grpc 1.24.0 → 1.25.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (505) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +306 -243
  3. data/etc/roots.pem +0 -100
  4. data/include/grpc/grpc_security.h +44 -18
  5. data/include/grpc/impl/codegen/grpc_types.h +15 -0
  6. data/include/grpc/impl/codegen/port_platform.h +27 -11
  7. data/include/grpc/impl/codegen/sync_generic.h +1 -1
  8. data/src/boringssl/err_data.c +695 -650
  9. data/src/core/ext/filters/client_channel/client_channel.cc +257 -179
  10. data/src/core/ext/filters/client_channel/client_channel.h +24 -0
  11. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +2 -3
  12. data/src/core/ext/filters/client_channel/client_channel_factory.h +1 -5
  13. data/src/core/ext/filters/client_channel/health/health_check_client.cc +18 -45
  14. data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -13
  15. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
  16. data/src/core/ext/filters/client_channel/lb_policy.cc +2 -3
  17. data/src/core/ext/filters/client_channel/lb_policy.h +65 -55
  18. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +14 -14
  19. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +113 -36
  20. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +14 -19
  21. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +36 -13
  22. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +3 -10
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +814 -1589
  24. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +2 -5
  25. data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -6
  26. data/src/core/ext/filters/client_channel/resolver.cc +1 -2
  27. data/src/core/ext/filters/client_channel/resolver.h +8 -16
  28. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +25 -8
  29. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +46 -12
  30. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +10 -17
  31. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +7 -8
  32. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
  33. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +111 -44
  34. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +22 -14
  35. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
  36. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +2 -2
  37. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +29 -10
  38. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +27 -36
  39. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +7 -10
  40. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -16
  41. data/src/core/ext/filters/client_channel/resolver_factory.h +4 -8
  42. data/src/core/ext/filters/client_channel/resolver_registry.cc +1 -1
  43. data/src/core/ext/filters/client_channel/resolver_registry.h +1 -1
  44. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +7 -10
  45. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +7 -8
  46. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +1 -1
  47. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
  48. data/src/core/ext/filters/client_channel/retry_throttle.h +1 -4
  49. data/src/core/ext/filters/client_channel/service_config.h +8 -8
  50. data/src/core/ext/filters/client_channel/subchannel.cc +53 -86
  51. data/src/core/ext/filters/client_channel/subchannel.h +7 -9
  52. data/src/core/ext/filters/client_channel/subchannel_interface.h +9 -13
  53. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +3 -6
  54. data/src/core/ext/filters/client_channel/{lb_policy/xds/xds_load_balancer_api.cc → xds/xds_api.cc} +169 -52
  55. data/src/core/ext/filters/client_channel/xds/xds_api.h +171 -0
  56. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +450 -0
  57. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +99 -0
  58. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel.h +8 -6
  59. data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
  60. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_channel_secure.cc +28 -11
  61. data/src/core/ext/filters/client_channel/xds/xds_client.cc +1413 -0
  62. data/src/core/ext/filters/client_channel/xds/xds_client.h +221 -0
  63. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.cc +1 -5
  64. data/src/core/ext/filters/client_channel/{lb_policy/xds → xds}/xds_client_stats.h +3 -4
  65. data/src/core/ext/filters/deadline/deadline_filter.cc +20 -20
  66. data/src/core/ext/filters/http/client/http_client_filter.cc +15 -15
  67. data/src/core/ext/filters/http/client_authority_filter.cc +14 -14
  68. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +12 -12
  69. data/src/core/ext/filters/max_age/max_age_filter.cc +59 -50
  70. data/src/core/ext/filters/message_size/message_size_filter.cc +18 -18
  71. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +15 -14
  72. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +233 -175
  73. data/src/core/ext/transport/chttp2/transport/flow_control.h +21 -24
  74. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +253 -163
  75. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +24 -12
  76. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -3
  77. data/src/core/ext/transport/chttp2/transport/internal.h +13 -15
  78. data/src/core/ext/transport/chttp2/transport/writing.cc +3 -0
  79. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -13
  80. data/src/core/lib/channel/channel_args.cc +16 -0
  81. data/src/core/lib/channel/channel_args.h +22 -0
  82. data/src/core/lib/channel/channelz.cc +5 -6
  83. data/src/core/lib/channel/channelz.h +1 -1
  84. data/src/core/lib/channel/connected_channel.cc +20 -20
  85. data/src/core/lib/channel/handshaker.h +3 -4
  86. data/src/core/lib/channel/handshaker_factory.h +1 -3
  87. data/src/core/lib/debug/trace.h +3 -2
  88. data/src/core/lib/gprpp/arena.cc +3 -3
  89. data/src/core/lib/gprpp/arena.h +2 -3
  90. data/src/core/lib/gprpp/inlined_vector.h +9 -0
  91. data/src/core/lib/gprpp/map.h +3 -501
  92. data/src/core/lib/gprpp/memory.h +45 -41
  93. data/src/core/lib/gprpp/mpscq.cc +108 -0
  94. data/src/core/lib/gprpp/mpscq.h +98 -0
  95. data/src/core/lib/gprpp/orphanable.h +6 -11
  96. data/src/core/lib/gprpp/ref_counted.h +25 -19
  97. data/src/core/lib/gprpp/set.h +33 -0
  98. data/src/core/lib/gprpp/thd.h +2 -4
  99. data/src/core/lib/http/httpcli.cc +1 -1
  100. data/src/core/lib/http/httpcli_security_connector.cc +15 -11
  101. data/src/core/lib/http/parser.cc +1 -1
  102. data/src/core/lib/iomgr/buffer_list.cc +4 -5
  103. data/src/core/lib/iomgr/buffer_list.h +5 -6
  104. data/src/core/lib/iomgr/call_combiner.cc +4 -5
  105. data/src/core/lib/iomgr/call_combiner.h +2 -2
  106. data/src/core/lib/iomgr/cfstream_handle.h +3 -5
  107. data/src/core/lib/iomgr/closure.h +8 -3
  108. data/src/core/lib/iomgr/combiner.cc +45 -82
  109. data/src/core/lib/iomgr/combiner.h +32 -8
  110. data/src/core/lib/iomgr/endpoint_cfstream.cc +5 -3
  111. data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -15
  112. data/src/core/lib/iomgr/ev_poll_posix.cc +3 -1
  113. data/src/core/lib/iomgr/exec_ctx.h +4 -3
  114. data/src/core/lib/iomgr/executor.cc +4 -2
  115. data/src/core/lib/iomgr/executor.h +3 -0
  116. data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -6
  117. data/src/core/lib/iomgr/executor/threadpool.cc +1 -2
  118. data/src/core/lib/iomgr/executor/threadpool.h +7 -11
  119. data/src/core/lib/iomgr/resource_quota.cc +55 -51
  120. data/src/core/lib/iomgr/resource_quota.h +13 -9
  121. data/src/core/lib/iomgr/socket_utils_common_posix.cc +13 -0
  122. data/src/core/lib/iomgr/socket_utils_posix.h +4 -0
  123. data/src/core/lib/iomgr/tcp_client_posix.cc +4 -11
  124. data/src/core/lib/iomgr/tcp_custom.cc +9 -7
  125. data/src/core/lib/iomgr/tcp_posix.cc +20 -16
  126. data/src/core/lib/iomgr/tcp_server.h +1 -4
  127. data/src/core/lib/iomgr/tcp_server_custom.cc +5 -5
  128. data/src/core/lib/iomgr/tcp_server_posix.cc +1 -1
  129. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -11
  130. data/src/core/lib/iomgr/timer_custom.cc +2 -2
  131. data/src/core/lib/iomgr/udp_server.cc +3 -2
  132. data/src/core/lib/iomgr/udp_server.h +6 -12
  133. data/src/core/lib/json/json.h +1 -1
  134. data/src/core/lib/json/json_string.cc +2 -2
  135. data/src/core/lib/profiling/basic_timers.cc +2 -2
  136. data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -2
  137. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -1
  138. data/src/core/lib/security/credentials/credentials.h +4 -20
  139. data/src/core/lib/security/credentials/fake/fake_credentials.cc +4 -4
  140. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -3
  141. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +64 -0
  142. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +4 -4
  143. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -7
  144. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -0
  145. data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
  146. data/src/core/lib/security/security_connector/security_connector.cc +1 -0
  147. data/src/core/lib/security/security_connector/security_connector.h +19 -17
  148. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +8 -5
  149. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
  150. data/src/core/lib/security/security_connector/ssl_utils.h +1 -1
  151. data/src/core/lib/security/security_connector/tls/spiffe_security_connector.cc +14 -6
  152. data/src/core/lib/security/security_connector/tls/spiffe_security_connector.h +4 -2
  153. data/src/core/lib/security/transport/client_auth_filter.cc +17 -17
  154. data/src/core/lib/security/transport/security_handshaker.cc +29 -13
  155. data/src/core/lib/security/transport/security_handshaker.h +4 -2
  156. data/src/core/lib/security/transport/server_auth_filter.cc +14 -14
  157. data/src/core/lib/slice/slice.cc +2 -10
  158. data/src/core/lib/slice/slice_hash_table.h +4 -6
  159. data/src/core/lib/slice/slice_intern.cc +42 -39
  160. data/src/core/lib/slice/slice_internal.h +3 -3
  161. data/src/core/lib/slice/slice_utils.h +21 -4
  162. data/src/core/lib/slice/slice_weak_hash_table.h +4 -6
  163. data/src/core/lib/surface/call.cc +3 -3
  164. data/src/core/lib/surface/channel.cc +7 -0
  165. data/src/core/lib/surface/completion_queue.cc +12 -11
  166. data/src/core/lib/surface/completion_queue.h +4 -2
  167. data/src/core/lib/surface/init.cc +1 -0
  168. data/src/core/lib/surface/lame_client.cc +33 -18
  169. data/src/core/lib/surface/server.cc +77 -76
  170. data/src/core/lib/surface/version.cc +1 -1
  171. data/src/core/lib/transport/byte_stream.h +3 -7
  172. data/src/core/lib/transport/connectivity_state.cc +112 -98
  173. data/src/core/lib/transport/connectivity_state.h +100 -50
  174. data/src/core/lib/transport/static_metadata.cc +276 -288
  175. data/src/core/lib/transport/static_metadata.h +73 -76
  176. data/src/core/lib/transport/status_conversion.cc +1 -1
  177. data/src/core/lib/transport/status_metadata.cc +1 -1
  178. data/src/core/lib/transport/transport.cc +2 -2
  179. data/src/core/lib/transport/transport.h +12 -4
  180. data/src/core/lib/transport/transport_op_string.cc +14 -11
  181. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
  182. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +1 -1
  183. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +5 -5
  184. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +12 -2
  185. data/src/core/tsi/fake_transport_security.cc +7 -5
  186. data/src/core/tsi/grpc_shadow_boringssl.h +2918 -2627
  187. data/src/core/tsi/local_transport_security.cc +8 -6
  188. data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -3
  189. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -2
  190. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +7 -5
  191. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -6
  192. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -2
  193. data/src/core/tsi/ssl_transport_security.cc +12 -12
  194. data/src/core/tsi/ssl_transport_security.h +2 -2
  195. data/src/core/tsi/transport_security_grpc.cc +7 -0
  196. data/src/core/tsi/transport_security_grpc.h +6 -0
  197. data/src/ruby/ext/grpc/extconf.rb +1 -0
  198. data/src/ruby/ext/grpc/rb_call.c +1 -1
  199. data/src/ruby/ext/grpc/rb_channel.c +1 -1
  200. data/src/ruby/lib/grpc/generic/bidi_call.rb +1 -1
  201. data/src/ruby/lib/grpc/generic/rpc_server.rb +1 -1
  202. data/src/ruby/lib/grpc/version.rb +1 -1
  203. data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
  204. data/third_party/boringssl/crypto/asn1/a_bool.c +18 -5
  205. data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +17 -221
  206. data/third_party/boringssl/crypto/asn1/a_dup.c +0 -24
  207. data/third_party/boringssl/crypto/asn1/a_enum.c +2 -2
  208. data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +10 -72
  209. data/third_party/boringssl/crypto/asn1/a_int.c +12 -71
  210. data/third_party/boringssl/crypto/asn1/a_mbstr.c +110 -216
  211. data/third_party/boringssl/crypto/asn1/a_object.c +16 -5
  212. data/third_party/boringssl/crypto/asn1/a_strnid.c +1 -0
  213. data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -1
  214. data/third_party/boringssl/crypto/asn1/tasn_enc.c +3 -1
  215. data/third_party/boringssl/crypto/base64/base64.c +2 -2
  216. data/third_party/boringssl/crypto/bio/bio.c +73 -9
  217. data/third_party/boringssl/crypto/bio/connect.c +4 -0
  218. data/third_party/boringssl/crypto/bio/fd.c +4 -0
  219. data/third_party/boringssl/crypto/bio/file.c +5 -2
  220. data/third_party/boringssl/crypto/bio/socket.c +4 -0
  221. data/third_party/boringssl/crypto/bio/socket_helper.c +4 -0
  222. data/third_party/boringssl/crypto/bn_extra/convert.c +11 -7
  223. data/third_party/boringssl/crypto/bytestring/ber.c +8 -4
  224. data/third_party/boringssl/crypto/bytestring/cbb.c +19 -7
  225. data/third_party/boringssl/crypto/bytestring/cbs.c +28 -15
  226. data/third_party/boringssl/crypto/bytestring/internal.h +28 -7
  227. data/third_party/boringssl/crypto/bytestring/unicode.c +155 -0
  228. data/third_party/boringssl/crypto/chacha/chacha.c +36 -19
  229. data/third_party/boringssl/crypto/chacha/internal.h +45 -0
  230. data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +29 -0
  231. data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +269 -25
  232. data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +16 -14
  233. data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +54 -38
  234. data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +133 -41
  235. data/third_party/boringssl/crypto/cipher_extra/e_tls.c +23 -15
  236. data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +24 -15
  237. data/third_party/boringssl/crypto/cmac/cmac.c +62 -25
  238. data/third_party/boringssl/crypto/conf/conf.c +7 -0
  239. data/third_party/boringssl/crypto/cpu-arm-linux.c +4 -148
  240. data/third_party/boringssl/crypto/cpu-arm-linux.h +201 -0
  241. data/third_party/boringssl/crypto/cpu-intel.c +45 -51
  242. data/third_party/boringssl/crypto/crypto.c +39 -22
  243. data/third_party/boringssl/crypto/curve25519/spake25519.c +1 -1
  244. data/third_party/boringssl/crypto/dsa/dsa.c +77 -53
  245. data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +20 -8
  246. data/third_party/boringssl/crypto/ec_extra/ec_derive.c +96 -0
  247. data/third_party/boringssl/crypto/{ecdh/ecdh.c → ecdh_extra/ecdh_extra.c} +20 -58
  248. data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -9
  249. data/third_party/boringssl/crypto/engine/engine.c +2 -1
  250. data/third_party/boringssl/crypto/err/err.c +2 -0
  251. data/third_party/boringssl/crypto/err/internal.h +2 -2
  252. data/third_party/boringssl/crypto/evp/evp.c +89 -8
  253. data/third_party/boringssl/crypto/evp/evp_asn1.c +56 -5
  254. data/third_party/boringssl/crypto/evp/evp_ctx.c +52 -14
  255. data/third_party/boringssl/crypto/evp/internal.h +18 -1
  256. data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +5 -0
  257. data/third_party/boringssl/crypto/evp/p_ec.c +51 -3
  258. data/third_party/boringssl/crypto/evp/p_ec_asn1.c +6 -7
  259. data/third_party/boringssl/crypto/evp/p_ed25519.c +36 -3
  260. data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +76 -45
  261. data/third_party/boringssl/crypto/evp/p_rsa.c +3 -1
  262. data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +5 -0
  263. data/third_party/boringssl/crypto/evp/p_x25519.c +110 -0
  264. data/third_party/boringssl/crypto/evp/p_x25519_asn1.c +249 -0
  265. data/third_party/boringssl/crypto/evp/scrypt.c +6 -2
  266. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +34 -274
  267. data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +161 -21
  268. data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +111 -13
  269. data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +17 -21
  270. data/third_party/boringssl/crypto/fipsmodule/bcm.c +119 -7
  271. data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +19 -2
  272. data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +2 -2
  273. data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +93 -160
  274. data/third_party/boringssl/crypto/fipsmodule/bn/div.c +48 -57
  275. data/third_party/boringssl/crypto/fipsmodule/bn/div_extra.c +87 -0
  276. data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +143 -211
  277. data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -305
  278. data/third_party/boringssl/crypto/fipsmodule/bn/gcd_extra.c +325 -0
  279. data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +168 -50
  280. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +68 -92
  281. data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +7 -6
  282. data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +11 -14
  283. data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +358 -443
  284. data/third_party/boringssl/crypto/fipsmodule/bn/random.c +25 -35
  285. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +20 -25
  286. data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +76 -5
  287. data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +14 -14
  288. data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +7 -2
  289. data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +383 -516
  290. data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +4 -0
  291. data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +3 -4
  292. data/third_party/boringssl/crypto/fipsmodule/delocate.h +3 -2
  293. data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +32 -17
  294. data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +3 -3
  295. data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +228 -122
  296. data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +34 -8
  297. data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +311 -98
  298. data/third_party/boringssl/crypto/fipsmodule/ec/felem.c +82 -0
  299. data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +263 -97
  300. data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +22 -59
  301. data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +317 -234
  302. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +9473 -9475
  303. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +313 -109
  304. data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +36 -0
  305. data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +96 -0
  306. data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +126 -792
  307. data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +84 -0
  308. data/third_party/boringssl/crypto/fipsmodule/ec/util.c +163 -12
  309. data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +84 -211
  310. data/third_party/boringssl/crypto/fipsmodule/ecdh/ecdh.c +122 -0
  311. data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +60 -205
  312. data/third_party/boringssl/crypto/fipsmodule/fips_shared_support.c +32 -0
  313. data/third_party/boringssl/crypto/fipsmodule/is_fips.c +2 -0
  314. data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +3 -1
  315. data/third_party/boringssl/crypto/fipsmodule/md5/internal.h +37 -0
  316. data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +11 -8
  317. data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +35 -79
  318. data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +7 -39
  319. data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +7 -27
  320. data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +123 -309
  321. data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +189 -126
  322. data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +3 -2
  323. data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +2 -2
  324. data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +35 -0
  325. data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +24 -19
  326. data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +256 -77
  327. data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +10 -7
  328. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +5 -1
  329. data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +131 -14
  330. data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +83 -10
  331. data/third_party/boringssl/crypto/fipsmodule/sha/internal.h +53 -0
  332. data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +9 -13
  333. data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +18 -12
  334. data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +95 -168
  335. data/third_party/boringssl/crypto/hrss/hrss.c +2201 -0
  336. data/third_party/boringssl/crypto/hrss/internal.h +62 -0
  337. data/third_party/boringssl/crypto/internal.h +95 -20
  338. data/third_party/boringssl/crypto/lhash/lhash.c +45 -33
  339. data/third_party/boringssl/crypto/mem.c +39 -2
  340. data/third_party/boringssl/crypto/obj/obj.c +4 -4
  341. data/third_party/boringssl/crypto/obj/obj_dat.h +6181 -875
  342. data/third_party/boringssl/crypto/pem/pem_all.c +2 -3
  343. data/third_party/boringssl/crypto/pem/pem_info.c +144 -162
  344. data/third_party/boringssl/crypto/pem/pem_lib.c +53 -52
  345. data/third_party/boringssl/crypto/pem/pem_pkey.c +13 -21
  346. data/third_party/boringssl/crypto/pkcs7/pkcs7.c +15 -22
  347. data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +168 -16
  348. data/third_party/boringssl/crypto/pkcs8/internal.h +11 -0
  349. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +24 -15
  350. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +42 -25
  351. data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +559 -43
  352. data/third_party/boringssl/crypto/pool/internal.h +1 -1
  353. data/third_party/boringssl/crypto/pool/pool.c +21 -0
  354. data/third_party/boringssl/crypto/rand_extra/deterministic.c +8 -0
  355. data/third_party/boringssl/crypto/rand_extra/fuchsia.c +1 -14
  356. data/third_party/boringssl/crypto/refcount_lock.c +2 -2
  357. data/third_party/boringssl/crypto/rsa_extra/rsa_print.c +22 -0
  358. data/third_party/boringssl/crypto/siphash/siphash.c +80 -0
  359. data/third_party/boringssl/crypto/stack/stack.c +83 -32
  360. data/third_party/boringssl/crypto/thread_none.c +2 -2
  361. data/third_party/boringssl/crypto/thread_pthread.c +2 -2
  362. data/third_party/boringssl/crypto/thread_win.c +38 -19
  363. data/third_party/boringssl/crypto/x509/a_strex.c +22 -2
  364. data/third_party/boringssl/crypto/x509/asn1_gen.c +2 -1
  365. data/third_party/boringssl/crypto/x509/by_dir.c +7 -0
  366. data/third_party/boringssl/crypto/x509/by_file.c +12 -10
  367. data/third_party/boringssl/crypto/x509/t_crl.c +5 -8
  368. data/third_party/boringssl/crypto/x509/t_req.c +1 -3
  369. data/third_party/boringssl/crypto/x509/t_x509.c +5 -8
  370. data/third_party/boringssl/crypto/x509/x509_cmp.c +1 -1
  371. data/third_party/boringssl/crypto/x509/x509_def.c +1 -1
  372. data/third_party/boringssl/crypto/x509/x509_lu.c +114 -5
  373. data/third_party/boringssl/crypto/x509/x509_req.c +20 -0
  374. data/third_party/boringssl/crypto/x509/x509_set.c +5 -0
  375. data/third_party/boringssl/crypto/x509/x509_trs.c +1 -0
  376. data/third_party/boringssl/crypto/x509/x509_txt.c +4 -5
  377. data/third_party/boringssl/crypto/x509/x509_vfy.c +145 -138
  378. data/third_party/boringssl/crypto/x509/x509_vpm.c +2 -0
  379. data/third_party/boringssl/crypto/x509/x509cset.c +40 -0
  380. data/third_party/boringssl/crypto/x509/x509name.c +2 -3
  381. data/third_party/boringssl/crypto/x509/x_all.c +109 -210
  382. data/third_party/boringssl/crypto/x509/x_x509.c +6 -0
  383. data/third_party/boringssl/crypto/x509v3/ext_dat.h +1 -3
  384. data/third_party/boringssl/crypto/x509v3/internal.h +56 -0
  385. data/third_party/boringssl/crypto/x509v3/pcy_cache.c +2 -0
  386. data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -0
  387. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +4 -2
  388. data/third_party/boringssl/crypto/x509v3/v3_akey.c +5 -2
  389. data/third_party/boringssl/crypto/x509v3/v3_alt.c +19 -13
  390. data/third_party/boringssl/crypto/x509v3/v3_conf.c +2 -1
  391. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +3 -2
  392. data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -6
  393. data/third_party/boringssl/crypto/x509v3/v3_lib.c +1 -0
  394. data/third_party/boringssl/crypto/x509v3/v3_ocsp.c +68 -0
  395. data/third_party/boringssl/crypto/x509v3/v3_pci.c +2 -1
  396. data/third_party/boringssl/crypto/x509v3/v3_purp.c +47 -69
  397. data/third_party/boringssl/crypto/x509v3/v3_skey.c +5 -2
  398. data/third_party/boringssl/crypto/x509v3/v3_utl.c +69 -25
  399. data/third_party/boringssl/include/openssl/aead.h +45 -19
  400. data/third_party/boringssl/include/openssl/aes.h +32 -7
  401. data/third_party/boringssl/include/openssl/asn1.h +7 -77
  402. data/third_party/boringssl/include/openssl/base.h +120 -6
  403. data/third_party/boringssl/include/openssl/base64.h +4 -1
  404. data/third_party/boringssl/include/openssl/bio.h +112 -81
  405. data/third_party/boringssl/include/openssl/blowfish.h +3 -3
  406. data/third_party/boringssl/include/openssl/bn.h +55 -29
  407. data/third_party/boringssl/include/openssl/buf.h +2 -2
  408. data/third_party/boringssl/include/openssl/bytestring.h +54 -32
  409. data/third_party/boringssl/include/openssl/cast.h +2 -2
  410. data/third_party/boringssl/include/openssl/cipher.h +46 -16
  411. data/third_party/boringssl/include/openssl/cmac.h +6 -2
  412. data/third_party/boringssl/include/openssl/conf.h +3 -6
  413. data/third_party/boringssl/include/openssl/cpu.h +25 -9
  414. data/third_party/boringssl/include/openssl/crypto.h +32 -10
  415. data/third_party/boringssl/include/openssl/curve25519.h +4 -4
  416. data/third_party/boringssl/include/openssl/dh.h +3 -2
  417. data/third_party/boringssl/include/openssl/digest.h +21 -7
  418. data/third_party/boringssl/include/openssl/dsa.h +8 -2
  419. data/third_party/boringssl/include/openssl/e_os2.h +18 -0
  420. data/third_party/boringssl/include/openssl/ec.h +25 -21
  421. data/third_party/boringssl/include/openssl/ec_key.h +36 -8
  422. data/third_party/boringssl/include/openssl/ecdh.h +17 -0
  423. data/third_party/boringssl/include/openssl/ecdsa.h +3 -3
  424. data/third_party/boringssl/include/openssl/engine.h +4 -4
  425. data/third_party/boringssl/include/openssl/err.h +3 -0
  426. data/third_party/boringssl/include/openssl/evp.h +199 -42
  427. data/third_party/boringssl/include/openssl/hmac.h +4 -4
  428. data/third_party/boringssl/include/openssl/hrss.h +100 -0
  429. data/third_party/boringssl/include/openssl/lhash.h +131 -23
  430. data/third_party/boringssl/include/openssl/md4.h +6 -4
  431. data/third_party/boringssl/include/openssl/md5.h +6 -4
  432. data/third_party/boringssl/include/openssl/mem.h +6 -2
  433. data/third_party/boringssl/include/openssl/nid.h +3 -0
  434. data/third_party/boringssl/include/openssl/obj.h +3 -0
  435. data/third_party/boringssl/include/openssl/pem.h +102 -64
  436. data/third_party/boringssl/include/openssl/pkcs7.h +136 -3
  437. data/third_party/boringssl/include/openssl/pkcs8.h +42 -3
  438. data/third_party/boringssl/include/openssl/pool.h +13 -2
  439. data/third_party/boringssl/include/openssl/ripemd.h +5 -4
  440. data/third_party/boringssl/include/openssl/rsa.h +46 -15
  441. data/third_party/boringssl/include/openssl/sha.h +40 -28
  442. data/third_party/boringssl/include/openssl/siphash.h +37 -0
  443. data/third_party/boringssl/include/openssl/span.h +17 -9
  444. data/third_party/boringssl/include/openssl/ssl.h +766 -393
  445. data/third_party/boringssl/include/openssl/ssl3.h +4 -3
  446. data/third_party/boringssl/include/openssl/stack.h +134 -77
  447. data/third_party/boringssl/include/openssl/thread.h +1 -1
  448. data/third_party/boringssl/include/openssl/tls1.h +25 -9
  449. data/third_party/boringssl/include/openssl/type_check.h +14 -15
  450. data/third_party/boringssl/include/openssl/x509.h +28 -3
  451. data/third_party/boringssl/include/openssl/x509_vfy.h +98 -32
  452. data/third_party/boringssl/include/openssl/x509v3.h +17 -13
  453. data/third_party/boringssl/ssl/d1_both.cc +9 -18
  454. data/third_party/boringssl/ssl/d1_lib.cc +4 -3
  455. data/third_party/boringssl/ssl/d1_pkt.cc +4 -4
  456. data/third_party/boringssl/ssl/d1_srtp.cc +15 -15
  457. data/third_party/boringssl/ssl/dtls_method.cc +0 -1
  458. data/third_party/boringssl/ssl/dtls_record.cc +28 -28
  459. data/third_party/boringssl/ssl/handoff.cc +295 -91
  460. data/third_party/boringssl/ssl/handshake.cc +133 -72
  461. data/third_party/boringssl/ssl/handshake_client.cc +218 -189
  462. data/third_party/boringssl/ssl/handshake_server.cc +399 -272
  463. data/third_party/boringssl/ssl/internal.h +1413 -928
  464. data/third_party/boringssl/ssl/s3_both.cc +175 -36
  465. data/third_party/boringssl/ssl/s3_lib.cc +9 -13
  466. data/third_party/boringssl/ssl/s3_pkt.cc +63 -29
  467. data/third_party/boringssl/ssl/ssl_aead_ctx.cc +55 -35
  468. data/third_party/boringssl/ssl/ssl_asn1.cc +57 -73
  469. data/third_party/boringssl/ssl/ssl_buffer.cc +13 -12
  470. data/third_party/boringssl/ssl/ssl_cert.cc +313 -210
  471. data/third_party/boringssl/ssl/ssl_cipher.cc +159 -221
  472. data/third_party/boringssl/ssl/ssl_file.cc +2 -0
  473. data/third_party/boringssl/ssl/ssl_key_share.cc +164 -19
  474. data/third_party/boringssl/ssl/ssl_lib.cc +847 -555
  475. data/third_party/boringssl/ssl/ssl_privkey.cc +441 -111
  476. data/third_party/boringssl/ssl/ssl_session.cc +230 -178
  477. data/third_party/boringssl/ssl/ssl_transcript.cc +21 -142
  478. data/third_party/boringssl/ssl/ssl_versions.cc +88 -93
  479. data/third_party/boringssl/ssl/ssl_x509.cc +279 -218
  480. data/third_party/boringssl/ssl/t1_enc.cc +5 -96
  481. data/third_party/boringssl/ssl/t1_lib.cc +931 -678
  482. data/third_party/boringssl/ssl/tls13_both.cc +251 -121
  483. data/third_party/boringssl/ssl/tls13_client.cc +129 -73
  484. data/third_party/boringssl/ssl/tls13_enc.cc +350 -282
  485. data/third_party/boringssl/ssl/tls13_server.cc +259 -192
  486. data/third_party/boringssl/ssl/tls_method.cc +26 -21
  487. data/third_party/boringssl/ssl/tls_record.cc +42 -47
  488. data/third_party/boringssl/third_party/fiat/curve25519.c +261 -1324
  489. data/third_party/boringssl/third_party/fiat/curve25519_32.h +911 -0
  490. data/third_party/boringssl/third_party/fiat/curve25519_64.h +559 -0
  491. data/third_party/boringssl/third_party/fiat/p256.c +238 -999
  492. data/third_party/boringssl/third_party/fiat/p256_32.h +3226 -0
  493. data/third_party/boringssl/third_party/fiat/p256_64.h +1217 -0
  494. data/third_party/upb/upb/port_def.inc +1 -1
  495. data/third_party/upb/upb/table.c +2 -1
  496. metadata +72 -44
  497. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_load_balancer_api.h +0 -127
  498. data/src/core/lib/gpr/mpscq.cc +0 -117
  499. data/src/core/lib/gpr/mpscq.h +0 -88
  500. data/src/core/lib/gprpp/abstract.h +0 -47
  501. data/src/core/lib/gprpp/pair.h +0 -38
  502. data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
  503. data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
  504. data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
  505. data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
@@ -30,7 +30,7 @@
30
30
  #include "internal.h"
31
31
 
32
32
 
33
- namespace bssl {
33
+ BSSL_NAMESPACE_BEGIN
34
34
 
35
35
  // kMaxKeyUpdates is the number of consecutive KeyUpdates that will be
36
36
  // processed. Without this limit an attacker could force unbounded processing
@@ -43,13 +43,15 @@ const uint8_t kHelloRetryRequest[SSL3_RANDOM_SIZE] = {
43
43
  0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c,
44
44
  };
45
45
 
46
- // This value was selected by truncating the SHA-256 hash of "Draft TLS 1.3
47
- // Downgrade" to 8 bytes:
48
- //
49
- // echo -n 'Draft TLS 1.3 Downgrade' | sha256sum | head -c 16
50
- const uint8_t kDraftDowngradeRandom[8] = {0x95, 0xb9, 0x9f, 0x87,
51
- 0x22, 0xfe, 0x9b, 0x64};
46
+ // See RFC 8446, section 4.1.3.
47
+ const uint8_t kTLS12DowngradeRandom[8] = {0x44, 0x4f, 0x57, 0x4e,
48
+ 0x47, 0x52, 0x44, 0x00};
49
+ const uint8_t kTLS13DowngradeRandom[8] = {0x44, 0x4f, 0x57, 0x4e,
50
+ 0x47, 0x52, 0x44, 0x01};
52
51
 
52
+ // This is a non-standard randomly-generated value.
53
+ const uint8_t kJDK11DowngradeRandom[8] = {0xed, 0xbf, 0xb4, 0xa8,
54
+ 0xc2, 0x47, 0x10, 0xff};
53
55
 
54
56
  bool tls13_get_cert_verify_signature_input(
55
57
  SSL_HANDSHAKE *hs, Array<uint8_t> *out,
@@ -102,28 +104,94 @@ bool tls13_get_cert_verify_signature_input(
102
104
  return true;
103
105
  }
104
106
 
105
- int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
106
- int allow_anonymous) {
107
+ bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
108
+ bool allow_anonymous) {
107
109
  SSL *const ssl = hs->ssl;
108
- CBS body = msg.body, context, certificate_list;
110
+ CBS body = msg.body;
111
+ bssl::UniquePtr<CRYPTO_BUFFER> decompressed;
112
+
113
+ if (msg.type == SSL3_MT_COMPRESSED_CERTIFICATE) {
114
+ CBS compressed;
115
+ uint16_t alg_id;
116
+ uint32_t uncompressed_len;
117
+
118
+ if (!CBS_get_u16(&body, &alg_id) ||
119
+ !CBS_get_u24(&body, &uncompressed_len) ||
120
+ !CBS_get_u24_length_prefixed(&body, &compressed) ||
121
+ CBS_len(&body) != 0) {
122
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
123
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
124
+ return false;
125
+ }
126
+
127
+ if (uncompressed_len > ssl->max_cert_list) {
128
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
129
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNCOMPRESSED_CERT_TOO_LARGE);
130
+ ERR_add_error_dataf("requested=%u",
131
+ static_cast<unsigned>(uncompressed_len));
132
+ return false;
133
+ }
134
+
135
+ ssl_cert_decompression_func_t decompress = nullptr;
136
+ for (const auto &alg : ssl->ctx->cert_compression_algs) {
137
+ if (alg.alg_id == alg_id) {
138
+ decompress = alg.decompress;
139
+ break;
140
+ }
141
+ }
142
+
143
+ if (decompress == nullptr) {
144
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
145
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERT_COMPRESSION_ALG);
146
+ ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
147
+ return false;
148
+ }
149
+
150
+ CRYPTO_BUFFER *decompressed_ptr = nullptr;
151
+ if (!decompress(ssl, &decompressed_ptr, uncompressed_len,
152
+ CBS_data(&compressed), CBS_len(&compressed))) {
153
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
154
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_DECOMPRESSION_FAILED);
155
+ ERR_add_error_dataf("alg=%d", static_cast<int>(alg_id));
156
+ return false;
157
+ }
158
+ decompressed.reset(decompressed_ptr);
159
+
160
+ if (CRYPTO_BUFFER_len(decompressed_ptr) != uncompressed_len) {
161
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
162
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_DECOMPRESSION_FAILED);
163
+ ERR_add_error_dataf(
164
+ "alg=%d got=%u expected=%u", static_cast<int>(alg_id),
165
+ static_cast<unsigned>(CRYPTO_BUFFER_len(decompressed_ptr)),
166
+ static_cast<unsigned>(uncompressed_len));
167
+ return false;
168
+ }
169
+
170
+ CBS_init(&body, CRYPTO_BUFFER_data(decompressed_ptr),
171
+ CRYPTO_BUFFER_len(decompressed_ptr));
172
+ } else {
173
+ assert(msg.type == SSL3_MT_CERTIFICATE);
174
+ }
175
+
176
+ CBS context, certificate_list;
109
177
  if (!CBS_get_u8_length_prefixed(&body, &context) ||
110
178
  CBS_len(&context) != 0 ||
111
179
  !CBS_get_u24_length_prefixed(&body, &certificate_list) ||
112
180
  CBS_len(&body) != 0) {
113
181
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
114
182
  OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
115
- return 0;
183
+ return false;
116
184
  }
117
185
 
118
186
  UniquePtr<STACK_OF(CRYPTO_BUFFER)> certs(sk_CRYPTO_BUFFER_new_null());
119
187
  if (!certs) {
120
188
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
121
189
  OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
122
- return 0;
190
+ return false;
123
191
  }
124
192
 
125
193
  const bool retain_sha256 =
126
- ssl->server && ssl->retain_only_sha256_of_client_certs;
194
+ ssl->server && hs->config->retain_only_sha256_of_client_certs;
127
195
  UniquePtr<EVP_PKEY> pkey;
128
196
  while (CBS_len(&certificate_list) > 0) {
129
197
  CBS certificate, extensions;
@@ -132,7 +200,7 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
132
200
  CBS_len(&certificate) == 0) {
133
201
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
134
202
  OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_LENGTH_MISMATCH);
135
- return 0;
203
+ return false;
136
204
  }
137
205
 
138
206
  if (sk_CRYPTO_BUFFER_num(certs.get()) == 0) {
@@ -140,13 +208,14 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
140
208
  if (!pkey) {
141
209
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
142
210
  OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
143
- return 0;
211
+ return false;
144
212
  }
145
213
  // TLS 1.3 always uses certificate keys for signing thus the correct
146
214
  // keyUsage is enforced.
147
- if (!ssl_cert_check_digital_signature_key_usage(&certificate)) {
215
+ if (!ssl_cert_check_key_usage(&certificate,
216
+ key_usage_digital_signature)) {
148
217
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
149
- return 0;
218
+ return false;
150
219
  }
151
220
 
152
221
  if (retain_sha256) {
@@ -162,7 +231,7 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
162
231
  !PushToStack(certs.get(), std::move(buf))) {
163
232
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
164
233
  OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
165
- return 0;
234
+ return false;
166
235
  }
167
236
 
168
237
  // Parse out the extensions.
@@ -178,16 +247,16 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
178
247
  OPENSSL_ARRAY_SIZE(ext_types),
179
248
  0 /* reject unknown */)) {
180
249
  ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
181
- return 0;
250
+ return false;
182
251
  }
183
252
 
184
253
  // All Certificate extensions are parsed, but only the leaf extensions are
185
254
  // stored.
186
255
  if (have_status_request) {
187
- if (ssl->server || !ssl->ocsp_stapling_enabled) {
256
+ if (ssl->server || !hs->config->ocsp_stapling_enabled) {
188
257
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
189
258
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
190
- return 0;
259
+ return false;
191
260
  }
192
261
 
193
262
  uint8_t status_type;
@@ -198,40 +267,38 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
198
267
  CBS_len(&ocsp_response) == 0 ||
199
268
  CBS_len(&status_request) != 0) {
200
269
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
201
- return 0;
270
+ return false;
202
271
  }
203
272
 
204
273
  if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
205
- CRYPTO_BUFFER_free(hs->new_session->ocsp_response);
206
- hs->new_session->ocsp_response =
207
- CRYPTO_BUFFER_new_from_CBS(&ocsp_response, ssl->ctx->pool);
274
+ hs->new_session->ocsp_response.reset(
275
+ CRYPTO_BUFFER_new_from_CBS(&ocsp_response, ssl->ctx->pool));
208
276
  if (hs->new_session->ocsp_response == nullptr) {
209
277
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
210
- return 0;
278
+ return false;
211
279
  }
212
280
  }
213
281
  }
214
282
 
215
283
  if (have_sct) {
216
- if (ssl->server || !ssl->signed_cert_timestamps_enabled) {
284
+ if (ssl->server || !hs->config->signed_cert_timestamps_enabled) {
217
285
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
218
286
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNSUPPORTED_EXTENSION);
219
- return 0;
287
+ return false;
220
288
  }
221
289
 
222
290
  if (!ssl_is_sct_list_valid(&sct)) {
223
291
  OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
224
292
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
225
- return 0;
293
+ return false;
226
294
  }
227
295
 
228
296
  if (sk_CRYPTO_BUFFER_num(certs.get()) == 1) {
229
- CRYPTO_BUFFER_free(hs->new_session->signed_cert_timestamp_list);
230
- hs->new_session->signed_cert_timestamp_list =
231
- CRYPTO_BUFFER_new_from_CBS(&sct, ssl->ctx->pool);
297
+ hs->new_session->signed_cert_timestamp_list.reset(
298
+ CRYPTO_BUFFER_new_from_CBS(&sct, ssl->ctx->pool));
232
299
  if (hs->new_session->signed_cert_timestamp_list == nullptr) {
233
300
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
234
- return 0;
301
+ return false;
235
302
  }
236
303
  }
237
304
  }
@@ -244,21 +311,19 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
244
311
  }
245
312
 
246
313
  hs->peer_pubkey = std::move(pkey);
247
-
248
- sk_CRYPTO_BUFFER_pop_free(hs->new_session->certs, CRYPTO_BUFFER_free);
249
- hs->new_session->certs = certs.release();
314
+ hs->new_session->certs = std::move(certs);
250
315
 
251
316
  if (!ssl->ctx->x509_method->session_cache_objects(hs->new_session.get())) {
252
317
  OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
253
318
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
254
- return 0;
319
+ return false;
255
320
  }
256
321
 
257
- if (sk_CRYPTO_BUFFER_num(hs->new_session->certs) == 0) {
322
+ if (sk_CRYPTO_BUFFER_num(hs->new_session->certs.get()) == 0) {
258
323
  if (!allow_anonymous) {
259
324
  OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
260
325
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_CERTIFICATE_REQUIRED);
261
- return 0;
326
+ return false;
262
327
  }
263
328
 
264
329
  // OpenSSL returns X509_V_OK when no certificates are requested. This is
@@ -266,18 +331,18 @@ int tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
266
331
  hs->new_session->verify_result = X509_V_OK;
267
332
 
268
333
  // No certificate, so nothing more to do.
269
- return 1;
334
+ return true;
270
335
  }
271
336
 
272
337
  hs->new_session->peer_sha256_valid = retain_sha256;
273
- return 1;
338
+ return true;
274
339
  }
275
340
 
276
- int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
341
+ bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
277
342
  SSL *const ssl = hs->ssl;
278
343
  if (hs->peer_pubkey == NULL) {
279
344
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
280
- return 0;
345
+ return false;
281
346
  }
282
347
 
283
348
  CBS body = msg.body, signature;
@@ -287,13 +352,13 @@ int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
287
352
  CBS_len(&body) != 0) {
288
353
  OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
289
354
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
290
- return 0;
355
+ return false;
291
356
  }
292
357
 
293
358
  uint8_t alert = SSL_AD_DECODE_ERROR;
294
359
  if (!tls12_check_peer_sigalg(ssl, &alert, signature_algorithm)) {
295
360
  ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
296
- return 0;
361
+ return false;
297
362
  }
298
363
  hs->new_session->peer_signature_algorithm = signature_algorithm;
299
364
 
@@ -302,131 +367,189 @@ int tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
302
367
  hs, &input,
303
368
  ssl->server ? ssl_cert_verify_client : ssl_cert_verify_server)) {
304
369
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
305
- return 0;
370
+ return false;
306
371
  }
307
372
 
308
- bool sig_ok = ssl_public_key_verify(ssl, signature, signature_algorithm,
309
- hs->peer_pubkey.get(), input);
310
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
311
- sig_ok = true;
312
- ERR_clear_error();
313
- #endif
314
- if (!sig_ok) {
373
+ if (!ssl_public_key_verify(ssl, signature, signature_algorithm,
374
+ hs->peer_pubkey.get(), input)) {
315
375
  OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
316
376
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
317
- return 0;
377
+ return false;
318
378
  }
319
379
 
320
- return 1;
380
+ return true;
321
381
  }
322
382
 
323
- int tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
324
- int use_saved_value) {
383
+ bool tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
384
+ bool use_saved_value) {
325
385
  SSL *const ssl = hs->ssl;
326
386
  uint8_t verify_data_buf[EVP_MAX_MD_SIZE];
327
- const uint8_t *verify_data;
328
- size_t verify_data_len;
387
+ Span<const uint8_t> verify_data;
329
388
  if (use_saved_value) {
330
389
  assert(ssl->server);
331
- verify_data = hs->expected_client_finished;
332
- verify_data_len = hs->hash_len;
390
+ verify_data = hs->expected_client_finished();
333
391
  } else {
334
- if (!tls13_finished_mac(hs, verify_data_buf, &verify_data_len,
335
- !ssl->server)) {
336
- return 0;
392
+ size_t len;
393
+ if (!tls13_finished_mac(hs, verify_data_buf, &len, !ssl->server)) {
394
+ return false;
337
395
  }
338
- verify_data = verify_data_buf;
396
+ verify_data = MakeConstSpan(verify_data_buf, len);
339
397
  }
340
398
 
341
- int finished_ok = CBS_mem_equal(&msg.body, verify_data, verify_data_len);
399
+ bool finished_ok =
400
+ CBS_mem_equal(&msg.body, verify_data.data(), verify_data.size());
342
401
  #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
343
- finished_ok = 1;
402
+ finished_ok = true;
344
403
  #endif
345
404
  if (!finished_ok) {
346
405
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
347
406
  OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
348
- return 0;
407
+ return false;
349
408
  }
350
409
 
351
- return 1;
410
+ return true;
352
411
  }
353
412
 
354
- int tls13_add_certificate(SSL_HANDSHAKE *hs) {
413
+ bool tls13_add_certificate(SSL_HANDSHAKE *hs) {
355
414
  SSL *const ssl = hs->ssl;
415
+ CERT *const cert = hs->config->cert.get();
416
+ DC *const dc = cert->dc.get();
417
+
356
418
  ScopedCBB cbb;
357
- CBB body, certificate_list;
358
- if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_CERTIFICATE) ||
359
- // The request context is always empty in the handshake.
360
- !CBB_add_u8(&body, 0) ||
361
- !CBB_add_u24_length_prefixed(&body, &certificate_list)) {
419
+ CBB *body, body_storage, certificate_list;
420
+
421
+ if (hs->cert_compression_negotiated) {
422
+ if (!CBB_init(cbb.get(), 1024)) {
423
+ return false;
424
+ }
425
+ body = cbb.get();
426
+ } else {
427
+ body = &body_storage;
428
+ if (!ssl->method->init_message(ssl, cbb.get(), body, SSL3_MT_CERTIFICATE)) {
429
+ return false;
430
+ }
431
+ }
432
+
433
+ if (// The request context is always empty in the handshake.
434
+ !CBB_add_u8(body, 0) ||
435
+ !CBB_add_u24_length_prefixed(body, &certificate_list)) {
362
436
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
363
- return 0;
437
+ return false;
364
438
  }
365
439
 
366
- if (!ssl_has_certificate(ssl)) {
440
+ if (!ssl_has_certificate(hs)) {
367
441
  return ssl_add_message_cbb(ssl, cbb.get());
368
442
  }
369
443
 
370
- CERT *cert = ssl->cert;
371
- CRYPTO_BUFFER *leaf_buf = sk_CRYPTO_BUFFER_value(cert->chain, 0);
444
+ CRYPTO_BUFFER *leaf_buf = sk_CRYPTO_BUFFER_value(cert->chain.get(), 0);
372
445
  CBB leaf, extensions;
373
446
  if (!CBB_add_u24_length_prefixed(&certificate_list, &leaf) ||
374
447
  !CBB_add_bytes(&leaf, CRYPTO_BUFFER_data(leaf_buf),
375
448
  CRYPTO_BUFFER_len(leaf_buf)) ||
376
449
  !CBB_add_u16_length_prefixed(&certificate_list, &extensions)) {
377
450
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
378
- return 0;
451
+ return false;
379
452
  }
380
453
 
381
- if (hs->scts_requested && ssl->cert->signed_cert_timestamp_list != NULL) {
454
+ if (hs->scts_requested && cert->signed_cert_timestamp_list != nullptr) {
382
455
  CBB contents;
383
456
  if (!CBB_add_u16(&extensions, TLSEXT_TYPE_certificate_timestamp) ||
384
457
  !CBB_add_u16_length_prefixed(&extensions, &contents) ||
385
458
  !CBB_add_bytes(
386
459
  &contents,
387
- CRYPTO_BUFFER_data(ssl->cert->signed_cert_timestamp_list),
388
- CRYPTO_BUFFER_len(ssl->cert->signed_cert_timestamp_list)) ||
460
+ CRYPTO_BUFFER_data(cert->signed_cert_timestamp_list.get()),
461
+ CRYPTO_BUFFER_len(cert->signed_cert_timestamp_list.get())) ||
389
462
  !CBB_flush(&extensions)) {
390
463
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
391
- return 0;
464
+ return false;
392
465
  }
393
466
  }
394
467
 
395
- if (hs->ocsp_stapling_requested &&
396
- ssl->cert->ocsp_response != NULL) {
468
+ if (hs->ocsp_stapling_requested && cert->ocsp_response != NULL) {
397
469
  CBB contents, ocsp_response;
398
470
  if (!CBB_add_u16(&extensions, TLSEXT_TYPE_status_request) ||
399
471
  !CBB_add_u16_length_prefixed(&extensions, &contents) ||
400
472
  !CBB_add_u8(&contents, TLSEXT_STATUSTYPE_ocsp) ||
401
473
  !CBB_add_u24_length_prefixed(&contents, &ocsp_response) ||
402
474
  !CBB_add_bytes(&ocsp_response,
403
- CRYPTO_BUFFER_data(ssl->cert->ocsp_response),
404
- CRYPTO_BUFFER_len(ssl->cert->ocsp_response)) ||
475
+ CRYPTO_BUFFER_data(cert->ocsp_response.get()),
476
+ CRYPTO_BUFFER_len(cert->ocsp_response.get())) ||
477
+ !CBB_flush(&extensions)) {
478
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
479
+ return false;
480
+ }
481
+ }
482
+
483
+ if (ssl_signing_with_dc(hs)) {
484
+ const CRYPTO_BUFFER *raw = dc->raw.get();
485
+ CBB child;
486
+ if (!CBB_add_u16(&extensions, TLSEXT_TYPE_delegated_credential) ||
487
+ !CBB_add_u16_length_prefixed(&extensions, &child) ||
488
+ !CBB_add_bytes(&child, CRYPTO_BUFFER_data(raw),
489
+ CRYPTO_BUFFER_len(raw)) ||
405
490
  !CBB_flush(&extensions)) {
406
491
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
407
492
  return 0;
408
493
  }
494
+ ssl->s3->delegated_credential_used = true;
409
495
  }
410
496
 
411
- for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain); i++) {
412
- CRYPTO_BUFFER *cert_buf = sk_CRYPTO_BUFFER_value(cert->chain, i);
497
+ for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cert->chain.get()); i++) {
498
+ CRYPTO_BUFFER *cert_buf = sk_CRYPTO_BUFFER_value(cert->chain.get(), i);
413
499
  CBB child;
414
500
  if (!CBB_add_u24_length_prefixed(&certificate_list, &child) ||
415
501
  !CBB_add_bytes(&child, CRYPTO_BUFFER_data(cert_buf),
416
502
  CRYPTO_BUFFER_len(cert_buf)) ||
417
503
  !CBB_add_u16(&certificate_list, 0 /* no extensions */)) {
418
504
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
419
- return 0;
505
+ return false;
506
+ }
507
+ }
508
+
509
+ if (!hs->cert_compression_negotiated) {
510
+ return ssl_add_message_cbb(ssl, cbb.get());
511
+ }
512
+
513
+ Array<uint8_t> msg;
514
+ if (!CBBFinishArray(cbb.get(), &msg)) {
515
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
516
+ return false;
517
+ }
518
+
519
+ const CertCompressionAlg *alg = nullptr;
520
+ for (const auto &candidate : ssl->ctx->cert_compression_algs) {
521
+ if (candidate.alg_id == hs->cert_compression_alg_id) {
522
+ alg = &candidate;
523
+ break;
420
524
  }
421
525
  }
422
526
 
423
- return ssl_add_message_cbb(ssl, cbb.get());
527
+ if (alg == nullptr || alg->compress == nullptr) {
528
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
529
+ return false;
530
+ }
531
+
532
+ CBB compressed;
533
+ body = &body_storage;
534
+ if (!ssl->method->init_message(ssl, cbb.get(), body,
535
+ SSL3_MT_COMPRESSED_CERTIFICATE) ||
536
+ !CBB_add_u16(body, hs->cert_compression_alg_id) ||
537
+ !CBB_add_u24(body, msg.size()) ||
538
+ !CBB_add_u24_length_prefixed(body, &compressed) ||
539
+ !alg->compress(ssl, &compressed, msg.data(), msg.size()) ||
540
+ !ssl_add_message_cbb(ssl, cbb.get())) {
541
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
542
+ return false;
543
+ }
544
+
545
+ return true;
424
546
  }
425
547
 
426
548
  enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
427
549
  SSL *const ssl = hs->ssl;
428
550
  uint16_t signature_algorithm;
429
551
  if (!tls1_choose_signature_algorithm(hs, &signature_algorithm)) {
552
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
430
553
  return ssl_private_key_failure;
431
554
  }
432
555
 
@@ -472,7 +595,7 @@ enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs) {
472
595
  return ssl_private_key_success;
473
596
  }
474
597
 
475
- int tls13_add_finished(SSL_HANDSHAKE *hs) {
598
+ bool tls13_add_finished(SSL_HANDSHAKE *hs) {
476
599
  SSL *const ssl = hs->ssl;
477
600
  size_t verify_data_len;
478
601
  uint8_t verify_data[EVP_MAX_MD_SIZE];
@@ -480,7 +603,7 @@ int tls13_add_finished(SSL_HANDSHAKE *hs) {
480
603
  if (!tls13_finished_mac(hs, verify_data, &verify_data_len, ssl->server)) {
481
604
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
482
605
  OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
483
- return 0;
606
+ return false;
484
607
  }
485
608
 
486
609
  ScopedCBB cbb;
@@ -488,13 +611,32 @@ int tls13_add_finished(SSL_HANDSHAKE *hs) {
488
611
  if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_FINISHED) ||
489
612
  !CBB_add_bytes(&body, verify_data, verify_data_len) ||
490
613
  !ssl_add_message_cbb(ssl, cbb.get())) {
491
- return 0;
614
+ return false;
492
615
  }
493
616
 
494
- return 1;
617
+ return true;
495
618
  }
496
619
 
497
- static int tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
620
+ bool tls13_add_key_update(SSL *ssl, int update_requested) {
621
+ ScopedCBB cbb;
622
+ CBB body_cbb;
623
+ if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
624
+ SSL3_MT_KEY_UPDATE) ||
625
+ !CBB_add_u8(&body_cbb, update_requested) ||
626
+ !ssl_add_message_cbb(ssl, cbb.get()) ||
627
+ !tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
628
+ return false;
629
+ }
630
+
631
+ // Suppress KeyUpdate acknowledgments until this change is written to the
632
+ // wire. This prevents us from accumulating write obligations when read and
633
+ // write progress at different rates. See RFC 8446, section 4.6.3.
634
+ ssl->s3->key_update_pending = true;
635
+
636
+ return true;
637
+ }
638
+
639
+ static bool tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
498
640
  CBS body = msg.body;
499
641
  uint8_t key_update_request;
500
642
  if (!CBS_get_u8(&body, &key_update_request) ||
@@ -503,43 +645,31 @@ static int tls13_receive_key_update(SSL *ssl, const SSLMessage &msg) {
503
645
  key_update_request != SSL_KEY_UPDATE_REQUESTED)) {
504
646
  OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
505
647
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
506
- return 0;
648
+ return false;
507
649
  }
508
650
 
509
651
  if (!tls13_rotate_traffic_key(ssl, evp_aead_open)) {
510
- return 0;
652
+ return false;
511
653
  }
512
654
 
513
655
  // Acknowledge the KeyUpdate
514
656
  if (key_update_request == SSL_KEY_UPDATE_REQUESTED &&
515
- !ssl->s3->key_update_pending) {
516
- ScopedCBB cbb;
517
- CBB body_cbb;
518
- if (!ssl->method->init_message(ssl, cbb.get(), &body_cbb,
519
- SSL3_MT_KEY_UPDATE) ||
520
- !CBB_add_u8(&body_cbb, SSL_KEY_UPDATE_NOT_REQUESTED) ||
521
- !ssl_add_message_cbb(ssl, cbb.get()) ||
522
- !tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
523
- return 0;
524
- }
525
-
526
- // Suppress KeyUpdate acknowledgments until this change is written to the
527
- // wire. This prevents us from accumulating write obligations when read and
528
- // write progress at different rates. See draft-ietf-tls-tls13-18, section
529
- // 4.5.3.
530
- ssl->s3->key_update_pending = true;
657
+ !ssl->s3->key_update_pending &&
658
+ !tls13_add_key_update(ssl, SSL_KEY_UPDATE_NOT_REQUESTED)) {
659
+ return false;
531
660
  }
532
661
 
533
- return 1;
662
+ return true;
534
663
  }
535
664
 
536
- int tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
665
+ bool tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
537
666
  if (msg.type == SSL3_MT_KEY_UPDATE) {
538
667
  ssl->s3->key_update_count++;
539
- if (ssl->s3->key_update_count > kMaxKeyUpdates) {
668
+ if (ssl->quic_method != nullptr ||
669
+ ssl->s3->key_update_count > kMaxKeyUpdates) {
540
670
  OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MANY_KEY_UPDATES);
541
671
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
542
- return 0;
672
+ return false;
543
673
  }
544
674
 
545
675
  return tls13_receive_key_update(ssl, msg);
@@ -553,7 +683,7 @@ int tls13_post_handshake(SSL *ssl, const SSLMessage &msg) {
553
683
 
554
684
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
555
685
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
556
- return 0;
686
+ return false;
557
687
  }
558
688
 
559
- } // namespace bssl
689
+ BSSL_NAMESPACE_END