grpc 1.41.0 → 1.42.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +57 -44
- data/etc/roots.pem +335 -326
- data/include/grpc/event_engine/event_engine.h +82 -42
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +98 -0
- data/include/grpc/event_engine/memory_allocator.h +210 -0
- data/include/grpc/grpc.h +4 -0
- data/include/grpc/grpc_security.h +18 -0
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/port_platform.h +7 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +18 -19
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -1
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +71 -89
- data/src/core/ext/filters/client_channel/client_channel.cc +187 -252
- data/src/core/ext/filters/client_channel/client_channel.h +74 -27
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.h +17 -19
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +8 -14
- data/src/core/ext/filters/client_channel/config_selector.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.h +4 -5
- data/src/core/ext/filters/client_channel/connector.h +18 -18
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +1 -1
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +0 -1
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +12 -11
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +6 -15
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +166 -82
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +4 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -4
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +23 -7
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +15 -10
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2502 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +7 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +6 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +7 -16
- data/src/core/ext/filters/client_channel/lb_policy.h +11 -1
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +139 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +11 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +12 -39
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +21 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +6 -2
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +77 -68
- data/src/core/ext/filters/client_channel/resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.cc +6 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +1 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +48 -86
- data/src/core/ext/filters/client_channel/retry_service_config.h +1 -1
- data/src/core/ext/filters/client_channel/retry_throttle.cc +17 -48
- data/src/core/ext/filters/client_channel/server_address.h +1 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +49 -36
- data/src/core/ext/filters/client_channel/subchannel.cc +85 -143
- data/src/core/ext/filters/client_channel/subchannel.h +29 -49
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +22 -7
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +11 -2
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +27 -210
- data/src/core/ext/filters/client_idle/idle_filter_state.cc +96 -0
- data/src/core/ext/filters/client_idle/idle_filter_state.h +66 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +23 -26
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +19 -19
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -1
- data/src/core/ext/filters/fault_injection/service_config_parser.h +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +41 -44
- data/src/core/ext/filters/http/client_authority_filter.cc +14 -15
- data/src/core/ext/filters/http/http_filters_plugin.cc +53 -71
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +17 -12
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.cc +72 -69
- data/src/core/ext/filters/max_age/max_age_filter.cc +24 -26
- data/src/core/ext/filters/message_size/message_size_filter.cc +19 -16
- data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
- data/src/core/ext/{filters/client_channel → service_config}/service_config.cc +2 -2
- data/src/core/ext/{filters/client_channel → service_config}/service_config.h +4 -4
- data/src/core/ext/service_config/service_config_call_data.h +72 -0
- data/src/core/ext/{filters/client_channel → service_config}/service_config_parser.cc +3 -3
- data/src/core/ext/{filters/client_channel → service_config}/service_config_parser.h +8 -6
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -5
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +19 -24
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +27 -50
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +14 -16
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +59 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +19 -16
- data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +41 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +8 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +136 -98
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +27 -8
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -25
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +37 -30
- data/src/core/ext/transport/chttp2/transport/internal.h +4 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +30 -173
- data/src/core/ext/transport/chttp2/transport/popularity_count.h +1 -1
- data/src/core/ext/transport/chttp2/transport/writing.cc +29 -22
- data/src/core/ext/transport/inproc/inproc_transport.cc +105 -109
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +68 -34
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +139 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +16 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +53 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +15 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +13 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +23 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +14 -11
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +17 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +15 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +49 -19
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +55 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +154 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +0 -2
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +182 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +130 -0
- data/src/core/ext/upb-generated/{udpa/type/v1 → xds/type/v3}/typed_struct.upb.c +7 -7
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +83 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +310 -286
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +101 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +59 -56
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +59 -46
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +78 -82
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +323 -316
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +5 -4
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +19 -23
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +4 -3
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +5 -3
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +5 -4
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +75 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +13 -12
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +25 -24
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +16 -15
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +17 -16
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +33 -32
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +19 -18
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/xds/xds_api.cc +325 -362
- data/src/core/ext/xds/xds_api.h +134 -82
- data/src/core/ext/xds/xds_bootstrap.h +10 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +3 -3
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +113 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.h +52 -0
- data/src/core/ext/xds/xds_client.cc +527 -314
- data/src/core/ext/xds/xds_client.h +42 -37
- data/src/core/ext/xds/xds_client_stats.h +1 -1
- data/src/core/ext/xds/xds_server_config_fetcher.cc +5 -7
- data/src/core/lib/address_utils/parse_address.cc +2 -0
- data/src/core/lib/avl/avl.cc +5 -5
- data/src/core/lib/backoff/backoff.cc +1 -1
- data/src/core/lib/channel/channel_args.cc +24 -6
- data/src/core/lib/channel/channel_args.h +9 -0
- data/src/core/lib/channel/channel_stack_builder.cc +3 -3
- data/src/core/lib/channel/channel_trace.cc +1 -1
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +3 -3
- data/src/core/lib/channel/channelz.h +2 -2
- data/src/core/lib/channel/channelz_registry.cc +1 -1
- data/src/core/lib/channel/channelz_registry.h +1 -1
- data/src/core/lib/channel/connected_channel.cc +1 -3
- data/src/core/lib/channel/connected_channel.h +1 -2
- data/src/core/lib/compression/compression.cc +2 -2
- data/src/core/lib/compression/compression_args.cc +6 -4
- data/src/core/lib/compression/compression_internal.cc +2 -2
- data/src/core/lib/compression/compression_internal.h +1 -1
- data/src/core/lib/config/core_configuration.cc +44 -2
- data/src/core/lib/config/core_configuration.h +39 -1
- data/src/core/lib/debug/stats.cc +1 -1
- data/src/core/lib/debug/stats_data.cc +13 -13
- data/src/core/lib/gpr/atm.cc +1 -1
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/string.cc +2 -2
- data/src/core/lib/gpr/tls.h +1 -1
- data/src/core/lib/gpr/useful.h +79 -32
- data/src/core/lib/gprpp/arena.h +10 -0
- data/src/core/lib/gprpp/bitset.h +38 -16
- data/src/core/lib/gprpp/chunked_vector.h +211 -0
- data/src/core/lib/gprpp/construct_destruct.h +1 -1
- data/src/core/lib/gprpp/match.h +1 -1
- data/src/core/lib/gprpp/memory.h +6 -0
- data/src/core/lib/gprpp/overload.h +1 -1
- data/src/core/lib/gprpp/status_helper.cc +23 -3
- data/src/core/lib/gprpp/status_helper.h +12 -1
- data/src/core/lib/gprpp/table.h +411 -0
- data/src/core/lib/http/httpcli.cc +200 -182
- data/src/core/lib/http/parser.cc +2 -2
- data/src/core/lib/iomgr/call_combiner.cc +28 -10
- data/src/core/lib/iomgr/combiner.cc +6 -21
- data/src/core/lib/iomgr/endpoint_cfstream.cc +7 -6
- data/src/core/lib/iomgr/error.cc +113 -52
- data/src/core/lib/iomgr/error.h +50 -9
- data/src/core/lib/iomgr/error_cfstream.cc +5 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -2
- data/src/core/lib/iomgr/ev_epollex_linux.cc +7 -7
- data/src/core/lib/iomgr/ev_poll_posix.cc +29 -20
- data/src/core/lib/iomgr/event_engine/closure.cc +41 -18
- data/src/core/lib/iomgr/event_engine/closure.h +10 -1
- data/src/core/lib/iomgr/event_engine/endpoint.cc +3 -3
- data/src/core/lib/iomgr/event_engine/iomgr.cc +1 -1
- data/src/core/lib/iomgr/event_engine/pollset.cc +5 -4
- data/src/core/lib/iomgr/event_engine/resolver.cc +10 -7
- data/src/core/lib/iomgr/event_engine/tcp.cc +9 -8
- data/src/core/lib/iomgr/event_engine/timer.cc +7 -2
- data/src/core/lib/iomgr/exec_ctx.cc +1 -9
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +5 -7
- data/src/core/lib/iomgr/executor/mpmcqueue.h +3 -8
- data/src/core/lib/iomgr/executor.cc +6 -20
- data/src/core/lib/iomgr/iomgr.cc +3 -1
- data/src/core/lib/iomgr/iomgr_internal.cc +4 -9
- data/src/core/lib/iomgr/iomgr_internal.h +3 -2
- data/src/core/lib/iomgr/load_file.cc +2 -2
- data/src/core/lib/iomgr/lockfree_event.cc +18 -0
- data/src/core/lib/iomgr/pollset_custom.cc +1 -1
- data/src/core/lib/iomgr/pollset_custom.h +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +5 -7
- data/src/core/lib/iomgr/resource_quota.cc +13 -11
- data/src/core/lib/iomgr/socket_factory_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_mutator.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +5 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +1 -1
- data/src/core/lib/iomgr/tcp_client_posix.cc +9 -18
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -3
- data/src/core/lib/iomgr/tcp_posix.cc +4 -5
- data/src/core/lib/iomgr/tcp_server_custom.cc +2 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +3 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_windows.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +13 -13
- data/src/core/lib/iomgr/timer_heap.cc +1 -1
- data/src/core/lib/json/json_util.cc +68 -0
- data/src/core/lib/json/json_util.h +57 -99
- data/src/core/lib/json/json_writer.cc +0 -3
- data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -1
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +14 -12
- data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +13 -1
- data/src/core/lib/security/context/security_context.cc +4 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +4 -2
- data/src/core/lib/security/credentials/credentials.h +6 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +47 -11
- data/src/core/lib/security/credentials/external/external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -1
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -9
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/security_connector.cc +9 -4
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl_utils.cc +1 -1
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +0 -2
- data/src/core/lib/security/transport/client_auth_filter.cc +5 -5
- data/src/core/lib/security/transport/security_handshaker.cc +73 -43
- data/src/core/lib/security/transport/server_auth_filter.cc +3 -5
- data/src/core/lib/security/transport/tsi_error.cc +3 -5
- data/src/core/lib/slice/slice.cc +0 -16
- data/src/core/lib/slice/slice_api.cc +39 -0
- data/src/core/lib/slice/slice_buffer.cc +5 -5
- data/src/core/lib/slice/slice_intern.cc +8 -13
- data/src/core/lib/slice/slice_internal.h +1 -244
- data/src/core/lib/slice/slice_refcount.cc +17 -0
- data/src/core/lib/slice/slice_refcount.h +121 -0
- data/src/core/lib/slice/slice_refcount_base.h +173 -0
- data/src/core/lib/slice/slice_split.cc +100 -0
- data/src/core/lib/slice/slice_split.h +40 -0
- data/src/core/lib/slice/slice_string_helpers.cc +0 -83
- data/src/core/lib/slice/slice_string_helpers.h +0 -11
- data/src/core/lib/slice/static_slice.cc +529 -0
- data/src/core/lib/slice/static_slice.h +331 -0
- data/src/core/lib/surface/builtins.cc +49 -0
- data/src/core/{ext/filters/workarounds/workaround_cronet_compression_filter.h → lib/surface/builtins.h} +8 -9
- data/src/core/lib/surface/call.cc +103 -120
- data/src/core/lib/surface/call.h +0 -6
- data/src/core/lib/surface/channel.cc +19 -32
- data/src/core/lib/surface/channel.h +0 -9
- data/src/core/lib/surface/channel_init.cc +23 -76
- data/src/core/lib/surface/channel_init.h +52 -44
- data/src/core/lib/surface/completion_queue.cc +6 -5
- data/src/core/lib/surface/init.cc +0 -39
- data/src/core/lib/surface/init_secure.cc +17 -14
- data/src/core/lib/surface/lame_client.cc +18 -11
- data/src/core/lib/surface/lame_client.h +1 -1
- data/src/core/lib/surface/server.cc +25 -17
- data/src/core/lib/surface/server.h +17 -10
- data/src/core/lib/surface/validate_metadata.cc +5 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/error_utils.cc +42 -17
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +31 -10
- data/src/core/lib/transport/metadata.h +2 -1
- data/src/core/lib/transport/metadata_batch.cc +35 -371
- data/src/core/lib/transport/metadata_batch.h +905 -71
- data/src/core/lib/transport/parsed_metadata.h +263 -0
- data/src/core/lib/transport/pid_controller.cc +4 -4
- data/src/core/lib/transport/static_metadata.cc +714 -846
- data/src/core/lib/transport/static_metadata.h +115 -379
- data/src/core/lib/transport/status_metadata.cc +1 -0
- data/src/core/lib/transport/transport.cc +4 -5
- data/src/core/lib/transport/transport_op_string.cc +40 -20
- data/src/core/plugin_registry/grpc_plugin_registry.cc +64 -43
- data/src/core/tsi/alts/crypt/aes_gcm.cc +3 -1
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +13 -12
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +10 -11
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +12 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +2 -2
- data/src/core/tsi/fake_transport_security.cc +15 -7
- data/src/core/tsi/local_transport_security.cc +36 -73
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +16 -50
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -3
- data/src/core/tsi/ssl_transport_security.cc +10 -2
- data/src/core/tsi/transport_security.cc +12 -0
- data/src/core/tsi/transport_security.h +16 -1
- data/src/core/tsi/transport_security_interface.h +26 -0
- data/src/ruby/ext/grpc/extconf.rb +12 -9
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +6 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +2 -2
- data/src/ruby/spec/client_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +4 -4
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +11 -6
- data/third_party/address_sorting/address_sorting_posix.c +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +278 -272
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +21 -22
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +15 -22
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/a_strex.c +268 -271
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +106 -153
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -39
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +38 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +289 -198
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +9 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +38 -47
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +45 -65
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +21 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +24 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +35 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +10 -37
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +12 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +151 -12
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +181 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -179
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +11 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +22 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +24 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +17 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +71 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +366 -227
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +2 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +3 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +8 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +9 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +37 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +28 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +529 -91
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +16 -695
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +48 -8
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +266 -357
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +90 -152
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +75 -79
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +96 -97
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +63 -43
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +14 -17
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +14 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +203 -203
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +30 -41
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +47 -33
- data/third_party/re2/re2/compile.cc +91 -109
- data/third_party/re2/re2/dfa.cc +27 -39
- data/third_party/re2/re2/filtered_re2.cc +18 -2
- data/third_party/re2/re2/filtered_re2.h +10 -5
- data/third_party/re2/re2/nfa.cc +1 -1
- data/third_party/re2/re2/parse.cc +42 -23
- data/third_party/re2/re2/perl_groups.cc +34 -34
- data/third_party/re2/re2/prefilter.cc +3 -2
- data/third_party/re2/re2/prog.cc +182 -4
- data/third_party/re2/re2/prog.h +28 -9
- data/third_party/re2/re2/re2.cc +87 -118
- data/third_party/re2/re2/re2.h +156 -141
- data/third_party/re2/re2/regexp.cc +12 -5
- data/third_party/re2/re2/regexp.h +8 -2
- data/third_party/re2/re2/set.cc +31 -9
- data/third_party/re2/re2/set.h +9 -4
- data/third_party/re2/re2/simplify.cc +11 -3
- data/third_party/re2/re2/tostring.cc +1 -1
- data/third_party/re2/re2/walker-inl.h +1 -1
- data/third_party/re2/util/mutex.h +2 -2
- data/third_party/re2/util/pcre.h +3 -3
- metadata +83 -70
- data/include/grpc/event_engine/slice_allocator.h +0 -71
- data/src/core/ext/filters/client_channel/service_config_call_data.h +0 -126
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +0 -211
- data/src/core/ext/filters/workarounds/workaround_utils.cc +0 -53
- data/src/core/ext/filters/workarounds/workaround_utils.h +0 -39
- data/src/core/ext/transport/chttp2/client/authority.cc +0 -42
- data/src/core/ext/transport/chttp2/client/authority.h +0 -36
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.cc +0 -67
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +0 -74
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +0 -66
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +0 -130
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +0 -83
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +0 -44
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +0 -35
- data/src/core/lib/iomgr/udp_server.cc +0 -747
- data/src/core/lib/iomgr/udp_server.h +0 -103
- data/src/core/lib/transport/authority_override.cc +0 -40
- data/src/core/lib/transport/authority_override.h +0 -37
@@ -66,53 +66,47 @@
|
|
66
66
|
#include "internal.h"
|
67
67
|
|
68
68
|
|
69
|
+
static int asn1_item_ex_i2d_opt(ASN1_VALUE **pval, unsigned char **out,
|
70
|
+
const ASN1_ITEM *it, int tag, int aclass,
|
71
|
+
int optional);
|
69
72
|
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
|
70
|
-
const ASN1_ITEM *it, int tag, int aclass
|
71
|
-
|
72
|
-
|
73
|
+
const ASN1_ITEM *it, int tag, int aclass,
|
74
|
+
int optional);
|
75
|
+
static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *out_omit,
|
76
|
+
int *putype, const ASN1_ITEM *it);
|
73
77
|
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
|
74
|
-
int skcontlen, const ASN1_ITEM *item,
|
75
|
-
int do_sort, int iclass);
|
78
|
+
int skcontlen, const ASN1_ITEM *item, int do_sort);
|
76
79
|
static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
77
80
|
const ASN1_TEMPLATE *tt, int tag, int aclass);
|
78
|
-
static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
|
79
|
-
const ASN1_ITEM *it, int flags);
|
80
81
|
|
81
82
|
/*
|
82
83
|
* Top level i2d equivalents
|
83
84
|
*/
|
84
85
|
|
85
86
|
int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
|
86
|
-
{
|
87
|
-
return asn1_item_flags_i2d(val, out, it, 0);
|
88
|
-
}
|
89
|
-
|
90
|
-
/*
|
91
|
-
* Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
|
92
|
-
* points to a buffer to output the data to. The new i2d has one additional
|
93
|
-
* feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
|
94
|
-
* allocated and populated with the encoding.
|
95
|
-
*/
|
96
|
-
|
97
|
-
static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
|
98
|
-
const ASN1_ITEM *it, int flags)
|
99
87
|
{
|
100
88
|
if (out && !*out) {
|
101
89
|
unsigned char *p, *buf;
|
102
|
-
int len;
|
103
|
-
|
104
|
-
if (len <= 0)
|
90
|
+
int len = ASN1_item_ex_i2d(&val, NULL, it, /*tag=*/-1, /*aclass=*/0);
|
91
|
+
if (len <= 0) {
|
105
92
|
return len;
|
93
|
+
}
|
106
94
|
buf = OPENSSL_malloc(len);
|
107
|
-
if (!buf)
|
95
|
+
if (!buf) {
|
96
|
+
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
|
108
97
|
return -1;
|
98
|
+
}
|
109
99
|
p = buf;
|
110
|
-
ASN1_item_ex_i2d(&val, &p, it,
|
100
|
+
int len2 = ASN1_item_ex_i2d(&val, &p, it, /*tag=*/-1, /*aclass=*/0);
|
101
|
+
if (len2 <= 0) {
|
102
|
+
return len2;
|
103
|
+
}
|
104
|
+
assert(len == len2);
|
111
105
|
*out = buf;
|
112
106
|
return len;
|
113
107
|
}
|
114
108
|
|
115
|
-
return ASN1_item_ex_i2d(&val, out, it,
|
109
|
+
return ASN1_item_ex_i2d(&val, out, it, /*tag=*/-1, /*aclass=*/0);
|
116
110
|
}
|
117
111
|
|
118
112
|
/*
|
@@ -122,27 +116,48 @@ static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
|
|
122
116
|
|
123
117
|
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
124
118
|
const ASN1_ITEM *it, int tag, int aclass)
|
119
|
+
{
|
120
|
+
int ret = asn1_item_ex_i2d_opt(pval, out, it, tag, aclass, /*optional=*/0);
|
121
|
+
assert(ret != 0);
|
122
|
+
return ret;
|
123
|
+
}
|
124
|
+
|
125
|
+
/* asn1_item_ex_i2d_opt behaves like |ASN1_item_ex_i2d| but, if |optional| is
|
126
|
+
* non-zero and |*pval| is omitted, it returns zero and writes no bytes. */
|
127
|
+
int asn1_item_ex_i2d_opt(ASN1_VALUE **pval, unsigned char **out,
|
128
|
+
const ASN1_ITEM *it, int tag, int aclass,
|
129
|
+
int optional)
|
125
130
|
{
|
126
131
|
const ASN1_TEMPLATE *tt = NULL;
|
127
132
|
int i, seqcontlen, seqlen;
|
128
|
-
const ASN1_EXTERN_FUNCS *ef;
|
129
|
-
const ASN1_AUX *aux = it->funcs;
|
130
|
-
ASN1_aux_cb *asn1_cb = 0;
|
131
133
|
|
132
|
-
|
133
|
-
|
134
|
+
/* Historically, |aclass| was repurposed to pass additional flags into the
|
135
|
+
* encoding process. */
|
136
|
+
assert((aclass & ASN1_TFLG_TAG_CLASS) == aclass);
|
137
|
+
/* If not overridding the tag, |aclass| is ignored and should be zero. */
|
138
|
+
assert(tag != -1 || aclass == 0);
|
134
139
|
|
135
|
-
|
136
|
-
|
140
|
+
/* All fields are pointers, except for boolean |ASN1_ITYPE_PRIMITIVE|s.
|
141
|
+
* Optional primitives are handled later. */
|
142
|
+
if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) {
|
143
|
+
if (optional) {
|
144
|
+
return 0;
|
145
|
+
}
|
146
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE);
|
147
|
+
return -1;
|
148
|
+
}
|
137
149
|
|
138
150
|
switch (it->itype) {
|
139
151
|
|
140
152
|
case ASN1_ITYPE_PRIMITIVE:
|
141
|
-
if (it->templates)
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
153
|
+
if (it->templates) {
|
154
|
+
if (it->templates->flags & ASN1_TFLG_OPTIONAL) {
|
155
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
156
|
+
return -1;
|
157
|
+
}
|
158
|
+
return asn1_template_ex_i2d(pval, out, it->templates, tag, aclass);
|
159
|
+
}
|
160
|
+
return asn1_i2d_ex_primitive(pval, out, it, tag, aclass, optional);
|
146
161
|
|
147
162
|
case ASN1_ITYPE_MSTRING:
|
148
163
|
/*
|
@@ -153,9 +168,9 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
153
168
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
154
169
|
return -1;
|
155
170
|
}
|
156
|
-
return asn1_i2d_ex_primitive(pval, out, it, -1,
|
171
|
+
return asn1_i2d_ex_primitive(pval, out, it, -1, 0, optional);
|
157
172
|
|
158
|
-
case ASN1_ITYPE_CHOICE:
|
173
|
+
case ASN1_ITYPE_CHOICE: {
|
159
174
|
/*
|
160
175
|
* It never makes sense for CHOICE types to have implicit tagging, so if
|
161
176
|
* tag != -1, then this looks like an error in the template.
|
@@ -164,31 +179,39 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
164
179
|
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
165
180
|
return -1;
|
166
181
|
}
|
167
|
-
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
|
168
|
-
return 0;
|
169
182
|
i = asn1_get_choice_selector(pval, it);
|
170
|
-
if (
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
183
|
+
if (i < 0 || i >= it->tcount) {
|
184
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_NO_MATCHING_CHOICE_TYPE);
|
185
|
+
return -1;
|
186
|
+
}
|
187
|
+
const ASN1_TEMPLATE *chtt = it->templates + i;
|
188
|
+
if (chtt->flags & ASN1_TFLG_OPTIONAL) {
|
189
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
190
|
+
return -1;
|
191
|
+
}
|
192
|
+
ASN1_VALUE **pchval = asn1_get_field_ptr(pval, chtt);
|
193
|
+
return asn1_template_ex_i2d(pchval, out, chtt, -1, 0);
|
194
|
+
}
|
181
195
|
|
182
|
-
case ASN1_ITYPE_EXTERN:
|
196
|
+
case ASN1_ITYPE_EXTERN: {
|
183
197
|
/* If new style i2d it does all the work */
|
184
|
-
ef = it->funcs;
|
185
|
-
|
198
|
+
const ASN1_EXTERN_FUNCS *ef = it->funcs;
|
199
|
+
int ret = ef->asn1_ex_i2d(pval, out, it, tag, aclass);
|
200
|
+
if (ret == 0) {
|
201
|
+
/* |asn1_ex_i2d| should never return zero. We have already checked
|
202
|
+
* for optional values generically, and |ASN1_ITYPE_EXTERN| fields
|
203
|
+
* must be pointers. */
|
204
|
+
OPENSSL_PUT_ERROR(ASN1, ERR_R_INTERNAL_ERROR);
|
205
|
+
return -1;
|
206
|
+
}
|
207
|
+
return ret;
|
208
|
+
}
|
186
209
|
|
187
|
-
case ASN1_ITYPE_SEQUENCE:
|
210
|
+
case ASN1_ITYPE_SEQUENCE: {
|
188
211
|
i = asn1_enc_restore(&seqcontlen, out, pval, it);
|
189
212
|
/* An error occurred */
|
190
213
|
if (i < 0)
|
191
|
-
return
|
214
|
+
return -1;
|
192
215
|
/* We have a valid cached encoding... */
|
193
216
|
if (i > 0)
|
194
217
|
return seqcontlen;
|
@@ -197,12 +220,8 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
197
220
|
/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
|
198
221
|
if (tag == -1) {
|
199
222
|
tag = V_ASN1_SEQUENCE;
|
200
|
-
|
201
|
-
aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
|
202
|
-
| V_ASN1_UNIVERSAL;
|
223
|
+
aclass = V_ASN1_UNIVERSAL;
|
203
224
|
}
|
204
|
-
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
|
205
|
-
return 0;
|
206
225
|
/* First work out sequence content length */
|
207
226
|
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
|
208
227
|
const ASN1_TEMPLATE *seqtt;
|
@@ -210,9 +229,9 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
210
229
|
int tmplen;
|
211
230
|
seqtt = asn1_do_adb(pval, tt, 1);
|
212
231
|
if (!seqtt)
|
213
|
-
return
|
232
|
+
return -1;
|
214
233
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
215
|
-
tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1,
|
234
|
+
tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, 0);
|
216
235
|
if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
|
217
236
|
return -1;
|
218
237
|
seqcontlen += tmplen;
|
@@ -228,40 +247,49 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
228
247
|
ASN1_VALUE **pseqval;
|
229
248
|
seqtt = asn1_do_adb(pval, tt, 1);
|
230
249
|
if (!seqtt)
|
231
|
-
return
|
250
|
+
return -1;
|
232
251
|
pseqval = asn1_get_field_ptr(pval, seqtt);
|
233
|
-
|
234
|
-
|
252
|
+
if (asn1_template_ex_i2d(pseqval, out, seqtt, -1, 0) < 0) {
|
253
|
+
return -1;
|
254
|
+
}
|
235
255
|
}
|
236
|
-
if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
|
237
|
-
return 0;
|
238
256
|
return seqlen;
|
257
|
+
}
|
239
258
|
|
240
259
|
default:
|
241
|
-
|
242
|
-
|
260
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
261
|
+
return -1;
|
243
262
|
}
|
244
|
-
return 0;
|
245
263
|
}
|
246
264
|
|
265
|
+
/* asn1_template_ex_i2d behaves like |asn1_item_ex_i2d_opt| but uses an
|
266
|
+
* |ASN1_TEMPLATE| instead of an |ASN1_ITEM|. An |ASN1_TEMPLATE| wraps an
|
267
|
+
* |ASN1_ITEM| with modifiers such as tagging, SEQUENCE or SET, etc. Instead of
|
268
|
+
* taking an |optional| parameter, it uses the |ASN1_TFLG_OPTIONAL| flag. */
|
247
269
|
static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
248
270
|
const ASN1_TEMPLATE *tt, int tag, int iclass)
|
249
271
|
{
|
250
272
|
int i, ret, flags, ttag, tclass;
|
251
273
|
size_t j;
|
252
274
|
flags = tt->flags;
|
275
|
+
|
276
|
+
/* Historically, |iclass| was repurposed to pass additional flags into the
|
277
|
+
* encoding process. */
|
278
|
+
assert((iclass & ASN1_TFLG_TAG_CLASS) == iclass);
|
279
|
+
/* If not overridding the tag, |iclass| is ignored and should be zero. */
|
280
|
+
assert(tag != -1 || iclass == 0);
|
281
|
+
|
253
282
|
/*
|
254
283
|
* Work out tag and class to use: tagging may come either from the
|
255
284
|
* template or the arguments, not both because this would create
|
256
|
-
* ambiguity.
|
257
|
-
* additional flags which should be noted and passed down to other
|
258
|
-
* levels.
|
285
|
+
* ambiguity.
|
259
286
|
*/
|
260
287
|
if (flags & ASN1_TFLG_TAG_MASK) {
|
261
288
|
/* Error if argument and template tagging */
|
262
|
-
if (tag != -1)
|
263
|
-
|
289
|
+
if (tag != -1) {
|
290
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_BAD_TEMPLATE);
|
264
291
|
return -1;
|
292
|
+
}
|
265
293
|
/* Get tagging from template */
|
266
294
|
ttag = tt->tag;
|
267
295
|
tclass = flags & ASN1_TFLG_TAG_CLASS;
|
@@ -273,14 +301,12 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
273
301
|
ttag = -1;
|
274
302
|
tclass = 0;
|
275
303
|
}
|
276
|
-
|
277
|
-
|
278
|
-
*/
|
279
|
-
iclass &= ~ASN1_TFLG_TAG_CLASS;
|
304
|
+
|
305
|
+
const int optional = (flags & ASN1_TFLG_OPTIONAL) != 0;
|
280
306
|
|
281
307
|
/*
|
282
|
-
* At this point 'ttag' contains the outer tag to use, 'tclass' is the
|
283
|
-
* class
|
308
|
+
* At this point 'ttag' contains the outer tag to use, and 'tclass' is the
|
309
|
+
* class.
|
284
310
|
*/
|
285
311
|
|
286
312
|
if (flags & ASN1_TFLG_SK_MASK) {
|
@@ -290,16 +316,22 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
290
316
|
int skcontlen, sklen;
|
291
317
|
ASN1_VALUE *skitem;
|
292
318
|
|
293
|
-
if (!*pval)
|
294
|
-
|
319
|
+
if (!*pval) {
|
320
|
+
if (optional) {
|
321
|
+
return 0;
|
322
|
+
}
|
323
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE);
|
324
|
+
return -1;
|
325
|
+
}
|
295
326
|
|
296
327
|
if (flags & ASN1_TFLG_SET_OF) {
|
297
328
|
isset = 1;
|
298
|
-
/*
|
299
|
-
|
300
|
-
|
301
|
-
} else
|
329
|
+
/* Historically, types with both bits set were mutated when
|
330
|
+
* serialized to apply the sort. We no longer support this. */
|
331
|
+
assert((flags & ASN1_TFLG_SEQUENCE_OF) == 0);
|
332
|
+
} else {
|
302
333
|
isset = 0;
|
334
|
+
}
|
303
335
|
|
304
336
|
/*
|
305
337
|
* Work out inner tag value: if EXPLICIT or no tagging use underlying
|
@@ -322,7 +354,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
322
354
|
int tmplen;
|
323
355
|
skitem = sk_ASN1_VALUE_value(sk, j);
|
324
356
|
tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
|
325
|
-
-1,
|
357
|
+
-1, 0);
|
326
358
|
if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
|
327
359
|
return -1;
|
328
360
|
skcontlen += tmplen;
|
@@ -346,30 +378,36 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
346
378
|
/* SET or SEQUENCE and IMPLICIT tag */
|
347
379
|
ASN1_put_object(out, /*constructed=*/1, skcontlen, sktag, skaclass);
|
348
380
|
/* And the stuff itself */
|
349
|
-
asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
|
350
|
-
|
381
|
+
if (!asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
|
382
|
+
isset)) {
|
383
|
+
return -1;
|
384
|
+
}
|
351
385
|
return ret;
|
352
386
|
}
|
353
387
|
|
354
388
|
if (flags & ASN1_TFLG_EXPTAG) {
|
355
389
|
/* EXPLICIT tagging */
|
356
390
|
/* Find length of tagged item */
|
357
|
-
i =
|
358
|
-
|
359
|
-
|
391
|
+
i = asn1_item_ex_i2d_opt(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0,
|
392
|
+
optional);
|
393
|
+
if (i <= 0)
|
394
|
+
return i;
|
360
395
|
/* Find length of EXPLICIT tag */
|
361
396
|
ret = ASN1_object_size(/*constructed=*/1, i, ttag);
|
362
397
|
if (out && ret != -1) {
|
363
398
|
/* Output tag and item */
|
364
399
|
ASN1_put_object(out, /*constructed=*/1, i, ttag, tclass);
|
365
|
-
ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1,
|
400
|
+
if (ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1,
|
401
|
+
0) < 0) {
|
402
|
+
return -1;
|
403
|
+
}
|
366
404
|
}
|
367
405
|
return ret;
|
368
406
|
}
|
369
407
|
|
370
|
-
/* Either normal or IMPLICIT tagging
|
371
|
-
return
|
372
|
-
|
408
|
+
/* Either normal or IMPLICIT tagging */
|
409
|
+
return asn1_item_ex_i2d_opt(pval, out, ASN1_ITEM_ptr(tt->item),
|
410
|
+
ttag, tclass, optional);
|
373
411
|
|
374
412
|
}
|
375
413
|
|
@@ -378,7 +416,6 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
378
416
|
typedef struct {
|
379
417
|
unsigned char *data;
|
380
418
|
int length;
|
381
|
-
ASN1_VALUE *field;
|
382
419
|
} DER_ENC;
|
383
420
|
|
384
421
|
static int der_cmp(const void *a, const void *b)
|
@@ -392,99 +429,96 @@ static int der_cmp(const void *a, const void *b)
|
|
392
429
|
return d1->length - d2->length;
|
393
430
|
}
|
394
431
|
|
395
|
-
/*
|
396
|
-
|
432
|
+
/* asn1_set_seq_out writes |sk| to |out| under the i2d output convention,
|
433
|
+
* excluding the tag and length. It returns one on success and zero on error.
|
434
|
+
* |skcontlen| must be the total encoded size. If |do_sort| is non-zero, the
|
435
|
+
* elements are sorted for a SET OF type. Each element of |sk| has type
|
436
|
+
* |item|. */
|
397
437
|
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
|
398
|
-
int skcontlen, const ASN1_ITEM *item,
|
399
|
-
int do_sort, int iclass)
|
438
|
+
int skcontlen, const ASN1_ITEM *item, int do_sort)
|
400
439
|
{
|
401
|
-
|
402
|
-
|
403
|
-
|
404
|
-
|
405
|
-
|
406
|
-
/* Don't need to sort less than 2 items */
|
407
|
-
if (sk_ASN1_VALUE_num(sk) < 2)
|
408
|
-
do_sort = 0;
|
409
|
-
else {
|
410
|
-
derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
|
411
|
-
* sizeof(*derlst));
|
412
|
-
if (!derlst)
|
413
|
-
return 0;
|
414
|
-
tmpdat = OPENSSL_malloc(skcontlen);
|
415
|
-
if (!tmpdat) {
|
416
|
-
OPENSSL_free(derlst);
|
440
|
+
/* No need to sort if there are fewer than two items. */
|
441
|
+
if (!do_sort || sk_ASN1_VALUE_num(sk) < 2) {
|
442
|
+
for (size_t i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
443
|
+
ASN1_VALUE *skitem = sk_ASN1_VALUE_value(sk, i);
|
444
|
+
if (ASN1_item_ex_i2d(&skitem, out, item, -1, 0) < 0) {
|
417
445
|
return 0;
|
418
446
|
}
|
419
447
|
}
|
420
|
-
}
|
421
|
-
/* If not sorting just output each item */
|
422
|
-
if (!do_sort) {
|
423
|
-
for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
424
|
-
skitem = sk_ASN1_VALUE_value(sk, i);
|
425
|
-
ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
|
426
|
-
}
|
427
448
|
return 1;
|
428
449
|
}
|
429
|
-
|
430
|
-
|
431
|
-
|
432
|
-
|
433
|
-
|
434
|
-
|
435
|
-
|
436
|
-
|
450
|
+
|
451
|
+
if (sk_ASN1_VALUE_num(sk) > ((size_t)-1) / sizeof(DER_ENC)) {
|
452
|
+
OPENSSL_PUT_ERROR(ASN1, ERR_R_OVERFLOW);
|
453
|
+
return 0;
|
454
|
+
}
|
455
|
+
|
456
|
+
int ret = 0;
|
457
|
+
unsigned char *const buf = OPENSSL_malloc(skcontlen);
|
458
|
+
DER_ENC *encoded = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*encoded));
|
459
|
+
if (encoded == NULL || buf == NULL) {
|
460
|
+
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
|
461
|
+
goto err;
|
462
|
+
}
|
463
|
+
|
464
|
+
/* Encode all the elements into |buf| and populate |encoded|. */
|
465
|
+
unsigned char *p = buf;
|
466
|
+
for (size_t i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
467
|
+
ASN1_VALUE *skitem = sk_ASN1_VALUE_value(sk, i);
|
468
|
+
encoded[i].data = p;
|
469
|
+
encoded[i].length = ASN1_item_ex_i2d(&skitem, &p, item, -1, 0);
|
470
|
+
if (encoded[i].length < 0) {
|
471
|
+
goto err;
|
472
|
+
}
|
473
|
+
assert(p - buf <= skcontlen);
|
437
474
|
}
|
438
475
|
|
439
|
-
|
440
|
-
|
441
|
-
/* Output sorted
|
476
|
+
qsort(encoded, sk_ASN1_VALUE_num(sk), sizeof(*encoded), der_cmp);
|
477
|
+
|
478
|
+
/* Output the elements in sorted order. */
|
442
479
|
p = *out;
|
443
|
-
for (i = 0
|
444
|
-
OPENSSL_memcpy(p,
|
445
|
-
p +=
|
480
|
+
for (size_t i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
|
481
|
+
OPENSSL_memcpy(p, encoded[i].data, encoded[i].length);
|
482
|
+
p += encoded[i].length;
|
446
483
|
}
|
447
484
|
*out = p;
|
448
|
-
|
449
|
-
|
450
|
-
|
451
|
-
|
452
|
-
|
453
|
-
OPENSSL_free(
|
454
|
-
|
455
|
-
return 1;
|
485
|
+
|
486
|
+
ret = 1;
|
487
|
+
|
488
|
+
err:
|
489
|
+
OPENSSL_free(encoded);
|
490
|
+
OPENSSL_free(buf);
|
491
|
+
return ret;
|
456
492
|
}
|
457
493
|
|
494
|
+
/* asn1_i2d_ex_primitive behaves like |ASN1_item_ex_i2d| but |item| must be a
|
495
|
+
* a PRIMITIVE or MSTRING type that is not an |ASN1_ITEM_TEMPLATE|. */
|
458
496
|
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
|
459
|
-
const ASN1_ITEM *it, int tag, int aclass
|
497
|
+
const ASN1_ITEM *it, int tag, int aclass,
|
498
|
+
int optional)
|
460
499
|
{
|
461
|
-
|
462
|
-
int
|
463
|
-
int
|
464
|
-
|
465
|
-
|
466
|
-
|
467
|
-
|
468
|
-
|
469
|
-
|
470
|
-
|
471
|
-
|
500
|
+
/* Get length of content octets and maybe find out the underlying type. */
|
501
|
+
int omit;
|
502
|
+
int utype = it->utype;
|
503
|
+
int len = asn1_ex_i2c(pval, NULL, &omit, &utype, it);
|
504
|
+
if (len < 0) {
|
505
|
+
return -1;
|
506
|
+
}
|
507
|
+
if (omit) {
|
508
|
+
if (optional) {
|
509
|
+
return 0;
|
510
|
+
}
|
511
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE);
|
512
|
+
return -1;
|
513
|
+
}
|
472
514
|
|
473
515
|
/*
|
474
516
|
* If SEQUENCE, SET or OTHER then header is included in pseudo content
|
475
517
|
* octets so don't include tag+length. We need to check here because the
|
476
518
|
* call to asn1_ex_i2c() could change utype.
|
477
519
|
*/
|
478
|
-
|
479
|
-
|
480
|
-
usetag = 0;
|
481
|
-
else
|
482
|
-
usetag = 1;
|
483
|
-
|
484
|
-
/* -1 means omit type */
|
485
|
-
|
486
|
-
if (len == -1)
|
487
|
-
return 0;
|
520
|
+
int usetag = utype != V_ASN1_SEQUENCE && utype != V_ASN1_SET &&
|
521
|
+
utype != V_ASN1_OTHER;
|
488
522
|
|
489
523
|
/* If not implicitly tagged get tag from underlying type */
|
490
524
|
if (tag == -1)
|
@@ -492,21 +526,42 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
|
|
492
526
|
|
493
527
|
/* Output tag+length followed by content octets */
|
494
528
|
if (out) {
|
495
|
-
if (usetag)
|
529
|
+
if (usetag) {
|
496
530
|
ASN1_put_object(out, /*constructed=*/0, len, tag, aclass);
|
497
|
-
|
531
|
+
}
|
532
|
+
int len2 = asn1_ex_i2c(pval, *out, &omit, &utype, it);
|
533
|
+
if (len2 < 0) {
|
534
|
+
return -1;
|
535
|
+
}
|
536
|
+
assert(len == len2);
|
537
|
+
assert(!omit);
|
498
538
|
*out += len;
|
499
539
|
}
|
500
540
|
|
501
|
-
if (usetag)
|
541
|
+
if (usetag) {
|
502
542
|
return ASN1_object_size(/*constructed=*/0, len, tag);
|
543
|
+
}
|
503
544
|
return len;
|
504
545
|
}
|
505
546
|
|
506
|
-
/*
|
507
|
-
|
508
|
-
|
509
|
-
|
547
|
+
/* asn1_ex_i2c writes the |*pval| to |cout| under the i2d output convention,
|
548
|
+
* excluding the tag and length. It returns the number of bytes written,
|
549
|
+
* possibly zero, on success or -1 on error. If |*pval| should be omitted, it
|
550
|
+
* returns zero and sets |*out_omit| to true.
|
551
|
+
*
|
552
|
+
* If |it| is an MSTRING or ANY type, it gets the underlying type from |*pval|,
|
553
|
+
* which must be an |ASN1_STRING| or |ASN1_TYPE|, respectively. It then updates
|
554
|
+
* |*putype| with the tag number of type used, or |V_ASN1_OTHER| if it was not a
|
555
|
+
* universal type. If |*putype| is set to |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or
|
556
|
+
* |V_ASN1_OTHER|, it additionally outputs the tag and length, so the caller
|
557
|
+
* must not do so.
|
558
|
+
*
|
559
|
+
* Otherwise, |*putype| must contain |it->utype|.
|
560
|
+
*
|
561
|
+
* WARNING: Unlike most functions in this file, |asn1_ex_i2c| can return zero
|
562
|
+
* without omitting the element. ASN.1 values may have empty contents. */
|
563
|
+
static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *out_omit,
|
564
|
+
int *putype, const ASN1_ITEM *it)
|
510
565
|
{
|
511
566
|
ASN1_BOOLEAN *tbool = NULL;
|
512
567
|
ASN1_STRING *strtmp;
|
@@ -520,23 +575,51 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
|
|
520
575
|
* |ASN1_PRIMITIVE_FUNCS| table of callbacks. */
|
521
576
|
assert(it->funcs == NULL);
|
522
577
|
|
578
|
+
*out_omit = 0;
|
579
|
+
|
523
580
|
/* Should type be omitted? */
|
524
581
|
if ((it->itype != ASN1_ITYPE_PRIMITIVE)
|
525
582
|
|| (it->utype != V_ASN1_BOOLEAN)) {
|
526
|
-
if (!*pval)
|
527
|
-
|
583
|
+
if (!*pval) {
|
584
|
+
*out_omit = 1;
|
585
|
+
return 0;
|
586
|
+
}
|
528
587
|
}
|
529
588
|
|
530
589
|
if (it->itype == ASN1_ITYPE_MSTRING) {
|
531
590
|
/* If MSTRING type set the underlying type */
|
532
591
|
strtmp = (ASN1_STRING *)*pval;
|
533
592
|
utype = strtmp->type;
|
593
|
+
if (utype < 0 && utype != V_ASN1_OTHER) {
|
594
|
+
/* MSTRINGs can have type -1 when default-constructed. */
|
595
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE);
|
596
|
+
return -1;
|
597
|
+
}
|
598
|
+
/* Negative INTEGER and ENUMERATED values use |ASN1_STRING| type values
|
599
|
+
* that do not match their corresponding utype values. INTEGERs cannot
|
600
|
+
* participate in MSTRING types, but ENUMERATEDs can.
|
601
|
+
*
|
602
|
+
* TODO(davidben): Is this a bug? Although arguably one of the MSTRING
|
603
|
+
* types should contain more values, rather than less. See
|
604
|
+
* https://crbug.com/boringssl/412. But it is not possible to fit all
|
605
|
+
* possible ANY values into an |ASN1_STRING|, so matching the spec here
|
606
|
+
* is somewhat hopeless. */
|
607
|
+
if (utype == V_ASN1_NEG_INTEGER) {
|
608
|
+
utype = V_ASN1_INTEGER;
|
609
|
+
} else if (utype == V_ASN1_NEG_ENUMERATED) {
|
610
|
+
utype = V_ASN1_ENUMERATED;
|
611
|
+
}
|
534
612
|
*putype = utype;
|
535
613
|
} else if (it->utype == V_ASN1_ANY) {
|
536
614
|
/* If ANY set type and pointer to value */
|
537
615
|
ASN1_TYPE *typ;
|
538
616
|
typ = (ASN1_TYPE *)*pval;
|
539
617
|
utype = typ->type;
|
618
|
+
if (utype < 0 && utype != V_ASN1_OTHER) {
|
619
|
+
/* |ASN1_TYPE|s can have type -1 when default-constructed. */
|
620
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE);
|
621
|
+
return -1;
|
622
|
+
}
|
540
623
|
*putype = utype;
|
541
624
|
pval = &typ->value.asn1_value;
|
542
625
|
} else
|
@@ -547,8 +630,11 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
|
|
547
630
|
otmp = (ASN1_OBJECT *)*pval;
|
548
631
|
cont = otmp->data;
|
549
632
|
len = otmp->length;
|
550
|
-
if (
|
633
|
+
if (len == 0) {
|
634
|
+
/* Some |ASN1_OBJECT|s do not have OIDs and cannot be serialized. */
|
635
|
+
OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT);
|
551
636
|
return -1;
|
637
|
+
}
|
552
638
|
break;
|
553
639
|
|
554
640
|
case V_ASN1_NULL:
|
@@ -558,34 +644,39 @@ static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
|
|
558
644
|
|
559
645
|
case V_ASN1_BOOLEAN:
|
560
646
|
tbool = (ASN1_BOOLEAN *)pval;
|
561
|
-
if (*tbool == -1)
|
562
|
-
|
647
|
+
if (*tbool == -1) {
|
648
|
+
*out_omit = 1;
|
649
|
+
return 0;
|
650
|
+
}
|
563
651
|
if (it->utype != V_ASN1_ANY) {
|
564
652
|
/*
|
565
653
|
* Default handling if value == size field then omit
|
566
654
|
*/
|
567
|
-
if (*tbool && (it->size > 0))
|
568
|
-
|
569
|
-
|
570
|
-
return
|
655
|
+
if ((*tbool && (it->size > 0)) ||
|
656
|
+
(!*tbool && !it->size)) {
|
657
|
+
*out_omit = 1;
|
658
|
+
return 0;
|
659
|
+
}
|
571
660
|
}
|
572
661
|
c = *tbool ? 0xff : 0x00;
|
573
662
|
cont = &c;
|
574
663
|
len = 1;
|
575
664
|
break;
|
576
665
|
|
577
|
-
case V_ASN1_BIT_STRING:
|
578
|
-
|
579
|
-
|
580
|
-
|
666
|
+
case V_ASN1_BIT_STRING: {
|
667
|
+
int ret = i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
|
668
|
+
cout ? &cout : NULL);
|
669
|
+
/* |i2c_ASN1_BIT_STRING| returns zero on error instead of -1. */
|
670
|
+
return ret <= 0 ? -1 : ret;
|
671
|
+
}
|
581
672
|
|
582
673
|
case V_ASN1_INTEGER:
|
583
|
-
case V_ASN1_ENUMERATED:
|
584
|
-
/*
|
585
|
-
|
586
|
-
|
587
|
-
return
|
588
|
-
|
674
|
+
case V_ASN1_ENUMERATED: {
|
675
|
+
/* |i2c_ASN1_INTEGER| also handles ENUMERATED. */
|
676
|
+
int ret = i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
|
677
|
+
/* |i2c_ASN1_INTEGER| returns zero on error instead of -1. */
|
678
|
+
return ret <= 0 ? -1 : ret;
|
679
|
+
}
|
589
680
|
|
590
681
|
case V_ASN1_OCTET_STRING:
|
591
682
|
case V_ASN1_NUMERICSTRING:
|