grpc 1.0.1 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +3696 -867
- data/etc/roots.pem +39 -111
- data/include/grpc/byte_buffer.h +64 -1
- data/include/grpc/census.h +40 -96
- data/include/grpc/compression.h +2 -1
- data/include/grpc/grpc.h +42 -7
- data/include/grpc/grpc_posix.h +8 -5
- data/include/grpc/impl/codegen/atm.h +3 -0
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +8 -0
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer_reader.h +4 -4
- data/include/grpc/impl/codegen/compression_types.h +1 -1
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/exec_ctx_fwd.h +41 -0
- data/include/grpc/impl/codegen/gpr_slice.h +84 -0
- data/include/grpc/impl/codegen/{alloc.h → gpr_types.h} +30 -29
- data/include/grpc/impl/codegen/grpc_types.h +91 -9
- data/include/grpc/impl/codegen/port_platform.h +25 -92
- data/include/grpc/impl/codegen/slice.h +54 -97
- data/include/grpc/impl/codegen/sync.h +0 -253
- data/include/grpc/module.modulemap +0 -2
- data/include/grpc/slice.h +132 -0
- data/include/grpc/{impl/codegen/slice_buffer.h → slice_buffer.h} +22 -39
- data/include/grpc/support/alloc.h +40 -1
- data/include/grpc/support/log.h +80 -1
- data/include/grpc/support/log_windows.h +2 -0
- data/include/grpc/support/string_util.h +1 -1
- data/include/grpc/support/sync.h +252 -0
- data/include/grpc/support/time.h +67 -1
- data/src/boringssl/err_data.c +639 -627
- data/src/core/ext/census/base_resources.c +71 -0
- data/src/core/ext/census/base_resources.h +39 -0
- data/src/core/ext/census/gen/census.pb.c +26 -29
- data/src/core/ext/census/gen/census.pb.h +68 -67
- data/src/core/ext/census/gen/trace_context.pb.c +81 -0
- data/src/core/ext/census/gen/trace_context.pb.h +99 -0
- data/src/core/ext/census/grpc_filter.c +22 -16
- data/src/core/ext/census/grpc_plugin.c +2 -1
- data/src/core/ext/census/initialize.c +16 -4
- data/src/core/ext/census/mlog.h +1 -1
- data/src/core/ext/census/placeholders.c +0 -45
- data/src/core/ext/census/resource.c +312 -0
- data/src/core/ext/census/resource.h +63 -0
- data/src/core/ext/census/trace_context.c +86 -0
- data/src/core/ext/census/trace_context.h +68 -0
- data/src/core/ext/census/tracing.c +8 -2
- data/src/core/ext/{client_config → client_channel}/channel_connectivity.c +8 -4
- data/src/core/ext/client_channel/client_channel.c +1218 -0
- data/src/core/ext/{client_config → client_channel}/client_channel.h +8 -11
- data/src/core/ext/{client_config → client_channel}/client_channel_factory.c +33 -3
- data/src/core/ext/{client_config → client_channel}/client_channel_factory.h +15 -8
- data/src/core/ext/{client_config/client_config_plugin.c → client_channel/client_channel_plugin.c} +16 -15
- data/src/core/ext/{client_config → client_channel}/connector.c +1 -1
- data/src/core/ext/{client_config → client_channel}/connector.h +5 -8
- data/{include/grpc/support/slice_buffer.h → src/core/ext/client_channel/default_initial_connect_string.c} +4 -5
- data/src/core/ext/client_channel/http_connect_handshaker.c +399 -0
- data/src/core/ext/client_channel/http_connect_handshaker.h +52 -0
- data/src/core/ext/{client_config → client_channel}/initial_connect_string.c +6 -7
- data/src/core/ext/{client_config → client_channel}/initial_connect_string.h +10 -10
- data/src/core/ext/{client_config → client_channel}/lb_policy.c +11 -11
- data/src/core/ext/{client_config → client_channel}/lb_policy.h +68 -27
- data/src/core/ext/client_channel/lb_policy_factory.c +163 -0
- data/src/core/ext/{client_config → client_channel}/lb_policy_factory.h +64 -9
- data/src/core/ext/{client_config → client_channel}/lb_policy_registry.c +6 -4
- data/src/core/ext/{client_config → client_channel}/lb_policy_registry.h +4 -4
- data/src/core/ext/{client_config → client_channel}/parse_address.c +21 -14
- data/src/core/ext/{client_config → client_channel}/parse_address.h +8 -10
- data/src/core/ext/{client_config → client_channel}/resolver.c +3 -4
- data/src/core/ext/{client_config → client_channel}/resolver.h +11 -15
- data/src/core/ext/{client_config → client_channel}/resolver_factory.c +4 -3
- data/src/core/ext/{client_config → client_channel}/resolver_factory.h +13 -11
- data/src/core/ext/{client_config → client_channel}/resolver_registry.c +54 -34
- data/src/core/ext/{client_config → client_channel}/resolver_registry.h +21 -8
- data/src/core/ext/{client_config → client_channel}/subchannel.c +208 -119
- data/src/core/ext/{client_config → client_channel}/subchannel.h +21 -11
- data/src/core/ext/{client_config → client_channel}/subchannel_index.c +6 -17
- data/src/core/ext/{client_config → client_channel}/subchannel_index.h +7 -7
- data/src/core/ext/{client_config → client_channel}/uri_parser.c +21 -28
- data/src/core/ext/{client_config → client_channel}/uri_parser.h +3 -3
- data/src/core/ext/lb_policy/grpclb/grpclb.c +1406 -0
- data/src/core/ext/lb_policy/grpclb/grpclb.h +44 -0
- data/src/core/ext/lb_policy/grpclb/load_balancer_api.c +117 -37
- data/src/core/ext/lb_policy/grpclb/load_balancer_api.h +31 -12
- data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +6 -36
- data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +22 -42
- data/src/core/ext/lb_policy/pick_first/pick_first.c +64 -46
- data/src/core/ext/lb_policy/round_robin/round_robin.c +324 -160
- data/src/core/ext/load_reporting/load_reporting.c +7 -56
- data/src/core/ext/load_reporting/load_reporting.h +41 -28
- data/src/core/ext/load_reporting/load_reporting_filter.c +132 -42
- data/src/core/ext/load_reporting/load_reporting_filter.h +1 -0
- data/src/core/ext/resolver/dns/native/dns_resolver.c +88 -80
- data/src/core/ext/resolver/sockaddr/sockaddr_resolver.c +57 -102
- data/src/core/ext/transport/chttp2/alpn/alpn.c +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.c +253 -0
- data/src/core/{lib/iomgr/ev_poll_and_epoll_posix.h → ext/transport/chttp2/client/chttp2_connector.h} +5 -5
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +31 -160
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +5 -5
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +44 -243
- data/src/core/ext/transport/chttp2/server/chttp2_server.c +342 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +47 -0
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +11 -124
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +20 -9
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +28 -236
- data/src/core/ext/transport/chttp2/transport/bin_decoder.c +31 -27
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +5 -4
- data/src/core/ext/transport/chttp2/transport/bin_encoder.c +25 -22
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +8 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +0 -3
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +1345 -1521
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +3 -1
- data/src/core/ext/transport/chttp2/transport/frame.h +3 -5
- data/src/core/ext/transport/chttp2/transport/frame_data.c +50 -47
- data/src/core/ext/transport/chttp2/transport/frame_data.h +8 -9
- data/src/core/ext/transport/chttp2/transport/frame_goaway.c +19 -21
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +9 -8
- data/src/core/ext/transport/chttp2/transport/frame_ping.c +13 -12
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +6 -6
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +31 -19
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_settings.c +22 -25
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +9 -8
- data/src/core/ext/transport/chttp2/transport/frame_window_update.c +26 -18
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +5 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +68 -58
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +8 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser.c +327 -214
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +14 -9
- data/src/core/ext/transport/chttp2/transport/hpack_table.c +24 -19
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +9 -6
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +1 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +284 -436
- data/src/core/ext/transport/chttp2/transport/parsing.c +355 -590
- data/src/core/ext/transport/chttp2/transport/stream_lists.c +36 -309
- data/src/core/ext/transport/chttp2/transport/stream_map.c +13 -34
- data/src/core/ext/transport/chttp2/transport/stream_map.h +3 -4
- data/src/core/ext/transport/chttp2/transport/writing.c +174 -286
- data/src/core/lib/channel/channel_args.c +70 -13
- data/src/core/lib/channel/channel_args.h +28 -2
- data/src/core/lib/channel/channel_stack.c +77 -28
- data/src/core/lib/channel/channel_stack.h +61 -23
- data/src/core/lib/channel/channel_stack_builder.c +33 -25
- data/src/core/lib/channel/channel_stack_builder.h +17 -8
- data/src/core/lib/channel/compress_filter.c +52 -36
- data/src/core/lib/channel/connected_channel.c +20 -12
- data/src/core/lib/channel/connected_channel.h +2 -1
- data/src/core/lib/channel/context.h +13 -1
- data/src/core/lib/channel/deadline_filter.c +344 -0
- data/src/core/lib/channel/deadline_filter.h +99 -0
- data/src/core/lib/channel/handshaker.c +240 -0
- data/src/core/lib/channel/handshaker.h +164 -0
- data/src/core/lib/{security/credentials/google_default/credentials_windows.c → channel/handshaker_factory.c} +16 -23
- data/src/core/lib/channel/handshaker_factory.h +66 -0
- data/src/core/lib/channel/handshaker_registry.c +113 -0
- data/src/core/{ext/client_config/client_config.h → lib/channel/handshaker_registry.h} +26 -16
- data/src/core/lib/channel/http_client_filter.c +248 -46
- data/src/core/lib/channel/http_client_filter.h +3 -0
- data/src/core/lib/channel/http_server_filter.c +136 -24
- data/src/core/lib/channel/message_size_filter.c +261 -0
- data/src/core/lib/channel/message_size_filter.h +39 -0
- data/src/core/lib/compression/message_compress.c +43 -37
- data/src/core/lib/compression/message_compress.h +7 -5
- data/src/core/lib/http/format_request.c +26 -11
- data/src/core/lib/http/format_request.h +7 -5
- data/src/core/lib/http/httpcli.c +45 -27
- data/src/core/lib/http/httpcli.h +4 -4
- data/src/core/lib/http/httpcli_security_connector.c +56 -46
- data/src/core/lib/http/parser.c +17 -14
- data/src/core/lib/http/parser.h +4 -2
- data/src/core/lib/iomgr/closure.c +49 -7
- data/src/core/lib/iomgr/closure.h +56 -14
- data/src/core/lib/iomgr/combiner.c +422 -0
- data/src/core/lib/iomgr/combiner.h +64 -0
- data/src/core/lib/iomgr/endpoint.c +8 -2
- data/src/core/lib/iomgr/endpoint.h +17 -7
- data/src/core/lib/iomgr/endpoint_pair.h +3 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.c +9 -8
- data/src/core/{ext/client_config/lb_policy_factory.c → lib/iomgr/endpoint_pair_uv.c} +18 -13
- data/src/core/lib/iomgr/endpoint_pair_windows.c +7 -6
- data/src/core/lib/iomgr/error.c +72 -6
- data/src/core/lib/iomgr/error.h +30 -3
- data/src/core/lib/iomgr/ev_epoll_linux.c +500 -382
- data/src/core/lib/iomgr/ev_epoll_linux.h +3 -2
- data/src/core/lib/iomgr/ev_poll_posix.c +317 -30
- data/src/core/lib/iomgr/ev_poll_posix.h +1 -0
- data/src/core/lib/iomgr/ev_posix.c +26 -5
- data/src/core/lib/iomgr/ev_posix.h +12 -1
- data/src/core/lib/iomgr/exec_ctx.c +27 -94
- data/src/core/lib/iomgr/exec_ctx.h +19 -22
- data/src/core/lib/iomgr/executor.c +29 -8
- data/src/core/lib/iomgr/executor.h +2 -4
- data/src/core/lib/iomgr/iocp_windows.c +3 -4
- data/src/core/lib/iomgr/iomgr.c +14 -10
- data/src/core/lib/iomgr/iomgr.h +6 -2
- data/src/core/lib/iomgr/iomgr_posix.c +2 -2
- data/src/core/lib/iomgr/iomgr_uv.c +49 -0
- data/src/core/lib/iomgr/iomgr_windows.c +2 -2
- data/src/core/lib/iomgr/load_file.c +3 -3
- data/src/core/lib/iomgr/load_file.h +2 -2
- data/src/core/lib/iomgr/network_status_tracker.c +1 -1
- data/src/core/lib/iomgr/pollset_set_uv.c +62 -0
- data/src/core/lib/iomgr/pollset_set_windows.c +3 -3
- data/src/core/lib/iomgr/pollset_uv.c +142 -0
- data/src/core/lib/iomgr/pollset_uv.h +42 -0
- data/src/core/lib/iomgr/pollset_windows.c +5 -6
- data/src/core/lib/iomgr/port.h +129 -0
- data/src/core/lib/iomgr/resolve_address.h +2 -1
- data/src/core/lib/iomgr/resolve_address_posix.c +14 -13
- data/src/core/lib/iomgr/resolve_address_uv.c +233 -0
- data/src/core/lib/iomgr/resolve_address_windows.c +14 -12
- data/src/core/lib/iomgr/resource_quota.c +832 -0
- data/src/core/lib/iomgr/resource_quota.h +159 -0
- data/src/core/lib/iomgr/sockaddr.h +10 -2
- data/src/core/lib/iomgr/sockaddr_utils.c +63 -36
- data/src/core/lib/iomgr/sockaddr_utils.h +14 -14
- data/src/core/lib/iomgr/socket_mutator.c +98 -0
- data/src/core/lib/iomgr/socket_mutator.h +80 -0
- data/src/core/lib/iomgr/socket_utils.h +42 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.c +28 -13
- data/src/core/lib/iomgr/socket_utils_linux.c +11 -5
- data/src/core/lib/iomgr/socket_utils_posix.c +10 -7
- data/src/core/lib/iomgr/socket_utils_posix.h +11 -4
- data/src/core/lib/iomgr/socket_utils_uv.c +49 -0
- data/src/core/lib/iomgr/socket_utils_windows.c +52 -0
- data/src/core/lib/iomgr/socket_windows.c +14 -6
- data/src/core/lib/iomgr/socket_windows.h +1 -0
- data/src/core/lib/iomgr/tcp_client.h +8 -2
- data/src/core/lib/iomgr/tcp_client_posix.c +131 -82
- data/src/core/lib/iomgr/tcp_client_posix.h +45 -0
- data/src/core/lib/iomgr/tcp_client_uv.c +190 -0
- data/src/core/lib/iomgr/tcp_client_windows.c +54 -30
- data/src/core/lib/iomgr/tcp_posix.c +135 -56
- data/src/core/lib/iomgr/tcp_posix.h +2 -2
- data/src/core/lib/iomgr/tcp_server.h +14 -6
- data/src/core/lib/iomgr/tcp_server_posix.c +154 -118
- data/src/core/lib/iomgr/tcp_server_uv.c +388 -0
- data/src/core/lib/iomgr/tcp_server_windows.c +127 -100
- data/src/core/lib/iomgr/tcp_uv.c +367 -0
- data/src/core/lib/iomgr/tcp_uv.h +59 -0
- data/src/core/lib/iomgr/tcp_windows.c +65 -48
- data/src/core/lib/iomgr/tcp_windows.h +3 -1
- data/src/core/lib/iomgr/timer.h +21 -21
- data/src/core/lib/iomgr/{timer.c → timer_generic.c} +15 -10
- data/src/core/lib/iomgr/timer_generic.h +49 -0
- data/src/core/lib/iomgr/timer_heap.c +6 -0
- data/src/core/lib/iomgr/timer_uv.c +99 -0
- data/src/core/lib/iomgr/timer_uv.h +47 -0
- data/src/core/lib/iomgr/udp_server.c +116 -98
- data/src/core/lib/iomgr/udp_server.h +5 -3
- data/src/core/lib/iomgr/unix_sockets_posix.c +14 -6
- data/src/core/lib/iomgr/unix_sockets_posix.h +6 -5
- data/src/core/lib/iomgr/unix_sockets_posix_noop.c +4 -4
- data/src/core/lib/iomgr/wakeup_fd_cv.c +118 -0
- data/src/core/lib/iomgr/wakeup_fd_cv.h +80 -0
- data/src/core/lib/iomgr/wakeup_fd_eventfd.c +3 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.c +3 -3
- data/src/core/lib/iomgr/wakeup_fd_pipe.c +12 -6
- data/src/core/lib/iomgr/wakeup_fd_posix.c +34 -5
- data/src/core/lib/iomgr/wakeup_fd_posix.h +5 -0
- data/src/core/lib/iomgr/workqueue.h +12 -20
- data/src/core/{ext/client_config/client_config.c → lib/iomgr/workqueue_uv.c} +24 -33
- data/{include/grpc/support/slice.h → src/core/lib/iomgr/workqueue_uv.h} +4 -6
- data/src/core/lib/iomgr/workqueue_windows.c +9 -8
- data/src/core/lib/json/json.c +3 -3
- data/src/core/lib/json/json.h +11 -11
- data/src/core/lib/json/json_reader.c +9 -5
- data/src/core/lib/profiling/basic_timers.c +10 -1
- data/src/core/lib/profiling/timers.h +2 -0
- data/src/core/lib/security/context/security_context.c +13 -3
- data/src/core/lib/security/context/security_context.h +20 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.c +28 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -2
- data/src/core/lib/security/credentials/credentials.c +48 -19
- data/src/core/lib/security/credentials/credentials.h +36 -19
- data/src/core/lib/security/credentials/credentials_metadata.c +11 -8
- data/src/core/lib/security/credentials/fake/fake_credentials.c +15 -11
- data/src/core/lib/security/credentials/google_default/{credentials_posix.c → credentials_generic.c} +7 -14
- data/src/core/lib/security/credentials/google_default/google_default_credentials.c +33 -21
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +14 -0
- data/src/core/lib/security/credentials/iam/iam_credentials.c +3 -2
- data/src/core/lib/security/credentials/jwt/json_token.c +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.h +1 -1
- data/src/core/lib/security/credentials/jwt/jwt_credentials.c +54 -19
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -1
- data/src/core/lib/security/credentials/jwt/jwt_verifier.c +129 -79
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +9 -6
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +63 -28
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/plugin/plugin_credentials.c +32 -11
- data/src/core/lib/security/credentials/ssl/ssl_credentials.c +13 -9
- data/src/core/lib/security/transport/client_auth_filter.c +33 -27
- data/src/core/lib/security/transport/secure_endpoint.c +93 -68
- data/src/core/lib/security/transport/secure_endpoint.h +2 -2
- data/src/core/lib/security/transport/security_connector.c +133 -168
- data/src/core/lib/security/transport/security_connector.h +31 -46
- data/src/core/lib/security/transport/security_handshaker.c +501 -0
- data/src/core/lib/security/transport/{handshake.h → security_handshaker.h} +10 -10
- data/src/core/lib/security/transport/server_auth_filter.c +50 -38
- data/src/core/lib/security/util/b64.c +11 -8
- data/src/core/lib/security/util/b64.h +5 -4
- data/src/core/lib/slice/percent_encoding.c +182 -0
- data/src/core/lib/slice/percent_encoding.h +78 -0
- data/src/core/lib/{support → slice}/slice.c +81 -50
- data/src/core/lib/{support → slice}/slice_buffer.c +78 -60
- data/src/core/lib/slice/slice_internal.h +49 -0
- data/src/core/lib/slice/slice_string_helpers.c +90 -0
- data/src/core/lib/{iomgr/workqueue_posix.h → slice/slice_string_helpers.h} +18 -18
- data/src/core/lib/support/backoff.c +24 -13
- data/src/core/lib/support/backoff.h +5 -2
- data/src/core/lib/support/env.h +0 -2
- data/src/core/lib/support/log.c +5 -4
- data/src/core/lib/support/log_linux.c +0 -1
- data/src/core/lib/support/log_posix.c +1 -1
- data/src/core/lib/support/mpscq.c +83 -0
- data/src/core/lib/support/mpscq.h +65 -0
- data/src/core/lib/support/string.c +58 -49
- data/src/core/lib/support/string.h +11 -8
- data/src/core/lib/support/subprocess_posix.c +5 -2
- data/src/core/lib/support/thd.c +1 -1
- data/src/core/lib/support/time.c +43 -79
- data/src/core/lib/support/time_posix.c +1 -1
- data/src/core/lib/support/tmpfile.h +0 -2
- data/src/core/lib/surface/alarm.c +4 -1
- data/src/core/lib/surface/byte_buffer.c +17 -11
- data/src/core/lib/surface/byte_buffer_reader.c +23 -15
- data/src/core/lib/surface/call.c +294 -276
- data/src/core/lib/surface/call.h +24 -9
- data/src/core/lib/surface/call_log_batch.c +5 -3
- data/src/core/lib/surface/channel.c +127 -111
- data/src/core/lib/surface/channel.h +14 -5
- data/src/core/lib/surface/channel_init.c +1 -1
- data/src/core/lib/surface/channel_init.h +10 -1
- data/src/core/lib/surface/channel_ping.c +7 -6
- data/src/core/lib/surface/completion_queue.c +154 -18
- data/src/core/lib/surface/completion_queue.h +5 -0
- data/src/core/lib/surface/init.c +40 -6
- data/src/core/lib/surface/init.h +1 -0
- data/src/core/lib/surface/init_secure.c +5 -2
- data/src/core/lib/surface/lame_client.c +28 -18
- data/src/core/lib/surface/server.c +134 -87
- data/src/core/lib/surface/server.h +8 -0
- data/src/core/lib/surface/validate_metadata.c +1 -1
- data/src/core/lib/surface/version.c +3 -1
- data/src/core/lib/transport/byte_stream.c +7 -4
- data/src/core/lib/transport/byte_stream.h +6 -10
- data/src/core/lib/transport/connectivity_state.c +21 -12
- data/src/core/lib/transport/connectivity_state.h +4 -1
- data/src/core/lib/transport/mdstr_hash_table.c +118 -0
- data/src/core/lib/transport/mdstr_hash_table.h +77 -0
- data/src/core/lib/transport/metadata.c +83 -60
- data/src/core/lib/transport/metadata.h +41 -23
- data/src/core/lib/transport/metadata_batch.c +17 -11
- data/src/core/lib/transport/metadata_batch.h +20 -6
- data/src/core/lib/transport/pid_controller.c +57 -0
- data/src/core/lib/transport/pid_controller.h +64 -0
- data/src/core/lib/transport/service_config.c +251 -0
- data/src/core/lib/transport/service_config.h +71 -0
- data/src/core/lib/transport/static_metadata.c +18 -16
- data/src/core/lib/transport/static_metadata.h +113 -107
- data/src/core/{ext/transport/chttp2 → lib}/transport/timeout_encoding.c +3 -3
- data/src/core/{ext/transport/chttp2 → lib}/transport/timeout_encoding.h +7 -7
- data/src/core/lib/transport/transport.c +84 -23
- data/src/core/lib/transport/transport.h +53 -8
- data/src/core/lib/transport/transport_impl.h +3 -0
- data/src/core/lib/transport/transport_op_string.c +92 -20
- data/src/core/lib/tsi/ssl_transport_security.c +3 -1
- data/src/core/plugin_registry/grpc_plugin_registry.c +8 -4
- data/src/ruby/ext/grpc/extconf.rb +0 -1
- data/src/ruby/ext/grpc/rb_byte_buffer.c +8 -7
- data/src/ruby/ext/grpc/rb_call.c +15 -5
- data/src/ruby/ext/grpc/rb_channel.c +1 -1
- data/src/ruby/ext/grpc/rb_compression_options.c +466 -0
- data/src/{core/ext/client_config/default_initial_connect_string.c → ruby/ext/grpc/rb_compression_options.h} +10 -5
- data/src/ruby/ext/grpc/rb_grpc.c +3 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +198 -190
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +306 -294
- data/src/ruby/ext/grpc/rb_server.c +18 -12
- data/src/ruby/lib/grpc/errors.rb +154 -2
- data/src/ruby/lib/grpc/generic/active_call.rb +144 -63
- data/src/ruby/lib/grpc/generic/bidi_call.rb +18 -2
- data/src/ruby/lib/grpc/generic/client_stub.rb +7 -5
- data/src/ruby/lib/grpc/generic/rpc_desc.rb +39 -13
- data/src/ruby/lib/grpc/generic/rpc_server.rb +51 -24
- data/src/ruby/lib/grpc/generic/service.rb +3 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/checker.rb +3 -1
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +7 -0
- data/src/ruby/pb/test/client.rb +307 -7
- data/src/ruby/pb/test/server.rb +26 -1
- data/src/ruby/spec/compression_options_spec.rb +164 -0
- data/src/ruby/spec/error_sanity_spec.rb +64 -0
- data/src/ruby/spec/generic/active_call_spec.rb +290 -12
- data/src/ruby/spec/generic/client_stub_spec.rb +91 -41
- data/src/ruby/spec/generic/rpc_desc_spec.rb +36 -16
- data/src/ruby/spec/generic/rpc_server_pool_spec.rb +22 -28
- data/src/ruby/spec/generic/rpc_server_spec.rb +6 -6
- data/src/ruby/spec/pb/health/checker_spec.rb +27 -19
- data/src/ruby/spec/spec_helper.rb +2 -0
- data/third_party/boringssl/crypto/aes/aes.c +12 -12
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +6 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +28 -13
- data/third_party/boringssl/crypto/asn1/a_gentm.c +2 -0
- data/third_party/boringssl/crypto/asn1/a_object.c +7 -3
- data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +0 -11
- data/third_party/boringssl/crypto/asn1/a_type.c +0 -2
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -30
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +56 -76
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +0 -10
- data/third_party/boringssl/crypto/asn1/asn1_par.c +0 -322
- data/third_party/boringssl/crypto/asn1/f_enum.c +1 -108
- data/third_party/boringssl/crypto/asn1/f_int.c +1 -106
- data/third_party/boringssl/crypto/asn1/f_string.c +1 -106
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +10 -14
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +17 -11
- data/third_party/boringssl/crypto/asn1/tasn_typ.c +29 -42
- data/third_party/boringssl/crypto/asn1/tasn_utl.c +1 -1
- data/third_party/boringssl/crypto/base64/base64.c +249 -285
- data/third_party/boringssl/crypto/bio/bio.c +13 -23
- data/third_party/boringssl/crypto/bio/bio_mem.c +3 -2
- data/third_party/boringssl/crypto/bio/connect.c +12 -3
- data/third_party/boringssl/crypto/bio/fd.c +22 -15
- data/third_party/boringssl/crypto/bio/file.c +2 -38
- data/third_party/boringssl/crypto/bio/hexdump.c +1 -2
- data/third_party/boringssl/crypto/bio/internal.h +3 -0
- data/third_party/boringssl/crypto/bio/pair.c +1 -1
- data/third_party/boringssl/crypto/bio/socket.c +10 -2
- data/third_party/boringssl/crypto/bio/socket_helper.c +2 -2
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -8
- data/third_party/boringssl/crypto/bn/bn.c +38 -0
- data/third_party/boringssl/crypto/bn/cmp.c +25 -0
- data/third_party/boringssl/crypto/bn/convert.c +73 -76
- data/third_party/boringssl/crypto/bn/div.c +136 -70
- data/third_party/boringssl/crypto/bn/exponentiation.c +86 -381
- data/third_party/boringssl/crypto/bn/gcd.c +213 -296
- data/third_party/boringssl/crypto/bn/generic.c +0 -80
- data/third_party/boringssl/crypto/bn/internal.h +15 -3
- data/third_party/boringssl/crypto/bn/montgomery.c +57 -207
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +160 -0
- data/third_party/boringssl/crypto/bn/mul.c +2 -1
- data/third_party/boringssl/crypto/bn/prime.c +24 -8
- data/third_party/boringssl/crypto/bn/random.c +47 -33
- data/third_party/boringssl/crypto/bn/sqrt.c +4 -5
- data/third_party/boringssl/crypto/buf/buf.c +25 -21
- data/third_party/boringssl/crypto/bytestring/ber.c +1 -0
- data/third_party/boringssl/crypto/bytestring/cbb.c +50 -22
- data/third_party/boringssl/crypto/bytestring/cbs.c +28 -4
- data/third_party/boringssl/crypto/chacha/{chacha_generic.c → chacha.c} +56 -29
- data/third_party/boringssl/crypto/cipher/aead.c +11 -22
- data/third_party/boringssl/crypto/cipher/cipher.c +2 -2
- data/third_party/boringssl/crypto/cipher/e_aes.c +53 -103
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +2 -8
- data/third_party/boringssl/crypto/cipher/e_des.c +3 -5
- data/third_party/boringssl/crypto/cipher/e_null.c +1 -1
- data/third_party/boringssl/crypto/cipher/e_rc2.c +1 -1
- data/third_party/boringssl/crypto/cipher/e_rc4.c +1 -1
- data/third_party/boringssl/crypto/cipher/e_ssl3.c +3 -63
- data/third_party/boringssl/crypto/cipher/e_tls.c +12 -83
- data/third_party/boringssl/crypto/cipher/internal.h +8 -10
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +69 -40
- data/third_party/boringssl/crypto/conf/conf.c +2 -1
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +61 -0
- data/third_party/boringssl/crypto/cpu-arm-linux.c +360 -0
- data/third_party/boringssl/crypto/cpu-arm.c +0 -161
- data/third_party/boringssl/crypto/cpu-intel.c +5 -3
- data/third_party/boringssl/{ssl/test/scoped_types.h → crypto/cpu-ppc64le.c} +21 -9
- data/third_party/boringssl/crypto/crypto.c +29 -7
- data/third_party/boringssl/crypto/curve25519/curve25519.c +284 -242
- data/third_party/boringssl/crypto/curve25519/internal.h +64 -0
- data/third_party/boringssl/crypto/curve25519/spake25519.c +464 -0
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +21 -0
- data/third_party/boringssl/crypto/dh/check.c +22 -6
- data/third_party/boringssl/crypto/dh/dh.c +45 -21
- data/third_party/boringssl/crypto/dh/dh_asn1.c +96 -20
- data/third_party/boringssl/crypto/dh/params.c +30 -78
- data/third_party/boringssl/crypto/digest/digest.c +3 -3
- data/third_party/boringssl/crypto/dsa/dsa.c +59 -29
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +4 -0
- data/third_party/boringssl/crypto/ec/ec.c +84 -140
- data/third_party/boringssl/crypto/ec/ec_asn1.c +82 -52
- data/third_party/boringssl/crypto/ec/ec_key.c +15 -15
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +87 -50
- data/third_party/boringssl/crypto/ec/internal.h +12 -36
- data/third_party/boringssl/crypto/ec/oct.c +11 -11
- data/third_party/boringssl/crypto/ec/p224-64.c +59 -116
- data/third_party/boringssl/crypto/ec/p256-64.c +88 -163
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +46 -58
- data/third_party/boringssl/crypto/ec/simple.c +81 -201
- data/third_party/boringssl/crypto/ec/util-64.c +0 -74
- data/third_party/boringssl/crypto/ecdh/ecdh.c +7 -1
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +28 -46
- data/third_party/boringssl/crypto/ecdsa/ecdsa_asn1.c +1 -0
- data/third_party/boringssl/crypto/engine/engine.c +1 -1
- data/third_party/boringssl/crypto/err/err.c +3 -3
- data/third_party/boringssl/crypto/evp/evp.c +14 -59
- data/third_party/boringssl/crypto/evp/evp_asn1.c +144 -87
- data/third_party/boringssl/crypto/evp/evp_ctx.c +7 -7
- data/third_party/boringssl/crypto/evp/internal.h +4 -46
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +8 -157
- data/third_party/boringssl/crypto/evp/p_ec.c +1 -1
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +22 -170
- data/third_party/boringssl/crypto/evp/p_rsa.c +1 -1
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +10 -548
- data/third_party/boringssl/crypto/evp/print.c +520 -0
- data/third_party/boringssl/crypto/ex_data.c +4 -6
- data/third_party/boringssl/crypto/hkdf/hkdf.c +38 -17
- data/third_party/boringssl/crypto/hmac/hmac.c +6 -6
- data/third_party/boringssl/crypto/internal.h +57 -77
- data/third_party/boringssl/crypto/lhash/lhash.c +6 -10
- data/third_party/boringssl/crypto/md4/md4.c +9 -0
- data/third_party/boringssl/crypto/mem.c +19 -19
- data/third_party/boringssl/crypto/modes/cfb.c +5 -6
- data/third_party/boringssl/crypto/modes/ctr.c +10 -18
- data/third_party/boringssl/crypto/modes/gcm.c +100 -66
- data/third_party/boringssl/crypto/modes/internal.h +15 -27
- data/third_party/boringssl/crypto/modes/ofb.c +9 -22
- data/third_party/boringssl/crypto/newhope/error_correction.c +131 -0
- data/third_party/boringssl/crypto/newhope/internal.h +71 -0
- data/third_party/boringssl/crypto/newhope/newhope.c +174 -0
- data/third_party/boringssl/crypto/newhope/ntt.c +148 -0
- data/third_party/boringssl/crypto/newhope/poly.c +183 -0
- data/third_party/boringssl/crypto/newhope/precomp.c +306 -0
- data/third_party/boringssl/crypto/newhope/reduce.c +42 -0
- data/third_party/boringssl/crypto/obj/obj.c +111 -135
- data/third_party/boringssl/crypto/obj/obj_dat.h +4 -10
- data/third_party/boringssl/crypto/pem/pem_lib.c +6 -43
- data/third_party/boringssl/crypto/pem/pem_pkey.c +10 -19
- data/third_party/boringssl/crypto/pkcs8/p5_pbe.c +1 -0
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +2 -1
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +2 -2
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +95 -87
- data/third_party/boringssl/crypto/{test/test_util.h → poly1305/internal.h} +15 -10
- data/third_party/boringssl/crypto/poly1305/poly1305.c +8 -15
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +1 -0
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +3 -3
- data/third_party/boringssl/crypto/rand/deterministic.c +47 -0
- data/third_party/boringssl/crypto/rand/rand.c +4 -1
- data/third_party/boringssl/crypto/rand/urandom.c +5 -7
- data/third_party/boringssl/crypto/rand/windows.c +5 -8
- data/third_party/boringssl/crypto/rc4/rc4.c +24 -209
- data/third_party/boringssl/crypto/refcount_lock.c +2 -2
- data/third_party/boringssl/crypto/rsa/blinding.c +74 -232
- data/third_party/boringssl/crypto/rsa/internal.h +5 -13
- data/third_party/boringssl/crypto/rsa/padding.c +64 -63
- data/third_party/boringssl/crypto/rsa/rsa.c +50 -28
- data/third_party/boringssl/crypto/rsa/rsa_asn1.c +8 -16
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +134 -122
- data/third_party/boringssl/crypto/sha/sha256.c +2 -2
- data/third_party/boringssl/crypto/sha/sha512.c +7 -7
- data/third_party/boringssl/crypto/stack/stack.c +13 -22
- data/third_party/boringssl/crypto/thread.c +21 -12
- data/third_party/boringssl/crypto/thread_none.c +6 -2
- data/third_party/boringssl/crypto/thread_pthread.c +16 -7
- data/third_party/boringssl/crypto/thread_win.c +38 -85
- data/third_party/boringssl/crypto/x509/a_sign.c +3 -3
- data/third_party/boringssl/crypto/x509/a_strex.c +1 -1
- data/third_party/boringssl/crypto/x509/a_verify.c +2 -2
- data/third_party/boringssl/crypto/{evp → x509}/algorithm.c +37 -53
- data/third_party/boringssl/crypto/x509/asn1_gen.c +1 -2
- data/third_party/boringssl/crypto/x509/by_dir.c +6 -6
- data/third_party/boringssl/crypto/x509/internal.h +66 -0
- data/third_party/boringssl/crypto/x509/rsa_pss.c +385 -0
- data/third_party/boringssl/crypto/x509/t_x509.c +10 -12
- data/third_party/boringssl/crypto/x509/x509.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_att.c +9 -3
- data/third_party/boringssl/crypto/x509/x509_lu.c +34 -44
- data/third_party/boringssl/crypto/x509/x509_obj.c +19 -2
- data/third_party/boringssl/crypto/x509/x509_r2x.c +9 -5
- data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_txt.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +63 -32
- data/third_party/boringssl/crypto/x509/x509_vpm.c +29 -18
- data/third_party/boringssl/crypto/x509/x509cset.c +2 -1
- data/third_party/boringssl/crypto/x509/x_crl.c +2 -2
- data/third_party/boringssl/crypto/x509/x_name.c +14 -17
- data/third_party/boringssl/crypto/x509/x_pubkey.c +10 -7
- data/third_party/boringssl/crypto/x509/x_x509.c +67 -6
- data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_conf.c +4 -3
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +5 -0
- data/third_party/boringssl/crypto/x509v3/v3_prn.c +0 -3
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +2 -2
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +2 -1
- data/third_party/boringssl/include/openssl/aead.h +72 -73
- data/third_party/boringssl/include/openssl/arm_arch.h +0 -6
- data/third_party/boringssl/include/openssl/asn1.h +103 -235
- data/third_party/boringssl/include/openssl/asn1_mac.h +17 -74
- data/third_party/boringssl/include/openssl/asn1t.h +1 -11
- data/third_party/boringssl/include/openssl/base.h +145 -3
- data/third_party/boringssl/include/openssl/base64.h +20 -17
- data/third_party/boringssl/include/openssl/bio.h +59 -34
- data/third_party/boringssl/include/openssl/bn.h +118 -51
- data/third_party/boringssl/include/openssl/buf.h +15 -0
- data/third_party/boringssl/include/openssl/bytestring.h +52 -4
- data/third_party/boringssl/include/openssl/chacha.h +2 -2
- data/third_party/boringssl/include/openssl/cipher.h +18 -1
- data/third_party/boringssl/include/openssl/cmac.h +11 -0
- data/third_party/boringssl/include/openssl/conf.h +13 -2
- data/third_party/boringssl/include/openssl/cpu.h +20 -23
- data/third_party/boringssl/include/openssl/crypto.h +22 -1
- data/third_party/boringssl/include/openssl/curve25519.h +96 -4
- data/third_party/boringssl/include/openssl/dh.h +71 -16
- data/third_party/boringssl/include/openssl/digest.h +38 -11
- data/third_party/boringssl/include/openssl/dsa.h +40 -4
- data/third_party/boringssl/include/openssl/ec.h +44 -18
- data/third_party/boringssl/include/openssl/ec_key.h +27 -6
- data/third_party/boringssl/include/openssl/ecdsa.h +11 -0
- data/third_party/boringssl/include/openssl/engine.h +11 -0
- data/third_party/boringssl/include/openssl/evp.h +52 -88
- data/third_party/boringssl/include/openssl/hkdf.h +24 -4
- data/third_party/boringssl/include/openssl/hmac.h +20 -6
- data/third_party/boringssl/include/openssl/md4.h +4 -0
- data/third_party/boringssl/include/openssl/mem.h +19 -0
- data/third_party/boringssl/include/openssl/newhope.h +158 -0
- data/third_party/boringssl/include/openssl/nid.h +4166 -0
- data/third_party/boringssl/include/openssl/obj.h +31 -3
- data/third_party/boringssl/include/openssl/obj_mac.h +17 -4143
- data/third_party/boringssl/include/openssl/{opensslfeatures.h → opensslconf.h} +3 -3
- data/third_party/boringssl/include/openssl/pem.h +5 -0
- data/third_party/boringssl/include/openssl/pkcs8.h +12 -0
- data/third_party/boringssl/include/openssl/rand.h +6 -0
- data/third_party/boringssl/include/openssl/rc4.h +6 -0
- data/third_party/boringssl/{crypto/dh/internal.h → include/openssl/ripemd.h} +38 -11
- data/third_party/boringssl/include/openssl/rsa.h +127 -65
- data/third_party/boringssl/include/openssl/sha.h +14 -10
- data/third_party/boringssl/include/openssl/ssl.h +561 -275
- data/third_party/boringssl/include/openssl/ssl3.h +18 -25
- data/third_party/boringssl/include/openssl/stack.h +2 -4
- data/third_party/boringssl/include/openssl/stack_macros.h +321 -353
- data/third_party/boringssl/include/openssl/thread.h +31 -13
- data/third_party/boringssl/include/openssl/time_support.h +1 -0
- data/third_party/boringssl/include/openssl/tls1.h +37 -33
- data/third_party/boringssl/include/openssl/x509.h +69 -26
- data/third_party/boringssl/include/openssl/x509_vfy.h +12 -10
- data/third_party/boringssl/include/openssl/x509v3.h +23 -2
- data/third_party/boringssl/ssl/custom_extensions.c +3 -5
- data/third_party/boringssl/ssl/d1_both.c +463 -499
- data/third_party/boringssl/ssl/d1_lib.c +38 -109
- data/third_party/boringssl/ssl/d1_pkt.c +173 -334
- data/third_party/boringssl/ssl/d1_srtp.c +20 -18
- data/third_party/boringssl/ssl/{d1_meth.c → dtls_method.c} +88 -15
- data/third_party/boringssl/ssl/dtls_record.c +27 -26
- data/third_party/boringssl/ssl/{s3_clnt.c → handshake_client.c} +816 -904
- data/third_party/boringssl/ssl/handshake_server.c +1932 -0
- data/third_party/boringssl/ssl/internal.h +712 -439
- data/third_party/boringssl/ssl/s3_both.c +445 -257
- data/third_party/boringssl/ssl/s3_enc.c +53 -36
- data/third_party/boringssl/ssl/s3_lib.c +23 -268
- data/third_party/boringssl/ssl/s3_pkt.c +168 -364
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +46 -17
- data/third_party/boringssl/ssl/ssl_asn1.c +56 -26
- data/third_party/boringssl/ssl/ssl_buffer.c +16 -24
- data/third_party/boringssl/ssl/ssl_cert.c +324 -49
- data/third_party/boringssl/ssl/ssl_cipher.c +205 -150
- data/third_party/boringssl/ssl/ssl_ecdh.c +287 -51
- data/third_party/boringssl/ssl/ssl_file.c +21 -68
- data/third_party/boringssl/ssl/ssl_lib.c +881 -510
- data/third_party/boringssl/ssl/ssl_rsa.c +404 -34
- data/third_party/boringssl/ssl/ssl_session.c +324 -103
- data/third_party/boringssl/ssl/ssl_stat.c +6 -88
- data/third_party/boringssl/ssl/t1_enc.c +23 -39
- data/third_party/boringssl/ssl/t1_lib.c +1120 -622
- data/third_party/boringssl/ssl/tls13_both.c +440 -0
- data/third_party/boringssl/ssl/tls13_client.c +682 -0
- data/third_party/boringssl/ssl/tls13_enc.c +391 -0
- data/third_party/boringssl/ssl/tls13_server.c +672 -0
- data/third_party/boringssl/ssl/{s3_meth.c → tls_method.c} +100 -21
- data/third_party/boringssl/ssl/tls_record.c +159 -77
- data/third_party/nanopb/pb.h +60 -28
- data/third_party/nanopb/pb_decode.c +120 -92
- data/third_party/nanopb/pb_decode.h +3 -3
- data/third_party/nanopb/pb_encode.c +73 -67
- data/third_party/nanopb/pb_encode.h +4 -4
- metadata +155 -89
- data/include/grpc/impl/codegen/byte_buffer.h +0 -122
- data/include/grpc/impl/codegen/log.h +0 -118
- data/include/grpc/impl/codegen/time.h +0 -130
- data/src/core/ext/client_config/client_channel.c +0 -593
- data/src/core/ext/client_config/subchannel_call_holder.c +0 -272
- data/src/core/ext/client_config/subchannel_call_holder.h +0 -99
- data/src/core/lib/iomgr/ev_poll_and_epoll_posix.c +0 -2046
- data/src/core/lib/iomgr/workqueue_posix.c +0 -151
- data/src/core/lib/security/transport/handshake.c +0 -368
- data/third_party/boringssl/crypto/asn1/a_bytes.c +0 -308
- data/third_party/boringssl/crypto/asn1/bio_asn1.c +0 -477
- data/third_party/boringssl/crypto/asn1/bio_ndef.c +0 -251
- data/third_party/boringssl/crypto/asn1/t_pkey.c +0 -110
- data/third_party/boringssl/crypto/asn1/tasn_prn.c +0 -596
- data/third_party/boringssl/crypto/chacha/chacha_vec.c +0 -328
- data/third_party/boringssl/crypto/directory.h +0 -66
- data/third_party/boringssl/crypto/directory_posix.c +0 -108
- data/third_party/boringssl/crypto/directory_win.c +0 -144
- data/third_party/boringssl/crypto/test/scoped_types.h +0 -140
- data/third_party/boringssl/include/openssl/pqueue.h +0 -146
- data/third_party/boringssl/ssl/d1_clnt.c +0 -561
- data/third_party/boringssl/ssl/d1_srvr.c +0 -476
- data/third_party/boringssl/ssl/pqueue/pqueue.c +0 -197
- data/third_party/boringssl/ssl/s3_srvr.c +0 -2272
- data/third_party/boringssl/ssl/test/async_bio.h +0 -45
- data/third_party/boringssl/ssl/test/packeted_bio.h +0 -44
- data/third_party/boringssl/ssl/test/test_config.h +0 -110
|
@@ -146,10 +146,10 @@ DECLARE_STACK_OF(X509V3_EXT_METHOD)
|
|
|
146
146
|
|
|
147
147
|
typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
|
|
148
148
|
|
|
149
|
-
|
|
149
|
+
struct BASIC_CONSTRAINTS_st {
|
|
150
150
|
int ca;
|
|
151
151
|
ASN1_INTEGER *pathlen;
|
|
152
|
-
}
|
|
152
|
+
};
|
|
153
153
|
|
|
154
154
|
|
|
155
155
|
typedef struct PKEY_USAGE_PERIOD_st {
|
|
@@ -600,6 +600,7 @@ OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
|
|
|
600
600
|
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
|
|
601
601
|
OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val);
|
|
602
602
|
|
|
603
|
+
OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int ext_nid, char *value);
|
|
603
604
|
OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
|
|
604
605
|
OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value);
|
|
605
606
|
OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk);
|
|
@@ -646,6 +647,7 @@ OPENSSL_EXPORT int X509V3_add_standard_extensions(void);
|
|
|
646
647
|
OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
|
|
647
648
|
OPENSSL_EXPORT void *X509V3_EXT_d2i(X509_EXTENSION *ext);
|
|
648
649
|
OPENSSL_EXPORT void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
|
|
650
|
+
OPENSSL_EXPORT int X509V3_EXT_free(int nid, void *ext_data);
|
|
649
651
|
|
|
650
652
|
|
|
651
653
|
OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
|
|
@@ -730,7 +732,26 @@ void ERR_load_X509V3_strings(void);
|
|
|
730
732
|
|
|
731
733
|
#ifdef __cplusplus
|
|
732
734
|
}
|
|
735
|
+
|
|
736
|
+
extern "C++" {
|
|
737
|
+
|
|
738
|
+
namespace bssl {
|
|
739
|
+
|
|
740
|
+
BORINGSSL_MAKE_STACK_DELETER(DIST_POINT, DIST_POINT_free)
|
|
741
|
+
BORINGSSL_MAKE_STACK_DELETER(GENERAL_NAME, GENERAL_NAME_free)
|
|
742
|
+
// A STACK_OF(POLICYINFO) is also known as a CERTIFICATEPOLICIES.
|
|
743
|
+
BORINGSSL_MAKE_STACK_DELETER(POLICYINFO, POLICYINFO_free)
|
|
744
|
+
|
|
745
|
+
BORINGSSL_MAKE_DELETER(AUTHORITY_KEYID, AUTHORITY_KEYID_free)
|
|
746
|
+
BORINGSSL_MAKE_DELETER(BASIC_CONSTRAINTS, BASIC_CONSTRAINTS_free)
|
|
747
|
+
BORINGSSL_MAKE_DELETER(DIST_POINT, DIST_POINT_free)
|
|
748
|
+
BORINGSSL_MAKE_DELETER(GENERAL_NAME, GENERAL_NAME_free)
|
|
749
|
+
|
|
750
|
+
} // namespace bssl
|
|
751
|
+
|
|
752
|
+
} /* extern C++ */
|
|
733
753
|
#endif
|
|
754
|
+
|
|
734
755
|
#define X509V3_R_BAD_IP_ADDRESS 100
|
|
735
756
|
#define X509V3_R_BAD_OBJECT 101
|
|
736
757
|
#define X509V3_R_BN_DEC2BN_ERROR 102
|
|
@@ -32,8 +32,7 @@ void SSL_CUSTOM_EXTENSION_free(SSL_CUSTOM_EXTENSION *custom_extension) {
|
|
|
32
32
|
static const SSL_CUSTOM_EXTENSION *custom_ext_find(
|
|
33
33
|
STACK_OF(SSL_CUSTOM_EXTENSION) *stack,
|
|
34
34
|
unsigned *out_index, uint16_t value) {
|
|
35
|
-
size_t i;
|
|
36
|
-
for (i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
|
|
35
|
+
for (size_t i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
|
|
37
36
|
const SSL_CUSTOM_EXTENSION *ext = sk_SSL_CUSTOM_EXTENSION_value(stack, i);
|
|
38
37
|
if (ext->value == value) {
|
|
39
38
|
if (out_index != NULL) {
|
|
@@ -69,8 +68,7 @@ static int custom_ext_add_hello(SSL *ssl, CBB *extensions) {
|
|
|
69
68
|
return 1;
|
|
70
69
|
}
|
|
71
70
|
|
|
72
|
-
size_t i;
|
|
73
|
-
for (i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
|
|
71
|
+
for (size_t i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
|
|
74
72
|
const SSL_CUSTOM_EXTENSION *ext = sk_SSL_CUSTOM_EXTENSION_value(stack, i);
|
|
75
73
|
|
|
76
74
|
if (ssl->server &&
|
|
@@ -139,7 +137,7 @@ int custom_ext_parse_serverhello(SSL *ssl, int *out_alert, uint16_t value,
|
|
|
139
137
|
!(ssl->s3->tmp.custom_extensions.sent & (1u << index))) {
|
|
140
138
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
141
139
|
ERR_add_error_dataf("extension: %u", (unsigned)value);
|
|
142
|
-
*out_alert =
|
|
140
|
+
*out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
|
|
143
141
|
return 0;
|
|
144
142
|
}
|
|
145
143
|
|
|
@@ -115,14 +115,12 @@
|
|
|
115
115
|
|
|
116
116
|
#include <assert.h>
|
|
117
117
|
#include <limits.h>
|
|
118
|
-
#include <stdio.h>
|
|
119
118
|
#include <string.h>
|
|
120
119
|
|
|
121
120
|
#include <openssl/buf.h>
|
|
122
121
|
#include <openssl/err.h>
|
|
123
122
|
#include <openssl/evp.h>
|
|
124
123
|
#include <openssl/mem.h>
|
|
125
|
-
#include <openssl/obj.h>
|
|
126
124
|
#include <openssl/rand.h>
|
|
127
125
|
#include <openssl/x509.h>
|
|
128
126
|
|
|
@@ -141,41 +139,63 @@ static const unsigned int kMinMTU = 256 - 28;
|
|
|
141
139
|
* the underlying BIO supplies one. */
|
|
142
140
|
static const unsigned int kDefaultMTU = 1500 - 28;
|
|
143
141
|
|
|
144
|
-
/* kMaxHandshakeBuffer is the maximum number of handshake messages ahead of the
|
|
145
|
-
* current one to buffer. */
|
|
146
|
-
static const unsigned int kHandshakeBufferSize = 10;
|
|
147
142
|
|
|
148
|
-
|
|
143
|
+
/* Receiving handshake messages. */
|
|
144
|
+
|
|
145
|
+
static void dtls1_hm_fragment_free(hm_fragment *frag) {
|
|
146
|
+
if (frag == NULL) {
|
|
147
|
+
return;
|
|
148
|
+
}
|
|
149
|
+
OPENSSL_free(frag->data);
|
|
150
|
+
OPENSSL_free(frag->reassembly);
|
|
151
|
+
OPENSSL_free(frag);
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
static hm_fragment *dtls1_hm_fragment_new(const struct hm_header_st *msg_hdr) {
|
|
149
155
|
hm_fragment *frag = OPENSSL_malloc(sizeof(hm_fragment));
|
|
150
156
|
if (frag == NULL) {
|
|
151
157
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
152
158
|
return NULL;
|
|
153
159
|
}
|
|
154
160
|
memset(frag, 0, sizeof(hm_fragment));
|
|
161
|
+
frag->type = msg_hdr->type;
|
|
162
|
+
frag->seq = msg_hdr->seq;
|
|
163
|
+
frag->msg_len = msg_hdr->msg_len;
|
|
155
164
|
|
|
156
|
-
/*
|
|
157
|
-
|
|
158
|
-
if (
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
165
|
+
/* Allocate space for the reassembled message and fill in the header. */
|
|
166
|
+
frag->data = OPENSSL_malloc(DTLS1_HM_HEADER_LENGTH + msg_hdr->msg_len);
|
|
167
|
+
if (frag->data == NULL) {
|
|
168
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
169
|
+
goto err;
|
|
170
|
+
}
|
|
171
|
+
|
|
172
|
+
CBB cbb;
|
|
173
|
+
if (!CBB_init_fixed(&cbb, frag->data, DTLS1_HM_HEADER_LENGTH) ||
|
|
174
|
+
!CBB_add_u8(&cbb, msg_hdr->type) ||
|
|
175
|
+
!CBB_add_u24(&cbb, msg_hdr->msg_len) ||
|
|
176
|
+
!CBB_add_u16(&cbb, msg_hdr->seq) ||
|
|
177
|
+
!CBB_add_u24(&cbb, 0 /* frag_off */) ||
|
|
178
|
+
!CBB_add_u24(&cbb, msg_hdr->msg_len) ||
|
|
179
|
+
!CBB_finish(&cbb, NULL, NULL)) {
|
|
180
|
+
CBB_cleanup(&cbb);
|
|
181
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
182
|
+
goto err;
|
|
183
|
+
}
|
|
184
|
+
|
|
185
|
+
/* If the handshake message is empty, |frag->reassembly| is NULL. */
|
|
186
|
+
if (msg_hdr->msg_len > 0) {
|
|
187
|
+
/* Initialize reassembly bitmask. */
|
|
188
|
+
if (msg_hdr->msg_len + 7 < msg_hdr->msg_len) {
|
|
189
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
162
190
|
goto err;
|
|
163
191
|
}
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
goto err;
|
|
170
|
-
}
|
|
171
|
-
size_t bitmask_len = (frag_len + 7) / 8;
|
|
172
|
-
frag->reassembly = OPENSSL_malloc(bitmask_len);
|
|
173
|
-
if (frag->reassembly == NULL) {
|
|
174
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
175
|
-
goto err;
|
|
176
|
-
}
|
|
177
|
-
memset(frag->reassembly, 0, bitmask_len);
|
|
192
|
+
size_t bitmask_len = (msg_hdr->msg_len + 7) / 8;
|
|
193
|
+
frag->reassembly = OPENSSL_malloc(bitmask_len);
|
|
194
|
+
if (frag->reassembly == NULL) {
|
|
195
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
196
|
+
goto err;
|
|
178
197
|
}
|
|
198
|
+
memset(frag->reassembly, 0, bitmask_len);
|
|
179
199
|
}
|
|
180
200
|
|
|
181
201
|
return frag;
|
|
@@ -185,22 +205,9 @@ err:
|
|
|
185
205
|
return NULL;
|
|
186
206
|
}
|
|
187
207
|
|
|
188
|
-
void dtls1_hm_fragment_free(hm_fragment *frag) {
|
|
189
|
-
if (frag == NULL) {
|
|
190
|
-
return;
|
|
191
|
-
}
|
|
192
|
-
OPENSSL_free(frag->fragment);
|
|
193
|
-
OPENSSL_free(frag->reassembly);
|
|
194
|
-
OPENSSL_free(frag);
|
|
195
|
-
}
|
|
196
|
-
|
|
197
|
-
#if !defined(inline)
|
|
198
|
-
#define inline __inline
|
|
199
|
-
#endif
|
|
200
|
-
|
|
201
208
|
/* bit_range returns a |uint8_t| with bits |start|, inclusive, to |end|,
|
|
202
209
|
* exclusive, set. */
|
|
203
|
-
static
|
|
210
|
+
static uint8_t bit_range(size_t start, size_t end) {
|
|
204
211
|
return (uint8_t)(~((1u << start) - 1) & ((1u << end) - 1));
|
|
205
212
|
}
|
|
206
213
|
|
|
@@ -210,8 +217,7 @@ static inline uint8_t bit_range(size_t start, size_t end) {
|
|
|
210
217
|
* and |frag->reassembly| must not be NULL. */
|
|
211
218
|
static void dtls1_hm_fragment_mark(hm_fragment *frag, size_t start,
|
|
212
219
|
size_t end) {
|
|
213
|
-
size_t
|
|
214
|
-
size_t msg_len = frag->msg_header.msg_len;
|
|
220
|
+
size_t msg_len = frag->msg_len;
|
|
215
221
|
|
|
216
222
|
if (frag->reassembly == NULL || start > end || end > msg_len) {
|
|
217
223
|
assert(0);
|
|
@@ -224,7 +230,7 @@ static void dtls1_hm_fragment_mark(hm_fragment *frag, size_t start,
|
|
|
224
230
|
frag->reassembly[start >> 3] |= bit_range(start & 7, end & 7);
|
|
225
231
|
} else {
|
|
226
232
|
frag->reassembly[start >> 3] |= bit_range(start & 7, 8);
|
|
227
|
-
for (i = (start >> 3) + 1; i < (end >> 3); i++) {
|
|
233
|
+
for (size_t i = (start >> 3) + 1; i < (end >> 3); i++) {
|
|
228
234
|
frag->reassembly[i] = 0xff;
|
|
229
235
|
}
|
|
230
236
|
if ((end & 7) != 0) {
|
|
@@ -233,7 +239,7 @@ static void dtls1_hm_fragment_mark(hm_fragment *frag, size_t start,
|
|
|
233
239
|
}
|
|
234
240
|
|
|
235
241
|
/* Check if the fragment is complete. */
|
|
236
|
-
for (i = 0; i < (msg_len >> 3); i++) {
|
|
242
|
+
for (size_t i = 0; i < (msg_len >> 3); i++) {
|
|
237
243
|
if (frag->reassembly[i] != 0xff) {
|
|
238
244
|
return;
|
|
239
245
|
}
|
|
@@ -247,16 +253,270 @@ static void dtls1_hm_fragment_mark(hm_fragment *frag, size_t start,
|
|
|
247
253
|
frag->reassembly = NULL;
|
|
248
254
|
}
|
|
249
255
|
|
|
256
|
+
/* dtls1_is_current_message_complete returns one if the current handshake
|
|
257
|
+
* message is complete and zero otherwise. */
|
|
258
|
+
static int dtls1_is_current_message_complete(const SSL *ssl) {
|
|
259
|
+
hm_fragment *frag = ssl->d1->incoming_messages[ssl->d1->handshake_read_seq %
|
|
260
|
+
SSL_MAX_HANDSHAKE_FLIGHT];
|
|
261
|
+
return frag != NULL && frag->reassembly == NULL;
|
|
262
|
+
}
|
|
263
|
+
|
|
264
|
+
/* dtls1_get_incoming_message returns the incoming message corresponding to
|
|
265
|
+
* |msg_hdr|. If none exists, it creates a new one and inserts it in the
|
|
266
|
+
* queue. Otherwise, it checks |msg_hdr| is consistent with the existing one. It
|
|
267
|
+
* returns NULL on failure. The caller does not take ownership of the result. */
|
|
268
|
+
static hm_fragment *dtls1_get_incoming_message(
|
|
269
|
+
SSL *ssl, const struct hm_header_st *msg_hdr) {
|
|
270
|
+
if (msg_hdr->seq < ssl->d1->handshake_read_seq ||
|
|
271
|
+
msg_hdr->seq - ssl->d1->handshake_read_seq >= SSL_MAX_HANDSHAKE_FLIGHT) {
|
|
272
|
+
return NULL;
|
|
273
|
+
}
|
|
274
|
+
|
|
275
|
+
size_t idx = msg_hdr->seq % SSL_MAX_HANDSHAKE_FLIGHT;
|
|
276
|
+
hm_fragment *frag = ssl->d1->incoming_messages[idx];
|
|
277
|
+
if (frag != NULL) {
|
|
278
|
+
assert(frag->seq == msg_hdr->seq);
|
|
279
|
+
/* The new fragment must be compatible with the previous fragments from this
|
|
280
|
+
* message. */
|
|
281
|
+
if (frag->type != msg_hdr->type ||
|
|
282
|
+
frag->msg_len != msg_hdr->msg_len) {
|
|
283
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_FRAGMENT_MISMATCH);
|
|
284
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
285
|
+
return NULL;
|
|
286
|
+
}
|
|
287
|
+
return frag;
|
|
288
|
+
}
|
|
289
|
+
|
|
290
|
+
/* This is the first fragment from this message. */
|
|
291
|
+
frag = dtls1_hm_fragment_new(msg_hdr);
|
|
292
|
+
if (frag == NULL) {
|
|
293
|
+
return NULL;
|
|
294
|
+
}
|
|
295
|
+
ssl->d1->incoming_messages[idx] = frag;
|
|
296
|
+
return frag;
|
|
297
|
+
}
|
|
298
|
+
|
|
299
|
+
/* dtls1_process_handshake_record reads a handshake record and processes it. It
|
|
300
|
+
* returns one if the record was successfully processed and 0 or -1 on error. */
|
|
301
|
+
static int dtls1_process_handshake_record(SSL *ssl) {
|
|
302
|
+
SSL3_RECORD *rr = &ssl->s3->rrec;
|
|
303
|
+
|
|
304
|
+
start:
|
|
305
|
+
if (rr->length == 0) {
|
|
306
|
+
int ret = dtls1_get_record(ssl);
|
|
307
|
+
if (ret <= 0) {
|
|
308
|
+
return ret;
|
|
309
|
+
}
|
|
310
|
+
}
|
|
311
|
+
|
|
312
|
+
/* Cross-epoch records are discarded, but we may receive out-of-order
|
|
313
|
+
* application data between ChangeCipherSpec and Finished or a ChangeCipherSpec
|
|
314
|
+
* before the appropriate point in the handshake. Those must be silently
|
|
315
|
+
* discarded.
|
|
316
|
+
*
|
|
317
|
+
* However, only allow the out-of-order records in the correct epoch.
|
|
318
|
+
* Application data must come in the encrypted epoch, and ChangeCipherSpec in
|
|
319
|
+
* the unencrypted epoch (we never renegotiate). Other cases fall through and
|
|
320
|
+
* fail with a fatal error. */
|
|
321
|
+
if ((rr->type == SSL3_RT_APPLICATION_DATA &&
|
|
322
|
+
ssl->s3->aead_read_ctx != NULL) ||
|
|
323
|
+
(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC &&
|
|
324
|
+
ssl->s3->aead_read_ctx == NULL)) {
|
|
325
|
+
rr->length = 0;
|
|
326
|
+
goto start;
|
|
327
|
+
}
|
|
328
|
+
|
|
329
|
+
if (rr->type != SSL3_RT_HANDSHAKE) {
|
|
330
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
331
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
|
|
332
|
+
return -1;
|
|
333
|
+
}
|
|
334
|
+
|
|
335
|
+
CBS cbs;
|
|
336
|
+
CBS_init(&cbs, rr->data, rr->length);
|
|
337
|
+
|
|
338
|
+
while (CBS_len(&cbs) > 0) {
|
|
339
|
+
/* Read a handshake fragment. */
|
|
340
|
+
struct hm_header_st msg_hdr;
|
|
341
|
+
CBS body;
|
|
342
|
+
if (!dtls1_parse_fragment(&cbs, &msg_hdr, &body)) {
|
|
343
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HANDSHAKE_RECORD);
|
|
344
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
|
345
|
+
return -1;
|
|
346
|
+
}
|
|
347
|
+
|
|
348
|
+
const size_t frag_off = msg_hdr.frag_off;
|
|
349
|
+
const size_t frag_len = msg_hdr.frag_len;
|
|
350
|
+
const size_t msg_len = msg_hdr.msg_len;
|
|
351
|
+
if (frag_off > msg_len || frag_off + frag_len < frag_off ||
|
|
352
|
+
frag_off + frag_len > msg_len ||
|
|
353
|
+
msg_len > ssl_max_handshake_message_len(ssl)) {
|
|
354
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
|
355
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
356
|
+
return -1;
|
|
357
|
+
}
|
|
358
|
+
|
|
359
|
+
/* The encrypted epoch in DTLS has only one handshake message. */
|
|
360
|
+
if (ssl->d1->r_epoch == 1 && msg_hdr.seq != ssl->d1->handshake_read_seq) {
|
|
361
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
|
|
362
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
363
|
+
return -1;
|
|
364
|
+
}
|
|
365
|
+
|
|
366
|
+
if (msg_hdr.seq < ssl->d1->handshake_read_seq ||
|
|
367
|
+
msg_hdr.seq >
|
|
368
|
+
(unsigned)ssl->d1->handshake_read_seq + SSL_MAX_HANDSHAKE_FLIGHT) {
|
|
369
|
+
/* Ignore fragments from the past, or ones too far in the future. */
|
|
370
|
+
continue;
|
|
371
|
+
}
|
|
372
|
+
|
|
373
|
+
hm_fragment *frag = dtls1_get_incoming_message(ssl, &msg_hdr);
|
|
374
|
+
if (frag == NULL) {
|
|
375
|
+
return -1;
|
|
376
|
+
}
|
|
377
|
+
assert(frag->msg_len == msg_len);
|
|
378
|
+
|
|
379
|
+
if (frag->reassembly == NULL) {
|
|
380
|
+
/* The message is already assembled. */
|
|
381
|
+
continue;
|
|
382
|
+
}
|
|
383
|
+
assert(msg_len > 0);
|
|
384
|
+
|
|
385
|
+
/* Copy the body into the fragment. */
|
|
386
|
+
memcpy(frag->data + DTLS1_HM_HEADER_LENGTH + frag_off, CBS_data(&body),
|
|
387
|
+
CBS_len(&body));
|
|
388
|
+
dtls1_hm_fragment_mark(frag, frag_off, frag_off + frag_len);
|
|
389
|
+
}
|
|
390
|
+
|
|
391
|
+
rr->length = 0;
|
|
392
|
+
ssl_read_buffer_discard(ssl);
|
|
393
|
+
return 1;
|
|
394
|
+
}
|
|
395
|
+
|
|
396
|
+
int dtls1_get_message(SSL *ssl, int msg_type,
|
|
397
|
+
enum ssl_hash_message_t hash_message) {
|
|
398
|
+
if (ssl->s3->tmp.reuse_message) {
|
|
399
|
+
/* A ssl_dont_hash_message call cannot be combined with reuse_message; the
|
|
400
|
+
* ssl_dont_hash_message would have to have been applied to the previous
|
|
401
|
+
* call. */
|
|
402
|
+
assert(hash_message == ssl_hash_message);
|
|
403
|
+
assert(ssl->init_msg != NULL);
|
|
404
|
+
|
|
405
|
+
ssl->s3->tmp.reuse_message = 0;
|
|
406
|
+
hash_message = ssl_dont_hash_message;
|
|
407
|
+
} else {
|
|
408
|
+
dtls1_release_current_message(ssl, 0 /* don't free buffer */);
|
|
409
|
+
}
|
|
410
|
+
|
|
411
|
+
/* Process handshake records until the current message is ready. */
|
|
412
|
+
while (!dtls1_is_current_message_complete(ssl)) {
|
|
413
|
+
int ret = dtls1_process_handshake_record(ssl);
|
|
414
|
+
if (ret <= 0) {
|
|
415
|
+
return ret;
|
|
416
|
+
}
|
|
417
|
+
}
|
|
418
|
+
|
|
419
|
+
hm_fragment *frag = ssl->d1->incoming_messages[ssl->d1->handshake_read_seq %
|
|
420
|
+
SSL_MAX_HANDSHAKE_FLIGHT];
|
|
421
|
+
assert(frag != NULL);
|
|
422
|
+
assert(frag->reassembly == NULL);
|
|
423
|
+
assert(ssl->d1->handshake_read_seq == frag->seq);
|
|
424
|
+
|
|
425
|
+
/* TODO(davidben): This function has a lot of implicit outputs. Simplify the
|
|
426
|
+
* |ssl_get_message| API. */
|
|
427
|
+
ssl->s3->tmp.message_type = frag->type;
|
|
428
|
+
ssl->init_msg = frag->data + DTLS1_HM_HEADER_LENGTH;
|
|
429
|
+
ssl->init_num = frag->msg_len;
|
|
430
|
+
|
|
431
|
+
if (msg_type >= 0 && ssl->s3->tmp.message_type != msg_type) {
|
|
432
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
433
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
|
|
434
|
+
return -1;
|
|
435
|
+
}
|
|
436
|
+
if (hash_message == ssl_hash_message && !dtls1_hash_current_message(ssl)) {
|
|
437
|
+
return -1;
|
|
438
|
+
}
|
|
439
|
+
|
|
440
|
+
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HANDSHAKE, frag->data,
|
|
441
|
+
ssl->init_num + DTLS1_HM_HEADER_LENGTH);
|
|
442
|
+
return 1;
|
|
443
|
+
}
|
|
444
|
+
|
|
445
|
+
int dtls1_hash_current_message(SSL *ssl) {
|
|
446
|
+
assert(dtls1_is_current_message_complete(ssl));
|
|
447
|
+
|
|
448
|
+
hm_fragment *frag = ssl->d1->incoming_messages[ssl->d1->handshake_read_seq %
|
|
449
|
+
SSL_MAX_HANDSHAKE_FLIGHT];
|
|
450
|
+
return ssl3_update_handshake_hash(ssl, frag->data,
|
|
451
|
+
DTLS1_HM_HEADER_LENGTH + frag->msg_len);
|
|
452
|
+
}
|
|
453
|
+
|
|
454
|
+
void dtls1_release_current_message(SSL *ssl, int free_buffer) {
|
|
455
|
+
if (ssl->init_msg == NULL) {
|
|
456
|
+
return;
|
|
457
|
+
}
|
|
458
|
+
|
|
459
|
+
assert(dtls1_is_current_message_complete(ssl));
|
|
460
|
+
size_t index = ssl->d1->handshake_read_seq % SSL_MAX_HANDSHAKE_FLIGHT;
|
|
461
|
+
dtls1_hm_fragment_free(ssl->d1->incoming_messages[index]);
|
|
462
|
+
ssl->d1->incoming_messages[index] = NULL;
|
|
463
|
+
ssl->d1->handshake_read_seq++;
|
|
464
|
+
|
|
465
|
+
ssl->init_msg = NULL;
|
|
466
|
+
ssl->init_num = 0;
|
|
467
|
+
}
|
|
468
|
+
|
|
469
|
+
void dtls_clear_incoming_messages(SSL *ssl) {
|
|
470
|
+
for (size_t i = 0; i < SSL_MAX_HANDSHAKE_FLIGHT; i++) {
|
|
471
|
+
dtls1_hm_fragment_free(ssl->d1->incoming_messages[i]);
|
|
472
|
+
ssl->d1->incoming_messages[i] = NULL;
|
|
473
|
+
}
|
|
474
|
+
}
|
|
475
|
+
|
|
476
|
+
int dtls_has_incoming_messages(const SSL *ssl) {
|
|
477
|
+
size_t current = ssl->d1->handshake_read_seq % SSL_MAX_HANDSHAKE_FLIGHT;
|
|
478
|
+
for (size_t i = 0; i < SSL_MAX_HANDSHAKE_FLIGHT; i++) {
|
|
479
|
+
/* Skip the current message. */
|
|
480
|
+
if (ssl->init_msg != NULL && i == current) {
|
|
481
|
+
assert(dtls1_is_current_message_complete(ssl));
|
|
482
|
+
continue;
|
|
483
|
+
}
|
|
484
|
+
if (ssl->d1->incoming_messages[i] != NULL) {
|
|
485
|
+
return 1;
|
|
486
|
+
}
|
|
487
|
+
}
|
|
488
|
+
return 0;
|
|
489
|
+
}
|
|
490
|
+
|
|
491
|
+
int dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
|
|
492
|
+
CBS *out_body) {
|
|
493
|
+
memset(out_hdr, 0x00, sizeof(struct hm_header_st));
|
|
494
|
+
|
|
495
|
+
if (!CBS_get_u8(cbs, &out_hdr->type) ||
|
|
496
|
+
!CBS_get_u24(cbs, &out_hdr->msg_len) ||
|
|
497
|
+
!CBS_get_u16(cbs, &out_hdr->seq) ||
|
|
498
|
+
!CBS_get_u24(cbs, &out_hdr->frag_off) ||
|
|
499
|
+
!CBS_get_u24(cbs, &out_hdr->frag_len) ||
|
|
500
|
+
!CBS_get_bytes(cbs, out_body, out_hdr->frag_len)) {
|
|
501
|
+
return 0;
|
|
502
|
+
}
|
|
503
|
+
|
|
504
|
+
return 1;
|
|
505
|
+
}
|
|
506
|
+
|
|
507
|
+
|
|
508
|
+
/* Sending handshake messages. */
|
|
509
|
+
|
|
250
510
|
static void dtls1_update_mtu(SSL *ssl) {
|
|
251
511
|
/* TODO(davidben): What is this code doing and do we need it? */
|
|
252
512
|
if (ssl->d1->mtu < dtls1_min_mtu() &&
|
|
253
513
|
!(SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) {
|
|
254
|
-
long mtu = BIO_ctrl(
|
|
514
|
+
long mtu = BIO_ctrl(ssl->wbio, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
|
|
255
515
|
if (mtu >= 0 && mtu <= (1 << 30) && (unsigned)mtu >= dtls1_min_mtu()) {
|
|
256
516
|
ssl->d1->mtu = (unsigned)mtu;
|
|
257
517
|
} else {
|
|
258
518
|
ssl->d1->mtu = kDefaultMTU;
|
|
259
|
-
BIO_ctrl(
|
|
519
|
+
BIO_ctrl(ssl->wbio, BIO_CTRL_DGRAM_SET_MTU, ssl->d1->mtu, NULL);
|
|
260
520
|
}
|
|
261
521
|
}
|
|
262
522
|
|
|
@@ -276,7 +536,7 @@ static size_t dtls1_max_record_size(SSL *ssl) {
|
|
|
276
536
|
}
|
|
277
537
|
ret -= overhead;
|
|
278
538
|
|
|
279
|
-
size_t pending = BIO_wpending(
|
|
539
|
+
size_t pending = BIO_wpending(ssl->wbio);
|
|
280
540
|
if (ret <= pending) {
|
|
281
541
|
return 0;
|
|
282
542
|
}
|
|
@@ -292,32 +552,36 @@ static int dtls1_write_change_cipher_spec(SSL *ssl,
|
|
|
292
552
|
/* During the handshake, wbio is buffered to pack messages together. Flush the
|
|
293
553
|
* buffer if the ChangeCipherSpec would not fit in a packet. */
|
|
294
554
|
if (dtls1_max_record_size(ssl) == 0) {
|
|
295
|
-
|
|
296
|
-
int ret = BIO_flush(SSL_get_wbio(ssl));
|
|
555
|
+
int ret = BIO_flush(ssl->wbio);
|
|
297
556
|
if (ret <= 0) {
|
|
557
|
+
ssl->rwstate = SSL_WRITING;
|
|
298
558
|
return ret;
|
|
299
559
|
}
|
|
300
|
-
ssl->rwstate = SSL_NOTHING;
|
|
301
560
|
}
|
|
302
561
|
|
|
303
562
|
static const uint8_t kChangeCipherSpec[1] = {SSL3_MT_CCS};
|
|
304
563
|
int ret =
|
|
305
|
-
|
|
306
|
-
|
|
564
|
+
dtls1_write_record(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, kChangeCipherSpec,
|
|
565
|
+
sizeof(kChangeCipherSpec), use_epoch);
|
|
307
566
|
if (ret <= 0) {
|
|
308
567
|
return ret;
|
|
309
568
|
}
|
|
310
569
|
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
kChangeCipherSpec, sizeof(kChangeCipherSpec), ssl,
|
|
314
|
-
ssl->msg_callback_arg);
|
|
315
|
-
}
|
|
316
|
-
|
|
570
|
+
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_CHANGE_CIPHER_SPEC,
|
|
571
|
+
kChangeCipherSpec, sizeof(kChangeCipherSpec));
|
|
317
572
|
return 1;
|
|
318
573
|
}
|
|
319
574
|
|
|
320
|
-
|
|
575
|
+
/* dtls1_do_handshake_write writes handshake message |in| using the given epoch,
|
|
576
|
+
* starting |offset| bytes into the message body. It returns one on success. On
|
|
577
|
+
* error, it returns <= 0 and sets |*out_offset| to the number of bytes of body
|
|
578
|
+
* that were successfully written. This may be used to retry the write
|
|
579
|
+
* later. |in| must be a reassembled handshake message with the full DTLS
|
|
580
|
+
* handshake header. */
|
|
581
|
+
static int dtls1_do_handshake_write(SSL *ssl, size_t *out_offset,
|
|
582
|
+
const uint8_t *in, size_t offset,
|
|
583
|
+
size_t len,
|
|
584
|
+
enum dtls1_use_epoch_t use_epoch) {
|
|
321
585
|
dtls1_update_mtu(ssl);
|
|
322
586
|
|
|
323
587
|
int ret = -1;
|
|
@@ -330,26 +594,33 @@ int dtls1_do_handshake_write(SSL *ssl, enum dtls1_use_epoch_t use_epoch) {
|
|
|
330
594
|
goto err;
|
|
331
595
|
}
|
|
332
596
|
|
|
333
|
-
/*
|
|
334
|
-
*
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
597
|
+
/* Although it may be sent as multiple fragments, a DTLS message must be sent
|
|
598
|
+
* serialized as a single fragment for purposes of |ssl_do_msg_callback| and
|
|
599
|
+
* the handshake hash. */
|
|
600
|
+
CBS cbs, body;
|
|
601
|
+
struct hm_header_st hdr;
|
|
602
|
+
CBS_init(&cbs, in, len);
|
|
603
|
+
if (!dtls1_parse_fragment(&cbs, &hdr, &body) ||
|
|
604
|
+
hdr.frag_off != 0 ||
|
|
605
|
+
hdr.frag_len != CBS_len(&body) ||
|
|
606
|
+
hdr.msg_len != CBS_len(&body) ||
|
|
607
|
+
!CBS_skip(&body, offset) ||
|
|
608
|
+
CBS_len(&cbs) != 0) {
|
|
609
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
610
|
+
goto err;
|
|
338
611
|
}
|
|
339
|
-
assert(ssl->init_off >= DTLS1_HM_HEADER_LENGTH);
|
|
340
612
|
|
|
341
613
|
do {
|
|
342
614
|
/* During the handshake, wbio is buffered to pack messages together. Flush
|
|
343
615
|
* the buffer if there isn't enough room to make progress. */
|
|
344
616
|
if (dtls1_max_record_size(ssl) < DTLS1_HM_HEADER_LENGTH + 1) {
|
|
345
|
-
|
|
346
|
-
int flush_ret = BIO_flush(SSL_get_wbio(ssl));
|
|
617
|
+
int flush_ret = BIO_flush(ssl->wbio);
|
|
347
618
|
if (flush_ret <= 0) {
|
|
619
|
+
ssl->rwstate = SSL_WRITING;
|
|
348
620
|
ret = flush_ret;
|
|
349
621
|
goto err;
|
|
350
622
|
}
|
|
351
|
-
ssl->
|
|
352
|
-
assert(BIO_wpending(SSL_get_wbio(ssl)) == 0);
|
|
623
|
+
assert(BIO_wpending(ssl->wbio) == 0);
|
|
353
624
|
}
|
|
354
625
|
|
|
355
626
|
size_t todo = dtls1_max_record_size(ssl);
|
|
@@ -361,521 +632,214 @@ int dtls1_do_handshake_write(SSL *ssl, enum dtls1_use_epoch_t use_epoch) {
|
|
|
361
632
|
}
|
|
362
633
|
todo -= DTLS1_HM_HEADER_LENGTH;
|
|
363
634
|
|
|
364
|
-
if (todo > (
|
|
365
|
-
todo =
|
|
635
|
+
if (todo > CBS_len(&body)) {
|
|
636
|
+
todo = CBS_len(&body);
|
|
366
637
|
}
|
|
367
638
|
if (todo >= (1u << 24)) {
|
|
368
639
|
todo = (1u << 24) - 1;
|
|
369
640
|
}
|
|
370
641
|
|
|
371
|
-
size_t
|
|
642
|
+
size_t buf_len;
|
|
372
643
|
if (!CBB_init_fixed(&cbb, buf, ssl->d1->mtu) ||
|
|
373
|
-
!CBB_add_u8(&cbb,
|
|
374
|
-
!CBB_add_u24(&cbb,
|
|
375
|
-
!CBB_add_u16(&cbb,
|
|
376
|
-
!CBB_add_u24(&cbb,
|
|
644
|
+
!CBB_add_u8(&cbb, hdr.type) ||
|
|
645
|
+
!CBB_add_u24(&cbb, hdr.msg_len) ||
|
|
646
|
+
!CBB_add_u16(&cbb, hdr.seq) ||
|
|
647
|
+
!CBB_add_u24(&cbb, offset) ||
|
|
377
648
|
!CBB_add_u24(&cbb, todo) ||
|
|
378
|
-
!CBB_add_bytes(
|
|
379
|
-
|
|
380
|
-
!CBB_finish(&cbb, NULL, &len)) {
|
|
649
|
+
!CBB_add_bytes(&cbb, CBS_data(&body), todo) ||
|
|
650
|
+
!CBB_finish(&cbb, NULL, &buf_len)) {
|
|
381
651
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
382
652
|
goto err;
|
|
383
653
|
}
|
|
384
654
|
|
|
385
|
-
int write_ret =
|
|
386
|
-
|
|
655
|
+
int write_ret =
|
|
656
|
+
dtls1_write_record(ssl, SSL3_RT_HANDSHAKE, buf, buf_len, use_epoch);
|
|
387
657
|
if (write_ret <= 0) {
|
|
388
658
|
ret = write_ret;
|
|
389
659
|
goto err;
|
|
390
660
|
}
|
|
391
|
-
ssl->init_off += todo;
|
|
392
|
-
ssl->init_num -= todo;
|
|
393
|
-
} while (ssl->init_num > 0);
|
|
394
661
|
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
662
|
+
if (!CBS_skip(&body, todo)) {
|
|
663
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
664
|
+
goto err;
|
|
665
|
+
}
|
|
666
|
+
offset += todo;
|
|
667
|
+
} while (CBS_len(&body) != 0);
|
|
400
668
|
|
|
401
|
-
ssl
|
|
402
|
-
ssl->init_num = 0;
|
|
669
|
+
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HANDSHAKE, in, len);
|
|
403
670
|
|
|
404
671
|
ret = 1;
|
|
405
672
|
|
|
406
673
|
err:
|
|
674
|
+
*out_offset = offset;
|
|
407
675
|
CBB_cleanup(&cbb);
|
|
408
676
|
OPENSSL_free(buf);
|
|
409
677
|
return ret;
|
|
410
678
|
}
|
|
411
679
|
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
if (item == NULL) {
|
|
417
|
-
return 0;
|
|
680
|
+
void dtls_clear_outgoing_messages(SSL *ssl) {
|
|
681
|
+
for (size_t i = 0; i < ssl->d1->outgoing_messages_len; i++) {
|
|
682
|
+
OPENSSL_free(ssl->d1->outgoing_messages[i].data);
|
|
683
|
+
ssl->d1->outgoing_messages[i].data = NULL;
|
|
418
684
|
}
|
|
419
|
-
|
|
420
|
-
hm_fragment *frag = (hm_fragment *)item->data;
|
|
421
|
-
assert(ssl->d1->handshake_read_seq <= frag->msg_header.seq);
|
|
422
|
-
|
|
423
|
-
return ssl->d1->handshake_read_seq == frag->msg_header.seq &&
|
|
424
|
-
frag->reassembly == NULL;
|
|
685
|
+
ssl->d1->outgoing_messages_len = 0;
|
|
425
686
|
}
|
|
426
687
|
|
|
427
|
-
/*
|
|
428
|
-
*
|
|
429
|
-
*
|
|
430
|
-
|
|
431
|
-
|
|
432
|
-
|
|
433
|
-
uint8_t discard[256];
|
|
434
|
-
while (frag_len > 0) {
|
|
435
|
-
size_t chunk = frag_len < sizeof(discard) ? frag_len : sizeof(discard);
|
|
436
|
-
int ret = dtls1_read_bytes(ssl, SSL3_RT_HANDSHAKE, discard, chunk, 0);
|
|
437
|
-
if (ret != (int) chunk) {
|
|
438
|
-
return 0;
|
|
439
|
-
}
|
|
440
|
-
frag_len -= chunk;
|
|
688
|
+
/* dtls1_add_change_cipher_spec adds a ChangeCipherSpec to the current
|
|
689
|
+
* handshake flight. */
|
|
690
|
+
static int dtls1_add_change_cipher_spec(SSL *ssl) {
|
|
691
|
+
if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT) {
|
|
692
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
693
|
+
return 0;
|
|
441
694
|
}
|
|
442
|
-
return 1;
|
|
443
|
-
}
|
|
444
695
|
|
|
445
|
-
|
|
446
|
-
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
uint8_t seq64be[8];
|
|
452
|
-
memset(seq64be, 0, sizeof(seq64be));
|
|
453
|
-
seq64be[6] = (uint8_t)(msg_hdr->seq >> 8);
|
|
454
|
-
seq64be[7] = (uint8_t)msg_hdr->seq;
|
|
455
|
-
pitem *item = pqueue_find(ssl->d1->buffered_messages, seq64be);
|
|
456
|
-
|
|
457
|
-
hm_fragment *frag;
|
|
458
|
-
if (item == NULL) {
|
|
459
|
-
/* This is the first fragment from this message. */
|
|
460
|
-
frag = dtls1_hm_fragment_new(msg_hdr->msg_len,
|
|
461
|
-
1 /* reassembly buffer needed */);
|
|
462
|
-
if (frag == NULL) {
|
|
463
|
-
return NULL;
|
|
464
|
-
}
|
|
465
|
-
memcpy(&frag->msg_header, msg_hdr, sizeof(*msg_hdr));
|
|
466
|
-
item = pitem_new(seq64be, frag);
|
|
467
|
-
if (item == NULL) {
|
|
468
|
-
dtls1_hm_fragment_free(frag);
|
|
469
|
-
return NULL;
|
|
470
|
-
}
|
|
471
|
-
item = pqueue_insert(ssl->d1->buffered_messages, item);
|
|
472
|
-
/* |pqueue_insert| fails iff a duplicate item is inserted, but |item| cannot
|
|
473
|
-
* be a duplicate. */
|
|
474
|
-
assert(item != NULL);
|
|
475
|
-
} else {
|
|
476
|
-
frag = item->data;
|
|
477
|
-
assert(frag->msg_header.seq == msg_hdr->seq);
|
|
478
|
-
if (frag->msg_header.type != msg_hdr->type ||
|
|
479
|
-
frag->msg_header.msg_len != msg_hdr->msg_len) {
|
|
480
|
-
/* The new fragment must be compatible with the previous fragments from
|
|
481
|
-
* this message. */
|
|
482
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_FRAGMENT_MISMATCH);
|
|
483
|
-
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
484
|
-
return NULL;
|
|
485
|
-
}
|
|
486
|
-
}
|
|
487
|
-
return frag;
|
|
488
|
-
}
|
|
696
|
+
DTLS_OUTGOING_MESSAGE *msg =
|
|
697
|
+
&ssl->d1->outgoing_messages[ssl->d1->outgoing_messages_len];
|
|
698
|
+
msg->data = NULL;
|
|
699
|
+
msg->len = 0;
|
|
700
|
+
msg->epoch = ssl->d1->w_epoch;
|
|
701
|
+
msg->is_ccs = 1;
|
|
489
702
|
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
* be greater if the maximum certificate list size requires it. */
|
|
493
|
-
static size_t dtls1_max_handshake_message_len(const SSL *ssl) {
|
|
494
|
-
size_t max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
|
|
495
|
-
if (max_len < ssl->max_cert_list) {
|
|
496
|
-
return ssl->max_cert_list;
|
|
497
|
-
}
|
|
498
|
-
return max_len;
|
|
703
|
+
ssl->d1->outgoing_messages_len++;
|
|
704
|
+
return 1;
|
|
499
705
|
}
|
|
500
706
|
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
static int dtls1_process_fragment(SSL *ssl) {
|
|
504
|
-
/* Read handshake message header. */
|
|
505
|
-
uint8_t header[DTLS1_HM_HEADER_LENGTH];
|
|
506
|
-
int ret = dtls1_read_bytes(ssl, SSL3_RT_HANDSHAKE, header,
|
|
507
|
-
DTLS1_HM_HEADER_LENGTH, 0);
|
|
508
|
-
if (ret <= 0) {
|
|
509
|
-
return ret;
|
|
510
|
-
}
|
|
511
|
-
if (ret != DTLS1_HM_HEADER_LENGTH) {
|
|
512
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
|
|
513
|
-
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
514
|
-
return -1;
|
|
515
|
-
}
|
|
516
|
-
|
|
517
|
-
/* Parse the message fragment header. */
|
|
518
|
-
struct hm_header_st msg_hdr;
|
|
519
|
-
dtls1_get_message_header(header, &msg_hdr);
|
|
520
|
-
|
|
521
|
-
/* TODO(davidben): dtls1_read_bytes is the wrong abstraction for DTLS. There
|
|
522
|
-
* should be no need to reach into |ssl->s3->rrec.length|. */
|
|
523
|
-
const size_t frag_off = msg_hdr.frag_off;
|
|
524
|
-
const size_t frag_len = msg_hdr.frag_len;
|
|
525
|
-
const size_t msg_len = msg_hdr.msg_len;
|
|
526
|
-
if (frag_off > msg_len || frag_off + frag_len < frag_off ||
|
|
527
|
-
frag_off + frag_len > msg_len ||
|
|
528
|
-
msg_len > dtls1_max_handshake_message_len(ssl) ||
|
|
529
|
-
frag_len > ssl->s3->rrec.length) {
|
|
530
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
|
531
|
-
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
532
|
-
return -1;
|
|
533
|
-
}
|
|
534
|
-
|
|
535
|
-
if (msg_hdr.seq < ssl->d1->handshake_read_seq ||
|
|
536
|
-
msg_hdr.seq > (unsigned)ssl->d1->handshake_read_seq +
|
|
537
|
-
kHandshakeBufferSize) {
|
|
538
|
-
/* Ignore fragments from the past, or ones too far in the future. */
|
|
539
|
-
if (!dtls1_discard_fragment_body(ssl, frag_len)) {
|
|
540
|
-
return -1;
|
|
541
|
-
}
|
|
542
|
-
return 1;
|
|
543
|
-
}
|
|
544
|
-
|
|
545
|
-
hm_fragment *frag = dtls1_get_buffered_message(ssl, &msg_hdr);
|
|
546
|
-
if (frag == NULL) {
|
|
547
|
-
return -1;
|
|
548
|
-
}
|
|
549
|
-
assert(frag->msg_header.msg_len == msg_len);
|
|
550
|
-
|
|
551
|
-
if (frag->reassembly == NULL) {
|
|
552
|
-
/* The message is already assembled. */
|
|
553
|
-
if (!dtls1_discard_fragment_body(ssl, frag_len)) {
|
|
554
|
-
return -1;
|
|
555
|
-
}
|
|
556
|
-
return 1;
|
|
557
|
-
}
|
|
558
|
-
assert(msg_len > 0);
|
|
559
|
-
|
|
560
|
-
/* Read the body of the fragment. */
|
|
561
|
-
ret = dtls1_read_bytes(ssl, SSL3_RT_HANDSHAKE, frag->fragment + frag_off,
|
|
562
|
-
frag_len, 0);
|
|
563
|
-
if (ret != (int) frag_len) {
|
|
707
|
+
static int dtls1_add_message(SSL *ssl, uint8_t *data, size_t len) {
|
|
708
|
+
if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT) {
|
|
564
709
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
565
|
-
|
|
566
|
-
return
|
|
710
|
+
OPENSSL_free(data);
|
|
711
|
+
return 0;
|
|
567
712
|
}
|
|
568
|
-
dtls1_hm_fragment_mark(frag, frag_off, frag_off + frag_len);
|
|
569
713
|
|
|
714
|
+
DTLS_OUTGOING_MESSAGE *msg =
|
|
715
|
+
&ssl->d1->outgoing_messages[ssl->d1->outgoing_messages_len];
|
|
716
|
+
msg->data = data;
|
|
717
|
+
msg->len = len;
|
|
718
|
+
msg->epoch = ssl->d1->w_epoch;
|
|
719
|
+
msg->is_ccs = 0;
|
|
720
|
+
|
|
721
|
+
ssl->d1->outgoing_messages_len++;
|
|
570
722
|
return 1;
|
|
571
723
|
}
|
|
572
724
|
|
|
573
|
-
|
|
574
|
-
|
|
575
|
-
|
|
576
|
-
|
|
577
|
-
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
|
|
581
|
-
|
|
582
|
-
/* s3->tmp is used to store messages that are unexpected, caused
|
|
583
|
-
* by the absence of an optional handshake message */
|
|
584
|
-
if (ssl->s3->tmp.reuse_message) {
|
|
585
|
-
/* A ssl_dont_hash_message call cannot be combined with reuse_message; the
|
|
586
|
-
* ssl_dont_hash_message would have to have been applied to the previous
|
|
587
|
-
* call. */
|
|
588
|
-
assert(hash_message == ssl_hash_message);
|
|
589
|
-
ssl->s3->tmp.reuse_message = 0;
|
|
590
|
-
if (msg_type >= 0 && ssl->s3->tmp.message_type != msg_type) {
|
|
591
|
-
al = SSL_AD_UNEXPECTED_MESSAGE;
|
|
592
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
|
|
593
|
-
goto f_err;
|
|
594
|
-
}
|
|
595
|
-
*ok = 1;
|
|
596
|
-
ssl->init_msg = (uint8_t *)ssl->init_buf->data + DTLS1_HM_HEADER_LENGTH;
|
|
597
|
-
ssl->init_num = (int)ssl->s3->tmp.message_size;
|
|
598
|
-
return ssl->init_num;
|
|
599
|
-
}
|
|
600
|
-
|
|
601
|
-
/* Process fragments until one is found. */
|
|
602
|
-
while (!dtls1_is_next_message_complete(ssl)) {
|
|
603
|
-
int ret = dtls1_process_fragment(ssl);
|
|
604
|
-
if (ret <= 0) {
|
|
605
|
-
*ok = 0;
|
|
606
|
-
return ret;
|
|
607
|
-
}
|
|
725
|
+
int dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type) {
|
|
726
|
+
/* Pick a modest size hint to save most of the |realloc| calls. */
|
|
727
|
+
if (!CBB_init(cbb, 64) ||
|
|
728
|
+
!CBB_add_u8(cbb, type) ||
|
|
729
|
+
!CBB_add_u24(cbb, 0 /* length (filled in later) */) ||
|
|
730
|
+
!CBB_add_u16(cbb, ssl->d1->handshake_write_seq) ||
|
|
731
|
+
!CBB_add_u24(cbb, 0 /* offset */) ||
|
|
732
|
+
!CBB_add_u24_length_prefixed(cbb, body)) {
|
|
733
|
+
return 0;
|
|
608
734
|
}
|
|
609
735
|
|
|
610
|
-
|
|
611
|
-
|
|
612
|
-
assert(item != NULL);
|
|
613
|
-
frag = (hm_fragment *)item->data;
|
|
614
|
-
assert(ssl->d1->handshake_read_seq == frag->msg_header.seq);
|
|
615
|
-
assert(frag->reassembly == NULL);
|
|
616
|
-
|
|
617
|
-
if (frag->msg_header.msg_len > (size_t)max) {
|
|
618
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESSIVE_MESSAGE_SIZE);
|
|
619
|
-
goto err;
|
|
620
|
-
}
|
|
736
|
+
return 1;
|
|
737
|
+
}
|
|
621
738
|
|
|
622
|
-
|
|
739
|
+
int dtls1_finish_message(SSL *ssl, CBB *cbb) {
|
|
740
|
+
uint8_t *msg = NULL;
|
|
623
741
|
size_t len;
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
!CBB_add_u8(&cbb, frag->msg_header.type) ||
|
|
631
|
-
!CBB_add_u24(&cbb, frag->msg_header.msg_len) ||
|
|
632
|
-
!CBB_add_u16(&cbb, frag->msg_header.seq) ||
|
|
633
|
-
!CBB_add_u24(&cbb, 0 /* frag_off */) ||
|
|
634
|
-
!CBB_add_u24(&cbb, frag->msg_header.msg_len) ||
|
|
635
|
-
!CBB_add_bytes(&cbb, frag->fragment, frag->msg_header.msg_len) ||
|
|
636
|
-
!CBB_finish(&cbb, NULL, &len)) {
|
|
637
|
-
CBB_cleanup(&cbb);
|
|
638
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
|
639
|
-
goto err;
|
|
640
|
-
}
|
|
641
|
-
assert(len == (size_t)frag->msg_header.msg_len + DTLS1_HM_HEADER_LENGTH);
|
|
642
|
-
|
|
643
|
-
ssl->d1->handshake_read_seq++;
|
|
644
|
-
|
|
645
|
-
/* TODO(davidben): This function has a lot of implicit outputs. Simplify the
|
|
646
|
-
* |ssl_get_message| API. */
|
|
647
|
-
ssl->s3->tmp.message_type = frag->msg_header.type;
|
|
648
|
-
ssl->s3->tmp.message_size = frag->msg_header.msg_len;
|
|
649
|
-
ssl->init_msg = (uint8_t *)ssl->init_buf->data + DTLS1_HM_HEADER_LENGTH;
|
|
650
|
-
ssl->init_num = frag->msg_header.msg_len;
|
|
651
|
-
|
|
652
|
-
if (msg_type >= 0 && ssl->s3->tmp.message_type != msg_type) {
|
|
653
|
-
al = SSL_AD_UNEXPECTED_MESSAGE;
|
|
654
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
|
|
655
|
-
goto f_err;
|
|
656
|
-
}
|
|
657
|
-
if (hash_message == ssl_hash_message && !ssl3_hash_current_message(ssl)) {
|
|
658
|
-
goto err;
|
|
659
|
-
}
|
|
660
|
-
if (ssl->msg_callback) {
|
|
661
|
-
ssl->msg_callback(0, ssl->version, SSL3_RT_HANDSHAKE, ssl->init_buf->data,
|
|
662
|
-
ssl->init_num + DTLS1_HM_HEADER_LENGTH, ssl,
|
|
663
|
-
ssl->msg_callback_arg);
|
|
742
|
+
if (!CBB_finish(cbb, &msg, &len) ||
|
|
743
|
+
len > 0xffffffffu ||
|
|
744
|
+
len < DTLS1_HM_HEADER_LENGTH) {
|
|
745
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
746
|
+
OPENSSL_free(msg);
|
|
747
|
+
return 0;
|
|
664
748
|
}
|
|
665
749
|
|
|
666
|
-
|
|
667
|
-
|
|
750
|
+
/* Fix up the header. Copy the fragment length into the total message
|
|
751
|
+
* length. */
|
|
752
|
+
memcpy(msg + 1, msg + DTLS1_HM_HEADER_LENGTH - 3, 3);
|
|
668
753
|
|
|
669
|
-
ssl
|
|
670
|
-
*ok = 1;
|
|
671
|
-
return ssl->init_num;
|
|
754
|
+
ssl3_update_handshake_hash(ssl, msg, len);
|
|
672
755
|
|
|
673
|
-
|
|
674
|
-
|
|
675
|
-
|
|
676
|
-
pitem_free(item);
|
|
677
|
-
dtls1_hm_fragment_free(frag);
|
|
678
|
-
*ok = 0;
|
|
679
|
-
return -1;
|
|
756
|
+
ssl->d1->handshake_write_seq++;
|
|
757
|
+
ssl->init_off = 0;
|
|
758
|
+
return dtls1_add_message(ssl, msg, len);
|
|
680
759
|
}
|
|
681
760
|
|
|
682
|
-
int
|
|
683
|
-
if (
|
|
684
|
-
|
|
685
|
-
return 1;
|
|
686
|
-
}
|
|
687
|
-
|
|
688
|
-
if (!dtls1_is_timer_expired(ssl)) {
|
|
689
|
-
/* not a timeout, none of our business, let higher layers handle this. In
|
|
690
|
-
* fact, it's probably an error */
|
|
691
|
-
return code;
|
|
761
|
+
int dtls1_write_message(SSL *ssl) {
|
|
762
|
+
if (ssl->d1->outgoing_messages_len == 0) {
|
|
763
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
764
|
+
return -1;
|
|
692
765
|
}
|
|
693
766
|
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
767
|
+
const DTLS_OUTGOING_MESSAGE *msg =
|
|
768
|
+
&ssl->d1->outgoing_messages[ssl->d1->outgoing_messages_len - 1];
|
|
769
|
+
if (msg->is_ccs) {
|
|
770
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
771
|
+
return -1;
|
|
698
772
|
}
|
|
699
773
|
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
705
|
-
|
|
706
|
-
/* The index of the retransmission queue actually is the message sequence
|
|
707
|
-
* number, since the queue only contains messages of a single handshake.
|
|
708
|
-
* However, the ChangeCipherSpec has no message sequence number and so using
|
|
709
|
-
* only the sequence will result in the CCS and Finished having the same
|
|
710
|
-
* index. To prevent this, the sequence number is multiplied by 2. In case of
|
|
711
|
-
* a CCS 1 is subtracted. This does not only differ CSS and Finished, it also
|
|
712
|
-
* maintains the order of the index (important for priority queues) and fits
|
|
713
|
-
* in the unsigned short variable. */
|
|
714
|
-
return seq * 2 - is_ccs;
|
|
774
|
+
size_t offset = ssl->init_off;
|
|
775
|
+
int ret = dtls1_do_handshake_write(ssl, &offset, msg->data, offset, msg->len,
|
|
776
|
+
dtls1_use_current_epoch);
|
|
777
|
+
ssl->init_off = offset;
|
|
778
|
+
return ret;
|
|
715
779
|
}
|
|
716
780
|
|
|
717
|
-
static int dtls1_retransmit_message(SSL *ssl,
|
|
781
|
+
static int dtls1_retransmit_message(SSL *ssl,
|
|
782
|
+
const DTLS_OUTGOING_MESSAGE *msg) {
|
|
718
783
|
/* DTLS renegotiation is unsupported, so only epochs 0 (NULL cipher) and 1
|
|
719
784
|
* (negotiated cipher) exist. */
|
|
720
785
|
assert(ssl->d1->w_epoch == 0 || ssl->d1->w_epoch == 1);
|
|
721
|
-
assert(
|
|
786
|
+
assert(msg->epoch <= ssl->d1->w_epoch);
|
|
722
787
|
enum dtls1_use_epoch_t use_epoch = dtls1_use_current_epoch;
|
|
723
|
-
if (ssl->d1->w_epoch == 1 &&
|
|
788
|
+
if (ssl->d1->w_epoch == 1 && msg->epoch == 0) {
|
|
724
789
|
use_epoch = dtls1_use_previous_epoch;
|
|
725
790
|
}
|
|
726
791
|
|
|
727
792
|
/* TODO(davidben): This cannot handle non-blocking writes. */
|
|
728
793
|
int ret;
|
|
729
|
-
if (
|
|
794
|
+
if (msg->is_ccs) {
|
|
730
795
|
ret = dtls1_write_change_cipher_spec(ssl, use_epoch);
|
|
731
796
|
} else {
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
frag->msg_header.msg_len + DTLS1_HM_HEADER_LENGTH);
|
|
736
|
-
ssl->init_num = frag->msg_header.msg_len + DTLS1_HM_HEADER_LENGTH;
|
|
737
|
-
|
|
738
|
-
dtls1_set_message_header(ssl, frag->msg_header.type,
|
|
739
|
-
frag->msg_header.msg_len, frag->msg_header.seq,
|
|
740
|
-
0, frag->msg_header.frag_len);
|
|
741
|
-
ret = dtls1_do_handshake_write(ssl, use_epoch);
|
|
797
|
+
size_t offset = 0;
|
|
798
|
+
ret = dtls1_do_handshake_write(ssl, &offset, msg->data, offset, msg->len,
|
|
799
|
+
use_epoch);
|
|
742
800
|
}
|
|
743
801
|
|
|
744
|
-
/* TODO(davidben): Check return value? */
|
|
745
|
-
(void)BIO_flush(SSL_get_wbio(ssl));
|
|
746
802
|
return ret;
|
|
747
803
|
}
|
|
748
804
|
|
|
805
|
+
int dtls1_retransmit_outgoing_messages(SSL *ssl) {
|
|
806
|
+
/* Ensure we are packing handshake messages. */
|
|
807
|
+
const int was_buffered = ssl_is_wbio_buffered(ssl);
|
|
808
|
+
assert(was_buffered == SSL_in_init(ssl));
|
|
809
|
+
if (!was_buffered && !ssl_init_wbio_buffer(ssl)) {
|
|
810
|
+
return -1;
|
|
811
|
+
}
|
|
812
|
+
assert(ssl_is_wbio_buffered(ssl));
|
|
749
813
|
|
|
750
|
-
int
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
|
|
754
|
-
|
|
755
|
-
for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
|
|
756
|
-
hm_fragment *frag = (hm_fragment *)item->data;
|
|
757
|
-
if (dtls1_retransmit_message(ssl, frag) <= 0) {
|
|
758
|
-
return -1;
|
|
814
|
+
int ret = -1;
|
|
815
|
+
for (size_t i = 0; i < ssl->d1->outgoing_messages_len; i++) {
|
|
816
|
+
if (dtls1_retransmit_message(ssl, &ssl->d1->outgoing_messages[i]) <= 0) {
|
|
817
|
+
goto err;
|
|
759
818
|
}
|
|
760
819
|
}
|
|
761
820
|
|
|
762
|
-
|
|
763
|
-
|
|
764
|
-
|
|
765
|
-
|
|
766
|
-
* handshake flight, ordered just before the handshake message numbered
|
|
767
|
-
* |seq|. */
|
|
768
|
-
static int dtls1_buffer_change_cipher_spec(SSL *ssl, uint16_t seq) {
|
|
769
|
-
hm_fragment *frag = dtls1_hm_fragment_new(0 /* frag_len */,
|
|
770
|
-
0 /* no reassembly */);
|
|
771
|
-
if (frag == NULL) {
|
|
772
|
-
return 0;
|
|
821
|
+
ret = BIO_flush(ssl->wbio);
|
|
822
|
+
if (ret <= 0) {
|
|
823
|
+
ssl->rwstate = SSL_WRITING;
|
|
824
|
+
goto err;
|
|
773
825
|
}
|
|
774
|
-
frag->msg_header.is_ccs = 1;
|
|
775
|
-
frag->msg_header.epoch = ssl->d1->w_epoch;
|
|
776
826
|
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
|
|
780
|
-
seq64be[6] = (uint8_t)(priority >> 8);
|
|
781
|
-
seq64be[7] = (uint8_t)priority;
|
|
782
|
-
|
|
783
|
-
pitem *item = pitem_new(seq64be, frag);
|
|
784
|
-
if (item == NULL) {
|
|
785
|
-
dtls1_hm_fragment_free(frag);
|
|
786
|
-
return 0;
|
|
827
|
+
err:
|
|
828
|
+
if (!was_buffered) {
|
|
829
|
+
ssl_free_wbio_buffer(ssl);
|
|
787
830
|
}
|
|
788
|
-
|
|
789
|
-
pqueue_insert(ssl->d1->sent_messages, item);
|
|
790
|
-
return 1;
|
|
831
|
+
return ret;
|
|
791
832
|
}
|
|
792
833
|
|
|
793
|
-
int
|
|
794
|
-
|
|
795
|
-
|
|
796
|
-
|
|
797
|
-
|
|
798
|
-
hm_fragment *frag = dtls1_hm_fragment_new(ssl->init_num, 0);
|
|
799
|
-
if (!frag) {
|
|
800
|
-
return 0;
|
|
801
|
-
}
|
|
802
|
-
|
|
803
|
-
memcpy(frag->fragment, ssl->init_buf->data, ssl->init_num);
|
|
804
|
-
|
|
805
|
-
assert(ssl->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH ==
|
|
806
|
-
(unsigned int)ssl->init_num);
|
|
807
|
-
|
|
808
|
-
frag->msg_header.msg_len = ssl->d1->w_msg_hdr.msg_len;
|
|
809
|
-
frag->msg_header.seq = ssl->d1->w_msg_hdr.seq;
|
|
810
|
-
frag->msg_header.type = ssl->d1->w_msg_hdr.type;
|
|
811
|
-
frag->msg_header.frag_off = 0;
|
|
812
|
-
frag->msg_header.frag_len = ssl->d1->w_msg_hdr.msg_len;
|
|
813
|
-
frag->msg_header.is_ccs = 0;
|
|
814
|
-
frag->msg_header.epoch = ssl->d1->w_epoch;
|
|
815
|
-
|
|
816
|
-
uint16_t priority = dtls1_get_queue_priority(frag->msg_header.seq,
|
|
817
|
-
0 /* handshake */);
|
|
818
|
-
uint8_t seq64be[8];
|
|
819
|
-
memset(seq64be, 0, sizeof(seq64be));
|
|
820
|
-
seq64be[6] = (uint8_t)(priority >> 8);
|
|
821
|
-
seq64be[7] = (uint8_t)priority;
|
|
822
|
-
|
|
823
|
-
pitem *item = pitem_new(seq64be, frag);
|
|
824
|
-
if (item == NULL) {
|
|
825
|
-
dtls1_hm_fragment_free(frag);
|
|
826
|
-
return 0;
|
|
834
|
+
int dtls1_send_change_cipher_spec(SSL *ssl) {
|
|
835
|
+
int ret = dtls1_write_change_cipher_spec(ssl, dtls1_use_current_epoch);
|
|
836
|
+
if (ret <= 0) {
|
|
837
|
+
return ret;
|
|
827
838
|
}
|
|
828
|
-
|
|
829
|
-
pqueue_insert(ssl->d1->sent_messages, item);
|
|
839
|
+
dtls1_add_change_cipher_spec(ssl);
|
|
830
840
|
return 1;
|
|
831
841
|
}
|
|
832
842
|
|
|
833
|
-
int dtls1_send_change_cipher_spec(SSL *ssl, int a, int b) {
|
|
834
|
-
if (ssl->state == a) {
|
|
835
|
-
/* Buffer the message to handle retransmits. */
|
|
836
|
-
ssl->d1->handshake_write_seq = ssl->d1->next_handshake_write_seq;
|
|
837
|
-
dtls1_buffer_change_cipher_spec(ssl, ssl->d1->handshake_write_seq);
|
|
838
|
-
ssl->state = b;
|
|
839
|
-
}
|
|
840
|
-
|
|
841
|
-
return dtls1_write_change_cipher_spec(ssl, dtls1_use_current_epoch);
|
|
842
|
-
}
|
|
843
|
-
|
|
844
|
-
/* call this function when the buffered messages are no longer needed */
|
|
845
|
-
void dtls1_clear_record_buffer(SSL *ssl) {
|
|
846
|
-
pitem *item;
|
|
847
|
-
|
|
848
|
-
for (item = pqueue_pop(ssl->d1->sent_messages); item != NULL;
|
|
849
|
-
item = pqueue_pop(ssl->d1->sent_messages)) {
|
|
850
|
-
dtls1_hm_fragment_free((hm_fragment *)item->data);
|
|
851
|
-
pitem_free(item);
|
|
852
|
-
}
|
|
853
|
-
}
|
|
854
|
-
|
|
855
|
-
/* don't actually do the writing, wait till the MTU has been retrieved */
|
|
856
|
-
void dtls1_set_message_header(SSL *ssl, uint8_t mt, unsigned long len,
|
|
857
|
-
unsigned short seq_num, unsigned long frag_off,
|
|
858
|
-
unsigned long frag_len) {
|
|
859
|
-
struct hm_header_st *msg_hdr = &ssl->d1->w_msg_hdr;
|
|
860
|
-
|
|
861
|
-
msg_hdr->type = mt;
|
|
862
|
-
msg_hdr->msg_len = len;
|
|
863
|
-
msg_hdr->seq = seq_num;
|
|
864
|
-
msg_hdr->frag_off = frag_off;
|
|
865
|
-
msg_hdr->frag_len = frag_len;
|
|
866
|
-
}
|
|
867
|
-
|
|
868
843
|
unsigned int dtls1_min_mtu(void) {
|
|
869
844
|
return kMinMTU;
|
|
870
845
|
}
|
|
871
|
-
|
|
872
|
-
void dtls1_get_message_header(uint8_t *data,
|
|
873
|
-
struct hm_header_st *msg_hdr) {
|
|
874
|
-
memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
|
|
875
|
-
msg_hdr->type = *(data++);
|
|
876
|
-
n2l3(data, msg_hdr->msg_len);
|
|
877
|
-
|
|
878
|
-
n2s(data, msg_hdr->seq);
|
|
879
|
-
n2l3(data, msg_hdr->frag_off);
|
|
880
|
-
n2l3(data, msg_hdr->frag_len);
|
|
881
|
-
}
|