grpc 1.4.5 → 1.6.0.pre1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (928) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1235 -1100
  3. data/etc/roots.pem +0 -412
  4. data/include/grpc/byte_buffer.h +10 -25
  5. data/include/grpc/byte_buffer_reader.h +10 -25
  6. data/include/grpc/census.h +10 -25
  7. data/include/grpc/compression.h +10 -25
  8. data/include/grpc/grpc.h +15 -26
  9. data/include/grpc/grpc_cronet.h +10 -25
  10. data/include/grpc/grpc_posix.h +10 -25
  11. data/include/grpc/grpc_security.h +10 -25
  12. data/include/grpc/grpc_security_constants.h +10 -25
  13. data/include/grpc/impl/codegen/atm.h +11 -25
  14. data/include/grpc/impl/codegen/atm_gcc_atomic.h +10 -25
  15. data/include/grpc/impl/codegen/atm_gcc_sync.h +10 -25
  16. data/include/grpc/impl/codegen/atm_windows.h +10 -25
  17. data/include/grpc/impl/codegen/byte_buffer_reader.h +11 -26
  18. data/include/grpc/impl/codegen/compression_types.h +12 -27
  19. data/include/grpc/impl/codegen/connectivity_state.h +10 -25
  20. data/include/grpc/impl/codegen/exec_ctx_fwd.h +10 -25
  21. data/include/grpc/impl/codegen/gpr_slice.h +10 -25
  22. data/include/grpc/impl/codegen/gpr_types.h +10 -25
  23. data/include/grpc/impl/codegen/grpc_types.h +42 -43
  24. data/include/grpc/impl/codegen/port_platform.h +10 -25
  25. data/include/grpc/impl/codegen/propagation_bits.h +10 -25
  26. data/include/grpc/impl/codegen/slice.h +13 -28
  27. data/include/grpc/impl/codegen/status.h +10 -25
  28. data/include/grpc/impl/codegen/sync.h +10 -25
  29. data/include/grpc/impl/codegen/sync_generic.h +10 -25
  30. data/include/grpc/impl/codegen/sync_posix.h +10 -25
  31. data/include/grpc/impl/codegen/sync_windows.h +10 -25
  32. data/include/grpc/load_reporting.h +10 -25
  33. data/include/grpc/slice.h +10 -25
  34. data/include/grpc/slice_buffer.h +10 -25
  35. data/include/grpc/status.h +10 -25
  36. data/include/grpc/support/alloc.h +10 -25
  37. data/include/grpc/support/atm.h +10 -25
  38. data/include/grpc/support/atm_gcc_atomic.h +10 -25
  39. data/include/grpc/support/atm_gcc_sync.h +10 -25
  40. data/include/grpc/support/atm_windows.h +10 -25
  41. data/include/grpc/support/avl.h +46 -49
  42. data/include/grpc/support/cmdline.h +10 -25
  43. data/include/grpc/support/cpu.h +10 -25
  44. data/include/grpc/support/histogram.h +10 -25
  45. data/include/grpc/support/host_port.h +10 -25
  46. data/include/grpc/support/log.h +10 -25
  47. data/include/grpc/support/log_windows.h +10 -25
  48. data/include/grpc/support/port_platform.h +10 -25
  49. data/include/grpc/support/string_util.h +10 -25
  50. data/include/grpc/support/subprocess.h +10 -25
  51. data/include/grpc/support/sync.h +10 -25
  52. data/include/grpc/support/sync_generic.h +10 -25
  53. data/include/grpc/support/sync_posix.h +10 -25
  54. data/include/grpc/support/sync_windows.h +10 -25
  55. data/include/grpc/support/thd.h +10 -25
  56. data/include/grpc/support/time.h +10 -25
  57. data/include/grpc/support/tls.h +10 -25
  58. data/include/grpc/support/tls_gcc.h +10 -25
  59. data/include/grpc/support/tls_msvc.h +10 -25
  60. data/include/grpc/support/tls_pthread.h +10 -25
  61. data/include/grpc/support/useful.h +10 -25
  62. data/include/grpc/support/workaround_list.h +11 -26
  63. data/src/boringssl/err_data.c +277 -259
  64. data/src/core/ext/census/aggregation.h +10 -25
  65. data/src/core/ext/census/base_resources.c +10 -25
  66. data/src/core/ext/census/base_resources.h +10 -25
  67. data/src/core/ext/census/census_interface.h +10 -25
  68. data/src/core/ext/census/census_rpc_stats.h +10 -25
  69. data/src/core/ext/census/context.c +10 -25
  70. data/src/core/ext/census/gen/census.pb.c +10 -25
  71. data/src/core/ext/census/gen/census.pb.h +10 -25
  72. data/src/core/ext/census/gen/trace_context.pb.c +10 -25
  73. data/src/core/ext/census/gen/trace_context.pb.h +10 -25
  74. data/src/core/ext/census/grpc_context.c +10 -25
  75. data/src/core/ext/census/grpc_filter.c +11 -26
  76. data/src/core/ext/census/grpc_filter.h +10 -25
  77. data/src/core/ext/census/grpc_plugin.c +10 -25
  78. data/src/core/ext/census/initialize.c +10 -25
  79. data/src/core/ext/census/intrusive_hash_map.c +10 -25
  80. data/src/core/ext/census/intrusive_hash_map.h +10 -25
  81. data/src/core/ext/census/intrusive_hash_map_internal.h +10 -25
  82. data/src/core/ext/census/mlog.c +10 -25
  83. data/src/core/ext/census/mlog.h +10 -25
  84. data/src/core/ext/census/operation.c +10 -25
  85. data/src/core/ext/census/placeholders.c +10 -25
  86. data/src/core/ext/census/resource.c +10 -25
  87. data/src/core/ext/census/resource.h +10 -25
  88. data/src/core/ext/census/rpc_metric_id.h +10 -25
  89. data/src/core/ext/census/trace_context.c +10 -25
  90. data/src/core/ext/census/trace_context.h +10 -25
  91. data/src/core/ext/census/trace_label.h +10 -25
  92. data/src/core/ext/census/trace_propagation.h +10 -25
  93. data/src/core/ext/census/trace_status.h +10 -25
  94. data/src/core/ext/census/trace_string.h +10 -25
  95. data/src/core/ext/census/tracing.c +10 -26
  96. data/src/core/ext/census/tracing.h +10 -25
  97. data/src/core/ext/filters/client_channel/channel_connectivity.c +20 -33
  98. data/src/core/ext/filters/client_channel/client_channel.c +617 -520
  99. data/src/core/ext/filters/client_channel/client_channel.h +15 -28
  100. data/src/core/ext/filters/client_channel/client_channel_factory.c +13 -31
  101. data/src/core/ext/filters/client_channel/client_channel_factory.h +10 -25
  102. data/src/core/ext/filters/client_channel/client_channel_plugin.c +16 -29
  103. data/src/core/ext/filters/client_channel/connector.c +10 -25
  104. data/src/core/ext/filters/client_channel/connector.h +10 -25
  105. data/src/core/ext/filters/client_channel/http_connect_handshaker.c +15 -30
  106. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -25
  107. data/src/core/ext/filters/client_channel/http_proxy.c +112 -38
  108. data/src/core/ext/filters/client_channel/http_proxy.h +10 -25
  109. data/src/core/ext/filters/client_channel/lb_policy.c +32 -36
  110. data/src/core/ext/filters/client_channel/lb_policy.h +24 -27
  111. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.c +14 -30
  112. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +10 -25
  113. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.c +464 -279
  114. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +10 -25
  115. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +15 -28
  116. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.c +40 -48
  117. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.c +65 -49
  118. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +31 -31
  119. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.c +47 -32
  120. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +11 -26
  121. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +13 -9
  122. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +27 -21
  123. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.c +373 -136
  124. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.c +504 -279
  125. data/src/core/ext/filters/client_channel/lb_policy_factory.c +12 -31
  126. data/src/core/ext/filters/client_channel/lb_policy_factory.h +12 -27
  127. data/src/core/ext/filters/client_channel/lb_policy_registry.c +10 -25
  128. data/src/core/ext/filters/client_channel/lb_policy_registry.h +10 -25
  129. data/src/core/ext/filters/client_channel/parse_address.c +10 -25
  130. data/src/core/ext/filters/client_channel/parse_address.h +10 -25
  131. data/src/core/ext/filters/client_channel/proxy_mapper.c +10 -25
  132. data/src/core/ext/filters/client_channel/proxy_mapper.h +10 -25
  133. data/src/core/ext/filters/client_channel/proxy_mapper_registry.c +10 -25
  134. data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +10 -25
  135. data/src/core/ext/filters/client_channel/resolver.c +33 -38
  136. data/src/core/ext/filters/client_channel/resolver.h +19 -30
  137. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.c +153 -50
  138. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +14 -27
  139. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.c +33 -30
  140. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.c +326 -116
  141. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +35 -36
  142. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.c +60 -0
  143. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.c +19 -34
  144. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.c +254 -0
  145. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +60 -0
  146. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.c +16 -28
  147. data/src/core/ext/filters/client_channel/resolver_factory.c +10 -25
  148. data/src/core/ext/filters/client_channel/resolver_factory.h +10 -25
  149. data/src/core/ext/filters/client_channel/resolver_registry.c +10 -25
  150. data/src/core/ext/filters/client_channel/resolver_registry.h +10 -25
  151. data/src/core/ext/filters/client_channel/retry_throttle.c +23 -34
  152. data/src/core/ext/filters/client_channel/retry_throttle.h +10 -25
  153. data/src/core/ext/filters/client_channel/subchannel.c +33 -55
  154. data/src/core/ext/filters/client_channel/subchannel.h +16 -26
  155. data/src/core/ext/filters/client_channel/subchannel_index.c +55 -92
  156. data/src/core/ext/filters/client_channel/subchannel_index.h +26 -29
  157. data/src/core/ext/filters/client_channel/uri_parser.c +10 -25
  158. data/src/core/ext/filters/client_channel/uri_parser.h +10 -25
  159. data/src/core/ext/filters/deadline/deadline_filter.c +30 -45
  160. data/src/core/ext/filters/deadline/deadline_filter.h +10 -25
  161. data/src/core/ext/filters/http/client/http_client_filter.c +255 -294
  162. data/src/core/ext/filters/http/client/http_client_filter.h +10 -25
  163. data/src/core/ext/filters/http/http_filters_plugin.c +11 -26
  164. data/src/core/ext/filters/http/message_compress/message_compress_filter.c +133 -105
  165. data/src/core/ext/filters/http/message_compress/message_compress_filter.h +10 -25
  166. data/src/core/ext/filters/http/server/http_server_filter.c +17 -32
  167. data/src/core/ext/filters/http/server/http_server_filter.h +10 -25
  168. data/src/core/ext/filters/load_reporting/load_reporting.c +11 -30
  169. data/src/core/ext/filters/load_reporting/load_reporting.h +10 -25
  170. data/src/core/ext/filters/load_reporting/load_reporting_filter.c +11 -26
  171. data/src/core/ext/filters/load_reporting/load_reporting_filter.h +10 -25
  172. data/src/core/ext/filters/max_age/max_age_filter.c +28 -43
  173. data/src/core/ext/filters/max_age/max_age_filter.h +10 -25
  174. data/src/core/ext/filters/message_size/message_size_filter.c +24 -37
  175. data/src/core/ext/filters/message_size/message_size_filter.h +10 -25
  176. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.c +16 -31
  177. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +10 -25
  178. data/src/core/ext/filters/workarounds/workaround_utils.c +12 -26
  179. data/src/core/ext/filters/workarounds/workaround_utils.h +11 -26
  180. data/src/core/ext/transport/chttp2/alpn/alpn.c +10 -25
  181. data/src/core/ext/transport/chttp2/alpn/alpn.h +10 -25
  182. data/src/core/ext/transport/chttp2/client/chttp2_connector.c +13 -28
  183. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +10 -25
  184. data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +13 -30
  185. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +12 -29
  186. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +13 -30
  187. data/src/core/ext/transport/chttp2/server/chttp2_server.c +11 -26
  188. data/src/core/ext/transport/chttp2/server/chttp2_server.h +10 -25
  189. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +10 -25
  190. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +10 -25
  191. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +10 -25
  192. data/src/core/ext/transport/chttp2/transport/bin_decoder.c +11 -25
  193. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +10 -25
  194. data/src/core/ext/transport/chttp2/transport/bin_encoder.c +10 -25
  195. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +10 -25
  196. data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +15 -27
  197. data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +421 -443
  198. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +14 -25
  199. data/src/core/ext/transport/chttp2/transport/flow_control.c +500 -0
  200. data/src/core/ext/transport/chttp2/transport/frame.h +10 -25
  201. data/src/core/ext/transport/chttp2/transport/frame_data.c +20 -28
  202. data/src/core/ext/transport/chttp2/transport/frame_data.h +10 -25
  203. data/src/core/ext/transport/chttp2/transport/frame_goaway.c +10 -25
  204. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +10 -25
  205. data/src/core/ext/transport/chttp2/transport/frame_ping.c +11 -26
  206. data/src/core/ext/transport/chttp2/transport/frame_ping.h +10 -25
  207. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +11 -26
  208. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +10 -25
  209. data/src/core/ext/transport/chttp2/transport/frame_settings.c +16 -29
  210. data/src/core/ext/transport/chttp2/transport/frame_settings.h +10 -25
  211. data/src/core/ext/transport/chttp2/transport/frame_window_update.c +17 -33
  212. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +10 -25
  213. data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +18 -31
  214. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +12 -25
  215. data/src/core/ext/transport/chttp2/transport/hpack_parser.c +15 -30
  216. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +10 -25
  217. data/src/core/ext/transport/chttp2/transport/hpack_table.c +10 -25
  218. data/src/core/ext/transport/chttp2/transport/hpack_table.h +10 -25
  219. data/src/core/ext/transport/chttp2/transport/http2_settings.c +10 -25
  220. data/src/core/ext/transport/chttp2/transport/http2_settings.h +10 -25
  221. data/src/core/ext/transport/chttp2/transport/huffsyms.c +10 -25
  222. data/src/core/ext/transport/chttp2/transport/huffsyms.h +10 -25
  223. data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +10 -25
  224. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +10 -25
  225. data/src/core/ext/transport/chttp2/transport/internal.h +191 -179
  226. data/src/core/ext/transport/chttp2/transport/parsing.c +33 -102
  227. data/src/core/ext/transport/chttp2/transport/stream_lists.c +26 -28
  228. data/src/core/ext/transport/chttp2/transport/stream_map.c +10 -25
  229. data/src/core/ext/transport/chttp2/transport/stream_map.h +10 -25
  230. data/src/core/ext/transport/chttp2/transport/varint.c +14 -25
  231. data/src/core/ext/transport/chttp2/transport/varint.h +10 -25
  232. data/src/core/ext/transport/chttp2/transport/writing.c +164 -106
  233. data/src/core/ext/transport/inproc/inproc_plugin.c +29 -0
  234. data/src/core/ext/transport/inproc/inproc_transport.c +1303 -0
  235. data/src/core/ext/transport/inproc/inproc_transport.h +41 -0
  236. data/src/core/lib/channel/channel_args.c +52 -27
  237. data/src/core/lib/channel/channel_args.h +18 -27
  238. data/src/core/lib/channel/channel_stack.c +11 -26
  239. data/src/core/lib/channel/channel_stack.h +12 -27
  240. data/src/core/lib/channel/channel_stack_builder.c +11 -26
  241. data/src/core/lib/channel/channel_stack_builder.h +10 -25
  242. data/src/core/lib/channel/connected_channel.c +10 -25
  243. data/src/core/lib/channel/connected_channel.h +10 -25
  244. data/src/core/lib/channel/context.h +10 -25
  245. data/src/core/lib/channel/handshaker.c +14 -29
  246. data/src/core/lib/channel/handshaker.h +10 -25
  247. data/src/core/lib/channel/handshaker_factory.c +10 -25
  248. data/src/core/lib/channel/handshaker_factory.h +10 -25
  249. data/src/core/lib/channel/handshaker_registry.c +10 -25
  250. data/src/core/lib/channel/handshaker_registry.h +10 -25
  251. data/src/core/lib/compression/algorithm_metadata.h +10 -25
  252. data/src/core/lib/compression/compression.c +10 -25
  253. data/src/core/lib/compression/message_compress.c +10 -25
  254. data/src/core/lib/compression/message_compress.h +10 -25
  255. data/src/core/lib/compression/stream_compression.c +191 -0
  256. data/src/core/lib/compression/stream_compression.h +90 -0
  257. data/src/core/lib/debug/trace.c +28 -29
  258. data/src/core/lib/debug/trace.h +16 -30
  259. data/src/core/lib/http/format_request.c +10 -25
  260. data/src/core/lib/http/format_request.h +10 -25
  261. data/src/core/lib/http/httpcli.c +19 -35
  262. data/src/core/lib/http/httpcli.h +10 -25
  263. data/src/core/lib/http/httpcli_security_connector.c +17 -30
  264. data/src/core/lib/http/parser.c +11 -26
  265. data/src/core/lib/http/parser.h +10 -25
  266. data/src/core/lib/iomgr/closure.c +62 -25
  267. data/src/core/lib/iomgr/closure.h +81 -26
  268. data/src/core/lib/iomgr/combiner.c +103 -200
  269. data/src/core/lib/iomgr/combiner.h +14 -32
  270. data/src/core/lib/iomgr/endpoint.c +10 -29
  271. data/src/core/lib/iomgr/endpoint.h +10 -29
  272. data/src/core/lib/iomgr/endpoint_pair.h +10 -25
  273. data/src/core/lib/iomgr/endpoint_pair_posix.c +10 -25
  274. data/src/core/lib/iomgr/endpoint_pair_uv.c +10 -25
  275. data/src/core/lib/iomgr/endpoint_pair_windows.c +10 -25
  276. data/src/core/lib/iomgr/error.c +45 -46
  277. data/src/core/lib/iomgr/error.h +21 -34
  278. data/src/core/lib/iomgr/error_internal.h +10 -25
  279. data/src/core/lib/iomgr/ev_epoll1_linux.c +279 -179
  280. data/src/core/lib/iomgr/ev_epoll1_linux.h +10 -25
  281. data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.c +75 -264
  282. data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.h +10 -25
  283. data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.c +44 -199
  284. data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.h +10 -25
  285. data/src/core/lib/iomgr/ev_epollex_linux.c +184 -247
  286. data/src/core/lib/iomgr/ev_epollex_linux.h +10 -25
  287. data/src/core/lib/iomgr/ev_epollsig_linux.c +116 -323
  288. data/src/core/lib/iomgr/ev_epollsig_linux.h +10 -25
  289. data/src/core/lib/iomgr/ev_poll_posix.c +328 -184
  290. data/src/core/lib/iomgr/ev_poll_posix.h +10 -25
  291. data/src/core/lib/iomgr/ev_posix.c +25 -56
  292. data/src/core/lib/iomgr/ev_posix.h +15 -44
  293. data/src/core/lib/iomgr/ev_windows.c +11 -26
  294. data/src/core/lib/iomgr/exec_ctx.c +36 -45
  295. data/src/core/lib/iomgr/exec_ctx.h +10 -25
  296. data/src/core/lib/iomgr/executor.c +152 -127
  297. data/src/core/lib/iomgr/executor.h +18 -26
  298. data/src/core/lib/iomgr/gethostname.h +26 -0
  299. data/src/core/lib/iomgr/gethostname_fallback.c +27 -0
  300. data/src/core/lib/iomgr/gethostname_host_name_max.c +37 -0
  301. data/src/core/lib/iomgr/gethostname_sysconf.c +37 -0
  302. data/src/core/lib/iomgr/iocp_windows.c +10 -25
  303. data/src/core/lib/iomgr/iocp_windows.h +10 -25
  304. data/src/core/lib/iomgr/iomgr.c +17 -28
  305. data/src/core/lib/iomgr/iomgr.h +12 -27
  306. data/src/core/lib/iomgr/iomgr_internal.h +10 -25
  307. data/src/core/lib/iomgr/iomgr_posix.c +11 -26
  308. data/src/core/lib/iomgr/iomgr_posix.h +10 -25
  309. data/src/core/lib/iomgr/iomgr_uv.c +19 -26
  310. data/src/core/lib/iomgr/iomgr_uv.h +37 -0
  311. data/src/core/lib/iomgr/iomgr_windows.c +10 -25
  312. data/src/core/lib/iomgr/is_epollexclusive_available.c +10 -25
  313. data/src/core/lib/iomgr/is_epollexclusive_available.h +10 -25
  314. data/src/core/lib/iomgr/load_file.c +10 -25
  315. data/src/core/lib/iomgr/load_file.h +10 -25
  316. data/src/core/lib/iomgr/lockfree_event.c +22 -35
  317. data/src/core/lib/iomgr/lockfree_event.h +13 -27
  318. data/src/core/lib/iomgr/nameser.h +104 -0
  319. data/src/core/lib/iomgr/network_status_tracker.c +10 -25
  320. data/src/core/lib/iomgr/network_status_tracker.h +10 -25
  321. data/src/core/lib/iomgr/polling_entity.c +10 -25
  322. data/src/core/lib/iomgr/polling_entity.h +14 -34
  323. data/src/core/lib/iomgr/pollset.h +14 -25
  324. data/src/core/lib/iomgr/pollset_set.h +10 -25
  325. data/src/core/lib/iomgr/pollset_set_uv.c +10 -25
  326. data/src/core/lib/iomgr/pollset_set_windows.c +10 -25
  327. data/src/core/lib/iomgr/pollset_set_windows.h +10 -25
  328. data/src/core/lib/iomgr/pollset_uv.c +25 -26
  329. data/src/core/lib/iomgr/pollset_uv.h +10 -25
  330. data/src/core/lib/iomgr/pollset_windows.c +17 -27
  331. data/src/core/lib/iomgr/pollset_windows.h +10 -25
  332. data/src/core/lib/iomgr/port.h +24 -25
  333. data/src/core/lib/iomgr/resolve_address.h +10 -25
  334. data/src/core/lib/iomgr/resolve_address_posix.c +13 -28
  335. data/src/core/lib/iomgr/resolve_address_uv.c +31 -35
  336. data/src/core/lib/iomgr/resolve_address_windows.c +13 -28
  337. data/src/core/lib/iomgr/resource_quota.c +52 -67
  338. data/src/core/lib/iomgr/resource_quota.h +10 -25
  339. data/src/core/lib/iomgr/sockaddr.h +10 -25
  340. data/src/core/lib/iomgr/sockaddr_posix.h +10 -25
  341. data/src/core/lib/iomgr/sockaddr_utils.c +15 -25
  342. data/src/core/lib/iomgr/sockaddr_utils.h +12 -25
  343. data/src/core/lib/iomgr/sockaddr_windows.h +10 -25
  344. data/src/core/lib/iomgr/socket_factory_posix.c +13 -31
  345. data/src/core/lib/iomgr/socket_factory_posix.h +10 -25
  346. data/src/core/lib/iomgr/socket_mutator.c +14 -31
  347. data/src/core/lib/iomgr/socket_mutator.h +10 -25
  348. data/src/core/lib/iomgr/socket_utils.h +10 -25
  349. data/src/core/lib/iomgr/socket_utils_common_posix.c +10 -25
  350. data/src/core/lib/iomgr/socket_utils_linux.c +10 -25
  351. data/src/core/lib/iomgr/socket_utils_posix.c +10 -25
  352. data/src/core/lib/iomgr/socket_utils_posix.h +10 -25
  353. data/src/core/lib/iomgr/socket_utils_uv.c +10 -25
  354. data/src/core/lib/iomgr/socket_utils_windows.c +10 -25
  355. data/src/core/lib/iomgr/socket_windows.c +12 -27
  356. data/src/core/lib/iomgr/socket_windows.h +10 -25
  357. data/src/core/lib/iomgr/sys_epoll_wrapper.h +10 -25
  358. data/src/core/lib/iomgr/tcp_client.h +10 -25
  359. data/src/core/lib/iomgr/tcp_client_posix.c +21 -34
  360. data/src/core/lib/iomgr/tcp_client_posix.h +10 -25
  361. data/src/core/lib/iomgr/tcp_client_uv.c +18 -27
  362. data/src/core/lib/iomgr/tcp_client_windows.c +14 -29
  363. data/src/core/lib/iomgr/tcp_posix.c +36 -55
  364. data/src/core/lib/iomgr/tcp_posix.h +10 -25
  365. data/src/core/lib/iomgr/tcp_server.h +10 -25
  366. data/src/core/lib/iomgr/tcp_server_posix.c +16 -31
  367. data/src/core/lib/iomgr/tcp_server_utils_posix.h +10 -25
  368. data/src/core/lib/iomgr/tcp_server_utils_posix_common.c +11 -26
  369. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.c +10 -25
  370. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.c +10 -25
  371. data/src/core/lib/iomgr/tcp_server_uv.c +103 -64
  372. data/src/core/lib/iomgr/tcp_server_windows.c +14 -29
  373. data/src/core/lib/iomgr/tcp_uv.c +41 -45
  374. data/src/core/lib/iomgr/tcp_uv.h +10 -25
  375. data/src/core/lib/iomgr/tcp_windows.c +39 -53
  376. data/src/core/lib/iomgr/tcp_windows.h +10 -25
  377. data/src/core/lib/iomgr/time_averaged_stats.c +10 -25
  378. data/src/core/lib/iomgr/time_averaged_stats.h +10 -25
  379. data/src/core/lib/iomgr/timer.h +18 -27
  380. data/src/core/lib/iomgr/timer_generic.c +91 -87
  381. data/src/core/lib/iomgr/timer_generic.h +10 -25
  382. data/src/core/lib/iomgr/timer_heap.c +10 -25
  383. data/src/core/lib/iomgr/timer_heap.h +10 -25
  384. data/src/core/lib/iomgr/timer_manager.c +178 -100
  385. data/src/core/lib/iomgr/timer_manager.h +10 -25
  386. data/src/core/lib/iomgr/timer_uv.c +23 -33
  387. data/src/core/lib/iomgr/timer_uv.h +10 -25
  388. data/src/core/lib/iomgr/udp_server.c +17 -32
  389. data/src/core/lib/iomgr/udp_server.h +10 -25
  390. data/src/core/lib/iomgr/unix_sockets_posix.c +10 -25
  391. data/src/core/lib/iomgr/unix_sockets_posix.h +10 -25
  392. data/src/core/lib/iomgr/unix_sockets_posix_noop.c +10 -25
  393. data/src/core/lib/iomgr/wakeup_fd_cv.c +10 -25
  394. data/src/core/lib/iomgr/wakeup_fd_cv.h +13 -28
  395. data/src/core/lib/iomgr/wakeup_fd_eventfd.c +10 -25
  396. data/src/core/lib/iomgr/wakeup_fd_nospecial.c +10 -25
  397. data/src/core/lib/iomgr/wakeup_fd_pipe.c +10 -25
  398. data/src/core/lib/iomgr/wakeup_fd_pipe.h +10 -25
  399. data/src/core/lib/iomgr/wakeup_fd_posix.c +10 -25
  400. data/src/core/lib/iomgr/wakeup_fd_posix.h +10 -25
  401. data/src/core/lib/json/json.c +10 -25
  402. data/src/core/lib/json/json.h +10 -25
  403. data/src/core/lib/json/json_common.h +10 -25
  404. data/src/core/lib/json/json_reader.c +11 -25
  405. data/src/core/lib/json/json_reader.h +10 -25
  406. data/src/core/lib/json/json_string.c +10 -25
  407. data/src/core/lib/json/json_writer.c +10 -25
  408. data/src/core/lib/json/json_writer.h +10 -25
  409. data/src/core/lib/profiling/basic_timers.c +10 -25
  410. data/src/core/lib/profiling/stap_timers.c +10 -25
  411. data/src/core/lib/profiling/timers.h +10 -25
  412. data/src/core/lib/security/context/security_context.c +32 -40
  413. data/src/core/lib/security/context/security_context.h +15 -26
  414. data/src/core/lib/security/credentials/composite/composite_credentials.c +76 -81
  415. data/src/core/lib/security/credentials/composite/composite_credentials.h +10 -25
  416. data/src/core/lib/security/credentials/credentials.c +29 -49
  417. data/src/core/lib/security/credentials/credentials.h +48 -61
  418. data/src/core/lib/security/credentials/credentials_metadata.c +34 -78
  419. data/src/core/lib/security/credentials/fake/fake_credentials.c +33 -56
  420. data/src/core/lib/security/credentials/fake/fake_credentials.h +12 -27
  421. data/src/core/lib/security/credentials/google_default/credentials_generic.c +10 -25
  422. data/src/core/lib/security/credentials/google_default/google_default_credentials.c +12 -27
  423. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +10 -25
  424. data/src/core/lib/security/credentials/iam/iam_credentials.c +40 -40
  425. data/src/core/lib/security/credentials/iam/iam_credentials.h +11 -26
  426. data/src/core/lib/security/credentials/jwt/json_token.c +10 -25
  427. data/src/core/lib/security/credentials/jwt/json_token.h +10 -25
  428. data/src/core/lib/security/credentials/jwt/jwt_credentials.c +45 -48
  429. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -26
  430. data/src/core/lib/security/credentials/jwt/jwt_verifier.c +53 -33
  431. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +10 -25
  432. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +155 -87
  433. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +24 -28
  434. data/src/core/lib/security/credentials/plugin/plugin_credentials.c +118 -82
  435. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +24 -27
  436. data/src/core/lib/security/credentials/ssl/ssl_credentials.c +13 -32
  437. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +10 -25
  438. data/src/core/lib/security/transport/auth_filters.h +10 -25
  439. data/src/core/lib/security/transport/client_auth_filter.c +217 -112
  440. data/src/core/lib/security/transport/lb_targets_info.c +16 -32
  441. data/src/core/lib/security/transport/lb_targets_info.h +10 -25
  442. data/src/core/lib/security/transport/secure_endpoint.c +29 -43
  443. data/src/core/lib/security/transport/secure_endpoint.h +10 -25
  444. data/src/core/lib/security/transport/security_connector.c +80 -61
  445. data/src/core/lib/security/transport/security_connector.h +35 -35
  446. data/src/core/lib/security/transport/security_handshaker.c +18 -33
  447. data/src/core/lib/security/transport/security_handshaker.h +10 -25
  448. data/src/core/lib/security/transport/server_auth_filter.c +62 -116
  449. data/src/core/lib/security/transport/tsi_error.c +10 -25
  450. data/src/core/lib/security/transport/tsi_error.h +10 -25
  451. data/src/core/lib/security/util/json_util.c +10 -25
  452. data/src/core/lib/security/util/json_util.h +10 -25
  453. data/src/core/lib/slice/b64.c +10 -25
  454. data/src/core/lib/slice/b64.h +10 -25
  455. data/src/core/lib/slice/percent_encoding.c +10 -25
  456. data/src/core/lib/slice/percent_encoding.h +10 -25
  457. data/src/core/lib/slice/slice.c +10 -25
  458. data/src/core/lib/slice/slice_buffer.c +10 -25
  459. data/src/core/lib/slice/slice_hash_table.c +48 -26
  460. data/src/core/lib/slice/slice_hash_table.h +26 -28
  461. data/src/core/lib/slice/slice_intern.c +10 -25
  462. data/src/core/lib/slice/slice_internal.h +10 -25
  463. data/src/core/lib/slice/slice_string_helpers.c +10 -25
  464. data/src/core/lib/slice/slice_string_helpers.h +10 -25
  465. data/src/core/lib/support/alloc.c +10 -25
  466. data/src/core/lib/support/arena.c +12 -27
  467. data/src/core/lib/support/arena.h +10 -25
  468. data/src/core/lib/support/atm.c +17 -32
  469. data/src/core/lib/support/atomic.h +10 -25
  470. data/src/core/lib/support/atomic_with_atm.h +10 -25
  471. data/src/core/lib/support/atomic_with_std.h +10 -25
  472. data/src/core/lib/support/avl.c +101 -101
  473. data/src/core/lib/support/backoff.c +10 -25
  474. data/src/core/lib/support/backoff.h +10 -25
  475. data/src/core/lib/support/block_annotate.h +10 -25
  476. data/src/core/lib/support/cmdline.c +10 -25
  477. data/src/core/lib/support/cpu_iphone.c +10 -25
  478. data/src/core/lib/support/cpu_linux.c +10 -25
  479. data/src/core/lib/support/cpu_posix.c +10 -25
  480. data/src/core/lib/support/cpu_windows.c +10 -25
  481. data/src/core/lib/support/env.h +16 -25
  482. data/src/core/lib/support/env_linux.c +30 -37
  483. data/src/core/lib/support/env_posix.c +15 -25
  484. data/src/core/lib/support/env_windows.c +15 -25
  485. data/src/core/lib/support/histogram.c +10 -25
  486. data/src/core/lib/support/host_port.c +10 -25
  487. data/src/core/lib/support/log.c +20 -29
  488. data/src/core/lib/support/log_android.c +10 -25
  489. data/src/core/lib/support/log_linux.c +13 -26
  490. data/src/core/lib/support/log_posix.c +10 -25
  491. data/src/core/lib/support/log_windows.c +10 -25
  492. data/src/core/lib/support/memory.h +10 -25
  493. data/src/core/lib/support/mpscq.c +11 -49
  494. data/src/core/lib/support/mpscq.h +11 -50
  495. data/src/core/lib/support/murmur_hash.c +12 -25
  496. data/src/core/lib/support/murmur_hash.h +10 -25
  497. data/src/core/lib/support/spinlock.h +10 -25
  498. data/src/core/lib/support/stack_lockfree.c +10 -25
  499. data/src/core/lib/support/stack_lockfree.h +10 -25
  500. data/src/core/lib/support/string.c +10 -25
  501. data/src/core/lib/support/string.h +10 -25
  502. data/src/core/lib/support/string_posix.c +10 -25
  503. data/src/core/lib/support/string_util_windows.c +10 -25
  504. data/src/core/lib/support/string_windows.c +10 -25
  505. data/src/core/lib/support/string_windows.h +10 -25
  506. data/src/core/lib/support/subprocess_posix.c +10 -25
  507. data/src/core/lib/support/subprocess_windows.c +10 -25
  508. data/src/core/lib/support/sync.c +10 -25
  509. data/src/core/lib/support/sync_posix.c +10 -25
  510. data/src/core/lib/support/sync_windows.c +10 -25
  511. data/src/core/lib/support/thd.c +10 -25
  512. data/src/core/lib/support/thd_internal.h +10 -25
  513. data/src/core/lib/support/thd_posix.c +10 -25
  514. data/src/core/lib/support/thd_windows.c +10 -25
  515. data/src/core/lib/support/time.c +10 -25
  516. data/src/core/lib/support/time_posix.c +10 -25
  517. data/src/core/lib/support/time_precise.c +18 -33
  518. data/src/core/lib/support/time_precise.h +10 -25
  519. data/src/core/lib/support/time_windows.c +10 -25
  520. data/src/core/lib/support/tls_pthread.c +10 -25
  521. data/src/core/lib/support/tmpfile.h +10 -25
  522. data/src/core/lib/support/tmpfile_msys.c +10 -25
  523. data/src/core/lib/support/tmpfile_posix.c +10 -25
  524. data/src/core/lib/support/tmpfile_windows.c +10 -25
  525. data/src/core/lib/support/wrap_memcpy.c +10 -25
  526. data/src/core/lib/surface/alarm.c +78 -35
  527. data/src/core/lib/surface/alarm_internal.h +40 -0
  528. data/src/core/lib/surface/api_trace.c +11 -26
  529. data/src/core/lib/surface/api_trace.h +10 -25
  530. data/src/core/lib/surface/byte_buffer.c +10 -25
  531. data/src/core/lib/surface/byte_buffer_reader.c +10 -25
  532. data/src/core/lib/surface/call.c +64 -84
  533. data/src/core/lib/surface/call.h +11 -26
  534. data/src/core/lib/surface/call_details.c +10 -25
  535. data/src/core/lib/surface/call_log_batch.c +10 -25
  536. data/src/core/lib/surface/call_test_only.h +10 -25
  537. data/src/core/lib/surface/channel.c +11 -26
  538. data/src/core/lib/surface/channel.h +11 -26
  539. data/src/core/lib/surface/channel_init.c +10 -25
  540. data/src/core/lib/surface/channel_init.h +10 -25
  541. data/src/core/lib/surface/channel_ping.c +12 -27
  542. data/src/core/lib/surface/channel_stack_type.c +10 -25
  543. data/src/core/lib/surface/channel_stack_type.h +10 -25
  544. data/src/core/lib/surface/completion_queue.c +442 -331
  545. data/src/core/lib/surface/completion_queue.h +16 -33
  546. data/src/core/lib/surface/completion_queue_factory.c +10 -25
  547. data/src/core/lib/surface/completion_queue_factory.h +10 -25
  548. data/src/core/lib/surface/event_string.c +10 -25
  549. data/src/core/lib/surface/event_string.h +10 -25
  550. data/src/core/lib/surface/init.c +38 -47
  551. data/src/core/lib/surface/init.h +10 -25
  552. data/src/core/lib/surface/init_secure.c +20 -27
  553. data/src/core/lib/surface/lame_client.cc +14 -29
  554. data/src/core/lib/surface/lame_client.h +10 -25
  555. data/src/core/lib/surface/metadata_array.c +10 -25
  556. data/src/core/lib/surface/server.c +128 -81
  557. data/src/core/lib/surface/server.h +10 -25
  558. data/src/core/lib/surface/validate_metadata.c +10 -25
  559. data/src/core/lib/surface/validate_metadata.h +10 -25
  560. data/src/core/lib/surface/version.c +11 -26
  561. data/src/core/lib/transport/bdp_estimator.c +19 -29
  562. data/src/core/lib/transport/bdp_estimator.h +16 -29
  563. data/src/core/lib/transport/byte_stream.c +127 -36
  564. data/src/core/lib/transport/byte_stream.h +88 -46
  565. data/src/core/lib/transport/connectivity_state.c +17 -31
  566. data/src/core/lib/transport/connectivity_state.h +10 -25
  567. data/src/core/lib/transport/error_utils.c +10 -25
  568. data/src/core/lib/transport/error_utils.h +10 -25
  569. data/src/core/lib/transport/http2_errors.h +10 -25
  570. data/src/core/lib/transport/metadata.c +87 -85
  571. data/src/core/lib/transport/metadata.h +15 -28
  572. data/src/core/lib/transport/metadata_batch.c +10 -25
  573. data/src/core/lib/transport/metadata_batch.h +10 -25
  574. data/src/core/lib/transport/pid_controller.c +10 -25
  575. data/src/core/lib/transport/pid_controller.h +10 -25
  576. data/src/core/lib/transport/service_config.c +11 -26
  577. data/src/core/lib/transport/service_config.h +10 -25
  578. data/src/core/lib/transport/static_metadata.c +12 -26
  579. data/src/core/lib/transport/static_metadata.h +10 -25
  580. data/src/core/lib/transport/status_conversion.c +10 -25
  581. data/src/core/lib/transport/status_conversion.h +10 -25
  582. data/src/core/lib/transport/timeout_encoding.c +10 -25
  583. data/src/core/lib/transport/timeout_encoding.h +10 -25
  584. data/src/core/lib/transport/transport.c +60 -53
  585. data/src/core/lib/transport/transport.h +36 -34
  586. data/src/core/lib/transport/transport_impl.h +10 -25
  587. data/src/core/lib/transport/transport_op_string.c +10 -28
  588. data/src/core/plugin_registry/grpc_plugin_registry.c +22 -25
  589. data/src/core/tsi/fake_transport_security.c +199 -94
  590. data/src/core/tsi/fake_transport_security.h +11 -26
  591. data/src/core/tsi/gts_transport_security.c +40 -0
  592. data/src/core/tsi/gts_transport_security.h +37 -0
  593. data/src/core/tsi/ssl_transport_security.c +13 -32
  594. data/src/core/tsi/ssl_transport_security.h +10 -25
  595. data/src/core/tsi/ssl_types.h +10 -25
  596. data/src/core/tsi/transport_security.c +48 -78
  597. data/src/core/tsi/transport_security.h +18 -27
  598. data/src/core/tsi/transport_security_adapter.c +17 -29
  599. data/src/core/tsi/transport_security_adapter.h +10 -25
  600. data/src/core/tsi/transport_security_grpc.c +64 -0
  601. data/src/core/tsi/transport_security_grpc.h +80 -0
  602. data/src/core/tsi/transport_security_interface.h +21 -27
  603. data/src/ruby/bin/apis/google/protobuf/empty.rb +10 -25
  604. data/src/ruby/bin/apis/pubsub_demo.rb +10 -25
  605. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +10 -25
  606. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +10 -25
  607. data/src/ruby/bin/math_client.rb +10 -25
  608. data/src/ruby/bin/math_server.rb +10 -25
  609. data/src/ruby/bin/math_services_pb.rb +10 -25
  610. data/src/ruby/bin/noproto_client.rb +10 -25
  611. data/src/ruby/bin/noproto_server.rb +10 -25
  612. data/src/ruby/ext/grpc/extconf.rb +10 -25
  613. data/src/ruby/ext/grpc/rb_byte_buffer.c +10 -25
  614. data/src/ruby/ext/grpc/rb_byte_buffer.h +10 -25
  615. data/src/ruby/ext/grpc/rb_call.c +44 -25
  616. data/src/ruby/ext/grpc/rb_call.h +10 -25
  617. data/src/ruby/ext/grpc/rb_call_credentials.c +10 -25
  618. data/src/ruby/ext/grpc/rb_call_credentials.h +10 -25
  619. data/src/ruby/ext/grpc/rb_channel.c +10 -25
  620. data/src/ruby/ext/grpc/rb_channel.h +10 -25
  621. data/src/ruby/ext/grpc/rb_channel_args.c +10 -25
  622. data/src/ruby/ext/grpc/rb_channel_args.h +10 -25
  623. data/src/ruby/ext/grpc/rb_channel_credentials.c +10 -25
  624. data/src/ruby/ext/grpc/rb_channel_credentials.h +10 -25
  625. data/src/ruby/ext/grpc/rb_completion_queue.c +10 -25
  626. data/src/ruby/ext/grpc/rb_completion_queue.h +10 -25
  627. data/src/ruby/ext/grpc/rb_compression_options.c +10 -25
  628. data/src/ruby/ext/grpc/rb_compression_options.h +10 -25
  629. data/src/ruby/ext/grpc/rb_event_thread.c +10 -25
  630. data/src/ruby/ext/grpc/rb_event_thread.h +10 -25
  631. data/src/ruby/ext/grpc/rb_grpc.c +10 -25
  632. data/src/ruby/ext/grpc/rb_grpc.h +10 -25
  633. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +10 -25
  634. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +16 -31
  635. data/src/ruby/ext/grpc/rb_loader.c +10 -25
  636. data/src/ruby/ext/grpc/rb_loader.h +10 -25
  637. data/src/ruby/ext/grpc/rb_server.c +10 -25
  638. data/src/ruby/ext/grpc/rb_server.h +10 -25
  639. data/src/ruby/ext/grpc/rb_server_credentials.c +10 -25
  640. data/src/ruby/ext/grpc/rb_server_credentials.h +10 -25
  641. data/src/ruby/lib/grpc.rb +10 -25
  642. data/src/ruby/lib/grpc/core/time_consts.rb +10 -25
  643. data/src/ruby/lib/grpc/errors.rb +16 -30
  644. data/src/ruby/lib/grpc/generic/active_call.rb +25 -27
  645. data/src/ruby/lib/grpc/generic/bidi_call.rb +17 -27
  646. data/src/ruby/lib/grpc/generic/client_stub.rb +10 -25
  647. data/src/ruby/lib/grpc/generic/rpc_desc.rb +10 -25
  648. data/src/ruby/lib/grpc/generic/rpc_server.rb +10 -25
  649. data/src/ruby/lib/grpc/generic/service.rb +10 -25
  650. data/src/ruby/lib/grpc/grpc.rb +10 -25
  651. data/src/ruby/lib/grpc/logconfig.rb +10 -25
  652. data/src/ruby/lib/grpc/notifier.rb +10 -25
  653. data/src/ruby/lib/grpc/version.rb +11 -26
  654. data/src/ruby/pb/generate_proto_ruby.sh +10 -25
  655. data/src/ruby/pb/grpc/health/checker.rb +10 -25
  656. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +10 -25
  657. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +10 -25
  658. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +10 -25
  659. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +10 -25
  660. data/src/ruby/pb/test/client.rb +10 -25
  661. data/src/ruby/pb/test/server.rb +10 -25
  662. data/src/ruby/spec/call_credentials_spec.rb +10 -25
  663. data/src/ruby/spec/call_spec.rb +43 -25
  664. data/src/ruby/spec/channel_connection_spec.rb +10 -25
  665. data/src/ruby/spec/channel_credentials_spec.rb +11 -26
  666. data/src/ruby/spec/channel_spec.rb +10 -25
  667. data/src/ruby/spec/client_auth_spec.rb +10 -25
  668. data/src/ruby/spec/client_server_spec.rb +66 -25
  669. data/src/ruby/spec/compression_options_spec.rb +10 -25
  670. data/src/ruby/spec/error_sanity_spec.rb +10 -25
  671. data/src/ruby/spec/generic/active_call_spec.rb +10 -25
  672. data/src/ruby/spec/generic/client_stub_spec.rb +146 -35
  673. data/src/ruby/spec/generic/rpc_desc_spec.rb +10 -25
  674. data/src/ruby/spec/generic/rpc_server_pool_spec.rb +10 -25
  675. data/src/ruby/spec/generic/rpc_server_spec.rb +124 -34
  676. data/src/ruby/spec/generic/service_spec.rb +10 -25
  677. data/src/ruby/spec/pb/duplicate/codegen_spec.rb +10 -25
  678. data/src/ruby/spec/pb/health/checker_spec.rb +10 -25
  679. data/src/ruby/spec/server_credentials_spec.rb +10 -25
  680. data/src/ruby/spec/server_spec.rb +10 -25
  681. data/src/ruby/spec/spec_helper.rb +10 -25
  682. data/src/ruby/spec/time_consts_spec.rb +10 -25
  683. data/third_party/boringssl/crypto/aes/key_wrap.c +138 -0
  684. data/third_party/boringssl/crypto/asn1/a_bitstr.c +6 -3
  685. data/third_party/boringssl/crypto/asn1/a_enum.c +4 -1
  686. data/third_party/boringssl/crypto/asn1/a_gentm.c +20 -15
  687. data/third_party/boringssl/crypto/asn1/a_int.c +7 -4
  688. data/third_party/boringssl/crypto/asn1/a_object.c +5 -2
  689. data/third_party/boringssl/crypto/asn1/a_time.c +0 -1
  690. data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -2
  691. data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -2
  692. data/third_party/boringssl/crypto/asn1/asn1_locl.h +35 -0
  693. data/third_party/boringssl/crypto/asn1/tasn_dec.c +3 -1
  694. data/third_party/boringssl/crypto/asn1/tasn_enc.c +6 -3
  695. data/third_party/boringssl/crypto/asn1/tasn_new.c +12 -7
  696. data/third_party/boringssl/crypto/asn1/tasn_utl.c +22 -8
  697. data/third_party/boringssl/crypto/{time_support.c → asn1/time_support.c} +1 -1
  698. data/third_party/boringssl/crypto/asn1/x_long.c +5 -2
  699. data/third_party/boringssl/crypto/base64/base64.c +7 -5
  700. data/third_party/boringssl/crypto/bio/bio.c +24 -10
  701. data/third_party/boringssl/crypto/bio/bio_mem.c +12 -10
  702. data/third_party/boringssl/crypto/bio/connect.c +7 -18
  703. data/third_party/boringssl/crypto/bio/fd.c +3 -6
  704. data/third_party/boringssl/crypto/bio/file.c +6 -6
  705. data/third_party/boringssl/crypto/bio/hexdump.c +4 -2
  706. data/third_party/boringssl/crypto/bio/pair.c +30 -344
  707. data/third_party/boringssl/crypto/bio/socket.c +6 -7
  708. data/third_party/boringssl/crypto/bio/socket_helper.c +4 -3
  709. data/third_party/boringssl/crypto/bn/add.c +1 -1
  710. data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +11 -10
  711. data/third_party/boringssl/crypto/bn/bn.c +6 -20
  712. data/third_party/boringssl/crypto/bn/cmp.c +14 -0
  713. data/third_party/boringssl/crypto/bn/convert.c +73 -2
  714. data/third_party/boringssl/crypto/bn/ctx.c +3 -1
  715. data/third_party/boringssl/crypto/bn/div.c +108 -51
  716. data/third_party/boringssl/crypto/bn/exponentiation.c +15 -33
  717. data/third_party/boringssl/crypto/bn/gcd.c +29 -22
  718. data/third_party/boringssl/crypto/bn/generic.c +71 -67
  719. data/third_party/boringssl/crypto/bn/internal.h +19 -6
  720. data/third_party/boringssl/crypto/bn/kronecker.c +1 -0
  721. data/third_party/boringssl/crypto/bn/montgomery.c +9 -10
  722. data/third_party/boringssl/crypto/bn/montgomery_inv.c +47 -0
  723. data/third_party/boringssl/crypto/bn/mul.c +11 -9
  724. data/third_party/boringssl/crypto/bn/random.c +6 -3
  725. data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -65
  726. data/third_party/boringssl/crypto/bn/rsaz_exp.h +0 -3
  727. data/third_party/boringssl/crypto/bn/shift.c +9 -1
  728. data/third_party/boringssl/crypto/bn/sqrt.c +3 -1
  729. data/third_party/boringssl/crypto/buf/buf.c +6 -4
  730. data/third_party/boringssl/crypto/bytestring/asn1_compat.c +2 -1
  731. data/third_party/boringssl/crypto/bytestring/ber.c +2 -1
  732. data/third_party/boringssl/crypto/bytestring/cbb.c +9 -7
  733. data/third_party/boringssl/crypto/bytestring/cbs.c +54 -2
  734. data/third_party/boringssl/crypto/chacha/chacha.c +1 -1
  735. data/third_party/boringssl/crypto/cipher/aead.c +3 -3
  736. data/third_party/boringssl/crypto/cipher/cipher.c +18 -13
  737. data/third_party/boringssl/crypto/cipher/e_aes.c +335 -281
  738. data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +113 -137
  739. data/third_party/boringssl/crypto/cipher/e_null.c +2 -1
  740. data/third_party/boringssl/crypto/cipher/e_rc2.c +54 -49
  741. data/third_party/boringssl/crypto/cipher/e_ssl3.c +4 -3
  742. data/third_party/boringssl/crypto/cipher/e_tls.c +5 -5
  743. data/third_party/boringssl/crypto/cipher/tls_cbc.c +41 -112
  744. data/third_party/boringssl/crypto/cmac/cmac.c +6 -4
  745. data/third_party/boringssl/crypto/conf/conf.c +6 -3
  746. data/third_party/boringssl/crypto/cpu-arm-linux.c +2 -2
  747. data/third_party/boringssl/crypto/curve25519/curve25519.c +28 -34
  748. data/third_party/boringssl/crypto/curve25519/spake25519.c +7 -6
  749. data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +2 -1
  750. data/third_party/boringssl/crypto/des/des.c +1 -1
  751. data/third_party/boringssl/crypto/des/internal.h +58 -46
  752. data/third_party/boringssl/crypto/dh/dh.c +4 -8
  753. data/third_party/boringssl/crypto/digest/digest.c +5 -2
  754. data/third_party/boringssl/crypto/digest/digests.c +70 -33
  755. data/third_party/boringssl/crypto/digest/md32_common.h +39 -27
  756. data/third_party/boringssl/crypto/dsa/dsa.c +11 -19
  757. data/third_party/boringssl/crypto/ec/ec.c +1 -1
  758. data/third_party/boringssl/crypto/ec/ec_asn1.c +3 -2
  759. data/third_party/boringssl/crypto/ec/ec_key.c +1 -1
  760. data/third_party/boringssl/crypto/ec/ec_montgomery.c +6 -11
  761. data/third_party/boringssl/crypto/ec/oct.c +2 -14
  762. data/third_party/boringssl/crypto/ec/p224-64.c +78 -122
  763. data/third_party/boringssl/crypto/ec/p256-64.c +93 -133
  764. data/third_party/boringssl/crypto/ec/p256-x86_64.c +48 -61
  765. data/third_party/boringssl/crypto/ec/p256-x86_64.h +113 -0
  766. data/third_party/boringssl/crypto/ec/simple.c +2 -1
  767. data/third_party/boringssl/crypto/ec/wnaf.c +52 -43
  768. data/third_party/boringssl/crypto/ecdh/ecdh.c +4 -2
  769. data/third_party/boringssl/crypto/ecdsa/ecdsa.c +17 -16
  770. data/third_party/boringssl/crypto/engine/engine.c +3 -1
  771. data/third_party/boringssl/crypto/err/err.c +5 -5
  772. data/third_party/boringssl/crypto/evp/evp.c +1 -1
  773. data/third_party/boringssl/crypto/evp/evp_asn1.c +1 -1
  774. data/third_party/boringssl/crypto/evp/evp_ctx.c +23 -29
  775. data/third_party/boringssl/crypto/evp/p_ec.c +2 -1
  776. data/third_party/boringssl/crypto/evp/p_rsa.c +9 -3
  777. data/third_party/boringssl/crypto/evp/pbkdf.c +3 -1
  778. data/third_party/boringssl/crypto/hkdf/hkdf.c +3 -1
  779. data/third_party/boringssl/crypto/hmac/hmac.c +4 -2
  780. data/third_party/boringssl/crypto/internal.h +81 -0
  781. data/third_party/boringssl/crypto/lhash/lhash.c +7 -13
  782. data/third_party/boringssl/crypto/md4/md4.c +20 -18
  783. data/third_party/boringssl/crypto/md5/md5.c +31 -21
  784. data/third_party/boringssl/crypto/mem.c +4 -10
  785. data/third_party/boringssl/crypto/modes/cbc.c +2 -6
  786. data/third_party/boringssl/crypto/modes/cfb.c +2 -2
  787. data/third_party/boringssl/crypto/modes/ctr.c +1 -1
  788. data/third_party/boringssl/crypto/modes/gcm.c +117 -334
  789. data/third_party/boringssl/crypto/modes/internal.h +107 -84
  790. data/third_party/boringssl/crypto/modes/ofb.c +3 -3
  791. data/third_party/boringssl/crypto/modes/polyval.c +94 -0
  792. data/third_party/boringssl/crypto/obj/obj.c +13 -8
  793. data/third_party/boringssl/crypto/obj/obj_dat.h +6109 -5187
  794. data/third_party/boringssl/crypto/obj/obj_xref.c +55 -57
  795. data/third_party/boringssl/crypto/pem/pem_lib.c +6 -3
  796. data/third_party/boringssl/crypto/pkcs8/internal.h +27 -8
  797. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +137 -352
  798. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +371 -364
  799. data/third_party/boringssl/crypto/poly1305/poly1305.c +12 -18
  800. data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +2 -2
  801. data/third_party/boringssl/crypto/{newhope/reduce.c → pool/internal.h} +24 -21
  802. data/third_party/boringssl/crypto/pool/pool.c +200 -0
  803. data/third_party/boringssl/crypto/rand/deterministic.c +6 -5
  804. data/third_party/boringssl/crypto/rand/fuchsia.c +43 -0
  805. data/third_party/boringssl/crypto/rand/rand.c +7 -7
  806. data/third_party/boringssl/crypto/rand/urandom.c +136 -22
  807. data/third_party/boringssl/crypto/rand/windows.c +2 -2
  808. data/third_party/boringssl/crypto/rsa/blinding.c +2 -1
  809. data/third_party/boringssl/crypto/rsa/padding.c +11 -11
  810. data/third_party/boringssl/crypto/rsa/rsa.c +4 -4
  811. data/third_party/boringssl/crypto/rsa/rsa_asn1.c +7 -1
  812. data/third_party/boringssl/crypto/rsa/rsa_impl.c +41 -80
  813. data/third_party/boringssl/crypto/sha/sha1-altivec.c +346 -0
  814. data/third_party/boringssl/crypto/sha/sha1.c +60 -42
  815. data/third_party/boringssl/crypto/sha/sha256.c +4 -2
  816. data/third_party/boringssl/crypto/sha/sha512.c +9 -7
  817. data/third_party/boringssl/crypto/stack/stack.c +10 -7
  818. data/third_party/boringssl/crypto/thread_pthread.c +2 -2
  819. data/third_party/boringssl/crypto/thread_win.c +2 -2
  820. data/third_party/boringssl/crypto/x509/a_verify.c +1 -1
  821. data/third_party/boringssl/crypto/x509/asn1_gen.c +1 -1
  822. data/third_party/boringssl/crypto/x509/by_dir.c +1 -1
  823. data/third_party/boringssl/crypto/x509/t_x509.c +78 -38
  824. data/third_party/boringssl/crypto/x509/x509_cmp.c +8 -5
  825. data/third_party/boringssl/crypto/x509/x509_lu.c +6 -1
  826. data/third_party/boringssl/crypto/x509/x509_obj.c +4 -1
  827. data/third_party/boringssl/crypto/x509/x509_vfy.c +42 -8
  828. data/third_party/boringssl/crypto/x509/x509_vpm.c +8 -6
  829. data/third_party/boringssl/crypto/x509/x509name.c +4 -1
  830. data/third_party/boringssl/crypto/x509/x_crl.c +4 -2
  831. data/third_party/boringssl/crypto/x509/x_name.c +23 -13
  832. data/third_party/boringssl/crypto/x509/x_pkey.c +4 -1
  833. data/third_party/boringssl/crypto/x509/x_x509.c +42 -3
  834. data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
  835. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +2 -1
  836. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +1 -1
  837. data/third_party/boringssl/crypto/x509v3/v3_ia5.c +4 -1
  838. data/third_party/boringssl/crypto/x509v3/v3_ncons.c +4 -1
  839. data/third_party/boringssl/crypto/x509v3/v3_pci.c +6 -3
  840. data/third_party/boringssl/crypto/x509v3/v3_purp.c +13 -21
  841. data/third_party/boringssl/crypto/x509v3/v3_utl.c +19 -33
  842. data/third_party/boringssl/include/openssl/aead.h +9 -20
  843. data/third_party/boringssl/include/openssl/aes.h +21 -9
  844. data/third_party/boringssl/include/openssl/asn1.h +9 -1
  845. data/third_party/boringssl/include/openssl/base.h +33 -6
  846. data/third_party/boringssl/include/openssl/bio.h +10 -103
  847. data/third_party/boringssl/include/openssl/bn.h +58 -42
  848. data/third_party/boringssl/include/openssl/bytestring.h +17 -0
  849. data/third_party/boringssl/include/openssl/cipher.h +4 -3
  850. data/third_party/boringssl/include/openssl/conf.h +4 -1
  851. data/third_party/boringssl/include/openssl/curve25519.h +13 -0
  852. data/third_party/boringssl/include/openssl/digest.h +5 -3
  853. data/third_party/boringssl/include/openssl/dsa.h +5 -5
  854. data/third_party/boringssl/include/openssl/ec.h +2 -2
  855. data/third_party/boringssl/include/openssl/ecdh.h +3 -4
  856. data/third_party/boringssl/include/openssl/ecdsa.h +10 -10
  857. data/third_party/boringssl/include/openssl/err.h +5 -5
  858. data/third_party/boringssl/include/openssl/evp.h +11 -7
  859. data/third_party/boringssl/include/openssl/lhash.h +2 -3
  860. data/third_party/boringssl/include/openssl/lhash_macros.h +56 -14
  861. data/third_party/boringssl/include/openssl/nid.h +2949 -2916
  862. data/third_party/boringssl/include/openssl/obj.h +1 -1
  863. data/third_party/boringssl/include/openssl/pkcs8.h +21 -42
  864. data/third_party/boringssl/include/openssl/pool.h +87 -0
  865. data/third_party/boringssl/include/openssl/rand.h +1 -1
  866. data/third_party/boringssl/include/openssl/rsa.h +4 -2
  867. data/third_party/boringssl/include/openssl/sha.h +0 -4
  868. data/third_party/boringssl/include/openssl/ssl.h +327 -662
  869. data/third_party/boringssl/include/openssl/ssl3.h +1 -21
  870. data/third_party/boringssl/include/openssl/stack.h +1 -0
  871. data/third_party/boringssl/include/openssl/stack_macros.h +85 -0
  872. data/third_party/boringssl/include/openssl/tls1.h +23 -52
  873. data/third_party/boringssl/include/openssl/type_check.h +4 -0
  874. data/third_party/boringssl/include/openssl/x509.h +10 -59
  875. data/third_party/boringssl/include/openssl/x509_vfy.h +7 -1
  876. data/third_party/boringssl/include/openssl/x509v3.h +4 -4
  877. data/third_party/boringssl/ssl/bio_ssl.c +175 -0
  878. data/third_party/boringssl/ssl/custom_extensions.c +24 -21
  879. data/third_party/boringssl/ssl/d1_both.c +259 -289
  880. data/third_party/boringssl/ssl/d1_lib.c +8 -20
  881. data/third_party/boringssl/ssl/d1_pkt.c +6 -15
  882. data/third_party/boringssl/ssl/dtls_method.c +22 -8
  883. data/third_party/boringssl/ssl/dtls_record.c +27 -2
  884. data/third_party/boringssl/ssl/handshake_client.c +460 -579
  885. data/third_party/boringssl/ssl/handshake_server.c +662 -644
  886. data/third_party/boringssl/ssl/internal.h +1009 -375
  887. data/third_party/boringssl/ssl/s3_both.c +312 -162
  888. data/third_party/boringssl/ssl/s3_lib.c +12 -128
  889. data/third_party/boringssl/ssl/s3_pkt.c +22 -30
  890. data/third_party/boringssl/ssl/ssl_aead_ctx.c +28 -22
  891. data/third_party/boringssl/ssl/ssl_asn1.c +210 -114
  892. data/third_party/boringssl/ssl/ssl_buffer.c +2 -1
  893. data/third_party/boringssl/ssl/ssl_cert.c +417 -219
  894. data/third_party/boringssl/ssl/ssl_cipher.c +191 -393
  895. data/third_party/boringssl/ssl/ssl_ecdh.c +19 -164
  896. data/third_party/boringssl/ssl/ssl_file.c +0 -11
  897. data/third_party/boringssl/ssl/ssl_lib.c +325 -652
  898. data/third_party/boringssl/ssl/{ssl_rsa.c → ssl_privkey.c} +21 -131
  899. data/third_party/boringssl/ssl/ssl_privkey_cc.cc +76 -0
  900. data/third_party/boringssl/ssl/ssl_session.c +206 -95
  901. data/third_party/boringssl/ssl/ssl_stat.c +18 -84
  902. data/third_party/boringssl/ssl/{s3_enc.c → ssl_transcript.c} +150 -157
  903. data/third_party/boringssl/ssl/ssl_x509.c +815 -0
  904. data/third_party/boringssl/ssl/t1_enc.c +188 -174
  905. data/third_party/boringssl/ssl/t1_lib.c +1064 -764
  906. data/third_party/boringssl/ssl/tls13_both.c +290 -96
  907. data/third_party/boringssl/ssl/tls13_client.c +344 -314
  908. data/third_party/boringssl/ssl/tls13_enc.c +239 -200
  909. data/third_party/boringssl/ssl/tls13_server.c +374 -366
  910. data/third_party/boringssl/ssl/tls_method.c +40 -5
  911. data/third_party/boringssl/ssl/tls_record.c +166 -71
  912. metadata +39 -25
  913. data/src/core/lib/iomgr/workqueue.h +0 -87
  914. data/src/core/lib/iomgr/workqueue_uv.c +0 -65
  915. data/src/core/lib/iomgr/workqueue_uv.h +0 -37
  916. data/src/core/lib/iomgr/workqueue_windows.c +0 -63
  917. data/src/core/lib/iomgr/workqueue_windows.h +0 -37
  918. data/third_party/boringssl/crypto/bio/buffer.c +0 -496
  919. data/third_party/boringssl/crypto/newhope/error_correction.c +0 -131
  920. data/third_party/boringssl/crypto/newhope/internal.h +0 -71
  921. data/third_party/boringssl/crypto/newhope/newhope.c +0 -174
  922. data/third_party/boringssl/crypto/newhope/ntt.c +0 -148
  923. data/third_party/boringssl/crypto/newhope/poly.c +0 -183
  924. data/third_party/boringssl/crypto/newhope/precomp.c +0 -306
  925. data/third_party/boringssl/crypto/obj/obj_xref.h +0 -96
  926. data/third_party/boringssl/crypto/pkcs8/p5_pbe.c +0 -151
  927. data/third_party/boringssl/include/openssl/newhope.h +0 -158
  928. data/third_party/boringssl/include/openssl/time_support.h +0 -91
data/third_party/boringssl/ssl/ssl_cipher.c CHANGED
@@ -343,50 +343,39 @@ static const SSL_CIPHER kCiphers[] = {
343
343
  SSL_HANDSHAKE_MAC_SHA384,
344
344
  },
345
345
 
346
- /* CECPQ1 (combined elliptic curve + post-quantum) suites. */
346
+ /* TLS 1.3 suites. */
347
347
 
348
- /* Cipher 16B7 */
348
+ /* Cipher 1301 */
349
349
  {
350
- TLS1_TXT_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256,
351
- TLS1_CK_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256,
352
- SSL_kCECPQ1,
353
- SSL_aRSA,
354
- SSL_CHACHA20POLY1305,
355
- SSL_AEAD,
356
- SSL_HANDSHAKE_MAC_SHA256,
357
- },
358
-
359
- /* Cipher 16B8 */
360
- {
361
- TLS1_TXT_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
362
- TLS1_CK_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
363
- SSL_kCECPQ1,
364
- SSL_aECDSA,
365
- SSL_CHACHA20POLY1305,
366
- SSL_AEAD,
367
- SSL_HANDSHAKE_MAC_SHA256,
350
+ TLS1_TXT_AES_128_GCM_SHA256,
351
+ TLS1_CK_AES_128_GCM_SHA256,
352
+ SSL_kGENERIC,
353
+ SSL_aGENERIC,
354
+ SSL_AES128GCM,
355
+ SSL_AEAD,
356
+ SSL_HANDSHAKE_MAC_SHA256,
368
357
  },
369
358
 
370
- /* Cipher 16B9 */
359
+ /* Cipher 1302 */
371
360
  {
372
- TLS1_TXT_CECPQ1_RSA_WITH_AES_256_GCM_SHA384,
373
- TLS1_CK_CECPQ1_RSA_WITH_AES_256_GCM_SHA384,
374
- SSL_kCECPQ1,
375
- SSL_aRSA,
376
- SSL_AES256GCM,
377
- SSL_AEAD,
378
- SSL_HANDSHAKE_MAC_SHA384,
361
+ TLS1_TXT_AES_256_GCM_SHA384,
362
+ TLS1_CK_AES_256_GCM_SHA384,
363
+ SSL_kGENERIC,
364
+ SSL_aGENERIC,
365
+ SSL_AES256GCM,
366
+ SSL_AEAD,
367
+ SSL_HANDSHAKE_MAC_SHA384,
379
368
  },
380
369
 
381
- /* Cipher 16BA */
370
+ /* Cipher 1303 */
382
371
  {
383
- TLS1_TXT_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384,
384
- TLS1_CK_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384,
385
- SSL_kCECPQ1,
386
- SSL_aECDSA,
387
- SSL_AES256GCM,
388
- SSL_AEAD,
389
- SSL_HANDSHAKE_MAC_SHA384,
372
+ TLS1_TXT_CHACHA20_POLY1305_SHA256,
373
+ TLS1_CK_CHACHA20_POLY1305_SHA256,
374
+ SSL_kGENERIC,
375
+ SSL_aGENERIC,
376
+ SSL_CHACHA20POLY1305,
377
+ SSL_AEAD,
378
+ SSL_HANDSHAKE_MAC_SHA256,
390
379
  },
391
380
 
392
381
  /* Cipher C009 */
@@ -553,28 +542,6 @@ static const SSL_CIPHER kCiphers[] = {
553
542
 
554
543
  /* ChaCha20-Poly1305 cipher suites. */
555
544
 
556
- #if !defined(BORINGSSL_ANDROID_SYSTEM)
557
- {
558
- TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD,
559
- TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD,
560
- SSL_kECDHE,
561
- SSL_aRSA,
562
- SSL_CHACHA20POLY1305_OLD,
563
- SSL_AEAD,
564
- SSL_HANDSHAKE_MAC_SHA256,
565
- },
566
-
567
- {
568
- TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD,
569
- TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD,
570
- SSL_kECDHE,
571
- SSL_aECDSA,
572
- SSL_CHACHA20POLY1305_OLD,
573
- SSL_AEAD,
574
- SSL_HANDSHAKE_MAC_SHA256,
575
- },
576
- #endif
577
-
578
545
  /* Cipher CCA8 */
579
546
  {
580
547
  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
@@ -608,28 +575,6 @@ static const SSL_CIPHER kCiphers[] = {
608
575
  SSL_HANDSHAKE_MAC_SHA256,
609
576
  },
610
577
 
611
- /* Cipher D001 */
612
- {
613
- TLS1_TXT_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
614
- TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
615
- SSL_kECDHE,
616
- SSL_aPSK,
617
- SSL_AES128GCM,
618
- SSL_AEAD,
619
- SSL_HANDSHAKE_MAC_SHA256,
620
- },
621
-
622
- /* Cipher D002 */
623
- {
624
- TLS1_TXT_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
625
- TLS1_CK_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
626
- SSL_kECDHE,
627
- SSL_aPSK,
628
- SSL_AES256GCM,
629
- SSL_AEAD,
630
- SSL_HANDSHAKE_MAC_SHA384,
631
- },
632
-
633
578
  };
634
579
 
635
580
  static const size_t kCiphersLen = OPENSSL_ARRAY_SIZE(kCiphers);
@@ -666,9 +611,8 @@ typedef struct cipher_alias_st {
666
611
  } CIPHER_ALIAS;
667
612
 
668
613
  static const CIPHER_ALIAS kCipherAliases[] = {
669
- /* "ALL" doesn't include eNULL nor kCECPQ1. These must be explicitly
670
- * enabled. */
671
- {"ALL", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, 0},
614
+ /* "ALL" doesn't include eNULL. It must be explicitly enabled. */
615
+ {"ALL", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
672
616
 
673
617
  /* The "COMPLEMENTOFDEFAULT" rule is omitted. It matches nothing. */
674
618
 
@@ -683,16 +627,15 @@ static const CIPHER_ALIAS kCipherAliases[] = {
683
627
  {"DH", SSL_kDHE, ~0u, ~0u, ~0u, 0},
684
628
 
685
629
  {"kECDHE", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
686
- {"kCECPQ1", SSL_kCECPQ1, ~0u, ~0u, ~0u, 0},
687
630
  {"kEECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
688
631
  {"ECDH", SSL_kECDHE, ~0u, ~0u, ~0u, 0},
689
632
 
690
633
  {"kPSK", SSL_kPSK, ~0u, ~0u, ~0u, 0},
691
634
 
692
635
  /* server authentication aliases */
693
- {"aRSA", ~SSL_kCECPQ1, SSL_aRSA, ~SSL_eNULL, ~0u, 0},
694
- {"aECDSA", ~SSL_kCECPQ1, SSL_aECDSA, ~0u, ~0u, 0},
695
- {"ECDSA", ~SSL_kCECPQ1, SSL_aECDSA, ~0u, ~0u, 0},
636
+ {"aRSA", ~0u, SSL_aRSA, ~SSL_eNULL, ~0u, 0},
637
+ {"aECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0},
638
+ {"ECDSA", ~0u, SSL_aECDSA, ~0u, ~0u, 0},
696
639
  {"aPSK", ~0u, SSL_aPSK, ~0u, ~0u, 0},
697
640
 
698
641
  /* aliases combining key exchange and server authentication */
@@ -706,28 +649,26 @@ static const CIPHER_ALIAS kCipherAliases[] = {
706
649
  /* symmetric encryption aliases */
707
650
  {"3DES", ~0u, ~0u, SSL_3DES, ~0u, 0},
708
651
  {"AES128", ~0u, ~0u, SSL_AES128 | SSL_AES128GCM, ~0u, 0},
709
- {"AES256", ~SSL_kCECPQ1, ~0u, SSL_AES256 | SSL_AES256GCM, ~0u, 0},
710
- {"AES", ~SSL_kCECPQ1, ~0u, SSL_AES, ~0u, 0},
711
- {"AESGCM", ~SSL_kCECPQ1, ~0u, SSL_AES128GCM | SSL_AES256GCM, ~0u, 0},
712
- {"CHACHA20", ~SSL_kCECPQ1, ~0u, SSL_CHACHA20POLY1305 | SSL_CHACHA20POLY1305_OLD, ~0u,
713
- 0},
652
+ {"AES256", ~0u, ~0u, SSL_AES256 | SSL_AES256GCM, ~0u, 0},
653
+ {"AES", ~0u, ~0u, SSL_AES, ~0u, 0},
654
+ {"AESGCM", ~0u, ~0u, SSL_AES128GCM | SSL_AES256GCM, ~0u, 0},
655
+ {"CHACHA20", ~0u, ~0u, SSL_CHACHA20POLY1305, ~0u, 0},
714
656
 
715
657
  /* MAC aliases */
716
- {"MD5", ~0u, ~0u, ~0u, SSL_MD5, 0},
717
658
  {"SHA1", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0},
718
659
  {"SHA", ~0u, ~0u, ~SSL_eNULL, SSL_SHA1, 0},
719
- {"SHA256", ~SSL_kCECPQ1, ~0u, ~0u, SSL_SHA256, 0},
720
- {"SHA384", ~SSL_kCECPQ1, ~0u, ~0u, SSL_SHA384, 0},
660
+ {"SHA256", ~0u, ~0u, ~0u, SSL_SHA256, 0},
661
+ {"SHA384", ~0u, ~0u, ~0u, SSL_SHA384, 0},
721
662
 
722
663
  /* Legacy protocol minimum version aliases. "TLSv1" is intentionally the
723
664
  * same as "SSLv3". */
724
- {"SSLv3", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
725
- {"TLSv1", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
726
- {"TLSv1.2", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, TLS1_2_VERSION},
665
+ {"SSLv3", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
666
+ {"TLSv1", ~0u, ~0u, ~SSL_eNULL, ~0u, SSL3_VERSION},
667
+ {"TLSv1.2", ~0u, ~0u, ~SSL_eNULL, ~0u, TLS1_2_VERSION},
727
668
 
728
669
  /* Legacy strength classes. */
729
- {"HIGH", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, 0},
730
- {"FIPS", ~SSL_kCECPQ1, ~0u, ~SSL_eNULL, ~0u, 0},
670
+ {"HIGH", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
671
+ {"FIPS", ~0u, ~0u, ~SSL_eNULL, ~0u, 0},
731
672
  };
732
673
 
733
674
  static const size_t kCipherAliasesLen = OPENSSL_ARRAY_SIZE(kCipherAliases);
@@ -745,10 +686,6 @@ static int ssl_cipher_id_cmp(const void *in_a, const void *in_b) {
745
686
  }
746
687
  }
747
688
 
748
- static int ssl_cipher_ptr_id_cmp(const SSL_CIPHER **a, const SSL_CIPHER **b) {
749
- return ssl_cipher_id_cmp(*a, *b);
750
- }
751
-
752
689
  const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
753
690
  SSL_CIPHER c;
754
691
 
@@ -765,132 +702,96 @@ int ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
765
702
  *out_mac_secret_len = 0;
766
703
  *out_fixed_iv_len = 0;
767
704
 
768
- switch (cipher->algorithm_enc) {
769
- case SSL_AES128GCM:
705
+ if (cipher->algorithm_mac == SSL_AEAD) {
706
+ if (cipher->algorithm_enc == SSL_AES128GCM) {
770
707
  *out_aead = EVP_aead_aes_128_gcm();
771
708
  *out_fixed_iv_len = 4;
772
- break;
773
-
774
- case SSL_AES256GCM:
709
+ } else if (cipher->algorithm_enc == SSL_AES256GCM) {
775
710
  *out_aead = EVP_aead_aes_256_gcm();
776
711
  *out_fixed_iv_len = 4;
777
- break;
778
-
779
- #if !defined(BORINGSSL_ANDROID_SYSTEM)
780
- case SSL_CHACHA20POLY1305_OLD:
781
- *out_aead = EVP_aead_chacha20_poly1305_old();
782
- *out_fixed_iv_len = 0;
783
- break;
784
- #endif
785
-
786
- case SSL_CHACHA20POLY1305:
712
+ } else if (cipher->algorithm_enc == SSL_CHACHA20POLY1305) {
787
713
  *out_aead = EVP_aead_chacha20_poly1305();
788
714
  *out_fixed_iv_len = 12;
789
- break;
715
+ } else {
716
+ return 0;
717
+ }
790
718
 
791
- case SSL_AES128:
792
- switch (cipher->algorithm_mac) {
793
- case SSL_SHA1:
794
- if (version == SSL3_VERSION) {
795
- *out_aead = EVP_aead_aes_128_cbc_sha1_ssl3();
796
- *out_fixed_iv_len = 16;
797
- } else if (version == TLS1_VERSION) {
798
- *out_aead = EVP_aead_aes_128_cbc_sha1_tls_implicit_iv();
799
- *out_fixed_iv_len = 16;
800
- } else {
801
- *out_aead = EVP_aead_aes_128_cbc_sha1_tls();
802
- }
803
- *out_mac_secret_len = SHA_DIGEST_LENGTH;
804
- break;
805
- case SSL_SHA256:
806
- *out_aead = EVP_aead_aes_128_cbc_sha256_tls();
807
- *out_mac_secret_len = SHA256_DIGEST_LENGTH;
808
- break;
809
- default:
810
- return 0;
719
+ /* In TLS 1.3, the iv_len is equal to the AEAD nonce length whereas the code
720
+ * above computes the TLS 1.2 construction. */
721
+ if (version >= TLS1_3_VERSION) {
722
+ *out_fixed_iv_len = EVP_AEAD_nonce_length(*out_aead);
723
+ }
724
+ } else if (cipher->algorithm_mac == SSL_SHA1) {
725
+ if (cipher->algorithm_enc == SSL_eNULL) {
726
+ if (version == SSL3_VERSION) {
727
+ *out_aead = EVP_aead_null_sha1_ssl3();
728
+ } else {
729
+ *out_aead = EVP_aead_null_sha1_tls();
811
730
  }
812
- break;
813
-
814
- case SSL_AES256:
815
- switch (cipher->algorithm_mac) {
816
- case SSL_SHA1:
817
- if (version == SSL3_VERSION) {
818
- *out_aead = EVP_aead_aes_256_cbc_sha1_ssl3();
819
- *out_fixed_iv_len = 16;
820
- } else if (version == TLS1_VERSION) {
821
- *out_aead = EVP_aead_aes_256_cbc_sha1_tls_implicit_iv();
822
- *out_fixed_iv_len = 16;
823
- } else {
824
- *out_aead = EVP_aead_aes_256_cbc_sha1_tls();
825
- }
826
- *out_mac_secret_len = SHA_DIGEST_LENGTH;
827
- break;
828
- case SSL_SHA256:
829
- *out_aead = EVP_aead_aes_256_cbc_sha256_tls();
830
- *out_mac_secret_len = SHA256_DIGEST_LENGTH;
831
- break;
832
- case SSL_SHA384:
833
- *out_aead = EVP_aead_aes_256_cbc_sha384_tls();
834
- *out_mac_secret_len = SHA384_DIGEST_LENGTH;
835
- break;
836
- default:
837
- return 0;
731
+ } else if (cipher->algorithm_enc == SSL_3DES) {
732
+ if (version == SSL3_VERSION) {
733
+ *out_aead = EVP_aead_des_ede3_cbc_sha1_ssl3();
734
+ *out_fixed_iv_len = 8;
735
+ } else if (version == TLS1_VERSION) {
736
+ *out_aead = EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv();
737
+ *out_fixed_iv_len = 8;
738
+ } else {
739
+ *out_aead = EVP_aead_des_ede3_cbc_sha1_tls();
838
740
  }
839
- break;
840
-
841
- case SSL_3DES:
842
- switch (cipher->algorithm_mac) {
843
- case SSL_SHA1:
844
- if (version == SSL3_VERSION) {
845
- *out_aead = EVP_aead_des_ede3_cbc_sha1_ssl3();
846
- *out_fixed_iv_len = 8;
847
- } else if (version == TLS1_VERSION) {
848
- *out_aead = EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv();
849
- *out_fixed_iv_len = 8;
850
- } else {
851
- *out_aead = EVP_aead_des_ede3_cbc_sha1_tls();
852
- }
853
- *out_mac_secret_len = SHA_DIGEST_LENGTH;
854
- break;
855
- default:
856
- return 0;
741
+ } else if (cipher->algorithm_enc == SSL_AES128) {
742
+ if (version == SSL3_VERSION) {
743
+ *out_aead = EVP_aead_aes_128_cbc_sha1_ssl3();
744
+ *out_fixed_iv_len = 16;
745
+ } else if (version == TLS1_VERSION) {
746
+ *out_aead = EVP_aead_aes_128_cbc_sha1_tls_implicit_iv();
747
+ *out_fixed_iv_len = 16;
748
+ } else {
749
+ *out_aead = EVP_aead_aes_128_cbc_sha1_tls();
857
750
  }
858
- break;
859
-
860
- case SSL_eNULL:
861
- switch (cipher->algorithm_mac) {
862
- case SSL_SHA1:
863
- if (version == SSL3_VERSION) {
864
- *out_aead = EVP_aead_null_sha1_ssl3();
865
- } else {
866
- *out_aead = EVP_aead_null_sha1_tls();
867
- }
868
- *out_mac_secret_len = SHA_DIGEST_LENGTH;
869
- break;
870
- default:
871
- return 0;
751
+ } else if (cipher->algorithm_enc == SSL_AES256) {
752
+ if (version == SSL3_VERSION) {
753
+ *out_aead = EVP_aead_aes_256_cbc_sha1_ssl3();
754
+ *out_fixed_iv_len = 16;
755
+ } else if (version == TLS1_VERSION) {
756
+ *out_aead = EVP_aead_aes_256_cbc_sha1_tls_implicit_iv();
757
+ *out_fixed_iv_len = 16;
758
+ } else {
759
+ *out_aead = EVP_aead_aes_256_cbc_sha1_tls();
872
760
  }
873
- break;
761
+ } else {
762
+ return 0;
763
+ }
874
764
 
875
- default:
765
+ *out_mac_secret_len = SHA_DIGEST_LENGTH;
766
+ } else if (cipher->algorithm_mac == SSL_SHA256) {
767
+ if (cipher->algorithm_enc == SSL_AES128) {
768
+ *out_aead = EVP_aead_aes_128_cbc_sha256_tls();
769
+ } else if (cipher->algorithm_enc == SSL_AES256) {
770
+ *out_aead = EVP_aead_aes_256_cbc_sha256_tls();
771
+ } else {
876
772
  return 0;
877
- }
773
+ }
774
+
775
+ *out_mac_secret_len = SHA256_DIGEST_LENGTH;
776
+ } else if (cipher->algorithm_mac == SSL_SHA384) {
777
+ if (cipher->algorithm_enc != SSL_AES256) {
778
+ return 0;
779
+ }
878
780
 
879
- /* In TLS 1.3, the iv_len is equal to the AEAD nonce length whereas the code
880
- * above computes the TLS 1.2 construction.
881
- *
882
- * TODO(davidben,svaldez): Avoid computing the wrong value and fixing it. */
883
- if (version >= TLS1_3_VERSION) {
884
- *out_fixed_iv_len = EVP_AEAD_nonce_length(*out_aead);
885
- assert(*out_fixed_iv_len >= 8);
781
+ *out_aead = EVP_aead_aes_256_cbc_sha384_tls();
782
+ *out_mac_secret_len = SHA384_DIGEST_LENGTH;
783
+ } else {
784
+ return 0;
886
785
  }
786
+
887
787
  return 1;
888
788
  }
889
789
 
890
- const EVP_MD *ssl_get_handshake_digest(uint32_t algorithm_prf) {
790
+ const EVP_MD *ssl_get_handshake_digest(uint32_t algorithm_prf,
791
+ uint16_t version) {
891
792
  switch (algorithm_prf) {
892
793
  case SSL_HANDSHAKE_MAC_DEFAULT:
893
- return EVP_sha1();
794
+ return version >= TLS1_2_VERSION ? EVP_sha256() : EVP_md5_sha1();
894
795
  case SSL_HANDSHAKE_MAC_SHA256:
895
796
  return EVP_sha256();
896
797
  case SSL_HANDSHAKE_MAC_SHA384:
@@ -959,7 +860,9 @@ static void ssl_cipher_collect_ciphers(const SSL_PROTOCOL_METHOD *ssl_method,
959
860
  size_t co_list_num = 0;
960
861
  for (size_t i = 0; i < kCiphersLen; i++) {
961
862
  const SSL_CIPHER *cipher = &kCiphers[i];
962
- if (ssl_method->supports_cipher(cipher)) {
863
+ if (ssl_method->supports_cipher(cipher) &&
864
+ /* TLS 1.3 ciphers do not participate in this mechanism. */
865
+ cipher->algorithm_mkey != SSL_kGENERIC) {
963
866
  co_list[co_list_num].cipher = cipher;
964
867
  co_list[co_list_num].next = NULL;
965
868
  co_list[co_list_num].prev = NULL;
@@ -1063,14 +966,6 @@ static void ssl_cipher_apply_rule(
1063
966
  (min_version != 0 && SSL_CIPHER_get_min_version(cp) != min_version)) {
1064
967
  continue;
1065
968
  }
1066
-
1067
- /* The following ciphers are internal implementation details of TLS 1.3
1068
- * resumption but are not yet finalized. Disable them by default until
1069
- * then. */
1070
- if (cp->id == TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256 ||
1071
- cp->id == TLS1_CK_ECDHE_PSK_WITH_AES_256_GCM_SHA384) {
1072
- continue;
1073
- }
1074
969
  }
1075
970
 
1076
971
  /* add the cipher if it has not been added yet. */
@@ -1150,7 +1045,7 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
1150
1045
  OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1151
1046
  return 0;
1152
1047
  }
1153
- memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
1048
+ OPENSSL_memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
1154
1049
 
1155
1050
  /* Now find the strength_bits values actually used. */
1156
1051
  curr = *head_p;
@@ -1175,16 +1070,15 @@ static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
1175
1070
  static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1176
1071
  const char *rule_str,
1177
1072
  CIPHER_ORDER **head_p,
1178
- CIPHER_ORDER **tail_p) {
1073
+ CIPHER_ORDER **tail_p, int strict) {
1179
1074
  uint32_t alg_mkey, alg_auth, alg_enc, alg_mac;
1180
1075
  uint16_t min_version;
1181
1076
  const char *l, *buf;
1182
- int multi, skip_rule, rule, retval, ok, in_group = 0, has_group = 0;
1077
+ int multi, skip_rule, rule, ok, in_group = 0, has_group = 0;
1183
1078
  size_t j, buf_len;
1184
1079
  uint32_t cipher_id;
1185
1080
  char ch;
1186
1081
 
1187
- retval = 1;
1188
1082
  l = rule_str;
1189
1083
  for (;;) {
1190
1084
  ch = *l;
@@ -1210,8 +1104,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1210
1104
  } else if (!(ch >= 'a' && ch <= 'z') && !(ch >= 'A' && ch <= 'Z') &&
1211
1105
  !(ch >= '0' && ch <= '9')) {
1212
1106
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_OPERATOR_IN_GROUP);
1213
- retval = in_group = 0;
1214
- break;
1107
+ return 0;
1215
1108
  } else {
1216
1109
  rule = CIPHER_ADD;
1217
1110
  }
@@ -1230,8 +1123,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1230
1123
  } else if (ch == '[') {
1231
1124
  if (in_group) {
1232
1125
  OPENSSL_PUT_ERROR(SSL, SSL_R_NESTED_GROUP);
1233
- retval = in_group = 0;
1234
- break;
1126
+ return 0;
1235
1127
  }
1236
1128
  in_group = 1;
1237
1129
  has_group = 1;
@@ -1245,8 +1137,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1245
1137
  * Otherwise the in_group bits will get mixed up. */
1246
1138
  if (has_group && rule != CIPHER_ADD) {
1247
1139
  OPENSSL_PUT_ERROR(SSL, SSL_R_MIXED_SPECIAL_OPERATOR_WITH_GROUPS);
1248
- retval = in_group = 0;
1249
- break;
1140
+ return 0;
1250
1141
  }
1251
1142
 
1252
1143
  if (ITEM_SEP(ch)) {
@@ -1277,9 +1168,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1277
1168
  /* We hit something we cannot deal with, it is no command or separator
1278
1169
  * nor alphanumeric, so we call this an error. */
1279
1170
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND);
1280
- retval = in_group = 0;
1281
- l++;
1282
- break;
1171
+ return 0;
1283
1172
  }
1284
1173
 
1285
1174
  if (rule == CIPHER_SPECIAL) {
@@ -1317,6 +1206,10 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1317
1206
  }
1318
1207
  if (j == kCipherAliasesLen) {
1319
1208
  skip_rule = 1;
1209
+ if (strict) {
1210
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND);
1211
+ return 0;
1212
+ }
1320
1213
  }
1321
1214
  }
1322
1215
 
@@ -1328,29 +1221,6 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1328
1221
  multi = 1;
1329
1222
  }
1330
1223
 
1331
- /* If one of the CHACHA20_POLY1305 variants is selected, include the other
1332
- * as well. They have the same name to avoid requiring changes in
1333
- * configuration. Apply this transformation late so that the cipher name
1334
- * still behaves as an exact name and not an alias in multipart rules.
1335
- *
1336
- * This is temporary and will be removed when the pre-standard construction
1337
- * is removed. */
1338
- if (cipher_id == TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD ||
1339
- cipher_id == TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) {
1340
- cipher_id = 0;
1341
- alg_mkey = SSL_kECDHE;
1342
- alg_auth = SSL_aRSA;
1343
- alg_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD;
1344
- alg_mac = SSL_AEAD;
1345
- } else if (cipher_id == TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD ||
1346
- cipher_id == TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) {
1347
- cipher_id = 0;
1348
- alg_mkey = SSL_kECDHE;
1349
- alg_auth = SSL_aECDSA;
1350
- alg_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD;
1351
- alg_mac = SSL_AEAD;
1352
- }
1353
-
1354
1224
  /* Ok, we have the rule, now apply it. */
1355
1225
  if (rule == CIPHER_SPECIAL) {
1356
1226
  /* special command */
@@ -1362,7 +1232,7 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1362
1232
  }
1363
1233
 
1364
1234
  if (ok == 0) {
1365
- retval = 0;
1235
+ return 0;
1366
1236
  }
1367
1237
 
1368
1238
  /* We do not support any "multi" options together with "@", so throw away
@@ -1378,20 +1248,17 @@ static int ssl_cipher_process_rulestr(const SSL_PROTOCOL_METHOD *ssl_method,
1378
1248
 
1379
1249
  if (in_group) {
1380
1250
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMMAND);
1381
- retval = 0;
1251
+ return 0;
1382
1252
  }
1383
1253
 
1384
- return retval;
1254
+ return 1;
1385
1255
  }
1386
1256
 
1387
1257
  STACK_OF(SSL_CIPHER) *
1388
1258
  ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1389
1259
  struct ssl_cipher_preference_list_st **out_cipher_list,
1390
- STACK_OF(SSL_CIPHER) **out_cipher_list_by_id,
1391
- const char *rule_str) {
1392
- int ok;
1393
- STACK_OF(SSL_CIPHER) *cipherstack = NULL, *tmp_cipher_list = NULL;
1394
- const char *rule_p;
1260
+ const char *rule_str, int strict) {
1261
+ STACK_OF(SSL_CIPHER) *cipherstack = NULL;
1395
1262
  CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
1396
1263
  uint8_t *in_group_flags = NULL;
1397
1264
  unsigned int num_in_group_flags = 0;
@@ -1416,15 +1283,14 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1416
1283
  /* Now arrange all ciphers by preference:
1417
1284
  * TODO(davidben): Compute this order once and copy it. */
1418
1285
 
1419
- /* Everything else being equal, prefer ECDHE_ECDSA then ECDHE_RSA over other
1286
+ /* Everything else being equal, prefer ECDHE_ECDSA and ECDHE_RSA over other
1420
1287
  * key exchange mechanisms */
1421
-
1422
1288
  ssl_cipher_apply_rule(0, SSL_kECDHE, SSL_aECDSA, ~0u, ~0u, 0, CIPHER_ADD, -1,
1423
1289
  0, &head, &tail);
1424
1290
  ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, 0, CIPHER_ADD, -1, 0,
1425
1291
  &head, &tail);
1426
- ssl_cipher_apply_rule(0, SSL_kECDHE, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, 0,
1427
- &head, &tail);
1292
+ ssl_cipher_apply_rule(0, ~0u, ~0u, ~0u, ~0u, 0, CIPHER_DEL, -1, 0, &head,
1293
+ &tail);
1428
1294
 
1429
1295
  /* Order the bulk ciphers. First the preferred AEAD ciphers. We prefer
1430
1296
  * CHACHA20 unless there is hardware support for fast and constant-time
@@ -1437,13 +1303,9 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1437
1303
  &head, &tail);
1438
1304
  ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305, ~0u, 0, CIPHER_ADD,
1439
1305
  -1, 0, &head, &tail);
1440
- ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, 0,
1441
- CIPHER_ADD, -1, 0, &head, &tail);
1442
1306
  } else {
1443
1307
  ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305, ~0u, 0, CIPHER_ADD,
1444
1308
  -1, 0, &head, &tail);
1445
- ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_CHACHA20POLY1305_OLD, ~0u, 0,
1446
- CIPHER_ADD, -1, 0, &head, &tail);
1447
1309
  ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES128GCM, ~0u, 0, CIPHER_ADD, -1, 0,
1448
1310
  &head, &tail);
1449
1311
  ssl_cipher_apply_rule(0, ~0u, ~0u, SSL_AES256GCM, ~0u, 0, CIPHER_ADD, -1, 0,
@@ -1464,7 +1326,7 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1464
1326
  &tail);
1465
1327
 
1466
1328
  /* Move ciphers without forward secrecy to the end. */
1467
- ssl_cipher_apply_rule(0, ~(SSL_kDHE | SSL_kECDHE), ~0u, ~0u, ~0u, 0,
1329
+ ssl_cipher_apply_rule(0, (SSL_kRSA | SSL_kPSK), ~0u, ~0u, ~0u, 0,
1468
1330
  CIPHER_ORD, -1, 0, &head, &tail);
1469
1331
 
1470
1332
  /* Now disable everything (maintaining the ordering!) */
@@ -1473,22 +1335,20 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1473
1335
 
1474
1336
  /* If the rule_string begins with DEFAULT, apply the default rule before
1475
1337
  * using the (possibly available) additional rules. */
1476
- ok = 1;
1477
- rule_p = rule_str;
1338
+ const char *rule_p = rule_str;
1478
1339
  if (strncmp(rule_str, "DEFAULT", 7) == 0) {
1479
- ok = ssl_cipher_process_rulestr(ssl_method, SSL_DEFAULT_CIPHER_LIST, &head,
1480
- &tail);
1340
+ if (!ssl_cipher_process_rulestr(ssl_method, SSL_DEFAULT_CIPHER_LIST, &head,
1341
+ &tail, strict)) {
1342
+ goto err;
1343
+ }
1481
1344
  rule_p += 7;
1482
1345
  if (*rule_p == ':') {
1483
1346
  rule_p++;
1484
1347
  }
1485
1348
  }
1486
1349
 
1487
- if (ok && strlen(rule_p) > 0) {
1488
- ok = ssl_cipher_process_rulestr(ssl_method, rule_p, &head, &tail);
1489
- }
1490
-
1491
- if (!ok) {
1350
+ if (*rule_p != '\0' &&
1351
+ !ssl_cipher_process_rulestr(ssl_method, rule_p, &head, &tail, strict)) {
1492
1352
  goto err;
1493
1353
  }
1494
1354
 
@@ -1517,10 +1377,6 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1517
1377
  OPENSSL_free(co_list); /* Not needed any longer */
1518
1378
  co_list = NULL;
1519
1379
 
1520
- tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
1521
- if (tmp_cipher_list == NULL) {
1522
- goto err;
1523
- }
1524
1380
  pref_list = OPENSSL_malloc(sizeof(struct ssl_cipher_preference_list_st));
1525
1381
  if (!pref_list) {
1526
1382
  goto err;
@@ -1530,7 +1386,7 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1530
1386
  if (!pref_list->in_group_flags) {
1531
1387
  goto err;
1532
1388
  }
1533
- memcpy(pref_list->in_group_flags, in_group_flags, num_in_group_flags);
1389
+ OPENSSL_memcpy(pref_list->in_group_flags, in_group_flags, num_in_group_flags);
1534
1390
  OPENSSL_free(in_group_flags);
1535
1391
  in_group_flags = NULL;
1536
1392
  if (*out_cipher_list != NULL) {
@@ -1539,26 +1395,12 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
1539
1395
  *out_cipher_list = pref_list;
1540
1396
  pref_list = NULL;
1541
1397
 
1542
- if (out_cipher_list_by_id != NULL) {
1543
- sk_SSL_CIPHER_free(*out_cipher_list_by_id);
1544
- *out_cipher_list_by_id = tmp_cipher_list;
1545
- tmp_cipher_list = NULL;
1546
- (void) sk_SSL_CIPHER_set_cmp_func(*out_cipher_list_by_id,
1547
- ssl_cipher_ptr_id_cmp);
1548
-
1549
- sk_SSL_CIPHER_sort(*out_cipher_list_by_id);
1550
- } else {
1551
- sk_SSL_CIPHER_free(tmp_cipher_list);
1552
- tmp_cipher_list = NULL;
1553
- }
1554
-
1555
1398
  return cipherstack;
1556
1399
 
1557
1400
  err:
1558
1401
  OPENSSL_free(co_list);
1559
1402
  OPENSSL_free(in_group_flags);
1560
1403
  sk_SSL_CIPHER_free(cipherstack);
1561
- sk_SSL_CIPHER_free(tmp_cipher_list);
1562
1404
  if (pref_list) {
1563
1405
  OPENSSL_free(pref_list->in_group_flags);
1564
1406
  }
@@ -1575,38 +1417,10 @@ uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher) {
1575
1417
  return id & 0xffff;
1576
1418
  }
1577
1419
 
1578
- int ssl_cipher_get_ecdhe_psk_cipher(const SSL_CIPHER *cipher,
1579
- uint16_t *out_cipher) {
1580
- switch (cipher->id) {
1581
- case TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1582
- case TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
1583
- case TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
1584
- *out_cipher = TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 & 0xffff;
1585
- return 1;
1586
-
1587
- case TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
1588
- case TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
1589
- case TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256:
1590
- *out_cipher = TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256 & 0xffff;
1591
- return 1;
1592
-
1593
- case TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1594
- case TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1595
- case TLS1_CK_ECDHE_PSK_WITH_AES_256_GCM_SHA384:
1596
- *out_cipher = TLS1_CK_ECDHE_PSK_WITH_AES_256_GCM_SHA384 & 0xffff;
1597
- return 1;
1598
- }
1599
- return 0;
1600
- }
1601
-
1602
1420
  int SSL_CIPHER_is_AES(const SSL_CIPHER *cipher) {
1603
1421
  return (cipher->algorithm_enc & SSL_AES) != 0;
1604
1422
  }
1605
1423
 
1606
- int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *cipher) {
1607
- return (cipher->algorithm_mac & SSL_MD5) != 0;
1608
- }
1609
-
1610
1424
  int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher) {
1611
1425
  return (cipher->algorithm_mac & SSL_SHA1) != 0;
1612
1426
  }
@@ -1615,6 +1429,10 @@ int SSL_CIPHER_has_SHA256_HMAC(const SSL_CIPHER *cipher) {
1615
1429
  return (cipher->algorithm_mac & SSL_SHA256) != 0;
1616
1430
  }
1617
1431
 
1432
+ int SSL_CIPHER_is_AEAD(const SSL_CIPHER *cipher) {
1433
+ return (cipher->algorithm_mac & SSL_AEAD) != 0;
1434
+ }
1435
+
1618
1436
  int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher) {
1619
1437
  return (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) != 0;
1620
1438
  }
@@ -1632,8 +1450,7 @@ int SSL_CIPHER_is_AES256CBC(const SSL_CIPHER *cipher) {
1632
1450
  }
1633
1451
 
1634
1452
  int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher) {
1635
- return (cipher->algorithm_enc &
1636
- (SSL_CHACHA20POLY1305 | SSL_CHACHA20POLY1305_OLD)) != 0;
1453
+ return (cipher->algorithm_enc & SSL_CHACHA20POLY1305) != 0;
1637
1454
  }
1638
1455
 
1639
1456
  int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher) {
@@ -1657,11 +1474,16 @@ int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) {
1657
1474
  return (cipher->algorithm_mkey & SSL_kECDHE) != 0;
1658
1475
  }
1659
1476
 
1660
- int SSL_CIPHER_is_CECPQ1(const SSL_CIPHER *cipher) {
1661
- return (cipher->algorithm_mkey & SSL_kCECPQ1) != 0;
1477
+ int SSL_CIPHER_is_static_RSA(const SSL_CIPHER *cipher) {
1478
+ return (cipher->algorithm_mkey & SSL_kRSA) != 0;
1662
1479
  }
1663
1480
 
1664
1481
  uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
1482
+ if (cipher->algorithm_mkey == SSL_kGENERIC ||
1483
+ cipher->algorithm_auth == SSL_aGENERIC) {
1484
+ return TLS1_3_VERSION;
1485
+ }
1486
+
1665
1487
  if (cipher->algorithm_prf != SSL_HANDSHAKE_MAC_DEFAULT) {
1666
1488
  /* Cipher suites before TLS 1.2 use the default PRF, while all those added
1667
1489
  * afterwards specify a particular hash. */
@@ -1671,11 +1493,8 @@ uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
1671
1493
  }
1672
1494
 
1673
1495
  uint16_t SSL_CIPHER_get_max_version(const SSL_CIPHER *cipher) {
1674
- if (cipher->algorithm_mac == SSL_AEAD &&
1675
- (cipher->algorithm_enc & SSL_CHACHA20POLY1305_OLD) == 0 &&
1676
- (cipher->algorithm_mkey & SSL_kECDHE) != 0 &&
1677
- /* TODO(davidben,svaldez): Support PSK-based ciphers in TLS 1.3. */
1678
- (cipher->algorithm_auth & SSL_aCERT) != 0) {
1496
+ if (cipher->algorithm_mkey == SSL_kGENERIC ||
1497
+ cipher->algorithm_auth == SSL_aGENERIC) {
1679
1498
  return TLS1_3_VERSION;
1680
1499
  }
1681
1500
  return TLS1_2_VERSION;
@@ -1721,21 +1540,14 @@ const char *SSL_CIPHER_get_kx_name(const SSL_CIPHER *cipher) {
1721
1540
  return "UNKNOWN";
1722
1541
  }
1723
1542
 
1724
- case SSL_kCECPQ1:
1725
- switch (cipher->algorithm_auth) {
1726
- case SSL_aECDSA:
1727
- return "CECPQ1_ECDSA";
1728
- case SSL_aRSA:
1729
- return "CECPQ1_RSA";
1730
- default:
1731
- assert(0);
1732
- return "UNKNOWN";
1733
- }
1734
-
1735
1543
  case SSL_kPSK:
1736
1544
  assert(cipher->algorithm_auth == SSL_aPSK);
1737
1545
  return "PSK";
1738
1546
 
1547
+ case SSL_kGENERIC:
1548
+ assert(cipher->algorithm_auth == SSL_aGENERIC);
1549
+ return "GENERIC";
1550
+
1739
1551
  default:
1740
1552
  assert(0);
1741
1553
  return "UNKNOWN";
@@ -1755,7 +1567,6 @@ static const char *ssl_cipher_get_enc_name(const SSL_CIPHER *cipher) {
1755
1567
  case SSL_AES256GCM:
1756
1568
  return "AES_256_GCM";
1757
1569
  case SSL_CHACHA20POLY1305:
1758
- case SSL_CHACHA20POLY1305_OLD:
1759
1570
  return "CHACHA20_POLY1305";
1760
1571
  break;
1761
1572
  default:
@@ -1767,15 +1578,10 @@ static const char *ssl_cipher_get_enc_name(const SSL_CIPHER *cipher) {
1767
1578
  static const char *ssl_cipher_get_prf_name(const SSL_CIPHER *cipher) {
1768
1579
  switch (cipher->algorithm_prf) {
1769
1580
  case SSL_HANDSHAKE_MAC_DEFAULT:
1770
- /* Before TLS 1.2, the PRF component is the hash used in the HMAC, which is
1771
- * only ever MD5 or SHA-1. */
1772
- switch (cipher->algorithm_mac) {
1773
- case SSL_MD5:
1774
- return "MD5";
1775
- case SSL_SHA1:
1776
- return "SHA";
1777
- }
1778
- break;
1581
+ /* Before TLS 1.2, the PRF component is the hash used in the HMAC, which
1582
+ * is SHA-1 for all supported ciphers. */
1583
+ assert(cipher->algorithm_mac == SSL_SHA1);
1584
+ return "SHA";
1779
1585
  case SSL_HANDSHAKE_MAC_SHA256:
1780
1586
  return "SHA256";
1781
1587
  case SSL_HANDSHAKE_MAC_SHA384:
@@ -1794,16 +1600,23 @@ char *SSL_CIPHER_get_rfc_name(const SSL_CIPHER *cipher) {
1794
1600
  const char *enc_name = ssl_cipher_get_enc_name(cipher);
1795
1601
  const char *prf_name = ssl_cipher_get_prf_name(cipher);
1796
1602
 
1797
- /* The final name is TLS_{kx_name}_WITH_{enc_name}_{prf_name}. */
1798
- size_t len = 4 + strlen(kx_name) + 6 + strlen(enc_name) + 1 +
1799
- strlen(prf_name) + 1;
1603
+ /* The final name is TLS_{kx_name}_WITH_{enc_name}_{prf_name} or
1604
+ * TLS_{enc_name}_{prf_name} depending on whether the cipher is AEAD-only. */
1605
+ size_t len = 4 + strlen(enc_name) + 1 + strlen(prf_name) + 1;
1606
+
1607
+ if (cipher->algorithm_mkey != SSL_kGENERIC) {
1608
+ len += strlen(kx_name) + 6;
1609
+ }
1610
+
1800
1611
  char *ret = OPENSSL_malloc(len);
1801
1612
  if (ret == NULL) {
1802
1613
  return NULL;
1803
1614
  }
1615
+
1804
1616
  if (BUF_strlcpy(ret, "TLS_", len) >= len ||
1805
- BUF_strlcat(ret, kx_name, len) >= len ||
1806
- BUF_strlcat(ret, "_WITH_", len) >= len ||
1617
+ (cipher->algorithm_mkey != SSL_kGENERIC &&
1618
+ (BUF_strlcat(ret, kx_name, len) >= len ||
1619
+ BUF_strlcat(ret, "_WITH_", len) >= len)) ||
1807
1620
  BUF_strlcat(ret, enc_name, len) >= len ||
1808
1621
  BUF_strlcat(ret, "_", len) >= len ||
1809
1622
  BUF_strlcat(ret, prf_name, len) >= len) {
@@ -1811,6 +1624,7 @@ char *SSL_CIPHER_get_rfc_name(const SSL_CIPHER *cipher) {
1811
1624
  OPENSSL_free(ret);
1812
1625
  return NULL;
1813
1626
  }
1627
+
1814
1628
  assert(strlen(ret) + 1 == len);
1815
1629
  return ret;
1816
1630
  }
@@ -1830,9 +1644,6 @@ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *out_alg_bits) {
1830
1644
 
1831
1645
  case SSL_AES256:
1832
1646
  case SSL_AES256GCM:
1833
- #if !defined(BORINGSSL_ANDROID_SYSTEM)
1834
- case SSL_CHACHA20POLY1305_OLD:
1835
- #endif
1836
1647
  case SSL_CHACHA20POLY1305:
1837
1648
  alg_bits = 256;
1838
1649
  strength_bits = 256;
@@ -1883,14 +1694,14 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
1883
1694
  kx = "ECDH";
1884
1695
  break;
1885
1696
 
1886
- case SSL_kCECPQ1:
1887
- kx = "CECPQ1";
1888
- break;
1889
-
1890
1697
  case SSL_kPSK:
1891
1698
  kx = "PSK";
1892
1699
  break;
1893
1700
 
1701
+ case SSL_kGENERIC:
1702
+ kx = "GENERIC";
1703
+ break;
1704
+
1894
1705
  default:
1895
1706
  kx = "unknown";
1896
1707
  }
@@ -1908,6 +1719,10 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
1908
1719
  au = "PSK";
1909
1720
  break;
1910
1721
 
1722
+ case SSL_aGENERIC:
1723
+ au = "GENERIC";
1724
+ break;
1725
+
1911
1726
  default:
1912
1727
  au = "unknown";
1913
1728
  break;
@@ -1934,10 +1749,6 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
1934
1749
  enc = "AESGCM(256)";
1935
1750
  break;
1936
1751
 
1937
- case SSL_CHACHA20POLY1305_OLD:
1938
- enc = "ChaCha20-Poly1305-Old";
1939
- break;
1940
-
1941
1752
  case SSL_CHACHA20POLY1305:
1942
1753
  enc = "ChaCha20-Poly1305";
1943
1754
  break;
@@ -1952,10 +1763,6 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
1952
1763
  }
1953
1764
 
1954
1765
  switch (alg_mac) {
1955
- case SSL_MD5:
1956
- mac = "MD5";
1957
- break;
1958
-
1959
1766
  case SSL_SHA1:
1960
1767
  mac = "SHA1";
1961
1768
  break;
@@ -2002,6 +1809,8 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) { return 1; }
2002
1809
 
2003
1810
  const char *SSL_COMP_get_name(const COMP_METHOD *comp) { return NULL; }
2004
1811
 
1812
+ void SSL_COMP_free_compression_methods(void) {}
1813
+
2005
1814
  int ssl_cipher_get_key_type(const SSL_CIPHER *cipher) {
2006
1815
  uint32_t alg_a = cipher->algorithm_auth;
2007
1816
 
@@ -2021,8 +1830,7 @@ int ssl_cipher_uses_certificate_auth(const SSL_CIPHER *cipher) {
2021
1830
  int ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher) {
2022
1831
  /* Ephemeral Diffie-Hellman key exchanges require a ServerKeyExchange. */
2023
1832
  if (cipher->algorithm_mkey & SSL_kDHE ||
2024
- cipher->algorithm_mkey & SSL_kECDHE ||
2025
- cipher->algorithm_mkey & SSL_kCECPQ1) {
1833
+ cipher->algorithm_mkey & SSL_kECDHE) {
2026
1834
  return 1;
2027
1835
  }
2028
1836
 
@@ -2044,19 +1852,9 @@ size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher) {
2044
1852
  return 0;
2045
1853
  }
2046
1854
 
2047
- size_t mac_len;
2048
- switch (cipher->algorithm_mac) {
2049
- case SSL_MD5:
2050
- mac_len = MD5_DIGEST_LENGTH;
2051
- break;
2052
- case SSL_SHA1:
2053
- mac_len = SHA_DIGEST_LENGTH;
2054
- break;
2055
- default:
2056
- return 0;
2057
- }
2058
-
2059
- size_t ret = 1 + mac_len;
1855
+ /* All supported TLS 1.0 ciphers use SHA-1. */
1856
+ assert(cipher->algorithm_mac == SSL_SHA1);
1857
+ size_t ret = 1 + SHA_DIGEST_LENGTH;
2060
1858
  ret += block_size - (ret % block_size);
2061
1859
  return ret;
2062
1860
  }