grpc 1.51.0-x86_64-linux → 1.52.0-x86_64-linux

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (2604) hide show
  1. checksums.yaml +4 -4
  2. data/grpc_c.32-msvcrt.ruby +0 -0
  3. data/grpc_c.64-msvcrt.ruby +0 -0
  4. data/grpc_c.64-ucrt.ruby +0 -0
  5. data/src/ruby/ext/grpc/{ext-export-truffleruby.clang → ext-export-truffleruby-with-ruby-abi-version.clang} +0 -0
  6. data/src/ruby/ext/grpc/{ext-export-truffleruby.gcc → ext-export-truffleruby-with-ruby-abi-version.gcc} +0 -0
  7. data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.clang +2 -0
  8. data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.gcc +7 -0
  9. data/src/ruby/ext/grpc/ext-export.clang +0 -1
  10. data/src/ruby/ext/grpc/ext-export.gcc +1 -2
  11. data/src/ruby/ext/grpc/extconf.rb +47 -2
  12. data/src/ruby/ext/grpc/rb_call.c +1 -0
  13. data/src/ruby/ext/grpc/rb_channel.c +1 -0
  14. data/src/ruby/ext/grpc/rb_channel_args.c +1 -0
  15. data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
  16. data/src/ruby/ext/grpc/rb_grpc.c +1 -0
  17. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +38 -36
  18. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +59 -56
  19. data/src/ruby/lib/grpc/2.6/grpc_c.so +0 -0
  20. data/src/ruby/lib/grpc/2.7/grpc_c.so +0 -0
  21. data/src/ruby/lib/grpc/3.0/grpc_c.so +0 -0
  22. data/src/ruby/lib/grpc/3.1/grpc_c.so +0 -0
  23. data/src/ruby/lib/grpc/{grpc_c.so → 3.2/grpc_c.so} +0 -0
  24. data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
  25. data/src/ruby/lib/grpc/version.rb +1 -1
  26. data/src/ruby/spec/client_server_spec.rb +20 -8
  27. metadata +25 -2597
  28. data/.yardopts +0 -1
  29. data/Makefile +0 -3258
  30. data/include/grpc/byte_buffer.h +0 -27
  31. data/include/grpc/byte_buffer_reader.h +0 -26
  32. data/include/grpc/census.h +0 -40
  33. data/include/grpc/compression.h +0 -75
  34. data/include/grpc/event_engine/README.md +0 -38
  35. data/include/grpc/event_engine/endpoint_config.h +0 -49
  36. data/include/grpc/event_engine/event_engine.h +0 -453
  37. data/include/grpc/event_engine/internal/memory_allocator_impl.h +0 -68
  38. data/include/grpc/event_engine/memory_allocator.h +0 -211
  39. data/include/grpc/event_engine/memory_request.h +0 -57
  40. data/include/grpc/event_engine/port.h +0 -39
  41. data/include/grpc/event_engine/slice.h +0 -286
  42. data/include/grpc/event_engine/slice_buffer.h +0 -135
  43. data/include/grpc/fork.h +0 -26
  44. data/include/grpc/grpc.h +0 -595
  45. data/include/grpc/grpc_cronet.h +0 -38
  46. data/include/grpc/grpc_posix.h +0 -63
  47. data/include/grpc/grpc_security.h +0 -1270
  48. data/include/grpc/grpc_security_constants.h +0 -152
  49. data/include/grpc/impl/codegen/README.md +0 -22
  50. data/include/grpc/impl/codegen/atm.h +0 -97
  51. data/include/grpc/impl/codegen/atm_gcc_atomic.h +0 -84
  52. data/include/grpc/impl/codegen/atm_gcc_sync.h +0 -85
  53. data/include/grpc/impl/codegen/atm_windows.h +0 -132
  54. data/include/grpc/impl/codegen/byte_buffer.h +0 -103
  55. data/include/grpc/impl/codegen/byte_buffer_reader.h +0 -44
  56. data/include/grpc/impl/codegen/compression_types.h +0 -109
  57. data/include/grpc/impl/codegen/connectivity_state.h +0 -47
  58. data/include/grpc/impl/codegen/fork.h +0 -50
  59. data/include/grpc/impl/codegen/gpr_slice.h +0 -71
  60. data/include/grpc/impl/codegen/gpr_types.h +0 -62
  61. data/include/grpc/impl/codegen/grpc_types.h +0 -814
  62. data/include/grpc/impl/codegen/log.h +0 -112
  63. data/include/grpc/impl/codegen/port_platform.h +0 -779
  64. data/include/grpc/impl/codegen/propagation_bits.h +0 -54
  65. data/include/grpc/impl/codegen/slice.h +0 -132
  66. data/include/grpc/impl/codegen/status.h +0 -156
  67. data/include/grpc/impl/codegen/sync.h +0 -68
  68. data/include/grpc/impl/codegen/sync_abseil.h +0 -38
  69. data/include/grpc/impl/codegen/sync_custom.h +0 -40
  70. data/include/grpc/impl/codegen/sync_generic.h +0 -51
  71. data/include/grpc/impl/codegen/sync_posix.h +0 -54
  72. data/include/grpc/impl/codegen/sync_windows.h +0 -42
  73. data/include/grpc/load_reporting.h +0 -48
  74. data/include/grpc/module.modulemap +0 -64
  75. data/include/grpc/slice.h +0 -161
  76. data/include/grpc/slice_buffer.h +0 -84
  77. data/include/grpc/status.h +0 -26
  78. data/include/grpc/support/alloc.h +0 -52
  79. data/include/grpc/support/atm.h +0 -26
  80. data/include/grpc/support/atm_gcc_atomic.h +0 -26
  81. data/include/grpc/support/atm_gcc_sync.h +0 -26
  82. data/include/grpc/support/atm_windows.h +0 -26
  83. data/include/grpc/support/cpu.h +0 -44
  84. data/include/grpc/support/log.h +0 -26
  85. data/include/grpc/support/log_windows.h +0 -38
  86. data/include/grpc/support/port_platform.h +0 -24
  87. data/include/grpc/support/string_util.h +0 -51
  88. data/include/grpc/support/sync.h +0 -282
  89. data/include/grpc/support/sync_abseil.h +0 -26
  90. data/include/grpc/support/sync_custom.h +0 -26
  91. data/include/grpc/support/sync_generic.h +0 -26
  92. data/include/grpc/support/sync_posix.h +0 -26
  93. data/include/grpc/support/sync_windows.h +0 -26
  94. data/include/grpc/support/thd_id.h +0 -44
  95. data/include/grpc/support/time.h +0 -92
  96. data/include/grpc/support/workaround_list.h +0 -31
  97. data/src/core/ext/filters/census/grpc_context.cc +0 -42
  98. data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +0 -315
  99. data/src/core/ext/filters/channel_idle/channel_idle_filter.h +0 -142
  100. data/src/core/ext/filters/channel_idle/idle_filter_state.cc +0 -96
  101. data/src/core/ext/filters/channel_idle/idle_filter_state.h +0 -68
  102. data/src/core/ext/filters/client_channel/backend_metric.cc +0 -84
  103. data/src/core/ext/filters/client_channel/backend_metric.h +0 -47
  104. data/src/core/ext/filters/client_channel/backup_poller.cc +0 -187
  105. data/src/core/ext/filters/client_channel/backup_poller.h +0 -40
  106. data/src/core/ext/filters/client_channel/channel_connectivity.cc +0 -244
  107. data/src/core/ext/filters/client_channel/client_channel.cc +0 -3188
  108. data/src/core/ext/filters/client_channel/client_channel.h +0 -626
  109. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +0 -92
  110. data/src/core/ext/filters/client_channel/client_channel_channelz.h +0 -85
  111. data/src/core/ext/filters/client_channel/client_channel_factory.cc +0 -32
  112. data/src/core/ext/filters/client_channel/client_channel_factory.h +0 -46
  113. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +0 -42
  114. data/src/core/ext/filters/client_channel/client_channel_service_config.cc +0 -153
  115. data/src/core/ext/filters/client_channel/client_channel_service_config.h +0 -111
  116. data/src/core/ext/filters/client_channel/config_selector.cc +0 -60
  117. data/src/core/ext/filters/client_channel/config_selector.h +0 -155
  118. data/src/core/ext/filters/client_channel/connector.h +0 -84
  119. data/src/core/ext/filters/client_channel/dynamic_filters.cc +0 -175
  120. data/src/core/ext/filters/client_channel/dynamic_filters.h +0 -108
  121. data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +0 -65
  122. data/src/core/ext/filters/client_channel/global_subchannel_pool.h +0 -63
  123. data/src/core/ext/filters/client_channel/health/health_check_client.cc +0 -175
  124. data/src/core/ext/filters/client_channel/health/health_check_client.h +0 -43
  125. data/src/core/ext/filters/client_channel/http_proxy.cc +0 -200
  126. data/src/core/ext/filters/client_channel/http_proxy.h +0 -52
  127. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +0 -100
  128. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +0 -103
  129. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +0 -49
  130. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +0 -325
  131. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +0 -89
  132. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +0 -150
  133. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +0 -30
  134. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +0 -1933
  135. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -40
  136. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -88
  137. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +0 -41
  138. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +0 -90
  139. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +0 -82
  140. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +0 -202
  141. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +0 -76
  142. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +0 -415
  143. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +0 -57
  144. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +0 -1152
  145. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +0 -94
  146. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +0 -543
  147. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +0 -957
  148. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +0 -889
  149. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +0 -47
  150. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +0 -2512
  151. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +0 -529
  152. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +0 -439
  153. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +0 -793
  154. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +0 -762
  155. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +0 -42
  156. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.h +0 -64
  157. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +0 -29
  158. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +0 -806
  159. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +0 -732
  160. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +0 -1214
  161. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +0 -364
  162. data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +0 -60
  163. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +0 -59
  164. data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +0 -149
  165. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +0 -868
  166. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +0 -91
  167. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +0 -115
  168. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +0 -882
  169. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +0 -1204
  170. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +0 -137
  171. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +0 -29
  172. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +0 -35
  173. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  174. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -30
  175. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +0 -201
  176. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +0 -368
  177. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -110
  178. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +0 -472
  179. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +0 -258
  180. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +0 -123
  181. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +0 -190
  182. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +0 -1147
  183. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +0 -30
  184. data/src/core/ext/filters/client_channel/retry_filter.cc +0 -2661
  185. data/src/core/ext/filters/client_channel/retry_filter.h +0 -31
  186. data/src/core/ext/filters/client_channel/retry_service_config.cc +0 -282
  187. data/src/core/ext/filters/client_channel/retry_service_config.h +0 -105
  188. data/src/core/ext/filters/client_channel/retry_throttle.cc +0 -141
  189. data/src/core/ext/filters/client_channel/retry_throttle.h +0 -92
  190. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +0 -174
  191. data/src/core/ext/filters/client_channel/subchannel.cc +0 -974
  192. data/src/core/ext/filters/client_channel/subchannel.h +0 -435
  193. data/src/core/ext/filters/client_channel/subchannel_interface_internal.h +0 -38
  194. data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +0 -66
  195. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +0 -100
  196. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +0 -470
  197. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +0 -222
  198. data/src/core/ext/filters/deadline/deadline_filter.cc +0 -400
  199. data/src/core/ext/filters/deadline/deadline_filter.h +0 -93
  200. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +0 -279
  201. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +0 -71
  202. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +0 -118
  203. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +0 -112
  204. data/src/core/ext/filters/http/client/http_client_filter.cc +0 -159
  205. data/src/core/ext/filters/http/client/http_client_filter.h +0 -61
  206. data/src/core/ext/filters/http/client_authority_filter.cc +0 -90
  207. data/src/core/ext/filters/http/client_authority_filter.h +0 -56
  208. data/src/core/ext/filters/http/http_filters_plugin.cc +0 -97
  209. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +0 -332
  210. data/src/core/ext/filters/http/message_compress/message_compress_filter.h +0 -52
  211. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +0 -322
  212. data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +0 -32
  213. data/src/core/ext/filters/http/server/http_server_filter.cc +0 -161
  214. data/src/core/ext/filters/http/server/http_server_filter.h +0 -63
  215. data/src/core/ext/filters/message_size/message_size_filter.cc +0 -373
  216. data/src/core/ext/filters/message_size/message_size_filter.h +0 -90
  217. data/src/core/ext/filters/rbac/rbac_filter.cc +0 -174
  218. data/src/core/ext/filters/rbac/rbac_filter.h +0 -84
  219. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +0 -819
  220. data/src/core/ext/filters/rbac/rbac_service_config_parser.h +0 -86
  221. data/src/core/ext/filters/server_config_selector/server_config_selector.cc +0 -62
  222. data/src/core/ext/filters/server_config_selector/server_config_selector.h +0 -85
  223. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +0 -160
  224. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.h +0 -33
  225. data/src/core/ext/transport/chttp2/alpn/alpn.cc +0 -45
  226. data/src/core/ext/transport/chttp2/alpn/alpn.h +0 -36
  227. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +0 -434
  228. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +0 -77
  229. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +0 -1094
  230. data/src/core/ext/transport/chttp2/server/chttp2_server.h +0 -47
  231. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +0 -252
  232. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +0 -58
  233. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +0 -232
  234. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +0 -42
  235. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +0 -2963
  236. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +0 -77
  237. data/src/core/ext/transport/chttp2/transport/context_list.cc +0 -71
  238. data/src/core/ext/transport/chttp2/transport/context_list.h +0 -54
  239. data/src/core/ext/transport/chttp2/transport/decode_huff.cc +0 -287
  240. data/src/core/ext/transport/chttp2/transport/decode_huff.h +0 -1018
  241. data/src/core/ext/transport/chttp2/transport/flow_control.cc +0 -442
  242. data/src/core/ext/transport/chttp2/transport/flow_control.h +0 -386
  243. data/src/core/ext/transport/chttp2/transport/frame.h +0 -43
  244. data/src/core/ext/transport/chttp2/transport/frame_data.cc +0 -156
  245. data/src/core/ext/transport/chttp2/transport/frame_data.h +0 -60
  246. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +0 -190
  247. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +0 -65
  248. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +0 -137
  249. data/src/core/ext/transport/chttp2/transport/frame_ping.h +0 -49
  250. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +0 -130
  251. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +0 -54
  252. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +0 -241
  253. data/src/core/ext/transport/chttp2/transport/frame_settings.h +0 -66
  254. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +0 -122
  255. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +0 -46
  256. data/src/core/ext/transport/chttp2/transport/hpack_constants.h +0 -47
  257. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +0 -667
  258. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +0 -236
  259. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -89
  260. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -80
  261. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +0 -1382
  262. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +0 -142
  263. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +0 -247
  264. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +0 -137
  265. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +0 -62
  266. data/src/core/ext/transport/chttp2/transport/http2_settings.h +0 -60
  267. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +0 -92
  268. data/src/core/ext/transport/chttp2/transport/huffsyms.h +0 -32
  269. data/src/core/ext/transport/chttp2/transport/internal.h +0 -803
  270. data/src/core/ext/transport/chttp2/transport/parsing.cc +0 -730
  271. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +0 -216
  272. data/src/core/ext/transport/chttp2/transport/stream_map.cc +0 -177
  273. data/src/core/ext/transport/chttp2/transport/stream_map.h +0 -68
  274. data/src/core/ext/transport/chttp2/transport/varint.cc +0 -61
  275. data/src/core/ext/transport/chttp2/transport/varint.h +0 -76
  276. data/src/core/ext/transport/chttp2/transport/writing.cc +0 -683
  277. data/src/core/ext/transport/inproc/inproc_plugin.cc +0 -23
  278. data/src/core/ext/transport/inproc/inproc_transport.cc +0 -1274
  279. data/src/core/ext/transport/inproc/inproc_transport.h +0 -34
  280. data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.c +0 -117
  281. data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.h +0 -502
  282. data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.c +0 -121
  283. data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.h +0 -569
  284. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +0 -125
  285. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +0 -516
  286. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.c +0 -352
  287. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.h +0 -1768
  288. data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.c +0 -56
  289. data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.h +0 -159
  290. data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.c +0 -64
  291. data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.h +0 -189
  292. data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.c +0 -46
  293. data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.h +0 -128
  294. data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.c +0 -43
  295. data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.h +0 -106
  296. data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.c +0 -43
  297. data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.h +0 -101
  298. data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.c +0 -106
  299. data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.h +0 -613
  300. data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.c +0 -48
  301. data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.h +0 -107
  302. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +0 -60
  303. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +0 -81
  304. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +0 -53
  305. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +0 -103
  306. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -270
  307. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +0 -1300
  308. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +0 -413
  309. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +0 -2251
  310. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +0 -95
  311. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +0 -394
  312. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +0 -544
  313. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +0 -3066
  314. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +0 -48
  315. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +0 -107
  316. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +0 -89
  317. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +0 -549
  318. data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.c +0 -299
  319. data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.h +0 -1437
  320. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +0 -145
  321. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +0 -664
  322. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +0 -49
  323. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +0 -120
  324. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +0 -421
  325. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +0 -1891
  326. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +0 -163
  327. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +0 -806
  328. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +0 -47
  329. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +0 -104
  330. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +0 -47
  331. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +0 -107
  332. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.c +0 -58
  333. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.h +0 -159
  334. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +0 -269
  335. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +0 -1329
  336. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +0 -220
  337. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +0 -1255
  338. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +0 -49
  339. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +0 -126
  340. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +0 -323
  341. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +0 -1759
  342. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -40
  343. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +0 -88
  344. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +0 -60
  345. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +0 -177
  346. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +0 -47
  347. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +0 -148
  348. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +0 -56
  349. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +0 -182
  350. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +0 -48
  351. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +0 -122
  352. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -106
  353. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +0 -360
  354. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +0 -144
  355. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +0 -647
  356. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +0 -129
  357. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +0 -588
  358. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +0 -46
  359. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +0 -98
  360. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +0 -189
  361. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +0 -1041
  362. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +0 -186
  363. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +0 -969
  364. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +0 -63
  365. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +0 -238
  366. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -59
  367. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +0 -186
  368. data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +0 -53
  369. data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +0 -140
  370. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +0 -165
  371. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +0 -748
  372. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +0 -174
  373. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +0 -757
  374. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +0 -221
  375. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +0 -1094
  376. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +0 -86
  377. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +0 -402
  378. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +0 -1096
  379. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +0 -6440
  380. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +0 -79
  381. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +0 -267
  382. data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.c +0 -241
  383. data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.h +0 -1191
  384. data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.c +0 -44
  385. data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.h +0 -92
  386. data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.c +0 -49
  387. data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.h +0 -107
  388. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -63
  389. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +0 -175
  390. data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.c +0 -52
  391. data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.h +0 -138
  392. data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.c +0 -63
  393. data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.h +0 -254
  394. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -46
  395. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.h +0 -98
  396. data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.c +0 -47
  397. data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.h +0 -98
  398. data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.c +0 -69
  399. data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.h +0 -221
  400. data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.c +0 -33
  401. data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.h +0 -43
  402. data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.c +0 -71
  403. data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.h +0 -226
  404. data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.c +0 -54
  405. data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.h +0 -150
  406. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +0 -42
  407. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +0 -89
  408. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +0 -96
  409. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +0 -395
  410. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +0 -94
  411. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +0 -445
  412. data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.c +0 -71
  413. data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +0 -237
  414. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +0 -55
  415. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +0 -172
  416. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +0 -471
  417. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +0 -2731
  418. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +0 -52
  419. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +0 -168
  420. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.c +0 -46
  421. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +0 -98
  422. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -28
  423. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +0 -38
  424. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +0 -177
  425. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +0 -932
  426. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +0 -88
  427. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -320
  428. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -191
  429. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +0 -1063
  430. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.c +0 -62
  431. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +0 -168
  432. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +0 -38
  433. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +0 -74
  434. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +0 -280
  435. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +0 -1375
  436. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -68
  437. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +0 -218
  438. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +0 -138
  439. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +0 -651
  440. data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.c +0 -48
  441. data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.h +0 -116
  442. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +0 -76
  443. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +0 -265
  444. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +0 -74
  445. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +0 -230
  446. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +0 -62
  447. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +0 -196
  448. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +0 -49
  449. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +0 -121
  450. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +0 -48
  451. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +0 -117
  452. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +0 -47
  453. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +0 -104
  454. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +0 -80
  455. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +0 -246
  456. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -67
  457. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +0 -226
  458. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +0 -60
  459. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +0 -178
  460. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +0 -78
  461. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +0 -306
  462. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +0 -107
  463. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +0 -457
  464. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +0 -107
  465. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +0 -439
  466. data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.c +0 -66
  467. data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.h +0 -213
  468. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +0 -26
  469. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +0 -39
  470. data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.c +0 -42
  471. data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.h +0 -143
  472. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +0 -54
  473. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +0 -147
  474. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +0 -66
  475. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +0 -208
  476. data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.c +0 -63
  477. data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.h +0 -202
  478. data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.c +0 -26
  479. data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.h +0 -41
  480. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +0 -43
  481. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +0 -101
  482. data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.c +0 -51
  483. data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.h +0 -131
  484. data/src/core/ext/upb-generated/google/api/annotations.upb.c +0 -40
  485. data/src/core/ext/upb-generated/google/api/annotations.upb.h +0 -53
  486. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +0 -271
  487. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +0 -1280
  488. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +0 -283
  489. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +0 -1386
  490. data/src/core/ext/upb-generated/google/api/http.upb.c +0 -81
  491. data/src/core/ext/upb-generated/google/api/http.upb.h +0 -343
  492. data/src/core/ext/upb-generated/google/api/httpbody.upb.c +0 -46
  493. data/src/core/ext/upb-generated/google/api/httpbody.upb.h +0 -115
  494. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +0 -40
  495. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +0 -92
  496. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +0 -578
  497. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +0 -3217
  498. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +0 -40
  499. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +0 -92
  500. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +0 -35
  501. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +0 -74
  502. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +0 -95
  503. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +0 -329
  504. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +0 -40
  505. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +0 -92
  506. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +0 -127
  507. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +0 -475
  508. data/src/core/ext/upb-generated/google/rpc/status.upb.c +0 -46
  509. data/src/core/ext/upb-generated/google/rpc/status.upb.h +0 -115
  510. data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.c +0 -84
  511. data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.h +0 -335
  512. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +0 -63
  513. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +0 -188
  514. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +0 -240
  515. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +0 -1173
  516. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +0 -57
  517. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +0 -182
  518. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +0 -50
  519. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +0 -139
  520. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +0 -161
  521. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +0 -705
  522. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +0 -70
  523. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +0 -216
  524. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.c +0 -175
  525. data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.h +0 -792
  526. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +0 -110
  527. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +0 -290
  528. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +0 -55
  529. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +0 -112
  530. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +0 -38
  531. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +0 -46
  532. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +0 -54
  533. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +0 -119
  534. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +0 -53
  535. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +0 -103
  536. data/src/core/ext/upb-generated/validate/validate.upb.c +0 -560
  537. data/src/core/ext/upb-generated/validate/validate.upb.h +0 -4105
  538. data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.c +0 -110
  539. data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.h +0 -290
  540. data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.c +0 -55
  541. data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.h +0 -112
  542. data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.c +0 -38
  543. data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.h +0 -46
  544. data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +0 -105
  545. data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +0 -306
  546. data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.c +0 -53
  547. data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.h +0 -103
  548. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +0 -41
  549. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +0 -83
  550. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +0 -66
  551. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +0 -208
  552. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +0 -56
  553. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +0 -119
  554. data/src/core/ext/upb-generated/xds/core/v3/extension.upb.c +0 -46
  555. data/src/core/ext/upb-generated/xds/core/v3/extension.upb.h +0 -107
  556. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +0 -49
  557. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +0 -131
  558. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +0 -68
  559. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +0 -248
  560. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +0 -49
  561. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +0 -125
  562. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +0 -73
  563. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +0 -191
  564. data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.c +0 -47
  565. data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.h +0 -113
  566. data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.c +0 -207
  567. data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.h +0 -914
  568. data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.c +0 -52
  569. data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.h +0 -151
  570. data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.c +0 -65
  571. data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.h +0 -226
  572. data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +0 -46
  573. data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +0 -107
  574. data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.c +0 -84
  575. data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.h +0 -55
  576. data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.c +0 -127
  577. data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.h +0 -50
  578. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +0 -102
  579. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +0 -55
  580. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.c +0 -256
  581. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.h +0 -115
  582. data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.c +0 -43
  583. data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.h +0 -40
  584. data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.c +0 -56
  585. data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.h +0 -40
  586. data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.c +0 -49
  587. data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.h +0 -35
  588. data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.c +0 -46
  589. data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.h +0 -35
  590. data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.c +0 -46
  591. data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.h +0 -35
  592. data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.c +0 -142
  593. data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.h +0 -40
  594. data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.c +0 -51
  595. data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.h +0 -35
  596. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +0 -48
  597. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +0 -30
  598. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +0 -38
  599. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +0 -35
  600. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +0 -222
  601. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +0 -105
  602. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +0 -397
  603. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +0 -120
  604. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +0 -98
  605. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +0 -45
  606. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +0 -559
  607. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +0 -155
  608. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +0 -51
  609. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +0 -35
  610. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +0 -138
  611. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +0 -35
  612. data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.c +0 -206
  613. data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.h +0 -105
  614. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +0 -112
  615. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +0 -65
  616. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +0 -54
  617. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +0 -35
  618. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +0 -270
  619. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +0 -150
  620. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +0 -168
  621. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +0 -65
  622. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +0 -53
  623. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +0 -35
  624. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +0 -47
  625. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +0 -35
  626. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.c +0 -53
  627. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.h +0 -40
  628. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +0 -235
  629. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +0 -100
  630. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +0 -228
  631. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +0 -75
  632. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +0 -53
  633. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +0 -35
  634. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +0 -300
  635. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +0 -110
  636. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +0 -41
  637. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +0 -35
  638. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +0 -55
  639. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +0 -40
  640. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +0 -57
  641. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +0 -35
  642. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +0 -70
  643. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +0 -35
  644. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +0 -49
  645. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +0 -35
  646. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +0 -99
  647. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +0 -50
  648. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +0 -128
  649. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +0 -60
  650. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +0 -136
  651. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +0 -55
  652. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +0 -48
  653. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +0 -35
  654. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +0 -220
  655. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +0 -65
  656. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +0 -190
  657. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +0 -65
  658. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +0 -88
  659. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +0 -35
  660. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +0 -71
  661. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +0 -40
  662. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +0 -69
  663. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.h +0 -35
  664. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +0 -125
  665. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +0 -70
  666. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +0 -134
  667. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +0 -75
  668. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +0 -194
  669. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +0 -75
  670. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +0 -112
  671. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +0 -40
  672. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +0 -939
  673. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +0 -305
  674. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +0 -77
  675. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +0 -45
  676. data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.c +0 -199
  677. data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.h +0 -90
  678. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.c +0 -54
  679. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.h +0 -35
  680. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.c +0 -57
  681. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.h +0 -35
  682. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +0 -57
  683. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +0 -40
  684. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.c +0 -72
  685. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.h +0 -35
  686. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.c +0 -99
  687. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.h +0 -35
  688. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +0 -47
  689. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.h +0 -35
  690. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.c +0 -52
  691. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.h +0 -35
  692. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.c +0 -71
  693. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.h +0 -40
  694. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.c +0 -61
  695. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.h +0 -30
  696. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.c +0 -75
  697. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.h +0 -40
  698. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.c +0 -77
  699. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.h +0 -35
  700. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +0 -50
  701. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +0 -35
  702. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +0 -92
  703. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +0 -55
  704. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +0 -117
  705. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +0 -45
  706. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +0 -80
  707. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +0 -40
  708. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +0 -78
  709. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +0 -35
  710. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +0 -562
  711. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +0 -130
  712. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +0 -48
  713. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +0 -30
  714. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +0 -213
  715. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +0 -65
  716. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +0 -91
  717. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +0 -45
  718. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +0 -254
  719. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +0 -65
  720. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +0 -58
  721. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +0 -40
  722. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +0 -58
  723. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +0 -35
  724. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +0 -197
  725. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +0 -100
  726. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +0 -76
  727. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +0 -40
  728. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +0 -153
  729. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +0 -55
  730. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.c +0 -46
  731. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.h +0 -35
  732. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +0 -56
  733. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +0 -50
  734. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +0 -52
  735. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +0 -50
  736. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +0 -61
  737. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +0 -40
  738. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +0 -54
  739. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +0 -35
  740. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +0 -52
  741. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +0 -35
  742. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +0 -51
  743. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +0 -35
  744. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +0 -71
  745. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +0 -45
  746. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +0 -65
  747. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +0 -40
  748. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +0 -58
  749. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +0 -40
  750. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +0 -75
  751. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +0 -45
  752. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +0 -78
  753. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +0 -65
  754. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +0 -85
  755. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +0 -55
  756. data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.c +0 -53
  757. data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.h +0 -45
  758. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +0 -36
  759. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +0 -30
  760. data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.c +0 -94
  761. data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.h +0 -35
  762. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +0 -54
  763. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +0 -40
  764. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +0 -48
  765. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +0 -45
  766. data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.c +0 -69
  767. data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.h +0 -40
  768. data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.c +0 -38
  769. data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.h +0 -30
  770. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +0 -44
  771. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +0 -35
  772. data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.c +0 -57
  773. data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.h +0 -35
  774. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +0 -40
  775. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +0 -30
  776. data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.c +0 -154
  777. data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.h +0 -95
  778. data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.c +0 -153
  779. data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.h +0 -100
  780. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +0 -52
  781. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +0 -45
  782. data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.c +0 -39
  783. data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.h +0 -35
  784. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +0 -34
  785. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +0 -35
  786. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +0 -331
  787. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +0 -165
  788. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +0 -35
  789. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +0 -35
  790. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +0 -32
  791. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +0 -35
  792. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +0 -54
  793. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +0 -50
  794. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +0 -35
  795. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +0 -35
  796. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +0 -45
  797. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +0 -75
  798. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +0 -37
  799. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +0 -35
  800. data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
  801. data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -50
  802. data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +0 -99
  803. data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +0 -75
  804. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +0 -62
  805. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +0 -45
  806. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +0 -47
  807. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +0 -35
  808. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +0 -34
  809. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +0 -30
  810. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +0 -46
  811. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +0 -35
  812. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +0 -39
  813. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +0 -35
  814. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +0 -283
  815. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +0 -145
  816. data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.c +0 -63
  817. data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.h +0 -45
  818. data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.c +0 -47
  819. data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.h +0 -35
  820. data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.c +0 -35
  821. data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.h +0 -30
  822. data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +0 -64
  823. data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +0 -50
  824. data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.c +0 -40
  825. data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.h +0 -35
  826. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +0 -38
  827. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +0 -35
  828. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +0 -56
  829. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +0 -40
  830. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +0 -39
  831. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +0 -40
  832. data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.c +0 -41
  833. data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.h +0 -35
  834. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +0 -45
  835. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +0 -35
  836. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +0 -61
  837. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +0 -40
  838. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +0 -46
  839. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +0 -35
  840. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c +0 -126
  841. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.h +0 -80
  842. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c +0 -40
  843. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h +0 -40
  844. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c +0 -52
  845. data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h +0 -40
  846. data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +0 -40
  847. data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +0 -35
  848. data/src/core/ext/xds/certificate_provider_store.cc +0 -159
  849. data/src/core/ext/xds/certificate_provider_store.h +0 -138
  850. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +0 -150
  851. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +0 -77
  852. data/src/core/ext/xds/upb_utils.h +0 -45
  853. data/src/core/ext/xds/xds_api.cc +0 -646
  854. data/src/core/ext/xds/xds_api.h +0 -192
  855. data/src/core/ext/xds/xds_bootstrap.cc +0 -38
  856. data/src/core/ext/xds/xds_bootstrap.h +0 -88
  857. data/src/core/ext/xds/xds_bootstrap_grpc.cc +0 -361
  858. data/src/core/ext/xds/xds_bootstrap_grpc.h +0 -184
  859. data/src/core/ext/xds/xds_certificate_provider.cc +0 -416
  860. data/src/core/ext/xds/xds_certificate_provider.h +0 -183
  861. data/src/core/ext/xds/xds_channel_args.h +0 -32
  862. data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -119
  863. data/src/core/ext/xds/xds_channel_stack_modifier.h +0 -65
  864. data/src/core/ext/xds/xds_client.cc +0 -2032
  865. data/src/core/ext/xds/xds_client.h +0 -341
  866. data/src/core/ext/xds/xds_client_grpc.cc +0 -210
  867. data/src/core/ext/xds/xds_client_grpc.h +0 -79
  868. data/src/core/ext/xds/xds_client_stats.cc +0 -159
  869. data/src/core/ext/xds/xds_client_stats.h +0 -242
  870. data/src/core/ext/xds/xds_cluster.cc +0 -659
  871. data/src/core/ext/xds/xds_cluster.h +0 -116
  872. data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +0 -152
  873. data/src/core/ext/xds/xds_cluster_specifier_plugin.h +0 -92
  874. data/src/core/ext/xds/xds_common_types.cc +0 -501
  875. data/src/core/ext/xds/xds_common_types.h +0 -108
  876. data/src/core/ext/xds/xds_endpoint.cc +0 -468
  877. data/src/core/ext/xds/xds_endpoint.h +0 -139
  878. data/src/core/ext/xds/xds_http_fault_filter.cc +0 -235
  879. data/src/core/ext/xds/xds_http_fault_filter.h +0 -58
  880. data/src/core/ext/xds/xds_http_filters.cc +0 -116
  881. data/src/core/ext/xds/xds_http_filters.h +0 -181
  882. data/src/core/ext/xds/xds_http_rbac_filter.cc +0 -505
  883. data/src/core/ext/xds/xds_http_rbac_filter.h +0 -58
  884. data/src/core/ext/xds/xds_lb_policy_registry.cc +0 -243
  885. data/src/core/ext/xds/xds_lb_policy_registry.h +0 -71
  886. data/src/core/ext/xds/xds_listener.cc +0 -1144
  887. data/src/core/ext/xds/xds_listener.h +0 -224
  888. data/src/core/ext/xds/xds_resource_type.h +0 -104
  889. data/src/core/ext/xds/xds_resource_type_impl.h +0 -86
  890. data/src/core/ext/xds/xds_route_config.cc +0 -1166
  891. data/src/core/ext/xds/xds_route_config.h +0 -241
  892. data/src/core/ext/xds/xds_routing.cc +0 -264
  893. data/src/core/ext/xds/xds_routing.h +0 -106
  894. data/src/core/ext/xds/xds_server_config_fetcher.cc +0 -1375
  895. data/src/core/ext/xds/xds_transport.h +0 -86
  896. data/src/core/ext/xds/xds_transport_grpc.cc +0 -356
  897. data/src/core/ext/xds/xds_transport_grpc.h +0 -135
  898. data/src/core/lib/address_utils/parse_address.cc +0 -340
  899. data/src/core/lib/address_utils/parse_address.h +0 -86
  900. data/src/core/lib/address_utils/sockaddr_utils.cc +0 -443
  901. data/src/core/lib/address_utils/sockaddr_utils.h +0 -100
  902. data/src/core/lib/avl/avl.h +0 -482
  903. data/src/core/lib/backoff/backoff.cc +0 -47
  904. data/src/core/lib/backoff/backoff.h +0 -89
  905. data/src/core/lib/channel/call_finalization.h +0 -88
  906. data/src/core/lib/channel/call_tracer.h +0 -94
  907. data/src/core/lib/channel/channel_args.cc +0 -626
  908. data/src/core/lib/channel/channel_args.h +0 -544
  909. data/src/core/lib/channel/channel_args_preconditioning.cc +0 -43
  910. data/src/core/lib/channel/channel_args_preconditioning.h +0 -62
  911. data/src/core/lib/channel/channel_fwd.h +0 -26
  912. data/src/core/lib/channel/channel_stack.cc +0 -314
  913. data/src/core/lib/channel/channel_stack.h +0 -394
  914. data/src/core/lib/channel/channel_stack_builder.cc +0 -51
  915. data/src/core/lib/channel/channel_stack_builder.h +0 -120
  916. data/src/core/lib/channel/channel_stack_builder_impl.cc +0 -113
  917. data/src/core/lib/channel/channel_stack_builder_impl.h +0 -48
  918. data/src/core/lib/channel/channel_trace.cc +0 -183
  919. data/src/core/lib/channel/channel_trace.h +0 -138
  920. data/src/core/lib/channel/channelz.cc +0 -583
  921. data/src/core/lib/channel/channelz.h +0 -374
  922. data/src/core/lib/channel/channelz_registry.cc +0 -277
  923. data/src/core/lib/channel/channelz_registry.h +0 -100
  924. data/src/core/lib/channel/connected_channel.cc +0 -901
  925. data/src/core/lib/channel/connected_channel.h +0 -32
  926. data/src/core/lib/channel/context.h +0 -63
  927. data/src/core/lib/channel/promise_based_filter.cc +0 -2126
  928. data/src/core/lib/channel/promise_based_filter.h +0 -848
  929. data/src/core/lib/channel/status_util.cc +0 -138
  930. data/src/core/lib/channel/status_util.h +0 -74
  931. data/src/core/lib/compression/compression.cc +0 -96
  932. data/src/core/lib/compression/compression_internal.cc +0 -249
  933. data/src/core/lib/compression/compression_internal.h +0 -93
  934. data/src/core/lib/compression/message_compress.cc +0 -194
  935. data/src/core/lib/compression/message_compress.h +0 -39
  936. data/src/core/lib/config/core_configuration.cc +0 -111
  937. data/src/core/lib/config/core_configuration.h +0 -243
  938. data/src/core/lib/debug/event_log.cc +0 -88
  939. data/src/core/lib/debug/event_log.h +0 -81
  940. data/src/core/lib/debug/histogram_view.cc +0 -69
  941. data/src/core/lib/debug/histogram_view.h +0 -37
  942. data/src/core/lib/debug/stats.cc +0 -68
  943. data/src/core/lib/debug/stats.h +0 -64
  944. data/src/core/lib/debug/stats_data.cc +0 -341
  945. data/src/core/lib/debug/stats_data.h +0 -292
  946. data/src/core/lib/debug/trace.cc +0 -153
  947. data/src/core/lib/debug/trace.h +0 -133
  948. data/src/core/lib/event_engine/channel_args_endpoint_config.cc +0 -40
  949. data/src/core/lib/event_engine/channel_args_endpoint_config.h +0 -49
  950. data/src/core/lib/event_engine/common_closures.h +0 -71
  951. data/src/core/lib/event_engine/default_event_engine.cc +0 -94
  952. data/src/core/lib/event_engine/default_event_engine.h +0 -49
  953. data/src/core/lib/event_engine/default_event_engine_factory.cc +0 -48
  954. data/src/core/lib/event_engine/default_event_engine_factory.h +0 -33
  955. data/src/core/lib/event_engine/executor/executor.h +0 -38
  956. data/src/core/lib/event_engine/forkable.cc +0 -101
  957. data/src/core/lib/event_engine/forkable.h +0 -61
  958. data/src/core/lib/event_engine/handle_containers.h +0 -67
  959. data/src/core/lib/event_engine/memory_allocator.cc +0 -74
  960. data/src/core/lib/event_engine/poller.h +0 -62
  961. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +0 -618
  962. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +0 -129
  963. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -901
  964. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +0 -97
  965. data/src/core/lib/event_engine/posix_engine/event_poller.h +0 -111
  966. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +0 -74
  967. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +0 -33
  968. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +0 -77
  969. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +0 -179
  970. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +0 -267
  971. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +0 -73
  972. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +0 -1270
  973. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +0 -682
  974. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +0 -577
  975. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -245
  976. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +0 -80
  977. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +0 -1081
  978. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -361
  979. data/src/core/lib/event_engine/posix_engine/timer.cc +0 -311
  980. data/src/core/lib/event_engine/posix_engine/timer.h +0 -194
  981. data/src/core/lib/event_engine/posix_engine/timer_heap.cc +0 -107
  982. data/src/core/lib/event_engine/posix_engine/timer_heap.h +0 -56
  983. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +0 -174
  984. data/src/core/lib/event_engine/posix_engine/timer_manager.h +0 -114
  985. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +0 -301
  986. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +0 -179
  987. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +0 -126
  988. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +0 -45
  989. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +0 -151
  990. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +0 -45
  991. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +0 -76
  992. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +0 -67
  993. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +0 -37
  994. data/src/core/lib/event_engine/resolved_address.cc +0 -41
  995. data/src/core/lib/event_engine/slice.cc +0 -103
  996. data/src/core/lib/event_engine/slice_buffer.cc +0 -50
  997. data/src/core/lib/event_engine/socket_notifier.h +0 -55
  998. data/src/core/lib/event_engine/thread_pool.cc +0 -276
  999. data/src/core/lib/event_engine/thread_pool.h +0 -137
  1000. data/src/core/lib/event_engine/time_util.cc +0 -30
  1001. data/src/core/lib/event_engine/time_util.h +0 -32
  1002. data/src/core/lib/event_engine/trace.cc +0 -18
  1003. data/src/core/lib/event_engine/trace.h +0 -30
  1004. data/src/core/lib/event_engine/utils.cc +0 -44
  1005. data/src/core/lib/event_engine/utils.h +0 -36
  1006. data/src/core/lib/event_engine/windows/iocp.cc +0 -155
  1007. data/src/core/lib/event_engine/windows/iocp.h +0 -69
  1008. data/src/core/lib/event_engine/windows/win_socket.cc +0 -196
  1009. data/src/core/lib/event_engine/windows/win_socket.h +0 -120
  1010. data/src/core/lib/event_engine/windows/windows_engine.cc +0 -165
  1011. data/src/core/lib/event_engine/windows/windows_engine.h +0 -124
  1012. data/src/core/lib/experiments/config.cc +0 -146
  1013. data/src/core/lib/experiments/config.h +0 -43
  1014. data/src/core/lib/experiments/experiments.cc +0 -86
  1015. data/src/core/lib/experiments/experiments.h +0 -63
  1016. data/src/core/lib/gpr/alloc.cc +0 -68
  1017. data/src/core/lib/gpr/alloc.h +0 -28
  1018. data/src/core/lib/gpr/atm.cc +0 -35
  1019. data/src/core/lib/gpr/cpu_iphone.cc +0 -44
  1020. data/src/core/lib/gpr/cpu_linux.cc +0 -86
  1021. data/src/core/lib/gpr/cpu_posix.cc +0 -83
  1022. data/src/core/lib/gpr/cpu_windows.cc +0 -33
  1023. data/src/core/lib/gpr/log.cc +0 -145
  1024. data/src/core/lib/gpr/log_android.cc +0 -77
  1025. data/src/core/lib/gpr/log_linux.cc +0 -113
  1026. data/src/core/lib/gpr/log_posix.cc +0 -110
  1027. data/src/core/lib/gpr/log_windows.cc +0 -115
  1028. data/src/core/lib/gpr/spinlock.h +0 -53
  1029. data/src/core/lib/gpr/string.cc +0 -343
  1030. data/src/core/lib/gpr/string.h +0 -112
  1031. data/src/core/lib/gpr/string_posix.cc +0 -72
  1032. data/src/core/lib/gpr/string_util_windows.cc +0 -55
  1033. data/src/core/lib/gpr/string_windows.cc +0 -69
  1034. data/src/core/lib/gpr/sync.cc +0 -124
  1035. data/src/core/lib/gpr/sync_abseil.cc +0 -100
  1036. data/src/core/lib/gpr/sync_posix.cc +0 -157
  1037. data/src/core/lib/gpr/sync_windows.cc +0 -120
  1038. data/src/core/lib/gpr/time.cc +0 -267
  1039. data/src/core/lib/gpr/time_posix.cc +0 -177
  1040. data/src/core/lib/gpr/time_precise.cc +0 -168
  1041. data/src/core/lib/gpr/time_precise.h +0 -70
  1042. data/src/core/lib/gpr/time_windows.cc +0 -102
  1043. data/src/core/lib/gpr/tmpfile.h +0 -32
  1044. data/src/core/lib/gpr/tmpfile_msys.cc +0 -58
  1045. data/src/core/lib/gpr/tmpfile_posix.cc +0 -70
  1046. data/src/core/lib/gpr/tmpfile_windows.cc +0 -67
  1047. data/src/core/lib/gpr/useful.h +0 -171
  1048. data/src/core/lib/gpr/wrap_memcpy.cc +0 -43
  1049. data/src/core/lib/gprpp/atomic_utils.h +0 -47
  1050. data/src/core/lib/gprpp/bitset.h +0 -201
  1051. data/src/core/lib/gprpp/chunked_vector.h +0 -257
  1052. data/src/core/lib/gprpp/construct_destruct.h +0 -40
  1053. data/src/core/lib/gprpp/cpp_impl_of.h +0 -49
  1054. data/src/core/lib/gprpp/debug_location.h +0 -87
  1055. data/src/core/lib/gprpp/dual_ref_counted.h +0 -327
  1056. data/src/core/lib/gprpp/env.h +0 -53
  1057. data/src/core/lib/gprpp/env_linux.cc +0 -80
  1058. data/src/core/lib/gprpp/env_posix.cc +0 -47
  1059. data/src/core/lib/gprpp/env_windows.cc +0 -56
  1060. data/src/core/lib/gprpp/examine_stack.cc +0 -43
  1061. data/src/core/lib/gprpp/examine_stack.h +0 -45
  1062. data/src/core/lib/gprpp/fork.cc +0 -233
  1063. data/src/core/lib/gprpp/fork.h +0 -95
  1064. data/src/core/lib/gprpp/global_config.h +0 -93
  1065. data/src/core/lib/gprpp/global_config_custom.h +0 -29
  1066. data/src/core/lib/gprpp/global_config_env.cc +0 -139
  1067. data/src/core/lib/gprpp/global_config_env.h +0 -133
  1068. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  1069. data/src/core/lib/gprpp/host_port.cc +0 -114
  1070. data/src/core/lib/gprpp/host_port.h +0 -56
  1071. data/src/core/lib/gprpp/load_file.cc +0 -75
  1072. data/src/core/lib/gprpp/load_file.h +0 -33
  1073. data/src/core/lib/gprpp/manual_constructor.h +0 -146
  1074. data/src/core/lib/gprpp/match.h +0 -75
  1075. data/src/core/lib/gprpp/memory.h +0 -53
  1076. data/src/core/lib/gprpp/mpscq.cc +0 -108
  1077. data/src/core/lib/gprpp/mpscq.h +0 -99
  1078. data/src/core/lib/gprpp/no_destruct.h +0 -94
  1079. data/src/core/lib/gprpp/notification.h +0 -67
  1080. data/src/core/lib/gprpp/orphanable.h +0 -122
  1081. data/src/core/lib/gprpp/overload.h +0 -59
  1082. data/src/core/lib/gprpp/packed_table.h +0 -40
  1083. data/src/core/lib/gprpp/per_cpu.h +0 -46
  1084. data/src/core/lib/gprpp/ref_counted.h +0 -349
  1085. data/src/core/lib/gprpp/ref_counted_ptr.h +0 -337
  1086. data/src/core/lib/gprpp/single_set_ptr.h +0 -87
  1087. data/src/core/lib/gprpp/sorted_pack.h +0 -98
  1088. data/src/core/lib/gprpp/stat.h +0 -36
  1089. data/src/core/lib/gprpp/stat_posix.cc +0 -55
  1090. data/src/core/lib/gprpp/stat_windows.cc +0 -49
  1091. data/src/core/lib/gprpp/status_helper.cc +0 -454
  1092. data/src/core/lib/gprpp/status_helper.h +0 -189
  1093. data/src/core/lib/gprpp/strerror.cc +0 -41
  1094. data/src/core/lib/gprpp/strerror.h +0 -29
  1095. data/src/core/lib/gprpp/sync.h +0 -200
  1096. data/src/core/lib/gprpp/table.h +0 -451
  1097. data/src/core/lib/gprpp/tchar.cc +0 -49
  1098. data/src/core/lib/gprpp/tchar.h +0 -33
  1099. data/src/core/lib/gprpp/thd.h +0 -171
  1100. data/src/core/lib/gprpp/thd_posix.cc +0 -211
  1101. data/src/core/lib/gprpp/thd_windows.cc +0 -172
  1102. data/src/core/lib/gprpp/time.cc +0 -234
  1103. data/src/core/lib/gprpp/time.h +0 -367
  1104. data/src/core/lib/gprpp/time_averaged_stats.cc +0 -60
  1105. data/src/core/lib/gprpp/time_averaged_stats.h +0 -79
  1106. data/src/core/lib/gprpp/time_util.cc +0 -81
  1107. data/src/core/lib/gprpp/time_util.h +0 -42
  1108. data/src/core/lib/gprpp/unique_type_name.h +0 -104
  1109. data/src/core/lib/gprpp/validation_errors.cc +0 -61
  1110. data/src/core/lib/gprpp/validation_errors.h +0 -127
  1111. data/src/core/lib/gprpp/work_serializer.cc +0 -247
  1112. data/src/core/lib/gprpp/work_serializer.h +0 -86
  1113. data/src/core/lib/handshaker/proxy_mapper.h +0 -53
  1114. data/src/core/lib/handshaker/proxy_mapper_registry.cc +0 -71
  1115. data/src/core/lib/handshaker/proxy_mapper_registry.h +0 -75
  1116. data/src/core/lib/http/format_request.cc +0 -137
  1117. data/src/core/lib/http/format_request.h +0 -38
  1118. data/src/core/lib/http/httpcli.cc +0 -393
  1119. data/src/core/lib/http/httpcli.h +0 -272
  1120. data/src/core/lib/http/httpcli_security_connector.cc +0 -213
  1121. data/src/core/lib/http/httpcli_ssl_credentials.h +0 -39
  1122. data/src/core/lib/http/parser.cc +0 -451
  1123. data/src/core/lib/http/parser.h +0 -130
  1124. data/src/core/lib/iomgr/block_annotate.h +0 -57
  1125. data/src/core/lib/iomgr/buffer_list.cc +0 -296
  1126. data/src/core/lib/iomgr/buffer_list.h +0 -179
  1127. data/src/core/lib/iomgr/call_combiner.cc +0 -258
  1128. data/src/core/lib/iomgr/call_combiner.h +0 -214
  1129. data/src/core/lib/iomgr/cfstream_handle.cc +0 -207
  1130. data/src/core/lib/iomgr/cfstream_handle.h +0 -90
  1131. data/src/core/lib/iomgr/closure.h +0 -310
  1132. data/src/core/lib/iomgr/combiner.cc +0 -330
  1133. data/src/core/lib/iomgr/combiner.h +0 -89
  1134. data/src/core/lib/iomgr/dualstack_socket_posix.cc +0 -48
  1135. data/src/core/lib/iomgr/dynamic_annotations.h +0 -67
  1136. data/src/core/lib/iomgr/endpoint.cc +0 -67
  1137. data/src/core/lib/iomgr/endpoint.h +0 -109
  1138. data/src/core/lib/iomgr/endpoint_cfstream.cc +0 -376
  1139. data/src/core/lib/iomgr/endpoint_cfstream.h +0 -49
  1140. data/src/core/lib/iomgr/endpoint_pair.h +0 -34
  1141. data/src/core/lib/iomgr/endpoint_pair_posix.cc +0 -81
  1142. data/src/core/lib/iomgr/endpoint_pair_windows.cc +0 -86
  1143. data/src/core/lib/iomgr/error.cc +0 -202
  1144. data/src/core/lib/iomgr/error.h +0 -169
  1145. data/src/core/lib/iomgr/error_cfstream.cc +0 -54
  1146. data/src/core/lib/iomgr/error_cfstream.h +0 -31
  1147. data/src/core/lib/iomgr/ev_apple.cc +0 -360
  1148. data/src/core/lib/iomgr/ev_apple.h +0 -43
  1149. data/src/core/lib/iomgr/ev_epoll1_linux.cc +0 -1368
  1150. data/src/core/lib/iomgr/ev_epoll1_linux.h +0 -31
  1151. data/src/core/lib/iomgr/ev_poll_posix.cc +0 -1444
  1152. data/src/core/lib/iomgr/ev_poll_posix.h +0 -29
  1153. data/src/core/lib/iomgr/ev_posix.cc +0 -375
  1154. data/src/core/lib/iomgr/ev_posix.h +0 -209
  1155. data/src/core/lib/iomgr/ev_windows.cc +0 -30
  1156. data/src/core/lib/iomgr/exec_ctx.cc +0 -132
  1157. data/src/core/lib/iomgr/exec_ctx.h +0 -333
  1158. data/src/core/lib/iomgr/executor.cc +0 -450
  1159. data/src/core/lib/iomgr/executor.h +0 -119
  1160. data/src/core/lib/iomgr/fork_posix.cc +0 -120
  1161. data/src/core/lib/iomgr/fork_windows.cc +0 -41
  1162. data/src/core/lib/iomgr/gethostname.h +0 -26
  1163. data/src/core/lib/iomgr/gethostname_fallback.cc +0 -30
  1164. data/src/core/lib/iomgr/gethostname_host_name_max.cc +0 -40
  1165. data/src/core/lib/iomgr/gethostname_sysconf.cc +0 -40
  1166. data/src/core/lib/iomgr/grpc_if_nametoindex.h +0 -30
  1167. data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +0 -42
  1168. data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +0 -38
  1169. data/src/core/lib/iomgr/internal_errqueue.cc +0 -61
  1170. data/src/core/lib/iomgr/internal_errqueue.h +0 -186
  1171. data/src/core/lib/iomgr/iocp_windows.cc +0 -158
  1172. data/src/core/lib/iomgr/iocp_windows.h +0 -48
  1173. data/src/core/lib/iomgr/iomgr.cc +0 -200
  1174. data/src/core/lib/iomgr/iomgr.h +0 -60
  1175. data/src/core/lib/iomgr/iomgr_fwd.h +0 -26
  1176. data/src/core/lib/iomgr/iomgr_internal.cc +0 -53
  1177. data/src/core/lib/iomgr/iomgr_internal.h +0 -74
  1178. data/src/core/lib/iomgr/iomgr_posix.cc +0 -91
  1179. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -202
  1180. data/src/core/lib/iomgr/iomgr_windows.cc +0 -106
  1181. data/src/core/lib/iomgr/load_file.cc +0 -77
  1182. data/src/core/lib/iomgr/load_file.h +0 -35
  1183. data/src/core/lib/iomgr/lockfree_event.cc +0 -261
  1184. data/src/core/lib/iomgr/lockfree_event.h +0 -72
  1185. data/src/core/lib/iomgr/nameser.h +0 -106
  1186. data/src/core/lib/iomgr/polling_entity.cc +0 -96
  1187. data/src/core/lib/iomgr/polling_entity.h +0 -74
  1188. data/src/core/lib/iomgr/pollset.cc +0 -56
  1189. data/src/core/lib/iomgr/pollset.h +0 -99
  1190. data/src/core/lib/iomgr/pollset_set.cc +0 -55
  1191. data/src/core/lib/iomgr/pollset_set.h +0 -53
  1192. data/src/core/lib/iomgr/pollset_set_windows.cc +0 -52
  1193. data/src/core/lib/iomgr/pollset_set_windows.h +0 -26
  1194. data/src/core/lib/iomgr/pollset_windows.cc +0 -243
  1195. data/src/core/lib/iomgr/pollset_windows.h +0 -70
  1196. data/src/core/lib/iomgr/port.h +0 -238
  1197. data/src/core/lib/iomgr/python_util.h +0 -47
  1198. data/src/core/lib/iomgr/resolve_address.cc +0 -49
  1199. data/src/core/lib/iomgr/resolve_address.h +0 -116
  1200. data/src/core/lib/iomgr/resolve_address_impl.h +0 -59
  1201. data/src/core/lib/iomgr/resolve_address_posix.cc +0 -204
  1202. data/src/core/lib/iomgr/resolve_address_posix.h +0 -63
  1203. data/src/core/lib/iomgr/resolve_address_windows.cc +0 -196
  1204. data/src/core/lib/iomgr/resolve_address_windows.h +0 -63
  1205. data/src/core/lib/iomgr/resolved_address.h +0 -39
  1206. data/src/core/lib/iomgr/sockaddr.h +0 -32
  1207. data/src/core/lib/iomgr/sockaddr_posix.h +0 -57
  1208. data/src/core/lib/iomgr/sockaddr_utils_posix.cc +0 -63
  1209. data/src/core/lib/iomgr/sockaddr_windows.h +0 -57
  1210. data/src/core/lib/iomgr/socket_factory_posix.cc +0 -95
  1211. data/src/core/lib/iomgr/socket_factory_posix.h +0 -69
  1212. data/src/core/lib/iomgr/socket_mutator.cc +0 -97
  1213. data/src/core/lib/iomgr/socket_mutator.h +0 -84
  1214. data/src/core/lib/iomgr/socket_utils.h +0 -47
  1215. data/src/core/lib/iomgr/socket_utils_common_posix.cc +0 -478
  1216. data/src/core/lib/iomgr/socket_utils_linux.cc +0 -42
  1217. data/src/core/lib/iomgr/socket_utils_posix.cc +0 -141
  1218. data/src/core/lib/iomgr/socket_utils_posix.h +0 -255
  1219. data/src/core/lib/iomgr/socket_utils_windows.cc +0 -47
  1220. data/src/core/lib/iomgr/socket_windows.cc +0 -202
  1221. data/src/core/lib/iomgr/socket_windows.h +0 -125
  1222. data/src/core/lib/iomgr/tcp_client.cc +0 -40
  1223. data/src/core/lib/iomgr/tcp_client.h +0 -66
  1224. data/src/core/lib/iomgr/tcp_client_cfstream.cc +0 -207
  1225. data/src/core/lib/iomgr/tcp_client_posix.cc +0 -469
  1226. data/src/core/lib/iomgr/tcp_client_posix.h +0 -72
  1227. data/src/core/lib/iomgr/tcp_client_windows.cc +0 -239
  1228. data/src/core/lib/iomgr/tcp_posix.cc +0 -2059
  1229. data/src/core/lib/iomgr/tcp_posix.h +0 -67
  1230. data/src/core/lib/iomgr/tcp_server.cc +0 -78
  1231. data/src/core/lib/iomgr/tcp_server.h +0 -150
  1232. data/src/core/lib/iomgr/tcp_server_posix.cc +0 -653
  1233. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -129
  1234. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -224
  1235. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +0 -178
  1236. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +0 -36
  1237. data/src/core/lib/iomgr/tcp_server_windows.cc +0 -565
  1238. data/src/core/lib/iomgr/tcp_windows.cc +0 -527
  1239. data/src/core/lib/iomgr/tcp_windows.h +0 -52
  1240. data/src/core/lib/iomgr/timer.cc +0 -46
  1241. data/src/core/lib/iomgr/timer.h +0 -136
  1242. data/src/core/lib/iomgr/timer_generic.cc +0 -729
  1243. data/src/core/lib/iomgr/timer_generic.h +0 -40
  1244. data/src/core/lib/iomgr/timer_heap.cc +0 -134
  1245. data/src/core/lib/iomgr/timer_heap.h +0 -43
  1246. data/src/core/lib/iomgr/timer_manager.cc +0 -363
  1247. data/src/core/lib/iomgr/timer_manager.h +0 -41
  1248. data/src/core/lib/iomgr/unix_sockets_posix.cc +0 -94
  1249. data/src/core/lib/iomgr/unix_sockets_posix.h +0 -46
  1250. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +0 -53
  1251. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +0 -81
  1252. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +0 -39
  1253. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +0 -101
  1254. data/src/core/lib/iomgr/wakeup_fd_pipe.h +0 -28
  1255. data/src/core/lib/iomgr/wakeup_fd_posix.cc +0 -73
  1256. data/src/core/lib/iomgr/wakeup_fd_posix.h +0 -96
  1257. data/src/core/lib/json/json.h +0 -246
  1258. data/src/core/lib/json/json_args.h +0 -34
  1259. data/src/core/lib/json/json_channel_args.h +0 -42
  1260. data/src/core/lib/json/json_object_loader.cc +0 -207
  1261. data/src/core/lib/json/json_object_loader.h +0 -620
  1262. data/src/core/lib/json/json_reader.cc +0 -929
  1263. data/src/core/lib/json/json_util.cc +0 -106
  1264. data/src/core/lib/json/json_util.h +0 -163
  1265. data/src/core/lib/json/json_writer.cc +0 -340
  1266. data/src/core/lib/load_balancing/lb_policy.cc +0 -93
  1267. data/src/core/lib/load_balancing/lb_policy.h +0 -439
  1268. data/src/core/lib/load_balancing/lb_policy_factory.h +0 -49
  1269. data/src/core/lib/load_balancing/lb_policy_registry.cc +0 -141
  1270. data/src/core/lib/load_balancing/lb_policy_registry.h +0 -82
  1271. data/src/core/lib/load_balancing/subchannel_interface.h +0 -133
  1272. data/src/core/lib/matchers/matchers.cc +0 -329
  1273. data/src/core/lib/matchers/matchers.h +0 -162
  1274. data/src/core/lib/promise/activity.cc +0 -134
  1275. data/src/core/lib/promise/activity.h +0 -604
  1276. data/src/core/lib/promise/arena_promise.h +0 -230
  1277. data/src/core/lib/promise/context.h +0 -92
  1278. data/src/core/lib/promise/detail/basic_seq.h +0 -497
  1279. data/src/core/lib/promise/detail/promise_factory.h +0 -235
  1280. data/src/core/lib/promise/detail/promise_like.h +0 -85
  1281. data/src/core/lib/promise/detail/status.h +0 -78
  1282. data/src/core/lib/promise/detail/switch.h +0 -1455
  1283. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +0 -50
  1284. data/src/core/lib/promise/for_each.h +0 -129
  1285. data/src/core/lib/promise/intra_activity_waiter.h +0 -49
  1286. data/src/core/lib/promise/latch.h +0 -103
  1287. data/src/core/lib/promise/loop.h +0 -138
  1288. data/src/core/lib/promise/map.h +0 -87
  1289. data/src/core/lib/promise/map_pipe.h +0 -87
  1290. data/src/core/lib/promise/pipe.cc +0 -19
  1291. data/src/core/lib/promise/pipe.h +0 -505
  1292. data/src/core/lib/promise/poll.h +0 -79
  1293. data/src/core/lib/promise/promise.h +0 -96
  1294. data/src/core/lib/promise/race.h +0 -83
  1295. data/src/core/lib/promise/seq.h +0 -106
  1296. data/src/core/lib/promise/sleep.cc +0 -90
  1297. data/src/core/lib/promise/sleep.h +0 -84
  1298. data/src/core/lib/promise/try_concurrently.h +0 -341
  1299. data/src/core/lib/promise/try_seq.h +0 -174
  1300. data/src/core/lib/resolver/resolver.cc +0 -37
  1301. data/src/core/lib/resolver/resolver.h +0 -138
  1302. data/src/core/lib/resolver/resolver_factory.h +0 -77
  1303. data/src/core/lib/resolver/resolver_registry.cc +0 -149
  1304. data/src/core/lib/resolver/resolver_registry.h +0 -123
  1305. data/src/core/lib/resolver/server_address.cc +0 -181
  1306. data/src/core/lib/resolver/server_address.h +0 -145
  1307. data/src/core/lib/resource_quota/api.cc +0 -104
  1308. data/src/core/lib/resource_quota/api.h +0 -49
  1309. data/src/core/lib/resource_quota/arena.cc +0 -138
  1310. data/src/core/lib/resource_quota/arena.h +0 -252
  1311. data/src/core/lib/resource_quota/memory_quota.cc +0 -603
  1312. data/src/core/lib/resource_quota/memory_quota.h +0 -530
  1313. data/src/core/lib/resource_quota/periodic_update.cc +0 -78
  1314. data/src/core/lib/resource_quota/periodic_update.h +0 -71
  1315. data/src/core/lib/resource_quota/resource_quota.cc +0 -33
  1316. data/src/core/lib/resource_quota/resource_quota.h +0 -74
  1317. data/src/core/lib/resource_quota/thread_quota.cc +0 -45
  1318. data/src/core/lib/resource_quota/thread_quota.h +0 -61
  1319. data/src/core/lib/resource_quota/trace.cc +0 -19
  1320. data/src/core/lib/resource_quota/trace.h +0 -24
  1321. data/src/core/lib/security/authorization/authorization_engine.h +0 -44
  1322. data/src/core/lib/security/authorization/authorization_policy_provider.h +0 -47
  1323. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +0 -50
  1324. data/src/core/lib/security/authorization/evaluate_args.cc +0 -221
  1325. data/src/core/lib/security/authorization/evaluate_args.h +0 -95
  1326. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +0 -64
  1327. data/src/core/lib/security/authorization/grpc_authorization_engine.h +0 -69
  1328. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +0 -122
  1329. data/src/core/lib/security/authorization/grpc_server_authz_filter.h +0 -61
  1330. data/src/core/lib/security/authorization/matchers.cc +0 -241
  1331. data/src/core/lib/security/authorization/matchers.h +0 -218
  1332. data/src/core/lib/security/authorization/rbac_policy.cc +0 -445
  1333. data/src/core/lib/security/authorization/rbac_policy.h +0 -178
  1334. data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +0 -66
  1335. data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +0 -60
  1336. data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +0 -70
  1337. data/src/core/lib/security/context/security_context.cc +0 -330
  1338. data/src/core/lib/security/context/security_context.h +0 -181
  1339. data/src/core/lib/security/credentials/alts/alts_credentials.cc +0 -119
  1340. data/src/core/lib/security/credentials/alts/alts_credentials.h +0 -123
  1341. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +0 -72
  1342. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +0 -57
  1343. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +0 -68
  1344. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +0 -33
  1345. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +0 -102
  1346. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +0 -125
  1347. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +0 -46
  1348. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +0 -75
  1349. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +0 -56
  1350. data/src/core/lib/security/credentials/call_creds_util.cc +0 -97
  1351. data/src/core/lib/security/credentials/call_creds_util.h +0 -43
  1352. data/src/core/lib/security/credentials/channel_creds_registry.h +0 -103
  1353. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +0 -80
  1354. data/src/core/lib/security/credentials/composite/composite_credentials.cc +0 -171
  1355. data/src/core/lib/security/credentials/composite/composite_credentials.h +0 -132
  1356. data/src/core/lib/security/credentials/credentials.cc +0 -159
  1357. data/src/core/lib/security/credentials/credentials.h +0 -298
  1358. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +0 -546
  1359. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +0 -100
  1360. data/src/core/lib/security/credentials/external/aws_request_signer.cc +0 -224
  1361. data/src/core/lib/security/credentials/external/aws_request_signer.h +0 -72
  1362. data/src/core/lib/security/credentials/external/external_account_credentials.cc +0 -561
  1363. data/src/core/lib/security/credentials/external/external_account_credentials.h +0 -129
  1364. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -138
  1365. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +0 -55
  1366. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +0 -242
  1367. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +0 -71
  1368. data/src/core/lib/security/credentials/fake/fake_credentials.cc +0 -113
  1369. data/src/core/lib/security/credentials/fake/fake_credentials.h +0 -96
  1370. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +0 -40
  1371. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -503
  1372. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +0 -100
  1373. data/src/core/lib/security/credentials/iam/iam_credentials.cc +0 -83
  1374. data/src/core/lib/security/credentials/iam/iam_credentials.h +0 -65
  1375. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +0 -73
  1376. data/src/core/lib/security/credentials/insecure/insecure_credentials.h +0 -61
  1377. data/src/core/lib/security/credentials/jwt/json_token.cc +0 -297
  1378. data/src/core/lib/security/credentials/jwt/json_token.h +0 -76
  1379. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +0 -183
  1380. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +0 -107
  1381. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -957
  1382. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +0 -124
  1383. data/src/core/lib/security/credentials/local/local_credentials.cc +0 -71
  1384. data/src/core/lib/security/credentials/local/local_credentials.h +0 -77
  1385. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +0 -745
  1386. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +0 -220
  1387. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -215
  1388. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +0 -125
  1389. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +0 -381
  1390. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -131
  1391. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +0 -340
  1392. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +0 -216
  1393. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +0 -472
  1394. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +0 -206
  1395. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +0 -241
  1396. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +0 -168
  1397. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +0 -122
  1398. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +0 -117
  1399. data/src/core/lib/security/credentials/tls/tls_credentials.cc +0 -150
  1400. data/src/core/lib/security/credentials/tls/tls_credentials.h +0 -71
  1401. data/src/core/lib/security/credentials/tls/tls_utils.cc +0 -127
  1402. data/src/core/lib/security/credentials/tls/tls_utils.h +0 -51
  1403. data/src/core/lib/security/credentials/xds/xds_credentials.cc +0 -236
  1404. data/src/core/lib/security/credentials/xds/xds_credentials.h +0 -114
  1405. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +0 -312
  1406. data/src/core/lib/security/security_connector/alts/alts_security_connector.h +0 -79
  1407. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +0 -315
  1408. data/src/core/lib/security/security_connector/fake/fake_security_connector.h +0 -43
  1409. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +0 -120
  1410. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +0 -104
  1411. data/src/core/lib/security/security_connector/load_system_roots.h +0 -33
  1412. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +0 -35
  1413. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +0 -175
  1414. data/src/core/lib/security/security_connector/load_system_roots_supported.h +0 -46
  1415. data/src/core/lib/security/security_connector/local/local_security_connector.cc +0 -306
  1416. data/src/core/lib/security/security_connector/local/local_security_connector.h +0 -63
  1417. data/src/core/lib/security/security_connector/security_connector.cc +0 -127
  1418. data/src/core/lib/security/security_connector/security_connector.h +0 -201
  1419. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +0 -458
  1420. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +0 -83
  1421. data/src/core/lib/security/security_connector/ssl_utils.cc +0 -625
  1422. data/src/core/lib/security/security_connector/ssl_utils.h +0 -187
  1423. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  1424. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -30
  1425. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +0 -828
  1426. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +0 -286
  1427. data/src/core/lib/security/transport/auth_filters.h +0 -76
  1428. data/src/core/lib/security/transport/client_auth_filter.cc +0 -227
  1429. data/src/core/lib/security/transport/secure_endpoint.cc +0 -566
  1430. data/src/core/lib/security/transport/secure_endpoint.h +0 -43
  1431. data/src/core/lib/security/transport/security_handshaker.cc +0 -673
  1432. data/src/core/lib/security/transport/security_handshaker.h +0 -51
  1433. data/src/core/lib/security/transport/server_auth_filter.cc +0 -360
  1434. data/src/core/lib/security/transport/tsi_error.cc +0 -31
  1435. data/src/core/lib/security/transport/tsi_error.h +0 -30
  1436. data/src/core/lib/security/util/json_util.cc +0 -70
  1437. data/src/core/lib/security/util/json_util.h +0 -43
  1438. data/src/core/lib/service_config/service_config.h +0 -89
  1439. data/src/core/lib/service_config/service_config_call_data.h +0 -76
  1440. data/src/core/lib/service_config/service_config_impl.cc +0 -191
  1441. data/src/core/lib/service_config/service_config_impl.h +0 -125
  1442. data/src/core/lib/service_config/service_config_parser.cc +0 -81
  1443. data/src/core/lib/service_config/service_config_parser.h +0 -105
  1444. data/src/core/lib/slice/b64.cc +0 -239
  1445. data/src/core/lib/slice/b64.h +0 -52
  1446. data/src/core/lib/slice/percent_encoding.cc +0 -150
  1447. data/src/core/lib/slice/percent_encoding.h +0 -54
  1448. data/src/core/lib/slice/slice.cc +0 -502
  1449. data/src/core/lib/slice/slice.h +0 -402
  1450. data/src/core/lib/slice/slice_buffer.cc +0 -472
  1451. data/src/core/lib/slice/slice_buffer.h +0 -137
  1452. data/src/core/lib/slice/slice_internal.h +0 -97
  1453. data/src/core/lib/slice/slice_refcount.h +0 -60
  1454. data/src/core/lib/slice/slice_string_helpers.cc +0 -28
  1455. data/src/core/lib/slice/slice_string_helpers.h +0 -31
  1456. data/src/core/lib/surface/api_trace.cc +0 -25
  1457. data/src/core/lib/surface/api_trace.h +0 -53
  1458. data/src/core/lib/surface/builtins.cc +0 -54
  1459. data/src/core/lib/surface/builtins.h +0 -26
  1460. data/src/core/lib/surface/byte_buffer.cc +0 -97
  1461. data/src/core/lib/surface/byte_buffer_reader.cc +0 -101
  1462. data/src/core/lib/surface/call.cc +0 -3043
  1463. data/src/core/lib/surface/call.h +0 -179
  1464. data/src/core/lib/surface/call_details.cc +0 -41
  1465. data/src/core/lib/surface/call_log_batch.cc +0 -117
  1466. data/src/core/lib/surface/call_test_only.h +0 -46
  1467. data/src/core/lib/surface/call_trace.cc +0 -113
  1468. data/src/core/lib/surface/call_trace.h +0 -30
  1469. data/src/core/lib/surface/channel.cc +0 -437
  1470. data/src/core/lib/surface/channel.h +0 -214
  1471. data/src/core/lib/surface/channel_init.cc +0 -55
  1472. data/src/core/lib/surface/channel_init.h +0 -84
  1473. data/src/core/lib/surface/channel_ping.cc +0 -69
  1474. data/src/core/lib/surface/channel_stack_type.cc +0 -61
  1475. data/src/core/lib/surface/channel_stack_type.h +0 -47
  1476. data/src/core/lib/surface/completion_queue.cc +0 -1411
  1477. data/src/core/lib/surface/completion_queue.h +0 -100
  1478. data/src/core/lib/surface/completion_queue_factory.cc +0 -94
  1479. data/src/core/lib/surface/completion_queue_factory.h +0 -37
  1480. data/src/core/lib/surface/event_string.cc +0 -56
  1481. data/src/core/lib/surface/event_string.h +0 -31
  1482. data/src/core/lib/surface/init.cc +0 -229
  1483. data/src/core/lib/surface/init.h +0 -25
  1484. data/src/core/lib/surface/init_internally.cc +0 -24
  1485. data/src/core/lib/surface/init_internally.h +0 -36
  1486. data/src/core/lib/surface/lame_client.cc +0 -154
  1487. data/src/core/lib/surface/lame_client.h +0 -71
  1488. data/src/core/lib/surface/metadata_array.cc +0 -38
  1489. data/src/core/lib/surface/server.cc +0 -1555
  1490. data/src/core/lib/surface/server.h +0 -525
  1491. data/src/core/lib/surface/validate_metadata.cc +0 -122
  1492. data/src/core/lib/surface/validate_metadata.h +0 -48
  1493. data/src/core/lib/surface/version.cc +0 -28
  1494. data/src/core/lib/transport/bdp_estimator.cc +0 -86
  1495. data/src/core/lib/transport/bdp_estimator.h +0 -94
  1496. data/src/core/lib/transport/connectivity_state.cc +0 -189
  1497. data/src/core/lib/transport/connectivity_state.h +0 -144
  1498. data/src/core/lib/transport/error_utils.cc +0 -171
  1499. data/src/core/lib/transport/error_utils.h +0 -63
  1500. data/src/core/lib/transport/handshaker.cc +0 -225
  1501. data/src/core/lib/transport/handshaker.h +0 -167
  1502. data/src/core/lib/transport/handshaker_factory.h +0 -74
  1503. data/src/core/lib/transport/handshaker_registry.cc +0 -61
  1504. data/src/core/lib/transport/handshaker_registry.h +0 -69
  1505. data/src/core/lib/transport/http2_errors.h +0 -41
  1506. data/src/core/lib/transport/http_connect_handshaker.cc +0 -400
  1507. data/src/core/lib/transport/http_connect_handshaker.h +0 -42
  1508. data/src/core/lib/transport/metadata_batch.cc +0 -291
  1509. data/src/core/lib/transport/metadata_batch.h +0 -1326
  1510. data/src/core/lib/transport/parsed_metadata.cc +0 -35
  1511. data/src/core/lib/transport/parsed_metadata.h +0 -409
  1512. data/src/core/lib/transport/pid_controller.cc +0 -51
  1513. data/src/core/lib/transport/pid_controller.h +0 -116
  1514. data/src/core/lib/transport/status_conversion.cc +0 -92
  1515. data/src/core/lib/transport/status_conversion.h +0 -38
  1516. data/src/core/lib/transport/tcp_connect_handshaker.cc +0 -246
  1517. data/src/core/lib/transport/tcp_connect_handshaker.h +0 -39
  1518. data/src/core/lib/transport/timeout_encoding.cc +0 -284
  1519. data/src/core/lib/transport/timeout_encoding.h +0 -72
  1520. data/src/core/lib/transport/transport.cc +0 -285
  1521. data/src/core/lib/transport/transport.h +0 -590
  1522. data/src/core/lib/transport/transport_fwd.h +0 -20
  1523. data/src/core/lib/transport/transport_impl.h +0 -95
  1524. data/src/core/lib/transport/transport_op_string.cc +0 -147
  1525. data/src/core/lib/uri/uri_parser.cc +0 -373
  1526. data/src/core/lib/uri/uri_parser.h +0 -101
  1527. data/src/core/plugin_registry/grpc_plugin_registry.cc +0 -113
  1528. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +0 -61
  1529. data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -690
  1530. data/src/core/tsi/alts/crypt/gsec.cc +0 -190
  1531. data/src/core/tsi/alts/crypt/gsec.h +0 -459
  1532. data/src/core/tsi/alts/frame_protector/alts_counter.cc +0 -118
  1533. data/src/core/tsi/alts/frame_protector/alts_counter.h +0 -98
  1534. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +0 -66
  1535. data/src/core/tsi/alts/frame_protector/alts_crypter.h +0 -255
  1536. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +0 -408
  1537. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +0 -55
  1538. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +0 -114
  1539. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +0 -114
  1540. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +0 -105
  1541. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +0 -103
  1542. data/src/core/tsi/alts/frame_protector/frame_handler.cc +0 -219
  1543. data/src/core/tsi/alts/frame_protector/frame_handler.h +0 -236
  1544. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +0 -927
  1545. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +0 -160
  1546. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +0 -91
  1547. data/src/core/tsi/alts/handshaker/alts_shared_resource.h +0 -73
  1548. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +0 -720
  1549. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +0 -104
  1550. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +0 -89
  1551. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +0 -65
  1552. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +0 -53
  1553. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +0 -223
  1554. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +0 -171
  1555. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +0 -226
  1556. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +0 -54
  1557. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +0 -145
  1558. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +0 -49
  1559. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +0 -91
  1560. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +0 -174
  1561. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +0 -99
  1562. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +0 -478
  1563. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +0 -199
  1564. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +0 -315
  1565. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +0 -57
  1566. data/src/core/tsi/fake_transport_security.cc +0 -844
  1567. data/src/core/tsi/fake_transport_security.h +0 -53
  1568. data/src/core/tsi/local_transport_security.cc +0 -174
  1569. data/src/core/tsi/local_transport_security.h +0 -47
  1570. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +0 -145
  1571. data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +0 -81
  1572. data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -71
  1573. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +0 -59
  1574. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -179
  1575. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -99
  1576. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +0 -81
  1577. data/src/core/tsi/ssl_transport_security.cc +0 -2441
  1578. data/src/core/tsi/ssl_transport_security.h +0 -405
  1579. data/src/core/tsi/ssl_types.h +0 -42
  1580. data/src/core/tsi/transport_security.cc +0 -396
  1581. data/src/core/tsi/transport_security.h +0 -143
  1582. data/src/core/tsi/transport_security_grpc.cc +0 -74
  1583. data/src/core/tsi/transport_security_grpc.h +0 -83
  1584. data/src/core/tsi/transport_security_interface.h +0 -521
  1585. data/third_party/abseil-cpp/absl/algorithm/algorithm.h +0 -159
  1586. data/third_party/abseil-cpp/absl/algorithm/container.h +0 -1774
  1587. data/third_party/abseil-cpp/absl/base/attributes.h +0 -762
  1588. data/third_party/abseil-cpp/absl/base/call_once.h +0 -219
  1589. data/third_party/abseil-cpp/absl/base/casts.h +0 -180
  1590. data/third_party/abseil-cpp/absl/base/config.h +0 -913
  1591. data/third_party/abseil-cpp/absl/base/const_init.h +0 -76
  1592. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +0 -471
  1593. data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +0 -200
  1594. data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +0 -77
  1595. data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +0 -159
  1596. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +0 -169
  1597. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +0 -398
  1598. data/third_party/abseil-cpp/absl/base/internal/endian.h +0 -282
  1599. data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +0 -43
  1600. data/third_party/abseil-cpp/absl/base/internal/fast_type_id.h +0 -50
  1601. data/third_party/abseil-cpp/absl/base/internal/hide_ptr.h +0 -51
  1602. data/third_party/abseil-cpp/absl/base/internal/identity.h +0 -37
  1603. data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +0 -107
  1604. data/third_party/abseil-cpp/absl/base/internal/invoke.h +0 -241
  1605. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +0 -620
  1606. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +0 -126
  1607. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +0 -134
  1608. data/third_party/abseil-cpp/absl/base/internal/per_thread_tls.h +0 -52
  1609. data/third_party/abseil-cpp/absl/base/internal/prefetch.h +0 -138
  1610. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +0 -249
  1611. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +0 -196
  1612. data/third_party/abseil-cpp/absl/base/internal/scheduling_mode.h +0 -58
  1613. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +0 -232
  1614. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +0 -256
  1615. data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +0 -35
  1616. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +0 -71
  1617. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +0 -46
  1618. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.cc +0 -81
  1619. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +0 -95
  1620. data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +0 -37
  1621. data/third_party/abseil-cpp/absl/base/internal/strerror.cc +0 -88
  1622. data/third_party/abseil-cpp/absl/base/internal/strerror.h +0 -39
  1623. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +0 -507
  1624. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +0 -74
  1625. data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +0 -271
  1626. data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +0 -156
  1627. data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +0 -265
  1628. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +0 -212
  1629. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.h +0 -75
  1630. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +0 -68
  1631. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +0 -82
  1632. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -153
  1633. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +0 -133
  1634. data/third_party/abseil-cpp/absl/base/log_severity.cc +0 -55
  1635. data/third_party/abseil-cpp/absl/base/log_severity.h +0 -172
  1636. data/third_party/abseil-cpp/absl/base/macros.h +0 -158
  1637. data/third_party/abseil-cpp/absl/base/optimization.h +0 -252
  1638. data/third_party/abseil-cpp/absl/base/options.h +0 -238
  1639. data/third_party/abseil-cpp/absl/base/policy_checks.h +0 -111
  1640. data/third_party/abseil-cpp/absl/base/port.h +0 -25
  1641. data/third_party/abseil-cpp/absl/base/thread_annotations.h +0 -335
  1642. data/third_party/abseil-cpp/absl/cleanup/cleanup.h +0 -140
  1643. data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +0 -100
  1644. data/third_party/abseil-cpp/absl/container/fixed_array.h +0 -529
  1645. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +0 -613
  1646. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -510
  1647. data/third_party/abseil-cpp/absl/container/inlined_vector.h +0 -866
  1648. data/third_party/abseil-cpp/absl/container/internal/common.h +0 -207
  1649. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +0 -290
  1650. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +0 -442
  1651. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +0 -163
  1652. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +0 -208
  1653. data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +0 -85
  1654. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +0 -238
  1655. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +0 -299
  1656. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +0 -31
  1657. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +0 -953
  1658. data/third_party/abseil-cpp/absl/container/internal/layout.h +0 -743
  1659. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +0 -198
  1660. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +0 -71
  1661. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +0 -2365
  1662. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +0 -96
  1663. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +0 -32
  1664. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +0 -1959
  1665. data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +0 -71
  1666. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +0 -387
  1667. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +0 -139
  1668. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +0 -204
  1669. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +0 -139
  1670. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +0 -88
  1671. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_emscripten-inl.inc +0 -110
  1672. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +0 -108
  1673. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +0 -258
  1674. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +0 -236
  1675. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +0 -24
  1676. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +0 -93
  1677. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +0 -369
  1678. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +0 -153
  1679. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -204
  1680. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +0 -158
  1681. data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +0 -142
  1682. data/third_party/abseil-cpp/absl/debugging/stacktrace.h +0 -231
  1683. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +0 -43
  1684. data/third_party/abseil-cpp/absl/debugging/symbolize.h +0 -99
  1685. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +0 -101
  1686. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +0 -1613
  1687. data/third_party/abseil-cpp/absl/debugging/symbolize_emscripten.inc +0 -72
  1688. data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +0 -40
  1689. data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +0 -81
  1690. data/third_party/abseil-cpp/absl/functional/any_invocable.h +0 -313
  1691. data/third_party/abseil-cpp/absl/functional/bind_front.h +0 -193
  1692. data/third_party/abseil-cpp/absl/functional/function_ref.h +0 -143
  1693. data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +0 -857
  1694. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +0 -95
  1695. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +0 -106
  1696. data/third_party/abseil-cpp/absl/hash/hash.h +0 -421
  1697. data/third_party/abseil-cpp/absl/hash/internal/city.cc +0 -349
  1698. data/third_party/abseil-cpp/absl/hash/internal/city.h +0 -78
  1699. data/third_party/abseil-cpp/absl/hash/internal/hash.cc +0 -69
  1700. data/third_party/abseil-cpp/absl/hash/internal/hash.h +0 -1291
  1701. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +0 -123
  1702. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +0 -50
  1703. data/third_party/abseil-cpp/absl/memory/memory.h +0 -699
  1704. data/third_party/abseil-cpp/absl/meta/type_traits.h +0 -797
  1705. data/third_party/abseil-cpp/absl/numeric/bits.h +0 -178
  1706. data/third_party/abseil-cpp/absl/numeric/int128.cc +0 -385
  1707. data/third_party/abseil-cpp/absl/numeric/int128.h +0 -1165
  1708. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +0 -296
  1709. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +0 -311
  1710. data/third_party/abseil-cpp/absl/numeric/internal/bits.h +0 -358
  1711. data/third_party/abseil-cpp/absl/numeric/internal/representation.h +0 -55
  1712. data/third_party/abseil-cpp/absl/profiling/internal/exponential_biased.cc +0 -93
  1713. data/third_party/abseil-cpp/absl/profiling/internal/exponential_biased.h +0 -130
  1714. data/third_party/abseil-cpp/absl/profiling/internal/sample_recorder.h +0 -245
  1715. data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +0 -200
  1716. data/third_party/abseil-cpp/absl/random/beta_distribution.h +0 -427
  1717. data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +0 -98
  1718. data/third_party/abseil-cpp/absl/random/discrete_distribution.h +0 -247
  1719. data/third_party/abseil-cpp/absl/random/distributions.h +0 -452
  1720. data/third_party/abseil-cpp/absl/random/exponential_distribution.h +0 -165
  1721. data/third_party/abseil-cpp/absl/random/gaussian_distribution.cc +0 -104
  1722. data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +0 -275
  1723. data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +0 -95
  1724. data/third_party/abseil-cpp/absl/random/internal/fast_uniform_bits.h +0 -269
  1725. data/third_party/abseil-cpp/absl/random/internal/fastmath.h +0 -57
  1726. data/third_party/abseil-cpp/absl/random/internal/generate_real.h +0 -144
  1727. data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +0 -245
  1728. data/third_party/abseil-cpp/absl/random/internal/nonsecure_base.h +0 -161
  1729. data/third_party/abseil-cpp/absl/random/internal/pcg_engine.h +0 -308
  1730. data/third_party/abseil-cpp/absl/random/internal/platform.h +0 -171
  1731. data/third_party/abseil-cpp/absl/random/internal/pool_urbg.cc +0 -253
  1732. data/third_party/abseil-cpp/absl/random/internal/pool_urbg.h +0 -131
  1733. data/third_party/abseil-cpp/absl/random/internal/randen.cc +0 -91
  1734. data/third_party/abseil-cpp/absl/random/internal/randen.h +0 -96
  1735. data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +0 -225
  1736. data/third_party/abseil-cpp/absl/random/internal/randen_detect.h +0 -33
  1737. data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +0 -264
  1738. data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.cc +0 -526
  1739. data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.h +0 -50
  1740. data/third_party/abseil-cpp/absl/random/internal/randen_round_keys.cc +0 -462
  1741. data/third_party/abseil-cpp/absl/random/internal/randen_slow.cc +0 -471
  1742. data/third_party/abseil-cpp/absl/random/internal/randen_slow.h +0 -40
  1743. data/third_party/abseil-cpp/absl/random/internal/randen_traits.h +0 -88
  1744. data/third_party/abseil-cpp/absl/random/internal/salted_seed_seq.h +0 -165
  1745. data/third_party/abseil-cpp/absl/random/internal/seed_material.cc +0 -267
  1746. data/third_party/abseil-cpp/absl/random/internal/seed_material.h +0 -104
  1747. data/third_party/abseil-cpp/absl/random/internal/traits.h +0 -149
  1748. data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +0 -244
  1749. data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +0 -96
  1750. data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +0 -256
  1751. data/third_party/abseil-cpp/absl/random/poisson_distribution.h +0 -261
  1752. data/third_party/abseil-cpp/absl/random/random.h +0 -189
  1753. data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +0 -46
  1754. data/third_party/abseil-cpp/absl/random/seed_gen_exception.h +0 -55
  1755. data/third_party/abseil-cpp/absl/random/seed_sequences.cc +0 -29
  1756. data/third_party/abseil-cpp/absl/random/seed_sequences.h +0 -111
  1757. data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +0 -275
  1758. data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +0 -202
  1759. data/third_party/abseil-cpp/absl/random/zipf_distribution.h +0 -272
  1760. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +0 -86
  1761. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +0 -396
  1762. data/third_party/abseil-cpp/absl/status/status.cc +0 -616
  1763. data/third_party/abseil-cpp/absl/status/status.h +0 -892
  1764. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +0 -38
  1765. data/third_party/abseil-cpp/absl/status/status_payload_printer.h +0 -51
  1766. data/third_party/abseil-cpp/absl/status/statusor.cc +0 -103
  1767. data/third_party/abseil-cpp/absl/status/statusor.h +0 -776
  1768. data/third_party/abseil-cpp/absl/strings/ascii.cc +0 -200
  1769. data/third_party/abseil-cpp/absl/strings/ascii.h +0 -242
  1770. data/third_party/abseil-cpp/absl/strings/charconv.cc +0 -984
  1771. data/third_party/abseil-cpp/absl/strings/charconv.h +0 -120
  1772. data/third_party/abseil-cpp/absl/strings/cord.cc +0 -1328
  1773. data/third_party/abseil-cpp/absl/strings/cord.h +0 -1642
  1774. data/third_party/abseil-cpp/absl/strings/cord_analysis.cc +0 -188
  1775. data/third_party/abseil-cpp/absl/strings/cord_analysis.h +0 -44
  1776. data/third_party/abseil-cpp/absl/strings/cord_buffer.cc +0 -30
  1777. data/third_party/abseil-cpp/absl/strings/cord_buffer.h +0 -572
  1778. data/third_party/abseil-cpp/absl/strings/escaping.cc +0 -949
  1779. data/third_party/abseil-cpp/absl/strings/escaping.h +0 -164
  1780. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +0 -156
  1781. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +0 -359
  1782. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +0 -423
  1783. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +0 -504
  1784. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.h +0 -99
  1785. data/third_party/abseil-cpp/absl/strings/internal/cord_data_edge.h +0 -63
  1786. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +0 -77
  1787. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +0 -655
  1788. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.cc +0 -1228
  1789. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +0 -924
  1790. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.cc +0 -187
  1791. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.h +0 -267
  1792. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.cc +0 -69
  1793. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.h +0 -212
  1794. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.cc +0 -62
  1795. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.h +0 -50
  1796. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_crc.cc +0 -54
  1797. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_crc.h +0 -102
  1798. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +0 -187
  1799. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +0 -773
  1800. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +0 -607
  1801. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +0 -118
  1802. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +0 -96
  1803. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +0 -85
  1804. data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +0 -139
  1805. data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.h +0 -131
  1806. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +0 -418
  1807. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +0 -298
  1808. data/third_party/abseil-cpp/absl/strings/internal/cordz_statistics.h +0 -88
  1809. data/third_party/abseil-cpp/absl/strings/internal/cordz_update_scope.h +0 -71
  1810. data/third_party/abseil-cpp/absl/strings/internal/cordz_update_tracker.h +0 -123
  1811. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +0 -181
  1812. data/third_party/abseil-cpp/absl/strings/internal/escaping.h +0 -58
  1813. data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +0 -112
  1814. data/third_party/abseil-cpp/absl/strings/internal/memutil.h +0 -148
  1815. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +0 -36
  1816. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +0 -89
  1817. data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +0 -119
  1818. data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +0 -248
  1819. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +0 -488
  1820. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +0 -526
  1821. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +0 -258
  1822. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +0 -248
  1823. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +0 -338
  1824. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +0 -74
  1825. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +0 -448
  1826. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +0 -1423
  1827. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +0 -37
  1828. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +0 -72
  1829. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +0 -97
  1830. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +0 -339
  1831. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +0 -359
  1832. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +0 -317
  1833. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +0 -430
  1834. data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +0 -72
  1835. data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +0 -53
  1836. data/third_party/abseil-cpp/absl/strings/internal/utf8.h +0 -50
  1837. data/third_party/abseil-cpp/absl/strings/match.cc +0 -43
  1838. data/third_party/abseil-cpp/absl/strings/match.h +0 -100
  1839. data/third_party/abseil-cpp/absl/strings/numbers.cc +0 -1093
  1840. data/third_party/abseil-cpp/absl/strings/numbers.h +0 -303
  1841. data/third_party/abseil-cpp/absl/strings/str_cat.cc +0 -246
  1842. data/third_party/abseil-cpp/absl/strings/str_cat.h +0 -415
  1843. data/third_party/abseil-cpp/absl/strings/str_format.h +0 -812
  1844. data/third_party/abseil-cpp/absl/strings/str_join.h +0 -287
  1845. data/third_party/abseil-cpp/absl/strings/str_replace.cc +0 -82
  1846. data/third_party/abseil-cpp/absl/strings/str_replace.h +0 -219
  1847. data/third_party/abseil-cpp/absl/strings/str_split.cc +0 -139
  1848. data/third_party/abseil-cpp/absl/strings/str_split.h +0 -547
  1849. data/third_party/abseil-cpp/absl/strings/string_view.cc +0 -219
  1850. data/third_party/abseil-cpp/absl/strings/string_view.h +0 -711
  1851. data/third_party/abseil-cpp/absl/strings/strip.h +0 -93
  1852. data/third_party/abseil-cpp/absl/strings/substitute.cc +0 -172
  1853. data/third_party/abseil-cpp/absl/strings/substitute.h +0 -729
  1854. data/third_party/abseil-cpp/absl/synchronization/barrier.cc +0 -52
  1855. data/third_party/abseil-cpp/absl/synchronization/barrier.h +0 -79
  1856. data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +0 -67
  1857. data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +0 -101
  1858. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +0 -143
  1859. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +0 -56
  1860. data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +0 -154
  1861. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +0 -698
  1862. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +0 -141
  1863. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +0 -156
  1864. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +0 -102
  1865. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +0 -110
  1866. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +0 -403
  1867. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +0 -161
  1868. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +0 -2786
  1869. data/third_party/abseil-cpp/absl/synchronization/mutex.h +0 -1090
  1870. data/third_party/abseil-cpp/absl/synchronization/notification.cc +0 -78
  1871. data/third_party/abseil-cpp/absl/synchronization/notification.h +0 -124
  1872. data/third_party/abseil-cpp/absl/time/civil_time.cc +0 -173
  1873. data/third_party/abseil-cpp/absl/time/civil_time.h +0 -538
  1874. data/third_party/abseil-cpp/absl/time/clock.cc +0 -585
  1875. data/third_party/abseil-cpp/absl/time/clock.h +0 -74
  1876. data/third_party/abseil-cpp/absl/time/duration.cc +0 -955
  1877. data/third_party/abseil-cpp/absl/time/format.cc +0 -160
  1878. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +0 -332
  1879. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +0 -632
  1880. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +0 -459
  1881. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +0 -102
  1882. data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +0 -94
  1883. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +0 -140
  1884. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +0 -52
  1885. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +0 -1029
  1886. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +0 -45
  1887. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +0 -77
  1888. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +0 -113
  1889. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +0 -93
  1890. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +0 -1027
  1891. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +0 -137
  1892. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +0 -315
  1893. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +0 -55
  1894. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +0 -236
  1895. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +0 -159
  1896. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +0 -132
  1897. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +0 -122
  1898. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +0 -115
  1899. data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +0 -31
  1900. data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +0 -24
  1901. data/third_party/abseil-cpp/absl/time/time.cc +0 -500
  1902. data/third_party/abseil-cpp/absl/time/time.h +0 -1620
  1903. data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +0 -48
  1904. data/third_party/abseil-cpp/absl/types/bad_optional_access.h +0 -78
  1905. data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +0 -64
  1906. data/third_party/abseil-cpp/absl/types/bad_variant_access.h +0 -82
  1907. data/third_party/abseil-cpp/absl/types/internal/optional.h +0 -404
  1908. data/third_party/abseil-cpp/absl/types/internal/span.h +0 -128
  1909. data/third_party/abseil-cpp/absl/types/internal/variant.h +0 -1646
  1910. data/third_party/abseil-cpp/absl/types/optional.h +0 -779
  1911. data/third_party/abseil-cpp/absl/types/span.h +0 -727
  1912. data/third_party/abseil-cpp/absl/types/variant.h +0 -866
  1913. data/third_party/abseil-cpp/absl/utility/utility.h +0 -350
  1914. data/third_party/address_sorting/address_sorting.c +0 -375
  1915. data/third_party/address_sorting/address_sorting_internal.h +0 -70
  1916. data/third_party/address_sorting/address_sorting_posix.c +0 -98
  1917. data/third_party/address_sorting/address_sorting_windows.c +0 -95
  1918. data/third_party/address_sorting/include/address_sorting/address_sorting.h +0 -115
  1919. data/third_party/boringssl-with-bazel/err_data.c +0 -1493
  1920. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +0 -284
  1921. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -122
  1922. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -91
  1923. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -87
  1924. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  1925. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -266
  1926. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -88
  1927. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +0 -420
  1928. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +0 -298
  1929. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +0 -299
  1930. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -77
  1931. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  1932. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +0 -650
  1933. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +0 -266
  1934. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +0 -212
  1935. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +0 -163
  1936. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -264
  1937. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  1938. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -452
  1939. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -80
  1940. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -101
  1941. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  1942. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -102
  1943. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -91
  1944. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +0 -224
  1945. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +0 -969
  1946. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +0 -710
  1947. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -233
  1948. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +0 -332
  1949. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -131
  1950. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +0 -281
  1951. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  1952. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +0 -482
  1953. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +0 -702
  1954. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +0 -324
  1955. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +0 -541
  1956. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -275
  1957. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +0 -311
  1958. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
  1959. data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +0 -111
  1960. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +0 -483
  1961. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -115
  1962. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -192
  1963. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +0 -122
  1964. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +0 -156
  1965. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +0 -57
  1966. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +0 -470
  1967. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -172
  1968. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -52
  1969. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +0 -266
  1970. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +0 -728
  1971. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -711
  1972. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +0 -96
  1973. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +0 -155
  1974. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -175
  1975. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +0 -45
  1976. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
  1977. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
  1978. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesccm.c +0 -447
  1979. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +0 -283
  1980. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +0 -891
  1981. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +0 -343
  1982. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -85
  1983. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +0 -462
  1984. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -87
  1985. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +0 -601
  1986. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +0 -226
  1987. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +0 -338
  1988. data/third_party/boringssl-with-bazel/src/crypto/cmac/cmac.c +0 -278
  1989. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +0 -821
  1990. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -127
  1991. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +0 -31
  1992. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-fuchsia.c +0 -55
  1993. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-linux.c +0 -62
  1994. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +0 -41
  1995. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +0 -229
  1996. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.h +0 -201
  1997. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +0 -38
  1998. data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +0 -291
  1999. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  2000. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +0 -226
  2001. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +0 -2159
  2002. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +0 -7872
  2003. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +0 -146
  2004. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +0 -539
  2005. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -160
  2006. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +0 -272
  2007. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -268
  2008. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +0 -967
  2009. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +0 -390
  2010. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +0 -34
  2011. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +0 -559
  2012. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +0 -95
  2013. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +0 -385
  2014. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -56
  2015. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
  2016. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +0 -267
  2017. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +0 -99
  2018. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +0 -857
  2019. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +0 -58
  2020. data/third_party/boringssl-with-bazel/src/crypto/evp/digestsign.c +0 -231
  2021. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +0 -456
  2022. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +0 -547
  2023. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +0 -484
  2024. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +0 -269
  2025. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +0 -277
  2026. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +0 -286
  2027. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +0 -255
  2028. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +0 -104
  2029. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +0 -221
  2030. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +0 -648
  2031. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +0 -194
  2032. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +0 -110
  2033. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +0 -248
  2034. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
  2035. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +0 -489
  2036. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +0 -211
  2037. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -151
  2038. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -261
  2039. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -108
  2040. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +0 -1282
  2041. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +0 -238
  2042. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +0 -236
  2043. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +0 -122
  2044. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -266
  2045. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +0 -316
  2046. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -541
  2047. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +0 -438
  2048. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +0 -230
  2049. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +0 -200
  2050. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -236
  2051. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +0 -902
  2052. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +0 -87
  2053. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +0 -1288
  2054. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -378
  2055. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +0 -326
  2056. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +0 -711
  2057. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +0 -715
  2058. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c +0 -146
  2059. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +0 -502
  2060. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +0 -186
  2061. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +0 -749
  2062. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -1064
  2063. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +0 -341
  2064. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +0 -226
  2065. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +0 -104
  2066. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +0 -364
  2067. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +0 -498
  2068. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +0 -284
  2069. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +0 -648
  2070. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +0 -1473
  2071. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_des.c +0 -237
  2072. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +0 -128
  2073. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +0 -89
  2074. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +0 -784
  2075. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +0 -238
  2076. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +0 -217
  2077. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +0 -456
  2078. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +0 -282
  2079. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +0 -304
  2080. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +0 -112
  2081. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +0 -195
  2082. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +0 -1268
  2083. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +0 -472
  2084. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +0 -524
  2085. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +0 -100
  2086. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +0 -772
  2087. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +0 -328
  2088. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +0 -1180
  2089. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -9497
  2090. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +0 -633
  2091. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.h +0 -153
  2092. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +0 -740
  2093. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +0 -297
  2094. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +0 -175
  2095. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +0 -357
  2096. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +0 -270
  2097. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +0 -255
  2098. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -270
  2099. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +0 -122
  2100. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +0 -338
  2101. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +0 -39
  2102. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -32
  2103. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +0 -228
  2104. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +0 -240
  2105. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
  2106. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +0 -284
  2107. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +0 -178
  2108. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +0 -203
  2109. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +0 -201
  2110. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +0 -733
  2111. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +0 -304
  2112. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -420
  2113. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +0 -97
  2114. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +0 -91
  2115. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +0 -202
  2116. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +0 -137
  2117. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +0 -49
  2118. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +0 -64
  2119. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +0 -184
  2120. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -457
  2121. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -401
  2122. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -243
  2123. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +0 -131
  2124. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +0 -695
  2125. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +0 -935
  2126. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +0 -1416
  2127. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +0 -79
  2128. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +0 -874
  2129. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +0 -53
  2130. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  2131. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +0 -357
  2132. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +0 -321
  2133. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +0 -508
  2134. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +0 -39
  2135. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +0 -165
  2136. data/third_party/boringssl-with-bazel/src/crypto/hkdf/hkdf.c +0 -112
  2137. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +0 -618
  2138. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +0 -2198
  2139. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +0 -68
  2140. data/third_party/boringssl-with-bazel/src/crypto/internal.h +0 -959
  2141. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +0 -253
  2142. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +0 -353
  2143. data/third_party/boringssl-with-bazel/src/crypto/mem.c +0 -410
  2144. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +0 -553
  2145. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +0 -11585
  2146. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
  2147. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -252
  2148. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -358
  2149. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -769
  2150. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
  2151. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -255
  2152. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -214
  2153. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -65
  2154. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -65
  2155. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +0 -58
  2156. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +0 -193
  2157. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -526
  2158. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +0 -137
  2159. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +0 -316
  2160. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -530
  2161. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +0 -1383
  2162. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +0 -41
  2163. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +0 -321
  2164. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +0 -307
  2165. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +0 -860
  2166. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +0 -49
  2167. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +0 -257
  2168. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +0 -56
  2169. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -46
  2170. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +0 -34
  2171. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +0 -34
  2172. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +0 -74
  2173. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +0 -73
  2174. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
  2175. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -67
  2176. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +0 -53
  2177. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +0 -324
  2178. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
  2179. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +0 -82
  2180. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +0 -425
  2181. data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
  2182. data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -59
  2183. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -182
  2184. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +0 -260
  2185. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +0 -318
  2186. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +0 -1399
  2187. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +0 -858
  2188. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +0 -766
  2189. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -96
  2190. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -128
  2191. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -118
  2192. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -163
  2193. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -826
  2194. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +0 -459
  2195. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -277
  2196. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -83
  2197. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +0 -404
  2198. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +0 -246
  2199. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +0 -400
  2200. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -130
  2201. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +0 -246
  2202. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -365
  2203. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -116
  2204. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -90
  2205. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -358
  2206. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -461
  2207. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -106
  2208. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -103
  2209. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -212
  2210. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -830
  2211. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +0 -199
  2212. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +0 -304
  2213. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +0 -240
  2214. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +0 -331
  2215. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +0 -204
  2216. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -281
  2217. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -2456
  2218. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +0 -651
  2219. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +0 -284
  2220. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +0 -388
  2221. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -84
  2222. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -137
  2223. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -153
  2224. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -386
  2225. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -98
  2226. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +0 -565
  2227. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -77
  2228. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +0 -98
  2229. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +0 -544
  2230. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +0 -106
  2231. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -217
  2232. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -106
  2233. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -94
  2234. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -80
  2235. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -71
  2236. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +0 -394
  2237. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +0 -201
  2238. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +0 -138
  2239. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +0 -289
  2240. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  2241. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  2242. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  2243. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  2244. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  2245. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  2246. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +0 -226
  2247. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +0 -72
  2248. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +0 -640
  2249. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +0 -133
  2250. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +0 -144
  2251. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +0 -468
  2252. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +0 -500
  2253. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +0 -563
  2254. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +0 -106
  2255. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +0 -148
  2256. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +0 -266
  2257. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +0 -121
  2258. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +0 -218
  2259. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +0 -91
  2260. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +0 -379
  2261. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +0 -558
  2262. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +0 -68
  2263. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  2264. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  2265. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +0 -139
  2266. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +0 -154
  2267. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +0 -230
  2268. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +0 -929
  2269. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +0 -156
  2270. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +0 -1437
  2271. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +0 -480
  2272. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +0 -207
  2273. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +0 -240
  2274. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -2039
  2275. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +0 -18
  2276. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -718
  2277. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +0 -627
  2278. data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +0 -198
  2279. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +0 -939
  2280. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +0 -62
  2281. data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +0 -93
  2282. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +0 -1057
  2283. data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +0 -137
  2284. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +0 -18
  2285. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +0 -586
  2286. data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +0 -96
  2287. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +0 -41
  2288. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +0 -673
  2289. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +0 -91
  2290. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +0 -183
  2291. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +0 -202
  2292. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +0 -169
  2293. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +0 -201
  2294. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +0 -183
  2295. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +0 -353
  2296. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +0 -348
  2297. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +0 -443
  2298. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +0 -16
  2299. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +0 -18
  2300. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +0 -442
  2301. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +0 -357
  2302. data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +0 -118
  2303. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +0 -236
  2304. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +0 -109
  2305. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +0 -466
  2306. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +0 -1083
  2307. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +0 -99
  2308. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +0 -203
  2309. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +0 -68
  2310. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +0 -186
  2311. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +0 -350
  2312. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +0 -102
  2313. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +0 -16
  2314. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +0 -81
  2315. data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +0 -108
  2316. data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +0 -109
  2317. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +0 -184
  2318. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +0 -4259
  2319. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +0 -256
  2320. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +0 -18
  2321. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +0 -18
  2322. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +0 -70
  2323. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +0 -18
  2324. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +0 -18
  2325. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -483
  2326. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +0 -18
  2327. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +0 -239
  2328. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +0 -282
  2329. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +0 -49
  2330. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +0 -108
  2331. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +0 -114
  2332. data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +0 -96
  2333. data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +0 -108
  2334. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +0 -855
  2335. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +0 -16
  2336. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +0 -294
  2337. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +0 -37
  2338. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +0 -222
  2339. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +0 -18
  2340. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +0 -5624
  2341. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +0 -333
  2342. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +0 -542
  2343. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +0 -191
  2344. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +0 -647
  2345. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +0 -310
  2346. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -90
  2347. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +0 -2419
  2348. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +0 -18
  2349. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +0 -1021
  2350. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +0 -192
  2351. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -835
  2352. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +0 -268
  2353. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +0 -273
  2354. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +0 -232
  2355. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +0 -200
  2356. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +0 -353
  2357. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +0 -1084
  2358. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +0 -4325
  2359. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +0 -986
  2360. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +0 -758
  2361. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +0 -1986
  2362. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +0 -1956
  2363. data/third_party/boringssl-with-bazel/src/ssl/internal.h +0 -3953
  2364. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +0 -730
  2365. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -219
  2366. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +0 -453
  2367. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +0 -432
  2368. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +0 -896
  2369. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +0 -306
  2370. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +0 -1014
  2371. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +0 -1717
  2372. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +0 -585
  2373. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +0 -400
  2374. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +0 -3072
  2375. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +0 -837
  2376. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +0 -1342
  2377. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +0 -233
  2378. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +0 -272
  2379. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +0 -402
  2380. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +0 -1363
  2381. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +0 -384
  2382. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +0 -733
  2383. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +0 -1122
  2384. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +0 -582
  2385. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +0 -1349
  2386. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +0 -319
  2387. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +0 -705
  2388. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +0 -981
  2389. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +0 -619
  2390. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +0 -3147
  2391. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +0 -1226
  2392. data/third_party/cares/ares_build.h +0 -223
  2393. data/third_party/cares/cares/include/ares.h +0 -742
  2394. data/third_party/cares/cares/include/ares_dns.h +0 -112
  2395. data/third_party/cares/cares/include/ares_rules.h +0 -125
  2396. data/third_party/cares/cares/include/ares_version.h +0 -24
  2397. data/third_party/cares/cares/src/lib/ares__close_sockets.c +0 -61
  2398. data/third_party/cares/cares/src/lib/ares__get_hostent.c +0 -260
  2399. data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +0 -260
  2400. data/third_party/cares/cares/src/lib/ares__read_line.c +0 -73
  2401. data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +0 -264
  2402. data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +0 -499
  2403. data/third_party/cares/cares/src/lib/ares__timeval.c +0 -111
  2404. data/third_party/cares/cares/src/lib/ares_android.c +0 -444
  2405. data/third_party/cares/cares/src/lib/ares_android.h +0 -27
  2406. data/third_party/cares/cares/src/lib/ares_cancel.c +0 -63
  2407. data/third_party/cares/cares/src/lib/ares_create_query.c +0 -197
  2408. data/third_party/cares/cares/src/lib/ares_data.c +0 -240
  2409. data/third_party/cares/cares/src/lib/ares_data.h +0 -74
  2410. data/third_party/cares/cares/src/lib/ares_destroy.c +0 -113
  2411. data/third_party/cares/cares/src/lib/ares_expand_name.c +0 -300
  2412. data/third_party/cares/cares/src/lib/ares_expand_string.c +0 -67
  2413. data/third_party/cares/cares/src/lib/ares_fds.c +0 -59
  2414. data/third_party/cares/cares/src/lib/ares_free_hostent.c +0 -43
  2415. data/third_party/cares/cares/src/lib/ares_free_string.c +0 -25
  2416. data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +0 -59
  2417. data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +0 -772
  2418. data/third_party/cares/cares/src/lib/ares_getenv.c +0 -28
  2419. data/third_party/cares/cares/src/lib/ares_getenv.h +0 -26
  2420. data/third_party/cares/cares/src/lib/ares_gethostbyaddr.c +0 -287
  2421. data/third_party/cares/cares/src/lib/ares_gethostbyname.c +0 -534
  2422. data/third_party/cares/cares/src/lib/ares_getnameinfo.c +0 -447
  2423. data/third_party/cares/cares/src/lib/ares_getsock.c +0 -66
  2424. data/third_party/cares/cares/src/lib/ares_inet_net_pton.h +0 -25
  2425. data/third_party/cares/cares/src/lib/ares_init.c +0 -2654
  2426. data/third_party/cares/cares/src/lib/ares_iphlpapi.h +0 -221
  2427. data/third_party/cares/cares/src/lib/ares_ipv6.h +0 -85
  2428. data/third_party/cares/cares/src/lib/ares_library_init.c +0 -200
  2429. data/third_party/cares/cares/src/lib/ares_library_init.h +0 -43
  2430. data/third_party/cares/cares/src/lib/ares_llist.c +0 -63
  2431. data/third_party/cares/cares/src/lib/ares_llist.h +0 -39
  2432. data/third_party/cares/cares/src/lib/ares_mkquery.c +0 -24
  2433. data/third_party/cares/cares/src/lib/ares_nameser.h +0 -482
  2434. data/third_party/cares/cares/src/lib/ares_nowarn.c +0 -260
  2435. data/third_party/cares/cares/src/lib/ares_nowarn.h +0 -61
  2436. data/third_party/cares/cares/src/lib/ares_options.c +0 -406
  2437. data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +0 -209
  2438. data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +0 -212
  2439. data/third_party/cares/cares/src/lib/ares_parse_caa_reply.c +0 -199
  2440. data/third_party/cares/cares/src/lib/ares_parse_mx_reply.c +0 -164
  2441. data/third_party/cares/cares/src/lib/ares_parse_naptr_reply.c +0 -183
  2442. data/third_party/cares/cares/src/lib/ares_parse_ns_reply.c +0 -177
  2443. data/third_party/cares/cares/src/lib/ares_parse_ptr_reply.c +0 -228
  2444. data/third_party/cares/cares/src/lib/ares_parse_soa_reply.c +0 -179
  2445. data/third_party/cares/cares/src/lib/ares_parse_srv_reply.c +0 -168
  2446. data/third_party/cares/cares/src/lib/ares_parse_txt_reply.c +0 -214
  2447. data/third_party/cares/cares/src/lib/ares_platform.c +0 -11042
  2448. data/third_party/cares/cares/src/lib/ares_platform.h +0 -43
  2449. data/third_party/cares/cares/src/lib/ares_private.h +0 -423
  2450. data/third_party/cares/cares/src/lib/ares_process.c +0 -1548
  2451. data/third_party/cares/cares/src/lib/ares_query.c +0 -180
  2452. data/third_party/cares/cares/src/lib/ares_search.c +0 -321
  2453. data/third_party/cares/cares/src/lib/ares_send.c +0 -131
  2454. data/third_party/cares/cares/src/lib/ares_setup.h +0 -220
  2455. data/third_party/cares/cares/src/lib/ares_strcasecmp.c +0 -66
  2456. data/third_party/cares/cares/src/lib/ares_strcasecmp.h +0 -30
  2457. data/third_party/cares/cares/src/lib/ares_strdup.c +0 -49
  2458. data/third_party/cares/cares/src/lib/ares_strdup.h +0 -24
  2459. data/third_party/cares/cares/src/lib/ares_strerror.c +0 -56
  2460. data/third_party/cares/cares/src/lib/ares_strsplit.c +0 -178
  2461. data/third_party/cares/cares/src/lib/ares_strsplit.h +0 -43
  2462. data/third_party/cares/cares/src/lib/ares_timeout.c +0 -88
  2463. data/third_party/cares/cares/src/lib/ares_version.c +0 -11
  2464. data/third_party/cares/cares/src/lib/ares_writev.c +0 -79
  2465. data/third_party/cares/cares/src/lib/ares_writev.h +0 -36
  2466. data/third_party/cares/cares/src/lib/bitncmp.c +0 -59
  2467. data/third_party/cares/cares/src/lib/bitncmp.h +0 -26
  2468. data/third_party/cares/cares/src/lib/config-dos.h +0 -115
  2469. data/third_party/cares/cares/src/lib/config-win32.h +0 -351
  2470. data/third_party/cares/cares/src/lib/inet_net_pton.c +0 -444
  2471. data/third_party/cares/cares/src/lib/inet_ntop.c +0 -201
  2472. data/third_party/cares/cares/src/lib/setup_once.h +0 -554
  2473. data/third_party/cares/cares/src/lib/windows_port.c +0 -22
  2474. data/third_party/cares/config_darwin/ares_config.h +0 -428
  2475. data/third_party/cares/config_freebsd/ares_config.h +0 -505
  2476. data/third_party/cares/config_linux/ares_config.h +0 -461
  2477. data/third_party/cares/config_openbsd/ares_config.h +0 -505
  2478. data/third_party/re2/re2/bitmap256.h +0 -117
  2479. data/third_party/re2/re2/bitstate.cc +0 -385
  2480. data/third_party/re2/re2/compile.cc +0 -1261
  2481. data/third_party/re2/re2/dfa.cc +0 -2118
  2482. data/third_party/re2/re2/filtered_re2.cc +0 -137
  2483. data/third_party/re2/re2/filtered_re2.h +0 -114
  2484. data/third_party/re2/re2/mimics_pcre.cc +0 -197
  2485. data/third_party/re2/re2/nfa.cc +0 -713
  2486. data/third_party/re2/re2/onepass.cc +0 -623
  2487. data/third_party/re2/re2/parse.cc +0 -2483
  2488. data/third_party/re2/re2/perl_groups.cc +0 -119
  2489. data/third_party/re2/re2/pod_array.h +0 -55
  2490. data/third_party/re2/re2/prefilter.cc +0 -711
  2491. data/third_party/re2/re2/prefilter.h +0 -108
  2492. data/third_party/re2/re2/prefilter_tree.cc +0 -407
  2493. data/third_party/re2/re2/prefilter_tree.h +0 -139
  2494. data/third_party/re2/re2/prog.cc +0 -1166
  2495. data/third_party/re2/re2/prog.h +0 -455
  2496. data/third_party/re2/re2/re2.cc +0 -1331
  2497. data/third_party/re2/re2/re2.h +0 -1017
  2498. data/third_party/re2/re2/regexp.cc +0 -987
  2499. data/third_party/re2/re2/regexp.h +0 -665
  2500. data/third_party/re2/re2/set.cc +0 -176
  2501. data/third_party/re2/re2/set.h +0 -85
  2502. data/third_party/re2/re2/simplify.cc +0 -665
  2503. data/third_party/re2/re2/sparse_array.h +0 -392
  2504. data/third_party/re2/re2/sparse_set.h +0 -264
  2505. data/third_party/re2/re2/stringpiece.cc +0 -65
  2506. data/third_party/re2/re2/stringpiece.h +0 -210
  2507. data/third_party/re2/re2/tostring.cc +0 -351
  2508. data/third_party/re2/re2/unicode_casefold.cc +0 -582
  2509. data/third_party/re2/re2/unicode_casefold.h +0 -78
  2510. data/third_party/re2/re2/unicode_groups.cc +0 -6269
  2511. data/third_party/re2/re2/unicode_groups.h +0 -67
  2512. data/third_party/re2/re2/walker-inl.h +0 -246
  2513. data/third_party/re2/util/benchmark.h +0 -156
  2514. data/third_party/re2/util/flags.h +0 -26
  2515. data/third_party/re2/util/logging.h +0 -109
  2516. data/third_party/re2/util/malloc_counter.h +0 -19
  2517. data/third_party/re2/util/mix.h +0 -41
  2518. data/third_party/re2/util/mutex.h +0 -148
  2519. data/third_party/re2/util/pcre.cc +0 -1025
  2520. data/third_party/re2/util/pcre.h +0 -681
  2521. data/third_party/re2/util/rune.cc +0 -260
  2522. data/third_party/re2/util/strutil.cc +0 -149
  2523. data/third_party/re2/util/strutil.h +0 -21
  2524. data/third_party/re2/util/test.h +0 -50
  2525. data/third_party/re2/util/utf.h +0 -44
  2526. data/third_party/re2/util/util.h +0 -42
  2527. data/third_party/upb/third_party/utf8_range/naive.c +0 -92
  2528. data/third_party/upb/third_party/utf8_range/range2-neon.c +0 -157
  2529. data/third_party/upb/third_party/utf8_range/range2-sse.c +0 -170
  2530. data/third_party/upb/third_party/utf8_range/utf8_range.h +0 -9
  2531. data/third_party/upb/upb/arena.c +0 -277
  2532. data/third_party/upb/upb/arena.h +0 -225
  2533. data/third_party/upb/upb/array.c +0 -114
  2534. data/third_party/upb/upb/array.h +0 -83
  2535. data/third_party/upb/upb/collections.h +0 -36
  2536. data/third_party/upb/upb/decode.c +0 -1221
  2537. data/third_party/upb/upb/decode.h +0 -95
  2538. data/third_party/upb/upb/decode_fast.c +0 -1055
  2539. data/third_party/upb/upb/decode_fast.h +0 -153
  2540. data/third_party/upb/upb/def.c +0 -3269
  2541. data/third_party/upb/upb/def.h +0 -416
  2542. data/third_party/upb/upb/def.hpp +0 -441
  2543. data/third_party/upb/upb/encode.c +0 -613
  2544. data/third_party/upb/upb/encode.h +0 -81
  2545. data/third_party/upb/upb/extension_registry.c +0 -93
  2546. data/third_party/upb/upb/extension_registry.h +0 -84
  2547. data/third_party/upb/upb/internal/decode.h +0 -211
  2548. data/third_party/upb/upb/internal/table.h +0 -385
  2549. data/third_party/upb/upb/internal/upb.h +0 -68
  2550. data/third_party/upb/upb/internal/vsnprintf_compat.h +0 -52
  2551. data/third_party/upb/upb/json_decode.c +0 -1512
  2552. data/third_party/upb/upb/json_decode.h +0 -47
  2553. data/third_party/upb/upb/json_encode.c +0 -780
  2554. data/third_party/upb/upb/json_encode.h +0 -65
  2555. data/third_party/upb/upb/map.c +0 -108
  2556. data/third_party/upb/upb/map.h +0 -117
  2557. data/third_party/upb/upb/message_value.h +0 -66
  2558. data/third_party/upb/upb/mini_table.c +0 -1147
  2559. data/third_party/upb/upb/mini_table.h +0 -189
  2560. data/third_party/upb/upb/mini_table.hpp +0 -112
  2561. data/third_party/upb/upb/msg.c +0 -368
  2562. data/third_party/upb/upb/msg.h +0 -71
  2563. data/third_party/upb/upb/msg_internal.h +0 -837
  2564. data/third_party/upb/upb/port_def.inc +0 -262
  2565. data/third_party/upb/upb/port_undef.inc +0 -63
  2566. data/third_party/upb/upb/reflection.c +0 -323
  2567. data/third_party/upb/upb/reflection.h +0 -110
  2568. data/third_party/upb/upb/reflection.hpp +0 -37
  2569. data/third_party/upb/upb/status.c +0 -86
  2570. data/third_party/upb/upb/status.h +0 -66
  2571. data/third_party/upb/upb/table.c +0 -926
  2572. data/third_party/upb/upb/table_internal.h +0 -36
  2573. data/third_party/upb/upb/text_encode.c +0 -473
  2574. data/third_party/upb/upb/text_encode.h +0 -64
  2575. data/third_party/upb/upb/upb.c +0 -76
  2576. data/third_party/upb/upb/upb.h +0 -184
  2577. data/third_party/upb/upb/upb.hpp +0 -115
  2578. data/third_party/xxhash/xxhash.h +0 -5580
  2579. data/third_party/zlib/adler32.c +0 -186
  2580. data/third_party/zlib/compress.c +0 -86
  2581. data/third_party/zlib/crc32.c +0 -1125
  2582. data/third_party/zlib/crc32.h +0 -9446
  2583. data/third_party/zlib/deflate.c +0 -2217
  2584. data/third_party/zlib/deflate.h +0 -346
  2585. data/third_party/zlib/gzclose.c +0 -25
  2586. data/third_party/zlib/gzguts.h +0 -219
  2587. data/third_party/zlib/gzlib.c +0 -639
  2588. data/third_party/zlib/gzread.c +0 -650
  2589. data/third_party/zlib/gzwrite.c +0 -677
  2590. data/third_party/zlib/infback.c +0 -644
  2591. data/third_party/zlib/inffast.c +0 -323
  2592. data/third_party/zlib/inffast.h +0 -11
  2593. data/third_party/zlib/inffixed.h +0 -94
  2594. data/third_party/zlib/inflate.c +0 -1595
  2595. data/third_party/zlib/inflate.h +0 -126
  2596. data/third_party/zlib/inftrees.c +0 -304
  2597. data/third_party/zlib/inftrees.h +0 -62
  2598. data/third_party/zlib/trees.c +0 -1181
  2599. data/third_party/zlib/trees.h +0 -128
  2600. data/third_party/zlib/uncompr.c +0 -93
  2601. data/third_party/zlib/zconf.h +0 -547
  2602. data/third_party/zlib/zlib.h +0 -1935
  2603. data/third_party/zlib/zutil.c +0 -327
  2604. data/third_party/zlib/zutil.h +0 -275
data/third_party/boringssl-with-bazel/src/ssl/extensions.cc DELETED
@@ -1,4325 +0,0 @@
1
- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
- * All rights reserved.
3
- *
4
- * This package is an SSL implementation written
5
- * by Eric Young (eay@cryptsoft.com).
6
- * The implementation was written so as to conform with Netscapes SSL.
7
- *
8
- * This library is free for commercial and non-commercial use as long as
9
- * the following conditions are aheared to. The following conditions
10
- * apply to all code found in this distribution, be it the RC4, RSA,
11
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
- * included with this distribution is covered by the same copyright terms
13
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
- *
15
- * Copyright remains Eric Young's, and as such any Copyright notices in
16
- * the code are not to be removed.
17
- * If this package is used in a product, Eric Young should be given attribution
18
- * as the author of the parts of the library used.
19
- * This can be in the form of a textual message at program startup or
20
- * in documentation (online or textual) provided with the package.
21
- *
22
- * Redistribution and use in source and binary forms, with or without
23
- * modification, are permitted provided that the following conditions
24
- * are met:
25
- * 1. Redistributions of source code must retain the copyright
26
- * notice, this list of conditions and the following disclaimer.
27
- * 2. Redistributions in binary form must reproduce the above copyright
28
- * notice, this list of conditions and the following disclaimer in the
29
- * documentation and/or other materials provided with the distribution.
30
- * 3. All advertising materials mentioning features or use of this software
31
- * must display the following acknowledgement:
32
- * "This product includes cryptographic software written by
33
- * Eric Young (eay@cryptsoft.com)"
34
- * The word 'cryptographic' can be left out if the rouines from the library
35
- * being used are not cryptographic related :-).
36
- * 4. If you include any Windows specific code (or a derivative thereof) from
37
- * the apps directory (application code) you must include an acknowledgement:
38
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
- *
40
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
- * SUCH DAMAGE.
51
- *
52
- * The licence and distribution terms for any publically available version or
53
- * derivative of this code cannot be changed. i.e. this code cannot simply be
54
- * copied and put under another distribution licence
55
- * [including the GNU Public Licence.]
56
- */
57
- /* ====================================================================
58
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
- *
60
- * Redistribution and use in source and binary forms, with or without
61
- * modification, are permitted provided that the following conditions
62
- * are met:
63
- *
64
- * 1. Redistributions of source code must retain the above copyright
65
- * notice, this list of conditions and the following disclaimer.
66
- *
67
- * 2. Redistributions in binary form must reproduce the above copyright
68
- * notice, this list of conditions and the following disclaimer in
69
- * the documentation and/or other materials provided with the
70
- * distribution.
71
- *
72
- * 3. All advertising materials mentioning features or use of this
73
- * software must display the following acknowledgment:
74
- * "This product includes software developed by the OpenSSL Project
75
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
- *
77
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
- * endorse or promote products derived from this software without
79
- * prior written permission. For written permission, please contact
80
- * openssl-core@openssl.org.
81
- *
82
- * 5. Products derived from this software may not be called "OpenSSL"
83
- * nor may "OpenSSL" appear in their names without prior written
84
- * permission of the OpenSSL Project.
85
- *
86
- * 6. Redistributions of any form whatsoever must retain the following
87
- * acknowledgment:
88
- * "This product includes software developed by the OpenSSL Project
89
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
- *
91
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
- * OF THE POSSIBILITY OF SUCH DAMAGE.
103
- * ====================================================================
104
- *
105
- * This product includes cryptographic software written by Eric Young
106
- * (eay@cryptsoft.com). This product includes software written by Tim
107
- * Hudson (tjh@cryptsoft.com). */
108
-
109
- #include <openssl/ssl.h>
110
-
111
- #include <assert.h>
112
- #include <limits.h>
113
- #include <stdlib.h>
114
- #include <string.h>
115
-
116
- #include <algorithm>
117
- #include <utility>
118
-
119
- #include <openssl/aead.h>
120
- #include <openssl/bytestring.h>
121
- #include <openssl/chacha.h>
122
- #include <openssl/curve25519.h>
123
- #include <openssl/digest.h>
124
- #include <openssl/err.h>
125
- #include <openssl/evp.h>
126
- #include <openssl/hmac.h>
127
- #include <openssl/hpke.h>
128
- #include <openssl/mem.h>
129
- #include <openssl/nid.h>
130
- #include <openssl/rand.h>
131
-
132
- #include "../crypto/internal.h"
133
- #include "internal.h"
134
-
135
-
136
- BSSL_NAMESPACE_BEGIN
137
-
138
- static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs);
139
- static bool ssl_check_serverhello_tlsext(SSL_HANDSHAKE *hs);
140
-
141
- static int compare_uint16_t(const void *p1, const void *p2) {
142
- uint16_t u1 = *((const uint16_t *)p1);
143
- uint16_t u2 = *((const uint16_t *)p2);
144
- if (u1 < u2) {
145
- return -1;
146
- } else if (u1 > u2) {
147
- return 1;
148
- } else {
149
- return 0;
150
- }
151
- }
152
-
153
- // Per http://tools.ietf.org/html/rfc5246#section-7.4.1.4, there may not be
154
- // more than one extension of the same type in a ClientHello or ServerHello.
155
- // This function does an initial scan over the extensions block to filter those
156
- // out.
157
- static bool tls1_check_duplicate_extensions(const CBS *cbs) {
158
- // First pass: count the extensions.
159
- size_t num_extensions = 0;
160
- CBS extensions = *cbs;
161
- while (CBS_len(&extensions) > 0) {
162
- uint16_t type;
163
- CBS extension;
164
-
165
- if (!CBS_get_u16(&extensions, &type) ||
166
- !CBS_get_u16_length_prefixed(&extensions, &extension)) {
167
- return false;
168
- }
169
-
170
- num_extensions++;
171
- }
172
-
173
- if (num_extensions == 0) {
174
- return true;
175
- }
176
-
177
- Array<uint16_t> extension_types;
178
- if (!extension_types.Init(num_extensions)) {
179
- return false;
180
- }
181
-
182
- // Second pass: gather the extension types.
183
- extensions = *cbs;
184
- for (size_t i = 0; i < extension_types.size(); i++) {
185
- CBS extension;
186
-
187
- if (!CBS_get_u16(&extensions, &extension_types[i]) ||
188
- !CBS_get_u16_length_prefixed(&extensions, &extension)) {
189
- // This should not happen.
190
- return false;
191
- }
192
- }
193
- assert(CBS_len(&extensions) == 0);
194
-
195
- // Sort the extensions and make sure there are no duplicates.
196
- qsort(extension_types.data(), extension_types.size(), sizeof(uint16_t),
197
- compare_uint16_t);
198
- for (size_t i = 1; i < num_extensions; i++) {
199
- if (extension_types[i - 1] == extension_types[i]) {
200
- return false;
201
- }
202
- }
203
-
204
- return true;
205
- }
206
-
207
- static bool is_post_quantum_group(uint16_t id) {
208
- return id == SSL_CURVE_CECPQ2;
209
- }
210
-
211
- bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
212
- Span<const uint8_t> body) {
213
- CBS cbs = body;
214
- if (!ssl_parse_client_hello_with_trailing_data(ssl, &cbs, out) ||
215
- CBS_len(&cbs) != 0) {
216
- return false;
217
- }
218
- return true;
219
- }
220
-
221
- bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
222
- SSL_CLIENT_HELLO *out) {
223
- OPENSSL_memset(out, 0, sizeof(*out));
224
- out->ssl = const_cast<SSL *>(ssl);
225
-
226
- CBS copy = *cbs;
227
- CBS random, session_id;
228
- if (!CBS_get_u16(cbs, &out->version) ||
229
- !CBS_get_bytes(cbs, &random, SSL3_RANDOM_SIZE) ||
230
- !CBS_get_u8_length_prefixed(cbs, &session_id) ||
231
- CBS_len(&session_id) > SSL_MAX_SSL_SESSION_ID_LENGTH) {
232
- return false;
233
- }
234
-
235
- out->random = CBS_data(&random);
236
- out->random_len = CBS_len(&random);
237
- out->session_id = CBS_data(&session_id);
238
- out->session_id_len = CBS_len(&session_id);
239
-
240
- // Skip past DTLS cookie
241
- if (SSL_is_dtls(out->ssl)) {
242
- CBS cookie;
243
- if (!CBS_get_u8_length_prefixed(cbs, &cookie) ||
244
- CBS_len(&cookie) > DTLS1_COOKIE_LENGTH) {
245
- return false;
246
- }
247
- }
248
-
249
- CBS cipher_suites, compression_methods;
250
- if (!CBS_get_u16_length_prefixed(cbs, &cipher_suites) ||
251
- CBS_len(&cipher_suites) < 2 || (CBS_len(&cipher_suites) & 1) != 0 ||
252
- !CBS_get_u8_length_prefixed(cbs, &compression_methods) ||
253
- CBS_len(&compression_methods) < 1) {
254
- return false;
255
- }
256
-
257
- out->cipher_suites = CBS_data(&cipher_suites);
258
- out->cipher_suites_len = CBS_len(&cipher_suites);
259
- out->compression_methods = CBS_data(&compression_methods);
260
- out->compression_methods_len = CBS_len(&compression_methods);
261
-
262
- // If the ClientHello ends here then it's valid, but doesn't have any
263
- // extensions.
264
- if (CBS_len(cbs) == 0) {
265
- out->extensions = nullptr;
266
- out->extensions_len = 0;
267
- } else {
268
- // Extract extensions and check it is valid.
269
- CBS extensions;
270
- if (!CBS_get_u16_length_prefixed(cbs, &extensions) ||
271
- !tls1_check_duplicate_extensions(&extensions)) {
272
- return false;
273
- }
274
- out->extensions = CBS_data(&extensions);
275
- out->extensions_len = CBS_len(&extensions);
276
- }
277
-
278
- out->client_hello = CBS_data(&copy);
279
- out->client_hello_len = CBS_len(&copy) - CBS_len(cbs);
280
- return true;
281
- }
282
-
283
- bool ssl_client_hello_get_extension(const SSL_CLIENT_HELLO *client_hello,
284
- CBS *out, uint16_t extension_type) {
285
- CBS extensions;
286
- CBS_init(&extensions, client_hello->extensions, client_hello->extensions_len);
287
- while (CBS_len(&extensions) != 0) {
288
- // Decode the next extension.
289
- uint16_t type;
290
- CBS extension;
291
- if (!CBS_get_u16(&extensions, &type) ||
292
- !CBS_get_u16_length_prefixed(&extensions, &extension)) {
293
- return false;
294
- }
295
-
296
- if (type == extension_type) {
297
- *out = extension;
298
- return true;
299
- }
300
- }
301
-
302
- return false;
303
- }
304
-
305
- static const uint16_t kDefaultGroups[] = {
306
- SSL_CURVE_X25519,
307
- SSL_CURVE_SECP256R1,
308
- SSL_CURVE_SECP384R1,
309
- };
310
-
311
- Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *hs) {
312
- if (!hs->config->supported_group_list.empty()) {
313
- return hs->config->supported_group_list;
314
- }
315
- return Span<const uint16_t>(kDefaultGroups);
316
- }
317
-
318
- bool tls1_get_shared_group(SSL_HANDSHAKE *hs, uint16_t *out_group_id) {
319
- SSL *const ssl = hs->ssl;
320
- assert(ssl->server);
321
-
322
- // Clients are not required to send a supported_groups extension. In this
323
- // case, the server is free to pick any group it likes. See RFC 4492,
324
- // section 4, paragraph 3.
325
- //
326
- // However, in the interests of compatibility, we will skip ECDH if the
327
- // client didn't send an extension because we can't be sure that they'll
328
- // support our favoured group. Thus we do not special-case an emtpy
329
- // |peer_supported_group_list|.
330
-
331
- Span<const uint16_t> groups = tls1_get_grouplist(hs);
332
- Span<const uint16_t> pref, supp;
333
- if (ssl->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
334
- pref = groups;
335
- supp = hs->peer_supported_group_list;
336
- } else {
337
- pref = hs->peer_supported_group_list;
338
- supp = groups;
339
- }
340
-
341
- for (uint16_t pref_group : pref) {
342
- for (uint16_t supp_group : supp) {
343
- if (pref_group == supp_group &&
344
- // CECPQ2(b) doesn't fit in the u8-length-prefixed ECPoint field in
345
- // TLS 1.2 and below.
346
- (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
347
- !is_post_quantum_group(pref_group))) {
348
- *out_group_id = pref_group;
349
- return true;
350
- }
351
- }
352
- }
353
-
354
- return false;
355
- }
356
-
357
- bool tls1_set_curves(Array<uint16_t> *out_group_ids, Span<const int> curves) {
358
- Array<uint16_t> group_ids;
359
- if (!group_ids.Init(curves.size())) {
360
- return false;
361
- }
362
-
363
- for (size_t i = 0; i < curves.size(); i++) {
364
- if (!ssl_nid_to_group_id(&group_ids[i], curves[i])) {
365
- return false;
366
- }
367
- }
368
-
369
- *out_group_ids = std::move(group_ids);
370
- return true;
371
- }
372
-
373
- bool tls1_set_curves_list(Array<uint16_t> *out_group_ids, const char *curves) {
374
- // Count the number of curves in the list.
375
- size_t count = 0;
376
- const char *ptr = curves, *col;
377
- do {
378
- col = strchr(ptr, ':');
379
- count++;
380
- if (col) {
381
- ptr = col + 1;
382
- }
383
- } while (col);
384
-
385
- Array<uint16_t> group_ids;
386
- if (!group_ids.Init(count)) {
387
- return false;
388
- }
389
-
390
- size_t i = 0;
391
- ptr = curves;
392
- do {
393
- col = strchr(ptr, ':');
394
- if (!ssl_name_to_group_id(&group_ids[i++], ptr,
395
- col ? (size_t)(col - ptr) : strlen(ptr))) {
396
- return false;
397
- }
398
- if (col) {
399
- ptr = col + 1;
400
- }
401
- } while (col);
402
-
403
- assert(i == count);
404
- *out_group_ids = std::move(group_ids);
405
- return true;
406
- }
407
-
408
- bool tls1_check_group_id(const SSL_HANDSHAKE *hs, uint16_t group_id) {
409
- if (is_post_quantum_group(group_id) &&
410
- ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
411
- // CECPQ2(b) requires TLS 1.3.
412
- return false;
413
- }
414
-
415
- // We internally assume zero is never allocated as a group ID.
416
- if (group_id == 0) {
417
- return false;
418
- }
419
-
420
- for (uint16_t supported : tls1_get_grouplist(hs)) {
421
- if (supported == group_id) {
422
- return true;
423
- }
424
- }
425
-
426
- return false;
427
- }
428
-
429
- // kVerifySignatureAlgorithms is the default list of accepted signature
430
- // algorithms for verifying.
431
- static const uint16_t kVerifySignatureAlgorithms[] = {
432
- // List our preferred algorithms first.
433
- SSL_SIGN_ECDSA_SECP256R1_SHA256,
434
- SSL_SIGN_RSA_PSS_RSAE_SHA256,
435
- SSL_SIGN_RSA_PKCS1_SHA256,
436
-
437
- // Larger hashes are acceptable.
438
- SSL_SIGN_ECDSA_SECP384R1_SHA384,
439
- SSL_SIGN_RSA_PSS_RSAE_SHA384,
440
- SSL_SIGN_RSA_PKCS1_SHA384,
441
-
442
- SSL_SIGN_RSA_PSS_RSAE_SHA512,
443
- SSL_SIGN_RSA_PKCS1_SHA512,
444
-
445
- // For now, SHA-1 is still accepted but least preferable.
446
- SSL_SIGN_RSA_PKCS1_SHA1,
447
- };
448
-
449
- // kSignSignatureAlgorithms is the default list of supported signature
450
- // algorithms for signing.
451
- static const uint16_t kSignSignatureAlgorithms[] = {
452
- // List our preferred algorithms first.
453
- SSL_SIGN_ED25519,
454
- SSL_SIGN_ECDSA_SECP256R1_SHA256,
455
- SSL_SIGN_RSA_PSS_RSAE_SHA256,
456
- SSL_SIGN_RSA_PKCS1_SHA256,
457
-
458
- // If needed, sign larger hashes.
459
- //
460
- // TODO(davidben): Determine which of these may be pruned.
461
- SSL_SIGN_ECDSA_SECP384R1_SHA384,
462
- SSL_SIGN_RSA_PSS_RSAE_SHA384,
463
- SSL_SIGN_RSA_PKCS1_SHA384,
464
-
465
- SSL_SIGN_ECDSA_SECP521R1_SHA512,
466
- SSL_SIGN_RSA_PSS_RSAE_SHA512,
467
- SSL_SIGN_RSA_PKCS1_SHA512,
468
-
469
- // If the peer supports nothing else, sign with SHA-1.
470
- SSL_SIGN_ECDSA_SHA1,
471
- SSL_SIGN_RSA_PKCS1_SHA1,
472
- };
473
-
474
- static Span<const uint16_t> tls12_get_verify_sigalgs(const SSL_HANDSHAKE *hs) {
475
- if (hs->config->verify_sigalgs.empty()) {
476
- return Span<const uint16_t>(kVerifySignatureAlgorithms);
477
- }
478
- return hs->config->verify_sigalgs;
479
- }
480
-
481
- bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out) {
482
- for (uint16_t sigalg : tls12_get_verify_sigalgs(hs)) {
483
- if (!CBB_add_u16(out, sigalg)) {
484
- return false;
485
- }
486
- }
487
- return true;
488
- }
489
-
490
- bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
491
- uint16_t sigalg) {
492
- for (uint16_t verify_sigalg : tls12_get_verify_sigalgs(hs)) {
493
- if (verify_sigalg == sigalg) {
494
- return true;
495
- }
496
- }
497
-
498
- OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SIGNATURE_TYPE);
499
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
500
- return false;
501
- }
502
-
503
- // tls_extension represents a TLS extension that is handled internally.
504
- //
505
- // The parse callbacks receive a |CBS| that contains the contents of the
506
- // extension (i.e. not including the type and length bytes). If an extension is
507
- // not received then the parse callbacks will be called with a NULL CBS so that
508
- // they can do any processing needed to handle the absence of an extension.
509
- //
510
- // The add callbacks receive a |CBB| to which the extension can be appended but
511
- // the function is responsible for appending the type and length bytes too.
512
- //
513
- // |add_clienthello| may be called multiple times and must not mutate |hs|. It
514
- // is additionally passed two output |CBB|s. If the extension is the same
515
- // independent of the value of |type|, the callback may write to
516
- // |out_compressible| instead of |out|. When serializing the ClientHelloInner,
517
- // all compressible extensions will be made continguous and replaced with
518
- // ech_outer_extensions when encrypted. When serializing the ClientHelloOuter
519
- // or not offering ECH, |out| will be equal to |out_compressible|, so writing to
520
- // |out_compressible| still works.
521
- //
522
- // Note the |parse_serverhello| and |add_serverhello| callbacks refer to the
523
- // TLS 1.2 ServerHello. In TLS 1.3, these callbacks act on EncryptedExtensions,
524
- // with ServerHello extensions handled elsewhere in the handshake.
525
- //
526
- // All callbacks return true for success and false for error. If a parse
527
- // function returns zero then a fatal alert with value |*out_alert| will be
528
- // sent. If |*out_alert| isn't set, then a |decode_error| alert will be sent.
529
- struct tls_extension {
530
- uint16_t value;
531
-
532
- bool (*add_clienthello)(const SSL_HANDSHAKE *hs, CBB *out,
533
- CBB *out_compressible, ssl_client_hello_type_t type);
534
- bool (*parse_serverhello)(SSL_HANDSHAKE *hs, uint8_t *out_alert,
535
- CBS *contents);
536
-
537
- bool (*parse_clienthello)(SSL_HANDSHAKE *hs, uint8_t *out_alert,
538
- CBS *contents);
539
- bool (*add_serverhello)(SSL_HANDSHAKE *hs, CBB *out);
540
- };
541
-
542
- static bool forbid_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
543
- CBS *contents) {
544
- if (contents != NULL) {
545
- // Servers MUST NOT send this extension.
546
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
547
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
548
- return false;
549
- }
550
-
551
- return true;
552
- }
553
-
554
- static bool ignore_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
555
- CBS *contents) {
556
- // This extension from the client is handled elsewhere.
557
- return true;
558
- }
559
-
560
- static bool dont_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
561
- return true;
562
- }
563
-
564
- // Server name indication (SNI).
565
- //
566
- // https://tools.ietf.org/html/rfc6066#section-3.
567
-
568
- static bool ext_sni_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
569
- CBB *out_compressible,
570
- ssl_client_hello_type_t type) {
571
- const SSL *const ssl = hs->ssl;
572
- // If offering ECH, send the public name instead of the configured name.
573
- Span<const uint8_t> hostname;
574
- if (type == ssl_client_hello_outer) {
575
- hostname = hs->selected_ech_config->public_name;
576
- } else {
577
- if (ssl->hostname == nullptr) {
578
- return true;
579
- }
580
- hostname =
581
- MakeConstSpan(reinterpret_cast<const uint8_t *>(ssl->hostname.get()),
582
- strlen(ssl->hostname.get()));
583
- }
584
-
585
- CBB contents, server_name_list, name;
586
- if (!CBB_add_u16(out, TLSEXT_TYPE_server_name) ||
587
- !CBB_add_u16_length_prefixed(out, &contents) ||
588
- !CBB_add_u16_length_prefixed(&contents, &server_name_list) ||
589
- !CBB_add_u8(&server_name_list, TLSEXT_NAMETYPE_host_name) ||
590
- !CBB_add_u16_length_prefixed(&server_name_list, &name) ||
591
- !CBB_add_bytes(&name, hostname.data(), hostname.size()) ||
592
- !CBB_flush(out)) {
593
- return false;
594
- }
595
-
596
- return true;
597
- }
598
-
599
- static bool ext_sni_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
600
- CBS *contents) {
601
- // The server may acknowledge SNI with an empty extension. We check the syntax
602
- // but otherwise ignore this signal.
603
- return contents == NULL || CBS_len(contents) == 0;
604
- }
605
-
606
- static bool ext_sni_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
607
- CBS *contents) {
608
- // SNI has already been parsed earlier in the handshake. See |extract_sni|.
609
- return true;
610
- }
611
-
612
- static bool ext_sni_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
613
- if (hs->ssl->s3->session_reused ||
614
- !hs->should_ack_sni) {
615
- return true;
616
- }
617
-
618
- if (!CBB_add_u16(out, TLSEXT_TYPE_server_name) ||
619
- !CBB_add_u16(out, 0 /* length */)) {
620
- return false;
621
- }
622
-
623
- return true;
624
- }
625
-
626
-
627
- // Encrypted ClientHello (ECH)
628
- //
629
- // https://tools.ietf.org/html/draft-ietf-tls-esni-13
630
-
631
- static bool ext_ech_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
632
- CBB *out_compressible,
633
- ssl_client_hello_type_t type) {
634
- if (type == ssl_client_hello_inner) {
635
- if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
636
- !CBB_add_u16(out, /* length */ 1) ||
637
- !CBB_add_u8(out, ECH_CLIENT_INNER)) {
638
- return false;
639
- }
640
- return true;
641
- }
642
-
643
- if (hs->ech_client_outer.empty()) {
644
- return true;
645
- }
646
-
647
- CBB ech_body;
648
- if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
649
- !CBB_add_u16_length_prefixed(out, &ech_body) ||
650
- !CBB_add_u8(&ech_body, ECH_CLIENT_OUTER) ||
651
- !CBB_add_bytes(&ech_body, hs->ech_client_outer.data(),
652
- hs->ech_client_outer.size()) ||
653
- !CBB_flush(out)) {
654
- return false;
655
- }
656
- return true;
657
- }
658
-
659
- static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
660
- CBS *contents) {
661
- SSL *const ssl = hs->ssl;
662
- if (contents == NULL) {
663
- return true;
664
- }
665
-
666
- // The ECH extension may not be sent in TLS 1.2 ServerHello, only TLS 1.3
667
- // EncryptedExtensions. It also may not be sent in response to an inner ECH
668
- // extension.
669
- if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
670
- ssl->s3->ech_status == ssl_ech_accepted) {
671
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
672
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
673
- return false;
674
- }
675
-
676
- if (!ssl_is_valid_ech_config_list(*contents)) {
677
- *out_alert = SSL_AD_DECODE_ERROR;
678
- return false;
679
- }
680
-
681
- if (ssl->s3->ech_status == ssl_ech_rejected &&
682
- !hs->ech_retry_configs.CopyFrom(*contents)) {
683
- *out_alert = SSL_AD_INTERNAL_ERROR;
684
- return false;
685
- }
686
-
687
- return true;
688
- }
689
-
690
- static bool ext_ech_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
691
- CBS *contents) {
692
- if (contents == nullptr) {
693
- return true;
694
- }
695
-
696
- uint8_t type;
697
- if (!CBS_get_u8(contents, &type)) {
698
- return false;
699
- }
700
- if (type == ECH_CLIENT_OUTER) {
701
- // Outer ECH extensions are handled outside the callback.
702
- return true;
703
- }
704
- if (type != ECH_CLIENT_INNER || CBS_len(contents) != 0) {
705
- return false;
706
- }
707
-
708
- hs->ech_is_inner = true;
709
- return true;
710
- }
711
-
712
- static bool ext_ech_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
713
- SSL *const ssl = hs->ssl;
714
- if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
715
- ssl->s3->ech_status == ssl_ech_accepted || //
716
- hs->ech_keys == nullptr) {
717
- return true;
718
- }
719
-
720
- // Write the list of retry configs to |out|. Note |SSL_CTX_set1_ech_keys|
721
- // ensures |ech_keys| contains at least one retry config.
722
- CBB body, retry_configs;
723
- if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
724
- !CBB_add_u16_length_prefixed(out, &body) ||
725
- !CBB_add_u16_length_prefixed(&body, &retry_configs)) {
726
- return false;
727
- }
728
- for (const auto &config : hs->ech_keys->configs) {
729
- if (!config->is_retry_config()) {
730
- continue;
731
- }
732
- if (!CBB_add_bytes(&retry_configs, config->ech_config().raw.data(),
733
- config->ech_config().raw.size())) {
734
- return false;
735
- }
736
- }
737
- return CBB_flush(out);
738
- }
739
-
740
-
741
- // Renegotiation indication.
742
- //
743
- // https://tools.ietf.org/html/rfc5746
744
-
745
- static bool ext_ri_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
746
- CBB *out_compressible,
747
- ssl_client_hello_type_t type) {
748
- const SSL *const ssl = hs->ssl;
749
- // Renegotiation indication is not necessary in TLS 1.3.
750
- if (hs->min_version >= TLS1_3_VERSION ||
751
- type == ssl_client_hello_inner) {
752
- return true;
753
- }
754
-
755
- assert(ssl->s3->initial_handshake_complete ==
756
- (ssl->s3->previous_client_finished_len != 0));
757
-
758
- CBB contents, prev_finished;
759
- if (!CBB_add_u16(out, TLSEXT_TYPE_renegotiate) ||
760
- !CBB_add_u16_length_prefixed(out, &contents) ||
761
- !CBB_add_u8_length_prefixed(&contents, &prev_finished) ||
762
- !CBB_add_bytes(&prev_finished, ssl->s3->previous_client_finished,
763
- ssl->s3->previous_client_finished_len) ||
764
- !CBB_flush(out)) {
765
- return false;
766
- }
767
-
768
- return true;
769
- }
770
-
771
- static bool ext_ri_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
772
- CBS *contents) {
773
- SSL *const ssl = hs->ssl;
774
- if (contents != NULL && ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
775
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
776
- return false;
777
- }
778
-
779
- // Servers may not switch between omitting the extension and supporting it.
780
- // See RFC 5746, sections 3.5 and 4.2.
781
- if (ssl->s3->initial_handshake_complete &&
782
- (contents != NULL) != ssl->s3->send_connection_binding) {
783
- *out_alert = SSL_AD_HANDSHAKE_FAILURE;
784
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
785
- return false;
786
- }
787
-
788
- if (contents == NULL) {
789
- // Strictly speaking, if we want to avoid an attack we should *always* see
790
- // RI even on initial ServerHello because the client doesn't see any
791
- // renegotiation during an attack. However this would mean we could not
792
- // connect to any server which doesn't support RI.
793
- //
794
- // OpenSSL has |SSL_OP_LEGACY_SERVER_CONNECT| to control this, but in
795
- // practical terms every client sets it so it's just assumed here.
796
- return true;
797
- }
798
-
799
- const size_t expected_len = ssl->s3->previous_client_finished_len +
800
- ssl->s3->previous_server_finished_len;
801
-
802
- // Check for logic errors
803
- assert(!expected_len || ssl->s3->previous_client_finished_len);
804
- assert(!expected_len || ssl->s3->previous_server_finished_len);
805
- assert(ssl->s3->initial_handshake_complete ==
806
- (ssl->s3->previous_client_finished_len != 0));
807
- assert(ssl->s3->initial_handshake_complete ==
808
- (ssl->s3->previous_server_finished_len != 0));
809
-
810
- // Parse out the extension contents.
811
- CBS renegotiated_connection;
812
- if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) ||
813
- CBS_len(contents) != 0) {
814
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR);
815
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
816
- return false;
817
- }
818
-
819
- // Check that the extension matches.
820
- if (CBS_len(&renegotiated_connection) != expected_len) {
821
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
822
- *out_alert = SSL_AD_HANDSHAKE_FAILURE;
823
- return false;
824
- }
825
-
826
- const uint8_t *d = CBS_data(&renegotiated_connection);
827
- bool ok = CRYPTO_memcmp(d, ssl->s3->previous_client_finished,
828
- ssl->s3->previous_client_finished_len) == 0;
829
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
830
- ok = true;
831
- #endif
832
- if (!ok) {
833
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
834
- *out_alert = SSL_AD_HANDSHAKE_FAILURE;
835
- return false;
836
- }
837
- d += ssl->s3->previous_client_finished_len;
838
-
839
- ok = CRYPTO_memcmp(d, ssl->s3->previous_server_finished,
840
- ssl->s3->previous_server_finished_len) == 0;
841
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
842
- ok = true;
843
- #endif
844
- if (!ok) {
845
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
846
- *out_alert = SSL_AD_HANDSHAKE_FAILURE;
847
- return false;
848
- }
849
- ssl->s3->send_connection_binding = true;
850
-
851
- return true;
852
- }
853
-
854
- static bool ext_ri_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
855
- CBS *contents) {
856
- SSL *const ssl = hs->ssl;
857
- // Renegotiation isn't supported as a server so this function should never be
858
- // called after the initial handshake.
859
- assert(!ssl->s3->initial_handshake_complete);
860
-
861
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
862
- return true;
863
- }
864
-
865
- if (contents == NULL) {
866
- return true;
867
- }
868
-
869
- CBS renegotiated_connection;
870
- if (!CBS_get_u8_length_prefixed(contents, &renegotiated_connection) ||
871
- CBS_len(contents) != 0) {
872
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_ENCODING_ERR);
873
- return false;
874
- }
875
-
876
- // Check that the extension matches. We do not support renegotiation as a
877
- // server, so this must be empty.
878
- if (CBS_len(&renegotiated_connection) != 0) {
879
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH);
880
- *out_alert = SSL_AD_HANDSHAKE_FAILURE;
881
- return false;
882
- }
883
-
884
- ssl->s3->send_connection_binding = true;
885
-
886
- return true;
887
- }
888
-
889
- static bool ext_ri_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
890
- SSL *const ssl = hs->ssl;
891
- // Renegotiation isn't supported as a server so this function should never be
892
- // called after the initial handshake.
893
- assert(!ssl->s3->initial_handshake_complete);
894
-
895
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
896
- return true;
897
- }
898
-
899
- if (!CBB_add_u16(out, TLSEXT_TYPE_renegotiate) ||
900
- !CBB_add_u16(out, 1 /* length */) ||
901
- !CBB_add_u8(out, 0 /* empty renegotiation info */)) {
902
- return false;
903
- }
904
-
905
- return true;
906
- }
907
-
908
-
909
- // Extended Master Secret.
910
- //
911
- // https://tools.ietf.org/html/rfc7627
912
-
913
- static bool ext_ems_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
914
- CBB *out_compressible,
915
- ssl_client_hello_type_t type) {
916
- // Extended master secret is not necessary in TLS 1.3.
917
- if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner) {
918
- return true;
919
- }
920
-
921
- if (!CBB_add_u16(out, TLSEXT_TYPE_extended_master_secret) ||
922
- !CBB_add_u16(out, 0 /* length */)) {
923
- return false;
924
- }
925
-
926
- return true;
927
- }
928
-
929
- static bool ext_ems_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
930
- CBS *contents) {
931
- SSL *const ssl = hs->ssl;
932
-
933
- if (contents != NULL) {
934
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
935
- CBS_len(contents) != 0) {
936
- return false;
937
- }
938
-
939
- hs->extended_master_secret = true;
940
- }
941
-
942
- // Whether EMS is negotiated may not change on renegotiation.
943
- if (ssl->s3->established_session != nullptr &&
944
- hs->extended_master_secret !=
945
- !!ssl->s3->established_session->extended_master_secret) {
946
- OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_EMS_MISMATCH);
947
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
948
- return false;
949
- }
950
-
951
- return true;
952
- }
953
-
954
- static bool ext_ems_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
955
- CBS *contents) {
956
- if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
957
- return true;
958
- }
959
-
960
- if (contents == NULL) {
961
- return true;
962
- }
963
-
964
- if (CBS_len(contents) != 0) {
965
- return false;
966
- }
967
-
968
- hs->extended_master_secret = true;
969
- return true;
970
- }
971
-
972
- static bool ext_ems_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
973
- if (!hs->extended_master_secret) {
974
- return true;
975
- }
976
-
977
- if (!CBB_add_u16(out, TLSEXT_TYPE_extended_master_secret) ||
978
- !CBB_add_u16(out, 0 /* length */)) {
979
- return false;
980
- }
981
-
982
- return true;
983
- }
984
-
985
-
986
- // Session tickets.
987
- //
988
- // https://tools.ietf.org/html/rfc5077
989
-
990
- static bool ext_ticket_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
991
- CBB *out_compressible,
992
- ssl_client_hello_type_t type) {
993
- const SSL *const ssl = hs->ssl;
994
- // TLS 1.3 uses a different ticket extension.
995
- if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner ||
996
- SSL_get_options(ssl) & SSL_OP_NO_TICKET) {
997
- return true;
998
- }
999
-
1000
- Span<const uint8_t> ticket;
1001
-
1002
- // Renegotiation does not participate in session resumption. However, still
1003
- // advertise the extension to avoid potentially breaking servers which carry
1004
- // over the state from the previous handshake, such as OpenSSL servers
1005
- // without upstream's 3c3f0259238594d77264a78944d409f2127642c4.
1006
- if (!ssl->s3->initial_handshake_complete &&
1007
- ssl->session != nullptr &&
1008
- !ssl->session->ticket.empty() &&
1009
- // Don't send TLS 1.3 session tickets in the ticket extension.
1010
- ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION) {
1011
- ticket = ssl->session->ticket;
1012
- }
1013
-
1014
- CBB ticket_cbb;
1015
- if (!CBB_add_u16(out, TLSEXT_TYPE_session_ticket) ||
1016
- !CBB_add_u16_length_prefixed(out, &ticket_cbb) ||
1017
- !CBB_add_bytes(&ticket_cbb, ticket.data(), ticket.size()) ||
1018
- !CBB_flush(out)) {
1019
- return false;
1020
- }
1021
-
1022
- return true;
1023
- }
1024
-
1025
- static bool ext_ticket_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1026
- CBS *contents) {
1027
- SSL *const ssl = hs->ssl;
1028
- if (contents == NULL) {
1029
- return true;
1030
- }
1031
-
1032
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1033
- return false;
1034
- }
1035
-
1036
- // If |SSL_OP_NO_TICKET| is set then no extension will have been sent and
1037
- // this function should never be called, even if the server tries to send the
1038
- // extension.
1039
- assert((SSL_get_options(ssl) & SSL_OP_NO_TICKET) == 0);
1040
-
1041
- if (CBS_len(contents) != 0) {
1042
- return false;
1043
- }
1044
-
1045
- hs->ticket_expected = true;
1046
- return true;
1047
- }
1048
-
1049
- static bool ext_ticket_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1050
- if (!hs->ticket_expected) {
1051
- return true;
1052
- }
1053
-
1054
- // If |SSL_OP_NO_TICKET| is set, |ticket_expected| should never be true.
1055
- assert((SSL_get_options(hs->ssl) & SSL_OP_NO_TICKET) == 0);
1056
-
1057
- if (!CBB_add_u16(out, TLSEXT_TYPE_session_ticket) ||
1058
- !CBB_add_u16(out, 0 /* length */)) {
1059
- return false;
1060
- }
1061
-
1062
- return true;
1063
- }
1064
-
1065
-
1066
- // Signature Algorithms.
1067
- //
1068
- // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
1069
-
1070
- static bool ext_sigalgs_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1071
- CBB *out_compressible,
1072
- ssl_client_hello_type_t type) {
1073
- if (hs->max_version < TLS1_2_VERSION) {
1074
- return true;
1075
- }
1076
-
1077
- CBB contents, sigalgs_cbb;
1078
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_signature_algorithms) ||
1079
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1080
- !CBB_add_u16_length_prefixed(&contents, &sigalgs_cbb) ||
1081
- !tls12_add_verify_sigalgs(hs, &sigalgs_cbb) ||
1082
- !CBB_flush(out_compressible)) {
1083
- return false;
1084
- }
1085
-
1086
- return true;
1087
- }
1088
-
1089
- static bool ext_sigalgs_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1090
- CBS *contents) {
1091
- hs->peer_sigalgs.Reset();
1092
- if (contents == NULL) {
1093
- return true;
1094
- }
1095
-
1096
- CBS supported_signature_algorithms;
1097
- if (!CBS_get_u16_length_prefixed(contents, &supported_signature_algorithms) ||
1098
- CBS_len(contents) != 0 ||
1099
- !tls1_parse_peer_sigalgs(hs, &supported_signature_algorithms)) {
1100
- return false;
1101
- }
1102
-
1103
- return true;
1104
- }
1105
-
1106
-
1107
- // OCSP Stapling.
1108
- //
1109
- // https://tools.ietf.org/html/rfc6066#section-8
1110
-
1111
- static bool ext_ocsp_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1112
- CBB *out_compressible,
1113
- ssl_client_hello_type_t type) {
1114
- if (!hs->config->ocsp_stapling_enabled) {
1115
- return true;
1116
- }
1117
-
1118
- CBB contents;
1119
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_status_request) ||
1120
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1121
- !CBB_add_u8(&contents, TLSEXT_STATUSTYPE_ocsp) ||
1122
- !CBB_add_u16(&contents, 0 /* empty responder ID list */) ||
1123
- !CBB_add_u16(&contents, 0 /* empty request extensions */) ||
1124
- !CBB_flush(out_compressible)) {
1125
- return false;
1126
- }
1127
-
1128
- return true;
1129
- }
1130
-
1131
- static bool ext_ocsp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1132
- CBS *contents) {
1133
- SSL *const ssl = hs->ssl;
1134
- if (contents == NULL) {
1135
- return true;
1136
- }
1137
-
1138
- // TLS 1.3 OCSP responses are included in the Certificate extensions.
1139
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1140
- return false;
1141
- }
1142
-
1143
- // OCSP stapling is forbidden on non-certificate ciphers.
1144
- if (CBS_len(contents) != 0 ||
1145
- !ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
1146
- return false;
1147
- }
1148
-
1149
- // Note this does not check for resumption in TLS 1.2. Sending
1150
- // status_request here does not make sense, but OpenSSL does so and the
1151
- // specification does not say anything. Tolerate it but ignore it.
1152
-
1153
- hs->certificate_status_expected = true;
1154
- return true;
1155
- }
1156
-
1157
- static bool ext_ocsp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1158
- CBS *contents) {
1159
- if (contents == NULL) {
1160
- return true;
1161
- }
1162
-
1163
- uint8_t status_type;
1164
- if (!CBS_get_u8(contents, &status_type)) {
1165
- return false;
1166
- }
1167
-
1168
- // We cannot decide whether OCSP stapling will occur yet because the correct
1169
- // SSL_CTX might not have been selected.
1170
- hs->ocsp_stapling_requested = status_type == TLSEXT_STATUSTYPE_ocsp;
1171
-
1172
- return true;
1173
- }
1174
-
1175
- static bool ext_ocsp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1176
- SSL *const ssl = hs->ssl;
1177
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION ||
1178
- !hs->ocsp_stapling_requested || hs->config->cert->ocsp_response == NULL ||
1179
- ssl->s3->session_reused ||
1180
- !ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
1181
- return true;
1182
- }
1183
-
1184
- hs->certificate_status_expected = true;
1185
-
1186
- return CBB_add_u16(out, TLSEXT_TYPE_status_request) &&
1187
- CBB_add_u16(out, 0 /* length */);
1188
- }
1189
-
1190
-
1191
- // Next protocol negotiation.
1192
- //
1193
- // https://htmlpreview.github.io/?https://github.com/agl/technotes/blob/master/nextprotoneg.html
1194
-
1195
- static bool ext_npn_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1196
- CBB *out_compressible,
1197
- ssl_client_hello_type_t type) {
1198
- const SSL *const ssl = hs->ssl;
1199
- if (ssl->ctx->next_proto_select_cb == NULL ||
1200
- // Do not allow NPN to change on renegotiation.
1201
- ssl->s3->initial_handshake_complete ||
1202
- // NPN is not defined in DTLS or TLS 1.3.
1203
- SSL_is_dtls(ssl) || hs->min_version >= TLS1_3_VERSION ||
1204
- type == ssl_client_hello_inner) {
1205
- return true;
1206
- }
1207
-
1208
- if (!CBB_add_u16(out, TLSEXT_TYPE_next_proto_neg) ||
1209
- !CBB_add_u16(out, 0 /* length */)) {
1210
- return false;
1211
- }
1212
-
1213
- return true;
1214
- }
1215
-
1216
- static bool ext_npn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1217
- CBS *contents) {
1218
- SSL *const ssl = hs->ssl;
1219
- if (contents == NULL) {
1220
- return true;
1221
- }
1222
-
1223
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1224
- return false;
1225
- }
1226
-
1227
- // If any of these are false then we should never have sent the NPN
1228
- // extension in the ClientHello and thus this function should never have been
1229
- // called.
1230
- assert(!ssl->s3->initial_handshake_complete);
1231
- assert(!SSL_is_dtls(ssl));
1232
- assert(ssl->ctx->next_proto_select_cb != NULL);
1233
-
1234
- if (!ssl->s3->alpn_selected.empty()) {
1235
- // NPN and ALPN may not be negotiated in the same connection.
1236
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1237
- OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN);
1238
- return false;
1239
- }
1240
-
1241
- const uint8_t *const orig_contents = CBS_data(contents);
1242
- const size_t orig_len = CBS_len(contents);
1243
-
1244
- while (CBS_len(contents) != 0) {
1245
- CBS proto;
1246
- if (!CBS_get_u8_length_prefixed(contents, &proto) ||
1247
- CBS_len(&proto) == 0) {
1248
- return false;
1249
- }
1250
- }
1251
-
1252
- uint8_t *selected;
1253
- uint8_t selected_len;
1254
- if (ssl->ctx->next_proto_select_cb(
1255
- ssl, &selected, &selected_len, orig_contents, orig_len,
1256
- ssl->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK ||
1257
- !ssl->s3->next_proto_negotiated.CopyFrom(
1258
- MakeConstSpan(selected, selected_len))) {
1259
- *out_alert = SSL_AD_INTERNAL_ERROR;
1260
- return false;
1261
- }
1262
-
1263
- hs->next_proto_neg_seen = true;
1264
- return true;
1265
- }
1266
-
1267
- static bool ext_npn_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1268
- CBS *contents) {
1269
- SSL *const ssl = hs->ssl;
1270
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1271
- return true;
1272
- }
1273
-
1274
- if (contents != NULL && CBS_len(contents) != 0) {
1275
- return false;
1276
- }
1277
-
1278
- if (contents == NULL ||
1279
- ssl->s3->initial_handshake_complete ||
1280
- ssl->ctx->next_protos_advertised_cb == NULL ||
1281
- SSL_is_dtls(ssl)) {
1282
- return true;
1283
- }
1284
-
1285
- hs->next_proto_neg_seen = true;
1286
- return true;
1287
- }
1288
-
1289
- static bool ext_npn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1290
- SSL *const ssl = hs->ssl;
1291
- // |next_proto_neg_seen| might have been cleared when an ALPN extension was
1292
- // parsed.
1293
- if (!hs->next_proto_neg_seen) {
1294
- return true;
1295
- }
1296
-
1297
- const uint8_t *npa;
1298
- unsigned npa_len;
1299
-
1300
- if (ssl->ctx->next_protos_advertised_cb(
1301
- ssl, &npa, &npa_len, ssl->ctx->next_protos_advertised_cb_arg) !=
1302
- SSL_TLSEXT_ERR_OK) {
1303
- hs->next_proto_neg_seen = false;
1304
- return true;
1305
- }
1306
-
1307
- CBB contents;
1308
- if (!CBB_add_u16(out, TLSEXT_TYPE_next_proto_neg) ||
1309
- !CBB_add_u16_length_prefixed(out, &contents) ||
1310
- !CBB_add_bytes(&contents, npa, npa_len) ||
1311
- !CBB_flush(out)) {
1312
- return false;
1313
- }
1314
-
1315
- return true;
1316
- }
1317
-
1318
-
1319
- // Signed certificate timestamps.
1320
- //
1321
- // https://tools.ietf.org/html/rfc6962#section-3.3.1
1322
-
1323
- static bool ext_sct_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1324
- CBB *out_compressible,
1325
- ssl_client_hello_type_t type) {
1326
- if (!hs->config->signed_cert_timestamps_enabled) {
1327
- return true;
1328
- }
1329
-
1330
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_certificate_timestamp) ||
1331
- !CBB_add_u16(out_compressible, 0 /* length */)) {
1332
- return false;
1333
- }
1334
-
1335
- return true;
1336
- }
1337
-
1338
- static bool ext_sct_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1339
- CBS *contents) {
1340
- SSL *const ssl = hs->ssl;
1341
- if (contents == NULL) {
1342
- return true;
1343
- }
1344
-
1345
- // TLS 1.3 SCTs are included in the Certificate extensions.
1346
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1347
- *out_alert = SSL_AD_DECODE_ERROR;
1348
- return false;
1349
- }
1350
-
1351
- // If this is false then we should never have sent the SCT extension in the
1352
- // ClientHello and thus this function should never have been called.
1353
- assert(hs->config->signed_cert_timestamps_enabled);
1354
-
1355
- if (!ssl_is_sct_list_valid(contents)) {
1356
- *out_alert = SSL_AD_DECODE_ERROR;
1357
- return false;
1358
- }
1359
-
1360
- // Session resumption uses the original session information. The extension
1361
- // should not be sent on resumption, but RFC 6962 did not make it a
1362
- // requirement, so tolerate this.
1363
- //
1364
- // TODO(davidben): Enforce this anyway.
1365
- if (!ssl->s3->session_reused) {
1366
- hs->new_session->signed_cert_timestamp_list.reset(
1367
- CRYPTO_BUFFER_new_from_CBS(contents, ssl->ctx->pool));
1368
- if (hs->new_session->signed_cert_timestamp_list == nullptr) {
1369
- *out_alert = SSL_AD_INTERNAL_ERROR;
1370
- return false;
1371
- }
1372
- }
1373
-
1374
- return true;
1375
- }
1376
-
1377
- static bool ext_sct_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1378
- CBS *contents) {
1379
- if (contents == NULL) {
1380
- return true;
1381
- }
1382
-
1383
- if (CBS_len(contents) != 0) {
1384
- return false;
1385
- }
1386
-
1387
- hs->scts_requested = true;
1388
- return true;
1389
- }
1390
-
1391
- static bool ext_sct_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1392
- SSL *const ssl = hs->ssl;
1393
- // The extension shouldn't be sent when resuming sessions.
1394
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION || ssl->s3->session_reused ||
1395
- hs->config->cert->signed_cert_timestamp_list == NULL) {
1396
- return true;
1397
- }
1398
-
1399
- CBB contents;
1400
- return CBB_add_u16(out, TLSEXT_TYPE_certificate_timestamp) &&
1401
- CBB_add_u16_length_prefixed(out, &contents) &&
1402
- CBB_add_bytes(
1403
- &contents,
1404
- CRYPTO_BUFFER_data(
1405
- hs->config->cert->signed_cert_timestamp_list.get()),
1406
- CRYPTO_BUFFER_len(
1407
- hs->config->cert->signed_cert_timestamp_list.get())) &&
1408
- CBB_flush(out);
1409
- }
1410
-
1411
-
1412
- // Application-level Protocol Negotiation.
1413
- //
1414
- // https://tools.ietf.org/html/rfc7301
1415
-
1416
- static bool ext_alpn_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1417
- CBB *out_compressible,
1418
- ssl_client_hello_type_t type) {
1419
- const SSL *const ssl = hs->ssl;
1420
- if (hs->config->alpn_client_proto_list.empty() && ssl->quic_method) {
1421
- // ALPN MUST be used with QUIC.
1422
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1423
- return false;
1424
- }
1425
-
1426
- if (hs->config->alpn_client_proto_list.empty() ||
1427
- ssl->s3->initial_handshake_complete) {
1428
- return true;
1429
- }
1430
-
1431
- CBB contents, proto_list;
1432
- if (!CBB_add_u16(out_compressible,
1433
- TLSEXT_TYPE_application_layer_protocol_negotiation) ||
1434
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1435
- !CBB_add_u16_length_prefixed(&contents, &proto_list) ||
1436
- !CBB_add_bytes(&proto_list, hs->config->alpn_client_proto_list.data(),
1437
- hs->config->alpn_client_proto_list.size()) ||
1438
- !CBB_flush(out_compressible)) {
1439
- return false;
1440
- }
1441
-
1442
- return true;
1443
- }
1444
-
1445
- static bool ext_alpn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1446
- CBS *contents) {
1447
- SSL *const ssl = hs->ssl;
1448
- if (contents == NULL) {
1449
- if (ssl->quic_method) {
1450
- // ALPN is required when QUIC is used.
1451
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1452
- *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1453
- return false;
1454
- }
1455
- return true;
1456
- }
1457
-
1458
- assert(!ssl->s3->initial_handshake_complete);
1459
- assert(!hs->config->alpn_client_proto_list.empty());
1460
-
1461
- if (hs->next_proto_neg_seen) {
1462
- // NPN and ALPN may not be negotiated in the same connection.
1463
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1464
- OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN);
1465
- return false;
1466
- }
1467
-
1468
- // The extension data consists of a ProtocolNameList which must have
1469
- // exactly one ProtocolName. Each of these is length-prefixed.
1470
- CBS protocol_name_list, protocol_name;
1471
- if (!CBS_get_u16_length_prefixed(contents, &protocol_name_list) ||
1472
- CBS_len(contents) != 0 ||
1473
- !CBS_get_u8_length_prefixed(&protocol_name_list, &protocol_name) ||
1474
- // Empty protocol names are forbidden.
1475
- CBS_len(&protocol_name) == 0 ||
1476
- CBS_len(&protocol_name_list) != 0) {
1477
- return false;
1478
- }
1479
-
1480
- if (!ssl_is_alpn_protocol_allowed(hs, protocol_name)) {
1481
- OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
1482
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1483
- return false;
1484
- }
1485
-
1486
- if (!ssl->s3->alpn_selected.CopyFrom(protocol_name)) {
1487
- *out_alert = SSL_AD_INTERNAL_ERROR;
1488
- return false;
1489
- }
1490
-
1491
- return true;
1492
- }
1493
-
1494
- bool ssl_is_valid_alpn_list(Span<const uint8_t> in) {
1495
- CBS protocol_name_list = in;
1496
- if (CBS_len(&protocol_name_list) == 0) {
1497
- return false;
1498
- }
1499
- while (CBS_len(&protocol_name_list) > 0) {
1500
- CBS protocol_name;
1501
- if (!CBS_get_u8_length_prefixed(&protocol_name_list, &protocol_name) ||
1502
- // Empty protocol names are forbidden.
1503
- CBS_len(&protocol_name) == 0) {
1504
- return false;
1505
- }
1506
- }
1507
- return true;
1508
- }
1509
-
1510
- bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
1511
- Span<const uint8_t> protocol) {
1512
- if (hs->config->alpn_client_proto_list.empty()) {
1513
- return false;
1514
- }
1515
-
1516
- if (hs->ssl->ctx->allow_unknown_alpn_protos) {
1517
- return true;
1518
- }
1519
-
1520
- // Check that the protocol name is one of the ones we advertised.
1521
- CBS client_protocol_name_list =
1522
- MakeConstSpan(hs->config->alpn_client_proto_list),
1523
- client_protocol_name;
1524
- while (CBS_len(&client_protocol_name_list) > 0) {
1525
- if (!CBS_get_u8_length_prefixed(&client_protocol_name_list,
1526
- &client_protocol_name)) {
1527
- return false;
1528
- }
1529
-
1530
- if (client_protocol_name == protocol) {
1531
- return true;
1532
- }
1533
- }
1534
-
1535
- return false;
1536
- }
1537
-
1538
- bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1539
- const SSL_CLIENT_HELLO *client_hello) {
1540
- SSL *const ssl = hs->ssl;
1541
- CBS contents;
1542
- if (ssl->ctx->alpn_select_cb == NULL ||
1543
- !ssl_client_hello_get_extension(
1544
- client_hello, &contents,
1545
- TLSEXT_TYPE_application_layer_protocol_negotiation)) {
1546
- if (ssl->quic_method) {
1547
- // ALPN is required when QUIC is used.
1548
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1549
- *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1550
- return false;
1551
- }
1552
- // Ignore ALPN if not configured or no extension was supplied.
1553
- return true;
1554
- }
1555
-
1556
- // ALPN takes precedence over NPN.
1557
- hs->next_proto_neg_seen = false;
1558
-
1559
- CBS protocol_name_list;
1560
- if (!CBS_get_u16_length_prefixed(&contents, &protocol_name_list) ||
1561
- CBS_len(&contents) != 0 ||
1562
- !ssl_is_valid_alpn_list(protocol_name_list)) {
1563
- OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
1564
- *out_alert = SSL_AD_DECODE_ERROR;
1565
- return false;
1566
- }
1567
-
1568
- const uint8_t *selected;
1569
- uint8_t selected_len;
1570
- int ret = ssl->ctx->alpn_select_cb(
1571
- ssl, &selected, &selected_len, CBS_data(&protocol_name_list),
1572
- CBS_len(&protocol_name_list), ssl->ctx->alpn_select_cb_arg);
1573
- // ALPN is required when QUIC is used.
1574
- if (ssl->quic_method &&
1575
- (ret == SSL_TLSEXT_ERR_NOACK || ret == SSL_TLSEXT_ERR_ALERT_WARNING)) {
1576
- ret = SSL_TLSEXT_ERR_ALERT_FATAL;
1577
- }
1578
- switch (ret) {
1579
- case SSL_TLSEXT_ERR_OK:
1580
- if (selected_len == 0) {
1581
- OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
1582
- *out_alert = SSL_AD_INTERNAL_ERROR;
1583
- return false;
1584
- }
1585
- if (!ssl->s3->alpn_selected.CopyFrom(
1586
- MakeConstSpan(selected, selected_len))) {
1587
- *out_alert = SSL_AD_INTERNAL_ERROR;
1588
- return false;
1589
- }
1590
- break;
1591
- case SSL_TLSEXT_ERR_NOACK:
1592
- case SSL_TLSEXT_ERR_ALERT_WARNING:
1593
- break;
1594
- case SSL_TLSEXT_ERR_ALERT_FATAL:
1595
- *out_alert = SSL_AD_NO_APPLICATION_PROTOCOL;
1596
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL);
1597
- return false;
1598
- default:
1599
- // Invalid return value.
1600
- *out_alert = SSL_AD_INTERNAL_ERROR;
1601
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1602
- return false;
1603
- }
1604
-
1605
- return true;
1606
- }
1607
-
1608
- static bool ext_alpn_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1609
- SSL *const ssl = hs->ssl;
1610
- if (ssl->s3->alpn_selected.empty()) {
1611
- return true;
1612
- }
1613
-
1614
- CBB contents, proto_list, proto;
1615
- if (!CBB_add_u16(out, TLSEXT_TYPE_application_layer_protocol_negotiation) ||
1616
- !CBB_add_u16_length_prefixed(out, &contents) ||
1617
- !CBB_add_u16_length_prefixed(&contents, &proto_list) ||
1618
- !CBB_add_u8_length_prefixed(&proto_list, &proto) ||
1619
- !CBB_add_bytes(&proto, ssl->s3->alpn_selected.data(),
1620
- ssl->s3->alpn_selected.size()) ||
1621
- !CBB_flush(out)) {
1622
- return false;
1623
- }
1624
-
1625
- return true;
1626
- }
1627
-
1628
-
1629
- // Channel ID.
1630
- //
1631
- // https://tools.ietf.org/html/draft-balfanz-tls-channelid-01
1632
-
1633
- static bool ext_channel_id_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1634
- CBB *out_compressible,
1635
- ssl_client_hello_type_t type) {
1636
- const SSL *const ssl = hs->ssl;
1637
- if (!hs->config->channel_id_private || SSL_is_dtls(ssl) ||
1638
- // Don't offer Channel ID in ClientHelloOuter. ClientHelloOuter handshakes
1639
- // are not authenticated for the name that can learn the Channel ID.
1640
- //
1641
- // We could alternatively offer the extension but sign with a random key.
1642
- // For other extensions, we try to align |ssl_client_hello_outer| and
1643
- // |ssl_client_hello_unencrypted|, to improve the effectiveness of ECH
1644
- // GREASE. However, Channel ID is deprecated and unlikely to be used with
1645
- // ECH, so do the simplest thing.
1646
- type == ssl_client_hello_outer) {
1647
- return true;
1648
- }
1649
-
1650
- if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
1651
- !CBB_add_u16(out, 0 /* length */)) {
1652
- return false;
1653
- }
1654
-
1655
- return true;
1656
- }
1657
-
1658
- static bool ext_channel_id_parse_serverhello(SSL_HANDSHAKE *hs,
1659
- uint8_t *out_alert,
1660
- CBS *contents) {
1661
- if (contents == NULL) {
1662
- return true;
1663
- }
1664
-
1665
- assert(!SSL_is_dtls(hs->ssl));
1666
- assert(hs->config->channel_id_private);
1667
-
1668
- if (CBS_len(contents) != 0) {
1669
- return false;
1670
- }
1671
-
1672
- hs->channel_id_negotiated = true;
1673
- return true;
1674
- }
1675
-
1676
- static bool ext_channel_id_parse_clienthello(SSL_HANDSHAKE *hs,
1677
- uint8_t *out_alert,
1678
- CBS *contents) {
1679
- SSL *const ssl = hs->ssl;
1680
- if (contents == NULL || !hs->config->channel_id_enabled || SSL_is_dtls(ssl)) {
1681
- return true;
1682
- }
1683
-
1684
- if (CBS_len(contents) != 0) {
1685
- return false;
1686
- }
1687
-
1688
- hs->channel_id_negotiated = true;
1689
- return true;
1690
- }
1691
-
1692
- static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1693
- if (!hs->channel_id_negotiated) {
1694
- return true;
1695
- }
1696
-
1697
- if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
1698
- !CBB_add_u16(out, 0 /* length */)) {
1699
- return false;
1700
- }
1701
-
1702
- return true;
1703
- }
1704
-
1705
-
1706
- // Secure Real-time Transport Protocol (SRTP) extension.
1707
- //
1708
- // https://tools.ietf.org/html/rfc5764
1709
-
1710
- static bool ext_srtp_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1711
- CBB *out_compressible,
1712
- ssl_client_hello_type_t type) {
1713
- const SSL *const ssl = hs->ssl;
1714
- const STACK_OF(SRTP_PROTECTION_PROFILE) *profiles =
1715
- SSL_get_srtp_profiles(ssl);
1716
- if (profiles == NULL ||
1717
- sk_SRTP_PROTECTION_PROFILE_num(profiles) == 0 ||
1718
- !SSL_is_dtls(ssl)) {
1719
- return true;
1720
- }
1721
-
1722
- CBB contents, profile_ids;
1723
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_srtp) ||
1724
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
1725
- !CBB_add_u16_length_prefixed(&contents, &profile_ids)) {
1726
- return false;
1727
- }
1728
-
1729
- for (const SRTP_PROTECTION_PROFILE *profile : profiles) {
1730
- if (!CBB_add_u16(&profile_ids, profile->id)) {
1731
- return false;
1732
- }
1733
- }
1734
-
1735
- if (!CBB_add_u8(&contents, 0 /* empty use_mki value */) ||
1736
- !CBB_flush(out_compressible)) {
1737
- return false;
1738
- }
1739
-
1740
- return true;
1741
- }
1742
-
1743
- static bool ext_srtp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1744
- CBS *contents) {
1745
- SSL *const ssl = hs->ssl;
1746
- if (contents == NULL) {
1747
- return true;
1748
- }
1749
-
1750
- // The extension consists of a u16-prefixed profile ID list containing a
1751
- // single uint16_t profile ID, then followed by a u8-prefixed srtp_mki field.
1752
- //
1753
- // See https://tools.ietf.org/html/rfc5764#section-4.1.1
1754
- assert(SSL_is_dtls(ssl));
1755
- CBS profile_ids, srtp_mki;
1756
- uint16_t profile_id;
1757
- if (!CBS_get_u16_length_prefixed(contents, &profile_ids) ||
1758
- !CBS_get_u16(&profile_ids, &profile_id) ||
1759
- CBS_len(&profile_ids) != 0 ||
1760
- !CBS_get_u8_length_prefixed(contents, &srtp_mki) ||
1761
- CBS_len(contents) != 0) {
1762
- OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1763
- return false;
1764
- }
1765
-
1766
- if (CBS_len(&srtp_mki) != 0) {
1767
- // Must be no MKI, since we never offer one.
1768
- OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_MKI_VALUE);
1769
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1770
- return false;
1771
- }
1772
-
1773
- // Check to see if the server gave us something we support and offered.
1774
- for (const SRTP_PROTECTION_PROFILE *profile : SSL_get_srtp_profiles(ssl)) {
1775
- if (profile->id == profile_id) {
1776
- ssl->s3->srtp_profile = profile;
1777
- return true;
1778
- }
1779
- }
1780
-
1781
- OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1782
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1783
- return false;
1784
- }
1785
-
1786
- static bool ext_srtp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1787
- CBS *contents) {
1788
- SSL *const ssl = hs->ssl;
1789
- // DTLS-SRTP is only defined for DTLS.
1790
- if (contents == NULL || !SSL_is_dtls(ssl)) {
1791
- return true;
1792
- }
1793
-
1794
- CBS profile_ids, srtp_mki;
1795
- if (!CBS_get_u16_length_prefixed(contents, &profile_ids) ||
1796
- CBS_len(&profile_ids) < 2 ||
1797
- !CBS_get_u8_length_prefixed(contents, &srtp_mki) ||
1798
- CBS_len(contents) != 0) {
1799
- OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
1800
- return false;
1801
- }
1802
- // Discard the MKI value for now.
1803
-
1804
- const STACK_OF(SRTP_PROTECTION_PROFILE) *server_profiles =
1805
- SSL_get_srtp_profiles(ssl);
1806
-
1807
- // Pick the server's most preferred profile.
1808
- for (const SRTP_PROTECTION_PROFILE *server_profile : server_profiles) {
1809
- CBS profile_ids_tmp;
1810
- CBS_init(&profile_ids_tmp, CBS_data(&profile_ids), CBS_len(&profile_ids));
1811
-
1812
- while (CBS_len(&profile_ids_tmp) > 0) {
1813
- uint16_t profile_id;
1814
- if (!CBS_get_u16(&profile_ids_tmp, &profile_id)) {
1815
- return false;
1816
- }
1817
-
1818
- if (server_profile->id == profile_id) {
1819
- ssl->s3->srtp_profile = server_profile;
1820
- return true;
1821
- }
1822
- }
1823
- }
1824
-
1825
- return true;
1826
- }
1827
-
1828
- static bool ext_srtp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1829
- SSL *const ssl = hs->ssl;
1830
- if (ssl->s3->srtp_profile == NULL) {
1831
- return true;
1832
- }
1833
-
1834
- assert(SSL_is_dtls(ssl));
1835
- CBB contents, profile_ids;
1836
- if (!CBB_add_u16(out, TLSEXT_TYPE_srtp) ||
1837
- !CBB_add_u16_length_prefixed(out, &contents) ||
1838
- !CBB_add_u16_length_prefixed(&contents, &profile_ids) ||
1839
- !CBB_add_u16(&profile_ids, ssl->s3->srtp_profile->id) ||
1840
- !CBB_add_u8(&contents, 0 /* empty MKI */) ||
1841
- !CBB_flush(out)) {
1842
- return false;
1843
- }
1844
-
1845
- return true;
1846
- }
1847
-
1848
-
1849
- // EC point formats.
1850
- //
1851
- // https://tools.ietf.org/html/rfc4492#section-5.1.2
1852
-
1853
- static bool ext_ec_point_add_extension(const SSL_HANDSHAKE *hs, CBB *out) {
1854
- CBB contents, formats;
1855
- if (!CBB_add_u16(out, TLSEXT_TYPE_ec_point_formats) ||
1856
- !CBB_add_u16_length_prefixed(out, &contents) ||
1857
- !CBB_add_u8_length_prefixed(&contents, &formats) ||
1858
- !CBB_add_u8(&formats, TLSEXT_ECPOINTFORMAT_uncompressed) ||
1859
- !CBB_flush(out)) {
1860
- return false;
1861
- }
1862
-
1863
- return true;
1864
- }
1865
-
1866
- static bool ext_ec_point_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
1867
- CBB *out_compressible,
1868
- ssl_client_hello_type_t type) {
1869
- // The point format extension is unnecessary in TLS 1.3.
1870
- if (hs->min_version >= TLS1_3_VERSION || type == ssl_client_hello_inner) {
1871
- return true;
1872
- }
1873
-
1874
- return ext_ec_point_add_extension(hs, out);
1875
- }
1876
-
1877
- static bool ext_ec_point_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1878
- CBS *contents) {
1879
- if (contents == NULL) {
1880
- return true;
1881
- }
1882
-
1883
- if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
1884
- return false;
1885
- }
1886
-
1887
- CBS ec_point_format_list;
1888
- if (!CBS_get_u8_length_prefixed(contents, &ec_point_format_list) ||
1889
- CBS_len(contents) != 0) {
1890
- return false;
1891
- }
1892
-
1893
- // Per RFC 4492, section 5.1.2, implementations MUST support the uncompressed
1894
- // point format.
1895
- if (OPENSSL_memchr(CBS_data(&ec_point_format_list),
1896
- TLSEXT_ECPOINTFORMAT_uncompressed,
1897
- CBS_len(&ec_point_format_list)) == NULL) {
1898
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
1899
- return false;
1900
- }
1901
-
1902
- return true;
1903
- }
1904
-
1905
- static bool ext_ec_point_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1906
- CBS *contents) {
1907
- if (ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
1908
- return true;
1909
- }
1910
-
1911
- return ext_ec_point_parse_serverhello(hs, out_alert, contents);
1912
- }
1913
-
1914
- static bool ext_ec_point_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
1915
- SSL *const ssl = hs->ssl;
1916
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
1917
- return true;
1918
- }
1919
-
1920
- const uint32_t alg_k = hs->new_cipher->algorithm_mkey;
1921
- const uint32_t alg_a = hs->new_cipher->algorithm_auth;
1922
- const bool using_ecc = (alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA);
1923
-
1924
- if (!using_ecc) {
1925
- return true;
1926
- }
1927
-
1928
- return ext_ec_point_add_extension(hs, out);
1929
- }
1930
-
1931
-
1932
- // Pre Shared Key
1933
- //
1934
- // https://tools.ietf.org/html/rfc8446#section-4.2.11
1935
-
1936
- static bool should_offer_psk(const SSL_HANDSHAKE *hs,
1937
- ssl_client_hello_type_t type) {
1938
- const SSL *const ssl = hs->ssl;
1939
- if (hs->max_version < TLS1_3_VERSION || ssl->session == nullptr ||
1940
- ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION ||
1941
- // TODO(https://crbug.com/boringssl/275): Should we synthesize a
1942
- // placeholder PSK, at least when we offer early data? Otherwise
1943
- // ClientHelloOuter will contain an early_data extension without a
1944
- // pre_shared_key extension and potentially break the recovery flow.
1945
- type == ssl_client_hello_outer) {
1946
- return false;
1947
- }
1948
-
1949
- // Per RFC 8446 section 4.1.4, skip offering the session if the selected
1950
- // cipher in HelloRetryRequest does not match. This avoids performing the
1951
- // transcript hash transformation for multiple hashes.
1952
- if (ssl->s3->used_hello_retry_request &&
1953
- ssl->session->cipher->algorithm_prf != hs->new_cipher->algorithm_prf) {
1954
- return false;
1955
- }
1956
-
1957
- return true;
1958
- }
1959
-
1960
- static size_t ext_pre_shared_key_clienthello_length(
1961
- const SSL_HANDSHAKE *hs, ssl_client_hello_type_t type) {
1962
- const SSL *const ssl = hs->ssl;
1963
- if (!should_offer_psk(hs, type)) {
1964
- return 0;
1965
- }
1966
-
1967
- size_t binder_len = EVP_MD_size(ssl_session_get_digest(ssl->session.get()));
1968
- return 15 + ssl->session->ticket.size() + binder_len;
1969
- }
1970
-
1971
- static bool ext_pre_shared_key_add_clienthello(const SSL_HANDSHAKE *hs,
1972
- CBB *out, bool *out_needs_binder,
1973
- ssl_client_hello_type_t type) {
1974
- const SSL *const ssl = hs->ssl;
1975
- *out_needs_binder = false;
1976
- if (!should_offer_psk(hs, type)) {
1977
- return true;
1978
- }
1979
-
1980
- struct OPENSSL_timeval now;
1981
- ssl_get_current_time(ssl, &now);
1982
- uint32_t ticket_age = 1000 * (now.tv_sec - ssl->session->time);
1983
- uint32_t obfuscated_ticket_age = ticket_age + ssl->session->ticket_age_add;
1984
-
1985
- // Fill in a placeholder zero binder of the appropriate length. It will be
1986
- // computed and filled in later after length prefixes are computed.
1987
- size_t binder_len = EVP_MD_size(ssl_session_get_digest(ssl->session.get()));
1988
-
1989
- CBB contents, identity, ticket, binders, binder;
1990
- if (!CBB_add_u16(out, TLSEXT_TYPE_pre_shared_key) ||
1991
- !CBB_add_u16_length_prefixed(out, &contents) ||
1992
- !CBB_add_u16_length_prefixed(&contents, &identity) ||
1993
- !CBB_add_u16_length_prefixed(&identity, &ticket) ||
1994
- !CBB_add_bytes(&ticket, ssl->session->ticket.data(),
1995
- ssl->session->ticket.size()) ||
1996
- !CBB_add_u32(&identity, obfuscated_ticket_age) ||
1997
- !CBB_add_u16_length_prefixed(&contents, &binders) ||
1998
- !CBB_add_u8_length_prefixed(&binders, &binder) ||
1999
- !CBB_add_zeros(&binder, binder_len)) {
2000
- return false;
2001
- }
2002
-
2003
- *out_needs_binder = true;
2004
- return CBB_flush(out);
2005
- }
2006
-
2007
- bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
2008
- uint8_t *out_alert,
2009
- CBS *contents) {
2010
- uint16_t psk_id;
2011
- if (!CBS_get_u16(contents, &psk_id) ||
2012
- CBS_len(contents) != 0) {
2013
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2014
- *out_alert = SSL_AD_DECODE_ERROR;
2015
- return false;
2016
- }
2017
-
2018
- // We only advertise one PSK identity, so the only legal index is zero.
2019
- if (psk_id != 0) {
2020
- OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND);
2021
- *out_alert = SSL_AD_UNKNOWN_PSK_IDENTITY;
2022
- return false;
2023
- }
2024
-
2025
- return true;
2026
- }
2027
-
2028
- bool ssl_ext_pre_shared_key_parse_clienthello(
2029
- SSL_HANDSHAKE *hs, CBS *out_ticket, CBS *out_binders,
2030
- uint32_t *out_obfuscated_ticket_age, uint8_t *out_alert,
2031
- const SSL_CLIENT_HELLO *client_hello, CBS *contents) {
2032
- // Verify that the pre_shared_key extension is the last extension in
2033
- // ClientHello.
2034
- if (CBS_data(contents) + CBS_len(contents) !=
2035
- client_hello->extensions + client_hello->extensions_len) {
2036
- OPENSSL_PUT_ERROR(SSL, SSL_R_PRE_SHARED_KEY_MUST_BE_LAST);
2037
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2038
- return false;
2039
- }
2040
-
2041
- // We only process the first PSK identity since we don't support pure PSK.
2042
- CBS identities, binders;
2043
- if (!CBS_get_u16_length_prefixed(contents, &identities) ||
2044
- !CBS_get_u16_length_prefixed(&identities, out_ticket) ||
2045
- !CBS_get_u32(&identities, out_obfuscated_ticket_age) ||
2046
- !CBS_get_u16_length_prefixed(contents, &binders) ||
2047
- CBS_len(&binders) == 0 ||
2048
- CBS_len(contents) != 0) {
2049
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2050
- *out_alert = SSL_AD_DECODE_ERROR;
2051
- return false;
2052
- }
2053
-
2054
- *out_binders = binders;
2055
-
2056
- // Check the syntax of the remaining identities, but do not process them.
2057
- size_t num_identities = 1;
2058
- while (CBS_len(&identities) != 0) {
2059
- CBS unused_ticket;
2060
- uint32_t unused_obfuscated_ticket_age;
2061
- if (!CBS_get_u16_length_prefixed(&identities, &unused_ticket) ||
2062
- !CBS_get_u32(&identities, &unused_obfuscated_ticket_age)) {
2063
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2064
- *out_alert = SSL_AD_DECODE_ERROR;
2065
- return false;
2066
- }
2067
-
2068
- num_identities++;
2069
- }
2070
-
2071
- // Check the syntax of the binders. The value will be checked later if
2072
- // resuming.
2073
- size_t num_binders = 0;
2074
- while (CBS_len(&binders) != 0) {
2075
- CBS binder;
2076
- if (!CBS_get_u8_length_prefixed(&binders, &binder)) {
2077
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2078
- *out_alert = SSL_AD_DECODE_ERROR;
2079
- return false;
2080
- }
2081
-
2082
- num_binders++;
2083
- }
2084
-
2085
- if (num_identities != num_binders) {
2086
- OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_BINDER_COUNT_MISMATCH);
2087
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2088
- return false;
2089
- }
2090
-
2091
- return true;
2092
- }
2093
-
2094
- bool ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2095
- if (!hs->ssl->s3->session_reused) {
2096
- return true;
2097
- }
2098
-
2099
- CBB contents;
2100
- if (!CBB_add_u16(out, TLSEXT_TYPE_pre_shared_key) ||
2101
- !CBB_add_u16_length_prefixed(out, &contents) ||
2102
- // We only consider the first identity for resumption
2103
- !CBB_add_u16(&contents, 0) ||
2104
- !CBB_flush(out)) {
2105
- return false;
2106
- }
2107
-
2108
- return true;
2109
- }
2110
-
2111
-
2112
- // Pre-Shared Key Exchange Modes
2113
- //
2114
- // https://tools.ietf.org/html/rfc8446#section-4.2.9
2115
-
2116
- static bool ext_psk_key_exchange_modes_add_clienthello(
2117
- const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2118
- ssl_client_hello_type_t type) {
2119
- if (hs->max_version < TLS1_3_VERSION) {
2120
- return true;
2121
- }
2122
-
2123
- CBB contents, ke_modes;
2124
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_psk_key_exchange_modes) ||
2125
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2126
- !CBB_add_u8_length_prefixed(&contents, &ke_modes) ||
2127
- !CBB_add_u8(&ke_modes, SSL_PSK_DHE_KE)) {
2128
- return false;
2129
- }
2130
-
2131
- return CBB_flush(out_compressible);
2132
- }
2133
-
2134
- static bool ext_psk_key_exchange_modes_parse_clienthello(SSL_HANDSHAKE *hs,
2135
- uint8_t *out_alert,
2136
- CBS *contents) {
2137
- if (contents == NULL) {
2138
- return true;
2139
- }
2140
-
2141
- CBS ke_modes;
2142
- if (!CBS_get_u8_length_prefixed(contents, &ke_modes) ||
2143
- CBS_len(&ke_modes) == 0 ||
2144
- CBS_len(contents) != 0) {
2145
- *out_alert = SSL_AD_DECODE_ERROR;
2146
- return false;
2147
- }
2148
-
2149
- // We only support tickets with PSK_DHE_KE.
2150
- hs->accept_psk_mode = OPENSSL_memchr(CBS_data(&ke_modes), SSL_PSK_DHE_KE,
2151
- CBS_len(&ke_modes)) != NULL;
2152
-
2153
- return true;
2154
- }
2155
-
2156
-
2157
- // Early Data Indication
2158
- //
2159
- // https://tools.ietf.org/html/rfc8446#section-4.2.10
2160
-
2161
- static bool ext_early_data_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2162
- CBB *out_compressible,
2163
- ssl_client_hello_type_t type) {
2164
- const SSL *const ssl = hs->ssl;
2165
- // The second ClientHello never offers early data, and we must have already
2166
- // filled in |early_data_reason| by this point.
2167
- if (ssl->s3->used_hello_retry_request) {
2168
- assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
2169
- return true;
2170
- }
2171
-
2172
- if (!hs->early_data_offered) {
2173
- return true;
2174
- }
2175
-
2176
- // If offering ECH, the extension only applies to ClientHelloInner, but we
2177
- // send the extension in both ClientHellos. This ensures that, if the server
2178
- // handshakes with ClientHelloOuter, it can skip past early data. See
2179
- // draft-ietf-tls-esni-13, section 6.1.
2180
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_early_data) ||
2181
- !CBB_add_u16(out_compressible, 0) ||
2182
- !CBB_flush(out_compressible)) {
2183
- return false;
2184
- }
2185
-
2186
- return true;
2187
- }
2188
-
2189
- static bool ext_early_data_parse_serverhello(SSL_HANDSHAKE *hs,
2190
- uint8_t *out_alert,
2191
- CBS *contents) {
2192
- SSL *const ssl = hs->ssl;
2193
- if (contents == NULL) {
2194
- if (hs->early_data_offered && !ssl->s3->used_hello_retry_request) {
2195
- ssl->s3->early_data_reason = ssl->s3->session_reused
2196
- ? ssl_early_data_peer_declined
2197
- : ssl_early_data_session_not_resumed;
2198
- } else {
2199
- // We already filled in |early_data_reason| when declining to offer 0-RTT
2200
- // or handling the implicit HelloRetryRequest reject.
2201
- assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
2202
- }
2203
- return true;
2204
- }
2205
-
2206
- // If we received an HRR, the second ClientHello never offers early data, so
2207
- // the extensions logic will automatically reject early data extensions as
2208
- // unsolicited. This covered by the ServerAcceptsEarlyDataOnHRR test.
2209
- assert(!ssl->s3->used_hello_retry_request);
2210
-
2211
- if (CBS_len(contents) != 0) {
2212
- *out_alert = SSL_AD_DECODE_ERROR;
2213
- return false;
2214
- }
2215
-
2216
- if (!ssl->s3->session_reused) {
2217
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2218
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
2219
- return false;
2220
- }
2221
-
2222
- ssl->s3->early_data_reason = ssl_early_data_accepted;
2223
- ssl->s3->early_data_accepted = true;
2224
- return true;
2225
- }
2226
-
2227
- static bool ext_early_data_parse_clienthello(SSL_HANDSHAKE *hs,
2228
- uint8_t *out_alert, CBS *contents) {
2229
- SSL *const ssl = hs->ssl;
2230
- if (contents == NULL ||
2231
- ssl_protocol_version(ssl) < TLS1_3_VERSION) {
2232
- return true;
2233
- }
2234
-
2235
- if (CBS_len(contents) != 0) {
2236
- *out_alert = SSL_AD_DECODE_ERROR;
2237
- return false;
2238
- }
2239
-
2240
- hs->early_data_offered = true;
2241
- return true;
2242
- }
2243
-
2244
- static bool ext_early_data_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2245
- if (!hs->ssl->s3->early_data_accepted) {
2246
- return true;
2247
- }
2248
-
2249
- if (!CBB_add_u16(out, TLSEXT_TYPE_early_data) ||
2250
- !CBB_add_u16(out, 0) ||
2251
- !CBB_flush(out)) {
2252
- return false;
2253
- }
2254
-
2255
- return true;
2256
- }
2257
-
2258
-
2259
- // Key Share
2260
- //
2261
- // https://tools.ietf.org/html/rfc8446#section-4.2.8
2262
-
2263
- bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id) {
2264
- SSL *const ssl = hs->ssl;
2265
- hs->key_shares[0].reset();
2266
- hs->key_shares[1].reset();
2267
- hs->key_share_bytes.Reset();
2268
-
2269
- if (hs->max_version < TLS1_3_VERSION) {
2270
- return true;
2271
- }
2272
-
2273
- bssl::ScopedCBB cbb;
2274
- if (!CBB_init(cbb.get(), 64)) {
2275
- return false;
2276
- }
2277
-
2278
- if (override_group_id == 0 && ssl->ctx->grease_enabled) {
2279
- // Add a fake group. See RFC 8701.
2280
- if (!CBB_add_u16(cbb.get(), ssl_get_grease_value(hs, ssl_grease_group)) ||
2281
- !CBB_add_u16(cbb.get(), 1 /* length */) ||
2282
- !CBB_add_u8(cbb.get(), 0 /* one byte key share */)) {
2283
- return false;
2284
- }
2285
- }
2286
-
2287
- uint16_t group_id = override_group_id;
2288
- uint16_t second_group_id = 0;
2289
- if (override_group_id == 0) {
2290
- // Predict the most preferred group.
2291
- Span<const uint16_t> groups = tls1_get_grouplist(hs);
2292
- if (groups.empty()) {
2293
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_GROUPS_SPECIFIED);
2294
- return false;
2295
- }
2296
-
2297
- group_id = groups[0];
2298
-
2299
- if (is_post_quantum_group(group_id) && groups.size() >= 2) {
2300
- // CECPQ2(b) is not sent as the only initial key share. We'll include the
2301
- // 2nd preference group too to avoid round-trips.
2302
- second_group_id = groups[1];
2303
- assert(second_group_id != group_id);
2304
- }
2305
- }
2306
-
2307
- CBB key_exchange;
2308
- hs->key_shares[0] = SSLKeyShare::Create(group_id);
2309
- if (!hs->key_shares[0] || //
2310
- !CBB_add_u16(cbb.get(), group_id) ||
2311
- !CBB_add_u16_length_prefixed(cbb.get(), &key_exchange) ||
2312
- !hs->key_shares[0]->Offer(&key_exchange)) {
2313
- return false;
2314
- }
2315
-
2316
- if (second_group_id != 0) {
2317
- hs->key_shares[1] = SSLKeyShare::Create(second_group_id);
2318
- if (!hs->key_shares[1] || //
2319
- !CBB_add_u16(cbb.get(), second_group_id) ||
2320
- !CBB_add_u16_length_prefixed(cbb.get(), &key_exchange) ||
2321
- !hs->key_shares[1]->Offer(&key_exchange)) {
2322
- return false;
2323
- }
2324
- }
2325
-
2326
- return CBBFinishArray(cbb.get(), &hs->key_share_bytes);
2327
- }
2328
-
2329
- static bool ext_key_share_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2330
- CBB *out_compressible,
2331
- ssl_client_hello_type_t type) {
2332
- if (hs->max_version < TLS1_3_VERSION) {
2333
- return true;
2334
- }
2335
-
2336
- assert(!hs->key_share_bytes.empty());
2337
- CBB contents, kse_bytes;
2338
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_key_share) ||
2339
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2340
- !CBB_add_u16_length_prefixed(&contents, &kse_bytes) ||
2341
- !CBB_add_bytes(&kse_bytes, hs->key_share_bytes.data(),
2342
- hs->key_share_bytes.size()) ||
2343
- !CBB_flush(out_compressible)) {
2344
- return false;
2345
- }
2346
-
2347
- return true;
2348
- }
2349
-
2350
- bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
2351
- Array<uint8_t> *out_secret,
2352
- uint8_t *out_alert, CBS *contents) {
2353
- CBS peer_key;
2354
- uint16_t group_id;
2355
- if (!CBS_get_u16(contents, &group_id) ||
2356
- !CBS_get_u16_length_prefixed(contents, &peer_key) ||
2357
- CBS_len(contents) != 0) {
2358
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2359
- *out_alert = SSL_AD_DECODE_ERROR;
2360
- return false;
2361
- }
2362
-
2363
- SSLKeyShare *key_share = hs->key_shares[0].get();
2364
- if (key_share->GroupID() != group_id) {
2365
- if (!hs->key_shares[1] || hs->key_shares[1]->GroupID() != group_id) {
2366
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2367
- OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
2368
- return false;
2369
- }
2370
- key_share = hs->key_shares[1].get();
2371
- }
2372
-
2373
- if (!key_share->Finish(out_secret, out_alert, peer_key)) {
2374
- *out_alert = SSL_AD_INTERNAL_ERROR;
2375
- return false;
2376
- }
2377
-
2378
- hs->new_session->group_id = group_id;
2379
- hs->key_shares[0].reset();
2380
- hs->key_shares[1].reset();
2381
- return true;
2382
- }
2383
-
2384
- bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
2385
- Span<const uint8_t> *out_peer_key,
2386
- uint8_t *out_alert,
2387
- const SSL_CLIENT_HELLO *client_hello) {
2388
- // We only support connections that include an ECDHE key exchange.
2389
- CBS contents;
2390
- if (!ssl_client_hello_get_extension(client_hello, &contents,
2391
- TLSEXT_TYPE_key_share)) {
2392
- OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_KEY_SHARE);
2393
- *out_alert = SSL_AD_MISSING_EXTENSION;
2394
- return false;
2395
- }
2396
-
2397
- CBS key_shares;
2398
- if (!CBS_get_u16_length_prefixed(&contents, &key_shares) ||
2399
- CBS_len(&contents) != 0) {
2400
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2401
- return false;
2402
- }
2403
-
2404
- // Find the corresponding key share.
2405
- const uint16_t group_id = hs->new_session->group_id;
2406
- CBS peer_key;
2407
- CBS_init(&peer_key, nullptr, 0);
2408
- while (CBS_len(&key_shares) > 0) {
2409
- uint16_t id;
2410
- CBS peer_key_tmp;
2411
- if (!CBS_get_u16(&key_shares, &id) ||
2412
- !CBS_get_u16_length_prefixed(&key_shares, &peer_key_tmp) ||
2413
- CBS_len(&peer_key_tmp) == 0) {
2414
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2415
- return false;
2416
- }
2417
-
2418
- if (id == group_id) {
2419
- if (CBS_len(&peer_key) != 0) {
2420
- OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_KEY_SHARE);
2421
- *out_alert = SSL_AD_ILLEGAL_PARAMETER;
2422
- return false;
2423
- }
2424
-
2425
- peer_key = peer_key_tmp;
2426
- // Continue parsing the structure to keep peers honest.
2427
- }
2428
- }
2429
-
2430
- if (out_peer_key != nullptr) {
2431
- *out_peer_key = peer_key;
2432
- }
2433
- *out_found = CBS_len(&peer_key) != 0;
2434
- return true;
2435
- }
2436
-
2437
- bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2438
- CBB kse_bytes, public_key;
2439
- if (!CBB_add_u16(out, TLSEXT_TYPE_key_share) ||
2440
- !CBB_add_u16_length_prefixed(out, &kse_bytes) ||
2441
- !CBB_add_u16(&kse_bytes, hs->new_session->group_id) ||
2442
- !CBB_add_u16_length_prefixed(&kse_bytes, &public_key) ||
2443
- !CBB_add_bytes(&public_key, hs->ecdh_public_key.data(),
2444
- hs->ecdh_public_key.size()) ||
2445
- !CBB_flush(out)) {
2446
- return false;
2447
- }
2448
- return true;
2449
- }
2450
-
2451
-
2452
- // Supported Versions
2453
- //
2454
- // https://tools.ietf.org/html/rfc8446#section-4.2.1
2455
-
2456
- static bool ext_supported_versions_add_clienthello(
2457
- const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2458
- ssl_client_hello_type_t type) {
2459
- const SSL *const ssl = hs->ssl;
2460
- if (hs->max_version <= TLS1_2_VERSION) {
2461
- return true;
2462
- }
2463
-
2464
- // supported_versions is compressible in ECH if ClientHelloOuter already
2465
- // requires TLS 1.3. Otherwise the extensions differ in the older versions.
2466
- if (hs->min_version >= TLS1_3_VERSION) {
2467
- out = out_compressible;
2468
- }
2469
-
2470
- CBB contents, versions;
2471
- if (!CBB_add_u16(out, TLSEXT_TYPE_supported_versions) ||
2472
- !CBB_add_u16_length_prefixed(out, &contents) ||
2473
- !CBB_add_u8_length_prefixed(&contents, &versions)) {
2474
- return false;
2475
- }
2476
-
2477
- // Add a fake version. See RFC 8701.
2478
- if (ssl->ctx->grease_enabled &&
2479
- !CBB_add_u16(&versions, ssl_get_grease_value(hs, ssl_grease_version))) {
2480
- return false;
2481
- }
2482
-
2483
- // Encrypted ClientHellos requires TLS 1.3 or later.
2484
- uint16_t extra_min_version =
2485
- type == ssl_client_hello_inner ? TLS1_3_VERSION : 0;
2486
- if (!ssl_add_supported_versions(hs, &versions, extra_min_version) ||
2487
- !CBB_flush(out)) {
2488
- return false;
2489
- }
2490
-
2491
- return true;
2492
- }
2493
-
2494
-
2495
- // Cookie
2496
- //
2497
- // https://tools.ietf.org/html/rfc8446#section-4.2.2
2498
-
2499
- static bool ext_cookie_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2500
- CBB *out_compressible,
2501
- ssl_client_hello_type_t type) {
2502
- if (hs->cookie.empty()) {
2503
- return true;
2504
- }
2505
-
2506
- CBB contents, cookie;
2507
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_cookie) ||
2508
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2509
- !CBB_add_u16_length_prefixed(&contents, &cookie) ||
2510
- !CBB_add_bytes(&cookie, hs->cookie.data(), hs->cookie.size()) ||
2511
- !CBB_flush(out_compressible)) {
2512
- return false;
2513
- }
2514
-
2515
- return true;
2516
- }
2517
-
2518
-
2519
- // Supported Groups
2520
- //
2521
- // https://tools.ietf.org/html/rfc4492#section-5.1.1
2522
- // https://tools.ietf.org/html/rfc8446#section-4.2.7
2523
-
2524
- static bool ext_supported_groups_add_clienthello(const SSL_HANDSHAKE *hs,
2525
- CBB *out,
2526
- CBB *out_compressible,
2527
- ssl_client_hello_type_t type) {
2528
- const SSL *const ssl = hs->ssl;
2529
- CBB contents, groups_bytes;
2530
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_supported_groups) ||
2531
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2532
- !CBB_add_u16_length_prefixed(&contents, &groups_bytes)) {
2533
- return false;
2534
- }
2535
-
2536
- // Add a fake group. See RFC 8701.
2537
- if (ssl->ctx->grease_enabled &&
2538
- !CBB_add_u16(&groups_bytes,
2539
- ssl_get_grease_value(hs, ssl_grease_group))) {
2540
- return false;
2541
- }
2542
-
2543
- for (uint16_t group : tls1_get_grouplist(hs)) {
2544
- if (is_post_quantum_group(group) &&
2545
- hs->max_version < TLS1_3_VERSION) {
2546
- continue;
2547
- }
2548
- if (!CBB_add_u16(&groups_bytes, group)) {
2549
- return false;
2550
- }
2551
- }
2552
-
2553
- return CBB_flush(out_compressible);
2554
- }
2555
-
2556
- static bool ext_supported_groups_parse_serverhello(SSL_HANDSHAKE *hs,
2557
- uint8_t *out_alert,
2558
- CBS *contents) {
2559
- // This extension is not expected to be echoed by servers in TLS 1.2, but some
2560
- // BigIP servers send it nonetheless, so do not enforce this.
2561
- return true;
2562
- }
2563
-
2564
- static bool parse_u16_array(const CBS *cbs, Array<uint16_t> *out) {
2565
- CBS copy = *cbs;
2566
- if ((CBS_len(&copy) & 1) != 0) {
2567
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
2568
- return false;
2569
- }
2570
-
2571
- Array<uint16_t> ret;
2572
- if (!ret.Init(CBS_len(&copy) / 2)) {
2573
- return false;
2574
- }
2575
- for (size_t i = 0; i < ret.size(); i++) {
2576
- if (!CBS_get_u16(&copy, &ret[i])) {
2577
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
2578
- return false;
2579
- }
2580
- }
2581
-
2582
- assert(CBS_len(&copy) == 0);
2583
- *out = std::move(ret);
2584
- return 1;
2585
- }
2586
-
2587
- static bool ext_supported_groups_parse_clienthello(SSL_HANDSHAKE *hs,
2588
- uint8_t *out_alert,
2589
- CBS *contents) {
2590
- if (contents == NULL) {
2591
- return true;
2592
- }
2593
-
2594
- CBS supported_group_list;
2595
- if (!CBS_get_u16_length_prefixed(contents, &supported_group_list) ||
2596
- CBS_len(&supported_group_list) == 0 ||
2597
- CBS_len(contents) != 0 ||
2598
- !parse_u16_array(&supported_group_list, &hs->peer_supported_group_list)) {
2599
- return false;
2600
- }
2601
-
2602
- return true;
2603
- }
2604
-
2605
-
2606
- // QUIC Transport Parameters
2607
-
2608
- static bool ext_quic_transport_params_add_clienthello_impl(
2609
- const SSL_HANDSHAKE *hs, CBB *out, bool use_legacy_codepoint) {
2610
- if (hs->config->quic_transport_params.empty() && !hs->ssl->quic_method) {
2611
- return true;
2612
- }
2613
- if (hs->config->quic_transport_params.empty() || !hs->ssl->quic_method) {
2614
- // QUIC Transport Parameters must be sent over QUIC, and they must not be
2615
- // sent over non-QUIC transports. If transport params are set, then
2616
- // SSL(_CTX)_set_quic_method must also be called.
2617
- OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2618
- return false;
2619
- }
2620
- assert(hs->min_version > TLS1_2_VERSION);
2621
- if (use_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2622
- // Do nothing, we'll send the other codepoint.
2623
- return true;
2624
- }
2625
-
2626
- uint16_t extension_type = TLSEXT_TYPE_quic_transport_parameters;
2627
- if (hs->config->quic_use_legacy_codepoint) {
2628
- extension_type = TLSEXT_TYPE_quic_transport_parameters_legacy;
2629
- }
2630
-
2631
- CBB contents;
2632
- if (!CBB_add_u16(out, extension_type) ||
2633
- !CBB_add_u16_length_prefixed(out, &contents) ||
2634
- !CBB_add_bytes(&contents, hs->config->quic_transport_params.data(),
2635
- hs->config->quic_transport_params.size()) ||
2636
- !CBB_flush(out)) {
2637
- return false;
2638
- }
2639
- return true;
2640
- }
2641
-
2642
- static bool ext_quic_transport_params_add_clienthello(
2643
- const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2644
- ssl_client_hello_type_t type) {
2645
- return ext_quic_transport_params_add_clienthello_impl(
2646
- hs, out_compressible, /*use_legacy_codepoint=*/false);
2647
- }
2648
-
2649
- static bool ext_quic_transport_params_add_clienthello_legacy(
2650
- const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2651
- ssl_client_hello_type_t type) {
2652
- return ext_quic_transport_params_add_clienthello_impl(
2653
- hs, out_compressible, /*use_legacy_codepoint=*/true);
2654
- }
2655
-
2656
- static bool ext_quic_transport_params_parse_serverhello_impl(
2657
- SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents,
2658
- bool used_legacy_codepoint) {
2659
- SSL *const ssl = hs->ssl;
2660
- if (contents == nullptr) {
2661
- if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2662
- // Silently ignore because we expect the other QUIC codepoint.
2663
- return true;
2664
- }
2665
- if (!ssl->quic_method) {
2666
- return true;
2667
- }
2668
- *out_alert = SSL_AD_MISSING_EXTENSION;
2669
- return false;
2670
- }
2671
- // The extensions parser will check for unsolicited extensions before
2672
- // calling the callback.
2673
- assert(ssl->quic_method != nullptr);
2674
- assert(ssl_protocol_version(ssl) == TLS1_3_VERSION);
2675
- assert(used_legacy_codepoint == hs->config->quic_use_legacy_codepoint);
2676
- return ssl->s3->peer_quic_transport_params.CopyFrom(*contents);
2677
- }
2678
-
2679
- static bool ext_quic_transport_params_parse_serverhello(SSL_HANDSHAKE *hs,
2680
- uint8_t *out_alert,
2681
- CBS *contents) {
2682
- return ext_quic_transport_params_parse_serverhello_impl(
2683
- hs, out_alert, contents, /*used_legacy_codepoint=*/false);
2684
- }
2685
-
2686
- static bool ext_quic_transport_params_parse_serverhello_legacy(
2687
- SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) {
2688
- return ext_quic_transport_params_parse_serverhello_impl(
2689
- hs, out_alert, contents, /*used_legacy_codepoint=*/true);
2690
- }
2691
-
2692
- static bool ext_quic_transport_params_parse_clienthello_impl(
2693
- SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents,
2694
- bool used_legacy_codepoint) {
2695
- SSL *const ssl = hs->ssl;
2696
- if (!contents) {
2697
- if (!ssl->quic_method) {
2698
- if (hs->config->quic_transport_params.empty()) {
2699
- return true;
2700
- }
2701
- // QUIC transport parameters must not be set if |ssl| is not configured
2702
- // for QUIC.
2703
- OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2704
- *out_alert = SSL_AD_INTERNAL_ERROR;
2705
- return false;
2706
- }
2707
- if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2708
- // Silently ignore because we expect the other QUIC codepoint.
2709
- return true;
2710
- }
2711
- *out_alert = SSL_AD_MISSING_EXTENSION;
2712
- return false;
2713
- }
2714
- if (!ssl->quic_method) {
2715
- if (used_legacy_codepoint) {
2716
- // Ignore the legacy private-use codepoint because that could be sent
2717
- // to mean something else than QUIC transport parameters.
2718
- return true;
2719
- }
2720
- // Fail if we received the codepoint registered with IANA for QUIC
2721
- // because that is not allowed outside of QUIC.
2722
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2723
- return false;
2724
- }
2725
- assert(ssl_protocol_version(ssl) == TLS1_3_VERSION);
2726
- if (used_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2727
- // Silently ignore because we expect the other QUIC codepoint.
2728
- return true;
2729
- }
2730
- return ssl->s3->peer_quic_transport_params.CopyFrom(*contents);
2731
- }
2732
-
2733
- static bool ext_quic_transport_params_parse_clienthello(SSL_HANDSHAKE *hs,
2734
- uint8_t *out_alert,
2735
- CBS *contents) {
2736
- return ext_quic_transport_params_parse_clienthello_impl(
2737
- hs, out_alert, contents, /*used_legacy_codepoint=*/false);
2738
- }
2739
-
2740
- static bool ext_quic_transport_params_parse_clienthello_legacy(
2741
- SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) {
2742
- return ext_quic_transport_params_parse_clienthello_impl(
2743
- hs, out_alert, contents, /*used_legacy_codepoint=*/true);
2744
- }
2745
-
2746
- static bool ext_quic_transport_params_add_serverhello_impl(
2747
- SSL_HANDSHAKE *hs, CBB *out, bool use_legacy_codepoint) {
2748
- if (hs->ssl->quic_method == nullptr && use_legacy_codepoint) {
2749
- // Ignore the legacy private-use codepoint because that could be sent
2750
- // to mean something else than QUIC transport parameters.
2751
- return true;
2752
- }
2753
- assert(hs->ssl->quic_method != nullptr);
2754
- if (hs->config->quic_transport_params.empty()) {
2755
- // Transport parameters must be set when using QUIC.
2756
- OPENSSL_PUT_ERROR(SSL, SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED);
2757
- return false;
2758
- }
2759
- if (use_legacy_codepoint != hs->config->quic_use_legacy_codepoint) {
2760
- // Do nothing, we'll send the other codepoint.
2761
- return true;
2762
- }
2763
-
2764
- uint16_t extension_type = TLSEXT_TYPE_quic_transport_parameters;
2765
- if (hs->config->quic_use_legacy_codepoint) {
2766
- extension_type = TLSEXT_TYPE_quic_transport_parameters_legacy;
2767
- }
2768
-
2769
- CBB contents;
2770
- if (!CBB_add_u16(out, extension_type) ||
2771
- !CBB_add_u16_length_prefixed(out, &contents) ||
2772
- !CBB_add_bytes(&contents, hs->config->quic_transport_params.data(),
2773
- hs->config->quic_transport_params.size()) ||
2774
- !CBB_flush(out)) {
2775
- return false;
2776
- }
2777
-
2778
- return true;
2779
- }
2780
-
2781
- static bool ext_quic_transport_params_add_serverhello(SSL_HANDSHAKE *hs,
2782
- CBB *out) {
2783
- return ext_quic_transport_params_add_serverhello_impl(
2784
- hs, out, /*use_legacy_codepoint=*/false);
2785
- }
2786
-
2787
- static bool ext_quic_transport_params_add_serverhello_legacy(SSL_HANDSHAKE *hs,
2788
- CBB *out) {
2789
- return ext_quic_transport_params_add_serverhello_impl(
2790
- hs, out, /*use_legacy_codepoint=*/true);
2791
- }
2792
-
2793
- // Delegated credentials.
2794
- //
2795
- // https://tools.ietf.org/html/draft-ietf-tls-subcerts
2796
-
2797
- static bool ext_delegated_credential_add_clienthello(
2798
- const SSL_HANDSHAKE *hs, CBB *out, CBB *out_compressible,
2799
- ssl_client_hello_type_t type) {
2800
- return true;
2801
- }
2802
-
2803
- static bool ext_delegated_credential_parse_clienthello(SSL_HANDSHAKE *hs,
2804
- uint8_t *out_alert,
2805
- CBS *contents) {
2806
- if (contents == nullptr || ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
2807
- // Don't use delegated credentials unless we're negotiating TLS 1.3 or
2808
- // higher.
2809
- return true;
2810
- }
2811
-
2812
- // The contents of the extension are the signature algorithms the client will
2813
- // accept for a delegated credential.
2814
- CBS sigalg_list;
2815
- if (!CBS_get_u16_length_prefixed(contents, &sigalg_list) ||
2816
- CBS_len(&sigalg_list) == 0 ||
2817
- CBS_len(contents) != 0 ||
2818
- !parse_u16_array(&sigalg_list, &hs->peer_delegated_credential_sigalgs)) {
2819
- return false;
2820
- }
2821
-
2822
- hs->delegated_credential_requested = true;
2823
- return true;
2824
- }
2825
-
2826
- // Certificate compression
2827
-
2828
- static bool cert_compression_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2829
- CBB *out_compressible,
2830
- ssl_client_hello_type_t type) {
2831
- bool first = true;
2832
- CBB contents, algs;
2833
-
2834
- for (const auto &alg : hs->ssl->ctx->cert_compression_algs) {
2835
- if (alg.decompress == nullptr) {
2836
- continue;
2837
- }
2838
-
2839
- if (first &&
2840
- (!CBB_add_u16(out_compressible, TLSEXT_TYPE_cert_compression) ||
2841
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2842
- !CBB_add_u8_length_prefixed(&contents, &algs))) {
2843
- return false;
2844
- }
2845
- first = false;
2846
- if (!CBB_add_u16(&algs, alg.alg_id)) {
2847
- return false;
2848
- }
2849
- }
2850
-
2851
- return first || CBB_flush(out_compressible);
2852
- }
2853
-
2854
- static bool cert_compression_parse_serverhello(SSL_HANDSHAKE *hs,
2855
- uint8_t *out_alert,
2856
- CBS *contents) {
2857
- if (contents == nullptr) {
2858
- return true;
2859
- }
2860
-
2861
- // The server may not echo this extension. Any server to client negotiation is
2862
- // advertised in the CertificateRequest message.
2863
- return false;
2864
- }
2865
-
2866
- static bool cert_compression_parse_clienthello(SSL_HANDSHAKE *hs,
2867
- uint8_t *out_alert,
2868
- CBS *contents) {
2869
- if (contents == nullptr) {
2870
- return true;
2871
- }
2872
-
2873
- const SSL_CTX *ctx = hs->ssl->ctx.get();
2874
- const size_t num_algs = ctx->cert_compression_algs.size();
2875
-
2876
- CBS alg_ids;
2877
- if (!CBS_get_u8_length_prefixed(contents, &alg_ids) ||
2878
- CBS_len(contents) != 0 ||
2879
- CBS_len(&alg_ids) == 0 ||
2880
- CBS_len(&alg_ids) % 2 == 1) {
2881
- return false;
2882
- }
2883
-
2884
- const size_t num_given_alg_ids = CBS_len(&alg_ids) / 2;
2885
- Array<uint16_t> given_alg_ids;
2886
- if (!given_alg_ids.Init(num_given_alg_ids)) {
2887
- return false;
2888
- }
2889
-
2890
- size_t best_index = num_algs;
2891
- size_t given_alg_idx = 0;
2892
-
2893
- while (CBS_len(&alg_ids) > 0) {
2894
- uint16_t alg_id;
2895
- if (!CBS_get_u16(&alg_ids, &alg_id)) {
2896
- return false;
2897
- }
2898
-
2899
- given_alg_ids[given_alg_idx++] = alg_id;
2900
-
2901
- for (size_t i = 0; i < num_algs; i++) {
2902
- const auto &alg = ctx->cert_compression_algs[i];
2903
- if (alg.alg_id == alg_id && alg.compress != nullptr) {
2904
- if (i < best_index) {
2905
- best_index = i;
2906
- }
2907
- break;
2908
- }
2909
- }
2910
- }
2911
-
2912
- qsort(given_alg_ids.data(), given_alg_ids.size(), sizeof(uint16_t),
2913
- compare_uint16_t);
2914
- for (size_t i = 1; i < num_given_alg_ids; i++) {
2915
- if (given_alg_ids[i - 1] == given_alg_ids[i]) {
2916
- return false;
2917
- }
2918
- }
2919
-
2920
- if (best_index < num_algs &&
2921
- ssl_protocol_version(hs->ssl) >= TLS1_3_VERSION) {
2922
- hs->cert_compression_negotiated = true;
2923
- hs->cert_compression_alg_id = ctx->cert_compression_algs[best_index].alg_id;
2924
- }
2925
-
2926
- return true;
2927
- }
2928
-
2929
- static bool cert_compression_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
2930
- return true;
2931
- }
2932
-
2933
- // Application-level Protocol Settings
2934
- //
2935
- // https://tools.ietf.org/html/draft-vvv-tls-alps-01
2936
-
2937
- bool ssl_get_local_application_settings(const SSL_HANDSHAKE *hs,
2938
- Span<const uint8_t> *out_settings,
2939
- Span<const uint8_t> protocol) {
2940
- for (const ALPSConfig &config : hs->config->alps_configs) {
2941
- if (protocol == config.protocol) {
2942
- *out_settings = config.settings;
2943
- return true;
2944
- }
2945
- }
2946
- return false;
2947
- }
2948
-
2949
- static bool ext_alps_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
2950
- CBB *out_compressible,
2951
- ssl_client_hello_type_t type) {
2952
- const SSL *const ssl = hs->ssl;
2953
- if (// ALPS requires TLS 1.3.
2954
- hs->max_version < TLS1_3_VERSION ||
2955
- // Do not offer ALPS without ALPN.
2956
- hs->config->alpn_client_proto_list.empty() ||
2957
- // Do not offer ALPS if not configured.
2958
- hs->config->alps_configs.empty() ||
2959
- // Do not offer ALPS on renegotiation handshakes.
2960
- ssl->s3->initial_handshake_complete) {
2961
- return true;
2962
- }
2963
-
2964
- CBB contents, proto_list, proto;
2965
- if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_application_settings) ||
2966
- !CBB_add_u16_length_prefixed(out_compressible, &contents) ||
2967
- !CBB_add_u16_length_prefixed(&contents, &proto_list)) {
2968
- return false;
2969
- }
2970
-
2971
- for (const ALPSConfig &config : hs->config->alps_configs) {
2972
- if (!CBB_add_u8_length_prefixed(&proto_list, &proto) ||
2973
- !CBB_add_bytes(&proto, config.protocol.data(),
2974
- config.protocol.size())) {
2975
- return false;
2976
- }
2977
- }
2978
-
2979
- return CBB_flush(out_compressible);
2980
- }
2981
-
2982
- static bool ext_alps_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
2983
- CBS *contents) {
2984
- SSL *const ssl = hs->ssl;
2985
- if (contents == nullptr) {
2986
- return true;
2987
- }
2988
-
2989
- assert(!ssl->s3->initial_handshake_complete);
2990
- assert(!hs->config->alpn_client_proto_list.empty());
2991
- assert(!hs->config->alps_configs.empty());
2992
-
2993
- // ALPS requires TLS 1.3.
2994
- if (ssl_protocol_version(ssl) < TLS1_3_VERSION) {
2995
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
2996
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
2997
- return false;
2998
- }
2999
-
3000
- // Note extension callbacks may run in any order, so we defer checking
3001
- // consistency with ALPN to |ssl_check_serverhello_tlsext|.
3002
- if (!hs->new_session->peer_application_settings.CopyFrom(*contents)) {
3003
- *out_alert = SSL_AD_INTERNAL_ERROR;
3004
- return false;
3005
- }
3006
-
3007
- hs->new_session->has_application_settings = true;
3008
- return true;
3009
- }
3010
-
3011
- static bool ext_alps_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
3012
- SSL *const ssl = hs->ssl;
3013
- // If early data is accepted, we omit the ALPS extension. It is implicitly
3014
- // carried over from the previous connection.
3015
- if (hs->new_session == nullptr ||
3016
- !hs->new_session->has_application_settings ||
3017
- ssl->s3->early_data_accepted) {
3018
- return true;
3019
- }
3020
-
3021
- CBB contents;
3022
- if (!CBB_add_u16(out, TLSEXT_TYPE_application_settings) ||
3023
- !CBB_add_u16_length_prefixed(out, &contents) ||
3024
- !CBB_add_bytes(&contents,
3025
- hs->new_session->local_application_settings.data(),
3026
- hs->new_session->local_application_settings.size()) ||
3027
- !CBB_flush(out)) {
3028
- return false;
3029
- }
3030
-
3031
- return true;
3032
- }
3033
-
3034
- bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
3035
- const SSL_CLIENT_HELLO *client_hello) {
3036
- SSL *const ssl = hs->ssl;
3037
- if (ssl->s3->alpn_selected.empty()) {
3038
- return true;
3039
- }
3040
-
3041
- // If we negotiate ALPN over TLS 1.3, try to negotiate ALPS.
3042
- CBS alps_contents;
3043
- Span<const uint8_t> settings;
3044
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION &&
3045
- ssl_get_local_application_settings(hs, &settings,
3046
- ssl->s3->alpn_selected) &&
3047
- ssl_client_hello_get_extension(client_hello, &alps_contents,
3048
- TLSEXT_TYPE_application_settings)) {
3049
- // Check if the client supports ALPS with the selected ALPN.
3050
- bool found = false;
3051
- CBS alps_list;
3052
- if (!CBS_get_u16_length_prefixed(&alps_contents, &alps_list) ||
3053
- CBS_len(&alps_contents) != 0 ||
3054
- CBS_len(&alps_list) == 0) {
3055
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
3056
- *out_alert = SSL_AD_DECODE_ERROR;
3057
- return false;
3058
- }
3059
- while (CBS_len(&alps_list) > 0) {
3060
- CBS protocol_name;
3061
- if (!CBS_get_u8_length_prefixed(&alps_list, &protocol_name) ||
3062
- // Empty protocol names are forbidden.
3063
- CBS_len(&protocol_name) == 0) {
3064
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
3065
- *out_alert = SSL_AD_DECODE_ERROR;
3066
- return false;
3067
- }
3068
- if (protocol_name == MakeConstSpan(ssl->s3->alpn_selected)) {
3069
- found = true;
3070
- }
3071
- }
3072
-
3073
- // Negotiate ALPS if both client also supports ALPS for this protocol.
3074
- if (found) {
3075
- hs->new_session->has_application_settings = true;
3076
- if (!hs->new_session->local_application_settings.CopyFrom(settings)) {
3077
- *out_alert = SSL_AD_INTERNAL_ERROR;
3078
- return false;
3079
- }
3080
- }
3081
- }
3082
-
3083
- return true;
3084
- }
3085
-
3086
- // kExtensions contains all the supported extensions.
3087
- static const struct tls_extension kExtensions[] = {
3088
- {
3089
- TLSEXT_TYPE_server_name,
3090
- ext_sni_add_clienthello,
3091
- ext_sni_parse_serverhello,
3092
- ext_sni_parse_clienthello,
3093
- ext_sni_add_serverhello,
3094
- },
3095
- {
3096
- TLSEXT_TYPE_encrypted_client_hello,
3097
- ext_ech_add_clienthello,
3098
- ext_ech_parse_serverhello,
3099
- ext_ech_parse_clienthello,
3100
- ext_ech_add_serverhello,
3101
- },
3102
- {
3103
- TLSEXT_TYPE_extended_master_secret,
3104
- ext_ems_add_clienthello,
3105
- ext_ems_parse_serverhello,
3106
- ext_ems_parse_clienthello,
3107
- ext_ems_add_serverhello,
3108
- },
3109
- {
3110
- TLSEXT_TYPE_renegotiate,
3111
- ext_ri_add_clienthello,
3112
- ext_ri_parse_serverhello,
3113
- ext_ri_parse_clienthello,
3114
- ext_ri_add_serverhello,
3115
- },
3116
- {
3117
- TLSEXT_TYPE_supported_groups,
3118
- ext_supported_groups_add_clienthello,
3119
- ext_supported_groups_parse_serverhello,
3120
- ext_supported_groups_parse_clienthello,
3121
- dont_add_serverhello,
3122
- },
3123
- {
3124
- TLSEXT_TYPE_ec_point_formats,
3125
- ext_ec_point_add_clienthello,
3126
- ext_ec_point_parse_serverhello,
3127
- ext_ec_point_parse_clienthello,
3128
- ext_ec_point_add_serverhello,
3129
- },
3130
- {
3131
- TLSEXT_TYPE_session_ticket,
3132
- ext_ticket_add_clienthello,
3133
- ext_ticket_parse_serverhello,
3134
- // Ticket extension client parsing is handled in ssl_session.c
3135
- ignore_parse_clienthello,
3136
- ext_ticket_add_serverhello,
3137
- },
3138
- {
3139
- TLSEXT_TYPE_application_layer_protocol_negotiation,
3140
- ext_alpn_add_clienthello,
3141
- ext_alpn_parse_serverhello,
3142
- // ALPN is negotiated late in |ssl_negotiate_alpn|.
3143
- ignore_parse_clienthello,
3144
- ext_alpn_add_serverhello,
3145
- },
3146
- {
3147
- TLSEXT_TYPE_status_request,
3148
- ext_ocsp_add_clienthello,
3149
- ext_ocsp_parse_serverhello,
3150
- ext_ocsp_parse_clienthello,
3151
- ext_ocsp_add_serverhello,
3152
- },
3153
- {
3154
- TLSEXT_TYPE_signature_algorithms,
3155
- ext_sigalgs_add_clienthello,
3156
- forbid_parse_serverhello,
3157
- ext_sigalgs_parse_clienthello,
3158
- dont_add_serverhello,
3159
- },
3160
- {
3161
- TLSEXT_TYPE_next_proto_neg,
3162
- ext_npn_add_clienthello,
3163
- ext_npn_parse_serverhello,
3164
- ext_npn_parse_clienthello,
3165
- ext_npn_add_serverhello,
3166
- },
3167
- {
3168
- TLSEXT_TYPE_certificate_timestamp,
3169
- ext_sct_add_clienthello,
3170
- ext_sct_parse_serverhello,
3171
- ext_sct_parse_clienthello,
3172
- ext_sct_add_serverhello,
3173
- },
3174
- {
3175
- TLSEXT_TYPE_channel_id,
3176
- ext_channel_id_add_clienthello,
3177
- ext_channel_id_parse_serverhello,
3178
- ext_channel_id_parse_clienthello,
3179
- ext_channel_id_add_serverhello,
3180
- },
3181
- {
3182
- TLSEXT_TYPE_srtp,
3183
- ext_srtp_add_clienthello,
3184
- ext_srtp_parse_serverhello,
3185
- ext_srtp_parse_clienthello,
3186
- ext_srtp_add_serverhello,
3187
- },
3188
- {
3189
- TLSEXT_TYPE_key_share,
3190
- ext_key_share_add_clienthello,
3191
- forbid_parse_serverhello,
3192
- ignore_parse_clienthello,
3193
- dont_add_serverhello,
3194
- },
3195
- {
3196
- TLSEXT_TYPE_psk_key_exchange_modes,
3197
- ext_psk_key_exchange_modes_add_clienthello,
3198
- forbid_parse_serverhello,
3199
- ext_psk_key_exchange_modes_parse_clienthello,
3200
- dont_add_serverhello,
3201
- },
3202
- {
3203
- TLSEXT_TYPE_early_data,
3204
- ext_early_data_add_clienthello,
3205
- ext_early_data_parse_serverhello,
3206
- ext_early_data_parse_clienthello,
3207
- ext_early_data_add_serverhello,
3208
- },
3209
- {
3210
- TLSEXT_TYPE_supported_versions,
3211
- ext_supported_versions_add_clienthello,
3212
- forbid_parse_serverhello,
3213
- ignore_parse_clienthello,
3214
- dont_add_serverhello,
3215
- },
3216
- {
3217
- TLSEXT_TYPE_cookie,
3218
- ext_cookie_add_clienthello,
3219
- forbid_parse_serverhello,
3220
- ignore_parse_clienthello,
3221
- dont_add_serverhello,
3222
- },
3223
- {
3224
- TLSEXT_TYPE_quic_transport_parameters,
3225
- ext_quic_transport_params_add_clienthello,
3226
- ext_quic_transport_params_parse_serverhello,
3227
- ext_quic_transport_params_parse_clienthello,
3228
- ext_quic_transport_params_add_serverhello,
3229
- },
3230
- {
3231
- TLSEXT_TYPE_quic_transport_parameters_legacy,
3232
- ext_quic_transport_params_add_clienthello_legacy,
3233
- ext_quic_transport_params_parse_serverhello_legacy,
3234
- ext_quic_transport_params_parse_clienthello_legacy,
3235
- ext_quic_transport_params_add_serverhello_legacy,
3236
- },
3237
- {
3238
- TLSEXT_TYPE_cert_compression,
3239
- cert_compression_add_clienthello,
3240
- cert_compression_parse_serverhello,
3241
- cert_compression_parse_clienthello,
3242
- cert_compression_add_serverhello,
3243
- },
3244
- {
3245
- TLSEXT_TYPE_delegated_credential,
3246
- ext_delegated_credential_add_clienthello,
3247
- forbid_parse_serverhello,
3248
- ext_delegated_credential_parse_clienthello,
3249
- dont_add_serverhello,
3250
- },
3251
- {
3252
- TLSEXT_TYPE_application_settings,
3253
- ext_alps_add_clienthello,
3254
- ext_alps_parse_serverhello,
3255
- // ALPS is negotiated late in |ssl_negotiate_alpn|.
3256
- ignore_parse_clienthello,
3257
- ext_alps_add_serverhello,
3258
- },
3259
- };
3260
-
3261
- #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension))
3262
-
3263
- static_assert(kNumExtensions <=
3264
- sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8,
3265
- "too many extensions for sent bitset");
3266
- static_assert(kNumExtensions <=
3267
- sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8,
3268
- "too many extensions for received bitset");
3269
-
3270
- bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs) {
3271
- if (!hs->config->permute_extensions) {
3272
- return true;
3273
- }
3274
-
3275
- static_assert(kNumExtensions <= UINT8_MAX,
3276
- "extensions_permutation type is too small");
3277
- uint32_t seeds[kNumExtensions - 1];
3278
- Array<uint8_t> permutation;
3279
- if (!RAND_bytes(reinterpret_cast<uint8_t *>(seeds), sizeof(seeds)) ||
3280
- !permutation.Init(kNumExtensions)) {
3281
- return false;
3282
- }
3283
- for (size_t i = 0; i < kNumExtensions; i++) {
3284
- permutation[i] = i;
3285
- }
3286
- for (size_t i = kNumExtensions - 1; i > 0; i--) {
3287
- // Set element |i| to a randomly-selected element 0 <= j <= i.
3288
- std::swap(permutation[i], permutation[seeds[i - 1] % (i + 1)]);
3289
- }
3290
- hs->extension_permutation = std::move(permutation);
3291
- return true;
3292
- }
3293
-
3294
- static const struct tls_extension *tls_extension_find(uint32_t *out_index,
3295
- uint16_t value) {
3296
- unsigned i;
3297
- for (i = 0; i < kNumExtensions; i++) {
3298
- if (kExtensions[i].value == value) {
3299
- *out_index = i;
3300
- return &kExtensions[i];
3301
- }
3302
- }
3303
-
3304
- return NULL;
3305
- }
3306
-
3307
- static bool add_padding_extension(CBB *cbb, uint16_t ext, size_t len) {
3308
- CBB child;
3309
- if (!CBB_add_u16(cbb, ext) || //
3310
- !CBB_add_u16_length_prefixed(cbb, &child) ||
3311
- !CBB_add_zeros(&child, len)) {
3312
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3313
- return false;
3314
- }
3315
- return CBB_flush(cbb);
3316
- }
3317
-
3318
- static bool ssl_add_clienthello_tlsext_inner(SSL_HANDSHAKE *hs, CBB *out,
3319
- CBB *out_encoded,
3320
- bool *out_needs_psk_binder) {
3321
- // When writing ClientHelloInner, we construct the real and encoded
3322
- // ClientHellos concurrently, to handle compression. Uncompressed extensions
3323
- // are written to |extensions| and copied to |extensions_encoded|. Compressed
3324
- // extensions are buffered in |compressed| and written to the end. (ECH can
3325
- // only compress continguous extensions.)
3326
- SSL *const ssl = hs->ssl;
3327
- bssl::ScopedCBB compressed, outer_extensions;
3328
- CBB extensions, extensions_encoded;
3329
- if (!CBB_add_u16_length_prefixed(out, &extensions) ||
3330
- !CBB_add_u16_length_prefixed(out_encoded, &extensions_encoded) ||
3331
- !CBB_init(compressed.get(), 64) ||
3332
- !CBB_init(outer_extensions.get(), 64)) {
3333
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3334
- return false;
3335
- }
3336
-
3337
- hs->inner_extensions_sent = 0;
3338
-
3339
- if (ssl->ctx->grease_enabled) {
3340
- // Add a fake empty extension. See RFC 8701. This always matches
3341
- // |ssl_add_clienthello_tlsext|, so compress it.
3342
- uint16_t grease_ext = ssl_get_grease_value(hs, ssl_grease_extension1);
3343
- if (!add_padding_extension(compressed.get(), grease_ext, 0) ||
3344
- !CBB_add_u16(outer_extensions.get(), grease_ext)) {
3345
- return false;
3346
- }
3347
- }
3348
-
3349
- for (size_t unpermuted = 0; unpermuted < kNumExtensions; unpermuted++) {
3350
- size_t i = hs->extension_permutation.empty()
3351
- ? unpermuted
3352
- : hs->extension_permutation[unpermuted];
3353
- const size_t len_before = CBB_len(&extensions);
3354
- const size_t len_compressed_before = CBB_len(compressed.get());
3355
- if (!kExtensions[i].add_clienthello(hs, &extensions, compressed.get(),
3356
- ssl_client_hello_inner)) {
3357
- OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3358
- ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3359
- return false;
3360
- }
3361
-
3362
- const size_t bytes_written = CBB_len(&extensions) - len_before;
3363
- const size_t bytes_written_compressed =
3364
- CBB_len(compressed.get()) - len_compressed_before;
3365
- // The callback may write to at most one output.
3366
- assert(bytes_written == 0 || bytes_written_compressed == 0);
3367
- if (bytes_written != 0 || bytes_written_compressed != 0) {
3368
- hs->inner_extensions_sent |= (1u << i);
3369
- }
3370
- // If compressed, update the running ech_outer_extensions extension.
3371
- if (bytes_written_compressed != 0 &&
3372
- !CBB_add_u16(outer_extensions.get(), kExtensions[i].value)) {
3373
- return false;
3374
- }
3375
- }
3376
-
3377
- if (ssl->ctx->grease_enabled) {
3378
- // Add a fake non-empty extension. See RFC 8701. This always matches
3379
- // |ssl_add_clienthello_tlsext|, so compress it.
3380
- uint16_t grease_ext = ssl_get_grease_value(hs, ssl_grease_extension2);
3381
- if (!add_padding_extension(compressed.get(), grease_ext, 1) ||
3382
- !CBB_add_u16(outer_extensions.get(), grease_ext)) {
3383
- return false;
3384
- }
3385
- }
3386
-
3387
- // Uncompressed extensions are encoded as-is.
3388
- if (!CBB_add_bytes(&extensions_encoded, CBB_data(&extensions),
3389
- CBB_len(&extensions))) {
3390
- return false;
3391
- }
3392
-
3393
- // Flush all the compressed extensions.
3394
- if (CBB_len(compressed.get()) != 0) {
3395
- CBB extension, child;
3396
- // Copy them as-is in the real ClientHelloInner.
3397
- if (!CBB_add_bytes(&extensions, CBB_data(compressed.get()),
3398
- CBB_len(compressed.get())) ||
3399
- // Replace with ech_outer_extensions in the encoded form.
3400
- !CBB_add_u16(&extensions_encoded, TLSEXT_TYPE_ech_outer_extensions) ||
3401
- !CBB_add_u16_length_prefixed(&extensions_encoded, &extension) ||
3402
- !CBB_add_u8_length_prefixed(&extension, &child) ||
3403
- !CBB_add_bytes(&child, CBB_data(outer_extensions.get()),
3404
- CBB_len(outer_extensions.get())) ||
3405
- !CBB_flush(&extensions_encoded)) {
3406
- return false;
3407
- }
3408
- }
3409
-
3410
- // The PSK extension must be last. It is never compressed. Note, if there is a
3411
- // binder, the caller will need to update both ClientHelloInner and
3412
- // EncodedClientHelloInner after computing it.
3413
- const size_t len_before = CBB_len(&extensions);
3414
- if (!ext_pre_shared_key_add_clienthello(hs, &extensions, out_needs_psk_binder,
3415
- ssl_client_hello_inner) ||
3416
- !CBB_add_bytes(&extensions_encoded, CBB_data(&extensions) + len_before,
3417
- CBB_len(&extensions) - len_before) ||
3418
- !CBB_flush(out) || //
3419
- !CBB_flush(out_encoded)) {
3420
- return false;
3421
- }
3422
-
3423
- return true;
3424
- }
3425
-
3426
- bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
3427
- bool *out_needs_psk_binder,
3428
- ssl_client_hello_type_t type,
3429
- size_t header_len) {
3430
- *out_needs_psk_binder = false;
3431
-
3432
- if (type == ssl_client_hello_inner) {
3433
- return ssl_add_clienthello_tlsext_inner(hs, out, out_encoded,
3434
- out_needs_psk_binder);
3435
- }
3436
-
3437
- assert(out_encoded == nullptr); // Only ClientHelloInner needs two outputs.
3438
- SSL *const ssl = hs->ssl;
3439
- CBB extensions;
3440
- if (!CBB_add_u16_length_prefixed(out, &extensions)) {
3441
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3442
- return false;
3443
- }
3444
-
3445
- // Note we may send multiple ClientHellos for DTLS HelloVerifyRequest and TLS
3446
- // 1.3 HelloRetryRequest. For the latter, the extensions may change, so it is
3447
- // important to reset this value.
3448
- hs->extensions.sent = 0;
3449
-
3450
- // Add a fake empty extension. See RFC 8701.
3451
- if (ssl->ctx->grease_enabled &&
3452
- !add_padding_extension(
3453
- &extensions, ssl_get_grease_value(hs, ssl_grease_extension1), 0)) {
3454
- return false;
3455
- }
3456
-
3457
- bool last_was_empty = false;
3458
- for (size_t unpermuted = 0; unpermuted < kNumExtensions; unpermuted++) {
3459
- size_t i = hs->extension_permutation.empty()
3460
- ? unpermuted
3461
- : hs->extension_permutation[unpermuted];
3462
- const size_t len_before = CBB_len(&extensions);
3463
- if (!kExtensions[i].add_clienthello(hs, &extensions, &extensions, type)) {
3464
- OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3465
- ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3466
- return false;
3467
- }
3468
-
3469
- const size_t bytes_written = CBB_len(&extensions) - len_before;
3470
- if (bytes_written != 0) {
3471
- hs->extensions.sent |= (1u << i);
3472
- }
3473
- // If the difference in lengths is only four bytes then the extension had
3474
- // an empty body.
3475
- last_was_empty = (bytes_written == 4);
3476
- }
3477
-
3478
- if (ssl->ctx->grease_enabled) {
3479
- // Add a fake non-empty extension. See RFC 8701.
3480
- if (!add_padding_extension(
3481
- &extensions, ssl_get_grease_value(hs, ssl_grease_extension2), 1)) {
3482
- return false;
3483
- }
3484
- last_was_empty = false;
3485
- }
3486
-
3487
- // In cleartext ClientHellos, we add the padding extension to work around
3488
- // bugs. We also apply this padding to ClientHelloOuter, to keep the wire
3489
- // images aligned.
3490
- size_t psk_extension_len = ext_pre_shared_key_clienthello_length(hs, type);
3491
- if (!SSL_is_dtls(ssl) && !ssl->quic_method &&
3492
- !ssl->s3->used_hello_retry_request) {
3493
- header_len +=
3494
- SSL3_HM_HEADER_LENGTH + 2 + CBB_len(&extensions) + psk_extension_len;
3495
- size_t padding_len = 0;
3496
-
3497
- // The final extension must be non-empty. WebSphere Application
3498
- // Server 7.0 is intolerant to the last extension being zero-length. See
3499
- // https://crbug.com/363583.
3500
- if (last_was_empty && psk_extension_len == 0) {
3501
- padding_len = 1;
3502
- // The addition of the padding extension may push us into the F5 bug.
3503
- header_len += 4 + padding_len;
3504
- }
3505
-
3506
- // Add padding to workaround bugs in F5 terminators. See RFC 7685.
3507
- //
3508
- // NB: because this code works out the length of all existing extensions
3509
- // it MUST always appear last (save for any PSK extension).
3510
- if (header_len > 0xff && header_len < 0x200) {
3511
- // If our calculations already included a padding extension, remove that
3512
- // factor because we're about to change its length.
3513
- if (padding_len != 0) {
3514
- header_len -= 4 + padding_len;
3515
- }
3516
- padding_len = 0x200 - header_len;
3517
- // Extensions take at least four bytes to encode. Always include at least
3518
- // one byte of data if including the extension. WebSphere Application
3519
- // Server 7.0 is intolerant to the last extension being zero-length. See
3520
- // https://crbug.com/363583.
3521
- if (padding_len >= 4 + 1) {
3522
- padding_len -= 4;
3523
- } else {
3524
- padding_len = 1;
3525
- }
3526
- }
3527
-
3528
- if (padding_len != 0 &&
3529
- !add_padding_extension(&extensions, TLSEXT_TYPE_padding, padding_len)) {
3530
- return false;
3531
- }
3532
- }
3533
-
3534
- // The PSK extension must be last, including after the padding.
3535
- const size_t len_before = CBB_len(&extensions);
3536
- if (!ext_pre_shared_key_add_clienthello(hs, &extensions, out_needs_psk_binder,
3537
- type)) {
3538
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3539
- return false;
3540
- }
3541
- assert(psk_extension_len == CBB_len(&extensions) - len_before);
3542
- (void)len_before; // |assert| is omitted in release builds.
3543
-
3544
- // Discard empty extensions blocks.
3545
- if (CBB_len(&extensions) == 0) {
3546
- CBB_discard_child(out);
3547
- }
3548
-
3549
- return CBB_flush(out);
3550
- }
3551
-
3552
- bool ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out) {
3553
- SSL *const ssl = hs->ssl;
3554
- CBB extensions;
3555
- if (!CBB_add_u16_length_prefixed(out, &extensions)) {
3556
- goto err;
3557
- }
3558
-
3559
- for (unsigned i = 0; i < kNumExtensions; i++) {
3560
- if (!(hs->extensions.received & (1u << i))) {
3561
- // Don't send extensions that were not received.
3562
- continue;
3563
- }
3564
-
3565
- if (!kExtensions[i].add_serverhello(hs, &extensions)) {
3566
- OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
3567
- ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3568
- goto err;
3569
- }
3570
- }
3571
-
3572
- // Discard empty extensions blocks before TLS 1.3.
3573
- if (ssl_protocol_version(ssl) < TLS1_3_VERSION &&
3574
- CBB_len(&extensions) == 0) {
3575
- CBB_discard_child(out);
3576
- }
3577
-
3578
- return CBB_flush(out);
3579
-
3580
- err:
3581
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
3582
- return false;
3583
- }
3584
-
3585
- static bool ssl_scan_clienthello_tlsext(SSL_HANDSHAKE *hs,
3586
- const SSL_CLIENT_HELLO *client_hello,
3587
- int *out_alert) {
3588
- hs->extensions.received = 0;
3589
- CBS extensions;
3590
- CBS_init(&extensions, client_hello->extensions, client_hello->extensions_len);
3591
- while (CBS_len(&extensions) != 0) {
3592
- uint16_t type;
3593
- CBS extension;
3594
-
3595
- // Decode the next extension.
3596
- if (!CBS_get_u16(&extensions, &type) ||
3597
- !CBS_get_u16_length_prefixed(&extensions, &extension)) {
3598
- *out_alert = SSL_AD_DECODE_ERROR;
3599
- return false;
3600
- }
3601
-
3602
- unsigned ext_index;
3603
- const struct tls_extension *const ext =
3604
- tls_extension_find(&ext_index, type);
3605
- if (ext == NULL) {
3606
- continue;
3607
- }
3608
-
3609
- hs->extensions.received |= (1u << ext_index);
3610
- uint8_t alert = SSL_AD_DECODE_ERROR;
3611
- if (!ext->parse_clienthello(hs, &alert, &extension)) {
3612
- *out_alert = alert;
3613
- OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
3614
- ERR_add_error_dataf("extension %u", (unsigned)type);
3615
- return false;
3616
- }
3617
- }
3618
-
3619
- for (size_t i = 0; i < kNumExtensions; i++) {
3620
- if (hs->extensions.received & (1u << i)) {
3621
- continue;
3622
- }
3623
-
3624
- CBS *contents = NULL, fake_contents;
3625
- static const uint8_t kFakeRenegotiateExtension[] = {0};
3626
- if (kExtensions[i].value == TLSEXT_TYPE_renegotiate &&
3627
- ssl_client_cipher_list_contains_cipher(client_hello,
3628
- SSL3_CK_SCSV & 0xffff)) {
3629
- // The renegotiation SCSV was received so pretend that we received a
3630
- // renegotiation extension.
3631
- CBS_init(&fake_contents, kFakeRenegotiateExtension,
3632
- sizeof(kFakeRenegotiateExtension));
3633
- contents = &fake_contents;
3634
- hs->extensions.received |= (1u << i);
3635
- }
3636
-
3637
- // Extension wasn't observed so call the callback with a NULL
3638
- // parameter.
3639
- uint8_t alert = SSL_AD_DECODE_ERROR;
3640
- if (!kExtensions[i].parse_clienthello(hs, &alert, contents)) {
3641
- OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_EXTENSION);
3642
- ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3643
- *out_alert = alert;
3644
- return false;
3645
- }
3646
- }
3647
-
3648
- return true;
3649
- }
3650
-
3651
- bool ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
3652
- const SSL_CLIENT_HELLO *client_hello) {
3653
- SSL *const ssl = hs->ssl;
3654
- int alert = SSL_AD_DECODE_ERROR;
3655
- if (!ssl_scan_clienthello_tlsext(hs, client_hello, &alert)) {
3656
- ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
3657
- return false;
3658
- }
3659
-
3660
- if (!ssl_check_clienthello_tlsext(hs)) {
3661
- OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_TLSEXT);
3662
- return false;
3663
- }
3664
-
3665
- return true;
3666
- }
3667
-
3668
- static bool ssl_scan_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs,
3669
- int *out_alert) {
3670
- CBS extensions = *cbs;
3671
- if (!tls1_check_duplicate_extensions(&extensions)) {
3672
- *out_alert = SSL_AD_DECODE_ERROR;
3673
- return false;
3674
- }
3675
-
3676
- uint32_t received = 0;
3677
- while (CBS_len(&extensions) != 0) {
3678
- uint16_t type;
3679
- CBS extension;
3680
-
3681
- // Decode the next extension.
3682
- if (!CBS_get_u16(&extensions, &type) ||
3683
- !CBS_get_u16_length_prefixed(&extensions, &extension)) {
3684
- *out_alert = SSL_AD_DECODE_ERROR;
3685
- return false;
3686
- }
3687
-
3688
- unsigned ext_index;
3689
- const struct tls_extension *const ext =
3690
- tls_extension_find(&ext_index, type);
3691
-
3692
- if (ext == NULL) {
3693
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
3694
- ERR_add_error_dataf("extension %u", (unsigned)type);
3695
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
3696
- return false;
3697
- }
3698
-
3699
- static_assert(kNumExtensions <= sizeof(hs->extensions.sent) * 8,
3700
- "too many bits");
3701
-
3702
- if (!(hs->extensions.sent & (1u << ext_index))) {
3703
- // If the extension was never sent then it is illegal.
3704
- OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
3705
- ERR_add_error_dataf("extension :%u", (unsigned)type);
3706
- *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
3707
- return false;
3708
- }
3709
-
3710
- received |= (1u << ext_index);
3711
-
3712
- uint8_t alert = SSL_AD_DECODE_ERROR;
3713
- if (!ext->parse_serverhello(hs, &alert, &extension)) {
3714
- OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
3715
- ERR_add_error_dataf("extension %u", (unsigned)type);
3716
- *out_alert = alert;
3717
- return false;
3718
- }
3719
- }
3720
-
3721
- for (size_t i = 0; i < kNumExtensions; i++) {
3722
- if (!(received & (1u << i))) {
3723
- // Extension wasn't observed so call the callback with a NULL
3724
- // parameter.
3725
- uint8_t alert = SSL_AD_DECODE_ERROR;
3726
- if (!kExtensions[i].parse_serverhello(hs, &alert, NULL)) {
3727
- OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_EXTENSION);
3728
- ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
3729
- *out_alert = alert;
3730
- return false;
3731
- }
3732
- }
3733
- }
3734
-
3735
- return true;
3736
- }
3737
-
3738
- static bool ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) {
3739
- SSL *const ssl = hs->ssl;
3740
- int ret = SSL_TLSEXT_ERR_NOACK;
3741
- int al = SSL_AD_UNRECOGNIZED_NAME;
3742
- if (ssl->ctx->servername_callback != 0) {
3743
- ret = ssl->ctx->servername_callback(ssl, &al, ssl->ctx->servername_arg);
3744
- } else if (ssl->session_ctx->servername_callback != 0) {
3745
- ret = ssl->session_ctx->servername_callback(
3746
- ssl, &al, ssl->session_ctx->servername_arg);
3747
- }
3748
-
3749
- switch (ret) {
3750
- case SSL_TLSEXT_ERR_ALERT_FATAL:
3751
- ssl_send_alert(ssl, SSL3_AL_FATAL, al);
3752
- return false;
3753
-
3754
- case SSL_TLSEXT_ERR_NOACK:
3755
- hs->should_ack_sni = false;
3756
- return true;
3757
-
3758
- default:
3759
- return true;
3760
- }
3761
- }
3762
-
3763
- static bool ssl_check_serverhello_tlsext(SSL_HANDSHAKE *hs) {
3764
- SSL *const ssl = hs->ssl;
3765
- // ALPS and ALPN have a dependency between each other, so we defer checking
3766
- // consistency to after the callbacks run.
3767
- if (hs->new_session != nullptr && hs->new_session->has_application_settings) {
3768
- // ALPN must be negotiated.
3769
- if (ssl->s3->alpn_selected.empty()) {
3770
- OPENSSL_PUT_ERROR(SSL, SSL_R_NEGOTIATED_ALPS_WITHOUT_ALPN);
3771
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
3772
- return false;
3773
- }
3774
-
3775
- // The negotiated protocol must be one of the ones we advertised for ALPS.
3776
- Span<const uint8_t> settings;
3777
- if (!ssl_get_local_application_settings(hs, &settings,
3778
- ssl->s3->alpn_selected)) {
3779
- OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_ALPN_PROTOCOL);
3780
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
3781
- return false;
3782
- }
3783
-
3784
- if (!hs->new_session->local_application_settings.CopyFrom(settings)) {
3785
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
3786
- return false;
3787
- }
3788
- }
3789
-
3790
- return true;
3791
- }
3792
-
3793
- bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs) {
3794
- SSL *const ssl = hs->ssl;
3795
- int alert = SSL_AD_DECODE_ERROR;
3796
- if (!ssl_scan_serverhello_tlsext(hs, cbs, &alert)) {
3797
- ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
3798
- return false;
3799
- }
3800
-
3801
- if (!ssl_check_serverhello_tlsext(hs)) {
3802
- return false;
3803
- }
3804
-
3805
- return true;
3806
- }
3807
-
3808
- static enum ssl_ticket_aead_result_t decrypt_ticket_with_cipher_ctx(
3809
- Array<uint8_t> *out, EVP_CIPHER_CTX *cipher_ctx, HMAC_CTX *hmac_ctx,
3810
- Span<const uint8_t> ticket) {
3811
- size_t iv_len = EVP_CIPHER_CTX_iv_length(cipher_ctx);
3812
-
3813
- // Check the MAC at the end of the ticket.
3814
- uint8_t mac[EVP_MAX_MD_SIZE];
3815
- size_t mac_len = HMAC_size(hmac_ctx);
3816
- if (ticket.size() < SSL_TICKET_KEY_NAME_LEN + iv_len + 1 + mac_len) {
3817
- // The ticket must be large enough for key name, IV, data, and MAC.
3818
- return ssl_ticket_aead_ignore_ticket;
3819
- }
3820
- // Split the ticket into the ticket and the MAC.
3821
- auto ticket_mac = ticket.last(mac_len);
3822
- ticket = ticket.first(ticket.size() - mac_len);
3823
- HMAC_Update(hmac_ctx, ticket.data(), ticket.size());
3824
- HMAC_Final(hmac_ctx, mac, NULL);
3825
- assert(mac_len == ticket_mac.size());
3826
- bool mac_ok = CRYPTO_memcmp(mac, ticket_mac.data(), mac_len) == 0;
3827
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
3828
- mac_ok = true;
3829
- #endif
3830
- if (!mac_ok) {
3831
- return ssl_ticket_aead_ignore_ticket;
3832
- }
3833
-
3834
- // Decrypt the session data.
3835
- auto ciphertext = ticket.subspan(SSL_TICKET_KEY_NAME_LEN + iv_len);
3836
- Array<uint8_t> plaintext;
3837
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
3838
- if (!plaintext.CopyFrom(ciphertext)) {
3839
- return ssl_ticket_aead_error;
3840
- }
3841
- #else
3842
- if (ciphertext.size() >= INT_MAX) {
3843
- return ssl_ticket_aead_ignore_ticket;
3844
- }
3845
- if (!plaintext.Init(ciphertext.size())) {
3846
- return ssl_ticket_aead_error;
3847
- }
3848
- int len1, len2;
3849
- if (!EVP_DecryptUpdate(cipher_ctx, plaintext.data(), &len1, ciphertext.data(),
3850
- (int)ciphertext.size()) ||
3851
- !EVP_DecryptFinal_ex(cipher_ctx, plaintext.data() + len1, &len2)) {
3852
- ERR_clear_error();
3853
- return ssl_ticket_aead_ignore_ticket;
3854
- }
3855
- plaintext.Shrink(static_cast<size_t>(len1) + len2);
3856
- #endif
3857
-
3858
- *out = std::move(plaintext);
3859
- return ssl_ticket_aead_success;
3860
- }
3861
-
3862
- static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_cb(
3863
- SSL_HANDSHAKE *hs, Array<uint8_t> *out, bool *out_renew_ticket,
3864
- Span<const uint8_t> ticket) {
3865
- assert(ticket.size() >= SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH);
3866
- ScopedEVP_CIPHER_CTX cipher_ctx;
3867
- ScopedHMAC_CTX hmac_ctx;
3868
- auto name = ticket.subspan(0, SSL_TICKET_KEY_NAME_LEN);
3869
- // The actual IV is shorter, but the length is determined by the callback's
3870
- // chosen cipher. Instead we pass in |EVP_MAX_IV_LENGTH| worth of IV to ensure
3871
- // the callback has enough.
3872
- auto iv = ticket.subspan(SSL_TICKET_KEY_NAME_LEN, EVP_MAX_IV_LENGTH);
3873
- int cb_ret = hs->ssl->session_ctx->ticket_key_cb(
3874
- hs->ssl, const_cast<uint8_t *>(name.data()),
3875
- const_cast<uint8_t *>(iv.data()), cipher_ctx.get(), hmac_ctx.get(),
3876
- 0 /* decrypt */);
3877
- if (cb_ret < 0) {
3878
- return ssl_ticket_aead_error;
3879
- } else if (cb_ret == 0) {
3880
- return ssl_ticket_aead_ignore_ticket;
3881
- } else if (cb_ret == 2) {
3882
- *out_renew_ticket = true;
3883
- } else {
3884
- assert(cb_ret == 1);
3885
- }
3886
- return decrypt_ticket_with_cipher_ctx(out, cipher_ctx.get(), hmac_ctx.get(),
3887
- ticket);
3888
- }
3889
-
3890
- static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_ticket_keys(
3891
- SSL_HANDSHAKE *hs, Array<uint8_t> *out, Span<const uint8_t> ticket) {
3892
- assert(ticket.size() >= SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH);
3893
- SSL_CTX *ctx = hs->ssl->session_ctx.get();
3894
-
3895
- // Rotate the ticket key if necessary.
3896
- if (!ssl_ctx_rotate_ticket_encryption_key(ctx)) {
3897
- return ssl_ticket_aead_error;
3898
- }
3899
-
3900
- const EVP_CIPHER *cipher = EVP_aes_128_cbc();
3901
- auto name = ticket.subspan(0, SSL_TICKET_KEY_NAME_LEN);
3902
- auto iv =
3903
- ticket.subspan(SSL_TICKET_KEY_NAME_LEN, EVP_CIPHER_iv_length(cipher));
3904
-
3905
- // Pick the matching ticket key and decrypt.
3906
- ScopedEVP_CIPHER_CTX cipher_ctx;
3907
- ScopedHMAC_CTX hmac_ctx;
3908
- {
3909
- MutexReadLock lock(&ctx->lock);
3910
- const TicketKey *key;
3911
- if (ctx->ticket_key_current && name == ctx->ticket_key_current->name) {
3912
- key = ctx->ticket_key_current.get();
3913
- } else if (ctx->ticket_key_prev && name == ctx->ticket_key_prev->name) {
3914
- key = ctx->ticket_key_prev.get();
3915
- } else {
3916
- return ssl_ticket_aead_ignore_ticket;
3917
- }
3918
- if (!HMAC_Init_ex(hmac_ctx.get(), key->hmac_key, sizeof(key->hmac_key),
3919
- tlsext_tick_md(), NULL) ||
3920
- !EVP_DecryptInit_ex(cipher_ctx.get(), cipher, NULL,
3921
- key->aes_key, iv.data())) {
3922
- return ssl_ticket_aead_error;
3923
- }
3924
- }
3925
- return decrypt_ticket_with_cipher_ctx(out, cipher_ctx.get(), hmac_ctx.get(),
3926
- ticket);
3927
- }
3928
-
3929
- static enum ssl_ticket_aead_result_t ssl_decrypt_ticket_with_method(
3930
- SSL_HANDSHAKE *hs, Array<uint8_t> *out, bool *out_renew_ticket,
3931
- Span<const uint8_t> ticket) {
3932
- Array<uint8_t> plaintext;
3933
- if (!plaintext.Init(ticket.size())) {
3934
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
3935
- return ssl_ticket_aead_error;
3936
- }
3937
-
3938
- size_t plaintext_len;
3939
- const enum ssl_ticket_aead_result_t result =
3940
- hs->ssl->session_ctx->ticket_aead_method->open(
3941
- hs->ssl, plaintext.data(), &plaintext_len, ticket.size(),
3942
- ticket.data(), ticket.size());
3943
- if (result != ssl_ticket_aead_success) {
3944
- return result;
3945
- }
3946
-
3947
- plaintext.Shrink(plaintext_len);
3948
- *out = std::move(plaintext);
3949
- return ssl_ticket_aead_success;
3950
- }
3951
-
3952
- enum ssl_ticket_aead_result_t ssl_process_ticket(
3953
- SSL_HANDSHAKE *hs, UniquePtr<SSL_SESSION> *out_session,
3954
- bool *out_renew_ticket, Span<const uint8_t> ticket,
3955
- Span<const uint8_t> session_id) {
3956
- SSL *const ssl = hs->ssl;
3957
- *out_renew_ticket = false;
3958
- out_session->reset();
3959
-
3960
- if ((SSL_get_options(hs->ssl) & SSL_OP_NO_TICKET) ||
3961
- session_id.size() > SSL_MAX_SSL_SESSION_ID_LENGTH) {
3962
- return ssl_ticket_aead_ignore_ticket;
3963
- }
3964
-
3965
- // Tickets in TLS 1.3 are tied into pre-shared keys (PSKs), unlike in TLS 1.2
3966
- // where that concept doesn't exist. The |decrypted_psk| and |ignore_psk|
3967
- // hints only apply to PSKs. We check the version to determine which this is.
3968
- const bool is_psk = ssl_protocol_version(ssl) >= TLS1_3_VERSION;
3969
-
3970
- Array<uint8_t> plaintext;
3971
- enum ssl_ticket_aead_result_t result;
3972
- SSL_HANDSHAKE_HINTS *const hints = hs->hints.get();
3973
- if (is_psk && hints && !hs->hints_requested &&
3974
- !hints->decrypted_psk.empty()) {
3975
- result = plaintext.CopyFrom(hints->decrypted_psk) ? ssl_ticket_aead_success
3976
- : ssl_ticket_aead_error;
3977
- } else if (is_psk && hints && !hs->hints_requested && hints->ignore_psk) {
3978
- result = ssl_ticket_aead_ignore_ticket;
3979
- } else if (ssl->session_ctx->ticket_aead_method != NULL) {
3980
- result = ssl_decrypt_ticket_with_method(hs, &plaintext, out_renew_ticket,
3981
- ticket);
3982
- } else {
3983
- // Ensure there is room for the key name and the largest IV |ticket_key_cb|
3984
- // may try to consume. The real limit may be lower, but the maximum IV
3985
- // length should be well under the minimum size for the session material and
3986
- // HMAC.
3987
- if (ticket.size() < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) {
3988
- result = ssl_ticket_aead_ignore_ticket;
3989
- } else if (ssl->session_ctx->ticket_key_cb != NULL) {
3990
- result =
3991
- ssl_decrypt_ticket_with_cb(hs, &plaintext, out_renew_ticket, ticket);
3992
- } else {
3993
- result = ssl_decrypt_ticket_with_ticket_keys(hs, &plaintext, ticket);
3994
- }
3995
- }
3996
-
3997
- if (is_psk && hints && hs->hints_requested) {
3998
- if (result == ssl_ticket_aead_ignore_ticket) {
3999
- hints->ignore_psk = true;
4000
- } else if (result == ssl_ticket_aead_success &&
4001
- !hints->decrypted_psk.CopyFrom(plaintext)) {
4002
- return ssl_ticket_aead_error;
4003
- }
4004
- }
4005
-
4006
- if (result != ssl_ticket_aead_success) {
4007
- return result;
4008
- }
4009
-
4010
- // Decode the session.
4011
- UniquePtr<SSL_SESSION> session(SSL_SESSION_from_bytes(
4012
- plaintext.data(), plaintext.size(), ssl->ctx.get()));
4013
- if (!session) {
4014
- ERR_clear_error(); // Don't leave an error on the queue.
4015
- return ssl_ticket_aead_ignore_ticket;
4016
- }
4017
-
4018
- // Envoy's tests expect the session to have a session ID that matches the
4019
- // placeholder used by the client. It's unclear whether this is a good idea,
4020
- // but we maintain it for now.
4021
- SHA256(ticket.data(), ticket.size(), session->session_id);
4022
- // Other consumers may expect a non-empty session ID to indicate resumption.
4023
- session->session_id_length = SHA256_DIGEST_LENGTH;
4024
-
4025
- *out_session = std::move(session);
4026
- return ssl_ticket_aead_success;
4027
- }
4028
-
4029
- bool tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *in_sigalgs) {
4030
- // Extension ignored for inappropriate versions
4031
- if (ssl_protocol_version(hs->ssl) < TLS1_2_VERSION) {
4032
- return true;
4033
- }
4034
-
4035
- // In all contexts, the signature algorithms list may not be empty. (It may be
4036
- // omitted by clients in TLS 1.2, but then the entire extension is omitted.)
4037
- return CBS_len(in_sigalgs) != 0 &&
4038
- parse_u16_array(in_sigalgs, &hs->peer_sigalgs);
4039
- }
4040
-
4041
- bool tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey) {
4042
- switch (EVP_PKEY_id(pkey)) {
4043
- case EVP_PKEY_RSA:
4044
- *out = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
4045
- return true;
4046
- case EVP_PKEY_EC:
4047
- *out = SSL_SIGN_ECDSA_SHA1;
4048
- return true;
4049
- default:
4050
- return false;
4051
- }
4052
- }
4053
-
4054
- bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out) {
4055
- SSL *const ssl = hs->ssl;
4056
- CERT *cert = hs->config->cert.get();
4057
- DC *dc = cert->dc.get();
4058
-
4059
- // Before TLS 1.2, the signature algorithm isn't negotiated as part of the
4060
- // handshake.
4061
- if (ssl_protocol_version(ssl) < TLS1_2_VERSION) {
4062
- if (!tls1_get_legacy_signature_algorithm(out, hs->local_pubkey.get())) {
4063
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
4064
- return false;
4065
- }
4066
- return true;
4067
- }
4068
-
4069
- Span<const uint16_t> sigalgs = kSignSignatureAlgorithms;
4070
- if (ssl_signing_with_dc(hs)) {
4071
- sigalgs = MakeConstSpan(&dc->expected_cert_verify_algorithm, 1);
4072
- } else if (!cert->sigalgs.empty()) {
4073
- sigalgs = cert->sigalgs;
4074
- }
4075
-
4076
- Span<const uint16_t> peer_sigalgs = tls1_get_peer_verify_algorithms(hs);
4077
-
4078
- for (uint16_t sigalg : sigalgs) {
4079
- // SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal value and should never be
4080
- // negotiated.
4081
- if (sigalg == SSL_SIGN_RSA_PKCS1_MD5_SHA1 ||
4082
- !ssl_private_key_supports_signature_algorithm(hs, sigalg)) {
4083
- continue;
4084
- }
4085
-
4086
- for (uint16_t peer_sigalg : peer_sigalgs) {
4087
- if (sigalg == peer_sigalg) {
4088
- *out = sigalg;
4089
- return true;
4090
- }
4091
- }
4092
- }
4093
-
4094
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS);
4095
- return false;
4096
- }
4097
-
4098
- Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs) {
4099
- Span<const uint16_t> peer_sigalgs = hs->peer_sigalgs;
4100
- if (peer_sigalgs.empty() && ssl_protocol_version(hs->ssl) < TLS1_3_VERSION) {
4101
- // If the client didn't specify any signature_algorithms extension then
4102
- // we can assume that it supports SHA1. See
4103
- // http://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
4104
- static const uint16_t kDefaultPeerAlgorithms[] = {SSL_SIGN_RSA_PKCS1_SHA1,
4105
- SSL_SIGN_ECDSA_SHA1};
4106
- peer_sigalgs = kDefaultPeerAlgorithms;
4107
- }
4108
- return peer_sigalgs;
4109
- }
4110
-
4111
- bool tls1_verify_channel_id(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
4112
- SSL *const ssl = hs->ssl;
4113
- // A Channel ID handshake message is structured to contain multiple
4114
- // extensions, but the only one that can be present is Channel ID.
4115
- uint16_t extension_type;
4116
- CBS channel_id = msg.body, extension;
4117
- if (!CBS_get_u16(&channel_id, &extension_type) ||
4118
- !CBS_get_u16_length_prefixed(&channel_id, &extension) ||
4119
- CBS_len(&channel_id) != 0 ||
4120
- extension_type != TLSEXT_TYPE_channel_id ||
4121
- CBS_len(&extension) != TLSEXT_CHANNEL_ID_SIZE) {
4122
- OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
4123
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
4124
- return false;
4125
- }
4126
-
4127
- UniquePtr<EC_GROUP> p256(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
4128
- if (!p256) {
4129
- OPENSSL_PUT_ERROR(SSL, SSL_R_NO_P256_SUPPORT);
4130
- return false;
4131
- }
4132
-
4133
- UniquePtr<ECDSA_SIG> sig(ECDSA_SIG_new());
4134
- UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
4135
- if (!sig || !x || !y) {
4136
- return false;
4137
- }
4138
-
4139
- const uint8_t *p = CBS_data(&extension);
4140
- if (BN_bin2bn(p + 0, 32, x.get()) == NULL ||
4141
- BN_bin2bn(p + 32, 32, y.get()) == NULL ||
4142
- BN_bin2bn(p + 64, 32, sig->r) == NULL ||
4143
- BN_bin2bn(p + 96, 32, sig->s) == NULL) {
4144
- return false;
4145
- }
4146
-
4147
- UniquePtr<EC_KEY> key(EC_KEY_new());
4148
- UniquePtr<EC_POINT> point(EC_POINT_new(p256.get()));
4149
- if (!key || !point ||
4150
- !EC_POINT_set_affine_coordinates_GFp(p256.get(), point.get(), x.get(),
4151
- y.get(), nullptr) ||
4152
- !EC_KEY_set_group(key.get(), p256.get()) ||
4153
- !EC_KEY_set_public_key(key.get(), point.get())) {
4154
- return false;
4155
- }
4156
-
4157
- uint8_t digest[EVP_MAX_MD_SIZE];
4158
- size_t digest_len;
4159
- if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
4160
- return false;
4161
- }
4162
-
4163
- bool sig_ok = ECDSA_do_verify(digest, digest_len, sig.get(), key.get());
4164
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
4165
- sig_ok = true;
4166
- ERR_clear_error();
4167
- #endif
4168
- if (!sig_ok) {
4169
- OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
4170
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
4171
- return false;
4172
- }
4173
-
4174
- OPENSSL_memcpy(ssl->s3->channel_id, p, 64);
4175
- ssl->s3->channel_id_valid = true;
4176
- return true;
4177
- }
4178
-
4179
- bool tls1_write_channel_id(SSL_HANDSHAKE *hs, CBB *cbb) {
4180
- uint8_t digest[EVP_MAX_MD_SIZE];
4181
- size_t digest_len;
4182
- if (!tls1_channel_id_hash(hs, digest, &digest_len)) {
4183
- return false;
4184
- }
4185
-
4186
- EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(hs->config->channel_id_private.get());
4187
- if (ec_key == nullptr) {
4188
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
4189
- return false;
4190
- }
4191
-
4192
- UniquePtr<BIGNUM> x(BN_new()), y(BN_new());
4193
- if (!x || !y ||
4194
- !EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec_key),
4195
- EC_KEY_get0_public_key(ec_key),
4196
- x.get(), y.get(), nullptr)) {
4197
- return false;
4198
- }
4199
-
4200
- UniquePtr<ECDSA_SIG> sig(ECDSA_do_sign(digest, digest_len, ec_key));
4201
- if (!sig) {
4202
- return false;
4203
- }
4204
-
4205
- CBB child;
4206
- if (!CBB_add_u16(cbb, TLSEXT_TYPE_channel_id) ||
4207
- !CBB_add_u16_length_prefixed(cbb, &child) ||
4208
- !BN_bn2cbb_padded(&child, 32, x.get()) ||
4209
- !BN_bn2cbb_padded(&child, 32, y.get()) ||
4210
- !BN_bn2cbb_padded(&child, 32, sig->r) ||
4211
- !BN_bn2cbb_padded(&child, 32, sig->s) ||
4212
- !CBB_flush(cbb)) {
4213
- return false;
4214
- }
4215
-
4216
- return true;
4217
- }
4218
-
4219
- bool tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len) {
4220
- SSL *const ssl = hs->ssl;
4221
- if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
4222
- Array<uint8_t> msg;
4223
- if (!tls13_get_cert_verify_signature_input(hs, &msg,
4224
- ssl_cert_verify_channel_id)) {
4225
- return false;
4226
- }
4227
- SHA256(msg.data(), msg.size(), out);
4228
- *out_len = SHA256_DIGEST_LENGTH;
4229
- return true;
4230
- }
4231
-
4232
- SHA256_CTX ctx;
4233
-
4234
- SHA256_Init(&ctx);
4235
- static const char kClientIDMagic[] = "TLS Channel ID signature";
4236
- SHA256_Update(&ctx, kClientIDMagic, sizeof(kClientIDMagic));
4237
-
4238
- if (ssl->session != NULL) {
4239
- static const char kResumptionMagic[] = "Resumption";
4240
- SHA256_Update(&ctx, kResumptionMagic, sizeof(kResumptionMagic));
4241
- if (ssl->session->original_handshake_hash_len == 0) {
4242
- OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
4243
- return false;
4244
- }
4245
- SHA256_Update(&ctx, ssl->session->original_handshake_hash,
4246
- ssl->session->original_handshake_hash_len);
4247
- }
4248
-
4249
- uint8_t hs_hash[EVP_MAX_MD_SIZE];
4250
- size_t hs_hash_len;
4251
- if (!hs->transcript.GetHash(hs_hash, &hs_hash_len)) {
4252
- return false;
4253
- }
4254
- SHA256_Update(&ctx, hs_hash, (size_t)hs_hash_len);
4255
- SHA256_Final(out, &ctx);
4256
- *out_len = SHA256_DIGEST_LENGTH;
4257
- return true;
4258
- }
4259
-
4260
- bool tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs) {
4261
- SSL *const ssl = hs->ssl;
4262
- // This function should never be called for a resumed session because the
4263
- // handshake hashes that we wish to record are for the original, full
4264
- // handshake.
4265
- if (ssl->session != NULL) {
4266
- return false;
4267
- }
4268
-
4269
- static_assert(
4270
- sizeof(hs->new_session->original_handshake_hash) == EVP_MAX_MD_SIZE,
4271
- "original_handshake_hash is too small");
4272
-
4273
- size_t digest_len;
4274
- if (!hs->transcript.GetHash(hs->new_session->original_handshake_hash,
4275
- &digest_len)) {
4276
- return false;
4277
- }
4278
-
4279
- static_assert(EVP_MAX_MD_SIZE <= 0xff,
4280
- "EVP_MAX_MD_SIZE does not fit in uint8_t");
4281
- hs->new_session->original_handshake_hash_len = (uint8_t)digest_len;
4282
-
4283
- return true;
4284
- }
4285
-
4286
- bool ssl_is_sct_list_valid(const CBS *contents) {
4287
- // Shallow parse the SCT list for sanity. By the RFC
4288
- // (https://tools.ietf.org/html/rfc6962#section-3.3) neither the list nor any
4289
- // of the SCTs may be empty.
4290
- CBS copy = *contents;
4291
- CBS sct_list;
4292
- if (!CBS_get_u16_length_prefixed(&copy, &sct_list) ||
4293
- CBS_len(&copy) != 0 ||
4294
- CBS_len(&sct_list) == 0) {
4295
- return false;
4296
- }
4297
-
4298
- while (CBS_len(&sct_list) > 0) {
4299
- CBS sct;
4300
- if (!CBS_get_u16_length_prefixed(&sct_list, &sct) ||
4301
- CBS_len(&sct) == 0) {
4302
- return false;
4303
- }
4304
- }
4305
-
4306
- return true;
4307
- }
4308
-
4309
- BSSL_NAMESPACE_END
4310
-
4311
- using namespace bssl;
4312
-
4313
- int SSL_early_callback_ctx_extension_get(const SSL_CLIENT_HELLO *client_hello,
4314
- uint16_t extension_type,
4315
- const uint8_t **out_data,
4316
- size_t *out_len) {
4317
- CBS cbs;
4318
- if (!ssl_client_hello_get_extension(client_hello, &cbs, extension_type)) {
4319
- return 0;
4320
- }
4321
-
4322
- *out_data = CBS_data(&cbs);
4323
- *out_len = CBS_len(&cbs);
4324
- return 1;
4325
- }