grpc 1.24.0 → 1.25.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +306 -243
- data/etc/roots.pem +0 -100
- data/include/grpc/grpc_security.h +44 -18
- data/include/grpc/impl/codegen/grpc_types.h +15 -0
- data/include/grpc/impl/codegen/port_platform.h +27 -11
- data/include/grpc/impl/codegen/sync_generic.h +1 -1
- data/src/boringssl/err_data.c +695 -650
- data/src/core/ext/filters/client_channel/client_channel.cc +257 -179
- data/src/core/ext/filters/client_channel/client_channel.h +24 -0
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +2 -3
- data/src/core/ext/filters/client_channel/client_channel_factory.h +1 -5
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +18 -45
- data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -13
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +65 -55
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +14 -14
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +113 -36
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +14 -19
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +3 -10
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +814 -1589
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +2 -5
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -6
- data/src/core/ext/filters/client_channel/resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver.h +8 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +25 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +46 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +10 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +7 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +111 -44
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +22 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +29 -10
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +27 -36
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +7 -10
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -16
- data/src/core/ext/filters/client_channel/resolver_factory.h +4 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver_registry.h +1 -1
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +7 -10
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +7 -8
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +1 -1
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
- data/src/core/ext/filters/client_channel/retry_throttle.h +1 -4
- data/src/core/ext/filters/client_channel/service_config.h +8 -8
- data/src/core/ext/filters/client_channel/subchannel.cc +53 -86
- data/src/core/ext/filters/client_channel/subchannel.h +7 -9
- data/src/core/ext/filters/client_channel/subchannel_interface.h +9 -13
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +3 -6
- data/src/core/ext/filters/client_channel/{lb_policy/xds/xds_load_balancer_api.cc → xds/xds_api.cc} +169 -52
- data/src/core/ext/filters/client_channel/xds/xds_api.h +171 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +450 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +99 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel.h +8 -6
- data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel_secure.cc +28 -11
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +1413 -0
- data/src/core/ext/filters/client_channel/xds/xds_client.h +221 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.cc +1 -5
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.h +3 -4
- data/src/core/ext/filters/deadline/deadline_filter.cc +20 -20
- data/src/core/ext/filters/http/client/http_client_filter.cc +15 -15
- data/src/core/ext/filters/http/client_authority_filter.cc +14 -14
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +12 -12
- data/src/core/ext/filters/max_age/max_age_filter.cc +59 -50
- data/src/core/ext/filters/message_size/message_size_filter.cc +18 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +15 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +233 -175
- data/src/core/ext/transport/chttp2/transport/flow_control.h +21 -24
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +253 -163
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +24 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +13 -15
- data/src/core/ext/transport/chttp2/transport/writing.cc +3 -0
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
- data/src/core/lib/channel/channel_args.cc +16 -0
- data/src/core/lib/channel/channel_args.h +22 -0
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +20 -20
- data/src/core/lib/channel/handshaker.h +3 -4
- data/src/core/lib/channel/handshaker_factory.h +1 -3
- data/src/core/lib/debug/trace.h +3 -2
- data/src/core/lib/gprpp/arena.cc +3 -3
- data/src/core/lib/gprpp/arena.h +2 -3
- data/src/core/lib/gprpp/inlined_vector.h +9 -0
- data/src/core/lib/gprpp/map.h +3 -501
- data/src/core/lib/gprpp/memory.h +45 -41
- data/src/core/lib/gprpp/mpscq.cc +108 -0
- data/src/core/lib/gprpp/mpscq.h +98 -0
- data/src/core/lib/gprpp/orphanable.h +6 -11
- data/src/core/lib/gprpp/ref_counted.h +25 -19
- data/src/core/lib/gprpp/set.h +33 -0
- data/src/core/lib/gprpp/thd.h +2 -4
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli_security_connector.cc +15 -11
- data/src/core/lib/http/parser.cc +1 -1
- data/src/core/lib/iomgr/buffer_list.cc +4 -5
- data/src/core/lib/iomgr/buffer_list.h +5 -6
- data/src/core/lib/iomgr/call_combiner.cc +4 -5
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/cfstream_handle.h +3 -5
- data/src/core/lib/iomgr/closure.h +8 -3
- data/src/core/lib/iomgr/combiner.cc +45 -82
- data/src/core/lib/iomgr/combiner.h +32 -8
- data/src/core/lib/iomgr/endpoint_cfstream.cc +5 -3
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -15
- data/src/core/lib/iomgr/exec_ctx.h +4 -3
- data/src/core/lib/iomgr/executor.cc +4 -2
- data/src/core/lib/iomgr/executor.h +3 -0
- data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -6
- data/src/core/lib/iomgr/executor/threadpool.cc +1 -2
- data/src/core/lib/iomgr/executor/threadpool.h +7 -11
- data/src/core/lib/iomgr/resource_quota.cc +55 -51
- data/src/core/lib/iomgr/resource_quota.h +13 -9
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +13 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +4 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -11
- data/src/core/lib/iomgr/tcp_custom.cc +9 -7
- data/src/core/lib/iomgr/tcp_posix.cc +20 -16
- data/src/core/lib/iomgr/tcp_server.h +1 -4
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -5
- data/src/core/lib/iomgr/tcp_server_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -11
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +3 -2
- data/src/core/lib/iomgr/udp_server.h +6 -12
- data/src/core/lib/json/json.h +1 -1
- data/src/core/lib/json/json_string.cc +2 -2
- data/src/core/lib/profiling/basic_timers.cc +2 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +4 -20
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +4 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +64 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/security_connector.h +19 -17
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +8 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +1 -1
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -6
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.h +4 -2
- data/src/core/lib/security/transport/client_auth_filter.cc +17 -17
- data/src/core/lib/security/transport/security_handshaker.cc +29 -13
- data/src/core/lib/security/transport/security_handshaker.h +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +14 -14
- data/src/core/lib/slice/slice.cc +2 -10
- data/src/core/lib/slice/slice_hash_table.h +4 -6
- data/src/core/lib/slice/slice_intern.cc +42 -39
- data/src/core/lib/slice/slice_internal.h +3 -3
- data/src/core/lib/slice/slice_utils.h +21 -4
- data/src/core/lib/slice/slice_weak_hash_table.h +4 -6
- data/src/core/lib/surface/call.cc +3 -3
- data/src/core/lib/surface/channel.cc +7 -0
- data/src/core/lib/surface/completion_queue.cc +12 -11
- data/src/core/lib/surface/completion_queue.h +4 -2
- data/src/core/lib/surface/init.cc +1 -0
- data/src/core/lib/surface/lame_client.cc +33 -18
- data/src/core/lib/surface/server.cc +77 -76
- data/src/core/lib/surface/version.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -7
- data/src/core/lib/transport/connectivity_state.cc +112 -98
- data/src/core/lib/transport/connectivity_state.h +100 -50
- data/src/core/lib/transport/static_metadata.cc +276 -288
- data/src/core/lib/transport/static_metadata.h +73 -76
- data/src/core/lib/transport/status_conversion.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +12 -4
- data/src/core/lib/transport/transport_op_string.cc +14 -11
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +5 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +12 -2
- data/src/core/tsi/fake_transport_security.cc +7 -5
- data/src/core/tsi/grpc_shadow_boringssl.h +2918 -2627
- data/src/core/tsi/local_transport_security.cc +8 -6
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +7 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -6
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +12 -12
- data/src/core/tsi/ssl_transport_security.h +2 -2
- data/src/core/tsi/transport_security_grpc.cc +7 -0
- data/src/core/tsi/transport_security_grpc.h +6 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/ext/grpc/rb_call.c +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +1 -1
- data/src/ruby/lib/grpc/generic/rpc_server.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
- data/third_party/boringssl/crypto/asn1/a_bool.c +18 -5
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +17 -221
- data/third_party/boringssl/crypto/asn1/a_dup.c +0 -24
- data/third_party/boringssl/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +10 -72
- data/third_party/boringssl/crypto/asn1/a_int.c +12 -71
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +110 -216
- data/third_party/boringssl/crypto/asn1/a_object.c +16 -5
- data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -1
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +3 -1
- data/third_party/boringssl/crypto/base64/base64.c +2 -2
- data/third_party/boringssl/crypto/bio/bio.c +73 -9
- data/third_party/boringssl/crypto/bio/connect.c +4 -0
- data/third_party/boringssl/crypto/bio/fd.c +4 -0
- data/third_party/boringssl/crypto/bio/file.c +5 -2
- data/third_party/boringssl/crypto/bio/socket.c +4 -0
- data/third_party/boringssl/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +11 -7
- data/third_party/boringssl/crypto/bytestring/ber.c +8 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +19 -7
- data/third_party/boringssl/crypto/bytestring/cbs.c +28 -15
- data/third_party/boringssl/crypto/bytestring/internal.h +28 -7
- data/third_party/boringssl/crypto/bytestring/unicode.c +155 -0
- data/third_party/boringssl/crypto/chacha/chacha.c +36 -19
- data/third_party/boringssl/crypto/chacha/internal.h +45 -0
- data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +29 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +269 -25
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +16 -14
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +54 -38
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +133 -41
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +23 -15
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +24 -15
- data/third_party/boringssl/crypto/cmac/cmac.c +62 -25
- data/third_party/boringssl/crypto/conf/conf.c +7 -0
- data/third_party/boringssl/crypto/cpu-arm-linux.c +4 -148
- data/third_party/boringssl/crypto/cpu-arm-linux.h +201 -0
- data/third_party/boringssl/crypto/cpu-intel.c +45 -51
- data/third_party/boringssl/crypto/crypto.c +39 -22
- data/third_party/boringssl/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +77 -53
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +20 -8
- data/third_party/boringssl/crypto/ec_extra/ec_derive.c +96 -0
- data/third_party/boringssl/crypto/{ecdh/ecdh.c → ecdh_extra/ecdh_extra.c} +20 -58
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -9
- data/third_party/boringssl/crypto/engine/engine.c +2 -1
- data/third_party/boringssl/crypto/err/err.c +2 -0
- data/third_party/boringssl/crypto/err/internal.h +2 -2
- data/third_party/boringssl/crypto/evp/evp.c +89 -8
- data/third_party/boringssl/crypto/evp/evp_asn1.c +56 -5
- data/third_party/boringssl/crypto/evp/evp_ctx.c +52 -14
- data/third_party/boringssl/crypto/evp/internal.h +18 -1
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_ec.c +51 -3
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +6 -7
- data/third_party/boringssl/crypto/evp/p_ed25519.c +36 -3
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +76 -45
- data/third_party/boringssl/crypto/evp/p_rsa.c +3 -1
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_x25519.c +110 -0
- data/third_party/boringssl/crypto/evp/p_x25519_asn1.c +249 -0
- data/third_party/boringssl/crypto/evp/scrypt.c +6 -2
- data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +34 -274
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +161 -21
- data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +111 -13
- data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +17 -21
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +119 -7
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +19 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +93 -160
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +48 -57
- data/third_party/boringssl/crypto/fipsmodule/bn/div_extra.c +87 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +143 -211
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -305
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd_extra.c +325 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +168 -50
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +68 -92
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +7 -6
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +11 -14
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +358 -443
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +25 -35
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +20 -25
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +76 -5
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +14 -14
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +7 -2
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +383 -516
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +4 -0
- data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +3 -4
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +3 -2
- data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +32 -17
- data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +228 -122
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +34 -8
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +311 -98
- data/third_party/boringssl/crypto/fipsmodule/ec/felem.c +82 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +263 -97
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +22 -59
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +317 -234
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9473 -9475
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +313 -109
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +36 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +96 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +126 -792
- data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +84 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/util.c +163 -12
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +84 -211
- data/third_party/boringssl/crypto/fipsmodule/ecdh/ecdh.c +122 -0
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +60 -205
- data/third_party/boringssl/crypto/fipsmodule/fips_shared_support.c +32 -0
- data/third_party/boringssl/crypto/fipsmodule/is_fips.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +3 -1
- data/third_party/boringssl/crypto/fipsmodule/md5/internal.h +37 -0
- data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +11 -8
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +35 -79
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +7 -39
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +7 -27
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +123 -309
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +189 -126
- data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +3 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +35 -0
- data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +24 -19
- data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +256 -77
- data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +10 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +5 -1
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +131 -14
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +83 -10
- data/third_party/boringssl/crypto/fipsmodule/sha/internal.h +53 -0
- data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +9 -13
- data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +18 -12
- data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +95 -168
- data/third_party/boringssl/crypto/hrss/hrss.c +2201 -0
- data/third_party/boringssl/crypto/hrss/internal.h +62 -0
- data/third_party/boringssl/crypto/internal.h +95 -20
- data/third_party/boringssl/crypto/lhash/lhash.c +45 -33
- data/third_party/boringssl/crypto/mem.c +39 -2
- data/third_party/boringssl/crypto/obj/obj.c +4 -4
- data/third_party/boringssl/crypto/obj/obj_dat.h +6181 -875
- data/third_party/boringssl/crypto/pem/pem_all.c +2 -3
- data/third_party/boringssl/crypto/pem/pem_info.c +144 -162
- data/third_party/boringssl/crypto/pem/pem_lib.c +53 -52
- data/third_party/boringssl/crypto/pem/pem_pkey.c +13 -21
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +15 -22
- data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +168 -16
- data/third_party/boringssl/crypto/pkcs8/internal.h +11 -0
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +24 -15
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +42 -25
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +559 -43
- data/third_party/boringssl/crypto/pool/internal.h +1 -1
- data/third_party/boringssl/crypto/pool/pool.c +21 -0
- data/third_party/boringssl/crypto/rand_extra/deterministic.c +8 -0
- data/third_party/boringssl/crypto/rand_extra/fuchsia.c +1 -14
- data/third_party/boringssl/crypto/refcount_lock.c +2 -2
- data/third_party/boringssl/crypto/rsa_extra/rsa_print.c +22 -0
- data/third_party/boringssl/crypto/siphash/siphash.c +80 -0
- data/third_party/boringssl/crypto/stack/stack.c +83 -32
- data/third_party/boringssl/crypto/thread_none.c +2 -2
- data/third_party/boringssl/crypto/thread_pthread.c +2 -2
- data/third_party/boringssl/crypto/thread_win.c +38 -19
- data/third_party/boringssl/crypto/x509/a_strex.c +22 -2
- data/third_party/boringssl/crypto/x509/asn1_gen.c +2 -1
- data/third_party/boringssl/crypto/x509/by_dir.c +7 -0
- data/third_party/boringssl/crypto/x509/by_file.c +12 -10
- data/third_party/boringssl/crypto/x509/t_crl.c +5 -8
- data/third_party/boringssl/crypto/x509/t_req.c +1 -3
- data/third_party/boringssl/crypto/x509/t_x509.c +5 -8
- data/third_party/boringssl/crypto/x509/x509_cmp.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_lu.c +114 -5
- data/third_party/boringssl/crypto/x509/x509_req.c +20 -0
- data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_trs.c +1 -0
- data/third_party/boringssl/crypto/x509/x509_txt.c +4 -5
- data/third_party/boringssl/crypto/x509/x509_vfy.c +145 -138
- data/third_party/boringssl/crypto/x509/x509_vpm.c +2 -0
- data/third_party/boringssl/crypto/x509/x509cset.c +40 -0
- data/third_party/boringssl/crypto/x509/x509name.c +2 -3
- data/third_party/boringssl/crypto/x509/x_all.c +109 -210
- data/third_party/boringssl/crypto/x509/x_x509.c +6 -0
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +1 -3
- data/third_party/boringssl/crypto/x509v3/internal.h +56 -0
- data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -0
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -0
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +4 -2
- data/third_party/boringssl/crypto/x509v3/v3_akey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +19 -13
- data/third_party/boringssl/crypto/x509v3/v3_conf.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +3 -2
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -6
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +1 -0
- data/third_party/boringssl/crypto/x509v3/v3_ocsp.c +68 -0
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +47 -69
- data/third_party/boringssl/crypto/x509v3/v3_skey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +69 -25
- data/third_party/boringssl/include/openssl/aead.h +45 -19
- data/third_party/boringssl/include/openssl/aes.h +32 -7
- data/third_party/boringssl/include/openssl/asn1.h +7 -77
- data/third_party/boringssl/include/openssl/base.h +120 -6
- data/third_party/boringssl/include/openssl/base64.h +4 -1
- data/third_party/boringssl/include/openssl/bio.h +112 -81
- data/third_party/boringssl/include/openssl/blowfish.h +3 -3
- data/third_party/boringssl/include/openssl/bn.h +55 -29
- data/third_party/boringssl/include/openssl/buf.h +2 -2
- data/third_party/boringssl/include/openssl/bytestring.h +54 -32
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/cipher.h +46 -16
- data/third_party/boringssl/include/openssl/cmac.h +6 -2
- data/third_party/boringssl/include/openssl/conf.h +3 -6
- data/third_party/boringssl/include/openssl/cpu.h +25 -9
- data/third_party/boringssl/include/openssl/crypto.h +32 -10
- data/third_party/boringssl/include/openssl/curve25519.h +4 -4
- data/third_party/boringssl/include/openssl/dh.h +3 -2
- data/third_party/boringssl/include/openssl/digest.h +21 -7
- data/third_party/boringssl/include/openssl/dsa.h +8 -2
- data/third_party/boringssl/include/openssl/e_os2.h +18 -0
- data/third_party/boringssl/include/openssl/ec.h +25 -21
- data/third_party/boringssl/include/openssl/ec_key.h +36 -8
- data/third_party/boringssl/include/openssl/ecdh.h +17 -0
- data/third_party/boringssl/include/openssl/ecdsa.h +3 -3
- data/third_party/boringssl/include/openssl/engine.h +4 -4
- data/third_party/boringssl/include/openssl/err.h +3 -0
- data/third_party/boringssl/include/openssl/evp.h +199 -42
- data/third_party/boringssl/include/openssl/hmac.h +4 -4
- data/third_party/boringssl/include/openssl/hrss.h +100 -0
- data/third_party/boringssl/include/openssl/lhash.h +131 -23
- data/third_party/boringssl/include/openssl/md4.h +6 -4
- data/third_party/boringssl/include/openssl/md5.h +6 -4
- data/third_party/boringssl/include/openssl/mem.h +6 -2
- data/third_party/boringssl/include/openssl/nid.h +3 -0
- data/third_party/boringssl/include/openssl/obj.h +3 -0
- data/third_party/boringssl/include/openssl/pem.h +102 -64
- data/third_party/boringssl/include/openssl/pkcs7.h +136 -3
- data/third_party/boringssl/include/openssl/pkcs8.h +42 -3
- data/third_party/boringssl/include/openssl/pool.h +13 -2
- data/third_party/boringssl/include/openssl/ripemd.h +5 -4
- data/third_party/boringssl/include/openssl/rsa.h +46 -15
- data/third_party/boringssl/include/openssl/sha.h +40 -28
- data/third_party/boringssl/include/openssl/siphash.h +37 -0
- data/third_party/boringssl/include/openssl/span.h +17 -9
- data/third_party/boringssl/include/openssl/ssl.h +766 -393
- data/third_party/boringssl/include/openssl/ssl3.h +4 -3
- data/third_party/boringssl/include/openssl/stack.h +134 -77
- data/third_party/boringssl/include/openssl/thread.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +25 -9
- data/third_party/boringssl/include/openssl/type_check.h +14 -15
- data/third_party/boringssl/include/openssl/x509.h +28 -3
- data/third_party/boringssl/include/openssl/x509_vfy.h +98 -32
- data/third_party/boringssl/include/openssl/x509v3.h +17 -13
- data/third_party/boringssl/ssl/d1_both.cc +9 -18
- data/third_party/boringssl/ssl/d1_lib.cc +4 -3
- data/third_party/boringssl/ssl/d1_pkt.cc +4 -4
- data/third_party/boringssl/ssl/d1_srtp.cc +15 -15
- data/third_party/boringssl/ssl/dtls_method.cc +0 -1
- data/third_party/boringssl/ssl/dtls_record.cc +28 -28
- data/third_party/boringssl/ssl/handoff.cc +295 -91
- data/third_party/boringssl/ssl/handshake.cc +133 -72
- data/third_party/boringssl/ssl/handshake_client.cc +218 -189
- data/third_party/boringssl/ssl/handshake_server.cc +399 -272
- data/third_party/boringssl/ssl/internal.h +1413 -928
- data/third_party/boringssl/ssl/s3_both.cc +175 -36
- data/third_party/boringssl/ssl/s3_lib.cc +9 -13
- data/third_party/boringssl/ssl/s3_pkt.cc +63 -29
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +55 -35
- data/third_party/boringssl/ssl/ssl_asn1.cc +57 -73
- data/third_party/boringssl/ssl/ssl_buffer.cc +13 -12
- data/third_party/boringssl/ssl/ssl_cert.cc +313 -210
- data/third_party/boringssl/ssl/ssl_cipher.cc +159 -221
- data/third_party/boringssl/ssl/ssl_file.cc +2 -0
- data/third_party/boringssl/ssl/ssl_key_share.cc +164 -19
- data/third_party/boringssl/ssl/ssl_lib.cc +847 -555
- data/third_party/boringssl/ssl/ssl_privkey.cc +441 -111
- data/third_party/boringssl/ssl/ssl_session.cc +230 -178
- data/third_party/boringssl/ssl/ssl_transcript.cc +21 -142
- data/third_party/boringssl/ssl/ssl_versions.cc +88 -93
- data/third_party/boringssl/ssl/ssl_x509.cc +279 -218
- data/third_party/boringssl/ssl/t1_enc.cc +5 -96
- data/third_party/boringssl/ssl/t1_lib.cc +931 -678
- data/third_party/boringssl/ssl/tls13_both.cc +251 -121
- data/third_party/boringssl/ssl/tls13_client.cc +129 -73
- data/third_party/boringssl/ssl/tls13_enc.cc +350 -282
- data/third_party/boringssl/ssl/tls13_server.cc +259 -192
- data/third_party/boringssl/ssl/tls_method.cc +26 -21
- data/third_party/boringssl/ssl/tls_record.cc +42 -47
- data/third_party/boringssl/third_party/fiat/curve25519.c +261 -1324
- data/third_party/boringssl/third_party/fiat/curve25519_32.h +911 -0
- data/third_party/boringssl/third_party/fiat/curve25519_64.h +559 -0
- data/third_party/boringssl/third_party/fiat/p256.c +238 -999
- data/third_party/boringssl/third_party/fiat/p256_32.h +3226 -0
- data/third_party/boringssl/third_party/fiat/p256_64.h +1217 -0
- data/third_party/upb/upb/port_def.inc +1 -1
- data/third_party/upb/upb/table.c +2 -1
- metadata +71 -43
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_load_balancer_api.h +0 -127
- data/src/core/lib/gpr/mpscq.cc +0 -117
- data/src/core/lib/gpr/mpscq.h +0 -88
- data/src/core/lib/gprpp/abstract.h +0 -47
- data/src/core/lib/gprpp/pair.h +0 -38
- data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
- data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
- data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
@@ -124,12 +124,22 @@ void CMAC_CTX_free(CMAC_CTX *ctx) {
|
|
124
124
|
OPENSSL_free(ctx);
|
125
125
|
}
|
126
126
|
|
127
|
-
|
128
|
-
|
129
|
-
|
127
|
+
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) {
|
128
|
+
if (!EVP_CIPHER_CTX_copy(&out->cipher_ctx, &in->cipher_ctx)) {
|
129
|
+
return 0;
|
130
|
+
}
|
131
|
+
OPENSSL_memcpy(out->k1, in->k1, AES_BLOCK_SIZE);
|
132
|
+
OPENSSL_memcpy(out->k2, in->k2, AES_BLOCK_SIZE);
|
133
|
+
OPENSSL_memcpy(out->block, in->block, AES_BLOCK_SIZE);
|
134
|
+
out->block_used = in->block_used;
|
135
|
+
return 1;
|
136
|
+
}
|
137
|
+
|
138
|
+
// binary_field_mul_x_128 treats the 128 bits at |in| as an element of GF(2¹²⁸)
|
139
|
+
// with a hard-coded reduction polynomial and sets |out| as x times the input.
|
130
140
|
//
|
131
141
|
// See https://tools.ietf.org/html/rfc4493#section-2.3
|
132
|
-
static void
|
142
|
+
static void binary_field_mul_x_128(uint8_t out[16], const uint8_t in[16]) {
|
133
143
|
unsigned i;
|
134
144
|
|
135
145
|
// Shift |in| to left, including carry.
|
@@ -142,23 +152,46 @@ static void binary_field_mul_x(uint8_t out[16], const uint8_t in[16]) {
|
|
142
152
|
out[i] = (in[i] << 1) ^ ((0 - carry) & 0x87);
|
143
153
|
}
|
144
154
|
|
155
|
+
// binary_field_mul_x_64 behaves like |binary_field_mul_x_128| but acts on an
|
156
|
+
// element of GF(2⁶⁴).
|
157
|
+
//
|
158
|
+
// See https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
|
159
|
+
static void binary_field_mul_x_64(uint8_t out[8], const uint8_t in[8]) {
|
160
|
+
unsigned i;
|
161
|
+
|
162
|
+
// Shift |in| to left, including carry.
|
163
|
+
for (i = 0; i < 7; i++) {
|
164
|
+
out[i] = (in[i] << 1) | (in[i+1] >> 7);
|
165
|
+
}
|
166
|
+
|
167
|
+
// If MSB set fixup with R.
|
168
|
+
const uint8_t carry = in[0] >> 7;
|
169
|
+
out[i] = (in[i] << 1) ^ ((0 - carry) & 0x1b);
|
170
|
+
}
|
171
|
+
|
145
172
|
static const uint8_t kZeroIV[AES_BLOCK_SIZE] = {0};
|
146
173
|
|
147
174
|
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t key_len,
|
148
175
|
const EVP_CIPHER *cipher, ENGINE *engine) {
|
149
176
|
uint8_t scratch[AES_BLOCK_SIZE];
|
150
177
|
|
151
|
-
|
178
|
+
size_t block_size = EVP_CIPHER_block_size(cipher);
|
179
|
+
if ((block_size != AES_BLOCK_SIZE && block_size != 8 /* 3-DES */) ||
|
152
180
|
EVP_CIPHER_key_length(cipher) != key_len ||
|
153
181
|
!EVP_EncryptInit_ex(&ctx->cipher_ctx, cipher, NULL, key, kZeroIV) ||
|
154
|
-
!EVP_Cipher(&ctx->cipher_ctx, scratch, kZeroIV,
|
182
|
+
!EVP_Cipher(&ctx->cipher_ctx, scratch, kZeroIV, block_size) ||
|
155
183
|
// Reset context again ready for first data.
|
156
184
|
!EVP_EncryptInit_ex(&ctx->cipher_ctx, NULL, NULL, NULL, kZeroIV)) {
|
157
185
|
return 0;
|
158
186
|
}
|
159
187
|
|
160
|
-
|
161
|
-
|
188
|
+
if (block_size == AES_BLOCK_SIZE) {
|
189
|
+
binary_field_mul_x_128(ctx->k1, scratch);
|
190
|
+
binary_field_mul_x_128(ctx->k2, ctx->k1);
|
191
|
+
} else {
|
192
|
+
binary_field_mul_x_64(ctx->k1, scratch);
|
193
|
+
binary_field_mul_x_64(ctx->k2, ctx->k1);
|
194
|
+
}
|
162
195
|
ctx->block_used = 0;
|
163
196
|
|
164
197
|
return 1;
|
@@ -170,10 +203,12 @@ int CMAC_Reset(CMAC_CTX *ctx) {
|
|
170
203
|
}
|
171
204
|
|
172
205
|
int CMAC_Update(CMAC_CTX *ctx, const uint8_t *in, size_t in_len) {
|
206
|
+
size_t block_size = EVP_CIPHER_CTX_block_size(&ctx->cipher_ctx);
|
207
|
+
assert(block_size <= AES_BLOCK_SIZE);
|
173
208
|
uint8_t scratch[AES_BLOCK_SIZE];
|
174
209
|
|
175
210
|
if (ctx->block_used > 0) {
|
176
|
-
size_t todo =
|
211
|
+
size_t todo = block_size - ctx->block_used;
|
177
212
|
if (in_len < todo) {
|
178
213
|
todo = in_len;
|
179
214
|
}
|
@@ -184,28 +219,28 @@ int CMAC_Update(CMAC_CTX *ctx, const uint8_t *in, size_t in_len) {
|
|
184
219
|
ctx->block_used += todo;
|
185
220
|
|
186
221
|
// If |in_len| is zero then either |ctx->block_used| is less than
|
187
|
-
// |
|
188
|
-
//
|
189
|
-
//
|
190
|
-
//
|
222
|
+
// |block_size|, in which case we can stop here, or |ctx->block_used| is
|
223
|
+
// exactly |block_size| but there's no more data to process. In the latter
|
224
|
+
// case we don't want to process this block now because it might be the last
|
225
|
+
// block and that block is treated specially.
|
191
226
|
if (in_len == 0) {
|
192
227
|
return 1;
|
193
228
|
}
|
194
229
|
|
195
|
-
assert(ctx->block_used ==
|
230
|
+
assert(ctx->block_used == block_size);
|
196
231
|
|
197
|
-
if (!EVP_Cipher(&ctx->cipher_ctx, scratch, ctx->block,
|
232
|
+
if (!EVP_Cipher(&ctx->cipher_ctx, scratch, ctx->block, block_size)) {
|
198
233
|
return 0;
|
199
234
|
}
|
200
235
|
}
|
201
236
|
|
202
237
|
// Encrypt all but one of the remaining blocks.
|
203
|
-
while (in_len >
|
204
|
-
if (!EVP_Cipher(&ctx->cipher_ctx, scratch, in,
|
238
|
+
while (in_len > block_size) {
|
239
|
+
if (!EVP_Cipher(&ctx->cipher_ctx, scratch, in, block_size)) {
|
205
240
|
return 0;
|
206
241
|
}
|
207
|
-
in +=
|
208
|
-
in_len -=
|
242
|
+
in += block_size;
|
243
|
+
in_len -= block_size;
|
209
244
|
}
|
210
245
|
|
211
246
|
OPENSSL_memcpy(ctx->block, in, in_len);
|
@@ -215,27 +250,29 @@ int CMAC_Update(CMAC_CTX *ctx, const uint8_t *in, size_t in_len) {
|
|
215
250
|
}
|
216
251
|
|
217
252
|
int CMAC_Final(CMAC_CTX *ctx, uint8_t *out, size_t *out_len) {
|
218
|
-
|
253
|
+
size_t block_size = EVP_CIPHER_CTX_block_size(&ctx->cipher_ctx);
|
254
|
+
assert(block_size <= AES_BLOCK_SIZE);
|
255
|
+
|
256
|
+
*out_len = block_size;
|
219
257
|
if (out == NULL) {
|
220
258
|
return 1;
|
221
259
|
}
|
222
260
|
|
223
261
|
const uint8_t *mask = ctx->k1;
|
224
262
|
|
225
|
-
if (ctx->block_used !=
|
263
|
+
if (ctx->block_used != block_size) {
|
226
264
|
// If the last block is incomplete, terminate it with a single 'one' bit
|
227
265
|
// followed by zeros.
|
228
266
|
ctx->block[ctx->block_used] = 0x80;
|
229
267
|
OPENSSL_memset(ctx->block + ctx->block_used + 1, 0,
|
230
|
-
|
268
|
+
block_size - (ctx->block_used + 1));
|
231
269
|
|
232
270
|
mask = ctx->k2;
|
233
271
|
}
|
234
272
|
|
235
|
-
unsigned i;
|
236
|
-
for (i = 0; i < AES_BLOCK_SIZE; i++) {
|
273
|
+
for (unsigned i = 0; i < block_size; i++) {
|
237
274
|
out[i] = ctx->block[i] ^ mask[i];
|
238
275
|
}
|
239
276
|
|
240
|
-
return EVP_Cipher(&ctx->cipher_ctx, out, out,
|
277
|
+
return EVP_Cipher(&ctx->cipher_ctx, out, out, block_size);
|
241
278
|
}
|
@@ -62,6 +62,7 @@
|
|
62
62
|
#include <openssl/bio.h>
|
63
63
|
#include <openssl/buf.h>
|
64
64
|
#include <openssl/err.h>
|
65
|
+
#include <openssl/lhash.h>
|
65
66
|
#include <openssl/mem.h>
|
66
67
|
|
67
68
|
#include "conf_def.h"
|
@@ -69,6 +70,12 @@
|
|
69
70
|
#include "../internal.h"
|
70
71
|
|
71
72
|
|
73
|
+
DEFINE_LHASH_OF(CONF_VALUE)
|
74
|
+
|
75
|
+
struct conf_st {
|
76
|
+
LHASH_OF(CONF_VALUE) *data;
|
77
|
+
};
|
78
|
+
|
72
79
|
// The maximum length we can grow a value to after variable expansion. 64k
|
73
80
|
// should be more than enough for all reasonable uses.
|
74
81
|
#define MAX_CONF_VALUE_LENGTH 65536
|
@@ -15,10 +15,8 @@
|
|
15
15
|
#include <openssl/cpu.h>
|
16
16
|
|
17
17
|
#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP)
|
18
|
-
|
19
18
|
#include <errno.h>
|
20
19
|
#include <fcntl.h>
|
21
|
-
#include <string.h>
|
22
20
|
#include <sys/types.h>
|
23
21
|
#include <unistd.h>
|
24
22
|
|
@@ -26,21 +24,11 @@
|
|
26
24
|
#include <openssl/buf.h>
|
27
25
|
#include <openssl/mem.h>
|
28
26
|
|
29
|
-
#include "
|
30
|
-
|
27
|
+
#include "cpu-arm-linux.h"
|
31
28
|
|
32
29
|
#define AT_HWCAP 16
|
33
30
|
#define AT_HWCAP2 26
|
34
31
|
|
35
|
-
#define HWCAP_NEON (1 << 12)
|
36
|
-
|
37
|
-
// See /usr/include/asm/hwcap.h on an ARM installation for the source of
|
38
|
-
// these values.
|
39
|
-
#define HWCAP2_AES (1 << 0)
|
40
|
-
#define HWCAP2_PMULL (1 << 1)
|
41
|
-
#define HWCAP2_SHA1 (1 << 2)
|
42
|
-
#define HWCAP2_SHA2 (1 << 3)
|
43
|
-
|
44
32
|
// |getauxval| is not available on Android until API level 20. Link it as a weak
|
45
33
|
// symbol and use other methods as fallback.
|
46
34
|
unsigned long getauxval(unsigned long type) __attribute__((weak));
|
@@ -154,138 +142,6 @@ static unsigned long getauxval_proc(unsigned long type) {
|
|
154
142
|
return 0;
|
155
143
|
}
|
156
144
|
|
157
|
-
typedef struct {
|
158
|
-
const char *data;
|
159
|
-
size_t len;
|
160
|
-
} STRING_PIECE;
|
161
|
-
|
162
|
-
static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
|
163
|
-
size_t b_len = strlen(b);
|
164
|
-
return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
|
165
|
-
}
|
166
|
-
|
167
|
-
// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
|
168
|
-
// sets |*out_left| and |*out_right| to |in| split before and after it. It
|
169
|
-
// returns one if |sep| was found and zero otherwise.
|
170
|
-
static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
|
171
|
-
const STRING_PIECE *in, char sep) {
|
172
|
-
const char *p = OPENSSL_memchr(in->data, sep, in->len);
|
173
|
-
if (p == NULL) {
|
174
|
-
return 0;
|
175
|
-
}
|
176
|
-
// |out_left| or |out_right| may alias |in|, so make a copy.
|
177
|
-
STRING_PIECE in_copy = *in;
|
178
|
-
out_left->data = in_copy.data;
|
179
|
-
out_left->len = p - in_copy.data;
|
180
|
-
out_right->data = in_copy.data + out_left->len + 1;
|
181
|
-
out_right->len = in_copy.len - out_left->len - 1;
|
182
|
-
return 1;
|
183
|
-
}
|
184
|
-
|
185
|
-
// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
|
186
|
-
static void STRING_PIECE_trim(STRING_PIECE *s) {
|
187
|
-
while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
|
188
|
-
s->data++;
|
189
|
-
s->len--;
|
190
|
-
}
|
191
|
-
while (s->len != 0 &&
|
192
|
-
(s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
|
193
|
-
s->len--;
|
194
|
-
}
|
195
|
-
}
|
196
|
-
|
197
|
-
// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
|
198
|
-
// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
|
199
|
-
// returns zero.
|
200
|
-
static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
|
201
|
-
const char *field) {
|
202
|
-
// Process |in| one line at a time.
|
203
|
-
STRING_PIECE remaining = *in, line;
|
204
|
-
while (STRING_PIECE_split(&line, &remaining, &remaining, '\n')) {
|
205
|
-
STRING_PIECE key, value;
|
206
|
-
if (!STRING_PIECE_split(&key, &value, &line, ':')) {
|
207
|
-
continue;
|
208
|
-
}
|
209
|
-
STRING_PIECE_trim(&key);
|
210
|
-
if (STRING_PIECE_equals(&key, field)) {
|
211
|
-
STRING_PIECE_trim(&value);
|
212
|
-
*out = value;
|
213
|
-
return 1;
|
214
|
-
}
|
215
|
-
}
|
216
|
-
|
217
|
-
return 0;
|
218
|
-
}
|
219
|
-
|
220
|
-
static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
|
221
|
-
const char *value) {
|
222
|
-
STRING_PIECE extracted;
|
223
|
-
return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
|
224
|
-
STRING_PIECE_equals(&extracted, value);
|
225
|
-
}
|
226
|
-
|
227
|
-
// has_list_item treats |list| as a space-separated list of items and returns
|
228
|
-
// one if |item| is contained in |list| and zero otherwise.
|
229
|
-
static int has_list_item(const STRING_PIECE *list, const char *item) {
|
230
|
-
STRING_PIECE remaining = *list, feature;
|
231
|
-
while (STRING_PIECE_split(&feature, &remaining, &remaining, ' ')) {
|
232
|
-
if (STRING_PIECE_equals(&feature, item)) {
|
233
|
-
return 1;
|
234
|
-
}
|
235
|
-
}
|
236
|
-
return 0;
|
237
|
-
}
|
238
|
-
|
239
|
-
static unsigned long get_hwcap_cpuinfo(const STRING_PIECE *cpuinfo) {
|
240
|
-
if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
|
241
|
-
// This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
|
242
|
-
// available on ARMv8. Linux omits required features, so reading the
|
243
|
-
// "Features" line does not work. (For simplicity, use strict equality. We
|
244
|
-
// assume everything running on future ARM architectures will have a
|
245
|
-
// working |getauxval|.)
|
246
|
-
return HWCAP_NEON;
|
247
|
-
}
|
248
|
-
|
249
|
-
STRING_PIECE features;
|
250
|
-
if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
|
251
|
-
has_list_item(&features, "neon")) {
|
252
|
-
return HWCAP_NEON;
|
253
|
-
}
|
254
|
-
return 0;
|
255
|
-
}
|
256
|
-
|
257
|
-
static unsigned long get_hwcap2_cpuinfo(const STRING_PIECE *cpuinfo) {
|
258
|
-
STRING_PIECE features;
|
259
|
-
if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
|
260
|
-
return 0;
|
261
|
-
}
|
262
|
-
|
263
|
-
unsigned long ret = 0;
|
264
|
-
if (has_list_item(&features, "aes")) {
|
265
|
-
ret |= HWCAP2_AES;
|
266
|
-
}
|
267
|
-
if (has_list_item(&features, "pmull")) {
|
268
|
-
ret |= HWCAP2_PMULL;
|
269
|
-
}
|
270
|
-
if (has_list_item(&features, "sha1")) {
|
271
|
-
ret |= HWCAP2_SHA1;
|
272
|
-
}
|
273
|
-
if (has_list_item(&features, "sha2")) {
|
274
|
-
ret |= HWCAP2_SHA2;
|
275
|
-
}
|
276
|
-
return ret;
|
277
|
-
}
|
278
|
-
|
279
|
-
// has_broken_neon returns one if |in| matches a CPU known to have a broken
|
280
|
-
// NEON unit. See https://crbug.com/341598.
|
281
|
-
static int has_broken_neon(const STRING_PIECE *cpuinfo) {
|
282
|
-
return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
|
283
|
-
cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
|
284
|
-
cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
|
285
|
-
cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
|
286
|
-
cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
|
287
|
-
}
|
288
|
-
|
289
145
|
extern uint32_t OPENSSL_armcap_P;
|
290
146
|
|
291
147
|
static int g_has_broken_neon, g_needs_hwcap2_workaround;
|
@@ -315,11 +171,11 @@ void OPENSSL_cpuid_setup(void) {
|
|
315
171
|
hwcap = getauxval_proc(AT_HWCAP);
|
316
172
|
}
|
317
173
|
if (hwcap == 0) {
|
318
|
-
hwcap =
|
174
|
+
hwcap = crypto_get_arm_hwcap_from_cpuinfo(&cpuinfo);
|
319
175
|
}
|
320
176
|
|
321
177
|
// Clear NEON support if known broken.
|
322
|
-
g_has_broken_neon =
|
178
|
+
g_has_broken_neon = crypto_cpuinfo_has_broken_neon(&cpuinfo);
|
323
179
|
if (g_has_broken_neon) {
|
324
180
|
hwcap &= ~HWCAP_NEON;
|
325
181
|
}
|
@@ -335,7 +191,7 @@ void OPENSSL_cpuid_setup(void) {
|
|
335
191
|
hwcap2 = getauxval(AT_HWCAP2);
|
336
192
|
}
|
337
193
|
if (hwcap2 == 0) {
|
338
|
-
hwcap2 =
|
194
|
+
hwcap2 = crypto_get_arm_hwcap2_from_cpuinfo(&cpuinfo);
|
339
195
|
g_needs_hwcap2_workaround = hwcap2 != 0;
|
340
196
|
}
|
341
197
|
|
@@ -0,0 +1,201 @@
|
|
1
|
+
/* Copyright (c) 2018, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#ifndef OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
|
16
|
+
#define OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
|
17
|
+
|
18
|
+
#include <openssl/base.h>
|
19
|
+
|
20
|
+
#include <string.h>
|
21
|
+
|
22
|
+
#include "internal.h"
|
23
|
+
|
24
|
+
#if defined(__cplusplus)
|
25
|
+
extern "C" {
|
26
|
+
#endif
|
27
|
+
|
28
|
+
|
29
|
+
// The cpuinfo parser lives in a header file so it may be accessible from
|
30
|
+
// cross-platform fuzzers without adding code to those platforms normally.
|
31
|
+
|
32
|
+
#define HWCAP_NEON (1 << 12)
|
33
|
+
|
34
|
+
// See /usr/include/asm/hwcap.h on an ARM installation for the source of
|
35
|
+
// these values.
|
36
|
+
#define HWCAP2_AES (1 << 0)
|
37
|
+
#define HWCAP2_PMULL (1 << 1)
|
38
|
+
#define HWCAP2_SHA1 (1 << 2)
|
39
|
+
#define HWCAP2_SHA2 (1 << 3)
|
40
|
+
|
41
|
+
typedef struct {
|
42
|
+
const char *data;
|
43
|
+
size_t len;
|
44
|
+
} STRING_PIECE;
|
45
|
+
|
46
|
+
static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
|
47
|
+
size_t b_len = strlen(b);
|
48
|
+
return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
|
49
|
+
}
|
50
|
+
|
51
|
+
// STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
|
52
|
+
// sets |*out_left| and |*out_right| to |in| split before and after it. It
|
53
|
+
// returns one if |sep| was found and zero otherwise.
|
54
|
+
static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
|
55
|
+
const STRING_PIECE *in, char sep) {
|
56
|
+
const char *p = (const char *)OPENSSL_memchr(in->data, sep, in->len);
|
57
|
+
if (p == NULL) {
|
58
|
+
return 0;
|
59
|
+
}
|
60
|
+
// |out_left| or |out_right| may alias |in|, so make a copy.
|
61
|
+
STRING_PIECE in_copy = *in;
|
62
|
+
out_left->data = in_copy.data;
|
63
|
+
out_left->len = p - in_copy.data;
|
64
|
+
out_right->data = in_copy.data + out_left->len + 1;
|
65
|
+
out_right->len = in_copy.len - out_left->len - 1;
|
66
|
+
return 1;
|
67
|
+
}
|
68
|
+
|
69
|
+
// STRING_PIECE_get_delimited reads a |sep|-delimited entry from |s|, writing it
|
70
|
+
// to |out| and updating |s| to point beyond it. It returns one on success and
|
71
|
+
// zero if |s| is empty. If |s| is has no copies of |sep| and is non-empty, it
|
72
|
+
// reads the entire string to |out|.
|
73
|
+
static int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, char sep) {
|
74
|
+
if (s->len == 0) {
|
75
|
+
return 0;
|
76
|
+
}
|
77
|
+
if (!STRING_PIECE_split(out, s, s, sep)) {
|
78
|
+
// |s| had no instances of |sep|. Return the entire string.
|
79
|
+
*out = *s;
|
80
|
+
s->data += s->len;
|
81
|
+
s->len = 0;
|
82
|
+
}
|
83
|
+
return 1;
|
84
|
+
}
|
85
|
+
|
86
|
+
// STRING_PIECE_trim removes leading and trailing whitespace from |s|.
|
87
|
+
static void STRING_PIECE_trim(STRING_PIECE *s) {
|
88
|
+
while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) {
|
89
|
+
s->data++;
|
90
|
+
s->len--;
|
91
|
+
}
|
92
|
+
while (s->len != 0 &&
|
93
|
+
(s->data[s->len - 1] == ' ' || s->data[s->len - 1] == '\t')) {
|
94
|
+
s->len--;
|
95
|
+
}
|
96
|
+
}
|
97
|
+
|
98
|
+
// extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from
|
99
|
+
// |in|. If found, it sets |*out| to the value and returns one. Otherwise, it
|
100
|
+
// returns zero.
|
101
|
+
static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in,
|
102
|
+
const char *field) {
|
103
|
+
// Process |in| one line at a time.
|
104
|
+
STRING_PIECE remaining = *in, line;
|
105
|
+
while (STRING_PIECE_get_delimited(&remaining, &line, '\n')) {
|
106
|
+
STRING_PIECE key, value;
|
107
|
+
if (!STRING_PIECE_split(&key, &value, &line, ':')) {
|
108
|
+
continue;
|
109
|
+
}
|
110
|
+
STRING_PIECE_trim(&key);
|
111
|
+
if (STRING_PIECE_equals(&key, field)) {
|
112
|
+
STRING_PIECE_trim(&value);
|
113
|
+
*out = value;
|
114
|
+
return 1;
|
115
|
+
}
|
116
|
+
}
|
117
|
+
|
118
|
+
return 0;
|
119
|
+
}
|
120
|
+
|
121
|
+
static int cpuinfo_field_equals(const STRING_PIECE *cpuinfo, const char *field,
|
122
|
+
const char *value) {
|
123
|
+
STRING_PIECE extracted;
|
124
|
+
return extract_cpuinfo_field(&extracted, cpuinfo, field) &&
|
125
|
+
STRING_PIECE_equals(&extracted, value);
|
126
|
+
}
|
127
|
+
|
128
|
+
// has_list_item treats |list| as a space-separated list of items and returns
|
129
|
+
// one if |item| is contained in |list| and zero otherwise.
|
130
|
+
static int has_list_item(const STRING_PIECE *list, const char *item) {
|
131
|
+
STRING_PIECE remaining = *list, feature;
|
132
|
+
while (STRING_PIECE_get_delimited(&remaining, &feature, ' ')) {
|
133
|
+
if (STRING_PIECE_equals(&feature, item)) {
|
134
|
+
return 1;
|
135
|
+
}
|
136
|
+
}
|
137
|
+
return 0;
|
138
|
+
}
|
139
|
+
|
140
|
+
// crypto_get_arm_hwcap_from_cpuinfo returns an equivalent ARM |AT_HWCAP| value
|
141
|
+
// from |cpuinfo|.
|
142
|
+
static unsigned long crypto_get_arm_hwcap_from_cpuinfo(
|
143
|
+
const STRING_PIECE *cpuinfo) {
|
144
|
+
if (cpuinfo_field_equals(cpuinfo, "CPU architecture", "8")) {
|
145
|
+
// This is a 32-bit ARM binary running on a 64-bit kernel. NEON is always
|
146
|
+
// available on ARMv8. Linux omits required features, so reading the
|
147
|
+
// "Features" line does not work. (For simplicity, use strict equality. We
|
148
|
+
// assume everything running on future ARM architectures will have a
|
149
|
+
// working |getauxval|.)
|
150
|
+
return HWCAP_NEON;
|
151
|
+
}
|
152
|
+
|
153
|
+
STRING_PIECE features;
|
154
|
+
if (extract_cpuinfo_field(&features, cpuinfo, "Features") &&
|
155
|
+
has_list_item(&features, "neon")) {
|
156
|
+
return HWCAP_NEON;
|
157
|
+
}
|
158
|
+
return 0;
|
159
|
+
}
|
160
|
+
|
161
|
+
// crypto_get_arm_hwcap2_from_cpuinfo returns an equivalent ARM |AT_HWCAP2|
|
162
|
+
// value from |cpuinfo|.
|
163
|
+
static unsigned long crypto_get_arm_hwcap2_from_cpuinfo(
|
164
|
+
const STRING_PIECE *cpuinfo) {
|
165
|
+
STRING_PIECE features;
|
166
|
+
if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) {
|
167
|
+
return 0;
|
168
|
+
}
|
169
|
+
|
170
|
+
unsigned long ret = 0;
|
171
|
+
if (has_list_item(&features, "aes")) {
|
172
|
+
ret |= HWCAP2_AES;
|
173
|
+
}
|
174
|
+
if (has_list_item(&features, "pmull")) {
|
175
|
+
ret |= HWCAP2_PMULL;
|
176
|
+
}
|
177
|
+
if (has_list_item(&features, "sha1")) {
|
178
|
+
ret |= HWCAP2_SHA1;
|
179
|
+
}
|
180
|
+
if (has_list_item(&features, "sha2")) {
|
181
|
+
ret |= HWCAP2_SHA2;
|
182
|
+
}
|
183
|
+
return ret;
|
184
|
+
}
|
185
|
+
|
186
|
+
// crypto_cpuinfo_has_broken_neon returns one if |cpuinfo| matches a CPU known
|
187
|
+
// to have broken NEON unit and zero otherwise. See https://crbug.com/341598.
|
188
|
+
static int crypto_cpuinfo_has_broken_neon(const STRING_PIECE *cpuinfo) {
|
189
|
+
return cpuinfo_field_equals(cpuinfo, "CPU implementer", "0x51") &&
|
190
|
+
cpuinfo_field_equals(cpuinfo, "CPU architecture", "7") &&
|
191
|
+
cpuinfo_field_equals(cpuinfo, "CPU variant", "0x1") &&
|
192
|
+
cpuinfo_field_equals(cpuinfo, "CPU part", "0x04d") &&
|
193
|
+
cpuinfo_field_equals(cpuinfo, "CPU revision", "0");
|
194
|
+
}
|
195
|
+
|
196
|
+
|
197
|
+
#if defined(__cplusplus)
|
198
|
+
} // extern C
|
199
|
+
#endif
|
200
|
+
|
201
|
+
#endif // OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
|