RubyGems - grpc - Versions diffs - 0.13.1 → 0.14.1.pre1 - Mend

grpc 0.13.1 → 0.14.1.pre1

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (724) hide show

checksums.yaml +4 -4
data/Makefile +2098 -828
data/include/grpc/byte_buffer.h +1 -1
data/include/grpc/byte_buffer_reader.h +1 -20
data/include/grpc/census.h +4 -4
data/include/grpc/compression.h +6 -5
data/include/grpc/grpc.h +31 -20
data/include/grpc/grpc_security.h +17 -31
data/include/grpc/grpc_security_constants.h +114 -0
data/include/grpc/grpc_zookeeper.h +1 -1
data/include/grpc/impl/codegen/alloc.h +1 -1
data/include/grpc/impl/codegen/atm.h +1 -1
data/include/grpc/impl/codegen/atm_gcc_atomic.h +1 -1
data/include/grpc/impl/codegen/atm_gcc_sync.h +1 -1
data/include/grpc/impl/codegen/atm_win32.h +1 -1
data/include/grpc/impl/codegen/byte_buffer.h +1 -1
data/{src/core/client_config/lb_policies/round_robin.h → include/grpc/impl/codegen/byte_buffer_reader.h} +19 -8
data/include/grpc/impl/codegen/grpc_types.h +20 -3
data/include/grpc/impl/codegen/log.h +9 -2
data/include/grpc/impl/codegen/port_platform.h +102 -17
data/include/grpc/impl/codegen/propagation_bits.h +3 -3
data/include/grpc/impl/codegen/slice.h +3 -3
data/include/grpc/impl/codegen/slice_buffer.h +3 -3
data/include/grpc/impl/codegen/status.h +1 -1
data/include/grpc/impl/codegen/sync_generic.h +1 -1
data/include/grpc/impl/codegen/sync_posix.h +1 -1
data/include/grpc/impl/codegen/sync_win32.h +1 -1
data/include/grpc/impl/codegen/time.h +3 -3
data/include/grpc/status.h +1 -1
data/include/grpc/support/alloc.h +1 -1
data/include/grpc/support/atm.h +1 -1
data/include/grpc/support/atm_gcc_atomic.h +4 -4
data/include/grpc/support/atm_gcc_sync.h +1 -1
data/include/grpc/support/atm_win32.h +1 -1
data/include/grpc/support/avl.h +1 -1
data/include/grpc/support/cmdline.h +1 -1
data/include/grpc/support/cpu.h +1 -1
data/include/grpc/support/histogram.h +1 -1
data/include/grpc/support/host_port.h +1 -1
data/include/grpc/support/log.h +1 -1
data/include/grpc/support/log_win32.h +1 -1
data/include/grpc/support/port_platform.h +1 -1
data/include/grpc/support/slice.h +1 -1
data/include/grpc/support/slice_buffer.h +1 -1
data/include/grpc/support/string_util.h +3 -1
data/include/grpc/support/subprocess.h +2 -2
data/include/grpc/support/sync.h +1 -1
data/include/grpc/support/sync_generic.h +1 -1
data/include/grpc/support/sync_posix.h +1 -1
data/include/grpc/support/sync_win32.h +1 -1
data/include/grpc/support/thd.h +1 -1
data/include/grpc/support/time.h +1 -1
data/include/grpc/support/tls.h +1 -1
data/include/grpc/support/tls_gcc.h +45 -1
data/include/grpc/support/tls_msvc.h +3 -3
data/include/grpc/support/tls_pthread.h +1 -1
data/include/grpc/support/useful.h +1 -1
data/src/boringssl/err_data.c +258 -252
data/src/core/{census → ext/census}/aggregation.h +3 -3
data/src/core/{statistics → ext/census}/census_interface.h +3 -3
data/src/core/{statistics → ext/census}/census_rpc_stats.h +4 -4
data/src/core/{census → ext/census}/context.c +2 -2
data/src/core/{census → ext/census}/grpc_context.c +2 -2
data/src/core/{census → ext/census}/grpc_filter.c +30 -16
data/src/core/{census → ext/census}/grpc_filter.h +4 -4
data/src/core/ext/census/grpc_plugin.c +82 -0
data/src/core/{census → ext/census}/initialize.c +1 -1
data/src/core/{census → ext/census}/mlog.c +2 -2
data/src/core/{census → ext/census}/mlog.h +4 -4
data/src/core/{census → ext/census}/operation.c +0 -0
data/src/core/{census → ext/census}/placeholders.c +0 -0
data/src/core/{census → ext/census}/rpc_metric_id.h +3 -3
data/src/core/{census → ext/census}/tracing.c +0 -0
data/src/core/{surface → ext/client_config}/channel_connectivity.c +8 -21
data/src/core/{channel → ext/client_config}/client_channel.c +80 -35
data/src/core/{channel → ext/client_config}/client_channel.h +5 -5
data/src/core/{client_config/subchannel_factory.c → ext/client_config/client_channel_factory.c} +14 -6
data/src/core/ext/client_config/client_channel_factory.h +85 -0
data/src/core/{client_config → ext/client_config}/client_config.c +4 -2
data/src/core/{client_config → ext/client_config}/client_config.h +4 -4
data/src/core/ext/client_config/client_config_plugin.c +95 -0
data/src/core/{client_config → ext/client_config}/connector.c +2 -2
data/src/core/{client_config → ext/client_config}/connector.h +7 -10
data/src/core/{client_config → ext/client_config}/default_initial_connect_string.c +1 -1
data/src/core/{client_config → ext/client_config}/initial_connect_string.c +1 -1
data/src/core/{client_config → ext/client_config}/initial_connect_string.h +4 -4
data/src/core/{client_config → ext/client_config}/lb_policy.c +12 -3
data/src/core/{client_config → ext/client_config}/lb_policy.h +19 -6
data/src/core/{client_config → ext/client_config}/lb_policy_factory.c +4 -3
data/src/core/{client_config → ext/client_config}/lb_policy_factory.h +14 -9
data/src/core/{client_config → ext/client_config}/lb_policy_registry.c +4 -9
data/src/core/{client_config → ext/client_config}/lb_policy_registry.h +7 -6
data/src/core/ext/client_config/parse_address.c +137 -0
data/src/core/ext/client_config/parse_address.h +56 -0
data/src/core/{client_config → ext/client_config}/resolver.c +1 -1
data/src/core/{client_config → ext/client_config}/resolver.h +6 -6
data/src/core/{client_config → ext/client_config}/resolver_factory.c +1 -1
data/src/core/{client_config → ext/client_config}/resolver_factory.h +7 -7
data/src/core/{client_config → ext/client_config}/resolver_registry.c +25 -11
data/src/core/{client_config → ext/client_config}/resolver_registry.h +9 -5
data/src/core/{client_config → ext/client_config}/subchannel.c +90 -126
data/src/core/{client_config → ext/client_config}/subchannel.h +15 -15
data/src/core/{channel → ext/client_config}/subchannel_call_holder.c +9 -8
data/src/core/{channel → ext/client_config}/subchannel_call_holder.h +7 -7
data/src/core/{client_config → ext/client_config}/subchannel_index.c +3 -2
data/src/core/{client_config → ext/client_config}/subchannel_index.h +5 -5
data/src/core/{client_config → ext/client_config}/uri_parser.c +69 -1
data/src/core/{client_config → ext/client_config}/uri_parser.h +15 -3
data/src/core/{client_config/lb_policies → ext/lb_policy/grpclb}/load_balancer_api.c +18 -9
data/src/core/{client_config/lb_policies → ext/lb_policy/grpclb}/load_balancer_api.h +5 -5
data/src/core/{proto → ext/lb_policy/grpclb/proto}/grpc/lb/v0/load_balancer.pb.c +1 -1
data/src/core/{proto → ext/lb_policy/grpclb/proto}/grpc/lb/v0/load_balancer.pb.h +0 -0
data/src/core/{client_config/lb_policies → ext/lb_policy/pick_first}/pick_first.c +95 -32
data/src/core/{client_config/lb_policies → ext/lb_policy/round_robin}/round_robin.c +98 -34
data/src/core/{client_config/resolvers → ext/resolver/dns/native}/dns_resolver.c +83 -39
data/src/core/{client_config/resolvers → ext/resolver/sockaddr}/sockaddr_resolver.c +66 -169
data/src/core/{transport/chttp2 → ext/transport/chttp2/alpn}/alpn.c +1 -1
data/src/core/{transport/chttp2 → ext/transport/chttp2/alpn}/alpn.h +3 -3
data/src/core/{surface → ext/transport/chttp2/client/insecure}/channel_create.c +65 -59
data/src/core/{surface → ext/transport/chttp2/client/secure}/secure_channel_create.c +77 -69
data/src/core/{surface → ext/transport/chttp2/server/insecure}/server_chttp2.c +8 -11
data/src/core/{security → ext/transport/chttp2/server/secure}/server_secure_chttp2.c +14 -17
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/bin_encoder.c +28 -74
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/bin_encoder.h +5 -5
data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +46 -0
data/src/core/{transport → ext/transport/chttp2/transport}/chttp2_transport.c +551 -310
data/src/core/{transport → ext/transport/chttp2/transport}/chttp2_transport.h +5 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame.h +3 -3
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_data.c +30 -14
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_data.h +10 -7
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_goaway.c +2 -2
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_goaway.h +5 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_ping.c +2 -2
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_ping.h +5 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_rst_stream.c +9 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_rst_stream.h +8 -6
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_settings.c +6 -6
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_settings.h +5 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_window_update.c +11 -5
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/frame_window_update.h +8 -6
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_encoder.c +21 -12
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_encoder.h +8 -6
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_parser.c +42 -25
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_parser.h +7 -7
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_table.c +21 -11
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/hpack_table.h +4 -4
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/http2_errors.h +3 -3
data/src/core/ext/transport/chttp2/transport/huffsyms.c +105 -0
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/huffsyms.h +3 -3
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/incoming_metadata.c +2 -2
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/incoming_metadata.h +4 -4
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/internal.h +81 -37
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/parsing.c +54 -21
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/status_conversion.c +1 -1
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/status_conversion.h +4 -4
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/stream_lists.c +10 -2
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/stream_map.c +1 -1
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/stream_map.h +3 -3
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/timeout_encoding.c +4 -4
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/timeout_encoding.h +4 -4
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/varint.c +1 -1
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/varint.h +3 -3
data/src/core/{transport/chttp2 → ext/transport/chttp2/transport}/writing.c +30 -20
data/src/core/{channel → lib/channel}/channel_args.c +3 -15
data/src/core/{channel → lib/channel}/channel_args.h +11 -15
data/src/core/{channel → lib/channel}/channel_stack.c +5 -3
data/src/core/{channel → lib/channel}/channel_stack.h +13 -8
data/src/core/lib/channel/channel_stack_builder.c +277 -0
data/src/core/lib/channel/channel_stack_builder.h +161 -0
data/src/core/{channel → lib/channel}/compress_filter.c +51 -16
data/src/core/{channel → lib/channel}/compress_filter.h +6 -4
data/src/core/{channel → lib/channel}/connected_channel.c +34 -24
data/src/core/lib/channel/connected_channel.h +42 -0
data/src/core/{channel → lib/channel}/context.h +3 -3
data/src/core/{channel → lib/channel}/http_client_filter.c +24 -13
data/src/core/{channel → lib/channel}/http_client_filter.h +4 -4
data/src/core/{channel → lib/channel}/http_server_filter.c +39 -19
data/src/core/{channel → lib/channel}/http_server_filter.h +4 -4
data/src/core/{compression → lib/compression}/algorithm_metadata.h +4 -4
data/src/core/{compression → lib/compression}/compression_algorithm.c +46 -9
data/src/core/{compression → lib/compression}/message_compress.c +1 -1
data/src/core/{compression → lib/compression}/message_compress.h +3 -3
data/src/core/{debug → lib/debug}/trace.c +2 -2
data/src/core/{debug → lib/debug}/trace.h +3 -3
data/src/core/{httpcli → lib/http}/format_request.c +8 -8
data/src/core/{httpcli → lib/http}/format_request.h +4 -4
data/src/core/{httpcli → lib/http}/httpcli.c +24 -19
data/src/core/{httpcli → lib/http}/httpcli.h +14 -33
data/src/core/{httpcli → lib/http}/httpcli_security_connector.c +5 -5
data/src/core/lib/http/parser.c +341 -0
data/src/core/lib/http/parser.h +119 -0
data/src/core/{iomgr → lib/iomgr}/closure.c +8 -2
data/src/core/{iomgr → lib/iomgr}/closure.h +7 -4
data/src/core/{iomgr → lib/iomgr}/endpoint.c +1 -1
data/src/core/{iomgr → lib/iomgr}/endpoint.h +5 -5
data/src/core/{iomgr → lib/iomgr}/endpoint_pair.h +4 -4
data/src/core/{iomgr → lib/iomgr}/endpoint_pair_posix.c +8 -7
data/src/core/{iomgr → lib/iomgr}/endpoint_pair_windows.c +4 -4
data/src/core/lib/iomgr/ev_poll_and_epoll_posix.c +1936 -0
data/src/core/lib/iomgr/ev_poll_and_epoll_posix.h +41 -0
data/src/core/lib/iomgr/ev_posix.c +164 -0
data/src/core/lib/iomgr/ev_posix.h +158 -0
data/src/core/{iomgr → lib/iomgr}/exec_ctx.c +78 -3
data/src/core/{iomgr → lib/iomgr}/exec_ctx.h +25 -10
data/src/core/{iomgr → lib/iomgr}/executor.c +3 -3
data/src/core/{iomgr → lib/iomgr}/executor.h +5 -5
data/src/core/{iomgr → lib/iomgr}/iocp_windows.c +6 -6
data/src/core/{iomgr → lib/iomgr}/iocp_windows.h +5 -5
data/src/core/{iomgr → lib/iomgr}/iomgr.c +13 -10
data/src/core/{iomgr → lib/iomgr}/iomgr.h +3 -3
data/src/core/{iomgr → lib/iomgr}/iomgr_internal.h +5 -9
data/src/core/{iomgr → lib/iomgr}/iomgr_posix.c +6 -6
data/src/core/{iomgr → lib/iomgr}/iomgr_posix.h +4 -4
data/src/core/{iomgr → lib/iomgr}/iomgr_windows.c +7 -4
data/src/core/{iomgr → lib/iomgr}/pollset.h +11 -11
data/src/core/{iomgr → lib/iomgr}/pollset_set.h +5 -5
data/src/core/{iomgr → lib/iomgr}/pollset_set_windows.c +2 -2
data/src/core/lib/iomgr/pollset_set_windows.h +39 -0
data/src/core/{iomgr → lib/iomgr}/pollset_windows.c +7 -7
data/src/core/{iomgr → lib/iomgr}/pollset_windows.h +8 -5
data/src/core/{iomgr → lib/iomgr}/resolve_address.h +10 -9
data/src/core/{iomgr → lib/iomgr}/resolve_address_posix.c +22 -22
data/src/core/{iomgr → lib/iomgr}/resolve_address_windows.c +20 -12
data/src/core/{iomgr → lib/iomgr}/sockaddr.h +5 -5
data/src/core/{iomgr → lib/iomgr}/sockaddr_posix.h +5 -5
data/src/core/{iomgr → lib/iomgr}/sockaddr_utils.c +9 -16
data/src/core/{iomgr → lib/iomgr}/sockaddr_utils.h +4 -4
data/src/core/{iomgr → lib/iomgr}/sockaddr_win32.h +6 -4
data/src/core/{iomgr → lib/iomgr}/socket_utils_common_posix.c +29 -7
data/src/core/{iomgr → lib/iomgr}/socket_utils_linux.c +2 -2
data/src/core/{iomgr → lib/iomgr}/socket_utils_posix.c +1 -1
data/src/core/{iomgr → lib/iomgr}/socket_utils_posix.h +14 -4
data/src/core/{iomgr → lib/iomgr}/socket_windows.c +7 -5
data/src/core/{iomgr → lib/iomgr}/socket_windows.h +6 -6
data/src/core/{iomgr → lib/iomgr}/tcp_client.h +6 -6
data/src/core/{iomgr → lib/iomgr}/tcp_client_posix.c +33 -18
data/src/core/{iomgr → lib/iomgr}/tcp_client_windows.c +30 -20
data/src/core/{iomgr → lib/iomgr}/tcp_posix.c +9 -10
data/src/core/{iomgr → lib/iomgr}/tcp_posix.h +6 -6
data/src/core/{iomgr → lib/iomgr}/tcp_server.h +6 -6
data/src/core/{iomgr → lib/iomgr}/tcp_server_posix.c +24 -37
data/src/core/{iomgr → lib/iomgr}/tcp_server_windows.c +8 -36
data/src/core/{iomgr → lib/iomgr}/tcp_windows.c +27 -17
data/src/core/{iomgr → lib/iomgr}/tcp_windows.h +5 -5
data/src/core/{iomgr → lib/iomgr}/time_averaged_stats.c +1 -1
data/src/core/{iomgr → lib/iomgr}/time_averaged_stats.h +3 -3
data/src/core/{iomgr → lib/iomgr}/timer.c +31 -4
data/src/core/{iomgr → lib/iomgr}/timer.h +6 -7
data/src/core/{iomgr → lib/iomgr}/timer_heap.c +2 -2
data/src/core/{iomgr → lib/iomgr}/timer_heap.h +4 -4
data/src/core/{iomgr → lib/iomgr}/udp_server.c +13 -37
data/src/core/{iomgr → lib/iomgr}/udp_server.h +11 -10
data/src/core/lib/iomgr/unix_sockets_posix.c +89 -0
data/src/core/{client_config/resolvers/sockaddr_resolver.h → lib/iomgr/unix_sockets_posix.h} +15 -11
data/src/core/lib/iomgr/unix_sockets_posix_noop.c +59 -0
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_eventfd.c +2 -2
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_nospecial.c +1 -1
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_pipe.c +8 -3
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_pipe.h +4 -4
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_posix.c +2 -2
data/src/core/{iomgr → lib/iomgr}/wakeup_fd_posix.h +3 -3
data/src/core/{iomgr → lib/iomgr}/workqueue.h +10 -10
data/src/core/{iomgr → lib/iomgr}/workqueue_posix.c +5 -6
data/src/core/{iomgr → lib/iomgr}/workqueue_posix.h +5 -5
data/src/core/{iomgr → lib/iomgr}/workqueue_windows.c +1 -1
data/src/core/{iomgr → lib/iomgr}/workqueue_windows.h +3 -3
data/src/core/{json → lib/json}/json.c +1 -1
data/src/core/{json → lib/json}/json.h +4 -4
data/src/core/{json → lib/json}/json_common.h +3 -3
data/src/core/{json → lib/json}/json_reader.c +16 -4
data/src/core/{json → lib/json}/json_reader.h +4 -4
data/src/core/{json → lib/json}/json_string.c +4 -4
data/src/core/{json → lib/json}/json_writer.c +1 -1
data/src/core/{json → lib/json}/json_writer.h +4 -4
data/src/core/{profiling → lib/profiling}/basic_timers.c +3 -2
data/src/core/{profiling → lib/profiling}/stap_timers.c +2 -2
data/src/core/{profiling → lib/profiling}/timers.h +3 -3
data/src/core/{security → lib/security}/auth_filters.h +4 -4
data/src/core/{security → lib/security}/b64.c +2 -2
data/src/core/{security → lib/security}/b64.h +4 -4
data/src/core/{security → lib/security}/client_auth_filter.c +16 -16
data/src/core/{security → lib/security}/credentials.c +42 -26
data/src/core/{security → lib/security}/credentials.h +11 -10
data/src/core/{security → lib/security}/credentials_metadata.c +1 -1
data/src/core/{security → lib/security}/credentials_posix.c +3 -3
data/src/core/{security → lib/security}/credentials_win32.c +3 -3
data/src/core/{security → lib/security}/google_default_credentials.c +10 -9
data/src/core/{security → lib/security}/handshake.c +4 -4
data/src/core/{security → lib/security}/handshake.h +6 -6
data/src/core/{security → lib/security}/json_token.c +4 -4
data/src/core/{security → lib/security}/json_token.h +4 -4
data/src/core/{security → lib/security}/jwt_verifier.c +14 -14
data/src/core/{security → lib/security}/jwt_verifier.h +5 -5
data/src/core/{security → lib/security}/secure_endpoint.c +9 -8
data/src/core/{security → lib/security}/secure_endpoint.h +4 -4
data/src/core/{security → lib/security}/security_connector.c +53 -21
data/src/core/{security → lib/security}/security_connector.h +8 -8
data/src/core/{security → lib/security}/security_context.c +5 -5
data/src/core/{security → lib/security}/security_context.h +5 -5
data/src/core/{security → lib/security}/server_auth_filter.c +9 -9
data/src/core/{support → lib/support}/alloc.c +5 -3
data/src/core/{support → lib/support}/avl.c +1 -1
data/src/core/lib/support/backoff.c +76 -0
data/src/core/lib/support/backoff.h +68 -0
data/src/core/{support → lib/support}/block_annotate.h +3 -3
data/src/core/{support → lib/support}/cmdline.c +1 -1
data/src/core/{support → lib/support}/cpu_iphone.c +0 -0
data/src/core/{support → lib/support}/cpu_linux.c +2 -2
data/src/core/{support → lib/support}/cpu_posix.c +2 -2
data/src/core/{support → lib/support}/cpu_windows.c +0 -0
data/src/core/{support → lib/support}/env.h +3 -3
data/src/core/{support → lib/support}/env_linux.c +3 -3
data/src/core/{support → lib/support}/env_posix.c +2 -2
data/src/core/{support → lib/support}/env_win32.c +27 -21
data/src/core/{support → lib/support}/histogram.c +1 -1
data/src/core/{support → lib/support}/host_port.c +1 -1
data/src/core/{support → lib/support}/load_file.c +4 -4
data/src/core/{support → lib/support}/load_file.h +4 -4
data/src/core/{support → lib/support}/log.c +33 -0
data/src/core/{support → lib/support}/log_android.c +2 -2
data/src/core/{support → lib/support}/log_linux.c +6 -5
data/src/core/{support → lib/support}/log_posix.c +3 -3
data/src/core/{support → lib/support}/log_win32.c +8 -22
data/src/core/{support → lib/support}/murmur_hash.c +1 -1
data/src/core/{support → lib/support}/murmur_hash.h +3 -3
data/src/core/{support → lib/support}/slice.c +0 -0
data/src/core/{support → lib/support}/slice_buffer.c +0 -0
data/src/core/{support → lib/support}/stack_lockfree.c +7 -7
data/src/core/{support → lib/support}/stack_lockfree.h +3 -3
data/src/core/{support → lib/support}/string.c +1 -1
data/src/core/{support → lib/support}/string.h +4 -4
data/src/core/{support → lib/support}/string_posix.c +1 -1
data/src/core/{support/string_win32.c → lib/support/string_util_win32.c} +23 -38
data/src/core/lib/support/string_win32.c +83 -0
data/src/core/{support → lib/support}/string_win32.h +3 -3
data/src/core/{support → lib/support}/subprocess_posix.c +3 -3
data/src/core/{support → lib/support}/subprocess_windows.c +3 -3
data/src/core/{support → lib/support}/sync.c +2 -2
data/src/core/{support → lib/support}/sync_posix.c +3 -3
data/src/core/{support → lib/support}/sync_win32.c +1 -1
data/src/core/{support → lib/support}/thd.c +0 -0
data/src/core/{support → lib/support}/thd_internal.h +3 -3
data/src/core/{support → lib/support}/thd_posix.c +4 -3
data/src/core/{support → lib/support}/thd_win32.c +1 -1
data/src/core/{support → lib/support}/time.c +2 -2
data/src/core/{support → lib/support}/time_posix.c +12 -6
data/src/core/{support → lib/support}/time_precise.c +0 -0
data/src/core/{support → lib/support}/time_precise.h +3 -3
data/src/core/{support → lib/support}/time_win32.c +7 -7
data/src/core/{support → lib/support}/tls_pthread.c +0 -0
data/src/core/{support → lib/support}/tmpfile.h +4 -4
data/src/core/lib/support/tmpfile_msys.c +73 -0
data/src/core/{support → lib/support}/tmpfile_posix.c +5 -5
data/src/core/{support → lib/support}/tmpfile_win32.c +5 -5
data/src/core/{support → lib/support}/wrap_memcpy.c +0 -0
data/src/core/{surface → lib/surface}/alarm.c +3 -3
data/src/core/{surface → lib/surface}/api_trace.c +1 -1
data/src/core/{surface → lib/surface}/api_trace.h +4 -4
data/src/core/{surface → lib/surface}/byte_buffer.c +3 -3
data/src/core/{surface → lib/surface}/byte_buffer_reader.c +3 -3
data/src/core/{surface → lib/surface}/call.c +145 -73
data/src/core/{surface → lib/surface}/call.h +14 -7
data/src/core/{surface → lib/surface}/call_details.c +1 -1
data/src/core/{surface → lib/surface}/call_log_batch.c +2 -2
data/src/core/{surface → lib/surface}/call_test_only.h +3 -3
data/src/core/{surface → lib/surface}/channel.c +33 -34
data/src/core/{surface → lib/surface}/channel.h +9 -9
data/src/core/lib/surface/channel_init.c +140 -0
data/src/core/lib/surface/channel_init.h +87 -0
data/src/core/{surface → lib/surface}/channel_ping.c +4 -4
data/src/core/lib/surface/channel_stack_type.c +54 -0
data/src/core/{httpcli/parser.h → lib/surface/channel_stack_type.h} +22 -28
data/src/core/{surface → lib/surface}/completion_queue.c +15 -11
data/src/core/{surface → lib/surface}/completion_queue.h +4 -4
data/src/core/{surface → lib/surface}/event_string.c +2 -2
data/src/core/{surface → lib/surface}/event_string.h +3 -3
data/src/core/lib/surface/init.c +217 -0
data/src/core/{surface → lib/surface}/init.h +4 -3
data/src/core/lib/surface/init_secure.c +89 -0
data/src/core/{surface → lib/surface}/lame_client.c +31 -19
data/src/core/{iomgr/pollset_set_windows.h → lib/surface/lame_client.h} +7 -5
data/src/core/{surface → lib/surface}/metadata_array.c +1 -1
data/src/core/{surface → lib/surface}/server.c +208 -183
data/src/core/{surface → lib/surface}/server.h +6 -11
data/src/core/{surface → lib/surface}/surface_trace.h +5 -5
data/src/core/{surface → lib/surface}/validate_metadata.c +1 -1
data/src/core/{surface → lib/surface}/version.c +2 -2
data/src/core/{transport → lib/transport}/byte_stream.c +1 -1
data/src/core/{transport → lib/transport}/byte_stream.h +4 -4
data/src/core/{transport → lib/transport}/connectivity_state.c +2 -2
data/src/core/{transport → lib/transport}/connectivity_state.h +4 -4
data/src/core/{transport → lib/transport}/metadata.c +71 -19
data/src/core/{transport → lib/transport}/metadata.h +11 -4
data/src/core/{transport → lib/transport}/metadata_batch.c +2 -2
data/src/core/{transport → lib/transport}/metadata_batch.h +4 -4
data/src/core/{transport → lib/transport}/static_metadata.c +100 -32
data/src/core/{transport → lib/transport}/static_metadata.h +58 -58
data/src/core/{transport → lib/transport}/transport.c +25 -5
data/src/core/{transport → lib/transport}/transport.h +41 -16
data/src/core/{transport → lib/transport}/transport_impl.h +8 -5
data/src/core/{transport → lib/transport}/transport_op_string.c +2 -2
data/src/core/{tsi → lib/tsi}/fake_transport_security.c +18 -14
data/src/core/{tsi → lib/tsi}/fake_transport_security.h +4 -4
data/src/core/{tsi → lib/tsi}/ssl_transport_security.c +173 -63
data/src/core/{tsi → lib/tsi}/ssl_transport_security.h +24 -6
data/src/core/{tsi → lib/tsi}/ssl_types.h +3 -3
data/src/core/{tsi → lib/tsi}/transport_security.c +12 -28
data/src/core/{tsi → lib/tsi}/transport_security.h +4 -4
data/src/core/{tsi → lib/tsi}/transport_security_interface.h +12 -3
data/src/core/plugin_registry/grpc_plugin_registry.c +66 -0
data/src/ruby/ext/grpc/extconf.rb +14 -20
data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -3
data/src/ruby/ext/grpc/rb_call.c +37 -4
data/src/ruby/ext/grpc/rb_call_credentials.c +13 -3
data/src/ruby/ext/grpc/rb_channel.c +2 -3
data/src/ruby/ext/grpc/rb_channel_args.c +2 -3
data/src/ruby/ext/grpc/rb_channel_credentials.c +31 -3
data/src/ruby/ext/grpc/rb_completion_queue.c +2 -2
data/src/ruby/ext/grpc/rb_event_thread.c +1 -1
data/src/ruby/ext/grpc/rb_grpc.c +4 -2
data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +8 -0
data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +14 -2
data/src/ruby/ext/grpc/rb_server.c +2 -3
data/src/ruby/ext/grpc/rb_server_credentials.c +16 -13
data/src/ruby/ext/grpc/rb_signal.c +70 -0
data/src/ruby/ext/grpc/rb_signal.h +39 -0
data/src/ruby/lib/grpc.rb +21 -13
data/src/ruby/lib/grpc/core/time_consts.rb +2 -2
data/src/ruby/lib/grpc/errors.rb +2 -2
data/src/ruby/lib/grpc/generic/active_call.rb +10 -3
data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -2
data/src/ruby/lib/grpc/generic/client_stub.rb +10 -7
data/src/ruby/lib/grpc/generic/rpc_desc.rb +2 -2
data/src/ruby/lib/grpc/generic/rpc_server.rb +21 -61
data/src/ruby/lib/grpc/generic/service.rb +5 -15
data/src/ruby/lib/grpc/grpc.rb +3 -3
data/src/ruby/{bin/interop/interop_server.rb → lib/grpc/signals.rb} +39 -20
data/src/ruby/lib/grpc/version.rb +2 -2
data/src/ruby/pb/generate_proto_ruby.sh +9 -2
data/src/ruby/pb/grpc/health/checker.rb +1 -1
data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services.rb +28 -0
data/src/ruby/pb/grpc/testing/metrics.rb +28 -0
data/src/ruby/pb/grpc/testing/metrics_services.rb +27 -0
data/src/ruby/pb/test/client.rb +12 -23
data/src/ruby/pb/test/server.rb +1 -1
data/src/ruby/spec/client_server_spec.rb +1 -1
data/src/ruby/spec/generic/client_stub_spec.rb +18 -17
data/src/ruby/spec/generic/rpc_server_spec.rb +23 -7
data/src/ruby/spec/generic/service_spec.rb +0 -69
data/src/ruby/{bin/interop/interop_client.rb → spec/pb/duplicate/codegen_spec.rb} +41 -21
data/src/ruby/spec/pb/health/checker_spec.rb +1 -1
data/third_party/boringssl/crypto/asn1/a_bitstr.c +184 -176
data/third_party/boringssl/crypto/asn1/a_bool.c +42 -44
data/third_party/boringssl/crypto/asn1/a_bytes.c +236 -245
data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +173 -192
data/third_party/boringssl/crypto/asn1/a_dup.c +43 -35
data/third_party/boringssl/crypto/asn1/a_enum.c +107 -109
data/third_party/boringssl/crypto/asn1/a_gentm.c +180 -181
data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +73 -80
data/third_party/boringssl/crypto/asn1/a_int.c +357 -353
data/third_party/boringssl/crypto/asn1/a_mbstr.c +272 -253
data/third_party/boringssl/crypto/asn1/a_object.c +293 -309
data/third_party/boringssl/crypto/asn1/a_octet.c +13 -6
data/third_party/boringssl/crypto/asn1/a_print.c +54 -52
data/third_party/boringssl/crypto/asn1/a_strnid.c +179 -157
data/third_party/boringssl/crypto/asn1/a_time.c +125 -129
data/third_party/boringssl/crypto/asn1/a_type.c +79 -86
data/third_party/boringssl/crypto/asn1/a_utctm.c +246 -255
data/third_party/boringssl/crypto/asn1/a_utf8.c +159 -135
data/third_party/boringssl/crypto/asn1/asn1_lib.c +361 -368
data/third_party/boringssl/crypto/asn1/asn1_locl.h +11 -11
data/third_party/boringssl/crypto/asn1/asn1_par.c +309 -351
data/third_party/boringssl/crypto/asn1/asn_pack.c +30 -29
data/third_party/boringssl/crypto/asn1/bio_asn1.c +375 -394
data/third_party/boringssl/crypto/asn1/bio_ndef.c +146 -149
data/third_party/boringssl/crypto/asn1/f_enum.c +128 -134
data/third_party/boringssl/crypto/asn1/f_int.c +131 -139
data/third_party/boringssl/crypto/asn1/f_string.c +125 -133
data/third_party/boringssl/crypto/asn1/t_bitst.c +30 -29
data/third_party/boringssl/crypto/asn1/t_pkey.c +45 -47
data/third_party/boringssl/crypto/asn1/tasn_dec.c +1099 -1216
data/third_party/boringssl/crypto/asn1/tasn_enc.c +556 -592
data/third_party/boringssl/crypto/asn1/tasn_fre.c +175 -193
data/third_party/boringssl/crypto/asn1/tasn_new.c +271 -288
data/third_party/boringssl/crypto/asn1/tasn_prn.c +462 -508
data/third_party/boringssl/crypto/asn1/tasn_typ.c +28 -21
data/third_party/boringssl/crypto/asn1/x_bignum.c +62 -52
data/third_party/boringssl/crypto/asn1/x_long.c +101 -86
data/third_party/boringssl/crypto/bio/buffer.c +3 -3
data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +8 -68
data/third_party/boringssl/crypto/bn/bn.c +1 -1
data/third_party/boringssl/crypto/bn/bn_asn1.c +9 -22
data/third_party/boringssl/crypto/bn/convert.c +9 -4
data/third_party/boringssl/crypto/bn/div.c +0 -20
data/third_party/boringssl/crypto/bn/exponentiation.c +22 -13
data/third_party/boringssl/crypto/bn/generic.c +6 -242
data/third_party/boringssl/crypto/bn/internal.h +9 -70
data/third_party/boringssl/crypto/bn/montgomery.c +1 -2
data/third_party/boringssl/crypto/bn/mul.c +6 -26
data/third_party/boringssl/crypto/bn/rsaz_exp.c +21 -28
data/third_party/boringssl/crypto/bytestring/asn1_compat.c +51 -0
data/third_party/boringssl/crypto/bytestring/ber.c +128 -87
data/third_party/boringssl/crypto/bytestring/cbb.c +37 -3
data/third_party/boringssl/crypto/bytestring/internal.h +39 -10
data/third_party/boringssl/crypto/chacha/chacha_vec.c +18 -13
data/third_party/boringssl/crypto/cipher/e_aes.c +2 -2
data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +4 -9
data/third_party/boringssl/crypto/cipher/tls_cbc.c +39 -10
data/third_party/boringssl/crypto/conf/conf.c +9 -0
data/third_party/boringssl/crypto/cpu-intel.c +1 -1
data/third_party/boringssl/crypto/crypto.c +2 -0
data/third_party/boringssl/crypto/curve25519/curve25519.c +125 -120
data/third_party/boringssl/crypto/curve25519/internal.h +45 -0
data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +225 -0
data/third_party/boringssl/crypto/dh/check.c +32 -10
data/third_party/boringssl/crypto/dh/dh.c +1 -1
data/third_party/boringssl/crypto/digest/md32_common.h +0 -60
data/third_party/boringssl/crypto/dsa/dsa.c +47 -21
data/third_party/boringssl/crypto/dsa/dsa_asn1.c +249 -64
data/third_party/boringssl/crypto/ec/ec.c +45 -31
data/third_party/boringssl/crypto/ec/ec_asn1.c +315 -382
data/third_party/boringssl/crypto/ec/ec_key.c +1 -4
data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -9
data/third_party/boringssl/crypto/ec/internal.h +1 -19
data/third_party/boringssl/crypto/ec/oct.c +12 -0
data/third_party/boringssl/crypto/ec/p224-64.c +4 -65
data/third_party/boringssl/crypto/ec/p256-64.c +9 -71
data/third_party/boringssl/crypto/ec/p256-x86_64-table.h +1 -6
data/third_party/boringssl/crypto/ec/p256-x86_64.c +3 -13
data/third_party/boringssl/crypto/ec/simple.c +0 -76
data/third_party/boringssl/crypto/ecdsa/ecdsa.c +1 -1
data/third_party/boringssl/crypto/ecdsa/ecdsa_asn1.c +10 -24
data/third_party/boringssl/crypto/evp/evp.c +4 -3
data/third_party/boringssl/crypto/evp/evp_asn1.c +101 -0
data/third_party/boringssl/crypto/evp/evp_ctx.c +22 -51
data/third_party/boringssl/crypto/evp/internal.h +28 -27
data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +78 -249
data/third_party/boringssl/crypto/evp/p_ec.c +19 -66
data/third_party/boringssl/crypto/evp/p_ec_asn1.c +74 -231
data/third_party/boringssl/crypto/evp/p_rsa.c +90 -13
data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +49 -48
data/third_party/boringssl/crypto/internal.h +16 -1
data/third_party/boringssl/crypto/mem.c +2 -2
data/third_party/boringssl/crypto/modes/ctr.c +2 -1
data/third_party/boringssl/crypto/modes/gcm.c +5 -3
data/third_party/boringssl/crypto/obj/obj_dat.h +6 -3
data/third_party/boringssl/crypto/pem/pem_all.c +83 -102
data/third_party/boringssl/crypto/pem/pem_info.c +286 -309
data/third_party/boringssl/crypto/pem/pem_lib.c +690 -710
data/third_party/boringssl/crypto/pem/pem_oth.c +15 -16
data/third_party/boringssl/crypto/pem/pem_pk8.c +132 -119
data/third_party/boringssl/crypto/pem/pem_pkey.c +144 -220
data/third_party/boringssl/crypto/pem/pem_x509.c +3 -3
data/third_party/boringssl/crypto/pem/pem_xaux.c +5 -4
data/third_party/boringssl/crypto/pkcs8/pkcs8.c +54 -60
data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +3 -1
data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +48 -50
data/third_party/boringssl/crypto/rand/rand.c +2 -0
data/third_party/boringssl/crypto/rsa/blinding.c +8 -48
data/third_party/boringssl/crypto/rsa/internal.h +1 -9
data/third_party/boringssl/crypto/rsa/padding.c +73 -77
data/third_party/boringssl/crypto/rsa/rsa.c +1 -1
data/third_party/boringssl/crypto/rsa/rsa_asn1.c +27 -46
data/third_party/boringssl/crypto/rsa/rsa_impl.c +23 -34
data/third_party/boringssl/crypto/test/scoped_types.h +3 -0
data/third_party/boringssl/crypto/thread_win.c +15 -13
data/third_party/boringssl/crypto/time_support.c +0 -6
data/third_party/boringssl/crypto/x509/a_digest.c +26 -27
data/third_party/boringssl/crypto/x509/a_sign.c +63 -64
data/third_party/boringssl/crypto/x509/a_strex.c +482 -413
data/third_party/boringssl/crypto/x509/a_verify.c +45 -51
data/third_party/boringssl/crypto/x509/asn1_gen.c +715 -769
data/third_party/boringssl/crypto/x509/by_dir.c +355 -393
data/third_party/boringssl/crypto/x509/by_file.c +186 -206
data/third_party/boringssl/crypto/x509/charmap.h +11 -11
data/third_party/boringssl/crypto/x509/i2d_pr.c +21 -22
data/third_party/boringssl/crypto/x509/t_crl.c +50 -51
data/third_party/boringssl/crypto/x509/t_x509.c +414 -406
data/third_party/boringssl/crypto/x509/t_x509a.c +44 -42
data/third_party/boringssl/crypto/x509/vpm_int.h +13 -13
data/third_party/boringssl/crypto/x509/x509_att.c +241 -219
data/third_party/boringssl/crypto/x509/x509_cmp.c +343 -359
data/third_party/boringssl/crypto/x509/x509_d2.c +36 -35
data/third_party/boringssl/crypto/x509/x509_def.c +23 -13
data/third_party/boringssl/crypto/x509/x509_ext.c +75 -75
data/third_party/boringssl/crypto/x509/x509_lu.c +574 -612
data/third_party/boringssl/crypto/x509/x509_obj.c +104 -115
data/third_party/boringssl/crypto/x509/x509_r2x.c +40 -40
data/third_party/boringssl/crypto/x509/x509_req.c +181 -174
data/third_party/boringssl/crypto/x509/x509_set.c +71 -76
data/third_party/boringssl/crypto/x509/x509_trs.c +193 -171
data/third_party/boringssl/crypto/x509/x509_txt.c +135 -138
data/third_party/boringssl/crypto/x509/x509_v3.c +174 -167
data/third_party/boringssl/crypto/x509/x509_vfy.c +2079 -2130
data/third_party/boringssl/crypto/x509/x509_vpm.c +486 -522
data/third_party/boringssl/crypto/x509/x509cset.c +96 -99
data/third_party/boringssl/crypto/x509/x509name.c +280 -275
data/third_party/boringssl/crypto/x509/x509rset.c +15 -14
data/third_party/boringssl/crypto/x509/x509spki.c +62 -60
data/third_party/boringssl/crypto/x509/x509type.c +58 -60
data/third_party/boringssl/crypto/x509/x_algor.c +70 -73
data/third_party/boringssl/crypto/x509/x_all.c +282 -328
data/third_party/boringssl/crypto/x509/x_attrib.c +36 -42
data/third_party/boringssl/crypto/x509/x_crl.c +397 -418
data/third_party/boringssl/crypto/x509/x_exten.c +5 -5
data/third_party/boringssl/crypto/x509/x_info.c +30 -27
data/third_party/boringssl/crypto/x509/x_name.c +387 -388
data/third_party/boringssl/crypto/x509/x_pkey.c +32 -29
data/third_party/boringssl/crypto/x509/x_pubkey.c +261 -280
data/third_party/boringssl/crypto/x509/x_req.c +30 -33
data/third_party/boringssl/crypto/x509/x_sig.c +2 -2
data/third_party/boringssl/crypto/x509/x_spki.c +9 -7
data/third_party/boringssl/crypto/x509/x_val.c +2 -2
data/third_party/boringssl/crypto/x509/x_x509.c +120 -119
data/third_party/boringssl/crypto/x509/x_x509a.c +99 -91
data/third_party/boringssl/crypto/x509v3/ext_dat.h +57 -51
data/third_party/boringssl/crypto/x509v3/pcy_cache.c +199 -214
data/third_party/boringssl/crypto/x509v3/pcy_data.c +57 -64
data/third_party/boringssl/crypto/x509v3/pcy_int.h +95 -90
data/third_party/boringssl/crypto/x509v3/pcy_lib.c +86 -87
data/third_party/boringssl/crypto/x509v3/pcy_map.c +61 -64
data/third_party/boringssl/crypto/x509v3/pcy_node.c +108 -117
data/third_party/boringssl/crypto/x509v3/pcy_tree.c +676 -724
data/third_party/boringssl/crypto/x509v3/v3_akey.c +128 -136
data/third_party/boringssl/crypto/x509v3/v3_akeya.c +7 -6
data/third_party/boringssl/crypto/x509v3/v3_alt.c +499 -507
data/third_party/boringssl/crypto/x509v3/v3_bcons.c +54 -47
data/third_party/boringssl/crypto/x509v3/v3_bitst.c +67 -67
data/third_party/boringssl/crypto/x509v3/v3_conf.c +330 -328
data/third_party/boringssl/crypto/x509v3/v3_cpols.c +354 -338
data/third_party/boringssl/crypto/x509v3/v3_crld.c +441 -496
data/third_party/boringssl/crypto/x509v3/v3_enum.c +35 -33
data/third_party/boringssl/crypto/x509v3/v3_extku.c +66 -63
data/third_party/boringssl/crypto/x509v3/v3_genn.c +157 -159
data/third_party/boringssl/crypto/x509v3/v3_ia5.c +45 -43
data/third_party/boringssl/crypto/x509v3/v3_info.c +124 -112
data/third_party/boringssl/crypto/x509v3/v3_int.c +30 -26
data/third_party/boringssl/crypto/x509v3/v3_lib.c +231 -204
data/third_party/boringssl/crypto/x509v3/v3_ncons.c +353 -381
data/third_party/boringssl/crypto/x509v3/v3_pci.c +252 -270
data/third_party/boringssl/crypto/x509v3/v3_pcia.c +9 -8
data/third_party/boringssl/crypto/x509v3/v3_pcons.c +58 -61
data/third_party/boringssl/crypto/x509v3/v3_pku.c +35 -34
data/third_party/boringssl/crypto/x509v3/v3_pmaps.c +72 -74
data/third_party/boringssl/crypto/x509v3/v3_prn.c +146 -121
data/third_party/boringssl/crypto/x509v3/v3_purp.c +651 -582
data/third_party/boringssl/crypto/x509v3/v3_skey.c +76 -72
data/third_party/boringssl/crypto/x509v3/v3_sxnet.c +139 -131
data/third_party/boringssl/crypto/x509v3/v3_utl.c +1072 -1068
data/third_party/boringssl/include/openssl/asn1.h +40 -38
data/third_party/boringssl/include/openssl/base.h +10 -1
data/third_party/boringssl/include/openssl/bio.h +10 -11
data/third_party/boringssl/include/openssl/bn.h +12 -9
data/third_party/boringssl/include/openssl/buf.h +1 -1
data/third_party/boringssl/include/openssl/bytestring.h +29 -0
data/third_party/boringssl/include/openssl/conf.h +25 -0
data/third_party/boringssl/include/openssl/crypto.h +6 -1
data/third_party/boringssl/include/openssl/curve25519.h +6 -3
data/third_party/boringssl/include/openssl/dh.h +7 -3
data/third_party/boringssl/include/openssl/dsa.h +108 -51
data/third_party/boringssl/include/openssl/ec.h +46 -21
data/third_party/boringssl/include/openssl/ec_key.h +78 -42
data/third_party/boringssl/include/openssl/ecdsa.h +4 -4
data/third_party/boringssl/include/openssl/err.h +3 -2
data/third_party/boringssl/include/openssl/evp.h +120 -37
data/third_party/boringssl/include/openssl/mem.h +4 -13
data/third_party/boringssl/include/openssl/obj_mac.h +4 -0
data/third_party/boringssl/include/openssl/pem.h +0 -9
data/third_party/boringssl/include/openssl/pkcs8.h +6 -2
data/third_party/boringssl/include/openssl/rand.h +3 -0
data/third_party/boringssl/include/openssl/rsa.h +42 -42
data/third_party/boringssl/include/openssl/ssl.h +115 -41
data/third_party/boringssl/include/openssl/stack.h +0 -3
data/third_party/boringssl/include/openssl/stack_macros.h +0 -256
data/third_party/boringssl/include/openssl/tls1.h +1 -1
data/third_party/boringssl/include/openssl/x509.h +0 -2
data/third_party/boringssl/include/openssl/x509_vfy.h +5 -0
data/third_party/boringssl/ssl/d1_both.c +102 -101
data/third_party/boringssl/ssl/d1_clnt.c +145 -150
data/third_party/boringssl/ssl/d1_lib.c +63 -62
data/third_party/boringssl/ssl/d1_pkt.c +73 -71
data/third_party/boringssl/ssl/d1_srvr.c +116 -125
data/third_party/boringssl/ssl/dtls_record.c +3 -3
data/third_party/boringssl/ssl/internal.h +210 -208
data/third_party/boringssl/ssl/pqueue/pqueue.c +2 -2
data/third_party/boringssl/ssl/s3_both.c +116 -130
data/third_party/boringssl/ssl/s3_clnt.c +589 -740
data/third_party/boringssl/ssl/s3_enc.c +52 -151
data/third_party/boringssl/ssl/s3_lib.c +70 -76
data/third_party/boringssl/ssl/s3_pkt.c +105 -144
data/third_party/boringssl/ssl/s3_srvr.c +542 -806
data/third_party/boringssl/ssl/ssl_aead_ctx.c +1 -1
data/third_party/boringssl/ssl/ssl_cert.c +2 -2
data/third_party/boringssl/ssl/ssl_cipher.c +7 -3
data/third_party/boringssl/ssl/ssl_ecdh.c +374 -0
data/third_party/boringssl/ssl/ssl_lib.c +260 -221
data/third_party/boringssl/ssl/ssl_session.c +17 -17
data/third_party/boringssl/ssl/t1_enc.c +128 -273
data/third_party/boringssl/ssl/t1_lib.c +134 -258
data/third_party/boringssl/ssl/test/test_config.h +2 -0
data/third_party/boringssl/ssl/tls_record.c +52 -15
metadata +385 -359
data/src/core/channel/client_uchannel.c +0 -243
data/src/core/channel/client_uchannel.h +0 -60
data/src/core/channel/connected_channel.h +0 -51
data/src/core/client_config/lb_policies/pick_first.h +0 -43
data/src/core/client_config/resolvers/dns_resolver.h +0 -42
data/src/core/client_config/subchannel_factory.h +0 -66
data/src/core/httpcli/parser.c +0 -211
data/src/core/iomgr/fd_posix.c +0 -451
data/src/core/iomgr/fd_posix.h +0 -192
data/src/core/iomgr/pollset_multipoller_with_epoll.c +0 -324
data/src/core/iomgr/pollset_multipoller_with_poll_posix.c +0 -234
data/src/core/iomgr/pollset_posix.c +0 -633
data/src/core/iomgr/pollset_posix.h +0 -153
data/src/core/iomgr/pollset_set_posix.c +0 -202
data/src/core/iomgr/pollset_set_posix.h +0 -45
data/src/core/surface/init.c +0 -174
data/src/core/surface/init_secure.c +0 -42
data/src/core/surface/server_create.c +0 -48
data/src/core/transport/chttp2/huffsyms.c +0 -297
data/src/ruby/bin/grpc_ruby_interop_client +0 -33
data/src/ruby/bin/grpc_ruby_interop_server +0 -33
data/third_party/boringssl/crypto/dsa/internal.h +0 -78

data/third_party/boringssl/crypto/x509v3/v3_utl.c CHANGED

@@ -1,5 +1,6 @@
 /* v3_utl.c */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -10,7 +11,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -57,7 +58,6 @@
  */
 /* X509 v3 extension utilities */
 #include <ctype.h>
 #include <stdio.h>
 #include <string.h>
@@ -72,10 +72,10 @@
 #include "../conf/internal.h"
 static char *strip_spaces(char *name);
 static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b);
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens);
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+                                           GENERAL_NAMES *gens);
 static void str_free(OPENSSL_STRING str);
 static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
@@ -87,1236 +87,1240 @@ static int ipv6_hex(unsigned char *out, const char *in, int inlen);
 /* Add a CONF_VALUE name value pair to stack */
 int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist)
+                     STACK_OF(CONF_VALUE) **extlist)
 {
-	CONF_VALUE *vtmp = NULL;
-	char *tname = NULL, *tvalue = NULL;
-	if(name && !(tname = BUF_strdup(name))) goto err;
-	if(value && !(tvalue = BUF_strdup(value))) goto err;
-	if(!(vtmp = CONF_VALUE_new())) goto err;
-	if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err;
-	vtmp->section = NULL;
-	vtmp->name = tname;
-	vtmp->value = tvalue;
-	if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err;
-	return 1;
-	err:
-	OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-	if(vtmp) OPENSSL_free(vtmp);
-	if(tname) OPENSSL_free(tname);
-	if(tvalue) OPENSSL_free(tvalue);
-	return 0;
+    CONF_VALUE *vtmp = NULL;
+    char *tname = NULL, *tvalue = NULL;
+    if (name && !(tname = BUF_strdup(name)))
+        goto err;
+    if (value && !(tvalue = BUF_strdup(value)))
+        goto err;
+    if (!(vtmp = CONF_VALUE_new()))
+        goto err;
+    if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
+        goto err;
+    vtmp->section = NULL;
+    vtmp->name = tname;
+    vtmp->value = tvalue;
+    if (!sk_CONF_VALUE_push(*extlist, vtmp))
+        goto err;
+    return 1;
+ err:
+    OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+    if (vtmp)
+        OPENSSL_free(vtmp);
+    if (tname)
+        OPENSSL_free(tname);
+    if (tvalue)
+        OPENSSL_free(tvalue);
+    return 0;
 }
 int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-			   STACK_OF(CONF_VALUE) **extlist)
-    {
-    return X509V3_add_value(name,(const char *)value,extlist);
-    }
+                           STACK_OF(CONF_VALUE) **extlist)
+{
+    return X509V3_add_value(name, (const char *)value, extlist);
+}
 /* Free function for STACK_OF(CONF_VALUE) */
 void X509V3_conf_free(CONF_VALUE *conf)
 {
-	if(!conf) return;
-	if(conf->name) OPENSSL_free(conf->name);
-	if(conf->value) OPENSSL_free(conf->value);
-	if(conf->section) OPENSSL_free(conf->section);
-	OPENSSL_free(conf);
+    if (!conf)
+        return;
+    if (conf->name)
+        OPENSSL_free(conf->name);
+    if (conf->value)
+        OPENSSL_free(conf->value);
+    if (conf->section)
+        OPENSSL_free(conf->section);
+    OPENSSL_free(conf);
 }
 int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist)
+                          STACK_OF(CONF_VALUE) **extlist)
 {
-	if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
-	return X509V3_add_value(name, "FALSE", extlist);
+    if (asn1_bool)
+        return X509V3_add_value(name, "TRUE", extlist);
+    return X509V3_add_value(name, "FALSE", extlist);
 }
 int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist)
+                             STACK_OF(CONF_VALUE) **extlist)
 {
-	if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist);
-	return 1;
+    if (asn1_bool)
+        return X509V3_add_value(name, "TRUE", extlist);
+    return 1;
 }
 char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
 {
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-	if(!a) return NULL;
-	if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)) )
-		OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
+    BIGNUM *bntmp = NULL;
+    char *strtmp = NULL;
+    if (!a)
+        return NULL;
+    if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
+        !(strtmp = BN_bn2dec(bntmp)))
+        OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+    BN_free(bntmp);
+    return strtmp;
 }
 char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
 {
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-	if(!a) return NULL;
-	if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)) )
-		OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
+    BIGNUM *bntmp = NULL;
+    char *strtmp = NULL;
+    if (!a)
+        return NULL;
+    if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
+        !(strtmp = BN_bn2dec(bntmp)))
+        OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+    BN_free(bntmp);
+    return strtmp;
 }
 ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
 {
-	BIGNUM *bn = NULL;
-	ASN1_INTEGER *aint;
-	int isneg, ishex;
-	int ret;
-	if (!value) {
-		OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
-		return 0;
-	}
-	bn = BN_new();
-	if (value[0] == '-') {
-		value++;
-		isneg = 1;
-	} else isneg = 0;
-	if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
-		value += 2;
-		ishex = 1;
-	} else ishex = 0;
-	if (ishex) ret = BN_hex2bn(&bn, value);
-	else ret = BN_dec2bn(&bn, value);
-	if (!ret || value[ret]) {
-		BN_free(bn);
-		OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR);
-		return 0;
-	}
-	if (isneg && BN_is_zero(bn)) isneg = 0;
-	aint = BN_to_ASN1_INTEGER(bn, NULL);
-	BN_free(bn);
-	if (!aint) {
-		OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
-		return 0;
-	}
-	if (isneg) aint->type |= V_ASN1_NEG;
-	return aint;
+    BIGNUM *bn = NULL;
+    ASN1_INTEGER *aint;
+    int isneg, ishex;
+    int ret;
+    if (!value) {
+        OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
+        return 0;
+    }
+    bn = BN_new();
+    if (value[0] == '-') {
+        value++;
+        isneg = 1;
+    } else
+        isneg = 0;
+    if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
+        value += 2;
+        ishex = 1;
+    } else
+        ishex = 0;
+    if (ishex)
+        ret = BN_hex2bn(&bn, value);
+    else
+        ret = BN_dec2bn(&bn, value);
+    if (!ret || value[ret]) {
+        BN_free(bn);
+        OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR);
+        return 0;
+    }
+    if (isneg && BN_is_zero(bn))
+        isneg = 0;
+    aint = BN_to_ASN1_INTEGER(bn, NULL);
+    BN_free(bn);
+    if (!aint) {
+        OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
+        return 0;
+    }
+    if (isneg)
+        aint->type |= V_ASN1_NEG;
+    return aint;
 }
 int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-	     STACK_OF(CONF_VALUE) **extlist)
+                         STACK_OF(CONF_VALUE) **extlist)
 {
-	char *strtmp;
-	int ret;
-	if(!aint) return 1;
-	if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0;
-	ret = X509V3_add_value(name, strtmp, extlist);
-	OPENSSL_free(strtmp);
-	return ret;
+    char *strtmp;
+    int ret;
+    if (!aint)
+        return 1;
+    if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
+        return 0;
+    ret = X509V3_add_value(name, strtmp, extlist);
+    OPENSSL_free(strtmp);
+    return ret;
 }
 int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
 {
-	char *btmp;
-	if(!(btmp = value->value)) goto err;
-	if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
-		 || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
-		|| !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
-		*asn1_bool = 0xff;
-		return 1;
-	} else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
-		 || !strcmp(btmp, "N") || !strcmp(btmp, "n")
-		|| !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
-		*asn1_bool = 0;
-		return 1;
-	}
-	err:
-	OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING);
-	X509V3_conf_err(value);
-	return 0;
+    char *btmp;
+    if (!(btmp = value->value))
+        goto err;
+    if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
+        || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
+        || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
+        *asn1_bool = 0xff;
+        return 1;
+    } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
+               || !strcmp(btmp, "N") || !strcmp(btmp, "n")
+               || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
+        *asn1_bool = 0;
+        return 1;
+    }
+ err:
+    OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING);
+    X509V3_conf_err(value);
+    return 0;
 }
 int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
 {
-	ASN1_INTEGER *itmp;
-	if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
-		X509V3_conf_err(value);
-		return 0;
-	}
-	*aint = itmp;
-	return 1;
+    ASN1_INTEGER *itmp;
+    if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
+        X509V3_conf_err(value);
+        return 0;
+    }
+    *aint = itmp;
+    return 1;
 }
-#define HDR_NAME	1
-#define HDR_VALUE	2
+#define HDR_NAME        1
+#define HDR_VALUE       2
-/*#define DEBUG*/
+/*
+ * #define DEBUG
+ */
 STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
 {
-	char *p, *q, c;
-	char *ntmp, *vtmp;
-	STACK_OF(CONF_VALUE) *values = NULL;
-	char *linebuf;
-	int state;
-	/* We are going to modify the line so copy it first */
-	linebuf = BUF_strdup(line);
-	if (linebuf == NULL)
-		{
-		OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	state = HDR_NAME;
-	ntmp = NULL;
-	/* Go through all characters */
-	for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) {
-		switch(state) {
-			case HDR_NAME:
-			if(c == ':') {
-				state = HDR_VALUE;
-				*p = 0;
-				ntmp = strip_spaces(q);
-				if(!ntmp) {
-					OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				q = p + 1;
-			} else if(c == ',') {
-				*p = 0;
-				ntmp = strip_spaces(q);
-				q = p + 1;
+    char *p, *q, c;
+    char *ntmp, *vtmp;
+    STACK_OF(CONF_VALUE) *values = NULL;
+    char *linebuf;
+    int state;
+    /* We are going to modify the line so copy it first */
+    linebuf = BUF_strdup(line);
+    if (linebuf == NULL) {
+        OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    state = HDR_NAME;
+    ntmp = NULL;
+    /* Go through all characters */
+    for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
+         p++) {
+        switch (state) {
+        case HDR_NAME:
+            if (c == ':') {
+                state = HDR_VALUE;
+                *p = 0;
+                ntmp = strip_spaces(q);
+                if (!ntmp) {
+                    OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
+                    goto err;
+                }
+                q = p + 1;
+            } else if (c == ',') {
+                *p = 0;
+                ntmp = strip_spaces(q);
+                q = p + 1;
 #if 0
-				printf("%s\n", ntmp);
+                printf("%s\n", ntmp);
 #endif
-				if(!ntmp) {
-					OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				X509V3_add_value(ntmp, NULL, &values);
-			}
-			break ;
-			case HDR_VALUE:
-			if(c == ',') {
-				state = HDR_NAME;
-				*p = 0;
-				vtmp = strip_spaces(q);
+                if (!ntmp) {
+                    OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
+                    goto err;
+                }
+                X509V3_add_value(ntmp, NULL, &values);
+            }
+            break;
+        case HDR_VALUE:
+            if (c == ',') {
+                state = HDR_NAME;
+                *p = 0;
+                vtmp = strip_spaces(q);
 #if 0
-				printf("%s\n", ntmp);
+                printf("%s\n", ntmp);
 #endif
-				if(!vtmp) {
-					OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
-					goto err;
-				}
-				X509V3_add_value(ntmp, vtmp, &values);
-				ntmp = NULL;
-				q = p + 1;
-			}
-		}
-	}
-	if(state == HDR_VALUE) {
-		vtmp = strip_spaces(q);
+                if (!vtmp) {
+                    OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
+                    goto err;
+                }
+                X509V3_add_value(ntmp, vtmp, &values);
+                ntmp = NULL;
+                q = p + 1;
+            }
+        }
+    }
+    if (state == HDR_VALUE) {
+        vtmp = strip_spaces(q);
 #if 0
-		printf("%s=%s\n", ntmp, vtmp);
+        printf("%s=%s\n", ntmp, vtmp);
 #endif
-		if(!vtmp) {
-			OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
-			goto err;
-		}
-		X509V3_add_value(ntmp, vtmp, &values);
-	} else {
-		ntmp = strip_spaces(q);
+        if (!vtmp) {
+            OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
+            goto err;
+        }
+        X509V3_add_value(ntmp, vtmp, &values);
+    } else {
+        ntmp = strip_spaces(q);
 #if 0
-		printf("%s\n", ntmp);
+        printf("%s\n", ntmp);
 #endif
-		if(!ntmp) {
-			OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
-			goto err;
-		}
-		X509V3_add_value(ntmp, NULL, &values);
-	}
-OPENSSL_free(linebuf);
-return values;
-err:
-OPENSSL_free(linebuf);
-sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-return NULL;
+        if (!ntmp) {
+            OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
+            goto err;
+        }
+        X509V3_add_value(ntmp, NULL, &values);
+    }
+    OPENSSL_free(linebuf);
+    return values;
+ err:
+    OPENSSL_free(linebuf);
+    sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
+    return NULL;
 }
 /* Delete leading and trailing spaces from a string */
 static char *strip_spaces(char *name)
 {
-	char *p, *q;
-	/* Skip over leading spaces */
-	p = name;
-	while(*p && isspace((unsigned char)*p)) p++;
-	if(!*p) return NULL;
-	q = p + strlen(p) - 1;
-	while((q != p) && isspace((unsigned char)*q)) q--;
-	if(p != q) q[1] = 0;
-	if(!*p) return NULL;
-	return p;
+    char *p, *q;
+    /* Skip over leading spaces */
+    p = name;
+    while (*p && isspace((unsigned char)*p))
+        p++;
+    if (!*p)
+        return NULL;
+    q = p + strlen(p) - 1;
+    while ((q != p) && isspace((unsigned char)*q))
+        q--;
+    if (p != q)
+        q[1] = 0;
+    if (!*p)
+        return NULL;
+    return p;
 }
 /* hex string utilities */
-/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
- * hex representation
- * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
+/*
+ * Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
+ * hex representation @@@ (Contents of buffer are always kept in ASCII, also
+ * on EBCDIC machines)
  */
 char *hex_to_string(const unsigned char *buffer, long len)
 {
-	char *tmp, *q;
-	const unsigned char *p;
-	int i;
-	static const char hexdig[] = "0123456789ABCDEF";
-	if(!buffer || !len) return NULL;
-	if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
-		OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	q = tmp;
-	for(i = 0, p = buffer; i < len; i++,p++) {
-		*q++ = hexdig[(*p >> 4) & 0xf];
-		*q++ = hexdig[*p & 0xf];
-		*q++ = ':';
-	}
-	q[-1] = 0;
-	return tmp;
+    char *tmp, *q;
+    const unsigned char *p;
+    int i;
+    static const char hexdig[] = "0123456789ABCDEF";
+    if (!buffer || !len)
+        return NULL;
+    if (!(tmp = OPENSSL_malloc(len * 3 + 1))) {
+        OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    q = tmp;
+    for (i = 0, p = buffer; i < len; i++, p++) {
+        *q++ = hexdig[(*p >> 4) & 0xf];
+        *q++ = hexdig[*p & 0xf];
+        *q++ = ':';
+    }
+    q[-1] = 0;
+    return tmp;
 }
-/* Give a string of hex digits convert to
- * a buffer
+/*
+ * Give a string of hex digits convert to a buffer
  */
 unsigned char *string_to_hex(const char *str, long *len)
 {
-	unsigned char *hexbuf, *q;
-	unsigned char ch, cl, *p;
-	if(!str) {
-		OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-	if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err;
-	for(p = (unsigned char *)str, q = hexbuf; *p;) {
-		ch = *p++;
-		if(ch == ':') continue;
-		cl = *p++;
-		if(!cl) {
-			OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS);
-			OPENSSL_free(hexbuf);
-			return NULL;
-		}
-		if(isupper(ch)) ch = tolower(ch);
-		if(isupper(cl)) cl = tolower(cl);
-		if((ch >= '0') && (ch <= '9')) ch -= '0';
-		else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10;
-		else goto badhex;
-		if((cl >= '0') && (cl <= '9')) cl -= '0';
-		else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10;
-		else goto badhex;
-		*q++ = (ch << 4) | cl;
-	}
-	if(len) *len = q - hexbuf;
-	return hexbuf;
-	err:
-	if(hexbuf) OPENSSL_free(hexbuf);
-	OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
-	return NULL;
-	badhex:
-	OPENSSL_free(hexbuf);
-	OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT);
-	return NULL;
+    unsigned char *hexbuf, *q;
+    unsigned char ch, cl, *p;
+    if (!str) {
+        OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT);
+        return NULL;
+    }
+    if (!(hexbuf = OPENSSL_malloc(strlen(str) >> 1)))
+        goto err;
+    for (p = (unsigned char *)str, q = hexbuf; *p;) {
+        ch = *p++;
+        if (ch == ':')
+            continue;
+        cl = *p++;
+        if (!cl) {
+            OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS);
+            OPENSSL_free(hexbuf);
+            return NULL;
+        }
+        if (isupper(ch))
+            ch = tolower(ch);
+        if (isupper(cl))
+            cl = tolower(cl);
+        if ((ch >= '0') && (ch <= '9'))
+            ch -= '0';
+        else if ((ch >= 'a') && (ch <= 'f'))
+            ch -= 'a' - 10;
+        else
+            goto badhex;
+        if ((cl >= '0') && (cl <= '9'))
+            cl -= '0';
+        else if ((cl >= 'a') && (cl <= 'f'))
+            cl -= 'a' - 10;
+        else
+            goto badhex;
+        *q++ = (ch << 4) | cl;
+    }
+    if (len)
+        *len = q - hexbuf;
+    return hexbuf;
+ err:
+    if (hexbuf)
+        OPENSSL_free(hexbuf);
+    OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
+    return NULL;
+ badhex:
+    OPENSSL_free(hexbuf);
+    OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT);
+    return NULL;
 }
-/* V2I name comparison function: returns zero if 'name' matches
- * cmp or cmp.*
+/*
+ * V2I name comparison function: returns zero if 'name' matches cmp or cmp.*
  */
 int name_cmp(const char *name, const char *cmp)
 {
-	int len, ret;
-	char c;
-	len = strlen(cmp);
-	if((ret = strncmp(name, cmp, len))) return ret;
-	c = name[len];
-	if(!c || (c=='.')) return 0;
-	return 1;
+    int len, ret;
+    char c;
+    len = strlen(cmp);
+    if ((ret = strncmp(name, cmp, len)))
+        return ret;
+    c = name[len];
+    if (!c || (c == '.'))
+        return 0;
+    return 1;
 }
 static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b)
 {
-	return strcmp(*a, *b);
+    return strcmp(*a, *b);
 }
 STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
 {
-	GENERAL_NAMES *gens;
-	STACK_OF(OPENSSL_STRING) *ret;
+    GENERAL_NAMES *gens;
+    STACK_OF(OPENSSL_STRING) *ret;
-	gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return ret;
+    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    ret = get_email(X509_get_subject_name(x), gens);
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    return ret;
 }
 STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
 {
-	AUTHORITY_INFO_ACCESS *info;
-	STACK_OF(OPENSSL_STRING) *ret = NULL;
-	size_t i;
-	info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
-	if (!info)
-		return NULL;
-	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++)
-		{
-		ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
-		if (OBJ_obj2nid(ad->method) == NID_ad_OCSP)
-			{
-			if (ad->location->type == GEN_URI)
-				{
-				if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier))
-					break;
-				}
-			}
-		}
-	AUTHORITY_INFO_ACCESS_free(info);
-	return ret;
+    AUTHORITY_INFO_ACCESS *info;
+    STACK_OF(OPENSSL_STRING) *ret = NULL;
+    size_t i;
+    info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
+    if (!info)
+        return NULL;
+    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
+        ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
+        if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
+            if (ad->location->type == GEN_URI) {
+                if (!append_ia5
+                    (&ret, ad->location->d.uniformResourceIdentifier))
+                    break;
+            }
+        }
+    }
+    AUTHORITY_INFO_ACCESS_free(info);
+    return ret;
 }
 STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
 {
-	GENERAL_NAMES *gens;
-	STACK_OF(X509_EXTENSION) *exts;
-	STACK_OF(OPENSSL_STRING) *ret;
-	exts = X509_REQ_get_extensions(x);
-	gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_REQ_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-	return ret;
+    GENERAL_NAMES *gens;
+    STACK_OF(X509_EXTENSION) *exts;
+    STACK_OF(OPENSSL_STRING) *ret;
+    exts = X509_REQ_get_extensions(x);
+    gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
+    ret = get_email(X509_REQ_get_subject_name(x), gens);
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+    return ret;
 }
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens)
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+                                           GENERAL_NAMES *gens)
 {
-	STACK_OF(OPENSSL_STRING) *ret = NULL;
-	X509_NAME_ENTRY *ne;
-	ASN1_IA5STRING *email;
-	GENERAL_NAME *gen;
-	int i;
-	size_t j;
-	/* Now add any email address(es) to STACK */
-	i = -1;
-	/* First supplied X509_NAME */
-	while((i = X509_NAME_get_index_by_NID(name,
-					 NID_pkcs9_emailAddress, i)) >= 0) {
-		ne = X509_NAME_get_entry(name, i);
-		email = X509_NAME_ENTRY_get_data(ne);
-		if(!append_ia5(&ret, email)) return NULL;
-	}
-	for(j = 0; j < sk_GENERAL_NAME_num(gens); j++)
-	{
-		gen = sk_GENERAL_NAME_value(gens, j);
-		if(gen->type != GEN_EMAIL) continue;
-		if(!append_ia5(&ret, gen->d.ia5)) return NULL;
-	}
-	return ret;
+    STACK_OF(OPENSSL_STRING) *ret = NULL;
+    X509_NAME_ENTRY *ne;
+    ASN1_IA5STRING *email;
+    GENERAL_NAME *gen;
+    int i;
+    size_t j;
+    /* Now add any email address(es) to STACK */
+    i = -1;
+    /* First supplied X509_NAME */
+    while ((i = X509_NAME_get_index_by_NID(name,
+                                           NID_pkcs9_emailAddress, i)) >= 0) {
+        ne = X509_NAME_get_entry(name, i);
+        email = X509_NAME_ENTRY_get_data(ne);
+        if (!append_ia5(&ret, email))
+            return NULL;
+    }
+    for (j = 0; j < sk_GENERAL_NAME_num(gens); j++) {
+        gen = sk_GENERAL_NAME_value(gens, j);
+        if (gen->type != GEN_EMAIL)
+            continue;
+        if (!append_ia5(&ret, gen->d.ia5))
+            return NULL;
+    }
+    return ret;
 }
 static void str_free(OPENSSL_STRING str)
 {
-	OPENSSL_free(str);
+    OPENSSL_free(str);
 }
 static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
 {
-	char *emtmp;
-	/* First some sanity checks */
-	if(email->type != V_ASN1_IA5STRING) return 1;
-	if(!email->data || !email->length) return 1;
-	if(!*sk) *sk = sk_OPENSSL_STRING_new(sk_strcmp);
-	if(!*sk) return 0;
-	/* Don't add duplicates */
-	if(sk_OPENSSL_STRING_find(*sk, NULL, (char *)email->data)) return 1;
-	emtmp = BUF_strdup((char *)email->data);
-	if(!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
-		X509_email_free(*sk);
-		*sk = NULL;
-		return 0;
-	}
-	return 1;
+    char *emtmp;
+    /* First some sanity checks */
+    if (email->type != V_ASN1_IA5STRING)
+        return 1;
+    if (!email->data || !email->length)
+        return 1;
+    if (!*sk)
+        *sk = sk_OPENSSL_STRING_new(sk_strcmp);
+    if (!*sk)
+        return 0;
+    /* Don't add duplicates */
+    if (sk_OPENSSL_STRING_find(*sk, NULL, (char *)email->data))
+        return 1;
+    emtmp = BUF_strdup((char *)email->data);
+    if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
+        X509_email_free(*sk);
+        *sk = NULL;
+        return 0;
+    }
+    return 1;
 }
 void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
 {
-	sk_OPENSSL_STRING_pop_free(sk, str_free);
+    sk_OPENSSL_STRING_pop_free(sk, str_free);
 }
-typedef int (*equal_fn)(const unsigned char *pattern, size_t pattern_len,
-			const unsigned char *subject, size_t subject_len,
-			unsigned int flags);
+typedef int (*equal_fn) (const unsigned char *pattern, size_t pattern_len,
+                         const unsigned char *subject, size_t subject_len,
+                         unsigned int flags);
 /* Skip pattern prefix to match "wildcard" subject */
 static void skip_prefix(const unsigned char **p, size_t *plen,
-			const unsigned char *subject, size_t subject_len,
-			unsigned int flags)
-	{
-	const unsigned char *pattern = *p;
-	size_t pattern_len = *plen;
-	/*
-	 * If subject starts with a leading '.' followed by more octets, and
-	 * pattern is longer, compare just an equal-length suffix with the
-	 * full subject (starting at the '.'), provided the prefix contains
-	 * no NULs.
-	 */
-	if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)
-		return;
-	while (pattern_len > subject_len && *pattern)
-		{
-		if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&
-		    *pattern == '.')
-			break;
-		++pattern;
-		--pattern_len;
-		}
-	/* Skip if entire prefix acceptable */
-	if (pattern_len == subject_len)
-		{
-		*p = pattern;
-		*plen = pattern_len;
-		}
-	}
+                        const unsigned char *subject, size_t subject_len,
+                        unsigned int flags)
+{
+    const unsigned char *pattern = *p;
+    size_t pattern_len = *plen;
+    /*
+     * If subject starts with a leading '.' followed by more octets, and
+     * pattern is longer, compare just an equal-length suffix with the
+     * full subject (starting at the '.'), provided the prefix contains
+     * no NULs.
+     */
+    if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)
+        return;
+    while (pattern_len > subject_len && *pattern) {
+        if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&
+            *pattern == '.')
+            break;
+        ++pattern;
+        --pattern_len;
+    }
+    /* Skip if entire prefix acceptable */
+    if (pattern_len == subject_len) {
+        *p = pattern;
+        *plen = pattern_len;
+    }
+}
 /* Compare while ASCII ignoring case. */
 static int equal_nocase(const unsigned char *pattern, size_t pattern_len,
-			const unsigned char *subject, size_t subject_len,
-			unsigned int flags)
-	{
-	skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
-	if (pattern_len != subject_len)
-		return 0;
-	while (pattern_len)
-		{
-		unsigned char l = *pattern;
-		unsigned char r = *subject;
-		/* The pattern must not contain NUL characters. */
-		if (l == 0)
-			return 0;
-		if (l != r)
-			{
-			if ('A' <= l && l <= 'Z')
-				l = (l - 'A') + 'a';
-			if ('A' <= r && r <= 'Z')
-				r = (r - 'A') + 'a';
-			if (l != r)
-				return 0;
-			}
-		++pattern;
-		++subject;
-		--pattern_len;
-		}
-	return 1;
-	}
+                        const unsigned char *subject, size_t subject_len,
+                        unsigned int flags)
+{
+    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
+    if (pattern_len != subject_len)
+        return 0;
+    while (pattern_len) {
+        unsigned char l = *pattern;
+        unsigned char r = *subject;
+        /* The pattern must not contain NUL characters. */
+        if (l == 0)
+            return 0;
+        if (l != r) {
+            if ('A' <= l && l <= 'Z')
+                l = (l - 'A') + 'a';
+            if ('A' <= r && r <= 'Z')
+                r = (r - 'A') + 'a';
+            if (l != r)
+                return 0;
+        }
+        ++pattern;
+        ++subject;
+        --pattern_len;
+    }
+    return 1;
+}
 /* Compare using memcmp. */
 static int equal_case(const unsigned char *pattern, size_t pattern_len,
-		      const unsigned char *subject, size_t subject_len,
-		      unsigned int flags)
+                      const unsigned char *subject, size_t subject_len,
+                      unsigned int flags)
 {
-	skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
-	if (pattern_len != subject_len)
-		return 0;
-	return !memcmp(pattern, subject, pattern_len);
+    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
+    if (pattern_len != subject_len)
+        return 0;
+    return !memcmp(pattern, subject, pattern_len);
 }
-/* RFC 5280, section 7.5, requires that only the domain is compared in
-   a case-insensitive manner. */
+/*
+ * RFC 5280, section 7.5, requires that only the domain is compared in a
+ * case-insensitive manner.
+ */
 static int equal_email(const unsigned char *a, size_t a_len,
-		       const unsigned char *b, size_t b_len,
-		       unsigned int unused_flags)
-	{
-	size_t i = a_len;
-	if (a_len != b_len)
-		return 0;
-	/* We search backwards for the '@' character, so that we do
-	   not have to deal with quoted local-parts.  The domain part
-	   is compared in a case-insensitive manner. */
-	while (i > 0)
-		{
-		--i;
-		if (a[i] == '@' || b[i] == '@')
-			{
-			if (!equal_nocase(a + i, a_len - i,
-					  b + i, a_len - i, 0))
-				return 0;
-			break;
-			}
-		}
-	if (i == 0)
-		i = a_len;
-	return equal_case(a, i, b, i, 0);
-	}
-/* Compare the prefix and suffix with the subject, and check that the
-   characters in-between are valid. */
+                       const unsigned char *b, size_t b_len,
+                       unsigned int unused_flags)
+{
+    size_t i = a_len;
+    if (a_len != b_len)
+        return 0;
+    /*
+     * We search backwards for the '@' character, so that we do not have to
+     * deal with quoted local-parts.  The domain part is compared in a
+     * case-insensitive manner.
+     */
+    while (i > 0) {
+        --i;
+        if (a[i] == '@' || b[i] == '@') {
+            if (!equal_nocase(a + i, a_len - i, b + i, a_len - i, 0))
+                return 0;
+            break;
+        }
+    }
+    if (i == 0)
+        i = a_len;
+    return equal_case(a, i, b, i, 0);
+}
+/*
+ * Compare the prefix and suffix with the subject, and check that the
+ * characters in-between are valid.
+ */
 static int wildcard_match(const unsigned char *prefix, size_t prefix_len,
-			  const unsigned char *suffix, size_t suffix_len,
-			  const unsigned char *subject, size_t subject_len,
-			  unsigned int flags)
-	{
-	const unsigned char *wildcard_start;
-	const unsigned char *wildcard_end;
-	const unsigned char *p;
-	int allow_multi = 0;
-	int allow_idna = 0;
-	if (subject_len < prefix_len + suffix_len)
-		return 0;
-	if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))
-		return 0;
-	wildcard_start = subject + prefix_len;
-	wildcard_end = subject + (subject_len - suffix_len);
-	if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))
-		return 0;
-	/*
-	 * If the wildcard makes up the entire first label, it must match at
-	 * least one character.
-	 */
-	if (prefix_len == 0 && *suffix == '.')
-		{
-		if (wildcard_start == wildcard_end)
-			return 0;
-		allow_idna = 1;
-		if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)
-			allow_multi = 1;
-		}
-	/* IDNA labels cannot match partial wildcards */
-	if (!allow_idna &&
-	    subject_len >= 4 && OPENSSL_strncasecmp((char *)subject, "xn--", 4) == 0)
-		return 0;
-	/* The wildcard may match a literal '*' */
-	if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')
-		return 1;
-	/*
-	 * Check that the part matched by the wildcard contains only
-	 * permitted characters and only matches a single label unless
-	 * allow_multi is set.
-	 */
-	for (p = wildcard_start; p != wildcard_end; ++p)
-		if (!(('0' <= *p && *p <= '9') ||
-		      ('A' <= *p && *p <= 'Z') ||
-		      ('a' <= *p && *p <= 'z') ||
-		      *p == '-' || (allow_multi && *p == '.')))
-			return 0;
-	return 1;
-	}
-#define LABEL_START	(1 << 0)
-#define LABEL_END	(1 << 1)
-#define LABEL_HYPHEN	(1 << 2)
-#define LABEL_IDNA	(1 << 3)
+                          const unsigned char *suffix, size_t suffix_len,
+                          const unsigned char *subject, size_t subject_len,
+                          unsigned int flags)
+{
+    const unsigned char *wildcard_start;
+    const unsigned char *wildcard_end;
+    const unsigned char *p;
+    int allow_multi = 0;
+    int allow_idna = 0;
+    if (subject_len < prefix_len + suffix_len)
+        return 0;
+    if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))
+        return 0;
+    wildcard_start = subject + prefix_len;
+    wildcard_end = subject + (subject_len - suffix_len);
+    if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))
+        return 0;
+    /*
+     * If the wildcard makes up the entire first label, it must match at
+     * least one character.
+     */
+    if (prefix_len == 0 && *suffix == '.') {
+        if (wildcard_start == wildcard_end)
+            return 0;
+        allow_idna = 1;
+        if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)
+            allow_multi = 1;
+    }
+    /* IDNA labels cannot match partial wildcards */
+    if (!allow_idna &&
+        subject_len >= 4
+        && OPENSSL_strncasecmp((char *)subject, "xn--", 4) == 0)
+        return 0;
+    /* The wildcard may match a literal '*' */
+    if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')
+        return 1;
+    /*
+     * Check that the part matched by the wildcard contains only
+     * permitted characters and only matches a single label unless
+     * allow_multi is set.
+     */
+    for (p = wildcard_start; p != wildcard_end; ++p)
+        if (!(('0' <= *p && *p <= '9') ||
+              ('A' <= *p && *p <= 'Z') ||
+              ('a' <= *p && *p <= 'z') ||
+              *p == '-' || (allow_multi && *p == '.')))
+            return 0;
+    return 1;
+}
+#define LABEL_START     (1 << 0)
+#define LABEL_END       (1 << 1)
+#define LABEL_HYPHEN    (1 << 2)
+#define LABEL_IDNA      (1 << 3)
 static const unsigned char *valid_star(const unsigned char *p, size_t len,
-						unsigned int flags)
-	{
-	const unsigned char *star = 0;
-	size_t i;
-	int state = LABEL_START;
-	int dots = 0;
-	for (i = 0; i < len; ++i)
-		{
-		/*
-		 * Locate first and only legal wildcard, either at the start
-		 * or end of a non-IDNA first and not final label.
-		 */
-		if (p[i] == '*')
-			{
-			int atstart = (state & LABEL_START);
-			int atend = (i == len - 1 || p[i+1] == '.');
-			/*
-			 * At most one wildcard per pattern.
-			 * No wildcards in IDNA labels.
-			 * No wildcards after the first label.
-			 */
-			if (star != NULL || (state & LABEL_IDNA) != 0 || dots)
-				return NULL;
-			/* Only full-label '*.example.com' wildcards? */
-			if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)
-			    && (!atstart || !atend))
-				return NULL;
-			/* No 'foo*bar' wildcards */
-			if (!atstart && !atend)
-				return NULL;
-			star = &p[i];
-			state &= ~LABEL_START;
-			}
-		else if ((state & LABEL_START) != 0)
-			{
-			/*
-			 * At the start of a label, skip any "xn--" and
-			 * remain in the LABEL_START state, but set the
-			 * IDNA label state
-			 */
-			if ((state & LABEL_IDNA) == 0 && len - i >= 4
-			    && OPENSSL_strncasecmp((char *)&p[i], "xn--", 4) == 0)
-				{
-				i += 3;
-				state |= LABEL_IDNA;
-				continue;
-				}
-			/* Labels must start with a letter or digit */
-			state &= ~LABEL_START;
-			if (('a' <= p[i] && p[i] <= 'z')
-			    || ('A' <= p[i] && p[i] <= 'Z')
-			    || ('0' <= p[i] && p[i] <= '9'))
-				continue;
-			return NULL;
-			}
-		else if (('a' <= p[i] && p[i] <= 'z')
-			 || ('A' <= p[i] && p[i] <= 'Z')
-			 || ('0' <= p[i] && p[i] <= '9'))
-			{
-			state &= LABEL_IDNA;
-			continue;
-			}
-		else if (p[i] == '.')
-			{
-			if (state & (LABEL_HYPHEN | LABEL_START))
-				return NULL;
-			state = LABEL_START;
-			++dots;
-			}
-		else if (p[i] == '-')
-			{
-			if (state & LABEL_HYPHEN)
-				return NULL;
-			state |= LABEL_HYPHEN;
-			}
-		else
-			return NULL;
-		}
-	/*
-	 * The final label must not end in a hyphen or ".", and
-	 * there must be at least two dots after the star.
-	 */
-	if ((state & (LABEL_START | LABEL_HYPHEN)) != 0
-	    || dots < 2)
-		return NULL;
-	return star;
-	}
+                                       unsigned int flags)
+{
+    const unsigned char *star = 0;
+    size_t i;
+    int state = LABEL_START;
+    int dots = 0;
+    for (i = 0; i < len; ++i) {
+        /*
+         * Locate first and only legal wildcard, either at the start
+         * or end of a non-IDNA first and not final label.
+         */
+        if (p[i] == '*') {
+            int atstart = (state & LABEL_START);
+            int atend = (i == len - 1 || p[i + 1] == '.');
+            /*
+             * At most one wildcard per pattern.
+             * No wildcards in IDNA labels.
+             * No wildcards after the first label.
+             */
+            if (star != NULL || (state & LABEL_IDNA) != 0 || dots)
+                return NULL;
+            /* Only full-label '*.example.com' wildcards? */
+            if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)
+                && (!atstart || !atend))
+                return NULL;
+            /* No 'foo*bar' wildcards */
+            if (!atstart && !atend)
+                return NULL;
+            star = &p[i];
+            state &= ~LABEL_START;
+        } else if ((state & LABEL_START) != 0) {
+            /*
+             * At the start of a label, skip any "xn--" and
+             * remain in the LABEL_START state, but set the
+             * IDNA label state
+             */
+            if ((state & LABEL_IDNA) == 0 && len - i >= 4
+                && OPENSSL_strncasecmp((char *)&p[i], "xn--", 4) == 0) {
+                i += 3;
+                state |= LABEL_IDNA;
+                continue;
+            }
+            /* Labels must start with a letter or digit */
+            state &= ~LABEL_START;
+            if (('a' <= p[i] && p[i] <= 'z')
+                || ('A' <= p[i] && p[i] <= 'Z')
+                || ('0' <= p[i] && p[i] <= '9'))
+                continue;
+            return NULL;
+        } else if (('a' <= p[i] && p[i] <= 'z')
+                   || ('A' <= p[i] && p[i] <= 'Z')
+                   || ('0' <= p[i] && p[i] <= '9')) {
+            state &= LABEL_IDNA;
+            continue;
+        } else if (p[i] == '.') {
+            if (state & (LABEL_HYPHEN | LABEL_START))
+                return NULL;
+            state = LABEL_START;
+            ++dots;
+        } else if (p[i] == '-') {
+            if (state & LABEL_HYPHEN)
+                return NULL;
+            state |= LABEL_HYPHEN;
+        } else
+            return NULL;
+    }
+    /*
+     * The final label must not end in a hyphen or ".", and
+     * there must be at least two dots after the star.
+     */
+    if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2)
+        return NULL;
+    return star;
+}
 /* Compare using wildcards. */
 static int equal_wildcard(const unsigned char *pattern, size_t pattern_len,
-			  const unsigned char *subject, size_t subject_len,
-			  unsigned int flags)
-	{
-	const unsigned char *star = NULL;
-	/*
-	 * Subject names starting with '.' can only match a wildcard pattern
-	 * via a subject sub-domain pattern suffix match.
-	 */
-	if (!(subject_len > 1 && subject[0] == '.'))
-		star = valid_star(pattern, pattern_len, flags);
-	if (star == NULL)
-		return equal_nocase(pattern, pattern_len,
-				    subject, subject_len, flags);
-	return wildcard_match(pattern, star - pattern,
-			      star + 1, (pattern + pattern_len) - star - 1,
-			      subject, subject_len, flags);
-	}
-/* Compare an ASN1_STRING to a supplied string. If they match
- * return 1. If cmp_type > 0 only compare if string matches the
- * type, otherwise convert it to UTF8.
+                          const unsigned char *subject, size_t subject_len,
+                          unsigned int flags)
+{
+    const unsigned char *star = NULL;
+    /*
+     * Subject names starting with '.' can only match a wildcard pattern
+     * via a subject sub-domain pattern suffix match.
+     */
+    if (!(subject_len > 1 && subject[0] == '.'))
+        star = valid_star(pattern, pattern_len, flags);
+    if (star == NULL)
+        return equal_nocase(pattern, pattern_len,
+                            subject, subject_len, flags);
+    return wildcard_match(pattern, star - pattern,
+                          star + 1, (pattern + pattern_len) - star - 1,
+                          subject, subject_len, flags);
+}
+/*
+ * Compare an ASN1_STRING to a supplied string. If they match return 1. If
+ * cmp_type > 0 only compare if string matches the type, otherwise convert it
+ * to UTF8.
  */
 static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
-				unsigned int flags, const char *b, size_t blen,
-				char **peername)
-	{
-	int rv = 0;
-	if (!a->data || !a->length)
-		return 0;
-	if (cmp_type > 0)
-		{
-		if (cmp_type != a->type)
-			return 0;
-		if (cmp_type == V_ASN1_IA5STRING)
-			rv = equal(a->data, a->length,
-				   (unsigned char *)b, blen, flags);
-		else if (a->length == (int)blen && !memcmp(a->data, b, blen))
-			rv = 1;
-		if (rv > 0 && peername)
-			*peername = BUF_strndup((char *)a->data, a->length);
-		}
-	else
-		{
-		int astrlen;
-		unsigned char *astr;
-		astrlen = ASN1_STRING_to_UTF8(&astr, a);
-		if (astrlen < 0)
-			return -1;
-		rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
-		if (rv > 0 && peername)
-			*peername = BUF_strndup((char *)astr, astrlen);
-		OPENSSL_free(astr);
-		}
-	return rv;
-	}
+                           unsigned int flags, const char *b, size_t blen,
+                           char **peername)
+{
+    int rv = 0;
+    if (!a->data || !a->length)
+        return 0;
+    if (cmp_type > 0) {
+        if (cmp_type != a->type)
+            return 0;
+        if (cmp_type == V_ASN1_IA5STRING)
+            rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
+        else if (a->length == (int)blen && !memcmp(a->data, b, blen))
+            rv = 1;
+        if (rv > 0 && peername)
+            *peername = BUF_strndup((char *)a->data, a->length);
+    } else {
+        int astrlen;
+        unsigned char *astr;
+        astrlen = ASN1_STRING_to_UTF8(&astr, a);
+        if (astrlen < 0)
+            return -1;
+        rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
+        if (rv > 0 && peername)
+            *peername = BUF_strndup((char *)astr, astrlen);
+        OPENSSL_free(astr);
+    }
+    return rv;
+}
 static int do_x509_check(X509 *x, const char *chk, size_t chklen,
-					unsigned int flags, int check_type,
-					char **peername)
-	{
-	GENERAL_NAMES *gens = NULL;
-	X509_NAME *name = NULL;
-	size_t i;
-	int j;
-	int cnid = NID_undef;
-	int alt_type;
-	int san_present = 0;
-	int rv = 0;
-	equal_fn equal;
-	/* See below, this flag is internal-only */
-	flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS;
-	if (check_type == GEN_EMAIL)
-		{
-		cnid = NID_pkcs9_emailAddress;
-		alt_type = V_ASN1_IA5STRING;
-		equal = equal_email;
-		}
-	else if (check_type == GEN_DNS)
-		{
-		cnid = NID_commonName;
-		/* Implicit client-side DNS sub-domain pattern */
-		if (chklen > 1 && chk[0] == '.')
-			flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS;
-		alt_type = V_ASN1_IA5STRING;
-		if (flags & X509_CHECK_FLAG_NO_WILDCARDS)
-			equal = equal_nocase;
-		else
-			equal = equal_wildcard;
-		}
-	else
-		{
-		alt_type = V_ASN1_OCTET_STRING;
-		equal = equal_case;
-		}
-	gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-	if (gens)
-		{
-		for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
-			{
-			GENERAL_NAME *gen;
-			ASN1_STRING *cstr;
-			gen = sk_GENERAL_NAME_value(gens, i);
-			if (gen->type != check_type)
-				continue;
-			san_present = 1;
-			if (check_type == GEN_EMAIL)
-				cstr = gen->d.rfc822Name;
-			else if (check_type == GEN_DNS)
-				cstr = gen->d.dNSName;
-			else
-				cstr = gen->d.iPAddress;
-			/* Positive on success, negative on error! */
-			if ((rv = do_check_string(cstr, alt_type, equal, flags,
-						  chk, chklen, peername)) != 0)
-				break;
-			}
-		GENERAL_NAMES_free(gens);
-		if (rv != 0)
-			return rv;
-		if (cnid == NID_undef
-		    || (san_present
-		        && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))
-			return 0;
-		}
-	/* We're done if CN-ID is not pertinent */
-	if (cnid == NID_undef)
-		return 0;
-	j = -1;
-	name = X509_get_subject_name(x);
-	while((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0)
-		{
-		X509_NAME_ENTRY *ne;
-		ASN1_STRING *str;
-		ne = X509_NAME_get_entry(name, j);
-		str = X509_NAME_ENTRY_get_data(ne);
-		/* Positive on success, negative on error! */
-		if ((rv = do_check_string(str, -1, equal, flags,
-					  chk, chklen, peername)) != 0)
-			return rv;
-		}
-	return 0;
-	}
+                         unsigned int flags, int check_type, char **peername)
+{
+    GENERAL_NAMES *gens = NULL;
+    X509_NAME *name = NULL;
+    size_t i;
+    int j;
+    int cnid = NID_undef;
+    int alt_type;
+    int san_present = 0;
+    int rv = 0;
+    equal_fn equal;
+    /* See below, this flag is internal-only */
+    flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS;
+    if (check_type == GEN_EMAIL) {
+        cnid = NID_pkcs9_emailAddress;
+        alt_type = V_ASN1_IA5STRING;
+        equal = equal_email;
+    } else if (check_type == GEN_DNS) {
+        cnid = NID_commonName;
+        /* Implicit client-side DNS sub-domain pattern */
+        if (chklen > 1 && chk[0] == '.')
+            flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS;
+        alt_type = V_ASN1_IA5STRING;
+        if (flags & X509_CHECK_FLAG_NO_WILDCARDS)
+            equal = equal_nocase;
+        else
+            equal = equal_wildcard;
+    } else {
+        alt_type = V_ASN1_OCTET_STRING;
+        equal = equal_case;
+    }
+    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    if (gens) {
+        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+            GENERAL_NAME *gen;
+            ASN1_STRING *cstr;
+            gen = sk_GENERAL_NAME_value(gens, i);
+            if (gen->type != check_type)
+                continue;
+            san_present = 1;
+            if (check_type == GEN_EMAIL)
+                cstr = gen->d.rfc822Name;
+            else if (check_type == GEN_DNS)
+                cstr = gen->d.dNSName;
+            else
+                cstr = gen->d.iPAddress;
+            /* Positive on success, negative on error! */
+            if ((rv = do_check_string(cstr, alt_type, equal, flags,
+                                      chk, chklen, peername)) != 0)
+                break;
+        }
+        GENERAL_NAMES_free(gens);
+        if (rv != 0)
+            return rv;
+        if (cnid == NID_undef
+            || (san_present
+                && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))
+            return 0;
+    }
+    /* We're done if CN-ID is not pertinent */
+    if (cnid == NID_undef)
+        return 0;
+    j = -1;
+    name = X509_get_subject_name(x);
+    while ((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0) {
+        X509_NAME_ENTRY *ne;
+        ASN1_STRING *str;
+        ne = X509_NAME_get_entry(name, j);
+        str = X509_NAME_ENTRY_get_data(ne);
+        /* Positive on success, negative on error! */
+        if ((rv = do_check_string(str, -1, equal, flags,
+                                  chk, chklen, peername)) != 0)
+            return rv;
+    }
+    return 0;
+}
 int X509_check_host(X509 *x, const char *chk, size_t chklen,
-			unsigned int flags, char **peername)
-	{
-	if (chk == NULL)
-		return -2;
-	if (memchr(chk, '\0', chklen))
-		return -2;
-	return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
-	}
+                    unsigned int flags, char **peername)
+{
+    if (chk == NULL)
+        return -2;
+    if (memchr(chk, '\0', chklen))
+        return -2;
+    return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
+}
 int X509_check_email(X509 *x, const char *chk, size_t chklen,
-			unsigned int flags)
-	{
-	if (chk == NULL)
-		return -2;
-	if (memchr(chk, '\0', chklen))
-		return -2;
-	return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
-	}
+                     unsigned int flags)
+{
+    if (chk == NULL)
+        return -2;
+    if (memchr(chk, '\0', chklen))
+        return -2;
+    return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
+}
 int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
-					unsigned int flags)
-	{
-	if (chk == NULL)
-		return -2;
-	return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
-	}
+                  unsigned int flags)
+{
+    if (chk == NULL)
+        return -2;
+    return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
+}
 int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
-	{
-	unsigned char ipout[16];
-	size_t iplen;
-	if (ipasc == NULL)
-		return -2;
-	iplen = (size_t) a2i_ipadd(ipout, ipasc);
-	if (iplen == 0)
-		return -2;
-	return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
-	}
-/* Convert IP addresses both IPv4 and IPv6 into an
- * OCTET STRING compatible with RFC3280.
+{
+    unsigned char ipout[16];
+    size_t iplen;
+    if (ipasc == NULL)
+        return -2;
+    iplen = (size_t)a2i_ipadd(ipout, ipasc);
+    if (iplen == 0)
+        return -2;
+    return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
+}
+/*
+ * Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible
+ * with RFC3280.
  */
 ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
-	{
-	unsigned char ipout[16];
-	ASN1_OCTET_STRING *ret;
-	int iplen;
+{
+    unsigned char ipout[16];
+    ASN1_OCTET_STRING *ret;
+    int iplen;
-	/* If string contains a ':' assume IPv6 */
+    /* If string contains a ':' assume IPv6 */
-	iplen = a2i_ipadd(ipout, ipasc);
+    iplen = a2i_ipadd(ipout, ipasc);
-	if (!iplen)
-		return NULL;
+    if (!iplen)
+        return NULL;
-	ret = ASN1_OCTET_STRING_new();
-	if (!ret)
-		return NULL;
-	if (!ASN1_OCTET_STRING_set(ret, ipout, iplen))
-		{
-		ASN1_OCTET_STRING_free(ret);
-		return NULL;
-		}
-	return ret;
-	}
+    ret = ASN1_OCTET_STRING_new();
+    if (!ret)
+        return NULL;
+    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
+        ASN1_OCTET_STRING_free(ret);
+        return NULL;
+    }
+    return ret;
+}
 ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
-	{
-	ASN1_OCTET_STRING *ret = NULL;
-	unsigned char ipout[32];
-	char *iptmp = NULL, *p;
-	int iplen1, iplen2;
-	p = strchr(ipasc,'/');
-	if (!p)
-		return NULL;
-	iptmp = BUF_strdup(ipasc);
-	if (!iptmp)
-		return NULL;
-	p = iptmp + (p - ipasc);
-	*p++ = 0;
-	iplen1 = a2i_ipadd(ipout, iptmp);
-	if (!iplen1)
-		goto err;
-	iplen2 = a2i_ipadd(ipout + iplen1, p);
-	OPENSSL_free(iptmp);
-	iptmp = NULL;
-	if (!iplen2 || (iplen1 != iplen2))
-		goto err;
-	ret = ASN1_OCTET_STRING_new();
-	if (!ret)
-		goto err;
-	if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))
-		goto err;
-	return ret;
-	err:
-	if (iptmp)
-		OPENSSL_free(iptmp);
-	if (ret)
-		ASN1_OCTET_STRING_free(ret);
-	return NULL;
-	}
+{
+    ASN1_OCTET_STRING *ret = NULL;
+    unsigned char ipout[32];
+    char *iptmp = NULL, *p;
+    int iplen1, iplen2;
+    p = strchr(ipasc, '/');
+    if (!p)
+        return NULL;
+    iptmp = BUF_strdup(ipasc);
+    if (!iptmp)
+        return NULL;
+    p = iptmp + (p - ipasc);
+    *p++ = 0;
+    iplen1 = a2i_ipadd(ipout, iptmp);
+    if (!iplen1)
+        goto err;
+    iplen2 = a2i_ipadd(ipout + iplen1, p);
+    OPENSSL_free(iptmp);
+    iptmp = NULL;
+    if (!iplen2 || (iplen1 != iplen2))
+        goto err;
+    ret = ASN1_OCTET_STRING_new();
+    if (!ret)
+        goto err;
+    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))
+        goto err;
+    return ret;
+ err:
+    if (iptmp)
+        OPENSSL_free(iptmp);
+    if (ret)
+        ASN1_OCTET_STRING_free(ret);
+    return NULL;
+}
 int a2i_ipadd(unsigned char *ipout, const char *ipasc)
-	{
-	/* If string contains a ':' assume IPv6 */
-	if (strchr(ipasc, ':'))
-		{
-		if (!ipv6_from_asc(ipout, ipasc))
-			return 0;
-		return 16;
-		}
-	else
-		{
-		if (!ipv4_from_asc(ipout, ipasc))
-			return 0;
-		return 4;
-		}
-	}
+{
+    /* If string contains a ':' assume IPv6 */
+    if (strchr(ipasc, ':')) {
+        if (!ipv6_from_asc(ipout, ipasc))
+            return 0;
+        return 16;
+    } else {
+        if (!ipv4_from_asc(ipout, ipasc))
+            return 0;
+        return 4;
+    }
+}
 static int ipv4_from_asc(unsigned char *v4, const char *in)
-	{
-	int a0, a1, a2, a3;
-	if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
-		return 0;
-	if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
-		|| (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
-		return 0;
-	v4[0] = a0;
-	v4[1] = a1;
-	v4[2] = a2;
-	v4[3] = a3;
-	return 1;
-	}
+{
+    int a0, a1, a2, a3;
+    if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
+        return 0;
+    if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
+        || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
+        return 0;
+    v4[0] = a0;
+    v4[1] = a1;
+    v4[2] = a2;
+    v4[3] = a3;
+    return 1;
+}
 typedef struct {
-		/* Temporary store for IPV6 output */
-		unsigned char tmp[16];
-		/* Total number of bytes in tmp */
-		int total;
-		/* The position of a zero (corresponding to '::') */
-		int zero_pos;
-		/* Number of zeroes */
-		int zero_cnt;
-	} IPV6_STAT;
+    /* Temporary store for IPV6 output */
+    unsigned char tmp[16];
+    /* Total number of bytes in tmp */
+    int total;
+    /* The position of a zero (corresponding to '::') */
+    int zero_pos;
+    /* Number of zeroes */
+    int zero_cnt;
+} IPV6_STAT;
 static int ipv6_from_asc(unsigned char *v6, const char *in)
-	{
-	IPV6_STAT v6stat;
-	v6stat.total = 0;
-	v6stat.zero_pos = -1;
-	v6stat.zero_cnt = 0;
-	/* Treat the IPv6 representation as a list of values
-	 * separated by ':'. The presence of a '::' will parse
- 	 * as one, two or three zero length elements.
-	 */
-	if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
-		return 0;
-	/* Now for some sanity checks */
-	if (v6stat.zero_pos == -1)
-		{
-		/* If no '::' must have exactly 16 bytes */
-		if (v6stat.total != 16)
-			return 0;
-		}
-	else
-		{
-		/* If '::' must have less than 16 bytes */
-		if (v6stat.total == 16)
-			return 0;
-		/* More than three zeroes is an error */
-		if (v6stat.zero_cnt > 3)
-			return 0;
-		/* Can only have three zeroes if nothing else present */
-		else if (v6stat.zero_cnt == 3)
-			{
-			if (v6stat.total > 0)
-				return 0;
-			}
-		/* Can only have two zeroes if at start or end */
-		else if (v6stat.zero_cnt == 2)
-			{
-			if ((v6stat.zero_pos != 0)
-				&& (v6stat.zero_pos != v6stat.total))
-				return 0;
-			}
-		else
-		/* Can only have one zero if *not* start or end */
-			{
-			if ((v6stat.zero_pos == 0)
-				|| (v6stat.zero_pos == v6stat.total))
-				return 0;
-			}
-		}
-	/* Format result */
-	if (v6stat.zero_pos >= 0)
-		{
-		/* Copy initial part */
-		memcpy(v6, v6stat.tmp, v6stat.zero_pos);
-		/* Zero middle */
-		memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
-		/* Copy final part */
-		if (v6stat.total != v6stat.zero_pos)
-			memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
-				v6stat.tmp + v6stat.zero_pos,
-				v6stat.total - v6stat.zero_pos);
-		}
-	else
-		memcpy(v6, v6stat.tmp, 16);
-	return 1;
-	}
+{
+    IPV6_STAT v6stat;
+    v6stat.total = 0;
+    v6stat.zero_pos = -1;
+    v6stat.zero_cnt = 0;
+    /*
+     * Treat the IPv6 representation as a list of values separated by ':'.
+     * The presence of a '::' will parse as one, two or three zero length
+     * elements.
+     */
+    if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
+        return 0;
+    /* Now for some sanity checks */
+    if (v6stat.zero_pos == -1) {
+        /* If no '::' must have exactly 16 bytes */
+        if (v6stat.total != 16)
+            return 0;
+    } else {
+        /* If '::' must have less than 16 bytes */
+        if (v6stat.total == 16)
+            return 0;
+        /* More than three zeroes is an error */
+        if (v6stat.zero_cnt > 3)
+            return 0;
+        /* Can only have three zeroes if nothing else present */
+        else if (v6stat.zero_cnt == 3) {
+            if (v6stat.total > 0)
+                return 0;
+        }
+        /* Can only have two zeroes if at start or end */
+        else if (v6stat.zero_cnt == 2) {
+            if ((v6stat.zero_pos != 0)
+                && (v6stat.zero_pos != v6stat.total))
+                return 0;
+        } else
+            /* Can only have one zero if *not* start or end */
+        {
+            if ((v6stat.zero_pos == 0)
+                || (v6stat.zero_pos == v6stat.total))
+                return 0;
+        }
+    }
+    /* Format result */
+    if (v6stat.zero_pos >= 0) {
+        /* Copy initial part */
+        memcpy(v6, v6stat.tmp, v6stat.zero_pos);
+        /* Zero middle */
+        memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
+        /* Copy final part */
+        if (v6stat.total != v6stat.zero_pos)
+            memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+                   v6stat.tmp + v6stat.zero_pos,
+                   v6stat.total - v6stat.zero_pos);
+    } else
+        memcpy(v6, v6stat.tmp, 16);
+    return 1;
+}
 static int ipv6_cb(const char *elem, int len, void *usr)
-	{
-	IPV6_STAT *s = usr;
-	/* Error if 16 bytes written */
-	if (s->total == 16)
-		return 0;
-	if (len == 0)
-		{
-		/* Zero length element, corresponds to '::' */
-		if (s->zero_pos == -1)
-			s->zero_pos = s->total;
-		/* If we've already got a :: its an error */
-		else if (s->zero_pos != s->total)
-			return 0;
-		s->zero_cnt++;
-		}
-	else
-		{
-		/* If more than 4 characters could be final a.b.c.d form */
-		if (len > 4)
-			{
-			/* Need at least 4 bytes left */
-			if (s->total > 12)
-				return 0;
-			/* Must be end of string */
-			if (elem[len])
-				return 0;
-			if (!ipv4_from_asc(s->tmp + s->total, elem))
-				return 0;
-			s->total += 4;
-			}
-		else
-			{
-			if (!ipv6_hex(s->tmp + s->total, elem, len))
-				return 0;
-			s->total += 2;
-			}
-		}
-	return 1;
-	}
-/* Convert a string of up to 4 hex digits into the corresponding
- * IPv6 form.
+{
+    IPV6_STAT *s = usr;
+    /* Error if 16 bytes written */
+    if (s->total == 16)
+        return 0;
+    if (len == 0) {
+        /* Zero length element, corresponds to '::' */
+        if (s->zero_pos == -1)
+            s->zero_pos = s->total;
+        /* If we've already got a :: its an error */
+        else if (s->zero_pos != s->total)
+            return 0;
+        s->zero_cnt++;
+    } else {
+        /* If more than 4 characters could be final a.b.c.d form */
+        if (len > 4) {
+            /* Need at least 4 bytes left */
+            if (s->total > 12)
+                return 0;
+            /* Must be end of string */
+            if (elem[len])
+                return 0;
+            if (!ipv4_from_asc(s->tmp + s->total, elem))
+                return 0;
+            s->total += 4;
+        } else {
+            if (!ipv6_hex(s->tmp + s->total, elem, len))
+                return 0;
+            s->total += 2;
+        }
+    }
+    return 1;
+}
+/*
+ * Convert a string of up to 4 hex digits into the corresponding IPv6 form.
  */
 static int ipv6_hex(unsigned char *out, const char *in, int inlen)
-	{
-	unsigned char c;
-	unsigned int num = 0;
-	if (inlen > 4)
-		return 0;
-	while(inlen--)
-		{
-		c = *in++;
-		num <<= 4;
-		if ((c >= '0') && (c <= '9'))
-			num |= c - '0';
-		else if ((c >= 'A') && (c <= 'F'))
-			num |= c - 'A' + 10;
-		else if ((c >= 'a') && (c <= 'f'))
-			num |=  c - 'a' + 10;
-		else
-			return 0;
-		}
-	out[0] = num >> 8;
-	out[1] = num & 0xff;
-	return 1;
-	}
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
-						unsigned long chtype)
-	{
-	CONF_VALUE *v;
-	int mval;
-	size_t i;
-	char *p, *type;
-	if (!nm)
-		return 0;
-	for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++)
-		{
-		v=sk_CONF_VALUE_value(dn_sk,i);
-		type=v->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances
-		 */
-		for(p = type; *p ; p++)
-			if ((*p == ':') || (*p == ',') || (*p == '.'))
-				{
-				p++;
-				if(*p) type = p;
-				break;
-				}
-		if (*type == '+')
-			{
-			mval = -1;
-			type++;
-			}
-		else
-			mval = 0;
-		if (!X509_NAME_add_entry_by_txt(nm,type, chtype,
-				(unsigned char *) v->value,-1,-1,mval))
-					return 0;
-		}
-	return 1;
-	}
+{
+    unsigned char c;
+    unsigned int num = 0;
+    if (inlen > 4)
+        return 0;
+    while (inlen--) {
+        c = *in++;
+        num <<= 4;
+        if ((c >= '0') && (c <= '9'))
+            num |= c - '0';
+        else if ((c >= 'A') && (c <= 'F'))
+            num |= c - 'A' + 10;
+        else if ((c >= 'a') && (c <= 'f'))
+            num |= c - 'a' + 10;
+        else
+            return 0;
+    }
+    out[0] = num >> 8;
+    out[1] = num & 0xff;
+    return 1;
+}
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF (CONF_VALUE) * dn_sk,
+                             unsigned long chtype)
+{
+    CONF_VALUE *v;
+    int mval;
+    size_t i;
+    char *p, *type;
+    if (!nm)
+        return 0;
+    for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
+        v = sk_CONF_VALUE_value(dn_sk, i);
+        type = v->name;
+        /*
+         * Skip past any leading X. X: X, etc to allow for multiple instances
+         */
+        for (p = type; *p; p++)
+            if ((*p == ':') || (*p == ',') || (*p == '.')) {
+                p++;
+                if (*p)
+                    type = p;
+                break;
+            }
+        if (*type == '+') {
+            mval = -1;
+            type++;
+        } else
+            mval = 0;
+        if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
+                                        (unsigned char *)v->value, -1, -1,
+                                        mval))
+            return 0;
+    }
+    return 1;
+}