grpc 1.24.0 → 1.25.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +306 -243
- data/etc/roots.pem +0 -100
- data/include/grpc/grpc_security.h +44 -18
- data/include/grpc/impl/codegen/grpc_types.h +15 -0
- data/include/grpc/impl/codegen/port_platform.h +27 -11
- data/include/grpc/impl/codegen/sync_generic.h +1 -1
- data/src/boringssl/err_data.c +695 -650
- data/src/core/ext/filters/client_channel/client_channel.cc +257 -179
- data/src/core/ext/filters/client_channel/client_channel.h +24 -0
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +2 -3
- data/src/core/ext/filters/client_channel/client_channel_factory.h +1 -5
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +18 -45
- data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -13
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +65 -55
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +14 -14
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +113 -36
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +14 -19
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +3 -10
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +814 -1589
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +2 -5
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -6
- data/src/core/ext/filters/client_channel/resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver.h +8 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +25 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +46 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +10 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +7 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +111 -44
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +22 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +29 -10
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +27 -36
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +7 -10
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -16
- data/src/core/ext/filters/client_channel/resolver_factory.h +4 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver_registry.h +1 -1
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +7 -10
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +7 -8
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +1 -1
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
- data/src/core/ext/filters/client_channel/retry_throttle.h +1 -4
- data/src/core/ext/filters/client_channel/service_config.h +8 -8
- data/src/core/ext/filters/client_channel/subchannel.cc +53 -86
- data/src/core/ext/filters/client_channel/subchannel.h +7 -9
- data/src/core/ext/filters/client_channel/subchannel_interface.h +9 -13
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +3 -6
- data/src/core/ext/filters/client_channel/{lb_policy/xds/xds_load_balancer_api.cc → xds/xds_api.cc} +169 -52
- data/src/core/ext/filters/client_channel/xds/xds_api.h +171 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +450 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +99 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel.h +8 -6
- data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel_secure.cc +28 -11
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +1413 -0
- data/src/core/ext/filters/client_channel/xds/xds_client.h +221 -0
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.cc +1 -5
- data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.h +3 -4
- data/src/core/ext/filters/deadline/deadline_filter.cc +20 -20
- data/src/core/ext/filters/http/client/http_client_filter.cc +15 -15
- data/src/core/ext/filters/http/client_authority_filter.cc +14 -14
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +12 -12
- data/src/core/ext/filters/max_age/max_age_filter.cc +59 -50
- data/src/core/ext/filters/message_size/message_size_filter.cc +18 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +15 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +233 -175
- data/src/core/ext/transport/chttp2/transport/flow_control.h +21 -24
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +253 -163
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +24 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +13 -15
- data/src/core/ext/transport/chttp2/transport/writing.cc +3 -0
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
- data/src/core/lib/channel/channel_args.cc +16 -0
- data/src/core/lib/channel/channel_args.h +22 -0
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +20 -20
- data/src/core/lib/channel/handshaker.h +3 -4
- data/src/core/lib/channel/handshaker_factory.h +1 -3
- data/src/core/lib/debug/trace.h +3 -2
- data/src/core/lib/gprpp/arena.cc +3 -3
- data/src/core/lib/gprpp/arena.h +2 -3
- data/src/core/lib/gprpp/inlined_vector.h +9 -0
- data/src/core/lib/gprpp/map.h +3 -501
- data/src/core/lib/gprpp/memory.h +45 -41
- data/src/core/lib/gprpp/mpscq.cc +108 -0
- data/src/core/lib/gprpp/mpscq.h +98 -0
- data/src/core/lib/gprpp/orphanable.h +6 -11
- data/src/core/lib/gprpp/ref_counted.h +25 -19
- data/src/core/lib/gprpp/set.h +33 -0
- data/src/core/lib/gprpp/thd.h +2 -4
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli_security_connector.cc +15 -11
- data/src/core/lib/http/parser.cc +1 -1
- data/src/core/lib/iomgr/buffer_list.cc +4 -5
- data/src/core/lib/iomgr/buffer_list.h +5 -6
- data/src/core/lib/iomgr/call_combiner.cc +4 -5
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/cfstream_handle.h +3 -5
- data/src/core/lib/iomgr/closure.h +8 -3
- data/src/core/lib/iomgr/combiner.cc +45 -82
- data/src/core/lib/iomgr/combiner.h +32 -8
- data/src/core/lib/iomgr/endpoint_cfstream.cc +5 -3
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -15
- data/src/core/lib/iomgr/ev_poll_posix.cc +3 -1
- data/src/core/lib/iomgr/exec_ctx.h +4 -3
- data/src/core/lib/iomgr/executor.cc +4 -2
- data/src/core/lib/iomgr/executor.h +3 -0
- data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -6
- data/src/core/lib/iomgr/executor/threadpool.cc +1 -2
- data/src/core/lib/iomgr/executor/threadpool.h +7 -11
- data/src/core/lib/iomgr/resource_quota.cc +55 -51
- data/src/core/lib/iomgr/resource_quota.h +13 -9
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +13 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +4 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -11
- data/src/core/lib/iomgr/tcp_custom.cc +9 -7
- data/src/core/lib/iomgr/tcp_posix.cc +20 -16
- data/src/core/lib/iomgr/tcp_server.h +1 -4
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -5
- data/src/core/lib/iomgr/tcp_server_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -11
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +3 -2
- data/src/core/lib/iomgr/udp_server.h +6 -12
- data/src/core/lib/json/json.h +1 -1
- data/src/core/lib/json/json_string.cc +2 -2
- data/src/core/lib/profiling/basic_timers.cc +2 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +4 -20
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +4 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +64 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/security_connector.h +19 -17
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +8 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +1 -1
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -6
- data/src/core/lib/security/security_connector/tls/spiffe_security_connector.h +4 -2
- data/src/core/lib/security/transport/client_auth_filter.cc +17 -17
- data/src/core/lib/security/transport/security_handshaker.cc +29 -13
- data/src/core/lib/security/transport/security_handshaker.h +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +14 -14
- data/src/core/lib/slice/slice.cc +2 -10
- data/src/core/lib/slice/slice_hash_table.h +4 -6
- data/src/core/lib/slice/slice_intern.cc +42 -39
- data/src/core/lib/slice/slice_internal.h +3 -3
- data/src/core/lib/slice/slice_utils.h +21 -4
- data/src/core/lib/slice/slice_weak_hash_table.h +4 -6
- data/src/core/lib/surface/call.cc +3 -3
- data/src/core/lib/surface/channel.cc +7 -0
- data/src/core/lib/surface/completion_queue.cc +12 -11
- data/src/core/lib/surface/completion_queue.h +4 -2
- data/src/core/lib/surface/init.cc +1 -0
- data/src/core/lib/surface/lame_client.cc +33 -18
- data/src/core/lib/surface/server.cc +77 -76
- data/src/core/lib/surface/version.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -7
- data/src/core/lib/transport/connectivity_state.cc +112 -98
- data/src/core/lib/transport/connectivity_state.h +100 -50
- data/src/core/lib/transport/static_metadata.cc +276 -288
- data/src/core/lib/transport/static_metadata.h +73 -76
- data/src/core/lib/transport/status_conversion.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +1 -1
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +12 -4
- data/src/core/lib/transport/transport_op_string.cc +14 -11
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +5 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +12 -2
- data/src/core/tsi/fake_transport_security.cc +7 -5
- data/src/core/tsi/grpc_shadow_boringssl.h +2918 -2627
- data/src/core/tsi/local_transport_security.cc +8 -6
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +7 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -6
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +12 -12
- data/src/core/tsi/ssl_transport_security.h +2 -2
- data/src/core/tsi/transport_security_grpc.cc +7 -0
- data/src/core/tsi/transport_security_grpc.h +6 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/ext/grpc/rb_call.c +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +1 -1
- data/src/ruby/lib/grpc/generic/rpc_server.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
- data/third_party/boringssl/crypto/asn1/a_bool.c +18 -5
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +17 -221
- data/third_party/boringssl/crypto/asn1/a_dup.c +0 -24
- data/third_party/boringssl/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +10 -72
- data/third_party/boringssl/crypto/asn1/a_int.c +12 -71
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +110 -216
- data/third_party/boringssl/crypto/asn1/a_object.c +16 -5
- data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -1
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +3 -1
- data/third_party/boringssl/crypto/base64/base64.c +2 -2
- data/third_party/boringssl/crypto/bio/bio.c +73 -9
- data/third_party/boringssl/crypto/bio/connect.c +4 -0
- data/third_party/boringssl/crypto/bio/fd.c +4 -0
- data/third_party/boringssl/crypto/bio/file.c +5 -2
- data/third_party/boringssl/crypto/bio/socket.c +4 -0
- data/third_party/boringssl/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl/crypto/bn_extra/convert.c +11 -7
- data/third_party/boringssl/crypto/bytestring/ber.c +8 -4
- data/third_party/boringssl/crypto/bytestring/cbb.c +19 -7
- data/third_party/boringssl/crypto/bytestring/cbs.c +28 -15
- data/third_party/boringssl/crypto/bytestring/internal.h +28 -7
- data/third_party/boringssl/crypto/bytestring/unicode.c +155 -0
- data/third_party/boringssl/crypto/chacha/chacha.c +36 -19
- data/third_party/boringssl/crypto/chacha/internal.h +45 -0
- data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +29 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +269 -25
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +16 -14
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +54 -38
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +133 -41
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +23 -15
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +24 -15
- data/third_party/boringssl/crypto/cmac/cmac.c +62 -25
- data/third_party/boringssl/crypto/conf/conf.c +7 -0
- data/third_party/boringssl/crypto/cpu-arm-linux.c +4 -148
- data/third_party/boringssl/crypto/cpu-arm-linux.h +201 -0
- data/third_party/boringssl/crypto/cpu-intel.c +45 -51
- data/third_party/boringssl/crypto/crypto.c +39 -22
- data/third_party/boringssl/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +77 -53
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +20 -8
- data/third_party/boringssl/crypto/ec_extra/ec_derive.c +96 -0
- data/third_party/boringssl/crypto/{ecdh/ecdh.c → ecdh_extra/ecdh_extra.c} +20 -58
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -9
- data/third_party/boringssl/crypto/engine/engine.c +2 -1
- data/third_party/boringssl/crypto/err/err.c +2 -0
- data/third_party/boringssl/crypto/err/internal.h +2 -2
- data/third_party/boringssl/crypto/evp/evp.c +89 -8
- data/third_party/boringssl/crypto/evp/evp_asn1.c +56 -5
- data/third_party/boringssl/crypto/evp/evp_ctx.c +52 -14
- data/third_party/boringssl/crypto/evp/internal.h +18 -1
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_ec.c +51 -3
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +6 -7
- data/third_party/boringssl/crypto/evp/p_ed25519.c +36 -3
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +76 -45
- data/third_party/boringssl/crypto/evp/p_rsa.c +3 -1
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +5 -0
- data/third_party/boringssl/crypto/evp/p_x25519.c +110 -0
- data/third_party/boringssl/crypto/evp/p_x25519_asn1.c +249 -0
- data/third_party/boringssl/crypto/evp/scrypt.c +6 -2
- data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +34 -274
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +161 -21
- data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +111 -13
- data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +17 -21
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +119 -7
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +19 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +93 -160
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +48 -57
- data/third_party/boringssl/crypto/fipsmodule/bn/div_extra.c +87 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +143 -211
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -305
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd_extra.c +325 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +168 -50
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +68 -92
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +7 -6
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +11 -14
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +358 -443
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +25 -35
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +20 -25
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +76 -5
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +14 -14
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +7 -2
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +383 -516
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +4 -0
- data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +3 -4
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +3 -2
- data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +32 -17
- data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +228 -122
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +34 -8
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +311 -98
- data/third_party/boringssl/crypto/fipsmodule/ec/felem.c +82 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +263 -97
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +22 -59
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +317 -234
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9473 -9475
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +313 -109
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +36 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +96 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +126 -792
- data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +84 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/util.c +163 -12
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +84 -211
- data/third_party/boringssl/crypto/fipsmodule/ecdh/ecdh.c +122 -0
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +60 -205
- data/third_party/boringssl/crypto/fipsmodule/fips_shared_support.c +32 -0
- data/third_party/boringssl/crypto/fipsmodule/is_fips.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +3 -1
- data/third_party/boringssl/crypto/fipsmodule/md5/internal.h +37 -0
- data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +11 -8
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +35 -79
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +7 -39
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +7 -27
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +123 -309
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +189 -126
- data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +3 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +2 -2
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +35 -0
- data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +24 -19
- data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +256 -77
- data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +10 -7
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +5 -1
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +131 -14
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +83 -10
- data/third_party/boringssl/crypto/fipsmodule/sha/internal.h +53 -0
- data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +9 -13
- data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +18 -12
- data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +95 -168
- data/third_party/boringssl/crypto/hrss/hrss.c +2201 -0
- data/third_party/boringssl/crypto/hrss/internal.h +62 -0
- data/third_party/boringssl/crypto/internal.h +95 -20
- data/third_party/boringssl/crypto/lhash/lhash.c +45 -33
- data/third_party/boringssl/crypto/mem.c +39 -2
- data/third_party/boringssl/crypto/obj/obj.c +4 -4
- data/third_party/boringssl/crypto/obj/obj_dat.h +6181 -875
- data/third_party/boringssl/crypto/pem/pem_all.c +2 -3
- data/third_party/boringssl/crypto/pem/pem_info.c +144 -162
- data/third_party/boringssl/crypto/pem/pem_lib.c +53 -52
- data/third_party/boringssl/crypto/pem/pem_pkey.c +13 -21
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +15 -22
- data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +168 -16
- data/third_party/boringssl/crypto/pkcs8/internal.h +11 -0
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +24 -15
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +42 -25
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +559 -43
- data/third_party/boringssl/crypto/pool/internal.h +1 -1
- data/third_party/boringssl/crypto/pool/pool.c +21 -0
- data/third_party/boringssl/crypto/rand_extra/deterministic.c +8 -0
- data/third_party/boringssl/crypto/rand_extra/fuchsia.c +1 -14
- data/third_party/boringssl/crypto/refcount_lock.c +2 -2
- data/third_party/boringssl/crypto/rsa_extra/rsa_print.c +22 -0
- data/third_party/boringssl/crypto/siphash/siphash.c +80 -0
- data/third_party/boringssl/crypto/stack/stack.c +83 -32
- data/third_party/boringssl/crypto/thread_none.c +2 -2
- data/third_party/boringssl/crypto/thread_pthread.c +2 -2
- data/third_party/boringssl/crypto/thread_win.c +38 -19
- data/third_party/boringssl/crypto/x509/a_strex.c +22 -2
- data/third_party/boringssl/crypto/x509/asn1_gen.c +2 -1
- data/third_party/boringssl/crypto/x509/by_dir.c +7 -0
- data/third_party/boringssl/crypto/x509/by_file.c +12 -10
- data/third_party/boringssl/crypto/x509/t_crl.c +5 -8
- data/third_party/boringssl/crypto/x509/t_req.c +1 -3
- data/third_party/boringssl/crypto/x509/t_x509.c +5 -8
- data/third_party/boringssl/crypto/x509/x509_cmp.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +1 -1
- data/third_party/boringssl/crypto/x509/x509_lu.c +114 -5
- data/third_party/boringssl/crypto/x509/x509_req.c +20 -0
- data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_trs.c +1 -0
- data/third_party/boringssl/crypto/x509/x509_txt.c +4 -5
- data/third_party/boringssl/crypto/x509/x509_vfy.c +145 -138
- data/third_party/boringssl/crypto/x509/x509_vpm.c +2 -0
- data/third_party/boringssl/crypto/x509/x509cset.c +40 -0
- data/third_party/boringssl/crypto/x509/x509name.c +2 -3
- data/third_party/boringssl/crypto/x509/x_all.c +109 -210
- data/third_party/boringssl/crypto/x509/x_x509.c +6 -0
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +1 -3
- data/third_party/boringssl/crypto/x509v3/internal.h +56 -0
- data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -0
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -0
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +4 -2
- data/third_party/boringssl/crypto/x509v3/v3_akey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +19 -13
- data/third_party/boringssl/crypto/x509v3/v3_conf.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +3 -2
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -6
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +1 -0
- data/third_party/boringssl/crypto/x509v3/v3_ocsp.c +68 -0
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +47 -69
- data/third_party/boringssl/crypto/x509v3/v3_skey.c +5 -2
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +69 -25
- data/third_party/boringssl/include/openssl/aead.h +45 -19
- data/third_party/boringssl/include/openssl/aes.h +32 -7
- data/third_party/boringssl/include/openssl/asn1.h +7 -77
- data/third_party/boringssl/include/openssl/base.h +120 -6
- data/third_party/boringssl/include/openssl/base64.h +4 -1
- data/third_party/boringssl/include/openssl/bio.h +112 -81
- data/third_party/boringssl/include/openssl/blowfish.h +3 -3
- data/third_party/boringssl/include/openssl/bn.h +55 -29
- data/third_party/boringssl/include/openssl/buf.h +2 -2
- data/third_party/boringssl/include/openssl/bytestring.h +54 -32
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/cipher.h +46 -16
- data/third_party/boringssl/include/openssl/cmac.h +6 -2
- data/third_party/boringssl/include/openssl/conf.h +3 -6
- data/third_party/boringssl/include/openssl/cpu.h +25 -9
- data/third_party/boringssl/include/openssl/crypto.h +32 -10
- data/third_party/boringssl/include/openssl/curve25519.h +4 -4
- data/third_party/boringssl/include/openssl/dh.h +3 -2
- data/third_party/boringssl/include/openssl/digest.h +21 -7
- data/third_party/boringssl/include/openssl/dsa.h +8 -2
- data/third_party/boringssl/include/openssl/e_os2.h +18 -0
- data/third_party/boringssl/include/openssl/ec.h +25 -21
- data/third_party/boringssl/include/openssl/ec_key.h +36 -8
- data/third_party/boringssl/include/openssl/ecdh.h +17 -0
- data/third_party/boringssl/include/openssl/ecdsa.h +3 -3
- data/third_party/boringssl/include/openssl/engine.h +4 -4
- data/third_party/boringssl/include/openssl/err.h +3 -0
- data/third_party/boringssl/include/openssl/evp.h +199 -42
- data/third_party/boringssl/include/openssl/hmac.h +4 -4
- data/third_party/boringssl/include/openssl/hrss.h +100 -0
- data/third_party/boringssl/include/openssl/lhash.h +131 -23
- data/third_party/boringssl/include/openssl/md4.h +6 -4
- data/third_party/boringssl/include/openssl/md5.h +6 -4
- data/third_party/boringssl/include/openssl/mem.h +6 -2
- data/third_party/boringssl/include/openssl/nid.h +3 -0
- data/third_party/boringssl/include/openssl/obj.h +3 -0
- data/third_party/boringssl/include/openssl/pem.h +102 -64
- data/third_party/boringssl/include/openssl/pkcs7.h +136 -3
- data/third_party/boringssl/include/openssl/pkcs8.h +42 -3
- data/third_party/boringssl/include/openssl/pool.h +13 -2
- data/third_party/boringssl/include/openssl/ripemd.h +5 -4
- data/third_party/boringssl/include/openssl/rsa.h +46 -15
- data/third_party/boringssl/include/openssl/sha.h +40 -28
- data/third_party/boringssl/include/openssl/siphash.h +37 -0
- data/third_party/boringssl/include/openssl/span.h +17 -9
- data/third_party/boringssl/include/openssl/ssl.h +766 -393
- data/third_party/boringssl/include/openssl/ssl3.h +4 -3
- data/third_party/boringssl/include/openssl/stack.h +134 -77
- data/third_party/boringssl/include/openssl/thread.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +25 -9
- data/third_party/boringssl/include/openssl/type_check.h +14 -15
- data/third_party/boringssl/include/openssl/x509.h +28 -3
- data/third_party/boringssl/include/openssl/x509_vfy.h +98 -32
- data/third_party/boringssl/include/openssl/x509v3.h +17 -13
- data/third_party/boringssl/ssl/d1_both.cc +9 -18
- data/third_party/boringssl/ssl/d1_lib.cc +4 -3
- data/third_party/boringssl/ssl/d1_pkt.cc +4 -4
- data/third_party/boringssl/ssl/d1_srtp.cc +15 -15
- data/third_party/boringssl/ssl/dtls_method.cc +0 -1
- data/third_party/boringssl/ssl/dtls_record.cc +28 -28
- data/third_party/boringssl/ssl/handoff.cc +295 -91
- data/third_party/boringssl/ssl/handshake.cc +133 -72
- data/third_party/boringssl/ssl/handshake_client.cc +218 -189
- data/third_party/boringssl/ssl/handshake_server.cc +399 -272
- data/third_party/boringssl/ssl/internal.h +1413 -928
- data/third_party/boringssl/ssl/s3_both.cc +175 -36
- data/third_party/boringssl/ssl/s3_lib.cc +9 -13
- data/third_party/boringssl/ssl/s3_pkt.cc +63 -29
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +55 -35
- data/third_party/boringssl/ssl/ssl_asn1.cc +57 -73
- data/third_party/boringssl/ssl/ssl_buffer.cc +13 -12
- data/third_party/boringssl/ssl/ssl_cert.cc +313 -210
- data/third_party/boringssl/ssl/ssl_cipher.cc +159 -221
- data/third_party/boringssl/ssl/ssl_file.cc +2 -0
- data/third_party/boringssl/ssl/ssl_key_share.cc +164 -19
- data/third_party/boringssl/ssl/ssl_lib.cc +847 -555
- data/third_party/boringssl/ssl/ssl_privkey.cc +441 -111
- data/third_party/boringssl/ssl/ssl_session.cc +230 -178
- data/third_party/boringssl/ssl/ssl_transcript.cc +21 -142
- data/third_party/boringssl/ssl/ssl_versions.cc +88 -93
- data/third_party/boringssl/ssl/ssl_x509.cc +279 -218
- data/third_party/boringssl/ssl/t1_enc.cc +5 -96
- data/third_party/boringssl/ssl/t1_lib.cc +931 -678
- data/third_party/boringssl/ssl/tls13_both.cc +251 -121
- data/third_party/boringssl/ssl/tls13_client.cc +129 -73
- data/third_party/boringssl/ssl/tls13_enc.cc +350 -282
- data/third_party/boringssl/ssl/tls13_server.cc +259 -192
- data/third_party/boringssl/ssl/tls_method.cc +26 -21
- data/third_party/boringssl/ssl/tls_record.cc +42 -47
- data/third_party/boringssl/third_party/fiat/curve25519.c +261 -1324
- data/third_party/boringssl/third_party/fiat/curve25519_32.h +911 -0
- data/third_party/boringssl/third_party/fiat/curve25519_64.h +559 -0
- data/third_party/boringssl/third_party/fiat/p256.c +238 -999
- data/third_party/boringssl/third_party/fiat/p256_32.h +3226 -0
- data/third_party/boringssl/third_party/fiat/p256_64.h +1217 -0
- data/third_party/upb/upb/port_def.inc +1 -1
- data/third_party/upb/upb/table.c +2 -1
- metadata +72 -44
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_load_balancer_api.h +0 -127
- data/src/core/lib/gpr/mpscq.cc +0 -117
- data/src/core/lib/gpr/mpscq.h +0 -88
- data/src/core/lib/gprpp/abstract.h +0 -47
- data/src/core/lib/gprpp/pair.h +0 -38
- data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
- data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
- data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
@@ -30,7 +30,7 @@
|
|
30
30
|
#include "internal.h"
|
31
31
|
|
32
32
|
|
33
|
-
|
33
|
+
BSSL_NAMESPACE_BEGIN
|
34
34
|
|
35
35
|
// kMaxKeyUpdates is the number of consecutive KeyUpdates that will be
|
36
36
|
// processed. Without this limit an attacker could force unbounded processing
|
@@ -43,13 +43,15 @@ const uint8_t kHelloRetryRequest[SSL3_RANDOM_SIZE] = {
|
|
43
43
|
0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c,
|
44
44
|
};
|
45
45
|
|
46
|
-
//
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
0x22, 0xfe, 0x9b, 0x64};
|
46
|
+
// See RFC 8446, section 4.1.3.
|
47
|
+
const uint8_t kTLS12DowngradeRandom[8] = {0x44, 0x4f, 0x57, 0x4e,
|
48
|
+
0x47, 0x52, 0x44, 0x00};
|
49
|
+
const uint8_t kTLS13DowngradeRandom[8] = {0x44, 0x4f, 0x57, 0x4e,
|
50
|
+
0x47, 0x52, 0x44, 0x01};
|
52
51
|
|
52
|
+
// This is a non-standard randomly-generated value.
|
53
|
+
const uint8_t kJDK11DowngradeRandom[8] = {0xed, 0xbf, 0xb4, 0xa8,
|
54
|
+
0xc2, 0x47, 0x10, 0xff};
|
53
55
|
|
54
56
|
bool tls13_get_cert_verify_signature_input(
|
55
57
|
SSL_HANDSHAKE *hs, Array<uint8_t> *out,
|
@@ -102,28 +104,94 @@ bool tls13_get_cert_verify_signature_input(
|
|
102
104
|
return true;
|
103
105
|
}
|
104
106
|
|
105
|
-
|
106
|
-
|
107
|
+
bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
108
|
+
bool allow_anonymous) {
|
107
109
|
SSL *const ssl = hs->ssl;
|
108
|
-
CBS body = msg.body
|
110
|
+
CBS body = msg.body;
|
111
|
+
bssl::UniquePtr<CRYPTO_BUFFER> decompressed;
|
112
|
+
|
113
|
+
if (msg.type == SSL3_MT_COMPRESSED_CERTIFICATE) {
|
114
|
+
CBS compressed;
|
115
|
+
uint16_t alg_id;
|
116
|
+
uint32_t uncompressed_len;
|
117
|
+
|
118
|
+
if (!CBS_get_u16(&body, &alg_id) ||
|
119
|
+
!CBS_get_u24(&body, &uncompressed_len) ||
|
120
|
+
!CBS_get_u24_length_prefixed(&body, &compressed) ||
|
121
|
+
CBS_len(&body) != 0) {
|
122
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
123
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
124
|
+
return false;
|
125
|
+
}
|
126
|
+
|
127
|
+
if (uncompressed_len > ssl->max_cert_list) {
|
128
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
129
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNCOMPRESSED_CERT_TOO_LARGE);
|
130
|
+
ERR_add_error_dataf("requested=%u",
|
131
|
+
static_cast<unsigned>(uncompressed_len));
|
132
|
+
return false;
|
133
|
+
}
|
134
|
+
|
135
|
+
ssl_cert_decompression_func_t decompress = nullptr;
|
136
|
+
for (const auto &alg : ssl->ctx->cert_compression_algs) {
|
137
|
+
if (alg.alg_id == alg_id) {
|
138
|
+
decompress = alg.decompress;
|
139
|
+
break;
|
140
|
+
}
|
141
|
+
}
|
142
|
+
|
143
|
+
if (decompress == nullptr) {
|
144
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
145
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERT_COMPRESSION_ALG);
|
146
|
+
ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
|
147
|
+
return false;
|
148
|
+
}
|
149
|
+
|
150
|
+
CRYPTO_BUFFER *decompressed_ptr = nullptr;
|
151
|
+
if (!decompress(ssl, &decompressed_ptr, uncompressed_len,
|
152
|
+
CBS_data(&compressed), CBS_len(&compressed))) {
|
153
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
154
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_DECOMPRESSION_FAILED);
|
155
|
+
ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
|
156
|
+
return false;
|
157
|
+
}
|
158
|
+
decompressed.reset(decompressed_ptr);
|
159
|
+
|
160
|
+
if (CRYPTO_BUFFER_len(decompressed_ptr) != uncompressed_len) {
|
161
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
162
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_DECOMPRESSION_FAILED);
|
163
|
+
ERR_add_error_dataf(
|
164
|
+
"alg=%d got=%u expected=%u", static_cast<int>(alg_id),
|
165
|
+
static_cast<unsigned>(CRYPTO_BUFFER_len(decompressed_ptr)),
|
166
|
+
static_cast<unsigned>(uncompressed_len));
|
167
|
+
return false;
|
168
|
+
}
|
169
|
+
|
170
|
+
CBS_init(&body, CRYPTO_BUFFER_data(decompressed_ptr),
|
171
|
+
CRYPTO_BUFFER_len(decompressed_ptr));
|
172
|
+
} else {
|
173
|
+
assert(msg.type == SSL3_MT_CERTIFICATE);
|
174
|
+
}
|
175
|
+
|
176
|
+
CBS context, certificate_list;
|
109
177
|
if (!CBS_get_u8_length_prefixed(&body, &context) ||
|
110
178
|
CBS_len(&context) != 0 ||
|
111
179
|
!CBS_get_u24_length_prefixed(&body, &certificate_list) ||
|
112
180
|
CBS_len(&body) != 0) {
|
113
181
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
114
182
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
115
|
-
return
|
183
|
+
return false;
|
116
184
|
}
|
117
185
|
|
118
186
|
UniquePtr<STACK_OF(CRYPTO_BUFFER)> certs(sk_CRYPTO_BUFFER_new_null());
|
119
187
|
if (!certs) {
|
120
188
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
121
189
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
122
|
-
return
|
190
|
+
return false;
|
123
191
|
}
|
124
192
|
|
125
193
|
const bool retain_sha256 =
|
126
|
-
ssl->server &&
|
194
|
+
ssl->server && hs->config->retain_only_sha256_of_client_certs;
|
127
195
|
UniquePtr<EVP_PKEY> pkey;
|
128
196
|
while (CBS_len(&certificate_list) > 0) {
|
129
197
|
CBS certificate, extensions;
|
@@ -132,7 +200,7 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
132
200
|
CBS_len(&certificate) == 0) {
|
133
201
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
134
202
|
OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH);
|
135
|
-
return
|
203
|
+
return false;
|
136
204
|
}
|
137
205
|
|
138
206
|
if (sk_CRYPTO_BUFFER_num(certs.get()) == 0) {
|
@@ -140,13 +208,14 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
140
208
|
if (!pkey) {
|
141
209
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
142
210
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
143
|
-
return
|
211
|
+
return false;
|
144
212
|
}
|
145
213
|
// TLS 1.3 always uses certificate keys for signing thus the correct
|
146
214
|
// keyUsage is enforced.
|
147
|
-
if (!
|
215
|
+
if (!ssl_cert_check_key_usage(&certificate,
|
216
|
+
key_usage_digital_signature)) {
|
148
217
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
149
|
-
return
|
218
|
+
return false;
|
150
219
|
}
|
151
220
|
|
152
221
|
if (retain_sha256) {
|
@@ -162,7 +231,7 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
162
231
|
!PushToStack(certs.get(), std::move(buf))) {
|
163
232
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
164
233
|
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
165
|
-
return
|
234
|
+
return false;
|
166
235
|
}
|
167
236
|
|
168
237
|
// Parse out the extensions.
|
@@ -178,16 +247,16 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
178
247
|
OPENSSL_ARRAY_SIZE(ext_types),
|
179
248
|
0 /* reject unknown */)) {
|
180
249
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
181
|
-
return
|
250
|
+
return false;
|
182
251
|
}
|
183
252
|
|
184
253
|
// All Certificate extensions are parsed, but only the leaf extensions are
|
185
254
|
// stored.
|
186
255
|
if (have_status_request) {
|
187
|
-
if (ssl->server || !
|
256
|
+
if (ssl->server || !hs->config->ocsp_stapling_enabled) {
|
188
257
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
189
258
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
|
190
|
-
return
|
259
|
+
return false;
|
191
260
|
}
|
192
261
|
|
193
262
|
uint8_t status_type;
|
@@ -198,40 +267,38 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
198
267
|
CBS_len(&ocsp_response) == 0 ||
|
199
268
|
CBS_len(&status_request) != 0) {
|
200
269
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
201
|
-
return
|
270
|
+
return false;
|
202
271
|
}
|
203
272
|
|
204
273
|
if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
|
205
|
-
|
206
|
-
|
207
|
-
CRYPTO_BUFFER_new_from_CBS(&ocsp_response, ssl->ctx->pool);
|
274
|
+
hs->new_session->ocsp_response.reset(
|
275
|
+
CRYPTO_BUFFER_new_from_CBS(&ocsp_response, ssl->ctx->pool));
|
208
276
|
if (hs->new_session->ocsp_response == nullptr) {
|
209
277
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
210
|
-
return
|
278
|
+
return false;
|
211
279
|
}
|
212
280
|
}
|
213
281
|
}
|
214
282
|
|
215
283
|
if (have_sct) {
|
216
|
-
if (ssl->server || !
|
284
|
+
if (ssl->server || !hs->config->signed_cert_timestamps_enabled) {
|
217
285
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
218
286
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
|
219
|
-
return
|
287
|
+
return false;
|
220
288
|
}
|
221
289
|
|
222
290
|
if (!ssl_is_sct_list_valid(&sct)) {
|
223
291
|
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
|
224
292
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
225
|
-
return
|
293
|
+
return false;
|
226
294
|
}
|
227
295
|
|
228
296
|
if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
|
229
|
-
|
230
|
-
|
231
|
-
CRYPTO_BUFFER_new_from_CBS(&sct, ssl->ctx->pool);
|
297
|
+
hs->new_session->signed_cert_timestamp_list.reset(
|
298
|
+
CRYPTO_BUFFER_new_from_CBS(&sct, ssl->ctx->pool));
|
232
299
|
if (hs->new_session->signed_cert_timestamp_list == nullptr) {
|
233
300
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
234
|
-
return
|
301
|
+
return false;
|
235
302
|
}
|
236
303
|
}
|
237
304
|
}
|
@@ -244,21 +311,19 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
244
311
|
}
|
245
312
|
|
246
313
|
hs->peer_pubkey = std::move(pkey);
|
247
|
-
|
248
|
-
sk_CRYPTO_BUFFER_pop_free(hs->new_session->certs, CRYPTO_BUFFER_free);
|
249
|
-
hs->new_session->certs = certs.release();
|
314
|
+
hs->new_session->certs = std::move(certs);
|
250
315
|
|
251
316
|
if (!ssl->ctx->x509_method->session_cache_objects(hs->new_session.get())) {
|
252
317
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
253
318
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
254
|
-
return
|
319
|
+
return false;
|
255
320
|
}
|
256
321
|
|
257
|
-
if (sk_CRYPTO_BUFFER_num(hs->new_session->certs) == 0) {
|
322
|
+
if (sk_CRYPTO_BUFFER_num(hs->new_session->certs.get()) == 0) {
|
258
323
|
if (!allow_anonymous) {
|
259
324
|
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
|
260
325
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_CERTIFICATE_REQUIRED);
|
261
|
-
return
|
326
|
+
return false;
|
262
327
|
}
|
263
328
|
|
264
329
|
// OpenSSL returns X509_V_OK when no certificates are requested. This is
|
@@ -266,18 +331,18 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
266
331
|
hs->new_session->verify_result = X509_V_OK;
|
267
332
|
|
268
333
|
// No certificate, so nothing more to do.
|
269
|
-
return
|
334
|
+
return true;
|
270
335
|
}
|
271
336
|
|
272
337
|
hs->new_session->peer_sha256_valid = retain_sha256;
|
273
|
-
return
|
338
|
+
return true;
|
274
339
|
}
|
275
340
|
|
276
|
-
|
341
|
+
bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
277
342
|
SSL *const ssl = hs->ssl;
|
278
343
|
if (hs->peer_pubkey == NULL) {
|
279
344
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
280
|
-
return
|
345
|
+
return false;
|
281
346
|
}
|
282
347
|
|
283
348
|
CBS body = msg.body, signature;
|
@@ -287,13 +352,13 @@ int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
|
287
352
|
CBS_len(&body) != 0) {
|
288
353
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
289
354
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
290
|
-
return
|
355
|
+
return false;
|
291
356
|
}
|
292
357
|
|
293
358
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
294
359
|
if (!tls12_check_peer_sigalg(ssl, &alert, signature_algorithm)) {
|
295
360
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
296
|
-
return
|
361
|
+
return false;
|
297
362
|
}
|
298
363
|
hs->new_session->peer_signature_algorithm = signature_algorithm;
|
299
364
|
|
@@ -302,131 +367,189 @@ int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
|
302
367
|
hs, &input,
|
303
368
|
ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
|
304
369
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
305
|
-
return
|
370
|
+
return false;
|
306
371
|
}
|
307
372
|
|
308
|
-
|
309
|
-
|
310
|
-
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
311
|
-
sig_ok = true;
|
312
|
-
ERR_clear_error();
|
313
|
-
#endif
|
314
|
-
if (!sig_ok) {
|
373
|
+
if (!ssl_public_key_verify(ssl, signature, signature_algorithm,
|
374
|
+
hs->peer_pubkey.get(), input)) {
|
315
375
|
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
|
316
376
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
|
317
|
-
return
|
377
|
+
return false;
|
318
378
|
}
|
319
379
|
|
320
|
-
return
|
380
|
+
return true;
|
321
381
|
}
|
322
382
|
|
323
|
-
|
324
|
-
|
383
|
+
bool tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
384
|
+
bool use_saved_value) {
|
325
385
|
SSL *const ssl = hs->ssl;
|
326
386
|
uint8_t verify_data_buf[EVP_MAX_MD_SIZE];
|
327
|
-
const uint8_t
|
328
|
-
size_t verify_data_len;
|
387
|
+
Span<const uint8_t> verify_data;
|
329
388
|
if (use_saved_value) {
|
330
389
|
assert(ssl->server);
|
331
|
-
verify_data = hs->expected_client_finished;
|
332
|
-
verify_data_len = hs->hash_len;
|
390
|
+
verify_data = hs->expected_client_finished();
|
333
391
|
} else {
|
334
|
-
|
335
|
-
|
336
|
-
return
|
392
|
+
size_t len;
|
393
|
+
if (!tls13_finished_mac(hs, verify_data_buf, &len, !ssl->server)) {
|
394
|
+
return false;
|
337
395
|
}
|
338
|
-
verify_data = verify_data_buf;
|
396
|
+
verify_data = MakeConstSpan(verify_data_buf, len);
|
339
397
|
}
|
340
398
|
|
341
|
-
|
399
|
+
bool finished_ok =
|
400
|
+
CBS_mem_equal(&msg.body, verify_data.data(), verify_data.size());
|
342
401
|
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
343
|
-
finished_ok =
|
402
|
+
finished_ok = true;
|
344
403
|
#endif
|
345
404
|
if (!finished_ok) {
|
346
405
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
|
347
406
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
|
348
|
-
return
|
407
|
+
return false;
|
349
408
|
}
|
350
409
|
|
351
|
-
return
|
410
|
+
return true;
|
352
411
|
}
|
353
412
|
|
354
|
-
|
413
|
+
bool tls13_add_certificate(SSL_HANDSHAKE *hs) {
|
355
414
|
SSL *const ssl = hs->ssl;
|
415
|
+
CERT *const cert = hs->config->cert.get();
|
416
|
+
DC *const dc = cert->dc.get();
|
417
|
+
|
356
418
|
ScopedCBB cbb;
|
357
|
-
CBB body, certificate_list;
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
419
|
+
CBB *body, body_storage, certificate_list;
|
420
|
+
|
421
|
+
if (hs->cert_compression_negotiated) {
|
422
|
+
if (!CBB_init(cbb.get(), 1024)) {
|
423
|
+
return false;
|
424
|
+
}
|
425
|
+
body = cbb.get();
|
426
|
+
} else {
|
427
|
+
body = &body_storage;
|
428
|
+
if (!ssl->method->init_message(ssl, cbb.get(), body, SSL3_MT_CERTIFICATE)) {
|
429
|
+
return false;
|
430
|
+
}
|
431
|
+
}
|
432
|
+
|
433
|
+
if (// The request context is always empty in the handshake.
|
434
|
+
!CBB_add_u8(body, 0) ||
|
435
|
+
!CBB_add_u24_length_prefixed(body, &certificate_list)) {
|
362
436
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
363
|
-
return
|
437
|
+
return false;
|
364
438
|
}
|
365
439
|
|
366
|
-
if (!ssl_has_certificate(
|
440
|
+
if (!ssl_has_certificate(hs)) {
|
367
441
|
return ssl_add_message_cbb(ssl, cbb.get());
|
368
442
|
}
|
369
443
|
|
370
|
-
|
371
|
-
CRYPTO_BUFFER *leaf_buf = sk_CRYPTO_BUFFER_value(cert->chain, 0);
|
444
|
+
CRYPTO_BUFFER *leaf_buf = sk_CRYPTO_BUFFER_value(cert->chain.get(), 0);
|
372
445
|
CBB leaf, extensions;
|
373
446
|
if (!CBB_add_u24_length_prefixed(&certificate_list, &leaf) ||
|
374
447
|
!CBB_add_bytes(&leaf, CRYPTO_BUFFER_data(leaf_buf),
|
375
448
|
CRYPTO_BUFFER_len(leaf_buf)) ||
|
376
449
|
!CBB_add_u16_length_prefixed(&certificate_list, &extensions)) {
|
377
450
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
378
|
-
return
|
451
|
+
return false;
|
379
452
|
}
|
380
453
|
|
381
|
-
if (hs->scts_requested &&
|
454
|
+
if (hs->scts_requested && cert->signed_cert_timestamp_list != nullptr) {
|
382
455
|
CBB contents;
|
383
456
|
if (!CBB_add_u16(&extensions, TLSEXT_TYPE_certificate_timestamp) ||
|
384
457
|
!CBB_add_u16_length_prefixed(&extensions, &contents) ||
|
385
458
|
!CBB_add_bytes(
|
386
459
|
&contents,
|
387
|
-
CRYPTO_BUFFER_data(
|
388
|
-
CRYPTO_BUFFER_len(
|
460
|
+
CRYPTO_BUFFER_data(cert->signed_cert_timestamp_list.get()),
|
461
|
+
CRYPTO_BUFFER_len(cert->signed_cert_timestamp_list.get())) ||
|
389
462
|
!CBB_flush(&extensions)) {
|
390
463
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
391
|
-
return
|
464
|
+
return false;
|
392
465
|
}
|
393
466
|
}
|
394
467
|
|
395
|
-
if (hs->ocsp_stapling_requested &&
|
396
|
-
ssl->cert->ocsp_response != NULL) {
|
468
|
+
if (hs->ocsp_stapling_requested && cert->ocsp_response != NULL) {
|
397
469
|
CBB contents, ocsp_response;
|
398
470
|
if (!CBB_add_u16(&extensions, TLSEXT_TYPE_status_request) ||
|
399
471
|
!CBB_add_u16_length_prefixed(&extensions, &contents) ||
|
400
472
|
!CBB_add_u8(&contents, TLSEXT_STATUSTYPE_ocsp) ||
|
401
473
|
!CBB_add_u24_length_prefixed(&contents, &ocsp_response) ||
|
402
474
|
!CBB_add_bytes(&ocsp_response,
|
403
|
-
CRYPTO_BUFFER_data(
|
404
|
-
CRYPTO_BUFFER_len(
|
475
|
+
CRYPTO_BUFFER_data(cert->ocsp_response.get()),
|
476
|
+
CRYPTO_BUFFER_len(cert->ocsp_response.get())) ||
|
477
|
+
!CBB_flush(&extensions)) {
|
478
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
479
|
+
return false;
|
480
|
+
}
|
481
|
+
}
|
482
|
+
|
483
|
+
if (ssl_signing_with_dc(hs)) {
|
484
|
+
const CRYPTO_BUFFER *raw = dc->raw.get();
|
485
|
+
CBB child;
|
486
|
+
if (!CBB_add_u16(&extensions, TLSEXT_TYPE_delegated_credential) ||
|
487
|
+
!CBB_add_u16_length_prefixed(&extensions, &child) ||
|
488
|
+
!CBB_add_bytes(&child, CRYPTO_BUFFER_data(raw),
|
489
|
+
CRYPTO_BUFFER_len(raw)) ||
|
405
490
|
!CBB_flush(&extensions)) {
|
406
491
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
407
492
|
return 0;
|
408
493
|
}
|
494
|
+
ssl->s3->delegated_credential_used = true;
|
409
495
|
}
|
410
496
|
|
411
|
-
for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain); i++) {
|
412
|
-
CRYPTO_BUFFER *cert_buf = sk_CRYPTO_BUFFER_value(cert->chain, i);
|
497
|
+
for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain.get()); i++) {
|
498
|
+
CRYPTO_BUFFER *cert_buf = sk_CRYPTO_BUFFER_value(cert->chain.get(), i);
|
413
499
|
CBB child;
|
414
500
|
if (!CBB_add_u24_length_prefixed(&certificate_list, &child) ||
|
415
501
|
!CBB_add_bytes(&child, CRYPTO_BUFFER_data(cert_buf),
|
416
502
|
CRYPTO_BUFFER_len(cert_buf)) ||
|
417
503
|
!CBB_add_u16(&certificate_list, 0 /* no extensions */)) {
|
418
504
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
419
|
-
return
|
505
|
+
return false;
|
506
|
+
}
|
507
|
+
}
|
508
|
+
|
509
|
+
if (!hs->cert_compression_negotiated) {
|
510
|
+
return ssl_add_message_cbb(ssl, cbb.get());
|
511
|
+
}
|
512
|
+
|
513
|
+
Array<uint8_t> msg;
|
514
|
+
if (!CBBFinishArray(cbb.get(), &msg)) {
|
515
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
516
|
+
return false;
|
517
|
+
}
|
518
|
+
|
519
|
+
const CertCompressionAlg *alg = nullptr;
|
520
|
+
for (const auto &candidate : ssl->ctx->cert_compression_algs) {
|
521
|
+
if (candidate.alg_id == hs->cert_compression_alg_id) {
|
522
|
+
alg = &candidate;
|
523
|
+
break;
|
420
524
|
}
|
421
525
|
}
|
422
526
|
|
423
|
-
|
527
|
+
if (alg == nullptr || alg->compress == nullptr) {
|
528
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
529
|
+
return false;
|
530
|
+
}
|
531
|
+
|
532
|
+
CBB compressed;
|
533
|
+
body = &body_storage;
|
534
|
+
if (!ssl->method->init_message(ssl, cbb.get(), body,
|
535
|
+
SSL3_MT_COMPRESSED_CERTIFICATE) ||
|
536
|
+
!CBB_add_u16(body, hs->cert_compression_alg_id) ||
|
537
|
+
!CBB_add_u24(body, msg.size()) ||
|
538
|
+
!CBB_add_u24_length_prefixed(body, &compressed) ||
|
539
|
+
!alg->compress(ssl, &compressed, msg.data(), msg.size()) ||
|
540
|
+
!ssl_add_message_cbb(ssl, cbb.get())) {
|
541
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
542
|
+
return false;
|
543
|
+
}
|
544
|
+
|
545
|
+
return true;
|
424
546
|
}
|
425
547
|
|
426
548
|
enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
|
427
549
|
SSL *const ssl = hs->ssl;
|
428
550
|
uint16_t signature_algorithm;
|
429
551
|
if (!tls1_choose_signature_algorithm(hs, &signature_algorithm)) {
|
552
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
|
430
553
|
return ssl_private_key_failure;
|
431
554
|
}
|
432
555
|
|
@@ -472,7 +595,7 @@ enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
|
|
472
595
|
return ssl_private_key_success;
|
473
596
|
}
|
474
597
|
|
475
|
-
|
598
|
+
bool tls13_add_finished(SSL_HANDSHAKE *hs) {
|
476
599
|
SSL *const ssl = hs->ssl;
|
477
600
|
size_t verify_data_len;
|
478
601
|
uint8_t verify_data[EVP_MAX_MD_SIZE];
|
@@ -480,7 +603,7 @@ int tls13_add_finished(SSL_HANDSHAKE *hs) {
|
|
480
603
|
if (!tls13_finished_mac(hs, verify_data, &verify_data_len, ssl->server)) {
|
481
604
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
482
605
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
|
483
|
-
return
|
606
|
+
return false;
|
484
607
|
}
|
485
608
|
|
486
609
|
ScopedCBB cbb;
|
@@ -488,13 +611,32 @@ int tls13_add_finished(SSL_HANDSHAKE *hs) {
|
|
488
611
|
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_FINISHED) ||
|
489
612
|
!CBB_add_bytes(&body, verify_data, verify_data_len) ||
|
490
613
|
!ssl_add_message_cbb(ssl, cbb.get())) {
|
491
|
-
return
|
614
|
+
return false;
|
492
615
|
}
|
493
616
|
|
494
|
-
return
|
617
|
+
return true;
|
495
618
|
}
|
496
619
|
|
497
|
-
|
620
|
+
bool tls13_add_key_update(SSL *ssl, int update_requested) {
|
621
|
+
ScopedCBB cbb;
|
622
|
+
CBB body_cbb;
|
623
|
+
if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
|
624
|
+
SSL3_MT_KEY_UPDATE) ||
|
625
|
+
!CBB_add_u8(&body_cbb, update_requested) ||
|
626
|
+
!ssl_add_message_cbb(ssl, cbb.get()) ||
|
627
|
+
!tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
|
628
|
+
return false;
|
629
|
+
}
|
630
|
+
|
631
|
+
// Suppress KeyUpdate acknowledgments until this change is written to the
|
632
|
+
// wire. This prevents us from accumulating write obligations when read and
|
633
|
+
// write progress at different rates. See RFC 8446, section 4.6.3.
|
634
|
+
ssl->s3->key_update_pending = true;
|
635
|
+
|
636
|
+
return true;
|
637
|
+
}
|
638
|
+
|
639
|
+
static bool tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
|
498
640
|
CBS body = msg.body;
|
499
641
|
uint8_t key_update_request;
|
500
642
|
if (!CBS_get_u8(&body, &key_update_request) ||
|
@@ -503,43 +645,31 @@ static int tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
|
|
503
645
|
key_update_request != SSL_KEY_UPDATE_REQUESTED)) {
|
504
646
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
505
647
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
506
|
-
return
|
648
|
+
return false;
|
507
649
|
}
|
508
650
|
|
509
651
|
if (!tls13_rotate_traffic_key(ssl, evp_aead_open)) {
|
510
|
-
return
|
652
|
+
return false;
|
511
653
|
}
|
512
654
|
|
513
655
|
// Acknowledge the KeyUpdate
|
514
656
|
if (key_update_request == SSL_KEY_UPDATE_REQUESTED &&
|
515
|
-
!ssl->s3->key_update_pending
|
516
|
-
|
517
|
-
|
518
|
-
if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
|
519
|
-
SSL3_MT_KEY_UPDATE) ||
|
520
|
-
!CBB_add_u8(&body_cbb, SSL_KEY_UPDATE_NOT_REQUESTED) ||
|
521
|
-
!ssl_add_message_cbb(ssl, cbb.get()) ||
|
522
|
-
!tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
|
523
|
-
return 0;
|
524
|
-
}
|
525
|
-
|
526
|
-
// Suppress KeyUpdate acknowledgments until this change is written to the
|
527
|
-
// wire. This prevents us from accumulating write obligations when read and
|
528
|
-
// write progress at different rates. See draft-ietf-tls-tls13-18, section
|
529
|
-
// 4.5.3.
|
530
|
-
ssl->s3->key_update_pending = true;
|
657
|
+
!ssl->s3->key_update_pending &&
|
658
|
+
!tls13_add_key_update(ssl, SSL_KEY_UPDATE_NOT_REQUESTED)) {
|
659
|
+
return false;
|
531
660
|
}
|
532
661
|
|
533
|
-
return
|
662
|
+
return true;
|
534
663
|
}
|
535
664
|
|
536
|
-
|
665
|
+
bool tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
|
537
666
|
if (msg.type == SSL3_MT_KEY_UPDATE) {
|
538
667
|
ssl->s3->key_update_count++;
|
539
|
-
if (ssl->
|
668
|
+
if (ssl->quic_method != nullptr ||
|
669
|
+
ssl->s3->key_update_count > kMaxKeyUpdates) {
|
540
670
|
OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MANY_KEY_UPDATES);
|
541
671
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
542
|
-
return
|
672
|
+
return false;
|
543
673
|
}
|
544
674
|
|
545
675
|
return tls13_receive_key_update(ssl, msg);
|
@@ -553,7 +683,7 @@ int tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
|
|
553
683
|
|
554
684
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
555
685
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
|
556
|
-
return
|
686
|
+
return false;
|
557
687
|
}
|
558
688
|
|
559
|
-
|
689
|
+
BSSL_NAMESPACE_END
|