grpc 1.53.0 → 1.56.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +218 -143
- data/include/grpc/event_engine/event_engine.h +34 -17
- data/include/grpc/grpc_audit_logging.h +96 -0
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/impl/grpc_types.h +13 -2
- data/include/grpc/module.modulemap +2 -0
- data/include/grpc/support/json.h +218 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +17 -1
- data/src/core/ext/filters/client_channel/backend_metric.cc +10 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +4 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +911 -898
- data/src/core/ext/filters/client_channel/client_channel.h +145 -177
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +20 -19
- data/src/core/ext/filters/client_channel/client_channel_internal.h +77 -0
- data/src/core/ext/filters/client_channel/client_channel_service_config.cc +2 -2
- data/src/core/ext/filters/client_channel/config_selector.h +13 -39
- data/src/core/ext/filters/client_channel/http_proxy.cc +35 -2
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +9 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +24 -24
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +455 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +54 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +186 -0
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +2 -7
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +56 -24
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +23 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +19 -6
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +3 -11
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +150 -158
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +18 -1
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +54 -66
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +20 -14
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.cc +76 -6
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +83 -53
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +17 -15
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +54 -49
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +12 -13
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +18 -23
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +48 -51
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +12 -17
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +16 -22
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +46 -153
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.h +30 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +35 -33
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_plugin.cc +60 -0
- data/src/core/ext/filters/client_channel/resolver/dns/{dns_resolver_selection.h → dns_resolver_plugin.h} +10 -12
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +549 -0
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.h +35 -0
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/service_config_helper.cc +97 -0
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/service_config_helper.h +32 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +19 -36
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.h +24 -0
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +61 -207
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +160 -68
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +16 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +117 -156
- data/src/core/ext/filters/client_channel/retry_service_config.cc +9 -8
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +10 -40
- data/src/core/ext/filters/client_channel/subchannel.cc +12 -200
- data/src/core/ext/filters/client_channel/subchannel.h +3 -43
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +30 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +168 -75
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -8
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +10 -9
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +16 -1
- data/src/core/ext/gcp/metadata_query.cc +137 -0
- data/src/core/ext/gcp/metadata_query.h +87 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +5 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +226 -82
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +21 -0
- data/src/core/ext/transport/chttp2/transport/context_list_entry.h +70 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +51 -97
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +1 -7
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +0 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +118 -222
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +296 -113
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +466 -273
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +7 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +15 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +9 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +21 -21
- data/src/core/ext/transport/chttp2/transport/parsing.cc +9 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +24 -8
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.c +87 -52
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.h +414 -181
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.c +121 -60
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.h +481 -224
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +90 -55
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +415 -188
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.c +357 -210
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.h +1572 -729
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.c +30 -17
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.h +144 -47
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.c +34 -21
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.h +160 -62
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.c +27 -14
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.h +78 -38
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.c +20 -11
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.h +48 -26
- data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.c +20 -11
- data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.h +48 -26
- data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.c +109 -62
- data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.h +566 -244
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +22 -19
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +82 -29
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +23 -16
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +230 -143
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +733 -404
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +417 -262
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1850 -888
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -41
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +286 -148
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +531 -334
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +2017 -1131
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +89 -52
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +347 -232
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.c +264 -165
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.h +888 -476
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +139 -80
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +527 -274
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +22 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +50 -36
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +380 -221
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1168 -611
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +166 -94
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +666 -292
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +37 -26
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.c +30 -17
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.h +144 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +274 -167
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +789 -440
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +228 -137
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +1100 -501
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +22 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +60 -37
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +350 -209
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +1083 -635
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +44 -11
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +175 -18
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +34 -19
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +118 -56
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +38 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +148 -64
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +31 -18
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +143 -65
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +22 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +51 -37
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +78 -43
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +265 -127
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +145 -88
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +438 -241
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +115 -62
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +559 -227
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +35 -26
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +187 -109
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +956 -421
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +172 -95
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +864 -374
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +49 -25
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +171 -100
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +39 -18
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +74 -56
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +28 -15
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +71 -45
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +131 -74
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +489 -249
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +135 -80
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +505 -245
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +256 -129
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +996 -397
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +80 -49
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +616 -201
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +1283 -774
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +5430 -2509
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +49 -28
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +164 -84
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.c +228 -141
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.h +738 -399
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.c +20 -11
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.h +48 -26
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +32 -19
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +70 -49
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.c +27 -14
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.h +110 -43
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.c +46 -25
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.h +259 -100
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +21 -13
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.h +45 -30
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.h +35 -26
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.c +42 -23
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.h +108 -70
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.h +21 -16
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.c +43 -24
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.h +110 -75
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.c +30 -17
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.h +95 -50
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +16 -9
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +73 -23
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +60 -37
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +150 -108
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +74 -43
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +357 -167
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.c +44 -25
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +114 -80
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -20
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +245 -82
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.c +32 -19
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +73 -51
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +474 -292
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +2144 -1055
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +35 -26
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +34 -19
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +125 -67
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/common/v3/common.upb.c +72 -45
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +193 -138
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +34 -19
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +131 -66
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +35 -26
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +15 -10
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +184 -96
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +907 -360
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +56 -33
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +150 -101
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +188 -111
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +816 -419
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.c +32 -19
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +109 -53
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +10 -7
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +18 -14
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +300 -177
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +1284 -522
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +42 -23
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +188 -75
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +130 -83
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +510 -238
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.c +22 -13
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.h +55 -34
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +39 -26
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +124 -68
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/filter_state.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/filter_state.upb.h +47 -30
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +60 -26
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +130 -51
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +37 -20
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +133 -63
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +22 -13
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +91 -40
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +21 -12
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +50 -32
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +18 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +37 -26
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +46 -27
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +101 -70
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/status_code_input.upb.c +13 -10
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/status_code_input.upb.h +25 -22
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +40 -23
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +161 -75
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +31 -18
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +114 -56
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +46 -29
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +139 -91
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +65 -42
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +200 -121
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +80 -45
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +208 -131
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.c +34 -21
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.h +74 -53
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +13 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.c +16 -9
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.h +28 -18
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +28 -15
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +55 -34
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +43 -22
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +91 -53
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.c +35 -20
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.h +92 -57
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.h +13 -8
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +20 -11
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +48 -26
- data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.c +23 -14
- data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.h +61 -41
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +14 -11
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +30 -20
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +255 -154
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +934 -450
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +299 -180
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +946 -483
- data/src/core/ext/upb-generated/google/api/http.upb.c +68 -35
- data/src/core/ext/upb-generated/google/api/http.upb.h +284 -120
- data/src/core/ext/upb-generated/google/api/httpbody.upb.c +22 -13
- data/src/core/ext/upb-generated/google/api/httpbody.upb.h +95 -37
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +19 -10
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +38 -22
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +1018 -424
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +3851 -1412
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +19 -10
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +38 -22
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +10 -7
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +18 -14
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +62 -39
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +207 -102
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +19 -10
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +38 -22
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +90 -51
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +157 -107
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +22 -13
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +95 -37
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.c +59 -34
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.h +154 -92
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +43 -24
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +118 -60
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +250 -145
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +919 -415
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +34 -19
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +76 -51
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +25 -14
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +45 -30
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +144 -81
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +405 -217
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +51 -26
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +153 -61
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.c +173 -102
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.h +855 -298
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +68 -49
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +155 -104
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +26 -17
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +55 -34
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +12 -9
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +31 -14
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +26 -17
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +55 -34
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +23 -16
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +45 -30
- data/src/core/ext/upb-generated/validate/validate.upb.c +845 -455
- data/src/core/ext/upb-generated/validate/validate.upb.h +4347 -1908
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.c +68 -49
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.h +155 -104
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.c +26 -17
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.h +55 -34
- data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.c +12 -9
- data/src/core/ext/upb-generated/xds/annotations/v3/sensitive.upb.h +31 -14
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +65 -44
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +137 -91
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.c +23 -16
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.h +45 -30
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +16 -9
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +28 -18
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.c +21 -12
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.h +45 -30
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +37 -22
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +96 -63
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +26 -17
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +52 -29
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.c +21 -12
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.h +45 -30
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +23 -14
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +62 -42
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +44 -25
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +169 -79
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +27 -14
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +65 -38
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +86 -31
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +218 -58
- data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.c +21 -12
- data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.h +89 -34
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.c +18 -11
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.h +35 -26
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.c +32 -19
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.h +150 -54
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.c +10 -7
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.h +18 -14
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.c +34 -21
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.h +161 -63
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.c +162 -101
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.h +501 -293
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.c +85 -52
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.h +430 -164
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.c +24 -15
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.h +53 -37
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.c +40 -23
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.h +161 -75
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.c +37 -22
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.h +92 -66
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.c +43 -22
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.h +91 -53
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +21 -12
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +45 -30
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/certs.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/init_dump.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/memory.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/metrics.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/mutex_stats.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/server_info.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/tap.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +251 -248
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/common/matcher/v3/matcher.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +13 -12
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +11 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_method_list.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +140 -137
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +32 -16
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +11 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +13 -10
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +21 -5
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +55 -46
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +142 -120
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +16 -5
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +101 -98
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/dynamic_ot.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/lightstep.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opencensus.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +16 -19
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/service.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/skywalking.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/xray.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +126 -115
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +138 -136
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +118 -118
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +6 -6
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +6 -6
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +12 -13
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/cookie.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/filter_state.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/filter_state.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +13 -10
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +11 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/status_code_input.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/status_code_input.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/hash_policy.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http_status.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/envoy/type/v3/token_bucket.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/checked.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/api/expr/v1alpha1/syntax.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/api/httpbody.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +329 -273
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +11 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/opencensus/proto/trace/v1/trace_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/migrate.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/security.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/sensitive.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/versioning.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/extension.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/regex.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/string.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.h +6 -5
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +1 -1
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +6 -5
- data/src/core/ext/xds/certificate_provider_store.cc +8 -13
- data/src/core/ext/xds/certificate_provider_store.h +1 -1
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +30 -42
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +14 -9
- data/src/core/ext/xds/upb_utils.h +1 -1
- data/src/core/ext/xds/xds_api.cc +41 -18
- data/src/core/ext/xds/xds_api.h +5 -4
- data/src/core/ext/xds/xds_audit_logger_registry.cc +122 -0
- data/src/core/ext/xds/xds_audit_logger_registry.h +68 -0
- data/src/core/ext/xds/xds_bootstrap.cc +3 -3
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +35 -23
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client.cc +29 -7
- data/src/core/ext/xds/xds_client.h +1 -1
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_cluster.cc +44 -51
- data/src/core/ext/xds/xds_cluster.h +1 -2
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +15 -11
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +2 -2
- data/src/core/ext/xds/xds_common_types.cc +8 -5
- data/src/core/ext/xds/xds_endpoint.cc +10 -4
- data/src/core/ext/xds/xds_endpoint.h +10 -2
- data/src/core/ext/xds/xds_http_fault_filter.cc +18 -15
- data/src/core/ext/xds/xds_http_fault_filter.h +3 -2
- data/src/core/ext/xds/xds_http_filters.h +7 -4
- data/src/core/ext/xds/xds_http_rbac_filter.cc +159 -74
- data/src/core/ext/xds/xds_http_rbac_filter.h +3 -2
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +17 -13
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +3 -2
- data/src/core/ext/xds/xds_lb_policy_registry.cc +36 -35
- data/src/core/ext/xds/xds_listener.cc +11 -4
- data/src/core/ext/xds/xds_listener.h +1 -1
- data/src/core/ext/xds/xds_resource_type.h +2 -2
- data/src/core/ext/xds/xds_route_config.cc +48 -8
- data/src/core/ext/xds/xds_route_config.h +1 -1
- data/src/core/ext/xds/xds_routing.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +4 -2
- data/src/core/lib/avl/avl.h +5 -0
- data/src/core/lib/backoff/random_early_detection.cc +31 -0
- data/src/core/lib/backoff/random_early_detection.h +59 -0
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/channel_args.cc +80 -22
- data/src/core/lib/channel/channel_args.h +34 -1
- data/src/core/lib/channel/channel_trace.cc +16 -12
- data/src/core/lib/channel/channelz.cc +163 -135
- data/src/core/lib/channel/channelz.h +42 -35
- data/src/core/lib/channel/channelz_registry.cc +24 -20
- data/src/core/lib/channel/connected_channel.cc +542 -1043
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +100 -46
- data/src/core/lib/channel/promise_based_filter.h +29 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/compression/compression_internal.cc +2 -5
- data/src/core/lib/config/config_vars.cc +153 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +79 -0
- data/src/core/lib/config/load_config.h +55 -0
- data/src/core/lib/debug/event_log.h +1 -1
- data/src/core/lib/debug/stats_data.h +1 -1
- data/src/core/lib/debug/trace.cc +38 -61
- data/src/core/lib/debug/trace.h +14 -9
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +211 -0
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +86 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +354 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +146 -0
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +79 -0
- data/src/core/lib/event_engine/default_event_engine.cc +13 -1
- data/src/core/lib/event_engine/default_event_engine_factory.cc +14 -2
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/poller.h +2 -2
- data/src/core/lib/event_engine/posix.h +4 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +1 -1
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -18
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +17 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +47 -50
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +9 -6
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +7 -8
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +33 -19
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +3 -3
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -1
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/shim.cc +9 -1
- data/src/core/lib/event_engine/{thread_pool.cc → thread_pool/original_thread_pool.cc} +28 -25
- data/src/core/lib/event_engine/{thread_pool.h → thread_pool/original_thread_pool.h} +11 -15
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +50 -0
- data/src/core/lib/event_engine/{executor/executor.h → thread_pool/thread_pool_factory.cc} +17 -15
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +489 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +249 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +166 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +108 -0
- data/src/core/lib/event_engine/trace.cc +1 -0
- data/src/core/lib/event_engine/trace.h +6 -0
- data/src/core/lib/event_engine/windows/iocp.cc +4 -3
- data/src/core/lib/event_engine/windows/iocp.h +3 -3
- data/src/core/lib/event_engine/windows/win_socket.cc +6 -7
- data/src/core/lib/event_engine/windows/win_socket.h +4 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +135 -87
- data/src/core/lib/event_engine/windows/windows_endpoint.h +23 -6
- data/src/core/lib/event_engine/windows/windows_engine.cc +55 -32
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -7
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +156 -0
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +63 -0
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +71 -0
- data/src/core/lib/event_engine/work_queue/work_queue.h +62 -0
- data/src/core/lib/experiments/config.cc +41 -17
- data/src/core/lib/experiments/config.h +16 -0
- data/src/core/lib/experiments/experiments.cc +74 -17
- data/src/core/lib/experiments/experiments.h +35 -18
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gpr/log_internal.h +55 -0
- data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +5 -0
- data/src/core/lib/gprpp/crash.cc +10 -0
- data/src/core/lib/gprpp/crash.h +3 -0
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.cc +33 -0
- data/src/core/lib/gprpp/per_cpu.h +33 -4
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/status_helper.cc +2 -2
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +2 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/validation_errors.cc +8 -3
- data/src/core/lib/gprpp/validation_errors.h +16 -9
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/buffer_list.h +0 -1
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +14 -10
- data/src/core/lib/iomgr/endpoint_pair.h +2 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -2
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +12 -12
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +10 -3
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +118 -77
- data/src/core/lib/iomgr/iocp_windows.cc +24 -3
- data/src/core/lib/iomgr/iocp_windows.h +11 -0
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +1 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +20 -5
- data/src/core/lib/iomgr/socket_utils_posix.cc +3 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/socket_windows.cc +61 -7
- data/src/core/lib/iomgr/socket_windows.h +9 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -3
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -0
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +150 -120
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/iomgr/timer_generic.cc +17 -16
- data/src/core/lib/json/json.h +2 -218
- data/src/core/lib/json/json_object_loader.cc +24 -25
- data/src/core/lib/json/json_object_loader.h +30 -18
- data/src/core/lib/json/json_reader.cc +69 -42
- data/src/core/{ext/filters/client_channel/lb_call_state_internal.h → lib/json/json_reader.h} +7 -12
- data/src/core/lib/json/json_util.cc +10 -15
- data/src/core/lib/json/json_util.h +5 -4
- data/src/core/lib/json/json_writer.cc +24 -25
- data/src/core/lib/{security/security_connector/ssl_utils_config.h → json/json_writer.h} +14 -10
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +17 -2
- data/src/core/lib/load_balancing/lb_policy_registry.cc +9 -8
- data/src/core/lib/matchers/matchers.cc +3 -4
- data/src/core/lib/matchers/matchers.h +2 -1
- data/src/core/lib/promise/activity.cc +27 -6
- data/src/core/lib/promise/activity.h +71 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +5 -1
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +304 -0
- data/src/core/lib/promise/party.h +508 -0
- data/src/core/lib/promise/pipe.h +213 -59
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/prioritized_race.h +95 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/promise/sleep.cc +2 -1
- data/src/core/lib/resolver/server_address.cc +0 -8
- data/src/core/lib/resolver/server_address.h +0 -6
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +8 -8
- data/src/core/lib/resource_quota/memory_quota.h +1 -2
- data/src/core/lib/security/authorization/audit_logging.cc +98 -0
- data/src/core/lib/security/authorization/audit_logging.h +73 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +47 -2
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +18 -1
- data/src/core/lib/security/authorization/rbac_policy.cc +36 -4
- data/src/core/lib/security/authorization/rbac_policy.h +19 -2
- data/src/core/lib/security/authorization/stdout_logger.cc +75 -0
- data/src/core/lib/security/authorization/stdout_logger.h +61 -0
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +8 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +8 -18
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +14 -8
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +66 -84
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +64 -64
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +23 -21
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +29 -27
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +5 -61
- data/src/core/lib/security/credentials/jwt/json_token.cc +19 -16
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +10 -5
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +40 -38
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +28 -21
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -5
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/security/util/json_util.cc +6 -5
- data/src/core/lib/service_config/service_config_call_data.h +49 -20
- data/src/core/lib/service_config/service_config_impl.cc +13 -6
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/slice/slice.h +2 -0
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +1011 -1049
- data/src/core/lib/surface/call.h +11 -5
- data/src/core/lib/surface/completion_queue.cc +8 -3
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/server.cc +47 -19
- data/src/core/lib/surface/validate_metadata.cc +43 -42
- data/src/core/lib/surface/validate_metadata.h +9 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +182 -0
- data/src/core/lib/transport/batch_builder.h +480 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +9 -6
- data/src/core/lib/transport/metadata_batch.h +124 -31
- data/src/core/lib/transport/metadata_compression_traits.h +67 -0
- data/src/core/lib/transport/parsed_metadata.h +19 -9
- data/src/core/lib/transport/simple_slice_based_metadata.h +48 -0
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +73 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -8
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/ext/grpc/extconf.rb +8 -9
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +177 -196
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +135 -90
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +797 -793
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +529 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +17 -11
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +37 -51
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +13 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +40 -27
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +34 -37
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +22 -11
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +189 -13
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-ppc64le.c → cpu_arm_openbsd.c} +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +22 -31
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +795 -795
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +43 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +229 -102
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +31 -7
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +36 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +24 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +49 -49
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +92 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +12 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +108 -86
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +55 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +55 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +72 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +62 -51
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +12 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +44 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/{hkdf → fipsmodule/hkdf}/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +170 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +69 -61
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +2 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +27 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +22 -68
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +43 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +42 -314
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +244 -139
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +144 -205
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +593 -421
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +52 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +192 -18
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +391 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +91 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +204 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +833 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +633 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_lock.c → refcount_no_threads.c} +6 -17
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/{asn1/a_print.c → rsa_extra/internal.h} +15 -21
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +568 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +128 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +418 -133
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +116 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +701 -87
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +63 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +285 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +68 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +132 -151
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +790 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +220 -254
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +136 -270
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +528 -616
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +164 -181
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +186 -203
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1864 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +380 -480
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +266 -265
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +329 -416
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +79 -171
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +294 -344
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +342 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +120 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +228 -265
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +130 -135
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +652 -691
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +90 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1063 -1145
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +217 -191
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +50 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +29 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +25 -33
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +69 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/kyber.h +128 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +7 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +8 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -18
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +98 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +18 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +285 -92
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +381 -287
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +9 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +57 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2075 -1407
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +241 -212
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +45 -26
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +64 -35
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +53 -34
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +200 -121
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +47 -12
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +47 -69
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +217 -226
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +78 -101
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +106 -142
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +244 -35
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +167 -64
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +41 -32
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +27 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +7 -44
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +7 -23
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +25 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_msvc.h +1281 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64_msvc.h +2002 -0
- data/third_party/cares/cares/include/ares.h +23 -1
- data/third_party/cares/cares/{src/lib → include}/ares_nameser.h +9 -7
- data/third_party/cares/cares/include/ares_rules.h +2 -2
- data/third_party/cares/cares/include/ares_version.h +3 -3
- data/third_party/cares/cares/src/lib/ares__addrinfo2hostent.c +266 -0
- data/third_party/cares/cares/src/lib/ares__addrinfo_localhost.c +240 -0
- data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +49 -80
- data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +37 -43
- data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +12 -4
- data/third_party/cares/cares/src/lib/ares_data.c +16 -0
- data/third_party/cares/cares/src/lib/ares_data.h +7 -0
- data/third_party/cares/cares/src/lib/ares_destroy.c +8 -0
- data/third_party/cares/cares/src/lib/ares_expand_name.c +17 -6
- data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +1 -0
- data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +156 -78
- data/third_party/cares/cares/src/lib/ares_gethostbyname.c +130 -326
- data/third_party/cares/cares/src/lib/ares_init.c +97 -485
- data/third_party/cares/cares/src/lib/ares_library_init.c +2 -89
- data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +23 -142
- data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +22 -142
- data/third_party/cares/cares/src/lib/ares_parse_uri_reply.c +184 -0
- data/third_party/cares/cares/src/lib/ares_private.h +30 -16
- data/third_party/cares/cares/src/lib/ares_process.c +55 -16
- data/third_party/cares/cares/src/lib/ares_query.c +1 -35
- data/third_party/cares/cares/src/lib/ares_rand.c +279 -0
- data/third_party/cares/cares/src/lib/ares_send.c +5 -7
- data/third_party/cares/cares/src/lib/ares_strdup.c +12 -19
- data/third_party/cares/cares/src/lib/ares_strsplit.c +44 -128
- data/third_party/cares/cares/src/lib/ares_strsplit.h +9 -10
- data/third_party/cares/cares/src/lib/inet_net_pton.c +78 -116
- data/third_party/cares/cares/src/tools/ares_getopt.h +53 -0
- data/third_party/upb/upb/{table_internal.h → alloc.h} +6 -6
- data/third_party/upb/upb/arena.h +4 -193
- data/third_party/upb/upb/array.h +4 -51
- data/third_party/upb/upb/base/descriptor_constants.h +104 -0
- data/third_party/upb/upb/base/log2.h +57 -0
- data/third_party/upb/upb/{status.c → base/status.c} +2 -7
- data/third_party/upb/upb/base/status.h +66 -0
- data/third_party/upb/upb/base/string_view.h +75 -0
- data/third_party/upb/upb/{array.c → collections/array.c} +67 -36
- data/third_party/upb/upb/collections/array.h +85 -0
- data/third_party/upb/upb/collections/array_internal.h +135 -0
- data/third_party/upb/upb/{map.c → collections/map.c} +53 -26
- data/third_party/upb/upb/collections/map.h +135 -0
- data/third_party/upb/upb/collections/map_gencode_util.h +78 -0
- data/third_party/upb/upb/collections/map_internal.h +170 -0
- data/third_party/upb/upb/collections/map_sorter.c +166 -0
- data/third_party/upb/upb/collections/map_sorter_internal.h +109 -0
- data/third_party/upb/upb/{message_value.h → collections/message_value.h} +12 -13
- data/third_party/upb/upb/decode.h +3 -62
- data/third_party/upb/upb/def.h +4 -384
- data/third_party/upb/upb/def.hpp +3 -411
- data/third_party/upb/upb/encode.h +3 -48
- data/third_party/upb/upb/extension_registry.h +3 -52
- data/third_party/upb/upb/{table.c → hash/common.c} +52 -110
- data/third_party/upb/upb/hash/common.h +199 -0
- data/third_party/upb/upb/hash/int_table.h +102 -0
- data/third_party/upb/upb/hash/str_table.h +161 -0
- data/third_party/upb/upb/{json_decode.c → json/decode.c} +63 -98
- data/third_party/upb/upb/json/decode.h +52 -0
- data/third_party/upb/upb/{json_encode.c → json/encode.c} +69 -45
- data/third_party/upb/upb/json/encode.h +70 -0
- data/third_party/upb/upb/json_decode.h +4 -15
- data/third_party/upb/upb/json_encode.h +4 -33
- data/third_party/upb/upb/lex/atoi.c +68 -0
- data/third_party/upb/upb/lex/atoi.h +53 -0
- data/third_party/upb/upb/{upb.c → lex/round_trip.c} +2 -11
- data/third_party/upb/upb/{internal/upb.h → lex/round_trip.h} +17 -30
- data/third_party/upb/upb/lex/strtod.c +97 -0
- data/third_party/upb/upb/lex/strtod.h +46 -0
- data/third_party/upb/upb/lex/unicode.c +57 -0
- data/third_party/upb/upb/lex/unicode.h +77 -0
- data/third_party/upb/upb/map.h +4 -85
- data/third_party/upb/upb/mem/alloc.c +47 -0
- data/third_party/upb/upb/mem/alloc.h +98 -0
- data/third_party/upb/upb/mem/arena.c +367 -0
- data/third_party/upb/upb/mem/arena.h +160 -0
- data/third_party/upb/upb/mem/arena_internal.h +114 -0
- data/third_party/upb/upb/message/accessors.c +68 -0
- data/third_party/upb/upb/message/accessors.h +379 -0
- data/third_party/upb/upb/message/accessors_internal.h +325 -0
- data/third_party/upb/upb/message/extension_internal.h +83 -0
- data/third_party/upb/upb/message/internal.h +135 -0
- data/third_party/upb/upb/message/message.c +180 -0
- data/third_party/upb/upb/message/message.h +69 -0
- data/third_party/upb/upb/mini_table/common.c +128 -0
- data/third_party/upb/upb/mini_table/common.h +170 -0
- data/third_party/upb/upb/mini_table/common_internal.h +111 -0
- data/third_party/upb/upb/{mini_table.c → mini_table/decode.c} +513 -533
- data/third_party/upb/upb/mini_table/decode.h +179 -0
- data/third_party/upb/upb/mini_table/encode.c +300 -0
- data/third_party/upb/upb/mini_table/encode_internal.h +111 -0
- data/third_party/upb/upb/{mini_table.hpp → mini_table/encode_internal.hpp} +32 -8
- data/third_party/upb/upb/mini_table/enum_internal.h +88 -0
- data/third_party/upb/upb/mini_table/extension_internal.h +47 -0
- data/third_party/upb/upb/{extension_registry.c → mini_table/extension_registry.c} +27 -24
- data/third_party/upb/upb/mini_table/extension_registry.h +104 -0
- data/third_party/upb/upb/mini_table/field_internal.h +192 -0
- data/third_party/upb/upb/mini_table/file_internal.h +47 -0
- data/third_party/upb/upb/mini_table/message_internal.h +136 -0
- data/third_party/upb/upb/mini_table/sub_internal.h +38 -0
- data/third_party/upb/upb/mini_table/types.h +40 -0
- data/third_party/upb/upb/mini_table.h +4 -157
- data/third_party/upb/upb/msg.h +3 -38
- data/third_party/upb/upb/port/atomic.h +101 -0
- data/third_party/upb/upb/{port_def.inc → port/def.inc} +94 -27
- data/third_party/upb/upb/{port_undef.inc → port/undef.inc} +13 -3
- data/third_party/upb/upb/{internal → port}/vsnprintf_compat.h +5 -7
- data/third_party/upb/upb/reflection/common.h +67 -0
- data/third_party/upb/upb/reflection/def.h +42 -0
- data/third_party/upb/upb/reflection/def.hpp +610 -0
- data/third_party/upb/upb/reflection/def_builder.c +357 -0
- data/third_party/upb/upb/reflection/def_builder_internal.h +157 -0
- data/third_party/upb/upb/reflection/def_pool.c +462 -0
- data/third_party/upb/upb/reflection/def_pool.h +108 -0
- data/third_party/upb/upb/reflection/def_pool_internal.h +77 -0
- data/third_party/upb/upb/reflection/def_type.c +50 -0
- data/third_party/upb/upb/reflection/def_type.h +81 -0
- data/third_party/upb/upb/reflection/desc_state.c +53 -0
- data/third_party/upb/upb/reflection/desc_state_internal.h +64 -0
- data/third_party/upb/upb/reflection/enum_def.c +310 -0
- data/third_party/upb/upb/reflection/enum_def.h +80 -0
- data/third_party/upb/upb/reflection/enum_def_internal.h +56 -0
- data/third_party/upb/upb/reflection/enum_reserved_range.c +84 -0
- data/third_party/upb/upb/reflection/enum_reserved_range.h +51 -0
- data/third_party/upb/upb/reflection/enum_reserved_range_internal.h +55 -0
- data/third_party/upb/upb/reflection/enum_value_def.c +144 -0
- data/third_party/upb/upb/reflection/enum_value_def.h +57 -0
- data/third_party/upb/upb/reflection/enum_value_def_internal.h +57 -0
- data/third_party/upb/upb/reflection/extension_range.c +93 -0
- data/third_party/upb/upb/reflection/extension_range.h +55 -0
- data/third_party/upb/upb/reflection/extension_range_internal.h +54 -0
- data/third_party/upb/upb/reflection/field_def.c +930 -0
- data/third_party/upb/upb/reflection/field_def.h +91 -0
- data/third_party/upb/upb/reflection/field_def_internal.h +76 -0
- data/third_party/upb/upb/reflection/file_def.c +370 -0
- data/third_party/upb/upb/reflection/file_def.h +77 -0
- data/third_party/upb/upb/reflection/file_def_internal.h +57 -0
- data/third_party/upb/upb/reflection/message.c +233 -0
- data/third_party/upb/upb/reflection/message.h +102 -0
- data/third_party/upb/upb/reflection/message.hpp +37 -0
- data/third_party/upb/upb/reflection/message_def.c +718 -0
- data/third_party/upb/upb/reflection/message_def.h +174 -0
- data/third_party/upb/upb/reflection/message_def_internal.h +63 -0
- data/third_party/upb/upb/reflection/message_reserved_range.c +81 -0
- data/third_party/upb/upb/reflection/message_reserved_range.h +51 -0
- data/third_party/upb/upb/reflection/message_reserved_range_internal.h +55 -0
- data/third_party/upb/upb/reflection/method_def.c +124 -0
- data/third_party/upb/upb/reflection/method_def.h +59 -0
- data/third_party/upb/upb/reflection/method_def_internal.h +53 -0
- data/third_party/upb/upb/reflection/oneof_def.c +226 -0
- data/third_party/upb/upb/reflection/oneof_def.h +66 -0
- data/third_party/upb/upb/reflection/oneof_def_internal.h +57 -0
- data/third_party/upb/upb/reflection/service_def.c +128 -0
- data/third_party/upb/upb/reflection/service_def.h +60 -0
- data/third_party/upb/upb/reflection/service_def_internal.h +53 -0
- data/third_party/upb/upb/reflection.h +4 -78
- data/third_party/upb/upb/reflection.hpp +3 -7
- data/third_party/upb/upb/status.h +4 -34
- data/third_party/upb/upb/{collections.h → string_view.h} +7 -7
- data/third_party/upb/upb/{text_encode.c → text/encode.c} +74 -70
- data/third_party/upb/upb/text/encode.h +69 -0
- data/third_party/upb/upb/text_encode.h +4 -32
- data/third_party/upb/upb/upb.h +6 -151
- data/third_party/upb/upb/upb.hpp +10 -18
- data/third_party/upb/upb/wire/common.h +44 -0
- data/third_party/upb/upb/wire/common_internal.h +50 -0
- data/third_party/upb/upb/wire/decode.c +1343 -0
- data/third_party/upb/upb/wire/decode.h +108 -0
- data/third_party/upb/upb/{decode_fast.c → wire/decode_fast.c} +184 -225
- data/third_party/upb/upb/{decode_fast.h → wire/decode_fast.h} +21 -7
- data/third_party/upb/upb/{internal/decode.h → wire/decode_internal.h} +44 -92
- data/third_party/upb/upb/{encode.c → wire/encode.c} +114 -95
- data/third_party/upb/upb/wire/encode.h +92 -0
- data/third_party/upb/upb/wire/eps_copy_input_stream.c +39 -0
- data/third_party/upb/upb/wire/eps_copy_input_stream.h +425 -0
- data/third_party/upb/upb/wire/reader.c +67 -0
- data/third_party/upb/upb/wire/reader.h +227 -0
- data/third_party/upb/upb/wire/swap_internal.h +63 -0
- data/third_party/upb/upb/wire/types.h +41 -0
- data/third_party/{upb/third_party/utf8_range → utf8_range}/range2-neon.c +1 -1
- data/third_party/{upb/third_party/utf8_range → utf8_range}/utf8_range.h +12 -0
- metadata +302 -116
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +0 -175
- data/src/core/ext/filters/client_channel/health/health_check_client.h +0 -43
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/transport/chttp2/transport/context_list.cc +0 -71
- data/src/core/ext/transport/chttp2/transport/context_list.h +0 -54
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- data/third_party/cares/cares/src/lib/ares_library_init.h +0 -43
- data/third_party/upb/upb/arena.c +0 -277
- data/third_party/upb/upb/decode.c +0 -1221
- data/third_party/upb/upb/def.c +0 -3269
- data/third_party/upb/upb/internal/table.h +0 -385
- data/third_party/upb/upb/msg.c +0 -368
- data/third_party/upb/upb/msg_internal.h +0 -837
- data/third_party/upb/upb/reflection.c +0 -323
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
- /data/third_party/{upb/third_party/utf8_range → utf8_range}/naive.c +0 -0
- /data/third_party/{upb/third_party/utf8_range → utf8_range}/range2-sse.c +0 -0
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
/* v3_utl.c */
|
|
2
1
|
/*
|
|
3
2
|
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
4
3
|
* project.
|
|
@@ -63,6 +62,7 @@
|
|
|
63
62
|
#include <string.h>
|
|
64
63
|
|
|
65
64
|
#include <openssl/bn.h>
|
|
65
|
+
#include <openssl/bytestring.h>
|
|
66
66
|
#include <openssl/conf.h>
|
|
67
67
|
#include <openssl/err.h>
|
|
68
68
|
#include <openssl/mem.h>
|
|
@@ -75,1363 +75,1281 @@
|
|
|
75
75
|
|
|
76
76
|
|
|
77
77
|
static char *strip_spaces(char *name);
|
|
78
|
-
static int sk_strcmp(const
|
|
79
|
-
static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
|
|
80
|
-
GENERAL_NAMES *gens);
|
|
78
|
+
static int sk_strcmp(const char *const *a, const char *const *b);
|
|
79
|
+
static STACK_OF(OPENSSL_STRING) *get_email(const X509_NAME *name,
|
|
80
|
+
const GENERAL_NAMES *gens);
|
|
81
81
|
static void str_free(OPENSSL_STRING str);
|
|
82
|
-
static int append_ia5(STACK_OF(OPENSSL_STRING) **sk,
|
|
82
|
+
static int append_ia5(STACK_OF(OPENSSL_STRING) **sk,
|
|
83
|
+
const ASN1_IA5STRING *email);
|
|
83
84
|
|
|
84
85
|
static int ipv4_from_asc(unsigned char v4[4], const char *in);
|
|
85
86
|
static int ipv6_from_asc(unsigned char v6[16], const char *in);
|
|
86
|
-
static int ipv6_cb(const char *elem,
|
|
87
|
-
static int ipv6_hex(unsigned char *out, const char *in,
|
|
87
|
+
static int ipv6_cb(const char *elem, size_t len, void *usr);
|
|
88
|
+
static int ipv6_hex(unsigned char *out, const char *in, size_t inlen);
|
|
88
89
|
|
|
89
|
-
|
|
90
|
+
// Add a CONF_VALUE name value pair to stack
|
|
90
91
|
|
|
91
92
|
static int x509V3_add_len_value(const char *name, const char *value,
|
|
92
93
|
size_t value_len, int omit_value,
|
|
93
|
-
STACK_OF(CONF_VALUE) **extlist)
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
}
|
|
106
|
-
tvalue = OPENSSL_strndup(value, value_len);
|
|
107
|
-
if (tvalue == NULL) {
|
|
108
|
-
goto malloc_err;
|
|
109
|
-
}
|
|
94
|
+
STACK_OF(CONF_VALUE) **extlist) {
|
|
95
|
+
CONF_VALUE *vtmp = NULL;
|
|
96
|
+
char *tname = NULL, *tvalue = NULL;
|
|
97
|
+
int extlist_was_null = *extlist == NULL;
|
|
98
|
+
if (name && !(tname = OPENSSL_strdup(name))) {
|
|
99
|
+
goto err;
|
|
100
|
+
}
|
|
101
|
+
if (!omit_value) {
|
|
102
|
+
// |CONF_VALUE| cannot represent strings with NULs.
|
|
103
|
+
if (OPENSSL_memchr(value, 0, value_len)) {
|
|
104
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_VALUE);
|
|
105
|
+
goto err;
|
|
110
106
|
}
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
goto malloc_err;
|
|
115
|
-
vtmp->section = NULL;
|
|
116
|
-
vtmp->name = tname;
|
|
117
|
-
vtmp->value = tvalue;
|
|
118
|
-
if (!sk_CONF_VALUE_push(*extlist, vtmp))
|
|
119
|
-
goto malloc_err;
|
|
120
|
-
return 1;
|
|
121
|
-
malloc_err:
|
|
122
|
-
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
|
123
|
-
err:
|
|
124
|
-
if (extlist_was_null) {
|
|
125
|
-
sk_CONF_VALUE_free(*extlist);
|
|
126
|
-
*extlist = NULL;
|
|
107
|
+
tvalue = OPENSSL_strndup(value, value_len);
|
|
108
|
+
if (tvalue == NULL) {
|
|
109
|
+
goto err;
|
|
127
110
|
}
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
111
|
+
}
|
|
112
|
+
if (!(vtmp = CONF_VALUE_new())) {
|
|
113
|
+
goto err;
|
|
114
|
+
}
|
|
115
|
+
if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) {
|
|
116
|
+
goto err;
|
|
117
|
+
}
|
|
118
|
+
vtmp->section = NULL;
|
|
119
|
+
vtmp->name = tname;
|
|
120
|
+
vtmp->value = tvalue;
|
|
121
|
+
if (!sk_CONF_VALUE_push(*extlist, vtmp)) {
|
|
122
|
+
goto err;
|
|
123
|
+
}
|
|
124
|
+
return 1;
|
|
125
|
+
err:
|
|
126
|
+
if (extlist_was_null) {
|
|
127
|
+
sk_CONF_VALUE_free(*extlist);
|
|
128
|
+
*extlist = NULL;
|
|
129
|
+
}
|
|
130
|
+
OPENSSL_free(vtmp);
|
|
131
|
+
OPENSSL_free(tname);
|
|
132
|
+
OPENSSL_free(tvalue);
|
|
133
|
+
return 0;
|
|
132
134
|
}
|
|
133
135
|
|
|
134
136
|
int X509V3_add_value(const char *name, const char *value,
|
|
135
|
-
STACK_OF(CONF_VALUE) **extlist)
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
/*omit_value=*/value == NULL, extlist);
|
|
139
|
-
}
|
|
140
|
-
|
|
141
|
-
int X509V3_add_value_uchar(const char *name, const unsigned char *value,
|
|
142
|
-
STACK_OF(CONF_VALUE) **extlist)
|
|
143
|
-
{
|
|
144
|
-
return X509V3_add_value(name, (const char *)value, extlist);
|
|
137
|
+
STACK_OF(CONF_VALUE) **extlist) {
|
|
138
|
+
return x509V3_add_len_value(name, value, value != NULL ? strlen(value) : 0,
|
|
139
|
+
/*omit_value=*/value == NULL, extlist);
|
|
145
140
|
}
|
|
146
141
|
|
|
147
142
|
int x509V3_add_value_asn1_string(const char *name, const ASN1_STRING *value,
|
|
148
|
-
STACK_OF(CONF_VALUE) **extlist)
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
/*omit_value=*/0, extlist);
|
|
143
|
+
STACK_OF(CONF_VALUE) **extlist) {
|
|
144
|
+
return x509V3_add_len_value(name, (const char *)value->data, value->length,
|
|
145
|
+
/*omit_value=*/0, extlist);
|
|
152
146
|
}
|
|
153
147
|
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
void X509V3_conf_free(CONF_VALUE *conf)
|
|
157
|
-
{
|
|
158
|
-
if (!conf)
|
|
159
|
-
return;
|
|
160
|
-
if (conf->name)
|
|
161
|
-
OPENSSL_free(conf->name);
|
|
162
|
-
if (conf->value)
|
|
163
|
-
OPENSSL_free(conf->value);
|
|
164
|
-
if (conf->section)
|
|
165
|
-
OPENSSL_free(conf->section);
|
|
166
|
-
OPENSSL_free(conf);
|
|
167
|
-
}
|
|
148
|
+
// Free function for STACK_OF(CONF_VALUE)
|
|
168
149
|
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
150
|
+
void X509V3_conf_free(CONF_VALUE *conf) {
|
|
151
|
+
if (!conf) {
|
|
152
|
+
return;
|
|
153
|
+
}
|
|
154
|
+
OPENSSL_free(conf->name);
|
|
155
|
+
OPENSSL_free(conf->value);
|
|
156
|
+
OPENSSL_free(conf->section);
|
|
157
|
+
OPENSSL_free(conf);
|
|
175
158
|
}
|
|
176
159
|
|
|
177
|
-
int
|
|
178
|
-
|
|
179
|
-
{
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
160
|
+
int X509V3_add_value_bool(const char *name, int asn1_bool,
|
|
161
|
+
STACK_OF(CONF_VALUE) **extlist) {
|
|
162
|
+
if (asn1_bool) {
|
|
163
|
+
return X509V3_add_value(name, "TRUE", extlist);
|
|
164
|
+
}
|
|
165
|
+
return X509V3_add_value(name, "FALSE", extlist);
|
|
183
166
|
}
|
|
184
167
|
|
|
185
|
-
static char *bignum_to_string(const BIGNUM *bn)
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
size_t len;
|
|
189
|
-
|
|
190
|
-
/*
|
|
191
|
-
* Display large numbers in hex and small numbers in decimal. Converting to
|
|
192
|
-
* decimal takes quadratic time and is no more useful than hex for large
|
|
193
|
-
* numbers.
|
|
194
|
-
*/
|
|
195
|
-
if (BN_num_bits(bn) < 32) {
|
|
196
|
-
return BN_bn2dec(bn);
|
|
197
|
-
}
|
|
168
|
+
static char *bignum_to_string(const BIGNUM *bn) {
|
|
169
|
+
char *tmp, *ret;
|
|
170
|
+
size_t len;
|
|
198
171
|
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
172
|
+
// Display large numbers in hex and small numbers in decimal. Converting to
|
|
173
|
+
// decimal takes quadratic time and is no more useful than hex for large
|
|
174
|
+
// numbers.
|
|
175
|
+
if (BN_num_bits(bn) < 32) {
|
|
176
|
+
return BN_bn2dec(bn);
|
|
177
|
+
}
|
|
203
178
|
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
OPENSSL_free(tmp);
|
|
209
|
-
return NULL;
|
|
210
|
-
}
|
|
179
|
+
tmp = BN_bn2hex(bn);
|
|
180
|
+
if (tmp == NULL) {
|
|
181
|
+
return NULL;
|
|
182
|
+
}
|
|
211
183
|
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
OPENSSL_strlcat(ret, tmp + 1, len);
|
|
216
|
-
} else {
|
|
217
|
-
OPENSSL_strlcpy(ret, "0x", len);
|
|
218
|
-
OPENSSL_strlcat(ret, tmp, len);
|
|
219
|
-
}
|
|
184
|
+
len = strlen(tmp) + 3;
|
|
185
|
+
ret = OPENSSL_malloc(len);
|
|
186
|
+
if (ret == NULL) {
|
|
220
187
|
OPENSSL_free(tmp);
|
|
221
|
-
return
|
|
188
|
+
return NULL;
|
|
189
|
+
}
|
|
190
|
+
|
|
191
|
+
// Prepend "0x", but place it after the "-" if negative.
|
|
192
|
+
if (tmp[0] == '-') {
|
|
193
|
+
OPENSSL_strlcpy(ret, "-0x", len);
|
|
194
|
+
OPENSSL_strlcat(ret, tmp + 1, len);
|
|
195
|
+
} else {
|
|
196
|
+
OPENSSL_strlcpy(ret, "0x", len);
|
|
197
|
+
OPENSSL_strlcat(ret, tmp, len);
|
|
198
|
+
}
|
|
199
|
+
OPENSSL_free(tmp);
|
|
200
|
+
return ret;
|
|
222
201
|
}
|
|
223
202
|
|
|
224
|
-
char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method,
|
|
225
|
-
{
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
203
|
+
char *i2s_ASN1_ENUMERATED(const X509V3_EXT_METHOD *method,
|
|
204
|
+
const ASN1_ENUMERATED *a) {
|
|
205
|
+
BIGNUM *bntmp = NULL;
|
|
206
|
+
char *strtmp = NULL;
|
|
207
|
+
if (!a) {
|
|
208
|
+
return NULL;
|
|
209
|
+
}
|
|
210
|
+
if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
|
|
211
|
+
!(strtmp = bignum_to_string(bntmp))) {
|
|
212
|
+
}
|
|
213
|
+
BN_free(bntmp);
|
|
214
|
+
return strtmp;
|
|
235
215
|
}
|
|
236
216
|
|
|
237
|
-
char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a)
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
217
|
+
char *i2s_ASN1_INTEGER(const X509V3_EXT_METHOD *method, const ASN1_INTEGER *a) {
|
|
218
|
+
BIGNUM *bntmp = NULL;
|
|
219
|
+
char *strtmp = NULL;
|
|
220
|
+
if (!a) {
|
|
221
|
+
return NULL;
|
|
222
|
+
}
|
|
223
|
+
if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
|
|
224
|
+
!(strtmp = bignum_to_string(bntmp))) {
|
|
225
|
+
}
|
|
226
|
+
BN_free(bntmp);
|
|
227
|
+
return strtmp;
|
|
248
228
|
}
|
|
249
229
|
|
|
250
|
-
ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method,
|
|
251
|
-
{
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
230
|
+
ASN1_INTEGER *s2i_ASN1_INTEGER(const X509V3_EXT_METHOD *method,
|
|
231
|
+
const char *value) {
|
|
232
|
+
BIGNUM *bn = NULL;
|
|
233
|
+
ASN1_INTEGER *aint;
|
|
234
|
+
int isneg, ishex;
|
|
235
|
+
int ret;
|
|
236
|
+
if (!value) {
|
|
237
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
|
|
238
|
+
return 0;
|
|
239
|
+
}
|
|
240
|
+
bn = BN_new();
|
|
241
|
+
if (value[0] == '-') {
|
|
242
|
+
value++;
|
|
243
|
+
isneg = 1;
|
|
244
|
+
} else {
|
|
245
|
+
isneg = 0;
|
|
246
|
+
}
|
|
247
|
+
|
|
248
|
+
if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
|
|
249
|
+
value += 2;
|
|
250
|
+
ishex = 1;
|
|
251
|
+
} else {
|
|
252
|
+
ishex = 0;
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
if (ishex) {
|
|
256
|
+
ret = BN_hex2bn(&bn, value);
|
|
257
|
+
} else {
|
|
258
|
+
// Decoding from decimal scales quadratically in the input length. Bound the
|
|
259
|
+
// largest decimal input we accept in the config parser. 8,192 decimal
|
|
260
|
+
// digits allows values up to 27,213 bits. Ths exceeds the largest RSA, DSA,
|
|
261
|
+
// or DH modulus we support, and those are not usefully represented in
|
|
262
|
+
// decimal.
|
|
263
|
+
if (strlen(value) > 8192) {
|
|
264
|
+
BN_free(bn);
|
|
265
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER);
|
|
266
|
+
return 0;
|
|
282
267
|
}
|
|
268
|
+
ret = BN_dec2bn(&bn, value);
|
|
269
|
+
}
|
|
283
270
|
|
|
284
|
-
|
|
285
|
-
isneg = 0;
|
|
286
|
-
|
|
287
|
-
aint = BN_to_ASN1_INTEGER(bn, NULL);
|
|
271
|
+
if (!ret || value[ret]) {
|
|
288
272
|
BN_free(bn);
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
}
|
|
293
|
-
if (isneg)
|
|
294
|
-
aint->type |= V_ASN1_NEG;
|
|
295
|
-
return aint;
|
|
296
|
-
}
|
|
273
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR);
|
|
274
|
+
return 0;
|
|
275
|
+
}
|
|
297
276
|
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
277
|
+
if (isneg && BN_is_zero(bn)) {
|
|
278
|
+
isneg = 0;
|
|
279
|
+
}
|
|
280
|
+
|
|
281
|
+
aint = BN_to_ASN1_INTEGER(bn, NULL);
|
|
282
|
+
BN_free(bn);
|
|
283
|
+
if (!aint) {
|
|
284
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
|
|
285
|
+
return 0;
|
|
286
|
+
}
|
|
287
|
+
if (isneg) {
|
|
288
|
+
aint->type |= V_ASN1_NEG;
|
|
289
|
+
}
|
|
290
|
+
return aint;
|
|
310
291
|
}
|
|
311
292
|
|
|
312
|
-
int
|
|
313
|
-
{
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
*asn1_bool = 0xff;
|
|
321
|
-
return 1;
|
|
322
|
-
} else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
|
|
323
|
-
|| !strcmp(btmp, "N") || !strcmp(btmp, "n")
|
|
324
|
-
|| !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
|
|
325
|
-
*asn1_bool = 0;
|
|
326
|
-
return 1;
|
|
327
|
-
}
|
|
328
|
-
err:
|
|
329
|
-
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING);
|
|
330
|
-
X509V3_conf_err(value);
|
|
293
|
+
int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,
|
|
294
|
+
STACK_OF(CONF_VALUE) **extlist) {
|
|
295
|
+
char *strtmp;
|
|
296
|
+
int ret;
|
|
297
|
+
if (!aint) {
|
|
298
|
+
return 1;
|
|
299
|
+
}
|
|
300
|
+
if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) {
|
|
331
301
|
return 0;
|
|
302
|
+
}
|
|
303
|
+
ret = X509V3_add_value(name, strtmp, extlist);
|
|
304
|
+
OPENSSL_free(strtmp);
|
|
305
|
+
return ret;
|
|
332
306
|
}
|
|
333
307
|
|
|
334
|
-
int
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
308
|
+
int X509V3_bool_from_string(const char *str, ASN1_BOOLEAN *out_bool) {
|
|
309
|
+
if (!strcmp(str, "TRUE") || !strcmp(str, "true") || !strcmp(str, "Y") ||
|
|
310
|
+
!strcmp(str, "y") || !strcmp(str, "YES") || !strcmp(str, "yes")) {
|
|
311
|
+
*out_bool = ASN1_BOOLEAN_TRUE;
|
|
312
|
+
return 1;
|
|
313
|
+
}
|
|
314
|
+
if (!strcmp(str, "FALSE") || !strcmp(str, "false") || !strcmp(str, "N") ||
|
|
315
|
+
!strcmp(str, "n") || !strcmp(str, "NO") || !strcmp(str, "no")) {
|
|
316
|
+
*out_bool = ASN1_BOOLEAN_FALSE;
|
|
342
317
|
return 1;
|
|
318
|
+
}
|
|
319
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING);
|
|
320
|
+
return 0;
|
|
343
321
|
}
|
|
344
322
|
|
|
345
|
-
|
|
346
|
-
|
|
323
|
+
int X509V3_get_value_bool(const CONF_VALUE *value, ASN1_BOOLEAN *out_bool) {
|
|
324
|
+
const char *btmp = value->value;
|
|
325
|
+
if (btmp == NULL) {
|
|
326
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING);
|
|
327
|
+
goto err;
|
|
328
|
+
}
|
|
329
|
+
if (!X509V3_bool_from_string(btmp, out_bool)) {
|
|
330
|
+
goto err;
|
|
331
|
+
}
|
|
332
|
+
return 1;
|
|
347
333
|
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
334
|
+
err:
|
|
335
|
+
X509V3_conf_err(value);
|
|
336
|
+
return 0;
|
|
337
|
+
}
|
|
351
338
|
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
384
|
-
|
|
385
|
-
|
|
339
|
+
int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint) {
|
|
340
|
+
ASN1_INTEGER *itmp;
|
|
341
|
+
if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
|
|
342
|
+
X509V3_conf_err(value);
|
|
343
|
+
return 0;
|
|
344
|
+
}
|
|
345
|
+
ASN1_INTEGER_free(*aint);
|
|
346
|
+
*aint = itmp;
|
|
347
|
+
return 1;
|
|
348
|
+
}
|
|
349
|
+
|
|
350
|
+
#define HDR_NAME 1
|
|
351
|
+
#define HDR_VALUE 2
|
|
352
|
+
|
|
353
|
+
// #define DEBUG
|
|
354
|
+
|
|
355
|
+
STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) {
|
|
356
|
+
char *p, *q, c;
|
|
357
|
+
char *ntmp, *vtmp;
|
|
358
|
+
STACK_OF(CONF_VALUE) *values = NULL;
|
|
359
|
+
char *linebuf;
|
|
360
|
+
int state;
|
|
361
|
+
// We are going to modify the line so copy it first
|
|
362
|
+
linebuf = OPENSSL_strdup(line);
|
|
363
|
+
if (linebuf == NULL) {
|
|
364
|
+
goto err;
|
|
365
|
+
}
|
|
366
|
+
state = HDR_NAME;
|
|
367
|
+
ntmp = NULL;
|
|
368
|
+
// Go through all characters
|
|
369
|
+
for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n'); p++) {
|
|
370
|
+
switch (state) {
|
|
371
|
+
case HDR_NAME:
|
|
372
|
+
if (c == ':') {
|
|
373
|
+
state = HDR_VALUE;
|
|
374
|
+
*p = 0;
|
|
375
|
+
ntmp = strip_spaces(q);
|
|
376
|
+
if (!ntmp) {
|
|
377
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
|
|
378
|
+
goto err;
|
|
379
|
+
}
|
|
380
|
+
q = p + 1;
|
|
381
|
+
} else if (c == ',') {
|
|
382
|
+
*p = 0;
|
|
383
|
+
ntmp = strip_spaces(q);
|
|
384
|
+
q = p + 1;
|
|
386
385
|
#if 0
|
|
387
386
|
printf("%s\n", ntmp);
|
|
388
387
|
#endif
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
388
|
+
if (!ntmp) {
|
|
389
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
|
|
390
|
+
goto err;
|
|
391
|
+
}
|
|
392
|
+
X509V3_add_value(ntmp, NULL, &values);
|
|
393
|
+
}
|
|
394
|
+
break;
|
|
395
|
+
|
|
396
|
+
case HDR_VALUE:
|
|
397
|
+
if (c == ',') {
|
|
398
|
+
state = HDR_NAME;
|
|
399
|
+
*p = 0;
|
|
400
|
+
vtmp = strip_spaces(q);
|
|
402
401
|
#if 0
|
|
403
402
|
printf("%s\n", ntmp);
|
|
404
403
|
#endif
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
}
|
|
413
|
-
|
|
404
|
+
if (!vtmp) {
|
|
405
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
|
|
406
|
+
goto err;
|
|
407
|
+
}
|
|
408
|
+
X509V3_add_value(ntmp, vtmp, &values);
|
|
409
|
+
ntmp = NULL;
|
|
410
|
+
q = p + 1;
|
|
414
411
|
}
|
|
415
412
|
}
|
|
413
|
+
}
|
|
416
414
|
|
|
417
|
-
|
|
418
|
-
|
|
415
|
+
if (state == HDR_VALUE) {
|
|
416
|
+
vtmp = strip_spaces(q);
|
|
419
417
|
#if 0
|
|
420
418
|
printf("%s=%s\n", ntmp, vtmp);
|
|
421
419
|
#endif
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
420
|
+
if (!vtmp) {
|
|
421
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE);
|
|
422
|
+
goto err;
|
|
423
|
+
}
|
|
424
|
+
X509V3_add_value(ntmp, vtmp, &values);
|
|
425
|
+
} else {
|
|
426
|
+
ntmp = strip_spaces(q);
|
|
429
427
|
#if 0
|
|
430
428
|
printf("%s\n", ntmp);
|
|
431
429
|
#endif
|
|
432
|
-
|
|
433
|
-
|
|
434
|
-
|
|
435
|
-
}
|
|
436
|
-
X509V3_add_value(ntmp, NULL, &values);
|
|
430
|
+
if (!ntmp) {
|
|
431
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME);
|
|
432
|
+
goto err;
|
|
437
433
|
}
|
|
438
|
-
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
OPENSSL_free(linebuf);
|
|
443
|
-
sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
|
|
444
|
-
return NULL;
|
|
434
|
+
X509V3_add_value(ntmp, NULL, &values);
|
|
435
|
+
}
|
|
436
|
+
OPENSSL_free(linebuf);
|
|
437
|
+
return values;
|
|
445
438
|
|
|
439
|
+
err:
|
|
440
|
+
OPENSSL_free(linebuf);
|
|
441
|
+
sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
|
|
442
|
+
return NULL;
|
|
446
443
|
}
|
|
447
444
|
|
|
448
|
-
|
|
449
|
-
static char *strip_spaces(char *name)
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
461
|
-
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
445
|
+
// Delete leading and trailing spaces from a string
|
|
446
|
+
static char *strip_spaces(char *name) {
|
|
447
|
+
char *p, *q;
|
|
448
|
+
// Skip over leading spaces
|
|
449
|
+
p = name;
|
|
450
|
+
while (*p && OPENSSL_isspace((unsigned char)*p)) {
|
|
451
|
+
p++;
|
|
452
|
+
}
|
|
453
|
+
if (!*p) {
|
|
454
|
+
return NULL;
|
|
455
|
+
}
|
|
456
|
+
q = p + strlen(p) - 1;
|
|
457
|
+
while ((q != p) && OPENSSL_isspace((unsigned char)*q)) {
|
|
458
|
+
q--;
|
|
459
|
+
}
|
|
460
|
+
if (p != q) {
|
|
461
|
+
q[1] = 0;
|
|
462
|
+
}
|
|
463
|
+
if (!*p) {
|
|
464
|
+
return NULL;
|
|
465
|
+
}
|
|
466
|
+
return p;
|
|
466
467
|
}
|
|
467
468
|
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
static const char hexdig[] = "0123456789ABCDEF";
|
|
482
|
-
if (!buffer || !len)
|
|
483
|
-
return NULL;
|
|
484
|
-
if (!(tmp = OPENSSL_malloc(len * 3 + 1))) {
|
|
485
|
-
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
|
486
|
-
return NULL;
|
|
487
|
-
}
|
|
488
|
-
q = tmp;
|
|
489
|
-
for (i = 0, p = buffer; i < len; i++, p++) {
|
|
490
|
-
*q++ = hexdig[(*p >> 4) & 0xf];
|
|
491
|
-
*q++ = hexdig[*p & 0xf];
|
|
492
|
-
*q++ = ':';
|
|
469
|
+
// hex string utilities
|
|
470
|
+
|
|
471
|
+
char *x509v3_bytes_to_hex(const uint8_t *in, size_t len) {
|
|
472
|
+
CBB cbb;
|
|
473
|
+
if (!CBB_init(&cbb, len * 3 + 1)) {
|
|
474
|
+
goto err;
|
|
475
|
+
}
|
|
476
|
+
for (size_t i = 0; i < len; i++) {
|
|
477
|
+
static const char hex[] = "0123456789ABCDEF";
|
|
478
|
+
if ((i > 0 && !CBB_add_u8(&cbb, ':')) ||
|
|
479
|
+
!CBB_add_u8(&cbb, hex[in[i] >> 4]) ||
|
|
480
|
+
!CBB_add_u8(&cbb, hex[in[i] & 0xf])) {
|
|
481
|
+
goto err;
|
|
493
482
|
}
|
|
494
|
-
|
|
483
|
+
}
|
|
484
|
+
uint8_t *ret;
|
|
485
|
+
size_t unused_len;
|
|
486
|
+
if (!CBB_add_u8(&cbb, 0) || !CBB_finish(&cbb, &ret, &unused_len)) {
|
|
487
|
+
goto err;
|
|
488
|
+
}
|
|
495
489
|
|
|
496
|
-
|
|
490
|
+
return (char *)ret;
|
|
491
|
+
|
|
492
|
+
err:
|
|
493
|
+
CBB_cleanup(&cbb);
|
|
494
|
+
return NULL;
|
|
497
495
|
}
|
|
498
496
|
|
|
499
|
-
unsigned char *x509v3_hex_to_bytes(const char *str,
|
|
500
|
-
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
497
|
+
unsigned char *x509v3_hex_to_bytes(const char *str, size_t *len) {
|
|
498
|
+
unsigned char *hexbuf, *q;
|
|
499
|
+
unsigned char ch, cl, *p;
|
|
500
|
+
uint8_t high, low;
|
|
501
|
+
if (!str) {
|
|
502
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT);
|
|
503
|
+
return NULL;
|
|
504
|
+
}
|
|
505
|
+
if (!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) {
|
|
506
|
+
goto err;
|
|
507
|
+
}
|
|
508
|
+
for (p = (unsigned char *)str, q = hexbuf; *p;) {
|
|
509
|
+
ch = *p++;
|
|
510
|
+
if (ch == ':') {
|
|
511
|
+
continue;
|
|
506
512
|
}
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
continue;
|
|
513
|
-
cl = *p++;
|
|
514
|
-
if (!cl) {
|
|
515
|
-
OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS);
|
|
516
|
-
OPENSSL_free(hexbuf);
|
|
517
|
-
return NULL;
|
|
518
|
-
}
|
|
519
|
-
|
|
520
|
-
if ((ch >= '0') && (ch <= '9'))
|
|
521
|
-
ch -= '0';
|
|
522
|
-
else if ((ch >= 'a') && (ch <= 'f'))
|
|
523
|
-
ch -= 'a' - 10;
|
|
524
|
-
else if ((ch >= 'A') && (ch <= 'F'))
|
|
525
|
-
ch -= 'A' - 10;
|
|
526
|
-
else
|
|
527
|
-
goto badhex;
|
|
528
|
-
|
|
529
|
-
if ((cl >= '0') && (cl <= '9'))
|
|
530
|
-
cl -= '0';
|
|
531
|
-
else if ((cl >= 'a') && (cl <= 'f'))
|
|
532
|
-
cl -= 'a' - 10;
|
|
533
|
-
else if ((cl >= 'A') && (cl <= 'F'))
|
|
534
|
-
cl -= 'A' - 10;
|
|
535
|
-
else
|
|
536
|
-
goto badhex;
|
|
537
|
-
|
|
538
|
-
*q++ = (ch << 4) | cl;
|
|
513
|
+
cl = *p++;
|
|
514
|
+
if (!cl) {
|
|
515
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS);
|
|
516
|
+
OPENSSL_free(hexbuf);
|
|
517
|
+
return NULL;
|
|
539
518
|
}
|
|
519
|
+
if (!OPENSSL_fromxdigit(&high, ch)) {
|
|
520
|
+
goto badhex;
|
|
521
|
+
}
|
|
522
|
+
if (!OPENSSL_fromxdigit(&low, cl)) {
|
|
523
|
+
goto badhex;
|
|
524
|
+
}
|
|
525
|
+
*q++ = (high << 4) | low;
|
|
526
|
+
}
|
|
540
527
|
|
|
541
|
-
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
return hexbuf;
|
|
528
|
+
if (len) {
|
|
529
|
+
*len = q - hexbuf;
|
|
530
|
+
}
|
|
545
531
|
|
|
546
|
-
|
|
547
|
-
if (hexbuf)
|
|
548
|
-
OPENSSL_free(hexbuf);
|
|
549
|
-
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
|
550
|
-
return NULL;
|
|
532
|
+
return hexbuf;
|
|
551
533
|
|
|
552
|
-
|
|
553
|
-
|
|
554
|
-
|
|
555
|
-
return NULL;
|
|
534
|
+
err:
|
|
535
|
+
OPENSSL_free(hexbuf);
|
|
536
|
+
return NULL;
|
|
556
537
|
|
|
538
|
+
badhex:
|
|
539
|
+
OPENSSL_free(hexbuf);
|
|
540
|
+
OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT);
|
|
541
|
+
return NULL;
|
|
557
542
|
}
|
|
558
543
|
|
|
559
|
-
int
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
|
|
567
|
-
if (!c || (c == '.'))
|
|
568
|
-
return 0;
|
|
569
|
-
return 1;
|
|
544
|
+
int x509v3_conf_name_matches(const char *name, const char *cmp) {
|
|
545
|
+
// |name| must begin with |cmp|.
|
|
546
|
+
size_t len = strlen(cmp);
|
|
547
|
+
if (strncmp(name, cmp, len) != 0) {
|
|
548
|
+
return 0;
|
|
549
|
+
}
|
|
550
|
+
// |name| must either be equal to |cmp| or begin with |cmp|, followed by '.'.
|
|
551
|
+
return name[len] == '\0' || name[len] == '.';
|
|
570
552
|
}
|
|
571
553
|
|
|
572
|
-
static int sk_strcmp(const
|
|
573
|
-
|
|
574
|
-
return strcmp(*a, *b);
|
|
554
|
+
static int sk_strcmp(const char *const *a, const char *const *b) {
|
|
555
|
+
return strcmp(*a, *b);
|
|
575
556
|
}
|
|
576
557
|
|
|
577
|
-
STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
STACK_OF(OPENSSL_STRING) *ret;
|
|
558
|
+
STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x) {
|
|
559
|
+
GENERAL_NAMES *gens;
|
|
560
|
+
STACK_OF(OPENSSL_STRING) *ret;
|
|
581
561
|
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
562
|
+
gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
|
|
563
|
+
ret = get_email(X509_get_subject_name(x), gens);
|
|
564
|
+
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
|
|
565
|
+
return ret;
|
|
586
566
|
}
|
|
587
567
|
|
|
588
|
-
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
size_t i;
|
|
568
|
+
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x) {
|
|
569
|
+
AUTHORITY_INFO_ACCESS *info;
|
|
570
|
+
STACK_OF(OPENSSL_STRING) *ret = NULL;
|
|
571
|
+
size_t i;
|
|
593
572
|
|
|
594
|
-
|
|
595
|
-
|
|
596
|
-
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
}
|
|
573
|
+
info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
|
|
574
|
+
if (!info) {
|
|
575
|
+
return NULL;
|
|
576
|
+
}
|
|
577
|
+
for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
|
|
578
|
+
ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
|
|
579
|
+
if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
|
|
580
|
+
if (ad->location->type == GEN_URI) {
|
|
581
|
+
if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier)) {
|
|
582
|
+
break;
|
|
605
583
|
}
|
|
584
|
+
}
|
|
606
585
|
}
|
|
607
|
-
|
|
608
|
-
|
|
586
|
+
}
|
|
587
|
+
AUTHORITY_INFO_ACCESS_free(info);
|
|
588
|
+
return ret;
|
|
609
589
|
}
|
|
610
590
|
|
|
611
|
-
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
|
|
612
|
-
|
|
613
|
-
|
|
614
|
-
|
|
615
|
-
|
|
616
|
-
|
|
617
|
-
|
|
618
|
-
|
|
619
|
-
|
|
620
|
-
|
|
621
|
-
|
|
622
|
-
return ret;
|
|
591
|
+
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x) {
|
|
592
|
+
GENERAL_NAMES *gens;
|
|
593
|
+
STACK_OF(X509_EXTENSION) *exts;
|
|
594
|
+
STACK_OF(OPENSSL_STRING) *ret;
|
|
595
|
+
|
|
596
|
+
exts = X509_REQ_get_extensions(x);
|
|
597
|
+
gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
|
|
598
|
+
ret = get_email(X509_REQ_get_subject_name(x), gens);
|
|
599
|
+
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
|
|
600
|
+
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
|
|
601
|
+
return ret;
|
|
623
602
|
}
|
|
624
603
|
|
|
625
|
-
static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
|
|
626
|
-
GENERAL_NAMES *gens)
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
while ((i = X509_NAME_get_index_by_NID(name,
|
|
638
|
-
NID_pkcs9_emailAddress, i)) >= 0) {
|
|
639
|
-
ne = X509_NAME_get_entry(name, i);
|
|
640
|
-
email = X509_NAME_ENTRY_get_data(ne);
|
|
641
|
-
if (!append_ia5(&ret, email))
|
|
642
|
-
return NULL;
|
|
604
|
+
static STACK_OF(OPENSSL_STRING) *get_email(const X509_NAME *name,
|
|
605
|
+
const GENERAL_NAMES *gens) {
|
|
606
|
+
STACK_OF(OPENSSL_STRING) *ret = NULL;
|
|
607
|
+
// Now add any email address(es) to STACK
|
|
608
|
+
int i = -1;
|
|
609
|
+
// First supplied X509_NAME
|
|
610
|
+
while ((i = X509_NAME_get_index_by_NID(name, NID_pkcs9_emailAddress, i)) >=
|
|
611
|
+
0) {
|
|
612
|
+
const X509_NAME_ENTRY *ne = X509_NAME_get_entry(name, i);
|
|
613
|
+
const ASN1_IA5STRING *email = X509_NAME_ENTRY_get_data(ne);
|
|
614
|
+
if (!append_ia5(&ret, email)) {
|
|
615
|
+
return NULL;
|
|
643
616
|
}
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
return NULL;
|
|
617
|
+
}
|
|
618
|
+
for (size_t j = 0; j < sk_GENERAL_NAME_num(gens); j++) {
|
|
619
|
+
const GENERAL_NAME *gen = sk_GENERAL_NAME_value(gens, j);
|
|
620
|
+
if (gen->type != GEN_EMAIL) {
|
|
621
|
+
continue;
|
|
650
622
|
}
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
OPENSSL_free(str);
|
|
623
|
+
if (!append_ia5(&ret, gen->d.ia5)) {
|
|
624
|
+
return NULL;
|
|
625
|
+
}
|
|
626
|
+
}
|
|
627
|
+
return ret;
|
|
657
628
|
}
|
|
658
629
|
|
|
659
|
-
static
|
|
660
|
-
{
|
|
661
|
-
/* First some sanity checks */
|
|
662
|
-
if (email->type != V_ASN1_IA5STRING)
|
|
663
|
-
return 1;
|
|
664
|
-
if (email->data == NULL || email->length == 0)
|
|
665
|
-
return 1;
|
|
666
|
-
/* |OPENSSL_STRING| cannot represent strings with embedded NULs. Do not
|
|
667
|
-
* report them as outputs. */
|
|
668
|
-
if (OPENSSL_memchr(email->data, 0, email->length) != NULL)
|
|
669
|
-
return 1;
|
|
670
|
-
|
|
671
|
-
char *emtmp = NULL;
|
|
672
|
-
if (!*sk)
|
|
673
|
-
*sk = sk_OPENSSL_STRING_new(sk_strcmp);
|
|
674
|
-
if (!*sk)
|
|
675
|
-
goto err;
|
|
676
|
-
|
|
677
|
-
emtmp = OPENSSL_strndup((char *)email->data, email->length);
|
|
678
|
-
if (emtmp == NULL) {
|
|
679
|
-
goto err;
|
|
680
|
-
}
|
|
630
|
+
static void str_free(OPENSSL_STRING str) { OPENSSL_free(str); }
|
|
681
631
|
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
|
|
685
|
-
|
|
686
|
-
|
|
687
|
-
|
|
688
|
-
|
|
689
|
-
goto err;
|
|
690
|
-
}
|
|
632
|
+
static int append_ia5(STACK_OF(OPENSSL_STRING) **sk,
|
|
633
|
+
const ASN1_IA5STRING *email) {
|
|
634
|
+
// First some sanity checks
|
|
635
|
+
if (email->type != V_ASN1_IA5STRING) {
|
|
636
|
+
return 1;
|
|
637
|
+
}
|
|
638
|
+
if (email->data == NULL || email->length == 0) {
|
|
691
639
|
return 1;
|
|
640
|
+
}
|
|
641
|
+
// |OPENSSL_STRING| cannot represent strings with embedded NULs. Do not
|
|
642
|
+
// report them as outputs.
|
|
643
|
+
if (OPENSSL_memchr(email->data, 0, email->length) != NULL) {
|
|
644
|
+
return 1;
|
|
645
|
+
}
|
|
646
|
+
|
|
647
|
+
char *emtmp = NULL;
|
|
648
|
+
if (!*sk) {
|
|
649
|
+
*sk = sk_OPENSSL_STRING_new(sk_strcmp);
|
|
650
|
+
}
|
|
651
|
+
if (!*sk) {
|
|
652
|
+
goto err;
|
|
653
|
+
}
|
|
654
|
+
|
|
655
|
+
emtmp = OPENSSL_strndup((char *)email->data, email->length);
|
|
656
|
+
if (emtmp == NULL) {
|
|
657
|
+
goto err;
|
|
658
|
+
}
|
|
659
|
+
|
|
660
|
+
// Don't add duplicates
|
|
661
|
+
sk_OPENSSL_STRING_sort(*sk);
|
|
662
|
+
if (sk_OPENSSL_STRING_find(*sk, NULL, emtmp)) {
|
|
663
|
+
OPENSSL_free(emtmp);
|
|
664
|
+
return 1;
|
|
665
|
+
}
|
|
666
|
+
if (!sk_OPENSSL_STRING_push(*sk, emtmp)) {
|
|
667
|
+
goto err;
|
|
668
|
+
}
|
|
669
|
+
return 1;
|
|
692
670
|
|
|
693
671
|
err:
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
699
|
-
|
|
672
|
+
// TODO(davidben): Fix the error-handling in this file. It currently relies
|
|
673
|
+
// on |append_ia5| leaving |*sk| at NULL on error.
|
|
674
|
+
OPENSSL_free(emtmp);
|
|
675
|
+
X509_email_free(*sk);
|
|
676
|
+
*sk = NULL;
|
|
677
|
+
return 0;
|
|
700
678
|
}
|
|
701
679
|
|
|
702
|
-
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
|
|
703
|
-
|
|
704
|
-
sk_OPENSSL_STRING_pop_free(sk, str_free);
|
|
680
|
+
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk) {
|
|
681
|
+
sk_OPENSSL_STRING_pop_free(sk, str_free);
|
|
705
682
|
}
|
|
706
683
|
|
|
707
|
-
typedef int (*equal_fn)
|
|
708
|
-
const unsigned char *subject, size_t subject_len,
|
|
709
|
-
unsigned int flags);
|
|
710
|
-
|
|
711
|
-
/* Skip pattern prefix to match "wildcard" subject */
|
|
712
|
-
static void skip_prefix(const unsigned char **p, size_t *plen,
|
|
684
|
+
typedef int (*equal_fn)(const unsigned char *pattern, size_t pattern_len,
|
|
713
685
|
const unsigned char *subject, size_t subject_len,
|
|
714
|
-
unsigned int flags)
|
|
715
|
-
{
|
|
716
|
-
const unsigned char *pattern = *p;
|
|
717
|
-
size_t pattern_len = *plen;
|
|
718
|
-
|
|
719
|
-
/*
|
|
720
|
-
* If subject starts with a leading '.' followed by more octets, and
|
|
721
|
-
* pattern is longer, compare just an equal-length suffix with the
|
|
722
|
-
* full subject (starting at the '.'), provided the prefix contains
|
|
723
|
-
* no NULs.
|
|
724
|
-
*/
|
|
725
|
-
if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)
|
|
726
|
-
return;
|
|
727
|
-
|
|
728
|
-
while (pattern_len > subject_len && *pattern) {
|
|
729
|
-
if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&
|
|
730
|
-
*pattern == '.')
|
|
731
|
-
break;
|
|
732
|
-
++pattern;
|
|
733
|
-
--pattern_len;
|
|
734
|
-
}
|
|
686
|
+
unsigned int flags);
|
|
735
687
|
|
|
736
|
-
|
|
737
|
-
if (pattern_len == subject_len) {
|
|
738
|
-
*p = pattern;
|
|
739
|
-
*plen = pattern_len;
|
|
740
|
-
}
|
|
741
|
-
}
|
|
742
|
-
|
|
743
|
-
/* Compare while ASCII ignoring case. */
|
|
688
|
+
// Compare while ASCII ignoring case.
|
|
744
689
|
static int equal_nocase(const unsigned char *pattern, size_t pattern_len,
|
|
745
690
|
const unsigned char *subject, size_t subject_len,
|
|
746
|
-
unsigned int flags)
|
|
747
|
-
{
|
|
748
|
-
|
|
749
|
-
|
|
691
|
+
unsigned int flags) {
|
|
692
|
+
if (pattern_len != subject_len) {
|
|
693
|
+
return 0;
|
|
694
|
+
}
|
|
695
|
+
while (pattern_len) {
|
|
696
|
+
unsigned char l = *pattern;
|
|
697
|
+
unsigned char r = *subject;
|
|
698
|
+
// The pattern must not contain NUL characters.
|
|
699
|
+
if (l == 0) {
|
|
700
|
+
return 0;
|
|
701
|
+
}
|
|
702
|
+
if (l != r) {
|
|
703
|
+
if (OPENSSL_tolower(l) != OPENSSL_tolower(r)) {
|
|
750
704
|
return 0;
|
|
751
|
-
|
|
752
|
-
unsigned char l = *pattern;
|
|
753
|
-
unsigned char r = *subject;
|
|
754
|
-
/* The pattern must not contain NUL characters. */
|
|
755
|
-
if (l == 0)
|
|
756
|
-
return 0;
|
|
757
|
-
if (l != r) {
|
|
758
|
-
if ('A' <= l && l <= 'Z')
|
|
759
|
-
l = (l - 'A') + 'a';
|
|
760
|
-
if ('A' <= r && r <= 'Z')
|
|
761
|
-
r = (r - 'A') + 'a';
|
|
762
|
-
if (l != r)
|
|
763
|
-
return 0;
|
|
764
|
-
}
|
|
765
|
-
++pattern;
|
|
766
|
-
++subject;
|
|
767
|
-
--pattern_len;
|
|
705
|
+
}
|
|
768
706
|
}
|
|
769
|
-
|
|
707
|
+
++pattern;
|
|
708
|
+
++subject;
|
|
709
|
+
--pattern_len;
|
|
710
|
+
}
|
|
711
|
+
return 1;
|
|
770
712
|
}
|
|
771
713
|
|
|
772
|
-
|
|
714
|
+
// Compare using OPENSSL_memcmp.
|
|
773
715
|
static int equal_case(const unsigned char *pattern, size_t pattern_len,
|
|
774
716
|
const unsigned char *subject, size_t subject_len,
|
|
775
|
-
unsigned int flags)
|
|
776
|
-
{
|
|
777
|
-
|
|
778
|
-
|
|
779
|
-
|
|
780
|
-
return !OPENSSL_memcmp(pattern, subject, pattern_len);
|
|
717
|
+
unsigned int flags) {
|
|
718
|
+
if (pattern_len != subject_len) {
|
|
719
|
+
return 0;
|
|
720
|
+
}
|
|
721
|
+
return !OPENSSL_memcmp(pattern, subject, pattern_len);
|
|
781
722
|
}
|
|
782
723
|
|
|
783
|
-
|
|
784
|
-
|
|
785
|
-
* case-insensitive manner.
|
|
786
|
-
*/
|
|
724
|
+
// RFC 5280, section 7.5, requires that only the domain is compared in a
|
|
725
|
+
// case-insensitive manner.
|
|
787
726
|
static int equal_email(const unsigned char *a, size_t a_len,
|
|
788
727
|
const unsigned char *b, size_t b_len,
|
|
789
|
-
unsigned int unused_flags)
|
|
790
|
-
|
|
791
|
-
|
|
792
|
-
|
|
728
|
+
unsigned int unused_flags) {
|
|
729
|
+
size_t i = a_len;
|
|
730
|
+
if (a_len != b_len) {
|
|
731
|
+
return 0;
|
|
732
|
+
}
|
|
733
|
+
// We search backwards for the '@' character, so that we do not have to
|
|
734
|
+
// deal with quoted local-parts. The domain part is compared in a
|
|
735
|
+
// case-insensitive manner.
|
|
736
|
+
while (i > 0) {
|
|
737
|
+
--i;
|
|
738
|
+
if (a[i] == '@' || b[i] == '@') {
|
|
739
|
+
if (!equal_nocase(a + i, a_len - i, b + i, a_len - i, 0)) {
|
|
793
740
|
return 0;
|
|
794
|
-
|
|
795
|
-
|
|
796
|
-
* deal with quoted local-parts. The domain part is compared in a
|
|
797
|
-
* case-insensitive manner.
|
|
798
|
-
*/
|
|
799
|
-
while (i > 0) {
|
|
800
|
-
--i;
|
|
801
|
-
if (a[i] == '@' || b[i] == '@') {
|
|
802
|
-
if (!equal_nocase(a + i, a_len - i, b + i, a_len - i, 0))
|
|
803
|
-
return 0;
|
|
804
|
-
break;
|
|
805
|
-
}
|
|
741
|
+
}
|
|
742
|
+
break;
|
|
806
743
|
}
|
|
807
|
-
|
|
808
|
-
|
|
809
|
-
|
|
744
|
+
}
|
|
745
|
+
if (i == 0) {
|
|
746
|
+
i = a_len;
|
|
747
|
+
}
|
|
748
|
+
return equal_case(a, i, b, i, 0);
|
|
810
749
|
}
|
|
811
750
|
|
|
812
|
-
|
|
813
|
-
|
|
814
|
-
* characters in-between are valid.
|
|
815
|
-
*/
|
|
751
|
+
// Compare the prefix and suffix with the subject, and check that the
|
|
752
|
+
// characters in-between are valid.
|
|
816
753
|
static int wildcard_match(const unsigned char *prefix, size_t prefix_len,
|
|
817
754
|
const unsigned char *suffix, size_t suffix_len,
|
|
818
755
|
const unsigned char *subject, size_t subject_len,
|
|
819
|
-
unsigned int flags)
|
|
820
|
-
|
|
821
|
-
|
|
822
|
-
|
|
823
|
-
|
|
824
|
-
|
|
825
|
-
|
|
826
|
-
|
|
827
|
-
|
|
828
|
-
|
|
829
|
-
|
|
830
|
-
|
|
831
|
-
|
|
832
|
-
|
|
833
|
-
|
|
834
|
-
|
|
835
|
-
|
|
836
|
-
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
if (
|
|
840
|
-
|
|
841
|
-
return 0;
|
|
842
|
-
allow_idna = 1;
|
|
843
|
-
if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)
|
|
844
|
-
allow_multi = 1;
|
|
756
|
+
unsigned int flags) {
|
|
757
|
+
const unsigned char *wildcard_start;
|
|
758
|
+
const unsigned char *wildcard_end;
|
|
759
|
+
const unsigned char *p;
|
|
760
|
+
int allow_idna = 0;
|
|
761
|
+
|
|
762
|
+
if (subject_len < prefix_len + suffix_len) {
|
|
763
|
+
return 0;
|
|
764
|
+
}
|
|
765
|
+
if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags)) {
|
|
766
|
+
return 0;
|
|
767
|
+
}
|
|
768
|
+
wildcard_start = subject + prefix_len;
|
|
769
|
+
wildcard_end = subject + (subject_len - suffix_len);
|
|
770
|
+
if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags)) {
|
|
771
|
+
return 0;
|
|
772
|
+
}
|
|
773
|
+
// If the wildcard makes up the entire first label, it must match at
|
|
774
|
+
// least one character.
|
|
775
|
+
if (prefix_len == 0 && *suffix == '.') {
|
|
776
|
+
if (wildcard_start == wildcard_end) {
|
|
777
|
+
return 0;
|
|
845
778
|
}
|
|
846
|
-
|
|
847
|
-
|
|
848
|
-
|
|
849
|
-
|
|
850
|
-
|
|
851
|
-
|
|
852
|
-
|
|
853
|
-
|
|
854
|
-
|
|
855
|
-
* Check that the part matched by the wildcard contains only
|
|
856
|
-
* permitted characters and only matches a single label unless
|
|
857
|
-
* allow_multi is set.
|
|
858
|
-
*/
|
|
859
|
-
for (p = wildcard_start; p != wildcard_end; ++p)
|
|
860
|
-
if (!(('0' <= *p && *p <= '9') ||
|
|
861
|
-
('A' <= *p && *p <= 'Z') ||
|
|
862
|
-
('a' <= *p && *p <= 'z') ||
|
|
863
|
-
*p == '-' || (allow_multi && *p == '.')))
|
|
864
|
-
return 0;
|
|
779
|
+
allow_idna = 1;
|
|
780
|
+
}
|
|
781
|
+
// IDNA labels cannot match partial wildcards
|
|
782
|
+
if (!allow_idna && subject_len >= 4 &&
|
|
783
|
+
OPENSSL_strncasecmp((char *)subject, "xn--", 4) == 0) {
|
|
784
|
+
return 0;
|
|
785
|
+
}
|
|
786
|
+
// The wildcard may match a literal '*'
|
|
787
|
+
if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*') {
|
|
865
788
|
return 1;
|
|
789
|
+
}
|
|
790
|
+
// Check that the part matched by the wildcard contains only
|
|
791
|
+
// permitted characters and only matches a single label.
|
|
792
|
+
for (p = wildcard_start; p != wildcard_end; ++p) {
|
|
793
|
+
if (!OPENSSL_isalnum(*p) && *p != '-') {
|
|
794
|
+
return 0;
|
|
795
|
+
}
|
|
796
|
+
}
|
|
797
|
+
return 1;
|
|
866
798
|
}
|
|
867
799
|
|
|
868
|
-
#define LABEL_START
|
|
869
|
-
#define LABEL_END
|
|
870
|
-
#define LABEL_HYPHEN
|
|
871
|
-
#define LABEL_IDNA
|
|
800
|
+
#define LABEL_START (1 << 0)
|
|
801
|
+
#define LABEL_END (1 << 1)
|
|
802
|
+
#define LABEL_HYPHEN (1 << 2)
|
|
803
|
+
#define LABEL_IDNA (1 << 3)
|
|
872
804
|
|
|
873
805
|
static const unsigned char *valid_star(const unsigned char *p, size_t len,
|
|
874
|
-
unsigned int flags)
|
|
875
|
-
|
|
876
|
-
|
|
877
|
-
|
|
878
|
-
|
|
879
|
-
|
|
880
|
-
|
|
881
|
-
|
|
882
|
-
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
|
|
886
|
-
|
|
887
|
-
|
|
888
|
-
|
|
889
|
-
|
|
890
|
-
|
|
891
|
-
|
|
892
|
-
|
|
893
|
-
|
|
894
|
-
|
|
895
|
-
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
|
|
899
|
-
|
|
900
|
-
|
|
901
|
-
|
|
902
|
-
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
|
|
910
|
-
|
|
911
|
-
|
|
912
|
-
|
|
913
|
-
|
|
914
|
-
|
|
915
|
-
|
|
916
|
-
|
|
917
|
-
} else if (p[i] == '-') {
|
|
918
|
-
/* no domain/subdomain starts with '-' */
|
|
919
|
-
if ((state & LABEL_START) != 0)
|
|
920
|
-
return NULL;
|
|
921
|
-
state |= LABEL_HYPHEN;
|
|
922
|
-
} else
|
|
923
|
-
return NULL;
|
|
806
|
+
unsigned int flags) {
|
|
807
|
+
const unsigned char *star = 0;
|
|
808
|
+
size_t i;
|
|
809
|
+
int state = LABEL_START;
|
|
810
|
+
int dots = 0;
|
|
811
|
+
for (i = 0; i < len; ++i) {
|
|
812
|
+
// Locate first and only legal wildcard, either at the start
|
|
813
|
+
// or end of a non-IDNA first and not final label.
|
|
814
|
+
if (p[i] == '*') {
|
|
815
|
+
int atstart = (state & LABEL_START);
|
|
816
|
+
int atend = (i == len - 1 || p[i + 1] == '.');
|
|
817
|
+
// At most one wildcard per pattern.
|
|
818
|
+
// No wildcards in IDNA labels.
|
|
819
|
+
// No wildcards after the first label.
|
|
820
|
+
if (star != NULL || (state & LABEL_IDNA) != 0 || dots) {
|
|
821
|
+
return NULL;
|
|
822
|
+
}
|
|
823
|
+
// Only full-label '*.example.com' wildcards.
|
|
824
|
+
if (!atstart || !atend) {
|
|
825
|
+
return NULL;
|
|
826
|
+
}
|
|
827
|
+
star = &p[i];
|
|
828
|
+
state &= ~LABEL_START;
|
|
829
|
+
} else if (OPENSSL_isalnum(p[i])) {
|
|
830
|
+
if ((state & LABEL_START) != 0 && len - i >= 4 &&
|
|
831
|
+
OPENSSL_strncasecmp((char *)&p[i], "xn--", 4) == 0) {
|
|
832
|
+
state |= LABEL_IDNA;
|
|
833
|
+
}
|
|
834
|
+
state &= ~(LABEL_HYPHEN | LABEL_START);
|
|
835
|
+
} else if (p[i] == '.') {
|
|
836
|
+
if ((state & (LABEL_HYPHEN | LABEL_START)) != 0) {
|
|
837
|
+
return NULL;
|
|
838
|
+
}
|
|
839
|
+
state = LABEL_START;
|
|
840
|
+
++dots;
|
|
841
|
+
} else if (p[i] == '-') {
|
|
842
|
+
// no domain/subdomain starts with '-'
|
|
843
|
+
if ((state & LABEL_START) != 0) {
|
|
844
|
+
return NULL;
|
|
845
|
+
}
|
|
846
|
+
state |= LABEL_HYPHEN;
|
|
847
|
+
} else {
|
|
848
|
+
return NULL;
|
|
924
849
|
}
|
|
850
|
+
}
|
|
925
851
|
|
|
926
|
-
|
|
927
|
-
|
|
928
|
-
|
|
929
|
-
|
|
930
|
-
|
|
931
|
-
|
|
932
|
-
return star;
|
|
852
|
+
// The final label must not end in a hyphen or ".", and
|
|
853
|
+
// there must be at least two dots after the star.
|
|
854
|
+
if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2) {
|
|
855
|
+
return NULL;
|
|
856
|
+
}
|
|
857
|
+
return star;
|
|
933
858
|
}
|
|
934
859
|
|
|
935
|
-
|
|
860
|
+
// Compare using wildcards.
|
|
936
861
|
static int equal_wildcard(const unsigned char *pattern, size_t pattern_len,
|
|
937
862
|
const unsigned char *subject, size_t subject_len,
|
|
938
|
-
unsigned int flags)
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
943
|
-
|
|
944
|
-
|
|
945
|
-
|
|
946
|
-
|
|
947
|
-
|
|
948
|
-
|
|
949
|
-
|
|
950
|
-
|
|
951
|
-
|
|
952
|
-
star + 1, (pattern + pattern_len) - star - 1,
|
|
953
|
-
subject, subject_len, flags);
|
|
863
|
+
unsigned int flags) {
|
|
864
|
+
const unsigned char *star = NULL;
|
|
865
|
+
|
|
866
|
+
// Subject names starting with '.' can only match a wildcard pattern
|
|
867
|
+
// via a subject sub-domain pattern suffix match.
|
|
868
|
+
if (!(subject_len > 1 && subject[0] == '.')) {
|
|
869
|
+
star = valid_star(pattern, pattern_len, flags);
|
|
870
|
+
}
|
|
871
|
+
if (star == NULL) {
|
|
872
|
+
return equal_nocase(pattern, pattern_len, subject, subject_len, flags);
|
|
873
|
+
}
|
|
874
|
+
return wildcard_match(pattern, star - pattern, star + 1,
|
|
875
|
+
(pattern + pattern_len) - star - 1, subject,
|
|
876
|
+
subject_len, flags);
|
|
954
877
|
}
|
|
955
878
|
|
|
956
879
|
int x509v3_looks_like_dns_name(const unsigned char *in, size_t len) {
|
|
957
|
-
|
|
958
|
-
|
|
959
|
-
|
|
960
|
-
|
|
961
|
-
|
|
962
|
-
|
|
963
|
-
|
|
964
|
-
|
|
965
|
-
|
|
966
|
-
|
|
967
|
-
|
|
968
|
-
|
|
969
|
-
|
|
970
|
-
|
|
880
|
+
// This function is used as a heuristic for whether a common name is a
|
|
881
|
+
// hostname to be matched, or merely a decorative name to describe the
|
|
882
|
+
// subject. This heuristic must be applied to both name constraints and the
|
|
883
|
+
// common name fallback, so it must be loose enough to accept hostname
|
|
884
|
+
// common names, and tight enough to reject decorative common names.
|
|
885
|
+
|
|
886
|
+
if (len > 0 && in[len - 1] == '.') {
|
|
887
|
+
len--;
|
|
888
|
+
}
|
|
889
|
+
|
|
890
|
+
// Wildcards are allowed in front.
|
|
891
|
+
if (len >= 2 && in[0] == '*' && in[1] == '.') {
|
|
892
|
+
in += 2;
|
|
893
|
+
len -= 2;
|
|
894
|
+
}
|
|
895
|
+
|
|
896
|
+
if (len == 0) {
|
|
897
|
+
return 0;
|
|
898
|
+
}
|
|
899
|
+
|
|
900
|
+
size_t label_start = 0;
|
|
901
|
+
for (size_t i = 0; i < len; i++) {
|
|
902
|
+
unsigned char c = in[i];
|
|
903
|
+
if (OPENSSL_isalnum(c) || (c == '-' && i > label_start) ||
|
|
904
|
+
// These are not valid characters in hostnames, but commonly found
|
|
905
|
+
// in deployments outside the Web PKI.
|
|
906
|
+
c == '_' || c == ':') {
|
|
907
|
+
continue;
|
|
971
908
|
}
|
|
972
909
|
|
|
973
|
-
|
|
974
|
-
|
|
910
|
+
// Labels must not be empty.
|
|
911
|
+
if (c == '.' && i > label_start && i < len - 1) {
|
|
912
|
+
label_start = i + 1;
|
|
913
|
+
continue;
|
|
975
914
|
}
|
|
976
915
|
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
unsigned char c = in[i];
|
|
980
|
-
if ((c >= 'a' && c <= 'z') ||
|
|
981
|
-
(c >= '0' && c <= '9') ||
|
|
982
|
-
(c >= 'A' && c <= 'Z') ||
|
|
983
|
-
(c == '-' && i > label_start) ||
|
|
984
|
-
/* These are not valid characters in hostnames, but commonly found
|
|
985
|
-
* in deployments outside the Web PKI. */
|
|
986
|
-
c == '_' ||
|
|
987
|
-
c == ':') {
|
|
988
|
-
continue;
|
|
989
|
-
}
|
|
990
|
-
|
|
991
|
-
/* Labels must not be empty. */
|
|
992
|
-
if (c == '.' && i > label_start && i < len - 1) {
|
|
993
|
-
label_start = i + 1;
|
|
994
|
-
continue;
|
|
995
|
-
}
|
|
996
|
-
|
|
997
|
-
return 0;
|
|
998
|
-
}
|
|
916
|
+
return 0;
|
|
917
|
+
}
|
|
999
918
|
|
|
1000
|
-
|
|
919
|
+
return 1;
|
|
1001
920
|
}
|
|
1002
921
|
|
|
1003
|
-
|
|
1004
|
-
|
|
1005
|
-
|
|
1006
|
-
* to UTF8.
|
|
1007
|
-
*/
|
|
922
|
+
// Compare an ASN1_STRING to a supplied string. If they match return 1. If
|
|
923
|
+
// cmp_type > 0 only compare if string matches the type, otherwise convert it
|
|
924
|
+
// to UTF8.
|
|
1008
925
|
|
|
1009
|
-
static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
|
|
926
|
+
static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal,
|
|
1010
927
|
unsigned int flags, int check_type, const char *b,
|
|
1011
|
-
size_t blen, char **peername)
|
|
1012
|
-
|
|
1013
|
-
int rv = 0;
|
|
928
|
+
size_t blen, char **peername) {
|
|
929
|
+
int rv = 0;
|
|
1014
930
|
|
|
1015
|
-
|
|
1016
|
-
|
|
1017
|
-
|
|
1018
|
-
|
|
1019
|
-
|
|
1020
|
-
|
|
1021
|
-
|
|
1022
|
-
|
|
1023
|
-
|
|
1024
|
-
|
|
1025
|
-
|
|
931
|
+
if (!a->data || !a->length) {
|
|
932
|
+
return 0;
|
|
933
|
+
}
|
|
934
|
+
if (cmp_type > 0) {
|
|
935
|
+
if (cmp_type != a->type) {
|
|
936
|
+
return 0;
|
|
937
|
+
}
|
|
938
|
+
if (cmp_type == V_ASN1_IA5STRING) {
|
|
939
|
+
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
|
|
940
|
+
} else if (a->length == (int)blen && !OPENSSL_memcmp(a->data, b, blen)) {
|
|
941
|
+
rv = 1;
|
|
942
|
+
}
|
|
943
|
+
if (rv > 0 && peername) {
|
|
944
|
+
*peername = OPENSSL_strndup((char *)a->data, a->length);
|
|
945
|
+
}
|
|
946
|
+
} else {
|
|
947
|
+
int astrlen;
|
|
948
|
+
unsigned char *astr;
|
|
949
|
+
astrlen = ASN1_STRING_to_UTF8(&astr, a);
|
|
950
|
+
if (astrlen < 0) {
|
|
951
|
+
return -1;
|
|
952
|
+
}
|
|
953
|
+
// We check the common name against DNS name constraints if it passes
|
|
954
|
+
// |x509v3_looks_like_dns_name|. Thus we must not consider common names
|
|
955
|
+
// for DNS fallbacks if they fail this check.
|
|
956
|
+
if (check_type == GEN_DNS && !x509v3_looks_like_dns_name(astr, astrlen)) {
|
|
957
|
+
rv = 0;
|
|
1026
958
|
} else {
|
|
1027
|
-
|
|
1028
|
-
unsigned char *astr;
|
|
1029
|
-
astrlen = ASN1_STRING_to_UTF8(&astr, a);
|
|
1030
|
-
if (astrlen < 0)
|
|
1031
|
-
return -1;
|
|
1032
|
-
/*
|
|
1033
|
-
* We check the common name against DNS name constraints if it passes
|
|
1034
|
-
* |x509v3_looks_like_dns_name|. Thus we must not consider common names
|
|
1035
|
-
* for DNS fallbacks if they fail this check.
|
|
1036
|
-
*/
|
|
1037
|
-
if (check_type == GEN_DNS &&
|
|
1038
|
-
!x509v3_looks_like_dns_name(astr, astrlen)) {
|
|
1039
|
-
rv = 0;
|
|
1040
|
-
} else {
|
|
1041
|
-
rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
|
|
1042
|
-
}
|
|
1043
|
-
if (rv > 0 && peername)
|
|
1044
|
-
*peername = OPENSSL_strndup((char *)astr, astrlen);
|
|
1045
|
-
OPENSSL_free(astr);
|
|
959
|
+
rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
|
|
1046
960
|
}
|
|
1047
|
-
|
|
961
|
+
if (rv > 0 && peername) {
|
|
962
|
+
*peername = OPENSSL_strndup((char *)astr, astrlen);
|
|
963
|
+
}
|
|
964
|
+
OPENSSL_free(astr);
|
|
965
|
+
}
|
|
966
|
+
return rv;
|
|
1048
967
|
}
|
|
1049
968
|
|
|
1050
969
|
static int do_x509_check(X509 *x, const char *chk, size_t chklen,
|
|
1051
|
-
unsigned int flags, int check_type, char **peername)
|
|
1052
|
-
|
|
1053
|
-
|
|
1054
|
-
|
|
1055
|
-
|
|
1056
|
-
|
|
1057
|
-
|
|
1058
|
-
|
|
1059
|
-
|
|
1060
|
-
|
|
1061
|
-
|
|
1062
|
-
|
|
1063
|
-
flags
|
|
1064
|
-
|
|
1065
|
-
cnid = NID_pkcs9_emailAddress;
|
|
1066
|
-
alt_type = V_ASN1_IA5STRING;
|
|
1067
|
-
equal = equal_email;
|
|
1068
|
-
} else if (check_type == GEN_DNS) {
|
|
1069
|
-
cnid = NID_commonName;
|
|
1070
|
-
/* Implicit client-side DNS sub-domain pattern */
|
|
1071
|
-
if (chklen > 1 && chk[0] == '.')
|
|
1072
|
-
flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS;
|
|
1073
|
-
alt_type = V_ASN1_IA5STRING;
|
|
1074
|
-
if (flags & X509_CHECK_FLAG_NO_WILDCARDS)
|
|
1075
|
-
equal = equal_nocase;
|
|
1076
|
-
else
|
|
1077
|
-
equal = equal_wildcard;
|
|
970
|
+
unsigned int flags, int check_type, char **peername) {
|
|
971
|
+
int cnid = NID_undef;
|
|
972
|
+
int alt_type;
|
|
973
|
+
int rv = 0;
|
|
974
|
+
equal_fn equal;
|
|
975
|
+
if (check_type == GEN_EMAIL) {
|
|
976
|
+
cnid = NID_pkcs9_emailAddress;
|
|
977
|
+
alt_type = V_ASN1_IA5STRING;
|
|
978
|
+
equal = equal_email;
|
|
979
|
+
} else if (check_type == GEN_DNS) {
|
|
980
|
+
cnid = NID_commonName;
|
|
981
|
+
alt_type = V_ASN1_IA5STRING;
|
|
982
|
+
if (flags & X509_CHECK_FLAG_NO_WILDCARDS) {
|
|
983
|
+
equal = equal_nocase;
|
|
1078
984
|
} else {
|
|
1079
|
-
|
|
1080
|
-
equal = equal_case;
|
|
985
|
+
equal = equal_wildcard;
|
|
1081
986
|
}
|
|
1082
|
-
|
|
1083
|
-
|
|
1084
|
-
|
|
1085
|
-
|
|
1086
|
-
|
|
1087
|
-
|
|
1088
|
-
|
|
1089
|
-
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
|
|
1098
|
-
|
|
1099
|
-
|
|
1100
|
-
|
|
1101
|
-
|
|
1102
|
-
|
|
1103
|
-
|
|
987
|
+
} else {
|
|
988
|
+
alt_type = V_ASN1_OCTET_STRING;
|
|
989
|
+
equal = equal_case;
|
|
990
|
+
}
|
|
991
|
+
|
|
992
|
+
GENERAL_NAMES *gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
|
|
993
|
+
if (gens) {
|
|
994
|
+
for (size_t i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
|
|
995
|
+
const GENERAL_NAME *gen = sk_GENERAL_NAME_value(gens, i);
|
|
996
|
+
if (gen->type != check_type) {
|
|
997
|
+
continue;
|
|
998
|
+
}
|
|
999
|
+
const ASN1_STRING *cstr;
|
|
1000
|
+
if (check_type == GEN_EMAIL) {
|
|
1001
|
+
cstr = gen->d.rfc822Name;
|
|
1002
|
+
} else if (check_type == GEN_DNS) {
|
|
1003
|
+
cstr = gen->d.dNSName;
|
|
1004
|
+
} else {
|
|
1005
|
+
cstr = gen->d.iPAddress;
|
|
1006
|
+
}
|
|
1007
|
+
// Positive on success, negative on error!
|
|
1008
|
+
if ((rv = do_check_string(cstr, alt_type, equal, flags, check_type, chk,
|
|
1009
|
+
chklen, peername)) != 0) {
|
|
1010
|
+
break;
|
|
1011
|
+
}
|
|
1104
1012
|
}
|
|
1013
|
+
GENERAL_NAMES_free(gens);
|
|
1014
|
+
return rv;
|
|
1015
|
+
}
|
|
1105
1016
|
|
|
1106
|
-
|
|
1107
|
-
|
|
1108
|
-
return 0;
|
|
1109
|
-
|
|
1110
|
-
j = -1;
|
|
1111
|
-
name = X509_get_subject_name(x);
|
|
1112
|
-
while ((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0) {
|
|
1113
|
-
X509_NAME_ENTRY *ne;
|
|
1114
|
-
ASN1_STRING *str;
|
|
1115
|
-
ne = X509_NAME_get_entry(name, j);
|
|
1116
|
-
str = X509_NAME_ENTRY_get_data(ne);
|
|
1117
|
-
/* Positive on success, negative on error! */
|
|
1118
|
-
if ((rv = do_check_string(str, -1, equal, flags, check_type,
|
|
1119
|
-
chk, chklen, peername)) != 0)
|
|
1120
|
-
return rv;
|
|
1121
|
-
}
|
|
1017
|
+
// We're done if CN-ID is not pertinent
|
|
1018
|
+
if (cnid == NID_undef || (flags & X509_CHECK_FLAG_NEVER_CHECK_SUBJECT)) {
|
|
1122
1019
|
return 0;
|
|
1020
|
+
}
|
|
1021
|
+
|
|
1022
|
+
int j = -1;
|
|
1023
|
+
const X509_NAME *name = X509_get_subject_name(x);
|
|
1024
|
+
while ((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0) {
|
|
1025
|
+
const X509_NAME_ENTRY *ne = X509_NAME_get_entry(name, j);
|
|
1026
|
+
const ASN1_STRING *str = X509_NAME_ENTRY_get_data(ne);
|
|
1027
|
+
// Positive on success, negative on error!
|
|
1028
|
+
if ((rv = do_check_string(str, -1, equal, flags, check_type, chk, chklen,
|
|
1029
|
+
peername)) != 0) {
|
|
1030
|
+
return rv;
|
|
1031
|
+
}
|
|
1032
|
+
}
|
|
1033
|
+
return 0;
|
|
1123
1034
|
}
|
|
1124
1035
|
|
|
1125
|
-
int X509_check_host(X509 *x, const char *chk, size_t chklen,
|
|
1126
|
-
|
|
1127
|
-
{
|
|
1128
|
-
|
|
1129
|
-
|
|
1130
|
-
|
|
1131
|
-
|
|
1132
|
-
|
|
1036
|
+
int X509_check_host(X509 *x, const char *chk, size_t chklen, unsigned int flags,
|
|
1037
|
+
char **peername) {
|
|
1038
|
+
if (chk == NULL) {
|
|
1039
|
+
return -2;
|
|
1040
|
+
}
|
|
1041
|
+
if (OPENSSL_memchr(chk, '\0', chklen)) {
|
|
1042
|
+
return -2;
|
|
1043
|
+
}
|
|
1044
|
+
return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
|
|
1133
1045
|
}
|
|
1134
1046
|
|
|
1135
1047
|
int X509_check_email(X509 *x, const char *chk, size_t chklen,
|
|
1136
|
-
unsigned int flags)
|
|
1137
|
-
{
|
|
1138
|
-
|
|
1139
|
-
|
|
1140
|
-
|
|
1141
|
-
|
|
1142
|
-
|
|
1048
|
+
unsigned int flags) {
|
|
1049
|
+
if (chk == NULL) {
|
|
1050
|
+
return -2;
|
|
1051
|
+
}
|
|
1052
|
+
if (OPENSSL_memchr(chk, '\0', chklen)) {
|
|
1053
|
+
return -2;
|
|
1054
|
+
}
|
|
1055
|
+
return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
|
|
1143
1056
|
}
|
|
1144
1057
|
|
|
1145
1058
|
int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
|
|
1146
|
-
unsigned int flags)
|
|
1147
|
-
{
|
|
1148
|
-
|
|
1149
|
-
|
|
1150
|
-
|
|
1059
|
+
unsigned int flags) {
|
|
1060
|
+
if (chk == NULL) {
|
|
1061
|
+
return -2;
|
|
1062
|
+
}
|
|
1063
|
+
return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
|
|
1151
1064
|
}
|
|
1152
1065
|
|
|
1153
|
-
int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
|
|
1158
|
-
|
|
1159
|
-
|
|
1160
|
-
|
|
1161
|
-
|
|
1162
|
-
|
|
1163
|
-
|
|
1066
|
+
int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) {
|
|
1067
|
+
unsigned char ipout[16];
|
|
1068
|
+
size_t iplen;
|
|
1069
|
+
|
|
1070
|
+
if (ipasc == NULL) {
|
|
1071
|
+
return -2;
|
|
1072
|
+
}
|
|
1073
|
+
iplen = (size_t)x509v3_a2i_ipadd(ipout, ipasc);
|
|
1074
|
+
if (iplen == 0) {
|
|
1075
|
+
return -2;
|
|
1076
|
+
}
|
|
1077
|
+
return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
|
|
1164
1078
|
}
|
|
1165
1079
|
|
|
1166
|
-
|
|
1167
|
-
|
|
1168
|
-
* with RFC 3280.
|
|
1169
|
-
*/
|
|
1080
|
+
// Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible
|
|
1081
|
+
// with RFC 3280.
|
|
1170
1082
|
|
|
1171
|
-
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
|
|
1172
|
-
|
|
1173
|
-
|
|
1174
|
-
|
|
1175
|
-
int iplen;
|
|
1083
|
+
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc) {
|
|
1084
|
+
unsigned char ipout[16];
|
|
1085
|
+
ASN1_OCTET_STRING *ret;
|
|
1086
|
+
int iplen;
|
|
1176
1087
|
|
|
1177
|
-
|
|
1178
|
-
|
|
1179
|
-
|
|
1088
|
+
iplen = x509v3_a2i_ipadd(ipout, ipasc);
|
|
1089
|
+
if (!iplen) {
|
|
1090
|
+
return NULL;
|
|
1091
|
+
}
|
|
1180
1092
|
|
|
1181
|
-
|
|
1182
|
-
|
|
1183
|
-
|
|
1184
|
-
|
|
1185
|
-
|
|
1186
|
-
|
|
1187
|
-
|
|
1188
|
-
|
|
1093
|
+
ret = ASN1_OCTET_STRING_new();
|
|
1094
|
+
if (!ret) {
|
|
1095
|
+
return NULL;
|
|
1096
|
+
}
|
|
1097
|
+
if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
|
|
1098
|
+
ASN1_OCTET_STRING_free(ret);
|
|
1099
|
+
return NULL;
|
|
1100
|
+
}
|
|
1101
|
+
return ret;
|
|
1189
1102
|
}
|
|
1190
1103
|
|
|
1191
|
-
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
|
|
1192
|
-
|
|
1193
|
-
|
|
1194
|
-
|
|
1195
|
-
|
|
1196
|
-
|
|
1197
|
-
|
|
1198
|
-
|
|
1199
|
-
|
|
1200
|
-
|
|
1201
|
-
|
|
1202
|
-
|
|
1203
|
-
|
|
1204
|
-
|
|
1104
|
+
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) {
|
|
1105
|
+
ASN1_OCTET_STRING *ret = NULL;
|
|
1106
|
+
unsigned char ipout[32];
|
|
1107
|
+
char *iptmp = NULL, *p;
|
|
1108
|
+
int iplen1, iplen2;
|
|
1109
|
+
p = strchr(ipasc, '/');
|
|
1110
|
+
if (!p) {
|
|
1111
|
+
return NULL;
|
|
1112
|
+
}
|
|
1113
|
+
iptmp = OPENSSL_strdup(ipasc);
|
|
1114
|
+
if (!iptmp) {
|
|
1115
|
+
return NULL;
|
|
1116
|
+
}
|
|
1117
|
+
p = iptmp + (p - ipasc);
|
|
1118
|
+
*p++ = 0;
|
|
1205
1119
|
|
|
1206
|
-
|
|
1120
|
+
iplen1 = x509v3_a2i_ipadd(ipout, iptmp);
|
|
1207
1121
|
|
|
1208
|
-
|
|
1209
|
-
|
|
1122
|
+
if (!iplen1) {
|
|
1123
|
+
goto err;
|
|
1124
|
+
}
|
|
1210
1125
|
|
|
1211
|
-
|
|
1126
|
+
iplen2 = x509v3_a2i_ipadd(ipout + iplen1, p);
|
|
1212
1127
|
|
|
1213
|
-
|
|
1214
|
-
|
|
1128
|
+
OPENSSL_free(iptmp);
|
|
1129
|
+
iptmp = NULL;
|
|
1215
1130
|
|
|
1216
|
-
|
|
1217
|
-
|
|
1131
|
+
if (!iplen2 || (iplen1 != iplen2)) {
|
|
1132
|
+
goto err;
|
|
1133
|
+
}
|
|
1218
1134
|
|
|
1219
|
-
|
|
1220
|
-
|
|
1221
|
-
|
|
1222
|
-
|
|
1223
|
-
|
|
1135
|
+
ret = ASN1_OCTET_STRING_new();
|
|
1136
|
+
if (!ret) {
|
|
1137
|
+
goto err;
|
|
1138
|
+
}
|
|
1139
|
+
if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2)) {
|
|
1140
|
+
goto err;
|
|
1141
|
+
}
|
|
1224
1142
|
|
|
1225
|
-
|
|
1143
|
+
return ret;
|
|
1226
1144
|
|
|
1227
|
-
|
|
1228
|
-
|
|
1229
|
-
|
|
1230
|
-
|
|
1231
|
-
|
|
1232
|
-
|
|
1145
|
+
err:
|
|
1146
|
+
if (iptmp) {
|
|
1147
|
+
OPENSSL_free(iptmp);
|
|
1148
|
+
}
|
|
1149
|
+
if (ret) {
|
|
1150
|
+
ASN1_OCTET_STRING_free(ret);
|
|
1151
|
+
}
|
|
1152
|
+
return NULL;
|
|
1233
1153
|
}
|
|
1234
1154
|
|
|
1235
|
-
int x509v3_a2i_ipadd(unsigned char ipout[16], const char *ipasc)
|
|
1236
|
-
|
|
1237
|
-
/* If string contains a ':' assume IPv6 */
|
|
1155
|
+
int x509v3_a2i_ipadd(unsigned char ipout[16], const char *ipasc) {
|
|
1156
|
+
// If string contains a ':' assume IPv6
|
|
1238
1157
|
|
|
1239
|
-
|
|
1240
|
-
|
|
1241
|
-
|
|
1242
|
-
|
|
1243
|
-
|
|
1244
|
-
|
|
1245
|
-
|
|
1246
|
-
|
|
1158
|
+
if (strchr(ipasc, ':')) {
|
|
1159
|
+
if (!ipv6_from_asc(ipout, ipasc)) {
|
|
1160
|
+
return 0;
|
|
1161
|
+
}
|
|
1162
|
+
return 16;
|
|
1163
|
+
} else {
|
|
1164
|
+
if (!ipv4_from_asc(ipout, ipasc)) {
|
|
1165
|
+
return 0;
|
|
1247
1166
|
}
|
|
1167
|
+
return 4;
|
|
1168
|
+
}
|
|
1248
1169
|
}
|
|
1249
1170
|
|
|
1250
|
-
static int ipv4_from_asc(unsigned char v4[4], const char *in)
|
|
1251
|
-
|
|
1252
|
-
|
|
1253
|
-
|
|
1254
|
-
|
|
1255
|
-
|
|
1256
|
-
|
|
1257
|
-
|
|
1258
|
-
|
|
1259
|
-
|
|
1260
|
-
|
|
1261
|
-
|
|
1262
|
-
|
|
1171
|
+
static int ipv4_from_asc(unsigned char v4[4], const char *in) {
|
|
1172
|
+
int a0, a1, a2, a3;
|
|
1173
|
+
if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) {
|
|
1174
|
+
return 0;
|
|
1175
|
+
}
|
|
1176
|
+
if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) || (a2 < 0) ||
|
|
1177
|
+
(a2 > 255) || (a3 < 0) || (a3 > 255)) {
|
|
1178
|
+
return 0;
|
|
1179
|
+
}
|
|
1180
|
+
v4[0] = a0;
|
|
1181
|
+
v4[1] = a1;
|
|
1182
|
+
v4[2] = a2;
|
|
1183
|
+
v4[3] = a3;
|
|
1184
|
+
return 1;
|
|
1263
1185
|
}
|
|
1264
1186
|
|
|
1265
1187
|
typedef struct {
|
|
1266
|
-
|
|
1267
|
-
|
|
1268
|
-
|
|
1269
|
-
|
|
1270
|
-
|
|
1271
|
-
|
|
1272
|
-
|
|
1273
|
-
|
|
1188
|
+
// Temporary store for IPV6 output
|
|
1189
|
+
unsigned char tmp[16];
|
|
1190
|
+
// Total number of bytes in tmp
|
|
1191
|
+
int total;
|
|
1192
|
+
// The position of a zero (corresponding to '::')
|
|
1193
|
+
int zero_pos;
|
|
1194
|
+
// Number of zeroes
|
|
1195
|
+
int zero_cnt;
|
|
1274
1196
|
} IPV6_STAT;
|
|
1275
1197
|
|
|
1276
|
-
static int ipv6_from_asc(unsigned char v6[16], const char *in)
|
|
1277
|
-
|
|
1278
|
-
|
|
1279
|
-
|
|
1280
|
-
|
|
1281
|
-
|
|
1282
|
-
|
|
1283
|
-
|
|
1284
|
-
|
|
1285
|
-
|
|
1286
|
-
|
|
1287
|
-
if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
|
|
1288
|
-
return 0;
|
|
1289
|
-
|
|
1290
|
-
/* Now for some sanity checks */
|
|
1198
|
+
static int ipv6_from_asc(unsigned char v6[16], const char *in) {
|
|
1199
|
+
IPV6_STAT v6stat;
|
|
1200
|
+
v6stat.total = 0;
|
|
1201
|
+
v6stat.zero_pos = -1;
|
|
1202
|
+
v6stat.zero_cnt = 0;
|
|
1203
|
+
// Treat the IPv6 representation as a list of values separated by ':'.
|
|
1204
|
+
// The presence of a '::' will parse as one, two or three zero length
|
|
1205
|
+
// elements.
|
|
1206
|
+
if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat)) {
|
|
1207
|
+
return 0;
|
|
1208
|
+
}
|
|
1291
1209
|
|
|
1292
|
-
|
|
1293
|
-
|
|
1294
|
-
|
|
1295
|
-
|
|
1210
|
+
if (v6stat.zero_pos == -1) {
|
|
1211
|
+
// If no '::' must have exactly 16 bytes
|
|
1212
|
+
if (v6stat.total != 16) {
|
|
1213
|
+
return 0;
|
|
1214
|
+
}
|
|
1215
|
+
} else {
|
|
1216
|
+
// If '::' must have less than 16 bytes
|
|
1217
|
+
if (v6stat.total >= 16) {
|
|
1218
|
+
return 0;
|
|
1219
|
+
}
|
|
1220
|
+
if (v6stat.zero_cnt > 3) {
|
|
1221
|
+
// More than three zeroes is an error
|
|
1222
|
+
return 0;
|
|
1223
|
+
} else if (v6stat.zero_cnt == 3) {
|
|
1224
|
+
// Can only have three zeroes if nothing else present
|
|
1225
|
+
if (v6stat.total > 0) {
|
|
1226
|
+
return 0;
|
|
1227
|
+
}
|
|
1228
|
+
} else if (v6stat.zero_cnt == 2) {
|
|
1229
|
+
// Can only have two zeroes if at start or end
|
|
1230
|
+
if (v6stat.zero_pos != 0 && v6stat.zero_pos != v6stat.total) {
|
|
1231
|
+
return 0;
|
|
1232
|
+
}
|
|
1296
1233
|
} else {
|
|
1297
|
-
|
|
1298
|
-
|
|
1299
|
-
|
|
1300
|
-
|
|
1301
|
-
if (v6stat.zero_cnt > 3)
|
|
1302
|
-
return 0;
|
|
1303
|
-
/* Can only have three zeroes if nothing else present */
|
|
1304
|
-
else if (v6stat.zero_cnt == 3) {
|
|
1305
|
-
if (v6stat.total > 0)
|
|
1306
|
-
return 0;
|
|
1307
|
-
}
|
|
1308
|
-
/* Can only have two zeroes if at start or end */
|
|
1309
|
-
else if (v6stat.zero_cnt == 2) {
|
|
1310
|
-
if ((v6stat.zero_pos != 0)
|
|
1311
|
-
&& (v6stat.zero_pos != v6stat.total))
|
|
1312
|
-
return 0;
|
|
1313
|
-
} else
|
|
1314
|
-
/* Can only have one zero if *not* start or end */
|
|
1315
|
-
{
|
|
1316
|
-
if ((v6stat.zero_pos == 0)
|
|
1317
|
-
|| (v6stat.zero_pos == v6stat.total))
|
|
1318
|
-
return 0;
|
|
1319
|
-
}
|
|
1234
|
+
// Can only have one zero if *not* start or end
|
|
1235
|
+
if (v6stat.zero_pos == 0 || v6stat.zero_pos == v6stat.total) {
|
|
1236
|
+
return 0;
|
|
1237
|
+
}
|
|
1320
1238
|
}
|
|
1239
|
+
}
|
|
1240
|
+
|
|
1241
|
+
// Format the result.
|
|
1242
|
+
if (v6stat.zero_pos >= 0) {
|
|
1243
|
+
// Copy initial part
|
|
1244
|
+
OPENSSL_memcpy(v6, v6stat.tmp, v6stat.zero_pos);
|
|
1245
|
+
// Zero middle
|
|
1246
|
+
OPENSSL_memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
|
|
1247
|
+
// Copy final part
|
|
1248
|
+
if (v6stat.total != v6stat.zero_pos) {
|
|
1249
|
+
OPENSSL_memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
|
|
1250
|
+
v6stat.tmp + v6stat.zero_pos,
|
|
1251
|
+
v6stat.total - v6stat.zero_pos);
|
|
1252
|
+
}
|
|
1253
|
+
} else {
|
|
1254
|
+
OPENSSL_memcpy(v6, v6stat.tmp, 16);
|
|
1255
|
+
}
|
|
1321
1256
|
|
|
1322
|
-
|
|
1323
|
-
|
|
1324
|
-
if (v6stat.zero_pos >= 0) {
|
|
1325
|
-
/* Copy initial part */
|
|
1326
|
-
OPENSSL_memcpy(v6, v6stat.tmp, v6stat.zero_pos);
|
|
1327
|
-
/* Zero middle */
|
|
1328
|
-
OPENSSL_memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
|
|
1329
|
-
/* Copy final part */
|
|
1330
|
-
if (v6stat.total != v6stat.zero_pos)
|
|
1331
|
-
OPENSSL_memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
|
|
1332
|
-
v6stat.tmp + v6stat.zero_pos,
|
|
1333
|
-
v6stat.total - v6stat.zero_pos);
|
|
1334
|
-
} else
|
|
1335
|
-
OPENSSL_memcpy(v6, v6stat.tmp, 16);
|
|
1336
|
-
|
|
1337
|
-
return 1;
|
|
1257
|
+
return 1;
|
|
1338
1258
|
}
|
|
1339
1259
|
|
|
1340
|
-
static int ipv6_cb(const char *elem,
|
|
1341
|
-
|
|
1342
|
-
|
|
1343
|
-
|
|
1344
|
-
|
|
1260
|
+
static int ipv6_cb(const char *elem, size_t len, void *usr) {
|
|
1261
|
+
IPV6_STAT *s = usr;
|
|
1262
|
+
// Error if 16 bytes written
|
|
1263
|
+
if (s->total == 16) {
|
|
1264
|
+
return 0;
|
|
1265
|
+
}
|
|
1266
|
+
if (len == 0) {
|
|
1267
|
+
// Zero length element, corresponds to '::'
|
|
1268
|
+
if (s->zero_pos == -1) {
|
|
1269
|
+
s->zero_pos = s->total;
|
|
1270
|
+
} else if (s->zero_pos != s->total) {
|
|
1271
|
+
// If we've already got a :: its an error
|
|
1272
|
+
return 0;
|
|
1273
|
+
}
|
|
1274
|
+
if (s->zero_cnt >= 3) {
|
|
1275
|
+
// More than three zeros is an error.
|
|
1276
|
+
return 0;
|
|
1277
|
+
}
|
|
1278
|
+
s->zero_cnt++;
|
|
1279
|
+
} else {
|
|
1280
|
+
// If more than 4 characters could be final a.b.c.d form
|
|
1281
|
+
if (len > 4) {
|
|
1282
|
+
// Need at least 4 bytes left
|
|
1283
|
+
if (s->total > 12) {
|
|
1284
|
+
return 0;
|
|
1285
|
+
}
|
|
1286
|
+
// Must be end of string
|
|
1287
|
+
if (elem[len]) {
|
|
1288
|
+
return 0;
|
|
1289
|
+
}
|
|
1290
|
+
if (!ipv4_from_asc(s->tmp + s->total, elem)) {
|
|
1345
1291
|
return 0;
|
|
1346
|
-
|
|
1347
|
-
|
|
1348
|
-
if (s->zero_pos == -1)
|
|
1349
|
-
s->zero_pos = s->total;
|
|
1350
|
-
/* If we've already got a :: its an error */
|
|
1351
|
-
else if (s->zero_pos != s->total)
|
|
1352
|
-
return 0;
|
|
1353
|
-
s->zero_cnt++;
|
|
1292
|
+
}
|
|
1293
|
+
s->total += 4;
|
|
1354
1294
|
} else {
|
|
1355
|
-
|
|
1356
|
-
|
|
1357
|
-
|
|
1358
|
-
|
|
1359
|
-
return 0;
|
|
1360
|
-
/* Must be end of string */
|
|
1361
|
-
if (elem[len])
|
|
1362
|
-
return 0;
|
|
1363
|
-
if (!ipv4_from_asc(s->tmp + s->total, elem))
|
|
1364
|
-
return 0;
|
|
1365
|
-
s->total += 4;
|
|
1366
|
-
} else {
|
|
1367
|
-
if (!ipv6_hex(s->tmp + s->total, elem, len))
|
|
1368
|
-
return 0;
|
|
1369
|
-
s->total += 2;
|
|
1370
|
-
}
|
|
1295
|
+
if (!ipv6_hex(s->tmp + s->total, elem, len)) {
|
|
1296
|
+
return 0;
|
|
1297
|
+
}
|
|
1298
|
+
s->total += 2;
|
|
1371
1299
|
}
|
|
1372
|
-
|
|
1300
|
+
}
|
|
1301
|
+
return 1;
|
|
1373
1302
|
}
|
|
1374
1303
|
|
|
1375
|
-
|
|
1376
|
-
* Convert a string of up to 4 hex digits into the corresponding IPv6 form.
|
|
1377
|
-
*/
|
|
1304
|
+
// Convert a string of up to 4 hex digits into the corresponding IPv6 form.
|
|
1378
1305
|
|
|
1379
|
-
static int ipv6_hex(unsigned char *out, const char *in,
|
|
1380
|
-
{
|
|
1381
|
-
|
|
1382
|
-
|
|
1383
|
-
|
|
1384
|
-
|
|
1385
|
-
|
|
1386
|
-
|
|
1387
|
-
|
|
1388
|
-
if ((c >= '0') && (c <= '9'))
|
|
1389
|
-
num |= c - '0';
|
|
1390
|
-
else if ((c >= 'A') && (c <= 'F'))
|
|
1391
|
-
num |= c - 'A' + 10;
|
|
1392
|
-
else if ((c >= 'a') && (c <= 'f'))
|
|
1393
|
-
num |= c - 'a' + 10;
|
|
1394
|
-
else
|
|
1395
|
-
return 0;
|
|
1306
|
+
static int ipv6_hex(unsigned char *out, const char *in, size_t inlen) {
|
|
1307
|
+
if (inlen > 4) {
|
|
1308
|
+
return 0;
|
|
1309
|
+
}
|
|
1310
|
+
uint16_t num = 0;
|
|
1311
|
+
while (inlen--) {
|
|
1312
|
+
uint8_t val;
|
|
1313
|
+
if (!OPENSSL_fromxdigit(&val, *in++)) {
|
|
1314
|
+
return 0;
|
|
1396
1315
|
}
|
|
1397
|
-
|
|
1398
|
-
|
|
1399
|
-
|
|
1316
|
+
num = (num << 4) | val;
|
|
1317
|
+
}
|
|
1318
|
+
out[0] = num >> 8;
|
|
1319
|
+
out[1] = num & 0xff;
|
|
1320
|
+
return 1;
|
|
1400
1321
|
}
|
|
1401
1322
|
|
|
1402
|
-
int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF
|
|
1403
|
-
|
|
1404
|
-
{
|
|
1405
|
-
|
|
1323
|
+
int X509V3_NAME_from_section(X509_NAME *nm, const STACK_OF(CONF_VALUE) *dn_sk,
|
|
1324
|
+
int chtype) {
|
|
1325
|
+
if (!nm) {
|
|
1326
|
+
return 0;
|
|
1327
|
+
}
|
|
1328
|
+
|
|
1329
|
+
for (size_t i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
|
|
1330
|
+
const CONF_VALUE *v = sk_CONF_VALUE_value(dn_sk, i);
|
|
1331
|
+
const char *type = v->name;
|
|
1332
|
+
// Skip past any leading X. X: X, etc to allow for multiple instances
|
|
1333
|
+
for (const char *p = type; *p; p++) {
|
|
1334
|
+
if ((*p == ':') || (*p == ',') || (*p == '.')) {
|
|
1335
|
+
p++;
|
|
1336
|
+
if (*p) {
|
|
1337
|
+
type = p;
|
|
1338
|
+
}
|
|
1339
|
+
break;
|
|
1340
|
+
}
|
|
1341
|
+
}
|
|
1406
1342
|
int mval;
|
|
1407
|
-
|
|
1408
|
-
|
|
1409
|
-
|
|
1410
|
-
|
|
1411
|
-
|
|
1412
|
-
for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
|
|
1413
|
-
v = sk_CONF_VALUE_value(dn_sk, i);
|
|
1414
|
-
type = v->name;
|
|
1415
|
-
/*
|
|
1416
|
-
* Skip past any leading X. X: X, etc to allow for multiple instances
|
|
1417
|
-
*/
|
|
1418
|
-
for (p = type; *p; p++)
|
|
1419
|
-
if ((*p == ':') || (*p == ',') || (*p == '.')) {
|
|
1420
|
-
p++;
|
|
1421
|
-
if (*p)
|
|
1422
|
-
type = p;
|
|
1423
|
-
break;
|
|
1424
|
-
}
|
|
1425
|
-
if (*type == '+') {
|
|
1426
|
-
mval = -1;
|
|
1427
|
-
type++;
|
|
1428
|
-
} else
|
|
1429
|
-
mval = 0;
|
|
1430
|
-
if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
|
|
1431
|
-
(unsigned char *)v->value, -1, -1,
|
|
1432
|
-
mval))
|
|
1433
|
-
return 0;
|
|
1434
|
-
|
|
1343
|
+
if (*type == '+') {
|
|
1344
|
+
mval = -1;
|
|
1345
|
+
type++;
|
|
1346
|
+
} else {
|
|
1347
|
+
mval = 0;
|
|
1435
1348
|
}
|
|
1436
|
-
|
|
1349
|
+
if (!X509_NAME_add_entry_by_txt(nm, type, chtype, (unsigned char *)v->value,
|
|
1350
|
+
-1, -1, mval)) {
|
|
1351
|
+
return 0;
|
|
1352
|
+
}
|
|
1353
|
+
}
|
|
1354
|
+
return 1;
|
|
1437
1355
|
}
|