grpc 1.33.0.pre1 → 1.34.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +342 -134
- data/include/grpc/grpc.h +1 -2
- data/include/grpc/grpc_security.h +149 -172
- data/include/grpc/impl/codegen/grpc_types.h +9 -2
- data/include/grpc/impl/codegen/port_platform.h +22 -55
- data/src/core/ext/filters/client_channel/client_channel.cc +11 -34
- data/src/core/ext/filters/client_channel/config_selector.h +2 -3
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +4 -1
- data/src/core/ext/filters/client_channel/health/health_check_client.h +2 -2
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +5 -1
- data/src/core/ext/filters/client_channel/lb_policy.h +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +80 -71
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +47 -17
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +8 -5
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +16 -243
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +53 -17
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +809 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +20 -25
- data/src/core/ext/filters/client_channel/resolver.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver.h +4 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +20 -0
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +66 -7
- data/src/core/ext/filters/client_channel/resolver_registry.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +13 -25
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +1 -1
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +2 -2
- data/src/core/ext/filters/client_channel/retry_throttle.h +1 -1
- data/src/core/ext/filters/client_channel/server_address.h +0 -4
- data/src/core/ext/filters/client_channel/service_config.cc +3 -1
- data/src/core/ext/filters/client_channel/service_config.h +1 -1
- data/src/core/ext/filters/client_channel/subchannel.cc +18 -15
- data/src/core/ext/filters/client_channel/subchannel.h +2 -2
- data/src/core/ext/filters/client_channel/subchannel_interface.h +7 -15
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +83 -77
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +17 -3
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +4 -24
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +0 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/writing.cc +1 -2
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/xds/certificate_provider_factory.h +7 -5
- data/src/core/ext/xds/certificate_provider_store.cc +84 -0
- data/src/core/ext/xds/certificate_provider_store.h +65 -8
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +119 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +72 -0
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +28 -140
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +6 -4
- data/src/core/ext/xds/xds_api.cc +241 -718
- data/src/core/ext/xds/xds_api.h +50 -9
- data/src/core/ext/xds/xds_bootstrap.cc +172 -25
- data/src/core/ext/xds/xds_bootstrap.h +23 -7
- data/src/core/ext/xds/xds_certificate_provider.cc +240 -0
- data/src/core/ext/xds/xds_certificate_provider.h +74 -0
- data/src/core/ext/xds/xds_client.cc +161 -128
- data/src/core/ext/xds/xds_client.h +12 -11
- data/src/core/ext/xds/xds_client_stats.cc +41 -4
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/lib/channel/channel_args.cc +2 -1
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channelz.h +2 -2
- data/src/core/lib/channel/handshaker.h +2 -2
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log_linux.cc +17 -3
- data/src/core/lib/gpr/log_posix.cc +13 -1
- data/src/core/lib/gpr/log_windows.cc +16 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/string.cc +1 -1
- data/src/core/lib/gpr/time_precise.cc +3 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/dual_ref_counted.h +44 -49
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +40 -46
- data/src/core/lib/gprpp/ref_counted_ptr.h +9 -11
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +36 -36
- data/src/core/lib/http/parser.cc +46 -25
- data/src/core/lib/iomgr/error.cc +2 -1
- data/src/core/lib/iomgr/ev_epollex_linux.cc +8 -4
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +3 -3
- data/src/core/lib/iomgr/parse_address.cc +84 -6
- data/src/core/lib/iomgr/parse_address.h +20 -0
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/python_util.h +3 -3
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/tcp_posix.cc +3 -2
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +27 -15
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +2 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.h +167 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/credentials.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +3 -3
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +208 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +73 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +311 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +118 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +136 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +49 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +211 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +59 -0
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +51 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +5 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +35 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +12 -8
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +78 -0
- data/src/core/lib/security/{certificate_provider.h → credentials/tls/grpc_tls_certificate_provider.h} +32 -18
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +77 -149
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +58 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
- data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +88 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +70 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +4 -2
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +293 -275
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +106 -61
- data/src/core/lib/security/transport/security_handshaker.cc +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +2 -2
- data/src/core/lib/surface/call.cc +9 -8
- data/src/core/lib/surface/completion_queue.cc +7 -6
- data/src/core/lib/surface/server.cc +4 -2
- data/src/core/lib/surface/server.h +2 -2
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.h +2 -0
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +3 -3
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +1 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +4 -3
- data/src/core/tsi/fake_transport_security.cc +1 -0
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
- data/src/core/tsi/ssl_transport_security.cc +14 -7
- data/src/core/tsi/ssl_transport_security.h +3 -0
- data/src/core/tsi/transport_security.cc +4 -2
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +22 -14
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +36 -24
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +340 -336
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +46 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +90 -63
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +60 -60
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +179 -47
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +55 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +31 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +435 -394
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +36 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +53 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +133 -39
- data/third_party/upb/upb/def.c +2169 -0
- data/third_party/upb/upb/def.h +330 -0
- data/third_party/upb/upb/def.hpp +525 -0
- data/third_party/upb/upb/reflection.c +391 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/text_encode.c +398 -0
- data/third_party/upb/upb/text_encode.h +35 -0
- metadata +227 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds_drop.cc +0 -571
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
|
@@ -142,6 +142,16 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, X509_ALGOR *sigalg,
|
|
|
142
142
|
return 0;
|
|
143
143
|
}
|
|
144
144
|
|
|
145
|
+
/* The parameter should be an explicit NULL for RSA and omitted for ECDSA. For
|
|
146
|
+
* compatibility, we allow either for both algorithms. See b/167375496.
|
|
147
|
+
*
|
|
148
|
+
* TODO(davidben): Chromium's verifier allows both forms for RSA, but enforces
|
|
149
|
+
* ECDSA more strictly. Align with Chromium and add a flag for b/167375496. */
|
|
150
|
+
if (sigalg->parameter != NULL && sigalg->parameter->type != V_ASN1_NULL) {
|
|
151
|
+
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER);
|
|
152
|
+
return 0;
|
|
153
|
+
}
|
|
154
|
+
|
|
145
155
|
/* Otherwise, initialize with the digest from the OID. */
|
|
146
156
|
const EVP_MD *digest = EVP_get_digestbynid(digest_nid);
|
|
147
157
|
if (digest == NULL) {
|
|
@@ -98,13 +98,15 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
|
|
|
98
98
|
} else
|
|
99
99
|
id = NULL;
|
|
100
100
|
ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
|
|
101
|
-
if (!ret)
|
|
101
|
+
if (!ret) {
|
|
102
|
+
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
|
103
|
+
ASN1_OBJECT_free(id);
|
|
102
104
|
return NULL;
|
|
105
|
+
}
|
|
103
106
|
ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
|
|
104
107
|
if (!ret->expected_policy_set) {
|
|
105
108
|
OPENSSL_free(ret);
|
|
106
|
-
|
|
107
|
-
ASN1_OBJECT_free(id);
|
|
109
|
+
ASN1_OBJECT_free(id);
|
|
108
110
|
return NULL;
|
|
109
111
|
}
|
|
110
112
|
|
|
@@ -288,40 +288,40 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
|
|
|
288
288
|
|
|
289
289
|
static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
|
|
290
290
|
{
|
|
291
|
-
GENERAL_NAMES *ialt;
|
|
292
|
-
GENERAL_NAME *gen;
|
|
293
|
-
X509_EXTENSION *ext;
|
|
294
|
-
int i;
|
|
295
|
-
size_t j;
|
|
296
291
|
if (ctx && (ctx->flags == CTX_TEST))
|
|
297
292
|
return 1;
|
|
298
293
|
if (!ctx || !ctx->issuer_cert) {
|
|
299
294
|
OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_DETAILS);
|
|
300
|
-
|
|
295
|
+
return 0;
|
|
301
296
|
}
|
|
302
|
-
i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
|
|
297
|
+
int i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
|
|
303
298
|
if (i < 0)
|
|
304
299
|
return 1;
|
|
300
|
+
|
|
301
|
+
int ret = 0;
|
|
302
|
+
GENERAL_NAMES *ialt = NULL;
|
|
303
|
+
X509_EXTENSION *ext;
|
|
305
304
|
if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
|
|
306
305
|
!(ialt = X509V3_EXT_d2i(ext))) {
|
|
307
306
|
OPENSSL_PUT_ERROR(X509V3, X509V3_R_ISSUER_DECODE_ERROR);
|
|
308
307
|
goto err;
|
|
309
308
|
}
|
|
310
309
|
|
|
311
|
-
for (j = 0; j < sk_GENERAL_NAME_num(ialt); j++) {
|
|
312
|
-
gen = sk_GENERAL_NAME_value(ialt, j);
|
|
310
|
+
for (size_t j = 0; j < sk_GENERAL_NAME_num(ialt); j++) {
|
|
311
|
+
GENERAL_NAME *gen = sk_GENERAL_NAME_value(ialt, j);
|
|
313
312
|
if (!sk_GENERAL_NAME_push(gens, gen)) {
|
|
314
313
|
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
|
315
314
|
goto err;
|
|
316
315
|
}
|
|
316
|
+
/* Ownership of |gen| has moved from |ialt| to |gens|. */
|
|
317
|
+
sk_GENERAL_NAME_set(ialt, j, NULL);
|
|
317
318
|
}
|
|
318
|
-
sk_GENERAL_NAME_free(ialt);
|
|
319
|
-
|
|
320
|
-
return 1;
|
|
321
319
|
|
|
322
|
-
|
|
323
|
-
return 0;
|
|
320
|
+
ret = 1;
|
|
324
321
|
|
|
322
|
+
err:
|
|
323
|
+
GENERAL_NAMES_free(ialt);
|
|
324
|
+
return ret;
|
|
325
325
|
}
|
|
326
326
|
|
|
327
327
|
static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
|
|
@@ -156,7 +156,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
|
|
|
156
156
|
}
|
|
157
157
|
|
|
158
158
|
int X509V3_extensions_print(BIO *bp, const char *title,
|
|
159
|
-
STACK_OF(X509_EXTENSION) *exts,
|
|
159
|
+
const STACK_OF(X509_EXTENSION) *exts,
|
|
160
160
|
unsigned long flag, int indent)
|
|
161
161
|
{
|
|
162
162
|
size_t i;
|
|
@@ -146,6 +146,30 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_siv(void);
|
|
|
146
146
|
// https://tools.ietf.org/html/draft-irtf-cfrg-gcmsiv-02
|
|
147
147
|
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_siv(void);
|
|
148
148
|
|
|
149
|
+
// EVP_aead_aes_128_gcm_randnonce is AES-128 in Galois Counter Mode with
|
|
150
|
+
// internal nonce generation. The 12-byte nonce is appended to the tag
|
|
151
|
+
// and is generated internally. The "tag", for the purpurses of the API, is thus
|
|
152
|
+
// 12 bytes larger. The nonce parameter when using this AEAD must be
|
|
153
|
+
// zero-length. Since the nonce is random, a single key should not be used for
|
|
154
|
+
// more than 2^32 seal operations.
|
|
155
|
+
//
|
|
156
|
+
// Warning: this is for use for FIPS compliance only. It is probably not
|
|
157
|
+
// suitable for other uses. Using standard AES-GCM AEADs allows one to achieve
|
|
158
|
+
// the same effect, but gives more control over nonce storage.
|
|
159
|
+
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_randnonce(void);
|
|
160
|
+
|
|
161
|
+
// EVP_aead_aes_256_gcm_randnonce is AES-256 in Galois Counter Mode with
|
|
162
|
+
// internal nonce generation. The 12-byte nonce is appended to the tag
|
|
163
|
+
// and is generated internally. The "tag", for the purpurses of the API, is thus
|
|
164
|
+
// 12 bytes larger. The nonce parameter when using this AEAD must be
|
|
165
|
+
// zero-length. Since the nonce is random, a single key should not be used for
|
|
166
|
+
// more than 2^32 seal operations.
|
|
167
|
+
//
|
|
168
|
+
// Warning: this is for use for FIPS compliance only. It is probably not
|
|
169
|
+
// suitable for other uses. Using standard AES-GCM AEADs allows one to achieve
|
|
170
|
+
// the same effect, but gives more control over nonce storage.
|
|
171
|
+
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm_randnonce(void);
|
|
172
|
+
|
|
149
173
|
// EVP_aead_aes_128_ccm_bluetooth is AES-128-CCM with M=4 and L=2 (4-byte tags
|
|
150
174
|
// and 13-byte nonces), as decribed in the Bluetooth Core Specification v5.0,
|
|
151
175
|
// Volume 6, Part E, Section 1.
|
|
@@ -126,7 +126,7 @@
|
|
|
126
126
|
// appropriate architecture-dependent feature bits set.
|
|
127
127
|
// Read more: "ELF for the Arm® 64-bit Architecture"
|
|
128
128
|
|
|
129
|
-
#if (__ARM_FEATURE_BTI_DEFAULT == 1
|
|
129
|
+
#if defined(__ARM_FEATURE_BTI_DEFAULT) && __ARM_FEATURE_BTI_DEFAULT == 1
|
|
130
130
|
#define GNU_PROPERTY_AARCH64_BTI (1 << 0) // Has Branch Target Identification
|
|
131
131
|
#define AARCH64_VALID_CALL_TARGET hint #34 // BTI 'c'
|
|
132
132
|
#else
|
|
@@ -134,19 +134,21 @@
|
|
|
134
134
|
#define AARCH64_VALID_CALL_TARGET
|
|
135
135
|
#endif
|
|
136
136
|
|
|
137
|
-
#if (
|
|
137
|
+
#if defined(__ARM_FEATURE_PAC_DEFAULT) && \
|
|
138
|
+
(__ARM_FEATURE_PAC_DEFAULT & 1) == 1 // Signed with A-key
|
|
138
139
|
#define GNU_PROPERTY_AARCH64_POINTER_AUTH \
|
|
139
140
|
(1 << 1) // Has Pointer Authentication
|
|
140
141
|
#define AARCH64_SIGN_LINK_REGISTER hint #25 // PACIASP
|
|
141
142
|
#define AARCH64_VALIDATE_LINK_REGISTER hint #29 // AUTIASP
|
|
142
|
-
#elif (
|
|
143
|
+
#elif defined(__ARM_FEATURE_PAC_DEFAULT) && \
|
|
144
|
+
(__ARM_FEATURE_PAC_DEFAULT & 2) == 2 // Signed with B-key
|
|
143
145
|
#define GNU_PROPERTY_AARCH64_POINTER_AUTH \
|
|
144
146
|
(1 << 1) // Has Pointer Authentication
|
|
145
147
|
#define AARCH64_SIGN_LINK_REGISTER hint #27 // PACIBSP
|
|
146
148
|
#define AARCH64_VALIDATE_LINK_REGISTER hint #31 // AUTIBSP
|
|
147
149
|
#else
|
|
148
150
|
#define GNU_PROPERTY_AARCH64_POINTER_AUTH 0 // No Pointer Authentication
|
|
149
|
-
#if
|
|
151
|
+
#if GNU_PROPERTY_AARCH64_BTI != 0
|
|
150
152
|
#define AARCH64_SIGN_LINK_REGISTER AARCH64_VALID_CALL_TARGET
|
|
151
153
|
#else
|
|
152
154
|
#define AARCH64_SIGN_LINK_REGISTER
|
|
@@ -154,7 +156,7 @@
|
|
|
154
156
|
#define AARCH64_VALIDATE_LINK_REGISTER
|
|
155
157
|
#endif
|
|
156
158
|
|
|
157
|
-
#if
|
|
159
|
+
#if GNU_PROPERTY_AARCH64_POINTER_AUTH != 0 || GNU_PROPERTY_AARCH64_BTI != 0
|
|
158
160
|
.pushsection note.gnu.property, "a";
|
|
159
161
|
.balign 8;
|
|
160
162
|
.long 4;
|
|
@@ -138,7 +138,10 @@ extern "C" {
|
|
|
138
138
|
#define OPENSSL_WINDOWS
|
|
139
139
|
#endif
|
|
140
140
|
|
|
141
|
-
|
|
141
|
+
// Trusty isn't Linux but currently defines __linux__. As a workaround, we
|
|
142
|
+
// exclude it here.
|
|
143
|
+
// TODO(b/169780122): Remove this workaround once Trusty no longer defines it.
|
|
144
|
+
#if defined(__linux__) && !defined(TRUSTY)
|
|
142
145
|
#define OPENSSL_LINUX
|
|
143
146
|
#endif
|
|
144
147
|
|
|
@@ -184,7 +187,7 @@ extern "C" {
|
|
|
184
187
|
// A consumer may use this symbol in the preprocessor to temporarily build
|
|
185
188
|
// against multiple revisions of BoringSSL at the same time. It is not
|
|
186
189
|
// recommended to do so for longer than is necessary.
|
|
187
|
-
#define BORINGSSL_API_VERSION
|
|
190
|
+
#define BORINGSSL_API_VERSION 12
|
|
188
191
|
|
|
189
192
|
#if defined(BORINGSSL_SHARED_LIBRARY)
|
|
190
193
|
|
|
@@ -199,6 +199,10 @@ OPENSSL_EXPORT int BIO_should_io_special(const BIO *bio);
|
|
|
199
199
|
// retried. The return value is one of the |BIO_RR_*| values.
|
|
200
200
|
OPENSSL_EXPORT int BIO_get_retry_reason(const BIO *bio);
|
|
201
201
|
|
|
202
|
+
// BIO_set_retry_reason sets the special I/O operation that needs to be retried
|
|
203
|
+
// to |reason|, which should be one of the |BIO_RR_*| values.
|
|
204
|
+
OPENSSL_EXPORT void BIO_set_retry_reason(BIO *bio, int reason);
|
|
205
|
+
|
|
202
206
|
// BIO_clear_flags ANDs |bio->flags| with the bitwise-complement of |flags|.
|
|
203
207
|
OPENSSL_EXPORT void BIO_clear_flags(BIO *bio, int flags);
|
|
204
208
|
|
|
@@ -65,6 +65,12 @@ extern "C" {
|
|
|
65
65
|
|
|
66
66
|
|
|
67
67
|
// DES.
|
|
68
|
+
//
|
|
69
|
+
// This module is deprecated and retained for legacy reasons only. It is slow
|
|
70
|
+
// and may leak key material with timing or cache side channels. Moreover,
|
|
71
|
+
// single-keyed DES is broken and can be brute-forced in under a day.
|
|
72
|
+
//
|
|
73
|
+
// Use a modern cipher, such as AES-GCM or ChaCha20-Poly1305, instead.
|
|
68
74
|
|
|
69
75
|
|
|
70
76
|
typedef struct DES_cblock_st {
|
|
@@ -62,64 +62,63 @@
|
|
|
62
62
|
#include <openssl/cipher.h>
|
|
63
63
|
#include <openssl/digest.h>
|
|
64
64
|
#include <openssl/evp.h>
|
|
65
|
-
#include <openssl/stack.h>
|
|
66
65
|
#include <openssl/pkcs7.h>
|
|
66
|
+
#include <openssl/stack.h>
|
|
67
67
|
#include <openssl/x509.h>
|
|
68
68
|
|
|
69
|
-
|
|
70
|
-
|
|
69
|
+
// For compatibility with open-iscsi, which assumes that it can get
|
|
70
|
+
// |OPENSSL_malloc| from pem.h or err.h
|
|
71
71
|
#include <openssl/crypto.h>
|
|
72
72
|
|
|
73
|
-
#ifdef
|
|
73
|
+
#ifdef __cplusplus
|
|
74
74
|
extern "C" {
|
|
75
75
|
#endif
|
|
76
76
|
|
|
77
77
|
|
|
78
|
-
#define PEM_BUFSIZE
|
|
79
|
-
|
|
80
|
-
#define PEM_STRING_X509_OLD
|
|
81
|
-
#define PEM_STRING_X509
|
|
82
|
-
#define PEM_STRING_X509_PAIR
|
|
83
|
-
#define PEM_STRING_X509_TRUSTED
|
|
84
|
-
#define PEM_STRING_X509_REQ_OLD
|
|
85
|
-
#define PEM_STRING_X509_REQ
|
|
86
|
-
#define PEM_STRING_X509_CRL
|
|
87
|
-
#define PEM_STRING_EVP_PKEY
|
|
88
|
-
#define PEM_STRING_PUBLIC
|
|
89
|
-
#define PEM_STRING_RSA
|
|
90
|
-
#define PEM_STRING_RSA_PUBLIC
|
|
91
|
-
#define PEM_STRING_DSA
|
|
92
|
-
#define PEM_STRING_DSA_PUBLIC
|
|
78
|
+
#define PEM_BUFSIZE 1024
|
|
79
|
+
|
|
80
|
+
#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
|
|
81
|
+
#define PEM_STRING_X509 "CERTIFICATE"
|
|
82
|
+
#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
|
|
83
|
+
#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
|
|
84
|
+
#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
|
|
85
|
+
#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
|
|
86
|
+
#define PEM_STRING_X509_CRL "X509 CRL"
|
|
87
|
+
#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
|
|
88
|
+
#define PEM_STRING_PUBLIC "PUBLIC KEY"
|
|
89
|
+
#define PEM_STRING_RSA "RSA PRIVATE KEY"
|
|
90
|
+
#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
|
|
91
|
+
#define PEM_STRING_DSA "DSA PRIVATE KEY"
|
|
92
|
+
#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
|
|
93
93
|
#define PEM_STRING_EC "EC PRIVATE KEY"
|
|
94
|
-
#define PEM_STRING_PKCS7
|
|
95
|
-
#define PEM_STRING_PKCS7_SIGNED
|
|
96
|
-
#define PEM_STRING_PKCS8
|
|
97
|
-
#define PEM_STRING_PKCS8INF
|
|
98
|
-
#define PEM_STRING_DHPARAMS
|
|
99
|
-
#define PEM_STRING_SSL_SESSION
|
|
100
|
-
#define PEM_STRING_DSAPARAMS
|
|
94
|
+
#define PEM_STRING_PKCS7 "PKCS7"
|
|
95
|
+
#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
|
|
96
|
+
#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
|
|
97
|
+
#define PEM_STRING_PKCS8INF "PRIVATE KEY"
|
|
98
|
+
#define PEM_STRING_DHPARAMS "DH PARAMETERS"
|
|
99
|
+
#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
|
|
100
|
+
#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
|
|
101
101
|
#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
|
|
102
|
-
#define PEM_STRING_ECPRIVATEKEY
|
|
103
|
-
#define PEM_STRING_CMS
|
|
102
|
+
#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
|
|
103
|
+
#define PEM_STRING_CMS "CMS"
|
|
104
104
|
|
|
105
|
-
|
|
106
|
-
#define PEM_TYPE_ENCRYPTED
|
|
107
|
-
#define PEM_TYPE_MIC_ONLY
|
|
108
|
-
#define PEM_TYPE_MIC_CLEAR
|
|
109
|
-
#define PEM_TYPE_CLEAR
|
|
105
|
+
// enc_type is one off
|
|
106
|
+
#define PEM_TYPE_ENCRYPTED 10
|
|
107
|
+
#define PEM_TYPE_MIC_ONLY 20
|
|
108
|
+
#define PEM_TYPE_MIC_CLEAR 30
|
|
109
|
+
#define PEM_TYPE_CLEAR 40
|
|
110
110
|
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
*/
|
|
111
|
+
// These macros make the PEM_read/PEM_write functions easier to maintain and
|
|
112
|
+
// write. Now they are all implemented with either:
|
|
113
|
+
// IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
|
|
115
114
|
|
|
116
115
|
#ifdef OPENSSL_NO_FP_API
|
|
117
116
|
|
|
118
|
-
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1)
|
|
119
|
-
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1)
|
|
120
|
-
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
|
|
121
|
-
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
|
|
122
|
-
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
|
|
117
|
+
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) //
|
|
118
|
+
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) //
|
|
119
|
+
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) //
|
|
120
|
+
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) //
|
|
121
|
+
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) //
|
|
123
122
|
|
|
124
123
|
#else
|
|
125
124
|
|
|
@@ -228,133 +227,178 @@ extern "C" {
|
|
|
228
227
|
}
|
|
229
228
|
|
|
230
229
|
#define IMPLEMENT_PEM_write(name, type, str, asn1) \
|
|
231
|
-
|
|
232
|
-
|
|
230
|
+
IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
|
231
|
+
IMPLEMENT_PEM_write_fp(name, type, str, asn1)
|
|
233
232
|
|
|
234
233
|
#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
|
|
235
|
-
|
|
236
|
-
|
|
234
|
+
IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
|
235
|
+
IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
|
|
237
236
|
|
|
238
237
|
#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
|
|
239
|
-
|
|
240
|
-
|
|
238
|
+
IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
|
239
|
+
IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
|
|
241
240
|
|
|
242
241
|
#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
|
|
243
|
-
|
|
244
|
-
|
|
242
|
+
IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
|
243
|
+
IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
|
|
245
244
|
|
|
246
245
|
#define IMPLEMENT_PEM_read(name, type, str, asn1) \
|
|
247
|
-
|
|
248
|
-
|
|
246
|
+
IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
|
247
|
+
IMPLEMENT_PEM_read_fp(name, type, str, asn1)
|
|
249
248
|
|
|
250
249
|
#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
|
|
251
|
-
|
|
252
|
-
|
|
250
|
+
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
|
251
|
+
IMPLEMENT_PEM_write(name, type, str, asn1)
|
|
253
252
|
|
|
254
253
|
#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
|
|
255
|
-
|
|
256
|
-
|
|
254
|
+
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
|
255
|
+
IMPLEMENT_PEM_write_const(name, type, str, asn1)
|
|
257
256
|
|
|
258
257
|
#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
|
|
259
|
-
|
|
260
|
-
|
|
258
|
+
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
|
259
|
+
IMPLEMENT_PEM_write_cb(name, type, str, asn1)
|
|
261
260
|
|
|
262
|
-
|
|
261
|
+
// These are the same except they are for the declarations
|
|
263
262
|
|
|
264
263
|
#if defined(OPENSSL_NO_FP_API)
|
|
265
264
|
|
|
266
|
-
#define DECLARE_PEM_read_fp(name, type)
|
|
267
|
-
#define DECLARE_PEM_write_fp(name, type)
|
|
268
|
-
#define DECLARE_PEM_write_cb_fp(name, type)
|
|
265
|
+
#define DECLARE_PEM_read_fp(name, type) //
|
|
266
|
+
#define DECLARE_PEM_write_fp(name, type) //
|
|
267
|
+
#define DECLARE_PEM_write_cb_fp(name, type) //
|
|
269
268
|
|
|
270
269
|
#else
|
|
271
270
|
|
|
272
|
-
#define DECLARE_PEM_read_fp(name, type)
|
|
273
|
-
|
|
271
|
+
#define DECLARE_PEM_read_fp(name, type) \
|
|
272
|
+
OPENSSL_EXPORT type *PEM_read_##name(FILE *fp, type **x, \
|
|
273
|
+
pem_password_cb *cb, void *u);
|
|
274
274
|
|
|
275
275
|
#define DECLARE_PEM_write_fp(name, type) \
|
|
276
|
-
|
|
276
|
+
OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x);
|
|
277
277
|
|
|
278
278
|
#define DECLARE_PEM_write_fp_const(name, type) \
|
|
279
|
-
|
|
279
|
+
OPENSSL_EXPORT int PEM_write_##name(FILE *fp, const type *x);
|
|
280
280
|
|
|
281
|
-
#define DECLARE_PEM_write_cb_fp(name, type)
|
|
282
|
-
|
|
283
|
-
|
|
281
|
+
#define DECLARE_PEM_write_cb_fp(name, type) \
|
|
282
|
+
OPENSSL_EXPORT int PEM_write_##name( \
|
|
283
|
+
FILE *fp, type *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, \
|
|
284
|
+
pem_password_cb *cb, void *u);
|
|
284
285
|
|
|
285
286
|
#endif
|
|
286
287
|
|
|
287
|
-
#define DECLARE_PEM_read_bio(name, type)
|
|
288
|
-
|
|
288
|
+
#define DECLARE_PEM_read_bio(name, type) \
|
|
289
|
+
OPENSSL_EXPORT type *PEM_read_bio_##name(BIO *bp, type **x, \
|
|
290
|
+
pem_password_cb *cb, void *u);
|
|
289
291
|
|
|
290
292
|
#define DECLARE_PEM_write_bio(name, type) \
|
|
291
|
-
|
|
293
|
+
OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x);
|
|
292
294
|
|
|
293
295
|
#define DECLARE_PEM_write_bio_const(name, type) \
|
|
294
|
-
|
|
296
|
+
OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, const type *x);
|
|
295
297
|
|
|
296
|
-
#define DECLARE_PEM_write_cb_bio(name, type)
|
|
297
|
-
|
|
298
|
-
|
|
298
|
+
#define DECLARE_PEM_write_cb_bio(name, type) \
|
|
299
|
+
OPENSSL_EXPORT int PEM_write_bio_##name( \
|
|
300
|
+
BIO *bp, type *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, \
|
|
301
|
+
pem_password_cb *cb, void *u);
|
|
299
302
|
|
|
300
303
|
|
|
301
304
|
#define DECLARE_PEM_write(name, type) \
|
|
302
|
-
|
|
303
|
-
|
|
305
|
+
DECLARE_PEM_write_bio(name, type) \
|
|
306
|
+
DECLARE_PEM_write_fp(name, type)
|
|
304
307
|
|
|
305
308
|
#define DECLARE_PEM_write_const(name, type) \
|
|
306
|
-
|
|
307
|
-
|
|
309
|
+
DECLARE_PEM_write_bio_const(name, type) \
|
|
310
|
+
DECLARE_PEM_write_fp_const(name, type)
|
|
308
311
|
|
|
309
312
|
#define DECLARE_PEM_write_cb(name, type) \
|
|
310
|
-
|
|
311
|
-
|
|
313
|
+
DECLARE_PEM_write_cb_bio(name, type) \
|
|
314
|
+
DECLARE_PEM_write_cb_fp(name, type)
|
|
312
315
|
|
|
313
316
|
#define DECLARE_PEM_read(name, type) \
|
|
314
|
-
|
|
315
|
-
|
|
317
|
+
DECLARE_PEM_read_bio(name, type) \
|
|
318
|
+
DECLARE_PEM_read_fp(name, type)
|
|
316
319
|
|
|
317
320
|
#define DECLARE_PEM_rw(name, type) \
|
|
318
|
-
|
|
319
|
-
|
|
321
|
+
DECLARE_PEM_read(name, type) \
|
|
322
|
+
DECLARE_PEM_write(name, type)
|
|
320
323
|
|
|
321
324
|
#define DECLARE_PEM_rw_const(name, type) \
|
|
322
|
-
|
|
323
|
-
|
|
325
|
+
DECLARE_PEM_read(name, type) \
|
|
326
|
+
DECLARE_PEM_write_const(name, type)
|
|
324
327
|
|
|
325
328
|
#define DECLARE_PEM_rw_cb(name, type) \
|
|
326
|
-
|
|
327
|
-
|
|
329
|
+
DECLARE_PEM_read(name, type) \
|
|
330
|
+
DECLARE_PEM_write_cb(name, type)
|
|
328
331
|
|
|
329
|
-
|
|
332
|
+
// "userdata": new with OpenSSL 0.9.4
|
|
330
333
|
typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
|
|
331
334
|
|
|
332
|
-
OPENSSL_EXPORT int
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
OPENSSL_EXPORT
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
*
|
|
355
|
-
|
|
356
|
-
OPENSSL_EXPORT
|
|
357
|
-
|
|
335
|
+
OPENSSL_EXPORT int PEM_get_EVP_CIPHER_INFO(char *header,
|
|
336
|
+
EVP_CIPHER_INFO *cipher);
|
|
337
|
+
OPENSSL_EXPORT int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data,
|
|
338
|
+
long *len, pem_password_cb *callback, void *u);
|
|
339
|
+
|
|
340
|
+
// PEM_read_bio reads from |bp|, until the next PEM block. If one is found, it
|
|
341
|
+
// returns one and sets |*name|, |*header|, and |*data| to newly-allocated
|
|
342
|
+
// buffers containing the PEM type, the header block, and the decoded data,
|
|
343
|
+
// respectively. |*name| and |*header| are NUL-terminated C strings, while
|
|
344
|
+
// |*data| has |*len| bytes. The caller must release each of |*name|, |*header|,
|
|
345
|
+
// and |*data| with |OPENSSL_free| when done. If no PEM block is found, this
|
|
346
|
+
// function returns zero and pushes |PEM_R_NO_START_LINE| to the error queue. If
|
|
347
|
+
// one is found, but there is an error decoding it, it returns zero and pushes
|
|
348
|
+
// some other error to the error queue.
|
|
349
|
+
OPENSSL_EXPORT int PEM_read_bio(BIO *bp, char **name, char **header,
|
|
350
|
+
unsigned char **data, long *len);
|
|
351
|
+
|
|
352
|
+
// PEM_write_bio writes a PEM block to |bp|, containing |len| bytes from |data|
|
|
353
|
+
// as data. |name| and |hdr| are NUL-terminated C strings containing the PEM
|
|
354
|
+
// type and header block, respectively. This function returns zero on error and
|
|
355
|
+
// the number of bytes written on success.
|
|
356
|
+
OPENSSL_EXPORT int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
|
|
357
|
+
const unsigned char *data, long len);
|
|
358
|
+
|
|
359
|
+
OPENSSL_EXPORT int PEM_bytes_read_bio(unsigned char **pdata, long *plen,
|
|
360
|
+
char **pnm, const char *name, BIO *bp,
|
|
361
|
+
pem_password_cb *cb, void *u);
|
|
362
|
+
OPENSSL_EXPORT void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name,
|
|
363
|
+
BIO *bp, void **x, pem_password_cb *cb,
|
|
364
|
+
void *u);
|
|
365
|
+
OPENSSL_EXPORT int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name,
|
|
366
|
+
BIO *bp, void *x, const EVP_CIPHER *enc,
|
|
367
|
+
unsigned char *kstr, int klen,
|
|
368
|
+
pem_password_cb *cb, void *u);
|
|
369
|
+
|
|
370
|
+
OPENSSL_EXPORT STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(
|
|
371
|
+
BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
|
|
372
|
+
OPENSSL_EXPORT int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi,
|
|
373
|
+
EVP_CIPHER *enc, unsigned char *kstr,
|
|
374
|
+
int klen, pem_password_cb *cd,
|
|
375
|
+
void *u);
|
|
376
|
+
|
|
377
|
+
OPENSSL_EXPORT int PEM_read(FILE *fp, char **name, char **header,
|
|
378
|
+
unsigned char **data, long *len);
|
|
379
|
+
OPENSSL_EXPORT int PEM_write(FILE *fp, const char *name, const char *hdr,
|
|
380
|
+
const unsigned char *data, long len);
|
|
381
|
+
OPENSSL_EXPORT void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp,
|
|
382
|
+
void **x, pem_password_cb *cb, void *u);
|
|
383
|
+
OPENSSL_EXPORT int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
|
|
384
|
+
void *x, const EVP_CIPHER *enc,
|
|
385
|
+
unsigned char *kstr, int klen,
|
|
386
|
+
pem_password_cb *callback, void *u);
|
|
387
|
+
OPENSSL_EXPORT STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp,
|
|
388
|
+
STACK_OF(X509_INFO) *sk,
|
|
389
|
+
pem_password_cb *cb,
|
|
390
|
+
void *u);
|
|
391
|
+
|
|
392
|
+
// PEM_def_callback treats |userdata| as a string and copies it into |buf|,
|
|
393
|
+
// assuming its |size| is sufficient. Returns the length of the string, or 0
|
|
394
|
+
// if there is not enough room. If either |buf| or |userdata| is NULL, 0 is
|
|
395
|
+
// returned. Note that this is different from OpenSSL, which prompts for a
|
|
396
|
+
// password.
|
|
397
|
+
OPENSSL_EXPORT int PEM_def_callback(char *buf, int size, int rwflag,
|
|
398
|
+
void *userdata);
|
|
399
|
+
OPENSSL_EXPORT void PEM_proc_type(char *buf, int type);
|
|
400
|
+
OPENSSL_EXPORT void PEM_dek_info(char *buf, const char *type, int len,
|
|
401
|
+
char *str);
|
|
358
402
|
|
|
359
403
|
|
|
360
404
|
DECLARE_PEM_rw(X509, X509)
|
|
@@ -397,22 +441,46 @@ DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
|
|
|
397
441
|
|
|
398
442
|
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
|
|
399
443
|
|
|
400
|
-
OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x,
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
|
|
444
|
+
OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x,
|
|
445
|
+
int nid, char *kstr,
|
|
446
|
+
int klen,
|
|
447
|
+
pem_password_cb *cb,
|
|
448
|
+
void *u);
|
|
449
|
+
OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *,
|
|
450
|
+
const EVP_CIPHER *, char *,
|
|
451
|
+
int, pem_password_cb *,
|
|
452
|
+
void *);
|
|
453
|
+
OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x,
|
|
454
|
+
const EVP_CIPHER *enc, char *kstr,
|
|
455
|
+
int klen, pem_password_cb *cb,
|
|
456
|
+
void *u);
|
|
457
|
+
OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
|
|
458
|
+
char *kstr, int klen,
|
|
459
|
+
pem_password_cb *cb, void *u);
|
|
460
|
+
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x,
|
|
461
|
+
pem_password_cb *cb, void *u);
|
|
462
|
+
|
|
463
|
+
OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x,
|
|
464
|
+
const EVP_CIPHER *enc, char *kstr,
|
|
465
|
+
int klen, pem_password_cb *cb,
|
|
466
|
+
void *u);
|
|
467
|
+
OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
|
|
468
|
+
char *kstr, int klen,
|
|
469
|
+
pem_password_cb *cb, void *u);
|
|
470
|
+
OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
|
|
471
|
+
char *kstr, int klen,
|
|
472
|
+
pem_password_cb *cb, void *u);
|
|
473
|
+
|
|
474
|
+
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x,
|
|
475
|
+
pem_password_cb *cb, void *u);
|
|
476
|
+
|
|
477
|
+
OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x,
|
|
478
|
+
const EVP_CIPHER *enc, char *kstr,
|
|
479
|
+
int klen, pem_password_cb *cd,
|
|
480
|
+
void *u);
|
|
481
|
+
|
|
482
|
+
|
|
483
|
+
#ifdef __cplusplus
|
|
416
484
|
}
|
|
417
485
|
#endif
|
|
418
486
|
|
|
@@ -432,4 +500,4 @@ OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPH
|
|
|
432
500
|
#define PEM_R_UNSUPPORTED_CIPHER 113
|
|
433
501
|
#define PEM_R_UNSUPPORTED_ENCRYPTION 114
|
|
434
502
|
|
|
435
|
-
#endif
|
|
503
|
+
#endif // OPENSSL_HEADER_PEM_H
|