grpc 1.10.0 → 1.11.0.pre2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2098 -501
- data/include/grpc/byte_buffer.h +2 -0
- data/include/grpc/byte_buffer_reader.h +2 -0
- data/include/grpc/census.h +2 -0
- data/include/grpc/fork.h +2 -0
- data/include/grpc/grpc.h +10 -0
- data/include/grpc/grpc_cronet.h +2 -0
- data/include/grpc/grpc_posix.h +2 -1
- data/include/grpc/grpc_security.h +21 -0
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/byte_buffer.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +24 -0
- data/include/grpc/impl/codegen/slice.h +1 -1
- data/include/grpc/impl/codegen/sync.h +1 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +2 -0
- data/include/grpc/impl/codegen/sync_posix.h +2 -0
- data/include/grpc/impl/codegen/sync_windows.h +2 -0
- data/include/grpc/slice.h +2 -0
- data/include/grpc/slice_buffer.h +2 -0
- data/include/grpc/status.h +2 -0
- data/include/grpc/support/alloc.h +2 -2
- data/include/grpc/support/atm.h +2 -0
- data/include/grpc/support/atm_gcc_atomic.h +2 -0
- data/include/grpc/support/atm_gcc_sync.h +2 -0
- data/include/grpc/support/atm_windows.h +2 -0
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/sync.h +2 -0
- data/include/grpc/support/sync_custom.h +2 -0
- data/include/grpc/support/sync_generic.h +2 -0
- data/include/grpc/support/sync_posix.h +2 -0
- data/include/grpc/support/sync_windows.h +2 -0
- data/include/grpc/support/time.h +2 -0
- data/src/boringssl/err_data.c +444 -438
- data/src/core/ext/census/grpc_context.cc +2 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +13 -8
- data/src/core/ext/filters/client_channel/backup_poller.h +3 -2
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +2 -0
- data/src/core/ext/filters/client_channel/client_channel.cc +1988 -433
- data/src/core/ext/filters/client_channel/client_channel.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +2 -0
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +2 -27
- data/src/core/ext/filters/client_channel/connector.cc +2 -0
- data/src/core/ext/filters/client_channel/connector.h +2 -0
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -0
- data/src/core/ext/filters/client_channel/http_proxy.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +96 -78
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +9 -17
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +70 -62
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +2 -1
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +2 -1
- data/src/core/ext/filters/client_channel/method_params.cc +178 -0
- data/src/core/ext/filters/client_channel/method_params.h +74 -0
- data/src/core/ext/filters/client_channel/parse_address.cc +17 -13
- data/src/core/ext/filters/client_channel/parse_address.h +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper.cc +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper.h +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +2 -0
- data/src/core/ext/filters/client_channel/resolver.cc +2 -0
- data/src/core/ext/filters/client_channel/resolver.h +6 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +24 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +2 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +55 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +8 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +30 -3
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +7 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -0
- data/src/core/ext/filters/client_channel/retry_throttle.cc +102 -120
- data/src/core/ext/filters/client_channel/retry_throttle.h +52 -25
- data/src/core/ext/filters/client_channel/subchannel.cc +14 -4
- data/src/core/ext/filters/client_channel/subchannel.h +10 -1
- data/src/core/ext/filters/client_channel/subchannel_index.cc +2 -0
- data/src/core/ext/filters/client_channel/subchannel_index.h +2 -0
- data/src/core/ext/filters/client_channel/uri_parser.cc +2 -1
- data/src/core/ext/filters/client_channel/uri_parser.h +2 -1
- data/src/core/ext/filters/deadline/deadline_filter.cc +2 -1
- data/src/core/ext/filters/deadline/deadline_filter.h +2 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +27 -25
- data/src/core/ext/filters/http/client/http_client_filter.h +2 -0
- data/src/core/ext/filters/http/client_authority_filter.cc +156 -0
- data/src/core/ext/filters/http/client_authority_filter.h +34 -0
- data/src/core/ext/filters/http/http_filters_plugin.cc +2 -0
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +21 -22
- data/src/core/ext/filters/http/message_compress/message_compress_filter.h +2 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +11 -8
- data/src/core/ext/filters/http/server/http_server_filter.h +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.h +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.h +2 -0
- data/src/core/ext/filters/max_age/max_age_filter.cc +2 -0
- data/src/core/ext/filters/max_age/max_age_filter.h +2 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +52 -49
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -0
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +5 -1
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +2 -0
- data/src/core/ext/filters/workarounds/workaround_utils.cc +2 -0
- data/src/core/ext/filters/workarounds/workaround_utils.h +2 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +3 -1
- data/src/core/ext/transport/chttp2/alpn/alpn.h +2 -0
- data/src/core/ext/transport/chttp2/client/authority.cc +42 -0
- data/src/core/ext/transport/chttp2/client/authority.h +36 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +10 -3
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +2 -2
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +37 -25
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +2 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +3 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +2 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +2 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +152 -182
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +2 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +15 -19
- data/src/core/ext/transport/chttp2/transport/frame_data.h +7 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -1
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -0
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +2 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +60 -24
- data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -4
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/varint.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -6
- data/src/core/ext/transport/inproc/inproc_plugin.cc +2 -0
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -23
- data/src/core/ext/transport/inproc/inproc_transport.h +2 -0
- data/src/core/lib/avl/avl.cc +2 -0
- data/src/core/lib/avl/avl.h +2 -0
- data/src/core/lib/backoff/backoff.cc +2 -0
- data/src/core/lib/backoff/backoff.h +2 -0
- data/src/core/lib/channel/channel_args.h +2 -0
- data/src/core/lib/channel/channel_stack.cc +3 -1
- data/src/core/lib/channel/channel_stack.h +2 -0
- data/src/core/lib/channel/channel_stack_builder.cc +2 -0
- data/src/core/lib/channel/channel_stack_builder.h +2 -0
- data/src/core/lib/channel/channel_trace.cc +239 -0
- data/src/core/lib/channel/channel_trace.h +133 -0
- data/src/core/lib/channel/channel_trace_registry.cc +80 -0
- data/src/core/lib/channel/channel_trace_registry.h +43 -0
- data/src/core/lib/channel/connected_channel.cc +2 -0
- data/src/core/lib/channel/connected_channel.h +2 -0
- data/src/core/lib/channel/handshaker.cc +2 -0
- data/src/core/lib/channel/handshaker.h +2 -0
- data/src/core/lib/channel/handshaker_factory.cc +2 -0
- data/src/core/lib/channel/handshaker_factory.h +2 -1
- data/src/core/lib/channel/handshaker_registry.cc +2 -0
- data/src/core/lib/channel/handshaker_registry.h +2 -1
- data/src/core/lib/channel/status_util.cc +100 -0
- data/src/core/lib/channel/status_util.h +58 -0
- data/src/core/lib/compression/algorithm_metadata.h +2 -0
- data/src/core/lib/compression/compression.cc +2 -0
- data/src/core/lib/compression/compression_internal.cc +2 -0
- data/src/core/lib/compression/compression_internal.h +2 -0
- data/src/core/lib/compression/message_compress.cc +2 -0
- data/src/core/lib/compression/message_compress.h +2 -0
- data/src/core/lib/compression/stream_compression.cc +2 -0
- data/src/core/lib/compression/stream_compression.h +2 -0
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -0
- data/src/core/lib/compression/stream_compression_gzip.h +2 -0
- data/src/core/lib/compression/stream_compression_identity.cc +2 -1
- data/src/core/lib/compression/stream_compression_identity.h +2 -0
- data/src/core/lib/debug/stats.cc +2 -0
- data/src/core/lib/debug/stats.h +2 -0
- data/src/core/lib/debug/stats_data.cc +3 -1
- data/src/core/lib/debug/stats_data.h +2 -0
- data/src/core/lib/debug/trace.cc +2 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/gpr/alloc.cc +2 -1
- data/src/core/lib/gpr/arena.cc +47 -0
- data/src/core/lib/gpr/arena.h +2 -0
- data/src/core/lib/gpr/atm.cc +2 -0
- data/src/core/lib/gpr/cpu_linux.cc +5 -1
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/env.h +2 -0
- data/src/core/lib/gpr/fork.cc +2 -0
- data/src/core/lib/gpr/host_port.cc +2 -0
- data/src/core/lib/gpr/log.cc +2 -1
- data/src/core/lib/gpr/log_linux.cc +1 -0
- data/src/core/lib/gpr/mpscq.cc +2 -0
- data/src/core/lib/gpr/mpscq.h +2 -0
- data/src/core/lib/gpr/murmur_hash.cc +2 -0
- data/src/core/lib/gpr/spinlock.h +2 -0
- data/src/core/lib/gpr/string.cc +2 -1
- data/src/core/lib/gpr/string.h +2 -2
- data/src/core/lib/gpr/sync.cc +2 -0
- data/src/core/lib/gpr/time.cc +2 -0
- data/src/core/lib/gpr/time_posix.cc +1 -0
- data/src/core/lib/gpr/time_precise.cc +2 -0
- data/src/core/lib/gpr/time_precise.h +2 -0
- data/src/core/lib/gpr/tls_gcc.h +2 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_pthread.h +2 -0
- data/src/core/lib/gpr/tmpfile.h +2 -0
- data/src/core/lib/gprpp/atomic_with_atm.h +2 -0
- data/src/core/lib/gprpp/atomic_with_std.h +2 -0
- data/src/core/lib/gprpp/inlined_vector.h +2 -0
- data/src/core/lib/gprpp/manual_constructor.h +3 -1
- data/src/core/lib/gprpp/memory.h +5 -3
- data/src/core/lib/gprpp/orphanable.h +3 -0
- data/src/core/lib/gprpp/ref_counted.h +4 -0
- data/src/core/lib/gprpp/ref_counted_ptr.h +3 -0
- data/src/core/lib/gprpp/thd.h +135 -0
- data/src/core/lib/gprpp/thd_posix.cc +209 -0
- data/src/core/lib/gprpp/thd_windows.cc +162 -0
- data/src/core/lib/http/format_request.cc +2 -0
- data/src/core/lib/http/format_request.h +2 -0
- data/src/core/lib/http/httpcli.cc +2 -0
- data/src/core/lib/http/httpcli.h +2 -0
- data/src/core/lib/http/httpcli_security_connector.cc +16 -7
- data/src/core/lib/http/parser.cc +2 -0
- data/src/core/lib/http/parser.h +2 -1
- data/src/core/lib/iomgr/call_combiner.cc +2 -0
- data/src/core/lib/iomgr/call_combiner.h +2 -1
- data/src/core/lib/iomgr/combiner.cc +2 -0
- data/src/core/lib/iomgr/combiner.h +2 -0
- data/src/core/lib/iomgr/endpoint.cc +4 -0
- data/src/core/lib/iomgr/endpoint.h +2 -0
- data/src/core/lib/iomgr/endpoint_pair.h +2 -0
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -0
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +2 -0
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +7 -4
- data/src/core/lib/iomgr/error.h +2 -0
- data/src/core/lib/iomgr/error_internal.h +2 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +2 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.h +2 -0
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -18
- data/src/core/lib/iomgr/ev_epollex_linux.h +2 -0
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +2 -0
- data/src/core/lib/iomgr/ev_epollsig_linux.h +2 -0
- data/src/core/lib/iomgr/ev_poll_posix.cc +61 -31
- data/src/core/lib/iomgr/ev_poll_posix.h +2 -0
- data/src/core/lib/iomgr/ev_posix.cc +35 -19
- data/src/core/lib/iomgr/ev_posix.h +2 -0
- data/src/core/lib/iomgr/ev_windows.cc +2 -0
- data/src/core/lib/iomgr/exec_ctx.cc +3 -1
- data/src/core/lib/iomgr/exec_ctx.h +21 -9
- data/src/core/lib/iomgr/executor.cc +13 -11
- data/src/core/lib/iomgr/executor.h +2 -0
- data/src/core/lib/iomgr/fork_posix.cc +4 -2
- data/src/core/lib/iomgr/fork_windows.cc +2 -0
- data/src/core/lib/iomgr/gethostname_fallback.cc +2 -0
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +2 -0
- data/src/core/lib/iomgr/gethostname_sysconf.cc +2 -0
- data/src/core/lib/iomgr/iocp_windows.cc +3 -1
- data/src/core/lib/iomgr/iocp_windows.h +3 -0
- data/src/core/lib/iomgr/iomgr.cc +2 -1
- data/src/core/lib/iomgr/iomgr.h +2 -0
- data/src/core/lib/iomgr/iomgr_custom.cc +63 -0
- data/src/core/lib/iomgr/iomgr_custom.h +47 -0
- data/src/core/lib/iomgr/iomgr_internal.cc +43 -0
- data/src/core/lib/iomgr/iomgr_internal.h +14 -0
- data/src/core/lib/iomgr/iomgr_posix.cc +30 -3
- data/src/core/lib/iomgr/iomgr_posix.h +2 -0
- data/src/core/lib/iomgr/iomgr_uv.cc +17 -20
- data/src/core/lib/iomgr/iomgr_windows.cc +29 -3
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +2 -0
- data/src/core/lib/iomgr/is_epollexclusive_available.h +2 -0
- data/src/core/lib/iomgr/load_file.cc +2 -0
- data/src/core/lib/iomgr/load_file.h +2 -0
- data/src/core/lib/iomgr/lockfree_event.cc +2 -0
- data/src/core/lib/iomgr/lockfree_event.h +14 -1
- data/src/core/lib/iomgr/nameser.h +2 -0
- data/src/core/lib/iomgr/network_status_tracker.cc +3 -1
- data/src/core/lib/iomgr/network_status_tracker.h +2 -0
- data/src/core/lib/iomgr/polling_entity.cc +2 -0
- data/src/core/lib/iomgr/polling_entity.h +2 -0
- data/src/core/lib/iomgr/pollset.cc +56 -0
- data/src/core/lib/iomgr/pollset.h +19 -0
- data/src/core/lib/iomgr/pollset_custom.cc +106 -0
- data/src/core/lib/iomgr/{timer_generic.h → pollset_custom.h} +15 -17
- data/src/core/lib/iomgr/pollset_set.cc +55 -0
- data/src/core/lib/iomgr/pollset_set.h +13 -0
- data/src/core/lib/iomgr/pollset_set_custom.cc +48 -0
- data/src/core/lib/iomgr/{pollset_uv.h → pollset_set_custom.h} +6 -7
- data/src/core/lib/iomgr/pollset_set_windows.cc +17 -10
- data/src/core/lib/iomgr/pollset_set_windows.h +2 -0
- data/src/core/lib/iomgr/pollset_uv.cc +42 -105
- data/src/core/lib/iomgr/pollset_windows.cc +20 -12
- data/src/core/lib/iomgr/pollset_windows.h +2 -0
- data/src/core/lib/iomgr/port.h +10 -19
- data/src/core/lib/iomgr/resolve_address.cc +50 -0
- data/src/core/lib/iomgr/resolve_address.h +39 -10
- data/src/core/lib/iomgr/resolve_address_custom.cc +187 -0
- data/src/core/lib/iomgr/resolve_address_custom.h +43 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -22
- data/src/core/lib/iomgr/resolve_address_windows.cc +10 -22
- data/src/core/lib/iomgr/resource_quota.cc +2 -0
- data/src/core/lib/iomgr/resource_quota.h +3 -5
- data/src/core/lib/iomgr/sockaddr.h +3 -11
- data/src/core/lib/iomgr/sockaddr_custom.h +54 -0
- data/src/core/lib/iomgr/sockaddr_posix.h +26 -0
- data/src/core/lib/iomgr/sockaddr_utils.cc +91 -71
- data/src/core/lib/iomgr/sockaddr_utils.h +4 -0
- data/src/core/lib/iomgr/sockaddr_windows.h +21 -0
- data/src/core/lib/iomgr/socket_factory_posix.cc +2 -0
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -0
- data/src/core/lib/iomgr/socket_mutator.cc +2 -0
- data/src/core/lib/iomgr/socket_mutator.h +2 -0
- data/src/core/lib/iomgr/socket_utils.h +11 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +15 -6
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -0
- data/src/core/lib/iomgr/socket_utils_uv.cc +13 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +10 -0
- data/src/core/lib/iomgr/socket_windows.cc +2 -0
- data/src/core/lib/iomgr/socket_windows.h +2 -1
- data/src/core/lib/iomgr/sys_epoll_wrapper.h +2 -0
- data/src/core/lib/iomgr/tcp_client.cc +36 -0
- data/src/core/lib/iomgr/tcp_client.h +13 -0
- data/src/core/lib/iomgr/tcp_client_custom.cc +151 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +11 -24
- data/src/core/lib/iomgr/tcp_client_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_client_windows.cc +10 -23
- data/src/core/lib/iomgr/tcp_custom.cc +365 -0
- data/src/core/lib/iomgr/tcp_custom.h +81 -0
- data/src/core/lib/iomgr/tcp_posix.cc +3 -1
- data/src/core/lib/iomgr/tcp_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_server.cc +73 -0
- data/src/core/lib/iomgr/tcp_server.h +24 -0
- data/src/core/lib/iomgr/tcp_server_custom.cc +472 -0
- data/src/core/lib/iomgr/tcp_server_posix.cc +41 -23
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -7
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -6
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +2 -0
- data/src/core/lib/iomgr/tcp_server_windows.cc +43 -21
- data/src/core/lib/iomgr/tcp_uv.cc +308 -314
- data/src/core/lib/iomgr/tcp_windows.cc +3 -1
- data/src/core/lib/iomgr/tcp_windows.h +2 -0
- data/src/core/lib/iomgr/time_averaged_stats.cc +2 -0
- data/src/core/lib/iomgr/timer.cc +45 -0
- data/src/core/lib/iomgr/timer.h +36 -15
- data/src/core/lib/iomgr/timer_custom.cc +93 -0
- data/src/core/lib/iomgr/timer_custom.h +43 -0
- data/src/core/lib/iomgr/timer_generic.cc +12 -10
- data/src/core/lib/iomgr/timer_heap.cc +2 -4
- data/src/core/lib/iomgr/timer_heap.h +2 -0
- data/src/core/lib/iomgr/timer_manager.cc +12 -20
- data/src/core/lib/iomgr/timer_manager.h +2 -0
- data/src/core/lib/iomgr/timer_uv.cc +15 -49
- data/src/core/lib/iomgr/udp_server.cc +271 -230
- data/src/core/lib/iomgr/udp_server.h +44 -20
- data/src/core/lib/iomgr/unix_sockets_posix.cc +10 -7
- data/src/core/lib/iomgr/unix_sockets_posix.h +2 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +3 -1
- data/src/core/lib/iomgr/wakeup_fd_cv.h +2 -0
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.h +2 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.h +2 -0
- data/src/core/lib/json/json.cc +38 -0
- data/src/core/lib/json/json.h +22 -1
- data/src/core/lib/json/json_reader.cc +2 -2
- data/src/core/lib/json/json_reader.h +1 -0
- data/src/core/lib/json/json_string.cc +2 -0
- data/src/core/lib/json/json_writer.cc +2 -2
- data/src/core/lib/json/json_writer.h +2 -0
- data/src/core/lib/profiling/basic_timers.cc +11 -9
- data/src/core/lib/profiling/timers.h +6 -3
- data/src/core/lib/security/context/security_context.cc +2 -0
- data/src/core/lib/security/context/security_context.h +2 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +119 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.h +102 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +72 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment.h +57 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +67 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +33 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +114 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +126 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +46 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +112 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +58 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +2 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -0
- data/src/core/lib/security/credentials/credentials.cc +2 -0
- data/src/core/lib/security/credentials/credentials.h +2 -0
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -3
- data/src/core/lib/security/credentials/fake/fake_credentials.h +5 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +2 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +2 -0
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -0
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +2 -0
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +2 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +2 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +11 -2
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -0
- data/src/core/lib/security/security_connector/alts_security_connector.cc +287 -0
- data/src/core/lib/security/security_connector/alts_security_connector.h +69 -0
- data/src/core/lib/security/security_connector/security_connector.cc +174 -74
- data/src/core/lib/security/security_connector/security_connector.h +41 -7
- data/src/core/lib/security/transport/auth_filters.h +2 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +14 -28
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -0
- data/src/core/lib/security/transport/secure_endpoint.h +2 -0
- data/src/core/lib/security/transport/security_handshaker.cc +2 -0
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -0
- data/src/core/lib/security/transport/target_authority_table.cc +75 -0
- data/src/core/lib/security/transport/{lb_targets_info.h → target_authority_table.h} +16 -8
- data/src/core/lib/security/transport/tsi_error.cc +2 -0
- data/src/core/lib/security/transport/tsi_error.h +2 -0
- data/src/core/lib/security/util/json_util.cc +2 -0
- data/src/core/lib/security/util/json_util.h +2 -0
- data/src/core/lib/slice/b64.cc +2 -0
- data/src/core/lib/slice/b64.h +2 -0
- data/src/core/lib/slice/percent_encoding.cc +2 -0
- data/src/core/lib/slice/percent_encoding.h +2 -0
- data/src/core/lib/slice/slice.cc +2 -0
- data/src/core/lib/slice/slice_buffer.cc +3 -1
- data/src/core/lib/slice/slice_hash_table.h +178 -45
- data/src/core/lib/slice/slice_intern.cc +2 -0
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/slice/slice_string_helpers.cc +2 -0
- data/src/core/lib/slice/slice_string_helpers.h +2 -1
- data/src/core/lib/slice/slice_weak_hash_table.h +105 -0
- data/src/core/lib/surface/api_trace.cc +3 -1
- data/src/core/lib/surface/api_trace.h +2 -0
- data/src/core/lib/surface/byte_buffer.cc +3 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +3 -0
- data/src/core/lib/surface/call.cc +46 -80
- data/src/core/lib/surface/call.h +2 -0
- data/src/core/lib/surface/call_details.cc +2 -0
- data/src/core/lib/surface/call_log_batch.cc +2 -0
- data/src/core/lib/surface/call_test_only.h +2 -0
- data/src/core/lib/surface/channel.cc +72 -41
- data/src/core/lib/surface/channel.h +2 -0
- data/src/core/lib/surface/channel_init.cc +2 -0
- data/src/core/lib/surface/channel_init.h +2 -0
- data/src/core/lib/surface/channel_ping.cc +2 -0
- data/src/core/lib/surface/channel_stack_type.cc +3 -2
- data/src/core/lib/surface/channel_stack_type.h +2 -0
- data/src/core/lib/surface/completion_queue.h +2 -0
- data/src/core/lib/surface/completion_queue_factory.cc +3 -1
- data/src/core/lib/surface/completion_queue_factory.h +2 -0
- data/src/core/lib/surface/event_string.cc +2 -0
- data/src/core/lib/surface/event_string.h +2 -0
- data/src/core/lib/surface/init.cc +5 -2
- data/src/core/lib/surface/init_secure.cc +5 -2
- data/src/core/lib/surface/lame_client.cc +7 -5
- data/src/core/lib/surface/lame_client.h +2 -0
- data/src/core/lib/surface/metadata_array.cc +2 -0
- data/src/core/lib/surface/server.cc +2 -0
- data/src/core/lib/surface/server.h +2 -0
- data/src/core/lib/surface/validate_metadata.cc +2 -1
- data/src/core/lib/surface/validate_metadata.h +2 -0
- data/src/core/lib/surface/version.cc +4 -2
- data/src/core/lib/transport/bdp_estimator.cc +2 -0
- data/src/core/lib/transport/byte_stream.cc +94 -116
- data/src/core/lib/transport/byte_stream.h +111 -78
- data/src/core/lib/transport/connectivity_state.cc +2 -0
- data/src/core/lib/transport/connectivity_state.h +3 -1
- data/src/core/lib/transport/error_utils.cc +2 -0
- data/src/core/lib/transport/error_utils.h +2 -0
- data/src/core/lib/transport/metadata.cc +2 -0
- data/src/core/lib/transport/metadata.h +3 -1
- data/src/core/lib/transport/metadata_batch.cc +26 -0
- data/src/core/lib/transport/metadata_batch.h +12 -1
- data/src/core/lib/transport/pid_controller.cc +2 -0
- data/src/core/lib/transport/pid_controller.h +2 -0
- data/src/core/lib/transport/service_config.cc +21 -175
- data/src/core/lib/transport/service_config.h +223 -35
- data/src/core/lib/transport/static_metadata.cc +310 -294
- data/src/core/lib/transport/static_metadata.h +96 -82
- data/src/core/lib/transport/status_conversion.cc +2 -0
- data/src/core/lib/transport/status_conversion.h +3 -0
- data/src/core/lib/transport/status_metadata.cc +54 -0
- data/src/core/lib/{iomgr/timer_uv.h → transport/status_metadata.h} +10 -12
- data/src/core/lib/transport/timeout_encoding.cc +2 -1
- data/src/core/lib/transport/timeout_encoding.h +2 -0
- data/src/core/lib/transport/transport.cc +3 -1
- data/src/core/lib/transport/transport.h +33 -7
- data/src/core/lib/transport/transport_impl.h +2 -0
- data/src/core/lib/transport/transport_op_string.cc +10 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +10 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +687 -0
- data/src/core/tsi/alts/crypt/gsec.cc +189 -0
- data/src/core/tsi/alts/crypt/gsec.h +454 -0
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +118 -0
- data/src/core/tsi/alts/frame_protector/alts_counter.h +98 -0
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +66 -0
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +255 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +407 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +55 -0
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +114 -0
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +114 -0
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +105 -0
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +103 -0
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +218 -0
- data/src/core/tsi/alts/frame_protector/frame_handler.h +236 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +316 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +137 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc +520 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h +323 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc +143 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h +149 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_event.cc +73 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_event.h +93 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +483 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +83 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +52 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +58 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +52 -0
- data/src/core/tsi/alts/handshaker/altscontext.pb.c +48 -0
- data/src/core/tsi/alts/handshaker/altscontext.pb.h +64 -0
- data/src/core/tsi/alts/handshaker/handshaker.pb.c +123 -0
- data/src/core/tsi/alts/handshaker/handshaker.pb.h +255 -0
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.c +50 -0
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.h +78 -0
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +196 -0
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +163 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +180 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +52 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +144 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +49 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +91 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +174 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +100 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +476 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +199 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +296 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +52 -0
- data/src/core/tsi/alts_transport_security.cc +3 -1
- data/src/core/tsi/alts_transport_security.h +4 -2
- data/src/core/tsi/fake_transport_security.cc +2 -1
- data/src/core/tsi/fake_transport_security.h +2 -0
- data/src/core/tsi/ssl/session_cache/ssl_session.h +73 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +58 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +211 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +93 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +76 -0
- data/src/core/tsi/ssl_transport_security.cc +266 -62
- data/src/core/tsi/ssl_transport_security.h +128 -6
- data/src/core/tsi/ssl_types.h +2 -0
- data/src/core/tsi/transport_security.cc +2 -0
- data/src/core/tsi/transport_security.h +2 -0
- data/src/core/tsi/transport_security_adapter.cc +2 -0
- data/src/core/tsi/transport_security_adapter.h +2 -0
- data/src/core/tsi/transport_security_grpc.cc +2 -0
- data/src/core/tsi/transport_security_grpc.h +2 -0
- data/src/core/tsi/transport_security_interface.h +2 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -2
- data/src/ruby/ext/grpc/rb_call.c +1 -13
- data/src/ruby/ext/grpc/rb_channel.c +6 -6
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +10 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +15 -0
- data/src/ruby/lib/grpc/core/time_consts.rb +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +19 -8
- data/src/ruby/lib/grpc/generic/client_stub.rb +6 -10
- data/src/ruby/lib/grpc/generic/interceptors.rb +1 -1
- data/src/ruby/lib/grpc/generic/rpc_server.rb +2 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +133 -0
- data/src/ruby/spec/pb/package_with_underscore/checker_spec.rb +54 -0
- data/src/ruby/spec/pb/package_with_underscore/data.proto +23 -0
- data/src/ruby/spec/pb/package_with_underscore/service.proto +23 -0
- data/third_party/address_sorting/address_sorting.c +369 -0
- data/third_party/address_sorting/address_sorting_internal.h +70 -0
- data/third_party/address_sorting/address_sorting_posix.c +97 -0
- data/third_party/address_sorting/address_sorting_windows.c +55 -0
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +110 -0
- data/third_party/boringssl/crypto/asn1/a_enum.c +20 -9
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_int.c +19 -8
- data/third_party/boringssl/crypto/asn1/a_object.c +0 -128
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +3 -0
- data/third_party/boringssl/crypto/asn1/tasn_fre.c +2 -4
- data/third_party/boringssl/crypto/asn1/tasn_new.c +3 -2
- data/third_party/boringssl/crypto/bn_extra/bn_asn1.c +0 -16
- data/third_party/boringssl/crypto/buf/buf.c +14 -0
- data/third_party/boringssl/crypto/bytestring/cbb.c +93 -0
- data/third_party/boringssl/crypto/conf/conf.c +2 -2
- data/third_party/boringssl/crypto/cpu-intel.c +17 -17
- data/third_party/boringssl/crypto/crypto.c +16 -4
- data/third_party/boringssl/crypto/curve25519/spake25519.c +11 -11
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +1 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +9 -21
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +2 -2
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -8
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +2 -23
- data/third_party/boringssl/crypto/ex_data.c +0 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/add.c +7 -11
- data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +19 -16
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +15 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +53 -46
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +242 -85
- data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +42 -47
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +176 -34
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +118 -65
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +94 -61
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +79 -63
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +26 -28
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +250 -149
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +0 -27
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +54 -20
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +3 -3
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +7 -41
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +6 -40
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +17 -122
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +3 -64
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +27 -9
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +203 -205
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +14 -15
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +12 -8
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +4 -3
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +25 -36
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +10 -0
- data/third_party/boringssl/crypto/fipsmodule/rsa/internal.h +0 -4
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +9 -19
- data/third_party/boringssl/crypto/lhash/lhash.c +19 -0
- data/third_party/boringssl/crypto/obj/obj.c +29 -69
- data/third_party/boringssl/crypto/pem/pem_lib.c +2 -2
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +4 -55
- data/third_party/boringssl/crypto/rsa_extra/rsa_asn1.c +3 -22
- data/third_party/boringssl/crypto/x509/by_dir.c +1 -3
- data/third_party/boringssl/crypto/x509/by_file.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_lu.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_obj.c +1 -3
- data/third_party/boringssl/crypto/x509/x509_txt.c +0 -6
- data/third_party/boringssl/crypto/x509/x509_vfy.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_vpm.c +0 -1
- data/third_party/boringssl/crypto/x509/x_algor.c +2 -2
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +3 -4
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -0
- data/third_party/boringssl/crypto/x509v3/v3_info.c +1 -2
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +15 -7
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +41 -2
- data/third_party/boringssl/include/openssl/asn1.h +0 -1
- data/third_party/boringssl/include/openssl/base.h +1 -1
- data/third_party/boringssl/include/openssl/bio.h +5 -2
- data/third_party/boringssl/include/openssl/bn.h +2 -17
- data/third_party/boringssl/include/openssl/buf.h +4 -0
- data/third_party/boringssl/include/openssl/bytestring.h +11 -0
- data/third_party/boringssl/include/openssl/chacha.h +5 -1
- data/third_party/boringssl/include/openssl/cipher.h +10 -0
- data/third_party/boringssl/include/openssl/conf.h +4 -8
- data/third_party/boringssl/include/openssl/dsa.h +2 -18
- data/third_party/boringssl/include/openssl/ec.h +5 -5
- data/third_party/boringssl/include/openssl/ecdsa.h +10 -28
- data/third_party/boringssl/include/openssl/evp.h +0 -4
- data/third_party/boringssl/include/openssl/lhash.h +1 -18
- data/third_party/boringssl/include/openssl/obj.h +1 -0
- data/third_party/boringssl/include/openssl/rsa.h +3 -4
- data/third_party/boringssl/include/openssl/ssl.h +35 -54
- data/third_party/boringssl/include/openssl/ssl3.h +2 -0
- data/third_party/boringssl/include/openssl/stack.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +1 -16
- data/third_party/boringssl/include/openssl/x509.h +3 -2
- data/third_party/boringssl/include/openssl/x509_vfy.h +0 -2
- data/third_party/boringssl/include/openssl/x509v3.h +1 -0
- data/third_party/boringssl/ssl/custom_extensions.cc +1 -1
- data/third_party/boringssl/ssl/d1_both.cc +120 -129
- data/third_party/boringssl/ssl/d1_lib.cc +23 -21
- data/third_party/boringssl/ssl/d1_pkt.cc +39 -143
- data/third_party/boringssl/ssl/dtls_method.cc +16 -23
- data/third_party/boringssl/ssl/dtls_record.cc +11 -4
- data/third_party/boringssl/ssl/handshake.cc +109 -40
- data/third_party/boringssl/ssl/handshake_client.cc +104 -96
- data/third_party/boringssl/ssl/handshake_server.cc +62 -72
- data/third_party/boringssl/ssl/internal.h +397 -318
- data/third_party/boringssl/ssl/s3_both.cc +173 -191
- data/third_party/boringssl/ssl/s3_lib.cc +26 -34
- data/third_party/boringssl/ssl/s3_pkt.cc +105 -247
- data/third_party/boringssl/ssl/ssl_asn1.cc +22 -22
- data/third_party/boringssl/ssl/ssl_buffer.cc +98 -108
- data/third_party/boringssl/ssl/ssl_cert.cc +12 -1
- data/third_party/boringssl/ssl/ssl_cipher.cc +23 -28
- data/third_party/boringssl/ssl/ssl_key_share.cc +11 -6
- data/third_party/boringssl/ssl/ssl_lib.cc +190 -113
- data/third_party/boringssl/ssl/ssl_privkey.cc +76 -106
- data/third_party/boringssl/ssl/ssl_session.cc +3 -3
- data/third_party/boringssl/ssl/ssl_stat.cc +3 -3
- data/third_party/boringssl/ssl/ssl_transcript.cc +38 -22
- data/third_party/boringssl/ssl/ssl_versions.cc +64 -31
- data/third_party/boringssl/ssl/t1_enc.cc +137 -154
- data/third_party/boringssl/ssl/t1_lib.cc +463 -478
- data/third_party/boringssl/ssl/tls13_both.cc +57 -58
- data/third_party/boringssl/ssl/tls13_client.cc +256 -121
- data/third_party/boringssl/ssl/tls13_enc.cc +187 -72
- data/third_party/boringssl/ssl/tls13_server.cc +187 -86
- data/third_party/boringssl/ssl/tls_method.cc +20 -30
- data/third_party/boringssl/ssl/tls_record.cc +77 -40
- data/third_party/boringssl/third_party/fiat/curve25519.c +5062 -0
- data/third_party/boringssl/{crypto/curve25519 → third_party/fiat}/internal.h +40 -27
- data/third_party/nanopb/pb.h +1 -1
- metadata +147 -45
- data/src/core/lib/gpr/thd.cc +0 -49
- data/src/core/lib/gpr/thd.h +0 -71
- data/src/core/lib/gpr/thd_posix.cc +0 -154
- data/src/core/lib/gpr/thd_windows.cc +0 -107
- data/src/core/lib/iomgr/iomgr_uv.h +0 -37
- data/src/core/lib/iomgr/pollset_set_uv.cc +0 -43
- data/src/core/lib/iomgr/resolve_address_uv.cc +0 -284
- data/src/core/lib/iomgr/tcp_client_uv.cc +0 -175
- data/src/core/lib/iomgr/tcp_server_uv.cc +0 -471
- data/src/core/lib/iomgr/tcp_uv.h +0 -51
- data/src/core/lib/security/transport/lb_targets_info.cc +0 -59
- data/src/core/lib/slice/slice_hash_table.cc +0 -145
- data/third_party/boringssl/crypto/curve25519/curve25519.c +0 -4938
@@ -147,7 +147,7 @@ static int pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey,
|
|
147
147
|
return 0;
|
148
148
|
}
|
149
149
|
|
150
|
-
if (
|
150
|
+
if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
|
151
151
|
// RSA keys may only be used with RSA-PSS.
|
152
152
|
if (alg->pkey_type == EVP_PKEY_RSA && !alg->is_rsa_pss) {
|
153
153
|
return 0;
|
@@ -193,45 +193,17 @@ static int setup_ctx(SSL *ssl, EVP_MD_CTX *ctx, EVP_PKEY *pkey, uint16_t sigalg,
|
|
193
193
|
return 1;
|
194
194
|
}
|
195
195
|
|
196
|
-
static int legacy_sign_digest_supported(const SSL_SIGNATURE_ALGORITHM *alg) {
|
197
|
-
return (alg->pkey_type == EVP_PKEY_EC || alg->pkey_type == EVP_PKEY_RSA) &&
|
198
|
-
!alg->is_rsa_pss;
|
199
|
-
}
|
200
|
-
|
201
|
-
static enum ssl_private_key_result_t legacy_sign(
|
202
|
-
SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, uint16_t sigalg,
|
203
|
-
const uint8_t *in, size_t in_len) {
|
204
|
-
// TODO(davidben): Remove support for |sign_digest|-only
|
205
|
-
// |SSL_PRIVATE_KEY_METHOD|s.
|
206
|
-
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
|
207
|
-
if (alg == NULL || !legacy_sign_digest_supported(alg)) {
|
208
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY);
|
209
|
-
return ssl_private_key_failure;
|
210
|
-
}
|
211
|
-
|
212
|
-
const EVP_MD *md = alg->digest_func();
|
213
|
-
uint8_t hash[EVP_MAX_MD_SIZE];
|
214
|
-
unsigned hash_len;
|
215
|
-
if (!EVP_Digest(in, in_len, hash, &hash_len, md, NULL)) {
|
216
|
-
return ssl_private_key_failure;
|
217
|
-
}
|
218
|
-
|
219
|
-
return ssl->cert->key_method->sign_digest(ssl, out, out_len, max_out, md,
|
220
|
-
hash, hash_len);
|
221
|
-
}
|
222
|
-
|
223
196
|
enum ssl_private_key_result_t ssl_private_key_sign(
|
224
197
|
SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len, size_t max_out,
|
225
|
-
uint16_t sigalg, const uint8_t
|
198
|
+
uint16_t sigalg, Span<const uint8_t> in) {
|
226
199
|
SSL *const ssl = hs->ssl;
|
227
200
|
if (ssl->cert->key_method != NULL) {
|
228
201
|
enum ssl_private_key_result_t ret;
|
229
202
|
if (hs->pending_private_key_op) {
|
230
203
|
ret = ssl->cert->key_method->complete(ssl, out, out_len, max_out);
|
231
204
|
} else {
|
232
|
-
ret =
|
233
|
-
|
234
|
-
: legacy_sign)(ssl, out, out_len, max_out, sigalg, in, in_len);
|
205
|
+
ret = ssl->cert->key_method->sign(ssl, out, out_len, max_out, sigalg,
|
206
|
+
in.data(), in.size());
|
235
207
|
}
|
236
208
|
hs->pending_private_key_op = ret == ssl_private_key_retry;
|
237
209
|
return ret;
|
@@ -240,31 +212,34 @@ enum ssl_private_key_result_t ssl_private_key_sign(
|
|
240
212
|
*out_len = max_out;
|
241
213
|
ScopedEVP_MD_CTX ctx;
|
242
214
|
if (!setup_ctx(ssl, ctx.get(), ssl->cert->privatekey, sigalg, 0 /* sign */) ||
|
243
|
-
!EVP_DigestSign(ctx.get(), out, out_len, in,
|
215
|
+
!EVP_DigestSign(ctx.get(), out, out_len, in.data(), in.size())) {
|
244
216
|
return ssl_private_key_failure;
|
245
217
|
}
|
246
218
|
return ssl_private_key_success;
|
247
219
|
}
|
248
220
|
|
249
|
-
|
250
|
-
|
251
|
-
|
221
|
+
bool ssl_public_key_verify(SSL *ssl, Span<const uint8_t> signature,
|
222
|
+
uint16_t sigalg, EVP_PKEY *pkey,
|
223
|
+
Span<const uint8_t> in) {
|
252
224
|
ScopedEVP_MD_CTX ctx;
|
253
225
|
return setup_ctx(ssl, ctx.get(), pkey, sigalg, 1 /* verify */) &&
|
254
|
-
EVP_DigestVerify(ctx.get(), signature,
|
226
|
+
EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
|
227
|
+
in.data(), in.size());
|
255
228
|
}
|
256
229
|
|
257
|
-
enum ssl_private_key_result_t ssl_private_key_decrypt(
|
258
|
-
|
259
|
-
|
230
|
+
enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,
|
231
|
+
uint8_t *out,
|
232
|
+
size_t *out_len,
|
233
|
+
size_t max_out,
|
234
|
+
Span<const uint8_t> in) {
|
260
235
|
SSL *const ssl = hs->ssl;
|
261
236
|
if (ssl->cert->key_method != NULL) {
|
262
237
|
enum ssl_private_key_result_t ret;
|
263
238
|
if (hs->pending_private_key_op) {
|
264
239
|
ret = ssl->cert->key_method->complete(ssl, out, out_len, max_out);
|
265
240
|
} else {
|
266
|
-
ret = ssl->cert->key_method->decrypt(ssl, out, out_len, max_out,
|
267
|
-
|
241
|
+
ret = ssl->cert->key_method->decrypt(ssl, out, out_len, max_out,
|
242
|
+
in.data(), in.size());
|
268
243
|
}
|
269
244
|
hs->pending_private_key_op = ret == ssl_private_key_retry;
|
270
245
|
return ret;
|
@@ -279,17 +254,18 @@ enum ssl_private_key_result_t ssl_private_key_decrypt(
|
|
279
254
|
|
280
255
|
// Decrypt with no padding. PKCS#1 padding will be removed as part of the
|
281
256
|
// timing-sensitive code by the caller.
|
282
|
-
if (!RSA_decrypt(rsa, out_len, out, max_out, in,
|
257
|
+
if (!RSA_decrypt(rsa, out_len, out, max_out, in.data(), in.size(),
|
258
|
+
RSA_NO_PADDING)) {
|
283
259
|
return ssl_private_key_failure;
|
284
260
|
}
|
285
261
|
return ssl_private_key_success;
|
286
262
|
}
|
287
263
|
|
288
|
-
|
289
|
-
|
264
|
+
bool ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
|
265
|
+
uint16_t sigalg) {
|
290
266
|
SSL *const ssl = hs->ssl;
|
291
267
|
if (!pkey_supports_algorithm(ssl, hs->local_pubkey.get(), sigalg)) {
|
292
|
-
return
|
268
|
+
return false;
|
293
269
|
}
|
294
270
|
|
295
271
|
// Ensure the RSA key is large enough for the hash. RSASSA-PSS requires that
|
@@ -301,18 +277,10 @@ int ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
|
|
301
277
|
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
|
302
278
|
if (alg->is_rsa_pss && (size_t)EVP_PKEY_size(hs->local_pubkey.get()) <
|
303
279
|
2 * EVP_MD_size(alg->digest_func()) + 2) {
|
304
|
-
return
|
305
|
-
}
|
306
|
-
|
307
|
-
// Newer algorithms require message-based private keys.
|
308
|
-
// TODO(davidben): Remove this check when sign_digest is gone.
|
309
|
-
if (ssl->cert->key_method != NULL &&
|
310
|
-
ssl->cert->key_method->sign == NULL &&
|
311
|
-
!legacy_sign_digest_supported(alg)) {
|
312
|
-
return 0;
|
280
|
+
return false;
|
313
281
|
}
|
314
282
|
|
315
|
-
return
|
283
|
+
return true;
|
316
284
|
}
|
317
285
|
|
318
286
|
} // namespace bssl
|
@@ -434,6 +402,58 @@ void SSL_CTX_set_private_key_method(SSL_CTX *ctx,
|
|
434
402
|
ctx->cert->key_method = key_method;
|
435
403
|
}
|
436
404
|
|
405
|
+
const char *SSL_get_signature_algorithm_name(uint16_t sigalg,
|
406
|
+
int include_curve) {
|
407
|
+
switch (sigalg) {
|
408
|
+
case SSL_SIGN_RSA_PKCS1_MD5_SHA1:
|
409
|
+
return "rsa_pkcs1_md5_sha1";
|
410
|
+
case SSL_SIGN_RSA_PKCS1_SHA1:
|
411
|
+
return "rsa_pkcs1_sha1";
|
412
|
+
case SSL_SIGN_RSA_PKCS1_SHA256:
|
413
|
+
return "rsa_pkcs1_sha256";
|
414
|
+
case SSL_SIGN_RSA_PKCS1_SHA384:
|
415
|
+
return "rsa_pkcs1_sha384";
|
416
|
+
case SSL_SIGN_RSA_PKCS1_SHA512:
|
417
|
+
return "rsa_pkcs1_sha512";
|
418
|
+
case SSL_SIGN_ECDSA_SHA1:
|
419
|
+
return "ecdsa_sha1";
|
420
|
+
case SSL_SIGN_ECDSA_SECP256R1_SHA256:
|
421
|
+
return include_curve ? "ecdsa_secp256r1_sha256" : "ecdsa_sha256";
|
422
|
+
case SSL_SIGN_ECDSA_SECP384R1_SHA384:
|
423
|
+
return include_curve ? "ecdsa_secp384r1_sha384" : "ecdsa_sha384";
|
424
|
+
case SSL_SIGN_ECDSA_SECP521R1_SHA512:
|
425
|
+
return include_curve ? "ecdsa_secp521r1_sha512" : "ecdsa_sha512";
|
426
|
+
case SSL_SIGN_RSA_PSS_SHA256:
|
427
|
+
return "rsa_pss_sha256";
|
428
|
+
case SSL_SIGN_RSA_PSS_SHA384:
|
429
|
+
return "rsa_pss_sha384";
|
430
|
+
case SSL_SIGN_RSA_PSS_SHA512:
|
431
|
+
return "rsa_pss_sha512";
|
432
|
+
case SSL_SIGN_ED25519:
|
433
|
+
return "ed25519";
|
434
|
+
default:
|
435
|
+
return NULL;
|
436
|
+
}
|
437
|
+
}
|
438
|
+
|
439
|
+
int SSL_get_signature_algorithm_key_type(uint16_t sigalg) {
|
440
|
+
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
|
441
|
+
return alg != nullptr ? alg->pkey_type : EVP_PKEY_NONE;
|
442
|
+
}
|
443
|
+
|
444
|
+
const EVP_MD *SSL_get_signature_algorithm_digest(uint16_t sigalg) {
|
445
|
+
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
|
446
|
+
if (alg == nullptr || alg->digest_func == nullptr) {
|
447
|
+
return nullptr;
|
448
|
+
}
|
449
|
+
return alg->digest_func();
|
450
|
+
}
|
451
|
+
|
452
|
+
int SSL_is_signature_algorithm_rsa_pss(uint16_t sigalg) {
|
453
|
+
const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
|
454
|
+
return alg != nullptr && alg->is_rsa_pss;
|
455
|
+
}
|
456
|
+
|
437
457
|
static int set_algorithm_prefs(uint16_t **out_prefs, size_t *out_num_prefs,
|
438
458
|
const uint16_t *prefs, size_t num_prefs) {
|
439
459
|
OPENSSL_free(*out_prefs);
|
@@ -455,7 +475,6 @@ int SSL_CTX_set_signing_algorithm_prefs(SSL_CTX *ctx, const uint16_t *prefs,
|
|
455
475
|
prefs, num_prefs);
|
456
476
|
}
|
457
477
|
|
458
|
-
|
459
478
|
int SSL_set_signing_algorithm_prefs(SSL *ssl, const uint16_t *prefs,
|
460
479
|
size_t num_prefs) {
|
461
480
|
return set_algorithm_prefs(&ssl->cert->sigalgs, &ssl->cert->num_sigalgs,
|
@@ -467,52 +486,3 @@ int SSL_CTX_set_verify_algorithm_prefs(SSL_CTX *ctx, const uint16_t *prefs,
|
|
467
486
|
return set_algorithm_prefs(&ctx->verify_sigalgs, &ctx->num_verify_sigalgs,
|
468
487
|
prefs, num_prefs);
|
469
488
|
}
|
470
|
-
|
471
|
-
int SSL_set_private_key_digest_prefs(SSL *ssl, const int *digest_nids,
|
472
|
-
size_t num_digests) {
|
473
|
-
OPENSSL_free(ssl->cert->sigalgs);
|
474
|
-
|
475
|
-
static_assert(sizeof(int) >= 2 * sizeof(uint16_t),
|
476
|
-
"sigalgs allocation may overflow");
|
477
|
-
|
478
|
-
ssl->cert->num_sigalgs = 0;
|
479
|
-
ssl->cert->sigalgs =
|
480
|
-
(uint16_t *)OPENSSL_malloc(sizeof(uint16_t) * 2 * num_digests);
|
481
|
-
if (ssl->cert->sigalgs == NULL) {
|
482
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
483
|
-
return 0;
|
484
|
-
}
|
485
|
-
|
486
|
-
// Convert the digest list to a signature algorithms list.
|
487
|
-
//
|
488
|
-
// TODO(davidben): Replace this API with one that can express RSA-PSS, etc.
|
489
|
-
for (size_t i = 0; i < num_digests; i++) {
|
490
|
-
switch (digest_nids[i]) {
|
491
|
-
case NID_sha1:
|
492
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs] = SSL_SIGN_RSA_PKCS1_SHA1;
|
493
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs + 1] = SSL_SIGN_ECDSA_SHA1;
|
494
|
-
ssl->cert->num_sigalgs += 2;
|
495
|
-
break;
|
496
|
-
case NID_sha256:
|
497
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs] = SSL_SIGN_RSA_PKCS1_SHA256;
|
498
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs + 1] =
|
499
|
-
SSL_SIGN_ECDSA_SECP256R1_SHA256;
|
500
|
-
ssl->cert->num_sigalgs += 2;
|
501
|
-
break;
|
502
|
-
case NID_sha384:
|
503
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs] = SSL_SIGN_RSA_PKCS1_SHA384;
|
504
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs + 1] =
|
505
|
-
SSL_SIGN_ECDSA_SECP384R1_SHA384;
|
506
|
-
ssl->cert->num_sigalgs += 2;
|
507
|
-
break;
|
508
|
-
case NID_sha512:
|
509
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs] = SSL_SIGN_RSA_PKCS1_SHA512;
|
510
|
-
ssl->cert->sigalgs[ssl->cert->num_sigalgs + 1] =
|
511
|
-
SSL_SIGN_ECDSA_SECP521R1_SHA512;
|
512
|
-
ssl->cert->num_sigalgs += 2;
|
513
|
-
break;
|
514
|
-
}
|
515
|
-
}
|
516
|
-
|
517
|
-
return 1;
|
518
|
-
}
|
@@ -377,7 +377,7 @@ int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server) {
|
|
377
377
|
ssl_get_current_time(ssl, &now);
|
378
378
|
session->time = now.tv_sec;
|
379
379
|
|
380
|
-
uint16_t version =
|
380
|
+
uint16_t version = ssl_protocol_version(ssl);
|
381
381
|
if (version >= TLS1_3_VERSION) {
|
382
382
|
// TLS 1.3 uses tickets as authenticators, so we are willing to use them for
|
383
383
|
// longer.
|
@@ -999,9 +999,9 @@ SSL_SESSION *SSL_get_session(const SSL *ssl) {
|
|
999
999
|
// we return the intermediate session, either |session| (for resumption) or
|
1000
1000
|
// |new_session| if doing a full handshake.
|
1001
1001
|
if (!SSL_in_init(ssl)) {
|
1002
|
-
return ssl->s3->established_session;
|
1002
|
+
return ssl->s3->established_session.get();
|
1003
1003
|
}
|
1004
|
-
SSL_HANDSHAKE *hs = ssl->s3->hs;
|
1004
|
+
SSL_HANDSHAKE *hs = ssl->s3->hs.get();
|
1005
1005
|
if (hs->early_session) {
|
1006
1006
|
return hs->early_session.get();
|
1007
1007
|
}
|
@@ -89,12 +89,12 @@
|
|
89
89
|
|
90
90
|
|
91
91
|
const char *SSL_state_string_long(const SSL *ssl) {
|
92
|
-
if (ssl->s3->hs ==
|
92
|
+
if (ssl->s3->hs == nullptr) {
|
93
93
|
return "SSL negotiation finished successfully";
|
94
94
|
}
|
95
95
|
|
96
|
-
return ssl->server ? ssl_server_handshake_state(ssl->s3->hs)
|
97
|
-
: ssl_client_handshake_state(ssl->s3->hs);
|
96
|
+
return ssl->server ? ssl_server_handshake_state(ssl->s3->hs.get())
|
97
|
+
: ssl_client_handshake_state(ssl->s3->hs.get());
|
98
98
|
}
|
99
99
|
|
100
100
|
const char *SSL_state_string(const SSL *ssl) {
|
@@ -209,26 +209,43 @@ const EVP_MD *SSLTranscript::Digest() const {
|
|
209
209
|
return EVP_MD_CTX_md(hash_.get());
|
210
210
|
}
|
211
211
|
|
212
|
-
bool SSLTranscript::
|
212
|
+
bool SSLTranscript::UpdateForHelloRetryRequest() {
|
213
|
+
if (buffer_) {
|
214
|
+
buffer_->length = 0;
|
215
|
+
}
|
216
|
+
|
217
|
+
uint8_t old_hash[EVP_MAX_MD_SIZE];
|
218
|
+
size_t hash_len;
|
219
|
+
if (!GetHash(old_hash, &hash_len)) {
|
220
|
+
return false;
|
221
|
+
}
|
222
|
+
const uint8_t header[4] = {SSL3_MT_MESSAGE_HASH, 0, 0,
|
223
|
+
static_cast<uint8_t>(hash_len)};
|
224
|
+
if (!EVP_DigestInit_ex(hash_.get(), Digest(), nullptr) ||
|
225
|
+
!Update(header) ||
|
226
|
+
!Update(MakeConstSpan(old_hash, hash_len))) {
|
227
|
+
return false;
|
228
|
+
}
|
229
|
+
return true;
|
230
|
+
}
|
231
|
+
|
232
|
+
bool SSLTranscript::CopyHashContext(EVP_MD_CTX *ctx) {
|
233
|
+
return EVP_MD_CTX_copy_ex(ctx, hash_.get());
|
234
|
+
}
|
235
|
+
|
236
|
+
bool SSLTranscript::Update(Span<const uint8_t> in) {
|
213
237
|
// Depending on the state of the handshake, either the handshake buffer may be
|
214
238
|
// active, the rolling hash, or both.
|
215
|
-
if (buffer_
|
216
|
-
|
217
|
-
|
218
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
219
|
-
return false;
|
220
|
-
}
|
221
|
-
if (!BUF_MEM_grow(buffer_.get(), new_len)) {
|
222
|
-
return false;
|
223
|
-
}
|
224
|
-
OPENSSL_memcpy(buffer_->data + new_len - in_len, in, in_len);
|
239
|
+
if (buffer_ &&
|
240
|
+
!BUF_MEM_append(buffer_.get(), in.data(), in.size())) {
|
241
|
+
return false;
|
225
242
|
}
|
226
243
|
|
227
244
|
if (EVP_MD_CTX_md(hash_.get()) != NULL) {
|
228
|
-
EVP_DigestUpdate(hash_.get(), in,
|
245
|
+
EVP_DigestUpdate(hash_.get(), in.data(), in.size());
|
229
246
|
}
|
230
247
|
if (EVP_MD_CTX_md(md5_.get()) != NULL) {
|
231
|
-
EVP_DigestUpdate(md5_.get(), in,
|
248
|
+
EVP_DigestUpdate(md5_.get(), in.data(), in.size());
|
232
249
|
}
|
233
250
|
|
234
251
|
return true;
|
@@ -355,12 +372,11 @@ bool SSLTranscript::GetFinishedMAC(uint8_t *out, size_t *out_len,
|
|
355
372
|
// its own.
|
356
373
|
assert(!buffer_);
|
357
374
|
|
358
|
-
const char
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
}
|
375
|
+
static const char kClientLabel[] = "client finished";
|
376
|
+
static const char kServerLabel[] = "server finished";
|
377
|
+
auto label = from_server
|
378
|
+
? MakeConstSpan(kServerLabel, sizeof(kServerLabel) - 1)
|
379
|
+
: MakeConstSpan(kClientLabel, sizeof(kClientLabel) - 1);
|
364
380
|
|
365
381
|
uint8_t digests[EVP_MAX_MD_SIZE];
|
366
382
|
size_t digests_len;
|
@@ -369,9 +385,9 @@ bool SSLTranscript::GetFinishedMAC(uint8_t *out, size_t *out_len,
|
|
369
385
|
}
|
370
386
|
|
371
387
|
static const size_t kFinishedLen = 12;
|
372
|
-
if (!tls1_prf(Digest(), out, kFinishedLen,
|
373
|
-
session->
|
374
|
-
|
388
|
+
if (!tls1_prf(Digest(), MakeSpan(out, kFinishedLen),
|
389
|
+
MakeConstSpan(session->master_key, session->master_key_length),
|
390
|
+
label, MakeConstSpan(digests, digests_len), {})) {
|
375
391
|
return false;
|
376
392
|
}
|
377
393
|
|
@@ -35,6 +35,8 @@ bool ssl_protocol_version_from_wire(uint16_t *out, uint16_t version) {
|
|
35
35
|
return true;
|
36
36
|
|
37
37
|
case TLS1_3_DRAFT_VERSION:
|
38
|
+
case TLS1_3_DRAFT21_VERSION:
|
39
|
+
case TLS1_3_DRAFT22_VERSION:
|
38
40
|
case TLS1_3_EXPERIMENT_VERSION:
|
39
41
|
case TLS1_3_EXPERIMENT2_VERSION:
|
40
42
|
case TLS1_3_EXPERIMENT3_VERSION:
|
@@ -59,10 +61,12 @@ bool ssl_protocol_version_from_wire(uint16_t *out, uint16_t version) {
|
|
59
61
|
// decreasing preference.
|
60
62
|
|
61
63
|
static const uint16_t kTLSVersions[] = {
|
64
|
+
TLS1_3_DRAFT22_VERSION,
|
62
65
|
TLS1_3_EXPERIMENT3_VERSION,
|
63
66
|
TLS1_3_EXPERIMENT2_VERSION,
|
64
67
|
TLS1_3_EXPERIMENT_VERSION,
|
65
68
|
TLS1_3_DRAFT_VERSION,
|
69
|
+
TLS1_3_DRAFT21_VERSION,
|
66
70
|
TLS1_2_VERSION,
|
67
71
|
TLS1_1_VERSION,
|
68
72
|
TLS1_VERSION,
|
@@ -106,6 +110,8 @@ static bool method_supports_version(const SSL_PROTOCOL_METHOD *method,
|
|
106
110
|
static const char *ssl_version_to_string(uint16_t version) {
|
107
111
|
switch (version) {
|
108
112
|
case TLS1_3_DRAFT_VERSION:
|
113
|
+
case TLS1_3_DRAFT21_VERSION:
|
114
|
+
case TLS1_3_DRAFT22_VERSION:
|
109
115
|
case TLS1_3_EXPERIMENT_VERSION:
|
110
116
|
case TLS1_3_EXPERIMENT2_VERSION:
|
111
117
|
case TLS1_3_EXPERIMENT3_VERSION:
|
@@ -138,6 +144,8 @@ static uint16_t wire_version_to_api(uint16_t version) {
|
|
138
144
|
switch (version) {
|
139
145
|
// Report TLS 1.3 draft versions as TLS 1.3 in the public API.
|
140
146
|
case TLS1_3_DRAFT_VERSION:
|
147
|
+
case TLS1_3_DRAFT21_VERSION:
|
148
|
+
case TLS1_3_DRAFT22_VERSION:
|
141
149
|
case TLS1_3_EXPERIMENT_VERSION:
|
142
150
|
case TLS1_3_EXPERIMENT2_VERSION:
|
143
151
|
case TLS1_3_EXPERIMENT3_VERSION:
|
@@ -152,6 +160,8 @@ static uint16_t wire_version_to_api(uint16_t version) {
|
|
152
160
|
// used in context where that does not matter.
|
153
161
|
static bool api_version_to_wire(uint16_t *out, uint16_t version) {
|
154
162
|
if (version == TLS1_3_DRAFT_VERSION ||
|
163
|
+
version == TLS1_3_DRAFT21_VERSION ||
|
164
|
+
version == TLS1_3_DRAFT22_VERSION ||
|
155
165
|
version == TLS1_3_EXPERIMENT_VERSION ||
|
156
166
|
version == TLS1_3_EXPERIMENT2_VERSION ||
|
157
167
|
version == TLS1_3_EXPERIMENT3_VERSION) {
|
@@ -287,7 +297,7 @@ static uint16_t ssl_version(const SSL *ssl) {
|
|
287
297
|
return ssl->version;
|
288
298
|
}
|
289
299
|
|
290
|
-
uint16_t
|
300
|
+
uint16_t ssl_protocol_version(const SSL *ssl) {
|
291
301
|
assert(ssl->s3->have_version);
|
292
302
|
uint16_t version;
|
293
303
|
if (!ssl_protocol_version_from_wire(&version, ssl->version)) {
|
@@ -301,34 +311,46 @@ uint16_t ssl3_protocol_version(const SSL *ssl) {
|
|
301
311
|
|
302
312
|
bool ssl_supports_version(SSL_HANDSHAKE *hs, uint16_t version) {
|
303
313
|
SSL *const ssl = hs->ssl;
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
version == TLS1_3_EXPERIMENT2_VERSION ||
|
311
|
-
version == TLS1_3_EXPERIMENT3_VERSION)) {
|
312
|
-
return false;
|
313
|
-
}
|
314
|
-
} else {
|
315
|
-
if ((ssl->tls13_variant != tls13_experiment &&
|
316
|
-
version == TLS1_3_EXPERIMENT_VERSION) ||
|
317
|
-
(ssl->tls13_variant != tls13_experiment2 &&
|
318
|
-
version == TLS1_3_EXPERIMENT2_VERSION) ||
|
319
|
-
(ssl->tls13_variant != tls13_experiment3 &&
|
320
|
-
version == TLS1_3_EXPERIMENT3_VERSION) ||
|
321
|
-
(ssl->tls13_variant != tls13_default &&
|
322
|
-
version == TLS1_3_DRAFT_VERSION)) {
|
323
|
-
return false;
|
324
|
-
}
|
314
|
+
uint16_t protocol_version;
|
315
|
+
if (!method_supports_version(ssl->method, version) ||
|
316
|
+
!ssl_protocol_version_from_wire(&protocol_version, version) ||
|
317
|
+
hs->min_version > protocol_version ||
|
318
|
+
protocol_version > hs->max_version) {
|
319
|
+
return false;
|
325
320
|
}
|
326
321
|
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
322
|
+
// TLS 1.3 variants must additionally match |tls13_variant|.
|
323
|
+
if (protocol_version != TLS1_3_VERSION ||
|
324
|
+
(ssl->tls13_variant == tls13_experiment &&
|
325
|
+
version == TLS1_3_EXPERIMENT_VERSION) ||
|
326
|
+
(ssl->tls13_variant == tls13_experiment2 &&
|
327
|
+
version == TLS1_3_EXPERIMENT2_VERSION) ||
|
328
|
+
(ssl->tls13_variant == tls13_experiment3 &&
|
329
|
+
version == TLS1_3_EXPERIMENT3_VERSION) ||
|
330
|
+
(ssl->tls13_variant == tls13_draft21 &&
|
331
|
+
version == TLS1_3_DRAFT21_VERSION) ||
|
332
|
+
(ssl->tls13_variant == tls13_draft22 &&
|
333
|
+
version == TLS1_3_DRAFT22_VERSION) ||
|
334
|
+
(ssl->tls13_variant == tls13_default &&
|
335
|
+
version == TLS1_3_DRAFT_VERSION)) {
|
336
|
+
return true;
|
337
|
+
}
|
338
|
+
|
339
|
+
// The server, when not configured at |tls13_default|, should additionally
|
340
|
+
// enable all variants, except draft-21 which is implemented solely for QUIC
|
341
|
+
// interop testing and will not be deployed, and draft-22 which will be
|
342
|
+
// enabled once the draft is finalized and ready to be deployed in Chrome.
|
343
|
+
// Currently, this is to implement the draft-18 vs. experiments field trials.
|
344
|
+
// In the future, this will be to transition cleanly to a final draft-22
|
345
|
+
// which hopefully includes the deployability fixes.
|
346
|
+
if (ssl->server &&
|
347
|
+
ssl->tls13_variant != tls13_default &&
|
348
|
+
version != TLS1_3_DRAFT21_VERSION &&
|
349
|
+
version != TLS1_3_DRAFT22_VERSION) {
|
350
|
+
return true;
|
351
|
+
}
|
352
|
+
|
353
|
+
return false;
|
332
354
|
}
|
333
355
|
|
334
356
|
bool ssl_add_supported_versions(SSL_HANDSHAKE *hs, CBB *cbb) {
|
@@ -375,25 +397,36 @@ bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
375
397
|
return false;
|
376
398
|
}
|
377
399
|
|
400
|
+
bool ssl_is_draft21(uint16_t version) {
|
401
|
+
return version == TLS1_3_DRAFT21_VERSION || version == TLS1_3_DRAFT22_VERSION;
|
402
|
+
}
|
403
|
+
|
404
|
+
bool ssl_is_draft22(uint16_t version) {
|
405
|
+
return version == TLS1_3_DRAFT22_VERSION;
|
406
|
+
}
|
407
|
+
|
378
408
|
bool ssl_is_resumption_experiment(uint16_t version) {
|
379
409
|
return version == TLS1_3_EXPERIMENT_VERSION ||
|
380
410
|
version == TLS1_3_EXPERIMENT2_VERSION ||
|
381
|
-
version == TLS1_3_EXPERIMENT3_VERSION
|
411
|
+
version == TLS1_3_EXPERIMENT3_VERSION ||
|
412
|
+
version == TLS1_3_DRAFT22_VERSION;
|
382
413
|
}
|
383
414
|
|
384
415
|
bool ssl_is_resumption_variant(enum tls13_variant_t variant) {
|
385
416
|
return variant == tls13_experiment || variant == tls13_experiment2 ||
|
386
|
-
variant == tls13_experiment3;
|
417
|
+
variant == tls13_experiment3 || variant == tls13_draft22;
|
387
418
|
}
|
388
419
|
|
389
420
|
bool ssl_is_resumption_client_ccs_experiment(uint16_t version) {
|
390
421
|
return version == TLS1_3_EXPERIMENT_VERSION ||
|
391
|
-
version == TLS1_3_EXPERIMENT2_VERSION
|
422
|
+
version == TLS1_3_EXPERIMENT2_VERSION ||
|
423
|
+
version == TLS1_3_DRAFT22_VERSION;
|
392
424
|
}
|
393
425
|
|
394
426
|
bool ssl_is_resumption_record_version_experiment(uint16_t version) {
|
395
427
|
return version == TLS1_3_EXPERIMENT2_VERSION ||
|
396
|
-
version == TLS1_3_EXPERIMENT3_VERSION
|
428
|
+
version == TLS1_3_EXPERIMENT3_VERSION ||
|
429
|
+
version == TLS1_3_DRAFT22_VERSION;
|
397
430
|
}
|
398
431
|
|
399
432
|
} // namespace bssl
|