grpc 1.28.0 → 1.30.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +7694 -11190
- data/include/grpc/grpc.h +2 -2
- data/include/grpc/grpc_security.h +30 -9
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/grpc_types.h +19 -21
- data/include/grpc/impl/codegen/port_platform.h +6 -2
- data/include/grpc/module.modulemap +24 -39
- data/src/core/ext/filters/client_channel/backend_metric.cc +7 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +212 -241
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -22
- data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +17 -10
- data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
- data/src/core/ext/filters/client_channel/lb_policy.h +42 -33
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +10 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +240 -301
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +5 -11
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +84 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +6 -2
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
- data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
- data/src/core/ext/filters/client_channel/resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver.h +12 -14
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +73 -59
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +35 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +16 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +72 -117
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +184 -133
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +40 -43
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +93 -102
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +32 -5
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -3
- data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +16 -16
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +19 -16
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +20 -31
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +4 -3
- data/src/core/ext/filters/client_channel/server_address.cc +6 -9
- data/src/core/ext/filters/client_channel/server_address.h +6 -12
- data/src/core/ext/filters/client_channel/service_config.cc +104 -144
- data/src/core/ext/filters/client_channel/service_config.h +28 -98
- data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +54 -24
- data/src/core/ext/filters/client_channel/subchannel.h +35 -11
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +348 -221
- data/src/core/ext/filters/client_channel/xds/xds_api.h +37 -37
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +44 -49
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +4 -3
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +4 -2
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +532 -339
- data/src/core/ext/filters/client_channel/xds/xds_client.h +57 -22
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +11 -12
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +31 -19
- data/src/core/ext/filters/http/client/http_client_filter.cc +23 -28
- data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
- data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +7 -10
- data/src/core/ext/filters/message_size/message_size_filter.h +4 -4
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +14 -21
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +15 -8
- data/src/core/ext/transport/inproc/inproc_transport.cc +19 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +4 -229
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -875
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +21 -8
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +43 -7
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +47 -26
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +115 -65
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +24 -20
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +38 -18
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +88 -6
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +9 -6
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +15 -10
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +16 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +2 -1
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +63 -41
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +173 -77
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +48 -28
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +90 -30
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +4 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +16 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +1 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +9 -8
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +30 -24
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +21 -20
- data/src/core/ext/upb-generated/validate/validate.upb.h +69 -63
- data/src/core/lib/channel/channel_args.cc +15 -14
- data/src/core/lib/channel/channel_args.h +3 -1
- data/src/core/lib/channel/channel_stack.h +20 -13
- data/src/core/lib/channel/channelz.cc +5 -6
- data/src/core/lib/channel/channelz.h +3 -2
- data/src/core/lib/channel/channelz_registry.cc +5 -3
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +11 -13
- data/src/core/lib/channel/handshaker.h +4 -2
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +3 -1
- data/src/core/lib/gpr/spinlock.h +2 -3
- data/src/core/lib/gpr/string.cc +2 -26
- data/src/core/lib/gpr/string.h +0 -16
- data/src/core/lib/gpr/sync_abseil.cc +2 -0
- data/src/core/lib/gpr/time.cc +4 -0
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gprpp/atomic.h +6 -6
- data/src/core/lib/gprpp/fork.cc +1 -1
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/map.h +5 -11
- data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +2 -3
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +5 -5
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +3 -2
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/error.cc +6 -9
- data/src/core/lib/iomgr/error.h +0 -1
- data/src/core/lib/iomgr/ev_apple.cc +356 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -23
- data/src/core/lib/iomgr/ev_epollex_linux.cc +2 -3
- data/src/core/lib/iomgr/ev_poll_posix.cc +3 -3
- data/src/core/lib/iomgr/ev_posix.cc +2 -3
- data/src/core/lib/iomgr/exec_ctx.h +14 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
- data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
- data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
- data/src/core/lib/iomgr/port.h +1 -0
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +29 -39
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -17
- data/src/core/lib/iomgr/resource_quota.cc +4 -6
- data/src/core/lib/iomgr/sockaddr_utils.cc +23 -29
- data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -26
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -7
- data/src/core/lib/iomgr/tcp_client_posix.cc +8 -5
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
- data/src/core/lib/iomgr/tcp_custom.cc +2 -3
- data/src/core/lib/iomgr/tcp_server_custom.cc +5 -9
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
- data/src/core/lib/iomgr/tcp_uv.cc +3 -2
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_generic.cc +2 -3
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/udp_server.cc +9 -14
- data/src/core/lib/json/json.h +3 -2
- data/src/core/lib/json/json_reader.cc +5 -5
- data/src/core/lib/json/json_writer.cc +13 -12
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +0 -84
- data/src/core/lib/security/credentials/credentials.h +8 -59
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +3 -8
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -15
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +55 -27
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +9 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +13 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +38 -11
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +7 -7
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +20 -25
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -6
- data/src/core/lib/security/security_connector/ssl_utils.cc +59 -12
- data/src/core/lib/security/security_connector/ssl_utils.h +12 -10
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +77 -51
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +27 -5
- data/src/core/lib/security/transport/auth_filters.h +0 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +1 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +14 -0
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +2 -3
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +53 -31
- data/src/core/lib/surface/channel.h +35 -4
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +33 -33
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/server.cc +570 -369
- data/src/core/lib/surface/server.h +32 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +7 -2
- data/src/core/lib/transport/connectivity_state.cc +7 -6
- data/src/core/lib/transport/connectivity_state.h +5 -3
- data/src/core/lib/transport/metadata.cc +3 -3
- data/src/core/lib/transport/metadata_batch.h +2 -3
- data/src/core/lib/transport/static_metadata.h +1 -1
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/transport.cc +2 -3
- data/src/core/lib/transport/transport.h +3 -2
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.h +2 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +20 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +8 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +32 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/fake_transport_security.cc +10 -15
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
- data/src/core/tsi/ssl_transport_security.cc +52 -39
- data/src/core/tsi/ssl_transport_security.h +8 -8
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +3 -3
- data/src/ruby/ext/grpc/rb_call.c +9 -1
- data/src/ruby/ext/grpc/rb_call_credentials.c +3 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +6 -0
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +7 -1
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
- data/third_party/abseil-cpp/absl/time/format.cc +153 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1584 -0
- data/third_party/boringssl-with-bazel/err_data.c +329 -297
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +289 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +13 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +432 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +80 -99
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +41 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +32 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -114
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +51 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +29 -12
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +4 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +9 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +20 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +172 -77
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +5 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +146 -57
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +14 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +28 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +12 -4
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +64 -47
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +29 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +6 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +64 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +6 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +47 -53
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +23 -75
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +50 -20
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- metadata +115 -39
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
@@ -60,9 +60,7 @@ void ec_GFp_mont_mul(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
60
60
|
OPENSSL_memset(&tmp, 0, sizeof(EC_RAW_POINT));
|
61
61
|
for (size_t j = 0; j < OPENSSL_ARRAY_SIZE(precomp); j++) {
|
62
62
|
BN_ULONG mask = constant_time_eq_w(j, window);
|
63
|
-
|
64
|
-
ec_felem_select(group, &tmp.Y, mask, &precomp[j].Y, &tmp.Y);
|
65
|
-
ec_felem_select(group, &tmp.Z, mask, &precomp[j].Z, &tmp.Z);
|
63
|
+
ec_point_select(group, &tmp, mask, &precomp[j], &tmp);
|
66
64
|
}
|
67
65
|
|
68
66
|
if (r_is_at_infinity) {
|
@@ -82,3 +80,191 @@ void ec_GFp_mont_mul_base(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
82
80
|
const EC_SCALAR *scalar) {
|
83
81
|
ec_GFp_mont_mul(group, r, &group->generator->raw, scalar);
|
84
82
|
}
|
83
|
+
|
84
|
+
static void ec_GFp_mont_batch_precomp(const EC_GROUP *group, EC_RAW_POINT *out,
|
85
|
+
size_t num, const EC_RAW_POINT *p) {
|
86
|
+
assert(num > 1);
|
87
|
+
ec_GFp_simple_point_set_to_infinity(group, &out[0]);
|
88
|
+
ec_GFp_simple_point_copy(&out[1], p);
|
89
|
+
for (size_t j = 2; j < num; j++) {
|
90
|
+
if (j & 1) {
|
91
|
+
ec_GFp_mont_add(group, &out[j], &out[1], &out[j - 1]);
|
92
|
+
} else {
|
93
|
+
ec_GFp_mont_dbl(group, &out[j], &out[j / 2]);
|
94
|
+
}
|
95
|
+
}
|
96
|
+
}
|
97
|
+
|
98
|
+
static void ec_GFp_mont_batch_get_window(const EC_GROUP *group,
|
99
|
+
EC_RAW_POINT *out,
|
100
|
+
const EC_RAW_POINT precomp[17],
|
101
|
+
const EC_SCALAR *scalar, unsigned i) {
|
102
|
+
const size_t width = group->order.width;
|
103
|
+
uint8_t window = bn_is_bit_set_words(scalar->words, width, i + 4) << 5;
|
104
|
+
window |= bn_is_bit_set_words(scalar->words, width, i + 3) << 4;
|
105
|
+
window |= bn_is_bit_set_words(scalar->words, width, i + 2) << 3;
|
106
|
+
window |= bn_is_bit_set_words(scalar->words, width, i + 1) << 2;
|
107
|
+
window |= bn_is_bit_set_words(scalar->words, width, i) << 1;
|
108
|
+
if (i > 0) {
|
109
|
+
window |= bn_is_bit_set_words(scalar->words, width, i - 1);
|
110
|
+
}
|
111
|
+
uint8_t sign, digit;
|
112
|
+
ec_GFp_nistp_recode_scalar_bits(&sign, &digit, window);
|
113
|
+
|
114
|
+
// Select the entry in constant-time.
|
115
|
+
OPENSSL_memset(out, 0, sizeof(EC_RAW_POINT));
|
116
|
+
for (size_t j = 0; j < 17; j++) {
|
117
|
+
BN_ULONG mask = constant_time_eq_w(j, digit);
|
118
|
+
ec_point_select(group, out, mask, &precomp[j], out);
|
119
|
+
}
|
120
|
+
|
121
|
+
// Negate if necessary.
|
122
|
+
EC_FELEM neg_Y;
|
123
|
+
ec_felem_neg(group, &neg_Y, &out->Y);
|
124
|
+
BN_ULONG sign_mask = sign;
|
125
|
+
sign_mask = 0u - sign_mask;
|
126
|
+
ec_felem_select(group, &out->Y, sign_mask, &neg_Y, &out->Y);
|
127
|
+
}
|
128
|
+
|
129
|
+
void ec_GFp_mont_mul_batch(const EC_GROUP *group, EC_RAW_POINT *r,
|
130
|
+
const EC_RAW_POINT *p0, const EC_SCALAR *scalar0,
|
131
|
+
const EC_RAW_POINT *p1, const EC_SCALAR *scalar1,
|
132
|
+
const EC_RAW_POINT *p2, const EC_SCALAR *scalar2) {
|
133
|
+
EC_RAW_POINT precomp[3][17];
|
134
|
+
ec_GFp_mont_batch_precomp(group, precomp[0], 17, p0);
|
135
|
+
ec_GFp_mont_batch_precomp(group, precomp[1], 17, p1);
|
136
|
+
if (p2 != NULL) {
|
137
|
+
ec_GFp_mont_batch_precomp(group, precomp[2], 17, p2);
|
138
|
+
}
|
139
|
+
|
140
|
+
// Divide bits in |scalar| into windows.
|
141
|
+
unsigned bits = BN_num_bits(&group->order);
|
142
|
+
int r_is_at_infinity = 1;
|
143
|
+
for (unsigned i = bits; i <= bits; i--) {
|
144
|
+
if (!r_is_at_infinity) {
|
145
|
+
ec_GFp_mont_dbl(group, r, r);
|
146
|
+
}
|
147
|
+
if (i % 5 == 0) {
|
148
|
+
EC_RAW_POINT tmp;
|
149
|
+
ec_GFp_mont_batch_get_window(group, &tmp, precomp[0], scalar0, i);
|
150
|
+
if (r_is_at_infinity) {
|
151
|
+
ec_GFp_simple_point_copy(r, &tmp);
|
152
|
+
r_is_at_infinity = 0;
|
153
|
+
} else {
|
154
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
155
|
+
}
|
156
|
+
|
157
|
+
ec_GFp_mont_batch_get_window(group, &tmp, precomp[1], scalar1, i);
|
158
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
159
|
+
|
160
|
+
if (p2 != NULL) {
|
161
|
+
ec_GFp_mont_batch_get_window(group, &tmp, precomp[2], scalar2, i);
|
162
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
163
|
+
}
|
164
|
+
}
|
165
|
+
}
|
166
|
+
if (r_is_at_infinity) {
|
167
|
+
ec_GFp_simple_point_set_to_infinity(group, r);
|
168
|
+
}
|
169
|
+
}
|
170
|
+
|
171
|
+
static unsigned ec_GFp_mont_comb_stride(const EC_GROUP *group) {
|
172
|
+
return (BN_num_bits(&group->field) + EC_MONT_PRECOMP_COMB_SIZE - 1) /
|
173
|
+
EC_MONT_PRECOMP_COMB_SIZE;
|
174
|
+
}
|
175
|
+
|
176
|
+
int ec_GFp_mont_init_precomp(const EC_GROUP *group, EC_PRECOMP *out,
|
177
|
+
const EC_RAW_POINT *p) {
|
178
|
+
// comb[i - 1] stores the ith element of the comb. That is, if i is
|
179
|
+
// b4 * 2^4 + b3 * 2^3 + ... + b0 * 2^0, it stores k * |p|, where k is
|
180
|
+
// b4 * 2^(4*stride) + b3 * 2^(3*stride) + ... + b0 * 2^(0*stride). stride
|
181
|
+
// here is |ec_GFp_mont_comb_stride|. We store at index i - 1 because the 0th
|
182
|
+
// comb entry is always infinity.
|
183
|
+
EC_RAW_POINT comb[(1 << EC_MONT_PRECOMP_COMB_SIZE) - 1];
|
184
|
+
unsigned stride = ec_GFp_mont_comb_stride(group);
|
185
|
+
|
186
|
+
// We compute the comb sequentially by the highest set bit. Initially, all
|
187
|
+
// entries up to 2^0 are filled.
|
188
|
+
comb[(1 << 0) - 1] = *p;
|
189
|
+
for (unsigned i = 1; i < EC_MONT_PRECOMP_COMB_SIZE; i++) {
|
190
|
+
// Compute entry 2^i by doubling the entry for 2^(i-1) |stride| times.
|
191
|
+
unsigned bit = 1 << i;
|
192
|
+
ec_GFp_mont_dbl(group, &comb[bit - 1], &comb[bit / 2 - 1]);
|
193
|
+
for (unsigned j = 1; j < stride; j++) {
|
194
|
+
ec_GFp_mont_dbl(group, &comb[bit - 1], &comb[bit - 1]);
|
195
|
+
}
|
196
|
+
// Compute entries from 2^i + 1 to 2^i + (2^i - 1) by adding entry 2^i to
|
197
|
+
// a previous entry.
|
198
|
+
for (unsigned j = 1; j < bit; j++) {
|
199
|
+
ec_GFp_mont_add(group, &comb[bit + j - 1], &comb[bit - 1], &comb[j - 1]);
|
200
|
+
}
|
201
|
+
}
|
202
|
+
|
203
|
+
// Store the comb in affine coordinates to shrink the table. (This reduces
|
204
|
+
// cache pressure and makes the constant-time selects faster.)
|
205
|
+
OPENSSL_STATIC_ASSERT(
|
206
|
+
OPENSSL_ARRAY_SIZE(comb) == OPENSSL_ARRAY_SIZE(out->comb),
|
207
|
+
"comb sizes did not match");
|
208
|
+
return ec_jacobian_to_affine_batch(group, out->comb, comb,
|
209
|
+
OPENSSL_ARRAY_SIZE(comb));
|
210
|
+
}
|
211
|
+
|
212
|
+
static void ec_GFp_mont_get_comb_window(const EC_GROUP *group,
|
213
|
+
EC_RAW_POINT *out,
|
214
|
+
const EC_PRECOMP *precomp,
|
215
|
+
const EC_SCALAR *scalar, unsigned i) {
|
216
|
+
const size_t width = group->order.width;
|
217
|
+
unsigned stride = ec_GFp_mont_comb_stride(group);
|
218
|
+
// Select the bits corresponding to the comb shifted up by |i|.
|
219
|
+
unsigned window = 0;
|
220
|
+
for (unsigned j = 0; j < EC_MONT_PRECOMP_COMB_SIZE; j++) {
|
221
|
+
window |= bn_is_bit_set_words(scalar->words, width, j * stride + i)
|
222
|
+
<< j;
|
223
|
+
}
|
224
|
+
|
225
|
+
// Select precomp->comb[window - 1]. If |window| is zero, |match| will always
|
226
|
+
// be zero, which will leave |out| at infinity.
|
227
|
+
OPENSSL_memset(out, 0, sizeof(EC_RAW_POINT));
|
228
|
+
for (unsigned j = 0; j < OPENSSL_ARRAY_SIZE(precomp->comb); j++) {
|
229
|
+
BN_ULONG match = constant_time_eq_w(window, j + 1);
|
230
|
+
ec_felem_select(group, &out->X, match, &precomp->comb[j].X, &out->X);
|
231
|
+
ec_felem_select(group, &out->Y, match, &precomp->comb[j].Y, &out->Y);
|
232
|
+
}
|
233
|
+
BN_ULONG is_infinity = constant_time_is_zero_w(window);
|
234
|
+
ec_felem_select(group, &out->Z, is_infinity, &out->Z, &group->one);
|
235
|
+
}
|
236
|
+
|
237
|
+
void ec_GFp_mont_mul_precomp(const EC_GROUP *group, EC_RAW_POINT *r,
|
238
|
+
const EC_PRECOMP *p0, const EC_SCALAR *scalar0,
|
239
|
+
const EC_PRECOMP *p1, const EC_SCALAR *scalar1,
|
240
|
+
const EC_PRECOMP *p2, const EC_SCALAR *scalar2) {
|
241
|
+
unsigned stride = ec_GFp_mont_comb_stride(group);
|
242
|
+
int r_is_at_infinity = 1;
|
243
|
+
for (unsigned i = stride - 1; i < stride; i--) {
|
244
|
+
if (!r_is_at_infinity) {
|
245
|
+
ec_GFp_mont_dbl(group, r, r);
|
246
|
+
}
|
247
|
+
|
248
|
+
EC_RAW_POINT tmp;
|
249
|
+
ec_GFp_mont_get_comb_window(group, &tmp, p0, scalar0, i);
|
250
|
+
if (r_is_at_infinity) {
|
251
|
+
ec_GFp_simple_point_copy(r, &tmp);
|
252
|
+
r_is_at_infinity = 0;
|
253
|
+
} else {
|
254
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
255
|
+
}
|
256
|
+
|
257
|
+
if (p1 != NULL) {
|
258
|
+
ec_GFp_mont_get_comb_window(group, &tmp, p1, scalar1, i);
|
259
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
260
|
+
}
|
261
|
+
|
262
|
+
if (p2 != NULL) {
|
263
|
+
ec_GFp_mont_get_comb_window(group, &tmp, p2, scalar2, i);
|
264
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
265
|
+
}
|
266
|
+
}
|
267
|
+
if (r_is_at_infinity) {
|
268
|
+
ec_GFp_simple_point_set_to_infinity(group, r);
|
269
|
+
}
|
270
|
+
}
|
@@ -72,6 +72,7 @@
|
|
72
72
|
|
73
73
|
#include <openssl/bn.h>
|
74
74
|
#include <openssl/err.h>
|
75
|
+
#include <openssl/mem.h>
|
75
76
|
#include <openssl/thread.h>
|
76
77
|
|
77
78
|
#include "internal.h"
|
@@ -174,24 +175,57 @@ static void lookup_precomp(const EC_GROUP *group, EC_RAW_POINT *out,
|
|
174
175
|
// EC_WNAF_TABLE_SIZE is the table size to use for |ec_GFp_mont_mul_public|.
|
175
176
|
#define EC_WNAF_TABLE_SIZE (1 << (EC_WNAF_WINDOW_BITS - 1))
|
176
177
|
|
177
|
-
|
178
|
-
|
179
|
-
|
178
|
+
// EC_WNAF_STACK is the number of points worth of data to stack-allocate and
|
179
|
+
// avoid a malloc.
|
180
|
+
#define EC_WNAF_STACK 3
|
181
|
+
|
182
|
+
int ec_GFp_mont_mul_public_batch(const EC_GROUP *group, EC_RAW_POINT *r,
|
183
|
+
const EC_SCALAR *g_scalar,
|
184
|
+
const EC_RAW_POINT *points,
|
185
|
+
const EC_SCALAR *scalars, size_t num) {
|
180
186
|
size_t bits = BN_num_bits(&group->order);
|
181
187
|
size_t wNAF_len = bits + 1;
|
182
188
|
|
189
|
+
int ret = 0;
|
190
|
+
int8_t wNAF_stack[EC_WNAF_STACK][EC_MAX_BYTES * 8 + 1];
|
191
|
+
int8_t (*wNAF_alloc)[EC_MAX_BYTES * 8 + 1] = NULL;
|
192
|
+
int8_t (*wNAF)[EC_MAX_BYTES * 8 + 1];
|
193
|
+
EC_RAW_POINT precomp_stack[EC_WNAF_STACK][EC_WNAF_TABLE_SIZE];
|
194
|
+
EC_RAW_POINT (*precomp_alloc)[EC_WNAF_TABLE_SIZE] = NULL;
|
195
|
+
EC_RAW_POINT (*precomp)[EC_WNAF_TABLE_SIZE];
|
196
|
+
if (num <= EC_WNAF_STACK) {
|
197
|
+
wNAF = wNAF_stack;
|
198
|
+
precomp = precomp_stack;
|
199
|
+
} else {
|
200
|
+
if (num >= ((size_t)-1) / sizeof(wNAF_alloc[0]) ||
|
201
|
+
num >= ((size_t)-1) / sizeof(precomp_alloc[0])) {
|
202
|
+
OPENSSL_PUT_ERROR(EC, ERR_R_OVERFLOW);
|
203
|
+
goto err;
|
204
|
+
}
|
205
|
+
wNAF_alloc = OPENSSL_malloc(num * sizeof(wNAF_alloc[0]));
|
206
|
+
precomp_alloc = OPENSSL_malloc(num * sizeof(precomp_alloc[0]));
|
207
|
+
if (wNAF_alloc == NULL || precomp_alloc == NULL) {
|
208
|
+
OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
|
209
|
+
goto err;
|
210
|
+
}
|
211
|
+
wNAF = wNAF_alloc;
|
212
|
+
precomp = precomp_alloc;
|
213
|
+
}
|
214
|
+
|
183
215
|
int8_t g_wNAF[EC_MAX_BYTES * 8 + 1];
|
184
216
|
EC_RAW_POINT g_precomp[EC_WNAF_TABLE_SIZE];
|
185
217
|
assert(wNAF_len <= OPENSSL_ARRAY_SIZE(g_wNAF));
|
186
218
|
const EC_RAW_POINT *g = &group->generator->raw;
|
187
|
-
|
188
|
-
|
219
|
+
if (g_scalar != NULL) {
|
220
|
+
ec_compute_wNAF(group, g_wNAF, g_scalar, bits, EC_WNAF_WINDOW_BITS);
|
221
|
+
compute_precomp(group, g_precomp, g, EC_WNAF_TABLE_SIZE);
|
222
|
+
}
|
189
223
|
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
224
|
+
for (size_t i = 0; i < num; i++) {
|
225
|
+
assert(wNAF_len <= OPENSSL_ARRAY_SIZE(wNAF[i]));
|
226
|
+
ec_compute_wNAF(group, wNAF[i], &scalars[i], bits, EC_WNAF_WINDOW_BITS);
|
227
|
+
compute_precomp(group, precomp[i], &points[i], EC_WNAF_TABLE_SIZE);
|
228
|
+
}
|
195
229
|
|
196
230
|
EC_RAW_POINT tmp;
|
197
231
|
int r_is_at_infinity = 1;
|
@@ -200,7 +234,7 @@ void ec_GFp_mont_mul_public(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
200
234
|
ec_GFp_mont_dbl(group, r, r);
|
201
235
|
}
|
202
236
|
|
203
|
-
if (g_wNAF[k] != 0) {
|
237
|
+
if (g_scalar != NULL && g_wNAF[k] != 0) {
|
204
238
|
lookup_precomp(group, &tmp, g_precomp, g_wNAF[k]);
|
205
239
|
if (r_is_at_infinity) {
|
206
240
|
ec_GFp_simple_point_copy(r, &tmp);
|
@@ -210,13 +244,15 @@ void ec_GFp_mont_mul_public(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
210
244
|
}
|
211
245
|
}
|
212
246
|
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
247
|
+
for (size_t i = 0; i < num; i++) {
|
248
|
+
if (wNAF[i][k] != 0) {
|
249
|
+
lookup_precomp(group, &tmp, precomp[i], wNAF[i][k]);
|
250
|
+
if (r_is_at_infinity) {
|
251
|
+
ec_GFp_simple_point_copy(r, &tmp);
|
252
|
+
r_is_at_infinity = 0;
|
253
|
+
} else {
|
254
|
+
ec_GFp_mont_add(group, r, r, &tmp);
|
255
|
+
}
|
220
256
|
}
|
221
257
|
}
|
222
258
|
}
|
@@ -224,4 +260,11 @@ void ec_GFp_mont_mul_public(const EC_GROUP *group, EC_RAW_POINT *r,
|
|
224
260
|
if (r_is_at_infinity) {
|
225
261
|
ec_GFp_simple_point_set_to_infinity(group, r);
|
226
262
|
}
|
263
|
+
|
264
|
+
ret = 1;
|
265
|
+
|
266
|
+
err:
|
267
|
+
OPENSSL_free(wNAF_alloc);
|
268
|
+
OPENSSL_free(precomp_alloc);
|
269
|
+
return ret;
|
227
270
|
}
|
@@ -94,8 +94,8 @@ int ECDH_compute_key_fips(uint8_t *out, size_t out_len, const EC_POINT *pub_key,
|
|
94
94
|
uint8_t buf[EC_MAX_BYTES];
|
95
95
|
size_t buflen;
|
96
96
|
if (!ec_point_mul_scalar(group, &shared_point, &pub_key->raw, priv) ||
|
97
|
-
!
|
98
|
-
|
97
|
+
!ec_get_x_coordinate_as_bytes(group, buf, &buflen, sizeof(buf),
|
98
|
+
&shared_point)) {
|
99
99
|
OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
|
100
100
|
return 0;
|
101
101
|
}
|
@@ -122,6 +122,14 @@ void ECDSA_SIG_free(ECDSA_SIG *sig) {
|
|
122
122
|
OPENSSL_free(sig);
|
123
123
|
}
|
124
124
|
|
125
|
+
const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig) {
|
126
|
+
return sig->r;
|
127
|
+
}
|
128
|
+
|
129
|
+
const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig) {
|
130
|
+
return sig->s;
|
131
|
+
}
|
132
|
+
|
125
133
|
void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **out_r,
|
126
134
|
const BIGNUM **out_s) {
|
127
135
|
if (out_r != NULL) {
|
@@ -161,8 +169,11 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
|
|
161
169
|
return 0;
|
162
170
|
}
|
163
171
|
|
164
|
-
// s_inv_mont = s^-1 in the Montgomery domain.
|
165
|
-
|
172
|
+
// s_inv_mont = s^-1 in the Montgomery domain.
|
173
|
+
if (!ec_scalar_to_montgomery_inv_vartime(group, &s_inv_mont, &s)) {
|
174
|
+
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
|
175
|
+
return 0;
|
176
|
+
}
|
166
177
|
|
167
178
|
// u1 = m * s^-1 mod order
|
168
179
|
// u2 = r * s^-1 mod order
|
@@ -208,6 +219,10 @@ static int ecdsa_sign_setup(const EC_KEY *eckey, EC_SCALAR *out_kinv_mont,
|
|
208
219
|
if (!ec_bignum_to_scalar(group, &k, eckey->fixed_k)) {
|
209
220
|
goto err;
|
210
221
|
}
|
222
|
+
if (ec_scalar_is_zero(group, &k)) {
|
223
|
+
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
|
224
|
+
goto err;
|
225
|
+
}
|
211
226
|
} else {
|
212
227
|
// Pass a SHA512 hash of the private key and digest as additional data
|
213
228
|
// into the RBG. This is a hardening measure against entropy failure.
|
@@ -225,10 +240,10 @@ static int ecdsa_sign_setup(const EC_KEY *eckey, EC_SCALAR *out_kinv_mont,
|
|
225
240
|
}
|
226
241
|
|
227
242
|
// Compute k^-1 in the Montgomery domain. This is |ec_scalar_to_montgomery|
|
228
|
-
// followed by |
|
243
|
+
// followed by |ec_scalar_inv0_montgomery|, but |ec_scalar_inv0_montgomery|
|
229
244
|
// followed by |ec_scalar_from_montgomery| is equivalent and slightly more
|
230
|
-
// efficient.
|
231
|
-
|
245
|
+
// efficient. Note k is non-zero, so the inverse must exist.
|
246
|
+
ec_scalar_inv0_montgomery(group, out_kinv_mont, &k);
|
232
247
|
ec_scalar_from_montgomery(group, out_kinv_mont, out_kinv_mont);
|
233
248
|
|
234
249
|
// Compute r, the x-coordinate of generator * k.
|
@@ -0,0 +1,137 @@
|
|
1
|
+
/* Copyright (c) 2020, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#if !defined(_GNU_SOURCE)
|
16
|
+
#define _GNU_SOURCE // needed for madvise() and MAP_ANONYMOUS on Linux.
|
17
|
+
#endif
|
18
|
+
|
19
|
+
#include <openssl/base.h>
|
20
|
+
|
21
|
+
#include "fork_detect.h"
|
22
|
+
|
23
|
+
#if defined(OPENSSL_LINUX)
|
24
|
+
#include <sys/mman.h>
|
25
|
+
#include <unistd.h>
|
26
|
+
#include <stdlib.h>
|
27
|
+
|
28
|
+
#include <openssl/type_check.h>
|
29
|
+
|
30
|
+
#include "../delocate.h"
|
31
|
+
#include "../../internal.h"
|
32
|
+
|
33
|
+
|
34
|
+
#if defined(MADV_WIPEONFORK)
|
35
|
+
OPENSSL_STATIC_ASSERT(MADV_WIPEONFORK == 18, "MADV_WIPEONFORK is not 18");
|
36
|
+
#else
|
37
|
+
#define MADV_WIPEONFORK 18
|
38
|
+
#endif
|
39
|
+
|
40
|
+
DEFINE_STATIC_ONCE(g_fork_detect_once);
|
41
|
+
DEFINE_STATIC_MUTEX(g_fork_detect_lock);
|
42
|
+
DEFINE_BSS_GET(volatile char *, g_fork_detect_addr);
|
43
|
+
DEFINE_BSS_GET(uint64_t, g_fork_generation);
|
44
|
+
DEFINE_BSS_GET(int, g_ignore_madv_wipeonfork);
|
45
|
+
|
46
|
+
static void init_fork_detect(void) {
|
47
|
+
if (*g_ignore_madv_wipeonfork_bss_get()) {
|
48
|
+
return;
|
49
|
+
}
|
50
|
+
|
51
|
+
long page_size = sysconf(_SC_PAGESIZE);
|
52
|
+
if (page_size <= 0) {
|
53
|
+
return;
|
54
|
+
}
|
55
|
+
|
56
|
+
void *addr = mmap(NULL, (size_t)page_size, PROT_READ | PROT_WRITE,
|
57
|
+
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
|
58
|
+
if (addr == MAP_FAILED) {
|
59
|
+
return;
|
60
|
+
}
|
61
|
+
|
62
|
+
// Some versions of qemu (up to at least 5.0.0-rc4, see linux-user/syscall.c)
|
63
|
+
// ignore |madvise| calls and just return zero (i.e. success). But we need to
|
64
|
+
// know whether MADV_WIPEONFORK actually took effect. Therefore try an invalid
|
65
|
+
// call to check that the implementation of |madvise| is actually rejecting
|
66
|
+
// unknown |advice| values.
|
67
|
+
if (madvise(addr, (size_t)page_size, -1) == 0 ||
|
68
|
+
madvise(addr, (size_t)page_size, MADV_WIPEONFORK) != 0) {
|
69
|
+
munmap(addr, (size_t)page_size);
|
70
|
+
return;
|
71
|
+
}
|
72
|
+
|
73
|
+
*((volatile char *) addr) = 1;
|
74
|
+
*g_fork_detect_addr_bss_get() = addr;
|
75
|
+
*g_fork_generation_bss_get() = 1;
|
76
|
+
}
|
77
|
+
|
78
|
+
uint64_t CRYPTO_get_fork_generation(void) {
|
79
|
+
// In a single-threaded process, there are obviously no races because there's
|
80
|
+
// only a single mutator in the address space.
|
81
|
+
//
|
82
|
+
// In a multi-threaded environment, |CRYPTO_once| ensures that the flag byte
|
83
|
+
// is initialised atomically, even if multiple threads enter this function
|
84
|
+
// concurrently.
|
85
|
+
//
|
86
|
+
// In the limit, the kernel may clear WIPEONFORK pages while a multi-threaded
|
87
|
+
// process is running. (For example, because a VM was cloned.) Therefore a
|
88
|
+
// lock is used below to synchronise the potentially multiple threads that may
|
89
|
+
// concurrently observe the cleared flag.
|
90
|
+
|
91
|
+
CRYPTO_once(g_fork_detect_once_bss_get(), init_fork_detect);
|
92
|
+
// This pointer is |volatile| because the value pointed to may be changed by
|
93
|
+
// external forces (i.e. the kernel wiping the page) thus the compiler must
|
94
|
+
// not assume that it has exclusive access to it.
|
95
|
+
volatile char *const flag_ptr = *g_fork_detect_addr_bss_get();
|
96
|
+
if (flag_ptr == NULL) {
|
97
|
+
// Our kernel is too old to support |MADV_WIPEONFORK|.
|
98
|
+
return 0;
|
99
|
+
}
|
100
|
+
|
101
|
+
struct CRYPTO_STATIC_MUTEX *const lock = g_fork_detect_lock_bss_get();
|
102
|
+
uint64_t *const generation_ptr = g_fork_generation_bss_get();
|
103
|
+
|
104
|
+
CRYPTO_STATIC_MUTEX_lock_read(lock);
|
105
|
+
uint64_t current_generation = *generation_ptr;
|
106
|
+
if (*flag_ptr) {
|
107
|
+
CRYPTO_STATIC_MUTEX_unlock_read(lock);
|
108
|
+
return current_generation;
|
109
|
+
}
|
110
|
+
|
111
|
+
CRYPTO_STATIC_MUTEX_unlock_read(lock);
|
112
|
+
CRYPTO_STATIC_MUTEX_lock_write(lock);
|
113
|
+
current_generation = *generation_ptr;
|
114
|
+
if (*flag_ptr == 0) {
|
115
|
+
// A fork has occurred.
|
116
|
+
*flag_ptr = 1;
|
117
|
+
|
118
|
+
current_generation++;
|
119
|
+
if (current_generation == 0) {
|
120
|
+
current_generation = 1;
|
121
|
+
}
|
122
|
+
*generation_ptr = current_generation;
|
123
|
+
}
|
124
|
+
CRYPTO_STATIC_MUTEX_unlock_write(lock);
|
125
|
+
|
126
|
+
return current_generation;
|
127
|
+
}
|
128
|
+
|
129
|
+
void CRYPTO_fork_detect_ignore_madv_wipeonfork_for_testing(void) {
|
130
|
+
*g_ignore_madv_wipeonfork_bss_get() = 1;
|
131
|
+
}
|
132
|
+
|
133
|
+
#else // !OPENSSL_LINUX
|
134
|
+
|
135
|
+
uint64_t CRYPTO_get_fork_generation(void) { return 0; }
|
136
|
+
|
137
|
+
#endif // OPENSSL_LINUX
|