the protocol that we
2341
+ // sent in NextProtocol and is set when handling ServerHello extensions.
2342
+ //
2343
+ // For a server, this is the client's selected_protocol from NextProtocol and
2344
+ // is set when handling the NextProtocol message, before the Finished
2345
+ // message.
2346
+ Array<uint8_t> next_proto_negotiated;
2347
+
2348
+ // ALPN information
2349
+ // (we are in the process of transitioning from NPN to ALPN.)
2350
+
2351
+ // In a server these point to the selected ALPN protocol after the
2352
+ // ClientHello has been processed. In a client these contain the protocol
2353
+ // that the server selected once the ServerHello has been processed.
2354
+ Array<uint8_t> alpn_selected;
2355
+
2356
+ // hostname, on the server, is the value of the SNI extension.
2357
+ UniquePtr<char> hostname;
2358
+
2359
+ // For a server:
2360
+ // If |tlsext_channel_id_valid| is true, then this contains the
2361
+ // verified Channel ID from the client: a P256 point, (x,y), where
2362
+ // each are big-endian values.
2363
+ uint8_t tlsext_channel_id[64] = {0};
2364
+
2365
+ // ticket_age_skew is the difference, in seconds, between the client-sent
2366
+ // ticket age and the server-computed value in TLS 1.3 server connections
2367
+ // which resumed a session.
2368
+ int32_t ticket_age_skew = 0;
2369
+ };
2370
+
2371
+ // lengths of messages
2372
+ #define DTLS1_COOKIE_LENGTH 256
2373
+
2374
+ #define DTLS1_RT_HEADER_LENGTH 13
2375
+
2376
+ #define DTLS1_HM_HEADER_LENGTH 12
2377
+
2378
+ #define DTLS1_CCS_HEADER_LENGTH 1
2379
+
2380
+ #define DTLS1_AL_HEADER_LENGTH 2
2381
+
2382
+ struct hm_header_st {
2383
+ uint8_t type;
2384
+ uint32_t msg_len;
2385
+ uint16_t seq;
2386
+ uint32_t frag_off;
2387
+ uint32_t frag_len;
2388
+ };
2389
+
2390
+ // An hm_fragment is an incoming DTLS message, possibly not yet assembled.
2391
+ struct hm_fragment {
2392
+ static constexpr bool kAllowUniquePtr = true;
2393
+
2394
+ hm_fragment() {}
2395
+ hm_fragment(const hm_fragment &) = delete;
2396
+ hm_fragment &operator=(const hm_fragment &) = delete;
2397
+
2398
+ ~hm_fragment();
2399
+
2400
+ // type is the type of the message.
2401
+ uint8_t type = 0;
2402
+ // seq is the sequence number of this message.
2403
+ uint16_t seq = 0;
2404
+ // msg_len is the length of the message body.
2405
+ uint32_t msg_len = 0;
2406
+ // data is a pointer to the message, including message header. It has length
2407
+ // |DTLS1_HM_HEADER_LENGTH| + |msg_len|.
2408
+ uint8_t *data = nullptr;
2409
+ // reassembly is a bitmask of |msg_len| bits corresponding to which parts of
2410
+ // the message have been received. It is NULL if the message is complete.
2411
+ uint8_t *reassembly = nullptr;
2412
+ };
2413
+
2414
+ struct OPENSSL_timeval {
2415
+ uint64_t tv_sec;
2416
+ uint32_t tv_usec;
2417
+ };
2418
+
2419
+ struct DTLS1_STATE {
2420
+ static constexpr bool kAllowUniquePtr = true;
2421
+
2422
+ DTLS1_STATE();
2423
+ ~DTLS1_STATE();
2424
+
2425
+ // has_change_cipher_spec is true if we have received a ChangeCipherSpec from
2426
+ // the peer in this epoch.
2427
+ bool has_change_cipher_spec:1;
2428
+
2429
+ // outgoing_messages_complete is true if |outgoing_messages| has been
2430
+ // completed by an attempt to flush it. Future calls to |add_message| and
2431
+ // |add_change_cipher_spec| will start a new flight.
2432
+ bool outgoing_messages_complete:1;
2433
+
2434
+ // flight_has_reply is true if the current outgoing flight is complete and has
2435
+ // processed at least one message. This is used to detect whether we or the
2436
+ // peer sent the final flight.
2437
+ bool flight_has_reply:1;
2438
+
2439
+ uint8_t cookie[DTLS1_COOKIE_LENGTH] = {0};
2440
+ size_t cookie_len = 0;
2441
+
2442
+ // The current data and handshake epoch. This is initially undefined, and
2443
+ // starts at zero once the initial handshake is completed.
2444
+ uint16_t r_epoch = 0;
2445
+ uint16_t w_epoch = 0;
2446
+
2447
+ // records being received in the current epoch
2448
+ DTLS1_BITMAP bitmap;
2449
+
2450
+ uint16_t handshake_write_seq = 0;
2451
+ uint16_t handshake_read_seq = 0;
2452
+
2453
+ // save last sequence number for retransmissions
2454
+ uint8_t last_write_sequence[8] = {0};
2455
+ UniquePtr<SSLAEADContext> last_aead_write_ctx;
2456
+
2457
+ // incoming_messages is a ring buffer of incoming handshake messages that have
2458
+ // yet to be processed. The front of the ring buffer is message number
2459
+ // |handshake_read_seq|, at position |handshake_read_seq| %
2460
+ // |SSL_MAX_HANDSHAKE_FLIGHT|.
2461
+ UniquePtr<hm_fragment> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
2462
+
2463
+ // outgoing_messages is the queue of outgoing messages from the last handshake
2464
+ // flight.
2465
+ DTLS_OUTGOING_MESSAGE outgoing_messages[SSL_MAX_HANDSHAKE_FLIGHT];
2466
+ uint8_t outgoing_messages_len = 0;
2467
+
2468
+ // outgoing_written is the number of outgoing messages that have been
2469
+ // written.
2470
+ uint8_t outgoing_written = 0;
2471
+ // outgoing_offset is the number of bytes of the next outgoing message have
2472
+ // been written.
2473
+ uint32_t outgoing_offset = 0;
2474
+
2475
+ unsigned mtu = 0; // max DTLS packet size
2476
+
2477
+ // num_timeouts is the number of times the retransmit timer has fired since
2478
+ // the last time it was reset.
2479
+ unsigned num_timeouts = 0;
2480
+
2481
+ // Indicates when the last handshake msg or heartbeat sent will
2482
+ // timeout.
2483
+ struct OPENSSL_timeval next_timeout = {0, 0};
2484
+
2485
+ // timeout_duration_ms is the timeout duration in milliseconds.
2486
+ unsigned timeout_duration_ms = 0;
2487
+ };
2488
+
2489
+ // SSLConnection backs the public |SSL| type. Due to compatibility constraints,
2490
+ // it is a base class for |ssl_st|.
2491
+ struct SSLConnection {
2492
+ // method is the method table corresponding to the current protocol (DTLS or
2493
+ // TLS).
2494
+ const SSL_PROTOCOL_METHOD *method;
2495
+
2496
+ // version is the protocol version.
2497
+ uint16_t version;
2498
+
2499
+ // conf_max_version is the maximum acceptable protocol version configured by
2500
+ // |SSL_set_max_proto_version|. Note this version is normalized in DTLS and is
2501
+ // further constrainted by |SSL_OP_NO_*|.
2502
+ uint16_t conf_max_version;
2503
+
2504
+ // conf_min_version is the minimum acceptable protocol version configured by
2505
+ // |SSL_set_min_proto_version|. Note this version is normalized in DTLS and is
2506
+ // further constrainted by |SSL_OP_NO_*|.
2507
+ uint16_t conf_min_version;
2508
+
2509
+ // tls13_variant is the variant of TLS 1.3 we are using for this
2510
+ // configuration.
2511
+ enum tls13_variant_t tls13_variant;
2512
+
2513
+ uint16_t max_send_fragment;
2514
+
2515
+ // There are 2 BIO's even though they are normally both the same. This is so
2516
+ // data can be read and written to different handlers
2517
+
2518
+ BIO *rbio; // used by SSL_read
2519
+ BIO *wbio; // used by SSL_write
2520
+
2521
+ // do_handshake runs the handshake. On completion, it returns |ssl_hs_ok|.
2522
+ // Otherwise, it returns a value corresponding to what operation is needed to
2523
+ // progress.
2524
+ enum ssl_hs_wait_t (*do_handshake)(SSL_HANDSHAKE *hs);
2525
+
2526
+ SSL3_STATE *s3; // SSLv3 variables
2527
+ DTLS1_STATE *d1; // DTLSv1 variables
2528
+
2529
+ // callback that allows applications to peek at protocol messages
2530
+ void (*msg_callback)(int write_p, int version, int content_type,
2531
+ const void *buf, size_t len, SSL *ssl, void *arg);
2532
+ void *msg_callback_arg;
2533
+
2534
+ X509_VERIFY_PARAM *param;
2535
+
2536
+ // crypto
2537
+ struct ssl_cipher_preference_list_st *cipher_list;
2538
+
2539
+ // session info
2540
+
2541
+ // client cert?
2542
+ // This is used to hold the server certificate used
2543
+ CERT *cert;
2544
+
2545
+ // initial_timeout_duration_ms is the default DTLS timeout duration in
2546
+ // milliseconds. It's used to initialize the timer any time it's restarted.
2547
+ unsigned initial_timeout_duration_ms;
2548
+
2549
+ // session is the configured session to be offered by the client. This session
2550
+ // is immutable.
2551
+ SSL_SESSION *session;
2552
+
2553
+ int (*verify_callback)(int ok,
2554
+ X509_STORE_CTX *ctx); // fail if callback returns 0
2555
+
2556
+ enum ssl_verify_result_t (*custom_verify_callback)(SSL *ssl,
2557
+ uint8_t *out_alert);
2558
+
2559
+ void (*info_callback)(const SSL *ssl, int type, int value);
2560
+
2561
+ // Server-only: psk_identity_hint is the identity hint to send in
2562
+ // PSK-based key exchanges.
2563
+ char *psk_identity_hint;
2564
+
2565
+ unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
2566
+ char *identity,
2567
+ unsigned int max_identity_len,
2568
+ uint8_t *psk, unsigned int max_psk_len);
2569
+ unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
2570
+ uint8_t *psk, unsigned int max_psk_len);
2571
+
2572
+ SSL_CTX *ctx;
2573
+
2574
+ // extra application data
2575
+ CRYPTO_EX_DATA ex_data;
2576
+
2577
+ // for server side, keep the list of CA_dn we can use
2578
+ STACK_OF(CRYPTO_BUFFER) *client_CA;
2579
+
2580
+ // cached_x509_client_CA is a cache of parsed versions of the elements of
2581
+ // |client_CA|.
2582
+ STACK_OF(X509_NAME) *cached_x509_client_CA;
2583
+
2584
+ uint32_t options; // protocol behaviour
2585
+ uint32_t mode; // API behaviour
2586
+ uint32_t max_cert_list;
2587
+ char *tlsext_hostname;
2588
+ size_t supported_group_list_len;
2589
+ uint16_t *supported_group_list; // our list
2590
+
2591
+ // session_ctx is the |SSL_CTX| used for the session cache and related
2592
+ // settings.
2593
+ SSL_CTX *session_ctx;
2594
+
2595
+ // srtp_profiles is the list of configured SRTP protection profiles for
2596
+ // DTLS-SRTP.
2597
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
2598
+
2599
+ // srtp_profile is the selected SRTP protection profile for
2600
+ // DTLS-SRTP.
2601
+ const SRTP_PROTECTION_PROFILE *srtp_profile;
2602
+
2603
+ // The client's Channel ID private key.
2604
+ EVP_PKEY *tlsext_channel_id_private;
2605
+
2606
+ // For a client, this contains the list of supported protocols in wire
2607
+ // format.
2608
+ uint8_t *alpn_client_proto_list;
2609
+ unsigned alpn_client_proto_list_len;
2610
+
2611
+ // renegotiate_mode controls how peer renegotiation attempts are handled.
2612
+ enum ssl_renegotiate_mode_t renegotiate_mode;
2613
+
2614
+ // verify_mode is a bitmask of |SSL_VERIFY_*| values.
2615
+ uint8_t verify_mode;
2616
+
2617
+ // server is true iff the this SSL* is the server half. Note: before the SSL*
2618
+ // is initialized by either SSL_set_accept_state or SSL_set_connect_state,
2619
+ // the side is not determined. In this state, server is always false.
2620
+ bool server:1;
2621
+
2622
+ // quiet_shutdown is true if the connection should not send a close_notify on
2623
+ // shutdown.
2624
+ bool quiet_shutdown:1;
2625
+
2626
+ // Enable signed certificate time stamps. Currently client only.
2627
+ bool signed_cert_timestamps_enabled:1;
2628
+
2629
+ // ocsp_stapling_enabled is only used by client connections and indicates
2630
+ // whether OCSP stapling will be requested.
2631
+ bool ocsp_stapling_enabled:1;
2632
+
2633
+ // tlsext_channel_id_enabled is copied from the |SSL_CTX|. For a server,
2634
+ // means that we'll accept Channel IDs from clients. For a client, means that
2635
+ // we'll advertise support.
2636
+ bool tlsext_channel_id_enabled:1;
2637
+
2638
+ // retain_only_sha256_of_client_certs is true if we should compute the SHA256
2639
+ // hash of the peer's certificate and then discard it to save memory and
2640
+ // session space. Only effective on the server side.
2641
+ bool retain_only_sha256_of_client_certs:1;
2642
+
2643
+ // early_data_accepted is true if early data was accepted by the server.
2644
+ bool early_data_accepted:1;
2645
+ };
2646
+
2647
+ // From draft-ietf-tls-tls13-18, used in determining PSK modes.
2648
+ #define SSL_PSK_DHE_KE 0x1
2649
+
2650
+ // From draft-ietf-tls-tls13-16, used in determining whether to respond with a
2651
+ // KeyUpdate.
2652
+ #define SSL_KEY_UPDATE_NOT_REQUESTED 0
2653
+ #define SSL_KEY_UPDATE_REQUESTED 1
2654
+
2655
+ // kMaxEarlyDataAccepted is the advertised number of plaintext bytes of early
2656
+ // data that will be accepted. This value should be slightly below
2657
+ // kMaxEarlyDataSkipped in tls_record.c, which is measured in ciphertext.
2658
+ static const size_t kMaxEarlyDataAccepted = 14336;
2659
+
2660
+ CERT *ssl_cert_new(const SSL_X509_METHOD *x509_method);
2661
+ CERT *ssl_cert_dup(CERT *cert);
2662
+ void ssl_cert_clear_certs(CERT *cert);
2663
+ void ssl_cert_free(CERT *cert);
2664
+ int ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer);
2665
+ int ssl_is_key_type_supported(int key_type);
2666
+ // ssl_compare_public_and_private_key returns one if |pubkey| is the public
2667
+ // counterpart to |privkey|. Otherwise it returns zero and pushes a helpful
2668
+ // message on the error queue.
2669
+ int ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
2670
+ const EVP_PKEY *privkey);
2671
+ int ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
2672
+ int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server);
2673
+ int ssl_encrypt_ticket(SSL *ssl, CBB *out, const SSL_SESSION *session);
2674
+ int ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
2675
+
2676
+ // ssl_session_new returns a newly-allocated blank |SSL_SESSION| or nullptr on
2677
+ // error.
2678
+ UniquePtr<SSL_SESSION> ssl_session_new(const SSL_X509_METHOD *x509_method);
2679
+
2680
+ // SSL_SESSION_parse parses an |SSL_SESSION| from |cbs| and advances |cbs| over
2681
+ // the parsed data.
2682
+ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
2683
+ const SSL_X509_METHOD *x509_method,
2684
+ CRYPTO_BUFFER_POOL *pool);
2685
+
2686
+ // ssl_session_is_context_valid returns one if |session|'s session ID context
2687
+ // matches the one set on |ssl| and zero otherwise.
2688
+ int ssl_session_is_context_valid(const SSL *ssl, const SSL_SESSION *session);
2689
+
2690
+ // ssl_session_is_time_valid returns one if |session| is still valid and zero if
2691
+ // it has expired.
2692
+ int ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session);
2693
+
2694
+ // ssl_session_is_resumable returns one if |session| is resumable for |hs| and
2695
+ // zero otherwise.
2696
+ int ssl_session_is_resumable(const SSL_HANDSHAKE *hs,
2697
+ const SSL_SESSION *session);
2698
+
2699
+ // ssl_session_protocol_version returns the protocol version associated with
2700
+ // |session|. Note that despite the name, this is not the same as
2701
+ // |SSL_SESSION_get_protocol_version|. The latter is based on upstream's name.
2702
+ uint16_t ssl_session_protocol_version(const SSL_SESSION *session);
2703
+
2704
+ // ssl_session_get_digest returns the digest used in |session|.
2705
+ const EVP_MD *ssl_session_get_digest(const SSL_SESSION *session);
2706
+
2707
+ void ssl_set_session(SSL *ssl, SSL_SESSION *session);
2708
+
2709
+ // ssl_get_prev_session looks up the previous session based on |client_hello|.
2710
+ // On success, it sets |*out_session| to the session or nullptr if none was
2711
+ // found. If the session could not be looked up synchronously, it returns
2712
+ // |ssl_hs_pending_session| and should be called again. If a ticket could not be
2713
+ // decrypted immediately it returns |ssl_hs_pending_ticket| and should also
2714
+ // be called again. Otherwise, it returns |ssl_hs_error|.
2715
+ enum ssl_hs_wait_t ssl_get_prev_session(SSL *ssl,
2716
+ UniquePtr<SSL_SESSION> *out_session,
2717
+ bool *out_tickets_supported,
2718
+ bool *out_renew_ticket,
2719
+ const SSL_CLIENT_HELLO *client_hello);
2720
+
2721
+ // The following flags determine which parts of the session are duplicated.
2722
+ #define SSL_SESSION_DUP_AUTH_ONLY 0x0
2723
+ #define SSL_SESSION_INCLUDE_TICKET 0x1
2724
+ #define SSL_SESSION_INCLUDE_NONAUTH 0x2
2725
+ #define SSL_SESSION_DUP_ALL \
2726
+ (SSL_SESSION_INCLUDE_TICKET | SSL_SESSION_INCLUDE_NONAUTH)
2727
+
2728
+ // SSL_SESSION_dup returns a newly-allocated |SSL_SESSION| with a copy of the
2729
+ // fields in |session| or nullptr on error. The new session is non-resumable and
2730
+ // must be explicitly marked resumable once it has been filled in.
2731
+ OPENSSL_EXPORT UniquePtr<SSL_SESSION> SSL_SESSION_dup(SSL_SESSION *session,
2732
+ int dup_flags);
2733
+
2734
+ // ssl_session_rebase_time updates |session|'s start time to the current time,
2735
+ // adjusting the timeout so the expiration time is unchanged.
2736
+ void ssl_session_rebase_time(SSL *ssl, SSL_SESSION *session);
2737
+
2738
+ // ssl_session_renew_timeout calls |ssl_session_rebase_time| and renews
2739
+ // |session|'s timeout to |timeout| (measured from the current time). The
2740
+ // renewal is clamped to the session's auth_timeout.
2741
+ void ssl_session_renew_timeout(SSL *ssl, SSL_SESSION *session,
2742
+ uint32_t timeout);
2743
+
2744
+ void ssl_cipher_preference_list_free(
2745
+ struct ssl_cipher_preference_list_st *cipher_list);
2746
+
2747
+ // ssl_get_cipher_preferences returns the cipher preference list for TLS 1.2 and
2748
+ // below.
2749
+ const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
2750
+ const SSL *ssl);
2751
+
2752
+ void ssl_update_cache(SSL_HANDSHAKE *hs, int mode);
2753
+
2754
+ int ssl_send_alert(SSL *ssl, int level, int desc);
2755
+ bool ssl3_get_message(SSL *ssl, SSLMessage *out);
2756
+ ssl_open_record_t ssl3_open_handshake(SSL *ssl, size_t *out_consumed,
2757
+ uint8_t *out_alert, Span<uint8_t> in);
2758
+ void ssl3_next_message(SSL *ssl);
2759
+
2760
+ int ssl3_dispatch_alert(SSL *ssl);
2761
+ ssl_open_record_t ssl3_open_app_data(SSL *ssl, Span<uint8_t> *out,
2762
+ size_t *out_consumed, uint8_t *out_alert,
2763
+ Span<uint8_t> in);
2764
+ ssl_open_record_t ssl3_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
2765
+ uint8_t *out_alert,
2766
+ Span<uint8_t> in);
2767
+ int ssl3_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
2768
+ int len);
2769
+
2770
+ bool ssl3_new(SSL *ssl);
2771
+ void ssl3_free(SSL *ssl);
2772
+
2773
+ bool ssl3_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
2774
+ bool ssl3_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
2775
+ bool ssl3_add_message(SSL *ssl, Array<uint8_t> msg);
2776
+ bool ssl3_add_change_cipher_spec(SSL *ssl);
2777
+ bool ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
2778
+ int ssl3_flush_flight(SSL *ssl);
2779
+
2780
+ bool dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
2781
+ bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
2782
+ bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
2783
+ bool dtls1_add_change_cipher_spec(SSL *ssl);
2784
+ bool dtls1_add_alert(SSL *ssl, uint8_t level, uint8_t desc);
2785
+ int dtls1_flush_flight(SSL *ssl);
2786
+
2787
+ // ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
2788
+ // the pending flight. It returns true on success and false on error.
2789
+ bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
2790
+
2791
+ // ssl_hash_message incorporates |msg| into the handshake hash. It returns true
2792
+ // on success and false on allocation failure.
2793
+ bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
2794
+
2795
+ ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
2796
+ size_t *out_consumed, uint8_t *out_alert,
2797
+ Span<uint8_t> in);
2798
+ ssl_open_record_t dtls1_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
2799
+ uint8_t *out_alert,
2800
+ Span<uint8_t> in);
2801
+
2802
+ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
2803
+ const uint8_t *buf, int len);
2804
+
2805
+ // dtls1_write_record sends a record. It returns one on success and <= 0 on
2806
+ // error.
2807
+ int dtls1_write_record(SSL *ssl, int type, const uint8_t *buf, size_t len,
2808
+ enum dtls1_use_epoch_t use_epoch);
2809
+
2810
+ int dtls1_retransmit_outgoing_messages(SSL *ssl);
2811
+ bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
2812
+ CBS *out_body);
2813
+ bool dtls1_check_timeout_num(SSL *ssl);
2814
+
2815
+ void dtls1_start_timer(SSL *ssl);
2816
+ void dtls1_stop_timer(SSL *ssl);
2817
+ bool dtls1_is_timer_expired(SSL *ssl);
2818
+ unsigned int dtls1_min_mtu(void);
2819
+
2820
+ bool dtls1_new(SSL *ssl);
2821
+ void dtls1_free(SSL *ssl);
2822
+
2823
+ bool dtls1_get_message(SSL *ssl, SSLMessage *out);
2824
+ ssl_open_record_t dtls1_open_handshake(SSL *ssl, size_t *out_consumed,
2825
+ uint8_t *out_alert, Span<uint8_t> in);
2826
+ void dtls1_next_message(SSL *ssl);
2827
+ int dtls1_dispatch_alert(SSL *ssl);
2828
+
2829
+ int tls1_change_cipher_state(SSL_HANDSHAKE *hs, evp_aead_direction_t direction);
2830
+ int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
2831
+ Span<const uint8_t> premaster);
2832
+
2833
+ // tls1_get_grouplist returns the locally-configured group preference list.
2834
+ Span<const uint16_t> tls1_get_grouplist(const SSL *ssl);
2835
+
2836
+ // tls1_check_group_id returns one if |group_id| is consistent with
2837
+ // locally-configured group preferences.
2838
+ int tls1_check_group_id(const SSL *ssl, uint16_t group_id);
2839
+
2840
+ // tls1_get_shared_group sets |*out_group_id| to the first preferred shared
2841
+ // group between client and server preferences and returns one. If none may be
2842
+ // found, it returns zero.
2843
+ int tls1_get_shared_group(SSL_HANDSHAKE *hs, uint16_t *out_group_id);
2844
+
2845
+ // tls1_set_curves converts the array of |ncurves| NIDs pointed to by |curves|
2846
+ // into a newly allocated array of TLS group IDs. On success, the function
2847
+ // returns one and writes the array to |*out_group_ids| and its size to
2848
+ // |*out_group_ids_len|. Otherwise, it returns zero.
2849
+ int tls1_set_curves(uint16_t **out_group_ids, size_t *out_group_ids_len,
2850
+ const int *curves, size_t ncurves);
2851
+
2852
+ // tls1_set_curves_list converts the string of curves pointed to by |curves|
2853
+ // into a newly allocated array of TLS group IDs. On success, the function
2854
+ // returns one and writes the array to |*out_group_ids| and its size to
2855
+ // |*out_group_ids_len|. Otherwise, it returns zero.
2856
+ int tls1_set_curves_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
2857
+ const char *curves);
2858
+
2859
+ // ssl_add_clienthello_tlsext writes ClientHello extensions to |out|. It
2860
+ // returns one on success and zero on failure. The |header_len| argument is the
2861
+ // length of the ClientHello written so far and is used to compute the padding
2862
+ // length. (It does not include the record header.)
2863
+ int ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, size_t header_len);
2864
+
2865
+ int ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out);
2866
+ int ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
2867
+ const SSL_CLIENT_HELLO *client_hello);
2868
+ int ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs);
2869
+
2870
+ #define tlsext_tick_md EVP_sha256
2871
+
2872
+ // ssl_process_ticket processes a session ticket from the client. It returns
2873
+ // one of:
2874
+ // |ssl_ticket_aead_success|: |*out_session| is set to the parsed session and
2875
+ // |*out_renew_ticket| is set to whether the ticket should be renewed.
2876
+ // |ssl_ticket_aead_ignore_ticket|: |*out_renew_ticket| is set to whether a
2877
+ // fresh ticket should be sent, but the given ticket cannot be used.
2878
+ // |ssl_ticket_aead_retry|: the ticket could not be immediately decrypted.
2879
+ // Retry later.
2880
+ // |ssl_ticket_aead_error|: an error occured that is fatal to the connection.
2881
+ enum ssl_ticket_aead_result_t ssl_process_ticket(
2882
+ SSL *ssl, UniquePtr<SSL_SESSION> *out_session, bool *out_renew_ticket,
2883
+ const uint8_t *ticket, size_t ticket_len, const uint8_t *session_id,
2884
+ size_t session_id_len);
2885
+
2886
+ // tls1_verify_channel_id processes |msg| as a Channel ID message, and verifies
2887
+ // the signature. If the key is valid, it saves the Channel ID and returns
2888
+ // one. Otherwise, it returns zero.
2889
+ int tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg);
2890
+
2891
+ // tls1_write_channel_id generates a Channel ID message and puts the output in
2892
+ // |cbb|. |ssl->tlsext_channel_id_private| must already be set before calling.
2893
+ // This function returns true on success and false on error.
2894
+ bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb);
2895
+
2896
+ // tls1_channel_id_hash computes the hash to be signed by Channel ID and writes
2897
+ // it to |out|, which must contain at least |EVP_MAX_MD_SIZE| bytes. It returns
2898
+ // one on success and zero on failure.
2899
+ int tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len);
2900
+
2901
+ int tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs);
2902
+
2903
+ // ssl_do_channel_id_callback checks runs |ssl->ctx->channel_id_cb| if
2904
+ // necessary. It returns one on success and zero on fatal error. Note that, on
2905
+ // success, |ssl->tlsext_channel_id_private| may be unset, in which case the
2906
+ // operation should be retried later.
2907
+ int ssl_do_channel_id_callback(SSL *ssl);
2908
+
2909
+ // ssl_can_write returns one if |ssl| is allowed to write and zero otherwise.
2910
+ int ssl_can_write(const SSL *ssl);
2911
+
2912
+ // ssl_can_read returns one if |ssl| is allowed to read and zero otherwise.
2913
+ int ssl_can_read(const SSL *ssl);
2914
+
2915
+ void ssl_get_current_time(const SSL *ssl, struct OPENSSL_timeval *out_clock);
2916
+ void ssl_ctx_get_current_time(const SSL_CTX *ctx,
2917
+ struct OPENSSL_timeval *out_clock);
2918
+
2919
+ // ssl_reset_error_state resets state for |SSL_get_error|.
2920
+ void ssl_reset_error_state(SSL *ssl);
2921
+
2922
+ // ssl_set_read_error sets |ssl|'s read half into an error state, saving the
2923
+ // current state of the error queue.
2924
+ void ssl_set_read_error(SSL* ssl);
2925
+
2926
+ } // namespace bssl
2927
+
2928
+
2929
+ // Opaque C types.
2930
+ //
2931
+ // The following types are exported to C code as public typedefs, so they must
2932
+ // be defined outside of the namespace.
2933
+
2934
+ // ssl_method_st backs the public |SSL_METHOD| type. It is a compatibility
2935
+ // structure to support the legacy version-locked methods.
2936
+ struct ssl_method_st {
2937
+ // version, if non-zero, is the only protocol version acceptable to an
2938
+ // SSL_CTX initialized from this method.
2939
+ uint16_t version;
2940
+ // method is the underlying SSL_PROTOCOL_METHOD that initializes the
2941
+ // SSL_CTX.
2942
+ const bssl::SSL_PROTOCOL_METHOD *method;
2943
+ // x509_method contains pointers to functions that might deal with |X509|
2944
+ // compatibility, or might be a no-op, depending on the application.
2945
+ const SSL_X509_METHOD *x509_method;
2946
+ };
2947
+
2948
+ struct ssl_x509_method_st {
2949
+ // check_client_CA_list returns one if |names| is a good list of X.509
2950
+ // distinguished names and zero otherwise. This is used to ensure that we can
2951
+ // reject unparsable values at handshake time when using crypto/x509.
2952
+ int (*check_client_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
2953
+
2954
+ // cert_clear frees and NULLs all X509 certificate-related state.
2955
+ void (*cert_clear)(bssl::CERT *cert);
2956
+ // cert_free frees all X509-related state.
2957
+ void (*cert_free)(bssl::CERT *cert);
2958
+ // cert_flush_cached_chain drops any cached |X509|-based certificate chain
2959
+ // from |cert|.
2960
+ // cert_dup duplicates any needed fields from |cert| to |new_cert|.
2961
+ void (*cert_dup)(bssl::CERT *new_cert, const bssl::CERT *cert);
2962
+ void (*cert_flush_cached_chain)(bssl::CERT *cert);
2963
+ // cert_flush_cached_chain drops any cached |X509|-based leaf certificate
2964
+ // from |cert|.
2965
+ void (*cert_flush_cached_leaf)(bssl::CERT *cert);
2966
+
2967
+ // session_cache_objects fills out |sess->x509_peer| and |sess->x509_chain|
2968
+ // from |sess->certs| and erases |sess->x509_chain_without_leaf|. It returns
2969
+ // one on success or zero on error.
2970
+ int (*session_cache_objects)(SSL_SESSION *session);
2971
+ // session_dup duplicates any needed fields from |session| to |new_session|.
2972
+ // It returns one on success or zero on error.
2973
+ int (*session_dup)(SSL_SESSION *new_session, const SSL_SESSION *session);
2974
+ // session_clear frees any X509-related state from |session|.
2975
+ void (*session_clear)(SSL_SESSION *session);
2976
+ // session_verify_cert_chain verifies the certificate chain in |session|,
2977
+ // sets |session->verify_result| and returns one on success or zero on
2978
+ // error.
2979
+ int (*session_verify_cert_chain)(SSL_SESSION *session, SSL *ssl,
2980
+ uint8_t *out_alert);
2981
+
2982
+ // hs_flush_cached_ca_names drops any cached |X509_NAME|s from |hs|.
2983
+ void (*hs_flush_cached_ca_names)(bssl::SSL_HANDSHAKE *hs);
2984
+ // ssl_new does any neccessary initialisation of |ssl|. It returns one on
2985
+ // success or zero on error.
2986
+ int (*ssl_new)(SSL *ssl);
2987
+ // ssl_free frees anything created by |ssl_new|.
2988
+ void (*ssl_free)(SSL *ssl);
2989
+ // ssl_flush_cached_client_CA drops any cached |X509_NAME|s from |ssl|.
2990
+ void (*ssl_flush_cached_client_CA)(SSL *ssl);
2991
+ // ssl_auto_chain_if_needed runs the deprecated auto-chaining logic if
2992
+ // necessary. On success, it updates |ssl|'s certificate configuration as
2993
+ // needed and returns one. Otherwise, it returns zero.
2994
+ int (*ssl_auto_chain_if_needed)(SSL *ssl);
2995
+ // ssl_ctx_new does any neccessary initialisation of |ctx|. It returns one on
2996
+ // success or zero on error.
2997
+ int (*ssl_ctx_new)(SSL_CTX *ctx);
2998
+ // ssl_ctx_free frees anything created by |ssl_ctx_new|.
2999
+ void (*ssl_ctx_free)(SSL_CTX *ctx);
3000
+ // ssl_ctx_flush_cached_client_CA drops any cached |X509_NAME|s from |ctx|.
3001
+ void (*ssl_ctx_flush_cached_client_CA)(SSL_CTX *ssl);
3002
+ };
3003
+
3004
+ // The following types back public C-exposed types which must live in the global
3005
+ // namespace. We use subclassing so the implementations may be C++ types with
3006
+ // methods and destructor without polluting the global namespace.
3007
+ struct ssl_ctx_st : public bssl::SSLContext {};
3008
+ struct ssl_st : public bssl::SSLConnection {};
3009
+
3010
+
3011
+ #endif // OPENSSL_HEADER_SSL_INTERNAL_H