RubyGems - grpc - Versions diffs - 1.0.1 → 1.1.2 - Mend

grpc 1.0.1 → 1.1.2

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (705) hide show

checksums.yaml +4 -4
data/Makefile +3696 -867
data/etc/roots.pem +39 -111
data/include/grpc/byte_buffer.h +64 -1
data/include/grpc/census.h +40 -96
data/include/grpc/compression.h +2 -1
data/include/grpc/grpc.h +42 -7
data/include/grpc/grpc_posix.h +8 -5
data/include/grpc/impl/codegen/atm.h +3 -0
data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
data/include/grpc/impl/codegen/atm_gcc_sync.h +8 -0
data/include/grpc/impl/codegen/atm_windows.h +4 -0
data/include/grpc/impl/codegen/byte_buffer_reader.h +4 -4
data/include/grpc/impl/codegen/compression_types.h +1 -1
data/include/grpc/impl/codegen/connectivity_state.h +2 -0
data/include/grpc/impl/codegen/exec_ctx_fwd.h +41 -0
data/include/grpc/impl/codegen/gpr_slice.h +84 -0
data/include/grpc/impl/codegen/{alloc.h → gpr_types.h} +30 -29
data/include/grpc/impl/codegen/grpc_types.h +91 -9
data/include/grpc/impl/codegen/port_platform.h +25 -92
data/include/grpc/impl/codegen/slice.h +54 -97
data/include/grpc/impl/codegen/sync.h +0 -253
data/include/grpc/module.modulemap +0 -2
data/include/grpc/slice.h +132 -0
data/include/grpc/{impl/codegen/slice_buffer.h → slice_buffer.h} +22 -39
data/include/grpc/support/alloc.h +40 -1
data/include/grpc/support/log.h +80 -1
data/include/grpc/support/log_windows.h +2 -0
data/include/grpc/support/string_util.h +1 -1
data/include/grpc/support/sync.h +252 -0
data/include/grpc/support/time.h +67 -1
data/src/boringssl/err_data.c +639 -627
data/src/core/ext/census/base_resources.c +71 -0
data/src/core/ext/census/base_resources.h +39 -0
data/src/core/ext/census/gen/census.pb.c +26 -29
data/src/core/ext/census/gen/census.pb.h +68 -67
data/src/core/ext/census/gen/trace_context.pb.c +81 -0
data/src/core/ext/census/gen/trace_context.pb.h +99 -0
data/src/core/ext/census/grpc_filter.c +22 -16
data/src/core/ext/census/grpc_plugin.c +2 -1
data/src/core/ext/census/initialize.c +16 -4
data/src/core/ext/census/mlog.h +1 -1
data/src/core/ext/census/placeholders.c +0 -45
data/src/core/ext/census/resource.c +312 -0
data/src/core/ext/census/resource.h +63 -0
data/src/core/ext/census/trace_context.c +86 -0
data/src/core/ext/census/trace_context.h +68 -0
data/src/core/ext/census/tracing.c +8 -2
data/src/core/ext/{client_config → client_channel}/channel_connectivity.c +8 -4
data/src/core/ext/client_channel/client_channel.c +1218 -0
data/src/core/ext/{client_config → client_channel}/client_channel.h +8 -11
data/src/core/ext/{client_config → client_channel}/client_channel_factory.c +33 -3
data/src/core/ext/{client_config → client_channel}/client_channel_factory.h +15 -8
data/src/core/ext/{client_config/client_config_plugin.c → client_channel/client_channel_plugin.c} +16 -15
data/src/core/ext/{client_config → client_channel}/connector.c +1 -1
data/src/core/ext/{client_config → client_channel}/connector.h +5 -8
data/{include/grpc/support/slice_buffer.h → src/core/ext/client_channel/default_initial_connect_string.c} +4 -5
data/src/core/ext/client_channel/http_connect_handshaker.c +399 -0
data/src/core/ext/client_channel/http_connect_handshaker.h +52 -0
data/src/core/ext/{client_config → client_channel}/initial_connect_string.c +6 -7
data/src/core/ext/{client_config → client_channel}/initial_connect_string.h +10 -10
data/src/core/ext/{client_config → client_channel}/lb_policy.c +11 -11
data/src/core/ext/{client_config → client_channel}/lb_policy.h +68 -27
data/src/core/ext/client_channel/lb_policy_factory.c +163 -0
data/src/core/ext/{client_config → client_channel}/lb_policy_factory.h +64 -9
data/src/core/ext/{client_config → client_channel}/lb_policy_registry.c +6 -4
data/src/core/ext/{client_config → client_channel}/lb_policy_registry.h +4 -4
data/src/core/ext/{client_config → client_channel}/parse_address.c +21 -14
data/src/core/ext/{client_config → client_channel}/parse_address.h +8 -10
data/src/core/ext/{client_config → client_channel}/resolver.c +3 -4
data/src/core/ext/{client_config → client_channel}/resolver.h +11 -15
data/src/core/ext/{client_config → client_channel}/resolver_factory.c +4 -3
data/src/core/ext/{client_config → client_channel}/resolver_factory.h +13 -11
data/src/core/ext/{client_config → client_channel}/resolver_registry.c +54 -34
data/src/core/ext/{client_config → client_channel}/resolver_registry.h +21 -8
data/src/core/ext/{client_config → client_channel}/subchannel.c +208 -119
data/src/core/ext/{client_config → client_channel}/subchannel.h +21 -11
data/src/core/ext/{client_config → client_channel}/subchannel_index.c +6 -17
data/src/core/ext/{client_config → client_channel}/subchannel_index.h +7 -7
data/src/core/ext/{client_config → client_channel}/uri_parser.c +21 -28
data/src/core/ext/{client_config → client_channel}/uri_parser.h +3 -3
data/src/core/ext/lb_policy/grpclb/grpclb.c +1406 -0
data/src/core/ext/lb_policy/grpclb/grpclb.h +44 -0
data/src/core/ext/lb_policy/grpclb/load_balancer_api.c +117 -37
data/src/core/ext/lb_policy/grpclb/load_balancer_api.h +31 -12
data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +6 -36
data/src/core/ext/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +22 -42
data/src/core/ext/lb_policy/pick_first/pick_first.c +64 -46
data/src/core/ext/lb_policy/round_robin/round_robin.c +324 -160
data/src/core/ext/load_reporting/load_reporting.c +7 -56
data/src/core/ext/load_reporting/load_reporting.h +41 -28
data/src/core/ext/load_reporting/load_reporting_filter.c +132 -42
data/src/core/ext/load_reporting/load_reporting_filter.h +1 -0
data/src/core/ext/resolver/dns/native/dns_resolver.c +88 -80
data/src/core/ext/resolver/sockaddr/sockaddr_resolver.c +57 -102
data/src/core/ext/transport/chttp2/alpn/alpn.c +1 -1
data/src/core/ext/transport/chttp2/client/chttp2_connector.c +253 -0
data/src/core/{lib/iomgr/ev_poll_and_epoll_posix.h → ext/transport/chttp2/client/chttp2_connector.h} +5 -5
data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +31 -160
data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +5 -5
data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +44 -243
data/src/core/ext/transport/chttp2/server/chttp2_server.c +342 -0
data/src/core/ext/transport/chttp2/server/chttp2_server.h +47 -0
data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +11 -124
data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +20 -9
data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +28 -236
data/src/core/ext/transport/chttp2/transport/bin_decoder.c +31 -27
data/src/core/ext/transport/chttp2/transport/bin_decoder.h +5 -4
data/src/core/ext/transport/chttp2/transport/bin_encoder.c +25 -22
data/src/core/ext/transport/chttp2/transport/bin_encoder.h +8 -7
data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +0 -3
data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +1345 -1521
data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +3 -1
data/src/core/ext/transport/chttp2/transport/frame.h +3 -5
data/src/core/ext/transport/chttp2/transport/frame_data.c +50 -47
data/src/core/ext/transport/chttp2/transport/frame_data.h +8 -9
data/src/core/ext/transport/chttp2/transport/frame_goaway.c +19 -21
data/src/core/ext/transport/chttp2/transport/frame_goaway.h +9 -8
data/src/core/ext/transport/chttp2/transport/frame_ping.c +13 -12
data/src/core/ext/transport/chttp2/transport/frame_ping.h +6 -6
data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +31 -19
data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +8 -7
data/src/core/ext/transport/chttp2/transport/frame_settings.c +22 -25
data/src/core/ext/transport/chttp2/transport/frame_settings.h +9 -8
data/src/core/ext/transport/chttp2/transport/frame_window_update.c +26 -18
data/src/core/ext/transport/chttp2/transport/frame_window_update.h +5 -6
data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +68 -58
data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +8 -5
data/src/core/ext/transport/chttp2/transport/hpack_parser.c +327 -214
data/src/core/ext/transport/chttp2/transport/hpack_parser.h +14 -9
data/src/core/ext/transport/chttp2/transport/hpack_table.c +24 -19
data/src/core/ext/transport/chttp2/transport/hpack_table.h +9 -6
data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +2 -2
data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +1 -1
data/src/core/ext/transport/chttp2/transport/internal.h +284 -436
data/src/core/ext/transport/chttp2/transport/parsing.c +355 -590
data/src/core/ext/transport/chttp2/transport/stream_lists.c +36 -309
data/src/core/ext/transport/chttp2/transport/stream_map.c +13 -34
data/src/core/ext/transport/chttp2/transport/stream_map.h +3 -4
data/src/core/ext/transport/chttp2/transport/writing.c +174 -286
data/src/core/lib/channel/channel_args.c +70 -13
data/src/core/lib/channel/channel_args.h +28 -2
data/src/core/lib/channel/channel_stack.c +77 -28
data/src/core/lib/channel/channel_stack.h +61 -23
data/src/core/lib/channel/channel_stack_builder.c +33 -25
data/src/core/lib/channel/channel_stack_builder.h +17 -8
data/src/core/lib/channel/compress_filter.c +52 -36
data/src/core/lib/channel/connected_channel.c +20 -12
data/src/core/lib/channel/connected_channel.h +2 -1
data/src/core/lib/channel/context.h +13 -1
data/src/core/lib/channel/deadline_filter.c +344 -0
data/src/core/lib/channel/deadline_filter.h +99 -0
data/src/core/lib/channel/handshaker.c +240 -0
data/src/core/lib/channel/handshaker.h +164 -0
data/src/core/lib/{security/credentials/google_default/credentials_windows.c → channel/handshaker_factory.c} +16 -23
data/src/core/lib/channel/handshaker_factory.h +66 -0
data/src/core/lib/channel/handshaker_registry.c +113 -0
data/src/core/{ext/client_config/client_config.h → lib/channel/handshaker_registry.h} +26 -16
data/src/core/lib/channel/http_client_filter.c +248 -46
data/src/core/lib/channel/http_client_filter.h +3 -0
data/src/core/lib/channel/http_server_filter.c +136 -24
data/src/core/lib/channel/message_size_filter.c +261 -0
data/src/core/lib/channel/message_size_filter.h +39 -0
data/src/core/lib/compression/message_compress.c +43 -37
data/src/core/lib/compression/message_compress.h +7 -5
data/src/core/lib/http/format_request.c +26 -11
data/src/core/lib/http/format_request.h +7 -5
data/src/core/lib/http/httpcli.c +45 -27
data/src/core/lib/http/httpcli.h +4 -4
data/src/core/lib/http/httpcli_security_connector.c +56 -46
data/src/core/lib/http/parser.c +17 -14
data/src/core/lib/http/parser.h +4 -2
data/src/core/lib/iomgr/closure.c +49 -7
data/src/core/lib/iomgr/closure.h +56 -14
data/src/core/lib/iomgr/combiner.c +422 -0
data/src/core/lib/iomgr/combiner.h +64 -0
data/src/core/lib/iomgr/endpoint.c +8 -2
data/src/core/lib/iomgr/endpoint.h +17 -7
data/src/core/lib/iomgr/endpoint_pair.h +3 -2
data/src/core/lib/iomgr/endpoint_pair_posix.c +9 -8
data/src/core/{ext/client_config/lb_policy_factory.c → lib/iomgr/endpoint_pair_uv.c} +18 -13
data/src/core/lib/iomgr/endpoint_pair_windows.c +7 -6
data/src/core/lib/iomgr/error.c +72 -6
data/src/core/lib/iomgr/error.h +30 -3
data/src/core/lib/iomgr/ev_epoll_linux.c +500 -382
data/src/core/lib/iomgr/ev_epoll_linux.h +3 -2
data/src/core/lib/iomgr/ev_poll_posix.c +317 -30
data/src/core/lib/iomgr/ev_poll_posix.h +1 -0
data/src/core/lib/iomgr/ev_posix.c +26 -5
data/src/core/lib/iomgr/ev_posix.h +12 -1
data/src/core/lib/iomgr/exec_ctx.c +27 -94
data/src/core/lib/iomgr/exec_ctx.h +19 -22
data/src/core/lib/iomgr/executor.c +29 -8
data/src/core/lib/iomgr/executor.h +2 -4
data/src/core/lib/iomgr/iocp_windows.c +3 -4
data/src/core/lib/iomgr/iomgr.c +14 -10
data/src/core/lib/iomgr/iomgr.h +6 -2
data/src/core/lib/iomgr/iomgr_posix.c +2 -2
data/src/core/lib/iomgr/iomgr_uv.c +49 -0
data/src/core/lib/iomgr/iomgr_windows.c +2 -2
data/src/core/lib/iomgr/load_file.c +3 -3
data/src/core/lib/iomgr/load_file.h +2 -2
data/src/core/lib/iomgr/network_status_tracker.c +1 -1
data/src/core/lib/iomgr/pollset_set_uv.c +62 -0
data/src/core/lib/iomgr/pollset_set_windows.c +3 -3
data/src/core/lib/iomgr/pollset_uv.c +142 -0
data/src/core/lib/iomgr/pollset_uv.h +42 -0
data/src/core/lib/iomgr/pollset_windows.c +5 -6
data/src/core/lib/iomgr/port.h +129 -0
data/src/core/lib/iomgr/resolve_address.h +2 -1
data/src/core/lib/iomgr/resolve_address_posix.c +14 -13
data/src/core/lib/iomgr/resolve_address_uv.c +233 -0
data/src/core/lib/iomgr/resolve_address_windows.c +14 -12
data/src/core/lib/iomgr/resource_quota.c +832 -0
data/src/core/lib/iomgr/resource_quota.h +159 -0
data/src/core/lib/iomgr/sockaddr.h +10 -2
data/src/core/lib/iomgr/sockaddr_utils.c +63 -36
data/src/core/lib/iomgr/sockaddr_utils.h +14 -14
data/src/core/lib/iomgr/socket_mutator.c +98 -0
data/src/core/lib/iomgr/socket_mutator.h +80 -0
data/src/core/lib/iomgr/socket_utils.h +42 -0
data/src/core/lib/iomgr/socket_utils_common_posix.c +28 -13
data/src/core/lib/iomgr/socket_utils_linux.c +11 -5
data/src/core/lib/iomgr/socket_utils_posix.c +10 -7
data/src/core/lib/iomgr/socket_utils_posix.h +11 -4
data/src/core/lib/iomgr/socket_utils_uv.c +49 -0
data/src/core/lib/iomgr/socket_utils_windows.c +52 -0
data/src/core/lib/iomgr/socket_windows.c +14 -6
data/src/core/lib/iomgr/socket_windows.h +1 -0
data/src/core/lib/iomgr/tcp_client.h +8 -2
data/src/core/lib/iomgr/tcp_client_posix.c +131 -82
data/src/core/lib/iomgr/tcp_client_posix.h +45 -0
data/src/core/lib/iomgr/tcp_client_uv.c +190 -0
data/src/core/lib/iomgr/tcp_client_windows.c +54 -30
data/src/core/lib/iomgr/tcp_posix.c +135 -56
data/src/core/lib/iomgr/tcp_posix.h +2 -2
data/src/core/lib/iomgr/tcp_server.h +14 -6
data/src/core/lib/iomgr/tcp_server_posix.c +154 -118
data/src/core/lib/iomgr/tcp_server_uv.c +388 -0
data/src/core/lib/iomgr/tcp_server_windows.c +127 -100
data/src/core/lib/iomgr/tcp_uv.c +367 -0
data/src/core/lib/iomgr/tcp_uv.h +59 -0
data/src/core/lib/iomgr/tcp_windows.c +65 -48
data/src/core/lib/iomgr/tcp_windows.h +3 -1
data/src/core/lib/iomgr/timer.h +21 -21
data/src/core/lib/iomgr/{timer.c → timer_generic.c} +15 -10
data/src/core/lib/iomgr/timer_generic.h +49 -0
data/src/core/lib/iomgr/timer_heap.c +6 -0
data/src/core/lib/iomgr/timer_uv.c +99 -0
data/src/core/lib/iomgr/timer_uv.h +47 -0
data/src/core/lib/iomgr/udp_server.c +116 -98
data/src/core/lib/iomgr/udp_server.h +5 -3
data/src/core/lib/iomgr/unix_sockets_posix.c +14 -6
data/src/core/lib/iomgr/unix_sockets_posix.h +6 -5
data/src/core/lib/iomgr/unix_sockets_posix_noop.c +4 -4
data/src/core/lib/iomgr/wakeup_fd_cv.c +118 -0
data/src/core/lib/iomgr/wakeup_fd_cv.h +80 -0
data/src/core/lib/iomgr/wakeup_fd_eventfd.c +3 -3
data/src/core/lib/iomgr/wakeup_fd_nospecial.c +3 -3
data/src/core/lib/iomgr/wakeup_fd_pipe.c +12 -6
data/src/core/lib/iomgr/wakeup_fd_posix.c +34 -5
data/src/core/lib/iomgr/wakeup_fd_posix.h +5 -0
data/src/core/lib/iomgr/workqueue.h +12 -20
data/src/core/{ext/client_config/client_config.c → lib/iomgr/workqueue_uv.c} +24 -33
data/{include/grpc/support/slice.h → src/core/lib/iomgr/workqueue_uv.h} +4 -6
data/src/core/lib/iomgr/workqueue_windows.c +9 -8
data/src/core/lib/json/json.c +3 -3
data/src/core/lib/json/json.h +11 -11
data/src/core/lib/json/json_reader.c +9 -5
data/src/core/lib/profiling/basic_timers.c +10 -1
data/src/core/lib/profiling/timers.h +2 -0
data/src/core/lib/security/context/security_context.c +13 -3
data/src/core/lib/security/context/security_context.h +20 -0
data/src/core/lib/security/credentials/composite/composite_credentials.c +28 -14
data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -2
data/src/core/lib/security/credentials/credentials.c +48 -19
data/src/core/lib/security/credentials/credentials.h +36 -19
data/src/core/lib/security/credentials/credentials_metadata.c +11 -8
data/src/core/lib/security/credentials/fake/fake_credentials.c +15 -11
data/src/core/lib/security/credentials/google_default/{credentials_posix.c → credentials_generic.c} +7 -14
data/src/core/lib/security/credentials/google_default/google_default_credentials.c +33 -21
data/src/core/lib/security/credentials/google_default/google_default_credentials.h +14 -0
data/src/core/lib/security/credentials/iam/iam_credentials.c +3 -2
data/src/core/lib/security/credentials/jwt/json_token.c +1 -0
data/src/core/lib/security/credentials/jwt/json_token.h +1 -1
data/src/core/lib/security/credentials/jwt/jwt_credentials.c +54 -19
data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -1
data/src/core/lib/security/credentials/jwt/jwt_verifier.c +129 -79
data/src/core/lib/security/credentials/jwt/jwt_verifier.h +9 -6
data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +63 -28
data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
data/src/core/lib/security/credentials/plugin/plugin_credentials.c +32 -11
data/src/core/lib/security/credentials/ssl/ssl_credentials.c +13 -9
data/src/core/lib/security/transport/client_auth_filter.c +33 -27
data/src/core/lib/security/transport/secure_endpoint.c +93 -68
data/src/core/lib/security/transport/secure_endpoint.h +2 -2
data/src/core/lib/security/transport/security_connector.c +133 -168
data/src/core/lib/security/transport/security_connector.h +31 -46
data/src/core/lib/security/transport/security_handshaker.c +501 -0
data/src/core/lib/security/transport/{handshake.h → security_handshaker.h} +10 -10
data/src/core/lib/security/transport/server_auth_filter.c +50 -38
data/src/core/lib/security/util/b64.c +11 -8
data/src/core/lib/security/util/b64.h +5 -4
data/src/core/lib/slice/percent_encoding.c +182 -0
data/src/core/lib/slice/percent_encoding.h +78 -0
data/src/core/lib/{support → slice}/slice.c +81 -50
data/src/core/lib/{support → slice}/slice_buffer.c +78 -60
data/src/core/lib/slice/slice_internal.h +49 -0
data/src/core/lib/slice/slice_string_helpers.c +90 -0
data/src/core/lib/{iomgr/workqueue_posix.h → slice/slice_string_helpers.h} +18 -18
data/src/core/lib/support/backoff.c +24 -13
data/src/core/lib/support/backoff.h +5 -2
data/src/core/lib/support/env.h +0 -2
data/src/core/lib/support/log.c +5 -4
data/src/core/lib/support/log_linux.c +0 -1
data/src/core/lib/support/log_posix.c +1 -1
data/src/core/lib/support/mpscq.c +83 -0
data/src/core/lib/support/mpscq.h +65 -0
data/src/core/lib/support/string.c +58 -49
data/src/core/lib/support/string.h +11 -8
data/src/core/lib/support/subprocess_posix.c +5 -2
data/src/core/lib/support/thd.c +1 -1
data/src/core/lib/support/time.c +43 -79
data/src/core/lib/support/time_posix.c +1 -1
data/src/core/lib/support/tmpfile.h +0 -2
data/src/core/lib/surface/alarm.c +4 -1
data/src/core/lib/surface/byte_buffer.c +17 -11
data/src/core/lib/surface/byte_buffer_reader.c +23 -15
data/src/core/lib/surface/call.c +294 -276
data/src/core/lib/surface/call.h +24 -9
data/src/core/lib/surface/call_log_batch.c +5 -3
data/src/core/lib/surface/channel.c +127 -111
data/src/core/lib/surface/channel.h +14 -5
data/src/core/lib/surface/channel_init.c +1 -1
data/src/core/lib/surface/channel_init.h +10 -1
data/src/core/lib/surface/channel_ping.c +7 -6
data/src/core/lib/surface/completion_queue.c +154 -18
data/src/core/lib/surface/completion_queue.h +5 -0
data/src/core/lib/surface/init.c +40 -6
data/src/core/lib/surface/init.h +1 -0
data/src/core/lib/surface/init_secure.c +5 -2
data/src/core/lib/surface/lame_client.c +28 -18
data/src/core/lib/surface/server.c +134 -87
data/src/core/lib/surface/server.h +8 -0
data/src/core/lib/surface/validate_metadata.c +1 -1
data/src/core/lib/surface/version.c +3 -1
data/src/core/lib/transport/byte_stream.c +7 -4
data/src/core/lib/transport/byte_stream.h +6 -10
data/src/core/lib/transport/connectivity_state.c +21 -12
data/src/core/lib/transport/connectivity_state.h +4 -1
data/src/core/lib/transport/mdstr_hash_table.c +118 -0
data/src/core/lib/transport/mdstr_hash_table.h +77 -0
data/src/core/lib/transport/metadata.c +83 -60
data/src/core/lib/transport/metadata.h +41 -23
data/src/core/lib/transport/metadata_batch.c +17 -11
data/src/core/lib/transport/metadata_batch.h +20 -6
data/src/core/lib/transport/pid_controller.c +57 -0
data/src/core/lib/transport/pid_controller.h +64 -0
data/src/core/lib/transport/service_config.c +251 -0
data/src/core/lib/transport/service_config.h +71 -0
data/src/core/lib/transport/static_metadata.c +18 -16
data/src/core/lib/transport/static_metadata.h +113 -107
data/src/core/{ext/transport/chttp2 → lib}/transport/timeout_encoding.c +3 -3
data/src/core/{ext/transport/chttp2 → lib}/transport/timeout_encoding.h +7 -7
data/src/core/lib/transport/transport.c +84 -23
data/src/core/lib/transport/transport.h +53 -8
data/src/core/lib/transport/transport_impl.h +3 -0
data/src/core/lib/transport/transport_op_string.c +92 -20
data/src/core/lib/tsi/ssl_transport_security.c +3 -1
data/src/core/plugin_registry/grpc_plugin_registry.c +8 -4
data/src/ruby/ext/grpc/extconf.rb +0 -1
data/src/ruby/ext/grpc/rb_byte_buffer.c +8 -7
data/src/ruby/ext/grpc/rb_call.c +15 -5
data/src/ruby/ext/grpc/rb_channel.c +1 -1
data/src/ruby/ext/grpc/rb_compression_options.c +466 -0
data/src/{core/ext/client_config/default_initial_connect_string.c → ruby/ext/grpc/rb_compression_options.h} +10 -5
data/src/ruby/ext/grpc/rb_grpc.c +3 -1
data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +198 -190
data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +306 -294
data/src/ruby/ext/grpc/rb_server.c +18 -12
data/src/ruby/lib/grpc/errors.rb +154 -2
data/src/ruby/lib/grpc/generic/active_call.rb +144 -63
data/src/ruby/lib/grpc/generic/bidi_call.rb +18 -2
data/src/ruby/lib/grpc/generic/client_stub.rb +7 -5
data/src/ruby/lib/grpc/generic/rpc_desc.rb +39 -13
data/src/ruby/lib/grpc/generic/rpc_server.rb +51 -24
data/src/ruby/lib/grpc/generic/service.rb +3 -2
data/src/ruby/lib/grpc/version.rb +1 -1
data/src/ruby/pb/grpc/health/checker.rb +3 -1
data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +7 -0
data/src/ruby/pb/test/client.rb +307 -7
data/src/ruby/pb/test/server.rb +26 -1
data/src/ruby/spec/compression_options_spec.rb +164 -0
data/src/ruby/spec/error_sanity_spec.rb +64 -0
data/src/ruby/spec/generic/active_call_spec.rb +290 -12
data/src/ruby/spec/generic/client_stub_spec.rb +91 -41
data/src/ruby/spec/generic/rpc_desc_spec.rb +36 -16
data/src/ruby/spec/generic/rpc_server_pool_spec.rb +22 -28
data/src/ruby/spec/generic/rpc_server_spec.rb +6 -6
data/src/ruby/spec/pb/health/checker_spec.rb +27 -19
data/src/ruby/spec/spec_helper.rb +2 -0
data/third_party/boringssl/crypto/aes/aes.c +12 -12
data/third_party/boringssl/crypto/aes/mode_wrappers.c +6 -2
data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +28 -13
data/third_party/boringssl/crypto/asn1/a_gentm.c +2 -0
data/third_party/boringssl/crypto/asn1/a_object.c +7 -3
data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
data/third_party/boringssl/crypto/asn1/a_time.c +0 -11
data/third_party/boringssl/crypto/asn1/a_type.c +0 -2
data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -30
data/third_party/boringssl/crypto/asn1/asn1_lib.c +56 -76
data/third_party/boringssl/crypto/asn1/asn1_locl.h +0 -10
data/third_party/boringssl/crypto/asn1/asn1_par.c +0 -322
data/third_party/boringssl/crypto/asn1/f_enum.c +1 -108
data/third_party/boringssl/crypto/asn1/f_int.c +1 -106
data/third_party/boringssl/crypto/asn1/f_string.c +1 -106
data/third_party/boringssl/crypto/asn1/tasn_dec.c +10 -14
data/third_party/boringssl/crypto/asn1/tasn_enc.c +17 -11
data/third_party/boringssl/crypto/asn1/tasn_typ.c +29 -42
data/third_party/boringssl/crypto/asn1/tasn_utl.c +1 -1
data/third_party/boringssl/crypto/base64/base64.c +249 -285
data/third_party/boringssl/crypto/bio/bio.c +13 -23
data/third_party/boringssl/crypto/bio/bio_mem.c +3 -2
data/third_party/boringssl/crypto/bio/connect.c +12 -3
data/third_party/boringssl/crypto/bio/fd.c +22 -15
data/third_party/boringssl/crypto/bio/file.c +2 -38
data/third_party/boringssl/crypto/bio/hexdump.c +1 -2
data/third_party/boringssl/crypto/bio/internal.h +3 -0
data/third_party/boringssl/crypto/bio/pair.c +1 -1
data/third_party/boringssl/crypto/bio/socket.c +10 -2
data/third_party/boringssl/crypto/bio/socket_helper.c +2 -2
data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -8
data/third_party/boringssl/crypto/bn/bn.c +38 -0
data/third_party/boringssl/crypto/bn/cmp.c +25 -0
data/third_party/boringssl/crypto/bn/convert.c +73 -76
data/third_party/boringssl/crypto/bn/div.c +136 -70
data/third_party/boringssl/crypto/bn/exponentiation.c +86 -381
data/third_party/boringssl/crypto/bn/gcd.c +213 -296
data/third_party/boringssl/crypto/bn/generic.c +0 -80
data/third_party/boringssl/crypto/bn/internal.h +15 -3
data/third_party/boringssl/crypto/bn/montgomery.c +57 -207
data/third_party/boringssl/crypto/bn/montgomery_inv.c +160 -0
data/third_party/boringssl/crypto/bn/mul.c +2 -1
data/third_party/boringssl/crypto/bn/prime.c +24 -8
data/third_party/boringssl/crypto/bn/random.c +47 -33
data/third_party/boringssl/crypto/bn/sqrt.c +4 -5
data/third_party/boringssl/crypto/buf/buf.c +25 -21
data/third_party/boringssl/crypto/bytestring/ber.c +1 -0
data/third_party/boringssl/crypto/bytestring/cbb.c +50 -22
data/third_party/boringssl/crypto/bytestring/cbs.c +28 -4
data/third_party/boringssl/crypto/chacha/{chacha_generic.c → chacha.c} +56 -29
data/third_party/boringssl/crypto/cipher/aead.c +11 -22
data/third_party/boringssl/crypto/cipher/cipher.c +2 -2
data/third_party/boringssl/crypto/cipher/e_aes.c +53 -103
data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +2 -8
data/third_party/boringssl/crypto/cipher/e_des.c +3 -5
data/third_party/boringssl/crypto/cipher/e_null.c +1 -1
data/third_party/boringssl/crypto/cipher/e_rc2.c +1 -1
data/third_party/boringssl/crypto/cipher/e_rc4.c +1 -1
data/third_party/boringssl/crypto/cipher/e_ssl3.c +3 -63
data/third_party/boringssl/crypto/cipher/e_tls.c +12 -83
data/third_party/boringssl/crypto/cipher/internal.h +8 -10
data/third_party/boringssl/crypto/cipher/tls_cbc.c +69 -40
data/third_party/boringssl/crypto/conf/conf.c +2 -1
data/third_party/boringssl/crypto/cpu-aarch64-linux.c +61 -0
data/third_party/boringssl/crypto/cpu-arm-linux.c +360 -0
data/third_party/boringssl/crypto/cpu-arm.c +0 -161
data/third_party/boringssl/crypto/cpu-intel.c +5 -3
data/third_party/boringssl/{ssl/test/scoped_types.h → crypto/cpu-ppc64le.c} +21 -9
data/third_party/boringssl/crypto/crypto.c +29 -7
data/third_party/boringssl/crypto/curve25519/curve25519.c +284 -242
data/third_party/boringssl/crypto/curve25519/internal.h +64 -0
data/third_party/boringssl/crypto/curve25519/spake25519.c +464 -0
data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +21 -0
data/third_party/boringssl/crypto/dh/check.c +22 -6
data/third_party/boringssl/crypto/dh/dh.c +45 -21
data/third_party/boringssl/crypto/dh/dh_asn1.c +96 -20
data/third_party/boringssl/crypto/dh/params.c +30 -78
data/third_party/boringssl/crypto/digest/digest.c +3 -3
data/third_party/boringssl/crypto/dsa/dsa.c +59 -29
data/third_party/boringssl/crypto/dsa/dsa_asn1.c +4 -0
data/third_party/boringssl/crypto/ec/ec.c +84 -140
data/third_party/boringssl/crypto/ec/ec_asn1.c +82 -52
data/third_party/boringssl/crypto/ec/ec_key.c +15 -15
data/third_party/boringssl/crypto/ec/ec_montgomery.c +87 -50
data/third_party/boringssl/crypto/ec/internal.h +12 -36
data/third_party/boringssl/crypto/ec/oct.c +11 -11
data/third_party/boringssl/crypto/ec/p224-64.c +59 -116
data/third_party/boringssl/crypto/ec/p256-64.c +88 -163
data/third_party/boringssl/crypto/ec/p256-x86_64.c +46 -58
data/third_party/boringssl/crypto/ec/simple.c +81 -201
data/third_party/boringssl/crypto/ec/util-64.c +0 -74
data/third_party/boringssl/crypto/ecdh/ecdh.c +7 -1
data/third_party/boringssl/crypto/ecdsa/ecdsa.c +28 -46
data/third_party/boringssl/crypto/ecdsa/ecdsa_asn1.c +1 -0
data/third_party/boringssl/crypto/engine/engine.c +1 -1
data/third_party/boringssl/crypto/err/err.c +3 -3
data/third_party/boringssl/crypto/evp/evp.c +14 -59
data/third_party/boringssl/crypto/evp/evp_asn1.c +144 -87
data/third_party/boringssl/crypto/evp/evp_ctx.c +7 -7
data/third_party/boringssl/crypto/evp/internal.h +4 -46
data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +8 -157
data/third_party/boringssl/crypto/evp/p_ec.c +1 -1
data/third_party/boringssl/crypto/evp/p_ec_asn1.c +22 -170
data/third_party/boringssl/crypto/evp/p_rsa.c +1 -1
data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +10 -548
data/third_party/boringssl/crypto/evp/print.c +520 -0
data/third_party/boringssl/crypto/ex_data.c +4 -6
data/third_party/boringssl/crypto/hkdf/hkdf.c +38 -17
data/third_party/boringssl/crypto/hmac/hmac.c +6 -6
data/third_party/boringssl/crypto/internal.h +57 -77
data/third_party/boringssl/crypto/lhash/lhash.c +6 -10
data/third_party/boringssl/crypto/md4/md4.c +9 -0
data/third_party/boringssl/crypto/mem.c +19 -19
data/third_party/boringssl/crypto/modes/cfb.c +5 -6
data/third_party/boringssl/crypto/modes/ctr.c +10 -18
data/third_party/boringssl/crypto/modes/gcm.c +100 -66
data/third_party/boringssl/crypto/modes/internal.h +15 -27
data/third_party/boringssl/crypto/modes/ofb.c +9 -22
data/third_party/boringssl/crypto/newhope/error_correction.c +131 -0
data/third_party/boringssl/crypto/newhope/internal.h +71 -0
data/third_party/boringssl/crypto/newhope/newhope.c +174 -0
data/third_party/boringssl/crypto/newhope/ntt.c +148 -0
data/third_party/boringssl/crypto/newhope/poly.c +183 -0
data/third_party/boringssl/crypto/newhope/precomp.c +306 -0
data/third_party/boringssl/crypto/newhope/reduce.c +42 -0
data/third_party/boringssl/crypto/obj/obj.c +111 -135
data/third_party/boringssl/crypto/obj/obj_dat.h +4 -10
data/third_party/boringssl/crypto/pem/pem_lib.c +6 -43
data/third_party/boringssl/crypto/pem/pem_pkey.c +10 -19
data/third_party/boringssl/crypto/pkcs8/p5_pbe.c +1 -0
data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +2 -1
data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +2 -2
data/third_party/boringssl/crypto/pkcs8/pkcs8.c +95 -87
data/third_party/boringssl/crypto/{test/test_util.h → poly1305/internal.h} +15 -10
data/third_party/boringssl/crypto/poly1305/poly1305.c +8 -15
data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +1 -0
data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +3 -3
data/third_party/boringssl/crypto/rand/deterministic.c +47 -0
data/third_party/boringssl/crypto/rand/rand.c +4 -1
data/third_party/boringssl/crypto/rand/urandom.c +5 -7
data/third_party/boringssl/crypto/rand/windows.c +5 -8
data/third_party/boringssl/crypto/rc4/rc4.c +24 -209
data/third_party/boringssl/crypto/refcount_lock.c +2 -2
data/third_party/boringssl/crypto/rsa/blinding.c +74 -232
data/third_party/boringssl/crypto/rsa/internal.h +5 -13
data/third_party/boringssl/crypto/rsa/padding.c +64 -63
data/third_party/boringssl/crypto/rsa/rsa.c +50 -28
data/third_party/boringssl/crypto/rsa/rsa_asn1.c +8 -16
data/third_party/boringssl/crypto/rsa/rsa_impl.c +134 -122
data/third_party/boringssl/crypto/sha/sha256.c +2 -2
data/third_party/boringssl/crypto/sha/sha512.c +7 -7
data/third_party/boringssl/crypto/stack/stack.c +13 -22
data/third_party/boringssl/crypto/thread.c +21 -12
data/third_party/boringssl/crypto/thread_none.c +6 -2
data/third_party/boringssl/crypto/thread_pthread.c +16 -7
data/third_party/boringssl/crypto/thread_win.c +38 -85
data/third_party/boringssl/crypto/x509/a_sign.c +3 -3
data/third_party/boringssl/crypto/x509/a_strex.c +1 -1
data/third_party/boringssl/crypto/x509/a_verify.c +2 -2
data/third_party/boringssl/crypto/{evp → x509}/algorithm.c +37 -53
data/third_party/boringssl/crypto/x509/asn1_gen.c +1 -2
data/third_party/boringssl/crypto/x509/by_dir.c +6 -6
data/third_party/boringssl/crypto/x509/internal.h +66 -0
data/third_party/boringssl/crypto/x509/rsa_pss.c +385 -0
data/third_party/boringssl/crypto/x509/t_x509.c +10 -12
data/third_party/boringssl/crypto/x509/x509.c +5 -0
data/third_party/boringssl/crypto/x509/x509_att.c +9 -3
data/third_party/boringssl/crypto/x509/x509_lu.c +34 -44
data/third_party/boringssl/crypto/x509/x509_obj.c +19 -2
data/third_party/boringssl/crypto/x509/x509_r2x.c +9 -5
data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
data/third_party/boringssl/crypto/x509/x509_txt.c +5 -0
data/third_party/boringssl/crypto/x509/x509_vfy.c +63 -32
data/third_party/boringssl/crypto/x509/x509_vpm.c +29 -18
data/third_party/boringssl/crypto/x509/x509cset.c +2 -1
data/third_party/boringssl/crypto/x509/x_crl.c +2 -2
data/third_party/boringssl/crypto/x509/x_name.c +14 -17
data/third_party/boringssl/crypto/x509/x_pubkey.c +10 -7
data/third_party/boringssl/crypto/x509/x_x509.c +67 -6
data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -2
data/third_party/boringssl/crypto/x509v3/pcy_tree.c +2 -1
data/third_party/boringssl/crypto/x509v3/v3_conf.c +4 -3
data/third_party/boringssl/crypto/x509v3/v3_cpols.c +5 -0
data/third_party/boringssl/crypto/x509v3/v3_prn.c +0 -3
data/third_party/boringssl/crypto/x509v3/v3_purp.c +2 -2
data/third_party/boringssl/crypto/x509v3/v3_utl.c +2 -1
data/third_party/boringssl/include/openssl/aead.h +72 -73
data/third_party/boringssl/include/openssl/arm_arch.h +0 -6
data/third_party/boringssl/include/openssl/asn1.h +103 -235
data/third_party/boringssl/include/openssl/asn1_mac.h +17 -74
data/third_party/boringssl/include/openssl/asn1t.h +1 -11
data/third_party/boringssl/include/openssl/base.h +145 -3
data/third_party/boringssl/include/openssl/base64.h +20 -17
data/third_party/boringssl/include/openssl/bio.h +59 -34
data/third_party/boringssl/include/openssl/bn.h +118 -51
data/third_party/boringssl/include/openssl/buf.h +15 -0
data/third_party/boringssl/include/openssl/bytestring.h +52 -4
data/third_party/boringssl/include/openssl/chacha.h +2 -2
data/third_party/boringssl/include/openssl/cipher.h +18 -1
data/third_party/boringssl/include/openssl/cmac.h +11 -0
data/third_party/boringssl/include/openssl/conf.h +13 -2
data/third_party/boringssl/include/openssl/cpu.h +20 -23
data/third_party/boringssl/include/openssl/crypto.h +22 -1
data/third_party/boringssl/include/openssl/curve25519.h +96 -4
data/third_party/boringssl/include/openssl/dh.h +71 -16
data/third_party/boringssl/include/openssl/digest.h +38 -11
data/third_party/boringssl/include/openssl/dsa.h +40 -4
data/third_party/boringssl/include/openssl/ec.h +44 -18
data/third_party/boringssl/include/openssl/ec_key.h +27 -6
data/third_party/boringssl/include/openssl/ecdsa.h +11 -0
data/third_party/boringssl/include/openssl/engine.h +11 -0
data/third_party/boringssl/include/openssl/evp.h +52 -88
data/third_party/boringssl/include/openssl/hkdf.h +24 -4
data/third_party/boringssl/include/openssl/hmac.h +20 -6
data/third_party/boringssl/include/openssl/md4.h +4 -0
data/third_party/boringssl/include/openssl/mem.h +19 -0
data/third_party/boringssl/include/openssl/newhope.h +158 -0
data/third_party/boringssl/include/openssl/nid.h +4166 -0
data/third_party/boringssl/include/openssl/obj.h +31 -3
data/third_party/boringssl/include/openssl/obj_mac.h +17 -4143
data/third_party/boringssl/include/openssl/{opensslfeatures.h → opensslconf.h} +3 -3
data/third_party/boringssl/include/openssl/pem.h +5 -0
data/third_party/boringssl/include/openssl/pkcs8.h +12 -0
data/third_party/boringssl/include/openssl/rand.h +6 -0
data/third_party/boringssl/include/openssl/rc4.h +6 -0
data/third_party/boringssl/{crypto/dh/internal.h → include/openssl/ripemd.h} +38 -11
data/third_party/boringssl/include/openssl/rsa.h +127 -65
data/third_party/boringssl/include/openssl/sha.h +14 -10
data/third_party/boringssl/include/openssl/ssl.h +561 -275
data/third_party/boringssl/include/openssl/ssl3.h +18 -25
data/third_party/boringssl/include/openssl/stack.h +2 -4
data/third_party/boringssl/include/openssl/stack_macros.h +321 -353
data/third_party/boringssl/include/openssl/thread.h +31 -13
data/third_party/boringssl/include/openssl/time_support.h +1 -0
data/third_party/boringssl/include/openssl/tls1.h +37 -33
data/third_party/boringssl/include/openssl/x509.h +69 -26
data/third_party/boringssl/include/openssl/x509_vfy.h +12 -10
data/third_party/boringssl/include/openssl/x509v3.h +23 -2
data/third_party/boringssl/ssl/custom_extensions.c +3 -5
data/third_party/boringssl/ssl/d1_both.c +463 -499
data/third_party/boringssl/ssl/d1_lib.c +38 -109
data/third_party/boringssl/ssl/d1_pkt.c +173 -334
data/third_party/boringssl/ssl/d1_srtp.c +20 -18
data/third_party/boringssl/ssl/{d1_meth.c → dtls_method.c} +88 -15
data/third_party/boringssl/ssl/dtls_record.c +27 -26
data/third_party/boringssl/ssl/{s3_clnt.c → handshake_client.c} +816 -904
data/third_party/boringssl/ssl/handshake_server.c +1932 -0
data/third_party/boringssl/ssl/internal.h +712 -439
data/third_party/boringssl/ssl/s3_both.c +445 -257
data/third_party/boringssl/ssl/s3_enc.c +53 -36
data/third_party/boringssl/ssl/s3_lib.c +23 -268
data/third_party/boringssl/ssl/s3_pkt.c +168 -364
data/third_party/boringssl/ssl/ssl_aead_ctx.c +46 -17
data/third_party/boringssl/ssl/ssl_asn1.c +56 -26
data/third_party/boringssl/ssl/ssl_buffer.c +16 -24
data/third_party/boringssl/ssl/ssl_cert.c +324 -49
data/third_party/boringssl/ssl/ssl_cipher.c +205 -150
data/third_party/boringssl/ssl/ssl_ecdh.c +287 -51
data/third_party/boringssl/ssl/ssl_file.c +21 -68
data/third_party/boringssl/ssl/ssl_lib.c +881 -510
data/third_party/boringssl/ssl/ssl_rsa.c +404 -34
data/third_party/boringssl/ssl/ssl_session.c +324 -103
data/third_party/boringssl/ssl/ssl_stat.c +6 -88
data/third_party/boringssl/ssl/t1_enc.c +23 -39
data/third_party/boringssl/ssl/t1_lib.c +1120 -622
data/third_party/boringssl/ssl/tls13_both.c +440 -0
data/third_party/boringssl/ssl/tls13_client.c +682 -0
data/third_party/boringssl/ssl/tls13_enc.c +391 -0
data/third_party/boringssl/ssl/tls13_server.c +672 -0
data/third_party/boringssl/ssl/{s3_meth.c → tls_method.c} +100 -21
data/third_party/boringssl/ssl/tls_record.c +159 -77
data/third_party/nanopb/pb.h +60 -28
data/third_party/nanopb/pb_decode.c +120 -92
data/third_party/nanopb/pb_decode.h +3 -3
data/third_party/nanopb/pb_encode.c +73 -67
data/third_party/nanopb/pb_encode.h +4 -4
metadata +155 -89
data/include/grpc/impl/codegen/byte_buffer.h +0 -122
data/include/grpc/impl/codegen/log.h +0 -118
data/include/grpc/impl/codegen/time.h +0 -130
data/src/core/ext/client_config/client_channel.c +0 -593
data/src/core/ext/client_config/subchannel_call_holder.c +0 -272
data/src/core/ext/client_config/subchannel_call_holder.h +0 -99
data/src/core/lib/iomgr/ev_poll_and_epoll_posix.c +0 -2046
data/src/core/lib/iomgr/workqueue_posix.c +0 -151
data/src/core/lib/security/transport/handshake.c +0 -368
data/third_party/boringssl/crypto/asn1/a_bytes.c +0 -308
data/third_party/boringssl/crypto/asn1/bio_asn1.c +0 -477
data/third_party/boringssl/crypto/asn1/bio_ndef.c +0 -251
data/third_party/boringssl/crypto/asn1/t_pkey.c +0 -110
data/third_party/boringssl/crypto/asn1/tasn_prn.c +0 -596
data/third_party/boringssl/crypto/chacha/chacha_vec.c +0 -328
data/third_party/boringssl/crypto/directory.h +0 -66
data/third_party/boringssl/crypto/directory_posix.c +0 -108
data/third_party/boringssl/crypto/directory_win.c +0 -144
data/third_party/boringssl/crypto/test/scoped_types.h +0 -140
data/third_party/boringssl/include/openssl/pqueue.h +0 -146
data/third_party/boringssl/ssl/d1_clnt.c +0 -561
data/third_party/boringssl/ssl/d1_srvr.c +0 -476
data/third_party/boringssl/ssl/pqueue/pqueue.c +0 -197
data/third_party/boringssl/ssl/s3_srvr.c +0 -2272
data/third_party/boringssl/ssl/test/async_bio.h +0 -45
data/third_party/boringssl/ssl/test/packeted_bio.h +0 -44
data/third_party/boringssl/ssl/test/test_config.h +0 -110

data/third_party/boringssl/ssl/d1_lib.c CHANGED

@@ -56,23 +56,16 @@
 #include <openssl/ssl.h>
+#include <assert.h>
 #include <limits.h>
-#include <stdio.h>
 #include <string.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
-#include <openssl/obj.h>
+#include <openssl/nid.h>
 #include "internal.h"
-#if defined(OPENSSL_WINDOWS)
-#include <sys/timeb.h>
-#else
-#include <sys/socket.h>
-#include <sys/time.h>
-#endif
 /* DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire
  * before starting to decrease the MTU. */
@@ -82,8 +75,6 @@
  * before failing the DTLS handshake. */
 #define DTLS1_MAX_TIMEOUTS                     12
-static void get_current_time(const SSL *ssl, struct timeval *out_clock);
 int dtls1_new(SSL *ssl) {
   DTLS1_STATE *d1;
@@ -97,17 +88,6 @@ int dtls1_new(SSL *ssl) {
   }
   memset(d1, 0, sizeof *d1);
-  d1->buffered_messages = pqueue_new();
-  d1->sent_messages = pqueue_new();
-  if (!d1->buffered_messages || !d1->sent_messages) {
-    pqueue_free(d1->buffered_messages);
-    pqueue_free(d1->sent_messages);
-    OPENSSL_free(d1);
-    ssl3_free(ssl);
-    return 0;
-  }
   ssl->d1 = d1;
   /* Set the version to the highest supported version.
@@ -119,23 +99,6 @@ int dtls1_new(SSL *ssl) {
   return 1;
 }
-static void dtls1_clear_queues(SSL *ssl) {
-  pitem *item = NULL;
-  hm_fragment *frag = NULL;
-  while ((item = pqueue_pop(ssl->d1->buffered_messages)) != NULL) {
-    frag = (hm_fragment *)item->data;
-    dtls1_hm_fragment_free(frag);
-    pitem_free(item);
-  }
-  while ((item = pqueue_pop(ssl->d1->sent_messages)) != NULL) {
-    frag = (hm_fragment *)item->data;
-    dtls1_hm_fragment_free(frag);
-    pitem_free(item);
-  }
-}
 void dtls1_free(SSL *ssl) {
   ssl3_free(ssl);
@@ -143,38 +106,43 @@ void dtls1_free(SSL *ssl) {
     return;
   }
-  dtls1_clear_queues(ssl);
-  pqueue_free(ssl->d1->buffered_messages);
-  pqueue_free(ssl->d1->sent_messages);
+  dtls_clear_incoming_messages(ssl);
+  dtls_clear_outgoing_messages(ssl);
   OPENSSL_free(ssl->d1);
   ssl->d1 = NULL;
 }
 int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
-  /* DTLS does not support stream ciphers. The NULL cipher is rejected because
-   * it's not needed. */
-  return cipher->algorithm_enc != SSL_RC4 && cipher->algorithm_enc != SSL_eNULL;
+  return cipher->algorithm_enc != SSL_eNULL;
+}
+void DTLSv1_set_initial_timeout_duration(SSL *ssl, unsigned int duration_ms) {
+  ssl->initial_timeout_duration_ms = duration_ms;
 }
 void dtls1_start_timer(SSL *ssl) {
-  /* If timer is not set, initialize duration with 1 second */
+  /* If timer is not set, initialize duration (by default, 1 second) */
   if (ssl->d1->next_timeout.tv_sec == 0 && ssl->d1->next_timeout.tv_usec == 0) {
-    ssl->d1->timeout_duration = 1;
+    ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
   }
   /* Set timeout to current time */
-  get_current_time(ssl, &ssl->d1->next_timeout);
+  ssl_get_current_time(ssl, &ssl->d1->next_timeout);
   /* Add duration to current time */
-  ssl->d1->next_timeout.tv_sec += ssl->d1->timeout_duration;
-  BIO_ctrl(SSL_get_rbio(ssl), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+  ssl->d1->next_timeout.tv_sec += ssl->d1->timeout_duration_ms / 1000;
+  ssl->d1->next_timeout.tv_usec += (ssl->d1->timeout_duration_ms % 1000) * 1000;
+  if (ssl->d1->next_timeout.tv_usec >= 1000000) {
+    ssl->d1->next_timeout.tv_sec++;
+    ssl->d1->next_timeout.tv_usec -= 1000000;
+  }
+  BIO_ctrl(ssl->rbio, BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
            &ssl->d1->next_timeout);
 }
 int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out) {
-  if (!SSL_IS_DTLS(ssl)) {
+  if (!SSL_is_dtls(ssl)) {
     return 0;
   }
@@ -183,9 +151,8 @@ int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out) {
     return 0;
   }
-  /* Get current time */
   struct timeval timenow;
-  get_current_time(ssl, &timenow);
+  ssl_get_current_time(ssl, &timenow);
   /* If timer already expired, set remaining time to 0 */
   if (ssl->d1->next_timeout.tv_sec < timenow.tv_sec ||
@@ -231,9 +198,9 @@ int dtls1_is_timer_expired(SSL *ssl) {
 }
 void dtls1_double_timeout(SSL *ssl) {
-  ssl->d1->timeout_duration *= 2;
-  if (ssl->d1->timeout_duration > 60) {
-    ssl->d1->timeout_duration = 60;
+  ssl->d1->timeout_duration_ms *= 2;
+  if (ssl->d1->timeout_duration_ms > 60000) {
+    ssl->d1->timeout_duration_ms = 60000;
   }
   dtls1_start_timer(ssl);
 }
@@ -242,11 +209,11 @@ void dtls1_stop_timer(SSL *ssl) {
   /* Reset everything */
   ssl->d1->num_timeouts = 0;
   memset(&ssl->d1->next_timeout, 0, sizeof(struct timeval));
-  ssl->d1->timeout_duration = 1;
-  BIO_ctrl(SSL_get_rbio(ssl), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+  ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
+  BIO_ctrl(ssl->rbio, BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
            &ssl->d1->next_timeout);
   /* Clear retransmission buffer */
-  dtls1_clear_record_buffer(ssl);
+  dtls_clear_outgoing_messages(ssl);
 }
 int dtls1_check_timeout_num(SSL *ssl) {
@@ -255,8 +222,7 @@ int dtls1_check_timeout_num(SSL *ssl) {
   /* Reduce MTU after 2 unsuccessful retransmissions */
   if (ssl->d1->num_timeouts > DTLS1_MTU_TIMEOUTS &&
       !(SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) {
-    long mtu = BIO_ctrl(SSL_get_wbio(ssl), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
-                        NULL);
+    long mtu = BIO_ctrl(ssl->wbio, BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
     if (mtu >= 0 && mtu <= (1 << 30) && (unsigned)mtu >= dtls1_min_mtu()) {
       ssl->d1->mtu = (unsigned)mtu;
     }
@@ -272,7 +238,11 @@ int dtls1_check_timeout_num(SSL *ssl) {
 }
 int DTLSv1_handle_timeout(SSL *ssl) {
-  if (!SSL_IS_DTLS(ssl)) {
+  ssl->rwstate = SSL_NOTHING;
+  /* Functions which use SSL_get_error must clear the error queue on entry. */
+  ERR_clear_error();
+  if (!SSL_is_dtls(ssl)) {
     return -1;
   }
@@ -288,54 +258,13 @@ int DTLSv1_handle_timeout(SSL *ssl) {
   }
   dtls1_start_timer(ssl);
-  return dtls1_retransmit_buffered_messages(ssl);
+  return dtls1_retransmit_outgoing_messages(ssl);
 }
-static void get_current_time(const SSL *ssl, struct timeval *out_clock) {
-  if (ssl->ctx->current_time_cb != NULL) {
-    ssl->ctx->current_time_cb(ssl, out_clock);
-    return;
-  }
-#if defined(OPENSSL_WINDOWS)
-  struct _timeb time;
-  _ftime(&time);
-  out_clock->tv_sec = time.time;
-  out_clock->tv_usec = time.millitm * 1000;
-#else
-  gettimeofday(out_clock, NULL);
-#endif
-}
-int dtls1_set_handshake_header(SSL *ssl, int htype, unsigned long len) {
-  uint8_t *message = (uint8_t *)ssl->init_buf->data;
-  const struct hm_header_st *msg_hdr = &ssl->d1->w_msg_hdr;
-  uint8_t serialised_header[DTLS1_HM_HEADER_LENGTH];
-  uint8_t *p = serialised_header;
-  ssl->d1->handshake_write_seq = ssl->d1->next_handshake_write_seq;
-  ssl->d1->next_handshake_write_seq++;
-  dtls1_set_message_header(ssl, htype, len, ssl->d1->handshake_write_seq, 0,
-                           len);
-  ssl->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
-  ssl->init_off = 0;
-  /* Buffer the message to handle re-xmits */
-  dtls1_buffer_message(ssl);
-  /* Add the new message to the handshake hash. Serialize the message
-   * header as if it were a single fragment. */
-  *p++ = msg_hdr->type;
-  l2n3(msg_hdr->msg_len, p);
-  s2n(msg_hdr->seq, p);
-  l2n3(0, p);
-  l2n3(msg_hdr->msg_len, p);
-  return ssl3_update_handshake_hash(ssl, serialised_header,
-                                    sizeof(serialised_header)) &&
-         ssl3_update_handshake_hash(ssl, message + DTLS1_HM_HEADER_LENGTH, len);
+void dtls1_expect_flight(SSL *ssl) {
+  dtls1_start_timer(ssl);
 }
-int dtls1_handshake_write(SSL *ssl) {
-  return dtls1_do_handshake_write(ssl, dtls1_use_current_epoch);
+void dtls1_received_flight(SSL *ssl) {
+  dtls1_stop_timer(ssl);
 }

data/third_party/boringssl/ssl/d1_pkt.c CHANGED

@@ -112,10 +112,11 @@
 #include <openssl/ssl.h>
 #include <assert.h>
-#include <stdio.h>
 #include <string.h>
+#include <openssl/bio.h>
 #include <openssl/buf.h>
+#include <openssl/bytestring.h>
 #include <openssl/mem.h>
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -124,60 +125,71 @@
 #include "internal.h"
-static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
-                          unsigned int len, enum dtls1_use_epoch_t use_epoch);
-/* dtls1_get_record reads a new input record. On success, it places it in
- * |ssl->s3->rrec| and returns one. Otherwise it returns <= 0 on error or if
- * more data is needed. */
-static int dtls1_get_record(SSL *ssl) {
+int dtls1_get_record(SSL *ssl) {
 again:
+  switch (ssl->s3->recv_shutdown) {
+    case ssl_shutdown_none:
+      break;
+    case ssl_shutdown_fatal_alert:
+      OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
+      return -1;
+    case ssl_shutdown_close_notify:
+      return 0;
+  }
   /* Read a new packet if there is no unconsumed one. */
   if (ssl_read_buffer_len(ssl) == 0) {
-    int ret = ssl_read_buffer_extend_to(ssl, 0 /* unused */);
-    if (ret <= 0) {
-      return ret;
+    int read_ret = ssl_read_buffer_extend_to(ssl, 0 /* unused */);
+    if (read_ret < 0 && dtls1_is_timer_expired(ssl)) {
+      /* For blocking BIOs, retransmits must be handled internally. */
+      int timeout_ret = DTLSv1_handle_timeout(ssl);
+      if (timeout_ret <= 0) {
+        return timeout_ret;
+      }
+      goto again;
+    }
+    if (read_ret <= 0) {
+      return read_ret;
     }
   }
   assert(ssl_read_buffer_len(ssl) > 0);
-  /* Ensure the packet is large enough to decrypt in-place. */
-  if (ssl_read_buffer_len(ssl) < ssl_record_prefix_len(ssl)) {
-    ssl_read_buffer_clear(ssl);
-    goto again;
-  }
-  uint8_t *out = ssl_read_buffer(ssl) + ssl_record_prefix_len(ssl);
-  size_t max_out = ssl_read_buffer_len(ssl) - ssl_record_prefix_len(ssl);
+  CBS body;
   uint8_t type, alert;
-  size_t len, consumed;
-  switch (dtls_open_record(ssl, &type, out, &len, &consumed, &alert, max_out,
-                           ssl_read_buffer(ssl), ssl_read_buffer_len(ssl))) {
-    case ssl_open_record_success:
-      ssl_read_buffer_consume(ssl, consumed);
+  size_t consumed;
+  enum ssl_open_record_t open_ret =
+      dtls_open_record(ssl, &type, &body, &consumed, &alert,
+                       ssl_read_buffer(ssl), ssl_read_buffer_len(ssl));
+  ssl_read_buffer_consume(ssl, consumed);
+  switch (open_ret) {
+    case ssl_open_record_partial:
+      /* Impossible in DTLS. */
+      break;
-      if (len > 0xffff) {
+    case ssl_open_record_success:
+      if (CBS_len(&body) > 0xffff) {
         OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
         return -1;
       }
       SSL3_RECORD *rr = &ssl->s3->rrec;
       rr->type = type;
-      rr->length = (uint16_t)len;
-      rr->data = out;
+      rr->length = (uint16_t)CBS_len(&body);
+      rr->data = (uint8_t *)CBS_data(&body);
       return 1;
     case ssl_open_record_discard:
-      ssl_read_buffer_consume(ssl, consumed);
       goto again;
+    case ssl_open_record_close_notify:
+      return 0;
+    case ssl_open_record_fatal_alert:
+      return -1;
     case ssl_open_record_error:
       ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
       return -1;
-    case ssl_open_record_partial:
-      /* Impossible in DTLS. */
-      break;
   }
   assert(0);
@@ -185,318 +197,167 @@ again:
   return -1;
 }
-int dtls1_read_app_data(SSL *ssl, uint8_t *buf, int len, int peek) {
-  return dtls1_read_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf, len, peek);
-}
-int dtls1_read_change_cipher_spec(SSL *ssl) {
-  uint8_t byte;
-  int ret = dtls1_read_bytes(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, &byte,
-                             1 /* len */, 0 /* no peek */);
-  if (ret <= 0) {
-    return ret;
-  }
-  assert(ret == 1);
+int dtls1_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
+                        int peek) {
+  assert(!SSL_in_init(ssl));
-  if (ssl->s3->rrec.length != 0 || byte != SSL3_MT_CCS) {
-    OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC);
-    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
-    return -1;
-  }
+  *out_got_handshake = 0;
+  SSL3_RECORD *rr = &ssl->s3->rrec;
-  if (ssl->msg_callback != NULL) {
-    ssl->msg_callback(0, ssl->version, SSL3_RT_CHANGE_CIPHER_SPEC, &byte, 1,
-                      ssl, ssl->msg_callback_arg);
+again:
+  if (rr->length == 0) {
+    int ret = dtls1_get_record(ssl);
+    if (ret <= 0) {
+      return ret;
+    }
   }
-  return 1;
-}
+  if (rr->type == SSL3_RT_HANDSHAKE) {
+    /* Parse the first fragment header to determine if this is a pre-CCS or
+     * post-CCS handshake record. DTLS resets handshake message numbers on each
+     * handshake, so renegotiations and retransmissions are ambiguous. */
+    CBS cbs, body;
+    struct hm_header_st msg_hdr;
+    CBS_init(&cbs, rr->data, rr->length);
+    if (!dtls1_parse_fragment(&cbs, &msg_hdr, &body)) {
+      ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+      OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HANDSHAKE_RECORD);
+      return -1;
+    }
-void dtls1_read_close_notify(SSL *ssl) {
-  /* Bidirectional shutdown doesn't make sense for an unordered transport. DTLS
-   * alerts also aren't delivered reliably, so we may even time out because the
-   * peer never received our close_notify. Report to the caller that the channel
-   * has fully shut down. */
-  ssl->shutdown |= SSL_RECEIVED_SHUTDOWN;
-}
+    if (msg_hdr.type == SSL3_MT_FINISHED &&
+        msg_hdr.seq == ssl->d1->handshake_read_seq - 1) {
+      if (msg_hdr.frag_off == 0) {
+        /* Retransmit our last flight of messages. If the peer sends the second
+         * Finished, they may not have received ours. Only do this for the
+         * first fragment, in case the Finished was fragmented. */
+        if (dtls1_check_timeout_num(ssl) < 0) {
+          return -1;
+        }
-/* Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when dtls1_get_message calls us)
- *   -  SSL3_RT_CHANGE_CIPHER_SPEC (when dtls1_read_change_cipher_spec calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when dtls1_read_app_data calls us)
- *
- * If we don't have stored data to work from, read a DTLS record first (possibly
- * multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify) and out of records. */
-int dtls1_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int peek) {
-  int al, i, ret;
-  unsigned int n;
-  SSL3_RECORD *rr;
-  void (*cb)(const SSL *ssl, int type, int value) = NULL;
-  if ((type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_HANDSHAKE &&
-       type != SSL3_RT_CHANGE_CIPHER_SPEC) ||
-      (peek && type != SSL3_RT_APPLICATION_DATA)) {
-    OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
-    return -1;
-  }
+        dtls1_retransmit_outgoing_messages(ssl);
+      }
-  if (!ssl->in_handshake && SSL_in_init(ssl)) {
-    /* type == SSL3_RT_APPLICATION_DATA */
-    i = ssl->handshake_func(ssl);
-    if (i < 0) {
-      return i;
-    }
-    if (i == 0) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
-      return -1;
+      rr->length = 0;
+      goto again;
     }
-  }
-start:
-  ssl->rwstate = SSL_NOTHING;
-  /* ssl->s3->rrec.type     - is the type of record
-   * ssl->s3->rrec.data     - data
-   * ssl->s3->rrec.off      - offset into 'data' for next read
-   * ssl->s3->rrec.length   - number of bytes. */
-  rr = &ssl->s3->rrec;
+    /* Otherwise, this is a pre-CCS handshake message from an unsupported
+     * renegotiation attempt. Fall through to the error path. */
+  }
-  /* Check for timeout */
-  if (DTLSv1_handle_timeout(ssl) > 0) {
-    goto start;
+  if (rr->type != SSL3_RT_APPLICATION_DATA) {
+    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+    OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
+    return -1;
   }
-  /* get new packet if necessary */
+  /* Discard empty records. */
   if (rr->length == 0) {
-    ret = dtls1_get_record(ssl);
-    if (ret <= 0) {
-      ret = dtls1_read_failed(ssl, ret);
-      /* anything other than a timeout is an error */
-      if (ret <= 0) {
-        return ret;
-      } else {
-        goto start;
-      }
-    }
+    goto again;
   }
-  /* we now have a packet which can be read and processed */
-  /* If the other end has shut down, throw anything we read away (even in
-   * 'peek' mode) */
-  if (ssl->shutdown & SSL_RECEIVED_SHUTDOWN) {
-    rr->length = 0;
-    ssl->rwstate = SSL_NOTHING;
-    return 0;
+  if (len <= 0) {
+    return len;
   }
+  if ((unsigned)len > rr->length) {
+    len = rr->length;
+  }
-  if (type == rr->type) {
-    /* Make sure that we are not getting application data when we
-     * are doing a handshake for the first time. */
-    if (SSL_in_init(ssl) && (type == SSL3_RT_APPLICATION_DATA) &&
-        (ssl->s3->aead_read_ctx == NULL)) {
-      /* TODO(davidben): Is this check redundant with the handshake_func
-       * check? */
-      al = SSL_AD_UNEXPECTED_MESSAGE;
-      OPENSSL_PUT_ERROR(SSL, SSL_R_APP_DATA_IN_HANDSHAKE);
-      goto f_err;
-    }
-    /* Discard empty records. */
+  memcpy(buf, rr->data, len);
+  if (!peek) {
+    /* TODO(davidben): Should the record be truncated instead? This is a
+     * datagram transport. See https://crbug.com/boringssl/65. */
+    rr->length -= len;
+    rr->data += len;
     if (rr->length == 0) {
-      goto start;
+      /* The record has been consumed, so we may now clear the buffer. */
+      ssl_read_buffer_discard(ssl);
     }
-    if (len <= 0) {
-      return len;
-    }
-    if ((unsigned int)len > rr->length) {
-      n = rr->length;
-    } else {
-      n = (unsigned int)len;
-    }
-    memcpy(buf, rr->data, n);
-    if (!peek) {
-      rr->length -= n;
-      rr->data += n;
-      if (rr->length == 0) {
-        /* The record has been consumed, so we may now clear the buffer. */
-        ssl_read_buffer_discard(ssl);
-      }
-    }
-    return n;
   }
-  /* If we get here, then type != rr->type. */
-  /* If an alert record, process one alert out of the record. Note that we allow
-   * a single record to contain multiple alerts. */
-  if (rr->type == SSL3_RT_ALERT) {
-    /* Alerts may not be fragmented. */
-    if (rr->length < 2) {
-      al = SSL_AD_DECODE_ERROR;
-      OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_ALERT);
-      goto f_err;
-    }
-    if (ssl->msg_callback) {
-      ssl->msg_callback(0, ssl->version, SSL3_RT_ALERT, rr->data, 2, ssl,
-                      ssl->msg_callback_arg);
-    }
-    const uint8_t alert_level = rr->data[0];
-    const uint8_t alert_descr = rr->data[1];
-    rr->length -= 2;
-    rr->data += 2;
-    if (ssl->info_callback != NULL) {
-      cb = ssl->info_callback;
-    } else if (ssl->ctx->info_callback != NULL) {
-      cb = ssl->ctx->info_callback;
-    }
+  return len;
+}
-    if (cb != NULL) {
-      uint16_t alert = (alert_level << 8) | alert_descr;
-      cb(ssl, SSL_CB_READ_ALERT, alert);
-    }
+int dtls1_read_change_cipher_spec(SSL *ssl) {
+  SSL3_RECORD *rr = &ssl->s3->rrec;
-    if (alert_level == SSL3_AL_WARNING) {
-      ssl->s3->warn_alert = alert_descr;
-      if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-        ssl->shutdown |= SSL_RECEIVED_SHUTDOWN;
-        return 0;
-      }
-    } else if (alert_level == SSL3_AL_FATAL) {
-      char tmp[16];
-      ssl->rwstate = SSL_NOTHING;
-      ssl->s3->fatal_alert = alert_descr;
-      OPENSSL_PUT_ERROR(SSL, SSL_AD_REASON_OFFSET + alert_descr);
-      BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
-      ERR_add_error_data(2, "SSL alert number ", tmp);
-      ssl->shutdown |= SSL_RECEIVED_SHUTDOWN;
-      SSL_CTX_remove_session(ssl->ctx, ssl->session);
-      return 0;
-    } else {
-      al = SSL_AD_ILLEGAL_PARAMETER;
-      OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_ALERT_TYPE);
-      goto f_err;
+again:
+  if (rr->length == 0) {
+    int ret = dtls1_get_record(ssl);
+    if (ret <= 0) {
+      return ret;
     }
-    goto start;
   }
-  /* Cross-epoch records are discarded, but we may receive out-of-order
-   * application data between ChangeCipherSpec and Finished or a ChangeCipherSpec
-   * before the appropriate point in the handshake. Those must be silently
-   * discarded.
-   *
-   * However, only allow the out-of-order records in the correct epoch.
-   * Application data must come in the encrypted epoch, and ChangeCipherSpec in
-   * the unencrypted epoch (we never renegotiate). Other cases fall through and
-   * fail with a fatal error. */
-  if ((rr->type == SSL3_RT_APPLICATION_DATA &&
-       ssl->s3->aead_read_ctx != NULL) ||
-      (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC &&
-       ssl->s3->aead_read_ctx == NULL)) {
+  /* Drop handshake records silently. The epochs match, so this must be a
+   * retransmit of a message we already received. */
+  if (rr->type == SSL3_RT_HANDSHAKE) {
     rr->length = 0;
-    goto start;
+    goto again;
   }
-  if (rr->type == SSL3_RT_HANDSHAKE) {
-    if (type != SSL3_RT_APPLICATION_DATA) {
-      /* Out-of-order handshake record while looking for ChangeCipherSpec. Drop
-       * it silently. */
-      assert(type == SSL3_RT_CHANGE_CIPHER_SPEC);
-      rr->length = 0;
-      goto start;
-    }
-    /* Parse the first fragment header to determine if this is a pre-CCS or
-     * post-CCS handshake record. DTLS resets handshake message numbers on each
-     * handshake, so renegotiations and retransmissions are ambiguous. */
-    if (rr->length < DTLS1_HM_HEADER_LENGTH) {
-      al = SSL_AD_DECODE_ERROR;
-      OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_HANDSHAKE_RECORD);
-      goto f_err;
-    }
-    struct hm_header_st msg_hdr;
-    dtls1_get_message_header(rr->data, &msg_hdr);
+  /* Other record types are illegal in this epoch. Note all application data
+   * records come in the encrypted epoch. */
+  if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
+    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+    OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
+    return -1;
+  }
-    if (msg_hdr.type == SSL3_MT_FINISHED) {
-      if (msg_hdr.frag_off == 0) {
-        /* Retransmit our last flight of messages. If the peer sends the second
-         * Finished, they may not have received ours. Only do this for the
-         * first fragment, in case the Finished was fragmented. */
-        if (dtls1_check_timeout_num(ssl) < 0) {
-          return -1;
-        }
+  if (rr->length != 1 || rr->data[0] != SSL3_MT_CCS) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
+    return -1;
+  }
-        dtls1_retransmit_buffered_messages(ssl);
-      }
+  ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data,
+                      rr->length);
-      rr->length = 0;
-      goto start;
-    }
+  rr->length = 0;
+  ssl_read_buffer_discard(ssl);
+  return 1;
+}
-    /* Otherwise, this is a pre-CCS handshake message from an unsupported
-     * renegotiation attempt. Fall through to the error path. */
+void dtls1_read_close_notify(SSL *ssl) {
+  /* Bidirectional shutdown doesn't make sense for an unordered transport. DTLS
+   * alerts also aren't delivered reliably, so we may even time out because the
+   * peer never received our close_notify. Report to the caller that the channel
+   * has fully shut down. */
+  if (ssl->s3->recv_shutdown == ssl_shutdown_none) {
+    ssl->s3->recv_shutdown = ssl_shutdown_close_notify;
   }
-  al = SSL_AD_UNEXPECTED_MESSAGE;
-  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
-f_err:
-  ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
-  return -1;
 }
 int dtls1_write_app_data(SSL *ssl, const void *buf_, int len) {
-  int i;
-  if (SSL_in_init(ssl) && !ssl->in_handshake) {
-    i = ssl->handshake_func(ssl);
-    if (i < 0) {
-      return i;
-    }
-    if (i == 0) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_SSL_HANDSHAKE_FAILURE);
-      return -1;
-    }
-  }
+  assert(!SSL_in_init(ssl));
   if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_DTLS_MESSAGE_TOO_BIG);
     return -1;
   }
-  i = dtls1_write_bytes(ssl, SSL3_RT_APPLICATION_DATA, buf_, len,
-                        dtls1_use_current_epoch);
-  return i;
-}
+  if (len < 0) {
+    OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH);
+    return -1;
+  }
-/* Call this to write data in records of type 'type' It will return <= 0 if not
- * all data has been sent or non-blocking IO. */
-int dtls1_write_bytes(SSL *ssl, int type, const void *buf, int len,
-                      enum dtls1_use_epoch_t use_epoch) {
-  int i;
+  if (len == 0) {
+    return 0;
+  }
-  assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
-  ssl->rwstate = SSL_NOTHING;
-  i = do_dtls1_write(ssl, type, buf, len, use_epoch);
-  return i;
+  int ret = dtls1_write_record(ssl, SSL3_RT_APPLICATION_DATA, buf_, (size_t)len,
+                               dtls1_use_current_epoch);
+  if (ret <= 0) {
+    return ret;
+  }
+  return len;
 }
-static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
-                          unsigned int len, enum dtls1_use_epoch_t use_epoch) {
+int dtls1_write_record(SSL *ssl, int type, const uint8_t *buf, size_t len,
+                       enum dtls1_use_epoch_t use_epoch) {
+  assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
   /* There should never be a pending write buffer in DTLS. One can't write half
    * a datagram, so the write buffer is always dropped in
    * |ssl_write_buffer_flush|. */
@@ -504,7 +365,7 @@ static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
   /* If we have an alert to send, lets send it */
   if (ssl->s3->alert_dispatch) {
-    int ret = ssl->method->ssl_dispatch_alert(ssl);
+    int ret = ssl->method->dispatch_alert(ssl);
     if (ret <= 0) {
       return ret;
     }
@@ -516,10 +377,6 @@ static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
     return -1;
   }
-  if (len == 0) {
-    return 0;
-  }
   size_t max_out = len + ssl_max_seal_overhead(ssl);
   uint8_t *out;
   size_t ciphertext_len;
@@ -535,46 +392,28 @@ static int do_dtls1_write(SSL *ssl, int type, const uint8_t *buf,
   if (ret <= 0) {
     return ret;
   }
-  return (int)len;
+  return 1;
 }
 int dtls1_dispatch_alert(SSL *ssl) {
-  int i, j;
-  void (*cb)(const SSL *ssl, int type, int value) = NULL;
-  uint8_t buf[DTLS1_AL_HEADER_LENGTH];
-  uint8_t *ptr = &buf[0];
   ssl->s3->alert_dispatch = 0;
-  memset(buf, 0x00, sizeof(buf));
-  *ptr++ = ssl->s3->send_alert[0];
-  *ptr++ = ssl->s3->send_alert[1];
-  i = do_dtls1_write(ssl, SSL3_RT_ALERT, &buf[0], sizeof(buf),
-                     dtls1_use_current_epoch);
-  if (i <= 0) {
+  int ret = dtls1_write_record(ssl, SSL3_RT_ALERT, &ssl->s3->send_alert[0], 2,
+                               dtls1_use_current_epoch);
+  if (ret <= 0) {
     ssl->s3->alert_dispatch = 1;
-  } else {
-    if (ssl->s3->send_alert[0] == SSL3_AL_FATAL) {
-      (void)BIO_flush(ssl->wbio);
-    }
+    return ret;
+  }
-    if (ssl->msg_callback) {
-      ssl->msg_callback(1, ssl->version, SSL3_RT_ALERT, ssl->s3->send_alert, 2,
-                        ssl, ssl->msg_callback_arg);
-    }
+  /* If the alert is fatal, flush the BIO now. */
+  if (ssl->s3->send_alert[0] == SSL3_AL_FATAL) {
+    BIO_flush(ssl->wbio);
+  }
-    if (ssl->info_callback != NULL) {
-      cb = ssl->info_callback;
-    } else if (ssl->ctx->info_callback != NULL) {
-      cb = ssl->ctx->info_callback;
-    }
+  ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_ALERT, ssl->s3->send_alert,
+                      2);
-    if (cb != NULL) {
-      j = (ssl->s3->send_alert[0] << 8) | ssl->s3->send_alert[1];
-      cb(ssl, SSL_CB_WRITE_ALERT, j);
-    }
-  }
+  int alert = (ssl->s3->send_alert[0] << 8) | ssl->s3->send_alert[1];
+  ssl_do_info_callback(ssl, SSL_CB_WRITE_ALERT, alert);
-  return i;
+  return 1;
 }