grpc 1.27.0 → 1.30.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +8023 -11435
- data/include/grpc/grpc.h +2 -2
- data/include/grpc/grpc_security.h +30 -9
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/grpc_types.h +24 -21
- data/include/grpc/impl/codegen/port_platform.h +13 -2
- data/include/grpc/impl/codegen/sync.h +5 -3
- data/include/grpc/impl/codegen/sync_abseil.h +36 -0
- data/include/grpc/module.modulemap +25 -37
- data/include/grpc/support/sync_abseil.h +26 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +7 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +282 -269
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +31 -47
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -3
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -22
- data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -11
- data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
- data/src/core/ext/filters/client_channel/lb_policy.h +42 -33
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +297 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +286 -495
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +18 -21
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +10 -14
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +5 -11
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +148 -98
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -3
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +49 -77
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
- data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
- data/src/core/ext/filters/client_channel/resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver.h +12 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +129 -128
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +35 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +17 -21
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +72 -117
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +186 -135
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +42 -45
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +94 -103
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +61 -10
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -3
- data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +242 -300
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +21 -18
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +56 -206
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +11 -14
- data/src/core/ext/filters/client_channel/server_address.cc +6 -9
- data/src/core/ext/filters/client_channel/server_address.h +6 -12
- data/src/core/ext/filters/client_channel/service_config.cc +144 -253
- data/src/core/ext/filters/client_channel/service_config.h +32 -109
- data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +54 -24
- data/src/core/ext/filters/client_channel/subchannel.h +35 -11
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +1381 -301
- data/src/core/ext/filters/client_channel/xds/xds_api.h +211 -152
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +214 -359
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +28 -44
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +3 -1
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +16 -11
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +1118 -472
- data/src/core/ext/filters/client_channel/xds/xds_client.h +116 -45
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +59 -135
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +122 -137
- data/src/core/ext/filters/http/client/http_client_filter.cc +23 -28
- data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
- data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +38 -44
- data/src/core/ext/filters/message_size/message_size_filter.h +5 -5
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +7 -10
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +26 -27
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +14 -21
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +16 -9
- data/src/core/ext/transport/inproc/inproc_transport.cc +41 -42
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +54 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +5 -205
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -788
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +5 -362
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +14 -1337
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +403 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +1447 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +30 -8
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +60 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +2 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +2 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +87 -23
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +262 -62
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +20 -15
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +46 -32
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +27 -4
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +70 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +46 -25
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +98 -25
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +2 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +77 -21
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +201 -4
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +2 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +8 -68
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +14 -201
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +92 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +240 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +2 -71
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +3 -228
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +266 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +2 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +31 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +109 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +399 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +18 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +33 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +145 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +527 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +112 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +30 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +199 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +18 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +33 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +815 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +3032 -0
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +59 -0
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +134 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +28 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +228 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +725 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +316 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +1132 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +33 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +4 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +144 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +133 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +258 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +12 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +27 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +89 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +249 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +9 -8
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +30 -24
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +30 -27
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +64 -52
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +104 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +44 -39
- data/src/core/ext/upb-generated/validate/validate.upb.h +155 -119
- data/src/core/lib/channel/channel_args.cc +15 -14
- data/src/core/lib/channel/channel_args.h +3 -1
- data/src/core/lib/channel/channel_stack.h +20 -13
- data/src/core/lib/channel/channel_trace.cc +32 -41
- data/src/core/lib/channel/channel_trace.h +3 -3
- data/src/core/lib/channel/channelz.cc +163 -254
- data/src/core/lib/channel/channelz.h +15 -17
- data/src/core/lib/channel/channelz_registry.cc +52 -77
- data/src/core/lib/channel/channelz_registry.h +4 -4
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +11 -13
- data/src/core/lib/channel/handshaker.h +4 -2
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +3 -1
- data/src/core/lib/gpr/spinlock.h +2 -3
- data/src/core/lib/gpr/string.cc +2 -26
- data/src/core/lib/gpr/string.h +0 -16
- data/src/core/lib/gpr/sync_abseil.cc +116 -0
- data/src/core/lib/gpr/sync_posix.cc +8 -5
- data/src/core/lib/gpr/sync_windows.cc +4 -2
- data/src/core/lib/gpr/time.cc +4 -0
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gprpp/atomic.h +6 -6
- data/src/core/lib/gprpp/fork.cc +1 -1
- data/src/core/lib/gprpp/host_port.cc +30 -36
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/map.h +5 -11
- data/src/core/lib/gprpp/memory.h +2 -6
- data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
- data/src/core/lib/gprpp/sync.h +9 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +2 -3
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +5 -5
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.cc +36 -35
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +3 -2
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/error.cc +6 -9
- data/src/core/lib/iomgr/error.h +4 -5
- data/src/core/lib/iomgr/ev_apple.cc +356 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -23
- data/src/core/lib/iomgr/ev_epollex_linux.cc +14 -7
- data/src/core/lib/iomgr/ev_poll_posix.cc +3 -3
- data/src/core/lib/iomgr/ev_posix.cc +2 -3
- data/src/core/lib/iomgr/exec_ctx.h +14 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
- data/src/core/lib/iomgr/load_file.cc +1 -0
- data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
- data/src/core/lib/iomgr/pollset_uv.h +32 -0
- data/src/core/lib/iomgr/port.h +1 -0
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +29 -39
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -17
- data/src/core/lib/iomgr/resource_quota.cc +4 -6
- data/src/core/lib/iomgr/sockaddr_utils.cc +23 -29
- data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -26
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -7
- data/src/core/lib/iomgr/tcp_client_posix.cc +25 -22
- data/src/core/lib/iomgr/tcp_client_posix.h +6 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
- data/src/core/lib/iomgr/tcp_custom.cc +2 -3
- data/src/core/lib/iomgr/tcp_posix.cc +2 -1
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -9
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
- data/src/core/lib/iomgr/tcp_uv.cc +3 -2
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_generic.cc +2 -3
- data/src/core/lib/iomgr/timer_generic.h +39 -0
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/udp_server.cc +9 -14
- data/src/core/lib/iomgr/work_serializer.cc +155 -0
- data/src/core/lib/iomgr/work_serializer.h +65 -0
- data/src/core/lib/json/json.h +210 -79
- data/src/core/lib/json/json_reader.cc +469 -455
- data/src/core/lib/json/json_writer.cc +174 -169
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +0 -84
- data/src/core/lib/security/credentials/credentials.h +8 -59
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +9 -12
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +26 -56
- data/src/core/lib/security/credentials/jwt/json_token.h +4 -6
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +8 -18
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +151 -168
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +4 -6
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +91 -60
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +10 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +13 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +40 -12
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +7 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +6 -8
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +20 -37
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -6
- data/src/core/lib/security/security_connector/ssl_utils.cc +62 -13
- data/src/core/lib/security/security_connector/ssl_utils.h +12 -11
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +101 -52
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +32 -6
- data/src/core/lib/security/transport/auth_filters.h +0 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +1 -2
- data/src/core/lib/security/transport/security_handshaker.cc +2 -2
- data/src/core/lib/security/util/json_util.cc +22 -15
- data/src/core/lib/security/util/json_util.h +2 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +14 -0
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +2 -3
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +53 -31
- data/src/core/lib/surface/channel.h +35 -4
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +33 -33
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/server.cc +570 -369
- data/src/core/lib/surface/server.h +32 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +7 -2
- data/src/core/lib/transport/connectivity_state.cc +7 -6
- data/src/core/lib/transport/connectivity_state.h +5 -3
- data/src/core/lib/transport/metadata.cc +3 -3
- data/src/core/lib/transport/metadata_batch.h +2 -3
- data/src/core/lib/transport/static_metadata.h +1 -1
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/transport.cc +2 -3
- data/src/core/lib/transport/transport.h +3 -2
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.h +2 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +20 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +9 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +33 -3
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/fake_transport_security.cc +10 -15
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +54 -40
- data/src/core/tsi/ssl_transport_security.h +8 -8
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +3 -3
- data/src/ruby/ext/grpc/rb_call.c +9 -1
- data/src/ruby/ext/grpc/rb_call_credentials.c +3 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +6 -0
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +7 -1
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/third_party/abseil-cpp/absl/base/attributes.h +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +10 -4
- data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +30 -9
- data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +7 -5
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +2 -1
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +2 -3
- data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +3 -3
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +37 -0
- data/third_party/abseil-cpp/absl/base/options.h +2 -10
- data/third_party/abseil-cpp/absl/strings/charconv.cc +0 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +388 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +432 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +245 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +209 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +326 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +51 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +415 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +493 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +23 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +104 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +334 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +333 -0
- data/third_party/abseil-cpp/absl/strings/str_format.h +537 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +19 -11
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
- data/third_party/abseil-cpp/absl/time/format.cc +153 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1584 -0
- data/{src/boringssl → third_party/boringssl-with-bazel}/err_data.c +329 -297
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bitstr.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bool.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_d2i_fp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_dup.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_enum.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_gentm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_i2d_fp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_int.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_mbstr.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_object.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_octet.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_print.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_strnid.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_time.c +3 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_type.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utctm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utf8.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_lib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_locl.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_par.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn_pack.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_enum.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_int.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_string.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_dec.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_enc.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_fre.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_new.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_typ.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_utl.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/time_support.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/base64/base64.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio_mem.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/connect.c +3 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/fd.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/file.c +5 -6
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/hexdump.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/pair.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/printf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket_helper.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/bn_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/convert.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/buf/buf.c +10 -69
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/asn1_compat.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/ber.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbb.c +41 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbs.c +60 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/unicode.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/chacha.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/cipher_extra.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesccm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesctrhmac.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesgcmsiv.c +8 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_chacha20poly1305.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_null.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc2.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc4.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_tls.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/tls_cbc.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cmac/cmac.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf_def.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-fuchsia.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-linux.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.c +7 -6
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-intel.c +13 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-ppc64le.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/crypto.c +11 -0
- data/third_party/{boringssl/third_party/fiat → boringssl-with-bazel/src/crypto/curve25519}/curve25519.c +18 -26
- data/third_party/{boringssl/third_party/fiat → boringssl-with-bazel/src/crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/{boringssl/third_party/fiat → boringssl-with-bazel/src/crypto/curve25519}/internal.h +14 -22
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/curve25519/spake25519.c +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/check.c +3 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh.c +16 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/params.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/digest_extra/digest_extra.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa.c +10 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_derive.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdsa_extra/ecdsa_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/engine/engine.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/err.c +39 -38
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/digestsign.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_ctx.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_dsa_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa.c +14 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519_asn1.c +1 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/pbkdf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/print.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/scrypt.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/sign.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ex_data.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/internal.h +5 -7
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/key_wrap.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/mode_wrappers.c +0 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bcm.c +4 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/add.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bn.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bytes.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/cmp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/ctx.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div_extra.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd_extra.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/generic.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/internal.h +14 -11
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/jacobi.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery_inv.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/prime.c +11 -12
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/random.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/shift.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/sqrt.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/aead.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/cipher.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_aes.c +3 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_des.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/delocate.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/des.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digest.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/md32_common.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec.c +289 -117
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_key.c +14 -28
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/internal.h +432 -160
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p224-64.c +5 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9497 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.c +80 -99
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +175 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +270 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/util.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/fips_shared_support.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/hmac/hmac.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/is_fips.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md4/md4.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/md5.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cbc.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cfb.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ctr.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/gcm.c +45 -193
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/internal.h +8 -18
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ofb.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/polyval.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/ctrdrbg.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/internal.h +41 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/rand.c +32 -17
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/urandom.c +24 -114
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/internal.h +1 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/padding.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa.c +58 -39
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa_impl.c +72 -49
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/self_check/self_check.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1-altivec.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha256.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/kdf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hkdf/hkdf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/hrss.c +210 -311
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/internal.h +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/internal.h +21 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/lhash/lhash.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/mem.c +99 -12
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj.c +16 -21
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_dat.h +41 -6
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_xref.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_all.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_info.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_lib.c +7 -7
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_oth.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pk8.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pkey.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_xaux.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7_x509.c +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/p5_pbev2.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8_x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305.c +2 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_arm.c +21 -20
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_vec.c +34 -17
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/pool.c +1 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/forkunsafe.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/fuchsia.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/rand_extra.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/windows.c +16 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rc4/rc4.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_c11.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_lock.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_print.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/siphash/siphash.c +3 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/stack/stack.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_none.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_pthread.c +4 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_digest.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_sign.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_strex.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_verify.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/algorithm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/asn1_gen.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_dir.c +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_file.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/charmap.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/i2d_pr.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/rsa_pss.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_crl.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_req.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509a.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/vpm_int.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_att.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_cmp.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_d2.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_def.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_ext.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_lu.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_obj.c +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_r2x.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_req.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_set.c +16 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_trs.c +1 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_txt.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_v3.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vfy.c +5 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vpm.c +3 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509cset.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509name.c +4 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509rset.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509spki.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_algor.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_all.c +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_attrib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_crl.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_exten.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_info.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_name.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pkey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pubkey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_req.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_sig.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_spki.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_val.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509a.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/ext_dat.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_cache.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_data.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_int.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_lib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_map.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_node.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_tree.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akeya.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_alt.c +3 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bcons.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bitst.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_conf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_cpols.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_crld.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_enum.c +2 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_extku.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_genn.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ia5.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_info.c +4 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_int.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_lib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ncons.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ocsp.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pci.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcia.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcons.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pku.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pmaps.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_prn.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_purp.c +2 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_skey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_sxnet.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_utl.c +11 -12
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aead.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aes.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/arm_arch.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1_mac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1t.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base.h +5 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base64.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bio.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/blowfish.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bn.h +32 -20
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buf.h +9 -9
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buffer.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bytestring.h +34 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cast.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/chacha.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cipher.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cmac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/conf.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cpu.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/crypto.h +9 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/curve25519.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/des.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dh.h +20 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/digest.h +1 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dsa.h +16 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dtls1.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/e_os2.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec.h +11 -4
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec_key.h +4 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdh.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdsa.h +6 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/engine.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/err.h +13 -9
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/evp.h +20 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ex_data.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hkdf.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hmac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hrss.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/is_boringssl.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/lhash.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md4.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md5.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/mem.h +17 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/nid.h +14 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj_mac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/objects.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslconf.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslv.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ossl_typ.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pem.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs12.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs7.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs8.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/poly1305.h +5 -7
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pool.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rand.h +3 -17
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rc4.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ripemd.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rsa.h +31 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/safestack.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/sha.h +26 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/siphash.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/span.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/srtp.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl.h +182 -97
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl3.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/stack.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/thread.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/tls1.h +1 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/type_check.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509.h +5 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509_vfy.h +1 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509v3.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/bio_ssl.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_both.cc +0 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_lib.cc +3 -3
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_pkt.cc +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_srtp.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_method.cc +13 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_record.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handoff.cc +237 -51
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake.cc +19 -7
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_client.cc +51 -32
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_server.cc +12 -8
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/internal.h +94 -71
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_both.cc +10 -10
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_lib.cc +4 -5
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_pkt.cc +21 -22
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_aead_ctx.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_asn1.cc +30 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_buffer.cc +34 -15
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cert.cc +4 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cipher.cc +0 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_file.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_key_share.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_lib.cc +19 -15
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_privkey.cc +13 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_session.cc +66 -6
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_stat.cc +6 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_transcript.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_versions.cc +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_x509.cc +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_enc.cc +6 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_lib.cc +53 -219
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_both.cc +1 -1
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_client.cc +101 -31
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_enc.cc +28 -76
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_server.cc +111 -104
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_method.cc +64 -26
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_record.cc +7 -2
- data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3147 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_64.h +512 -503
- metadata +648 -499
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1917
- data/src/core/lib/gprpp/inlined_vector.h +0 -246
- data/src/core/lib/gprpp/optional.h +0 -74
- data/src/core/lib/gprpp/string_view.h +0 -169
- data/src/core/lib/iomgr/logical_thread.cc +0 -103
- data/src/core/lib/iomgr/logical_thread.h +0 -52
- data/src/core/lib/json/json.cc +0 -94
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3297
- data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +0 -860
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -9501
- data/third_party/boringssl/crypto/fipsmodule/ec/scalar.c +0 -96
- data/third_party/boringssl/crypto/fipsmodule/ec/simple_mul.c +0 -84
- data/third_party/boringssl/third_party/fiat/p256.c +0 -1063
- data/third_party/boringssl/third_party/fiat/p256_32.h +0 -3226
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
@@ -179,6 +179,7 @@ extern "C" {
|
|
|
179
179
|
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
|
|
180
180
|
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115
|
|
181
181
|
#define TLS1_AD_CERTIFICATE_REQUIRED 116
|
|
182
|
+
#define TLS1_AD_NO_APPLICATION_PROTOCOL 120
|
|
182
183
|
|
|
183
184
|
// ExtensionType values from RFC6066
|
|
184
185
|
#define TLSEXT_TYPE_server_name 0
|
|
@@ -244,9 +245,6 @@ extern "C" {
|
|
|
244
245
|
// This is not an IANA defined extension number
|
|
245
246
|
#define TLSEXT_TYPE_channel_id 30032
|
|
246
247
|
|
|
247
|
-
// This is not an IANA defined extension number
|
|
248
|
-
#define TLSEXT_TYPE_pq_experiment_signal 54538
|
|
249
|
-
|
|
250
248
|
// status request value from RFC 3546
|
|
251
249
|
#define TLSEXT_STATUSTYPE_nothing (-1)
|
|
252
250
|
#define TLSEXT_STATUSTYPE_ocsp 1
|
|
@@ -0,0 +1,291 @@
|
|
|
1
|
+
/* Copyright (c) 2020, Google Inc.
|
|
2
|
+
*
|
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
|
6
|
+
*
|
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
|
14
|
+
|
|
15
|
+
#ifndef OPENSSL_HEADER_TRUST_TOKEN_H
|
|
16
|
+
#define OPENSSL_HEADER_TRUST_TOKEN_H
|
|
17
|
+
|
|
18
|
+
#include <openssl/base.h>
|
|
19
|
+
#include <openssl/stack.h>
|
|
20
|
+
|
|
21
|
+
#if defined(__cplusplus)
|
|
22
|
+
extern "C" {
|
|
23
|
+
#endif
|
|
24
|
+
|
|
25
|
+
|
|
26
|
+
// Trust Token implementation.
|
|
27
|
+
//
|
|
28
|
+
// Trust Token is an implementation of an experimental mechanism similar to
|
|
29
|
+
// Privacy Pass which allows issuance and redemption of anonymized tokens with
|
|
30
|
+
// limited private metadata.
|
|
31
|
+
//
|
|
32
|
+
// References:
|
|
33
|
+
// https://eprint.iacr.org/2020/072.pdf
|
|
34
|
+
// https://github.com/alxdavids/privacy-pass-ietf/tree/master/drafts
|
|
35
|
+
// https://github.com/WICG/trust-token-api/blob/master/README.md
|
|
36
|
+
//
|
|
37
|
+
// WARNING: This API is unstable and subject to change.
|
|
38
|
+
|
|
39
|
+
// TRUST_TOKEN_experiment_v0 is an experimental Trust Tokens protocol using
|
|
40
|
+
// PMBTokens and P-521.
|
|
41
|
+
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v0(void);
|
|
42
|
+
|
|
43
|
+
// TRUST_TOKEN_experiment_v1 is an experimental Trust Tokens protocol using
|
|
44
|
+
// PMBTokens and P-384. This version is still under developement and should not
|
|
45
|
+
// be used yet.
|
|
46
|
+
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void);
|
|
47
|
+
|
|
48
|
+
// trust_token_st represents a single-use token for the Trust Token protocol.
|
|
49
|
+
// For the client, this is the token and its corresponding signature. For the
|
|
50
|
+
// issuer, this is the token itself.
|
|
51
|
+
struct trust_token_st {
|
|
52
|
+
uint8_t *data;
|
|
53
|
+
size_t len;
|
|
54
|
+
};
|
|
55
|
+
|
|
56
|
+
DEFINE_STACK_OF(TRUST_TOKEN)
|
|
57
|
+
|
|
58
|
+
// TRUST_TOKEN_new creates a newly-allocated |TRUST_TOKEN| with value |data| or
|
|
59
|
+
// NULL on allocation failure.
|
|
60
|
+
OPENSSL_EXPORT TRUST_TOKEN *TRUST_TOKEN_new(const uint8_t *data, size_t len);
|
|
61
|
+
|
|
62
|
+
// TRUST_TOKEN_free releases memory associated with |token|.
|
|
63
|
+
OPENSSL_EXPORT void TRUST_TOKEN_free(TRUST_TOKEN *token);
|
|
64
|
+
|
|
65
|
+
#define TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE 512
|
|
66
|
+
#define TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE 512
|
|
67
|
+
|
|
68
|
+
// TRUST_TOKEN_generate_key creates a new Trust Token keypair labeled with |id|
|
|
69
|
+
// and serializes the private and public keys, writing the private key to
|
|
70
|
+
// |out_priv_key| and setting |*out_priv_key_len| to the number of bytes
|
|
71
|
+
// written, and writing the public key to |out_pub_key| and setting
|
|
72
|
+
// |*out_pub_key_len| to the number of bytes written.
|
|
73
|
+
//
|
|
74
|
+
// At most |max_priv_key_len| and |max_pub_key_len| bytes are written. In order
|
|
75
|
+
// to ensure success, these should be at least
|
|
76
|
+
// |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
|
|
77
|
+
//
|
|
78
|
+
// WARNING: This API is unstable and the serializations of these keys are
|
|
79
|
+
// subject to change. Keys generated with this function may not be persisted.
|
|
80
|
+
//
|
|
81
|
+
// This function returns one on success or zero on error.
|
|
82
|
+
OPENSSL_EXPORT int TRUST_TOKEN_generate_key(
|
|
83
|
+
const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
|
|
84
|
+
size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
|
|
85
|
+
size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id);
|
|
86
|
+
|
|
87
|
+
|
|
88
|
+
// Trust Token client implementation.
|
|
89
|
+
//
|
|
90
|
+
// These functions implements the client half of the Trust Token protocol. A
|
|
91
|
+
// single |TRUST_TOKEN_CLIENT| can perform a single protocol operation.
|
|
92
|
+
|
|
93
|
+
// TRUST_TOKEN_CLIENT_new returns a newly-allocated |TRUST_TOKEN_CLIENT|
|
|
94
|
+
// configured to use a max batchsize of |max_batchsize| or NULL on error.
|
|
95
|
+
// Issuance requests must be made in batches smaller than |max_batchsize|. This
|
|
96
|
+
// function will return an error if |max_batchsize| is too large for Trust
|
|
97
|
+
// Tokens.
|
|
98
|
+
OPENSSL_EXPORT TRUST_TOKEN_CLIENT *TRUST_TOKEN_CLIENT_new(
|
|
99
|
+
const TRUST_TOKEN_METHOD *method, size_t max_batchsize);
|
|
100
|
+
|
|
101
|
+
// TRUST_TOKEN_CLIENT_free releases memory associated with |ctx|.
|
|
102
|
+
OPENSSL_EXPORT void TRUST_TOKEN_CLIENT_free(TRUST_TOKEN_CLIENT *ctx);
|
|
103
|
+
|
|
104
|
+
// TRUST_TOKEN_CLIENT_add_key configures the |ctx| to support the public key
|
|
105
|
+
// |key|. It sets |*out_key_index| to the index this key has been configured to.
|
|
106
|
+
// It returns one on success or zero on error if the |key| can't be parsed or
|
|
107
|
+
// too many keys have been configured.
|
|
108
|
+
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_add_key(TRUST_TOKEN_CLIENT *ctx,
|
|
109
|
+
size_t *out_key_index,
|
|
110
|
+
const uint8_t *key,
|
|
111
|
+
size_t key_len);
|
|
112
|
+
|
|
113
|
+
// TRUST_TOKEN_CLIENT_set_srr_key sets the public key used to verify the SRR. It
|
|
114
|
+
// returns one on success and zero on error.
|
|
115
|
+
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_set_srr_key(TRUST_TOKEN_CLIENT *ctx,
|
|
116
|
+
EVP_PKEY *key);
|
|
117
|
+
|
|
118
|
+
// TRUST_TOKEN_CLIENT_begin_issuance produces a request for |count| trust tokens
|
|
119
|
+
// and serializes the request into a newly-allocated buffer, setting |*out| to
|
|
120
|
+
// that buffer and |*out_len| to its length. The caller takes ownership of the
|
|
121
|
+
// buffer and must call |OPENSSL_free| when done. It returns one on success and
|
|
122
|
+
// zero on error.
|
|
123
|
+
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_issuance(TRUST_TOKEN_CLIENT *ctx,
|
|
124
|
+
uint8_t **out,
|
|
125
|
+
size_t *out_len,
|
|
126
|
+
size_t count);
|
|
127
|
+
|
|
128
|
+
// TRUST_TOKEN_CLIENT_finish_issuance consumes |response| from the issuer and
|
|
129
|
+
// extracts the tokens, returning a list of tokens and the index of the key used
|
|
130
|
+
// to sign the tokens in |*out_key_index|. The caller can use this to determine
|
|
131
|
+
// what key was used in an issuance and to drop tokens if a new key commitment
|
|
132
|
+
// arrives without the specified key present. The caller takes ownership of the
|
|
133
|
+
// list and must call |sk_TRUST_TOKEN_pop_free| when done. The list is empty if
|
|
134
|
+
// issuance fails.
|
|
135
|
+
OPENSSL_EXPORT STACK_OF(TRUST_TOKEN) *
|
|
136
|
+
TRUST_TOKEN_CLIENT_finish_issuance(TRUST_TOKEN_CLIENT *ctx,
|
|
137
|
+
size_t *out_key_index,
|
|
138
|
+
const uint8_t *response,
|
|
139
|
+
size_t response_len);
|
|
140
|
+
|
|
141
|
+
|
|
142
|
+
// TRUST_TOKEN_CLIENT_begin_redemption produces a request to redeem a token
|
|
143
|
+
// |token| and receive a signature over |data| and serializes the request into
|
|
144
|
+
// a newly-allocated buffer, setting |*out| to that buffer and |*out_len| to
|
|
145
|
+
// its length. |time| is the number of seconds since the UNIX epoch and used to
|
|
146
|
+
// verify the validity of the issuer's response. The caller takes ownership of
|
|
147
|
+
// the buffer and must call |OPENSSL_free| when done. It returns one on success
|
|
148
|
+
// or zero on error.
|
|
149
|
+
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_redemption(
|
|
150
|
+
TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len,
|
|
151
|
+
const TRUST_TOKEN *token, const uint8_t *data, size_t data_len,
|
|
152
|
+
uint64_t time);
|
|
153
|
+
|
|
154
|
+
// TRUST_TOKEN_CLIENT_finish_redemption consumes |response| from the issuer and
|
|
155
|
+
// verifies the SRR. If valid, it returns one and sets |*out_srr| and
|
|
156
|
+
// |*out_srr_len| (respectively, |*out_sig| and |*out_sig_len|) to a
|
|
157
|
+
// newly-allocated buffer containing the SRR (respectively, the SRR signature).
|
|
158
|
+
// Otherwise, it returns zero.
|
|
159
|
+
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_finish_redemption(
|
|
160
|
+
TRUST_TOKEN_CLIENT *ctx, uint8_t **out_srr, size_t *out_srr_len,
|
|
161
|
+
uint8_t **out_sig, size_t *out_sig_len, const uint8_t *response,
|
|
162
|
+
size_t response_len);
|
|
163
|
+
|
|
164
|
+
|
|
165
|
+
// Trust Token issuer implementation.
|
|
166
|
+
//
|
|
167
|
+
// These functions implement the issuer half of the Trust Token protocol. A
|
|
168
|
+
// |TRUST_TOKEN_ISSUER| can be reused across multiple protocol operations. It
|
|
169
|
+
// may be used concurrently on multiple threads by non-mutating functions,
|
|
170
|
+
// provided no other thread is concurrently calling a mutating function.
|
|
171
|
+
// Functions which take a |const| pointer are non-mutating and functions which
|
|
172
|
+
// take a non-|const| pointer are mutating.
|
|
173
|
+
|
|
174
|
+
// TRUST_TOKEN_ISSUER_new returns a newly-allocated |TRUST_TOKEN_ISSUER|
|
|
175
|
+
// configured to use a max batchsize of |max_batchsize| or NULL on error.
|
|
176
|
+
// Issuance requests must be made in batches smaller than |max_batchsize|. This
|
|
177
|
+
// function will return an error if |max_batchsize| is too large for Trust
|
|
178
|
+
// Tokens.
|
|
179
|
+
OPENSSL_EXPORT TRUST_TOKEN_ISSUER *TRUST_TOKEN_ISSUER_new(
|
|
180
|
+
const TRUST_TOKEN_METHOD *method, size_t max_batchsize);
|
|
181
|
+
|
|
182
|
+
// TRUST_TOKEN_ISSUER_free releases memory associated with |ctx|.
|
|
183
|
+
OPENSSL_EXPORT void TRUST_TOKEN_ISSUER_free(TRUST_TOKEN_ISSUER *ctx);
|
|
184
|
+
|
|
185
|
+
// TRUST_TOKEN_ISSUER_add_key configures the |ctx| to support the private key
|
|
186
|
+
// |key|. It must be a private key returned by |TRUST_TOKEN_generate_key|. It
|
|
187
|
+
// returns one on success or zero on error. This function may fail if the |key|
|
|
188
|
+
// can't be parsed or too many keys have been configured.
|
|
189
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_add_key(TRUST_TOKEN_ISSUER *ctx,
|
|
190
|
+
const uint8_t *key,
|
|
191
|
+
size_t key_len);
|
|
192
|
+
|
|
193
|
+
// TRUST_TOKEN_ISSUER_set_srr_key sets the private key used to sign the SRR. It
|
|
194
|
+
// returns one on success and zero on error.
|
|
195
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_set_srr_key(TRUST_TOKEN_ISSUER *ctx,
|
|
196
|
+
EVP_PKEY *key);
|
|
197
|
+
|
|
198
|
+
// TRUST_TOKEN_ISSUER_set_metadata_key sets the key used to encrypt the private
|
|
199
|
+
// metadata. The key is a randomly generated bytestring of at least 32 bytes
|
|
200
|
+
// used to encode the private metadata bit in the SRR. It returns one on success
|
|
201
|
+
// and zero on error.
|
|
202
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_set_metadata_key(TRUST_TOKEN_ISSUER *ctx,
|
|
203
|
+
const uint8_t *key,
|
|
204
|
+
size_t len);
|
|
205
|
+
|
|
206
|
+
// TRUST_TOKEN_ISSUER_issue ingests |request| for token issuance
|
|
207
|
+
// and generates up to |max_issuance| valid tokens, producing a list of blinded
|
|
208
|
+
// tokens and storing the response into a newly-allocated buffer and setting
|
|
209
|
+
// |*out| to that buffer, |*out_len| to its length, and |*out_tokens_issued| to
|
|
210
|
+
// the number of tokens issued. The tokens are issued with public metadata of
|
|
211
|
+
// |public_metadata| and a private metadata value of |private_metadata|.
|
|
212
|
+
// |public_metadata| must be one of the previously configured key IDs.
|
|
213
|
+
// |private_metadata| must be 0 or 1. The caller takes ownership of the buffer
|
|
214
|
+
// and must call |OPENSSL_free| when done. It returns one on success or zero on
|
|
215
|
+
// error.
|
|
216
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_issue(
|
|
217
|
+
const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
|
|
218
|
+
size_t *out_tokens_issued, const uint8_t *request, size_t request_len,
|
|
219
|
+
uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
|
|
220
|
+
|
|
221
|
+
// TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
|
|
222
|
+
// verifies the token. If the token is valid, a SRR is produced with a lifetime
|
|
223
|
+
// of |lifetime| (in seconds), signing over the requested data from the request
|
|
224
|
+
// and the value of the token, storing the result into a newly-allocated buffer
|
|
225
|
+
// and setting |*out| to that buffer and |*out_len| to its length. The extracted
|
|
226
|
+
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
|
|
227
|
+
// |*out_token|. The extracted client data is stored into a newly-allocated
|
|
228
|
+
// buffer and stored in |*out_client_data|. The extracted redemption time is
|
|
229
|
+
// stored in |*out_redemption_time|. The caller takes ownership of each output
|
|
230
|
+
// buffer and must call |OPENSSL_free| when done. It returns one on success or
|
|
231
|
+
// zero on error.
|
|
232
|
+
//
|
|
233
|
+
// The caller must keep track of all values of |*out_token| seen globally before
|
|
234
|
+
// returning the SRR to the client. If the value has been reused, the caller
|
|
235
|
+
// must discard the SRR and report an error to the caller. Returning an SRR with
|
|
236
|
+
// replayed values allows an attacker to double-spend tokens.
|
|
237
|
+
//
|
|
238
|
+
// The private metadata construction in |TRUST_TOKEN_experiment_v0| does not
|
|
239
|
+
// keep the value secret and should not be used when secrecy is required.
|
|
240
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
|
|
241
|
+
const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
|
|
242
|
+
TRUST_TOKEN **out_token, uint8_t **out_client_data,
|
|
243
|
+
size_t *out_client_data_len, uint64_t *out_redemption_time,
|
|
244
|
+
const uint8_t *request, size_t request_len, uint64_t lifetime);
|
|
245
|
+
|
|
246
|
+
// TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
|
|
247
|
+
// private metadata key specified by a |key| buffer of length |key_len| and the
|
|
248
|
+
// nonce by a |nonce| buffer of length |nonce_len|. The nonce in
|
|
249
|
+
// |TRUST_TOKEN_experiment_v0| is the client-data field of the SRR. The nonce in
|
|
250
|
+
// |TRUST_TOKEN_experiment_v1| is the token-hash field of the SRR. |*out_value|
|
|
251
|
+
// is set to the decrypted value, either zero or one. It returns one on success
|
|
252
|
+
// and zero on error.
|
|
253
|
+
OPENSSL_EXPORT int TRUST_TOKEN_decode_private_metadata(
|
|
254
|
+
const TRUST_TOKEN_METHOD *method, uint8_t *out_value, const uint8_t *key,
|
|
255
|
+
size_t key_len, const uint8_t *nonce, size_t nonce_len,
|
|
256
|
+
uint8_t encrypted_bit);
|
|
257
|
+
|
|
258
|
+
|
|
259
|
+
#if defined(__cplusplus)
|
|
260
|
+
} // extern C
|
|
261
|
+
|
|
262
|
+
extern "C++" {
|
|
263
|
+
|
|
264
|
+
BSSL_NAMESPACE_BEGIN
|
|
265
|
+
|
|
266
|
+
BORINGSSL_MAKE_DELETER(TRUST_TOKEN, TRUST_TOKEN_free)
|
|
267
|
+
BORINGSSL_MAKE_DELETER(TRUST_TOKEN_CLIENT, TRUST_TOKEN_CLIENT_free)
|
|
268
|
+
BORINGSSL_MAKE_DELETER(TRUST_TOKEN_ISSUER, TRUST_TOKEN_ISSUER_free)
|
|
269
|
+
|
|
270
|
+
BSSL_NAMESPACE_END
|
|
271
|
+
|
|
272
|
+
} // extern C++
|
|
273
|
+
#endif
|
|
274
|
+
|
|
275
|
+
#define TRUST_TOKEN_R_KEYGEN_FAILURE 100
|
|
276
|
+
#define TRUST_TOKEN_R_BUFFER_TOO_SMALL 101
|
|
277
|
+
#define TRUST_TOKEN_R_OVER_BATCHSIZE 102
|
|
278
|
+
#define TRUST_TOKEN_R_DECODE_ERROR 103
|
|
279
|
+
#define TRUST_TOKEN_R_SRR_SIGNATURE_ERROR 104
|
|
280
|
+
#define TRUST_TOKEN_R_DECODE_FAILURE 105
|
|
281
|
+
#define TRUST_TOKEN_R_INVALID_METADATA 106
|
|
282
|
+
#define TRUST_TOKEN_R_TOO_MANY_KEYS 107
|
|
283
|
+
#define TRUST_TOKEN_R_NO_KEYS_CONFIGURED 108
|
|
284
|
+
#define TRUST_TOKEN_R_INVALID_KEY_ID 109
|
|
285
|
+
#define TRUST_TOKEN_R_INVALID_TOKEN 110
|
|
286
|
+
#define TRUST_TOKEN_R_BAD_VALIDITY_CHECK 111
|
|
287
|
+
#define TRUST_TOKEN_R_NO_SRR_KEY_CONFIGURED 112
|
|
288
|
+
#define TRUST_TOKEN_R_INVALID_METADATA_KEY 113
|
|
289
|
+
#define TRUST_TOKEN_R_INVALID_PROOF 114
|
|
290
|
+
|
|
291
|
+
#endif // OPENSSL_HEADER_TRUST_TOKEN_H
|
|
File without changes
|
|
@@ -829,8 +829,10 @@ OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name);
|
|
|
829
829
|
OPENSSL_EXPORT X509_NAME * X509_get_subject_name(X509 *a);
|
|
830
830
|
OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
|
|
831
831
|
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x);
|
|
832
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x);
|
|
832
833
|
OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
|
|
833
834
|
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x);
|
|
835
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
|
|
834
836
|
OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
|
835
837
|
OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x);
|
|
836
838
|
OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
|
|
@@ -957,13 +959,13 @@ OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
|
|
|
957
959
|
OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
|
|
958
960
|
int loc, int set);
|
|
959
961
|
OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
|
|
960
|
-
unsigned char *bytes, int len, int loc, int set);
|
|
962
|
+
const unsigned char *bytes, int len, int loc, int set);
|
|
961
963
|
OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
|
|
962
|
-
unsigned char *bytes, int len, int loc, int set);
|
|
964
|
+
const unsigned char *bytes, int len, int loc, int set);
|
|
963
965
|
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
|
|
964
966
|
const char *field, int type, const unsigned char *bytes, int len);
|
|
965
967
|
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
|
|
966
|
-
int type,unsigned char *bytes, int len);
|
|
968
|
+
int type, const unsigned char *bytes, int len);
|
|
967
969
|
OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
|
|
968
970
|
const unsigned char *bytes, int len, int loc, int set);
|
|
969
971
|
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
|
|
@@ -578,6 +578,7 @@ OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
|
|
578
578
|
OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
|
579
579
|
OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
|
|
580
580
|
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
|
581
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
|
|
581
582
|
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
|
582
583
|
OPENSSL_EXPORT void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
|
|
583
584
|
OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
|
|
File without changes
|
|
File without changes
|
|
@@ -117,7 +117,6 @@
|
|
|
117
117
|
#include <limits.h>
|
|
118
118
|
#include <string.h>
|
|
119
119
|
|
|
120
|
-
#include <openssl/buf.h>
|
|
121
120
|
#include <openssl/err.h>
|
|
122
121
|
#include <openssl/evp.h>
|
|
123
122
|
#include <openssl/mem.h>
|
|
@@ -438,10 +437,6 @@ void dtls1_next_message(SSL *ssl) {
|
|
|
438
437
|
}
|
|
439
438
|
|
|
440
439
|
bool dtls_has_unprocessed_handshake_data(const SSL *ssl) {
|
|
441
|
-
if (ssl->d1->has_change_cipher_spec) {
|
|
442
|
-
return true;
|
|
443
|
-
}
|
|
444
|
-
|
|
445
440
|
size_t current = ssl->d1->handshake_read_seq % SSL_MAX_HANDSHAKE_FLIGHT;
|
|
446
441
|
for (size_t i = 0; i < SSL_MAX_HANDSHAKE_FLIGHT; i++) {
|
|
447
442
|
// Skip the current message.
|
|
@@ -86,12 +86,12 @@ DTLS1_STATE::DTLS1_STATE()
|
|
|
86
86
|
DTLS1_STATE::~DTLS1_STATE() {}
|
|
87
87
|
|
|
88
88
|
bool dtls1_new(SSL *ssl) {
|
|
89
|
-
if (!
|
|
89
|
+
if (!tls_new(ssl)) {
|
|
90
90
|
return false;
|
|
91
91
|
}
|
|
92
92
|
UniquePtr<DTLS1_STATE> d1 = MakeUnique<DTLS1_STATE>();
|
|
93
93
|
if (!d1) {
|
|
94
|
-
|
|
94
|
+
tls_free(ssl);
|
|
95
95
|
return false;
|
|
96
96
|
}
|
|
97
97
|
|
|
@@ -107,7 +107,7 @@ bool dtls1_new(SSL *ssl) {
|
|
|
107
107
|
}
|
|
108
108
|
|
|
109
109
|
void dtls1_free(SSL *ssl) {
|
|
110
|
-
|
|
110
|
+
tls_free(ssl);
|
|
111
111
|
|
|
112
112
|
if (ssl == NULL) {
|
|
113
113
|
return;
|
|
File without changes
|
|
@@ -59,7 +59,6 @@
|
|
|
59
59
|
#include <assert.h>
|
|
60
60
|
#include <string.h>
|
|
61
61
|
|
|
62
|
-
#include <openssl/buf.h>
|
|
63
62
|
#include <openssl/err.h>
|
|
64
63
|
|
|
65
64
|
#include "../crypto/internal.h"
|
|
@@ -78,10 +77,13 @@ static void dtls1_on_handshake_complete(SSL *ssl) {
|
|
|
78
77
|
}
|
|
79
78
|
}
|
|
80
79
|
|
|
81
|
-
static bool dtls1_set_read_state(SSL *ssl,
|
|
80
|
+
static bool dtls1_set_read_state(SSL *ssl, ssl_encryption_level_t level,
|
|
81
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
82
|
+
Span<const uint8_t> secret_for_quic) {
|
|
83
|
+
assert(secret_for_quic.empty()); // QUIC does not use DTLS.
|
|
82
84
|
// Cipher changes are forbidden if the current epoch has leftover data.
|
|
83
85
|
if (dtls_has_unprocessed_handshake_data(ssl)) {
|
|
84
|
-
OPENSSL_PUT_ERROR(SSL,
|
|
86
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
|
85
87
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
86
88
|
return false;
|
|
87
89
|
}
|
|
@@ -91,11 +93,15 @@ static bool dtls1_set_read_state(SSL *ssl, UniquePtr
|
|
|
91
93
|
OPENSSL_memset(ssl->s3->read_sequence, 0, sizeof(ssl->s3->read_sequence));
|
|
92
94
|
|
|
93
95
|
ssl->s3->aead_read_ctx = std::move(aead_ctx);
|
|
96
|
+
ssl->s3->read_level = level;
|
|
97
|
+
ssl->d1->has_change_cipher_spec = 0;
|
|
94
98
|
return true;
|
|
95
99
|
}
|
|
96
100
|
|
|
97
|
-
static bool dtls1_set_write_state(SSL *ssl,
|
|
98
|
-
UniquePtr<SSLAEADContext> aead_ctx
|
|
101
|
+
static bool dtls1_set_write_state(SSL *ssl, ssl_encryption_level_t level,
|
|
102
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
103
|
+
Span<const uint8_t> secret_for_quic) {
|
|
104
|
+
assert(secret_for_quic.empty()); // QUIC does not use DTLS.
|
|
99
105
|
ssl->d1->w_epoch++;
|
|
100
106
|
OPENSSL_memcpy(ssl->d1->last_write_sequence, ssl->s3->write_sequence,
|
|
101
107
|
sizeof(ssl->s3->write_sequence));
|
|
@@ -103,6 +109,7 @@ static bool dtls1_set_write_state(SSL *ssl,
|
|
|
103
109
|
|
|
104
110
|
ssl->d1->last_aead_write_ctx = std::move(ssl->s3->aead_write_ctx);
|
|
105
111
|
ssl->s3->aead_write_ctx = std::move(aead_ctx);
|
|
112
|
+
ssl->s3->write_level = level;
|
|
106
113
|
return true;
|
|
107
114
|
}
|
|
108
115
|
|
|
@@ -112,6 +119,7 @@ static const SSL_PROTOCOL_METHOD kDTLSProtocolMethod = {
|
|
|
112
119
|
dtls1_free,
|
|
113
120
|
dtls1_get_message,
|
|
114
121
|
dtls1_next_message,
|
|
122
|
+
dtls_has_unprocessed_handshake_data,
|
|
115
123
|
dtls1_open_handshake,
|
|
116
124
|
dtls1_open_change_cipher_spec,
|
|
117
125
|
dtls1_open_app_data,
|