grpc 1.53.1 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (689) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -3
  137. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  138. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  139. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  140. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  141. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  142. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  143. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  144. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  145. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  146. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  147. data/src/core/lib/experiments/config.cc +3 -10
  148. data/src/core/lib/experiments/experiments.cc +7 -0
  149. data/src/core/lib/experiments/experiments.h +9 -1
  150. data/src/core/lib/gpr/log.cc +15 -28
  151. data/src/core/lib/gprpp/fork.cc +8 -14
  152. data/src/core/lib/gprpp/orphanable.h +4 -3
  153. data/src/core/lib/gprpp/per_cpu.h +9 -3
  154. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  155. data/src/core/lib/gprpp/ref_counted.h +33 -34
  156. data/src/core/lib/gprpp/thd.h +16 -0
  157. data/src/core/lib/gprpp/time.cc +1 -0
  158. data/src/core/lib/gprpp/time.h +4 -4
  159. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  160. data/src/core/lib/iomgr/call_combiner.h +2 -2
  161. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  162. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  163. data/src/core/lib/iomgr/ev_posix.h +0 -3
  164. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  165. data/src/core/lib/iomgr/iomgr.cc +4 -8
  166. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  167. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  168. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  169. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  170. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  171. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  172. data/src/core/lib/iomgr/tcp_server_posix.cc +5 -16
  173. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  174. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  175. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  176. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  177. data/src/core/lib/promise/activity.cc +22 -6
  178. data/src/core/lib/promise/activity.h +61 -24
  179. data/src/core/lib/promise/cancel_callback.h +77 -0
  180. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  181. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  182. data/src/core/lib/promise/for_each.h +176 -0
  183. data/src/core/lib/promise/if.h +9 -0
  184. data/src/core/lib/promise/interceptor_list.h +23 -2
  185. data/src/core/lib/promise/latch.h +89 -3
  186. data/src/core/lib/promise/loop.h +13 -9
  187. data/src/core/lib/promise/map.h +7 -0
  188. data/src/core/lib/promise/party.cc +286 -0
  189. data/src/core/lib/promise/party.h +499 -0
  190. data/src/core/lib/promise/pipe.h +197 -57
  191. data/src/core/lib/promise/poll.h +48 -0
  192. data/src/core/lib/promise/promise.h +2 -2
  193. data/src/core/lib/resource_quota/arena.cc +19 -3
  194. data/src/core/lib/resource_quota/arena.h +119 -5
  195. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  196. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  197. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  198. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  199. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  200. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  201. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  202. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  203. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  204. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  205. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  206. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  207. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  208. data/src/core/lib/slice/slice.cc +1 -1
  209. data/src/core/lib/surface/builtins.cc +2 -0
  210. data/src/core/lib/surface/call.cc +926 -1024
  211. data/src/core/lib/surface/call.h +10 -0
  212. data/src/core/lib/surface/lame_client.cc +1 -0
  213. data/src/core/lib/surface/validate_metadata.cc +42 -43
  214. data/src/core/lib/surface/validate_metadata.h +0 -9
  215. data/src/core/lib/surface/version.cc +2 -2
  216. data/src/core/lib/transport/batch_builder.cc +179 -0
  217. data/src/core/lib/transport/batch_builder.h +468 -0
  218. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  219. data/src/core/lib/transport/bdp_estimator.h +10 -6
  220. data/src/core/lib/transport/custom_metadata.h +30 -0
  221. data/src/core/lib/transport/metadata_batch.cc +5 -2
  222. data/src/core/lib/transport/metadata_batch.h +17 -113
  223. data/src/core/lib/transport/parsed_metadata.h +6 -16
  224. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  225. data/src/core/lib/transport/transport.cc +30 -2
  226. data/src/core/lib/transport/transport.h +70 -14
  227. data/src/core/lib/transport/transport_impl.h +7 -0
  228. data/src/core/lib/transport/transport_op_string.cc +52 -42
  229. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  230. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  231. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  232. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  233. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  234. data/src/core/tsi/ssl_transport_security.cc +4 -2
  235. data/src/ruby/lib/grpc/version.rb +1 -1
  236. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  237. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  238. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  239. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  240. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  241. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  242. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  243. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  244. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  245. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  246. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  247. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  248. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  255. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  256. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  257. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  258. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  259. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  260. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  261. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  262. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  263. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  264. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  265. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  266. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  291. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  292. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  293. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  294. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  295. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  301. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  302. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  303. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  305. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  306. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  307. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  309. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  310. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  311. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  312. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  313. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  314. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  318. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  320. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  321. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  322. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  323. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  324. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  325. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  326. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  327. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  328. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  329. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  333. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  334. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  335. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  336. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  337. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  338. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  339. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  340. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  341. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  342. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  343. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  344. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  345. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  346. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  347. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  348. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  349. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  350. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  351. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  352. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  366. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  367. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  368. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  369. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  370. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  396. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  400. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  403. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  407. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  449. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  450. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  451. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  452. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  453. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  454. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  455. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  456. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  457. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  458. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  459. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  460. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  461. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  466. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  467. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  468. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  469. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  470. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  472. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  473. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  474. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  475. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  476. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  477. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  478. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  479. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  480. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  481. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  482. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  483. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  484. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  485. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  486. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  487. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  488. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  535. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  536. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  537. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  538. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  560. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  561. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  562. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  563. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  564. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  565. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  566. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  567. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  568. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  569. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  570. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  571. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  572. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  573. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  574. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  575. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  577. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  578. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  580. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  582. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  584. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  585. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  586. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  588. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  589. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  590. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  591. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  592. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  593. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  594. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  595. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  596. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  597. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  598. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  599. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  600. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  601. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  602. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  603. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  604. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  605. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  606. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  607. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  608. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  609. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  610. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  611. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  612. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  613. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  614. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  615. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  616. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  617. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  618. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  619. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  620. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  621. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  622. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  630. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  631. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  632. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  633. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  634. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  635. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  636. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  637. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  638. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  639. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  640. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  641. metadata +103 -70
  642. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  643. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  644. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  645. data/src/core/lib/gprpp/global_config.h +0 -93
  646. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  647. data/src/core/lib/gprpp/global_config_env.h +0 -133
  648. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  649. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  650. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  651. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  652. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  653. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  654. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  655. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  657. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  658. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  659. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  660. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  661. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  662. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  667. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  668. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  669. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  670. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  671. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  674. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  675. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  676. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  677. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  678. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  679. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  680. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  681. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  682. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  683. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  684. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  685. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  686. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  687. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  688. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  689. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -1,4 +1,3 @@
1
- /* crypto/x509/x509_lu.c */
2
1
  /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
2
  * All rights reserved.
4
3
  *
@@ -66,765 +65,682 @@
66
65
  #include "../internal.h"
67
66
  #include "internal.h"
68
67
 
69
- X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
70
- {
71
- X509_LOOKUP *ret;
72
-
73
- ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
74
- if (ret == NULL)
75
- return NULL;
76
-
77
- ret->init = 0;
78
- ret->skip = 0;
79
- ret->method = method;
80
- ret->method_data = NULL;
81
- ret->store_ctx = NULL;
82
- if ((method->new_item != NULL) && !method->new_item(ret)) {
83
- OPENSSL_free(ret);
84
- return NULL;
85
- }
86
- return ret;
87
- }
68
+ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) {
69
+ X509_LOOKUP *ret;
88
70
 
89
- void X509_LOOKUP_free(X509_LOOKUP *ctx)
90
- {
91
- if (ctx == NULL)
92
- return;
93
- if ((ctx->method != NULL) && (ctx->method->free != NULL))
94
- (*ctx->method->free) (ctx);
95
- OPENSSL_free(ctx);
96
- }
97
-
98
- int X509_LOOKUP_init(X509_LOOKUP *ctx)
99
- {
100
- if (ctx->method == NULL)
101
- return 0;
102
- if (ctx->method->init != NULL)
103
- return ctx->method->init(ctx);
104
- else
105
- return 1;
71
+ ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
72
+ if (ret == NULL) {
73
+ return NULL;
74
+ }
75
+
76
+ ret->init = 0;
77
+ ret->skip = 0;
78
+ ret->method = method;
79
+ ret->method_data = NULL;
80
+ ret->store_ctx = NULL;
81
+ if ((method->new_item != NULL) && !method->new_item(ret)) {
82
+ OPENSSL_free(ret);
83
+ return NULL;
84
+ }
85
+ return ret;
86
+ }
87
+
88
+ void X509_LOOKUP_free(X509_LOOKUP *ctx) {
89
+ if (ctx == NULL) {
90
+ return;
91
+ }
92
+ if ((ctx->method != NULL) && (ctx->method->free != NULL)) {
93
+ (*ctx->method->free)(ctx);
94
+ }
95
+ OPENSSL_free(ctx);
96
+ }
97
+
98
+ int X509_LOOKUP_init(X509_LOOKUP *ctx) {
99
+ if (ctx->method == NULL) {
100
+ return 0;
101
+ }
102
+ if (ctx->method->init != NULL) {
103
+ return ctx->method->init(ctx);
104
+ } else {
105
+ return 1;
106
+ }
106
107
  }
107
108
 
108
- int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
109
- {
110
- if (ctx->method == NULL)
111
- return 0;
112
- if (ctx->method->shutdown != NULL)
113
- return ctx->method->shutdown(ctx);
114
- else
115
- return 1;
109
+ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) {
110
+ if (ctx->method == NULL) {
111
+ return 0;
112
+ }
113
+ if (ctx->method->shutdown != NULL) {
114
+ return ctx->method->shutdown(ctx);
115
+ } else {
116
+ return 1;
117
+ }
116
118
  }
117
119
 
118
120
  int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
119
- char **ret)
120
- {
121
- if (ctx->method == NULL)
122
- return -1;
123
- if (ctx->method->ctrl != NULL)
124
- return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
125
- else
126
- return 1;
121
+ char **ret) {
122
+ if (ctx->method == NULL) {
123
+ return -1;
124
+ }
125
+ if (ctx->method->ctrl != NULL) {
126
+ return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
127
+ } else {
128
+ return 1;
129
+ }
127
130
  }
128
131
 
129
132
  int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
130
- X509_OBJECT *ret)
131
- {
132
- if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
133
- return 0;
134
- if (ctx->skip)
135
- return 0;
136
- return ctx->method->get_by_subject(ctx, type, name, ret) > 0;
137
- }
138
-
139
- int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
140
- ASN1_INTEGER *serial, X509_OBJECT *ret)
141
- {
142
- if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL))
143
- return 0;
144
- return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret) > 0;
145
- }
146
-
147
- int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
148
- unsigned char *bytes, int len,
149
- X509_OBJECT *ret)
150
- {
151
- if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
152
- return 0;
153
- return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret) > 0;
154
- }
155
-
156
- int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
157
- X509_OBJECT *ret)
158
- {
159
- if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
160
- return 0;
161
- return ctx->method->get_by_alias(ctx, type, str, len, ret) > 0;
162
- }
163
-
164
- static int x509_object_cmp(const X509_OBJECT **a, const X509_OBJECT **b)
165
- {
166
- int ret;
167
-
168
- ret = ((*a)->type - (*b)->type);
169
- if (ret)
170
- return ret;
171
- switch ((*a)->type) {
172
- case X509_LU_X509:
173
- ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
174
- break;
175
- case X509_LU_CRL:
176
- ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
177
- break;
178
- default:
179
- /* abort(); */
180
- return 0;
181
- }
182
- return ret;
133
+ X509_OBJECT *ret) {
134
+ if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) {
135
+ return 0;
136
+ }
137
+ if (ctx->skip) {
138
+ return 0;
139
+ }
140
+ return ctx->method->get_by_subject(ctx, type, name, ret) > 0;
183
141
  }
184
142
 
185
- X509_STORE *X509_STORE_new(void)
186
- {
187
- X509_STORE *ret;
188
-
189
- if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
190
- return NULL;
191
- OPENSSL_memset(ret, 0, sizeof(*ret));
192
- CRYPTO_MUTEX_init(&ret->objs_lock);
193
- ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
194
- if (ret->objs == NULL)
195
- goto err;
196
- ret->cache = 1;
197
- ret->get_cert_methods = sk_X509_LOOKUP_new_null();
198
- if (ret->get_cert_methods == NULL)
199
- goto err;
200
- ret->param = X509_VERIFY_PARAM_new();
201
- if (ret->param == NULL)
202
- goto err;
203
-
204
- ret->references = 1;
143
+ static int x509_object_cmp(const X509_OBJECT **a, const X509_OBJECT **b) {
144
+ int ret;
145
+
146
+ ret = ((*a)->type - (*b)->type);
147
+ if (ret) {
205
148
  return ret;
206
- err:
207
- if (ret) {
208
- CRYPTO_MUTEX_cleanup(&ret->objs_lock);
209
- if (ret->param)
210
- X509_VERIFY_PARAM_free(ret->param);
211
- if (ret->get_cert_methods)
212
- sk_X509_LOOKUP_free(ret->get_cert_methods);
213
- if (ret->objs)
214
- sk_X509_OBJECT_free(ret->objs);
215
- OPENSSL_free(ret);
216
- }
217
- return NULL;
149
+ }
150
+ switch ((*a)->type) {
151
+ case X509_LU_X509:
152
+ ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
153
+ break;
154
+ case X509_LU_CRL:
155
+ ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
156
+ break;
157
+ default:
158
+ // abort();
159
+ return 0;
160
+ }
161
+ return ret;
218
162
  }
219
163
 
220
- int X509_STORE_up_ref(X509_STORE *store)
221
- {
222
- CRYPTO_refcount_inc(&store->references);
223
- return 1;
224
- }
164
+ X509_STORE *X509_STORE_new(void) {
165
+ X509_STORE *ret;
225
166
 
226
- static void cleanup(X509_OBJECT *a)
227
- {
228
- if (a == NULL) {
229
- return;
230
- }
231
- if (a->type == X509_LU_X509) {
232
- X509_free(a->data.x509);
233
- } else if (a->type == X509_LU_CRL) {
234
- X509_CRL_free(a->data.crl);
235
- } else {
236
- /* abort(); */
167
+ if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) {
168
+ return NULL;
169
+ }
170
+ OPENSSL_memset(ret, 0, sizeof(*ret));
171
+ CRYPTO_MUTEX_init(&ret->objs_lock);
172
+ ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
173
+ if (ret->objs == NULL) {
174
+ goto err;
175
+ }
176
+ ret->cache = 1;
177
+ ret->get_cert_methods = sk_X509_LOOKUP_new_null();
178
+ if (ret->get_cert_methods == NULL) {
179
+ goto err;
180
+ }
181
+ ret->param = X509_VERIFY_PARAM_new();
182
+ if (ret->param == NULL) {
183
+ goto err;
184
+ }
185
+
186
+ ret->references = 1;
187
+ return ret;
188
+ err:
189
+ if (ret) {
190
+ CRYPTO_MUTEX_cleanup(&ret->objs_lock);
191
+ if (ret->param) {
192
+ X509_VERIFY_PARAM_free(ret->param);
237
193
  }
238
-
239
- OPENSSL_free(a);
240
- }
241
-
242
- void X509_STORE_free(X509_STORE *vfy)
243
- {
244
- size_t j;
245
- STACK_OF(X509_LOOKUP) *sk;
246
- X509_LOOKUP *lu;
247
-
248
- if (vfy == NULL)
249
- return;
250
-
251
- if (!CRYPTO_refcount_dec_and_test_zero(&vfy->references)) {
252
- return;
194
+ if (ret->get_cert_methods) {
195
+ sk_X509_LOOKUP_free(ret->get_cert_methods);
253
196
  }
254
-
255
- CRYPTO_MUTEX_cleanup(&vfy->objs_lock);
256
-
257
- sk = vfy->get_cert_methods;
258
- for (j = 0; j < sk_X509_LOOKUP_num(sk); j++) {
259
- lu = sk_X509_LOOKUP_value(sk, j);
260
- X509_LOOKUP_shutdown(lu);
261
- X509_LOOKUP_free(lu);
197
+ if (ret->objs) {
198
+ sk_X509_OBJECT_free(ret->objs);
262
199
  }
263
- sk_X509_LOOKUP_free(sk);
264
- sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
265
-
266
- if (vfy->param)
267
- X509_VERIFY_PARAM_free(vfy->param);
268
- OPENSSL_free(vfy);
269
- }
270
-
271
- X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
272
- {
273
- size_t i;
274
- STACK_OF(X509_LOOKUP) *sk;
275
- X509_LOOKUP *lu;
276
-
277
- sk = v->get_cert_methods;
278
- for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
279
- lu = sk_X509_LOOKUP_value(sk, i);
280
- if (m == lu->method) {
281
- return lu;
282
- }
200
+ OPENSSL_free(ret);
201
+ }
202
+ return NULL;
203
+ }
204
+
205
+ int X509_STORE_up_ref(X509_STORE *store) {
206
+ CRYPTO_refcount_inc(&store->references);
207
+ return 1;
208
+ }
209
+
210
+ static void cleanup(X509_OBJECT *a) {
211
+ if (a == NULL) {
212
+ return;
213
+ }
214
+ if (a->type == X509_LU_X509) {
215
+ X509_free(a->data.x509);
216
+ } else if (a->type == X509_LU_CRL) {
217
+ X509_CRL_free(a->data.crl);
218
+ } else {
219
+ // abort();
220
+ }
221
+
222
+ OPENSSL_free(a);
223
+ }
224
+
225
+ void X509_STORE_free(X509_STORE *vfy) {
226
+ size_t j;
227
+ STACK_OF(X509_LOOKUP) *sk;
228
+ X509_LOOKUP *lu;
229
+
230
+ if (vfy == NULL) {
231
+ return;
232
+ }
233
+
234
+ if (!CRYPTO_refcount_dec_and_test_zero(&vfy->references)) {
235
+ return;
236
+ }
237
+
238
+ CRYPTO_MUTEX_cleanup(&vfy->objs_lock);
239
+
240
+ sk = vfy->get_cert_methods;
241
+ for (j = 0; j < sk_X509_LOOKUP_num(sk); j++) {
242
+ lu = sk_X509_LOOKUP_value(sk, j);
243
+ X509_LOOKUP_shutdown(lu);
244
+ X509_LOOKUP_free(lu);
245
+ }
246
+ sk_X509_LOOKUP_free(sk);
247
+ sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
248
+
249
+ if (vfy->param) {
250
+ X509_VERIFY_PARAM_free(vfy->param);
251
+ }
252
+ OPENSSL_free(vfy);
253
+ }
254
+
255
+ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) {
256
+ size_t i;
257
+ STACK_OF(X509_LOOKUP) *sk;
258
+ X509_LOOKUP *lu;
259
+
260
+ sk = v->get_cert_methods;
261
+ for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
262
+ lu = sk_X509_LOOKUP_value(sk, i);
263
+ if (m == lu->method) {
264
+ return lu;
283
265
  }
284
- /* a new one */
285
- lu = X509_LOOKUP_new(m);
286
- if (lu == NULL)
287
- return NULL;
288
- else {
289
- lu->store_ctx = v;
290
- if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
291
- return lu;
292
- else {
293
- X509_LOOKUP_free(lu);
294
- return NULL;
295
- }
266
+ }
267
+ // a new one
268
+ lu = X509_LOOKUP_new(m);
269
+ if (lu == NULL) {
270
+ return NULL;
271
+ } else {
272
+ lu->store_ctx = v;
273
+ if (sk_X509_LOOKUP_push(v->get_cert_methods, lu)) {
274
+ return lu;
275
+ } else {
276
+ X509_LOOKUP_free(lu);
277
+ return NULL;
296
278
  }
279
+ }
297
280
  }
298
281
 
299
282
  int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
300
- X509_OBJECT *ret)
301
- {
302
- X509_STORE *ctx = vs->ctx;
303
- X509_LOOKUP *lu;
304
- X509_OBJECT stmp, *tmp;
305
- int i;
306
-
307
- CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
308
- tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
309
- CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
310
-
311
- if (tmp == NULL || type == X509_LU_CRL) {
312
- for (i = 0; i < (int)sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
313
- lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
314
- if (X509_LOOKUP_by_subject(lu, type, name, &stmp)) {
315
- tmp = &stmp;
316
- break;
317
- }
318
- }
319
- if (tmp == NULL)
320
- return 0;
283
+ X509_OBJECT *ret) {
284
+ X509_STORE *ctx = vs->ctx;
285
+ X509_LOOKUP *lu;
286
+ X509_OBJECT stmp, *tmp;
287
+ int i;
288
+
289
+ CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
290
+ tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
291
+ CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
292
+
293
+ if (tmp == NULL || type == X509_LU_CRL) {
294
+ for (i = 0; i < (int)sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
295
+ lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
296
+ if (X509_LOOKUP_by_subject(lu, type, name, &stmp)) {
297
+ tmp = &stmp;
298
+ break;
299
+ }
300
+ }
301
+ if (tmp == NULL) {
302
+ return 0;
321
303
  }
304
+ }
322
305
 
323
- /*
324
- * if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret);
325
- */
306
+ // if (ret->data.ptr != NULL) X509_OBJECT_free_contents(ret);
326
307
 
327
- ret->type = tmp->type;
328
- ret->data.ptr = tmp->data.ptr;
308
+ ret->type = tmp->type;
309
+ ret->data.ptr = tmp->data.ptr;
329
310
 
330
- X509_OBJECT_up_ref_count(ret);
311
+ X509_OBJECT_up_ref_count(ret);
331
312
 
332
- return 1;
313
+ return 1;
333
314
  }
334
315
 
335
- int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
336
- {
337
- X509_OBJECT *obj;
338
- int ret = 1;
316
+ static int x509_store_add(X509_STORE *ctx, void *x, int is_crl) {
317
+ if (x == NULL) {
318
+ return 0;
319
+ }
339
320
 
340
- if (x == NULL)
341
- return 0;
342
- obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
343
- if (obj == NULL) {
344
- OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
345
- return 0;
346
- }
321
+ X509_OBJECT *const obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
322
+ if (obj == NULL) {
323
+ return 0;
324
+ }
325
+
326
+ if (is_crl) {
327
+ obj->type = X509_LU_CRL;
328
+ obj->data.crl = (X509_CRL *)x;
329
+ } else {
347
330
  obj->type = X509_LU_X509;
348
- obj->data.x509 = x;
349
-
350
- CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
351
-
352
- X509_OBJECT_up_ref_count(obj);
353
-
354
- if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
355
- X509_OBJECT_free_contents(obj);
356
- OPENSSL_free(obj);
357
- OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE);
358
- ret = 0;
359
- } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
360
- X509_OBJECT_free_contents(obj);
361
- OPENSSL_free(obj);
362
- OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
363
- ret = 0;
364
- }
331
+ obj->data.x509 = (X509 *)x;
332
+ }
333
+ X509_OBJECT_up_ref_count(obj);
365
334
 
366
- CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
335
+ CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
367
336
 
368
- return ret;
369
- }
337
+ int ret = 1;
338
+ int added = 0;
339
+ // Duplicates are silently ignored
340
+ if (!X509_OBJECT_retrieve_match(ctx->objs, obj)) {
341
+ ret = added = (sk_X509_OBJECT_push(ctx->objs, obj) != 0);
342
+ }
370
343
 
371
- int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
372
- {
373
- X509_OBJECT *obj;
374
- int ret = 1;
344
+ CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
375
345
 
376
- if (x == NULL)
377
- return 0;
378
- obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
379
- if (obj == NULL) {
380
- OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
381
- return 0;
382
- }
383
- obj->type = X509_LU_CRL;
384
- obj->data.crl = x;
385
-
386
- CRYPTO_MUTEX_lock_write(&ctx->objs_lock);
387
-
388
- X509_OBJECT_up_ref_count(obj);
389
-
390
- if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
391
- X509_OBJECT_free_contents(obj);
392
- OPENSSL_free(obj);
393
- OPENSSL_PUT_ERROR(X509, X509_R_CERT_ALREADY_IN_HASH_TABLE);
394
- ret = 0;
395
- } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
396
- X509_OBJECT_free_contents(obj);
397
- OPENSSL_free(obj);
398
- OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
399
- ret = 0;
400
- }
346
+ if (!added) {
347
+ X509_OBJECT_free_contents(obj);
348
+ OPENSSL_free(obj);
349
+ }
350
+
351
+ return ret;
352
+ }
401
353
 
402
- CRYPTO_MUTEX_unlock_write(&ctx->objs_lock);
354
+ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) {
355
+ return x509_store_add(ctx, x, /*is_crl=*/0);
356
+ }
403
357
 
404
- return ret;
358
+ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) {
359
+ return x509_store_add(ctx, x, /*is_crl=*/1);
405
360
  }
406
361
 
407
- int X509_OBJECT_up_ref_count(X509_OBJECT *a)
408
- {
409
- switch (a->type) {
362
+ int X509_OBJECT_up_ref_count(X509_OBJECT *a) {
363
+ switch (a->type) {
410
364
  case X509_LU_X509:
411
- X509_up_ref(a->data.x509);
412
- break;
365
+ X509_up_ref(a->data.x509);
366
+ break;
413
367
  case X509_LU_CRL:
414
- X509_CRL_up_ref(a->data.crl);
415
- break;
416
- }
417
- return 1;
368
+ X509_CRL_up_ref(a->data.crl);
369
+ break;
370
+ }
371
+ return 1;
418
372
  }
419
373
 
420
- void X509_OBJECT_free_contents(X509_OBJECT *a)
421
- {
422
- switch (a->type) {
374
+ void X509_OBJECT_free_contents(X509_OBJECT *a) {
375
+ switch (a->type) {
423
376
  case X509_LU_X509:
424
- X509_free(a->data.x509);
425
- break;
377
+ X509_free(a->data.x509);
378
+ break;
426
379
  case X509_LU_CRL:
427
- X509_CRL_free(a->data.crl);
428
- break;
429
- }
380
+ X509_CRL_free(a->data.crl);
381
+ break;
382
+ }
430
383
  }
431
384
 
432
- int X509_OBJECT_get_type(const X509_OBJECT *a)
433
- {
434
- return a->type;
435
- }
385
+ int X509_OBJECT_get_type(const X509_OBJECT *a) { return a->type; }
436
386
 
437
- X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
438
- {
439
- if (a == NULL || a->type != X509_LU_X509) {
440
- return NULL;
441
- }
442
- return a->data.x509;
387
+ X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a) {
388
+ if (a == NULL || a->type != X509_LU_X509) {
389
+ return NULL;
390
+ }
391
+ return a->data.x509;
443
392
  }
444
393
 
445
394
  static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
446
- X509_NAME *name, int *pnmatch)
447
- {
448
- X509_OBJECT stmp;
449
- X509 x509_s;
450
- X509_CINF cinf_s;
451
- X509_CRL crl_s;
452
- X509_CRL_INFO crl_info_s;
453
-
454
- stmp.type = type;
455
- switch (type) {
395
+ X509_NAME *name, int *pnmatch) {
396
+ X509_OBJECT stmp;
397
+ X509 x509_s;
398
+ X509_CINF cinf_s;
399
+ X509_CRL crl_s;
400
+ X509_CRL_INFO crl_info_s;
401
+
402
+ stmp.type = type;
403
+ switch (type) {
456
404
  case X509_LU_X509:
457
- stmp.data.x509 = &x509_s;
458
- x509_s.cert_info = &cinf_s;
459
- cinf_s.subject = name;
460
- break;
405
+ stmp.data.x509 = &x509_s;
406
+ x509_s.cert_info = &cinf_s;
407
+ cinf_s.subject = name;
408
+ break;
461
409
  case X509_LU_CRL:
462
- stmp.data.crl = &crl_s;
463
- crl_s.crl = &crl_info_s;
464
- crl_info_s.issuer = name;
465
- break;
410
+ stmp.data.crl = &crl_s;
411
+ crl_s.crl = &crl_info_s;
412
+ crl_info_s.issuer = name;
413
+ break;
466
414
  default:
467
- /* abort(); */
468
- return -1;
469
- }
470
-
471
- size_t idx;
472
- sk_X509_OBJECT_sort(h);
473
- if (!sk_X509_OBJECT_find(h, &idx, &stmp))
474
- return -1;
475
-
476
- if (pnmatch != NULL) {
477
- int tidx;
478
- const X509_OBJECT *tobj, *pstmp;
479
- *pnmatch = 1;
480
- pstmp = &stmp;
481
- for (tidx = idx + 1; tidx < (int)sk_X509_OBJECT_num(h); tidx++) {
482
- tobj = sk_X509_OBJECT_value(h, tidx);
483
- if (x509_object_cmp(&tobj, &pstmp))
484
- break;
485
- (*pnmatch)++;
486
- }
415
+ // abort();
416
+ return -1;
417
+ }
418
+
419
+ size_t idx;
420
+ sk_X509_OBJECT_sort(h);
421
+ if (!sk_X509_OBJECT_find(h, &idx, &stmp)) {
422
+ return -1;
423
+ }
424
+
425
+ if (pnmatch != NULL) {
426
+ int tidx;
427
+ const X509_OBJECT *tobj, *pstmp;
428
+ *pnmatch = 1;
429
+ pstmp = &stmp;
430
+ for (tidx = idx + 1; tidx < (int)sk_X509_OBJECT_num(h); tidx++) {
431
+ tobj = sk_X509_OBJECT_value(h, tidx);
432
+ if (x509_object_cmp(&tobj, &pstmp)) {
433
+ break;
434
+ }
435
+ (*pnmatch)++;
487
436
  }
437
+ }
488
438
 
489
- return idx;
439
+ return idx;
490
440
  }
491
441
 
492
442
  int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
493
- X509_NAME *name)
494
- {
495
- return x509_object_idx_cnt(h, type, name, NULL);
496
- }
497
-
498
- X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
499
- int type, X509_NAME *name)
500
- {
501
- int idx;
502
- idx = X509_OBJECT_idx_by_subject(h, type, name);
503
- if (idx == -1)
504
- return NULL;
505
- return sk_X509_OBJECT_value(h, idx);
443
+ X509_NAME *name) {
444
+ return x509_object_idx_cnt(h, type, name, NULL);
506
445
  }
507
446
 
508
- STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st)
509
- {
510
- return st->objs;
447
+ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
448
+ X509_NAME *name) {
449
+ int idx;
450
+ idx = X509_OBJECT_idx_by_subject(h, type, name);
451
+ if (idx == -1) {
452
+ return NULL;
453
+ }
454
+ return sk_X509_OBJECT_value(h, idx);
511
455
  }
512
456
 
513
- STACK_OF (X509) * X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
514
- {
515
- int i, idx, cnt;
516
- STACK_OF(X509) *sk;
517
- X509 *x;
518
- X509_OBJECT *obj;
519
- sk = sk_X509_new_null();
520
- if (sk == NULL)
521
- return NULL;
522
- CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
523
- idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
524
- if (idx < 0) {
525
- /*
526
- * Nothing found in cache: do lookup to possibly add new objects to
527
- * cache
528
- */
529
- X509_OBJECT xobj;
530
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
531
- if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
532
- sk_X509_free(sk);
533
- return NULL;
534
- }
535
- X509_OBJECT_free_contents(&xobj);
536
- CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
537
- idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
538
- if (idx < 0) {
539
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
540
- sk_X509_free(sk);
541
- return NULL;
542
- }
543
- }
544
- for (i = 0; i < cnt; i++, idx++) {
545
- obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
546
- x = obj->data.x509;
547
- if (!sk_X509_push(sk, x)) {
548
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
549
- sk_X509_pop_free(sk, X509_free);
550
- return NULL;
551
- }
552
- X509_up_ref(x);
553
- }
554
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
555
- return sk;
556
-
457
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st) {
458
+ return st->objs;
557
459
  }
558
460
 
559
- STACK_OF (X509_CRL) * X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
560
- {
561
- int i, idx, cnt;
562
- STACK_OF(X509_CRL) *sk;
563
- X509_CRL *x;
564
- X509_OBJECT *obj, xobj;
565
- sk = sk_X509_CRL_new_null();
566
- if (sk == NULL)
567
- return NULL;
568
-
569
- /* Always do lookup to possibly add new CRLs to cache. */
570
- if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
571
- sk_X509_CRL_free(sk);
572
- return NULL;
461
+ STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm) {
462
+ int i, idx, cnt;
463
+ STACK_OF(X509) *sk;
464
+ X509 *x;
465
+ X509_OBJECT *obj;
466
+ sk = sk_X509_new_null();
467
+ if (sk == NULL) {
468
+ return NULL;
469
+ }
470
+ CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
471
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
472
+ if (idx < 0) {
473
+ // Nothing found in cache: do lookup to possibly add new objects to
474
+ // cache
475
+ X509_OBJECT xobj;
476
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
477
+ if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
478
+ sk_X509_free(sk);
479
+ return NULL;
573
480
  }
574
481
  X509_OBJECT_free_contents(&xobj);
575
482
  CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
576
- idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
483
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
577
484
  if (idx < 0) {
578
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
579
- sk_X509_CRL_free(sk);
580
- return NULL;
485
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
486
+ sk_X509_free(sk);
487
+ return NULL;
581
488
  }
582
-
583
- for (i = 0; i < cnt; i++, idx++) {
584
- obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
585
- x = obj->data.crl;
586
- X509_CRL_up_ref(x);
587
- if (!sk_X509_CRL_push(sk, x)) {
588
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
589
- X509_CRL_free(x);
590
- sk_X509_CRL_pop_free(sk, X509_CRL_free);
591
- return NULL;
592
- }
489
+ }
490
+ for (i = 0; i < cnt; i++, idx++) {
491
+ obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
492
+ x = obj->data.x509;
493
+ if (!sk_X509_push(sk, x)) {
494
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
495
+ sk_X509_pop_free(sk, X509_free);
496
+ return NULL;
593
497
  }
498
+ X509_up_ref(x);
499
+ }
500
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
501
+ return sk;
502
+ }
503
+
504
+ STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm) {
505
+ int i, idx, cnt;
506
+ STACK_OF(X509_CRL) *sk;
507
+ X509_CRL *x;
508
+ X509_OBJECT *obj, xobj;
509
+ sk = sk_X509_CRL_new_null();
510
+ if (sk == NULL) {
511
+ return NULL;
512
+ }
513
+
514
+ // Always do lookup to possibly add new CRLs to cache.
515
+ if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
516
+ sk_X509_CRL_free(sk);
517
+ return NULL;
518
+ }
519
+ X509_OBJECT_free_contents(&xobj);
520
+ CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
521
+ idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
522
+ if (idx < 0) {
594
523
  CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
595
- return sk;
524
+ sk_X509_CRL_free(sk);
525
+ return NULL;
526
+ }
527
+
528
+ for (i = 0; i < cnt; i++, idx++) {
529
+ obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
530
+ x = obj->data.crl;
531
+ X509_CRL_up_ref(x);
532
+ if (!sk_X509_CRL_push(sk, x)) {
533
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
534
+ X509_CRL_free(x);
535
+ sk_X509_CRL_pop_free(sk, X509_CRL_free);
536
+ return NULL;
537
+ }
538
+ }
539
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
540
+ return sk;
596
541
  }
597
542
 
598
543
  X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
599
- X509_OBJECT *x)
600
- {
601
- size_t idx, i;
602
- X509_OBJECT *obj;
603
-
604
- sk_X509_OBJECT_sort(h);
605
- if (!sk_X509_OBJECT_find(h, &idx, x)) {
606
- return NULL;
607
- }
608
- if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
609
- return sk_X509_OBJECT_value(h, idx);
610
- for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
611
- obj = sk_X509_OBJECT_value(h, i);
612
- if (x509_object_cmp
613
- ((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
614
- return NULL;
615
- if (x->type == X509_LU_X509) {
616
- if (!X509_cmp(obj->data.x509, x->data.x509))
617
- return obj;
618
- } else if (x->type == X509_LU_CRL) {
619
- if (!X509_CRL_match(obj->data.crl, x->data.crl))
620
- return obj;
621
- } else
622
- return obj;
623
- }
624
- return NULL;
625
- }
544
+ X509_OBJECT *x) {
545
+ size_t idx, i;
546
+ X509_OBJECT *obj;
626
547
 
627
- /*
628
- * Try to get issuer certificate from store. Due to limitations of the API
629
- * this can only retrieve a single certificate matching a given subject name.
630
- * However it will fill the cache with all matching certificates, so we can
631
- * examine the cache for all matches. Return values are: 1 lookup
632
- * successful. 0 certificate not found. -1 some other error.
633
- */
634
- int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
635
- {
636
- X509_NAME *xn;
637
- X509_OBJECT obj, *pobj;
638
- int idx, ret;
639
- size_t i;
640
- xn = X509_get_issuer_name(x);
641
- if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj))
642
- return 0;
643
- /* If certificate matches all OK */
644
- if (ctx->check_issued(ctx, x, obj.data.x509)) {
645
- *issuer = obj.data.x509;
646
- return 1;
548
+ sk_X509_OBJECT_sort(h);
549
+ if (!sk_X509_OBJECT_find(h, &idx, x)) {
550
+ return NULL;
551
+ }
552
+ if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL)) {
553
+ return sk_X509_OBJECT_value(h, idx);
554
+ }
555
+ for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
556
+ obj = sk_X509_OBJECT_value(h, i);
557
+ if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x)) {
558
+ return NULL;
647
559
  }
648
- X509_OBJECT_free_contents(&obj);
649
-
650
- /* Else find index of first cert accepted by 'check_issued' */
651
- ret = 0;
652
- CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
653
- idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
654
- if (idx != -1) { /* should be true as we've had at least one
655
- * match */
656
- /* Look through all matching certs for suitable issuer */
657
- for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
658
- pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
659
- /* See if we've run past the matches */
660
- if (pobj->type != X509_LU_X509)
661
- break;
662
- if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509)))
663
- break;
664
- if (ctx->check_issued(ctx, x, pobj->data.x509)) {
665
- *issuer = pobj->data.x509;
666
- X509_OBJECT_up_ref_count(pobj);
667
- ret = 1;
668
- break;
669
- }
670
- }
560
+ if (x->type == X509_LU_X509) {
561
+ if (!X509_cmp(obj->data.x509, x->data.x509)) {
562
+ return obj;
563
+ }
564
+ } else if (x->type == X509_LU_CRL) {
565
+ if (!X509_CRL_match(obj->data.crl, x->data.crl)) {
566
+ return obj;
567
+ }
568
+ } else {
569
+ return obj;
671
570
  }
672
- CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
673
- return ret;
571
+ }
572
+ return NULL;
573
+ }
574
+
575
+ // Try to get issuer certificate from store. Due to limitations of the API
576
+ // this can only retrieve a single certificate matching a given subject name.
577
+ // However it will fill the cache with all matching certificates, so we can
578
+ // examine the cache for all matches. Return values are: 1 lookup
579
+ // successful. 0 certificate not found. -1 some other error.
580
+ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) {
581
+ X509_NAME *xn;
582
+ X509_OBJECT obj, *pobj;
583
+ int idx, ret;
584
+ size_t i;
585
+ xn = X509_get_issuer_name(x);
586
+ if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj)) {
587
+ return 0;
588
+ }
589
+ // If certificate matches all OK
590
+ if (ctx->check_issued(ctx, x, obj.data.x509)) {
591
+ *issuer = obj.data.x509;
592
+ return 1;
593
+ }
594
+ X509_OBJECT_free_contents(&obj);
595
+
596
+ // Else find index of first cert accepted by 'check_issued'
597
+ ret = 0;
598
+ CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock);
599
+ idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
600
+ if (idx != -1) { // should be true as we've had at least one
601
+ // match
602
+ // Look through all matching certs for suitable issuer
603
+ for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
604
+ pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
605
+ // See if we've run past the matches
606
+ if (pobj->type != X509_LU_X509) {
607
+ break;
608
+ }
609
+ if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) {
610
+ break;
611
+ }
612
+ if (ctx->check_issued(ctx, x, pobj->data.x509)) {
613
+ *issuer = pobj->data.x509;
614
+ X509_OBJECT_up_ref_count(pobj);
615
+ ret = 1;
616
+ break;
617
+ }
618
+ }
619
+ }
620
+ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock);
621
+ return ret;
674
622
  }
675
623
 
676
- int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
677
- {
678
- return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
624
+ int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) {
625
+ return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
679
626
  }
680
627
 
681
- int X509_STORE_set_depth(X509_STORE *ctx, int depth)
682
- {
683
- X509_VERIFY_PARAM_set_depth(ctx->param, depth);
684
- return 1;
628
+ int X509_STORE_set_depth(X509_STORE *ctx, int depth) {
629
+ X509_VERIFY_PARAM_set_depth(ctx->param, depth);
630
+ return 1;
685
631
  }
686
632
 
687
- int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
688
- {
689
- return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
633
+ int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) {
634
+ return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
690
635
  }
691
636
 
692
- int X509_STORE_set_trust(X509_STORE *ctx, int trust)
693
- {
694
- return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
637
+ int X509_STORE_set_trust(X509_STORE *ctx, int trust) {
638
+ return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
695
639
  }
696
640
 
697
- int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
698
- {
699
- return X509_VERIFY_PARAM_set1(ctx->param, param);
641
+ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) {
642
+ return X509_VERIFY_PARAM_set1(ctx->param, param);
700
643
  }
701
644
 
702
- X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx)
703
- {
704
- return ctx->param;
705
- }
645
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx) { return ctx->param; }
706
646
 
707
- void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify)
708
- {
709
- ctx->verify = verify;
647
+ void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify) {
648
+ ctx->verify = verify;
710
649
  }
711
650
 
712
- X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx)
713
- {
714
- return ctx->verify;
651
+ X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx) {
652
+ return ctx->verify;
715
653
  }
716
654
 
717
655
  void X509_STORE_set_verify_cb(X509_STORE *ctx,
718
- X509_STORE_CTX_verify_cb verify_cb)
719
- {
720
- ctx->verify_cb = verify_cb;
656
+ X509_STORE_CTX_verify_cb verify_cb) {
657
+ ctx->verify_cb = verify_cb;
721
658
  }
722
659
 
723
- X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *ctx)
724
- {
725
- return ctx->verify_cb;
660
+ X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *ctx) {
661
+ return ctx->verify_cb;
726
662
  }
727
663
 
728
664
  void X509_STORE_set_get_issuer(X509_STORE *ctx,
729
- X509_STORE_CTX_get_issuer_fn get_issuer)
730
- {
731
- ctx->get_issuer = get_issuer;
665
+ X509_STORE_CTX_get_issuer_fn get_issuer) {
666
+ ctx->get_issuer = get_issuer;
732
667
  }
733
668
 
734
- X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *ctx)
735
- {
736
- return ctx->get_issuer;
669
+ X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *ctx) {
670
+ return ctx->get_issuer;
737
671
  }
738
672
 
739
673
  void X509_STORE_set_check_issued(X509_STORE *ctx,
740
- X509_STORE_CTX_check_issued_fn check_issued)
741
- {
742
- ctx->check_issued = check_issued;
674
+ X509_STORE_CTX_check_issued_fn check_issued) {
675
+ ctx->check_issued = check_issued;
743
676
  }
744
677
 
745
- X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *ctx)
746
- {
747
- return ctx->check_issued;
678
+ X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *ctx) {
679
+ return ctx->check_issued;
748
680
  }
749
681
 
750
- void X509_STORE_set_check_revocation(X509_STORE *ctx,
751
- X509_STORE_CTX_check_revocation_fn check_revocation)
752
- {
753
- ctx->check_revocation = check_revocation;
682
+ void X509_STORE_set_check_revocation(
683
+ X509_STORE *ctx, X509_STORE_CTX_check_revocation_fn check_revocation) {
684
+ ctx->check_revocation = check_revocation;
754
685
  }
755
686
 
756
- X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE *ctx)
757
- {
758
- return ctx->check_revocation;
687
+ X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(
688
+ X509_STORE *ctx) {
689
+ return ctx->check_revocation;
759
690
  }
760
691
 
761
692
  void X509_STORE_set_get_crl(X509_STORE *ctx,
762
- X509_STORE_CTX_get_crl_fn get_crl)
763
- {
764
- ctx->get_crl = get_crl;
693
+ X509_STORE_CTX_get_crl_fn get_crl) {
694
+ ctx->get_crl = get_crl;
765
695
  }
766
696
 
767
- X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE *ctx)
768
- {
769
- return ctx->get_crl;
697
+ X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE *ctx) {
698
+ return ctx->get_crl;
770
699
  }
771
700
 
772
701
  void X509_STORE_set_check_crl(X509_STORE *ctx,
773
- X509_STORE_CTX_check_crl_fn check_crl)
774
- {
775
- ctx->check_crl = check_crl;
702
+ X509_STORE_CTX_check_crl_fn check_crl) {
703
+ ctx->check_crl = check_crl;
776
704
  }
777
705
 
778
- X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx)
779
- {
780
- return ctx->check_crl;
706
+ X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx) {
707
+ return ctx->check_crl;
781
708
  }
782
709
 
783
710
  void X509_STORE_set_cert_crl(X509_STORE *ctx,
784
- X509_STORE_CTX_cert_crl_fn cert_crl)
785
- {
786
- ctx->cert_crl = cert_crl;
711
+ X509_STORE_CTX_cert_crl_fn cert_crl) {
712
+ ctx->cert_crl = cert_crl;
787
713
  }
788
714
 
789
- X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx)
790
- {
791
- return ctx->cert_crl;
715
+ X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx) {
716
+ return ctx->cert_crl;
792
717
  }
793
718
 
794
719
  void X509_STORE_set_lookup_certs(X509_STORE *ctx,
795
- X509_STORE_CTX_lookup_certs_fn lookup_certs)
796
- {
797
- ctx->lookup_certs = lookup_certs;
720
+ X509_STORE_CTX_lookup_certs_fn lookup_certs) {
721
+ ctx->lookup_certs = lookup_certs;
798
722
  }
799
723
 
800
- X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx)
801
- {
802
- return ctx->lookup_certs;
724
+ X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx) {
725
+ return ctx->lookup_certs;
803
726
  }
804
727
 
805
728
  void X509_STORE_set_lookup_crls(X509_STORE *ctx,
806
- X509_STORE_CTX_lookup_crls_fn lookup_crls)
807
- {
808
- ctx->lookup_crls = lookup_crls;
729
+ X509_STORE_CTX_lookup_crls_fn lookup_crls) {
730
+ ctx->lookup_crls = lookup_crls;
809
731
  }
810
732
 
811
- X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE *ctx)
812
- {
813
- return ctx->lookup_crls;
733
+ X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE *ctx) {
734
+ return ctx->lookup_crls;
814
735
  }
815
736
 
816
737
  void X509_STORE_set_cleanup(X509_STORE *ctx,
817
- X509_STORE_CTX_cleanup_fn ctx_cleanup)
818
- {
819
- ctx->cleanup = ctx_cleanup;
738
+ X509_STORE_CTX_cleanup_fn ctx_cleanup) {
739
+ ctx->cleanup = ctx_cleanup;
820
740
  }
821
741
 
822
- X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE *ctx)
823
- {
824
- return ctx->cleanup;
742
+ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE *ctx) {
743
+ return ctx->cleanup;
825
744
  }
826
745
 
827
- X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
828
- {
829
- return ctx->ctx;
830
- }
746
+ X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx) { return ctx->ctx; }