grpc-flamingo 1.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1318) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +1 -0
  3. data/Makefile +23896 -0
  4. data/etc/roots.pem +4475 -0
  5. data/include/grpc/byte_buffer.h +27 -0
  6. data/include/grpc/byte_buffer_reader.h +26 -0
  7. data/include/grpc/census.h +40 -0
  8. data/include/grpc/compression.h +75 -0
  9. data/include/grpc/fork.h +26 -0
  10. data/include/grpc/grpc.h +469 -0
  11. data/include/grpc/grpc_cronet.h +38 -0
  12. data/include/grpc/grpc_posix.h +67 -0
  13. data/include/grpc/grpc_security.h +495 -0
  14. data/include/grpc/grpc_security_constants.h +107 -0
  15. data/include/grpc/impl/codegen/atm.h +95 -0
  16. data/include/grpc/impl/codegen/atm_gcc_atomic.h +91 -0
  17. data/include/grpc/impl/codegen/atm_gcc_sync.h +83 -0
  18. data/include/grpc/impl/codegen/atm_windows.h +126 -0
  19. data/include/grpc/impl/codegen/byte_buffer.h +88 -0
  20. data/include/grpc/impl/codegen/byte_buffer_reader.h +42 -0
  21. data/include/grpc/impl/codegen/compression_types.h +107 -0
  22. data/include/grpc/impl/codegen/connectivity_state.h +44 -0
  23. data/include/grpc/impl/codegen/fork.h +48 -0
  24. data/include/grpc/impl/codegen/gpr_slice.h +69 -0
  25. data/include/grpc/impl/codegen/gpr_types.h +59 -0
  26. data/include/grpc/impl/codegen/grpc_types.h +669 -0
  27. data/include/grpc/impl/codegen/port_platform.h +507 -0
  28. data/include/grpc/impl/codegen/propagation_bits.h +52 -0
  29. data/include/grpc/impl/codegen/slice.h +147 -0
  30. data/include/grpc/impl/codegen/status.h +153 -0
  31. data/include/grpc/impl/codegen/sync.h +63 -0
  32. data/include/grpc/impl/codegen/sync_custom.h +38 -0
  33. data/include/grpc/impl/codegen/sync_generic.h +48 -0
  34. data/include/grpc/impl/codegen/sync_posix.h +34 -0
  35. data/include/grpc/impl/codegen/sync_windows.h +36 -0
  36. data/include/grpc/load_reporting.h +48 -0
  37. data/include/grpc/module.modulemap +74 -0
  38. data/include/grpc/slice.h +172 -0
  39. data/include/grpc/slice_buffer.h +84 -0
  40. data/include/grpc/status.h +26 -0
  41. data/include/grpc/support/alloc.h +68 -0
  42. data/include/grpc/support/atm.h +26 -0
  43. data/include/grpc/support/atm_gcc_atomic.h +26 -0
  44. data/include/grpc/support/atm_gcc_sync.h +26 -0
  45. data/include/grpc/support/atm_windows.h +26 -0
  46. data/include/grpc/support/cpu.h +44 -0
  47. data/include/grpc/support/log.h +104 -0
  48. data/include/grpc/support/log_windows.h +38 -0
  49. data/include/grpc/support/port_platform.h +24 -0
  50. data/include/grpc/support/string_util.h +49 -0
  51. data/include/grpc/support/sync.h +298 -0
  52. data/include/grpc/support/sync_custom.h +26 -0
  53. data/include/grpc/support/sync_generic.h +26 -0
  54. data/include/grpc/support/sync_posix.h +26 -0
  55. data/include/grpc/support/sync_windows.h +26 -0
  56. data/include/grpc/support/thd_id.h +44 -0
  57. data/include/grpc/support/time.h +92 -0
  58. data/include/grpc/support/workaround_list.h +31 -0
  59. data/src/boringssl/err_data.c +1348 -0
  60. data/src/core/ext/census/grpc_context.cc +38 -0
  61. data/src/core/ext/filters/client_channel/backup_poller.cc +174 -0
  62. data/src/core/ext/filters/client_channel/backup_poller.h +35 -0
  63. data/src/core/ext/filters/client_channel/channel_connectivity.cc +248 -0
  64. data/src/core/ext/filters/client_channel/client_channel.cc +3209 -0
  65. data/src/core/ext/filters/client_channel/client_channel.h +57 -0
  66. data/src/core/ext/filters/client_channel/client_channel_factory.cc +67 -0
  67. data/src/core/ext/filters/client_channel/client_channel_factory.h +74 -0
  68. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +62 -0
  69. data/src/core/ext/filters/client_channel/connector.cc +41 -0
  70. data/src/core/ext/filters/client_channel/connector.h +73 -0
  71. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +370 -0
  72. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +34 -0
  73. data/src/core/ext/filters/client_channel/http_proxy.cc +195 -0
  74. data/src/core/ext/filters/client_channel/http_proxy.h +24 -0
  75. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +138 -0
  76. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +29 -0
  77. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1906 -0
  78. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +36 -0
  79. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +108 -0
  80. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +152 -0
  81. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +67 -0
  82. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +304 -0
  83. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +88 -0
  84. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +102 -0
  85. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +190 -0
  86. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +591 -0
  87. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +687 -0
  88. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +253 -0
  89. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +136 -0
  90. data/src/core/ext/filters/client_channel/lb_policy.cc +59 -0
  91. data/src/core/ext/filters/client_channel/lb_policy.h +201 -0
  92. data/src/core/ext/filters/client_channel/lb_policy_factory.cc +155 -0
  93. data/src/core/ext/filters/client_channel/lb_policy_factory.h +127 -0
  94. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +97 -0
  95. data/src/core/ext/filters/client_channel/lb_policy_registry.h +54 -0
  96. data/src/core/ext/filters/client_channel/method_params.cc +178 -0
  97. data/src/core/ext/filters/client_channel/method_params.h +74 -0
  98. data/src/core/ext/filters/client_channel/parse_address.cc +192 -0
  99. data/src/core/ext/filters/client_channel/parse_address.h +50 -0
  100. data/src/core/ext/filters/client_channel/proxy_mapper.cc +48 -0
  101. data/src/core/ext/filters/client_channel/proxy_mapper.h +74 -0
  102. data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +122 -0
  103. data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +44 -0
  104. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +493 -0
  105. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +53 -0
  106. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +351 -0
  107. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +593 -0
  108. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +74 -0
  109. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +59 -0
  110. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +340 -0
  111. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +297 -0
  112. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +83 -0
  113. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +214 -0
  114. data/src/core/ext/filters/client_channel/resolver.cc +35 -0
  115. data/src/core/ext/filters/client_channel/resolver.h +134 -0
  116. data/src/core/ext/filters/client_channel/resolver_factory.h +71 -0
  117. data/src/core/ext/filters/client_channel/resolver_registry.cc +178 -0
  118. data/src/core/ext/filters/client_channel/resolver_registry.h +83 -0
  119. data/src/core/ext/filters/client_channel/retry_throttle.cc +191 -0
  120. data/src/core/ext/filters/client_channel/retry_throttle.h +77 -0
  121. data/src/core/ext/filters/client_channel/subchannel.cc +815 -0
  122. data/src/core/ext/filters/client_channel/subchannel.h +183 -0
  123. data/src/core/ext/filters/client_channel/subchannel_index.cc +254 -0
  124. data/src/core/ext/filters/client_channel/subchannel_index.h +79 -0
  125. data/src/core/ext/filters/client_channel/uri_parser.cc +314 -0
  126. data/src/core/ext/filters/client_channel/uri_parser.h +50 -0
  127. data/src/core/ext/filters/deadline/deadline_filter.cc +386 -0
  128. data/src/core/ext/filters/deadline/deadline_filter.h +93 -0
  129. data/src/core/ext/filters/http/client/http_client_filter.cc +558 -0
  130. data/src/core/ext/filters/http/client/http_client_filter.h +31 -0
  131. data/src/core/ext/filters/http/client_authority_filter.cc +156 -0
  132. data/src/core/ext/filters/http/client_authority_filter.h +34 -0
  133. data/src/core/ext/filters/http/http_filters_plugin.cc +89 -0
  134. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +499 -0
  135. data/src/core/ext/filters/http/message_compress/message_compress_filter.h +53 -0
  136. data/src/core/ext/filters/http/server/http_server_filter.cc +434 -0
  137. data/src/core/ext/filters/http/server/http_server_filter.h +29 -0
  138. data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +222 -0
  139. data/src/core/ext/filters/load_reporting/server_load_reporting_filter.h +30 -0
  140. data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +71 -0
  141. data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.h +61 -0
  142. data/src/core/ext/filters/max_age/max_age_filter.cc +543 -0
  143. data/src/core/ext/filters/max_age/max_age_filter.h +26 -0
  144. data/src/core/ext/filters/message_size/message_size_filter.cc +324 -0
  145. data/src/core/ext/filters/message_size/message_size_filter.h +26 -0
  146. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +208 -0
  147. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +27 -0
  148. data/src/core/ext/filters/workarounds/workaround_utils.cc +53 -0
  149. data/src/core/ext/filters/workarounds/workaround_utils.h +39 -0
  150. data/src/core/ext/transport/chttp2/alpn/alpn.cc +44 -0
  151. data/src/core/ext/transport/chttp2/alpn/alpn.h +36 -0
  152. data/src/core/ext/transport/chttp2/client/authority.cc +42 -0
  153. data/src/core/ext/transport/chttp2/client/authority.h +36 -0
  154. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +229 -0
  155. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +28 -0
  156. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +110 -0
  157. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +79 -0
  158. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +230 -0
  159. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +353 -0
  160. data/src/core/ext/transport/chttp2/server/chttp2_server.h +33 -0
  161. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +45 -0
  162. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +74 -0
  163. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +89 -0
  164. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +249 -0
  165. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +56 -0
  166. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +231 -0
  167. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +41 -0
  168. data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +35 -0
  169. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +3102 -0
  170. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +45 -0
  171. data/src/core/ext/transport/chttp2/transport/flow_control.cc +405 -0
  172. data/src/core/ext/transport/chttp2/transport/flow_control.h +482 -0
  173. data/src/core/ext/transport/chttp2/transport/frame.h +47 -0
  174. data/src/core/ext/transport/chttp2/transport/frame_data.cc +314 -0
  175. data/src/core/ext/transport/chttp2/transport/frame_data.h +84 -0
  176. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +186 -0
  177. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +62 -0
  178. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +131 -0
  179. data/src/core/ext/transport/chttp2/transport/frame_ping.h +45 -0
  180. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +112 -0
  181. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +43 -0
  182. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +238 -0
  183. data/src/core/ext/transport/chttp2/transport/frame_settings.h +60 -0
  184. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +122 -0
  185. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +45 -0
  186. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +699 -0
  187. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +95 -0
  188. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +1680 -0
  189. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +109 -0
  190. data/src/core/ext/transport/chttp2/transport/hpack_table.cc +368 -0
  191. data/src/core/ext/transport/chttp2/transport/hpack_table.h +95 -0
  192. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +62 -0
  193. data/src/core/ext/transport/chttp2/transport/http2_settings.h +62 -0
  194. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +92 -0
  195. data/src/core/ext/transport/chttp2/transport/huffsyms.h +33 -0
  196. data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +73 -0
  197. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +49 -0
  198. data/src/core/ext/transport/chttp2/transport/internal.h +799 -0
  199. data/src/core/ext/transport/chttp2/transport/parsing.cc +745 -0
  200. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +216 -0
  201. data/src/core/ext/transport/chttp2/transport/stream_map.cc +167 -0
  202. data/src/core/ext/transport/chttp2/transport/stream_map.h +68 -0
  203. data/src/core/ext/transport/chttp2/transport/varint.cc +56 -0
  204. data/src/core/ext/transport/chttp2/transport/varint.h +60 -0
  205. data/src/core/ext/transport/chttp2/transport/writing.cc +641 -0
  206. data/src/core/ext/transport/inproc/inproc_plugin.cc +28 -0
  207. data/src/core/ext/transport/inproc/inproc_transport.cc +1240 -0
  208. data/src/core/ext/transport/inproc/inproc_transport.h +35 -0
  209. data/src/core/lib/avl/avl.cc +306 -0
  210. data/src/core/lib/avl/avl.h +94 -0
  211. data/src/core/lib/backoff/backoff.cc +78 -0
  212. data/src/core/lib/backoff/backoff.h +89 -0
  213. data/src/core/lib/channel/channel_args.cc +413 -0
  214. data/src/core/lib/channel/channel_args.h +127 -0
  215. data/src/core/lib/channel/channel_stack.cc +258 -0
  216. data/src/core/lib/channel/channel_stack.h +280 -0
  217. data/src/core/lib/channel/channel_stack_builder.cc +314 -0
  218. data/src/core/lib/channel/channel_stack_builder.h +160 -0
  219. data/src/core/lib/channel/channel_trace.cc +239 -0
  220. data/src/core/lib/channel/channel_trace.h +133 -0
  221. data/src/core/lib/channel/channel_trace_registry.cc +80 -0
  222. data/src/core/lib/channel/channel_trace_registry.h +43 -0
  223. data/src/core/lib/channel/connected_channel.cc +236 -0
  224. data/src/core/lib/channel/connected_channel.h +34 -0
  225. data/src/core/lib/channel/context.h +49 -0
  226. data/src/core/lib/channel/handshaker.cc +259 -0
  227. data/src/core/lib/channel/handshaker.h +166 -0
  228. data/src/core/lib/channel/handshaker_factory.cc +41 -0
  229. data/src/core/lib/channel/handshaker_factory.h +50 -0
  230. data/src/core/lib/channel/handshaker_registry.cc +97 -0
  231. data/src/core/lib/channel/handshaker_registry.h +48 -0
  232. data/src/core/lib/channel/status_util.cc +100 -0
  233. data/src/core/lib/channel/status_util.h +58 -0
  234. data/src/core/lib/compression/algorithm_metadata.h +61 -0
  235. data/src/core/lib/compression/compression.cc +174 -0
  236. data/src/core/lib/compression/compression_internal.cc +276 -0
  237. data/src/core/lib/compression/compression_internal.h +88 -0
  238. data/src/core/lib/compression/message_compress.cc +187 -0
  239. data/src/core/lib/compression/message_compress.h +40 -0
  240. data/src/core/lib/compression/stream_compression.cc +79 -0
  241. data/src/core/lib/compression/stream_compression.h +116 -0
  242. data/src/core/lib/compression/stream_compression_gzip.cc +230 -0
  243. data/src/core/lib/compression/stream_compression_gzip.h +28 -0
  244. data/src/core/lib/compression/stream_compression_identity.cc +94 -0
  245. data/src/core/lib/compression/stream_compression_identity.h +29 -0
  246. data/src/core/lib/debug/stats.cc +178 -0
  247. data/src/core/lib/debug/stats.h +61 -0
  248. data/src/core/lib/debug/stats_data.cc +682 -0
  249. data/src/core/lib/debug/stats_data.h +435 -0
  250. data/src/core/lib/debug/trace.cc +144 -0
  251. data/src/core/lib/debug/trace.h +104 -0
  252. data/src/core/lib/gpr/alloc.cc +99 -0
  253. data/src/core/lib/gpr/arena.cc +152 -0
  254. data/src/core/lib/gpr/arena.h +41 -0
  255. data/src/core/lib/gpr/atm.cc +35 -0
  256. data/src/core/lib/gpr/cpu_iphone.cc +36 -0
  257. data/src/core/lib/gpr/cpu_linux.cc +82 -0
  258. data/src/core/lib/gpr/cpu_posix.cc +81 -0
  259. data/src/core/lib/gpr/cpu_windows.cc +33 -0
  260. data/src/core/lib/gpr/env.h +43 -0
  261. data/src/core/lib/gpr/env_linux.cc +82 -0
  262. data/src/core/lib/gpr/env_posix.cc +47 -0
  263. data/src/core/lib/gpr/env_windows.cc +72 -0
  264. data/src/core/lib/gpr/fork.cc +78 -0
  265. data/src/core/lib/gpr/fork.h +35 -0
  266. data/src/core/lib/gpr/host_port.cc +98 -0
  267. data/src/core/lib/gpr/host_port.h +43 -0
  268. data/src/core/lib/gpr/log.cc +96 -0
  269. data/src/core/lib/gpr/log_android.cc +72 -0
  270. data/src/core/lib/gpr/log_linux.cc +93 -0
  271. data/src/core/lib/gpr/log_posix.cc +90 -0
  272. data/src/core/lib/gpr/log_windows.cc +97 -0
  273. data/src/core/lib/gpr/mpscq.cc +117 -0
  274. data/src/core/lib/gpr/mpscq.h +86 -0
  275. data/src/core/lib/gpr/murmur_hash.cc +80 -0
  276. data/src/core/lib/gpr/murmur_hash.h +29 -0
  277. data/src/core/lib/gpr/spinlock.h +46 -0
  278. data/src/core/lib/gpr/string.cc +319 -0
  279. data/src/core/lib/gpr/string.h +109 -0
  280. data/src/core/lib/gpr/string_posix.cc +72 -0
  281. data/src/core/lib/gpr/string_util_windows.cc +82 -0
  282. data/src/core/lib/gpr/string_windows.cc +69 -0
  283. data/src/core/lib/gpr/string_windows.h +32 -0
  284. data/src/core/lib/gpr/sync.cc +124 -0
  285. data/src/core/lib/gpr/sync_posix.cc +107 -0
  286. data/src/core/lib/gpr/sync_windows.cc +118 -0
  287. data/src/core/lib/gpr/time.cc +251 -0
  288. data/src/core/lib/gpr/time_posix.cc +167 -0
  289. data/src/core/lib/gpr/time_precise.cc +78 -0
  290. data/src/core/lib/gpr/time_precise.h +29 -0
  291. data/src/core/lib/gpr/time_windows.cc +98 -0
  292. data/src/core/lib/gpr/tls.h +68 -0
  293. data/src/core/lib/gpr/tls_gcc.h +52 -0
  294. data/src/core/lib/gpr/tls_msvc.h +52 -0
  295. data/src/core/lib/gpr/tls_pthread.cc +30 -0
  296. data/src/core/lib/gpr/tls_pthread.h +56 -0
  297. data/src/core/lib/gpr/tmpfile.h +32 -0
  298. data/src/core/lib/gpr/tmpfile_msys.cc +58 -0
  299. data/src/core/lib/gpr/tmpfile_posix.cc +70 -0
  300. data/src/core/lib/gpr/tmpfile_windows.cc +69 -0
  301. data/src/core/lib/gpr/useful.h +65 -0
  302. data/src/core/lib/gpr/wrap_memcpy.cc +42 -0
  303. data/src/core/lib/gprpp/abstract.h +34 -0
  304. data/src/core/lib/gprpp/atomic.h +30 -0
  305. data/src/core/lib/gprpp/atomic_with_atm.h +57 -0
  306. data/src/core/lib/gprpp/atomic_with_std.h +35 -0
  307. data/src/core/lib/gprpp/debug_location.h +52 -0
  308. data/src/core/lib/gprpp/inlined_vector.h +136 -0
  309. data/src/core/lib/gprpp/manual_constructor.h +213 -0
  310. data/src/core/lib/gprpp/memory.h +111 -0
  311. data/src/core/lib/gprpp/orphanable.h +199 -0
  312. data/src/core/lib/gprpp/ref_counted.h +169 -0
  313. data/src/core/lib/gprpp/ref_counted_ptr.h +112 -0
  314. data/src/core/lib/gprpp/thd.h +135 -0
  315. data/src/core/lib/gprpp/thd_posix.cc +209 -0
  316. data/src/core/lib/gprpp/thd_windows.cc +162 -0
  317. data/src/core/lib/http/format_request.cc +122 -0
  318. data/src/core/lib/http/format_request.h +34 -0
  319. data/src/core/lib/http/httpcli.cc +303 -0
  320. data/src/core/lib/http/httpcli.h +127 -0
  321. data/src/core/lib/http/httpcli_security_connector.cc +202 -0
  322. data/src/core/lib/http/parser.cc +371 -0
  323. data/src/core/lib/http/parser.h +113 -0
  324. data/src/core/lib/iomgr/block_annotate.h +57 -0
  325. data/src/core/lib/iomgr/call_combiner.cc +212 -0
  326. data/src/core/lib/iomgr/call_combiner.h +112 -0
  327. data/src/core/lib/iomgr/closure.h +351 -0
  328. data/src/core/lib/iomgr/combiner.cc +358 -0
  329. data/src/core/lib/iomgr/combiner.h +66 -0
  330. data/src/core/lib/iomgr/endpoint.cc +63 -0
  331. data/src/core/lib/iomgr/endpoint.h +98 -0
  332. data/src/core/lib/iomgr/endpoint_pair.h +34 -0
  333. data/src/core/lib/iomgr/endpoint_pair_posix.cc +73 -0
  334. data/src/core/lib/iomgr/endpoint_pair_uv.cc +40 -0
  335. data/src/core/lib/iomgr/endpoint_pair_windows.cc +87 -0
  336. data/src/core/lib/iomgr/error.cc +793 -0
  337. data/src/core/lib/iomgr/error.h +207 -0
  338. data/src/core/lib/iomgr/error_internal.h +63 -0
  339. data/src/core/lib/iomgr/ev_epoll1_linux.cc +1248 -0
  340. data/src/core/lib/iomgr/ev_epoll1_linux.h +31 -0
  341. data/src/core/lib/iomgr/ev_epollex_linux.cc +1494 -0
  342. data/src/core/lib/iomgr/ev_epollex_linux.h +30 -0
  343. data/src/core/lib/iomgr/ev_epollsig_linux.cc +1735 -0
  344. data/src/core/lib/iomgr/ev_epollsig_linux.h +35 -0
  345. data/src/core/lib/iomgr/ev_poll_posix.cc +1758 -0
  346. data/src/core/lib/iomgr/ev_poll_posix.h +29 -0
  347. data/src/core/lib/iomgr/ev_posix.cc +330 -0
  348. data/src/core/lib/iomgr/ev_posix.h +145 -0
  349. data/src/core/lib/iomgr/ev_windows.cc +30 -0
  350. data/src/core/lib/iomgr/exec_ctx.cc +147 -0
  351. data/src/core/lib/iomgr/exec_ctx.h +210 -0
  352. data/src/core/lib/iomgr/executor.cc +301 -0
  353. data/src/core/lib/iomgr/executor.h +50 -0
  354. data/src/core/lib/iomgr/fork_posix.cc +89 -0
  355. data/src/core/lib/iomgr/fork_windows.cc +41 -0
  356. data/src/core/lib/iomgr/gethostname.h +26 -0
  357. data/src/core/lib/iomgr/gethostname_fallback.cc +30 -0
  358. data/src/core/lib/iomgr/gethostname_host_name_max.cc +40 -0
  359. data/src/core/lib/iomgr/gethostname_sysconf.cc +40 -0
  360. data/src/core/lib/iomgr/iocp_windows.cc +152 -0
  361. data/src/core/lib/iomgr/iocp_windows.h +48 -0
  362. data/src/core/lib/iomgr/iomgr.cc +178 -0
  363. data/src/core/lib/iomgr/iomgr.h +36 -0
  364. data/src/core/lib/iomgr/iomgr_custom.cc +63 -0
  365. data/src/core/lib/iomgr/iomgr_custom.h +47 -0
  366. data/src/core/lib/iomgr/iomgr_internal.cc +43 -0
  367. data/src/core/lib/iomgr/iomgr_internal.h +57 -0
  368. data/src/core/lib/iomgr/iomgr_posix.cc +67 -0
  369. data/src/core/lib/iomgr/iomgr_posix.h +26 -0
  370. data/src/core/lib/iomgr/iomgr_uv.cc +40 -0
  371. data/src/core/lib/iomgr/iomgr_windows.cc +87 -0
  372. data/src/core/lib/iomgr/is_epollexclusive_available.cc +104 -0
  373. data/src/core/lib/iomgr/is_epollexclusive_available.h +36 -0
  374. data/src/core/lib/iomgr/load_file.cc +80 -0
  375. data/src/core/lib/iomgr/load_file.h +35 -0
  376. data/src/core/lib/iomgr/lockfree_event.cc +250 -0
  377. data/src/core/lib/iomgr/lockfree_event.h +72 -0
  378. data/src/core/lib/iomgr/nameser.h +106 -0
  379. data/src/core/lib/iomgr/network_status_tracker.cc +36 -0
  380. data/src/core/lib/iomgr/network_status_tracker.h +32 -0
  381. data/src/core/lib/iomgr/polling_entity.cc +87 -0
  382. data/src/core/lib/iomgr/polling_entity.h +68 -0
  383. data/src/core/lib/iomgr/pollset.cc +56 -0
  384. data/src/core/lib/iomgr/pollset.h +99 -0
  385. data/src/core/lib/iomgr/pollset_custom.cc +106 -0
  386. data/src/core/lib/iomgr/pollset_custom.h +35 -0
  387. data/src/core/lib/iomgr/pollset_set.cc +55 -0
  388. data/src/core/lib/iomgr/pollset_set.h +55 -0
  389. data/src/core/lib/iomgr/pollset_set_custom.cc +48 -0
  390. data/src/core/lib/iomgr/pollset_set_custom.h +26 -0
  391. data/src/core/lib/iomgr/pollset_set_windows.cc +51 -0
  392. data/src/core/lib/iomgr/pollset_set_windows.h +26 -0
  393. data/src/core/lib/iomgr/pollset_uv.cc +93 -0
  394. data/src/core/lib/iomgr/pollset_windows.cc +229 -0
  395. data/src/core/lib/iomgr/pollset_windows.h +70 -0
  396. data/src/core/lib/iomgr/port.h +147 -0
  397. data/src/core/lib/iomgr/resolve_address.cc +50 -0
  398. data/src/core/lib/iomgr/resolve_address.h +83 -0
  399. data/src/core/lib/iomgr/resolve_address_custom.cc +187 -0
  400. data/src/core/lib/iomgr/resolve_address_custom.h +43 -0
  401. data/src/core/lib/iomgr/resolve_address_posix.cc +180 -0
  402. data/src/core/lib/iomgr/resolve_address_windows.cc +165 -0
  403. data/src/core/lib/iomgr/resource_quota.cc +871 -0
  404. data/src/core/lib/iomgr/resource_quota.h +142 -0
  405. data/src/core/lib/iomgr/sockaddr.h +32 -0
  406. data/src/core/lib/iomgr/sockaddr_custom.h +54 -0
  407. data/src/core/lib/iomgr/sockaddr_posix.h +55 -0
  408. data/src/core/lib/iomgr/sockaddr_utils.cc +298 -0
  409. data/src/core/lib/iomgr/sockaddr_utils.h +84 -0
  410. data/src/core/lib/iomgr/sockaddr_windows.h +55 -0
  411. data/src/core/lib/iomgr/socket_factory_posix.cc +94 -0
  412. data/src/core/lib/iomgr/socket_factory_posix.h +69 -0
  413. data/src/core/lib/iomgr/socket_mutator.cc +83 -0
  414. data/src/core/lib/iomgr/socket_mutator.h +61 -0
  415. data/src/core/lib/iomgr/socket_utils.h +38 -0
  416. data/src/core/lib/iomgr/socket_utils_common_posix.cc +327 -0
  417. data/src/core/lib/iomgr/socket_utils_linux.cc +43 -0
  418. data/src/core/lib/iomgr/socket_utils_posix.cc +59 -0
  419. data/src/core/lib/iomgr/socket_utils_posix.h +134 -0
  420. data/src/core/lib/iomgr/socket_utils_uv.cc +45 -0
  421. data/src/core/lib/iomgr/socket_utils_windows.cc +43 -0
  422. data/src/core/lib/iomgr/socket_windows.cc +151 -0
  423. data/src/core/lib/iomgr/socket_windows.h +113 -0
  424. data/src/core/lib/iomgr/sys_epoll_wrapper.h +30 -0
  425. data/src/core/lib/iomgr/tcp_client.cc +36 -0
  426. data/src/core/lib/iomgr/tcp_client.h +52 -0
  427. data/src/core/lib/iomgr/tcp_client_custom.cc +151 -0
  428. data/src/core/lib/iomgr/tcp_client_posix.cc +359 -0
  429. data/src/core/lib/iomgr/tcp_client_posix.h +68 -0
  430. data/src/core/lib/iomgr/tcp_client_windows.cc +231 -0
  431. data/src/core/lib/iomgr/tcp_custom.cc +365 -0
  432. data/src/core/lib/iomgr/tcp_custom.h +81 -0
  433. data/src/core/lib/iomgr/tcp_posix.cc +814 -0
  434. data/src/core/lib/iomgr/tcp_posix.h +57 -0
  435. data/src/core/lib/iomgr/tcp_server.cc +73 -0
  436. data/src/core/lib/iomgr/tcp_server.h +122 -0
  437. data/src/core/lib/iomgr/tcp_server_custom.cc +472 -0
  438. data/src/core/lib/iomgr/tcp_server_posix.cc +582 -0
  439. data/src/core/lib/iomgr/tcp_server_utils_posix.h +122 -0
  440. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +208 -0
  441. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +184 -0
  442. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +36 -0
  443. data/src/core/lib/iomgr/tcp_server_windows.cc +559 -0
  444. data/src/core/lib/iomgr/tcp_uv.cc +417 -0
  445. data/src/core/lib/iomgr/tcp_windows.cc +455 -0
  446. data/src/core/lib/iomgr/tcp_windows.h +51 -0
  447. data/src/core/lib/iomgr/time_averaged_stats.cc +64 -0
  448. data/src/core/lib/iomgr/time_averaged_stats.h +73 -0
  449. data/src/core/lib/iomgr/timer.cc +45 -0
  450. data/src/core/lib/iomgr/timer.h +125 -0
  451. data/src/core/lib/iomgr/timer_custom.cc +93 -0
  452. data/src/core/lib/iomgr/timer_custom.h +43 -0
  453. data/src/core/lib/iomgr/timer_generic.cc +663 -0
  454. data/src/core/lib/iomgr/timer_heap.cc +135 -0
  455. data/src/core/lib/iomgr/timer_heap.h +44 -0
  456. data/src/core/lib/iomgr/timer_manager.cc +347 -0
  457. data/src/core/lib/iomgr/timer_manager.h +39 -0
  458. data/src/core/lib/iomgr/timer_uv.cc +63 -0
  459. data/src/core/lib/iomgr/udp_server.cc +692 -0
  460. data/src/core/lib/iomgr/udp_server.h +103 -0
  461. data/src/core/lib/iomgr/unix_sockets_posix.cc +104 -0
  462. data/src/core/lib/iomgr/unix_sockets_posix.h +43 -0
  463. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +49 -0
  464. data/src/core/lib/iomgr/wakeup_fd_cv.cc +107 -0
  465. data/src/core/lib/iomgr/wakeup_fd_cv.h +69 -0
  466. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +83 -0
  467. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +38 -0
  468. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +100 -0
  469. data/src/core/lib/iomgr/wakeup_fd_pipe.h +28 -0
  470. data/src/core/lib/iomgr/wakeup_fd_posix.cc +87 -0
  471. data/src/core/lib/iomgr/wakeup_fd_posix.h +96 -0
  472. data/src/core/lib/json/json.cc +86 -0
  473. data/src/core/lib/json/json.h +94 -0
  474. data/src/core/lib/json/json_common.h +34 -0
  475. data/src/core/lib/json/json_reader.cc +663 -0
  476. data/src/core/lib/json/json_reader.h +146 -0
  477. data/src/core/lib/json/json_string.cc +367 -0
  478. data/src/core/lib/json/json_writer.cc +245 -0
  479. data/src/core/lib/json/json_writer.h +84 -0
  480. data/src/core/lib/profiling/basic_timers.cc +286 -0
  481. data/src/core/lib/profiling/stap_timers.cc +50 -0
  482. data/src/core/lib/profiling/timers.h +94 -0
  483. data/src/core/lib/security/context/security_context.cc +348 -0
  484. data/src/core/lib/security/context/security_context.h +115 -0
  485. data/src/core/lib/security/credentials/alts/alts_credentials.cc +119 -0
  486. data/src/core/lib/security/credentials/alts/alts_credentials.h +102 -0
  487. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +72 -0
  488. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +57 -0
  489. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +67 -0
  490. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +33 -0
  491. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +114 -0
  492. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +126 -0
  493. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +46 -0
  494. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +112 -0
  495. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +58 -0
  496. data/src/core/lib/security/credentials/composite/composite_credentials.cc +269 -0
  497. data/src/core/lib/security/credentials/composite/composite_credentials.h +59 -0
  498. data/src/core/lib/security/credentials/credentials.cc +286 -0
  499. data/src/core/lib/security/credentials/credentials.h +246 -0
  500. data/src/core/lib/security/credentials/credentials_metadata.cc +62 -0
  501. data/src/core/lib/security/credentials/fake/fake_credentials.cc +136 -0
  502. data/src/core/lib/security/credentials/fake/fake_credentials.h +64 -0
  503. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +41 -0
  504. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +322 -0
  505. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +45 -0
  506. data/src/core/lib/security/credentials/iam/iam_credentials.cc +86 -0
  507. data/src/core/lib/security/credentials/iam/iam_credentials.h +31 -0
  508. data/src/core/lib/security/credentials/jwt/json_token.cc +314 -0
  509. data/src/core/lib/security/credentials/jwt/json_token.h +75 -0
  510. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +190 -0
  511. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +49 -0
  512. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +934 -0
  513. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +123 -0
  514. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +532 -0
  515. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +106 -0
  516. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +271 -0
  517. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +46 -0
  518. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +349 -0
  519. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +54 -0
  520. data/src/core/lib/security/security_connector/alts_security_connector.cc +287 -0
  521. data/src/core/lib/security/security_connector/alts_security_connector.h +69 -0
  522. data/src/core/lib/security/security_connector/security_connector.cc +1200 -0
  523. data/src/core/lib/security/security_connector/security_connector.h +283 -0
  524. data/src/core/lib/security/transport/auth_filters.h +37 -0
  525. data/src/core/lib/security/transport/client_auth_filter.cc +418 -0
  526. data/src/core/lib/security/transport/secure_endpoint.cc +429 -0
  527. data/src/core/lib/security/transport/secure_endpoint.h +41 -0
  528. data/src/core/lib/security/transport/security_handshaker.cc +526 -0
  529. data/src/core/lib/security/transport/security_handshaker.h +34 -0
  530. data/src/core/lib/security/transport/server_auth_filter.cc +269 -0
  531. data/src/core/lib/security/transport/target_authority_table.cc +75 -0
  532. data/src/core/lib/security/transport/target_authority_table.h +40 -0
  533. data/src/core/lib/security/transport/tsi_error.cc +29 -0
  534. data/src/core/lib/security/transport/tsi_error.h +29 -0
  535. data/src/core/lib/security/util/json_util.cc +48 -0
  536. data/src/core/lib/security/util/json_util.h +42 -0
  537. data/src/core/lib/slice/b64.cc +240 -0
  538. data/src/core/lib/slice/b64.h +51 -0
  539. data/src/core/lib/slice/percent_encoding.cc +169 -0
  540. data/src/core/lib/slice/percent_encoding.h +65 -0
  541. data/src/core/lib/slice/slice.cc +489 -0
  542. data/src/core/lib/slice/slice_buffer.cc +359 -0
  543. data/src/core/lib/slice/slice_hash_table.h +201 -0
  544. data/src/core/lib/slice/slice_intern.cc +332 -0
  545. data/src/core/lib/slice/slice_internal.h +49 -0
  546. data/src/core/lib/slice/slice_string_helpers.cc +118 -0
  547. data/src/core/lib/slice/slice_string_helpers.h +47 -0
  548. data/src/core/lib/slice/slice_weak_hash_table.h +105 -0
  549. data/src/core/lib/surface/api_trace.cc +24 -0
  550. data/src/core/lib/surface/api_trace.h +52 -0
  551. data/src/core/lib/surface/byte_buffer.cc +92 -0
  552. data/src/core/lib/surface/byte_buffer_reader.cc +129 -0
  553. data/src/core/lib/surface/call.cc +2002 -0
  554. data/src/core/lib/surface/call.h +109 -0
  555. data/src/core/lib/surface/call_details.cc +42 -0
  556. data/src/core/lib/surface/call_log_batch.cc +120 -0
  557. data/src/core/lib/surface/call_test_only.h +43 -0
  558. data/src/core/lib/surface/channel.cc +450 -0
  559. data/src/core/lib/surface/channel.h +83 -0
  560. data/src/core/lib/surface/channel_init.cc +109 -0
  561. data/src/core/lib/surface/channel_init.h +73 -0
  562. data/src/core/lib/surface/channel_ping.cc +65 -0
  563. data/src/core/lib/surface/channel_stack_type.cc +58 -0
  564. data/src/core/lib/surface/channel_stack_type.h +47 -0
  565. data/src/core/lib/surface/completion_queue.cc +1262 -0
  566. data/src/core/lib/surface/completion_queue.h +93 -0
  567. data/src/core/lib/surface/completion_queue_factory.cc +79 -0
  568. data/src/core/lib/surface/completion_queue_factory.h +38 -0
  569. data/src/core/lib/surface/event_string.cc +68 -0
  570. data/src/core/lib/surface/event_string.h +29 -0
  571. data/src/core/lib/surface/init.cc +196 -0
  572. data/src/core/lib/surface/init.h +27 -0
  573. data/src/core/lib/surface/init_secure.cc +81 -0
  574. data/src/core/lib/surface/lame_client.cc +180 -0
  575. data/src/core/lib/surface/lame_client.h +28 -0
  576. data/src/core/lib/surface/metadata_array.cc +36 -0
  577. data/src/core/lib/surface/server.cc +1445 -0
  578. data/src/core/lib/surface/server.h +58 -0
  579. data/src/core/lib/surface/validate_metadata.cc +95 -0
  580. data/src/core/lib/surface/validate_metadata.h +30 -0
  581. data/src/core/lib/surface/version.cc +28 -0
  582. data/src/core/lib/transport/bdp_estimator.cc +87 -0
  583. data/src/core/lib/transport/bdp_estimator.h +94 -0
  584. data/src/core/lib/transport/byte_stream.cc +160 -0
  585. data/src/core/lib/transport/byte_stream.h +164 -0
  586. data/src/core/lib/transport/connectivity_state.cc +196 -0
  587. data/src/core/lib/transport/connectivity_state.h +87 -0
  588. data/src/core/lib/transport/error_utils.cc +118 -0
  589. data/src/core/lib/transport/error_utils.h +46 -0
  590. data/src/core/lib/transport/http2_errors.h +41 -0
  591. data/src/core/lib/transport/metadata.cc +539 -0
  592. data/src/core/lib/transport/metadata.h +165 -0
  593. data/src/core/lib/transport/metadata_batch.cc +329 -0
  594. data/src/core/lib/transport/metadata_batch.h +150 -0
  595. data/src/core/lib/transport/pid_controller.cc +51 -0
  596. data/src/core/lib/transport/pid_controller.h +116 -0
  597. data/src/core/lib/transport/service_config.cc +106 -0
  598. data/src/core/lib/transport/service_config.h +249 -0
  599. data/src/core/lib/transport/static_metadata.cc +601 -0
  600. data/src/core/lib/transport/static_metadata.h +603 -0
  601. data/src/core/lib/transport/status_conversion.cc +100 -0
  602. data/src/core/lib/transport/status_conversion.h +38 -0
  603. data/src/core/lib/transport/status_metadata.cc +54 -0
  604. data/src/core/lib/transport/status_metadata.h +30 -0
  605. data/src/core/lib/transport/timeout_encoding.cc +144 -0
  606. data/src/core/lib/transport/timeout_encoding.h +37 -0
  607. data/src/core/lib/transport/transport.cc +278 -0
  608. data/src/core/lib/transport/transport.h +378 -0
  609. data/src/core/lib/transport/transport_impl.h +71 -0
  610. data/src/core/lib/transport/transport_op_string.cc +214 -0
  611. data/src/core/plugin_registry/grpc_plugin_registry.cc +97 -0
  612. data/src/core/tsi/alts/crypt/aes_gcm.cc +687 -0
  613. data/src/core/tsi/alts/crypt/gsec.cc +189 -0
  614. data/src/core/tsi/alts/crypt/gsec.h +454 -0
  615. data/src/core/tsi/alts/frame_protector/alts_counter.cc +118 -0
  616. data/src/core/tsi/alts/frame_protector/alts_counter.h +98 -0
  617. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +66 -0
  618. data/src/core/tsi/alts/frame_protector/alts_crypter.h +255 -0
  619. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +407 -0
  620. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +55 -0
  621. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +114 -0
  622. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +114 -0
  623. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +105 -0
  624. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +103 -0
  625. data/src/core/tsi/alts/frame_protector/frame_handler.cc +218 -0
  626. data/src/core/tsi/alts/frame_protector/frame_handler.h +236 -0
  627. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +316 -0
  628. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +137 -0
  629. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc +520 -0
  630. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h +323 -0
  631. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc +143 -0
  632. data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h +149 -0
  633. data/src/core/tsi/alts/handshaker/alts_tsi_event.cc +73 -0
  634. data/src/core/tsi/alts/handshaker/alts_tsi_event.h +93 -0
  635. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +483 -0
  636. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +83 -0
  637. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +52 -0
  638. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +58 -0
  639. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +52 -0
  640. data/src/core/tsi/alts/handshaker/altscontext.pb.c +48 -0
  641. data/src/core/tsi/alts/handshaker/altscontext.pb.h +64 -0
  642. data/src/core/tsi/alts/handshaker/handshaker.pb.c +123 -0
  643. data/src/core/tsi/alts/handshaker/handshaker.pb.h +255 -0
  644. data/src/core/tsi/alts/handshaker/transport_security_common.pb.c +50 -0
  645. data/src/core/tsi/alts/handshaker/transport_security_common.pb.h +78 -0
  646. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +196 -0
  647. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +163 -0
  648. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +180 -0
  649. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +52 -0
  650. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +144 -0
  651. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +49 -0
  652. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +91 -0
  653. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +174 -0
  654. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +100 -0
  655. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +476 -0
  656. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +199 -0
  657. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +296 -0
  658. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +52 -0
  659. data/src/core/tsi/alts_transport_security.cc +63 -0
  660. data/src/core/tsi/alts_transport_security.h +47 -0
  661. data/src/core/tsi/fake_transport_security.cc +787 -0
  662. data/src/core/tsi/fake_transport_security.h +45 -0
  663. data/src/core/tsi/ssl/session_cache/ssl_session.h +73 -0
  664. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +58 -0
  665. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +211 -0
  666. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +93 -0
  667. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +76 -0
  668. data/src/core/tsi/ssl_transport_security.cc +1831 -0
  669. data/src/core/tsi/ssl_transport_security.h +314 -0
  670. data/src/core/tsi/ssl_types.h +42 -0
  671. data/src/core/tsi/transport_security.cc +326 -0
  672. data/src/core/tsi/transport_security.h +127 -0
  673. data/src/core/tsi/transport_security_adapter.cc +235 -0
  674. data/src/core/tsi/transport_security_adapter.h +41 -0
  675. data/src/core/tsi/transport_security_grpc.cc +66 -0
  676. data/src/core/tsi/transport_security_grpc.h +74 -0
  677. data/src/core/tsi/transport_security_interface.h +454 -0
  678. data/src/ruby/bin/apis/google/protobuf/empty.rb +29 -0
  679. data/src/ruby/bin/apis/pubsub_demo.rb +241 -0
  680. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +159 -0
  681. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +88 -0
  682. data/src/ruby/bin/math_client.rb +132 -0
  683. data/src/ruby/bin/math_pb.rb +32 -0
  684. data/src/ruby/bin/math_server.rb +191 -0
  685. data/src/ruby/bin/math_services_pb.rb +51 -0
  686. data/src/ruby/bin/noproto_client.rb +93 -0
  687. data/src/ruby/bin/noproto_server.rb +97 -0
  688. data/src/ruby/ext/grpc/extconf.rb +118 -0
  689. data/src/ruby/ext/grpc/rb_byte_buffer.c +64 -0
  690. data/src/ruby/ext/grpc/rb_byte_buffer.h +35 -0
  691. data/src/ruby/ext/grpc/rb_call.c +1041 -0
  692. data/src/ruby/ext/grpc/rb_call.h +53 -0
  693. data/src/ruby/ext/grpc/rb_call_credentials.c +290 -0
  694. data/src/ruby/ext/grpc/rb_call_credentials.h +31 -0
  695. data/src/ruby/ext/grpc/rb_channel.c +828 -0
  696. data/src/ruby/ext/grpc/rb_channel.h +34 -0
  697. data/src/ruby/ext/grpc/rb_channel_args.c +155 -0
  698. data/src/ruby/ext/grpc/rb_channel_args.h +38 -0
  699. data/src/ruby/ext/grpc/rb_channel_credentials.c +263 -0
  700. data/src/ruby/ext/grpc/rb_channel_credentials.h +32 -0
  701. data/src/ruby/ext/grpc/rb_completion_queue.c +100 -0
  702. data/src/ruby/ext/grpc/rb_completion_queue.h +36 -0
  703. data/src/ruby/ext/grpc/rb_compression_options.c +468 -0
  704. data/src/ruby/ext/grpc/rb_compression_options.h +29 -0
  705. data/src/ruby/ext/grpc/rb_event_thread.c +141 -0
  706. data/src/ruby/ext/grpc/rb_event_thread.h +21 -0
  707. data/src/ruby/ext/grpc/rb_grpc.c +340 -0
  708. data/src/ruby/ext/grpc/rb_grpc.h +72 -0
  709. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +507 -0
  710. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +766 -0
  711. data/src/ruby/ext/grpc/rb_loader.c +57 -0
  712. data/src/ruby/ext/grpc/rb_loader.h +25 -0
  713. data/src/ruby/ext/grpc/rb_server.c +366 -0
  714. data/src/ruby/ext/grpc/rb_server.h +32 -0
  715. data/src/ruby/ext/grpc/rb_server_credentials.c +243 -0
  716. data/src/ruby/ext/grpc/rb_server_credentials.h +32 -0
  717. data/src/ruby/lib/grpc/core/time_consts.rb +56 -0
  718. data/src/ruby/lib/grpc/errors.rb +201 -0
  719. data/src/ruby/lib/grpc/generic/active_call.rb +674 -0
  720. data/src/ruby/lib/grpc/generic/bidi_call.rb +233 -0
  721. data/src/ruby/lib/grpc/generic/client_stub.rb +501 -0
  722. data/src/ruby/lib/grpc/generic/interceptor_registry.rb +53 -0
  723. data/src/ruby/lib/grpc/generic/interceptors.rb +186 -0
  724. data/src/ruby/lib/grpc/generic/rpc_desc.rb +204 -0
  725. data/src/ruby/lib/grpc/generic/rpc_server.rb +490 -0
  726. data/src/ruby/lib/grpc/generic/service.rb +210 -0
  727. data/src/ruby/lib/grpc/google_rpc_status_utils.rb +35 -0
  728. data/src/ruby/lib/grpc/grpc.rb +24 -0
  729. data/src/ruby/lib/grpc/logconfig.rb +44 -0
  730. data/src/ruby/lib/grpc/notifier.rb +45 -0
  731. data/src/ruby/lib/grpc/version.rb +18 -0
  732. data/src/ruby/lib/grpc.rb +35 -0
  733. data/src/ruby/pb/README.md +42 -0
  734. data/src/ruby/pb/generate_proto_ruby.sh +43 -0
  735. data/src/ruby/pb/grpc/health/checker.rb +76 -0
  736. data/src/ruby/pb/grpc/health/v1/health_pb.rb +28 -0
  737. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +41 -0
  738. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +44 -0
  739. data/src/ruby/pb/grpc/testing/metrics_pb.rb +28 -0
  740. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +49 -0
  741. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +15 -0
  742. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +82 -0
  743. data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +14 -0
  744. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +102 -0
  745. data/src/ruby/pb/test/client.rb +764 -0
  746. data/src/ruby/pb/test/server.rb +252 -0
  747. data/src/ruby/spec/call_credentials_spec.rb +42 -0
  748. data/src/ruby/spec/call_spec.rb +180 -0
  749. data/src/ruby/spec/channel_connection_spec.rb +126 -0
  750. data/src/ruby/spec/channel_credentials_spec.rb +82 -0
  751. data/src/ruby/spec/channel_spec.rb +190 -0
  752. data/src/ruby/spec/client_auth_spec.rb +137 -0
  753. data/src/ruby/spec/client_server_spec.rb +664 -0
  754. data/src/ruby/spec/compression_options_spec.rb +149 -0
  755. data/src/ruby/spec/error_sanity_spec.rb +49 -0
  756. data/src/ruby/spec/generic/active_call_spec.rb +672 -0
  757. data/src/ruby/spec/generic/client_interceptors_spec.rb +153 -0
  758. data/src/ruby/spec/generic/client_stub_spec.rb +1067 -0
  759. data/src/ruby/spec/generic/interceptor_registry_spec.rb +65 -0
  760. data/src/ruby/spec/generic/rpc_desc_spec.rb +374 -0
  761. data/src/ruby/spec/generic/rpc_server_pool_spec.rb +127 -0
  762. data/src/ruby/spec/generic/rpc_server_spec.rb +726 -0
  763. data/src/ruby/spec/generic/server_interceptors_spec.rb +218 -0
  764. data/src/ruby/spec/generic/service_spec.rb +261 -0
  765. data/src/ruby/spec/google_rpc_status_utils_spec.rb +293 -0
  766. data/src/ruby/spec/pb/duplicate/codegen_spec.rb +56 -0
  767. data/src/ruby/spec/pb/health/checker_spec.rb +236 -0
  768. data/src/ruby/spec/pb/package_with_underscore/checker_spec.rb +54 -0
  769. data/src/ruby/spec/pb/package_with_underscore/data.proto +23 -0
  770. data/src/ruby/spec/pb/package_with_underscore/service.proto +23 -0
  771. data/src/ruby/spec/server_credentials_spec.rb +79 -0
  772. data/src/ruby/spec/server_spec.rb +209 -0
  773. data/src/ruby/spec/spec_helper.rb +60 -0
  774. data/src/ruby/spec/support/helpers.rb +107 -0
  775. data/src/ruby/spec/support/services.rb +147 -0
  776. data/src/ruby/spec/testdata/README +1 -0
  777. data/src/ruby/spec/testdata/ca.pem +15 -0
  778. data/src/ruby/spec/testdata/client.key +16 -0
  779. data/src/ruby/spec/testdata/client.pem +14 -0
  780. data/src/ruby/spec/testdata/server1.key +16 -0
  781. data/src/ruby/spec/testdata/server1.pem +16 -0
  782. data/src/ruby/spec/time_consts_spec.rb +74 -0
  783. data/third_party/address_sorting/address_sorting.c +369 -0
  784. data/third_party/address_sorting/address_sorting_internal.h +70 -0
  785. data/third_party/address_sorting/address_sorting_posix.c +97 -0
  786. data/third_party/address_sorting/address_sorting_windows.c +55 -0
  787. data/third_party/address_sorting/include/address_sorting/address_sorting.h +110 -0
  788. data/third_party/boringssl/crypto/asn1/a_bitstr.c +271 -0
  789. data/third_party/boringssl/crypto/asn1/a_bool.c +110 -0
  790. data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +297 -0
  791. data/third_party/boringssl/crypto/asn1/a_dup.c +111 -0
  792. data/third_party/boringssl/crypto/asn1/a_enum.c +195 -0
  793. data/third_party/boringssl/crypto/asn1/a_gentm.c +261 -0
  794. data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +150 -0
  795. data/third_party/boringssl/crypto/asn1/a_int.c +474 -0
  796. data/third_party/boringssl/crypto/asn1/a_mbstr.c +409 -0
  797. data/third_party/boringssl/crypto/asn1/a_object.c +275 -0
  798. data/third_party/boringssl/crypto/asn1/a_octet.c +77 -0
  799. data/third_party/boringssl/crypto/asn1/a_print.c +93 -0
  800. data/third_party/boringssl/crypto/asn1/a_strnid.c +312 -0
  801. data/third_party/boringssl/crypto/asn1/a_time.c +213 -0
  802. data/third_party/boringssl/crypto/asn1/a_type.c +151 -0
  803. data/third_party/boringssl/crypto/asn1/a_utctm.c +303 -0
  804. data/third_party/boringssl/crypto/asn1/a_utf8.c +234 -0
  805. data/third_party/boringssl/crypto/asn1/asn1_lib.c +442 -0
  806. data/third_party/boringssl/crypto/asn1/asn1_locl.h +101 -0
  807. data/third_party/boringssl/crypto/asn1/asn1_par.c +80 -0
  808. data/third_party/boringssl/crypto/asn1/asn_pack.c +105 -0
  809. data/third_party/boringssl/crypto/asn1/f_enum.c +93 -0
  810. data/third_party/boringssl/crypto/asn1/f_int.c +97 -0
  811. data/third_party/boringssl/crypto/asn1/f_string.c +91 -0
  812. data/third_party/boringssl/crypto/asn1/tasn_dec.c +1223 -0
  813. data/third_party/boringssl/crypto/asn1/tasn_enc.c +662 -0
  814. data/third_party/boringssl/crypto/asn1/tasn_fre.c +244 -0
  815. data/third_party/boringssl/crypto/asn1/tasn_new.c +387 -0
  816. data/third_party/boringssl/crypto/asn1/tasn_typ.c +131 -0
  817. data/third_party/boringssl/crypto/asn1/tasn_utl.c +280 -0
  818. data/third_party/boringssl/crypto/asn1/time_support.c +206 -0
  819. data/third_party/boringssl/crypto/base64/base64.c +466 -0
  820. data/third_party/boringssl/crypto/bio/bio.c +636 -0
  821. data/third_party/boringssl/crypto/bio/bio_mem.c +330 -0
  822. data/third_party/boringssl/crypto/bio/connect.c +542 -0
  823. data/third_party/boringssl/crypto/bio/fd.c +275 -0
  824. data/third_party/boringssl/crypto/bio/file.c +313 -0
  825. data/third_party/boringssl/crypto/bio/hexdump.c +192 -0
  826. data/third_party/boringssl/crypto/bio/internal.h +111 -0
  827. data/third_party/boringssl/crypto/bio/pair.c +489 -0
  828. data/third_party/boringssl/crypto/bio/printf.c +115 -0
  829. data/third_party/boringssl/crypto/bio/socket.c +202 -0
  830. data/third_party/boringssl/crypto/bio/socket_helper.c +114 -0
  831. data/third_party/boringssl/crypto/bn_extra/bn_asn1.c +64 -0
  832. data/third_party/boringssl/crypto/bn_extra/convert.c +465 -0
  833. data/third_party/boringssl/crypto/buf/buf.c +231 -0
  834. data/third_party/boringssl/crypto/bytestring/asn1_compat.c +52 -0
  835. data/third_party/boringssl/crypto/bytestring/ber.c +264 -0
  836. data/third_party/boringssl/crypto/bytestring/cbb.c +568 -0
  837. data/third_party/boringssl/crypto/bytestring/cbs.c +487 -0
  838. data/third_party/boringssl/crypto/bytestring/internal.h +75 -0
  839. data/third_party/boringssl/crypto/chacha/chacha.c +167 -0
  840. data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +114 -0
  841. data/third_party/boringssl/crypto/cipher_extra/derive_key.c +152 -0
  842. data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
  843. data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
  844. data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
  845. data/third_party/boringssl/crypto/cipher_extra/e_null.c +85 -0
  846. data/third_party/boringssl/crypto/cipher_extra/e_rc2.c +460 -0
  847. data/third_party/boringssl/crypto/cipher_extra/e_rc4.c +87 -0
  848. data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +460 -0
  849. data/third_party/boringssl/crypto/cipher_extra/e_tls.c +681 -0
  850. data/third_party/boringssl/crypto/cipher_extra/internal.h +128 -0
  851. data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
  852. data/third_party/boringssl/crypto/cmac/cmac.c +241 -0
  853. data/third_party/boringssl/crypto/conf/conf.c +803 -0
  854. data/third_party/boringssl/crypto/conf/conf_def.h +127 -0
  855. data/third_party/boringssl/crypto/conf/internal.h +31 -0
  856. data/third_party/boringssl/crypto/cpu-aarch64-linux.c +61 -0
  857. data/third_party/boringssl/crypto/cpu-arm-linux.c +363 -0
  858. data/third_party/boringssl/crypto/cpu-arm.c +38 -0
  859. data/third_party/boringssl/crypto/cpu-intel.c +288 -0
  860. data/third_party/boringssl/crypto/cpu-ppc64le.c +38 -0
  861. data/third_party/boringssl/crypto/crypto.c +198 -0
  862. data/third_party/boringssl/crypto/curve25519/spake25519.c +539 -0
  863. data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +247 -0
  864. data/third_party/boringssl/crypto/dh/check.c +217 -0
  865. data/third_party/boringssl/crypto/dh/dh.c +519 -0
  866. data/third_party/boringssl/crypto/dh/dh_asn1.c +160 -0
  867. data/third_party/boringssl/crypto/dh/params.c +93 -0
  868. data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
  869. data/third_party/boringssl/crypto/dsa/dsa.c +984 -0
  870. data/third_party/boringssl/crypto/dsa/dsa_asn1.c +339 -0
  871. data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +563 -0
  872. data/third_party/boringssl/crypto/ecdh/ecdh.c +161 -0
  873. data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +275 -0
  874. data/third_party/boringssl/crypto/engine/engine.c +98 -0
  875. data/third_party/boringssl/crypto/err/err.c +847 -0
  876. data/third_party/boringssl/crypto/err/internal.h +58 -0
  877. data/third_party/boringssl/crypto/evp/digestsign.c +231 -0
  878. data/third_party/boringssl/crypto/evp/evp.c +362 -0
  879. data/third_party/boringssl/crypto/evp/evp_asn1.c +337 -0
  880. data/third_party/boringssl/crypto/evp/evp_ctx.c +446 -0
  881. data/third_party/boringssl/crypto/evp/internal.h +252 -0
  882. data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +268 -0
  883. data/third_party/boringssl/crypto/evp/p_ec.c +239 -0
  884. data/third_party/boringssl/crypto/evp/p_ec_asn1.c +256 -0
  885. data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
  886. data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
  887. data/third_party/boringssl/crypto/evp/p_rsa.c +634 -0
  888. data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +189 -0
  889. data/third_party/boringssl/crypto/evp/pbkdf.c +146 -0
  890. data/third_party/boringssl/crypto/evp/print.c +489 -0
  891. data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
  892. data/third_party/boringssl/crypto/evp/sign.c +151 -0
  893. data/third_party/boringssl/crypto/ex_data.c +261 -0
  894. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +1100 -0
  895. data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
  896. data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +138 -0
  897. data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +112 -0
  898. data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
  899. data/third_party/boringssl/crypto/fipsmodule/bn/add.c +371 -0
  900. data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +540 -0
  901. data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +370 -0
  902. data/third_party/boringssl/crypto/fipsmodule/bn/bytes.c +269 -0
  903. data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +254 -0
  904. data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +303 -0
  905. data/third_party/boringssl/crypto/fipsmodule/bn/div.c +733 -0
  906. data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +1390 -0
  907. data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +627 -0
  908. data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +710 -0
  909. data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +413 -0
  910. data/third_party/boringssl/crypto/fipsmodule/bn/jacobi.c +146 -0
  911. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +483 -0
  912. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +207 -0
  913. data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +902 -0
  914. data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +894 -0
  915. data/third_party/boringssl/crypto/fipsmodule/bn/random.c +299 -0
  916. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +254 -0
  917. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +53 -0
  918. data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +305 -0
  919. data/third_party/boringssl/crypto/fipsmodule/bn/sqrt.c +502 -0
  920. data/third_party/boringssl/crypto/fipsmodule/cipher/aead.c +284 -0
  921. data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +615 -0
  922. data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +1437 -0
  923. data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +233 -0
  924. data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +129 -0
  925. data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
  926. data/third_party/boringssl/crypto/fipsmodule/des/des.c +785 -0
  927. data/third_party/boringssl/crypto/fipsmodule/des/internal.h +238 -0
  928. data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +256 -0
  929. data/third_party/boringssl/crypto/fipsmodule/digest/digests.c +280 -0
  930. data/third_party/boringssl/crypto/fipsmodule/digest/internal.h +112 -0
  931. data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +268 -0
  932. data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +943 -0
  933. data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +517 -0
  934. data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +277 -0
  935. data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +316 -0
  936. data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +404 -0
  937. data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +1131 -0
  938. data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +1674 -0
  939. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9543 -0
  940. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +456 -0
  941. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +113 -0
  942. data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +1052 -0
  943. data/third_party/boringssl/crypto/fipsmodule/ec/util-64.c +109 -0
  944. data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +474 -0
  945. data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +442 -0
  946. data/third_party/boringssl/crypto/fipsmodule/hmac/hmac.c +228 -0
  947. data/third_party/boringssl/crypto/fipsmodule/is_fips.c +27 -0
  948. data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +254 -0
  949. data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +298 -0
  950. data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +211 -0
  951. data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +234 -0
  952. data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +220 -0
  953. data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +1063 -0
  954. data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +384 -0
  955. data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +95 -0
  956. data/third_party/boringssl/crypto/fipsmodule/modes/polyval.c +91 -0
  957. data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +200 -0
  958. data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
  959. data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +358 -0
  960. data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +302 -0
  961. data/third_party/boringssl/crypto/fipsmodule/rsa/blinding.c +263 -0
  962. data/third_party/boringssl/crypto/fipsmodule/rsa/internal.h +131 -0
  963. data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +692 -0
  964. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +857 -0
  965. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +1051 -0
  966. data/third_party/boringssl/crypto/fipsmodule/sha/sha1-altivec.c +361 -0
  967. data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +375 -0
  968. data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +337 -0
  969. data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +608 -0
  970. data/third_party/boringssl/crypto/hkdf/hkdf.c +112 -0
  971. data/third_party/boringssl/crypto/internal.h +676 -0
  972. data/third_party/boringssl/crypto/lhash/lhash.c +336 -0
  973. data/third_party/boringssl/crypto/mem.c +237 -0
  974. data/third_party/boringssl/crypto/obj/obj.c +621 -0
  975. data/third_party/boringssl/crypto/obj/obj_dat.h +6244 -0
  976. data/third_party/boringssl/crypto/obj/obj_xref.c +122 -0
  977. data/third_party/boringssl/crypto/pem/pem_all.c +262 -0
  978. data/third_party/boringssl/crypto/pem/pem_info.c +379 -0
  979. data/third_party/boringssl/crypto/pem/pem_lib.c +776 -0
  980. data/third_party/boringssl/crypto/pem/pem_oth.c +88 -0
  981. data/third_party/boringssl/crypto/pem/pem_pk8.c +258 -0
  982. data/third_party/boringssl/crypto/pem/pem_pkey.c +227 -0
  983. data/third_party/boringssl/crypto/pem/pem_x509.c +65 -0
  984. data/third_party/boringssl/crypto/pem/pem_xaux.c +65 -0
  985. data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
  986. data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
  987. data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +233 -0
  988. data/third_party/boringssl/crypto/pkcs8/internal.h +120 -0
  989. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +307 -0
  990. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +513 -0
  991. data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
  992. data/third_party/boringssl/crypto/poly1305/internal.h +41 -0
  993. data/third_party/boringssl/crypto/poly1305/poly1305.c +318 -0
  994. data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +304 -0
  995. data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +839 -0
  996. data/third_party/boringssl/crypto/pool/internal.h +45 -0
  997. data/third_party/boringssl/crypto/pool/pool.c +200 -0
  998. data/third_party/boringssl/crypto/rand_extra/deterministic.c +48 -0
  999. data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
  1000. data/third_party/boringssl/crypto/rand_extra/fuchsia.c +43 -0
  1001. data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
  1002. data/third_party/boringssl/crypto/rand_extra/windows.c +53 -0
  1003. data/third_party/boringssl/crypto/rc4/rc4.c +98 -0
  1004. data/third_party/boringssl/crypto/refcount_c11.c +67 -0
  1005. data/third_party/boringssl/crypto/refcount_lock.c +53 -0
  1006. data/third_party/boringssl/crypto/rsa_extra/rsa_asn1.c +325 -0
  1007. data/third_party/boringssl/crypto/stack/stack.c +380 -0
  1008. data/third_party/boringssl/crypto/thread.c +110 -0
  1009. data/third_party/boringssl/crypto/thread_none.c +59 -0
  1010. data/third_party/boringssl/crypto/thread_pthread.c +176 -0
  1011. data/third_party/boringssl/crypto/thread_win.c +237 -0
  1012. data/third_party/boringssl/crypto/x509/a_digest.c +96 -0
  1013. data/third_party/boringssl/crypto/x509/a_sign.c +128 -0
  1014. data/third_party/boringssl/crypto/x509/a_strex.c +633 -0
  1015. data/third_party/boringssl/crypto/x509/a_verify.c +115 -0
  1016. data/third_party/boringssl/crypto/x509/algorithm.c +153 -0
  1017. data/third_party/boringssl/crypto/x509/asn1_gen.c +841 -0
  1018. data/third_party/boringssl/crypto/x509/by_dir.c +451 -0
  1019. data/third_party/boringssl/crypto/x509/by_file.c +274 -0
  1020. data/third_party/boringssl/crypto/x509/charmap.h +15 -0
  1021. data/third_party/boringssl/crypto/x509/i2d_pr.c +83 -0
  1022. data/third_party/boringssl/crypto/x509/internal.h +66 -0
  1023. data/third_party/boringssl/crypto/x509/rsa_pss.c +385 -0
  1024. data/third_party/boringssl/crypto/x509/t_crl.c +128 -0
  1025. data/third_party/boringssl/crypto/x509/t_req.c +246 -0
  1026. data/third_party/boringssl/crypto/x509/t_x509.c +547 -0
  1027. data/third_party/boringssl/crypto/x509/t_x509a.c +111 -0
  1028. data/third_party/boringssl/crypto/x509/vpm_int.h +70 -0
  1029. data/third_party/boringssl/crypto/x509/x509.c +157 -0
  1030. data/third_party/boringssl/crypto/x509/x509_att.c +381 -0
  1031. data/third_party/boringssl/crypto/x509/x509_cmp.c +477 -0
  1032. data/third_party/boringssl/crypto/x509/x509_d2.c +106 -0
  1033. data/third_party/boringssl/crypto/x509/x509_def.c +103 -0
  1034. data/third_party/boringssl/crypto/x509/x509_ext.c +206 -0
  1035. data/third_party/boringssl/crypto/x509/x509_lu.c +725 -0
  1036. data/third_party/boringssl/crypto/x509/x509_obj.c +198 -0
  1037. data/third_party/boringssl/crypto/x509/x509_r2x.c +117 -0
  1038. data/third_party/boringssl/crypto/x509/x509_req.c +322 -0
  1039. data/third_party/boringssl/crypto/x509/x509_set.c +164 -0
  1040. data/third_party/boringssl/crypto/x509/x509_trs.c +326 -0
  1041. data/third_party/boringssl/crypto/x509/x509_txt.c +205 -0
  1042. data/third_party/boringssl/crypto/x509/x509_v3.c +278 -0
  1043. data/third_party/boringssl/crypto/x509/x509_vfy.c +2472 -0
  1044. data/third_party/boringssl/crypto/x509/x509_vpm.c +648 -0
  1045. data/third_party/boringssl/crypto/x509/x509cset.c +170 -0
  1046. data/third_party/boringssl/crypto/x509/x509name.c +389 -0
  1047. data/third_party/boringssl/crypto/x509/x509rset.c +81 -0
  1048. data/third_party/boringssl/crypto/x509/x509spki.c +137 -0
  1049. data/third_party/boringssl/crypto/x509/x_algor.c +151 -0
  1050. data/third_party/boringssl/crypto/x509/x_all.c +501 -0
  1051. data/third_party/boringssl/crypto/x509/x_attrib.c +111 -0
  1052. data/third_party/boringssl/crypto/x509/x_crl.c +541 -0
  1053. data/third_party/boringssl/crypto/x509/x_exten.c +75 -0
  1054. data/third_party/boringssl/crypto/x509/x_info.c +98 -0
  1055. data/third_party/boringssl/crypto/x509/x_name.c +541 -0
  1056. data/third_party/boringssl/crypto/x509/x_pkey.c +106 -0
  1057. data/third_party/boringssl/crypto/x509/x_pubkey.c +368 -0
  1058. data/third_party/boringssl/crypto/x509/x_req.c +109 -0
  1059. data/third_party/boringssl/crypto/x509/x_sig.c +69 -0
  1060. data/third_party/boringssl/crypto/x509/x_spki.c +80 -0
  1061. data/third_party/boringssl/crypto/x509/x_val.c +69 -0
  1062. data/third_party/boringssl/crypto/x509/x_x509.c +328 -0
  1063. data/third_party/boringssl/crypto/x509/x_x509a.c +198 -0
  1064. data/third_party/boringssl/crypto/x509v3/ext_dat.h +143 -0
  1065. data/third_party/boringssl/crypto/x509v3/pcy_cache.c +284 -0
  1066. data/third_party/boringssl/crypto/x509v3/pcy_data.c +130 -0
  1067. data/third_party/boringssl/crypto/x509v3/pcy_int.h +217 -0
  1068. data/third_party/boringssl/crypto/x509v3/pcy_lib.c +155 -0
  1069. data/third_party/boringssl/crypto/x509v3/pcy_map.c +130 -0
  1070. data/third_party/boringssl/crypto/x509v3/pcy_node.c +188 -0
  1071. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +840 -0
  1072. data/third_party/boringssl/crypto/x509v3/v3_akey.c +204 -0
  1073. data/third_party/boringssl/crypto/x509v3/v3_akeya.c +72 -0
  1074. data/third_party/boringssl/crypto/x509v3/v3_alt.c +623 -0
  1075. data/third_party/boringssl/crypto/x509v3/v3_bcons.c +133 -0
  1076. data/third_party/boringssl/crypto/x509v3/v3_bitst.c +141 -0
  1077. data/third_party/boringssl/crypto/x509v3/v3_conf.c +462 -0
  1078. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +502 -0
  1079. data/third_party/boringssl/crypto/x509v3/v3_crld.c +561 -0
  1080. data/third_party/boringssl/crypto/x509v3/v3_enum.c +100 -0
  1081. data/third_party/boringssl/crypto/x509v3/v3_extku.c +148 -0
  1082. data/third_party/boringssl/crypto/x509v3/v3_genn.c +251 -0
  1083. data/third_party/boringssl/crypto/x509v3/v3_ia5.c +122 -0
  1084. data/third_party/boringssl/crypto/x509v3/v3_info.c +219 -0
  1085. data/third_party/boringssl/crypto/x509v3/v3_int.c +91 -0
  1086. data/third_party/boringssl/crypto/x509v3/v3_lib.c +370 -0
  1087. data/third_party/boringssl/crypto/x509v3/v3_ncons.c +501 -0
  1088. data/third_party/boringssl/crypto/x509v3/v3_pci.c +287 -0
  1089. data/third_party/boringssl/crypto/x509v3/v3_pcia.c +57 -0
  1090. data/third_party/boringssl/crypto/x509v3/v3_pcons.c +139 -0
  1091. data/third_party/boringssl/crypto/x509v3/v3_pku.c +110 -0
  1092. data/third_party/boringssl/crypto/x509v3/v3_pmaps.c +154 -0
  1093. data/third_party/boringssl/crypto/x509v3/v3_prn.c +229 -0
  1094. data/third_party/boringssl/crypto/x509v3/v3_purp.c +866 -0
  1095. data/third_party/boringssl/crypto/x509v3/v3_skey.c +152 -0
  1096. data/third_party/boringssl/crypto/x509v3/v3_sxnet.c +274 -0
  1097. data/third_party/boringssl/crypto/x509v3/v3_utl.c +1352 -0
  1098. data/third_party/boringssl/include/openssl/aead.h +423 -0
  1099. data/third_party/boringssl/include/openssl/aes.h +170 -0
  1100. data/third_party/boringssl/include/openssl/arm_arch.h +121 -0
  1101. data/third_party/boringssl/include/openssl/asn1.h +982 -0
  1102. data/third_party/boringssl/include/openssl/asn1_mac.h +18 -0
  1103. data/third_party/boringssl/include/openssl/asn1t.h +892 -0
  1104. data/third_party/boringssl/include/openssl/base.h +468 -0
  1105. data/third_party/boringssl/include/openssl/base64.h +187 -0
  1106. data/third_party/boringssl/include/openssl/bio.h +902 -0
  1107. data/third_party/boringssl/include/openssl/blowfish.h +93 -0
  1108. data/third_party/boringssl/include/openssl/bn.h +975 -0
  1109. data/third_party/boringssl/include/openssl/buf.h +137 -0
  1110. data/third_party/boringssl/include/openssl/buffer.h +18 -0
  1111. data/third_party/boringssl/include/openssl/bytestring.h +480 -0
  1112. data/third_party/boringssl/include/openssl/cast.h +96 -0
  1113. data/third_party/boringssl/include/openssl/chacha.h +41 -0
  1114. data/third_party/boringssl/include/openssl/cipher.h +608 -0
  1115. data/third_party/boringssl/include/openssl/cmac.h +87 -0
  1116. data/third_party/boringssl/include/openssl/conf.h +183 -0
  1117. data/third_party/boringssl/include/openssl/cpu.h +196 -0
  1118. data/third_party/boringssl/include/openssl/crypto.h +118 -0
  1119. data/third_party/boringssl/include/openssl/curve25519.h +201 -0
  1120. data/third_party/boringssl/include/openssl/des.h +177 -0
  1121. data/third_party/boringssl/include/openssl/dh.h +298 -0
  1122. data/third_party/boringssl/include/openssl/digest.h +316 -0
  1123. data/third_party/boringssl/include/openssl/dsa.h +435 -0
  1124. data/third_party/boringssl/include/openssl/dtls1.h +16 -0
  1125. data/third_party/boringssl/include/openssl/ec.h +407 -0
  1126. data/third_party/boringssl/include/openssl/ec_key.h +341 -0
  1127. data/third_party/boringssl/include/openssl/ecdh.h +101 -0
  1128. data/third_party/boringssl/include/openssl/ecdsa.h +199 -0
  1129. data/third_party/boringssl/include/openssl/engine.h +109 -0
  1130. data/third_party/boringssl/include/openssl/err.h +458 -0
  1131. data/third_party/boringssl/include/openssl/evp.h +873 -0
  1132. data/third_party/boringssl/include/openssl/ex_data.h +203 -0
  1133. data/third_party/boringssl/include/openssl/hkdf.h +64 -0
  1134. data/third_party/boringssl/include/openssl/hmac.h +186 -0
  1135. data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
  1136. data/third_party/boringssl/include/openssl/lhash.h +174 -0
  1137. data/third_party/boringssl/include/openssl/lhash_macros.h +174 -0
  1138. data/third_party/boringssl/include/openssl/md4.h +106 -0
  1139. data/third_party/boringssl/include/openssl/md5.h +107 -0
  1140. data/third_party/boringssl/include/openssl/mem.h +156 -0
  1141. data/third_party/boringssl/include/openssl/nid.h +4242 -0
  1142. data/third_party/boringssl/include/openssl/obj.h +233 -0
  1143. data/third_party/boringssl/include/openssl/obj_mac.h +18 -0
  1144. data/third_party/boringssl/include/openssl/objects.h +18 -0
  1145. data/third_party/boringssl/include/openssl/opensslconf.h +67 -0
  1146. data/third_party/boringssl/include/openssl/opensslv.h +18 -0
  1147. data/third_party/boringssl/include/openssl/ossl_typ.h +18 -0
  1148. data/third_party/boringssl/include/openssl/pem.h +397 -0
  1149. data/third_party/boringssl/include/openssl/pkcs12.h +18 -0
  1150. data/third_party/boringssl/include/openssl/pkcs7.h +82 -0
  1151. data/third_party/boringssl/include/openssl/pkcs8.h +230 -0
  1152. data/third_party/boringssl/include/openssl/poly1305.h +51 -0
  1153. data/third_party/boringssl/include/openssl/pool.h +91 -0
  1154. data/third_party/boringssl/include/openssl/rand.h +125 -0
  1155. data/third_party/boringssl/include/openssl/rc4.h +96 -0
  1156. data/third_party/boringssl/include/openssl/ripemd.h +107 -0
  1157. data/third_party/boringssl/include/openssl/rsa.h +731 -0
  1158. data/third_party/boringssl/include/openssl/safestack.h +16 -0
  1159. data/third_party/boringssl/include/openssl/sha.h +256 -0
  1160. data/third_party/boringssl/include/openssl/span.h +191 -0
  1161. data/third_party/boringssl/include/openssl/srtp.h +18 -0
  1162. data/third_party/boringssl/include/openssl/ssl.h +4592 -0
  1163. data/third_party/boringssl/include/openssl/ssl3.h +333 -0
  1164. data/third_party/boringssl/include/openssl/stack.h +485 -0
  1165. data/third_party/boringssl/include/openssl/thread.h +191 -0
  1166. data/third_party/boringssl/include/openssl/tls1.h +610 -0
  1167. data/third_party/boringssl/include/openssl/type_check.h +91 -0
  1168. data/third_party/boringssl/include/openssl/x509.h +1176 -0
  1169. data/third_party/boringssl/include/openssl/x509_vfy.h +614 -0
  1170. data/third_party/boringssl/include/openssl/x509v3.h +826 -0
  1171. data/third_party/boringssl/ssl/bio_ssl.cc +179 -0
  1172. data/third_party/boringssl/ssl/custom_extensions.cc +265 -0
  1173. data/third_party/boringssl/ssl/d1_both.cc +837 -0
  1174. data/third_party/boringssl/ssl/d1_lib.cc +267 -0
  1175. data/third_party/boringssl/ssl/d1_pkt.cc +274 -0
  1176. data/third_party/boringssl/ssl/d1_srtp.cc +232 -0
  1177. data/third_party/boringssl/ssl/dtls_method.cc +193 -0
  1178. data/third_party/boringssl/ssl/dtls_record.cc +353 -0
  1179. data/third_party/boringssl/ssl/handshake.cc +616 -0
  1180. data/third_party/boringssl/ssl/handshake_client.cc +1836 -0
  1181. data/third_party/boringssl/ssl/handshake_server.cc +1662 -0
  1182. data/third_party/boringssl/ssl/internal.h +3011 -0
  1183. data/third_party/boringssl/ssl/s3_both.cc +585 -0
  1184. data/third_party/boringssl/ssl/s3_lib.cc +224 -0
  1185. data/third_party/boringssl/ssl/s3_pkt.cc +443 -0
  1186. data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
  1187. data/third_party/boringssl/ssl/ssl_asn1.cc +840 -0
  1188. data/third_party/boringssl/ssl/ssl_buffer.cc +286 -0
  1189. data/third_party/boringssl/ssl/ssl_cert.cc +913 -0
  1190. data/third_party/boringssl/ssl/ssl_cipher.cc +1777 -0
  1191. data/third_party/boringssl/ssl/ssl_file.cc +583 -0
  1192. data/third_party/boringssl/ssl/ssl_key_share.cc +250 -0
  1193. data/third_party/boringssl/ssl/ssl_lib.cc +2650 -0
  1194. data/third_party/boringssl/ssl/ssl_privkey.cc +488 -0
  1195. data/third_party/boringssl/ssl/ssl_session.cc +1221 -0
  1196. data/third_party/boringssl/ssl/ssl_stat.cc +224 -0
  1197. data/third_party/boringssl/ssl/ssl_transcript.cc +398 -0
  1198. data/third_party/boringssl/ssl/ssl_versions.cc +472 -0
  1199. data/third_party/boringssl/ssl/ssl_x509.cc +1299 -0
  1200. data/third_party/boringssl/ssl/t1_enc.cc +503 -0
  1201. data/third_party/boringssl/ssl/t1_lib.cc +3457 -0
  1202. data/third_party/boringssl/ssl/tls13_both.cc +551 -0
  1203. data/third_party/boringssl/ssl/tls13_client.cc +977 -0
  1204. data/third_party/boringssl/ssl/tls13_enc.cc +563 -0
  1205. data/third_party/boringssl/ssl/tls13_server.cc +1068 -0
  1206. data/third_party/boringssl/ssl/tls_method.cc +291 -0
  1207. data/third_party/boringssl/ssl/tls_record.cc +712 -0
  1208. data/third_party/boringssl/third_party/fiat/curve25519.c +5062 -0
  1209. data/third_party/boringssl/third_party/fiat/internal.h +142 -0
  1210. data/third_party/cares/ares_build.h +223 -0
  1211. data/third_party/cares/cares/ares.h +658 -0
  1212. data/third_party/cares/cares/ares__close_sockets.c +61 -0
  1213. data/third_party/cares/cares/ares__get_hostent.c +261 -0
  1214. data/third_party/cares/cares/ares__read_line.c +73 -0
  1215. data/third_party/cares/cares/ares__timeval.c +111 -0
  1216. data/third_party/cares/cares/ares_cancel.c +63 -0
  1217. data/third_party/cares/cares/ares_create_query.c +202 -0
  1218. data/third_party/cares/cares/ares_data.c +221 -0
  1219. data/third_party/cares/cares/ares_data.h +72 -0
  1220. data/third_party/cares/cares/ares_destroy.c +108 -0
  1221. data/third_party/cares/cares/ares_dns.h +103 -0
  1222. data/third_party/cares/cares/ares_expand_name.c +209 -0
  1223. data/third_party/cares/cares/ares_expand_string.c +70 -0
  1224. data/third_party/cares/cares/ares_fds.c +59 -0
  1225. data/third_party/cares/cares/ares_free_hostent.c +41 -0
  1226. data/third_party/cares/cares/ares_free_string.c +25 -0
  1227. data/third_party/cares/cares/ares_getenv.c +30 -0
  1228. data/third_party/cares/cares/ares_getenv.h +26 -0
  1229. data/third_party/cares/cares/ares_gethostbyaddr.c +294 -0
  1230. data/third_party/cares/cares/ares_gethostbyname.c +518 -0
  1231. data/third_party/cares/cares/ares_getnameinfo.c +442 -0
  1232. data/third_party/cares/cares/ares_getopt.c +122 -0
  1233. data/third_party/cares/cares/ares_getopt.h +53 -0
  1234. data/third_party/cares/cares/ares_getsock.c +66 -0
  1235. data/third_party/cares/cares/ares_inet_net_pton.h +25 -0
  1236. data/third_party/cares/cares/ares_init.c +2514 -0
  1237. data/third_party/cares/cares/ares_iphlpapi.h +221 -0
  1238. data/third_party/cares/cares/ares_ipv6.h +78 -0
  1239. data/third_party/cares/cares/ares_library_init.c +177 -0
  1240. data/third_party/cares/cares/ares_library_init.h +43 -0
  1241. data/third_party/cares/cares/ares_llist.c +63 -0
  1242. data/third_party/cares/cares/ares_llist.h +39 -0
  1243. data/third_party/cares/cares/ares_mkquery.c +24 -0
  1244. data/third_party/cares/cares/ares_nowarn.c +260 -0
  1245. data/third_party/cares/cares/ares_nowarn.h +61 -0
  1246. data/third_party/cares/cares/ares_options.c +402 -0
  1247. data/third_party/cares/cares/ares_parse_a_reply.c +264 -0
  1248. data/third_party/cares/cares/ares_parse_aaaa_reply.c +264 -0
  1249. data/third_party/cares/cares/ares_parse_mx_reply.c +170 -0
  1250. data/third_party/cares/cares/ares_parse_naptr_reply.c +193 -0
  1251. data/third_party/cares/cares/ares_parse_ns_reply.c +183 -0
  1252. data/third_party/cares/cares/ares_parse_ptr_reply.c +219 -0
  1253. data/third_party/cares/cares/ares_parse_soa_reply.c +133 -0
  1254. data/third_party/cares/cares/ares_parse_srv_reply.c +179 -0
  1255. data/third_party/cares/cares/ares_parse_txt_reply.c +220 -0
  1256. data/third_party/cares/cares/ares_platform.c +11035 -0
  1257. data/third_party/cares/cares/ares_platform.h +43 -0
  1258. data/third_party/cares/cares/ares_private.h +374 -0
  1259. data/third_party/cares/cares/ares_process.c +1448 -0
  1260. data/third_party/cares/cares/ares_query.c +186 -0
  1261. data/third_party/cares/cares/ares_rules.h +125 -0
  1262. data/third_party/cares/cares/ares_search.c +316 -0
  1263. data/third_party/cares/cares/ares_send.c +131 -0
  1264. data/third_party/cares/cares/ares_setup.h +217 -0
  1265. data/third_party/cares/cares/ares_strcasecmp.c +66 -0
  1266. data/third_party/cares/cares/ares_strcasecmp.h +30 -0
  1267. data/third_party/cares/cares/ares_strdup.c +49 -0
  1268. data/third_party/cares/cares/ares_strdup.h +24 -0
  1269. data/third_party/cares/cares/ares_strerror.c +56 -0
  1270. data/third_party/cares/cares/ares_timeout.c +88 -0
  1271. data/third_party/cares/cares/ares_version.c +11 -0
  1272. data/third_party/cares/cares/ares_version.h +24 -0
  1273. data/third_party/cares/cares/ares_writev.c +79 -0
  1274. data/third_party/cares/cares/bitncmp.c +59 -0
  1275. data/third_party/cares/cares/bitncmp.h +26 -0
  1276. data/third_party/cares/cares/config-win32.h +351 -0
  1277. data/third_party/cares/cares/inet_net_pton.c +450 -0
  1278. data/third_party/cares/cares/inet_ntop.c +208 -0
  1279. data/third_party/cares/cares/setup_once.h +554 -0
  1280. data/third_party/cares/cares/windows_port.c +22 -0
  1281. data/third_party/cares/config_darwin/ares_config.h +425 -0
  1282. data/third_party/cares/config_freebsd/ares_config.h +502 -0
  1283. data/third_party/cares/config_linux/ares_config.h +458 -0
  1284. data/third_party/cares/config_openbsd/ares_config.h +502 -0
  1285. data/third_party/nanopb/pb.h +579 -0
  1286. data/third_party/nanopb/pb_common.c +97 -0
  1287. data/third_party/nanopb/pb_common.h +42 -0
  1288. data/third_party/nanopb/pb_decode.c +1347 -0
  1289. data/third_party/nanopb/pb_decode.h +149 -0
  1290. data/third_party/nanopb/pb_encode.c +696 -0
  1291. data/third_party/nanopb/pb_encode.h +154 -0
  1292. data/third_party/zlib/adler32.c +186 -0
  1293. data/third_party/zlib/compress.c +86 -0
  1294. data/third_party/zlib/crc32.c +442 -0
  1295. data/third_party/zlib/crc32.h +441 -0
  1296. data/third_party/zlib/deflate.c +2163 -0
  1297. data/third_party/zlib/deflate.h +349 -0
  1298. data/third_party/zlib/gzclose.c +25 -0
  1299. data/third_party/zlib/gzguts.h +218 -0
  1300. data/third_party/zlib/gzlib.c +637 -0
  1301. data/third_party/zlib/gzread.c +654 -0
  1302. data/third_party/zlib/gzwrite.c +665 -0
  1303. data/third_party/zlib/infback.c +640 -0
  1304. data/third_party/zlib/inffast.c +323 -0
  1305. data/third_party/zlib/inffast.h +11 -0
  1306. data/third_party/zlib/inffixed.h +94 -0
  1307. data/third_party/zlib/inflate.c +1561 -0
  1308. data/third_party/zlib/inflate.h +125 -0
  1309. data/third_party/zlib/inftrees.c +304 -0
  1310. data/third_party/zlib/inftrees.h +62 -0
  1311. data/third_party/zlib/trees.c +1203 -0
  1312. data/third_party/zlib/trees.h +128 -0
  1313. data/third_party/zlib/uncompr.c +93 -0
  1314. data/third_party/zlib/zconf.h +534 -0
  1315. data/third_party/zlib/zlib.h +1912 -0
  1316. data/third_party/zlib/zutil.c +325 -0
  1317. data/third_party/zlib/zutil.h +271 -0
  1318. metadata +1586 -0
@@ -0,0 +1,2650 @@
1
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
+ * All rights reserved.
3
+ *
4
+ * This package is an SSL implementation written
5
+ * by Eric Young (eay@cryptsoft.com).
6
+ * The implementation was written so as to conform with Netscapes SSL.
7
+ *
8
+ * This library is free for commercial and non-commercial use as long as
9
+ * the following conditions are aheared to. The following conditions
10
+ * apply to all code found in this distribution, be it the RC4, RSA,
11
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
+ * included with this distribution is covered by the same copyright terms
13
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
+ *
15
+ * Copyright remains Eric Young's, and as such any Copyright notices in
16
+ * the code are not to be removed.
17
+ * If this package is used in a product, Eric Young should be given attribution
18
+ * as the author of the parts of the library used.
19
+ * This can be in the form of a textual message at program startup or
20
+ * in documentation (online or textual) provided with the package.
21
+ *
22
+ * Redistribution and use in source and binary forms, with or without
23
+ * modification, are permitted provided that the following conditions
24
+ * are met:
25
+ * 1. Redistributions of source code must retain the copyright
26
+ * notice, this list of conditions and the following disclaimer.
27
+ * 2. Redistributions in binary form must reproduce the above copyright
28
+ * notice, this list of conditions and the following disclaimer in the
29
+ * documentation and/or other materials provided with the distribution.
30
+ * 3. All advertising materials mentioning features or use of this software
31
+ * must display the following acknowledgement:
32
+ * "This product includes cryptographic software written by
33
+ * Eric Young (eay@cryptsoft.com)"
34
+ * The word 'cryptographic' can be left out if the rouines from the library
35
+ * being used are not cryptographic related :-).
36
+ * 4. If you include any Windows specific code (or a derivative thereof) from
37
+ * the apps directory (application code) you must include an acknowledgement:
38
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
+ *
40
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
+ * SUCH DAMAGE.
51
+ *
52
+ * The licence and distribution terms for any publically available version or
53
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
54
+ * copied and put under another distribution licence
55
+ * [including the GNU Public Licence.]
56
+ */
57
+ /* ====================================================================
58
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
+ *
60
+ * Redistribution and use in source and binary forms, with or without
61
+ * modification, are permitted provided that the following conditions
62
+ * are met:
63
+ *
64
+ * 1. Redistributions of source code must retain the above copyright
65
+ * notice, this list of conditions and the following disclaimer.
66
+ *
67
+ * 2. Redistributions in binary form must reproduce the above copyright
68
+ * notice, this list of conditions and the following disclaimer in
69
+ * the documentation and/or other materials provided with the
70
+ * distribution.
71
+ *
72
+ * 3. All advertising materials mentioning features or use of this
73
+ * software must display the following acknowledgment:
74
+ * "This product includes software developed by the OpenSSL Project
75
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
+ *
77
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
+ * endorse or promote products derived from this software without
79
+ * prior written permission. For written permission, please contact
80
+ * openssl-core@openssl.org.
81
+ *
82
+ * 5. Products derived from this software may not be called "OpenSSL"
83
+ * nor may "OpenSSL" appear in their names without prior written
84
+ * permission of the OpenSSL Project.
85
+ *
86
+ * 6. Redistributions of any form whatsoever must retain the following
87
+ * acknowledgment:
88
+ * "This product includes software developed by the OpenSSL Project
89
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
+ *
91
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
103
+ * ====================================================================
104
+ *
105
+ * This product includes cryptographic software written by Eric Young
106
+ * (eay@cryptsoft.com). This product includes software written by Tim
107
+ * Hudson (tjh@cryptsoft.com).
108
+ *
109
+ */
110
+ /* ====================================================================
111
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
+ * ECC cipher suite support in OpenSSL originally developed by
113
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114
+ */
115
+ /* ====================================================================
116
+ * Copyright 2005 Nokia. All rights reserved.
117
+ *
118
+ * The portions of the attached software ("Contribution") is developed by
119
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120
+ * license.
121
+ *
122
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124
+ * support (see RFC 4279) to OpenSSL.
125
+ *
126
+ * No patent licenses or other rights except those expressly stated in
127
+ * the OpenSSL open source license shall be deemed granted or received
128
+ * expressly, by implication, estoppel, or otherwise.
129
+ *
130
+ * No assurances are provided by Nokia that the Contribution does not
131
+ * infringe the patent or other intellectual property rights of any third
132
+ * party or that the license provides you with all the necessary rights
133
+ * to make use of the Contribution.
134
+ *
135
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139
+ * OTHERWISE. */
140
+
141
+ #include <openssl/ssl.h>
142
+
143
+ #include <assert.h>
144
+ #include <stdlib.h>
145
+ #include <string.h>
146
+
147
+ #include <openssl/bytestring.h>
148
+ #include <openssl/crypto.h>
149
+ #include <openssl/err.h>
150
+ #include <openssl/lhash.h>
151
+ #include <openssl/mem.h>
152
+ #include <openssl/rand.h>
153
+
154
+ #include "internal.h"
155
+ #include "../crypto/internal.h"
156
+
157
+ #if defined(OPENSSL_WINDOWS)
158
+ #include <sys/timeb.h>
159
+ #else
160
+ #include <sys/socket.h>
161
+ #include <sys/time.h>
162
+ #endif
163
+
164
+
165
+ namespace bssl {
166
+
167
+ // |SSL_R_UNKNOWN_PROTOCOL| is no longer emitted, but continue to define it
168
+ // to avoid downstream churn.
169
+ OPENSSL_DECLARE_ERROR_REASON(SSL, UNKNOWN_PROTOCOL)
170
+
171
+ // The following errors are no longer emitted, but are used in nginx without
172
+ // #ifdefs.
173
+ OPENSSL_DECLARE_ERROR_REASON(SSL, BLOCK_CIPHER_PAD_IS_WRONG)
174
+ OPENSSL_DECLARE_ERROR_REASON(SSL, NO_CIPHERS_SPECIFIED)
175
+
176
+ // Some error codes are special. Ensure the make_errors.go script never
177
+ // regresses this.
178
+ static_assert(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ==
179
+ SSL_AD_NO_RENEGOTIATION + SSL_AD_REASON_OFFSET,
180
+ "alert reason code mismatch");
181
+
182
+ // kMaxHandshakeSize is the maximum size, in bytes, of a handshake message.
183
+ static const size_t kMaxHandshakeSize = (1u << 24) - 1;
184
+
185
+ static CRYPTO_EX_DATA_CLASS g_ex_data_class_ssl =
186
+ CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA;
187
+ static CRYPTO_EX_DATA_CLASS g_ex_data_class_ssl_ctx =
188
+ CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA;
189
+
190
+ bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out) {
191
+ uint8_t *ptr;
192
+ size_t len;
193
+ if (!CBB_finish(cbb, &ptr, &len)) {
194
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
195
+ return false;
196
+ }
197
+ out->Reset(ptr, len);
198
+ return true;
199
+ }
200
+
201
+ void ssl_reset_error_state(SSL *ssl) {
202
+ // Functions which use |SSL_get_error| must reset I/O and error state on
203
+ // entry.
204
+ ssl->s3->rwstate = SSL_NOTHING;
205
+ ERR_clear_error();
206
+ ERR_clear_system_error();
207
+ }
208
+
209
+ void ssl_set_read_error(SSL* ssl) {
210
+ ssl->s3->read_shutdown = ssl_shutdown_error;
211
+ ssl->s3->read_error.reset(ERR_save_state());
212
+ }
213
+
214
+ static bool check_read_error(const SSL *ssl) {
215
+ if (ssl->s3->read_shutdown == ssl_shutdown_error) {
216
+ ERR_restore_state(ssl->s3->read_error.get());
217
+ return false;
218
+ }
219
+ return true;
220
+ }
221
+
222
+ int ssl_can_write(const SSL *ssl) {
223
+ return !SSL_in_init(ssl) || ssl->s3->hs->can_early_write;
224
+ }
225
+
226
+ int ssl_can_read(const SSL *ssl) {
227
+ return !SSL_in_init(ssl) || ssl->s3->hs->can_early_read;
228
+ }
229
+
230
+ ssl_open_record_t ssl_open_handshake(SSL *ssl, size_t *out_consumed,
231
+ uint8_t *out_alert, Span<uint8_t> in) {
232
+ *out_consumed = 0;
233
+ if (!check_read_error(ssl)) {
234
+ *out_alert = 0;
235
+ return ssl_open_record_error;
236
+ }
237
+ auto ret = ssl->method->open_handshake(ssl, out_consumed, out_alert, in);
238
+ if (ret == ssl_open_record_error) {
239
+ ssl_set_read_error(ssl);
240
+ }
241
+ return ret;
242
+ }
243
+
244
+ ssl_open_record_t ssl_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
245
+ uint8_t *out_alert,
246
+ Span<uint8_t> in) {
247
+ *out_consumed = 0;
248
+ if (!check_read_error(ssl)) {
249
+ *out_alert = 0;
250
+ return ssl_open_record_error;
251
+ }
252
+ auto ret =
253
+ ssl->method->open_change_cipher_spec(ssl, out_consumed, out_alert, in);
254
+ if (ret == ssl_open_record_error) {
255
+ ssl_set_read_error(ssl);
256
+ }
257
+ return ret;
258
+ }
259
+
260
+ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
261
+ size_t *out_consumed, uint8_t *out_alert,
262
+ Span<uint8_t> in) {
263
+ *out_consumed = 0;
264
+ if (!check_read_error(ssl)) {
265
+ *out_alert = 0;
266
+ return ssl_open_record_error;
267
+ }
268
+ auto ret = ssl->method->open_app_data(ssl, out, out_consumed, out_alert, in);
269
+ if (ret == ssl_open_record_error) {
270
+ ssl_set_read_error(ssl);
271
+ }
272
+ return ret;
273
+ }
274
+
275
+ void ssl_cipher_preference_list_free(
276
+ struct ssl_cipher_preference_list_st *cipher_list) {
277
+ if (cipher_list == NULL) {
278
+ return;
279
+ }
280
+ sk_SSL_CIPHER_free(cipher_list->ciphers);
281
+ OPENSSL_free(cipher_list->in_group_flags);
282
+ OPENSSL_free(cipher_list);
283
+ }
284
+
285
+ void ssl_update_cache(SSL_HANDSHAKE *hs, int mode) {
286
+ SSL *const ssl = hs->ssl;
287
+ SSL_CTX *ctx = ssl->session_ctx;
288
+ // Never cache sessions with empty session IDs.
289
+ if (ssl->s3->established_session->session_id_length == 0 ||
290
+ ssl->s3->established_session->not_resumable ||
291
+ (ctx->session_cache_mode & mode) != mode) {
292
+ return;
293
+ }
294
+
295
+ // Clients never use the internal session cache.
296
+ int use_internal_cache = ssl->server && !(ctx->session_cache_mode &
297
+ SSL_SESS_CACHE_NO_INTERNAL_STORE);
298
+
299
+ // A client may see new sessions on abbreviated handshakes if the server
300
+ // decides to renew the ticket. Once the handshake is completed, it should be
301
+ // inserted into the cache.
302
+ if (ssl->s3->established_session.get() != ssl->session ||
303
+ (!ssl->server && hs->ticket_expected)) {
304
+ if (use_internal_cache) {
305
+ SSL_CTX_add_session(ctx, ssl->s3->established_session.get());
306
+ }
307
+ if (ctx->new_session_cb != NULL) {
308
+ SSL_SESSION_up_ref(ssl->s3->established_session.get());
309
+ if (!ctx->new_session_cb(ssl, ssl->s3->established_session.get())) {
310
+ // |new_session_cb|'s return value signals whether it took ownership.
311
+ SSL_SESSION_free(ssl->s3->established_session.get());
312
+ }
313
+ }
314
+ }
315
+
316
+ if (use_internal_cache &&
317
+ !(ctx->session_cache_mode & SSL_SESS_CACHE_NO_AUTO_CLEAR)) {
318
+ // Automatically flush the internal session cache every 255 connections.
319
+ int flush_cache = 0;
320
+ CRYPTO_MUTEX_lock_write(&ctx->lock);
321
+ ctx->handshakes_since_cache_flush++;
322
+ if (ctx->handshakes_since_cache_flush >= 255) {
323
+ flush_cache = 1;
324
+ ctx->handshakes_since_cache_flush = 0;
325
+ }
326
+ CRYPTO_MUTEX_unlock_write(&ctx->lock);
327
+
328
+ if (flush_cache) {
329
+ struct OPENSSL_timeval now;
330
+ ssl_get_current_time(ssl, &now);
331
+ SSL_CTX_flush_sessions(ctx, now.tv_sec);
332
+ }
333
+ }
334
+ }
335
+
336
+ static int cbb_add_hex(CBB *cbb, const uint8_t *in, size_t in_len) {
337
+ static const char hextable[] = "0123456789abcdef";
338
+ uint8_t *out;
339
+
340
+ if (!CBB_add_space(cbb, &out, in_len * 2)) {
341
+ return 0;
342
+ }
343
+
344
+ for (size_t i = 0; i < in_len; i++) {
345
+ *(out++) = (uint8_t)hextable[in[i] >> 4];
346
+ *(out++) = (uint8_t)hextable[in[i] & 0xf];
347
+ }
348
+
349
+ return 1;
350
+ }
351
+
352
+ int ssl_log_secret(const SSL *ssl, const char *label, const uint8_t *secret,
353
+ size_t secret_len) {
354
+ if (ssl->ctx->keylog_callback == NULL) {
355
+ return 1;
356
+ }
357
+
358
+ ScopedCBB cbb;
359
+ uint8_t *out;
360
+ size_t out_len;
361
+ if (!CBB_init(cbb.get(), strlen(label) + 1 + SSL3_RANDOM_SIZE * 2 + 1 +
362
+ secret_len * 2 + 1) ||
363
+ !CBB_add_bytes(cbb.get(), (const uint8_t *)label, strlen(label)) ||
364
+ !CBB_add_bytes(cbb.get(), (const uint8_t *)" ", 1) ||
365
+ !cbb_add_hex(cbb.get(), ssl->s3->client_random, SSL3_RANDOM_SIZE) ||
366
+ !CBB_add_bytes(cbb.get(), (const uint8_t *)" ", 1) ||
367
+ !cbb_add_hex(cbb.get(), secret, secret_len) ||
368
+ !CBB_add_u8(cbb.get(), 0 /* NUL */) ||
369
+ !CBB_finish(cbb.get(), &out, &out_len)) {
370
+ return 0;
371
+ }
372
+
373
+ ssl->ctx->keylog_callback(ssl, (const char *)out);
374
+ OPENSSL_free(out);
375
+ return 1;
376
+ }
377
+
378
+ void ssl_do_info_callback(const SSL *ssl, int type, int value) {
379
+ void (*cb)(const SSL *ssl, int type, int value) = NULL;
380
+ if (ssl->info_callback != NULL) {
381
+ cb = ssl->info_callback;
382
+ } else if (ssl->ctx->info_callback != NULL) {
383
+ cb = ssl->ctx->info_callback;
384
+ }
385
+
386
+ if (cb != NULL) {
387
+ cb(ssl, type, value);
388
+ }
389
+ }
390
+
391
+ void ssl_do_msg_callback(SSL *ssl, int is_write, int content_type,
392
+ Span<const uint8_t> in) {
393
+ if (ssl->msg_callback == NULL) {
394
+ return;
395
+ }
396
+
397
+ // |version| is zero when calling for |SSL3_RT_HEADER| and |SSL2_VERSION| for
398
+ // a V2ClientHello.
399
+ int version;
400
+ switch (content_type) {
401
+ case 0:
402
+ // V2ClientHello
403
+ version = SSL2_VERSION;
404
+ break;
405
+ case SSL3_RT_HEADER:
406
+ version = 0;
407
+ break;
408
+ default:
409
+ version = SSL_version(ssl);
410
+ }
411
+
412
+ ssl->msg_callback(is_write, version, content_type, in.data(), in.size(), ssl,
413
+ ssl->msg_callback_arg);
414
+ }
415
+
416
+ void ssl_get_current_time(const SSL *ssl, struct OPENSSL_timeval *out_clock) {
417
+ // TODO(martinkr): Change callers to |ssl_ctx_get_current_time| and drop the
418
+ // |ssl| arg from |current_time_cb| if possible.
419
+ ssl_ctx_get_current_time(ssl->ctx, out_clock);
420
+ }
421
+
422
+ void ssl_ctx_get_current_time(const SSL_CTX *ctx,
423
+ struct OPENSSL_timeval *out_clock) {
424
+ if (ctx->current_time_cb != NULL) {
425
+ // TODO(davidben): Update current_time_cb to use OPENSSL_timeval. See
426
+ // https://crbug.com/boringssl/155.
427
+ struct timeval clock;
428
+ ctx->current_time_cb(nullptr /* ssl */, &clock);
429
+ if (clock.tv_sec < 0) {
430
+ assert(0);
431
+ out_clock->tv_sec = 0;
432
+ out_clock->tv_usec = 0;
433
+ } else {
434
+ out_clock->tv_sec = (uint64_t)clock.tv_sec;
435
+ out_clock->tv_usec = (uint32_t)clock.tv_usec;
436
+ }
437
+ return;
438
+ }
439
+
440
+ #if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
441
+ out_clock->tv_sec = 1234;
442
+ out_clock->tv_usec = 1234;
443
+ #elif defined(OPENSSL_WINDOWS)
444
+ struct _timeb time;
445
+ _ftime(&time);
446
+ if (time.time < 0) {
447
+ assert(0);
448
+ out_clock->tv_sec = 0;
449
+ out_clock->tv_usec = 0;
450
+ } else {
451
+ out_clock->tv_sec = time.time;
452
+ out_clock->tv_usec = time.millitm * 1000;
453
+ }
454
+ #else
455
+ struct timeval clock;
456
+ gettimeofday(&clock, NULL);
457
+ if (clock.tv_sec < 0) {
458
+ assert(0);
459
+ out_clock->tv_sec = 0;
460
+ out_clock->tv_usec = 0;
461
+ } else {
462
+ out_clock->tv_sec = (uint64_t)clock.tv_sec;
463
+ out_clock->tv_usec = (uint32_t)clock.tv_usec;
464
+ }
465
+ #endif
466
+ }
467
+
468
+ } // namespace bssl
469
+
470
+ using namespace bssl;
471
+
472
+ int SSL_library_init(void) {
473
+ CRYPTO_library_init();
474
+ return 1;
475
+ }
476
+
477
+ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) {
478
+ CRYPTO_library_init();
479
+ return 1;
480
+ }
481
+
482
+ static uint32_t ssl_session_hash(const SSL_SESSION *sess) {
483
+ const uint8_t *session_id = sess->session_id;
484
+
485
+ uint8_t tmp_storage[sizeof(uint32_t)];
486
+ if (sess->session_id_length < sizeof(tmp_storage)) {
487
+ OPENSSL_memset(tmp_storage, 0, sizeof(tmp_storage));
488
+ OPENSSL_memcpy(tmp_storage, sess->session_id, sess->session_id_length);
489
+ session_id = tmp_storage;
490
+ }
491
+
492
+ uint32_t hash =
493
+ ((uint32_t)session_id[0]) |
494
+ ((uint32_t)session_id[1] << 8) |
495
+ ((uint32_t)session_id[2] << 16) |
496
+ ((uint32_t)session_id[3] << 24);
497
+
498
+ return hash;
499
+ }
500
+
501
+ // NB: If this function (or indeed the hash function which uses a sort of
502
+ // coarser function than this one) is changed, ensure
503
+ // SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
504
+ // able to construct an SSL_SESSION that will collide with any existing session
505
+ // with a matching session ID.
506
+ static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) {
507
+ if (a->ssl_version != b->ssl_version) {
508
+ return 1;
509
+ }
510
+
511
+ if (a->session_id_length != b->session_id_length) {
512
+ return 1;
513
+ }
514
+
515
+ return OPENSSL_memcmp(a->session_id, b->session_id, a->session_id_length);
516
+ }
517
+
518
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) {
519
+ SSL_CTX *ret = NULL;
520
+
521
+ if (method == NULL) {
522
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_METHOD_PASSED);
523
+ return NULL;
524
+ }
525
+
526
+ ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
527
+ if (ret == NULL) {
528
+ goto err;
529
+ }
530
+
531
+ OPENSSL_memset(ret, 0, sizeof(SSL_CTX));
532
+
533
+ ret->method = method->method;
534
+ ret->x509_method = method->x509_method;
535
+
536
+ CRYPTO_MUTEX_init(&ret->lock);
537
+
538
+ ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
539
+ ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
540
+
541
+ ret->session_timeout = SSL_DEFAULT_SESSION_TIMEOUT;
542
+ ret->session_psk_dhe_timeout = SSL_DEFAULT_SESSION_PSK_DHE_TIMEOUT;
543
+
544
+ ret->references = 1;
545
+
546
+ ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
547
+ ret->verify_mode = SSL_VERIFY_NONE;
548
+ ret->cert = ssl_cert_new(method->x509_method);
549
+ if (ret->cert == NULL) {
550
+ goto err;
551
+ }
552
+
553
+ ret->sessions = lh_SSL_SESSION_new(ssl_session_hash, ssl_session_cmp);
554
+ if (ret->sessions == NULL) {
555
+ goto err;
556
+ }
557
+
558
+ if (!ret->x509_method->ssl_ctx_new(ret)) {
559
+ goto err;
560
+ }
561
+
562
+ if (!SSL_CTX_set_strict_cipher_list(ret, SSL_DEFAULT_CIPHER_LIST)) {
563
+ goto err2;
564
+ }
565
+
566
+ ret->client_CA = sk_CRYPTO_BUFFER_new_null();
567
+ if (ret->client_CA == NULL) {
568
+ goto err;
569
+ }
570
+
571
+ CRYPTO_new_ex_data(&ret->ex_data);
572
+
573
+ ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
574
+
575
+ // Disable the auto-chaining feature by default. Once this has stuck without
576
+ // problems, the feature will be removed entirely.
577
+ ret->mode = SSL_MODE_NO_AUTO_CHAIN;
578
+
579
+ // Lock the SSL_CTX to the specified version, for compatibility with legacy
580
+ // uses of SSL_METHOD, but we do not set the minimum version for
581
+ // |SSLv3_method|.
582
+ if (!SSL_CTX_set_max_proto_version(ret, method->version) ||
583
+ !SSL_CTX_set_min_proto_version(ret, method->version == SSL3_VERSION
584
+ ? 0 // default
585
+ : method->version)) {
586
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
587
+ goto err2;
588
+ }
589
+
590
+ return ret;
591
+
592
+ err:
593
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
594
+ err2:
595
+ SSL_CTX_free(ret);
596
+ return NULL;
597
+ }
598
+
599
+ int SSL_CTX_up_ref(SSL_CTX *ctx) {
600
+ CRYPTO_refcount_inc(&ctx->references);
601
+ return 1;
602
+ }
603
+
604
+ void SSL_CTX_free(SSL_CTX *ctx) {
605
+ if (ctx == NULL ||
606
+ !CRYPTO_refcount_dec_and_test_zero(&ctx->references)) {
607
+ return;
608
+ }
609
+
610
+ // Free internal session cache. However: the remove_cb() may reference the
611
+ // ex_data of SSL_CTX, thus the ex_data store can only be removed after the
612
+ // sessions were flushed. As the ex_data handling routines might also touch
613
+ // the session cache, the most secure solution seems to be: empty (flush) the
614
+ // cache, then free ex_data, then finally free the cache. (See ticket
615
+ // [openssl.org #212].)
616
+ SSL_CTX_flush_sessions(ctx, 0);
617
+
618
+ CRYPTO_free_ex_data(&g_ex_data_class_ssl_ctx, ctx, &ctx->ex_data);
619
+
620
+ CRYPTO_MUTEX_cleanup(&ctx->lock);
621
+ lh_SSL_SESSION_free(ctx->sessions);
622
+ ssl_cipher_preference_list_free(ctx->cipher_list);
623
+ ssl_cert_free(ctx->cert);
624
+ sk_SSL_CUSTOM_EXTENSION_pop_free(ctx->client_custom_extensions,
625
+ SSL_CUSTOM_EXTENSION_free);
626
+ sk_SSL_CUSTOM_EXTENSION_pop_free(ctx->server_custom_extensions,
627
+ SSL_CUSTOM_EXTENSION_free);
628
+ sk_CRYPTO_BUFFER_pop_free(ctx->client_CA, CRYPTO_BUFFER_free);
629
+ ctx->x509_method->ssl_ctx_free(ctx);
630
+ sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);
631
+ OPENSSL_free(ctx->psk_identity_hint);
632
+ OPENSSL_free(ctx->supported_group_list);
633
+ OPENSSL_free(ctx->alpn_client_proto_list);
634
+ EVP_PKEY_free(ctx->tlsext_channel_id_private);
635
+ OPENSSL_free(ctx->verify_sigalgs);
636
+ OPENSSL_free(ctx->tlsext_ticket_key_current);
637
+ OPENSSL_free(ctx->tlsext_ticket_key_prev);
638
+
639
+ OPENSSL_free(ctx);
640
+ }
641
+
642
+ SSL *SSL_new(SSL_CTX *ctx) {
643
+ if (ctx == NULL) {
644
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_CTX);
645
+ return NULL;
646
+ }
647
+ if (ctx->method == NULL) {
648
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
649
+ return NULL;
650
+ }
651
+
652
+ SSL *ssl = (SSL *)OPENSSL_malloc(sizeof(SSL));
653
+ if (ssl == NULL) {
654
+ goto err;
655
+ }
656
+ OPENSSL_memset(ssl, 0, sizeof(SSL));
657
+
658
+ ssl->conf_min_version = ctx->conf_min_version;
659
+ ssl->conf_max_version = ctx->conf_max_version;
660
+ ssl->tls13_variant = ctx->tls13_variant;
661
+
662
+ // RFC 6347 states that implementations SHOULD use an initial timer value of
663
+ // 1 second.
664
+ ssl->initial_timeout_duration_ms = 1000;
665
+
666
+ ssl->options = ctx->options;
667
+ ssl->mode = ctx->mode;
668
+ ssl->max_cert_list = ctx->max_cert_list;
669
+
670
+ ssl->cert = ssl_cert_dup(ctx->cert);
671
+ if (ssl->cert == NULL) {
672
+ goto err;
673
+ }
674
+
675
+ ssl->msg_callback = ctx->msg_callback;
676
+ ssl->msg_callback_arg = ctx->msg_callback_arg;
677
+ ssl->verify_mode = ctx->verify_mode;
678
+ ssl->verify_callback = ctx->default_verify_callback;
679
+ ssl->custom_verify_callback = ctx->custom_verify_callback;
680
+ ssl->retain_only_sha256_of_client_certs =
681
+ ctx->retain_only_sha256_of_client_certs;
682
+
683
+ ssl->quiet_shutdown = ctx->quiet_shutdown;
684
+ ssl->max_send_fragment = ctx->max_send_fragment;
685
+
686
+ SSL_CTX_up_ref(ctx);
687
+ ssl->ctx = ctx;
688
+ SSL_CTX_up_ref(ctx);
689
+ ssl->session_ctx = ctx;
690
+
691
+ if (!ssl->ctx->x509_method->ssl_new(ssl)) {
692
+ goto err;
693
+ }
694
+
695
+ if (ctx->supported_group_list) {
696
+ ssl->supported_group_list = (uint16_t *)BUF_memdup(
697
+ ctx->supported_group_list, ctx->supported_group_list_len * 2);
698
+ if (!ssl->supported_group_list) {
699
+ goto err;
700
+ }
701
+ ssl->supported_group_list_len = ctx->supported_group_list_len;
702
+ }
703
+
704
+ if (ctx->alpn_client_proto_list) {
705
+ ssl->alpn_client_proto_list = (uint8_t *)BUF_memdup(
706
+ ctx->alpn_client_proto_list, ctx->alpn_client_proto_list_len);
707
+ if (ssl->alpn_client_proto_list == NULL) {
708
+ goto err;
709
+ }
710
+ ssl->alpn_client_proto_list_len = ctx->alpn_client_proto_list_len;
711
+ }
712
+
713
+ ssl->method = ctx->method;
714
+
715
+ if (!ssl->method->ssl_new(ssl)) {
716
+ goto err;
717
+ }
718
+
719
+ CRYPTO_new_ex_data(&ssl->ex_data);
720
+
721
+ ssl->psk_identity_hint = NULL;
722
+ if (ctx->psk_identity_hint) {
723
+ ssl->psk_identity_hint = BUF_strdup(ctx->psk_identity_hint);
724
+ if (ssl->psk_identity_hint == NULL) {
725
+ goto err;
726
+ }
727
+ }
728
+ ssl->psk_client_callback = ctx->psk_client_callback;
729
+ ssl->psk_server_callback = ctx->psk_server_callback;
730
+
731
+ ssl->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled;
732
+ if (ctx->tlsext_channel_id_private) {
733
+ EVP_PKEY_up_ref(ctx->tlsext_channel_id_private);
734
+ ssl->tlsext_channel_id_private = ctx->tlsext_channel_id_private;
735
+ }
736
+
737
+ ssl->signed_cert_timestamps_enabled = ctx->signed_cert_timestamps_enabled;
738
+ ssl->ocsp_stapling_enabled = ctx->ocsp_stapling_enabled;
739
+
740
+ return ssl;
741
+
742
+ err:
743
+ SSL_free(ssl);
744
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
745
+
746
+ return NULL;
747
+ }
748
+
749
+ void SSL_free(SSL *ssl) {
750
+ if (ssl == NULL) {
751
+ return;
752
+ }
753
+
754
+ if (ssl->ctx != NULL) {
755
+ ssl->ctx->x509_method->ssl_free(ssl);
756
+ }
757
+
758
+ CRYPTO_free_ex_data(&g_ex_data_class_ssl, ssl, &ssl->ex_data);
759
+
760
+ BIO_free_all(ssl->rbio);
761
+ BIO_free_all(ssl->wbio);
762
+
763
+ // add extra stuff
764
+ ssl_cipher_preference_list_free(ssl->cipher_list);
765
+
766
+ SSL_SESSION_free(ssl->session);
767
+
768
+ ssl_cert_free(ssl->cert);
769
+
770
+ OPENSSL_free(ssl->tlsext_hostname);
771
+ SSL_CTX_free(ssl->session_ctx);
772
+ OPENSSL_free(ssl->supported_group_list);
773
+ OPENSSL_free(ssl->alpn_client_proto_list);
774
+ EVP_PKEY_free(ssl->tlsext_channel_id_private);
775
+ OPENSSL_free(ssl->psk_identity_hint);
776
+ sk_CRYPTO_BUFFER_pop_free(ssl->client_CA, CRYPTO_BUFFER_free);
777
+ sk_SRTP_PROTECTION_PROFILE_free(ssl->srtp_profiles);
778
+
779
+ if (ssl->method != NULL) {
780
+ ssl->method->ssl_free(ssl);
781
+ }
782
+ SSL_CTX_free(ssl->ctx);
783
+
784
+ OPENSSL_free(ssl);
785
+ }
786
+
787
+ void SSL_set_connect_state(SSL *ssl) {
788
+ ssl->server = false;
789
+ ssl->do_handshake = ssl_client_handshake;
790
+ }
791
+
792
+ void SSL_set_accept_state(SSL *ssl) {
793
+ ssl->server = true;
794
+ ssl->do_handshake = ssl_server_handshake;
795
+ }
796
+
797
+ void SSL_set0_rbio(SSL *ssl, BIO *rbio) {
798
+ BIO_free_all(ssl->rbio);
799
+ ssl->rbio = rbio;
800
+ }
801
+
802
+ void SSL_set0_wbio(SSL *ssl, BIO *wbio) {
803
+ BIO_free_all(ssl->wbio);
804
+ ssl->wbio = wbio;
805
+ }
806
+
807
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio) {
808
+ // For historical reasons, this function has many different cases in ownership
809
+ // handling.
810
+
811
+ // If nothing has changed, do nothing
812
+ if (rbio == SSL_get_rbio(ssl) && wbio == SSL_get_wbio(ssl)) {
813
+ return;
814
+ }
815
+
816
+ // If the two arguments are equal, one fewer reference is granted than
817
+ // taken.
818
+ if (rbio != NULL && rbio == wbio) {
819
+ BIO_up_ref(rbio);
820
+ }
821
+
822
+ // If only the wbio is changed, adopt only one reference.
823
+ if (rbio == SSL_get_rbio(ssl)) {
824
+ SSL_set0_wbio(ssl, wbio);
825
+ return;
826
+ }
827
+
828
+ // There is an asymmetry here for historical reasons. If only the rbio is
829
+ // changed AND the rbio and wbio were originally different, then we only adopt
830
+ // one reference.
831
+ if (wbio == SSL_get_wbio(ssl) && SSL_get_rbio(ssl) != SSL_get_wbio(ssl)) {
832
+ SSL_set0_rbio(ssl, rbio);
833
+ return;
834
+ }
835
+
836
+ // Otherwise, adopt both references.
837
+ SSL_set0_rbio(ssl, rbio);
838
+ SSL_set0_wbio(ssl, wbio);
839
+ }
840
+
841
+ BIO *SSL_get_rbio(const SSL *ssl) { return ssl->rbio; }
842
+
843
+ BIO *SSL_get_wbio(const SSL *ssl) { return ssl->wbio; }
844
+
845
+ int SSL_do_handshake(SSL *ssl) {
846
+ ssl_reset_error_state(ssl);
847
+
848
+ if (ssl->do_handshake == NULL) {
849
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_TYPE_NOT_SET);
850
+ return -1;
851
+ }
852
+
853
+ if (!SSL_in_init(ssl)) {
854
+ return 1;
855
+ }
856
+
857
+ // Run the handshake.
858
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
859
+
860
+ bool early_return = false;
861
+ int ret = ssl_run_handshake(hs, &early_return);
862
+ ssl_do_info_callback(
863
+ ssl, ssl->server ? SSL_CB_ACCEPT_EXIT : SSL_CB_CONNECT_EXIT, ret);
864
+ if (ret <= 0) {
865
+ return ret;
866
+ }
867
+
868
+ // Destroy the handshake object if the handshake has completely finished.
869
+ if (!early_return) {
870
+ ssl->s3->hs.reset();
871
+ }
872
+
873
+ return 1;
874
+ }
875
+
876
+ int SSL_connect(SSL *ssl) {
877
+ if (ssl->do_handshake == NULL) {
878
+ // Not properly initialized yet
879
+ SSL_set_connect_state(ssl);
880
+ }
881
+
882
+ return SSL_do_handshake(ssl);
883
+ }
884
+
885
+ int SSL_accept(SSL *ssl) {
886
+ if (ssl->do_handshake == NULL) {
887
+ // Not properly initialized yet
888
+ SSL_set_accept_state(ssl);
889
+ }
890
+
891
+ return SSL_do_handshake(ssl);
892
+ }
893
+
894
+ static int ssl_do_post_handshake(SSL *ssl, const SSLMessage &msg) {
895
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
896
+ return tls13_post_handshake(ssl, msg);
897
+ }
898
+
899
+ // We do not accept renegotiations as a server or SSL 3.0. SSL 3.0 will be
900
+ // removed entirely in the future and requires retaining more data for
901
+ // renegotiation_info.
902
+ if (ssl->server || ssl->version == SSL3_VERSION) {
903
+ goto no_renegotiation;
904
+ }
905
+
906
+ if (msg.type != SSL3_MT_HELLO_REQUEST || CBS_len(&msg.body) != 0) {
907
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
908
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HELLO_REQUEST);
909
+ return 0;
910
+ }
911
+
912
+ switch (ssl->renegotiate_mode) {
913
+ case ssl_renegotiate_ignore:
914
+ // Ignore the HelloRequest.
915
+ return 1;
916
+
917
+ case ssl_renegotiate_once:
918
+ if (ssl->s3->total_renegotiations != 0) {
919
+ goto no_renegotiation;
920
+ }
921
+ break;
922
+
923
+ case ssl_renegotiate_never:
924
+ goto no_renegotiation;
925
+
926
+ case ssl_renegotiate_freely:
927
+ break;
928
+ }
929
+
930
+ // Renegotiation is only supported at quiescent points in the application
931
+ // protocol, namely in HTTPS, just before reading the HTTP response. Require
932
+ // the record-layer be idle and avoid complexities of sending a handshake
933
+ // record while an application_data record is being written.
934
+ if (!ssl->s3->write_buffer.empty() ||
935
+ ssl->s3->write_shutdown != ssl_shutdown_none) {
936
+ goto no_renegotiation;
937
+ }
938
+
939
+ // Begin a new handshake.
940
+ if (ssl->s3->hs != nullptr) {
941
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
942
+ return 0;
943
+ }
944
+ ssl->s3->hs = ssl_handshake_new(ssl);
945
+ if (ssl->s3->hs == nullptr) {
946
+ return 0;
947
+ }
948
+
949
+ ssl->s3->total_renegotiations++;
950
+ return 1;
951
+
952
+ no_renegotiation:
953
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_RENEGOTIATION);
954
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_NO_RENEGOTIATION);
955
+ return 0;
956
+ }
957
+
958
+ static int ssl_read_impl(SSL *ssl) {
959
+ ssl_reset_error_state(ssl);
960
+
961
+ if (ssl->do_handshake == NULL) {
962
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
963
+ return -1;
964
+ }
965
+
966
+ // Replay post-handshake message errors.
967
+ if (!check_read_error(ssl)) {
968
+ return -1;
969
+ }
970
+
971
+ while (ssl->s3->pending_app_data.empty()) {
972
+ // Complete the current handshake, if any. False Start will cause
973
+ // |SSL_do_handshake| to return mid-handshake, so this may require multiple
974
+ // iterations.
975
+ while (!ssl_can_read(ssl)) {
976
+ int ret = SSL_do_handshake(ssl);
977
+ if (ret < 0) {
978
+ return ret;
979
+ }
980
+ if (ret == 0) {
981
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
982
+ return -1;
983
+ }
984
+ }
985
+
986
+ // Process any buffered post-handshake messages.
987
+ SSLMessage msg;
988
+ if (ssl->method->get_message(ssl, &msg)) {
989
+ // If we received an interrupt in early read (EndOfEarlyData), loop again
990
+ // for the handshake to process it.
991
+ if (SSL_in_init(ssl)) {
992
+ ssl->s3->hs->can_early_read = false;
993
+ continue;
994
+ }
995
+
996
+ // Handle the post-handshake message and try again.
997
+ if (!ssl_do_post_handshake(ssl, msg)) {
998
+ ssl_set_read_error(ssl);
999
+ return -1;
1000
+ }
1001
+ ssl->method->next_message(ssl);
1002
+ continue; // Loop again. We may have begun a new handshake.
1003
+ }
1004
+
1005
+ uint8_t alert = SSL_AD_DECODE_ERROR;
1006
+ size_t consumed = 0;
1007
+ auto ret = ssl_open_app_data(ssl, &ssl->s3->pending_app_data, &consumed,
1008
+ &alert, ssl->s3->read_buffer.span());
1009
+ bool retry;
1010
+ int bio_ret = ssl_handle_open_record(ssl, &retry, ret, consumed, alert);
1011
+ if (bio_ret <= 0) {
1012
+ return bio_ret;
1013
+ }
1014
+ if (!retry) {
1015
+ assert(!ssl->s3->pending_app_data.empty());
1016
+ ssl->s3->key_update_count = 0;
1017
+ }
1018
+ }
1019
+
1020
+ return 1;
1021
+ }
1022
+
1023
+ int SSL_read(SSL *ssl, void *buf, int num) {
1024
+ int ret = SSL_peek(ssl, buf, num);
1025
+ if (ret <= 0) {
1026
+ return ret;
1027
+ }
1028
+ // TODO(davidben): In DTLS, should the rest of the record be discarded? DTLS
1029
+ // is not a stream. See https://crbug.com/boringssl/65.
1030
+ ssl->s3->pending_app_data =
1031
+ ssl->s3->pending_app_data.subspan(static_cast<size_t>(ret));
1032
+ if (ssl->s3->pending_app_data.empty()) {
1033
+ ssl->s3->read_buffer.DiscardConsumed();
1034
+ }
1035
+ return ret;
1036
+ }
1037
+
1038
+ int SSL_peek(SSL *ssl, void *buf, int num) {
1039
+ int ret = ssl_read_impl(ssl);
1040
+ if (ret <= 0) {
1041
+ return ret;
1042
+ }
1043
+ if (num <= 0) {
1044
+ return num;
1045
+ }
1046
+ size_t todo =
1047
+ std::min(ssl->s3->pending_app_data.size(), static_cast<size_t>(num));
1048
+ OPENSSL_memcpy(buf, ssl->s3->pending_app_data.data(), todo);
1049
+ return static_cast<int>(todo);
1050
+ }
1051
+
1052
+ int SSL_write(SSL *ssl, const void *buf, int num) {
1053
+ ssl_reset_error_state(ssl);
1054
+
1055
+ if (ssl->do_handshake == NULL) {
1056
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
1057
+ return -1;
1058
+ }
1059
+
1060
+ if (ssl->s3->write_shutdown != ssl_shutdown_none) {
1061
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
1062
+ return -1;
1063
+ }
1064
+
1065
+ int ret = 0;
1066
+ bool needs_handshake = false;
1067
+ do {
1068
+ // If necessary, complete the handshake implicitly.
1069
+ if (!ssl_can_write(ssl)) {
1070
+ ret = SSL_do_handshake(ssl);
1071
+ if (ret < 0) {
1072
+ return ret;
1073
+ }
1074
+ if (ret == 0) {
1075
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
1076
+ return -1;
1077
+ }
1078
+ }
1079
+
1080
+ ret = ssl->method->write_app_data(ssl, &needs_handshake,
1081
+ (const uint8_t *)buf, num);
1082
+ } while (needs_handshake);
1083
+ return ret;
1084
+ }
1085
+
1086
+ int SSL_shutdown(SSL *ssl) {
1087
+ ssl_reset_error_state(ssl);
1088
+
1089
+ if (ssl->do_handshake == NULL) {
1090
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED);
1091
+ return -1;
1092
+ }
1093
+
1094
+ // If we are in the middle of a handshake, silently succeed. Consumers often
1095
+ // call this function before |SSL_free|, whether the handshake succeeded or
1096
+ // not. We assume the caller has already handled failed handshakes.
1097
+ if (SSL_in_init(ssl)) {
1098
+ return 1;
1099
+ }
1100
+
1101
+ if (ssl->quiet_shutdown) {
1102
+ // Do nothing if configured not to send a close_notify.
1103
+ ssl->s3->write_shutdown = ssl_shutdown_close_notify;
1104
+ ssl->s3->read_shutdown = ssl_shutdown_close_notify;
1105
+ return 1;
1106
+ }
1107
+
1108
+ // This function completes in two stages. It sends a close_notify and then it
1109
+ // waits for a close_notify to come in. Perform exactly one action and return
1110
+ // whether or not it succeeds.
1111
+
1112
+ if (ssl->s3->write_shutdown != ssl_shutdown_close_notify) {
1113
+ // Send a close_notify.
1114
+ if (ssl_send_alert(ssl, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY) <= 0) {
1115
+ return -1;
1116
+ }
1117
+ } else if (ssl->s3->alert_dispatch) {
1118
+ // Finish sending the close_notify.
1119
+ if (ssl->method->dispatch_alert(ssl) <= 0) {
1120
+ return -1;
1121
+ }
1122
+ } else if (ssl->s3->read_shutdown != ssl_shutdown_close_notify) {
1123
+ if (SSL_is_dtls(ssl)) {
1124
+ // Bidirectional shutdown doesn't make sense for an unordered
1125
+ // transport. DTLS alerts also aren't delivered reliably, so we may even
1126
+ // time out because the peer never received our close_notify. Report to
1127
+ // the caller that the channel has fully shut down.
1128
+ if (ssl->s3->read_shutdown == ssl_shutdown_error) {
1129
+ ERR_restore_state(ssl->s3->read_error.get());
1130
+ return -1;
1131
+ }
1132
+ ssl->s3->read_shutdown = ssl_shutdown_close_notify;
1133
+ } else {
1134
+ // Keep discarding data until we see a close_notify.
1135
+ for (;;) {
1136
+ ssl->s3->pending_app_data = Span<uint8_t>();
1137
+ int ret = ssl_read_impl(ssl);
1138
+ if (ret <= 0) {
1139
+ break;
1140
+ }
1141
+ }
1142
+ if (ssl->s3->read_shutdown != ssl_shutdown_close_notify) {
1143
+ return -1;
1144
+ }
1145
+ }
1146
+ }
1147
+
1148
+ // Return 0 for unidirectional shutdown and 1 for bidirectional shutdown.
1149
+ return ssl->s3->read_shutdown == ssl_shutdown_close_notify;
1150
+ }
1151
+
1152
+ int SSL_send_fatal_alert(SSL *ssl, uint8_t alert) {
1153
+ if (ssl->s3->alert_dispatch) {
1154
+ if (ssl->s3->send_alert[0] != SSL3_AL_FATAL ||
1155
+ ssl->s3->send_alert[1] != alert) {
1156
+ // We are already attempting to write a different alert.
1157
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
1158
+ return -1;
1159
+ }
1160
+ return ssl->method->dispatch_alert(ssl);
1161
+ }
1162
+
1163
+ return ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
1164
+ }
1165
+
1166
+ void SSL_CTX_set_early_data_enabled(SSL_CTX *ctx, int enabled) {
1167
+ ctx->cert->enable_early_data = !!enabled;
1168
+ }
1169
+
1170
+ void SSL_CTX_set_tls13_variant(SSL_CTX *ctx, enum tls13_variant_t variant) {
1171
+ ctx->tls13_variant = variant;
1172
+ }
1173
+
1174
+ void SSL_set_tls13_variant(SSL *ssl, enum tls13_variant_t variant) {
1175
+ ssl->tls13_variant = variant;
1176
+ }
1177
+
1178
+ void SSL_set_early_data_enabled(SSL *ssl, int enabled) {
1179
+ ssl->cert->enable_early_data = !!enabled;
1180
+ }
1181
+
1182
+ int SSL_in_early_data(const SSL *ssl) {
1183
+ if (ssl->s3->hs == NULL) {
1184
+ return 0;
1185
+ }
1186
+ return ssl->s3->hs->in_early_data;
1187
+ }
1188
+
1189
+ int SSL_early_data_accepted(const SSL *ssl) {
1190
+ return ssl->early_data_accepted;
1191
+ }
1192
+
1193
+ void SSL_reset_early_data_reject(SSL *ssl) {
1194
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
1195
+ if (hs == NULL ||
1196
+ hs->wait != ssl_hs_early_data_rejected) {
1197
+ abort();
1198
+ }
1199
+
1200
+ hs->wait = ssl_hs_ok;
1201
+ hs->in_early_data = false;
1202
+ hs->early_session.reset();
1203
+
1204
+ // Discard any unfinished writes from the perspective of |SSL_write|'s
1205
+ // retry. The handshake will transparently flush out the pending record
1206
+ // (discarded by the server) to keep the framing correct.
1207
+ ssl->s3->wpend_pending = false;
1208
+ }
1209
+
1210
+ static int bio_retry_reason_to_error(int reason) {
1211
+ switch (reason) {
1212
+ case BIO_RR_CONNECT:
1213
+ return SSL_ERROR_WANT_CONNECT;
1214
+ case BIO_RR_ACCEPT:
1215
+ return SSL_ERROR_WANT_ACCEPT;
1216
+ default:
1217
+ return SSL_ERROR_SYSCALL;
1218
+ }
1219
+ }
1220
+
1221
+ int SSL_get_error(const SSL *ssl, int ret_code) {
1222
+ if (ret_code > 0) {
1223
+ return SSL_ERROR_NONE;
1224
+ }
1225
+
1226
+ // Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
1227
+ // where we do encode the error
1228
+ uint32_t err = ERR_peek_error();
1229
+ if (err != 0) {
1230
+ if (ERR_GET_LIB(err) == ERR_LIB_SYS) {
1231
+ return SSL_ERROR_SYSCALL;
1232
+ }
1233
+ return SSL_ERROR_SSL;
1234
+ }
1235
+
1236
+ if (ret_code == 0) {
1237
+ if (ssl->s3->read_shutdown == ssl_shutdown_close_notify) {
1238
+ return SSL_ERROR_ZERO_RETURN;
1239
+ }
1240
+ // An EOF was observed which violates the protocol, and the underlying
1241
+ // transport does not participate in the error queue. Bubble up to the
1242
+ // caller.
1243
+ return SSL_ERROR_SYSCALL;
1244
+ }
1245
+
1246
+ switch (ssl->s3->rwstate) {
1247
+ case SSL_PENDING_SESSION:
1248
+ return SSL_ERROR_PENDING_SESSION;
1249
+
1250
+ case SSL_CERTIFICATE_SELECTION_PENDING:
1251
+ return SSL_ERROR_PENDING_CERTIFICATE;
1252
+
1253
+ case SSL_READING: {
1254
+ BIO *bio = SSL_get_rbio(ssl);
1255
+ if (BIO_should_read(bio)) {
1256
+ return SSL_ERROR_WANT_READ;
1257
+ }
1258
+
1259
+ if (BIO_should_write(bio)) {
1260
+ // TODO(davidben): OpenSSL historically checked for writes on the read
1261
+ // BIO. Can this be removed?
1262
+ return SSL_ERROR_WANT_WRITE;
1263
+ }
1264
+
1265
+ if (BIO_should_io_special(bio)) {
1266
+ return bio_retry_reason_to_error(BIO_get_retry_reason(bio));
1267
+ }
1268
+
1269
+ break;
1270
+ }
1271
+
1272
+ case SSL_WRITING: {
1273
+ BIO *bio = SSL_get_wbio(ssl);
1274
+ if (BIO_should_write(bio)) {
1275
+ return SSL_ERROR_WANT_WRITE;
1276
+ }
1277
+
1278
+ if (BIO_should_read(bio)) {
1279
+ // TODO(davidben): OpenSSL historically checked for reads on the write
1280
+ // BIO. Can this be removed?
1281
+ return SSL_ERROR_WANT_READ;
1282
+ }
1283
+
1284
+ if (BIO_should_io_special(bio)) {
1285
+ return bio_retry_reason_to_error(BIO_get_retry_reason(bio));
1286
+ }
1287
+
1288
+ break;
1289
+ }
1290
+
1291
+ case SSL_X509_LOOKUP:
1292
+ return SSL_ERROR_WANT_X509_LOOKUP;
1293
+
1294
+ case SSL_CHANNEL_ID_LOOKUP:
1295
+ return SSL_ERROR_WANT_CHANNEL_ID_LOOKUP;
1296
+
1297
+ case SSL_PRIVATE_KEY_OPERATION:
1298
+ return SSL_ERROR_WANT_PRIVATE_KEY_OPERATION;
1299
+
1300
+ case SSL_PENDING_TICKET:
1301
+ return SSL_ERROR_PENDING_TICKET;
1302
+
1303
+ case SSL_EARLY_DATA_REJECTED:
1304
+ return SSL_ERROR_EARLY_DATA_REJECTED;
1305
+
1306
+ case SSL_CERTIFICATE_VERIFY:
1307
+ return SSL_ERROR_WANT_CERTIFICATE_VERIFY;
1308
+ }
1309
+
1310
+ return SSL_ERROR_SYSCALL;
1311
+ }
1312
+
1313
+ uint32_t SSL_CTX_set_options(SSL_CTX *ctx, uint32_t options) {
1314
+ ctx->options |= options;
1315
+ return ctx->options;
1316
+ }
1317
+
1318
+ uint32_t SSL_CTX_clear_options(SSL_CTX *ctx, uint32_t options) {
1319
+ ctx->options &= ~options;
1320
+ return ctx->options;
1321
+ }
1322
+
1323
+ uint32_t SSL_CTX_get_options(const SSL_CTX *ctx) { return ctx->options; }
1324
+
1325
+ uint32_t SSL_set_options(SSL *ssl, uint32_t options) {
1326
+ ssl->options |= options;
1327
+ return ssl->options;
1328
+ }
1329
+
1330
+ uint32_t SSL_clear_options(SSL *ssl, uint32_t options) {
1331
+ ssl->options &= ~options;
1332
+ return ssl->options;
1333
+ }
1334
+
1335
+ uint32_t SSL_get_options(const SSL *ssl) { return ssl->options; }
1336
+
1337
+ uint32_t SSL_CTX_set_mode(SSL_CTX *ctx, uint32_t mode) {
1338
+ ctx->mode |= mode;
1339
+ return ctx->mode;
1340
+ }
1341
+
1342
+ uint32_t SSL_CTX_clear_mode(SSL_CTX *ctx, uint32_t mode) {
1343
+ ctx->mode &= ~mode;
1344
+ return ctx->mode;
1345
+ }
1346
+
1347
+ uint32_t SSL_CTX_get_mode(const SSL_CTX *ctx) { return ctx->mode; }
1348
+
1349
+ uint32_t SSL_set_mode(SSL *ssl, uint32_t mode) {
1350
+ ssl->mode |= mode;
1351
+ return ssl->mode;
1352
+ }
1353
+
1354
+ uint32_t SSL_clear_mode(SSL *ssl, uint32_t mode) {
1355
+ ssl->mode &= ~mode;
1356
+ return ssl->mode;
1357
+ }
1358
+
1359
+ uint32_t SSL_get_mode(const SSL *ssl) { return ssl->mode; }
1360
+
1361
+ void SSL_CTX_set0_buffer_pool(SSL_CTX *ctx, CRYPTO_BUFFER_POOL *pool) {
1362
+ ctx->pool = pool;
1363
+ }
1364
+
1365
+ int SSL_get_tls_unique(const SSL *ssl, uint8_t *out, size_t *out_len,
1366
+ size_t max_out) {
1367
+ *out_len = 0;
1368
+ OPENSSL_memset(out, 0, max_out);
1369
+
1370
+ // tls-unique is not defined for SSL 3.0 or TLS 1.3.
1371
+ if (!ssl->s3->initial_handshake_complete ||
1372
+ ssl_protocol_version(ssl) < TLS1_VERSION ||
1373
+ ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1374
+ return 0;
1375
+ }
1376
+
1377
+ // The tls-unique value is the first Finished message in the handshake, which
1378
+ // is the client's in a full handshake and the server's for a resumption. See
1379
+ // https://tools.ietf.org/html/rfc5929#section-3.1.
1380
+ const uint8_t *finished = ssl->s3->previous_client_finished;
1381
+ size_t finished_len = ssl->s3->previous_client_finished_len;
1382
+ if (ssl->session != NULL) {
1383
+ // tls-unique is broken for resumed sessions unless EMS is used.
1384
+ if (!ssl->session->extended_master_secret) {
1385
+ return 0;
1386
+ }
1387
+ finished = ssl->s3->previous_server_finished;
1388
+ finished_len = ssl->s3->previous_server_finished_len;
1389
+ }
1390
+
1391
+ *out_len = finished_len;
1392
+ if (finished_len > max_out) {
1393
+ *out_len = max_out;
1394
+ }
1395
+
1396
+ OPENSSL_memcpy(out, finished, *out_len);
1397
+ return 1;
1398
+ }
1399
+
1400
+ static int set_session_id_context(CERT *cert, const uint8_t *sid_ctx,
1401
+ size_t sid_ctx_len) {
1402
+ if (sid_ctx_len > sizeof(cert->sid_ctx)) {
1403
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
1404
+ return 0;
1405
+ }
1406
+
1407
+ static_assert(sizeof(cert->sid_ctx) < 256, "sid_ctx too large");
1408
+ cert->sid_ctx_length = (uint8_t)sid_ctx_len;
1409
+ OPENSSL_memcpy(cert->sid_ctx, sid_ctx, sid_ctx_len);
1410
+ return 1;
1411
+ }
1412
+
1413
+ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const uint8_t *sid_ctx,
1414
+ size_t sid_ctx_len) {
1415
+ return set_session_id_context(ctx->cert, sid_ctx, sid_ctx_len);
1416
+ }
1417
+
1418
+ int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx,
1419
+ size_t sid_ctx_len) {
1420
+ return set_session_id_context(ssl->cert, sid_ctx, sid_ctx_len);
1421
+ }
1422
+
1423
+ const uint8_t *SSL_get0_session_id_context(const SSL *ssl, size_t *out_len) {
1424
+ *out_len = ssl->cert->sid_ctx_length;
1425
+ return ssl->cert->sid_ctx;
1426
+ }
1427
+
1428
+ void SSL_certs_clear(SSL *ssl) { ssl_cert_clear_certs(ssl->cert); }
1429
+
1430
+ int SSL_get_fd(const SSL *ssl) { return SSL_get_rfd(ssl); }
1431
+
1432
+ int SSL_get_rfd(const SSL *ssl) {
1433
+ int ret = -1;
1434
+ BIO *b = BIO_find_type(SSL_get_rbio(ssl), BIO_TYPE_DESCRIPTOR);
1435
+ if (b != NULL) {
1436
+ BIO_get_fd(b, &ret);
1437
+ }
1438
+ return ret;
1439
+ }
1440
+
1441
+ int SSL_get_wfd(const SSL *ssl) {
1442
+ int ret = -1;
1443
+ BIO *b = BIO_find_type(SSL_get_wbio(ssl), BIO_TYPE_DESCRIPTOR);
1444
+ if (b != NULL) {
1445
+ BIO_get_fd(b, &ret);
1446
+ }
1447
+ return ret;
1448
+ }
1449
+
1450
+ int SSL_set_fd(SSL *ssl, int fd) {
1451
+ BIO *bio = BIO_new(BIO_s_socket());
1452
+ if (bio == NULL) {
1453
+ OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
1454
+ return 0;
1455
+ }
1456
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
1457
+ SSL_set_bio(ssl, bio, bio);
1458
+ return 1;
1459
+ }
1460
+
1461
+ int SSL_set_wfd(SSL *ssl, int fd) {
1462
+ BIO *rbio = SSL_get_rbio(ssl);
1463
+ if (rbio == NULL || BIO_method_type(rbio) != BIO_TYPE_SOCKET ||
1464
+ BIO_get_fd(rbio, NULL) != fd) {
1465
+ BIO *bio = BIO_new(BIO_s_socket());
1466
+ if (bio == NULL) {
1467
+ OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
1468
+ return 0;
1469
+ }
1470
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
1471
+ SSL_set0_wbio(ssl, bio);
1472
+ } else {
1473
+ // Copy the rbio over to the wbio.
1474
+ BIO_up_ref(rbio);
1475
+ SSL_set0_wbio(ssl, rbio);
1476
+ }
1477
+
1478
+ return 1;
1479
+ }
1480
+
1481
+ int SSL_set_rfd(SSL *ssl, int fd) {
1482
+ BIO *wbio = SSL_get_wbio(ssl);
1483
+ if (wbio == NULL || BIO_method_type(wbio) != BIO_TYPE_SOCKET ||
1484
+ BIO_get_fd(wbio, NULL) != fd) {
1485
+ BIO *bio = BIO_new(BIO_s_socket());
1486
+ if (bio == NULL) {
1487
+ OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB);
1488
+ return 0;
1489
+ }
1490
+ BIO_set_fd(bio, fd, BIO_NOCLOSE);
1491
+ SSL_set0_rbio(ssl, bio);
1492
+ } else {
1493
+ // Copy the wbio over to the rbio.
1494
+ BIO_up_ref(wbio);
1495
+ SSL_set0_rbio(ssl, wbio);
1496
+ }
1497
+ return 1;
1498
+ }
1499
+
1500
+ static size_t copy_finished(void *out, size_t out_len, const uint8_t *in,
1501
+ size_t in_len) {
1502
+ if (out_len > in_len) {
1503
+ out_len = in_len;
1504
+ }
1505
+ OPENSSL_memcpy(out, in, out_len);
1506
+ return in_len;
1507
+ }
1508
+
1509
+ size_t SSL_get_finished(const SSL *ssl, void *buf, size_t count) {
1510
+ if (!ssl->s3->initial_handshake_complete ||
1511
+ ssl_protocol_version(ssl) < TLS1_VERSION ||
1512
+ ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1513
+ return 0;
1514
+ }
1515
+
1516
+ if (ssl->server) {
1517
+ return copy_finished(buf, count, ssl->s3->previous_server_finished,
1518
+ ssl->s3->previous_server_finished_len);
1519
+ }
1520
+
1521
+ return copy_finished(buf, count, ssl->s3->previous_client_finished,
1522
+ ssl->s3->previous_client_finished_len);
1523
+ }
1524
+
1525
+ size_t SSL_get_peer_finished(const SSL *ssl, void *buf, size_t count) {
1526
+ if (!ssl->s3->initial_handshake_complete ||
1527
+ ssl_protocol_version(ssl) < TLS1_VERSION ||
1528
+ ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1529
+ return 0;
1530
+ }
1531
+
1532
+ if (ssl->server) {
1533
+ return copy_finished(buf, count, ssl->s3->previous_client_finished,
1534
+ ssl->s3->previous_client_finished_len);
1535
+ }
1536
+
1537
+ return copy_finished(buf, count, ssl->s3->previous_server_finished,
1538
+ ssl->s3->previous_server_finished_len);
1539
+ }
1540
+
1541
+ int SSL_get_verify_mode(const SSL *ssl) { return ssl->verify_mode; }
1542
+
1543
+ int SSL_get_extms_support(const SSL *ssl) {
1544
+ // TLS 1.3 does not require extended master secret and always reports as
1545
+ // supporting it.
1546
+ if (!ssl->s3->have_version) {
1547
+ return 0;
1548
+ }
1549
+ if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1550
+ return 1;
1551
+ }
1552
+
1553
+ // If the initial handshake completed, query the established session.
1554
+ if (ssl->s3->established_session != NULL) {
1555
+ return ssl->s3->established_session->extended_master_secret;
1556
+ }
1557
+
1558
+ // Otherwise, query the in-progress handshake.
1559
+ if (ssl->s3->hs != NULL) {
1560
+ return ssl->s3->hs->extended_master_secret;
1561
+ }
1562
+ assert(0);
1563
+ return 0;
1564
+ }
1565
+
1566
+ int SSL_CTX_get_read_ahead(const SSL_CTX *ctx) { return 0; }
1567
+
1568
+ int SSL_get_read_ahead(const SSL *ssl) { return 0; }
1569
+
1570
+ void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes) { }
1571
+
1572
+ void SSL_set_read_ahead(SSL *ssl, int yes) { }
1573
+
1574
+ int SSL_pending(const SSL *ssl) {
1575
+ return static_cast<int>(ssl->s3->pending_app_data.size());
1576
+ }
1577
+
1578
+ // Fix this so it checks all the valid key/cert options
1579
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx) {
1580
+ return ssl_cert_check_private_key(ctx->cert, ctx->cert->privatekey);
1581
+ }
1582
+
1583
+ // Fix this function so that it takes an optional type parameter
1584
+ int SSL_check_private_key(const SSL *ssl) {
1585
+ return ssl_cert_check_private_key(ssl->cert, ssl->cert->privatekey);
1586
+ }
1587
+
1588
+ long SSL_get_default_timeout(const SSL *ssl) {
1589
+ return SSL_DEFAULT_SESSION_TIMEOUT;
1590
+ }
1591
+
1592
+ int SSL_renegotiate(SSL *ssl) {
1593
+ // Caller-initiated renegotiation is not supported.
1594
+ OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
1595
+ return 0;
1596
+ }
1597
+
1598
+ int SSL_renegotiate_pending(SSL *ssl) {
1599
+ return SSL_in_init(ssl) && ssl->s3->initial_handshake_complete;
1600
+ }
1601
+
1602
+ int SSL_total_renegotiations(const SSL *ssl) {
1603
+ return ssl->s3->total_renegotiations;
1604
+ }
1605
+
1606
+ size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx) {
1607
+ return ctx->max_cert_list;
1608
+ }
1609
+
1610
+ void SSL_CTX_set_max_cert_list(SSL_CTX *ctx, size_t max_cert_list) {
1611
+ if (max_cert_list > kMaxHandshakeSize) {
1612
+ max_cert_list = kMaxHandshakeSize;
1613
+ }
1614
+ ctx->max_cert_list = (uint32_t)max_cert_list;
1615
+ }
1616
+
1617
+ size_t SSL_get_max_cert_list(const SSL *ssl) {
1618
+ return ssl->max_cert_list;
1619
+ }
1620
+
1621
+ void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list) {
1622
+ if (max_cert_list > kMaxHandshakeSize) {
1623
+ max_cert_list = kMaxHandshakeSize;
1624
+ }
1625
+ ssl->max_cert_list = (uint32_t)max_cert_list;
1626
+ }
1627
+
1628
+ int SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, size_t max_send_fragment) {
1629
+ if (max_send_fragment < 512) {
1630
+ max_send_fragment = 512;
1631
+ }
1632
+ if (max_send_fragment > SSL3_RT_MAX_PLAIN_LENGTH) {
1633
+ max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1634
+ }
1635
+ ctx->max_send_fragment = (uint16_t)max_send_fragment;
1636
+
1637
+ return 1;
1638
+ }
1639
+
1640
+ int SSL_set_max_send_fragment(SSL *ssl, size_t max_send_fragment) {
1641
+ if (max_send_fragment < 512) {
1642
+ max_send_fragment = 512;
1643
+ }
1644
+ if (max_send_fragment > SSL3_RT_MAX_PLAIN_LENGTH) {
1645
+ max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
1646
+ }
1647
+ ssl->max_send_fragment = (uint16_t)max_send_fragment;
1648
+
1649
+ return 1;
1650
+ }
1651
+
1652
+ int SSL_set_mtu(SSL *ssl, unsigned mtu) {
1653
+ if (!SSL_is_dtls(ssl) || mtu < dtls1_min_mtu()) {
1654
+ return 0;
1655
+ }
1656
+ ssl->d1->mtu = mtu;
1657
+ return 1;
1658
+ }
1659
+
1660
+ int SSL_get_secure_renegotiation_support(const SSL *ssl) {
1661
+ if (!ssl->s3->have_version) {
1662
+ return 0;
1663
+ }
1664
+ return ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
1665
+ ssl->s3->send_connection_binding;
1666
+ }
1667
+
1668
+ size_t SSL_CTX_sess_number(const SSL_CTX *ctx) {
1669
+ MutexReadLock lock(const_cast<CRYPTO_MUTEX *>(&ctx->lock));
1670
+ return lh_SSL_SESSION_num_items(ctx->sessions);
1671
+ }
1672
+
1673
+ unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, unsigned long size) {
1674
+ unsigned long ret = ctx->session_cache_size;
1675
+ ctx->session_cache_size = size;
1676
+ return ret;
1677
+ }
1678
+
1679
+ unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx) {
1680
+ return ctx->session_cache_size;
1681
+ }
1682
+
1683
+ int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode) {
1684
+ int ret = ctx->session_cache_mode;
1685
+ ctx->session_cache_mode = mode;
1686
+ return ret;
1687
+ }
1688
+
1689
+ int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx) {
1690
+ return ctx->session_cache_mode;
1691
+ }
1692
+
1693
+
1694
+ int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out, size_t len) {
1695
+ if (out == NULL) {
1696
+ return 48;
1697
+ }
1698
+ if (len != 48) {
1699
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
1700
+ return 0;
1701
+ }
1702
+
1703
+ // The default ticket keys are initialized lazily. Trigger a key
1704
+ // rotation to initialize them.
1705
+ if (!ssl_ctx_rotate_ticket_encryption_key(ctx)) {
1706
+ return 0;
1707
+ }
1708
+
1709
+ uint8_t *out_bytes = reinterpret_cast<uint8_t *>(out);
1710
+ MutexReadLock lock(&ctx->lock);
1711
+ OPENSSL_memcpy(out_bytes, ctx->tlsext_ticket_key_current->name, 16);
1712
+ OPENSSL_memcpy(out_bytes + 16, ctx->tlsext_ticket_key_current->hmac_key, 16);
1713
+ OPENSSL_memcpy(out_bytes + 32, ctx->tlsext_ticket_key_current->aes_key, 16);
1714
+ return 1;
1715
+ }
1716
+
1717
+ int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in, size_t len) {
1718
+ if (in == NULL) {
1719
+ return 48;
1720
+ }
1721
+ if (len != 48) {
1722
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
1723
+ return 0;
1724
+ }
1725
+ if (!ctx->tlsext_ticket_key_current) {
1726
+ ctx->tlsext_ticket_key_current =
1727
+ (tlsext_ticket_key *)OPENSSL_malloc(sizeof(tlsext_ticket_key));
1728
+ if (!ctx->tlsext_ticket_key_current) {
1729
+ return 0;
1730
+ }
1731
+ }
1732
+ OPENSSL_memset(ctx->tlsext_ticket_key_current, 0, sizeof(tlsext_ticket_key));
1733
+ const uint8_t *in_bytes = reinterpret_cast<const uint8_t *>(in);
1734
+ OPENSSL_memcpy(ctx->tlsext_ticket_key_current->name, in_bytes, 16);
1735
+ OPENSSL_memcpy(ctx->tlsext_ticket_key_current->hmac_key, in_bytes + 16, 16);
1736
+ OPENSSL_memcpy(ctx->tlsext_ticket_key_current->aes_key, in_bytes + 32, 16);
1737
+ OPENSSL_free(ctx->tlsext_ticket_key_prev);
1738
+ ctx->tlsext_ticket_key_prev = nullptr;
1739
+ // Disable automatic key rotation.
1740
+ ctx->tlsext_ticket_key_current->next_rotation_tv_sec = 0;
1741
+ return 1;
1742
+ }
1743
+
1744
+ int SSL_CTX_set_tlsext_ticket_key_cb(
1745
+ SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv,
1746
+ EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx,
1747
+ int encrypt)) {
1748
+ ctx->tlsext_ticket_key_cb = callback;
1749
+ return 1;
1750
+ }
1751
+
1752
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, const int *curves, size_t curves_len) {
1753
+ return tls1_set_curves(&ctx->supported_group_list,
1754
+ &ctx->supported_group_list_len, curves,
1755
+ curves_len);
1756
+ }
1757
+
1758
+ int SSL_set1_curves(SSL *ssl, const int *curves, size_t curves_len) {
1759
+ return tls1_set_curves(&ssl->supported_group_list,
1760
+ &ssl->supported_group_list_len, curves,
1761
+ curves_len);
1762
+ }
1763
+
1764
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, const char *curves) {
1765
+ return tls1_set_curves_list(&ctx->supported_group_list,
1766
+ &ctx->supported_group_list_len, curves);
1767
+ }
1768
+
1769
+ int SSL_set1_curves_list(SSL *ssl, const char *curves) {
1770
+ return tls1_set_curves_list(&ssl->supported_group_list,
1771
+ &ssl->supported_group_list_len, curves);
1772
+ }
1773
+
1774
+ uint16_t SSL_get_curve_id(const SSL *ssl) {
1775
+ // TODO(davidben): This checks the wrong session if there is a renegotiation
1776
+ // in progress.
1777
+ SSL_SESSION *session = SSL_get_session(ssl);
1778
+ if (session == NULL) {
1779
+ return 0;
1780
+ }
1781
+
1782
+ return session->group_id;
1783
+ }
1784
+
1785
+ int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh) {
1786
+ return 1;
1787
+ }
1788
+
1789
+ int SSL_set_tmp_dh(SSL *ssl, const DH *dh) {
1790
+ return 1;
1791
+ }
1792
+
1793
+ STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx) {
1794
+ return ctx->cipher_list->ciphers;
1795
+ }
1796
+
1797
+ int SSL_CTX_cipher_in_group(const SSL_CTX *ctx, size_t i) {
1798
+ if (i >= sk_SSL_CIPHER_num(ctx->cipher_list->ciphers)) {
1799
+ return 0;
1800
+ }
1801
+ return ctx->cipher_list->in_group_flags[i];
1802
+ }
1803
+
1804
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) {
1805
+ if (ssl == NULL) {
1806
+ return NULL;
1807
+ }
1808
+
1809
+ const struct ssl_cipher_preference_list_st *prefs =
1810
+ ssl_get_cipher_preferences(ssl);
1811
+ if (prefs == NULL) {
1812
+ return NULL;
1813
+ }
1814
+
1815
+ return prefs->ciphers;
1816
+ }
1817
+
1818
+ const char *SSL_get_cipher_list(const SSL *ssl, int n) {
1819
+ if (ssl == NULL) {
1820
+ return NULL;
1821
+ }
1822
+
1823
+ STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
1824
+ if (sk == NULL || n < 0 || (size_t)n >= sk_SSL_CIPHER_num(sk)) {
1825
+ return NULL;
1826
+ }
1827
+
1828
+ const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, n);
1829
+ if (c == NULL) {
1830
+ return NULL;
1831
+ }
1832
+
1833
+ return c->name;
1834
+ }
1835
+
1836
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) {
1837
+ return ssl_create_cipher_list(&ctx->cipher_list, str, false /* not strict */);
1838
+ }
1839
+
1840
+ int SSL_CTX_set_strict_cipher_list(SSL_CTX *ctx, const char *str) {
1841
+ return ssl_create_cipher_list(&ctx->cipher_list, str, true /* strict */);
1842
+ }
1843
+
1844
+ int SSL_set_cipher_list(SSL *ssl, const char *str) {
1845
+ return ssl_create_cipher_list(&ssl->cipher_list, str, false /* not strict */);
1846
+ }
1847
+
1848
+ int SSL_set_strict_cipher_list(SSL *ssl, const char *str) {
1849
+ return ssl_create_cipher_list(&ssl->cipher_list, str, true /* strict */);
1850
+ }
1851
+
1852
+ const char *SSL_get_servername(const SSL *ssl, const int type) {
1853
+ if (type != TLSEXT_NAMETYPE_host_name) {
1854
+ return NULL;
1855
+ }
1856
+
1857
+ // Historically, |SSL_get_servername| was also the configuration getter
1858
+ // corresponding to |SSL_set_tlsext_host_name|.
1859
+ if (ssl->tlsext_hostname != NULL) {
1860
+ return ssl->tlsext_hostname;
1861
+ }
1862
+
1863
+ return ssl->s3->hostname.get();
1864
+ }
1865
+
1866
+ int SSL_get_servername_type(const SSL *ssl) {
1867
+ if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) == NULL) {
1868
+ return -1;
1869
+ }
1870
+ return TLSEXT_NAMETYPE_host_name;
1871
+ }
1872
+
1873
+ void SSL_CTX_set_custom_verify(
1874
+ SSL_CTX *ctx, int mode,
1875
+ enum ssl_verify_result_t (*callback)(SSL *ssl, uint8_t *out_alert)) {
1876
+ ctx->verify_mode = mode;
1877
+ ctx->custom_verify_callback = callback;
1878
+ }
1879
+
1880
+ void SSL_set_custom_verify(
1881
+ SSL *ssl, int mode,
1882
+ enum ssl_verify_result_t (*callback)(SSL *ssl, uint8_t *out_alert)) {
1883
+ ssl->verify_mode = mode;
1884
+ ssl->custom_verify_callback = callback;
1885
+ }
1886
+
1887
+ void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx) {
1888
+ ctx->signed_cert_timestamps_enabled = true;
1889
+ }
1890
+
1891
+ void SSL_enable_signed_cert_timestamps(SSL *ssl) {
1892
+ ssl->signed_cert_timestamps_enabled = true;
1893
+ }
1894
+
1895
+ void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx) {
1896
+ ctx->ocsp_stapling_enabled = true;
1897
+ }
1898
+
1899
+ void SSL_enable_ocsp_stapling(SSL *ssl) {
1900
+ ssl->ocsp_stapling_enabled = true;
1901
+ }
1902
+
1903
+ void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, const uint8_t **out,
1904
+ size_t *out_len) {
1905
+ SSL_SESSION *session = SSL_get_session(ssl);
1906
+ if (ssl->server || !session || !session->signed_cert_timestamp_list) {
1907
+ *out_len = 0;
1908
+ *out = NULL;
1909
+ return;
1910
+ }
1911
+
1912
+ *out = CRYPTO_BUFFER_data(session->signed_cert_timestamp_list);
1913
+ *out_len = CRYPTO_BUFFER_len(session->signed_cert_timestamp_list);
1914
+ }
1915
+
1916
+ void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out,
1917
+ size_t *out_len) {
1918
+ SSL_SESSION *session = SSL_get_session(ssl);
1919
+ if (ssl->server || !session || !session->ocsp_response) {
1920
+ *out_len = 0;
1921
+ *out = NULL;
1922
+ return;
1923
+ }
1924
+
1925
+ *out = CRYPTO_BUFFER_data(session->ocsp_response);
1926
+ *out_len = CRYPTO_BUFFER_len(session->ocsp_response);
1927
+ }
1928
+
1929
+ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
1930
+ OPENSSL_free(ssl->tlsext_hostname);
1931
+ ssl->tlsext_hostname = NULL;
1932
+
1933
+ if (name == NULL) {
1934
+ return 1;
1935
+ }
1936
+
1937
+ size_t len = strlen(name);
1938
+ if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
1939
+ OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
1940
+ return 0;
1941
+ }
1942
+ ssl->tlsext_hostname = BUF_strdup(name);
1943
+ if (ssl->tlsext_hostname == NULL) {
1944
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1945
+ return 0;
1946
+ }
1947
+ return 1;
1948
+ }
1949
+
1950
+ int SSL_CTX_set_tlsext_servername_callback(
1951
+ SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)) {
1952
+ ctx->tlsext_servername_callback = callback;
1953
+ return 1;
1954
+ }
1955
+
1956
+ int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg) {
1957
+ ctx->tlsext_servername_arg = arg;
1958
+ return 1;
1959
+ }
1960
+
1961
+ int SSL_select_next_proto(uint8_t **out, uint8_t *out_len, const uint8_t *peer,
1962
+ unsigned peer_len, const uint8_t *supported,
1963
+ unsigned supported_len) {
1964
+ const uint8_t *result;
1965
+ int status;
1966
+
1967
+ // For each protocol in peer preference order, see if we support it.
1968
+ for (unsigned i = 0; i < peer_len;) {
1969
+ for (unsigned j = 0; j < supported_len;) {
1970
+ if (peer[i] == supported[j] &&
1971
+ OPENSSL_memcmp(&peer[i + 1], &supported[j + 1], peer[i]) == 0) {
1972
+ // We found a match
1973
+ result = &peer[i];
1974
+ status = OPENSSL_NPN_NEGOTIATED;
1975
+ goto found;
1976
+ }
1977
+ j += supported[j];
1978
+ j++;
1979
+ }
1980
+ i += peer[i];
1981
+ i++;
1982
+ }
1983
+
1984
+ // There's no overlap between our protocols and the peer's list.
1985
+ result = supported;
1986
+ status = OPENSSL_NPN_NO_OVERLAP;
1987
+
1988
+ found:
1989
+ *out = (uint8_t *)result + 1;
1990
+ *out_len = result[0];
1991
+ return status;
1992
+ }
1993
+
1994
+ void SSL_get0_next_proto_negotiated(const SSL *ssl, const uint8_t **out_data,
1995
+ unsigned *out_len) {
1996
+ *out_data = ssl->s3->next_proto_negotiated.data();
1997
+ *out_len = ssl->s3->next_proto_negotiated.size();
1998
+ }
1999
+
2000
+ void SSL_CTX_set_next_protos_advertised_cb(
2001
+ SSL_CTX *ctx,
2002
+ int (*cb)(SSL *ssl, const uint8_t **out, unsigned *out_len, void *arg),
2003
+ void *arg) {
2004
+ ctx->next_protos_advertised_cb = cb;
2005
+ ctx->next_protos_advertised_cb_arg = arg;
2006
+ }
2007
+
2008
+ void SSL_CTX_set_next_proto_select_cb(
2009
+ SSL_CTX *ctx, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *out_len,
2010
+ const uint8_t *in, unsigned in_len, void *arg),
2011
+ void *arg) {
2012
+ ctx->next_proto_select_cb = cb;
2013
+ ctx->next_proto_select_cb_arg = arg;
2014
+ }
2015
+
2016
+ int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
2017
+ unsigned protos_len) {
2018
+ OPENSSL_free(ctx->alpn_client_proto_list);
2019
+ ctx->alpn_client_proto_list = (uint8_t *)BUF_memdup(protos, protos_len);
2020
+ if (!ctx->alpn_client_proto_list) {
2021
+ return 1;
2022
+ }
2023
+ ctx->alpn_client_proto_list_len = protos_len;
2024
+
2025
+ return 0;
2026
+ }
2027
+
2028
+ int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos, unsigned protos_len) {
2029
+ OPENSSL_free(ssl->alpn_client_proto_list);
2030
+ ssl->alpn_client_proto_list = (uint8_t *)BUF_memdup(protos, protos_len);
2031
+ if (!ssl->alpn_client_proto_list) {
2032
+ return 1;
2033
+ }
2034
+ ssl->alpn_client_proto_list_len = protos_len;
2035
+
2036
+ return 0;
2037
+ }
2038
+
2039
+ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
2040
+ int (*cb)(SSL *ssl, const uint8_t **out,
2041
+ uint8_t *out_len, const uint8_t *in,
2042
+ unsigned in_len, void *arg),
2043
+ void *arg) {
2044
+ ctx->alpn_select_cb = cb;
2045
+ ctx->alpn_select_cb_arg = arg;
2046
+ }
2047
+
2048
+ void SSL_get0_alpn_selected(const SSL *ssl, const uint8_t **out_data,
2049
+ unsigned *out_len) {
2050
+ if (SSL_in_early_data(ssl) && !ssl->server) {
2051
+ *out_data = ssl->s3->hs->early_session->early_alpn;
2052
+ *out_len = ssl->s3->hs->early_session->early_alpn_len;
2053
+ } else {
2054
+ *out_data = ssl->s3->alpn_selected.data();
2055
+ *out_len = ssl->s3->alpn_selected.size();
2056
+ }
2057
+ }
2058
+
2059
+ void SSL_CTX_set_allow_unknown_alpn_protos(SSL_CTX *ctx, int enabled) {
2060
+ ctx->allow_unknown_alpn_protos = !!enabled;
2061
+ }
2062
+
2063
+ void SSL_CTX_set_tls_channel_id_enabled(SSL_CTX *ctx, int enabled) {
2064
+ ctx->tlsext_channel_id_enabled = !!enabled;
2065
+ }
2066
+
2067
+ int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx) {
2068
+ SSL_CTX_set_tls_channel_id_enabled(ctx, 1);
2069
+ return 1;
2070
+ }
2071
+
2072
+ void SSL_set_tls_channel_id_enabled(SSL *ssl, int enabled) {
2073
+ ssl->tlsext_channel_id_enabled = !!enabled;
2074
+ }
2075
+
2076
+ int SSL_enable_tls_channel_id(SSL *ssl) {
2077
+ SSL_set_tls_channel_id_enabled(ssl, 1);
2078
+ return 1;
2079
+ }
2080
+
2081
+ static int is_p256_key(EVP_PKEY *private_key) {
2082
+ const EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(private_key);
2083
+ return ec_key != NULL &&
2084
+ EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key)) ==
2085
+ NID_X9_62_prime256v1;
2086
+ }
2087
+
2088
+ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) {
2089
+ if (!is_p256_key(private_key)) {
2090
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256);
2091
+ return 0;
2092
+ }
2093
+
2094
+ EVP_PKEY_free(ctx->tlsext_channel_id_private);
2095
+ EVP_PKEY_up_ref(private_key);
2096
+ ctx->tlsext_channel_id_private = private_key;
2097
+ ctx->tlsext_channel_id_enabled = true;
2098
+
2099
+ return 1;
2100
+ }
2101
+
2102
+ int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) {
2103
+ if (!is_p256_key(private_key)) {
2104
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256);
2105
+ return 0;
2106
+ }
2107
+
2108
+ EVP_PKEY_free(ssl->tlsext_channel_id_private);
2109
+ EVP_PKEY_up_ref(private_key);
2110
+ ssl->tlsext_channel_id_private = private_key;
2111
+ ssl->tlsext_channel_id_enabled = true;
2112
+
2113
+ return 1;
2114
+ }
2115
+
2116
+ size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, size_t max_out) {
2117
+ if (!ssl->s3->tlsext_channel_id_valid) {
2118
+ return 0;
2119
+ }
2120
+ OPENSSL_memcpy(out, ssl->s3->tlsext_channel_id,
2121
+ (max_out < 64) ? max_out : 64);
2122
+ return 64;
2123
+ }
2124
+
2125
+ size_t SSL_get0_certificate_types(SSL *ssl, const uint8_t **out_types) {
2126
+ if (ssl->server || ssl->s3->hs == NULL) {
2127
+ *out_types = NULL;
2128
+ return 0;
2129
+ }
2130
+ *out_types = ssl->s3->hs->certificate_types.data();
2131
+ return ssl->s3->hs->certificate_types.size();
2132
+ }
2133
+
2134
+ EVP_PKEY *SSL_get_privatekey(const SSL *ssl) {
2135
+ if (ssl->cert != NULL) {
2136
+ return ssl->cert->privatekey;
2137
+ }
2138
+
2139
+ return NULL;
2140
+ }
2141
+
2142
+ EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx) {
2143
+ if (ctx->cert != NULL) {
2144
+ return ctx->cert->privatekey;
2145
+ }
2146
+
2147
+ return NULL;
2148
+ }
2149
+
2150
+ const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl) {
2151
+ return ssl->s3->aead_write_ctx->cipher();
2152
+ }
2153
+
2154
+ int SSL_session_reused(const SSL *ssl) {
2155
+ return ssl->s3->session_reused || SSL_in_early_data(ssl);
2156
+ }
2157
+
2158
+ const COMP_METHOD *SSL_get_current_compression(SSL *ssl) { return NULL; }
2159
+
2160
+ const COMP_METHOD *SSL_get_current_expansion(SSL *ssl) { return NULL; }
2161
+
2162
+ int *SSL_get_server_tmp_key(SSL *ssl, EVP_PKEY **out_key) { return 0; }
2163
+
2164
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode) {
2165
+ ctx->quiet_shutdown = (mode != 0);
2166
+ }
2167
+
2168
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) {
2169
+ return ctx->quiet_shutdown;
2170
+ }
2171
+
2172
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode) {
2173
+ ssl->quiet_shutdown = (mode != 0);
2174
+ }
2175
+
2176
+ int SSL_get_quiet_shutdown(const SSL *ssl) { return ssl->quiet_shutdown; }
2177
+
2178
+ void SSL_set_shutdown(SSL *ssl, int mode) {
2179
+ // It is an error to clear any bits that have already been set. (We can't try
2180
+ // to get a second close_notify or send two.)
2181
+ assert((SSL_get_shutdown(ssl) & mode) == SSL_get_shutdown(ssl));
2182
+
2183
+ if (mode & SSL_RECEIVED_SHUTDOWN &&
2184
+ ssl->s3->read_shutdown == ssl_shutdown_none) {
2185
+ ssl->s3->read_shutdown = ssl_shutdown_close_notify;
2186
+ }
2187
+
2188
+ if (mode & SSL_SENT_SHUTDOWN &&
2189
+ ssl->s3->write_shutdown == ssl_shutdown_none) {
2190
+ ssl->s3->write_shutdown = ssl_shutdown_close_notify;
2191
+ }
2192
+ }
2193
+
2194
+ int SSL_get_shutdown(const SSL *ssl) {
2195
+ int ret = 0;
2196
+ if (ssl->s3->read_shutdown != ssl_shutdown_none) {
2197
+ // Historically, OpenSSL set |SSL_RECEIVED_SHUTDOWN| on both close_notify
2198
+ // and fatal alert.
2199
+ ret |= SSL_RECEIVED_SHUTDOWN;
2200
+ }
2201
+ if (ssl->s3->write_shutdown == ssl_shutdown_close_notify) {
2202
+ // Historically, OpenSSL set |SSL_SENT_SHUTDOWN| on only close_notify.
2203
+ ret |= SSL_SENT_SHUTDOWN;
2204
+ }
2205
+ return ret;
2206
+ }
2207
+
2208
+ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) { return ssl->ctx; }
2209
+
2210
+ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) {
2211
+ if (ssl->ctx == ctx) {
2212
+ return ssl->ctx;
2213
+ }
2214
+
2215
+ // One cannot change the X.509 callbacks during a connection.
2216
+ if (ssl->ctx->x509_method != ctx->x509_method) {
2217
+ assert(0);
2218
+ return NULL;
2219
+ }
2220
+
2221
+ if (ctx == NULL) {
2222
+ ctx = ssl->session_ctx;
2223
+ }
2224
+
2225
+ ssl_cert_free(ssl->cert);
2226
+ ssl->cert = ssl_cert_dup(ctx->cert);
2227
+
2228
+ SSL_CTX_up_ref(ctx);
2229
+ SSL_CTX_free(ssl->ctx);
2230
+ ssl->ctx = ctx;
2231
+
2232
+ return ssl->ctx;
2233
+ }
2234
+
2235
+ void SSL_set_info_callback(SSL *ssl,
2236
+ void (*cb)(const SSL *ssl, int type, int value)) {
2237
+ ssl->info_callback = cb;
2238
+ }
2239
+
2240
+ void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type,
2241
+ int value) {
2242
+ return ssl->info_callback;
2243
+ }
2244
+
2245
+ int SSL_state(const SSL *ssl) {
2246
+ return SSL_in_init(ssl) ? SSL_ST_INIT : SSL_ST_OK;
2247
+ }
2248
+
2249
+ void SSL_set_state(SSL *ssl, int state) { }
2250
+
2251
+ char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len) {
2252
+ if (len <= 0) {
2253
+ return NULL;
2254
+ }
2255
+ buf[0] = '\0';
2256
+ return buf;
2257
+ }
2258
+
2259
+ int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
2260
+ CRYPTO_EX_dup *dup_unused, CRYPTO_EX_free *free_func) {
2261
+ int index;
2262
+ if (!CRYPTO_get_ex_new_index(&g_ex_data_class_ssl, &index, argl, argp,
2263
+ free_func)) {
2264
+ return -1;
2265
+ }
2266
+ return index;
2267
+ }
2268
+
2269
+ int SSL_set_ex_data(SSL *ssl, int idx, void *data) {
2270
+ return CRYPTO_set_ex_data(&ssl->ex_data, idx, data);
2271
+ }
2272
+
2273
+ void *SSL_get_ex_data(const SSL *ssl, int idx) {
2274
+ return CRYPTO_get_ex_data(&ssl->ex_data, idx);
2275
+ }
2276
+
2277
+ int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
2278
+ CRYPTO_EX_dup *dup_unused,
2279
+ CRYPTO_EX_free *free_func) {
2280
+ int index;
2281
+ if (!CRYPTO_get_ex_new_index(&g_ex_data_class_ssl_ctx, &index, argl, argp,
2282
+ free_func)) {
2283
+ return -1;
2284
+ }
2285
+ return index;
2286
+ }
2287
+
2288
+ int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *data) {
2289
+ return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
2290
+ }
2291
+
2292
+ void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx) {
2293
+ return CRYPTO_get_ex_data(&ctx->ex_data, idx);
2294
+ }
2295
+
2296
+ int SSL_want(const SSL *ssl) { return ssl->s3->rwstate; }
2297
+
2298
+ void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
2299
+ RSA *(*cb)(SSL *ssl, int is_export,
2300
+ int keylength)) {}
2301
+
2302
+ void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
2303
+ int keylength)) {}
2304
+
2305
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
2306
+ DH *(*cb)(SSL *ssl, int is_export,
2307
+ int keylength)) {}
2308
+
2309
+ void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*cb)(SSL *ssl, int is_export,
2310
+ int keylength)) {}
2311
+
2312
+ static int use_psk_identity_hint(char **out, const char *identity_hint) {
2313
+ if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
2314
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG);
2315
+ return 0;
2316
+ }
2317
+
2318
+ // Clear currently configured hint, if any.
2319
+ OPENSSL_free(*out);
2320
+ *out = NULL;
2321
+
2322
+ // Treat the empty hint as not supplying one. Plain PSK makes it possible to
2323
+ // send either no hint (omit ServerKeyExchange) or an empty hint, while
2324
+ // ECDHE_PSK can only spell empty hint. Having different capabilities is odd,
2325
+ // so we interpret empty and missing as identical.
2326
+ if (identity_hint != NULL && identity_hint[0] != '\0') {
2327
+ *out = BUF_strdup(identity_hint);
2328
+ if (*out == NULL) {
2329
+ return 0;
2330
+ }
2331
+ }
2332
+
2333
+ return 1;
2334
+ }
2335
+
2336
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) {
2337
+ return use_psk_identity_hint(&ctx->psk_identity_hint, identity_hint);
2338
+ }
2339
+
2340
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *identity_hint) {
2341
+ return use_psk_identity_hint(&ssl->psk_identity_hint, identity_hint);
2342
+ }
2343
+
2344
+ const char *SSL_get_psk_identity_hint(const SSL *ssl) {
2345
+ if (ssl == NULL) {
2346
+ return NULL;
2347
+ }
2348
+ return ssl->psk_identity_hint;
2349
+ }
2350
+
2351
+ const char *SSL_get_psk_identity(const SSL *ssl) {
2352
+ if (ssl == NULL) {
2353
+ return NULL;
2354
+ }
2355
+ SSL_SESSION *session = SSL_get_session(ssl);
2356
+ if (session == NULL) {
2357
+ return NULL;
2358
+ }
2359
+ return session->psk_identity;
2360
+ }
2361
+
2362
+ void SSL_set_psk_client_callback(
2363
+ SSL *ssl, unsigned (*cb)(SSL *ssl, const char *hint, char *identity,
2364
+ unsigned max_identity_len, uint8_t *psk,
2365
+ unsigned max_psk_len)) {
2366
+ ssl->psk_client_callback = cb;
2367
+ }
2368
+
2369
+ void SSL_CTX_set_psk_client_callback(
2370
+ SSL_CTX *ctx, unsigned (*cb)(SSL *ssl, const char *hint, char *identity,
2371
+ unsigned max_identity_len, uint8_t *psk,
2372
+ unsigned max_psk_len)) {
2373
+ ctx->psk_client_callback = cb;
2374
+ }
2375
+
2376
+ void SSL_set_psk_server_callback(
2377
+ SSL *ssl, unsigned (*cb)(SSL *ssl, const char *identity, uint8_t *psk,
2378
+ unsigned max_psk_len)) {
2379
+ ssl->psk_server_callback = cb;
2380
+ }
2381
+
2382
+ void SSL_CTX_set_psk_server_callback(
2383
+ SSL_CTX *ctx, unsigned (*cb)(SSL *ssl, const char *identity,
2384
+ uint8_t *psk, unsigned max_psk_len)) {
2385
+ ctx->psk_server_callback = cb;
2386
+ }
2387
+
2388
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
2389
+ void (*cb)(int write_p, int version,
2390
+ int content_type, const void *buf,
2391
+ size_t len, SSL *ssl, void *arg)) {
2392
+ ctx->msg_callback = cb;
2393
+ }
2394
+
2395
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg) {
2396
+ ctx->msg_callback_arg = arg;
2397
+ }
2398
+
2399
+ void SSL_set_msg_callback(SSL *ssl,
2400
+ void (*cb)(int write_p, int version, int content_type,
2401
+ const void *buf, size_t len, SSL *ssl,
2402
+ void *arg)) {
2403
+ ssl->msg_callback = cb;
2404
+ }
2405
+
2406
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg) {
2407
+ ssl->msg_callback_arg = arg;
2408
+ }
2409
+
2410
+ void SSL_CTX_set_keylog_callback(SSL_CTX *ctx,
2411
+ void (*cb)(const SSL *ssl, const char *line)) {
2412
+ ctx->keylog_callback = cb;
2413
+ }
2414
+
2415
+ void (*SSL_CTX_get_keylog_callback(const SSL_CTX *ctx))(const SSL *ssl,
2416
+ const char *line) {
2417
+ return ctx->keylog_callback;
2418
+ }
2419
+
2420
+ void SSL_CTX_set_current_time_cb(SSL_CTX *ctx,
2421
+ void (*cb)(const SSL *ssl,
2422
+ struct timeval *out_clock)) {
2423
+ ctx->current_time_cb = cb;
2424
+ }
2425
+
2426
+ int SSL_is_init_finished(const SSL *ssl) {
2427
+ return !SSL_in_init(ssl);
2428
+ }
2429
+
2430
+ int SSL_in_init(const SSL *ssl) {
2431
+ // This returns false once all the handshake state has been finalized, to
2432
+ // allow callbacks and getters based on SSL_in_init to return the correct
2433
+ // values.
2434
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
2435
+ return hs != nullptr && !hs->handshake_finalized;
2436
+ }
2437
+
2438
+ int SSL_in_false_start(const SSL *ssl) {
2439
+ if (ssl->s3->hs == NULL) {
2440
+ return 0;
2441
+ }
2442
+ return ssl->s3->hs->in_false_start;
2443
+ }
2444
+
2445
+ int SSL_cutthrough_complete(const SSL *ssl) {
2446
+ return SSL_in_false_start(ssl);
2447
+ }
2448
+
2449
+ void SSL_get_structure_sizes(size_t *ssl_size, size_t *ssl_ctx_size,
2450
+ size_t *ssl_session_size) {
2451
+ *ssl_size = sizeof(SSL);
2452
+ *ssl_ctx_size = sizeof(SSL_CTX);
2453
+ *ssl_session_size = sizeof(SSL_SESSION);
2454
+ }
2455
+
2456
+ int SSL_is_server(const SSL *ssl) { return ssl->server; }
2457
+
2458
+ int SSL_is_dtls(const SSL *ssl) { return ssl->method->is_dtls; }
2459
+
2460
+ void SSL_CTX_set_select_certificate_cb(
2461
+ SSL_CTX *ctx,
2462
+ enum ssl_select_cert_result_t (*cb)(const SSL_CLIENT_HELLO *)) {
2463
+ ctx->select_certificate_cb = cb;
2464
+ }
2465
+
2466
+ void SSL_CTX_set_dos_protection_cb(SSL_CTX *ctx,
2467
+ int (*cb)(const SSL_CLIENT_HELLO *)) {
2468
+ ctx->dos_protection_cb = cb;
2469
+ }
2470
+
2471
+ void SSL_set_renegotiate_mode(SSL *ssl, enum ssl_renegotiate_mode_t mode) {
2472
+ ssl->renegotiate_mode = mode;
2473
+ }
2474
+
2475
+ int SSL_get_ivs(const SSL *ssl, const uint8_t **out_read_iv,
2476
+ const uint8_t **out_write_iv, size_t *out_iv_len) {
2477
+ size_t write_iv_len;
2478
+ if (!ssl->s3->aead_read_ctx->GetIV(out_read_iv, out_iv_len) ||
2479
+ !ssl->s3->aead_write_ctx->GetIV(out_write_iv, &write_iv_len) ||
2480
+ *out_iv_len != write_iv_len) {
2481
+ return 0;
2482
+ }
2483
+
2484
+ return 1;
2485
+ }
2486
+
2487
+ static uint64_t be_to_u64(const uint8_t in[8]) {
2488
+ return (((uint64_t)in[0]) << 56) | (((uint64_t)in[1]) << 48) |
2489
+ (((uint64_t)in[2]) << 40) | (((uint64_t)in[3]) << 32) |
2490
+ (((uint64_t)in[4]) << 24) | (((uint64_t)in[5]) << 16) |
2491
+ (((uint64_t)in[6]) << 8) | ((uint64_t)in[7]);
2492
+ }
2493
+
2494
+ uint64_t SSL_get_read_sequence(const SSL *ssl) {
2495
+ // TODO(davidben): Internally represent sequence numbers as uint64_t.
2496
+ if (SSL_is_dtls(ssl)) {
2497
+ // max_seq_num already includes the epoch.
2498
+ assert(ssl->d1->r_epoch == (ssl->d1->bitmap.max_seq_num >> 48));
2499
+ return ssl->d1->bitmap.max_seq_num;
2500
+ }
2501
+ return be_to_u64(ssl->s3->read_sequence);
2502
+ }
2503
+
2504
+ uint64_t SSL_get_write_sequence(const SSL *ssl) {
2505
+ uint64_t ret = be_to_u64(ssl->s3->write_sequence);
2506
+ if (SSL_is_dtls(ssl)) {
2507
+ assert((ret >> 48) == 0);
2508
+ ret |= ((uint64_t)ssl->d1->w_epoch) << 48;
2509
+ }
2510
+ return ret;
2511
+ }
2512
+
2513
+ uint16_t SSL_get_peer_signature_algorithm(const SSL *ssl) {
2514
+ // TODO(davidben): This checks the wrong session if there is a renegotiation
2515
+ // in progress.
2516
+ SSL_SESSION *session = SSL_get_session(ssl);
2517
+ if (session == NULL) {
2518
+ return 0;
2519
+ }
2520
+
2521
+ return session->peer_signature_algorithm;
2522
+ }
2523
+
2524
+ size_t SSL_get_client_random(const SSL *ssl, uint8_t *out, size_t max_out) {
2525
+ if (max_out == 0) {
2526
+ return sizeof(ssl->s3->client_random);
2527
+ }
2528
+ if (max_out > sizeof(ssl->s3->client_random)) {
2529
+ max_out = sizeof(ssl->s3->client_random);
2530
+ }
2531
+ OPENSSL_memcpy(out, ssl->s3->client_random, max_out);
2532
+ return max_out;
2533
+ }
2534
+
2535
+ size_t SSL_get_server_random(const SSL *ssl, uint8_t *out, size_t max_out) {
2536
+ if (max_out == 0) {
2537
+ return sizeof(ssl->s3->server_random);
2538
+ }
2539
+ if (max_out > sizeof(ssl->s3->server_random)) {
2540
+ max_out = sizeof(ssl->s3->server_random);
2541
+ }
2542
+ OPENSSL_memcpy(out, ssl->s3->server_random, max_out);
2543
+ return max_out;
2544
+ }
2545
+
2546
+ const SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl) {
2547
+ SSL_HANDSHAKE *hs = ssl->s3->hs.get();
2548
+ if (hs == NULL) {
2549
+ return NULL;
2550
+ }
2551
+ return hs->new_cipher;
2552
+ }
2553
+
2554
+ void SSL_set_retain_only_sha256_of_client_certs(SSL *ssl, int enabled) {
2555
+ ssl->retain_only_sha256_of_client_certs = !!enabled;
2556
+ }
2557
+
2558
+ void SSL_CTX_set_retain_only_sha256_of_client_certs(SSL_CTX *ctx, int enabled) {
2559
+ ctx->retain_only_sha256_of_client_certs = !!enabled;
2560
+ }
2561
+
2562
+ void SSL_CTX_set_grease_enabled(SSL_CTX *ctx, int enabled) {
2563
+ ctx->grease_enabled = !!enabled;
2564
+ }
2565
+
2566
+ int32_t SSL_get_ticket_age_skew(const SSL *ssl) {
2567
+ return ssl->s3->ticket_age_skew;
2568
+ }
2569
+
2570
+ int SSL_clear(SSL *ssl) {
2571
+ // In OpenSSL, reusing a client |SSL| with |SSL_clear| causes the previously
2572
+ // established session to be offered the next time around. wpa_supplicant
2573
+ // depends on this behavior, so emulate it.
2574
+ UniquePtr<SSL_SESSION> session;
2575
+ if (!ssl->server && ssl->s3->established_session != NULL) {
2576
+ session.reset(ssl->s3->established_session.get());
2577
+ SSL_SESSION_up_ref(session.get());
2578
+ }
2579
+
2580
+ // The ssl->d1->mtu is simultaneously configuration (preserved across
2581
+ // clear) and connection-specific state (gets reset).
2582
+ //
2583
+ // TODO(davidben): Avoid this.
2584
+ unsigned mtu = 0;
2585
+ if (ssl->d1 != NULL) {
2586
+ mtu = ssl->d1->mtu;
2587
+ }
2588
+
2589
+ ssl->method->ssl_free(ssl);
2590
+ if (!ssl->method->ssl_new(ssl)) {
2591
+ return 0;
2592
+ }
2593
+
2594
+ if (SSL_is_dtls(ssl) && (SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) {
2595
+ ssl->d1->mtu = mtu;
2596
+ }
2597
+
2598
+ if (session != nullptr) {
2599
+ SSL_set_session(ssl, session.get());
2600
+ }
2601
+
2602
+ return 1;
2603
+ }
2604
+
2605
+ int SSL_CTX_sess_connect(const SSL_CTX *ctx) { return 0; }
2606
+ int SSL_CTX_sess_connect_good(const SSL_CTX *ctx) { return 0; }
2607
+ int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx) { return 0; }
2608
+ int SSL_CTX_sess_accept(const SSL_CTX *ctx) { return 0; }
2609
+ int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx) { return 0; }
2610
+ int SSL_CTX_sess_accept_good(const SSL_CTX *ctx) { return 0; }
2611
+ int SSL_CTX_sess_hits(const SSL_CTX *ctx) { return 0; }
2612
+ int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx) { return 0; }
2613
+ int SSL_CTX_sess_misses(const SSL_CTX *ctx) { return 0; }
2614
+ int SSL_CTX_sess_timeouts(const SSL_CTX *ctx) { return 0; }
2615
+ int SSL_CTX_sess_cache_full(const SSL_CTX *ctx) { return 0; }
2616
+
2617
+ int SSL_num_renegotiations(const SSL *ssl) {
2618
+ return SSL_total_renegotiations(ssl);
2619
+ }
2620
+
2621
+ int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx) { return 0; }
2622
+ int SSL_need_tmp_RSA(const SSL *ssl) { return 0; }
2623
+ int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa) { return 1; }
2624
+ int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa) { return 1; }
2625
+ void ERR_load_SSL_strings(void) {}
2626
+ void SSL_load_error_strings(void) {}
2627
+ int SSL_cache_hit(SSL *ssl) { return SSL_session_reused(ssl); }
2628
+
2629
+ int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key) {
2630
+ if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) {
2631
+ OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
2632
+ return 0;
2633
+ }
2634
+ int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key));
2635
+ return SSL_CTX_set1_curves(ctx, &nid, 1);
2636
+ }
2637
+
2638
+ int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key) {
2639
+ if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) {
2640
+ OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
2641
+ return 0;
2642
+ }
2643
+ int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec_key));
2644
+ return SSL_set1_curves(ssl, &nid, 1);
2645
+ }
2646
+
2647
+ void SSL_CTX_set_ticket_aead_method(SSL_CTX *ctx,
2648
+ const SSL_TICKET_AEAD_METHOD *aead_method) {
2649
+ ctx->ticket_aead_method = aead_method;
2650
+ }