grpc 1.53.0.pre2 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (685) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +80 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/impl/grpc_types.h +11 -2
  6. data/include/grpc/support/port_platform.h +4 -4
  7. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  8. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  9. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  10. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  11. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  12. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  13. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  14. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  15. data/src/core/ext/filters/client_channel/http_proxy.cc +1 -1
  16. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  17. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  18. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  19. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +1 -15
  20. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  21. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  22. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +13 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  24. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  25. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  26. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  27. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  28. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  29. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  30. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  31. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  32. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  33. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  34. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  35. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  36. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  37. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  38. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  39. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  40. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  41. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  42. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  43. data/src/core/ext/gcp/metadata_query.cc +142 -0
  44. data/src/core/ext/gcp/metadata_query.h +82 -0
  45. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +149 -60
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +42 -23
  51. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +5 -3
  52. data/src/core/ext/transport/chttp2/transport/internal.h +18 -3
  53. data/src/core/ext/transport/chttp2/transport/parsing.cc +9 -2
  54. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  55. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  56. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  57. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  58. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  59. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  60. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  61. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  62. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  63. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  64. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  65. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  67. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  68. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  69. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  70. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  71. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  72. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  73. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  74. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  75. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  76. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  77. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  78. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  79. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  80. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  81. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  82. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  83. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  84. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  85. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  86. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  87. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  88. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  89. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  90. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  91. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  92. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  93. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  94. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  95. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  96. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  97. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  98. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  99. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  100. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  101. data/src/core/ext/xds/xds_client_stats.h +24 -20
  102. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  103. data/src/core/ext/xds/xds_endpoint.h +9 -1
  104. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  105. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  106. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  107. data/src/core/{ext/filters/client_channel/resolver/dns/dns_resolver_selection.h → lib/backoff/random_early_detection.cc} +14 -12
  108. data/src/core/lib/backoff/random_early_detection.h +59 -0
  109. data/src/core/lib/channel/call_finalization.h +1 -1
  110. data/src/core/lib/channel/call_tracer.cc +51 -0
  111. data/src/core/lib/channel/call_tracer.h +101 -38
  112. data/src/core/lib/channel/connected_channel.cc +483 -1050
  113. data/src/core/lib/channel/context.h +8 -1
  114. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  115. data/src/core/lib/channel/promise_based_filter.h +27 -13
  116. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  117. data/src/core/lib/config/config_vars.cc +151 -0
  118. data/src/core/lib/config/config_vars.h +127 -0
  119. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  120. data/src/core/lib/config/load_config.cc +66 -0
  121. data/src/core/lib/config/load_config.h +49 -0
  122. data/src/core/lib/debug/trace.cc +5 -6
  123. data/src/core/lib/debug/trace.h +0 -5
  124. data/src/core/lib/event_engine/event_engine.cc +37 -2
  125. data/src/core/lib/event_engine/handle_containers.h +7 -22
  126. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  127. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  128. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  129. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  130. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  131. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  132. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
  133. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  134. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  135. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  136. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  137. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  138. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  139. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  140. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  141. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  142. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  143. data/src/core/lib/experiments/config.cc +3 -10
  144. data/src/core/lib/experiments/experiments.cc +7 -0
  145. data/src/core/lib/experiments/experiments.h +9 -1
  146. data/src/core/lib/gpr/log.cc +15 -28
  147. data/src/core/lib/gprpp/fork.cc +8 -14
  148. data/src/core/lib/gprpp/orphanable.h +4 -3
  149. data/src/core/lib/gprpp/per_cpu.h +9 -3
  150. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  151. data/src/core/lib/gprpp/ref_counted.h +33 -34
  152. data/src/core/lib/gprpp/thd.h +16 -0
  153. data/src/core/lib/gprpp/time.cc +1 -0
  154. data/src/core/lib/gprpp/time.h +4 -4
  155. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  156. data/src/core/lib/iomgr/call_combiner.h +2 -2
  157. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  158. data/src/core/lib/iomgr/endpoint_pair.h +2 -2
  159. data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -2
  160. data/src/core/lib/iomgr/endpoint_pair_windows.cc +1 -1
  161. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  162. data/src/core/lib/iomgr/ev_posix.h +0 -3
  163. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  164. data/src/core/lib/iomgr/iomgr.cc +4 -8
  165. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  166. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  167. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  168. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  169. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  170. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  171. data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
  172. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  173. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  174. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  175. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  176. data/src/core/lib/promise/activity.cc +22 -6
  177. data/src/core/lib/promise/activity.h +61 -24
  178. data/src/core/lib/promise/cancel_callback.h +77 -0
  179. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  180. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  181. data/src/core/lib/promise/for_each.h +176 -0
  182. data/src/core/lib/promise/if.h +9 -0
  183. data/src/core/lib/promise/interceptor_list.h +23 -2
  184. data/src/core/lib/promise/latch.h +89 -3
  185. data/src/core/lib/promise/loop.h +13 -9
  186. data/src/core/lib/promise/map.h +7 -0
  187. data/src/core/lib/promise/party.cc +286 -0
  188. data/src/core/lib/promise/party.h +499 -0
  189. data/src/core/lib/promise/pipe.h +197 -57
  190. data/src/core/lib/promise/poll.h +48 -0
  191. data/src/core/lib/promise/promise.h +2 -2
  192. data/src/core/lib/resource_quota/arena.cc +19 -3
  193. data/src/core/lib/resource_quota/arena.h +119 -5
  194. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  195. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  196. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  197. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  198. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  199. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  200. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  201. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  202. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  203. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  204. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  205. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  206. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  207. data/src/core/lib/slice/slice.cc +1 -1
  208. data/src/core/lib/surface/builtins.cc +2 -0
  209. data/src/core/lib/surface/call.cc +926 -1024
  210. data/src/core/lib/surface/call.h +10 -0
  211. data/src/core/lib/surface/lame_client.cc +1 -0
  212. data/src/core/lib/surface/version.cc +2 -2
  213. data/src/core/lib/transport/batch_builder.cc +179 -0
  214. data/src/core/lib/transport/batch_builder.h +468 -0
  215. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  216. data/src/core/lib/transport/bdp_estimator.h +10 -6
  217. data/src/core/lib/transport/custom_metadata.h +30 -0
  218. data/src/core/lib/transport/metadata_batch.cc +9 -6
  219. data/src/core/lib/transport/metadata_batch.h +58 -16
  220. data/src/core/lib/transport/parsed_metadata.h +3 -3
  221. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  222. data/src/core/lib/transport/transport.cc +30 -2
  223. data/src/core/lib/transport/transport.h +70 -14
  224. data/src/core/lib/transport/transport_impl.h +7 -0
  225. data/src/core/lib/transport/transport_op_string.cc +52 -42
  226. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  227. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  228. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  229. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  230. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  231. data/src/core/tsi/ssl_transport_security.cc +4 -2
  232. data/src/ruby/lib/grpc/version.rb +1 -1
  233. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  234. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  235. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  236. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  237. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  238. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  239. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  240. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  241. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  242. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  243. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  244. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  245. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  246. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  247. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  248. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  252. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  253. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  254. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  255. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  256. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  257. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  258. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  259. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  260. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  261. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  262. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  263. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  264. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  265. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  266. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  288. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  289. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  290. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  291. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  292. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  293. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  294. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  295. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  298. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  299. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  300. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  301. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  302. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  303. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  304. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  305. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  306. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  307. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  308. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  309. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  310. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  311. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  312. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  313. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  314. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  317. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  318. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  319. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  320. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  321. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  322. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  323. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  324. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  325. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  326. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  327. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  328. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  329. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  330. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  331. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  332. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  333. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  334. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  335. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  336. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  337. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  338. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  339. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  340. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  341. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  342. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  343. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  344. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  345. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  346. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  347. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  348. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  349. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  350. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  351. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  352. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  363. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  364. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  365. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  366. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  367. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  368. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  369. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  370. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  393. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  395. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  396. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  398. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  400. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  402. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  407. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  446. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  447. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  448. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  449. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  450. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  451. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  452. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  453. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  454. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  455. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  456. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  457. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  458. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  459. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  460. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  461. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  463. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  464. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  465. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  466. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  467. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  468. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  469. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  470. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  472. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  473. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  474. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  475. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  476. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  477. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  478. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  479. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  480. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  481. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  482. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  483. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  484. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  485. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  486. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  487. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  488. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  532. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  533. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  534. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  535. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  536. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  537. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  538. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  557. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  558. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  559. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  560. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  561. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  562. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  563. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  564. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  565. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  566. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  567. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  568. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  569. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  570. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  571. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  572. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  573. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  574. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  575. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  577. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  578. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  579. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  580. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  581. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  582. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  583. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  584. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  585. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  586. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  588. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  589. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  590. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  591. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  592. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  593. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  594. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  595. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  596. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  597. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  598. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  599. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  600. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  601. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  602. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  603. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  604. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  605. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  606. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  607. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  608. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  609. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  610. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  611. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  612. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  613. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  614. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  615. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  616. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  617. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  618. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  619. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  620. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  621. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  622. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  627. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  628. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  629. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  630. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  631. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  632. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  633. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  634. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  635. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  636. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  637. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  638. metadata +107 -72
  639. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  640. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  641. data/src/core/lib/gprpp/global_config.h +0 -93
  642. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  643. data/src/core/lib/gprpp/global_config_env.h +0 -133
  644. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  645. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  646. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  647. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  648. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  649. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  650. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  651. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  652. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  653. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  654. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  655. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  656. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  657. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  658. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  659. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  660. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  661. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  662. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  663. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  664. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  665. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  666. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  667. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  668. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  669. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  670. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  671. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  672. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  673. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  674. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  675. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  676. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  677. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  678. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  679. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  680. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  681. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  682. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  683. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  684. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  685. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -150,57 +150,57 @@ BSSL_NAMESPACE_BEGIN
150
150
 
151
151
  static const unsigned kVersion = 1;
152
152
 
153
- static const unsigned kTimeTag =
153
+ static const CBS_ASN1_TAG kTimeTag =
154
154
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;
155
- static const unsigned kTimeoutTag =
155
+ static const CBS_ASN1_TAG kTimeoutTag =
156
156
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 2;
157
- static const unsigned kPeerTag =
157
+ static const CBS_ASN1_TAG kPeerTag =
158
158
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 3;
159
- static const unsigned kSessionIDContextTag =
159
+ static const CBS_ASN1_TAG kSessionIDContextTag =
160
160
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 4;
161
- static const unsigned kVerifyResultTag =
161
+ static const CBS_ASN1_TAG kVerifyResultTag =
162
162
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 5;
163
- static const unsigned kHostNameTag =
163
+ static const CBS_ASN1_TAG kHostNameTag =
164
164
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 6;
165
- static const unsigned kPSKIdentityTag =
165
+ static const CBS_ASN1_TAG kPSKIdentityTag =
166
166
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 8;
167
- static const unsigned kTicketLifetimeHintTag =
167
+ static const CBS_ASN1_TAG kTicketLifetimeHintTag =
168
168
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 9;
169
- static const unsigned kTicketTag =
169
+ static const CBS_ASN1_TAG kTicketTag =
170
170
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 10;
171
- static const unsigned kPeerSHA256Tag =
171
+ static const CBS_ASN1_TAG kPeerSHA256Tag =
172
172
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 13;
173
- static const unsigned kOriginalHandshakeHashTag =
173
+ static const CBS_ASN1_TAG kOriginalHandshakeHashTag =
174
174
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 14;
175
- static const unsigned kSignedCertTimestampListTag =
175
+ static const CBS_ASN1_TAG kSignedCertTimestampListTag =
176
176
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 15;
177
- static const unsigned kOCSPResponseTag =
177
+ static const CBS_ASN1_TAG kOCSPResponseTag =
178
178
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 16;
179
- static const unsigned kExtendedMasterSecretTag =
179
+ static const CBS_ASN1_TAG kExtendedMasterSecretTag =
180
180
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 17;
181
- static const unsigned kGroupIDTag =
181
+ static const CBS_ASN1_TAG kGroupIDTag =
182
182
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 18;
183
- static const unsigned kCertChainTag =
183
+ static const CBS_ASN1_TAG kCertChainTag =
184
184
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 19;
185
- static const unsigned kTicketAgeAddTag =
185
+ static const CBS_ASN1_TAG kTicketAgeAddTag =
186
186
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 21;
187
- static const unsigned kIsServerTag =
187
+ static const CBS_ASN1_TAG kIsServerTag =
188
188
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 22;
189
- static const unsigned kPeerSignatureAlgorithmTag =
189
+ static const CBS_ASN1_TAG kPeerSignatureAlgorithmTag =
190
190
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 23;
191
- static const unsigned kTicketMaxEarlyDataTag =
191
+ static const CBS_ASN1_TAG kTicketMaxEarlyDataTag =
192
192
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 24;
193
- static const unsigned kAuthTimeoutTag =
193
+ static const CBS_ASN1_TAG kAuthTimeoutTag =
194
194
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 25;
195
- static const unsigned kEarlyALPNTag =
195
+ static const CBS_ASN1_TAG kEarlyALPNTag =
196
196
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 26;
197
- static const unsigned kIsQuicTag =
197
+ static const CBS_ASN1_TAG kIsQuicTag =
198
198
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 27;
199
- static const unsigned kQuicEarlyDataContextTag =
199
+ static const CBS_ASN1_TAG kQuicEarlyDataContextTag =
200
200
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 28;
201
- static const unsigned kLocalALPSTag =
201
+ static const CBS_ASN1_TAG kLocalALPSTag =
202
202
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 29;
203
- static const unsigned kPeerALPSTag =
203
+ static const CBS_ASN1_TAG kPeerALPSTag =
204
204
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 30;
205
205
 
206
206
  static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
@@ -223,7 +223,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
223
223
  !CBB_add_asn1_uint64(&child, in->time) ||
224
224
  !CBB_add_asn1(&session, &child, kTimeoutTag) ||
225
225
  !CBB_add_asn1_uint64(&child, in->timeout)) {
226
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
227
226
  return 0;
228
227
  }
229
228
 
@@ -234,7 +233,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
234
233
  if (!CBB_add_asn1(&session, &child, kPeerTag) ||
235
234
  !CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
236
235
  CRYPTO_BUFFER_len(buffer))) {
237
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
238
236
  return 0;
239
237
  }
240
238
  }
@@ -243,14 +241,12 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
243
241
  // historically always encoded the sid_ctx.
244
242
  if (!CBB_add_asn1(&session, &child, kSessionIDContextTag) ||
245
243
  !CBB_add_asn1_octet_string(&child, in->sid_ctx, in->sid_ctx_length)) {
246
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
247
244
  return 0;
248
245
  }
249
246
 
250
247
  if (in->verify_result != X509_V_OK) {
251
248
  if (!CBB_add_asn1(&session, &child, kVerifyResultTag) ||
252
249
  !CBB_add_asn1_uint64(&child, in->verify_result)) {
253
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
254
250
  return 0;
255
251
  }
256
252
  }
@@ -260,7 +256,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
260
256
  !CBB_add_asn1_octet_string(&child,
261
257
  (const uint8_t *)in->psk_identity.get(),
262
258
  strlen(in->psk_identity.get()))) {
263
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
264
259
  return 0;
265
260
  }
266
261
  }
@@ -268,7 +263,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
268
263
  if (in->ticket_lifetime_hint > 0) {
269
264
  if (!CBB_add_asn1(&session, &child, kTicketLifetimeHintTag) ||
270
265
  !CBB_add_asn1_uint64(&child, in->ticket_lifetime_hint)) {
271
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
272
266
  return 0;
273
267
  }
274
268
  }
@@ -277,7 +271,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
277
271
  if (!CBB_add_asn1(&session, &child, kTicketTag) ||
278
272
  !CBB_add_asn1_octet_string(&child, in->ticket.data(),
279
273
  in->ticket.size())) {
280
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
281
274
  return 0;
282
275
  }
283
276
  }
@@ -286,7 +279,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
286
279
  if (!CBB_add_asn1(&session, &child, kPeerSHA256Tag) ||
287
280
  !CBB_add_asn1_octet_string(&child, in->peer_sha256,
288
281
  sizeof(in->peer_sha256))) {
289
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
290
282
  return 0;
291
283
  }
292
284
  }
@@ -295,7 +287,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
295
287
  if (!CBB_add_asn1(&session, &child, kOriginalHandshakeHashTag) ||
296
288
  !CBB_add_asn1_octet_string(&child, in->original_handshake_hash,
297
289
  in->original_handshake_hash_len)) {
298
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
299
290
  return 0;
300
291
  }
301
292
  }
@@ -305,7 +296,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
305
296
  !CBB_add_asn1_octet_string(
306
297
  &child, CRYPTO_BUFFER_data(in->signed_cert_timestamp_list.get()),
307
298
  CRYPTO_BUFFER_len(in->signed_cert_timestamp_list.get()))) {
308
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
309
299
  return 0;
310
300
  }
311
301
  }
@@ -315,7 +305,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
315
305
  !CBB_add_asn1_octet_string(
316
306
  &child, CRYPTO_BUFFER_data(in->ocsp_response.get()),
317
307
  CRYPTO_BUFFER_len(in->ocsp_response.get()))) {
318
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
319
308
  return 0;
320
309
  }
321
310
  }
@@ -323,7 +312,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
323
312
  if (in->extended_master_secret) {
324
313
  if (!CBB_add_asn1(&session, &child, kExtendedMasterSecretTag) ||
325
314
  !CBB_add_asn1_bool(&child, true)) {
326
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
327
315
  return 0;
328
316
  }
329
317
  }
@@ -331,7 +319,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
331
319
  if (in->group_id > 0 &&
332
320
  (!CBB_add_asn1(&session, &child, kGroupIDTag) ||
333
321
  !CBB_add_asn1_uint64(&child, in->group_id))) {
334
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
335
322
  return 0;
336
323
  }
337
324
 
@@ -341,14 +328,12 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
341
328
  !in->peer_sha256_valid &&
342
329
  sk_CRYPTO_BUFFER_num(in->certs.get()) >= 2) {
343
330
  if (!CBB_add_asn1(&session, &child, kCertChainTag)) {
344
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
345
331
  return 0;
346
332
  }
347
333
  for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(in->certs.get()); i++) {
348
334
  const CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(in->certs.get(), i);
349
335
  if (!CBB_add_bytes(&child, CRYPTO_BUFFER_data(buffer),
350
336
  CRYPTO_BUFFER_len(buffer))) {
351
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
352
337
  return 0;
353
338
  }
354
339
  }
@@ -358,7 +343,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
358
343
  if (!CBB_add_asn1(&session, &child, kTicketAgeAddTag) ||
359
344
  !CBB_add_asn1(&child, &child2, CBS_ASN1_OCTETSTRING) ||
360
345
  !CBB_add_u32(&child2, in->ticket_age_add)) {
361
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
362
346
  return 0;
363
347
  }
364
348
  }
@@ -366,7 +350,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
366
350
  if (!in->is_server) {
367
351
  if (!CBB_add_asn1(&session, &child, kIsServerTag) ||
368
352
  !CBB_add_asn1_bool(&child, false)) {
369
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
370
353
  return 0;
371
354
  }
372
355
  }
@@ -374,21 +357,18 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
374
357
  if (in->peer_signature_algorithm != 0 &&
375
358
  (!CBB_add_asn1(&session, &child, kPeerSignatureAlgorithmTag) ||
376
359
  !CBB_add_asn1_uint64(&child, in->peer_signature_algorithm))) {
377
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
378
360
  return 0;
379
361
  }
380
362
 
381
363
  if (in->ticket_max_early_data != 0 &&
382
364
  (!CBB_add_asn1(&session, &child, kTicketMaxEarlyDataTag) ||
383
365
  !CBB_add_asn1_uint64(&child, in->ticket_max_early_data))) {
384
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
385
366
  return 0;
386
367
  }
387
368
 
388
369
  if (in->timeout != in->auth_timeout &&
389
370
  (!CBB_add_asn1(&session, &child, kAuthTimeoutTag) ||
390
371
  !CBB_add_asn1_uint64(&child, in->auth_timeout))) {
391
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
392
372
  return 0;
393
373
  }
394
374
 
@@ -396,7 +376,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
396
376
  if (!CBB_add_asn1(&session, &child, kEarlyALPNTag) ||
397
377
  !CBB_add_asn1_octet_string(&child, in->early_alpn.data(),
398
378
  in->early_alpn.size())) {
399
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
400
379
  return 0;
401
380
  }
402
381
  }
@@ -404,7 +383,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
404
383
  if (in->is_quic) {
405
384
  if (!CBB_add_asn1(&session, &child, kIsQuicTag) ||
406
385
  !CBB_add_asn1_bool(&child, true)) {
407
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
408
386
  return 0;
409
387
  }
410
388
  }
@@ -413,7 +391,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
413
391
  if (!CBB_add_asn1(&session, &child, kQuicEarlyDataContextTag) ||
414
392
  !CBB_add_asn1_octet_string(&child, in->quic_early_data_context.data(),
415
393
  in->quic_early_data_context.size())) {
416
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
417
394
  return 0;
418
395
  }
419
396
  }
@@ -426,7 +403,6 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
426
403
  !CBB_add_asn1(&session, &child, kPeerALPSTag) ||
427
404
  !CBB_add_asn1_octet_string(&child, in->peer_application_settings.data(),
428
405
  in->peer_application_settings.size())) {
429
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
430
406
  return 0;
431
407
  }
432
408
  }
@@ -438,7 +414,8 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
438
414
  // tagged with |tag| from |cbs| and saves it in |*out|. If the element was not
439
415
  // found, it sets |*out| to NULL. It returns one on success, whether or not the
440
416
  // element was found, and zero on decode error.
441
- static int SSL_SESSION_parse_string(CBS *cbs, UniquePtr<char> *out, unsigned tag) {
417
+ static int SSL_SESSION_parse_string(CBS *cbs, UniquePtr<char> *out,
418
+ CBS_ASN1_TAG tag) {
442
419
  CBS value;
443
420
  int present;
444
421
  if (!CBS_get_optional_asn1_octet_string(cbs, &value, &present, tag)) {
@@ -452,7 +429,6 @@ static int SSL_SESSION_parse_string(CBS *cbs, UniquePtr<char> *out, unsigned tag
452
429
  }
453
430
  char *raw = nullptr;
454
431
  if (!CBS_strdup(&value, &raw)) {
455
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
456
432
  return 0;
457
433
  }
458
434
  out->reset(raw);
@@ -466,7 +442,7 @@ static int SSL_SESSION_parse_string(CBS *cbs, UniquePtr<char> *out, unsigned tag
466
442
  // tagged with |tag| from |cbs| and stows it in |*out|. It returns one on
467
443
  // success, whether or not the element was found, and zero on decode error.
468
444
  static bool SSL_SESSION_parse_octet_string(CBS *cbs, Array<uint8_t> *out,
469
- unsigned tag) {
445
+ CBS_ASN1_TAG tag) {
470
446
  CBS value;
471
447
  if (!CBS_get_optional_asn1_octet_string(cbs, &value, NULL, tag)) {
472
448
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
@@ -477,7 +453,7 @@ static bool SSL_SESSION_parse_octet_string(CBS *cbs, Array<uint8_t> *out,
477
453
 
478
454
  static int SSL_SESSION_parse_crypto_buffer(CBS *cbs,
479
455
  UniquePtr<CRYPTO_BUFFER> *out,
480
- unsigned tag,
456
+ CBS_ASN1_TAG tag,
481
457
  CRYPTO_BUFFER_POOL *pool) {
482
458
  if (!CBS_peek_asn1_tag(cbs, tag)) {
483
459
  return 1;
@@ -492,7 +468,6 @@ static int SSL_SESSION_parse_crypto_buffer(CBS *cbs,
492
468
  }
493
469
  out->reset(CRYPTO_BUFFER_new_from_CBS(&value, pool));
494
470
  if (*out == nullptr) {
495
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
496
471
  return 0;
497
472
  }
498
473
  return 1;
@@ -500,8 +475,10 @@ static int SSL_SESSION_parse_crypto_buffer(CBS *cbs,
500
475
 
501
476
  // SSL_SESSION_parse_bounded_octet_string parses an optional ASN.1 OCTET STRING
502
477
  // explicitly tagged with |tag| of size at most |max_out|.
503
- static int SSL_SESSION_parse_bounded_octet_string(
504
- CBS *cbs, uint8_t *out, uint8_t *out_len, uint8_t max_out, unsigned tag) {
478
+ static int SSL_SESSION_parse_bounded_octet_string(CBS *cbs, uint8_t *out,
479
+ uint8_t *out_len,
480
+ uint8_t max_out,
481
+ CBS_ASN1_TAG tag) {
505
482
  CBS value;
506
483
  if (!CBS_get_optional_asn1_octet_string(cbs, &value, NULL, tag) ||
507
484
  CBS_len(&value) > max_out) {
@@ -513,7 +490,7 @@ static int SSL_SESSION_parse_bounded_octet_string(
513
490
  return 1;
514
491
  }
515
492
 
516
- static int SSL_SESSION_parse_long(CBS *cbs, long *out, unsigned tag,
493
+ static int SSL_SESSION_parse_long(CBS *cbs, long *out, CBS_ASN1_TAG tag,
517
494
  long default_value) {
518
495
  uint64_t value;
519
496
  if (!CBS_get_optional_asn1_uint64(cbs, &value, tag,
@@ -526,7 +503,7 @@ static int SSL_SESSION_parse_long(CBS *cbs, long *out, unsigned tag,
526
503
  return 1;
527
504
  }
528
505
 
529
- static int SSL_SESSION_parse_u32(CBS *cbs, uint32_t *out, unsigned tag,
506
+ static int SSL_SESSION_parse_u32(CBS *cbs, uint32_t *out, CBS_ASN1_TAG tag,
530
507
  uint32_t default_value) {
531
508
  uint64_t value;
532
509
  if (!CBS_get_optional_asn1_uint64(cbs, &value, tag,
@@ -539,7 +516,7 @@ static int SSL_SESSION_parse_u32(CBS *cbs, uint32_t *out, unsigned tag,
539
516
  return 1;
540
517
  }
541
518
 
542
- static int SSL_SESSION_parse_u16(CBS *cbs, uint16_t *out, unsigned tag,
519
+ static int SSL_SESSION_parse_u16(CBS *cbs, uint16_t *out, CBS_ASN1_TAG tag,
543
520
  uint16_t default_value) {
544
521
  uint64_t value;
545
522
  if (!CBS_get_optional_asn1_uint64(cbs, &value, tag,
@@ -662,9 +639,9 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
662
639
  }
663
640
  OPENSSL_memcpy(ret->peer_sha256, CBS_data(&peer_sha256),
664
641
  sizeof(ret->peer_sha256));
665
- ret->peer_sha256_valid = 1;
642
+ ret->peer_sha256_valid = true;
666
643
  } else {
667
- ret->peer_sha256_valid = 0;
644
+ ret->peer_sha256_valid = false;
668
645
  }
669
646
 
670
647
  if (!SSL_SESSION_parse_bounded_octet_string(
@@ -709,7 +686,6 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
709
686
  if (has_peer || has_cert_chain) {
710
687
  ret->certs.reset(sk_CRYPTO_BUFFER_new_null());
711
688
  if (ret->certs == nullptr) {
712
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
713
689
  return nullptr;
714
690
  }
715
691
 
@@ -717,7 +693,6 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
717
693
  UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new_from_CBS(&peer, pool));
718
694
  if (!buffer ||
719
695
  !PushToStack(ret->certs.get(), std::move(buffer))) {
720
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
721
696
  return nullptr;
722
697
  }
723
698
  }
@@ -733,7 +708,6 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
733
708
  UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new_from_CBS(&cert, pool));
734
709
  if (buffer == nullptr ||
735
710
  !PushToStack(ret->certs.get(), std::move(buffer))) {
736
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
737
711
  return nullptr;
738
712
  }
739
713
  }
@@ -232,6 +232,7 @@ int ssl_handle_open_record(SSL *ssl, bool *out_retry, ssl_open_record_t ret,
232
232
  return 1;
233
233
 
234
234
  case ssl_open_record_close_notify:
235
+ ssl->s3->rwstate = SSL_ERROR_ZERO_RETURN;
235
236
  return 0;
236
237
 
237
238
  case ssl_open_record_error:
@@ -142,9 +142,9 @@ CERT::~CERT() {
142
142
  x509_method->cert_free(this);
143
143
  }
144
144
 
145
- static CRYPTO_BUFFER *buffer_up_ref(CRYPTO_BUFFER *buffer) {
146
- CRYPTO_BUFFER_up_ref(buffer);
147
- return buffer;
145
+ static CRYPTO_BUFFER *buffer_up_ref(const CRYPTO_BUFFER *buffer) {
146
+ CRYPTO_BUFFER_up_ref(const_cast<CRYPTO_BUFFER *>(buffer));
147
+ return const_cast<CRYPTO_BUFFER *>(buffer);
148
148
  }
149
149
 
150
150
  UniquePtr<CERT> ssl_cert_dup(CERT *cert) {
@@ -237,14 +237,14 @@ static enum leaf_cert_and_privkey_result_t check_leaf_cert_and_privkey(
237
237
  return leaf_cert_and_privkey_error;
238
238
  }
239
239
 
240
- if (!ssl_is_key_type_supported(pubkey->type)) {
240
+ if (!ssl_is_key_type_supported(EVP_PKEY_id(pubkey.get()))) {
241
241
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
242
242
  return leaf_cert_and_privkey_error;
243
243
  }
244
244
 
245
245
  // An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA
246
246
  // certificates, so sanity-check the key usage extension.
247
- if (pubkey->type == EVP_PKEY_EC &&
247
+ if (EVP_PKEY_id(pubkey.get()) == EVP_PKEY_EC &&
248
248
  !ssl_cert_check_key_usage(&cert_cbs, key_usage_digital_signature)) {
249
249
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
250
250
  return leaf_cert_and_privkey_error;
@@ -365,7 +365,6 @@ bool ssl_parse_cert_chain(uint8_t *out_alert,
365
365
  UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain(sk_CRYPTO_BUFFER_new_null());
366
366
  if (!chain) {
367
367
  *out_alert = SSL_AD_INTERNAL_ERROR;
368
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
369
368
  return false;
370
369
  }
371
370
 
@@ -397,7 +396,6 @@ bool ssl_parse_cert_chain(uint8_t *out_alert,
397
396
  if (!buf ||
398
397
  !PushToStack(chain.get(), std::move(buf))) {
399
398
  *out_alert = SSL_AD_INTERNAL_ERROR;
400
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
401
399
  return false;
402
400
  }
403
401
  }
@@ -623,7 +621,6 @@ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
623
621
  UniquePtr<STACK_OF(CRYPTO_BUFFER)> ret(sk_CRYPTO_BUFFER_new_null());
624
622
  if (!ret) {
625
623
  *out_alert = SSL_AD_INTERNAL_ERROR;
626
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
627
624
  return nullptr;
628
625
  }
629
626
 
@@ -647,7 +644,6 @@ UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
647
644
  if (!buffer ||
648
645
  !PushToStack(ret.get(), std::move(buffer))) {
649
646
  *out_alert = SSL_AD_INTERNAL_ERROR;
650
- OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
651
647
  return nullptr;
652
648
  }
653
649
  }
@@ -264,9 +264,9 @@ static constexpr SSL_CIPHER kCiphers[] = {
264
264
 
265
265
  // Cipher 1301
266
266
  {
267
- TLS1_TXT_AES_128_GCM_SHA256,
267
+ TLS1_3_RFC_AES_128_GCM_SHA256,
268
268
  "TLS_AES_128_GCM_SHA256",
269
- TLS1_CK_AES_128_GCM_SHA256,
269
+ TLS1_3_CK_AES_128_GCM_SHA256,
270
270
  SSL_kGENERIC,
271
271
  SSL_aGENERIC,
272
272
  SSL_AES128GCM,
@@ -276,9 +276,9 @@ static constexpr SSL_CIPHER kCiphers[] = {
276
276
 
277
277
  // Cipher 1302
278
278
  {
279
- TLS1_TXT_AES_256_GCM_SHA384,
279
+ TLS1_3_RFC_AES_256_GCM_SHA384,
280
280
  "TLS_AES_256_GCM_SHA384",
281
- TLS1_CK_AES_256_GCM_SHA384,
281
+ TLS1_3_CK_AES_256_GCM_SHA384,
282
282
  SSL_kGENERIC,
283
283
  SSL_aGENERIC,
284
284
  SSL_AES256GCM,
@@ -288,9 +288,9 @@ static constexpr SSL_CIPHER kCiphers[] = {
288
288
 
289
289
  // Cipher 1303
290
290
  {
291
- TLS1_TXT_CHACHA20_POLY1305_SHA256,
291
+ TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
292
292
  "TLS_CHACHA20_POLY1305_SHA256",
293
- TLS1_CK_CHACHA20_POLY1305_SHA256,
293
+ TLS1_3_CK_CHACHA20_POLY1305_SHA256,
294
294
  SSL_kGENERIC,
295
295
  SSL_aGENERIC,
296
296
  SSL_CHACHA20POLY1305,
@@ -1002,8 +1002,7 @@ static bool ssl_cipher_process_rulestr(const char *rule_str,
1002
1002
  rule = CIPHER_ADD;
1003
1003
  l++;
1004
1004
  continue;
1005
- } else if (!(ch >= 'a' && ch <= 'z') && !(ch >= 'A' && ch <= 'Z') &&
1006
- !(ch >= '0' && ch <= '9')) {
1005
+ } else if (!OPENSSL_isalnum(ch)) {
1007
1006
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_OPERATOR_IN_GROUP);
1008
1007
  return false;
1009
1008
  } else {
@@ -1056,8 +1055,7 @@ static bool ssl_cipher_process_rulestr(const char *rule_str,
1056
1055
  ch = *l;
1057
1056
  buf = l;
1058
1057
  buf_len = 0;
1059
- while ((ch >= 'A' && ch <= 'Z') || (ch >= '0' && ch <= '9') ||
1060
- (ch >= 'a' && ch <= 'z') || ch == '-' || ch == '.' || ch == '_') {
1058
+ while (OPENSSL_isalnum(ch) || ch == '-' || ch == '.' || ch == '_') {
1061
1059
  ch = *(++l);
1062
1060
  buf_len++;
1063
1061
  }
@@ -1327,34 +1325,33 @@ BSSL_NAMESPACE_END
1327
1325
 
1328
1326
  using namespace bssl;
1329
1327
 
1330
- static constexpr int ssl_cipher_id_cmp_inner(const SSL_CIPHER *a,
1331
- const SSL_CIPHER *b) {
1332
- // C++11's constexpr functions must have a body consisting of just a
1333
- // return-statement.
1334
- return (a->id > b->id) ? 1 : ((a->id < b->id) ? -1 : 0);
1335
- }
1336
-
1337
- static int ssl_cipher_id_cmp(const void *in_a, const void *in_b) {
1338
- return ssl_cipher_id_cmp_inner(reinterpret_cast<const SSL_CIPHER *>(in_a),
1339
- reinterpret_cast<const SSL_CIPHER *>(in_b));
1328
+ static constexpr int ssl_cipher_id_cmp(const SSL_CIPHER *a,
1329
+ const SSL_CIPHER *b) {
1330
+ if (a->id > b->id) {
1331
+ return 1;
1332
+ }
1333
+ if (a->id < b->id) {
1334
+ return -1;
1335
+ }
1336
+ return 0;
1340
1337
  }
1341
1338
 
1342
- template <typename T, size_t N>
1343
- static constexpr size_t countof(T const (&)[N]) {
1344
- return N;
1339
+ static int ssl_cipher_id_cmp_void(const void *in_a, const void *in_b) {
1340
+ return ssl_cipher_id_cmp(reinterpret_cast<const SSL_CIPHER *>(in_a),
1341
+ reinterpret_cast<const SSL_CIPHER *>(in_b));
1345
1342
  }
1346
1343
 
1347
- template <typename T, size_t I>
1348
- static constexpr int check_order(const T (&arr)[I], size_t N) {
1349
- // C++11's constexpr functions must have a body consisting of just a
1350
- // return-statement.
1351
- return N > 1 ? ((ssl_cipher_id_cmp_inner(&arr[N - 2], &arr[N - 1]) < 0)
1352
- ? check_order(arr, N - 1)
1353
- : 0)
1354
- : 1;
1344
+ template <size_t N>
1345
+ static constexpr bool ssl_ciphers_sorted(const SSL_CIPHER (&ciphers)[N]) {
1346
+ for (size_t i = 1; i < N; i++) {
1347
+ if (ssl_cipher_id_cmp(&ciphers[i - 1], &ciphers[i]) >= 0) {
1348
+ return false;
1349
+ }
1350
+ }
1351
+ return true;
1355
1352
  }
1356
1353
 
1357
- static_assert(check_order(kCiphers, countof(kCiphers)) == 1,
1354
+ static_assert(ssl_ciphers_sorted(kCiphers),
1358
1355
  "Ciphers are not sorted, bsearch won't work");
1359
1356
 
1360
1357
  const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
@@ -1363,7 +1360,7 @@ const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
1363
1360
  c.id = 0x03000000L | value;
1364
1361
  return reinterpret_cast<const SSL_CIPHER *>(bsearch(
1365
1362
  &c, kCiphers, OPENSSL_ARRAY_SIZE(kCiphers), sizeof(SSL_CIPHER),
1366
- ssl_cipher_id_cmp));
1363
+ ssl_cipher_id_cmp_void));
1367
1364
  }
1368
1365
 
1369
1366
  uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *cipher) { return cipher->id; }