grpc 1.12.0 → 1.13.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +314 -23
- data/include/grpc/impl/codegen/fork.h +4 -4
- data/include/grpc/impl/codegen/grpc_types.h +1 -1
- data/include/grpc/impl/codegen/port_platform.h +3 -0
- data/src/boringssl/err_data.c +256 -246
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel.cc +367 -272
- data/src/core/ext/filters/client_channel/lb_policy.h +1 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +42 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +36 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +36 -102
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +37 -32
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +22 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver.h +1 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +0 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/subchannel.cc +3 -3
- data/src/core/ext/filters/http/client_authority_filter.cc +5 -4
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +4 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +123 -131
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +10 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +4 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -12
- data/src/core/ext/transport/chttp2/transport/writing.cc +6 -6
- data/src/core/lib/channel/channel_stack.cc +0 -5
- data/src/core/lib/channel/channel_stack.h +1 -1
- data/src/core/lib/channel/channel_stack_builder.cc +0 -3
- data/src/core/lib/channel/channel_stack_builder.h +0 -2
- data/src/core/lib/channel/channel_trace.cc +3 -3
- data/src/core/lib/channel/channelz_registry.cc +77 -0
- data/src/core/lib/channel/channelz_registry.h +99 -0
- data/src/core/lib/channel/handshaker.cc +20 -1
- data/src/core/lib/debug/stats.h +7 -0
- data/src/core/lib/debug/stats_data.cc +5 -0
- data/src/core/lib/debug/stats_data.h +120 -0
- data/src/core/lib/debug/trace.h +11 -9
- data/src/core/lib/gprpp/fork.cc +260 -0
- data/src/core/lib/gprpp/fork.h +79 -0
- data/src/core/lib/gprpp/memory.h +12 -0
- data/src/core/lib/gprpp/orphanable.h +2 -6
- data/src/core/lib/gprpp/ref_counted.h +2 -6
- data/src/core/lib/gprpp/thd.h +0 -3
- data/src/core/lib/gprpp/thd_posix.cc +4 -53
- data/src/core/lib/gprpp/thd_windows.cc +0 -7
- data/src/core/lib/http/httpcli_security_connector.cc +1 -3
- data/src/core/lib/iomgr/combiner.cc +19 -2
- data/src/core/lib/iomgr/combiner.h +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +2 -2
- data/src/core/lib/iomgr/ev_epollex_linux.cc +59 -3
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +1 -1
- data/src/core/lib/iomgr/ev_poll_posix.cc +2 -2
- data/src/core/lib/iomgr/ev_posix.cc +11 -4
- data/src/core/lib/iomgr/ev_posix.h +6 -0
- data/src/core/lib/iomgr/exec_ctx.cc +9 -9
- data/src/core/lib/iomgr/exec_ctx.h +39 -20
- data/src/core/lib/iomgr/fork_posix.cc +30 -18
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
- data/src/core/lib/iomgr/polling_entity.cc +11 -2
- data/src/core/lib/iomgr/pollset_custom.cc +2 -2
- data/src/core/lib/iomgr/port.h +38 -1
- data/src/core/lib/iomgr/resolve_address.h +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_posix.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_client_custom.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_custom.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +18 -10
- data/src/core/lib/iomgr/tcp_server_posix.cc +9 -8
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +16 -4
- data/src/core/lib/iomgr/timer.h +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +113 -41
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +88 -115
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +16 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -6
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/security_connector/alts_security_connector.cc +2 -1
- data/src/core/lib/security/security_connector/security_connector.cc +7 -7
- data/src/core/lib/security/transport/security_handshaker.cc +1 -0
- data/src/core/lib/security/util/json_util.cc +4 -0
- data/src/core/lib/slice/slice_buffer.cc +15 -3
- data/src/core/lib/surface/call.cc +31 -17
- data/src/core/lib/surface/call.h +5 -0
- data/src/core/lib/surface/channel.cc +2 -5
- data/src/core/lib/surface/completion_queue.cc +1 -3
- data/src/core/lib/surface/completion_queue.h +0 -1
- data/src/core/lib/surface/init.cc +7 -8
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -1
- data/src/core/lib/transport/transport.h +4 -8
- data/src/core/lib/transport/transport_op_string.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -7
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +10 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +28 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +3 -0
- data/src/core/tsi/fake_transport_security.cc +1 -0
- data/src/core/tsi/ssl_transport_security.cc +238 -110
- data/src/core/tsi/transport_security.cc +14 -0
- data/src/core/tsi/transport_security.h +2 -0
- data/src/core/tsi/transport_security_interface.h +11 -1
- data/src/ruby/bin/math_client.rb +17 -9
- data/src/ruby/lib/grpc/generic/rpc_server.rb +2 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +4 -1
- data/third_party/boringssl/crypto/asn1/a_int.c +33 -28
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +24 -22
- data/third_party/boringssl/crypto/asn1/a_utf8.c +13 -11
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +3 -0
- data/third_party/boringssl/crypto/bio/fd.c +1 -0
- data/third_party/boringssl/crypto/bio/file.c +2 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +6 -5
- data/third_party/boringssl/crypto/bytestring/ber.c +1 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +116 -16
- data/third_party/boringssl/crypto/bytestring/cbs.c +150 -20
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +171 -0
- data/third_party/boringssl/crypto/cipher_extra/e_rc2.c +2 -0
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +1 -2
- data/third_party/boringssl/crypto/cpu-aarch64-fuchsia.c +55 -0
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +2 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +16 -54
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +11 -542
- data/third_party/boringssl/crypto/fipsmodule/bn/add.c +33 -64
- data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +4 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +122 -70
- data/third_party/boringssl/crypto/fipsmodule/bn/bytes.c +32 -71
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +58 -112
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +198 -122
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +31 -65
- data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +2 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +98 -15
- data/third_party/boringssl/crypto/fipsmodule/bn/jacobi.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +124 -81
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +8 -30
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +303 -347
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +2 -3
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +3 -4
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +199 -222
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +27 -47
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +45 -28
- data/third_party/boringssl/crypto/fipsmodule/bn/sqrt.c +1 -1
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +10 -10
- data/third_party/boringssl/crypto/fipsmodule/des/internal.h +2 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +78 -47
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +35 -54
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +3 -10
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +36 -22
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +59 -90
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +29 -48
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +17 -26
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +15 -11
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +45 -51
- data/third_party/boringssl/crypto/fipsmodule/ec/{util-64.c → util.c} +0 -5
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +144 -264
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +78 -56
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +256 -0
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +36 -32
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +9 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +16 -10
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +255 -102
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +581 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/internal.h +39 -0
- data/third_party/boringssl/crypto/fipsmodule/tls/kdf.c +165 -0
- data/third_party/boringssl/crypto/internal.h +65 -2
- data/third_party/boringssl/crypto/mem.c +0 -2
- data/third_party/boringssl/crypto/obj/obj.c +6 -73
- data/third_party/boringssl/crypto/thread_pthread.c +35 -5
- data/third_party/boringssl/crypto/x509/a_strex.c +11 -11
- data/third_party/boringssl/crypto/x509/x_name.c +13 -0
- data/third_party/boringssl/include/openssl/aead.h +4 -0
- data/third_party/boringssl/include/openssl/asn1.h +1 -3
- data/third_party/boringssl/include/openssl/base.h +1 -14
- data/third_party/boringssl/include/openssl/bio.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +49 -15
- data/third_party/boringssl/include/openssl/bytestring.h +49 -24
- data/third_party/boringssl/include/openssl/crypto.h +4 -0
- data/third_party/boringssl/include/openssl/ec_key.h +7 -3
- data/third_party/boringssl/include/openssl/err.h +9 -9
- data/third_party/boringssl/include/openssl/evp.h +1 -1
- data/third_party/boringssl/include/openssl/rsa.h +34 -10
- data/third_party/boringssl/include/openssl/ssl.h +160 -17
- data/third_party/boringssl/include/openssl/stack.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +10 -2
- data/third_party/boringssl/include/openssl/x509.h +3 -0
- data/third_party/boringssl/ssl/d1_both.cc +16 -2
- data/third_party/boringssl/ssl/dtls_method.cc +1 -1
- data/third_party/boringssl/ssl/handoff.cc +285 -0
- data/third_party/boringssl/ssl/handshake.cc +26 -12
- data/third_party/boringssl/ssl/handshake_client.cc +65 -31
- data/third_party/boringssl/ssl/handshake_server.cc +14 -2
- data/third_party/boringssl/ssl/internal.h +132 -79
- data/third_party/boringssl/ssl/s3_both.cc +2 -2
- data/third_party/boringssl/ssl/s3_lib.cc +3 -1
- data/third_party/boringssl/ssl/s3_pkt.cc +0 -18
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +1 -4
- data/third_party/boringssl/ssl/ssl_asn1.cc +47 -43
- data/third_party/boringssl/ssl/ssl_cipher.cc +8 -8
- data/third_party/boringssl/ssl/ssl_key_share.cc +3 -1
- data/third_party/boringssl/ssl/ssl_lib.cc +83 -14
- data/third_party/boringssl/ssl/ssl_privkey.cc +6 -0
- data/third_party/boringssl/ssl/ssl_stat.cc +6 -6
- data/third_party/boringssl/ssl/ssl_versions.cc +12 -85
- data/third_party/boringssl/ssl/ssl_x509.cc +59 -61
- data/third_party/boringssl/ssl/t1_enc.cc +73 -124
- data/third_party/boringssl/ssl/t1_lib.cc +367 -41
- data/third_party/boringssl/ssl/tls13_both.cc +8 -0
- data/third_party/boringssl/ssl/tls13_client.cc +98 -184
- data/third_party/boringssl/ssl/tls13_enc.cc +88 -158
- data/third_party/boringssl/ssl/tls13_server.cc +91 -137
- data/third_party/boringssl/ssl/tls_method.cc +0 -17
- data/third_party/boringssl/ssl/tls_record.cc +1 -10
- data/third_party/boringssl/third_party/fiat/curve25519.c +921 -2753
- data/third_party/boringssl/third_party/fiat/curve25519_tables.h +7880 -0
- data/third_party/boringssl/third_party/fiat/internal.h +32 -20
- data/third_party/boringssl/third_party/fiat/p256.c +1824 -0
- metadata +64 -64
- data/src/core/lib/channel/channel_trace_registry.cc +0 -80
- data/src/core/lib/channel/channel_trace_registry.h +0 -43
- data/src/core/lib/gpr/fork.cc +0 -78
- data/src/core/lib/gpr/fork.h +0 -35
- data/src/core/tsi/transport_security_adapter.cc +0 -235
- data/src/core/tsi/transport_security_adapter.h +0 -41
- data/src/ruby/bin/apis/google/protobuf/empty.rb +0 -29
- data/src/ruby/bin/apis/pubsub_demo.rb +0 -241
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +0 -159
- data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +0 -88
- data/src/ruby/pb/test/client.rb +0 -764
- data/src/ruby/pb/test/server.rb +0 -252
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +0 -247
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +0 -1674
@@ -0,0 +1,39 @@
|
|
1
|
+
/* Copyright (c) 2018, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_TLS_INTERNAL_H
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_FIPSMODULE_TLS_INTERNAL_H
|
17
|
+
|
18
|
+
#include <openssl/base.h>
|
19
|
+
|
20
|
+
#if defined(__cplusplus)
|
21
|
+
extern "C" {
|
22
|
+
#endif
|
23
|
+
|
24
|
+
|
25
|
+
// tls1_prf calculates |out_len| bytes of the TLS PDF, using |digest|, and
|
26
|
+
// writes them to |out|. It returns one on success and zero on error.
|
27
|
+
OPENSSL_EXPORT int CRYPTO_tls1_prf(const EVP_MD *digest,
|
28
|
+
uint8_t *out, size_t out_len,
|
29
|
+
const uint8_t *secret, size_t secret_len,
|
30
|
+
const char *label, size_t label_len,
|
31
|
+
const uint8_t *seed1, size_t seed1_len,
|
32
|
+
const uint8_t *seed2, size_t seed2_len);
|
33
|
+
|
34
|
+
|
35
|
+
#if defined(__cplusplus)
|
36
|
+
}
|
37
|
+
#endif
|
38
|
+
|
39
|
+
#endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_TLS_INTERNAL_H
|
@@ -0,0 +1,165 @@
|
|
1
|
+
/* ====================================================================
|
2
|
+
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
3
|
+
*
|
4
|
+
* Redistribution and use in source and binary forms, with or without
|
5
|
+
* modification, are permitted provided that the following conditions
|
6
|
+
* are met:
|
7
|
+
*
|
8
|
+
* 1. Redistributions of source code must retain the above copyright
|
9
|
+
* notice, this list of conditions and the following disclaimer.
|
10
|
+
*
|
11
|
+
* 2. Redistributions in binary form must reproduce the above copyright
|
12
|
+
* notice, this list of conditions and the following disclaimer in
|
13
|
+
* the documentation and/or other materials provided with the
|
14
|
+
* distribution.
|
15
|
+
*
|
16
|
+
* 3. All advertising materials mentioning features or use of this
|
17
|
+
* software must display the following acknowledgment:
|
18
|
+
* "This product includes software developed by the OpenSSL Project
|
19
|
+
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
20
|
+
*
|
21
|
+
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
22
|
+
* endorse or promote products derived from this software without
|
23
|
+
* prior written permission. For written permission, please contact
|
24
|
+
* openssl-core@openssl.org.
|
25
|
+
*
|
26
|
+
* 5. Products derived from this software may not be called "OpenSSL"
|
27
|
+
* nor may "OpenSSL" appear in their names without prior written
|
28
|
+
* permission of the OpenSSL Project.
|
29
|
+
*
|
30
|
+
* 6. Redistributions of any form whatsoever must retain the following
|
31
|
+
* acknowledgment:
|
32
|
+
* "This product includes software developed by the OpenSSL Project
|
33
|
+
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
34
|
+
*
|
35
|
+
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
36
|
+
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
37
|
+
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
38
|
+
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
39
|
+
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
40
|
+
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
41
|
+
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
42
|
+
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
43
|
+
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
44
|
+
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
45
|
+
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
46
|
+
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
47
|
+
* ====================================================================
|
48
|
+
*
|
49
|
+
* This product includes cryptographic software written by Eric Young
|
50
|
+
* (eay@cryptsoft.com). This product includes software written by Tim
|
51
|
+
* Hudson (tjh@cryptsoft.com). */
|
52
|
+
|
53
|
+
#include <assert.h>
|
54
|
+
|
55
|
+
#include <openssl/digest.h>
|
56
|
+
#include <openssl/hmac.h>
|
57
|
+
#include <openssl/mem.h>
|
58
|
+
|
59
|
+
#include "internal.h"
|
60
|
+
#include "../../internal.h"
|
61
|
+
|
62
|
+
|
63
|
+
// tls1_P_hash computes the TLS P_<hash> function as described in RFC 5246,
|
64
|
+
// section 5. It XORs |out_len| bytes to |out|, using |md| as the hash and
|
65
|
+
// |secret| as the secret. |label|, |seed1|, and |seed2| are concatenated to
|
66
|
+
// form the seed parameter. It returns true on success and false on failure.
|
67
|
+
static int tls1_P_hash(uint8_t *out, size_t out_len,
|
68
|
+
const EVP_MD *md,
|
69
|
+
const uint8_t *secret, size_t secret_len,
|
70
|
+
const char *label, size_t label_len,
|
71
|
+
const uint8_t *seed1, size_t seed1_len,
|
72
|
+
const uint8_t *seed2, size_t seed2_len) {
|
73
|
+
HMAC_CTX ctx, ctx_tmp, ctx_init;
|
74
|
+
uint8_t A1[EVP_MAX_MD_SIZE];
|
75
|
+
unsigned A1_len;
|
76
|
+
int ret = 0;
|
77
|
+
|
78
|
+
const size_t chunk = EVP_MD_size(md);
|
79
|
+
HMAC_CTX_init(&ctx);
|
80
|
+
HMAC_CTX_init(&ctx_tmp);
|
81
|
+
HMAC_CTX_init(&ctx_init);
|
82
|
+
|
83
|
+
if (!HMAC_Init_ex(&ctx_init, secret, secret_len, md, NULL) ||
|
84
|
+
!HMAC_CTX_copy_ex(&ctx, &ctx_init) ||
|
85
|
+
!HMAC_Update(&ctx, (const uint8_t *) label, label_len) ||
|
86
|
+
!HMAC_Update(&ctx, seed1, seed1_len) ||
|
87
|
+
!HMAC_Update(&ctx, seed2, seed2_len) ||
|
88
|
+
!HMAC_Final(&ctx, A1, &A1_len)) {
|
89
|
+
goto err;
|
90
|
+
}
|
91
|
+
|
92
|
+
for (;;) {
|
93
|
+
unsigned len;
|
94
|
+
uint8_t hmac[EVP_MAX_MD_SIZE];
|
95
|
+
if (!HMAC_CTX_copy_ex(&ctx, &ctx_init) ||
|
96
|
+
!HMAC_Update(&ctx, A1, A1_len) ||
|
97
|
+
// Save a copy of |ctx| to compute the next A1 value below.
|
98
|
+
(out_len > chunk && !HMAC_CTX_copy_ex(&ctx_tmp, &ctx)) ||
|
99
|
+
!HMAC_Update(&ctx, (const uint8_t *) label, label_len) ||
|
100
|
+
!HMAC_Update(&ctx, seed1, seed1_len) ||
|
101
|
+
!HMAC_Update(&ctx, seed2, seed2_len) ||
|
102
|
+
!HMAC_Final(&ctx, hmac, &len)) {
|
103
|
+
goto err;
|
104
|
+
}
|
105
|
+
assert(len == chunk);
|
106
|
+
|
107
|
+
// XOR the result into |out|.
|
108
|
+
if (len > out_len) {
|
109
|
+
len = out_len;
|
110
|
+
}
|
111
|
+
for (unsigned i = 0; i < len; i++) {
|
112
|
+
out[i] ^= hmac[i];
|
113
|
+
}
|
114
|
+
out += len;
|
115
|
+
out_len -= len;
|
116
|
+
|
117
|
+
if (out_len == 0) {
|
118
|
+
break;
|
119
|
+
}
|
120
|
+
|
121
|
+
// Calculate the next A1 value.
|
122
|
+
if (!HMAC_Final(&ctx_tmp, A1, &A1_len)) {
|
123
|
+
goto err;
|
124
|
+
}
|
125
|
+
}
|
126
|
+
|
127
|
+
ret = 1;
|
128
|
+
|
129
|
+
err:
|
130
|
+
OPENSSL_cleanse(A1, sizeof(A1));
|
131
|
+
HMAC_CTX_cleanup(&ctx);
|
132
|
+
HMAC_CTX_cleanup(&ctx_tmp);
|
133
|
+
HMAC_CTX_cleanup(&ctx_init);
|
134
|
+
return ret;
|
135
|
+
}
|
136
|
+
|
137
|
+
int CRYPTO_tls1_prf(const EVP_MD *digest,
|
138
|
+
uint8_t *out, size_t out_len,
|
139
|
+
const uint8_t *secret, size_t secret_len,
|
140
|
+
const char *label, size_t label_len,
|
141
|
+
const uint8_t *seed1, size_t seed1_len,
|
142
|
+
const uint8_t *seed2, size_t seed2_len) {
|
143
|
+
if (out_len == 0) {
|
144
|
+
return 1;
|
145
|
+
}
|
146
|
+
|
147
|
+
OPENSSL_memset(out, 0, out_len);
|
148
|
+
|
149
|
+
if (digest == EVP_md5_sha1()) {
|
150
|
+
// If using the MD5/SHA1 PRF, |secret| is partitioned between MD5 and SHA-1.
|
151
|
+
size_t secret_half = secret_len - (secret_len / 2);
|
152
|
+
if (!tls1_P_hash(out, out_len, EVP_md5(), secret, secret_half, label,
|
153
|
+
label_len, seed1, seed1_len, seed2, seed2_len)) {
|
154
|
+
return 0;
|
155
|
+
}
|
156
|
+
|
157
|
+
// Note that, if |secret_len| is odd, the two halves share a byte.
|
158
|
+
secret += secret_len - secret_half;
|
159
|
+
secret_len = secret_half;
|
160
|
+
digest = EVP_sha1();
|
161
|
+
}
|
162
|
+
|
163
|
+
return tls1_P_hash(out, out_len, digest, secret, secret_len, label, label_len,
|
164
|
+
seed1, seed1_len, seed2, seed2_len);
|
165
|
+
}
|
@@ -116,7 +116,14 @@
|
|
116
116
|
#include <assert.h>
|
117
117
|
#include <string.h>
|
118
118
|
|
119
|
-
#if
|
119
|
+
#if defined(__GNUC__) && \
|
120
|
+
(__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) < 40800
|
121
|
+
// |alignas| and |alignof| were added in C11. GCC added support in version 4.8.
|
122
|
+
// Testing for __STDC_VERSION__/__cplusplus doesn't work because 4.7 already
|
123
|
+
// reports support for C11.
|
124
|
+
#define alignas(x) __attribute__ ((aligned (x)))
|
125
|
+
#define alignof(x) __alignof__ (x)
|
126
|
+
#elif !defined(__cplusplus)
|
120
127
|
#if defined(_MSC_VER)
|
121
128
|
#define alignas(x) __declspec(align(x))
|
122
129
|
#define alignof __alignof
|
@@ -151,13 +158,34 @@ void OPENSSL_cpuid_setup(void);
|
|
151
158
|
#endif
|
152
159
|
|
153
160
|
|
154
|
-
#if !defined(_MSC_VER) && defined(OPENSSL_64_BIT)
|
161
|
+
#if (!defined(_MSC_VER) || defined(__clang__)) && defined(OPENSSL_64_BIT)
|
162
|
+
#define BORINGSSL_HAS_UINT128
|
155
163
|
typedef __int128_t int128_t;
|
156
164
|
typedef __uint128_t uint128_t;
|
165
|
+
|
166
|
+
// clang-cl supports __uint128_t but modulus and division don't work.
|
167
|
+
// https://crbug.com/787617.
|
168
|
+
#if !defined(_MSC_VER) || !defined(__clang__)
|
169
|
+
#define BORINGSSL_CAN_DIVIDE_UINT128
|
170
|
+
#endif
|
157
171
|
#endif
|
158
172
|
|
159
173
|
#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0]))
|
160
174
|
|
175
|
+
// Have a generic fall-through for different versions of C/C++.
|
176
|
+
#if defined(__cplusplus) && __cplusplus >= 201703L
|
177
|
+
#define OPENSSL_FALLTHROUGH [[fallthrough]]
|
178
|
+
#elif defined(__cplusplus) && __cplusplus >= 201103L && defined(__clang__)
|
179
|
+
#define OPENSSL_FALLTHROUGH [[clang::fallthrough]]
|
180
|
+
#elif defined(__cplusplus) && __cplusplus >= 201103L && defined(__GNUC__) && \
|
181
|
+
__GNUC__ >= 7
|
182
|
+
#define OPENSSL_FALLTHROUGH [[gnu::fallthrough]]
|
183
|
+
#elif defined(__GNUC__) && __GNUC__ >= 7 // gcc 7
|
184
|
+
#define OPENSSL_FALLTHROUGH __attribute__ ((fallthrough))
|
185
|
+
#else // C++11 on gcc 6, and all other cases
|
186
|
+
#define OPENSSL_FALLTHROUGH
|
187
|
+
#endif
|
188
|
+
|
161
189
|
// buffers_alias returns one if |a| and |b| alias and zero otherwise.
|
162
190
|
static inline int buffers_alias(const uint8_t *a, size_t a_len,
|
163
191
|
const uint8_t *b, size_t b_len) {
|
@@ -584,6 +612,41 @@ OPENSSL_EXPORT void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class,
|
|
584
612
|
void *obj, CRYPTO_EX_DATA *ad);
|
585
613
|
|
586
614
|
|
615
|
+
// Endianness conversions.
|
616
|
+
|
617
|
+
#if defined(__GNUC__) && __GNUC__ >= 2
|
618
|
+
static inline uint32_t CRYPTO_bswap4(uint32_t x) {
|
619
|
+
return __builtin_bswap32(x);
|
620
|
+
}
|
621
|
+
|
622
|
+
static inline uint64_t CRYPTO_bswap8(uint64_t x) {
|
623
|
+
return __builtin_bswap64(x);
|
624
|
+
}
|
625
|
+
#elif defined(_MSC_VER)
|
626
|
+
OPENSSL_MSVC_PRAGMA(warning(push, 3))
|
627
|
+
#include <intrin.h>
|
628
|
+
OPENSSL_MSVC_PRAGMA(warning(pop))
|
629
|
+
#pragma intrinsic(_byteswap_uint64, _byteswap_ulong)
|
630
|
+
static inline uint32_t CRYPTO_bswap4(uint32_t x) {
|
631
|
+
return _byteswap_ulong(x);
|
632
|
+
}
|
633
|
+
|
634
|
+
static inline uint64_t CRYPTO_bswap8(uint64_t x) {
|
635
|
+
return _byteswap_uint64(x);
|
636
|
+
}
|
637
|
+
#else
|
638
|
+
static inline uint32_t CRYPTO_bswap4(uint32_t x) {
|
639
|
+
x = (x >> 16) | (x << 16);
|
640
|
+
x = ((x & 0xff00ff00) >> 8) | ((x & 0x00ff00ff) << 8);
|
641
|
+
return x;
|
642
|
+
}
|
643
|
+
|
644
|
+
static inline uint64_t CRYPTO_bswap8(uint64_t x) {
|
645
|
+
return CRYPTO_bswap4(x >> 32) | (((uint64_t)CRYPTO_bswap4(x)) << 32);
|
646
|
+
}
|
647
|
+
#endif
|
648
|
+
|
649
|
+
|
587
650
|
// Language bug workarounds.
|
588
651
|
//
|
589
652
|
// Most C standard library functions are undefined if passed NULL, even when the
|
@@ -434,36 +434,6 @@ static int strlcpy_int(char *dst, const char *src, int dst_size) {
|
|
434
434
|
return (int)ret;
|
435
435
|
}
|
436
436
|
|
437
|
-
static int parse_oid_component(CBS *cbs, uint64_t *out) {
|
438
|
-
uint64_t v = 0;
|
439
|
-
uint8_t b;
|
440
|
-
do {
|
441
|
-
if (!CBS_get_u8(cbs, &b)) {
|
442
|
-
return 0;
|
443
|
-
}
|
444
|
-
if ((v >> (64 - 7)) != 0) {
|
445
|
-
// The component is too large.
|
446
|
-
return 0;
|
447
|
-
}
|
448
|
-
if (v == 0 && b == 0x80) {
|
449
|
-
// The component must be minimally encoded.
|
450
|
-
return 0;
|
451
|
-
}
|
452
|
-
v = (v << 7) | (b & 0x7f);
|
453
|
-
|
454
|
-
// Components end at an octet with the high bit cleared.
|
455
|
-
} while (b & 0x80);
|
456
|
-
|
457
|
-
*out = v;
|
458
|
-
return 1;
|
459
|
-
}
|
460
|
-
|
461
|
-
static int add_decimal(CBB *out, uint64_t v) {
|
462
|
-
char buf[DECIMAL_SIZE(uint64_t) + 1];
|
463
|
-
BIO_snprintf(buf, sizeof(buf), "%" PRIu64, v);
|
464
|
-
return CBB_add_bytes(out, (const uint8_t *)buf, strlen(buf));
|
465
|
-
}
|
466
|
-
|
467
437
|
int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj,
|
468
438
|
int always_return_oid) {
|
469
439
|
// Python depends on the empty OID successfully encoding as the empty
|
@@ -485,56 +455,19 @@ int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj,
|
|
485
455
|
}
|
486
456
|
}
|
487
457
|
|
488
|
-
CBB cbb;
|
489
|
-
if (!CBB_init(&cbb, 32)) {
|
490
|
-
goto err;
|
491
|
-
}
|
492
|
-
|
493
458
|
CBS cbs;
|
494
459
|
CBS_init(&cbs, obj->data, obj->length);
|
495
|
-
|
496
|
-
|
497
|
-
|
498
|
-
|
499
|
-
goto err;
|
500
|
-
}
|
501
|
-
|
502
|
-
if (v >= 80) {
|
503
|
-
if (!CBB_add_bytes(&cbb, (const uint8_t *)"2.", 2) ||
|
504
|
-
!add_decimal(&cbb, v - 80)) {
|
505
|
-
goto err;
|
506
|
-
}
|
507
|
-
} else if (!add_decimal(&cbb, v / 40) ||
|
508
|
-
!CBB_add_u8(&cbb, '.') ||
|
509
|
-
!add_decimal(&cbb, v % 40)) {
|
510
|
-
goto err;
|
511
|
-
}
|
512
|
-
|
513
|
-
while (CBS_len(&cbs) != 0) {
|
514
|
-
if (!parse_oid_component(&cbs, &v) ||
|
515
|
-
!CBB_add_u8(&cbb, '.') ||
|
516
|
-
!add_decimal(&cbb, v)) {
|
517
|
-
goto err;
|
460
|
+
char *txt = CBS_asn1_oid_to_text(&cbs);
|
461
|
+
if (txt == NULL) {
|
462
|
+
if (out_len > 0) {
|
463
|
+
out[0] = '\0';
|
518
464
|
}
|
465
|
+
return -1;
|
519
466
|
}
|
520
467
|
|
521
|
-
|
522
|
-
size_t txt_len;
|
523
|
-
if (!CBB_add_u8(&cbb, '\0') ||
|
524
|
-
!CBB_finish(&cbb, &txt, &txt_len)) {
|
525
|
-
goto err;
|
526
|
-
}
|
527
|
-
|
528
|
-
int ret = strlcpy_int(out, (const char *)txt, out_len);
|
468
|
+
int ret = strlcpy_int(out, txt, out_len);
|
529
469
|
OPENSSL_free(txt);
|
530
470
|
return ret;
|
531
|
-
|
532
|
-
err:
|
533
|
-
CBB_cleanup(&cbb);
|
534
|
-
if (out_len > 0) {
|
535
|
-
out[0] = '\0';
|
536
|
-
}
|
537
|
-
return -1;
|
538
471
|
}
|
539
472
|
|
540
473
|
static uint32_t hash_nid(const ASN1_OBJECT *obj) {
|
@@ -94,6 +94,8 @@ void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void)) {
|
|
94
94
|
static pthread_mutex_t g_destructors_lock = PTHREAD_MUTEX_INITIALIZER;
|
95
95
|
static thread_local_destructor_t g_destructors[NUM_OPENSSL_THREAD_LOCALS];
|
96
96
|
|
97
|
+
// thread_local_destructor is called when a thread exits. It releases thread
|
98
|
+
// local data for that thread only.
|
97
99
|
static void thread_local_destructor(void *arg) {
|
98
100
|
if (arg == NULL) {
|
99
101
|
return;
|
@@ -119,16 +121,44 @@ static void thread_local_destructor(void *arg) {
|
|
119
121
|
|
120
122
|
static pthread_once_t g_thread_local_init_once = PTHREAD_ONCE_INIT;
|
121
123
|
static pthread_key_t g_thread_local_key;
|
122
|
-
static int
|
124
|
+
static int g_thread_local_key_created = 0;
|
125
|
+
|
126
|
+
// OPENSSL_DANGEROUS_RELEASE_PTHREAD_KEY can be defined to cause
|
127
|
+
// |pthread_key_delete| to be called in a destructor function. This can be
|
128
|
+
// useful for programs that dlclose BoringSSL.
|
129
|
+
//
|
130
|
+
// Note that dlclose()ing BoringSSL is not supported and will leak memory:
|
131
|
+
// thread-local values will be leaked as well as anything initialised via a
|
132
|
+
// once. The |pthread_key_t| is destroyed because they run out very quickly,
|
133
|
+
// while the other leaks are slow, and this allows code that happens to use
|
134
|
+
// dlclose() despite all the problems to continue functioning.
|
135
|
+
//
|
136
|
+
// This is marked "dangerous" because it can cause multi-threaded processes to
|
137
|
+
// crash (even if they don't use dlclose): if the destructor runs while other
|
138
|
+
// threads are still executing then they may end up using an invalid key to
|
139
|
+
// access thread-local variables.
|
140
|
+
//
|
141
|
+
// This may be removed after February 2020.
|
142
|
+
#if defined(OPENSSL_DANGEROUS_RELEASE_PTHREAD_KEY) && \
|
143
|
+
(defined(__GNUC__) || defined(__clang__))
|
144
|
+
// thread_key_destructor is called when the library is unloaded with dlclose.
|
145
|
+
static void thread_key_destructor(void) __attribute__((destructor, unused));
|
146
|
+
static void thread_key_destructor(void) {
|
147
|
+
if (g_thread_local_key_created) {
|
148
|
+
g_thread_local_key_created = 0;
|
149
|
+
pthread_key_delete(g_thread_local_key);
|
150
|
+
}
|
151
|
+
}
|
152
|
+
#endif
|
123
153
|
|
124
154
|
static void thread_local_init(void) {
|
125
|
-
|
126
|
-
pthread_key_create(&g_thread_local_key, thread_local_destructor)
|
155
|
+
g_thread_local_key_created =
|
156
|
+
pthread_key_create(&g_thread_local_key, thread_local_destructor) == 0;
|
127
157
|
}
|
128
158
|
|
129
159
|
void *CRYPTO_get_thread_local(thread_local_data_t index) {
|
130
160
|
CRYPTO_once(&g_thread_local_init_once, thread_local_init);
|
131
|
-
if (
|
161
|
+
if (!g_thread_local_key_created) {
|
132
162
|
return NULL;
|
133
163
|
}
|
134
164
|
|
@@ -142,7 +172,7 @@ void *CRYPTO_get_thread_local(thread_local_data_t index) {
|
|
142
172
|
int CRYPTO_set_thread_local(thread_local_data_t index, void *value,
|
143
173
|
thread_local_destructor_t destructor) {
|
144
174
|
CRYPTO_once(&g_thread_local_init_once, thread_local_init);
|
145
|
-
if (
|
175
|
+
if (!g_thread_local_key_created) {
|
146
176
|
destructor(value);
|
147
177
|
return 0;
|
148
178
|
}
|