grpc 1.53.1 → 1.54.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
/* crypto/x509/x509_lu.c */
|
|
2
1
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
3
2
|
* All rights reserved.
|
|
4
3
|
*
|
|
@@ -66,765 +65,682 @@
|
|
|
66
65
|
#include "../internal.h"
|
|
67
66
|
#include "internal.h"
|
|
68
67
|
|
|
69
|
-
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
|
|
70
|
-
|
|
71
|
-
X509_LOOKUP *ret;
|
|
72
|
-
|
|
73
|
-
ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
|
|
74
|
-
if (ret == NULL)
|
|
75
|
-
return NULL;
|
|
76
|
-
|
|
77
|
-
ret->init = 0;
|
|
78
|
-
ret->skip = 0;
|
|
79
|
-
ret->method = method;
|
|
80
|
-
ret->method_data = NULL;
|
|
81
|
-
ret->store_ctx = NULL;
|
|
82
|
-
if ((method->new_item != NULL) && !method->new_item(ret)) {
|
|
83
|
-
OPENSSL_free(ret);
|
|
84
|
-
return NULL;
|
|
85
|
-
}
|
|
86
|
-
return ret;
|
|
87
|
-
}
|
|
68
|
+
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) {
|
|
69
|
+
X509_LOOKUP *ret;
|
|
88
70
|
|
|
89
|
-
|
|
90
|
-
{
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
{
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
71
|
+
ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
|
|
72
|
+
if (ret == NULL) {
|
|
73
|
+
return NULL;
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
ret->init = 0;
|
|
77
|
+
ret->skip = 0;
|
|
78
|
+
ret->method = method;
|
|
79
|
+
ret->method_data = NULL;
|
|
80
|
+
ret->store_ctx = NULL;
|
|
81
|
+
if ((method->new_item != NULL) && !method->new_item(ret)) {
|
|
82
|
+
OPENSSL_free(ret);
|
|
83
|
+
return NULL;
|
|
84
|
+
}
|
|
85
|
+
return ret;
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
void X509_LOOKUP_free(X509_LOOKUP *ctx) {
|
|
89
|
+
if (ctx == NULL) {
|
|
90
|
+
return;
|
|
91
|
+
}
|
|
92
|
+
if ((ctx->method != NULL) && (ctx->method->free != NULL)) {
|
|
93
|
+
(*ctx->method->free)(ctx);
|
|
94
|
+
}
|
|
95
|
+
OPENSSL_free(ctx);
|
|
96
|
+
}
|
|
97
|
+
|
|
98
|
+
int X509_LOOKUP_init(X509_LOOKUP *ctx) {
|
|
99
|
+
if (ctx->method == NULL) {
|
|
100
|
+
return 0;
|
|
101
|
+
}
|
|
102
|
+
if (ctx->method->init != NULL) {
|
|
103
|
+
return ctx->method->init(ctx);
|
|
104
|
+
} else {
|
|
105
|
+
return 1;
|
|
106
|
+
}
|
|
106
107
|
}
|
|
107
108
|
|
|
108
|
-
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
|
|
109
|
-
{
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
109
|
+
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) {
|
|
110
|
+
if (ctx->method == NULL) {
|
|
111
|
+
return 0;
|
|
112
|
+
}
|
|
113
|
+
if (ctx->method->shutdown != NULL) {
|
|
114
|
+
return ctx->method->shutdown(ctx);
|
|
115
|
+
} else {
|
|
116
|
+
return 1;
|
|
117
|
+
}
|
|
116
118
|
}
|
|
117
119
|
|
|
118
120
|
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
|
119
|
-
char **ret)
|
|
120
|
-
{
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
121
|
+
char **ret) {
|
|
122
|
+
if (ctx->method == NULL) {
|
|
123
|
+
return -1;
|
|
124
|
+
}
|
|
125
|
+
if (ctx->method->ctrl != NULL) {
|
|
126
|
+
return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
|
|
127
|
+
} else {
|
|
128
|
+
return 1;
|
|
129
|
+
}
|
|
127
130
|
}
|
|
128
131
|
|
|
129
132
|
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
|
130
|
-
X509_OBJECT *ret)
|
|
131
|
-
{
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
|
140
|
-
ASN1_INTEGER *serial, X509_OBJECT *ret)
|
|
141
|
-
{
|
|
142
|
-
if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL))
|
|
143
|
-
return 0;
|
|
144
|
-
return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret) > 0;
|
|
145
|
-
}
|
|
146
|
-
|
|
147
|
-
int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
|
|
148
|
-
unsigned char *bytes, int len,
|
|
149
|
-
X509_OBJECT *ret)
|
|
150
|
-
{
|
|
151
|
-
if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
|
|
152
|
-
return 0;
|
|
153
|
-
return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret) > 0;
|
|
154
|
-
}
|
|
155
|
-
|
|
156
|
-
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
|
|
157
|
-
X509_OBJECT *ret)
|
|
158
|
-
{
|
|
159
|
-
if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
|
|
160
|
-
return 0;
|
|
161
|
-
return ctx->method->get_by_alias(ctx, type, str, len, ret) > 0;
|
|
162
|
-
}
|
|
163
|
-
|
|
164
|
-
static int x509_object_cmp(const X509_OBJECT **a, const X509_OBJECT **b)
|
|
165
|
-
{
|
|
166
|
-
int ret;
|
|
167
|
-
|
|
168
|
-
ret = ((*a)->type - (*b)->type);
|
|
169
|
-
if (ret)
|
|
170
|
-
return ret;
|
|
171
|
-
switch ((*a)->type) {
|
|
172
|
-
case X509_LU_X509:
|
|
173
|
-
ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
|
|
174
|
-
break;
|
|
175
|
-
case X509_LU_CRL:
|
|
176
|
-
ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
|
|
177
|
-
break;
|
|
178
|
-
default:
|
|
179
|
-
/* abort(); */
|
|
180
|
-
return 0;
|
|
181
|
-
}
|
|
182
|
-
return ret;
|
|
133
|
+
X509_OBJECT *ret) {
|
|
134
|
+
if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) {
|
|
135
|
+
return 0;
|
|
136
|
+
}
|
|
137
|
+
if (ctx->skip) {
|
|
138
|
+
return 0;
|
|
139
|
+
}
|
|
140
|
+
return ctx->method->get_by_subject(ctx, type, name, ret) > 0;
|
|
183
141
|
}
|
|
184
142
|
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
return NULL;
|
|
191
|
-
OPENSSL_memset(ret, 0, sizeof(*ret));
|
|
192
|
-
CRYPTO_MUTEX_init(&ret->objs_lock);
|
|
193
|
-
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
|
|
194
|
-
if (ret->objs == NULL)
|
|
195
|
-
goto err;
|
|
196
|
-
ret->cache = 1;
|
|
197
|
-
ret->get_cert_methods = sk_X509_LOOKUP_new_null();
|
|
198
|
-
if (ret->get_cert_methods == NULL)
|
|
199
|
-
goto err;
|
|
200
|
-
ret->param = X509_VERIFY_PARAM_new();
|
|
201
|
-
if (ret->param == NULL)
|
|
202
|
-
goto err;
|
|
203
|
-
|
|
204
|
-
ret->references = 1;
|
|
143
|
+
static int x509_object_cmp(const X509_OBJECT **a, const X509_OBJECT **b) {
|
|
144
|
+
int ret;
|
|
145
|
+
|
|
146
|
+
ret = ((*a)->type - (*b)->type);
|
|
147
|
+
if (ret) {
|
|
205
148
|
return ret;
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
149
|
+
}
|
|
150
|
+
switch ((*a)->type) {
|
|
151
|
+
case X509_LU_X509:
|
|
152
|
+
ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
|
|
153
|
+
break;
|
|
154
|
+
case X509_LU_CRL:
|
|
155
|
+
ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
|
|
156
|
+
break;
|
|
157
|
+
default:
|
|
158
|
+
// abort();
|
|
159
|
+
return 0;
|
|
160
|
+
}
|
|
161
|
+
return ret;
|
|
218
162
|
}
|
|
219
163
|
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
CRYPTO_refcount_inc(&store->references);
|
|
223
|
-
return 1;
|
|
224
|
-
}
|
|
164
|
+
X509_STORE *X509_STORE_new(void) {
|
|
165
|
+
X509_STORE *ret;
|
|
225
166
|
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
167
|
+
if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) {
|
|
168
|
+
return NULL;
|
|
169
|
+
}
|
|
170
|
+
OPENSSL_memset(ret, 0, sizeof(*ret));
|
|
171
|
+
CRYPTO_MUTEX_init(&ret->objs_lock);
|
|
172
|
+
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
|
|
173
|
+
if (ret->objs == NULL) {
|
|
174
|
+
goto err;
|
|
175
|
+
}
|
|
176
|
+
ret->cache = 1;
|
|
177
|
+
ret->get_cert_methods = sk_X509_LOOKUP_new_null();
|
|
178
|
+
if (ret->get_cert_methods == NULL) {
|
|
179
|
+
goto err;
|
|
180
|
+
}
|
|
181
|
+
ret->param = X509_VERIFY_PARAM_new();
|
|
182
|
+
if (ret->param == NULL) {
|
|
183
|
+
goto err;
|
|
184
|
+
}
|
|
185
|
+
|
|
186
|
+
ret->references = 1;
|
|
187
|
+
return ret;
|
|
188
|
+
err:
|
|
189
|
+
if (ret) {
|
|
190
|
+
CRYPTO_MUTEX_cleanup(&ret->objs_lock);
|
|
191
|
+
if (ret->param) {
|
|
192
|
+
X509_VERIFY_PARAM_free(ret->param);
|
|
237
193
|
}
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
}
|
|
241
|
-
|
|
242
|
-
void X509_STORE_free(X509_STORE *vfy)
|
|
243
|
-
{
|
|
244
|
-
size_t j;
|
|
245
|
-
STACK_OF(X509_LOOKUP) *sk;
|
|
246
|
-
X509_LOOKUP *lu;
|
|
247
|
-
|
|
248
|
-
if (vfy == NULL)
|
|
249
|
-
return;
|
|
250
|
-
|
|
251
|
-
if (!CRYPTO_refcount_dec_and_test_zero(&vfy->references)) {
|
|
252
|
-
return;
|
|
194
|
+
if (ret->get_cert_methods) {
|
|
195
|
+
sk_X509_LOOKUP_free(ret->get_cert_methods);
|
|
253
196
|
}
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
sk = vfy->get_cert_methods;
|
|
258
|
-
for (j = 0; j < sk_X509_LOOKUP_num(sk); j++) {
|
|
259
|
-
lu = sk_X509_LOOKUP_value(sk, j);
|
|
260
|
-
X509_LOOKUP_shutdown(lu);
|
|
261
|
-
X509_LOOKUP_free(lu);
|
|
197
|
+
if (ret->objs) {
|
|
198
|
+
sk_X509_OBJECT_free(ret->objs);
|
|
262
199
|
}
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
200
|
+
OPENSSL_free(ret);
|
|
201
|
+
}
|
|
202
|
+
return NULL;
|
|
203
|
+
}
|
|
204
|
+
|
|
205
|
+
int X509_STORE_up_ref(X509_STORE *store) {
|
|
206
|
+
CRYPTO_refcount_inc(&store->references);
|
|
207
|
+
return 1;
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
static void cleanup(X509_OBJECT *a) {
|
|
211
|
+
if (a == NULL) {
|
|
212
|
+
return;
|
|
213
|
+
}
|
|
214
|
+
if (a->type == X509_LU_X509) {
|
|
215
|
+
X509_free(a->data.x509);
|
|
216
|
+
} else if (a->type == X509_LU_CRL) {
|
|
217
|
+
X509_CRL_free(a->data.crl);
|
|
218
|
+
} else {
|
|
219
|
+
// abort();
|
|
220
|
+
}
|
|
221
|
+
|
|
222
|
+
OPENSSL_free(a);
|
|
223
|
+
}
|
|
224
|
+
|
|
225
|
+
void X509_STORE_free(X509_STORE *vfy) {
|
|
226
|
+
size_t j;
|
|
227
|
+
STACK_OF(X509_LOOKUP) *sk;
|
|
228
|
+
X509_LOOKUP *lu;
|
|
229
|
+
|
|
230
|
+
if (vfy == NULL) {
|
|
231
|
+
return;
|
|
232
|
+
}
|
|
233
|
+
|
|
234
|
+
if (!CRYPTO_refcount_dec_and_test_zero(&vfy->references)) {
|
|
235
|
+
return;
|
|
236
|
+
}
|
|
237
|
+
|
|
238
|
+
CRYPTO_MUTEX_cleanup(&vfy->objs_lock);
|
|
239
|
+
|
|
240
|
+
sk = vfy->get_cert_methods;
|
|
241
|
+
for (j = 0; j < sk_X509_LOOKUP_num(sk); j++) {
|
|
242
|
+
lu = sk_X509_LOOKUP_value(sk, j);
|
|
243
|
+
X509_LOOKUP_shutdown(lu);
|
|
244
|
+
X509_LOOKUP_free(lu);
|
|
245
|
+
}
|
|
246
|
+
sk_X509_LOOKUP_free(sk);
|
|
247
|
+
sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
|
|
248
|
+
|
|
249
|
+
if (vfy->param) {
|
|
250
|
+
X509_VERIFY_PARAM_free(vfy->param);
|
|
251
|
+
}
|
|
252
|
+
OPENSSL_free(vfy);
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) {
|
|
256
|
+
size_t i;
|
|
257
|
+
STACK_OF(X509_LOOKUP) *sk;
|
|
258
|
+
X509_LOOKUP *lu;
|
|
259
|
+
|
|
260
|
+
sk = v->get_cert_methods;
|
|
261
|
+
for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
|
|
262
|
+
lu = sk_X509_LOOKUP_value(sk, i);
|
|
263
|
+
if (m == lu->method) {
|
|
264
|
+
return lu;
|
|
283
265
|
}
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
266
|
+
}
|
|
267
|
+
// a new one
|
|
268
|
+
lu = X509_LOOKUP_new(m);
|
|
269
|
+
if (lu == NULL) {
|
|
270
|
+
return NULL;
|
|
271
|
+
} else {
|
|
272
|
+
lu->store_ctx = v;
|
|
273
|
+
if (sk_X509_LOOKUP_push(v->get_cert_methods, lu)) {
|
|
274
|
+
return lu;
|
|
275
|
+
} else {
|
|
276
|
+
X509_LOOKUP_free(lu);
|
|
277
|
+
return NULL;
|
|
296
278
|
}
|
|
279
|
+
}
|
|
297
280
|
}
|
|
298
281
|
|
|
299
282
|
int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
|
|
300
|
-
X509_OBJECT *ret)
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
return 0;
|
|
283
|
+
X509_OBJECT *ret) {
|
|
284
|
+
X509_STORE *ctx = vs->ctx;
|
|
285
|
+
X509_LOOKUP *lu;
|
|
286
|
+
X509_OBJECT stmp, *tmp;
|
|
287
|
+
int i;
|
|
288
|
+
|
|
289
|
+
CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
|
|
290
|
+
tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
|
|
291
|
+
CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
|
|
292
|
+
|
|
293
|
+
if (tmp == NULL || type == X509_LU_CRL) {
|
|
294
|
+
for (i = 0; i < (int)sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
|
|
295
|
+
lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
|
|
296
|
+
if (X509_LOOKUP_by_subject(lu, type, name, &stmp)) {
|
|
297
|
+
tmp = &stmp;
|
|
298
|
+
break;
|
|
299
|
+
}
|
|
300
|
+
}
|
|
301
|
+
if (tmp == NULL) {
|
|
302
|
+
return 0;
|
|
321
303
|
}
|
|
304
|
+
}
|
|
322
305
|
|
|
323
|
-
|
|
324
|
-
* if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret);
|
|
325
|
-
*/
|
|
306
|
+
// if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret);
|
|
326
307
|
|
|
327
|
-
|
|
328
|
-
|
|
308
|
+
ret->type = tmp->type;
|
|
309
|
+
ret->data.ptr = tmp->data.ptr;
|
|
329
310
|
|
|
330
|
-
|
|
311
|
+
X509_OBJECT_up_ref_count(ret);
|
|
331
312
|
|
|
332
|
-
|
|
313
|
+
return 1;
|
|
333
314
|
}
|
|
334
315
|
|
|
335
|
-
int
|
|
336
|
-
{
|
|
337
|
-
|
|
338
|
-
|
|
316
|
+
static int x509_store_add(X509_STORE *ctx, void *x, int is_crl) {
|
|
317
|
+
if (x == NULL) {
|
|
318
|
+
return 0;
|
|
319
|
+
}
|
|
339
320
|
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
321
|
+
X509_OBJECT *const obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
|
|
322
|
+
if (obj == NULL) {
|
|
323
|
+
return 0;
|
|
324
|
+
}
|
|
325
|
+
|
|
326
|
+
if (is_crl) {
|
|
327
|
+
obj->type = X509_LU_CRL;
|
|
328
|
+
obj->data.crl = (X509_CRL *)x;
|
|
329
|
+
} else {
|
|
347
330
|
obj->type = X509_LU_X509;
|
|
348
|
-
obj->data.x509 = x;
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
X509_OBJECT_up_ref_count(obj);
|
|
353
|
-
|
|
354
|
-
if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
|
|
355
|
-
X509_OBJECT_free_contents(obj);
|
|
356
|
-
OPENSSL_free(obj);
|
|
357
|
-
OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE);
|
|
358
|
-
ret = 0;
|
|
359
|
-
} else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
|
|
360
|
-
X509_OBJECT_free_contents(obj);
|
|
361
|
-
OPENSSL_free(obj);
|
|
362
|
-
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
|
|
363
|
-
ret = 0;
|
|
364
|
-
}
|
|
331
|
+
obj->data.x509 = (X509 *)x;
|
|
332
|
+
}
|
|
333
|
+
X509_OBJECT_up_ref_count(obj);
|
|
365
334
|
|
|
366
|
-
|
|
335
|
+
CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
|
|
367
336
|
|
|
368
|
-
|
|
369
|
-
|
|
337
|
+
int ret = 1;
|
|
338
|
+
int added = 0;
|
|
339
|
+
// Duplicates are silently ignored
|
|
340
|
+
if (!X509_OBJECT_retrieve_match(ctx->objs, obj)) {
|
|
341
|
+
ret = added = (sk_X509_OBJECT_push(ctx->objs, obj) != 0);
|
|
342
|
+
}
|
|
370
343
|
|
|
371
|
-
|
|
372
|
-
{
|
|
373
|
-
X509_OBJECT *obj;
|
|
374
|
-
int ret = 1;
|
|
344
|
+
CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
|
|
375
345
|
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
obj
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
obj->type = X509_LU_CRL;
|
|
384
|
-
obj->data.crl = x;
|
|
385
|
-
|
|
386
|
-
CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
|
|
387
|
-
|
|
388
|
-
X509_OBJECT_up_ref_count(obj);
|
|
389
|
-
|
|
390
|
-
if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
|
|
391
|
-
X509_OBJECT_free_contents(obj);
|
|
392
|
-
OPENSSL_free(obj);
|
|
393
|
-
OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE);
|
|
394
|
-
ret = 0;
|
|
395
|
-
} else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
|
|
396
|
-
X509_OBJECT_free_contents(obj);
|
|
397
|
-
OPENSSL_free(obj);
|
|
398
|
-
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
|
|
399
|
-
ret = 0;
|
|
400
|
-
}
|
|
346
|
+
if (!added) {
|
|
347
|
+
X509_OBJECT_free_contents(obj);
|
|
348
|
+
OPENSSL_free(obj);
|
|
349
|
+
}
|
|
350
|
+
|
|
351
|
+
return ret;
|
|
352
|
+
}
|
|
401
353
|
|
|
402
|
-
|
|
354
|
+
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) {
|
|
355
|
+
return x509_store_add(ctx, x, /*is_crl=*/0);
|
|
356
|
+
}
|
|
403
357
|
|
|
404
|
-
|
|
358
|
+
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) {
|
|
359
|
+
return x509_store_add(ctx, x, /*is_crl=*/1);
|
|
405
360
|
}
|
|
406
361
|
|
|
407
|
-
int X509_OBJECT_up_ref_count(X509_OBJECT *a)
|
|
408
|
-
{
|
|
409
|
-
switch (a->type) {
|
|
362
|
+
int X509_OBJECT_up_ref_count(X509_OBJECT *a) {
|
|
363
|
+
switch (a->type) {
|
|
410
364
|
case X509_LU_X509:
|
|
411
|
-
|
|
412
|
-
|
|
365
|
+
X509_up_ref(a->data.x509);
|
|
366
|
+
break;
|
|
413
367
|
case X509_LU_CRL:
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
368
|
+
X509_CRL_up_ref(a->data.crl);
|
|
369
|
+
break;
|
|
370
|
+
}
|
|
371
|
+
return 1;
|
|
418
372
|
}
|
|
419
373
|
|
|
420
|
-
void X509_OBJECT_free_contents(X509_OBJECT *a)
|
|
421
|
-
{
|
|
422
|
-
switch (a->type) {
|
|
374
|
+
void X509_OBJECT_free_contents(X509_OBJECT *a) {
|
|
375
|
+
switch (a->type) {
|
|
423
376
|
case X509_LU_X509:
|
|
424
|
-
|
|
425
|
-
|
|
377
|
+
X509_free(a->data.x509);
|
|
378
|
+
break;
|
|
426
379
|
case X509_LU_CRL:
|
|
427
|
-
|
|
428
|
-
|
|
429
|
-
|
|
380
|
+
X509_CRL_free(a->data.crl);
|
|
381
|
+
break;
|
|
382
|
+
}
|
|
430
383
|
}
|
|
431
384
|
|
|
432
|
-
int X509_OBJECT_get_type(const X509_OBJECT *a)
|
|
433
|
-
{
|
|
434
|
-
return a->type;
|
|
435
|
-
}
|
|
385
|
+
int X509_OBJECT_get_type(const X509_OBJECT *a) { return a->type; }
|
|
436
386
|
|
|
437
|
-
X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
|
|
438
|
-
{
|
|
439
|
-
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
return a->data.x509;
|
|
387
|
+
X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a) {
|
|
388
|
+
if (a == NULL || a->type != X509_LU_X509) {
|
|
389
|
+
return NULL;
|
|
390
|
+
}
|
|
391
|
+
return a->data.x509;
|
|
443
392
|
}
|
|
444
393
|
|
|
445
394
|
static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
|
|
446
|
-
X509_NAME *name, int *pnmatch)
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
switch (type) {
|
|
395
|
+
X509_NAME *name, int *pnmatch) {
|
|
396
|
+
X509_OBJECT stmp;
|
|
397
|
+
X509 x509_s;
|
|
398
|
+
X509_CINF cinf_s;
|
|
399
|
+
X509_CRL crl_s;
|
|
400
|
+
X509_CRL_INFO crl_info_s;
|
|
401
|
+
|
|
402
|
+
stmp.type = type;
|
|
403
|
+
switch (type) {
|
|
456
404
|
case X509_LU_X509:
|
|
457
|
-
|
|
458
|
-
|
|
459
|
-
|
|
460
|
-
|
|
405
|
+
stmp.data.x509 = &x509_s;
|
|
406
|
+
x509_s.cert_info = &cinf_s;
|
|
407
|
+
cinf_s.subject = name;
|
|
408
|
+
break;
|
|
461
409
|
case X509_LU_CRL:
|
|
462
|
-
|
|
463
|
-
|
|
464
|
-
|
|
465
|
-
|
|
410
|
+
stmp.data.crl = &crl_s;
|
|
411
|
+
crl_s.crl = &crl_info_s;
|
|
412
|
+
crl_info_s.issuer = name;
|
|
413
|
+
break;
|
|
466
414
|
default:
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
475
|
-
|
|
476
|
-
|
|
477
|
-
|
|
478
|
-
|
|
479
|
-
|
|
480
|
-
|
|
481
|
-
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
|
|
486
|
-
|
|
415
|
+
// abort();
|
|
416
|
+
return -1;
|
|
417
|
+
}
|
|
418
|
+
|
|
419
|
+
size_t idx;
|
|
420
|
+
sk_X509_OBJECT_sort(h);
|
|
421
|
+
if (!sk_X509_OBJECT_find(h, &idx, &stmp)) {
|
|
422
|
+
return -1;
|
|
423
|
+
}
|
|
424
|
+
|
|
425
|
+
if (pnmatch != NULL) {
|
|
426
|
+
int tidx;
|
|
427
|
+
const X509_OBJECT *tobj, *pstmp;
|
|
428
|
+
*pnmatch = 1;
|
|
429
|
+
pstmp = &stmp;
|
|
430
|
+
for (tidx = idx + 1; tidx < (int)sk_X509_OBJECT_num(h); tidx++) {
|
|
431
|
+
tobj = sk_X509_OBJECT_value(h, tidx);
|
|
432
|
+
if (x509_object_cmp(&tobj, &pstmp)) {
|
|
433
|
+
break;
|
|
434
|
+
}
|
|
435
|
+
(*pnmatch)++;
|
|
487
436
|
}
|
|
437
|
+
}
|
|
488
438
|
|
|
489
|
-
|
|
439
|
+
return idx;
|
|
490
440
|
}
|
|
491
441
|
|
|
492
442
|
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
|
|
493
|
-
X509_NAME *name)
|
|
494
|
-
|
|
495
|
-
return x509_object_idx_cnt(h, type, name, NULL);
|
|
496
|
-
}
|
|
497
|
-
|
|
498
|
-
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
|
|
499
|
-
int type, X509_NAME *name)
|
|
500
|
-
{
|
|
501
|
-
int idx;
|
|
502
|
-
idx = X509_OBJECT_idx_by_subject(h, type, name);
|
|
503
|
-
if (idx == -1)
|
|
504
|
-
return NULL;
|
|
505
|
-
return sk_X509_OBJECT_value(h, idx);
|
|
443
|
+
X509_NAME *name) {
|
|
444
|
+
return x509_object_idx_cnt(h, type, name, NULL);
|
|
506
445
|
}
|
|
507
446
|
|
|
508
|
-
STACK_OF(X509_OBJECT) *
|
|
509
|
-
{
|
|
510
|
-
|
|
447
|
+
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
|
|
448
|
+
X509_NAME *name) {
|
|
449
|
+
int idx;
|
|
450
|
+
idx = X509_OBJECT_idx_by_subject(h, type, name);
|
|
451
|
+
if (idx == -1) {
|
|
452
|
+
return NULL;
|
|
453
|
+
}
|
|
454
|
+
return sk_X509_OBJECT_value(h, idx);
|
|
511
455
|
}
|
|
512
456
|
|
|
513
|
-
STACK_OF
|
|
514
|
-
|
|
515
|
-
int i, idx, cnt;
|
|
516
|
-
STACK_OF(X509) *sk;
|
|
517
|
-
X509 *x;
|
|
518
|
-
X509_OBJECT *obj;
|
|
519
|
-
sk = sk_X509_new_null();
|
|
520
|
-
if (sk == NULL)
|
|
521
|
-
return NULL;
|
|
522
|
-
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
523
|
-
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
|
|
524
|
-
if (idx < 0) {
|
|
525
|
-
/*
|
|
526
|
-
* Nothing found in cache: do lookup to possibly add new objects to
|
|
527
|
-
* cache
|
|
528
|
-
*/
|
|
529
|
-
X509_OBJECT xobj;
|
|
530
|
-
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
531
|
-
if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
|
|
532
|
-
sk_X509_free(sk);
|
|
533
|
-
return NULL;
|
|
534
|
-
}
|
|
535
|
-
X509_OBJECT_free_contents(&xobj);
|
|
536
|
-
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
537
|
-
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
|
|
538
|
-
if (idx < 0) {
|
|
539
|
-
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
540
|
-
sk_X509_free(sk);
|
|
541
|
-
return NULL;
|
|
542
|
-
}
|
|
543
|
-
}
|
|
544
|
-
for (i = 0; i < cnt; i++, idx++) {
|
|
545
|
-
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
|
|
546
|
-
x = obj->data.x509;
|
|
547
|
-
if (!sk_X509_push(sk, x)) {
|
|
548
|
-
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
549
|
-
sk_X509_pop_free(sk, X509_free);
|
|
550
|
-
return NULL;
|
|
551
|
-
}
|
|
552
|
-
X509_up_ref(x);
|
|
553
|
-
}
|
|
554
|
-
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
555
|
-
return sk;
|
|
556
|
-
|
|
457
|
+
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st) {
|
|
458
|
+
return st->objs;
|
|
557
459
|
}
|
|
558
460
|
|
|
559
|
-
STACK_OF
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
|
|
565
|
-
|
|
566
|
-
|
|
567
|
-
|
|
568
|
-
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
572
|
-
|
|
461
|
+
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) {
|
|
462
|
+
int i, idx, cnt;
|
|
463
|
+
STACK_OF(X509) *sk;
|
|
464
|
+
X509 *x;
|
|
465
|
+
X509_OBJECT *obj;
|
|
466
|
+
sk = sk_X509_new_null();
|
|
467
|
+
if (sk == NULL) {
|
|
468
|
+
return NULL;
|
|
469
|
+
}
|
|
470
|
+
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
471
|
+
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
|
|
472
|
+
if (idx < 0) {
|
|
473
|
+
// Nothing found in cache: do lookup to possibly add new objects to
|
|
474
|
+
// cache
|
|
475
|
+
X509_OBJECT xobj;
|
|
476
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
477
|
+
if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
|
|
478
|
+
sk_X509_free(sk);
|
|
479
|
+
return NULL;
|
|
573
480
|
}
|
|
574
481
|
X509_OBJECT_free_contents(&xobj);
|
|
575
482
|
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
576
|
-
idx = x509_object_idx_cnt(ctx->ctx->objs,
|
|
483
|
+
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
|
|
577
484
|
if (idx < 0) {
|
|
578
|
-
|
|
579
|
-
|
|
580
|
-
|
|
485
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
486
|
+
sk_X509_free(sk);
|
|
487
|
+
return NULL;
|
|
581
488
|
}
|
|
582
|
-
|
|
583
|
-
|
|
584
|
-
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
sk_X509_CRL_pop_free(sk, X509_CRL_free);
|
|
591
|
-
return NULL;
|
|
592
|
-
}
|
|
489
|
+
}
|
|
490
|
+
for (i = 0; i < cnt; i++, idx++) {
|
|
491
|
+
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
|
|
492
|
+
x = obj->data.x509;
|
|
493
|
+
if (!sk_X509_push(sk, x)) {
|
|
494
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
495
|
+
sk_X509_pop_free(sk, X509_free);
|
|
496
|
+
return NULL;
|
|
593
497
|
}
|
|
498
|
+
X509_up_ref(x);
|
|
499
|
+
}
|
|
500
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
501
|
+
return sk;
|
|
502
|
+
}
|
|
503
|
+
|
|
504
|
+
STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) {
|
|
505
|
+
int i, idx, cnt;
|
|
506
|
+
STACK_OF(X509_CRL) *sk;
|
|
507
|
+
X509_CRL *x;
|
|
508
|
+
X509_OBJECT *obj, xobj;
|
|
509
|
+
sk = sk_X509_CRL_new_null();
|
|
510
|
+
if (sk == NULL) {
|
|
511
|
+
return NULL;
|
|
512
|
+
}
|
|
513
|
+
|
|
514
|
+
// Always do lookup to possibly add new CRLs to cache.
|
|
515
|
+
if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
|
|
516
|
+
sk_X509_CRL_free(sk);
|
|
517
|
+
return NULL;
|
|
518
|
+
}
|
|
519
|
+
X509_OBJECT_free_contents(&xobj);
|
|
520
|
+
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
521
|
+
idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
|
|
522
|
+
if (idx < 0) {
|
|
594
523
|
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
595
|
-
|
|
524
|
+
sk_X509_CRL_free(sk);
|
|
525
|
+
return NULL;
|
|
526
|
+
}
|
|
527
|
+
|
|
528
|
+
for (i = 0; i < cnt; i++, idx++) {
|
|
529
|
+
obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
|
|
530
|
+
x = obj->data.crl;
|
|
531
|
+
X509_CRL_up_ref(x);
|
|
532
|
+
if (!sk_X509_CRL_push(sk, x)) {
|
|
533
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
534
|
+
X509_CRL_free(x);
|
|
535
|
+
sk_X509_CRL_pop_free(sk, X509_CRL_free);
|
|
536
|
+
return NULL;
|
|
537
|
+
}
|
|
538
|
+
}
|
|
539
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
540
|
+
return sk;
|
|
596
541
|
}
|
|
597
542
|
|
|
598
543
|
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
|
|
599
|
-
X509_OBJECT *x)
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
X509_OBJECT *obj;
|
|
603
|
-
|
|
604
|
-
sk_X509_OBJECT_sort(h);
|
|
605
|
-
if (!sk_X509_OBJECT_find(h, &idx, x)) {
|
|
606
|
-
return NULL;
|
|
607
|
-
}
|
|
608
|
-
if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
|
|
609
|
-
return sk_X509_OBJECT_value(h, idx);
|
|
610
|
-
for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
|
|
611
|
-
obj = sk_X509_OBJECT_value(h, i);
|
|
612
|
-
if (x509_object_cmp
|
|
613
|
-
((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
|
|
614
|
-
return NULL;
|
|
615
|
-
if (x->type == X509_LU_X509) {
|
|
616
|
-
if (!X509_cmp(obj->data.x509, x->data.x509))
|
|
617
|
-
return obj;
|
|
618
|
-
} else if (x->type == X509_LU_CRL) {
|
|
619
|
-
if (!X509_CRL_match(obj->data.crl, x->data.crl))
|
|
620
|
-
return obj;
|
|
621
|
-
} else
|
|
622
|
-
return obj;
|
|
623
|
-
}
|
|
624
|
-
return NULL;
|
|
625
|
-
}
|
|
544
|
+
X509_OBJECT *x) {
|
|
545
|
+
size_t idx, i;
|
|
546
|
+
X509_OBJECT *obj;
|
|
626
547
|
|
|
627
|
-
|
|
628
|
-
|
|
629
|
-
|
|
630
|
-
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
|
|
635
|
-
|
|
636
|
-
|
|
637
|
-
|
|
638
|
-
int idx, ret;
|
|
639
|
-
size_t i;
|
|
640
|
-
xn = X509_get_issuer_name(x);
|
|
641
|
-
if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj))
|
|
642
|
-
return 0;
|
|
643
|
-
/* If certificate matches all OK */
|
|
644
|
-
if (ctx->check_issued(ctx, x, obj.data.x509)) {
|
|
645
|
-
*issuer = obj.data.x509;
|
|
646
|
-
return 1;
|
|
548
|
+
sk_X509_OBJECT_sort(h);
|
|
549
|
+
if (!sk_X509_OBJECT_find(h, &idx, x)) {
|
|
550
|
+
return NULL;
|
|
551
|
+
}
|
|
552
|
+
if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL)) {
|
|
553
|
+
return sk_X509_OBJECT_value(h, idx);
|
|
554
|
+
}
|
|
555
|
+
for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
|
|
556
|
+
obj = sk_X509_OBJECT_value(h, i);
|
|
557
|
+
if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x)) {
|
|
558
|
+
return NULL;
|
|
647
559
|
}
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
|
|
658
|
-
pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
|
|
659
|
-
/* See if we've run past the matches */
|
|
660
|
-
if (pobj->type != X509_LU_X509)
|
|
661
|
-
break;
|
|
662
|
-
if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509)))
|
|
663
|
-
break;
|
|
664
|
-
if (ctx->check_issued(ctx, x, pobj->data.x509)) {
|
|
665
|
-
*issuer = pobj->data.x509;
|
|
666
|
-
X509_OBJECT_up_ref_count(pobj);
|
|
667
|
-
ret = 1;
|
|
668
|
-
break;
|
|
669
|
-
}
|
|
670
|
-
}
|
|
560
|
+
if (x->type == X509_LU_X509) {
|
|
561
|
+
if (!X509_cmp(obj->data.x509, x->data.x509)) {
|
|
562
|
+
return obj;
|
|
563
|
+
}
|
|
564
|
+
} else if (x->type == X509_LU_CRL) {
|
|
565
|
+
if (!X509_CRL_match(obj->data.crl, x->data.crl)) {
|
|
566
|
+
return obj;
|
|
567
|
+
}
|
|
568
|
+
} else {
|
|
569
|
+
return obj;
|
|
671
570
|
}
|
|
672
|
-
|
|
673
|
-
|
|
571
|
+
}
|
|
572
|
+
return NULL;
|
|
573
|
+
}
|
|
574
|
+
|
|
575
|
+
// Try to get issuer certificate from store. Due to limitations of the API
|
|
576
|
+
// this can only retrieve a single certificate matching a given subject name.
|
|
577
|
+
// However it will fill the cache with all matching certificates, so we can
|
|
578
|
+
// examine the cache for all matches. Return values are: 1 lookup
|
|
579
|
+
// successful. 0 certificate not found. -1 some other error.
|
|
580
|
+
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) {
|
|
581
|
+
X509_NAME *xn;
|
|
582
|
+
X509_OBJECT obj, *pobj;
|
|
583
|
+
int idx, ret;
|
|
584
|
+
size_t i;
|
|
585
|
+
xn = X509_get_issuer_name(x);
|
|
586
|
+
if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj)) {
|
|
587
|
+
return 0;
|
|
588
|
+
}
|
|
589
|
+
// If certificate matches all OK
|
|
590
|
+
if (ctx->check_issued(ctx, x, obj.data.x509)) {
|
|
591
|
+
*issuer = obj.data.x509;
|
|
592
|
+
return 1;
|
|
593
|
+
}
|
|
594
|
+
X509_OBJECT_free_contents(&obj);
|
|
595
|
+
|
|
596
|
+
// Else find index of first cert accepted by 'check_issued'
|
|
597
|
+
ret = 0;
|
|
598
|
+
CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
|
|
599
|
+
idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
|
|
600
|
+
if (idx != -1) { // should be true as we've had at least one
|
|
601
|
+
// match
|
|
602
|
+
// Look through all matching certs for suitable issuer
|
|
603
|
+
for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
|
|
604
|
+
pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
|
|
605
|
+
// See if we've run past the matches
|
|
606
|
+
if (pobj->type != X509_LU_X509) {
|
|
607
|
+
break;
|
|
608
|
+
}
|
|
609
|
+
if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) {
|
|
610
|
+
break;
|
|
611
|
+
}
|
|
612
|
+
if (ctx->check_issued(ctx, x, pobj->data.x509)) {
|
|
613
|
+
*issuer = pobj->data.x509;
|
|
614
|
+
X509_OBJECT_up_ref_count(pobj);
|
|
615
|
+
ret = 1;
|
|
616
|
+
break;
|
|
617
|
+
}
|
|
618
|
+
}
|
|
619
|
+
}
|
|
620
|
+
CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
|
|
621
|
+
return ret;
|
|
674
622
|
}
|
|
675
623
|
|
|
676
|
-
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
|
|
677
|
-
|
|
678
|
-
return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
|
|
624
|
+
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) {
|
|
625
|
+
return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
|
|
679
626
|
}
|
|
680
627
|
|
|
681
|
-
int X509_STORE_set_depth(X509_STORE *ctx, int depth)
|
|
682
|
-
|
|
683
|
-
|
|
684
|
-
return 1;
|
|
628
|
+
int X509_STORE_set_depth(X509_STORE *ctx, int depth) {
|
|
629
|
+
X509_VERIFY_PARAM_set_depth(ctx->param, depth);
|
|
630
|
+
return 1;
|
|
685
631
|
}
|
|
686
632
|
|
|
687
|
-
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
|
|
688
|
-
|
|
689
|
-
return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
|
|
633
|
+
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) {
|
|
634
|
+
return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
|
|
690
635
|
}
|
|
691
636
|
|
|
692
|
-
int X509_STORE_set_trust(X509_STORE *ctx, int trust)
|
|
693
|
-
|
|
694
|
-
return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
|
|
637
|
+
int X509_STORE_set_trust(X509_STORE *ctx, int trust) {
|
|
638
|
+
return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
|
|
695
639
|
}
|
|
696
640
|
|
|
697
|
-
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
|
|
698
|
-
|
|
699
|
-
return X509_VERIFY_PARAM_set1(ctx->param, param);
|
|
641
|
+
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) {
|
|
642
|
+
return X509_VERIFY_PARAM_set1(ctx->param, param);
|
|
700
643
|
}
|
|
701
644
|
|
|
702
|
-
X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx)
|
|
703
|
-
{
|
|
704
|
-
return ctx->param;
|
|
705
|
-
}
|
|
645
|
+
X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx) { return ctx->param; }
|
|
706
646
|
|
|
707
|
-
void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify)
|
|
708
|
-
|
|
709
|
-
ctx->verify = verify;
|
|
647
|
+
void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify) {
|
|
648
|
+
ctx->verify = verify;
|
|
710
649
|
}
|
|
711
650
|
|
|
712
|
-
X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx)
|
|
713
|
-
|
|
714
|
-
return ctx->verify;
|
|
651
|
+
X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx) {
|
|
652
|
+
return ctx->verify;
|
|
715
653
|
}
|
|
716
654
|
|
|
717
655
|
void X509_STORE_set_verify_cb(X509_STORE *ctx,
|
|
718
|
-
X509_STORE_CTX_verify_cb verify_cb)
|
|
719
|
-
|
|
720
|
-
ctx->verify_cb = verify_cb;
|
|
656
|
+
X509_STORE_CTX_verify_cb verify_cb) {
|
|
657
|
+
ctx->verify_cb = verify_cb;
|
|
721
658
|
}
|
|
722
659
|
|
|
723
|
-
X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *ctx)
|
|
724
|
-
|
|
725
|
-
return ctx->verify_cb;
|
|
660
|
+
X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *ctx) {
|
|
661
|
+
return ctx->verify_cb;
|
|
726
662
|
}
|
|
727
663
|
|
|
728
664
|
void X509_STORE_set_get_issuer(X509_STORE *ctx,
|
|
729
|
-
X509_STORE_CTX_get_issuer_fn get_issuer)
|
|
730
|
-
|
|
731
|
-
ctx->get_issuer = get_issuer;
|
|
665
|
+
X509_STORE_CTX_get_issuer_fn get_issuer) {
|
|
666
|
+
ctx->get_issuer = get_issuer;
|
|
732
667
|
}
|
|
733
668
|
|
|
734
|
-
X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *ctx)
|
|
735
|
-
|
|
736
|
-
return ctx->get_issuer;
|
|
669
|
+
X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *ctx) {
|
|
670
|
+
return ctx->get_issuer;
|
|
737
671
|
}
|
|
738
672
|
|
|
739
673
|
void X509_STORE_set_check_issued(X509_STORE *ctx,
|
|
740
|
-
X509_STORE_CTX_check_issued_fn check_issued)
|
|
741
|
-
|
|
742
|
-
ctx->check_issued = check_issued;
|
|
674
|
+
X509_STORE_CTX_check_issued_fn check_issued) {
|
|
675
|
+
ctx->check_issued = check_issued;
|
|
743
676
|
}
|
|
744
677
|
|
|
745
|
-
X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *ctx)
|
|
746
|
-
|
|
747
|
-
return ctx->check_issued;
|
|
678
|
+
X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *ctx) {
|
|
679
|
+
return ctx->check_issued;
|
|
748
680
|
}
|
|
749
681
|
|
|
750
|
-
void X509_STORE_set_check_revocation(
|
|
751
|
-
|
|
752
|
-
|
|
753
|
-
ctx->check_revocation = check_revocation;
|
|
682
|
+
void X509_STORE_set_check_revocation(
|
|
683
|
+
X509_STORE *ctx, X509_STORE_CTX_check_revocation_fn check_revocation) {
|
|
684
|
+
ctx->check_revocation = check_revocation;
|
|
754
685
|
}
|
|
755
686
|
|
|
756
|
-
X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(
|
|
757
|
-
{
|
|
758
|
-
|
|
687
|
+
X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(
|
|
688
|
+
X509_STORE *ctx) {
|
|
689
|
+
return ctx->check_revocation;
|
|
759
690
|
}
|
|
760
691
|
|
|
761
692
|
void X509_STORE_set_get_crl(X509_STORE *ctx,
|
|
762
|
-
X509_STORE_CTX_get_crl_fn get_crl)
|
|
763
|
-
|
|
764
|
-
ctx->get_crl = get_crl;
|
|
693
|
+
X509_STORE_CTX_get_crl_fn get_crl) {
|
|
694
|
+
ctx->get_crl = get_crl;
|
|
765
695
|
}
|
|
766
696
|
|
|
767
|
-
X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE *ctx)
|
|
768
|
-
|
|
769
|
-
return ctx->get_crl;
|
|
697
|
+
X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE *ctx) {
|
|
698
|
+
return ctx->get_crl;
|
|
770
699
|
}
|
|
771
700
|
|
|
772
701
|
void X509_STORE_set_check_crl(X509_STORE *ctx,
|
|
773
|
-
X509_STORE_CTX_check_crl_fn check_crl)
|
|
774
|
-
|
|
775
|
-
ctx->check_crl = check_crl;
|
|
702
|
+
X509_STORE_CTX_check_crl_fn check_crl) {
|
|
703
|
+
ctx->check_crl = check_crl;
|
|
776
704
|
}
|
|
777
705
|
|
|
778
|
-
X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx)
|
|
779
|
-
|
|
780
|
-
return ctx->check_crl;
|
|
706
|
+
X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx) {
|
|
707
|
+
return ctx->check_crl;
|
|
781
708
|
}
|
|
782
709
|
|
|
783
710
|
void X509_STORE_set_cert_crl(X509_STORE *ctx,
|
|
784
|
-
X509_STORE_CTX_cert_crl_fn cert_crl)
|
|
785
|
-
|
|
786
|
-
ctx->cert_crl = cert_crl;
|
|
711
|
+
X509_STORE_CTX_cert_crl_fn cert_crl) {
|
|
712
|
+
ctx->cert_crl = cert_crl;
|
|
787
713
|
}
|
|
788
714
|
|
|
789
|
-
X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx)
|
|
790
|
-
|
|
791
|
-
return ctx->cert_crl;
|
|
715
|
+
X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx) {
|
|
716
|
+
return ctx->cert_crl;
|
|
792
717
|
}
|
|
793
718
|
|
|
794
719
|
void X509_STORE_set_lookup_certs(X509_STORE *ctx,
|
|
795
|
-
X509_STORE_CTX_lookup_certs_fn lookup_certs)
|
|
796
|
-
|
|
797
|
-
ctx->lookup_certs = lookup_certs;
|
|
720
|
+
X509_STORE_CTX_lookup_certs_fn lookup_certs) {
|
|
721
|
+
ctx->lookup_certs = lookup_certs;
|
|
798
722
|
}
|
|
799
723
|
|
|
800
|
-
X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx)
|
|
801
|
-
|
|
802
|
-
return ctx->lookup_certs;
|
|
724
|
+
X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx) {
|
|
725
|
+
return ctx->lookup_certs;
|
|
803
726
|
}
|
|
804
727
|
|
|
805
728
|
void X509_STORE_set_lookup_crls(X509_STORE *ctx,
|
|
806
|
-
X509_STORE_CTX_lookup_crls_fn lookup_crls)
|
|
807
|
-
|
|
808
|
-
ctx->lookup_crls = lookup_crls;
|
|
729
|
+
X509_STORE_CTX_lookup_crls_fn lookup_crls) {
|
|
730
|
+
ctx->lookup_crls = lookup_crls;
|
|
809
731
|
}
|
|
810
732
|
|
|
811
|
-
X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE *ctx)
|
|
812
|
-
|
|
813
|
-
return ctx->lookup_crls;
|
|
733
|
+
X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE *ctx) {
|
|
734
|
+
return ctx->lookup_crls;
|
|
814
735
|
}
|
|
815
736
|
|
|
816
737
|
void X509_STORE_set_cleanup(X509_STORE *ctx,
|
|
817
|
-
X509_STORE_CTX_cleanup_fn ctx_cleanup)
|
|
818
|
-
|
|
819
|
-
ctx->cleanup = ctx_cleanup;
|
|
738
|
+
X509_STORE_CTX_cleanup_fn ctx_cleanup) {
|
|
739
|
+
ctx->cleanup = ctx_cleanup;
|
|
820
740
|
}
|
|
821
741
|
|
|
822
|
-
X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE *ctx)
|
|
823
|
-
|
|
824
|
-
return ctx->cleanup;
|
|
742
|
+
X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE *ctx) {
|
|
743
|
+
return ctx->cleanup;
|
|
825
744
|
}
|
|
826
745
|
|
|
827
|
-
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
|
|
828
|
-
{
|
|
829
|
-
return ctx->ctx;
|
|
830
|
-
}
|
|
746
|
+
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx) { return ctx->ctx; }
|