grpc 1.40.0.pre1 → 1.42.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +68 -64
- data/etc/roots.pem +335 -326
- data/include/grpc/byte_buffer.h +1 -1
- data/include/grpc/byte_buffer_reader.h +1 -1
- data/include/grpc/event_engine/endpoint_config.h +6 -11
- data/include/grpc/event_engine/event_engine.h +131 -86
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +98 -0
- data/include/grpc/event_engine/memory_allocator.h +210 -0
- data/include/grpc/event_engine/port.h +1 -3
- data/include/grpc/fork.h +1 -1
- data/include/grpc/grpc.h +14 -4
- data/include/grpc/grpc_posix.h +5 -2
- data/include/grpc/grpc_security.h +18 -0
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/atm.h +5 -3
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -0
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/fork.h +2 -0
- data/include/grpc/impl/codegen/gpr_slice.h +2 -0
- data/include/grpc/impl/codegen/gpr_types.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +4 -5
- data/include/grpc/impl/codegen/log.h +2 -0
- data/include/grpc/impl/codegen/port_platform.h +33 -22
- data/include/grpc/impl/codegen/propagation_bits.h +2 -0
- data/include/grpc/impl/codegen/slice.h +2 -0
- data/include/grpc/impl/codegen/status.h +2 -0
- data/include/grpc/impl/codegen/sync.h +8 -5
- data/include/grpc/impl/codegen/sync_abseil.h +2 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +3 -0
- data/include/grpc/impl/codegen/sync_posix.h +4 -2
- data/include/grpc/impl/codegen/sync_windows.h +2 -0
- data/include/grpc/slice.h +1 -1
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/atm.h +1 -1
- data/include/grpc/support/atm_gcc_atomic.h +1 -1
- data/include/grpc/support/atm_gcc_sync.h +1 -1
- data/include/grpc/support/atm_windows.h +1 -1
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/port_platform.h +1 -1
- data/include/grpc/support/sync.h +1 -1
- data/include/grpc/support/sync_abseil.h +1 -1
- data/include/grpc/support/sync_custom.h +1 -1
- data/include/grpc/support/sync_generic.h +1 -1
- data/include/grpc/support/sync_posix.h +1 -1
- data/include/grpc/support/sync_windows.h +1 -1
- data/include/grpc/support/time.h +2 -2
- data/src/core/ext/filters/census/grpc_context.cc +1 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +18 -20
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +72 -91
- data/src/core/ext/filters/client_channel/client_channel.cc +196 -289
- data/src/core/ext/filters/client_channel/client_channel.h +75 -28
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +2 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.h +17 -19
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +16 -15
- data/src/core/ext/filters/client_channel/config_selector.cc +2 -1
- data/src/core/ext/filters/client_channel/config_selector.h +4 -5
- data/src/core/ext/filters/client_channel/connector.h +18 -18
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +1 -1
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +0 -1
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +19 -17
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -3
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +8 -7
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +6 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +6 -15
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +168 -90
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +4 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +23 -7
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +29 -33
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2502 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +9 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +15 -7
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +10 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +9 -19
- data/src/core/ext/filters/client_channel/lb_policy.h +21 -44
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +1 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -7
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +139 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +13 -15
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +9 -8
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +26 -58
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +21 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +7 -2
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +5 -3
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +82 -76
- data/src/core/ext/filters/client_channel/resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +3 -4
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +1 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +64 -89
- data/src/core/ext/filters/client_channel/retry_service_config.h +1 -1
- data/src/core/ext/filters/client_channel/retry_throttle.cc +17 -48
- data/src/core/ext/filters/client_channel/server_address.h +1 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +49 -36
- data/src/core/ext/filters/client_channel/subchannel.cc +85 -143
- data/src/core/ext/filters/client_channel/subchannel.h +29 -49
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +22 -7
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +11 -2
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +29 -206
- data/src/core/ext/filters/client_idle/idle_filter_state.cc +96 -0
- data/src/core/ext/filters/client_idle/idle_filter_state.h +66 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +23 -26
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +27 -25
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +6 -14
- data/src/core/ext/filters/fault_injection/service_config_parser.h +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +44 -46
- data/src/core/ext/filters/http/client_authority_filter.cc +16 -16
- data/src/core/ext/filters/http/http_filters_plugin.cc +53 -71
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +19 -13
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +8 -9
- data/src/core/ext/filters/http/server/http_server_filter.cc +77 -72
- data/src/core/ext/filters/max_age/max_age_filter.cc +24 -26
- data/src/core/ext/filters/message_size/message_size_filter.cc +28 -29
- data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
- data/src/core/ext/{filters/client_channel → service_config}/service_config.cc +2 -2
- data/src/core/ext/{filters/client_channel → service_config}/service_config.h +4 -4
- data/src/core/ext/service_config/service_config_call_data.h +72 -0
- data/src/core/ext/{filters/client_channel → service_config}/service_config_parser.cc +3 -3
- data/src/core/ext/{filters/client_channel → service_config}/service_config_parser.h +8 -6
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +29 -15
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +21 -27
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +10 -6
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +29 -53
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +74 -53
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +0 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -6
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +5 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +83 -88
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +4 -1
- data/src/core/ext/transport/chttp2/transport/context_list.h +1 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +56 -37
- data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +6 -4
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +6 -5
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +5 -8
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +38 -7
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +12 -7
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -0
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +311 -665
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +240 -70
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +816 -1039
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +75 -177
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +146 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +137 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
- data/src/core/{lib/transport/authority_override.h → ext/transport/chttp2/transport/hpack_utils.h} +8 -15
- data/src/core/ext/transport/chttp2/transport/internal.h +6 -5
- data/src/core/ext/transport/chttp2/transport/parsing.cc +50 -203
- data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.cc +7 -3
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
- data/src/core/ext/transport/chttp2/transport/writing.cc +61 -50
- data/src/core/ext/transport/inproc/inproc_transport.cc +111 -113
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +96 -96
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +221 -89
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +48 -48
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +151 -61
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +99 -99
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +171 -69
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +164 -131
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +368 -102
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +95 -83
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +254 -85
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +24 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +62 -62
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +131 -53
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +53 -52
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +96 -33
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +71 -66
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +164 -57
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +56 -22
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +174 -17
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +32 -32
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +37 -37
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +40 -40
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +30 -30
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +81 -33
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +41 -29
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +141 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +49 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +105 -29
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +18 -18
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +286 -279
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +618 -267
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +115 -116
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +191 -77
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +46 -32
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +118 -34
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -12
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +44 -42
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +108 -55
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +42 -42
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +41 -17
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +9 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +11 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +19 -19
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +11 -5
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +1 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +58 -58
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +111 -45
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +68 -68
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +121 -49
- data/src/core/ext/upb-generated/google/api/http.upb.c +18 -18
- data/src/core/ext/upb-generated/google/api/http.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +153 -153
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +271 -109
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +2 -2
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +15 -15
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +19 -19
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +91 -37
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +5 -5
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +12 -12
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +60 -60
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +101 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +7 -7
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +31 -31
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +91 -37
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +55 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +154 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +8 -8
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +31 -13
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +4 -6
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +11 -5
- data/src/core/ext/upb-generated/validate/validate.upb.c +220 -220
- data/src/core/ext/upb-generated/validate/validate.upb.h +231 -93
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +182 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +4 -4
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +9 -9
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +7 -7
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +12 -12
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +7 -7
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +130 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +83 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +410 -384
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +101 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +59 -56
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +59 -46
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +90 -63
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +30 -19
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +801 -783
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +96 -100
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +133 -115
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +178 -173
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +14 -13
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +103 -103
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +5 -4
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +19 -23
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +4 -3
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +5 -3
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +5 -4
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +75 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +13 -12
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +25 -24
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +16 -15
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +17 -16
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +33 -32
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +19 -18
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +2 -2
- data/src/core/ext/xds/xds_api.cc +1140 -1314
- data/src/core/ext/xds/xds_api.h +150 -115
- data/src/core/ext/xds/xds_bootstrap.cc +27 -52
- data/src/core/ext/xds/xds_bootstrap.h +10 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +3 -3
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +113 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.h +52 -0
- data/src/core/ext/xds/xds_client.cc +572 -320
- data/src/core/ext/xds/xds_client.h +42 -37
- data/src/core/ext/xds/xds_client_stats.cc +16 -15
- data/src/core/ext/xds/xds_client_stats.h +7 -7
- data/src/core/ext/xds/xds_http_fault_filter.cc +4 -3
- data/src/core/ext/xds/xds_http_fault_filter.h +3 -2
- data/src/core/ext/xds/xds_http_filters.cc +1 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +15 -17
- data/src/core/lib/address_utils/parse_address.cc +6 -8
- data/src/core/lib/address_utils/sockaddr_utils.cc +2 -2
- data/src/core/lib/avl/avl.cc +5 -5
- data/src/core/lib/backoff/backoff.cc +1 -1
- data/src/core/lib/channel/channel_args.cc +26 -7
- data/src/core/lib/channel/channel_args.h +9 -0
- data/src/core/lib/channel/channel_stack.cc +5 -3
- data/src/core/lib/channel/channel_stack_builder.cc +4 -14
- data/src/core/lib/channel/channel_stack_builder.h +0 -8
- data/src/core/lib/channel/channel_trace.cc +5 -4
- data/src/core/lib/channel/channel_trace.h +2 -1
- data/src/core/lib/channel/channelz.cc +43 -39
- data/src/core/lib/channel/channelz.h +29 -29
- data/src/core/lib/channel/channelz_registry.cc +8 -7
- data/src/core/lib/channel/channelz_registry.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +2 -3
- data/src/core/lib/channel/connected_channel.h +1 -2
- data/src/core/lib/channel/handshaker.cc +2 -1
- data/src/core/lib/channel/handshaker.h +1 -2
- data/src/core/lib/channel/handshaker_factory.h +10 -2
- data/src/core/lib/channel/handshaker_registry.cc +15 -70
- data/src/core/lib/channel/handshaker_registry.h +29 -12
- data/src/core/lib/channel/status_util.h +2 -2
- data/src/core/lib/compression/algorithm_metadata.h +1 -0
- data/src/core/lib/compression/compression.cc +2 -2
- data/src/core/lib/compression/compression_args.cc +8 -5
- data/src/core/lib/compression/compression_internal.cc +4 -6
- data/src/core/lib/compression/compression_internal.h +1 -1
- data/src/core/lib/compression/message_compress.cc +2 -2
- data/src/core/lib/compression/stream_compression.cc +2 -1
- data/src/core/lib/compression/stream_compression.h +2 -1
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +2 -1
- data/src/core/lib/config/core_configuration.cc +96 -0
- data/src/core/lib/config/core_configuration.h +146 -0
- data/src/core/lib/debug/stats.cc +1 -1
- data/src/core/lib/debug/stats.h +1 -0
- data/src/core/lib/debug/stats_data.cc +15 -14
- data/src/core/lib/debug/stats_data.h +1 -0
- data/src/core/lib/debug/trace.cc +1 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/event_engine/endpoint_config.cc +0 -1
- data/src/core/lib/event_engine/event_engine.cc +3 -3
- data/src/core/lib/event_engine/sockaddr.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +4 -3
- data/src/core/lib/gpr/atm.cc +1 -1
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -2
- data/src/core/lib/gpr/env_posix.cc +2 -3
- data/src/core/lib/gpr/log.cc +3 -3
- data/src/core/lib/gpr/log_android.cc +3 -2
- data/src/core/lib/gpr/log_linux.cc +7 -4
- data/src/core/lib/gpr/log_posix.cc +6 -3
- data/src/core/lib/gpr/string.cc +2 -2
- data/src/core/lib/gpr/string.h +2 -2
- data/src/core/lib/gpr/sync.cc +2 -2
- data/src/core/lib/gpr/sync_abseil.cc +7 -6
- data/src/core/lib/gpr/sync_posix.cc +3 -3
- data/src/core/lib/gpr/time.cc +3 -2
- data/src/core/lib/gpr/time_windows.cc +3 -2
- data/src/core/lib/gpr/tls.h +119 -40
- data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
- data/src/core/lib/gpr/useful.h +79 -32
- data/src/core/lib/gprpp/arena.cc +2 -1
- data/src/core/lib/gprpp/arena.h +15 -5
- data/src/core/lib/gprpp/atomic_utils.h +47 -0
- data/src/core/lib/gprpp/bitset.h +188 -0
- data/src/core/lib/gprpp/chunked_vector.h +211 -0
- data/src/core/lib/{transport/authority_override.cc → gprpp/construct_destruct.h} +16 -17
- data/src/core/lib/gprpp/dual_ref_counted.h +25 -26
- data/src/core/lib/gprpp/fork.cc +14 -12
- data/src/core/lib/gprpp/fork.h +4 -4
- data/src/core/lib/gprpp/global_config.h +1 -2
- data/src/core/lib/gprpp/global_config_env.cc +7 -7
- data/src/core/lib/gprpp/global_config_generic.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +8 -5
- data/src/core/lib/gprpp/match.h +73 -0
- data/src/core/lib/gprpp/memory.h +9 -3
- data/src/core/lib/gprpp/mpscq.cc +7 -7
- data/src/core/lib/gprpp/mpscq.h +6 -5
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/overload.h +59 -0
- data/src/core/lib/gprpp/ref_counted.h +18 -18
- data/src/core/lib/gprpp/status_helper.cc +27 -7
- data/src/core/lib/gprpp/status_helper.h +12 -1
- data/src/core/lib/gprpp/sync.h +3 -1
- data/src/core/lib/gprpp/table.h +411 -0
- data/src/core/lib/gprpp/thd_posix.cc +5 -5
- data/src/core/lib/gprpp/thd_windows.cc +4 -11
- data/src/core/lib/gprpp/time_util.cc +2 -2
- data/src/core/lib/gprpp/time_util.h +2 -2
- data/src/core/lib/http/format_request.cc +1 -0
- data/src/core/lib/http/format_request.h +1 -0
- data/src/core/lib/http/httpcli.cc +202 -184
- data/src/core/lib/http/httpcli.h +3 -0
- data/src/core/lib/http/httpcli_security_connector.cc +5 -8
- data/src/core/lib/http/parser.cc +2 -2
- data/src/core/lib/http/parser.h +1 -0
- data/src/core/lib/iomgr/buffer_list.cc +2 -1
- data/src/core/lib/iomgr/buffer_list.h +1 -2
- data/src/core/lib/iomgr/call_combiner.cc +29 -10
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/combiner.cc +9 -23
- data/src/core/lib/iomgr/combiner.h +1 -0
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +1 -0
- data/src/core/lib/iomgr/endpoint.cc +0 -4
- data/src/core/lib/iomgr/endpoint.h +1 -3
- data/src/core/lib/iomgr/endpoint_cfstream.cc +16 -26
- data/src/core/lib/iomgr/endpoint_cfstream.h +1 -1
- data/src/core/lib/iomgr/endpoint_pair.h +1 -0
- data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +1 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +15 -11
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +17 -9
- data/src/core/lib/iomgr/error.cc +113 -52
- data/src/core/lib/iomgr/error.h +73 -18
- data/src/core/lib/iomgr/error_cfstream.cc +7 -2
- data/src/core/lib/iomgr/error_internal.h +1 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +17 -24
- data/src/core/lib/iomgr/ev_epollex_linux.cc +22 -29
- data/src/core/lib/iomgr/ev_poll_posix.cc +42 -45
- data/src/core/lib/iomgr/ev_posix.cc +1 -2
- data/src/core/lib/iomgr/event_engine/closure.cc +41 -18
- data/src/core/lib/iomgr/event_engine/closure.h +10 -1
- data/src/core/lib/iomgr/event_engine/endpoint.cc +6 -25
- data/src/core/lib/iomgr/event_engine/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine/iomgr.cc +18 -19
- data/src/core/lib/iomgr/event_engine/iomgr.h +20 -2
- data/src/core/lib/iomgr/event_engine/pollset.cc +5 -4
- data/src/core/lib/iomgr/event_engine/resolver.cc +12 -8
- data/src/core/lib/iomgr/event_engine/tcp.cc +60 -30
- data/src/core/lib/iomgr/event_engine/timer.cc +7 -2
- data/src/core/lib/iomgr/exec_ctx.cc +4 -13
- data/src/core/lib/iomgr/exec_ctx.h +11 -19
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +15 -16
- data/src/core/lib/iomgr/executor/mpmcqueue.h +7 -11
- data/src/core/lib/iomgr/executor/threadpool.cc +2 -2
- data/src/core/lib/iomgr/executor/threadpool.h +2 -1
- data/src/core/lib/iomgr/executor.cc +11 -26
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
- data/src/core/lib/iomgr/iocp_windows.cc +1 -0
- data/src/core/lib/iomgr/iomgr.cc +3 -1
- data/src/core/lib/iomgr/iomgr.h +2 -2
- data/src/core/lib/iomgr/iomgr_custom.cc +2 -2
- data/src/core/lib/iomgr/iomgr_custom.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +6 -10
- data/src/core/lib/iomgr/iomgr_internal.h +3 -2
- data/src/core/lib/iomgr/iomgr_windows.cc +1 -2
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +4 -4
- data/src/core/lib/iomgr/load_file.cc +2 -2
- data/src/core/lib/iomgr/lockfree_event.cc +18 -0
- data/src/core/lib/iomgr/polling_entity.cc +2 -2
- data/src/core/lib/iomgr/pollset_custom.cc +4 -5
- data/src/core/lib/iomgr/pollset_custom.h +3 -3
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
- data/src/core/lib/iomgr/port.h +0 -5
- data/src/core/lib/iomgr/python_util.h +1 -0
- data/src/core/lib/iomgr/resolve_address.cc +2 -1
- data/src/core/lib/iomgr/resolve_address.h +0 -4
- data/src/core/lib/iomgr/resolve_address_custom.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_custom.h +0 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +7 -11
- data/src/core/lib/iomgr/resolve_address_windows.cc +6 -8
- data/src/core/lib/iomgr/resource_quota.cc +136 -49
- data/src/core/lib/iomgr/resource_quota.h +66 -17
- data/src/core/lib/iomgr/sockaddr.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -0
- data/src/core/lib/iomgr/socket_mutator.cc +2 -2
- data/src/core/lib/iomgr/socket_mutator.h +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +4 -5
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.cc +4 -2
- data/src/core/lib/iomgr/tcp_client.h +4 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -22
- data/src/core/lib/iomgr/tcp_client_custom.cc +10 -18
- data/src/core/lib/iomgr/tcp_client_posix.cc +33 -27
- data/src/core/lib/iomgr/tcp_client_posix.h +5 -2
- data/src/core/lib/iomgr/tcp_client_windows.cc +16 -9
- data/src/core/lib/iomgr/tcp_custom.cc +11 -23
- data/src/core/lib/iomgr/tcp_custom.h +2 -1
- data/src/core/lib/iomgr/tcp_posix.cc +33 -64
- data/src/core/lib/iomgr/tcp_posix.h +11 -12
- data/src/core/lib/iomgr/tcp_server.cc +6 -4
- data/src/core/lib/iomgr/tcp_server.h +12 -9
- data/src/core/lib/iomgr/tcp_server_custom.cc +17 -34
- data/src/core/lib/iomgr/tcp_server_posix.cc +23 -17
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +1 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +17 -14
- data/src/core/lib/iomgr/tcp_windows.cc +8 -27
- data/src/core/lib/iomgr/tcp_windows.h +2 -1
- data/src/core/lib/iomgr/timer.cc +1 -0
- data/src/core/lib/iomgr/timer.h +1 -2
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +21 -51
- data/src/core/lib/iomgr/timer_generic.h +1 -0
- data/src/core/lib/iomgr/timer_heap.cc +2 -3
- data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -5
- data/src/core/lib/iomgr/unix_sockets_posix.h +2 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -3
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +1 -0
- data/src/core/lib/iomgr/work_serializer.cc +4 -4
- data/src/core/lib/iomgr/work_serializer.h +1 -1
- data/src/core/lib/json/json_reader.cc +9 -17
- data/src/core/lib/json/json_util.cc +68 -0
- data/src/core/lib/json/json_util.h +65 -115
- data/src/core/lib/json/json_writer.cc +0 -3
- data/src/core/lib/matchers/matchers.h +0 -1
- data/src/core/lib/profiling/basic_timers.cc +8 -6
- data/src/core/lib/profiling/stap_timers.cc +2 -2
- data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -4
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +16 -12
- data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +171 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
- data/src/core/lib/security/context/security_context.cc +11 -8
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +5 -4
- data/src/core/lib/security/credentials/credentials.cc +10 -8
- data/src/core/lib/security/credentials/credentials.h +7 -2
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +13 -26
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +3 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +60 -33
- data/src/core/lib/security/credentials/external/external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +2 -4
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +56 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -1
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +31 -14
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -11
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +3 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +3 -7
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +4 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +4 -4
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +3 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +10 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +2 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +6 -8
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +9 -4
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -7
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +1 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +3 -4
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +10 -14
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +0 -2
- data/src/core/lib/security/transport/auth_filters.h +1 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +9 -11
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -14
- data/src/core/lib/security/transport/secure_endpoint.h +1 -0
- data/src/core/lib/security/transport/security_handshaker.cc +78 -47
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +3 -5
- data/src/core/lib/security/transport/tsi_error.cc +3 -5
- data/src/core/lib/security/util/json_util.cc +6 -8
- data/src/core/lib/slice/percent_encoding.cc +73 -30
- data/src/core/lib/slice/percent_encoding.h +29 -28
- data/src/core/lib/slice/slice.cc +14 -21
- data/src/core/lib/{gpr/tls_pthread.cc → slice/slice_api.cc} +15 -6
- data/src/core/lib/slice/slice_buffer.cc +6 -7
- data/src/core/lib/slice/slice_intern.cc +10 -16
- data/src/core/lib/slice/slice_internal.h +3 -246
- data/src/core/lib/slice/slice_refcount.cc +17 -0
- data/src/core/lib/slice/slice_refcount.h +121 -0
- data/src/core/lib/slice/slice_refcount_base.h +173 -0
- data/src/core/lib/slice/slice_split.cc +100 -0
- data/src/core/lib/slice/slice_split.h +40 -0
- data/src/core/lib/slice/slice_string_helpers.cc +0 -83
- data/src/core/lib/slice/slice_string_helpers.h +0 -11
- data/src/core/lib/slice/static_slice.cc +529 -0
- data/src/core/lib/slice/static_slice.h +331 -0
- data/src/core/lib/surface/api_trace.cc +2 -1
- data/src/core/lib/surface/api_trace.h +1 -0
- data/src/core/lib/surface/builtins.cc +49 -0
- data/src/core/{ext/filters/workarounds/workaround_cronet_compression_filter.h → lib/surface/builtins.h} +8 -9
- data/src/core/lib/surface/byte_buffer_reader.cc +1 -1
- data/src/core/lib/surface/call.cc +112 -128
- data/src/core/lib/surface/call.h +3 -9
- data/src/core/lib/surface/call_details.cc +2 -2
- data/src/core/lib/surface/call_log_batch.cc +2 -2
- data/src/core/lib/surface/channel.cc +41 -41
- data/src/core/lib/surface/channel.h +14 -11
- data/src/core/lib/surface/channel_init.cc +23 -76
- data/src/core/lib/surface/channel_init.h +52 -44
- data/src/core/lib/surface/channel_ping.cc +1 -2
- data/src/core/lib/surface/channel_stack_type.cc +2 -1
- data/src/core/lib/surface/completion_queue.cc +60 -69
- data/src/core/lib/surface/completion_queue_factory.cc +2 -1
- data/src/core/lib/surface/completion_queue_factory.h +1 -0
- data/src/core/lib/surface/event_string.cc +1 -0
- data/src/core/lib/surface/init.cc +4 -48
- data/src/core/lib/surface/init.h +0 -1
- data/src/core/lib/surface/init_secure.cc +36 -14
- data/src/core/lib/surface/lame_client.cc +24 -16
- data/src/core/lib/surface/lame_client.h +1 -1
- data/src/core/lib/surface/metadata_array.cc +2 -2
- data/src/core/lib/surface/server.cc +42 -50
- data/src/core/lib/surface/server.h +28 -23
- data/src/core/lib/surface/validate_metadata.cc +49 -18
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +1 -0
- data/src/core/lib/transport/connectivity_state.cc +8 -5
- data/src/core/lib/transport/connectivity_state.h +2 -2
- data/src/core/lib/transport/error_utils.cc +43 -17
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +41 -20
- data/src/core/lib/transport/metadata.h +15 -12
- data/src/core/lib/transport/metadata_batch.cc +39 -364
- data/src/core/lib/transport/metadata_batch.h +916 -67
- data/src/core/lib/transport/parsed_metadata.h +263 -0
- data/src/core/lib/transport/pid_controller.cc +4 -4
- data/src/core/lib/transport/static_metadata.cc +714 -846
- data/src/core/lib/transport/static_metadata.h +115 -379
- data/src/core/lib/transport/status_metadata.cc +1 -0
- data/src/core/lib/transport/transport.cc +4 -5
- data/src/core/lib/transport/transport_op_string.cc +40 -20
- data/src/core/plugin_registry/grpc_plugin_registry.cc +76 -41
- data/src/core/tsi/alts/crypt/aes_gcm.cc +6 -3
- data/src/core/tsi/alts/crypt/gsec.h +2 -3
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +13 -12
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +10 -11
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +3 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +2 -3
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +12 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +2 -2
- data/src/core/tsi/fake_transport_security.cc +15 -7
- data/src/core/tsi/local_transport_security.cc +36 -73
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +20 -53
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
- data/src/core/tsi/ssl_transport_security.cc +21 -11
- data/src/core/tsi/ssl_transport_security.h +3 -1
- data/src/core/tsi/transport_security.cc +15 -3
- data/src/core/tsi/transport_security.h +16 -1
- data/src/core/tsi/transport_security_grpc.h +1 -0
- data/src/core/tsi/transport_security_interface.h +26 -0
- data/src/ruby/ext/grpc/extconf.rb +12 -9
- data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
- data/src/ruby/ext/grpc/rb_call.c +5 -5
- data/src/ruby/ext/grpc/rb_call_credentials.c +5 -5
- data/src/ruby/ext/grpc/rb_channel.c +10 -8
- data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
- data/src/ruby/ext/grpc/rb_channel_credentials.c +4 -4
- data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
- data/src/ruby/ext/grpc/rb_compression_options.c +5 -4
- data/src/ruby/ext/grpc/rb_event_thread.c +4 -4
- data/src/ruby/ext/grpc/rb_grpc.c +5 -4
- data/src/ruby/ext/grpc/rb_grpc.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +6 -0
- data/src/ruby/ext/grpc/rb_server.c +6 -5
- data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +8 -5
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +3 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +6 -5
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +3 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +2 -2
- data/src/ruby/spec/client_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +4 -4
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +11 -6
- data/third_party/address_sorting/address_sorting_posix.c +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +300 -292
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +21 -22
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +6 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +16 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +14 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/a_strex.c +269 -272
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +106 -153
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +1 -40
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_locl.h → internal.h} +58 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +290 -199
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +38 -47
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +45 -65
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +26 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +24 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +35 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +10 -37
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +62 -2
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +14 -9
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +151 -12
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +225 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +15 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +10 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -179
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +6 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +25 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +11 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +23 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +12 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +24 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +17 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +76 -31
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +521 -296
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +2 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +3 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +8 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +25 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +12 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +5 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +37 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +81 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +713 -146
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +16 -695
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +48 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +9 -16
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +310 -359
- data/third_party/boringssl-with-bazel/src/ssl/{t1_lib.cc → extensions.cc} +110 -159
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +24 -13
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -142
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +106 -99
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +87 -48
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +11 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +2 -51
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +121 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +28 -23
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +14 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +210 -212
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +30 -41
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +48 -34
- data/third_party/re2/re2/compile.cc +91 -109
- data/third_party/re2/re2/dfa.cc +27 -39
- data/third_party/re2/re2/filtered_re2.cc +18 -2
- data/third_party/re2/re2/filtered_re2.h +10 -5
- data/third_party/re2/re2/nfa.cc +1 -1
- data/third_party/re2/re2/parse.cc +42 -23
- data/third_party/re2/re2/perl_groups.cc +34 -34
- data/third_party/re2/re2/prefilter.cc +3 -2
- data/third_party/re2/re2/prog.cc +182 -4
- data/third_party/re2/re2/prog.h +28 -9
- data/third_party/re2/re2/re2.cc +87 -118
- data/third_party/re2/re2/re2.h +156 -141
- data/third_party/re2/re2/regexp.cc +12 -5
- data/third_party/re2/re2/regexp.h +8 -2
- data/third_party/re2/re2/set.cc +31 -9
- data/third_party/re2/re2/set.h +9 -4
- data/third_party/re2/re2/simplify.cc +11 -3
- data/third_party/re2/re2/tostring.cc +1 -1
- data/third_party/re2/re2/walker-inl.h +1 -1
- data/third_party/re2/util/mutex.h +2 -2
- data/third_party/re2/util/pcre.h +3 -3
- data/third_party/upb/upb/decode.c +129 -60
- data/third_party/upb/upb/decode.h +32 -4
- data/third_party/upb/upb/decode_fast.c +513 -500
- data/third_party/upb/upb/decode_fast.h +27 -0
- data/third_party/upb/upb/{decode.int.h → decode_internal.h} +38 -8
- data/third_party/upb/upb/def.c +171 -181
- data/third_party/upb/upb/def.h +41 -19
- data/third_party/upb/upb/def.hpp +29 -0
- data/third_party/upb/upb/encode.c +49 -16
- data/third_party/upb/upb/encode.h +29 -2
- data/third_party/upb/upb/msg.c +169 -28
- data/third_party/upb/upb/msg.h +75 -580
- data/third_party/upb/upb/msg_internal.h +687 -0
- data/third_party/upb/upb/port_def.inc +85 -24
- data/third_party/upb/upb/port_undef.inc +38 -1
- data/third_party/upb/upb/reflection.c +29 -37
- data/third_party/upb/upb/reflection.h +36 -8
- data/third_party/upb/upb/reflection.hpp +37 -0
- data/third_party/upb/upb/table.c +211 -86
- data/third_party/upb/upb/{table.int.h → table_internal.h} +56 -180
- data/third_party/upb/upb/text_encode.c +32 -4
- data/third_party/upb/upb/text_encode.h +26 -0
- data/third_party/upb/upb/upb.c +59 -8
- data/third_party/upb/upb/upb.h +36 -6
- data/third_party/upb/upb/upb.hpp +24 -0
- data/third_party/upb/upb/upb_internal.h +58 -0
- metadata +102 -87
- data/include/grpc/event_engine/slice_allocator.h +0 -66
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -179
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
- data/src/core/ext/filters/client_channel/service_config_call_data.h +0 -126
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +0 -211
- data/src/core/ext/filters/workarounds/workaround_utils.cc +0 -53
- data/src/core/ext/filters/workarounds/workaround_utils.h +0 -39
- data/src/core/ext/transport/chttp2/client/authority.cc +0 -42
- data/src/core/ext/transport/chttp2/client/authority.h +0 -36
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.cc +0 -66
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +0 -74
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -243
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +0 -66
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +0 -124
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +0 -33
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +0 -77
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +0 -44
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +0 -35
- data/src/core/lib/gpr/tls_gcc.h +0 -52
- data/src/core/lib/gpr/tls_msvc.h +0 -54
- data/src/core/lib/gpr/tls_pthread.h +0 -56
- data/src/core/lib/gpr/tls_stdcpp.h +0 -48
- data/src/core/lib/gprpp/atomic.h +0 -104
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
- data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
- data/src/core/lib/iomgr/pollset_uv.cc +0 -95
- data/src/core/lib/iomgr/pollset_uv.h +0 -36
- data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
- data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
- data/src/core/lib/iomgr/tcp_uv.cc +0 -421
- data/src/core/lib/iomgr/timer_uv.cc +0 -66
- data/src/core/lib/iomgr/udp_server.cc +0 -748
- data/src/core/lib/iomgr/udp_server.h +0 -103
- data/third_party/upb/third_party/wyhash/wyhash.h +0 -145
- data/third_party/upb/upb/upb.int.h +0 -29
|
@@ -110,60 +110,26 @@ extern "C" {
|
|
|
110
110
|
#define X509v3_KU_DECIPHER_ONLY 0x8000
|
|
111
111
|
#define X509v3_KU_UNDEF 0xffff
|
|
112
112
|
|
|
113
|
+
struct X509_algor_st {
|
|
114
|
+
ASN1_OBJECT *algorithm;
|
|
115
|
+
ASN1_TYPE *parameter;
|
|
116
|
+
} /* X509_ALGOR */;
|
|
117
|
+
|
|
118
|
+
DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
|
|
119
|
+
|
|
113
120
|
DEFINE_STACK_OF(X509_ALGOR)
|
|
114
|
-
DECLARE_ASN1_SET_OF(X509_ALGOR)
|
|
115
121
|
|
|
116
122
|
typedef STACK_OF(X509_ALGOR) X509_ALGORS;
|
|
117
123
|
|
|
118
|
-
struct X509_name_entry_st {
|
|
119
|
-
ASN1_OBJECT *object;
|
|
120
|
-
ASN1_STRING *value;
|
|
121
|
-
int set;
|
|
122
|
-
int size; // temp variable
|
|
123
|
-
} /* X509_NAME_ENTRY */;
|
|
124
|
-
|
|
125
124
|
DEFINE_STACK_OF(X509_NAME_ENTRY)
|
|
126
|
-
DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
|
|
127
|
-
|
|
128
|
-
// we always keep X509_NAMEs in 2 forms.
|
|
129
|
-
struct X509_name_st {
|
|
130
|
-
STACK_OF(X509_NAME_ENTRY) *entries;
|
|
131
|
-
int modified; // true if 'bytes' needs to be built
|
|
132
|
-
BUF_MEM *bytes;
|
|
133
|
-
// unsigned long hash; Keep the hash around for lookups
|
|
134
|
-
unsigned char *canon_enc;
|
|
135
|
-
int canon_enclen;
|
|
136
|
-
} /* X509_NAME */;
|
|
137
125
|
|
|
138
126
|
DEFINE_STACK_OF(X509_NAME)
|
|
139
127
|
|
|
140
|
-
struct X509_extension_st {
|
|
141
|
-
ASN1_OBJECT *object;
|
|
142
|
-
ASN1_BOOLEAN critical;
|
|
143
|
-
ASN1_OCTET_STRING *value;
|
|
144
|
-
} /* X509_EXTENSION */;
|
|
145
|
-
|
|
146
128
|
typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
|
|
147
129
|
|
|
148
130
|
DEFINE_STACK_OF(X509_EXTENSION)
|
|
149
|
-
DECLARE_ASN1_SET_OF(X509_EXTENSION)
|
|
150
131
|
|
|
151
132
|
DEFINE_STACK_OF(X509_ATTRIBUTE)
|
|
152
|
-
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
|
|
153
|
-
|
|
154
|
-
struct x509_cinf_st {
|
|
155
|
-
ASN1_INTEGER *version; // [ 0 ] default of v1
|
|
156
|
-
ASN1_INTEGER *serialNumber;
|
|
157
|
-
X509_ALGOR *signature;
|
|
158
|
-
X509_NAME *issuer;
|
|
159
|
-
X509_VAL *validity;
|
|
160
|
-
X509_NAME *subject;
|
|
161
|
-
X509_PUBKEY *key;
|
|
162
|
-
ASN1_BIT_STRING *issuerUID; // [ 1 ] optional in v2
|
|
163
|
-
ASN1_BIT_STRING *subjectUID; // [ 2 ] optional in v2
|
|
164
|
-
STACK_OF(X509_EXTENSION) *extensions; // [ 3 ] optional in v3
|
|
165
|
-
ASN1_ENCODING enc;
|
|
166
|
-
} /* X509_CINF */;
|
|
167
133
|
|
|
168
134
|
// This stuff is certificate "auxiliary info"
|
|
169
135
|
// it contains details which are useful in certificate
|
|
@@ -173,33 +139,7 @@ struct x509_cinf_st {
|
|
|
173
139
|
DECLARE_STACK_OF(DIST_POINT)
|
|
174
140
|
DECLARE_STACK_OF(GENERAL_NAME)
|
|
175
141
|
|
|
176
|
-
struct x509_st {
|
|
177
|
-
X509_CINF *cert_info;
|
|
178
|
-
X509_ALGOR *sig_alg;
|
|
179
|
-
ASN1_BIT_STRING *signature;
|
|
180
|
-
CRYPTO_refcount_t references;
|
|
181
|
-
CRYPTO_EX_DATA ex_data;
|
|
182
|
-
// These contain copies of various extension values
|
|
183
|
-
long ex_pathlen;
|
|
184
|
-
long ex_pcpathlen;
|
|
185
|
-
unsigned long ex_flags;
|
|
186
|
-
unsigned long ex_kusage;
|
|
187
|
-
unsigned long ex_xkusage;
|
|
188
|
-
unsigned long ex_nscert;
|
|
189
|
-
ASN1_OCTET_STRING *skid;
|
|
190
|
-
AUTHORITY_KEYID *akid;
|
|
191
|
-
X509_POLICY_CACHE *policy_cache;
|
|
192
|
-
STACK_OF(DIST_POINT) *crldp;
|
|
193
|
-
STACK_OF(GENERAL_NAME) *altname;
|
|
194
|
-
NAME_CONSTRAINTS *nc;
|
|
195
|
-
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
196
|
-
X509_CERT_AUX *aux;
|
|
197
|
-
CRYPTO_BUFFER *buf;
|
|
198
|
-
CRYPTO_MUTEX lock;
|
|
199
|
-
} /* X509 */;
|
|
200
|
-
|
|
201
142
|
DEFINE_STACK_OF(X509)
|
|
202
|
-
DECLARE_ASN1_SET_OF(X509)
|
|
203
143
|
|
|
204
144
|
// This is used for a table of trust checking functions
|
|
205
145
|
|
|
@@ -266,7 +206,7 @@ DEFINE_STACK_OF(X509_TRUST)
|
|
|
266
206
|
#define XN_FLAG_SEP_MASK (0xf << 16)
|
|
267
207
|
|
|
268
208
|
#define XN_FLAG_COMPAT 0 // Traditional SSLeay: use old X509_NAME_print
|
|
269
|
-
#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) //
|
|
209
|
+
#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) // RFC 2253 ,+
|
|
270
210
|
#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) // ,+ spaced: more readable
|
|
271
211
|
#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) // ;+ spaced
|
|
272
212
|
#define XN_FLAG_SEP_MULTILINE (4 << 16) // One line per field
|
|
@@ -285,13 +225,13 @@ DEFINE_STACK_OF(X509_TRUST)
|
|
|
285
225
|
#define XN_FLAG_SPC_EQ (1 << 23) // Put spaces round '='
|
|
286
226
|
|
|
287
227
|
// This determines if we dump fields we don't recognise:
|
|
288
|
-
//
|
|
228
|
+
// RFC 2253 requires this.
|
|
289
229
|
|
|
290
230
|
#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
|
|
291
231
|
|
|
292
232
|
#define XN_FLAG_FN_ALIGN (1 << 25) // Align field names to 20 characters
|
|
293
233
|
|
|
294
|
-
// Complete set of
|
|
234
|
+
// Complete set of RFC 2253 flags
|
|
295
235
|
|
|
296
236
|
#define XN_FLAG_RFC2253 \
|
|
297
237
|
(ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
|
|
@@ -321,45 +261,10 @@ struct x509_revoked_st {
|
|
|
321
261
|
};
|
|
322
262
|
|
|
323
263
|
DEFINE_STACK_OF(X509_REVOKED)
|
|
324
|
-
DECLARE_ASN1_SET_OF(X509_REVOKED)
|
|
325
|
-
|
|
326
|
-
struct X509_crl_info_st {
|
|
327
|
-
ASN1_INTEGER *version;
|
|
328
|
-
X509_ALGOR *sig_alg;
|
|
329
|
-
X509_NAME *issuer;
|
|
330
|
-
ASN1_TIME *lastUpdate;
|
|
331
|
-
ASN1_TIME *nextUpdate;
|
|
332
|
-
STACK_OF(X509_REVOKED) *revoked;
|
|
333
|
-
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
|
|
334
|
-
ASN1_ENCODING enc;
|
|
335
|
-
} /* X509_CRL_INFO */;
|
|
336
264
|
|
|
337
265
|
DECLARE_STACK_OF(GENERAL_NAMES)
|
|
338
266
|
|
|
339
|
-
struct X509_crl_st {
|
|
340
|
-
// actual signature
|
|
341
|
-
X509_CRL_INFO *crl;
|
|
342
|
-
X509_ALGOR *sig_alg;
|
|
343
|
-
ASN1_BIT_STRING *signature;
|
|
344
|
-
CRYPTO_refcount_t references;
|
|
345
|
-
int flags;
|
|
346
|
-
// Copies of various extensions
|
|
347
|
-
AUTHORITY_KEYID *akid;
|
|
348
|
-
ISSUING_DIST_POINT *idp;
|
|
349
|
-
// Convenient breakdown of IDP
|
|
350
|
-
int idp_flags;
|
|
351
|
-
int idp_reasons;
|
|
352
|
-
// CRL and base CRL numbers for delta processing
|
|
353
|
-
ASN1_INTEGER *crl_number;
|
|
354
|
-
ASN1_INTEGER *base_crl_number;
|
|
355
|
-
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
356
|
-
STACK_OF(GENERAL_NAMES) *issuers;
|
|
357
|
-
const X509_CRL_METHOD *meth;
|
|
358
|
-
void *meth_data;
|
|
359
|
-
} /* X509_CRL */;
|
|
360
|
-
|
|
361
267
|
DEFINE_STACK_OF(X509_CRL)
|
|
362
|
-
DECLARE_ASN1_SET_OF(X509_CRL)
|
|
363
268
|
|
|
364
269
|
struct private_key_st {
|
|
365
270
|
int version;
|
|
@@ -379,7 +284,6 @@ struct private_key_st {
|
|
|
379
284
|
EVP_CIPHER_INFO cipher;
|
|
380
285
|
} /* X509_PKEY */;
|
|
381
286
|
|
|
382
|
-
#ifndef OPENSSL_NO_EVP
|
|
383
287
|
struct X509_info_st {
|
|
384
288
|
X509 *x509;
|
|
385
289
|
X509_CRL *crl;
|
|
@@ -392,7 +296,6 @@ struct X509_info_st {
|
|
|
392
296
|
} /* X509_INFO */;
|
|
393
297
|
|
|
394
298
|
DEFINE_STACK_OF(X509_INFO)
|
|
395
|
-
#endif
|
|
396
299
|
|
|
397
300
|
// The next 2 structures and their 8 routines were sent to me by
|
|
398
301
|
// Pat Richard <patr@x509.com> and are used to manipulate
|
|
@@ -408,16 +311,6 @@ struct Netscape_spki_st {
|
|
|
408
311
|
ASN1_BIT_STRING *signature;
|
|
409
312
|
} /* NETSCAPE_SPKI */;
|
|
410
313
|
|
|
411
|
-
#ifdef __cplusplus
|
|
412
|
-
}
|
|
413
|
-
#endif
|
|
414
|
-
|
|
415
|
-
#include <openssl/x509_vfy.h>
|
|
416
|
-
|
|
417
|
-
#ifdef __cplusplus
|
|
418
|
-
extern "C" {
|
|
419
|
-
#endif
|
|
420
|
-
|
|
421
314
|
// TODO(davidben): Document remaining functions, reorganize them, and define
|
|
422
315
|
// supported patterns for using |X509| objects in general. In particular, when
|
|
423
316
|
// it is safe to call mutating functions is a little tricky due to various
|
|
@@ -503,7 +396,7 @@ OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
|
|
|
503
396
|
#define X509_extract_key(x) X509_get_pubkey(x)
|
|
504
397
|
|
|
505
398
|
// X509_get_pathlen returns path length constraint from the basic constraints
|
|
506
|
-
// extension in |x509|. (See
|
|
399
|
+
// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
|
|
507
400
|
// constraint is not present, or if some extension in |x509| was invalid.
|
|
508
401
|
//
|
|
509
402
|
// Note that decoding an |X509| object will not check for invalid extensions. To
|
|
@@ -617,9 +510,6 @@ OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
|
|
|
617
510
|
// X509_verify_cert_error_string returns |err| as a human-readable string, where
|
|
618
511
|
// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
|
|
619
512
|
// a default description.
|
|
620
|
-
//
|
|
621
|
-
// TODO(davidben): Move this function to x509_vfy.h, with the |X509_V_*|
|
|
622
|
-
// definitions, or fold x509_vfy.h into this function.
|
|
623
513
|
OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
|
|
624
514
|
|
|
625
515
|
// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
|
|
@@ -771,7 +661,6 @@ OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
|
|
|
771
661
|
// copying parts of it as a normal |d2i_X509| call would do.
|
|
772
662
|
OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
|
|
773
663
|
|
|
774
|
-
#ifndef OPENSSL_NO_FP_API
|
|
775
664
|
OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
|
|
776
665
|
OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
|
|
777
666
|
OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
|
|
@@ -805,7 +694,6 @@ OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
|
|
|
805
694
|
OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
|
|
806
695
|
OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
|
|
807
696
|
OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
|
|
808
|
-
#endif
|
|
809
697
|
|
|
810
698
|
OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
|
|
811
699
|
OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
|
|
@@ -907,12 +795,30 @@ OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
|
|
|
907
795
|
OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
|
|
908
796
|
size_t *pderlen);
|
|
909
797
|
|
|
798
|
+
// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
|
|
799
|
+
// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
|
|
800
|
+
// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
|
|
801
|
+
//
|
|
802
|
+
// WARNING: Unlike most comparison functions, this function returns zero on
|
|
803
|
+
// error, not equality.
|
|
910
804
|
OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
|
|
805
|
+
|
|
806
|
+
// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
|
|
807
|
+
// the current time.
|
|
911
808
|
OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
|
|
912
|
-
|
|
809
|
+
|
|
810
|
+
// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
|
|
811
|
+
OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
|
|
812
|
+
time_t *t);
|
|
813
|
+
|
|
814
|
+
// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
|
|
815
|
+
// |t| is NULL, it uses the current time instead of |*t|.
|
|
913
816
|
OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
|
|
914
817
|
long offset_sec, time_t *t);
|
|
915
|
-
|
|
818
|
+
|
|
819
|
+
// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
|
|
820
|
+
// current time.
|
|
821
|
+
OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
|
|
916
822
|
|
|
917
823
|
OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
|
|
918
824
|
OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
|
|
@@ -929,7 +835,15 @@ DECLARE_ASN1_FUNCTIONS(X509_VAL)
|
|
|
929
835
|
|
|
930
836
|
DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
|
|
931
837
|
|
|
838
|
+
// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
|
|
839
|
+
// structure. On success, it frees |*x|, sets |*x| to the new object, and
|
|
840
|
+
// returns one. Otherwise, it returns zero.
|
|
932
841
|
OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
|
|
842
|
+
|
|
843
|
+
// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
|
|
844
|
+
// success, or NULL on error. The caller must release the result with
|
|
845
|
+
// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
|
|
846
|
+
// not mutate the result.
|
|
933
847
|
OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
|
|
934
848
|
|
|
935
849
|
DECLARE_ASN1_FUNCTIONS(X509_SIG)
|
|
@@ -951,10 +865,10 @@ DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
|
|
|
951
865
|
|
|
952
866
|
DECLARE_ASN1_FUNCTIONS(X509_NAME)
|
|
953
867
|
|
|
868
|
+
// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
|
|
869
|
+
// to the copy, and returns one. Otherwise, it returns zero.
|
|
954
870
|
OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
|
|
955
871
|
|
|
956
|
-
DECLARE_ASN1_FUNCTIONS(X509_CINF)
|
|
957
|
-
|
|
958
872
|
DECLARE_ASN1_FUNCTIONS(X509)
|
|
959
873
|
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
|
|
960
874
|
|
|
@@ -1048,7 +962,6 @@ OPENSSL_EXPORT void X509_trust_clear(X509 *x);
|
|
|
1048
962
|
OPENSSL_EXPORT void X509_reject_clear(X509 *x);
|
|
1049
963
|
|
|
1050
964
|
DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
|
|
1051
|
-
DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
|
|
1052
965
|
DECLARE_ASN1_FUNCTIONS(X509_CRL)
|
|
1053
966
|
|
|
1054
967
|
OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
|
|
@@ -1074,9 +987,10 @@ OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
|
|
|
1074
987
|
void *data, unsigned char *md,
|
|
1075
988
|
unsigned int *len);
|
|
1076
989
|
|
|
1077
|
-
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
|
|
1078
|
-
|
|
1079
|
-
|
|
990
|
+
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
|
|
991
|
+
const X509_ALGOR *algor1,
|
|
992
|
+
const ASN1_BIT_STRING *signature,
|
|
993
|
+
void *data, EVP_PKEY *pkey);
|
|
1080
994
|
|
|
1081
995
|
OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|
1082
996
|
X509_ALGOR *algor2,
|
|
@@ -1158,7 +1072,7 @@ OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
|
|
|
1158
1072
|
// a known NID.
|
|
1159
1073
|
OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
|
|
1160
1074
|
|
|
1161
|
-
// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see
|
|
1075
|
+
// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
|
|
1162
1076
|
// portion of |req|. If |outp| is NULL, nothing is written. Otherwise, if
|
|
1163
1077
|
// |*outp| is not NULL, the result is written to |*outp|, which must have enough
|
|
1164
1078
|
// space available, and |*outp| is advanced just past the output. If |outp| is
|
|
@@ -1185,7 +1099,7 @@ OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
|
|
|
1185
1099
|
|
|
1186
1100
|
// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
|
|
1187
1101
|
// for carrying extensions and zero otherwise. The supported types are
|
|
1188
|
-
// |NID_ext_req| (pkcs-9-at-extensionRequest from
|
|
1102
|
+
// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
|
|
1189
1103
|
// (a Microsoft szOID_CERT_EXTENSIONS variant).
|
|
1190
1104
|
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
|
1191
1105
|
|
|
@@ -1193,7 +1107,7 @@ OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
|
|
1193
1107
|
// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
|
|
1194
1108
|
// It returns NULL on error, or if |req| did not request extensions.
|
|
1195
1109
|
//
|
|
1196
|
-
// This function supports both pkcs-9-at-extensionRequest from
|
|
1110
|
+
// This function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
|
|
1197
1111
|
// Microsoft szOID_CERT_EXTENSIONS variant.
|
|
1198
1112
|
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
|
1199
1113
|
|
|
@@ -1413,7 +1327,6 @@ OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
|
|
|
1413
1327
|
|
|
1414
1328
|
OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
|
|
1415
1329
|
OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
|
|
1416
|
-
#ifndef OPENSSL_NO_FP_API
|
|
1417
1330
|
OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
|
|
1418
1331
|
unsigned long cflag);
|
|
1419
1332
|
OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x);
|
|
@@ -1421,7 +1334,6 @@ OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
|
|
|
1421
1334
|
OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
|
|
1422
1335
|
OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
|
|
1423
1336
|
int indent, unsigned long flags);
|
|
1424
|
-
#endif
|
|
1425
1337
|
|
|
1426
1338
|
OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
|
|
1427
1339
|
OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
|
|
@@ -1486,28 +1398,90 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
|
1486
1398
|
const X509_NAME_ENTRY *ne);
|
|
1487
1399
|
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
|
1488
1400
|
|
|
1401
|
+
// X509v3_get_ext_count returns the number of extensions in |x|.
|
|
1489
1402
|
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
|
1403
|
+
|
|
1404
|
+
// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
|
|
1405
|
+
// type |nid|, or a negative number if not found. If found, callers can use
|
|
1406
|
+
// |X509v3_get_ext| to look up the extension by index.
|
|
1407
|
+
//
|
|
1408
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1409
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
|
1410
|
+
// passing the previously-returned value until no match is returned.
|
|
1490
1411
|
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
|
1491
1412
|
int nid, int lastpos);
|
|
1413
|
+
|
|
1414
|
+
// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
|
|
1415
|
+
// extensions matching |obj|.
|
|
1492
1416
|
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
|
1493
1417
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1418
|
+
|
|
1419
|
+
// X509v3_get_ext_by_critical returns the index of the first extension in |x|
|
|
1420
|
+
// whose critical bit matches |crit|, or a negative number if no such extension
|
|
1421
|
+
// was found.
|
|
1422
|
+
//
|
|
1423
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1424
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
|
1425
|
+
// passing the previously-returned value until no match is returned.
|
|
1494
1426
|
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
|
1495
1427
|
int crit, int lastpos);
|
|
1428
|
+
|
|
1429
|
+
// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
|
|
1430
|
+
// is out of bounds.
|
|
1496
1431
|
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
|
|
1497
1432
|
int loc);
|
|
1433
|
+
|
|
1434
|
+
// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
|
|
1435
|
+
// removed extension, or NULL if |loc| was out of bounds. If an extension was
|
|
1436
|
+
// returned, the caller must release it with |X509_EXTENSION_free|.
|
|
1498
1437
|
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
|
|
1499
1438
|
int loc);
|
|
1439
|
+
|
|
1440
|
+
// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
|
|
1441
|
+
// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
|
|
1442
|
+
// |*x| to the new list. It returns |*x| on success and NULL on error. The
|
|
1443
|
+
// caller retains ownership of |ex| and can release it independently of |*x|.
|
|
1444
|
+
//
|
|
1445
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1446
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1447
|
+
// list.
|
|
1500
1448
|
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
|
|
1501
1449
|
STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
|
|
1502
1450
|
|
|
1451
|
+
// X509_get_ext_count returns the number of extensions in |x|.
|
|
1503
1452
|
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
|
1453
|
+
|
|
1454
|
+
// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
|
1455
|
+
// extensions in |x|.
|
|
1504
1456
|
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
|
1457
|
+
|
|
1458
|
+
// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
|
1459
|
+
// extensions in |x|.
|
|
1505
1460
|
OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
|
|
1506
1461
|
int lastpos);
|
|
1462
|
+
|
|
1463
|
+
// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
|
1464
|
+
// searches for extensions in |x|.
|
|
1507
1465
|
OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
|
1508
1466
|
int lastpos);
|
|
1467
|
+
|
|
1468
|
+
// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
|
|
1469
|
+
// out of bounds.
|
|
1509
1470
|
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
|
1471
|
+
|
|
1472
|
+
// X509_delete_ext removes the extension in |x| at index |loc| and returns the
|
|
1473
|
+
// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
|
1474
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
|
1475
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
|
1510
1476
|
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
1477
|
+
|
|
1478
|
+
// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
|
|
1479
|
+
// on failure. The caller retains ownership of |ex| and can release it
|
|
1480
|
+
// independently of |x|.
|
|
1481
|
+
//
|
|
1482
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1483
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1484
|
+
// list.
|
|
1511
1485
|
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
1512
1486
|
|
|
1513
1487
|
// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
|
|
@@ -1527,15 +1501,41 @@ OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
|
|
|
1527
1501
|
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
|
1528
1502
|
unsigned long flags);
|
|
1529
1503
|
|
|
1504
|
+
// X509_CRL_get_ext_count returns the number of extensions in |x|.
|
|
1530
1505
|
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
|
1506
|
+
|
|
1507
|
+
// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
|
1508
|
+
// extensions in |x|.
|
|
1531
1509
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
|
1532
1510
|
int lastpos);
|
|
1511
|
+
|
|
1512
|
+
// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
|
1513
|
+
// extensions in |x|.
|
|
1533
1514
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
|
1534
1515
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1516
|
+
|
|
1517
|
+
// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
|
1518
|
+
// searches for extensions in |x|.
|
|
1535
1519
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
1536
1520
|
int lastpos);
|
|
1521
|
+
|
|
1522
|
+
// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
|
|
1523
|
+
// |loc| is out of bounds.
|
|
1537
1524
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
|
1525
|
+
|
|
1526
|
+
// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
|
|
1527
|
+
// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
|
1528
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
|
1529
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
|
1538
1530
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
1531
|
+
|
|
1532
|
+
// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
|
|
1533
|
+
// zero on failure. The caller retains ownership of |ex| and can release it
|
|
1534
|
+
// independently of |x|.
|
|
1535
|
+
//
|
|
1536
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1537
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1538
|
+
// list.
|
|
1539
1539
|
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
1540
1540
|
|
|
1541
1541
|
// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
|
@@ -1555,18 +1555,45 @@ OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
|
|
|
1555
1555
|
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
|
1556
1556
|
int crit, unsigned long flags);
|
|
1557
1557
|
|
|
1558
|
+
// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
|
|
1558
1559
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
|
|
1560
|
+
|
|
1561
|
+
// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
|
|
1562
|
+
// for extensions in |x|.
|
|
1559
1563
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
|
|
1560
1564
|
int lastpos);
|
|
1565
|
+
|
|
1566
|
+
// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
|
|
1567
|
+
// for extensions in |x|.
|
|
1561
1568
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
|
|
1562
1569
|
const ASN1_OBJECT *obj,
|
|
1563
1570
|
int lastpos);
|
|
1571
|
+
|
|
1572
|
+
// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
|
|
1573
|
+
// but searches for extensions in |x|.
|
|
1564
1574
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
|
|
1565
1575
|
int crit, int lastpos);
|
|
1576
|
+
|
|
1577
|
+
// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
|
|
1578
|
+
// |loc| is out of bounds.
|
|
1566
1579
|
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
|
|
1567
1580
|
int loc);
|
|
1581
|
+
|
|
1582
|
+
// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
|
|
1583
|
+
// returns the removed extension, or NULL if |loc| was out of bounds. If
|
|
1584
|
+
// non-NULL, the caller must release the result with |X509_EXTENSION_free|. It
|
|
1585
|
+
// is also safe, but not necessary, to call |X509_EXTENSION_free| if the result
|
|
1586
|
+
// is NULL.
|
|
1568
1587
|
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
|
1569
1588
|
int loc);
|
|
1589
|
+
|
|
1590
|
+
// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
|
|
1591
|
+
// and zero on failure. The caller retains ownership of |ex| and can release it
|
|
1592
|
+
// independently of |x|.
|
|
1593
|
+
//
|
|
1594
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
|
1595
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
|
1596
|
+
// list.
|
|
1570
1597
|
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
|
1571
1598
|
int loc);
|
|
1572
1599
|
|
|
@@ -1589,43 +1616,103 @@ OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
|
|
1589
1616
|
void *value, int crit,
|
|
1590
1617
|
unsigned long flags);
|
|
1591
1618
|
|
|
1619
|
+
// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
|
|
1620
|
+
// value |data|, and critical bit |crit|. It returns the newly-allocated
|
|
1621
|
+
// |X509_EXTENSION| on success, and false on error. |nid| should be a |NID_*|
|
|
1622
|
+
// constant.
|
|
1623
|
+
//
|
|
1624
|
+
// If |ex| and |*ex| are both non-NULL, it modifies and returns |*ex| instead of
|
|
1625
|
+
// creating a new object. If |ex| is non-NULL, but |*ex| is NULL, it sets |*ex|
|
|
1626
|
+
// to the new |X509_EXTENSION|, in addition to returning the result.
|
|
1592
1627
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
|
|
1593
1628
|
X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
|
|
1629
|
+
|
|
1630
|
+
// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
|
|
1631
|
+
// the extension type is determined by an |ASN1_OBJECT|.
|
|
1594
1632
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
|
|
1595
1633
|
X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
|
|
1596
1634
|
const ASN1_OCTET_STRING *data);
|
|
1635
|
+
|
|
1636
|
+
// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
|
|
1637
|
+
// on success and zero on error.
|
|
1597
1638
|
OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
|
|
1598
1639
|
const ASN1_OBJECT *obj);
|
|
1640
|
+
|
|
1641
|
+
// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
|
|
1642
|
+
// to non-critical if |crit| is zero.
|
|
1599
1643
|
OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
|
|
1644
|
+
|
|
1645
|
+
// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
|
|
1646
|
+
// returns one on success and zero on error.
|
|
1600
1647
|
OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
|
|
1601
1648
|
const ASN1_OCTET_STRING *data);
|
|
1649
|
+
|
|
1650
|
+
// X509_EXTENSION_get_object returns |ex|'s extension type.
|
|
1602
1651
|
OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
1652
|
+
|
|
1653
|
+
// X509_EXTENSION_get_data returns |ne|'s extension value.
|
|
1603
1654
|
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
|
1604
|
-
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
|
1605
1655
|
|
|
1656
|
+
// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
|
|
1657
|
+
// otherwise.
|
|
1658
|
+
OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
|
|
1659
|
+
|
|
1660
|
+
// X509at_get_attr_count returns the number of attributes in |x|.
|
|
1606
1661
|
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
|
|
1662
|
+
|
|
1663
|
+
// X509at_get_attr_by_NID returns the index of the attribute in |x| of type
|
|
1664
|
+
// |nid|, or a negative number if not found. If found, callers can use
|
|
1665
|
+
// |X509at_get_attr| to look up the attribute by index.
|
|
1666
|
+
//
|
|
1667
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
|
1668
|
+
// can thus loop over all matching attributes by first passing -1 and then
|
|
1669
|
+
// passing the previously-returned value until no match is returned.
|
|
1607
1670
|
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
|
|
1608
1671
|
int nid, int lastpos);
|
|
1672
|
+
|
|
1673
|
+
// X509at_get_attr_by_OBJ behaves like |X509at_get_attr_by_NID| but looks for
|
|
1674
|
+
// attributes of type |obj|.
|
|
1609
1675
|
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
|
|
1610
1676
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1677
|
+
|
|
1678
|
+
// X509at_get_attr returns the attribute at index |loc| in |x|, or NULL if
|
|
1679
|
+
// out of bounds.
|
|
1611
1680
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
|
1612
1681
|
const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
|
1682
|
+
|
|
1683
|
+
// X509at_delete_attr removes the attribute at index |loc| in |x|. It returns
|
|
1684
|
+
// the removed attribute to the caller, or NULL if |loc| was out of bounds. If
|
|
1685
|
+
// non-NULL, the caller must release the result with |X509_ATTRIBUTE_free| when
|
|
1686
|
+
// done. It is also safe, but not necessary, to call |X509_ATTRIBUTE_free| if
|
|
1687
|
+
// the result is NULL.
|
|
1613
1688
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1614
1689
|
int loc);
|
|
1690
|
+
|
|
1691
|
+
// X509at_add1_attr appends a copy of |attr| to the attribute list in |*x|. If
|
|
1692
|
+
// |*x| is NULL, it allocates a new |STACK_OF(X509_ATTRIBUTE)| to hold the copy
|
|
1693
|
+
// and sets |*x| to the new list. It returns |*x| on success and NULL on error.
|
|
1694
|
+
// The caller retains ownership of |attr| and can release it independently of
|
|
1695
|
+
// |*x|.
|
|
1615
1696
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
|
|
1616
1697
|
STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
|
|
1698
|
+
|
|
1699
|
+
// X509at_add1_attr_by_OBJ behaves like |X509at_add1_attr|, but adds an
|
|
1700
|
+
// attribute created by |X509_ATTRIBUTE_create_by_OBJ|.
|
|
1617
1701
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
|
|
1618
1702
|
STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
|
|
1619
1703
|
const unsigned char *bytes, int len);
|
|
1704
|
+
|
|
1705
|
+
// X509at_add1_attr_by_NID behaves like |X509at_add1_attr|, but adds an
|
|
1706
|
+
// attribute created by |X509_ATTRIBUTE_create_by_NID|.
|
|
1620
1707
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
|
|
1621
1708
|
STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
|
|
1622
1709
|
int len);
|
|
1710
|
+
|
|
1711
|
+
// X509at_add1_attr_by_txt behaves like |X509at_add1_attr|, but adds an
|
|
1712
|
+
// attribute created by |X509_ATTRIBUTE_create_by_txt|.
|
|
1623
1713
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
|
|
1624
1714
|
STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
|
|
1625
1715
|
const unsigned char *bytes, int len);
|
|
1626
|
-
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1627
|
-
ASN1_OBJECT *obj, int lastpos,
|
|
1628
|
-
int type);
|
|
1629
1716
|
|
|
1630
1717
|
// X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of
|
|
1631
1718
|
// type |nid|, or NULL on error. The value is determined as in
|
|
@@ -1785,15 +1872,498 @@ OPENSSL_EXPORT char *X509_TRUST_get0_name(const X509_TRUST *xp);
|
|
|
1785
1872
|
OPENSSL_EXPORT int X509_TRUST_get_trust(const X509_TRUST *xp);
|
|
1786
1873
|
|
|
1787
1874
|
|
|
1788
|
-
|
|
1875
|
+
struct rsa_pss_params_st {
|
|
1789
1876
|
X509_ALGOR *hashAlgorithm;
|
|
1790
1877
|
X509_ALGOR *maskGenAlgorithm;
|
|
1791
1878
|
ASN1_INTEGER *saltLength;
|
|
1792
1879
|
ASN1_INTEGER *trailerField;
|
|
1793
|
-
|
|
1880
|
+
// OpenSSL caches the MGF hash on |RSA_PSS_PARAMS| in some cases. None of the
|
|
1881
|
+
// cases apply to BoringSSL, so this is always NULL, but Node expects the
|
|
1882
|
+
// field to be present.
|
|
1883
|
+
X509_ALGOR *maskHash;
|
|
1884
|
+
} /* RSA_PSS_PARAMS */;
|
|
1794
1885
|
|
|
1795
1886
|
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
|
1796
1887
|
|
|
1888
|
+
/*
|
|
1889
|
+
SSL_CTX -> X509_STORE
|
|
1890
|
+
-> X509_LOOKUP
|
|
1891
|
+
->X509_LOOKUP_METHOD
|
|
1892
|
+
-> X509_LOOKUP
|
|
1893
|
+
->X509_LOOKUP_METHOD
|
|
1894
|
+
|
|
1895
|
+
SSL -> X509_STORE_CTX
|
|
1896
|
+
->X509_STORE
|
|
1897
|
+
|
|
1898
|
+
The X509_STORE holds the tables etc for verification stuff.
|
|
1899
|
+
A X509_STORE_CTX is used while validating a single certificate.
|
|
1900
|
+
The X509_STORE has X509_LOOKUPs for looking up certs.
|
|
1901
|
+
The X509_STORE then calls a function to actually verify the
|
|
1902
|
+
certificate chain.
|
|
1903
|
+
*/
|
|
1904
|
+
|
|
1905
|
+
#define X509_LU_X509 1
|
|
1906
|
+
#define X509_LU_CRL 2
|
|
1907
|
+
#define X509_LU_PKEY 3
|
|
1908
|
+
|
|
1909
|
+
DEFINE_STACK_OF(X509_LOOKUP)
|
|
1910
|
+
DEFINE_STACK_OF(X509_OBJECT)
|
|
1911
|
+
DEFINE_STACK_OF(X509_VERIFY_PARAM)
|
|
1912
|
+
|
|
1913
|
+
typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
|
|
1914
|
+
typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
|
|
1915
|
+
typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer, X509_STORE_CTX *ctx,
|
|
1916
|
+
X509 *x);
|
|
1917
|
+
typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx, X509 *x,
|
|
1918
|
+
X509 *issuer);
|
|
1919
|
+
typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
|
|
1920
|
+
typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx, X509_CRL **crl,
|
|
1921
|
+
X509 *x);
|
|
1922
|
+
typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
|
|
1923
|
+
typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl,
|
|
1924
|
+
X509 *x);
|
|
1925
|
+
typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
|
|
1926
|
+
typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
|
|
1927
|
+
X509_NAME *nm);
|
|
1928
|
+
typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(
|
|
1929
|
+
X509_STORE_CTX *ctx, X509_NAME *nm);
|
|
1930
|
+
typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
|
|
1931
|
+
|
|
1932
|
+
OPENSSL_EXPORT int X509_STORE_set_depth(X509_STORE *store, int depth);
|
|
1933
|
+
|
|
1934
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
|
1935
|
+
|
|
1936
|
+
#define X509_STORE_CTX_set_app_data(ctx, data) \
|
|
1937
|
+
X509_STORE_CTX_set_ex_data(ctx, 0, data)
|
|
1938
|
+
#define X509_STORE_CTX_get_app_data(ctx) X509_STORE_CTX_get_ex_data(ctx, 0)
|
|
1939
|
+
|
|
1940
|
+
#define X509_L_FILE_LOAD 1
|
|
1941
|
+
#define X509_L_ADD_DIR 2
|
|
1942
|
+
|
|
1943
|
+
#define X509_LOOKUP_load_file(x, name, type) \
|
|
1944
|
+
X509_LOOKUP_ctrl((x), X509_L_FILE_LOAD, (name), (long)(type), NULL)
|
|
1945
|
+
|
|
1946
|
+
#define X509_LOOKUP_add_dir(x, name, type) \
|
|
1947
|
+
X509_LOOKUP_ctrl((x), X509_L_ADD_DIR, (name), (long)(type), NULL)
|
|
1948
|
+
|
|
1949
|
+
#define X509_V_OK 0
|
|
1950
|
+
#define X509_V_ERR_UNSPECIFIED 1
|
|
1951
|
+
|
|
1952
|
+
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
|
|
1953
|
+
#define X509_V_ERR_UNABLE_TO_GET_CRL 3
|
|
1954
|
+
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
|
|
1955
|
+
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
|
|
1956
|
+
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
|
|
1957
|
+
#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
|
|
1958
|
+
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
|
|
1959
|
+
#define X509_V_ERR_CERT_NOT_YET_VALID 9
|
|
1960
|
+
#define X509_V_ERR_CERT_HAS_EXPIRED 10
|
|
1961
|
+
#define X509_V_ERR_CRL_NOT_YET_VALID 11
|
|
1962
|
+
#define X509_V_ERR_CRL_HAS_EXPIRED 12
|
|
1963
|
+
#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
|
|
1964
|
+
#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
|
|
1965
|
+
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
|
|
1966
|
+
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
|
|
1967
|
+
#define X509_V_ERR_OUT_OF_MEM 17
|
|
1968
|
+
#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
|
|
1969
|
+
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
|
|
1970
|
+
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
|
|
1971
|
+
#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
|
|
1972
|
+
#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
|
|
1973
|
+
#define X509_V_ERR_CERT_REVOKED 23
|
|
1974
|
+
#define X509_V_ERR_INVALID_CA 24
|
|
1975
|
+
#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
|
|
1976
|
+
#define X509_V_ERR_INVALID_PURPOSE 26
|
|
1977
|
+
#define X509_V_ERR_CERT_UNTRUSTED 27
|
|
1978
|
+
#define X509_V_ERR_CERT_REJECTED 28
|
|
1979
|
+
// These are 'informational' when looking for issuer cert
|
|
1980
|
+
#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
|
|
1981
|
+
#define X509_V_ERR_AKID_SKID_MISMATCH 30
|
|
1982
|
+
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
|
|
1983
|
+
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
|
|
1984
|
+
|
|
1985
|
+
#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
|
|
1986
|
+
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
|
|
1987
|
+
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
|
|
1988
|
+
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
|
|
1989
|
+
#define X509_V_ERR_INVALID_NON_CA 37
|
|
1990
|
+
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
|
|
1991
|
+
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
|
|
1992
|
+
#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
|
|
1993
|
+
|
|
1994
|
+
#define X509_V_ERR_INVALID_EXTENSION 41
|
|
1995
|
+
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
|
|
1996
|
+
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
|
|
1997
|
+
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
|
|
1998
|
+
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
|
|
1999
|
+
|
|
2000
|
+
#define X509_V_ERR_UNNESTED_RESOURCE 46
|
|
2001
|
+
|
|
2002
|
+
#define X509_V_ERR_PERMITTED_VIOLATION 47
|
|
2003
|
+
#define X509_V_ERR_EXCLUDED_VIOLATION 48
|
|
2004
|
+
#define X509_V_ERR_SUBTREE_MINMAX 49
|
|
2005
|
+
#define X509_V_ERR_APPLICATION_VERIFICATION 50
|
|
2006
|
+
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
|
|
2007
|
+
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
|
|
2008
|
+
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
|
|
2009
|
+
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
|
|
2010
|
+
|
|
2011
|
+
// Suite B mode algorithm violation
|
|
2012
|
+
#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
|
|
2013
|
+
#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
|
|
2014
|
+
#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
|
|
2015
|
+
#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
|
|
2016
|
+
#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
|
|
2017
|
+
#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
|
|
2018
|
+
|
|
2019
|
+
// Host, email and IP check errors
|
|
2020
|
+
#define X509_V_ERR_HOSTNAME_MISMATCH 62
|
|
2021
|
+
#define X509_V_ERR_EMAIL_MISMATCH 63
|
|
2022
|
+
#define X509_V_ERR_IP_ADDRESS_MISMATCH 64
|
|
2023
|
+
|
|
2024
|
+
// Caller error
|
|
2025
|
+
#define X509_V_ERR_INVALID_CALL 65
|
|
2026
|
+
// Issuer lookup error
|
|
2027
|
+
#define X509_V_ERR_STORE_LOOKUP 66
|
|
2028
|
+
|
|
2029
|
+
#define X509_V_ERR_NAME_CONSTRAINTS_WITHOUT_SANS 67
|
|
2030
|
+
|
|
2031
|
+
// Certificate verify flags
|
|
2032
|
+
|
|
2033
|
+
// Send issuer+subject checks to verify_cb
|
|
2034
|
+
#define X509_V_FLAG_CB_ISSUER_CHECK 0x1
|
|
2035
|
+
// Use check time instead of current time
|
|
2036
|
+
#define X509_V_FLAG_USE_CHECK_TIME 0x2
|
|
2037
|
+
// Lookup CRLs
|
|
2038
|
+
#define X509_V_FLAG_CRL_CHECK 0x4
|
|
2039
|
+
// Lookup CRLs for whole chain
|
|
2040
|
+
#define X509_V_FLAG_CRL_CHECK_ALL 0x8
|
|
2041
|
+
// Ignore unhandled critical extensions
|
|
2042
|
+
#define X509_V_FLAG_IGNORE_CRITICAL 0x10
|
|
2043
|
+
// Does nothing as its functionality has been enabled by default.
|
|
2044
|
+
#define X509_V_FLAG_X509_STRICT 0x00
|
|
2045
|
+
// Enable proxy certificate validation
|
|
2046
|
+
#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
|
|
2047
|
+
// Enable policy checking
|
|
2048
|
+
#define X509_V_FLAG_POLICY_CHECK 0x80
|
|
2049
|
+
// Policy variable require-explicit-policy
|
|
2050
|
+
#define X509_V_FLAG_EXPLICIT_POLICY 0x100
|
|
2051
|
+
// Policy variable inhibit-any-policy
|
|
2052
|
+
#define X509_V_FLAG_INHIBIT_ANY 0x200
|
|
2053
|
+
// Policy variable inhibit-policy-mapping
|
|
2054
|
+
#define X509_V_FLAG_INHIBIT_MAP 0x400
|
|
2055
|
+
// Notify callback that policy is OK
|
|
2056
|
+
#define X509_V_FLAG_NOTIFY_POLICY 0x800
|
|
2057
|
+
// Extended CRL features such as indirect CRLs, alternate CRL signing keys
|
|
2058
|
+
#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
|
|
2059
|
+
// Delta CRL support
|
|
2060
|
+
#define X509_V_FLAG_USE_DELTAS 0x2000
|
|
2061
|
+
// Check selfsigned CA signature
|
|
2062
|
+
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
|
2063
|
+
// Use trusted store first
|
|
2064
|
+
#define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
|
2065
|
+
// Suite B 128 bit only mode: not normally used
|
|
2066
|
+
#define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
|
|
2067
|
+
// Suite B 192 bit only mode
|
|
2068
|
+
#define X509_V_FLAG_SUITEB_192_LOS 0x20000
|
|
2069
|
+
// Suite B 128 bit mode allowing 192 bit algorithms
|
|
2070
|
+
#define X509_V_FLAG_SUITEB_128_LOS 0x30000
|
|
2071
|
+
|
|
2072
|
+
// Allow partial chains if at least one certificate is in trusted store
|
|
2073
|
+
#define X509_V_FLAG_PARTIAL_CHAIN 0x80000
|
|
2074
|
+
|
|
2075
|
+
// If the initial chain is not trusted, do not attempt to build an alternative
|
|
2076
|
+
// chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
|
|
2077
|
+
// will force the behaviour to match that of previous versions.
|
|
2078
|
+
#define X509_V_FLAG_NO_ALT_CHAINS 0x100000
|
|
2079
|
+
|
|
2080
|
+
#define X509_VP_FLAG_DEFAULT 0x1
|
|
2081
|
+
#define X509_VP_FLAG_OVERWRITE 0x2
|
|
2082
|
+
#define X509_VP_FLAG_RESET_FLAGS 0x4
|
|
2083
|
+
#define X509_VP_FLAG_LOCKED 0x8
|
|
2084
|
+
#define X509_VP_FLAG_ONCE 0x10
|
|
2085
|
+
|
|
2086
|
+
// Internal use: mask of policy related options
|
|
2087
|
+
#define X509_V_FLAG_POLICY_MASK \
|
|
2088
|
+
(X509_V_FLAG_POLICY_CHECK | X509_V_FLAG_EXPLICIT_POLICY | \
|
|
2089
|
+
X509_V_FLAG_INHIBIT_ANY | X509_V_FLAG_INHIBIT_MAP)
|
|
2090
|
+
|
|
2091
|
+
OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h,
|
|
2092
|
+
int type, X509_NAME *name);
|
|
2093
|
+
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(
|
|
2094
|
+
STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name);
|
|
2095
|
+
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
|
|
2096
|
+
X509_OBJECT *x);
|
|
2097
|
+
OPENSSL_EXPORT int X509_OBJECT_up_ref_count(X509_OBJECT *a);
|
|
2098
|
+
OPENSSL_EXPORT void X509_OBJECT_free_contents(X509_OBJECT *a);
|
|
2099
|
+
OPENSSL_EXPORT int X509_OBJECT_get_type(const X509_OBJECT *a);
|
|
2100
|
+
OPENSSL_EXPORT X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
|
|
2101
|
+
OPENSSL_EXPORT X509_STORE *X509_STORE_new(void);
|
|
2102
|
+
OPENSSL_EXPORT int X509_STORE_up_ref(X509_STORE *store);
|
|
2103
|
+
OPENSSL_EXPORT void X509_STORE_free(X509_STORE *v);
|
|
2104
|
+
|
|
2105
|
+
OPENSSL_EXPORT STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st);
|
|
2106
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st,
|
|
2107
|
+
X509_NAME *nm);
|
|
2108
|
+
OPENSSL_EXPORT STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st,
|
|
2109
|
+
X509_NAME *nm);
|
|
2110
|
+
OPENSSL_EXPORT int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
|
|
2111
|
+
OPENSSL_EXPORT int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
|
|
2112
|
+
OPENSSL_EXPORT int X509_STORE_set_trust(X509_STORE *ctx, int trust);
|
|
2113
|
+
OPENSSL_EXPORT int X509_STORE_set1_param(X509_STORE *ctx,
|
|
2114
|
+
X509_VERIFY_PARAM *pm);
|
|
2115
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);
|
|
2116
|
+
|
|
2117
|
+
OPENSSL_EXPORT void X509_STORE_set_verify(X509_STORE *ctx,
|
|
2118
|
+
X509_STORE_CTX_verify_fn verify);
|
|
2119
|
+
#define X509_STORE_set_verify_func(ctx, func) \
|
|
2120
|
+
X509_STORE_set_verify((ctx), (func))
|
|
2121
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,
|
|
2122
|
+
X509_STORE_CTX_verify_fn verify);
|
|
2123
|
+
OPENSSL_EXPORT X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx);
|
|
2124
|
+
OPENSSL_EXPORT void X509_STORE_set_verify_cb(
|
|
2125
|
+
X509_STORE *ctx, X509_STORE_CTX_verify_cb verify_cb);
|
|
2126
|
+
#define X509_STORE_set_verify_cb_func(ctx, func) \
|
|
2127
|
+
X509_STORE_set_verify_cb((ctx), (func))
|
|
2128
|
+
OPENSSL_EXPORT X509_STORE_CTX_verify_cb
|
|
2129
|
+
X509_STORE_get_verify_cb(X509_STORE *ctx);
|
|
2130
|
+
OPENSSL_EXPORT void X509_STORE_set_get_issuer(
|
|
2131
|
+
X509_STORE *ctx, X509_STORE_CTX_get_issuer_fn get_issuer);
|
|
2132
|
+
OPENSSL_EXPORT X509_STORE_CTX_get_issuer_fn
|
|
2133
|
+
X509_STORE_get_get_issuer(X509_STORE *ctx);
|
|
2134
|
+
OPENSSL_EXPORT void X509_STORE_set_check_issued(
|
|
2135
|
+
X509_STORE *ctx, X509_STORE_CTX_check_issued_fn check_issued);
|
|
2136
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_issued_fn
|
|
2137
|
+
X509_STORE_get_check_issued(X509_STORE *ctx);
|
|
2138
|
+
OPENSSL_EXPORT void X509_STORE_set_check_revocation(
|
|
2139
|
+
X509_STORE *ctx, X509_STORE_CTX_check_revocation_fn check_revocation);
|
|
2140
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_revocation_fn
|
|
2141
|
+
X509_STORE_get_check_revocation(X509_STORE *ctx);
|
|
2142
|
+
OPENSSL_EXPORT void X509_STORE_set_get_crl(X509_STORE *ctx,
|
|
2143
|
+
X509_STORE_CTX_get_crl_fn get_crl);
|
|
2144
|
+
OPENSSL_EXPORT X509_STORE_CTX_get_crl_fn
|
|
2145
|
+
X509_STORE_get_get_crl(X509_STORE *ctx);
|
|
2146
|
+
OPENSSL_EXPORT void X509_STORE_set_check_crl(
|
|
2147
|
+
X509_STORE *ctx, X509_STORE_CTX_check_crl_fn check_crl);
|
|
2148
|
+
OPENSSL_EXPORT X509_STORE_CTX_check_crl_fn
|
|
2149
|
+
X509_STORE_get_check_crl(X509_STORE *ctx);
|
|
2150
|
+
OPENSSL_EXPORT void X509_STORE_set_cert_crl(
|
|
2151
|
+
X509_STORE *ctx, X509_STORE_CTX_cert_crl_fn cert_crl);
|
|
2152
|
+
OPENSSL_EXPORT X509_STORE_CTX_cert_crl_fn
|
|
2153
|
+
X509_STORE_get_cert_crl(X509_STORE *ctx);
|
|
2154
|
+
OPENSSL_EXPORT void X509_STORE_set_lookup_certs(
|
|
2155
|
+
X509_STORE *ctx, X509_STORE_CTX_lookup_certs_fn lookup_certs);
|
|
2156
|
+
OPENSSL_EXPORT X509_STORE_CTX_lookup_certs_fn
|
|
2157
|
+
X509_STORE_get_lookup_certs(X509_STORE *ctx);
|
|
2158
|
+
OPENSSL_EXPORT void X509_STORE_set_lookup_crls(
|
|
2159
|
+
X509_STORE *ctx, X509_STORE_CTX_lookup_crls_fn lookup_crls);
|
|
2160
|
+
#define X509_STORE_set_lookup_crls_cb(ctx, func) \
|
|
2161
|
+
X509_STORE_set_lookup_crls((ctx), (func))
|
|
2162
|
+
OPENSSL_EXPORT X509_STORE_CTX_lookup_crls_fn
|
|
2163
|
+
X509_STORE_get_lookup_crls(X509_STORE *ctx);
|
|
2164
|
+
OPENSSL_EXPORT void X509_STORE_set_cleanup(X509_STORE *ctx,
|
|
2165
|
+
X509_STORE_CTX_cleanup_fn cleanup);
|
|
2166
|
+
OPENSSL_EXPORT X509_STORE_CTX_cleanup_fn
|
|
2167
|
+
X509_STORE_get_cleanup(X509_STORE *ctx);
|
|
2168
|
+
|
|
2169
|
+
OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_new(void);
|
|
2170
|
+
|
|
2171
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get1_issuer(X509 **issuer,
|
|
2172
|
+
X509_STORE_CTX *ctx, X509 *x);
|
|
2173
|
+
|
|
2174
|
+
OPENSSL_EXPORT void X509_STORE_CTX_zero(X509_STORE_CTX *ctx);
|
|
2175
|
+
OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
|
|
2176
|
+
OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
|
|
2177
|
+
X509 *x509, STACK_OF(X509) *chain);
|
|
2178
|
+
OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx,
|
|
2179
|
+
STACK_OF(X509) *sk);
|
|
2180
|
+
OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
|
|
2181
|
+
|
|
2182
|
+
OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
|
|
2183
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
|
|
2184
|
+
|
|
2185
|
+
OPENSSL_EXPORT X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v,
|
|
2186
|
+
X509_LOOKUP_METHOD *m);
|
|
2187
|
+
|
|
2188
|
+
OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
|
|
2189
|
+
OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
|
|
2190
|
+
|
|
2191
|
+
OPENSSL_EXPORT int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
|
|
2192
|
+
OPENSSL_EXPORT int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
|
|
2193
|
+
|
|
2194
|
+
OPENSSL_EXPORT int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type,
|
|
2195
|
+
X509_NAME *name, X509_OBJECT *ret);
|
|
2196
|
+
|
|
2197
|
+
OPENSSL_EXPORT int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
|
|
2198
|
+
long argl, char **ret);
|
|
2199
|
+
|
|
2200
|
+
#ifndef OPENSSL_NO_STDIO
|
|
2201
|
+
OPENSSL_EXPORT int X509_load_cert_file(X509_LOOKUP *ctx, const char *file,
|
|
2202
|
+
int type);
|
|
2203
|
+
OPENSSL_EXPORT int X509_load_crl_file(X509_LOOKUP *ctx, const char *file,
|
|
2204
|
+
int type);
|
|
2205
|
+
OPENSSL_EXPORT int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file,
|
|
2206
|
+
int type);
|
|
2207
|
+
#endif
|
|
2208
|
+
|
|
2209
|
+
OPENSSL_EXPORT X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
|
|
2210
|
+
OPENSSL_EXPORT void X509_LOOKUP_free(X509_LOOKUP *ctx);
|
|
2211
|
+
OPENSSL_EXPORT int X509_LOOKUP_init(X509_LOOKUP *ctx);
|
|
2212
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type,
|
|
2213
|
+
X509_NAME *name, X509_OBJECT *ret);
|
|
2214
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type,
|
|
2215
|
+
X509_NAME *name,
|
|
2216
|
+
ASN1_INTEGER *serial,
|
|
2217
|
+
X509_OBJECT *ret);
|
|
2218
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
|
|
2219
|
+
unsigned char *bytes, int len,
|
|
2220
|
+
X509_OBJECT *ret);
|
|
2221
|
+
OPENSSL_EXPORT int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
|
|
2222
|
+
int len, X509_OBJECT *ret);
|
|
2223
|
+
OPENSSL_EXPORT int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
|
|
2224
|
+
|
|
2225
|
+
#ifndef OPENSSL_NO_STDIO
|
|
2226
|
+
OPENSSL_EXPORT int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
|
|
2227
|
+
const char *dir);
|
|
2228
|
+
OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *ctx);
|
|
2229
|
+
#endif
|
|
2230
|
+
|
|
2231
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
|
|
2232
|
+
CRYPTO_EX_unused *unused,
|
|
2233
|
+
CRYPTO_EX_dup *dup_unused,
|
|
2234
|
+
CRYPTO_EX_free *free_func);
|
|
2235
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
|
|
2236
|
+
void *data);
|
|
2237
|
+
OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
|
|
2238
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
|
|
2239
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
|
|
2240
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
|
|
2241
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
|
|
2242
|
+
OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
|
2243
|
+
OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
|
2244
|
+
OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(
|
|
2245
|
+
X509_STORE_CTX *ctx);
|
|
2246
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
|
2247
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
|
|
2248
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
|
2249
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
|
|
2250
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,
|
|
2251
|
+
STACK_OF(X509) *sk);
|
|
2252
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(
|
|
2253
|
+
X509_STORE_CTX *ctx);
|
|
2254
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,
|
|
2255
|
+
STACK_OF(X509_CRL) *sk);
|
|
2256
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
|
2257
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
|
|
2258
|
+
OPENSSL_EXPORT int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx,
|
|
2259
|
+
int def_purpose, int purpose,
|
|
2260
|
+
int trust);
|
|
2261
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx,
|
|
2262
|
+
unsigned long flags);
|
|
2263
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx,
|
|
2264
|
+
unsigned long flags, time_t t);
|
|
2265
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb(
|
|
2266
|
+
X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *));
|
|
2267
|
+
|
|
2268
|
+
OPENSSL_EXPORT X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(
|
|
2269
|
+
X509_STORE_CTX *ctx);
|
|
2270
|
+
OPENSSL_EXPORT int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
|
|
2271
|
+
|
|
2272
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(
|
|
2273
|
+
X509_STORE_CTX *ctx);
|
|
2274
|
+
OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx,
|
|
2275
|
+
X509_VERIFY_PARAM *param);
|
|
2276
|
+
OPENSSL_EXPORT int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx,
|
|
2277
|
+
const char *name);
|
|
2278
|
+
|
|
2279
|
+
// X509_VERIFY_PARAM functions
|
|
2280
|
+
|
|
2281
|
+
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
|
|
2282
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
|
|
2283
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
|
|
2284
|
+
const X509_VERIFY_PARAM *from);
|
|
2285
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
|
|
2286
|
+
const X509_VERIFY_PARAM *from);
|
|
2287
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param,
|
|
2288
|
+
const char *name);
|
|
2289
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
|
|
2290
|
+
unsigned long flags);
|
|
2291
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
|
|
2292
|
+
unsigned long flags);
|
|
2293
|
+
OPENSSL_EXPORT unsigned long X509_VERIFY_PARAM_get_flags(
|
|
2294
|
+
X509_VERIFY_PARAM *param);
|
|
2295
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param,
|
|
2296
|
+
int purpose);
|
|
2297
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param,
|
|
2298
|
+
int trust);
|
|
2299
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param,
|
|
2300
|
+
int depth);
|
|
2301
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param,
|
|
2302
|
+
time_t t);
|
|
2303
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
|
|
2304
|
+
ASN1_OBJECT *policy);
|
|
2305
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies(
|
|
2306
|
+
X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies);
|
|
2307
|
+
|
|
2308
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
|
|
2309
|
+
const char *name,
|
|
2310
|
+
size_t namelen);
|
|
2311
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
|
|
2312
|
+
const char *name,
|
|
2313
|
+
size_t namelen);
|
|
2314
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
|
|
2315
|
+
unsigned int flags);
|
|
2316
|
+
OPENSSL_EXPORT char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
|
|
2317
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
|
|
2318
|
+
const char *email,
|
|
2319
|
+
size_t emaillen);
|
|
2320
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
|
|
2321
|
+
const unsigned char *ip,
|
|
2322
|
+
size_t iplen);
|
|
2323
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
|
|
2324
|
+
const char *ipasc);
|
|
2325
|
+
|
|
2326
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
|
|
2327
|
+
OPENSSL_EXPORT const char *X509_VERIFY_PARAM_get0_name(
|
|
2328
|
+
const X509_VERIFY_PARAM *param);
|
|
2329
|
+
|
|
2330
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
|
|
2331
|
+
OPENSSL_EXPORT int X509_VERIFY_PARAM_get_count(void);
|
|
2332
|
+
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
|
|
2333
|
+
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(
|
|
2334
|
+
const char *name);
|
|
2335
|
+
OPENSSL_EXPORT void X509_VERIFY_PARAM_table_cleanup(void);
|
|
2336
|
+
|
|
2337
|
+
OPENSSL_EXPORT int X509_policy_check(X509_POLICY_TREE **ptree,
|
|
2338
|
+
int *pexplicit_policy,
|
|
2339
|
+
STACK_OF(X509) *certs,
|
|
2340
|
+
STACK_OF(ASN1_OBJECT) *policy_oids,
|
|
2341
|
+
unsigned int flags);
|
|
2342
|
+
|
|
2343
|
+
OPENSSL_EXPORT void X509_policy_tree_free(X509_POLICY_TREE *tree);
|
|
2344
|
+
|
|
2345
|
+
OPENSSL_EXPORT int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
|
|
2346
|
+
OPENSSL_EXPORT X509_POLICY_LEVEL *X509_policy_tree_get0_level(
|
|
2347
|
+
const X509_POLICY_TREE *tree, int i);
|
|
2348
|
+
|
|
2349
|
+
OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(
|
|
2350
|
+
const X509_POLICY_TREE *tree);
|
|
2351
|
+
|
|
2352
|
+
OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(
|
|
2353
|
+
const X509_POLICY_TREE *tree);
|
|
2354
|
+
|
|
2355
|
+
OPENSSL_EXPORT int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
|
|
2356
|
+
|
|
2357
|
+
OPENSSL_EXPORT X509_POLICY_NODE *X509_policy_level_get0_node(
|
|
2358
|
+
X509_POLICY_LEVEL *level, int i);
|
|
2359
|
+
|
|
2360
|
+
OPENSSL_EXPORT const ASN1_OBJECT *X509_policy_node_get0_policy(
|
|
2361
|
+
const X509_POLICY_NODE *node);
|
|
2362
|
+
|
|
2363
|
+
OPENSSL_EXPORT STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(
|
|
2364
|
+
const X509_POLICY_NODE *node);
|
|
2365
|
+
OPENSSL_EXPORT const X509_POLICY_NODE *X509_policy_node_get0_parent(
|
|
2366
|
+
const X509_POLICY_NODE *node);
|
|
1797
2367
|
|
|
1798
2368
|
|
|
1799
2369
|
#ifdef __cplusplus
|
|
@@ -1826,13 +2396,10 @@ BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free)
|
|
|
1826
2396
|
BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free)
|
|
1827
2397
|
BORINGSSL_MAKE_DELETER(X509_SIG, X509_SIG_free)
|
|
1828
2398
|
BORINGSSL_MAKE_DELETER(X509_STORE, X509_STORE_free)
|
|
2399
|
+
BORINGSSL_MAKE_UP_REF(X509_STORE, X509_STORE_up_ref)
|
|
1829
2400
|
BORINGSSL_MAKE_DELETER(X509_STORE_CTX, X509_STORE_CTX_free)
|
|
1830
2401
|
BORINGSSL_MAKE_DELETER(X509_VERIFY_PARAM, X509_VERIFY_PARAM_free)
|
|
1831
2402
|
|
|
1832
|
-
using ScopedX509_STORE_CTX =
|
|
1833
|
-
internal::StackAllocated<X509_STORE_CTX, void, X509_STORE_CTX_zero,
|
|
1834
|
-
X509_STORE_CTX_cleanup>;
|
|
1835
|
-
|
|
1836
2403
|
BSSL_NAMESPACE_END
|
|
1837
2404
|
|
|
1838
2405
|
} // extern C++
|