grpc 1.24.0 → 1.25.0.pre1

data/third_party/boringssl/crypto/pool/internal.h

@@ -23,7 +23,7 @@ extern "C" {
 #endif
 
 
-DECLARE_LHASH_OF(CRYPTO_BUFFER);
+DECLARE_LHASH_OF(CRYPTO_BUFFER)
 
 struct crypto_buffer_st {
   CRYPTO_BUFFER_POOL *pool;

data/third_party/boringssl/crypto/pool/pool.c

@@ -26,6 +26,8 @@
 #include "internal.h"
 
 
+DEFINE_LHASH_OF(CRYPTO_BUFFER)
+
 static uint32_t CRYPTO_BUFFER_hash(const CRYPTO_BUFFER *buf) {
   return OPENSSL_hash32(buf->data, buf->len);
 }
@@ -135,6 +137,25 @@ CRYPTO_BUFFER *CRYPTO_BUFFER_new(const uint8_t *data, size_t len,
   return buf;
 }
 
+CRYPTO_BUFFER *CRYPTO_BUFFER_alloc(uint8_t **out_data, size_t len) {
+  CRYPTO_BUFFER *const buf = OPENSSL_malloc(sizeof(CRYPTO_BUFFER));
+  if (buf == NULL) {
+    return NULL;
+  }
+  OPENSSL_memset(buf, 0, sizeof(CRYPTO_BUFFER));
+
+  buf->data = OPENSSL_malloc(len);
+  if (len != 0 && buf->data == NULL) {
+    OPENSSL_free(buf);
+    return NULL;
+  }
+  buf->len = len;
+  buf->references = 1;
+
+  *out_data = buf->data;
+  return buf;
+}
+
 CRYPTO_BUFFER* CRYPTO_BUFFER_new_from_CBS(CBS *cbs, CRYPTO_BUFFER_POOL *pool) {
   return CRYPTO_BUFFER_new(CBS_data(cbs), CBS_len(cbs), pool);
 }

data/third_party/boringssl/crypto/rand_extra/deterministic.c

@@ -45,4 +45,12 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
   g_num_calls++;
 }
 
+void CRYPTO_sysrand_for_seed(uint8_t *out, size_t requested) {
+  CRYPTO_sysrand(out, requested);
+}
+
+void CRYPTO_sysrand_if_available(uint8_t *out, size_t requested) {
+  CRYPTO_sysrand(out, requested);
+}
+
 #endif  // BORINGSSL_UNSAFE_DETERMINISTIC_MODE

data/third_party/boringssl/crypto/rand_extra/fuchsia.c

@@ -24,20 +24,7 @@
 #include "../fipsmodule/rand/internal.h"
 
 void CRYPTO_sysrand(uint8_t *out, size_t requested) {
-  while (requested > 0) {
-    size_t output_bytes_this_pass = ZX_CPRNG_DRAW_MAX_LEN;
-    if (requested < output_bytes_this_pass) {
-      output_bytes_this_pass = requested;
-    }
-    size_t bytes_drawn;
-    zx_status_t status =
-        zx_cprng_draw(out, output_bytes_this_pass, &bytes_drawn);
-    if (status != ZX_OK) {
-      abort();
-    }
-    requested -= bytes_drawn;
-    out += bytes_drawn;
-  }
+  zx_cprng_draw(out, requested);
 }
 
 #endif  // OPENSSL_FUCHSIA && !BORINGSSL_UNSAFE_DETERMINISTIC_MODE

data/third_party/boringssl/crypto/refcount_lock.c

@@ -21,8 +21,8 @@
 
 #if !defined(OPENSSL_C11_ATOMIC)
 
-OPENSSL_COMPILE_ASSERT((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX,
-                       CRYPTO_REFCOUNT_MAX_is_incorrect);
+OPENSSL_STATIC_ASSERT((CRYPTO_refcount_t)-1 == CRYPTO_REFCOUNT_MAX,
+                      "CRYPTO_REFCOUNT_MAX is incorrect");
 
 static struct CRYPTO_STATIC_MUTEX g_refcount_lock = CRYPTO_STATIC_MUTEX_INIT;
 

data/third_party/boringssl/crypto/rsa_extra/rsa_print.c

@@ -0,0 +1,22 @@
+/*
+ * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/rsa.h>
+
+#include <openssl/evp.h>
+
+
+int RSA_print(BIO *bio, const RSA *rsa, int indent) {
+  EVP_PKEY *pkey = EVP_PKEY_new();
+  int ret = pkey != NULL &&
+            EVP_PKEY_set1_RSA(pkey, (RSA *)rsa) &&
+            EVP_PKEY_print_private(bio, pkey, indent, NULL);
+  EVP_PKEY_free(pkey);
+  return ret;
+}

data/third_party/boringssl/crypto/siphash/siphash.c

@@ -0,0 +1,80 @@
+/* Copyright (c) 2019, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include <stdint.h>
+#include <string.h>
+
+#include <openssl/siphash.h>
+
+
+static void siphash_round(uint64_t v[4]) {
+  v[0] += v[1];
+  v[2] += v[3];
+  v[1] = (v[1] << 13) | (v[1] >> (64 - 13));
+  v[3] = (v[3] << 16) | (v[3] >> (64 - 16));
+  v[1] ^= v[0];
+  v[3] ^= v[2];
+  v[0] = (v[0] << 32) | (v[0] >> 32);
+  v[2] += v[1];
+  v[0] += v[3];
+  v[1] = (v[1] << 17) | (v[1] >> (64 - 17));
+  v[3] = (v[3] << 21) | (v[3] >> (64 - 21));
+  v[1] ^= v[2];
+  v[3] ^= v[0];
+  v[2] = (v[2] << 32) | (v[2] >> 32);
+}
+
+uint64_t SIPHASH_24(const uint64_t key[2], const uint8_t *input,
+                    size_t input_len) {
+  const size_t orig_input_len = input_len;
+
+  uint64_t v[4];
+  v[0] = key[0] ^ UINT64_C(0x736f6d6570736575);
+  v[1] = key[1] ^ UINT64_C(0x646f72616e646f6d);
+  v[2] = key[0] ^ UINT64_C(0x6c7967656e657261);
+  v[3] = key[1] ^ UINT64_C(0x7465646279746573);
+
+  while (input_len >= sizeof(uint64_t)) {
+    uint64_t m;
+    memcpy(&m, input, sizeof(m));
+    v[3] ^= m;
+    siphash_round(v);
+    siphash_round(v);
+    v[0] ^= m;
+
+    input += sizeof(uint64_t);
+    input_len -= sizeof(uint64_t);
+  }
+
+  union {
+    uint8_t bytes[8];
+    uint64_t word;
+  } last_block;
+  last_block.word = 0;
+  memcpy(last_block.bytes, input, input_len);
+  last_block.bytes[7] = orig_input_len & 0xff;
+
+  v[3] ^= last_block.word;
+  siphash_round(v);
+  siphash_round(v);
+  v[0] ^= last_block.word;
+
+  v[2] ^= 0xff;
+  siphash_round(v);
+  siphash_round(v);
+  siphash_round(v);
+  siphash_round(v);
+
+  return v[0] ^ v[1] ^ v[2] ^ v[3];
+}

data/third_party/boringssl/crypto/stack/stack.c

@@ -56,6 +56,7 @@
 
 #include <openssl/stack.h>
 
+#include <assert.h>
 #include <string.h>
 
 #include <openssl/mem.h>
@@ -133,19 +134,31 @@ void sk_free(_STACK *sk) {
   OPENSSL_free(sk);
 }
 
-void sk_pop_free(_STACK *sk, void (*func)(void *)) {
+void sk_pop_free_ex(_STACK *sk, void (*call_free_func)(stack_free_func, void *),
+                    stack_free_func free_func) {
   if (sk == NULL) {
     return;
   }
 
   for (size_t i = 0; i < sk->num; i++) {
     if (sk->data[i] != NULL) {
-      func(sk->data[i]);
+      call_free_func(free_func, sk->data[i]);
     }
   }
   sk_free(sk);
 }
 
+// Historically, |sk_pop_free| called the function as |stack_free_func|
+// directly. This is undefined in C. Some callers called |sk_pop_free| directly,
+// so we must maintain a compatibility version for now.
+static void call_free_func_legacy(stack_free_func func, void *ptr) {
+  func(ptr);
+}
+
+void sk_pop_free(_STACK *sk, stack_free_func free_func) {
+  sk_pop_free_ex(sk, call_free_func_legacy, free_func);
+}
+
 size_t sk_insert(_STACK *sk, void *p, size_t where) {
   if (sk == NULL) {
     return 0;
@@ -209,7 +222,7 @@ void *sk_delete(_STACK *sk, size_t where) {
   return ret;
 }
 
-void *sk_delete_ptr(_STACK *sk, void *p) {
+void *sk_delete_ptr(_STACK *sk, const void *p) {
   if (sk == NULL) {
     return NULL;
   }
@@ -223,7 +236,9 @@ void *sk_delete_ptr(_STACK *sk, void *p) {
   return NULL;
 }
 
-int sk_find(_STACK *sk, size_t *out_index, void *p) {
+int sk_find(const _STACK *sk, size_t *out_index, const void *p,
+            int (*call_cmp_func)(stack_cmp_func, const void **,
+                                 const void **)) {
   if (sk == NULL) {
     return 0;
   }
@@ -245,28 +260,52 @@ int sk_find(_STACK *sk, size_t *out_index, void *p) {
     return 0;
   }
 
-  sk_sort(sk);
-
-  // sk->comp is a function that takes pointers to pointers to elements, but
-  // qsort and bsearch take a comparison function that just takes pointers to
-  // elements. However, since we're passing an array of pointers to
-  // qsort/bsearch, we can just cast the comparison function and everything
-  // works.
-  const void *const *r = bsearch(&p, sk->data, sk->num, sizeof(void *),
-                                 (int (*)(const void *, const void *))sk->comp);
-  if (r == NULL) {
+  if (!sk_is_sorted(sk)) {
+    for (size_t i = 0; i < sk->num; i++) {
+      const void *elem = sk->data[i];
+      if (call_cmp_func(sk->comp, &p, &elem) == 0) {
+        if (out_index) {
+          *out_index = i;
+        }
+        return 1;
+      }
+    }
     return 0;
   }
-  size_t idx = ((void **)r) - sk->data;
-  // This function always returns the first result.
-  while (idx > 0 &&
-         sk->comp((const void **)&p, (const void **)&sk->data[idx - 1]) == 0) {
-    idx--;
-  }
-  if (out_index) {
-    *out_index = idx;
+
+  // The stack is sorted, so binary search to find the element.
+  //
+  // |lo| and |hi| maintain a half-open interval of where the answer may be. All
+  // indices such that |lo <= idx < hi| are candidates.
+  size_t lo = 0, hi = sk->num;
+  while (lo < hi) {
+    // Bias |mid| towards |lo|. See the |r == 0| case below.
+    size_t mid = lo + (hi - lo - 1) / 2;
+    assert(lo <= mid && mid < hi);
+    const void *elem = sk->data[mid];
+    int r = call_cmp_func(sk->comp, &p, &elem);
+    if (r > 0) {
+      lo = mid + 1;  // |mid| is too low.
+    } else if (r < 0) {
+      hi = mid;  // |mid| is too high.
+    } else {
+      // |mid| matches. However, this function returns the earliest match, so we
+      // can only return if the range has size one.
+      if (hi - lo == 1) {
+        if (out_index != NULL) {
+          *out_index = mid;
+        }
+        return 1;
+      }
+      // The sample is biased towards |lo|. |mid| can only be |hi - 1| if
+      // |hi - lo| was one, so this makes forward progress.
+      assert(mid + 1 < hi);
+      hi = mid + 1;
+    }
   }
-  return 1;
+
+  assert(lo == hi);
+  return 0;  // Not found.
 }
 
 void *sk_shift(_STACK *sk) {
@@ -323,15 +362,24 @@ err:
 }
 
 void sk_sort(_STACK *sk) {
-  int (*comp_func)(const void *,const void *);
-
   if (sk == NULL || sk->comp == NULL || sk->sorted) {
     return;
   }
 
-  // See the comment in sk_find about this cast.
-  comp_func = (int (*)(const void *, const void *))(sk->comp);
-  qsort(sk->data, sk->num, sizeof(void *), comp_func);
+  // sk->comp is a function that takes pointers to pointers to elements, but
+  // qsort take a comparison function that just takes pointers to elements.
+  // However, since we're passing an array of pointers to qsort, we can just
+  // cast the comparison function and everything works.
+  //
+  // TODO(davidben): This is undefined behavior, but the call is in libc so,
+  // e.g., CFI does not notice. Unfortunately, |qsort| is missing a void*
+  // parameter in its callback and |qsort_s| / |qsort_r| are a mess of
+  // incompatibility.
+  if (sk->num >= 2) {
+    int (*comp_func)(const void *, const void *) =
+        (int (*)(const void *, const void *))(sk->comp);
+    qsort(sk->data, sk->num, sizeof(void *), comp_func);
+  }
   sk->sorted = 1;
 }
 
@@ -353,8 +401,11 @@ stack_cmp_func sk_set_cmp_func(_STACK *sk, stack_cmp_func comp) {
   return old;
 }
 
-_STACK *sk_deep_copy(const _STACK *sk, void *(*copy_func)(void *),
-                     void (*free_func)(void *)) {
+_STACK *sk_deep_copy(const _STACK *sk,
+                     void *(*call_copy_func)(stack_copy_func, void *),
+                     stack_copy_func copy_func,
+                     void (*call_free_func)(stack_free_func, void *),
+                     stack_free_func free_func) {
   _STACK *ret = sk_dup(sk);
   if (ret == NULL) {
     return NULL;
@@ -364,11 +415,11 @@ _STACK *sk_deep_copy(const _STACK *sk, void *(*copy_func)(void *),
     if (ret->data[i] == NULL) {
       continue;
     }
-    ret->data[i] = copy_func(ret->data[i]);
+    ret->data[i] = call_copy_func(copy_func, ret->data[i]);
     if (ret->data[i] == NULL) {
       for (size_t j = 0; j < i; j++) {
         if (ret->data[j] != NULL) {
-          free_func(ret->data[j]);
+          call_free_func(free_func, ret->data[j]);
         }
       }
       sk_free(ret);

data/third_party/boringssl/crypto/thread_none.c

@@ -14,7 +14,7 @@
 
 #include "internal.h"
 
-#if defined(OPENSSL_NO_THREADS)
+#if !defined(OPENSSL_THREADS)
 
 void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) {}
 
@@ -56,4 +56,4 @@ int CRYPTO_set_thread_local(thread_local_data_t index, void *value,
   return 1;
 }
 
-#endif  // OPENSSL_NO_THREADS
+#endif  // !OPENSSL_THREADS

data/third_party/boringssl/crypto/thread_pthread.c

@@ -24,8 +24,8 @@
 #include <openssl/type_check.h>
 
 
-OPENSSL_COMPILE_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t),
-                       CRYPTO_MUTEX_too_small);
+OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(pthread_rwlock_t),
+                      "CRYPTO_MUTEX is too small");
 
 void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) {
   if (pthread_rwlock_init((pthread_rwlock_t *) lock, NULL) != 0) {

data/third_party/boringssl/crypto/thread_win.c

@@ -27,8 +27,8 @@ OPENSSL_MSVC_PRAGMA(warning(pop))
 #include <openssl/type_check.h>
 
 
-OPENSSL_COMPILE_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK),
-                       CRYPTO_MUTEX_too_small);
+OPENSSL_STATIC_ASSERT(sizeof(CRYPTO_MUTEX) >= sizeof(SRWLOCK),
+                      "CRYPTO_MUTEX is too small");
 
 static BOOL CALLBACK call_once_init(INIT_ONCE *once, void *arg, void **out) {
   void (**init)(void) = (void (**)(void))arg;
@@ -82,7 +82,7 @@ void CRYPTO_STATIC_MUTEX_unlock_write(struct CRYPTO_STATIC_MUTEX *lock) {
   ReleaseSRWLockExclusive(&lock->lock);
 }
 
-static CRITICAL_SECTION g_destructors_lock;
+static SRWLOCK g_destructors_lock = SRWLOCK_INIT;
 static thread_local_destructor_t g_destructors[NUM_OPENSSL_THREAD_LOCALS];
 
 static CRYPTO_once_t g_thread_local_init_once = CRYPTO_ONCE_INIT;
@@ -90,10 +90,6 @@ static DWORD g_thread_local_key;
 static int g_thread_local_failed;
 
 static void thread_local_init(void) {
-  if (!InitializeCriticalSectionAndSpinCount(&g_destructors_lock, 0x400)) {
-    g_thread_local_failed = 1;
-    return;
-  }
   g_thread_local_key = TlsAlloc();
   g_thread_local_failed = (g_thread_local_key == TLS_OUT_OF_INDEXES);
 }
@@ -121,12 +117,11 @@ static void NTAPI thread_local_destructor(PVOID module, DWORD reason,
 
   thread_local_destructor_t destructors[NUM_OPENSSL_THREAD_LOCALS];
 
-  EnterCriticalSection(&g_destructors_lock);
+  AcquireSRWLockExclusive(&g_destructors_lock);
   OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
-  LeaveCriticalSection(&g_destructors_lock);
+  ReleaseSRWLockExclusive(&g_destructors_lock);
 
-  unsigned i;
-  for (i = 0; i < NUM_OPENSSL_THREAD_LOCALS; i++) {
+  for (unsigned i = 0; i < NUM_OPENSSL_THREAD_LOCALS; i++) {
     if (destructors[i] != NULL) {
       destructors[i](pointers[i]);
     }
@@ -146,12 +141,18 @@ static void NTAPI thread_local_destructor(PVOID module, DWORD reason,
 // if it's not already there. (E.g. if __declspec(thread) is not used). Force
 // a reference to p_thread_callback_boringssl to prevent whole program
 // optimization from discarding the variable.
+//
+// Note, in the prefixed build, |p_thread_callback_boringssl| may be a macro.
+#define STRINGIFY(x) #x
+#define EXPAND_AND_STRINGIFY(x) STRINGIFY(x)
 #ifdef _WIN64
-#pragma comment(linker, "/INCLUDE:_tls_used")
-#pragma comment(linker, "/INCLUDE:p_thread_callback_boringssl")
+__pragma(comment(linker, "/INCLUDE:_tls_used"))
+__pragma(comment(
+    linker, "/INCLUDE:" EXPAND_AND_STRINGIFY(p_thread_callback_boringssl)))
 #else
-#pragma comment(linker, "/INCLUDE:__tls_used")
-#pragma comment(linker, "/INCLUDE:_p_thread_callback_boringssl")
+__pragma(comment(linker, "/INCLUDE:__tls_used"))
+__pragma(comment(
+    linker, "/INCLUDE:_" EXPAND_AND_STRINGIFY(p_thread_callback_boringssl)))
 #endif
 
 // .CRT$XLA to .CRT$XLZ is an array of PIMAGE_TLS_CALLBACK pointers that are
@@ -190,13 +191,31 @@ PIMAGE_TLS_CALLBACK p_thread_callback_boringssl = thread_local_destructor;
 
 #endif  // _WIN64
 
+static void **get_thread_locals(void) {
+  // |TlsGetValue| clears the last error even on success, so that callers may
+  // distinguish it successfully returning NULL or failing. It is documented to
+  // never fail if the argument is a valid index from |TlsAlloc|, so we do not
+  // need to handle this.
+  //
+  // However, this error-mangling behavior interferes with the caller's use of
+  // |GetLastError|. In particular |SSL_get_error| queries the error queue to
+  // determine whether the caller should look at the OS's errors. To avoid
+  // destroying state, save and restore the Windows error.
+  //
+  // https://msdn.microsoft.com/en-us/library/windows/desktop/ms686812(v=vs.85).aspx
+  DWORD last_error = GetLastError();
+  void **ret = TlsGetValue(g_thread_local_key);
+  SetLastError(last_error);
+  return ret;
+}
+
 void *CRYPTO_get_thread_local(thread_local_data_t index) {
   CRYPTO_once(&g_thread_local_init_once, thread_local_init);
   if (g_thread_local_failed) {
     return NULL;
   }
 
-  void **pointers = TlsGetValue(g_thread_local_key);
+  void **pointers = get_thread_locals();
   if (pointers == NULL) {
     return NULL;
   }
@@ -211,7 +230,7 @@ int CRYPTO_set_thread_local(thread_local_data_t index, void *value,
     return 0;
   }
 
-  void **pointers = TlsGetValue(g_thread_local_key);
+  void **pointers = get_thread_locals();
   if (pointers == NULL) {
     pointers = OPENSSL_malloc(sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
     if (pointers == NULL) {
@@ -226,9 +245,9 @@ int CRYPTO_set_thread_local(thread_local_data_t index, void *value,
     }
   }
 
-  EnterCriticalSection(&g_destructors_lock);
+  AcquireSRWLockExclusive(&g_destructors_lock);
   g_destructors[index] = destructor;
-  LeaveCriticalSection(&g_destructors_lock);
+  ReleaseSRWLockExclusive(&g_destructors_lock);
 
   pointers[index] = value;
   return 1;