grpc 1.26.0 → 1.28.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (829) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1699 -1482
  3. data/etc/roots.pem +44 -0
  4. data/include/grpc/grpc_security.h +37 -15
  5. data/include/grpc/grpc_security_constants.h +27 -0
  6. data/include/grpc/impl/codegen/grpc_types.h +19 -0
  7. data/include/grpc/impl/codegen/port_platform.h +8 -1
  8. data/include/grpc/impl/codegen/sync.h +5 -3
  9. data/include/grpc/impl/codegen/sync_abseil.h +36 -0
  10. data/include/grpc/module.modulemap +3 -0
  11. data/{src/core/lib/json/json_common.h → include/grpc/support/sync_abseil.h} +7 -15
  12. data/src/core/ext/filters/client_channel/client_channel.cc +74 -32
  13. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +31 -47
  14. data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -3
  15. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
  16. data/src/core/ext/filters/client_channel/http_proxy.cc +8 -5
  17. data/src/core/ext/filters/client_channel/lb_policy.cc +4 -3
  18. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +291 -0
  19. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +83 -0
  20. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +224 -367
  21. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +88 -121
  22. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +28 -57
  23. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +18 -21
  24. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +9 -13
  25. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +85 -83
  26. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +623 -767
  27. data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -3
  28. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +43 -75
  29. data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
  30. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +57 -70
  31. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +1 -1
  32. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -1
  33. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +1 -1
  34. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +3 -3
  35. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -2
  36. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
  37. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +3 -3
  38. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +31 -7
  39. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +228 -286
  40. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +2 -2
  41. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +37 -176
  42. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +7 -11
  43. data/src/core/ext/filters/client_channel/service_config.cc +91 -160
  44. data/src/core/ext/filters/client_channel/service_config.h +14 -21
  45. data/src/core/ext/filters/client_channel/xds/xds_api.cc +1426 -229
  46. data/src/core/ext/filters/client_channel/xds/xds_api.h +214 -115
  47. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +236 -339
  48. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +32 -45
  49. data/src/core/ext/filters/client_channel/xds/xds_channel.h +3 -1
  50. data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +14 -9
  51. data/src/core/ext/filters/client_channel/xds/xds_client.cc +986 -252
  52. data/src/core/ext/filters/client_channel/xds/xds_client.h +84 -36
  53. data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +53 -131
  54. data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +119 -152
  55. data/src/core/ext/filters/message_size/message_size_filter.cc +32 -35
  56. data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
  57. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +3 -6
  58. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +6 -8
  59. data/src/core/ext/transport/chttp2/transport/writing.cc +1 -1
  60. data/src/core/ext/transport/inproc/inproc_transport.cc +22 -42
  61. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
  62. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
  63. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
  64. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +54 -0
  65. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +46 -21
  66. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +116 -29
  67. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +4 -362
  68. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +14 -1337
  69. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +390 -0
  70. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +1411 -0
  71. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +29 -8
  72. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +60 -0
  73. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
  74. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
  75. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +5 -3
  76. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +6 -2
  77. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +48 -5
  78. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +154 -4
  79. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +19 -15
  80. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +46 -32
  81. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +26 -4
  82. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +70 -0
  83. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +42 -25
  84. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +83 -25
  85. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
  86. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +43 -7
  87. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +115 -0
  88. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
  89. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +7 -68
  90. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +14 -201
  91. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +91 -0
  92. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +240 -0
  93. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -71
  94. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +3 -228
  95. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +88 -0
  96. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +258 -0
  97. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
  98. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +30 -0
  99. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +53 -0
  100. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +104 -0
  101. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +383 -0
  102. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +17 -0
  103. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +33 -0
  104. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +144 -0
  105. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +527 -0
  106. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +42 -0
  107. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +112 -0
  108. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +29 -0
  109. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +53 -0
  110. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +62 -0
  111. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +199 -0
  112. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +17 -0
  113. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +33 -0
  114. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +793 -0
  115. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +2936 -0
  116. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +58 -0
  117. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +134 -0
  118. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +27 -0
  119. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +53 -0
  120. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +227 -0
  121. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +725 -0
  122. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +296 -0
  123. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +1072 -0
  124. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +32 -0
  125. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +65 -0
  126. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +47 -0
  127. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +108 -0
  128. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +52 -0
  129. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +133 -0
  130. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +87 -0
  131. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +258 -0
  132. data/src/core/ext/upb-generated/envoy/type/range.upb.c +11 -0
  133. data/src/core/ext/upb-generated/envoy/type/range.upb.h +27 -0
  134. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +28 -0
  135. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +62 -0
  136. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +88 -0
  137. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +249 -0
  138. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +30 -27
  139. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +64 -52
  140. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +13 -5
  141. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +34 -0
  142. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
  143. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +104 -0
  144. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
  145. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
  146. data/src/core/ext/upb-generated/validate/validate.upb.c +38 -34
  147. data/src/core/ext/upb-generated/validate/validate.upb.h +129 -99
  148. data/src/core/lib/channel/channel_trace.cc +32 -41
  149. data/src/core/lib/channel/channel_trace.h +3 -3
  150. data/src/core/lib/channel/channelz.cc +158 -248
  151. data/src/core/lib/channel/channelz.h +17 -10
  152. data/src/core/lib/channel/channelz_registry.cc +47 -74
  153. data/src/core/lib/channel/channelz_registry.h +4 -4
  154. data/src/core/lib/gpr/sync_abseil.cc +114 -0
  155. data/src/core/lib/gpr/sync_posix.cc +8 -5
  156. data/src/core/lib/gpr/sync_windows.cc +4 -2
  157. data/src/core/lib/gpr/time_precise.cc +1 -1
  158. data/src/core/lib/gprpp/host_port.cc +1 -1
  159. data/src/core/lib/gprpp/inlined_vector.h +1 -210
  160. data/src/core/lib/gprpp/memory.h +2 -6
  161. data/src/core/lib/gprpp/optional.h +6 -21
  162. data/src/core/lib/gprpp/string_view.h +5 -110
  163. data/src/core/lib/gprpp/sync.h +9 -0
  164. data/src/core/lib/iomgr/buffer_list.cc +36 -35
  165. data/src/core/lib/iomgr/error.h +4 -4
  166. data/src/core/lib/iomgr/ev_epollex_linux.cc +12 -4
  167. data/src/core/lib/iomgr/executor.cc +1 -1
  168. data/src/core/lib/iomgr/fork_posix.cc +4 -0
  169. data/src/core/lib/iomgr/load_file.cc +1 -0
  170. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +87 -0
  171. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +88 -0
  172. data/src/core/lib/iomgr/socket_utils_common_posix.cc +14 -0
  173. data/src/core/lib/iomgr/socket_utils_posix.h +12 -0
  174. data/src/core/lib/iomgr/tcp_client_posix.cc +17 -17
  175. data/src/core/lib/iomgr/tcp_client_posix.h +6 -6
  176. data/src/core/lib/iomgr/tcp_custom.h +3 -0
  177. data/src/core/lib/iomgr/tcp_posix.cc +608 -56
  178. data/src/core/lib/iomgr/tcp_server_custom.cc +15 -2
  179. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +8 -0
  180. data/src/core/lib/iomgr/work_serializer.cc +155 -0
  181. data/src/core/lib/iomgr/work_serializer.h +65 -0
  182. data/src/core/lib/json/json.h +208 -68
  183. data/src/core/lib/json/json_reader.cc +511 -319
  184. data/src/core/lib/json/json_writer.cc +201 -110
  185. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  186. data/src/core/lib/security/credentials/composite/composite_credentials.cc +7 -0
  187. data/src/core/lib/security/credentials/composite/composite_credentials.h +5 -1
  188. data/src/core/lib/security/credentials/credentials.h +10 -1
  189. data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -1
  190. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +10 -8
  191. data/src/core/lib/security/credentials/jwt/json_token.cc +26 -56
  192. data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
  193. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +8 -18
  194. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +149 -159
  195. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
  196. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +38 -35
  197. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  198. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -4
  199. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -1
  200. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +20 -0
  201. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +9 -0
  202. data/src/core/lib/security/credentials/tls/{spiffe_credentials.cc → tls_credentials.cc} +23 -24
  203. data/src/core/lib/security/credentials/tls/{spiffe_credentials.h → tls_credentials.h} +9 -9
  204. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +13 -0
  205. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +22 -2
  206. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +2 -2
  207. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -2
  208. data/src/core/lib/security/security_connector/local/local_security_connector.cc +31 -6
  209. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +3 -15
  210. data/src/core/lib/security/security_connector/ssl_utils.cc +48 -4
  211. data/src/core/lib/security/security_connector/ssl_utils.h +12 -1
  212. data/src/core/lib/security/security_connector/tls/{spiffe_security_connector.cc → tls_security_connector.cc} +106 -70
  213. data/src/core/lib/security/security_connector/tls/{spiffe_security_connector.h → tls_security_connector.h} +22 -19
  214. data/src/core/lib/security/transport/client_auth_filter.cc +33 -0
  215. data/src/core/lib/security/transport/security_handshaker.cc +2 -2
  216. data/src/core/lib/security/util/json_util.cc +22 -15
  217. data/src/core/lib/security/util/json_util.h +2 -2
  218. data/src/core/lib/surface/completion_queue.cc +22 -1
  219. data/src/core/lib/surface/version.cc +1 -1
  220. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  221. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +12 -2
  222. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
  223. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +3 -3
  224. data/src/core/tsi/fake_transport_security.cc +7 -3
  225. data/src/core/tsi/fake_transport_security.h +2 -0
  226. data/src/core/tsi/grpc_shadow_boringssl.h +1333 -1319
  227. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  228. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -1
  229. data/src/core/tsi/ssl_transport_security.cc +145 -8
  230. data/src/core/tsi/ssl_transport_security.h +15 -1
  231. data/src/core/tsi/transport_security.cc +13 -0
  232. data/src/core/tsi/transport_security_grpc.cc +2 -2
  233. data/src/core/tsi/transport_security_grpc.h +2 -2
  234. data/src/core/tsi/transport_security_interface.h +12 -0
  235. data/src/ruby/bin/math_pb.rb +5 -5
  236. data/src/ruby/ext/grpc/rb_call_credentials.c +4 -1
  237. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
  238. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/src/ruby/pb/grpc/health/v1/health_pb.rb +3 -3
  241. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +1 -1
  242. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +23 -13
  243. data/third_party/abseil-cpp/absl/algorithm/algorithm.h +159 -0
  244. data/third_party/abseil-cpp/absl/base/attributes.h +621 -0
  245. data/third_party/abseil-cpp/absl/base/call_once.h +226 -0
  246. data/third_party/abseil-cpp/absl/base/casts.h +184 -0
  247. data/third_party/abseil-cpp/absl/base/config.h +671 -0
  248. data/third_party/abseil-cpp/absl/base/const_init.h +76 -0
  249. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +129 -0
  250. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +389 -0
  251. data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +200 -0
  252. data/third_party/abseil-cpp/absl/base/internal/bits.h +218 -0
  253. data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +107 -0
  254. data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +94 -0
  255. data/third_party/abseil-cpp/absl/base/internal/endian.h +266 -0
  256. data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
  257. data/third_party/abseil-cpp/absl/base/internal/hide_ptr.h +51 -0
  258. data/third_party/abseil-cpp/absl/base/internal/identity.h +37 -0
  259. data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +107 -0
  260. data/third_party/abseil-cpp/absl/base/internal/invoke.h +187 -0
  261. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +107 -0
  262. data/third_party/abseil-cpp/absl/base/internal/per_thread_tls.h +52 -0
  263. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +240 -0
  264. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +183 -0
  265. data/third_party/abseil-cpp/absl/base/internal/scheduling_mode.h +58 -0
  266. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +233 -0
  267. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +243 -0
  268. data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +35 -0
  269. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +66 -0
  270. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +46 -0
  271. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.cc +81 -0
  272. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +93 -0
  273. data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +37 -0
  274. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +416 -0
  275. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +66 -0
  276. data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +271 -0
  277. data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +152 -0
  278. data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +259 -0
  279. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +108 -0
  280. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.h +75 -0
  281. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +66 -0
  282. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +158 -0
  283. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +140 -0
  284. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +124 -0
  285. data/third_party/abseil-cpp/absl/base/log_severity.cc +27 -0
  286. data/third_party/abseil-cpp/absl/base/log_severity.h +121 -0
  287. data/third_party/abseil-cpp/absl/base/macros.h +220 -0
  288. data/third_party/abseil-cpp/absl/base/optimization.h +181 -0
  289. data/third_party/abseil-cpp/absl/base/options.h +211 -0
  290. data/third_party/abseil-cpp/absl/base/policy_checks.h +111 -0
  291. data/third_party/abseil-cpp/absl/base/port.h +26 -0
  292. data/third_party/abseil-cpp/absl/base/thread_annotations.h +280 -0
  293. data/third_party/abseil-cpp/absl/container/inlined_vector.h +848 -0
  294. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +265 -0
  295. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +892 -0
  296. data/third_party/abseil-cpp/absl/memory/memory.h +695 -0
  297. data/third_party/abseil-cpp/absl/meta/type_traits.h +759 -0
  298. data/third_party/abseil-cpp/absl/numeric/int128.cc +404 -0
  299. data/third_party/abseil-cpp/absl/numeric/int128.h +1091 -0
  300. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +302 -0
  301. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +308 -0
  302. data/third_party/abseil-cpp/absl/strings/ascii.cc +200 -0
  303. data/third_party/abseil-cpp/absl/strings/ascii.h +242 -0
  304. data/third_party/abseil-cpp/absl/strings/charconv.cc +984 -0
  305. data/third_party/abseil-cpp/absl/strings/charconv.h +119 -0
  306. data/third_party/abseil-cpp/absl/strings/escaping.cc +949 -0
  307. data/third_party/abseil-cpp/absl/strings/escaping.h +164 -0
  308. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +156 -0
  309. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +359 -0
  310. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +423 -0
  311. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +504 -0
  312. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.h +99 -0
  313. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +180 -0
  314. data/third_party/abseil-cpp/absl/strings/internal/escaping.h +58 -0
  315. data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +112 -0
  316. data/third_party/abseil-cpp/absl/strings/internal/memutil.h +148 -0
  317. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +36 -0
  318. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +89 -0
  319. data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +73 -0
  320. data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +248 -0
  321. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +388 -0
  322. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +432 -0
  323. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +245 -0
  324. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +209 -0
  325. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +326 -0
  326. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +51 -0
  327. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +415 -0
  328. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +493 -0
  329. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +23 -0
  330. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
  331. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +104 -0
  332. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +334 -0
  333. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +333 -0
  334. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +314 -0
  335. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +455 -0
  336. data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +53 -0
  337. data/third_party/abseil-cpp/absl/strings/internal/utf8.h +50 -0
  338. data/third_party/abseil-cpp/absl/strings/match.cc +40 -0
  339. data/third_party/abseil-cpp/absl/strings/match.h +90 -0
  340. data/third_party/abseil-cpp/absl/strings/numbers.cc +965 -0
  341. data/third_party/abseil-cpp/absl/strings/numbers.h +266 -0
  342. data/third_party/abseil-cpp/absl/strings/str_cat.cc +246 -0
  343. data/third_party/abseil-cpp/absl/strings/str_cat.h +408 -0
  344. data/third_party/abseil-cpp/absl/strings/str_format.h +537 -0
  345. data/third_party/abseil-cpp/absl/strings/str_join.h +293 -0
  346. data/third_party/abseil-cpp/absl/strings/str_replace.cc +82 -0
  347. data/third_party/abseil-cpp/absl/strings/str_replace.h +219 -0
  348. data/third_party/abseil-cpp/absl/strings/str_split.cc +139 -0
  349. data/third_party/abseil-cpp/absl/strings/str_split.h +513 -0
  350. data/third_party/abseil-cpp/absl/strings/string_view.cc +235 -0
  351. data/third_party/abseil-cpp/absl/strings/string_view.h +622 -0
  352. data/third_party/abseil-cpp/absl/strings/strip.h +91 -0
  353. data/third_party/abseil-cpp/absl/strings/substitute.cc +171 -0
  354. data/third_party/abseil-cpp/absl/strings/substitute.h +693 -0
  355. data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +48 -0
  356. data/third_party/abseil-cpp/absl/types/bad_optional_access.h +78 -0
  357. data/third_party/abseil-cpp/absl/types/internal/optional.h +396 -0
  358. data/third_party/abseil-cpp/absl/types/internal/span.h +128 -0
  359. data/third_party/abseil-cpp/absl/types/optional.h +776 -0
  360. data/third_party/abseil-cpp/absl/types/span.h +713 -0
  361. data/third_party/abseil-cpp/absl/utility/utility.h +350 -0
  362. data/{src/boringssl → third_party/boringssl-with-bazel}/err_data.c +0 -0
  363. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bitstr.c +0 -0
  364. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bool.c +0 -0
  365. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_d2i_fp.c +0 -0
  366. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_dup.c +0 -0
  367. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_enum.c +0 -0
  368. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_gentm.c +0 -0
  369. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_i2d_fp.c +0 -0
  370. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_int.c +0 -0
  371. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_mbstr.c +0 -0
  372. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_object.c +0 -0
  373. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_octet.c +0 -0
  374. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_print.c +0 -0
  375. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_strnid.c +0 -0
  376. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_time.c +3 -4
  377. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_type.c +0 -0
  378. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utctm.c +0 -0
  379. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utf8.c +0 -0
  380. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_lib.c +0 -0
  381. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_locl.h +0 -0
  382. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_par.c +0 -0
  383. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn_pack.c +0 -0
  384. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_enum.c +0 -0
  385. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_int.c +0 -0
  386. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_string.c +0 -0
  387. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_dec.c +0 -0
  388. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_enc.c +0 -0
  389. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_fre.c +0 -0
  390. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_new.c +0 -0
  391. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_typ.c +0 -0
  392. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_utl.c +0 -0
  393. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/time_support.c +0 -0
  394. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/base64/base64.c +0 -0
  395. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio.c +0 -0
  396. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio_mem.c +0 -0
  397. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/connect.c +3 -4
  398. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/fd.c +0 -1
  399. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/file.c +5 -6
  400. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/hexdump.c +0 -0
  401. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/internal.h +0 -0
  402. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/pair.c +0 -1
  403. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/printf.c +0 -0
  404. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket.c +0 -0
  405. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket_helper.c +0 -0
  406. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/bn_asn1.c +0 -0
  407. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/convert.c +0 -0
  408. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/buf/buf.c +10 -69
  409. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/asn1_compat.c +0 -0
  410. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/ber.c +0 -0
  411. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbb.c +41 -2
  412. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbs.c +60 -3
  413. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/internal.h +0 -0
  414. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/unicode.c +0 -0
  415. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/chacha.c +0 -0
  416. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/internal.h +0 -0
  417. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/cipher_extra.c +0 -0
  418. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/derive_key.c +0 -0
  419. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesccm.c +0 -0
  420. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesctrhmac.c +0 -0
  421. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesgcmsiv.c +8 -0
  422. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_chacha20poly1305.c +0 -0
  423. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_null.c +0 -0
  424. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc2.c +0 -0
  425. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc4.c +0 -0
  426. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_tls.c +0 -0
  427. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/internal.h +0 -0
  428. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/tls_cbc.c +0 -0
  429. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cmac/cmac.c +0 -0
  430. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf.c +0 -0
  431. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf_def.h +0 -0
  432. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/internal.h +0 -0
  433. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-fuchsia.c +0 -0
  434. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-linux.c +0 -0
  435. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.c +0 -1
  436. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.h +0 -0
  437. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm.c +0 -0
  438. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-intel.c +0 -0
  439. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-ppc64le.c +0 -0
  440. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/crypto.c +0 -0
  441. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/curve25519/spake25519.c +0 -0
  442. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/check.c +3 -3
  443. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh.c +1 -2
  444. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh_asn1.c +0 -0
  445. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/params.c +0 -0
  446. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/digest_extra/digest_extra.c +0 -0
  447. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa.c +0 -0
  448. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa_asn1.c +0 -0
  449. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_asn1.c +0 -0
  450. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_derive.c +2 -3
  451. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdh_extra/ecdh_extra.c +0 -0
  452. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdsa_extra/ecdsa_asn1.c +0 -0
  453. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/engine/engine.c +0 -0
  454. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/err.c +6 -6
  455. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/internal.h +0 -0
  456. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/digestsign.c +0 -0
  457. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp.c +0 -0
  458. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_asn1.c +0 -0
  459. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_ctx.c +0 -0
  460. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/internal.h +0 -0
  461. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_dsa_asn1.c +0 -0
  462. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec.c +0 -1
  463. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec_asn1.c +0 -0
  464. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519.c +0 -0
  465. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519_asn1.c +0 -0
  466. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa.c +14 -2
  467. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa_asn1.c +0 -0
  468. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519.c +0 -0
  469. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519_asn1.c +1 -2
  470. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/pbkdf.c +0 -0
  471. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/print.c +0 -0
  472. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/scrypt.c +0 -0
  473. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/sign.c +0 -0
  474. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ex_data.c +0 -0
  475. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
  476. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
  477. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/internal.h +5 -7
  478. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/key_wrap.c +0 -0
  479. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/mode_wrappers.c +0 -2
  480. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bcm.c +2 -0
  481. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/add.c +0 -0
  482. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -0
  483. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bn.c +0 -0
  484. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bytes.c +0 -0
  485. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/cmp.c +0 -0
  486. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/ctx.c +0 -0
  487. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div.c +0 -0
  488. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div_extra.c +0 -0
  489. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/exponentiation.c +0 -0
  490. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd.c +0 -0
  491. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd_extra.c +0 -0
  492. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/generic.c +0 -0
  493. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/internal.h +0 -0
  494. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/jacobi.c +0 -0
  495. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery.c +0 -0
  496. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery_inv.c +0 -0
  497. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/mul.c +0 -0
  498. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/prime.c +11 -12
  499. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/random.c +0 -0
  500. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.c +0 -0
  501. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.h +0 -0
  502. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/shift.c +0 -0
  503. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/sqrt.c +0 -0
  504. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/aead.c +0 -0
  505. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/cipher.c +0 -0
  506. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_aes.c +3 -5
  507. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_des.c +0 -0
  508. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/internal.h +0 -0
  509. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/delocate.h +0 -0
  510. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/des.c +0 -0
  511. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/internal.h +0 -0
  512. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digest.c +0 -0
  513. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digests.c +0 -0
  514. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/internal.h +0 -0
  515. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/md32_common.h +0 -0
  516. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec.c +0 -0
  517. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_key.c +1 -1
  518. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_montgomery.c +0 -0
  519. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/felem.c +0 -0
  520. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/internal.h +0 -0
  521. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/oct.c +0 -0
  522. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p224-64.c +0 -0
  523. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -0
  524. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.c +0 -0
  525. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.h +0 -0
  526. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/scalar.c +0 -0
  527. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple.c +0 -0
  528. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple_mul.c +0 -0
  529. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/util.c +0 -0
  530. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/wnaf.c +0 -0
  531. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdh/ecdh.c +0 -0
  532. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdsa/ecdsa.c +0 -0
  533. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/fips_shared_support.c +0 -0
  534. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/hmac/hmac.c +0 -0
  535. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/is_fips.c +0 -0
  536. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md4/md4.c +0 -0
  537. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/internal.h +0 -0
  538. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/md5.c +0 -0
  539. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cbc.c +0 -0
  540. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cfb.c +0 -0
  541. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ctr.c +0 -0
  542. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/gcm.c +45 -193
  543. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
  544. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/internal.h +8 -18
  545. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ofb.c +0 -0
  546. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/polyval.c +0 -0
  547. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/ctrdrbg.c +0 -0
  548. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/internal.h +0 -0
  549. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/rand.c +0 -0
  550. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/urandom.c +0 -0
  551. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/blinding.c +0 -0
  552. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/internal.h +0 -0
  553. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/padding.c +0 -0
  554. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa.c +7 -1
  555. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa_impl.c +60 -51
  556. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/self_check/self_check.c +0 -0
  557. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/internal.h +0 -0
  558. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1-altivec.c +0 -0
  559. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1.c +0 -0
  560. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha256.c +0 -0
  561. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha512.c +0 -0
  562. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/internal.h +0 -0
  563. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/kdf.c +0 -0
  564. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hkdf/hkdf.c +0 -0
  565. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/hrss.c +210 -311
  566. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/internal.h +0 -1
  567. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/internal.h +21 -1
  568. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/lhash/lhash.c +0 -0
  569. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/mem.c +70 -0
  570. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj.c +16 -21
  571. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_dat.h +27 -6
  572. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_xref.c +0 -0
  573. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_all.c +0 -0
  574. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_info.c +0 -1
  575. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_lib.c +7 -7
  576. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_oth.c +0 -1
  577. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pk8.c +0 -1
  578. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pkey.c +0 -1
  579. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_x509.c +0 -0
  580. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_xaux.c +0 -0
  581. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/internal.h +0 -0
  582. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7.c +0 -0
  583. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7_x509.c +1 -1
  584. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/internal.h +0 -0
  585. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/p5_pbev2.c +0 -0
  586. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8.c +0 -0
  587. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8_x509.c +0 -0
  588. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/internal.h +0 -0
  589. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305.c +2 -2
  590. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_arm.c +21 -20
  591. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_vec.c +34 -17
  592. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/internal.h +0 -0
  593. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/pool.c +1 -2
  594. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/deterministic.c +0 -0
  595. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/forkunsafe.c +0 -0
  596. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/fuchsia.c +0 -0
  597. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/rand_extra.c +0 -0
  598. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/windows.c +0 -0
  599. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rc4/rc4.c +0 -0
  600. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_c11.c +0 -0
  601. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_lock.c +0 -0
  602. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_asn1.c +0 -0
  603. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_print.c +0 -0
  604. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/siphash/siphash.c +3 -1
  605. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/stack/stack.c +0 -0
  606. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread.c +0 -0
  607. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_none.c +0 -0
  608. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_pthread.c +0 -0
  609. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_win.c +0 -0
  610. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_digest.c +0 -0
  611. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_sign.c +0 -0
  612. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_strex.c +0 -0
  613. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_verify.c +0 -1
  614. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/algorithm.c +0 -0
  615. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/asn1_gen.c +0 -0
  616. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_dir.c +1 -1
  617. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_file.c +0 -1
  618. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/charmap.h +0 -0
  619. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/i2d_pr.c +0 -0
  620. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/internal.h +0 -0
  621. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/rsa_pss.c +0 -0
  622. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_crl.c +0 -0
  623. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_req.c +0 -0
  624. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509.c +0 -0
  625. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509a.c +0 -0
  626. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/vpm_int.h +0 -0
  627. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509.c +0 -0
  628. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_att.c +0 -0
  629. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_cmp.c +0 -1
  630. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_d2.c +0 -0
  631. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_def.c +0 -0
  632. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_ext.c +0 -0
  633. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_lu.c +0 -0
  634. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_obj.c +1 -1
  635. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_r2x.c +0 -1
  636. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_req.c +0 -1
  637. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_set.c +0 -0
  638. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_trs.c +1 -2
  639. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_txt.c +0 -0
  640. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_v3.c +0 -0
  641. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vfy.c +0 -1
  642. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vpm.c +3 -4
  643. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509cset.c +0 -0
  644. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509name.c +0 -0
  645. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509rset.c +0 -0
  646. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509spki.c +0 -0
  647. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_algor.c +0 -0
  648. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_all.c +0 -1
  649. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_attrib.c +0 -0
  650. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_crl.c +0 -0
  651. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_exten.c +0 -0
  652. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_info.c +0 -0
  653. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_name.c +0 -0
  654. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pkey.c +0 -0
  655. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pubkey.c +0 -0
  656. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_req.c +0 -0
  657. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_sig.c +0 -0
  658. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_spki.c +0 -0
  659. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_val.c +0 -0
  660. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509.c +0 -0
  661. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509a.c +0 -0
  662. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/ext_dat.h +0 -0
  663. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/internal.h +0 -0
  664. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_cache.c +0 -0
  665. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_data.c +0 -0
  666. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_int.h +0 -0
  667. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_lib.c +0 -0
  668. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_map.c +0 -0
  669. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_node.c +0 -0
  670. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_tree.c +0 -0
  671. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akey.c +0 -0
  672. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akeya.c +0 -0
  673. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_alt.c +3 -3
  674. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bcons.c +0 -0
  675. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bitst.c +0 -0
  676. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_conf.c +0 -0
  677. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_cpols.c +0 -0
  678. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_crld.c +0 -0
  679. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_enum.c +2 -2
  680. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_extku.c +0 -0
  681. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_genn.c +0 -0
  682. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ia5.c +0 -0
  683. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_info.c +4 -5
  684. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_int.c +0 -0
  685. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_lib.c +0 -0
  686. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ncons.c +0 -0
  687. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ocsp.c +0 -0
  688. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pci.c +0 -0
  689. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcia.c +0 -0
  690. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcons.c +0 -0
  691. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pku.c +0 -0
  692. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pmaps.c +0 -0
  693. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_prn.c +0 -0
  694. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_purp.c +2 -3
  695. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_skey.c +0 -0
  696. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_sxnet.c +0 -0
  697. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_utl.c +11 -12
  698. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aead.h +0 -0
  699. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aes.h +0 -0
  700. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/arm_arch.h +0 -0
  701. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1.h +0 -0
  702. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1_mac.h +0 -0
  703. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1t.h +0 -0
  704. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base.h +0 -0
  705. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base64.h +0 -0
  706. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bio.h +0 -0
  707. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/blowfish.h +0 -0
  708. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bn.h +32 -20
  709. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buf.h +9 -9
  710. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buffer.h +0 -0
  711. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bytestring.h +34 -0
  712. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cast.h +0 -0
  713. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/chacha.h +0 -0
  714. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cipher.h +0 -0
  715. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cmac.h +0 -0
  716. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/conf.h +0 -0
  717. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cpu.h +0 -0
  718. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/crypto.h +0 -0
  719. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/curve25519.h +0 -0
  720. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/des.h +0 -0
  721. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dh.h +0 -0
  722. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/digest.h +0 -0
  723. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dsa.h +0 -0
  724. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dtls1.h +0 -0
  725. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/e_os2.h +0 -0
  726. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec.h +11 -4
  727. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec_key.h +4 -2
  728. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdh.h +0 -0
  729. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdsa.h +0 -0
  730. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/engine.h +0 -0
  731. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/err.h +11 -9
  732. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/evp.h +20 -0
  733. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ex_data.h +0 -0
  734. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hkdf.h +0 -0
  735. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hmac.h +0 -0
  736. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hrss.h +0 -0
  737. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/is_boringssl.h +0 -0
  738. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/lhash.h +0 -0
  739. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md4.h +0 -0
  740. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md5.h +0 -0
  741. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/mem.h +17 -2
  742. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/nid.h +9 -0
  743. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj.h +0 -0
  744. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj_mac.h +0 -0
  745. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/objects.h +0 -0
  746. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslconf.h +0 -0
  747. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslv.h +0 -0
  748. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ossl_typ.h +0 -0
  749. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pem.h +0 -0
  750. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs12.h +0 -0
  751. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs7.h +0 -0
  752. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs8.h +0 -0
  753. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/poly1305.h +5 -7
  754. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pool.h +0 -0
  755. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rand.h +0 -0
  756. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rc4.h +0 -0
  757. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ripemd.h +0 -0
  758. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rsa.h +0 -0
  759. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/safestack.h +0 -0
  760. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/sha.h +0 -0
  761. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/siphash.h +0 -0
  762. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/span.h +0 -0
  763. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/srtp.h +0 -0
  764. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl.h +10 -20
  765. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl3.h +0 -0
  766. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/stack.h +0 -0
  767. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/thread.h +0 -0
  768. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/tls1.h +0 -3
  769. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/type_check.h +0 -0
  770. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509.h +0 -0
  771. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509_vfy.h +0 -0
  772. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509v3.h +0 -0
  773. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/bio_ssl.cc +0 -0
  774. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_both.cc +0 -1
  775. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_lib.cc +0 -0
  776. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_pkt.cc +0 -1
  777. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_srtp.cc +0 -0
  778. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_method.cc +0 -1
  779. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_record.cc +0 -0
  780. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handoff.cc +126 -29
  781. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake.cc +5 -4
  782. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_client.cc +24 -13
  783. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_server.cc +1 -5
  784. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/internal.h +32 -26
  785. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_both.cc +0 -0
  786. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_lib.cc +2 -3
  787. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_pkt.cc +0 -1
  788. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_aead_ctx.cc +0 -0
  789. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_asn1.cc +1 -2
  790. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_buffer.cc +34 -15
  791. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cert.cc +0 -1
  792. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cipher.cc +0 -1
  793. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_file.cc +0 -0
  794. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_key_share.cc +0 -0
  795. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_lib.cc +13 -14
  796. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_privkey.cc +0 -0
  797. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_session.cc +2 -1
  798. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_stat.cc +0 -0
  799. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_transcript.cc +0 -0
  800. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_versions.cc +1 -1
  801. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_x509.cc +0 -0
  802. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_enc.cc +0 -0
  803. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_lib.cc +11 -171
  804. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_both.cc +0 -0
  805. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_client.cc +3 -4
  806. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_enc.cc +5 -1
  807. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_server.cc +78 -101
  808. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_method.cc +1 -1
  809. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_record.cc +7 -2
  810. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519.c +0 -0
  811. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_32.h +0 -0
  812. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_64.h +0 -0
  813. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_tables.h +0 -0
  814. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/internal.h +0 -0
  815. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256.c +0 -0
  816. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_32.h +0 -0
  817. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_64.h +0 -0
  818. data/third_party/upb/upb/decode.c +4 -0
  819. data/third_party/upb/upb/port.c +0 -1
  820. data/third_party/upb/upb/port_def.inc +1 -3
  821. data/third_party/upb/upb/table.c +2 -1
  822. metadata +680 -505
  823. data/src/core/lib/iomgr/logical_thread.cc +0 -103
  824. data/src/core/lib/iomgr/logical_thread.h +0 -52
  825. data/src/core/lib/json/json.cc +0 -94
  826. data/src/core/lib/json/json_reader.h +0 -146
  827. data/src/core/lib/json/json_string.cc +0 -367
  828. data/src/core/lib/json/json_writer.h +0 -84
  829. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +0 -860
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/internal.h RENAMED
@@ -1239,6 +1239,11 @@ class SSLBuffer {
1239
1239
  uint16_t size_ = 0;
1240
1240
  // cap_ is how much memory beyond |buf_| + |offset_| is available.
1241
1241
  uint16_t cap_ = 0;
1242
+ // inline_buf_ is a static buffer for short reads.
1243
+ uint8_t inline_buf_[SSL3_RT_HEADER_LENGTH];
1244
+ // buf_allocated_ is true if |buf_| points to allocated data and must be freed
1245
+ // or false if it points into |inline_buf_|.
1246
+ bool buf_allocated_ = false;
1242
1247
  };
1243
1248
 
1244
1249
  // ssl_read_buffer_extend_to extends the read buffer to the desired length. For
@@ -1472,12 +1477,31 @@ enum tls12_server_hs_state_t {
1472
1477
  state12_done,
1473
1478
  };
1474
1479
 
1480
+ enum tls13_server_hs_state_t {
1481
+ state13_select_parameters = 0,
1482
+ state13_select_session,
1483
+ state13_send_hello_retry_request,
1484
+ state13_read_second_client_hello,
1485
+ state13_send_server_hello,
1486
+ state13_send_server_certificate_verify,
1487
+ state13_send_server_finished,
1488
+ state13_read_second_client_flight,
1489
+ state13_process_end_of_early_data,
1490
+ state13_read_client_certificate,
1491
+ state13_read_client_certificate_verify,
1492
+ state13_read_channel_id,
1493
+ state13_read_client_finished,
1494
+ state13_send_new_session_ticket,
1495
+ state13_done,
1496
+ };
1497
+
1475
1498
  // handback_t lists the points in the state machine where a handback can occur.
1476
1499
  // These are the different points at which key material is no longer needed.
1477
1500
  enum handback_t {
1478
1501
  handback_after_session_resumption,
1479
1502
  handback_after_ecdhe,
1480
1503
  handback_after_handshake,
1504
+ handback_tls13,
1481
1505
  };
1482
1506
 
1483
1507
 
@@ -1693,9 +1717,6 @@ struct SSL_HANDSHAKE {
1693
1717
  // be filled in.
1694
1718
  bool needs_psk_binder : 1;
1695
1719
 
1696
- bool received_hello_retry_request : 1;
1697
- bool sent_hello_retry_request : 1;
1698
-
1699
1720
  // handshake_finalized is true once the handshake has completed, at which
1700
1721
  // point accessors should use the established state.
1701
1722
  bool handshake_finalized : 1;
@@ -1914,7 +1935,8 @@ int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
1914
1935
  enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
1915
1936
  // ssl_reverify_peer_cert verifies the peer certificate for |hs| when resuming a
1916
1937
  // session.
1917
- enum ssl_verify_result_t ssl_reverify_peer_cert(SSL_HANDSHAKE *hs);
1938
+ enum ssl_verify_result_t ssl_reverify_peer_cert(SSL_HANDSHAKE *hs,
1939
+ bool send_alert);
1918
1940
 
1919
1941
  enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
1920
1942
  bool ssl_send_finished(SSL_HANDSHAKE *hs);
@@ -1976,10 +1998,8 @@ bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out);
1976
1998
  Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs);
1977
1999
 
1978
2000
  // tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
1979
- // peer signature to |out|. It returns true on success and false on error. If
1980
- // |for_certs| is true, the potentially more restrictive list of algorithms for
1981
- // certificates is used. Otherwise, the online signature one is used.
1982
- bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out, bool for_certs);
2001
+ // peer signature to |out|. It returns true on success and false on error.
2002
+ bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out);
1983
2003
 
1984
2004
  // tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
1985
2005
  // signature. It returns true on success and false on error, setting
@@ -1987,11 +2007,6 @@ bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out, bool for_certs);
1987
2007
  bool tls12_check_peer_sigalg(const SSL *ssl, uint8_t *out_alert,
1988
2008
  uint16_t sigalg);
1989
2009
 
1990
- // tls12_has_different_verify_sigalgs_for_certs returns whether |ssl| has a
1991
- // different, more restrictive, list of signature algorithms acceptable for the
1992
- // certificate than the online signature.
1993
- bool tls12_has_different_verify_sigalgs_for_certs(const SSL *ssl);
1994
-
1995
2010
 
1996
2011
  // Underdocumented functions.
1997
2012
  //
@@ -2376,10 +2391,6 @@ struct SSL3_STATE {
2376
2391
  // token_binding_negotiated is set if Token Binding was negotiated.
2377
2392
  bool token_binding_negotiated : 1;
2378
2393
 
2379
- // pq_experimental_signal_seen is true if the peer was observed
2380
- // sending/echoing the post-quantum experiment signal.
2381
- bool pq_experiment_signal_seen : 1;
2382
-
2383
2394
  // alert_dispatch is true there is an alert in |send_alert| to be sent.
2384
2395
  bool alert_dispatch : 1;
2385
2396
 
@@ -2387,6 +2398,10 @@ struct SSL3_STATE {
2387
2398
  // HelloRequest.
2388
2399
  bool renegotiate_pending : 1;
2389
2400
 
2401
+ // used_hello_retry_request is whether the handshake used a TLS 1.3
2402
+ // HelloRetryRequest message.
2403
+ bool used_hello_retry_request : 1;
2404
+
2390
2405
  // hs_buf is the buffer of handshake data to process.
2391
2406
  UniquePtr<BUF_MEM> hs_buf;
2392
2407
 
@@ -3295,10 +3310,6 @@ struct ssl_ctx_st {
3295
3310
  // ed25519_enabled is whether Ed25519 is advertised in the handshake.
3296
3311
  bool ed25519_enabled : 1;
3297
3312
 
3298
- // rsa_pss_rsae_certs_enabled is whether rsa_pss_rsae_* are supported by the
3299
- // certificate verifier.
3300
- bool rsa_pss_rsae_certs_enabled : 1;
3301
-
3302
3313
  // false_start_allowed_without_alpn is whether False Start (if
3303
3314
  // |SSL_MODE_ENABLE_FALSE_START| is enabled) is allowed without ALPN.
3304
3315
  bool false_start_allowed_without_alpn : 1;
@@ -3315,11 +3326,6 @@ struct ssl_ctx_st {
3315
3326
  // If enable_early_data is true, early data can be sent and accepted.
3316
3327
  bool enable_early_data : 1;
3317
3328
 
3318
- // pq_experiment_signal indicates that an empty extension should be sent
3319
- // (for clients) or echoed (for servers) to indicate participation in an
3320
- // experiment of post-quantum key exchanges.
3321
- bool pq_experiment_signal : 1;
3322
-
3323
3329
  private:
3324
3330
  ~ssl_ctx_st();
3325
3331
  friend void SSL_CTX_free(SSL_CTX *);
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_lib.cc RENAMED
@@ -151,7 +151,6 @@
151
151
  #include <assert.h>
152
152
  #include <string.h>
153
153
 
154
- #include <openssl/buf.h>
155
154
  #include <openssl/digest.h>
156
155
  #include <openssl/err.h>
157
156
  #include <openssl/md5.h>
@@ -180,9 +179,9 @@ SSL3_STATE::SSL3_STATE()
180
179
  early_data_accepted(false),
181
180
  tls13_downgrade(false),
182
181
  token_binding_negotiated(false),
183
- pq_experiment_signal_seen(false),
184
182
  alert_dispatch(false),
185
- renegotiate_pending(false) {}
183
+ renegotiate_pending(false),
184
+ used_hello_retry_request(false) {}
186
185
 
187
186
  SSL3_STATE::~SSL3_STATE() {}
188
187
 
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_pkt.cc RENAMED
@@ -112,7 +112,6 @@
112
112
  #include <limits.h>
113
113
  #include <string.h>
114
114
 
115
- #include <openssl/buf.h>
116
115
  #include <openssl/err.h>
117
116
  #include <openssl/evp.h>
118
117
  #include <openssl/mem.h>
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_asn1.cc RENAMED
@@ -87,7 +87,6 @@
87
87
 
88
88
  #include <utility>
89
89
 
90
- #include <openssl/buf.h>
91
90
  #include <openssl/bytestring.h>
92
91
  #include <openssl/err.h>
93
92
  #include <openssl/mem.h>
@@ -758,7 +757,7 @@ int SSL_SESSION_to_bytes(const SSL_SESSION *in, uint8_t **out_data,
758
757
  static const char kNotResumableSession[] = "NOT RESUMABLE";
759
758
 
760
759
  *out_len = strlen(kNotResumableSession);
761
- *out_data = (uint8_t *)BUF_memdup(kNotResumableSession, *out_len);
760
+ *out_data = (uint8_t *)OPENSSL_memdup(kNotResumableSession, *out_len);
762
761
  if (*out_data == NULL) {
763
762
  return 0;
764
763
  }
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_buffer.cc RENAMED
@@ -37,8 +37,11 @@ static_assert((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,
37
37
  "SSL3_ALIGN_PAYLOAD must be a power of 2");
38
38
 
39
39
  void SSLBuffer::Clear() {
40
- free(buf_); // Allocated with malloc().
40
+ if (buf_allocated_) {
41
+ free(buf_); // Allocated with malloc().
42
+ }
41
43
  buf_ = nullptr;
44
+ buf_allocated_ = false;
42
45
  offset_ = 0;
43
46
  size_ = 0;
44
47
  cap_ = 0;
@@ -54,27 +57,43 @@ bool SSLBuffer::EnsureCap(size_t header_len, size_t new_cap) {
54
57
  return true;
55
58
  }
56
59
 
57
- // Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment.
58
- //
59
- // Since this buffer gets allocated quite frequently and doesn't contain any
60
- // sensitive data, we allocate with malloc rather than |OPENSSL_malloc| and
61
- // avoid zeroing on free.
62
- uint8_t *new_buf = (uint8_t *)malloc(new_cap + SSL3_ALIGN_PAYLOAD - 1);
63
- if (new_buf == NULL) {
64
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
65
- return false;
60
+ uint8_t *new_buf;
61
+ bool new_buf_allocated;
62
+ size_t new_offset;
63
+ if (new_cap <= sizeof(inline_buf_)) {
64
+ // This function is called twice per TLS record, first for the five-byte
65
+ // header. To avoid allocating twice, use an inline buffer for short inputs.
66
+ new_buf = inline_buf_;
67
+ new_buf_allocated = false;
68
+ new_offset = 0;
69
+ } else {
70
+ // Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment.
71
+ //
72
+ // Since this buffer gets allocated quite frequently and doesn't contain any
73
+ // sensitive data, we allocate with malloc rather than |OPENSSL_malloc| and
74
+ // avoid zeroing on free.
75
+ new_buf = (uint8_t *)malloc(new_cap + SSL3_ALIGN_PAYLOAD - 1);
76
+ if (new_buf == NULL) {
77
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
78
+ return false;
79
+ }
80
+ new_buf_allocated = true;
81
+
82
+ // Offset the buffer such that the record body is aligned.
83
+ new_offset =
84
+ (0 - header_len - (uintptr_t)new_buf) & (SSL3_ALIGN_PAYLOAD - 1);
66
85
  }
67
86
 
68
- // Offset the buffer such that the record body is aligned.
69
- size_t new_offset =
70
- (0 - header_len - (uintptr_t)new_buf) & (SSL3_ALIGN_PAYLOAD - 1);
87
+ // Note if the both old and new buffer are inline, the source and destination
88
+ // may alias.
89
+ OPENSSL_memmove(new_buf + new_offset, buf_ + offset_, size_);
71
90
 
72
- if (buf_ != NULL) {
73
- OPENSSL_memcpy(new_buf + new_offset, buf_ + offset_, size_);
91
+ if (buf_allocated_) {
74
92
  free(buf_); // Allocated with malloc().
75
93
  }
76
94
 
77
95
  buf_ = new_buf;
96
+ buf_allocated_ = new_buf_allocated;
78
97
  offset_ = new_offset;
79
98
  cap_ = new_cap;
80
99
  return true;
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cert.cc RENAMED
@@ -121,7 +121,6 @@
121
121
  #include <utility>
122
122
 
123
123
  #include <openssl/bn.h>
124
- #include <openssl/buf.h>
125
124
  #include <openssl/bytestring.h>
126
125
  #include <openssl/ec_key.h>
127
126
  #include <openssl/err.h>
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cipher.cc RENAMED
@@ -143,7 +143,6 @@
143
143
  #include <assert.h>
144
144
  #include <string.h>
145
145
 
146
- #include <openssl/buf.h>
147
146
  #include <openssl/err.h>
148
147
  #include <openssl/md5.h>
149
148
  #include <openssl/mem.h>
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_lib.cc RENAMED
@@ -565,12 +565,10 @@ ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method)
565
565
  grease_enabled(false),
566
566
  allow_unknown_alpn_protos(false),
567
567
  ed25519_enabled(false),
568
- rsa_pss_rsae_certs_enabled(true),
569
568
  false_start_allowed_without_alpn(false),
570
569
  ignore_tls13_downgrade(false),
571
570
  handoff(false),
572
- enable_early_data(false),
573
- pq_experiment_signal(false) {
571
+ enable_early_data(false) {
574
572
  CRYPTO_MUTEX_init(&lock);
575
573
  CRYPTO_new_ex_data(&ex_data);
576
574
  }
@@ -699,7 +697,7 @@ SSL *SSL_new(SSL_CTX *ctx) {
699
697
 
700
698
  if (ctx->psk_identity_hint) {
701
699
  ssl->config->psk_identity_hint.reset(
702
- BUF_strdup(ctx->psk_identity_hint.get()));
700
+ OPENSSL_strdup(ctx->psk_identity_hint.get()));
703
701
  if (ssl->config->psk_identity_hint == nullptr) {
704
702
  return nullptr;
705
703
  }
@@ -1238,14 +1236,6 @@ int SSL_send_fatal_alert(SSL *ssl, uint8_t alert) {
1238
1236
  return ssl_send_alert_impl(ssl, SSL3_AL_FATAL, alert);
1239
1237
  }
1240
1238
 
1241
- void SSL_CTX_enable_pq_experiment_signal(SSL_CTX *ctx) {
1242
- ctx->pq_experiment_signal = true;
1243
- }
1244
-
1245
- int SSL_pq_experiment_signal_seen(const SSL *ssl) {
1246
- return ssl->s3->pq_experiment_signal_seen;
1247
- }
1248
-
1249
1239
  int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
1250
1240
  size_t params_len) {
1251
1241
  return ssl->config && ssl->config->quic_transport_params.CopyFrom(
@@ -2129,7 +2119,7 @@ int SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
2129
2119
  OPENSSL_PUT_ERROR(SSL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
2130
2120
  return 0;
2131
2121
  }
2132
- ssl->hostname.reset(BUF_strdup(name));
2122
+ ssl->hostname.reset(OPENSSL_strdup(name));
2133
2123
  if (ssl->hostname == nullptr) {
2134
2124
  OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
2135
2125
  return 0;
@@ -2496,6 +2486,11 @@ char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len) {
2496
2486
  return buf;
2497
2487
  }
2498
2488
 
2489
+ int SSL_get_shared_sigalgs(SSL *ssl, int idx, int *psign, int *phash,
2490
+ int *psignandhash, uint8_t *rsig, uint8_t *rhash) {
2491
+ return 0;
2492
+ }
2493
+
2499
2494
  int SSL_CTX_set_quic_method(SSL_CTX *ctx, const SSL_QUIC_METHOD *quic_method) {
2500
2495
  if (ctx->method->is_dtls) {
2501
2496
  return 0;
@@ -2580,7 +2575,7 @@ static int use_psk_identity_hint(UniquePtr<char> *out,
2580
2575
  // ECDHE_PSK can only spell empty hint. Having different capabilities is odd,
2581
2576
  // so we interpret empty and missing as identical.
2582
2577
  if (identity_hint != NULL && identity_hint[0] != '\0') {
2583
- out->reset(BUF_strdup(identity_hint));
2578
+ out->reset(OPENSSL_strdup(identity_hint));
2584
2579
  if (*out == nullptr) {
2585
2580
  return 0;
2586
2581
  }
@@ -2854,6 +2849,10 @@ void SSL_CTX_set_false_start_allowed_without_alpn(SSL_CTX *ctx, int allowed) {
2854
2849
 
2855
2850
  int SSL_is_tls13_downgrade(const SSL *ssl) { return ssl->s3->tls13_downgrade; }
2856
2851
 
2852
+ int SSL_used_hello_retry_request(const SSL *ssl) {
2853
+ return ssl->s3->used_hello_retry_request;
2854
+ }
2855
+
2857
2856
  void SSL_CTX_set_ignore_tls13_downgrade(SSL_CTX *ctx, int ignore) {
2858
2857
  ctx->ignore_tls13_downgrade = !!ignore;
2859
2858
  }
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_session.cc RENAMED
@@ -208,7 +208,8 @@ UniquePtr<SSL_SESSION> SSL_SESSION_dup(SSL_SESSION *session, int dup_flags) {
208
208
 
209
209
  // Copy authentication state.
210
210
  if (session->psk_identity != nullptr) {
211
- new_session->psk_identity.reset(BUF_strdup(session->psk_identity.get()));
211
+ new_session->psk_identity.reset(
212
+ OPENSSL_strdup(session->psk_identity.get()));
212
213
  if (new_session->psk_identity == nullptr) {
213
214
  return nullptr;
214
215
  }
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_versions.cc RENAMED
@@ -150,7 +150,7 @@ static bool set_max_version(const SSL_PROTOCOL_METHOD *method, uint16_t *out,
150
150
  uint16_t version) {
151
151
  // Zero is interpreted as the default maximum version.
152
152
  if (version == 0) {
153
- *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_2_VERSION;
153
+ *out = method->is_dtls ? DTLS1_2_VERSION : TLS1_3_VERSION;
154
154
  return true;
155
155
  }
156
156
 
data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_lib.cc RENAMED
@@ -411,10 +411,6 @@ bool tls1_check_group_id(const SSL_HANDSHAKE *hs, uint16_t group_id) {
411
411
 
412
412
  // kVerifySignatureAlgorithms is the default list of accepted signature
413
413
  // algorithms for verifying.
414
- //
415
- // For now, RSA-PSS signature algorithms are not enabled on Android's system
416
- // BoringSSL. Once the change in Chrome has stuck and the values are finalized,
417
- // restore them.
418
414
  static const uint16_t kVerifySignatureAlgorithms[] = {
419
415
  // List our preferred algorithms first.
420
416
  SSL_SIGN_ED25519,
@@ -432,15 +428,10 @@ static const uint16_t kVerifySignatureAlgorithms[] = {
432
428
 
433
429
  // For now, SHA-1 is still accepted but least preferable.
434
430
  SSL_SIGN_RSA_PKCS1_SHA1,
435
-
436
431
  };
437
432
 
438
433
  // kSignSignatureAlgorithms is the default list of supported signature
439
434
  // algorithms for signing.
440
- //
441
- // For now, RSA-PSS signature algorithms are not enabled on Android's system
442
- // BoringSSL. Once the change in Chrome has stuck and the values are finalized,
443
- // restore them.
444
435
  static const uint16_t kSignSignatureAlgorithms[] = {
445
436
  // List our preferred algorithms first.
446
437
  SSL_SIGN_ED25519,
@@ -472,39 +463,17 @@ struct SSLSignatureAlgorithmList {
472
463
  if (skip_ed25519 && sigalg == SSL_SIGN_ED25519) {
473
464
  continue;
474
465
  }
475
- if (skip_rsa_pss_rsae && SSL_is_signature_algorithm_rsa_pss(sigalg)) {
476
- continue;
477
- }
478
466
  *out = sigalg;
479
467
  return true;
480
468
  }
481
469
  return false;
482
470
  }
483
471
 
484
- bool operator==(const SSLSignatureAlgorithmList &other) const {
485
- SSLSignatureAlgorithmList a = *this;
486
- SSLSignatureAlgorithmList b = other;
487
- uint16_t a_val, b_val;
488
- while (a.Next(&a_val)) {
489
- if (!b.Next(&b_val) ||
490
- a_val != b_val) {
491
- return false;
492
- }
493
- }
494
- return !b.Next(&b_val);
495
- }
496
-
497
- bool operator!=(const SSLSignatureAlgorithmList &other) const {
498
- return !(*this == other);
499
- }
500
-
501
472
  Span<const uint16_t> list;
502
473
  bool skip_ed25519 = false;
503
- bool skip_rsa_pss_rsae = false;
504
474
  };
505
475
 
506
- static SSLSignatureAlgorithmList tls12_get_verify_sigalgs(const SSL *ssl,
507
- bool for_certs) {
476
+ static SSLSignatureAlgorithmList tls12_get_verify_sigalgs(const SSL *ssl) {
508
477
  SSLSignatureAlgorithmList ret;
509
478
  if (!ssl->config->verify_sigalgs.empty()) {
510
479
  ret.list = ssl->config->verify_sigalgs;
@@ -512,14 +481,11 @@ static SSLSignatureAlgorithmList tls12_get_verify_sigalgs(const SSL *ssl,
512
481
  ret.list = kVerifySignatureAlgorithms;
513
482
  ret.skip_ed25519 = !ssl->ctx->ed25519_enabled;
514
483
  }
515
- if (for_certs) {
516
- ret.skip_rsa_pss_rsae = !ssl->ctx->rsa_pss_rsae_certs_enabled;
517
- }
518
484
  return ret;
519
485
  }
520
486
 
521
- bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out, bool for_certs) {
522
- SSLSignatureAlgorithmList list = tls12_get_verify_sigalgs(ssl, for_certs);
487
+ bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out) {
488
+ SSLSignatureAlgorithmList list = tls12_get_verify_sigalgs(ssl);
523
489
  uint16_t sigalg;
524
490
  while (list.Next(&sigalg)) {
525
491
  if (!CBB_add_u16(out, sigalg)) {
@@ -531,7 +497,7 @@ bool tls12_add_verify_sigalgs(const SSL *ssl, CBB *out, bool for_certs) {
531
497
 
532
498
  bool tls12_check_peer_sigalg(const SSL *ssl, uint8_t *out_alert,
533
499
  uint16_t sigalg) {
534
- SSLSignatureAlgorithmList list = tls12_get_verify_sigalgs(ssl, false);
500
+ SSLSignatureAlgorithmList list = tls12_get_verify_sigalgs(ssl);
535
501
  uint16_t verify_sigalg;
536
502
  while (list.Next(&verify_sigalg)) {
537
503
  if (verify_sigalg == sigalg) {
@@ -544,11 +510,6 @@ bool tls12_check_peer_sigalg(const SSL *ssl, uint8_t *out_alert,
544
510
  return false;
545
511
  }
546
512
 
547
- bool tls12_has_different_verify_sigalgs_for_certs(const SSL *ssl) {
548
- return tls12_get_verify_sigalgs(ssl, true) !=
549
- tls12_get_verify_sigalgs(ssl, false);
550
- }
551
-
552
513
  // tls_extension represents a TLS extension that is handled internally. The
553
514
  // |init| function is called for each handshake, before any other functions of
554
515
  // the extension. Then the add and parse callbacks are called as needed.
@@ -980,23 +941,11 @@ static bool ext_sigalgs_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
980
941
  return true;
981
942
  }
982
943
 
983
- // Prior to TLS 1.3, there was no way to signal different signature algorithm
984
- // preferences between the online signature and certificates. If we do not
985
- // send the signature_algorithms_cert extension, use the potentially more
986
- // restrictive certificate list.
987
- //
988
- // TODO(davidben): When TLS 1.3 is finalized, we can likely remove the TLS 1.3
989
- // check both here and in signature_algorithms_cert. |hs->max_version| is not
990
- // the negotiated version. Rather the expectation is that any server consuming
991
- // signature algorithms added in TLS 1.3 will also know to look at
992
- // signature_algorithms_cert. For now, TLS 1.3 is not quite yet final and it
993
- // seems prudent to condition this new extension on it.
994
- bool for_certs = hs->max_version < TLS1_3_VERSION;
995
944
  CBB contents, sigalgs_cbb;
996
945
  if (!CBB_add_u16(out, TLSEXT_TYPE_signature_algorithms) ||
997
946
  !CBB_add_u16_length_prefixed(out, &contents) ||
998
947
  !CBB_add_u16_length_prefixed(&contents, &sigalgs_cbb) ||
999
- !tls12_add_verify_sigalgs(ssl, &sigalgs_cbb, for_certs) ||
948
+ !tls12_add_verify_sigalgs(ssl, &sigalgs_cbb) ||
1000
949
  !CBB_flush(out)) {
1001
950
  return false;
1002
951
  }
@@ -1022,35 +971,6 @@ static bool ext_sigalgs_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1022
971
  }
1023
972
 
1024
973
 
1025
- // Signature Algorithms for Certificates.
1026
- //
1027
- // https://tools.ietf.org/html/rfc8446#section-4.2.3
1028
-
1029
- static bool ext_sigalgs_cert_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
1030
- SSL *const ssl = hs->ssl;
1031
- // If this extension is omitted, it defaults to the signature_algorithms
1032
- // extension, so only emit it if the list is different.
1033
- //
1034
- // This extension is also new in TLS 1.3, so omit it if TLS 1.3 is disabled.
1035
- // There is a corresponding version check in |ext_sigalgs_add_clienthello|.
1036
- if (hs->max_version < TLS1_3_VERSION ||
1037
- !tls12_has_different_verify_sigalgs_for_certs(ssl)) {
1038
- return true;
1039
- }
1040
-
1041
- CBB contents, sigalgs_cbb;
1042
- if (!CBB_add_u16(out, TLSEXT_TYPE_signature_algorithms_cert) ||
1043
- !CBB_add_u16_length_prefixed(out, &contents) ||
1044
- !CBB_add_u16_length_prefixed(&contents, &sigalgs_cbb) ||
1045
- !tls12_add_verify_sigalgs(ssl, &sigalgs_cbb, true /* certs */) ||
1046
- !CBB_flush(out)) {
1047
- return false;
1048
- }
1049
-
1050
- return true;
1051
- }
1052
-
1053
-
1054
974
  // OCSP Stapling.
1055
975
  //
1056
976
  // https://tools.ietf.org/html/rfc6066#section-8
@@ -1845,7 +1765,7 @@ static bool ext_pre_shared_key_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
1845
1765
  // Per RFC 8446 section 4.1.4, skip offering the session if the selected
1846
1766
  // cipher in HelloRetryRequest does not match. This avoids performing the
1847
1767
  // transcript hash transformation for multiple hashes.
1848
- if (hs->received_hello_retry_request &&
1768
+ if (ssl->s3 && ssl->s3->used_hello_retry_request &&
1849
1769
  ssl->session->cipher->algorithm_prf != hs->new_cipher->algorithm_prf) {
1850
1770
  return true;
1851
1771
  }
@@ -2035,7 +1955,7 @@ static bool ext_early_data_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
2035
1955
  SSL *const ssl = hs->ssl;
2036
1956
  // The second ClientHello never offers early data, and we must have already
2037
1957
  // filled in |early_data_reason| by this point.
2038
- if (hs->received_hello_retry_request) {
1958
+ if (ssl->s3->used_hello_retry_request) {
2039
1959
  assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
2040
1960
  return true;
2041
1961
  }
@@ -2089,7 +2009,7 @@ static bool ext_early_data_parse_serverhello(SSL_HANDSHAKE *hs,
2089
2009
  CBS *contents) {
2090
2010
  SSL *const ssl = hs->ssl;
2091
2011
  if (contents == NULL) {
2092
- if (hs->early_data_offered && !hs->received_hello_retry_request) {
2012
+ if (hs->early_data_offered && !ssl->s3->used_hello_retry_request) {
2093
2013
  ssl->s3->early_data_reason = ssl->s3->session_reused
2094
2014
  ? ssl_early_data_peer_declined
2095
2015
  : ssl_early_data_session_not_resumed;
@@ -2104,7 +2024,7 @@ static bool ext_early_data_parse_serverhello(SSL_HANDSHAKE *hs,
2104
2024
  // If we received an HRR, the second ClientHello never offers early data, so
2105
2025
  // the extensions logic will automatically reject early data extensions as
2106
2026
  // unsolicited. This covered by the ServerAcceptsEarlyDataOnHRR test.
2107
- assert(!hs->received_hello_retry_request);
2027
+ assert(!ssl->s3->used_hello_retry_request);
2108
2028
 
2109
2029
  if (CBS_len(contents) != 0) {
2110
2030
  *out_alert = SSL_AD_DECODE_ERROR;
@@ -2173,7 +2093,7 @@ static bool ext_key_share_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
2173
2093
 
2174
2094
  uint16_t group_id = hs->retry_group;
2175
2095
  uint16_t second_group_id = 0;
2176
- if (hs->received_hello_retry_request) {
2096
+ if (ssl->s3 && ssl->s3->used_hello_retry_request) {
2177
2097
  // We received a HelloRetryRequest without a new curve, so there is no new
2178
2098
  // share to append. Leave |hs->key_share| as-is.
2179
2099
  if (group_id == 0 &&
@@ -2235,7 +2155,7 @@ static bool ext_key_share_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
2235
2155
 
2236
2156
  // Save the contents of the extension to repeat it in the second
2237
2157
  // ClientHello.
2238
- if (!hs->received_hello_retry_request &&
2158
+ if (ssl->s3 && !ssl->s3->used_hello_retry_request &&
2239
2159
  !hs->key_share_bytes.CopyFrom(
2240
2160
  MakeConstSpan(CBB_data(&kse_bytes), CBB_len(&kse_bytes)))) {
2241
2161
  return false;
@@ -2855,66 +2775,6 @@ static bool cert_compression_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2855
2775
  }
2856
2776
 
2857
2777
 
2858
- // Post-quantum experiment signal
2859
- //
2860
- // This extension may be used in order to identify a control group for
2861
- // experimenting with post-quantum key exchange algorithms.
2862
-
2863
- static bool ext_pq_experiment_signal_add_clienthello(SSL_HANDSHAKE *hs,
2864
- CBB *out) {
2865
- if (hs->ssl->ctx->pq_experiment_signal &&
2866
- (!CBB_add_u16(out, TLSEXT_TYPE_pq_experiment_signal) ||
2867
- !CBB_add_u16(out, 0))) {
2868
- return false;
2869
- }
2870
-
2871
- return true;
2872
- }
2873
-
2874
- static bool ext_pq_experiment_signal_parse_serverhello(SSL_HANDSHAKE *hs,
2875
- uint8_t *out_alert,
2876
- CBS *contents) {
2877
- if (contents == nullptr) {
2878
- return true;
2879
- }
2880
-
2881
- if (!hs->ssl->ctx->pq_experiment_signal || CBS_len(contents) != 0) {
2882
- return false;
2883
- }
2884
-
2885
- hs->ssl->s3->pq_experiment_signal_seen = true;
2886
- return true;
2887
- }
2888
-
2889
- static bool ext_pq_experiment_signal_parse_clienthello(SSL_HANDSHAKE *hs,
2890
- uint8_t *out_alert,
2891
- CBS *contents) {
2892
- if (contents == nullptr) {
2893
- return true;
2894
- }
2895
-
2896
- if (CBS_len(contents) != 0) {
2897
- return false;
2898
- }
2899
-
2900
- if (hs->ssl->ctx->pq_experiment_signal) {
2901
- hs->ssl->s3->pq_experiment_signal_seen = true;
2902
- }
2903
-
2904
- return true;
2905
- }
2906
-
2907
- static bool ext_pq_experiment_signal_add_serverhello(SSL_HANDSHAKE *hs,
2908
- CBB *out) {
2909
- if (hs->ssl->s3->pq_experiment_signal_seen &&
2910
- (!CBB_add_u16(out, TLSEXT_TYPE_pq_experiment_signal) ||
2911
- !CBB_add_u16(out, 0))) {
2912
- return false;
2913
- }
2914
-
2915
- return true;
2916
- }
2917
-
2918
2778
  // kExtensions contains all the supported extensions.
2919
2779
  static const struct tls_extension kExtensions[] = {
2920
2780
  {
@@ -2991,14 +2851,6 @@ static const struct tls_extension kExtensions[] = {
2991
2851
  ext_sigalgs_parse_clienthello,
2992
2852
  dont_add_serverhello,
2993
2853
  },
2994
- {
2995
- TLSEXT_TYPE_signature_algorithms_cert,
2996
- NULL,
2997
- ext_sigalgs_cert_add_clienthello,
2998
- forbid_parse_serverhello,
2999
- ignore_parse_clienthello,
3000
- dont_add_serverhello,
3001
- },
3002
2854
  {
3003
2855
  TLSEXT_TYPE_next_proto_neg,
3004
2856
  NULL,
@@ -3103,14 +2955,6 @@ static const struct tls_extension kExtensions[] = {
3103
2955
  ext_delegated_credential_parse_clienthello,
3104
2956
  dont_add_serverhello,
3105
2957
  },
3106
- {
3107
- TLSEXT_TYPE_pq_experiment_signal,
3108
- NULL,
3109
- ext_pq_experiment_signal_add_clienthello,
3110
- ext_pq_experiment_signal_parse_serverhello,
3111
- ext_pq_experiment_signal_parse_clienthello,
3112
- ext_pq_experiment_signal_add_serverhello,
3113
- },
3114
2958
  };
3115
2959
 
3116
2960
  #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension))
@@ -4030,7 +3874,3 @@ int SSL_early_callback_ctx_extension_get(const SSL_CLIENT_HELLO *client_hello,
4030
3874
  void SSL_CTX_set_ed25519_enabled(SSL_CTX *ctx, int enabled) {
4031
3875
  ctx->ed25519_enabled = !!enabled;
4032
3876
  }
4033
-
4034
- void SSL_CTX_set_rsa_pss_rsae_certs_enabled(SSL_CTX *ctx, int enabled) {
4035
- ctx->rsa_pss_rsae_certs_enabled = !!enabled;
4036
- }