grpc 1.28.0 → 1.30.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +7694 -11190
- data/include/grpc/grpc.h +2 -2
- data/include/grpc/grpc_security.h +22 -9
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/grpc_types.h +19 -21
- data/include/grpc/impl/codegen/port_platform.h +6 -2
- data/include/grpc/module.modulemap +24 -39
- data/src/core/ext/filters/client_channel/backend_metric.cc +7 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +203 -236
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -22
- data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +17 -10
- data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
- data/src/core/ext/filters/client_channel/lb_policy.h +42 -33
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +10 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +240 -301
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +5 -11
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +84 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +6 -2
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
- data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
- data/src/core/ext/filters/client_channel/resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver.h +12 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +73 -59
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +35 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +16 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +72 -117
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +184 -133
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +40 -43
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +93 -102
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +32 -5
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -3
- data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +16 -16
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +19 -16
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +20 -31
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +4 -3
- data/src/core/ext/filters/client_channel/server_address.cc +6 -9
- data/src/core/ext/filters/client_channel/server_address.h +6 -12
- data/src/core/ext/filters/client_channel/service_config.cc +104 -144
- data/src/core/ext/filters/client_channel/service_config.h +28 -98
- data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +54 -24
- data/src/core/ext/filters/client_channel/subchannel.h +35 -11
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +348 -221
- data/src/core/ext/filters/client_channel/xds/xds_api.h +37 -37
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +44 -49
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +4 -3
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +4 -2
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +532 -339
- data/src/core/ext/filters/client_channel/xds/xds_client.h +57 -22
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +11 -12
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +31 -19
- data/src/core/ext/filters/http/client/http_client_filter.cc +23 -28
- data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
- data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +7 -10
- data/src/core/ext/filters/message_size/message_size_filter.h +4 -4
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +14 -21
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +15 -8
- data/src/core/ext/transport/inproc/inproc_transport.cc +19 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +4 -229
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -875
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +21 -8
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +43 -7
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +47 -26
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +115 -65
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +24 -20
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +38 -18
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +88 -6
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +9 -6
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +15 -10
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +16 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +63 -41
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +173 -77
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +48 -28
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +90 -30
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +4 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +16 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +1 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +9 -8
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +30 -24
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +21 -20
- data/src/core/ext/upb-generated/validate/validate.upb.h +69 -63
- data/src/core/lib/channel/channel_args.cc +15 -14
- data/src/core/lib/channel/channel_args.h +3 -1
- data/src/core/lib/channel/channel_stack.h +20 -13
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +3 -2
- data/src/core/lib/channel/channelz_registry.cc +5 -3
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +11 -13
- data/src/core/lib/channel/handshaker.h +4 -2
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +3 -1
- data/src/core/lib/gpr/spinlock.h +2 -3
- data/src/core/lib/gpr/string.cc +2 -26
- data/src/core/lib/gpr/string.h +0 -16
- data/src/core/lib/gpr/sync_abseil.cc +2 -0
- data/src/core/lib/gpr/time.cc +4 -0
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gprpp/atomic.h +6 -6
- data/src/core/lib/gprpp/fork.cc +1 -1
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/map.h +5 -11
- data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +2 -3
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +5 -5
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +3 -2
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/error.cc +6 -9
- data/src/core/lib/iomgr/error.h +0 -1
- data/src/core/lib/iomgr/ev_apple.cc +356 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -23
- data/src/core/lib/iomgr/ev_epollex_linux.cc +2 -3
- data/src/core/lib/iomgr/ev_poll_posix.cc +3 -3
- data/src/core/lib/iomgr/ev_posix.cc +2 -3
- data/src/core/lib/iomgr/exec_ctx.h +14 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
- data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
- data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
- data/src/core/lib/iomgr/port.h +1 -0
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +29 -39
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -17
- data/src/core/lib/iomgr/resource_quota.cc +4 -6
- data/src/core/lib/iomgr/sockaddr_utils.cc +23 -29
- data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -26
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -7
- data/src/core/lib/iomgr/tcp_client_posix.cc +8 -5
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
- data/src/core/lib/iomgr/tcp_custom.cc +2 -3
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -9
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
- data/src/core/lib/iomgr/tcp_uv.cc +3 -2
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_generic.cc +2 -3
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/udp_server.cc +9 -14
- data/src/core/lib/json/json.h +3 -2
- data/src/core/lib/json/json_reader.cc +5 -5
- data/src/core/lib/json/json_writer.cc +13 -12
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +0 -84
- data/src/core/lib/security/credentials/credentials.h +8 -59
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +3 -8
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -15
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +55 -27
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +9 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +13 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +38 -11
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +7 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +20 -25
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -6
- data/src/core/lib/security/security_connector/ssl_utils.cc +59 -12
- data/src/core/lib/security/security_connector/ssl_utils.h +12 -10
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +77 -51
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +27 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +1 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +14 -0
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +2 -3
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +53 -31
- data/src/core/lib/surface/channel.h +35 -4
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +33 -33
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/server.cc +570 -369
- data/src/core/lib/surface/server.h +32 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +7 -2
- data/src/core/lib/transport/connectivity_state.cc +7 -6
- data/src/core/lib/transport/connectivity_state.h +5 -3
- data/src/core/lib/transport/metadata.cc +3 -3
- data/src/core/lib/transport/metadata_batch.h +2 -3
- data/src/core/lib/transport/static_metadata.h +1 -1
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/transport.cc +2 -3
- data/src/core/lib/transport/transport.h +3 -2
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.h +2 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +20 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +8 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +32 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/fake_transport_security.cc +10 -15
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
- data/src/core/tsi/ssl_transport_security.cc +52 -39
- data/src/core/tsi/ssl_transport_security.h +8 -8
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +3 -3
- data/src/ruby/ext/grpc/rb_call.c +9 -1
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +5 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -0
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
- data/third_party/abseil-cpp/absl/time/format.cc +153 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1584 -0
- data/third_party/boringssl-with-bazel/err_data.c +329 -297
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +289 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +13 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +432 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +80 -99
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +41 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +32 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -114
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +51 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +29 -12
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +4 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +9 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +20 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +172 -77
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +5 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +146 -57
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +14 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +28 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +12 -4
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +64 -47
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +29 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +6 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +64 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +6 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +47 -53
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +23 -75
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +50 -20
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- metadata +111 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
@@ -356,7 +356,7 @@ bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg)
|
|
356
356
|
}
|
357
357
|
|
358
358
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
359
|
-
if (!tls12_check_peer_sigalg(
|
359
|
+
if (!tls12_check_peer_sigalg(hs, &alert, signature_algorithm)) {
|
360
360
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
361
361
|
return false;
|
362
362
|
}
|
@@ -52,6 +52,54 @@ enum client_hs_state_t {
|
|
52
52
|
|
53
53
|
static const uint8_t kZeroes[EVP_MAX_MD_SIZE] = {0};
|
54
54
|
|
55
|
+
// end_of_early_data closes the early data stream for |hs| and switches the
|
56
|
+
// encryption level to |level|. It returns true on success and false on error.
|
57
|
+
static bool close_early_data(SSL_HANDSHAKE *hs, ssl_encryption_level_t level) {
|
58
|
+
SSL *const ssl = hs->ssl;
|
59
|
+
assert(hs->in_early_data);
|
60
|
+
|
61
|
+
// Note |can_early_write| may already be false if |SSL_write| exceeded the
|
62
|
+
// early data write limit.
|
63
|
+
hs->can_early_write = false;
|
64
|
+
|
65
|
+
// 0-RTT write states on the client differ between TLS 1.3, DTLS 1.3, and
|
66
|
+
// QUIC. TLS 1.3 has one write encryption level at a time. 0-RTT write keys
|
67
|
+
// overwrite the null cipher and defer handshake write keys. While a
|
68
|
+
// HelloRetryRequest can cause us to rewind back to the null cipher, sequence
|
69
|
+
// numbers have no effect, so we can install a "new" null cipher.
|
70
|
+
//
|
71
|
+
// In QUIC and DTLS 1.3, 0-RTT write state cannot override or defer the normal
|
72
|
+
// write state. The two ClientHello sequence numbers must align, and handshake
|
73
|
+
// write keys must be installed early to ACK the EncryptedExtensions.
|
74
|
+
//
|
75
|
+
// We do not currently implement DTLS 1.3 and, in QUIC, the caller handles
|
76
|
+
// 0-RTT data, so we can skip installing 0-RTT keys and act as if there is one
|
77
|
+
// write level. If we implement DTLS 1.3, we'll need to model this better.
|
78
|
+
if (ssl->quic_method == nullptr) {
|
79
|
+
if (level == ssl_encryption_initial) {
|
80
|
+
bssl::UniquePtr<SSLAEADContext> null_ctx =
|
81
|
+
SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
|
82
|
+
if (!null_ctx ||
|
83
|
+
!ssl->method->set_write_state(ssl, ssl_encryption_initial,
|
84
|
+
std::move(null_ctx),
|
85
|
+
/*secret_for_quic=*/{})) {
|
86
|
+
return false;
|
87
|
+
}
|
88
|
+
ssl->s3->aead_write_ctx->SetVersionIfNullCipher(ssl->version);
|
89
|
+
} else {
|
90
|
+
assert(level == ssl_encryption_handshake);
|
91
|
+
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_seal,
|
92
|
+
hs->new_session.get(),
|
93
|
+
hs->client_handshake_secret())) {
|
94
|
+
return false;
|
95
|
+
}
|
96
|
+
}
|
97
|
+
}
|
98
|
+
|
99
|
+
assert(ssl->s3->write_level == level);
|
100
|
+
return true;
|
101
|
+
}
|
102
|
+
|
55
103
|
static enum ssl_hs_wait_t do_read_hello_retry_request(SSL_HANDSHAKE *hs) {
|
56
104
|
SSL *const ssl = hs->ssl;
|
57
105
|
assert(ssl->s3->have_version);
|
@@ -183,28 +231,30 @@ static enum ssl_hs_wait_t do_read_hello_retry_request(SSL_HANDSHAKE *hs) {
|
|
183
231
|
return ssl_hs_error;
|
184
232
|
}
|
185
233
|
|
234
|
+
// HelloRetryRequest should be the end of the flight.
|
235
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
236
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
237
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
238
|
+
return ssl_hs_error;
|
239
|
+
}
|
240
|
+
|
186
241
|
ssl->method->next_message(ssl);
|
187
242
|
ssl->s3->used_hello_retry_request = true;
|
188
243
|
hs->tls13_state = state_send_second_client_hello;
|
189
244
|
// 0-RTT is rejected if we receive a HelloRetryRequest.
|
190
245
|
if (hs->in_early_data) {
|
191
246
|
ssl->s3->early_data_reason = ssl_early_data_hello_retry_request;
|
247
|
+
if (!close_early_data(hs, ssl_encryption_initial)) {
|
248
|
+
return ssl_hs_error;
|
249
|
+
}
|
192
250
|
return ssl_hs_early_data_rejected;
|
193
251
|
}
|
194
252
|
return ssl_hs_ok;
|
195
253
|
}
|
196
254
|
|
197
255
|
static enum ssl_hs_wait_t do_send_second_client_hello(SSL_HANDSHAKE *hs) {
|
198
|
-
|
199
|
-
|
200
|
-
bssl::UniquePtr<SSLAEADContext> null_ctx =
|
201
|
-
SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
|
202
|
-
if (!null_ctx ||
|
203
|
-
!ssl->method->set_write_state(ssl, std::move(null_ctx))) {
|
204
|
-
return ssl_hs_error;
|
205
|
-
}
|
206
|
-
|
207
|
-
ssl->s3->aead_write_ctx->SetVersionIfNullCipher(ssl->version);
|
256
|
+
// Any 0-RTT keys must have been discarded.
|
257
|
+
assert(hs->ssl->s3->write_level == ssl_encryption_initial);
|
208
258
|
|
209
259
|
if (!ssl_write_client_hello(hs)) {
|
210
260
|
return ssl_hs_error;
|
@@ -391,21 +441,28 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
391
441
|
|
392
442
|
if (!tls13_advance_key_schedule(hs, dhe_secret) ||
|
393
443
|
!ssl_hash_message(hs, msg) ||
|
394
|
-
!tls13_derive_handshake_secrets(hs)
|
395
|
-
!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_open,
|
396
|
-
hs->server_handshake_secret())) {
|
444
|
+
!tls13_derive_handshake_secrets(hs)) {
|
397
445
|
return ssl_hs_error;
|
398
446
|
}
|
399
447
|
|
400
|
-
|
401
|
-
|
402
|
-
|
448
|
+
// If currently sending early data over TCP, we defer installing client
|
449
|
+
// traffic keys to when the early data stream is closed. See
|
450
|
+
// |close_early_data|. Note if the server has already rejected 0-RTT via
|
451
|
+
// HelloRetryRequest, |in_early_data| is already false.
|
452
|
+
if (!hs->in_early_data || ssl->quic_method != nullptr) {
|
403
453
|
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_seal,
|
454
|
+
hs->new_session.get(),
|
404
455
|
hs->client_handshake_secret())) {
|
405
456
|
return ssl_hs_error;
|
406
457
|
}
|
407
458
|
}
|
408
459
|
|
460
|
+
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_open,
|
461
|
+
hs->new_session.get(),
|
462
|
+
hs->server_handshake_secret())) {
|
463
|
+
return ssl_hs_error;
|
464
|
+
}
|
465
|
+
|
409
466
|
ssl->method->next_message(ssl);
|
410
467
|
hs->tls13_state = state_read_encrypted_extensions;
|
411
468
|
return ssl_hs_ok;
|
@@ -439,14 +496,20 @@ static enum ssl_hs_wait_t do_read_encrypted_extensions(SSL_HANDSHAKE *hs) {
|
|
439
496
|
}
|
440
497
|
|
441
498
|
if (ssl->s3->early_data_accepted) {
|
442
|
-
if (hs->early_session->cipher != hs->new_session->cipher
|
443
|
-
|
444
|
-
|
499
|
+
if (hs->early_session->cipher != hs->new_session->cipher) {
|
500
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_CIPHER_MISMATCH_ON_EARLY_DATA);
|
501
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
502
|
+
return ssl_hs_error;
|
503
|
+
}
|
504
|
+
if (MakeConstSpan(hs->early_session->early_alpn) !=
|
505
|
+
ssl->s3->alpn_selected) {
|
445
506
|
OPENSSL_PUT_ERROR(SSL, SSL_R_ALPN_MISMATCH_ON_EARLY_DATA);
|
507
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
446
508
|
return ssl_hs_error;
|
447
509
|
}
|
448
510
|
if (ssl->s3->channel_id_valid || ssl->s3->token_binding_negotiated) {
|
449
511
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION_ON_EARLY_DATA);
|
512
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
450
513
|
return ssl_hs_error;
|
451
514
|
}
|
452
515
|
}
|
@@ -458,6 +521,9 @@ static enum ssl_hs_wait_t do_read_encrypted_extensions(SSL_HANDSHAKE *hs) {
|
|
458
521
|
ssl->method->next_message(ssl);
|
459
522
|
hs->tls13_state = state_read_certificate_request;
|
460
523
|
if (hs->in_early_data && !ssl->s3->early_data_accepted) {
|
524
|
+
if (!close_early_data(hs, ssl_encryption_handshake)) {
|
525
|
+
return ssl_hs_error;
|
526
|
+
}
|
461
527
|
return ssl_hs_early_data_rejected;
|
462
528
|
}
|
463
529
|
return ssl_hs_ok;
|
@@ -622,6 +688,13 @@ static enum ssl_hs_wait_t do_read_server_finished(SSL_HANDSHAKE *hs) {
|
|
622
688
|
return ssl_hs_error;
|
623
689
|
}
|
624
690
|
|
691
|
+
// Finished should be the end of the flight.
|
692
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
693
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
694
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
695
|
+
return ssl_hs_error;
|
696
|
+
}
|
697
|
+
|
625
698
|
ssl->method->next_message(ssl);
|
626
699
|
hs->tls13_state = state_send_end_of_early_data;
|
627
700
|
return ssl_hs_ok;
|
@@ -631,7 +704,6 @@ static enum ssl_hs_wait_t do_send_end_of_early_data(SSL_HANDSHAKE *hs) {
|
|
631
704
|
SSL *const ssl = hs->ssl;
|
632
705
|
|
633
706
|
if (ssl->s3->early_data_accepted) {
|
634
|
-
hs->can_early_write = false;
|
635
707
|
// QUIC omits the EndOfEarlyData message. See draft-ietf-quic-tls-22,
|
636
708
|
// section 8.3.
|
637
709
|
if (ssl->quic_method == nullptr) {
|
@@ -643,11 +715,8 @@ static enum ssl_hs_wait_t do_send_end_of_early_data(SSL_HANDSHAKE *hs) {
|
|
643
715
|
return ssl_hs_error;
|
644
716
|
}
|
645
717
|
}
|
646
|
-
}
|
647
718
|
|
648
|
-
|
649
|
-
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_seal,
|
650
|
-
hs->client_handshake_secret())) {
|
719
|
+
if (!close_early_data(hs, ssl_encryption_handshake)) {
|
651
720
|
return ssl_hs_error;
|
652
721
|
}
|
653
722
|
}
|
@@ -741,10 +810,12 @@ static enum ssl_hs_wait_t do_complete_second_flight(SSL_HANDSHAKE *hs) {
|
|
741
810
|
}
|
742
811
|
|
743
812
|
// Derive the final keys and enable them.
|
744
|
-
if (!tls13_set_traffic_key(ssl, ssl_encryption_application,
|
745
|
-
hs->
|
746
|
-
!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
|
813
|
+
if (!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
|
814
|
+
hs->new_session.get(),
|
747
815
|
hs->client_traffic_secret_0()) ||
|
816
|
+
!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_open,
|
817
|
+
hs->new_session.get(),
|
818
|
+
hs->server_traffic_secret_0()) ||
|
748
819
|
!tls13_derive_resumption_secret(hs)) {
|
749
820
|
return ssl_hs_error;
|
750
821
|
}
|
@@ -139,12 +139,18 @@ static bool derive_secret(SSL_HANDSHAKE *hs, Span
|
|
139
139
|
|
140
140
|
bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
|
141
141
|
enum evp_aead_direction_t direction,
|
142
|
+
const SSL_SESSION *session,
|
142
143
|
Span<const uint8_t> traffic_secret) {
|
143
|
-
const SSL_SESSION *session = SSL_get_session(ssl);
|
144
144
|
uint16_t version = ssl_session_protocol_version(session);
|
145
|
-
|
146
145
|
UniquePtr<SSLAEADContext> traffic_aead;
|
147
|
-
|
146
|
+
Span<const uint8_t> secret_for_quic;
|
147
|
+
if (ssl->quic_method != nullptr) {
|
148
|
+
// Install a placeholder SSLAEADContext so that SSL accessors work. The
|
149
|
+
// encryption itself will be handled by the SSL_QUIC_METHOD.
|
150
|
+
traffic_aead =
|
151
|
+
SSLAEADContext::CreatePlaceholderForQUIC(version, session->cipher);
|
152
|
+
secret_for_quic = traffic_secret;
|
153
|
+
} else {
|
148
154
|
// Look up cipher suite properties.
|
149
155
|
const EVP_AEAD *aead;
|
150
156
|
size_t discard;
|
@@ -173,34 +179,15 @@ bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
|
|
173
179
|
return false;
|
174
180
|
}
|
175
181
|
|
176
|
-
|
177
182
|
traffic_aead = SSLAEADContext::Create(direction, session->ssl_version,
|
178
183
|
SSL_is_dtls(ssl), session->cipher,
|
179
184
|
key, Span<const uint8_t>(), iv);
|
180
|
-
} else {
|
181
|
-
// Install a placeholder SSLAEADContext so that SSL accessors work. The
|
182
|
-
// encryption itself will be handled by the SSL_QUIC_METHOD.
|
183
|
-
traffic_aead =
|
184
|
-
SSLAEADContext::CreatePlaceholderForQUIC(version, session->cipher);
|
185
|
-
// QUIC never installs early data keys at the TLS layer.
|
186
|
-
assert(level != ssl_encryption_early_data);
|
187
185
|
}
|
188
186
|
|
189
187
|
if (!traffic_aead) {
|
190
188
|
return false;
|
191
189
|
}
|
192
190
|
|
193
|
-
if (direction == evp_aead_open) {
|
194
|
-
if (!ssl->method->set_read_state(ssl, std::move(traffic_aead))) {
|
195
|
-
return false;
|
196
|
-
}
|
197
|
-
} else {
|
198
|
-
if (!ssl->method->set_write_state(ssl, std::move(traffic_aead))) {
|
199
|
-
return false;
|
200
|
-
}
|
201
|
-
}
|
202
|
-
|
203
|
-
// Save the traffic secret.
|
204
191
|
if (traffic_secret.size() >
|
205
192
|
OPENSSL_ARRAY_SIZE(ssl->s3->read_traffic_secret) ||
|
206
193
|
traffic_secret.size() >
|
@@ -208,16 +195,23 @@ bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
|
|
208
195
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
209
196
|
return false;
|
210
197
|
}
|
198
|
+
|
211
199
|
if (direction == evp_aead_open) {
|
200
|
+
if (!ssl->method->set_read_state(ssl, level, std::move(traffic_aead),
|
201
|
+
secret_for_quic)) {
|
202
|
+
return false;
|
203
|
+
}
|
212
204
|
OPENSSL_memmove(ssl->s3->read_traffic_secret, traffic_secret.data(),
|
213
205
|
traffic_secret.size());
|
214
206
|
ssl->s3->read_traffic_secret_len = traffic_secret.size();
|
215
|
-
ssl->s3->read_level = level;
|
216
207
|
} else {
|
208
|
+
if (!ssl->method->set_write_state(ssl, level, std::move(traffic_aead),
|
209
|
+
secret_for_quic)) {
|
210
|
+
return false;
|
211
|
+
}
|
217
212
|
OPENSSL_memmove(ssl->s3->write_traffic_secret, traffic_secret.data(),
|
218
213
|
traffic_secret.size());
|
219
214
|
ssl->s3->write_traffic_secret_len = traffic_secret.size();
|
220
|
-
ssl->s3->write_level = level;
|
221
215
|
}
|
222
216
|
|
223
217
|
return true;
|
@@ -243,47 +237,6 @@ bool tls13_derive_early_secret(SSL_HANDSHAKE *hs) {
|
|
243
237
|
return true;
|
244
238
|
}
|
245
239
|
|
246
|
-
bool tls13_set_early_secret_for_quic(SSL_HANDSHAKE *hs) {
|
247
|
-
SSL *const ssl = hs->ssl;
|
248
|
-
if (ssl->quic_method == nullptr) {
|
249
|
-
return true;
|
250
|
-
}
|
251
|
-
if (ssl->server) {
|
252
|
-
if (!ssl->quic_method->set_encryption_secrets(
|
253
|
-
ssl, ssl_encryption_early_data, hs->early_traffic_secret().data(),
|
254
|
-
/*write_secret=*/nullptr, hs->early_traffic_secret().size())) {
|
255
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_INTERNAL_ERROR);
|
256
|
-
return false;
|
257
|
-
}
|
258
|
-
} else {
|
259
|
-
if (!ssl->quic_method->set_encryption_secrets(
|
260
|
-
ssl, ssl_encryption_early_data, /*read_secret=*/nullptr,
|
261
|
-
hs->early_traffic_secret().data(),
|
262
|
-
hs->early_traffic_secret().size())) {
|
263
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_INTERNAL_ERROR);
|
264
|
-
return false;
|
265
|
-
}
|
266
|
-
}
|
267
|
-
return true;
|
268
|
-
}
|
269
|
-
|
270
|
-
static bool set_quic_secrets(SSL_HANDSHAKE *hs, ssl_encryption_level_t level,
|
271
|
-
Span<const uint8_t> client_write_secret,
|
272
|
-
Span<const uint8_t> server_write_secret) {
|
273
|
-
SSL *const ssl = hs->ssl;
|
274
|
-
assert(client_write_secret.size() == server_write_secret.size());
|
275
|
-
if (ssl->quic_method == nullptr) {
|
276
|
-
return true;
|
277
|
-
}
|
278
|
-
if (!ssl->server) {
|
279
|
-
std::swap(client_write_secret, server_write_secret);
|
280
|
-
}
|
281
|
-
return ssl->quic_method->set_encryption_secrets(
|
282
|
-
ssl, level,
|
283
|
-
/*read_secret=*/client_write_secret.data(),
|
284
|
-
/*write_secret=*/server_write_secret.data(), client_write_secret.size());
|
285
|
-
}
|
286
|
-
|
287
240
|
bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) {
|
288
241
|
SSL *const ssl = hs->ssl;
|
289
242
|
if (!derive_secret(hs, hs->client_handshake_secret(),
|
@@ -293,10 +246,7 @@ bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs) {
|
|
293
246
|
!derive_secret(hs, hs->server_handshake_secret(),
|
294
247
|
label_to_span(kTLS13LabelServerHandshakeTraffic)) ||
|
295
248
|
!ssl_log_secret(ssl, "SERVER_HANDSHAKE_TRAFFIC_SECRET",
|
296
|
-
hs->server_handshake_secret())
|
297
|
-
!set_quic_secrets(hs, ssl_encryption_handshake,
|
298
|
-
hs->client_handshake_secret(),
|
299
|
-
hs->server_handshake_secret())) {
|
249
|
+
hs->server_handshake_secret())) {
|
300
250
|
return false;
|
301
251
|
}
|
302
252
|
|
@@ -319,10 +269,7 @@ bool tls13_derive_application_secrets(SSL_HANDSHAKE *hs) {
|
|
319
269
|
label_to_span(kTLS13LabelExporter)) ||
|
320
270
|
!ssl_log_secret(ssl, "EXPORTER_SECRET",
|
321
271
|
MakeConstSpan(ssl->s3->exporter_secret,
|
322
|
-
ssl->s3->exporter_secret_len))
|
323
|
-
!set_quic_secrets(hs, ssl_encryption_application,
|
324
|
-
hs->client_traffic_secret_0(),
|
325
|
-
hs->server_traffic_secret_0())) {
|
272
|
+
ssl->s3->exporter_secret_len))) {
|
326
273
|
return false;
|
327
274
|
}
|
328
275
|
|
@@ -341,11 +288,12 @@ bool tls13_rotate_traffic_key(SSL *ssl, enum evp_aead_direction_t direction) {
|
|
341
288
|
ssl->s3->write_traffic_secret_len);
|
342
289
|
}
|
343
290
|
|
344
|
-
const
|
291
|
+
const SSL_SESSION *session = SSL_get_session(ssl);
|
292
|
+
const EVP_MD *digest = ssl_session_get_digest(session);
|
345
293
|
return hkdf_expand_label(secret, digest, secret,
|
346
294
|
label_to_span(kTLS13LabelApplicationTraffic), {}) &&
|
347
295
|
tls13_set_traffic_key(ssl, ssl_encryption_application, direction,
|
348
|
-
secret);
|
296
|
+
session, secret);
|
349
297
|
}
|
350
298
|
|
351
299
|
static const char kTLS13LabelResumption[] = "res master";
|
@@ -309,6 +309,23 @@ static enum ssl_ticket_aead_result_t select_session(
|
|
309
309
|
return ssl_ticket_aead_success;
|
310
310
|
}
|
311
311
|
|
312
|
+
static bool quic_ticket_compatible(const SSL_SESSION *session,
|
313
|
+
const SSL_CONFIG *config) {
|
314
|
+
if (!session->is_quic) {
|
315
|
+
return true;
|
316
|
+
}
|
317
|
+
if (session->quic_early_data_hash.size() != SHA256_DIGEST_LENGTH) {
|
318
|
+
return false;
|
319
|
+
}
|
320
|
+
uint8_t early_data_hash[SHA256_DIGEST_LENGTH];
|
321
|
+
if (!compute_quic_early_data_hash(config, early_data_hash) ||
|
322
|
+
CRYPTO_memcmp(session->quic_early_data_hash.data(), early_data_hash,
|
323
|
+
SHA256_DIGEST_LENGTH) != 0) {
|
324
|
+
return false;
|
325
|
+
}
|
326
|
+
return true;
|
327
|
+
}
|
328
|
+
|
312
329
|
static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
|
313
330
|
SSL *const ssl = hs->ssl;
|
314
331
|
SSLMessage msg;
|
@@ -352,6 +369,10 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
|
|
352
369
|
return ssl_hs_error;
|
353
370
|
}
|
354
371
|
|
372
|
+
// |ssl_session_is_resumable| forbids cross-cipher resumptions even if the
|
373
|
+
// PRF hashes match.
|
374
|
+
assert(hs->new_cipher == session->cipher);
|
375
|
+
|
355
376
|
if (!ssl->enable_early_data) {
|
356
377
|
ssl->s3->early_data_reason = ssl_early_data_disabled;
|
357
378
|
} else if (session->ticket_max_early_data == 0) {
|
@@ -370,6 +391,8 @@ static enum ssl_hs_wait_t do_select_session(SSL_HANDSHAKE *hs) {
|
|
370
391
|
} else if (ssl->s3->ticket_age_skew < -kMaxTicketAgeSkewSeconds ||
|
371
392
|
kMaxTicketAgeSkewSeconds < ssl->s3->ticket_age_skew) {
|
372
393
|
ssl->s3->early_data_reason = ssl_early_data_ticket_age_skew;
|
394
|
+
} else if (!quic_ticket_compatible(session.get(), hs->config)) {
|
395
|
+
ssl->s3->early_data_reason = ssl_early_data_quic_parameter_mismatch;
|
373
396
|
} else {
|
374
397
|
ssl->s3->early_data_reason = ssl_early_data_accepted;
|
375
398
|
ssl->s3->early_data_accepted = true;
|
@@ -558,6 +581,13 @@ static enum ssl_hs_wait_t do_read_second_client_hello(SSL_HANDSHAKE *hs) {
|
|
558
581
|
return ssl_hs_error;
|
559
582
|
}
|
560
583
|
|
584
|
+
// ClientHello should be the end of the flight.
|
585
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
586
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
587
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
588
|
+
return ssl_hs_error;
|
589
|
+
}
|
590
|
+
|
561
591
|
ssl->method->next_message(ssl);
|
562
592
|
hs->tls13_state = state13_send_server_hello;
|
563
593
|
return ssl_hs_ok;
|
@@ -593,6 +623,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
593
623
|
// Derive and enable the handshake traffic secrets.
|
594
624
|
if (!tls13_derive_handshake_secrets(hs) ||
|
595
625
|
!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_seal,
|
626
|
+
hs->new_session.get(),
|
596
627
|
hs->server_handshake_secret())) {
|
597
628
|
return ssl_hs_error;
|
598
629
|
}
|
@@ -627,7 +658,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
627
658
|
!CBB_add_u16_length_prefixed(&cert_request_extensions,
|
628
659
|
&sigalg_contents) ||
|
629
660
|
!CBB_add_u16_length_prefixed(&sigalg_contents, &sigalgs_cbb) ||
|
630
|
-
!tls12_add_verify_sigalgs(
|
661
|
+
!tls12_add_verify_sigalgs(hs, &sigalgs_cbb)) {
|
631
662
|
return ssl_hs_error;
|
632
663
|
}
|
633
664
|
|
@@ -693,24 +724,19 @@ static enum ssl_hs_wait_t do_send_server_finished(SSL_HANDSHAKE *hs) {
|
|
693
724
|
hs, MakeConstSpan(kZeroes, hs->transcript.DigestLen())) ||
|
694
725
|
!tls13_derive_application_secrets(hs) ||
|
695
726
|
!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
|
727
|
+
hs->new_session.get(),
|
696
728
|
hs->server_traffic_secret_0())) {
|
697
729
|
return ssl_hs_error;
|
698
730
|
}
|
699
731
|
|
700
|
-
|
701
|
-
|
702
|
-
|
703
|
-
// reject 0-RTT. We only release the secret after 0-RTT is fully resolved.
|
704
|
-
//
|
705
|
-
// Second, 0-RTT data is acknowledged with 1-RTT keys. Both are derived as
|
706
|
-
// part of the ServerHello flight, but future TLS extensions may insert an
|
707
|
-
// asynchronous point in the middle of this flight. We defer releasing the
|
708
|
-
// 0-RTT keys to ensure the QUIC implementation never installs read keys
|
709
|
-
// without the write keys to send the corresponding ACKs.
|
710
|
-
if (!tls13_set_early_secret_for_quic(hs)) {
|
711
|
-
return ssl_hs_error;
|
712
|
-
}
|
732
|
+
hs->tls13_state = state13_send_half_rtt_ticket;
|
733
|
+
return hs->handback ? ssl_hs_handback : ssl_hs_ok;
|
734
|
+
}
|
713
735
|
|
736
|
+
static enum ssl_hs_wait_t do_send_half_rtt_ticket(SSL_HANDSHAKE *hs) {
|
737
|
+
SSL *const ssl = hs->ssl;
|
738
|
+
|
739
|
+
if (ssl->s3->early_data_accepted) {
|
714
740
|
// If accepting 0-RTT, we send tickets half-RTT. This gets the tickets on
|
715
741
|
// the wire sooner and also avoids triggering a write on |SSL_read| when
|
716
742
|
// processing the client Finished. This requires computing the client
|
@@ -759,9 +785,8 @@ static enum ssl_hs_wait_t do_send_server_finished(SSL_HANDSHAKE *hs) {
|
|
759
785
|
static enum ssl_hs_wait_t do_read_second_client_flight(SSL_HANDSHAKE *hs) {
|
760
786
|
SSL *const ssl = hs->ssl;
|
761
787
|
if (ssl->s3->early_data_accepted) {
|
762
|
-
|
763
|
-
|
764
|
-
!tls13_set_traffic_key(ssl, ssl_encryption_early_data, evp_aead_open,
|
788
|
+
if (!tls13_set_traffic_key(ssl, ssl_encryption_early_data, evp_aead_open,
|
789
|
+
hs->new_session.get(),
|
765
790
|
hs->early_traffic_secret())) {
|
766
791
|
return ssl_hs_error;
|
767
792
|
}
|
@@ -775,6 +800,7 @@ static enum ssl_hs_wait_t do_read_second_client_flight(SSL_HANDSHAKE *hs) {
|
|
775
800
|
// return.
|
776
801
|
if (ssl->quic_method != nullptr) {
|
777
802
|
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_open,
|
803
|
+
hs->new_session.get(),
|
778
804
|
hs->client_handshake_secret())) {
|
779
805
|
return ssl_hs_error;
|
780
806
|
}
|
@@ -807,12 +833,10 @@ static enum ssl_hs_wait_t do_process_end_of_early_data(SSL_HANDSHAKE *hs) {
|
|
807
833
|
ssl->method->next_message(ssl);
|
808
834
|
}
|
809
835
|
if (!tls13_set_traffic_key(ssl, ssl_encryption_handshake, evp_aead_open,
|
836
|
+
hs->new_session.get(),
|
810
837
|
hs->client_handshake_secret())) {
|
811
838
|
return ssl_hs_error;
|
812
839
|
}
|
813
|
-
if (hs->handback) {
|
814
|
-
return ssl_hs_handback;
|
815
|
-
}
|
816
840
|
hs->tls13_state = state13_read_client_certificate;
|
817
841
|
return ssl_hs_ok;
|
818
842
|
}
|
@@ -920,6 +944,7 @@ static enum ssl_hs_wait_t do_read_client_finished(SSL_HANDSHAKE *hs) {
|
|
920
944
|
!tls13_process_finished(hs, msg, ssl->s3->early_data_accepted) ||
|
921
945
|
// evp_aead_seal keys have already been switched.
|
922
946
|
!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_open,
|
947
|
+
hs->new_session.get(),
|
923
948
|
hs->client_traffic_secret_0())) {
|
924
949
|
return ssl_hs_error;
|
925
950
|
}
|
@@ -986,6 +1011,9 @@ enum ssl_hs_wait_t tls13_server_handshake(SSL_HANDSHAKE *hs) {
|
|
986
1011
|
case state13_send_server_finished:
|
987
1012
|
ret = do_send_server_finished(hs);
|
988
1013
|
break;
|
1014
|
+
case state13_send_half_rtt_ticket:
|
1015
|
+
ret = do_send_half_rtt_ticket(hs);
|
1016
|
+
break;
|
989
1017
|
case state13_read_second_client_flight:
|
990
1018
|
ret = do_read_second_client_flight(hs);
|
991
1019
|
break;
|
@@ -1040,6 +1068,8 @@ const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs) {
|
|
1040
1068
|
return "TLS 1.3 server send_server_hello";
|
1041
1069
|
case state13_send_server_certificate_verify:
|
1042
1070
|
return "TLS 1.3 server send_server_certificate_verify";
|
1071
|
+
case state13_send_half_rtt_ticket:
|
1072
|
+
return "TLS 1.3 server send_half_rtt_ticket";
|
1043
1073
|
case state13_send_server_finished:
|
1044
1074
|
return "TLS 1.3 server send_server_finished";
|
1045
1075
|
case state13_read_second_client_flight:
|