grpc 1.53.2 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (693) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +78 -66
  3. data/include/grpc/event_engine/event_engine.h +30 -14
  4. data/include/grpc/grpc_security.h +4 -0
  5. data/include/grpc/support/port_platform.h +4 -4
  6. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
  7. data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
  8. data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
  9. data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
  10. data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
  11. data/src/core/ext/filters/client_channel/client_channel.h +131 -173
  12. data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +4 -3
  14. data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
  15. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
  16. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
  17. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
  18. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
  19. data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
  20. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
  21. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
  22. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
  23. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
  24. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
  25. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
  26. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
  27. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
  28. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
  29. data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
  30. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
  31. data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
  32. data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
  33. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
  34. data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
  35. data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
  36. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
  37. data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
  38. data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
  39. data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
  40. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
  41. data/src/core/ext/gcp/metadata_query.cc +142 -0
  42. data/src/core/ext/gcp/metadata_query.h +82 -0
  43. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
  44. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
  45. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
  46. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
  47. data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
  48. data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
  49. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
  50. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
  51. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
  52. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
  53. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
  56. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
  57. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
  58. data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
  59. data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
  60. data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
  61. data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
  62. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
  63. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
  68. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
  69. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
  70. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
  71. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
  72. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
  73. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
  74. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
  75. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
  76. data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
  77. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
  78. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
  79. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
  80. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
  81. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
  82. data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
  83. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
  84. data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
  85. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
  86. data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
  88. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
  92. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
  93. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
  94. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
  95. data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
  97. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
  98. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
  99. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
  100. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
  101. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
  102. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
  103. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
  104. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
  105. data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
  106. data/src/core/ext/xds/xds_client_stats.cc +29 -15
  107. data/src/core/ext/xds/xds_client_stats.h +24 -20
  108. data/src/core/ext/xds/xds_endpoint.cc +5 -2
  109. data/src/core/ext/xds/xds_endpoint.h +9 -1
  110. data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
  111. data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
  112. data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
  113. data/src/core/lib/channel/call_finalization.h +1 -1
  114. data/src/core/lib/channel/call_tracer.cc +51 -0
  115. data/src/core/lib/channel/call_tracer.h +101 -38
  116. data/src/core/lib/channel/connected_channel.cc +483 -1050
  117. data/src/core/lib/channel/context.h +8 -1
  118. data/src/core/lib/channel/promise_based_filter.cc +106 -42
  119. data/src/core/lib/channel/promise_based_filter.h +27 -13
  120. data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
  121. data/src/core/lib/config/config_vars.cc +151 -0
  122. data/src/core/lib/config/config_vars.h +127 -0
  123. data/src/core/lib/config/config_vars_non_generated.cc +51 -0
  124. data/src/core/lib/config/load_config.cc +66 -0
  125. data/src/core/lib/config/load_config.h +49 -0
  126. data/src/core/lib/debug/trace.cc +5 -6
  127. data/src/core/lib/debug/trace.h +0 -5
  128. data/src/core/lib/event_engine/event_engine.cc +37 -2
  129. data/src/core/lib/event_engine/handle_containers.h +7 -22
  130. data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
  131. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
  132. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
  133. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
  134. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
  135. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
  136. data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
  137. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
  138. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
  139. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
  140. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
  141. data/src/core/lib/event_engine/resolved_address.cc +2 -1
  142. data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
  143. data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
  144. data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
  145. data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
  146. data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
  147. data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
  148. data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
  149. data/src/core/lib/experiments/config.cc +3 -10
  150. data/src/core/lib/experiments/experiments.cc +7 -0
  151. data/src/core/lib/experiments/experiments.h +9 -1
  152. data/src/core/lib/gpr/log.cc +15 -28
  153. data/src/core/lib/gprpp/fork.cc +8 -14
  154. data/src/core/lib/gprpp/orphanable.h +4 -3
  155. data/src/core/lib/gprpp/per_cpu.h +9 -3
  156. data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
  157. data/src/core/lib/gprpp/ref_counted.h +33 -34
  158. data/src/core/lib/gprpp/thd.h +16 -0
  159. data/src/core/lib/gprpp/time.cc +1 -0
  160. data/src/core/lib/gprpp/time.h +4 -4
  161. data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
  162. data/src/core/lib/iomgr/call_combiner.h +2 -2
  163. data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
  164. data/src/core/lib/iomgr/ev_posix.cc +13 -53
  165. data/src/core/lib/iomgr/ev_posix.h +0 -3
  166. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
  167. data/src/core/lib/iomgr/iomgr.cc +4 -8
  168. data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
  169. data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
  170. data/src/core/lib/iomgr/pollset_windows.cc +1 -1
  171. data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
  172. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
  173. data/src/core/lib/iomgr/tcp_posix.cc +0 -1
  174. data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
  175. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
  176. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
  177. data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
  178. data/src/core/lib/iomgr/tcp_windows.cc +12 -8
  179. data/src/core/lib/load_balancing/lb_policy.cc +9 -13
  180. data/src/core/lib/load_balancing/lb_policy.h +4 -2
  181. data/src/core/lib/promise/activity.cc +22 -6
  182. data/src/core/lib/promise/activity.h +61 -24
  183. data/src/core/lib/promise/cancel_callback.h +77 -0
  184. data/src/core/lib/promise/detail/basic_seq.h +1 -1
  185. data/src/core/lib/promise/detail/promise_factory.h +4 -0
  186. data/src/core/lib/promise/for_each.h +176 -0
  187. data/src/core/lib/promise/if.h +9 -0
  188. data/src/core/lib/promise/interceptor_list.h +23 -2
  189. data/src/core/lib/promise/latch.h +89 -3
  190. data/src/core/lib/promise/loop.h +13 -9
  191. data/src/core/lib/promise/map.h +7 -0
  192. data/src/core/lib/promise/party.cc +286 -0
  193. data/src/core/lib/promise/party.h +499 -0
  194. data/src/core/lib/promise/pipe.h +197 -57
  195. data/src/core/lib/promise/poll.h +48 -0
  196. data/src/core/lib/promise/promise.h +2 -2
  197. data/src/core/lib/resource_quota/arena.cc +19 -3
  198. data/src/core/lib/resource_quota/arena.h +119 -5
  199. data/src/core/lib/resource_quota/memory_quota.cc +1 -1
  200. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
  201. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
  202. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
  203. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
  204. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  205. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
  206. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
  207. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
  208. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
  209. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
  210. data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
  211. data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
  212. data/src/core/lib/slice/slice.cc +1 -1
  213. data/src/core/lib/surface/builtins.cc +2 -0
  214. data/src/core/lib/surface/call.cc +926 -1024
  215. data/src/core/lib/surface/call.h +10 -0
  216. data/src/core/lib/surface/lame_client.cc +1 -0
  217. data/src/core/lib/surface/validate_metadata.cc +42 -43
  218. data/src/core/lib/surface/validate_metadata.h +0 -9
  219. data/src/core/lib/surface/version.cc +2 -2
  220. data/src/core/lib/transport/batch_builder.cc +179 -0
  221. data/src/core/lib/transport/batch_builder.h +468 -0
  222. data/src/core/lib/transport/bdp_estimator.cc +7 -7
  223. data/src/core/lib/transport/bdp_estimator.h +10 -6
  224. data/src/core/lib/transport/custom_metadata.h +30 -0
  225. data/src/core/lib/transport/metadata_batch.cc +5 -2
  226. data/src/core/lib/transport/metadata_batch.h +17 -113
  227. data/src/core/lib/transport/parsed_metadata.h +6 -16
  228. data/src/core/lib/transport/timeout_encoding.cc +6 -1
  229. data/src/core/lib/transport/transport.cc +30 -2
  230. data/src/core/lib/transport/transport.h +70 -14
  231. data/src/core/lib/transport/transport_impl.h +7 -0
  232. data/src/core/lib/transport/transport_op_string.cc +52 -42
  233. data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
  234. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
  235. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
  236. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
  237. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
  238. data/src/core/tsi/ssl_transport_security.cc +4 -2
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/third_party/abseil-cpp/absl/base/config.h +1 -1
  241. data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
  242. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
  243. data/third_party/abseil-cpp/absl/flags/config.h +68 -0
  244. data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
  245. data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
  246. data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
  247. data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
  248. data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
  249. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
  250. data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
  251. data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
  252. data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
  253. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
  254. data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
  255. data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
  256. data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
  257. data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
  258. data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
  259. data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
  260. data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
  261. data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
  262. data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
  263. data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
  264. data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
  265. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
  266. data/third_party/boringssl-with-bazel/err_data.c +728 -712
  267. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
  268. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
  269. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
  270. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
  271. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
  272. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
  273. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
  274. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
  275. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
  276. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
  277. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
  278. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
  279. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
  280. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
  281. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
  282. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
  283. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
  284. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
  285. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
  286. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
  287. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
  288. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
  289. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
  290. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
  291. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
  292. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
  293. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
  294. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
  295. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
  296. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
  297. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
  298. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
  299. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
  300. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
  301. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
  302. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
  303. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
  304. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
  305. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
  306. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
  307. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
  308. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
  309. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
  310. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
  311. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
  312. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
  313. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
  314. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
  315. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
  316. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
  317. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
  318. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
  319. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
  320. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
  321. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
  322. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
  323. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
  324. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
  325. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
  326. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
  327. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
  328. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
  329. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
  330. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
  331. data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
  332. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
  333. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
  334. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
  335. data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
  336. data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
  337. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
  338. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
  339. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
  340. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
  341. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
  342. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
  343. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
  344. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
  345. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
  346. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
  347. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
  348. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
  349. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
  350. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
  351. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
  352. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
  353. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
  354. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
  355. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
  356. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
  357. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
  358. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
  359. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
  360. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
  361. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
  362. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
  363. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
  364. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
  365. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
  366. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
  367. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
  368. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
  369. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
  370. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
  371. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
  372. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
  373. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
  374. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
  375. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
  376. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
  377. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
  378. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
  379. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
  380. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
  381. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
  382. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  383. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
  384. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
  385. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
  386. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
  387. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
  388. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
  389. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
  390. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
  391. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
  392. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
  393. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
  394. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
  395. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
  396. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
  397. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
  398. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
  399. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
  400. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
  401. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
  402. data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
  403. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
  404. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
  405. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
  406. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
  407. data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
  408. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
  409. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
  410. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
  411. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
  412. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
  413. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
  414. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
  415. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
  416. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
  417. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
  418. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
  419. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
  420. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
  421. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
  422. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
  423. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
  424. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
  425. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
  426. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
  427. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
  428. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
  429. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
  430. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
  431. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
  432. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
  433. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
  434. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
  435. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
  436. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
  437. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
  438. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
  439. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
  440. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
  441. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
  442. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
  443. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
  444. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
  445. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
  446. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
  447. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
  448. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
  449. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
  450. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
  451. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
  452. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
  453. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
  454. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
  455. data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
  456. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
  457. data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
  458. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
  459. data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
  460. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
  461. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
  462. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
  463. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
  464. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
  465. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
  466. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
  467. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
  468. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
  469. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
  470. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
  471. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
  472. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
  473. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
  474. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
  475. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
  476. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
  477. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
  478. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
  479. data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
  480. data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
  481. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
  482. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
  483. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
  484. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
  485. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
  486. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
  487. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
  488. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
  489. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
  490. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
  491. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
  492. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
  493. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
  494. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
  495. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
  496. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
  497. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
  498. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
  499. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
  500. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
  501. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
  502. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
  503. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
  504. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
  505. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
  506. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
  507. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
  508. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
  509. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
  510. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
  511. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
  512. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
  513. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
  514. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
  515. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
  516. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
  517. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
  518. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
  519. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
  520. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
  521. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
  522. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
  523. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
  524. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
  525. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
  526. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
  527. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
  528. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
  529. data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
  530. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
  531. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
  532. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
  533. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
  534. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
  535. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
  536. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
  537. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
  538. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
  539. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
  540. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
  541. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
  542. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
  543. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
  544. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
  545. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
  546. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
  547. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
  548. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
  549. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
  550. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
  551. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
  552. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
  553. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
  554. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
  555. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
  556. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
  557. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
  558. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
  559. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
  560. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
  561. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
  562. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
  563. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
  564. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
  565. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
  566. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
  567. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
  568. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
  569. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
  570. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
  571. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
  572. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
  573. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
  574. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
  575. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
  576. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
  577. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
  578. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
  579. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
  580. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
  581. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
  582. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
  583. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
  584. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
  585. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
  586. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
  587. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
  588. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
  589. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
  590. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
  591. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
  592. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
  593. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
  594. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
  595. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
  596. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
  597. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
  598. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
  599. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
  600. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
  601. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
  602. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
  603. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
  604. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
  605. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
  606. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
  607. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
  608. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
  609. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
  610. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
  611. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
  612. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
  613. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
  614. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
  615. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
  616. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
  617. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
  618. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
  619. data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
  620. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
  621. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  622. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
  623. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
  630. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
  631. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
  632. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
  633. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
  634. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
  635. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
  636. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
  637. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
  638. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
  639. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
  640. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
  641. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
  642. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
  643. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
  644. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
  645. metadata +103 -70
  646. data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
  647. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
  648. data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
  649. data/src/core/lib/gprpp/global_config.h +0 -93
  650. data/src/core/lib/gprpp/global_config_env.cc +0 -140
  651. data/src/core/lib/gprpp/global_config_env.h +0 -133
  652. data/src/core/lib/gprpp/global_config_generic.h +0 -40
  653. data/src/core/lib/promise/intra_activity_waiter.h +0 -55
  654. data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
  655. data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
  656. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
  657. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
  658. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
  659. data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
  660. data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
  661. data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
  662. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
  663. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
  664. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
  665. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
  666. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
  667. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
  668. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
  669. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
  670. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
  671. /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
  672. /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
  673. /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
  674. /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
  675. /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
  676. /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
  677. /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
  678. /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
  679. /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
  680. /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
  681. /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
  682. /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
  683. /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
  684. /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
  685. /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
  686. /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
  687. /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
  688. /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
  689. /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
  690. /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
  691. /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
  692. /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
  693. /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
@@ -1,4 +1,3 @@
1
- /* v3_conf.c */
2
1
  /*
3
2
  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4
3
  * 1999.
@@ -55,7 +54,7 @@
55
54
  * (eay@cryptsoft.com). This product includes software written by Tim
56
55
  * Hudson (tjh@cryptsoft.com). */
57
56
 
58
- /* extension creation utilities */
57
+ // extension creation utilities
59
58
 
60
59
  #include <ctype.h>
61
60
  #include <stdio.h>
@@ -74,395 +73,359 @@
74
73
 
75
74
  static int v3_check_critical(const char **value);
76
75
  static int v3_check_generic(const char **value);
77
- static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
78
- int crit, const char *value);
76
+ static X509_EXTENSION *do_ext_nconf(const CONF *conf, const X509V3_CTX *ctx,
77
+ int ext_nid, int crit, const char *value);
79
78
  static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value,
80
79
  int crit, int type,
81
- X509V3_CTX *ctx);
82
- static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
83
- int ext_nid, int crit, void *ext_struc);
84
- static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx,
80
+ const X509V3_CTX *ctx);
81
+ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
82
+ int crit, void *ext_struc);
83
+ static unsigned char *generic_asn1(const char *value, const X509V3_CTX *ctx,
85
84
  long *ext_len);
86
- /* CONF *conf: Config file */
87
- /* char *name: Name */
88
- /* char *value: Value */
89
- X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
90
- const char *value)
91
- {
92
- int crit;
93
- int ext_type;
94
- X509_EXTENSION *ret;
95
- crit = v3_check_critical(&value);
96
- if ((ext_type = v3_check_generic(&value)))
97
- return v3_generic_extension(name, value, crit, ext_type, ctx);
98
- ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
99
- if (!ret) {
100
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_IN_EXTENSION);
101
- ERR_add_error_data(4, "name=", name, ", value=", value);
102
- }
103
- return ret;
85
+
86
+ X509_EXTENSION *X509V3_EXT_nconf(const CONF *conf, const X509V3_CTX *ctx,
87
+ const char *name, const char *value) {
88
+ // If omitted, fill in an empty |X509V3_CTX|.
89
+ X509V3_CTX ctx_tmp;
90
+ if (ctx == NULL) {
91
+ X509V3_set_ctx(&ctx_tmp, NULL, NULL, NULL, NULL, 0);
92
+ X509V3_set_nconf(&ctx_tmp, conf);
93
+ ctx = &ctx_tmp;
94
+ }
95
+
96
+ int crit = v3_check_critical(&value);
97
+ int ext_type = v3_check_generic(&value);
98
+ if (ext_type != 0) {
99
+ return v3_generic_extension(name, value, crit, ext_type, ctx);
100
+ }
101
+ X509_EXTENSION *ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
102
+ if (!ret) {
103
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_ERROR_IN_EXTENSION);
104
+ ERR_add_error_data(4, "name=", name, ", value=", value);
105
+ }
106
+ return ret;
104
107
  }
105
108
 
106
- /* CONF *conf: Config file */
107
- /* char *value: Value */
108
- X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
109
- const char *value)
110
- {
111
- int crit;
112
- int ext_type;
113
- crit = v3_check_critical(&value);
114
- if ((ext_type = v3_check_generic(&value)))
115
- return v3_generic_extension(OBJ_nid2sn(ext_nid),
116
- value, crit, ext_type, ctx);
117
- return do_ext_nconf(conf, ctx, ext_nid, crit, value);
109
+ X509_EXTENSION *X509V3_EXT_nconf_nid(const CONF *conf, const X509V3_CTX *ctx,
110
+ int ext_nid, const char *value) {
111
+ // If omitted, fill in an empty |X509V3_CTX|.
112
+ X509V3_CTX ctx_tmp;
113
+ if (ctx == NULL) {
114
+ X509V3_set_ctx(&ctx_tmp, NULL, NULL, NULL, NULL, 0);
115
+ X509V3_set_nconf(&ctx_tmp, conf);
116
+ ctx = &ctx_tmp;
117
+ }
118
+
119
+ int crit = v3_check_critical(&value);
120
+ int ext_type = v3_check_generic(&value);
121
+ if (ext_type != 0) {
122
+ return v3_generic_extension(OBJ_nid2sn(ext_nid), value, crit, ext_type,
123
+ ctx);
124
+ }
125
+ return do_ext_nconf(conf, ctx, ext_nid, crit, value);
118
126
  }
119
127
 
120
- /* CONF *conf: Config file */
121
- /* char *value: Value */
122
- static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
123
- int crit, const char *value)
124
- {
125
- const X509V3_EXT_METHOD *method;
126
- X509_EXTENSION *ext;
127
- STACK_OF(CONF_VALUE) *nval;
128
- void *ext_struc;
129
- if (ext_nid == NID_undef) {
130
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME);
128
+ // CONF *conf: Config file
129
+ // char *value: Value
130
+ static X509_EXTENSION *do_ext_nconf(const CONF *conf, const X509V3_CTX *ctx,
131
+ int ext_nid, int crit, const char *value) {
132
+ const X509V3_EXT_METHOD *method;
133
+ X509_EXTENSION *ext;
134
+ const STACK_OF(CONF_VALUE) *nval;
135
+ STACK_OF(CONF_VALUE) *nval_owned = NULL;
136
+ void *ext_struc;
137
+ if (ext_nid == NID_undef) {
138
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME);
139
+ return NULL;
140
+ }
141
+ if (!(method = X509V3_EXT_get_nid(ext_nid))) {
142
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION);
143
+ return NULL;
144
+ }
145
+ // Now get internal extension representation based on type
146
+ if (method->v2i) {
147
+ if (*value == '@') {
148
+ // TODO(davidben): This is the only place where |X509V3_EXT_nconf|'s
149
+ // |conf| parameter is used. All other codepaths use the copy inside
150
+ // |ctx|. Should this be switched and then the parameter ignored?
151
+ if (conf == NULL) {
152
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE);
131
153
  return NULL;
154
+ }
155
+ nval = NCONF_get_section(conf, value + 1);
156
+ } else {
157
+ nval_owned = X509V3_parse_list(value);
158
+ nval = nval_owned;
132
159
  }
133
- if (!(method = X509V3_EXT_get_nid(ext_nid))) {
134
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION);
135
- return NULL;
160
+ if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) {
161
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING);
162
+ ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value);
163
+ sk_CONF_VALUE_pop_free(nval_owned, X509V3_conf_free);
164
+ return NULL;
136
165
  }
137
- /* Now get internal extension representation based on type */
138
- if (method->v2i) {
139
- if (*value == '@')
140
- nval = NCONF_get_section(conf, value + 1);
141
- else
142
- nval = X509V3_parse_list(value);
143
- if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) {
144
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING);
145
- ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=",
146
- value);
147
- if (*value != '@')
148
- sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
149
- return NULL;
150
- }
151
- ext_struc = method->v2i(method, ctx, nval);
152
- if (*value != '@')
153
- sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
154
- if (!ext_struc)
155
- return NULL;
156
- } else if (method->s2i) {
157
- if (!(ext_struc = method->s2i(method, ctx, value)))
158
- return NULL;
159
- } else if (method->r2i) {
160
- if (!ctx->db || !ctx->db_meth) {
161
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE);
162
- return NULL;
163
- }
164
- if (!(ext_struc = method->r2i(method, ctx, value)))
165
- return NULL;
166
- } else {
167
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
168
- ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
169
- return NULL;
166
+ ext_struc = method->v2i(method, ctx, nval);
167
+ sk_CONF_VALUE_pop_free(nval_owned, X509V3_conf_free);
168
+ if (!ext_struc) {
169
+ return NULL;
170
170
  }
171
-
172
- ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
173
- if (method->it)
174
- ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
175
- else
176
- method->ext_free(ext_struc);
177
- return ext;
178
-
179
- }
180
-
181
- static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
182
- int ext_nid, int crit, void *ext_struc)
183
- {
184
- unsigned char *ext_der;
185
- int ext_len;
186
- ASN1_OCTET_STRING *ext_oct;
187
- X509_EXTENSION *ext;
188
- /* Convert internal representation to DER */
189
- if (method->it) {
190
- ext_der = NULL;
191
- ext_len =
192
- ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
193
- if (ext_len < 0)
194
- goto merr;
195
- } else {
196
- unsigned char *p;
197
- ext_len = method->i2d(ext_struc, NULL);
198
- if (!(ext_der = OPENSSL_malloc(ext_len)))
199
- goto merr;
200
- p = ext_der;
201
- method->i2d(ext_struc, &p);
171
+ } else if (method->s2i) {
172
+ if (!(ext_struc = method->s2i(method, ctx, value))) {
173
+ return NULL;
202
174
  }
203
- if (!(ext_oct = ASN1_OCTET_STRING_new()))
204
- goto merr;
205
- ext_oct->data = ext_der;
206
- ext_oct->length = ext_len;
207
-
208
- ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
209
- if (!ext)
210
- goto merr;
211
- ASN1_OCTET_STRING_free(ext_oct);
212
-
213
- return ext;
214
-
215
- merr:
216
- OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
175
+ } else if (method->r2i) {
176
+ // TODO(davidben): Should this check be removed? This matches OpenSSL, but
177
+ // r2i-based extensions do not necessarily require a config database. The
178
+ // two built-in extensions only use it some of the time, and already handle
179
+ // |X509V3_get_section| returning NULL.
180
+ if (!ctx->db) {
181
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE);
182
+ return NULL;
183
+ }
184
+ if (!(ext_struc = method->r2i(method, ctx, value))) {
185
+ return NULL;
186
+ }
187
+ } else {
188
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
189
+ ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
217
190
  return NULL;
191
+ }
192
+
193
+ ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
194
+ if (method->it) {
195
+ ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
196
+ } else {
197
+ method->ext_free(ext_struc);
198
+ }
199
+ return ext;
200
+ }
218
201
 
202
+ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
203
+ int crit, void *ext_struc) {
204
+ unsigned char *ext_der;
205
+ int ext_len;
206
+ ASN1_OCTET_STRING *ext_oct;
207
+ X509_EXTENSION *ext;
208
+ // Convert internal representation to DER
209
+ if (method->it) {
210
+ ext_der = NULL;
211
+ ext_len = ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
212
+ if (ext_len < 0) {
213
+ goto merr;
214
+ }
215
+ } else {
216
+ unsigned char *p;
217
+ ext_len = method->i2d(ext_struc, NULL);
218
+ if (!(ext_der = OPENSSL_malloc(ext_len))) {
219
+ goto merr;
220
+ }
221
+ p = ext_der;
222
+ method->i2d(ext_struc, &p);
223
+ }
224
+ if (!(ext_oct = ASN1_OCTET_STRING_new())) {
225
+ goto merr;
226
+ }
227
+ ext_oct->data = ext_der;
228
+ ext_oct->length = ext_len;
229
+
230
+ ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
231
+ if (!ext) {
232
+ goto merr;
233
+ }
234
+ ASN1_OCTET_STRING_free(ext_oct);
235
+
236
+ return ext;
237
+
238
+ merr:
239
+ return NULL;
219
240
  }
220
241
 
221
- /* Given an internal structure, nid and critical flag create an extension */
242
+ // Given an internal structure, nid and critical flag create an extension
222
243
 
223
- X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
224
- {
225
- const X509V3_EXT_METHOD *method;
226
- if (!(method = X509V3_EXT_get_nid(ext_nid))) {
227
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION);
228
- return NULL;
229
- }
230
- return do_ext_i2d(method, ext_nid, crit, ext_struc);
244
+ X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) {
245
+ const X509V3_EXT_METHOD *method;
246
+ if (!(method = X509V3_EXT_get_nid(ext_nid))) {
247
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION);
248
+ return NULL;
249
+ }
250
+ return do_ext_i2d(method, ext_nid, crit, ext_struc);
231
251
  }
232
252
 
233
- /* Check the extension string for critical flag */
234
- static int v3_check_critical(const char **value)
235
- {
236
- const char *p = *value;
237
- if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
238
- return 0;
239
- p += 9;
240
- while (isspace((unsigned char)*p))
241
- p++;
242
- *value = p;
243
- return 1;
253
+ // Check the extension string for critical flag
254
+ static int v3_check_critical(const char **value) {
255
+ const char *p = *value;
256
+ if ((strlen(p) < 9) || strncmp(p, "critical,", 9)) {
257
+ return 0;
258
+ }
259
+ p += 9;
260
+ while (OPENSSL_isspace((unsigned char)*p)) {
261
+ p++;
262
+ }
263
+ *value = p;
264
+ return 1;
244
265
  }
245
266
 
246
- /* Check extension string for generic extension and return the type */
247
- static int v3_check_generic(const char **value)
248
- {
249
- int gen_type = 0;
250
- const char *p = *value;
251
- if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
252
- p += 4;
253
- gen_type = 1;
254
- } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
255
- p += 5;
256
- gen_type = 2;
257
- } else
258
- return 0;
259
-
260
- while (isspace((unsigned char)*p))
261
- p++;
262
- *value = p;
263
- return gen_type;
267
+ // Check extension string for generic extension and return the type
268
+ static int v3_check_generic(const char **value) {
269
+ int gen_type = 0;
270
+ const char *p = *value;
271
+ if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
272
+ p += 4;
273
+ gen_type = 1;
274
+ } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
275
+ p += 5;
276
+ gen_type = 2;
277
+ } else {
278
+ return 0;
279
+ }
280
+
281
+ while (OPENSSL_isspace((unsigned char)*p)) {
282
+ p++;
283
+ }
284
+ *value = p;
285
+ return gen_type;
264
286
  }
265
287
 
266
- /* Create a generic extension: for now just handle DER type */
288
+ // Create a generic extension: for now just handle DER type
267
289
  static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value,
268
290
  int crit, int gen_type,
269
- X509V3_CTX *ctx)
270
- {
271
- unsigned char *ext_der = NULL;
272
- long ext_len = 0;
273
- ASN1_OBJECT *obj = NULL;
274
- ASN1_OCTET_STRING *oct = NULL;
275
- X509_EXTENSION *extension = NULL;
276
- if (!(obj = OBJ_txt2obj(ext, 0))) {
277
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR);
278
- ERR_add_error_data(2, "name=", ext);
279
- goto err;
280
- }
281
-
282
- if (gen_type == 1)
283
- ext_der = x509v3_hex_to_bytes(value, &ext_len);
284
- else if (gen_type == 2)
285
- ext_der = generic_asn1(value, ctx, &ext_len);
286
-
287
- if (ext_der == NULL) {
288
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR);
289
- ERR_add_error_data(2, "value=", value);
290
- goto err;
291
- }
292
-
293
- if (!(oct = ASN1_OCTET_STRING_new())) {
294
- OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
295
- goto err;
296
- }
297
-
298
- oct->data = ext_der;
299
- oct->length = ext_len;
300
- ext_der = NULL;
301
-
302
- extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
303
-
304
- err:
305
- ASN1_OBJECT_free(obj);
306
- ASN1_OCTET_STRING_free(oct);
307
- if (ext_der)
308
- OPENSSL_free(ext_der);
309
- return extension;
310
-
291
+ const X509V3_CTX *ctx) {
292
+ unsigned char *ext_der = NULL;
293
+ long ext_len = 0;
294
+ ASN1_OBJECT *obj = NULL;
295
+ ASN1_OCTET_STRING *oct = NULL;
296
+ X509_EXTENSION *extension = NULL;
297
+ if (!(obj = OBJ_txt2obj(ext, 0))) {
298
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_NAME_ERROR);
299
+ ERR_add_error_data(2, "name=", ext);
300
+ goto err;
301
+ }
302
+
303
+ if (gen_type == 1) {
304
+ ext_der = x509v3_hex_to_bytes(value, &ext_len);
305
+ } else if (gen_type == 2) {
306
+ ext_der = generic_asn1(value, ctx, &ext_len);
307
+ }
308
+
309
+ if (ext_der == NULL) {
310
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_VALUE_ERROR);
311
+ ERR_add_error_data(2, "value=", value);
312
+ goto err;
313
+ }
314
+
315
+ if (!(oct = ASN1_OCTET_STRING_new())) {
316
+ goto err;
317
+ }
318
+
319
+ oct->data = ext_der;
320
+ oct->length = ext_len;
321
+ ext_der = NULL;
322
+
323
+ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
324
+
325
+ err:
326
+ ASN1_OBJECT_free(obj);
327
+ ASN1_OCTET_STRING_free(oct);
328
+ OPENSSL_free(ext_der);
329
+ return extension;
311
330
  }
312
331
 
313
- static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx,
314
- long *ext_len)
315
- {
316
- ASN1_TYPE *typ;
317
- unsigned char *ext_der = NULL;
318
- typ = ASN1_generate_v3(value, ctx);
319
- if (typ == NULL)
320
- return NULL;
321
- *ext_len = i2d_ASN1_TYPE(typ, &ext_der);
322
- ASN1_TYPE_free(typ);
323
- return ext_der;
332
+ static unsigned char *generic_asn1(const char *value, const X509V3_CTX *ctx,
333
+ long *ext_len) {
334
+ ASN1_TYPE *typ;
335
+ unsigned char *ext_der = NULL;
336
+ typ = ASN1_generate_v3(value, ctx);
337
+ if (typ == NULL) {
338
+ return NULL;
339
+ }
340
+ *ext_len = i2d_ASN1_TYPE(typ, &ext_der);
341
+ ASN1_TYPE_free(typ);
342
+ return ext_der;
324
343
  }
325
344
 
326
- /*
327
- * This is the main function: add a bunch of extensions based on a config
328
- * file section to an extension STACK.
329
- */
330
-
331
- int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section,
332
- STACK_OF(X509_EXTENSION) **sk)
333
- {
334
- X509_EXTENSION *ext;
335
- STACK_OF(CONF_VALUE) *nval;
336
- CONF_VALUE *val;
337
- size_t i;
338
- if (!(nval = NCONF_get_section(conf, section)))
339
- return 0;
340
- for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
341
- val = sk_CONF_VALUE_value(nval, i);
342
- if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
343
- return 0;
344
- if (sk)
345
- X509v3_add_ext(sk, ext, -1);
346
- X509_EXTENSION_free(ext);
345
+ // This is the main function: add a bunch of extensions based on a config
346
+ // file section to an extension STACK.
347
+
348
+ int X509V3_EXT_add_nconf_sk(const CONF *conf, const X509V3_CTX *ctx,
349
+ const char *section,
350
+ STACK_OF(X509_EXTENSION) **sk) {
351
+ const STACK_OF(CONF_VALUE) *nval = NCONF_get_section(conf, section);
352
+ if (nval == NULL) {
353
+ return 0;
354
+ }
355
+ for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) {
356
+ const CONF_VALUE *val = sk_CONF_VALUE_value(nval, i);
357
+ X509_EXTENSION *ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value);
358
+ int ok = ext != NULL && //
359
+ (sk == NULL || X509v3_add_ext(sk, ext, -1) != NULL);
360
+ X509_EXTENSION_free(ext);
361
+ if (!ok) {
362
+ return 0;
347
363
  }
348
- return 1;
364
+ }
365
+ return 1;
349
366
  }
350
367
 
351
- /*
352
- * Convenience functions to add extensions to a certificate, CRL and request
353
- */
368
+ // Convenience functions to add extensions to a certificate, CRL and request
354
369
 
355
- int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
356
- X509 *cert)
357
- {
358
- STACK_OF(X509_EXTENSION) **sk = NULL;
359
- if (cert)
360
- sk = &cert->cert_info->extensions;
361
- return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
370
+ int X509V3_EXT_add_nconf(const CONF *conf, const X509V3_CTX *ctx,
371
+ const char *section, X509 *cert) {
372
+ STACK_OF(X509_EXTENSION) **sk = NULL;
373
+ if (cert) {
374
+ sk = &cert->cert_info->extensions;
375
+ }
376
+ return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
362
377
  }
363
378
 
364
- /* Same as above but for a CRL */
379
+ // Same as above but for a CRL
365
380
 
366
- int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
367
- X509_CRL *crl)
368
- {
369
- STACK_OF(X509_EXTENSION) **sk = NULL;
370
- if (crl)
371
- sk = &crl->crl->extensions;
372
- return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
381
+ int X509V3_EXT_CRL_add_nconf(const CONF *conf, const X509V3_CTX *ctx,
382
+ const char *section, X509_CRL *crl) {
383
+ STACK_OF(X509_EXTENSION) **sk = NULL;
384
+ if (crl) {
385
+ sk = &crl->crl->extensions;
386
+ }
387
+ return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
373
388
  }
374
389
 
375
- /* Add extensions to certificate request */
376
-
377
- int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
378
- X509_REQ *req)
379
- {
380
- STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
381
- int i;
382
- if (req)
383
- sk = &extlist;
384
- i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
385
- if (!i || !sk)
386
- return i;
387
- i = X509_REQ_add_extensions(req, extlist);
388
- sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
390
+ // Add extensions to certificate request
391
+
392
+ int X509V3_EXT_REQ_add_nconf(const CONF *conf, const X509V3_CTX *ctx,
393
+ const char *section, X509_REQ *req) {
394
+ STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
395
+ int i;
396
+ if (req) {
397
+ sk = &extlist;
398
+ }
399
+ i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
400
+ if (!i || !sk) {
389
401
  return i;
402
+ }
403
+ i = X509_REQ_add_extensions(req, extlist);
404
+ sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
405
+ return i;
390
406
  }
391
407
 
392
- /* Config database functions */
408
+ // Config database functions
393
409
 
394
- char *X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section)
395
- {
396
- if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
397
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED);
398
- return NULL;
399
- }
400
- if (ctx->db_meth->get_string)
401
- return ctx->db_meth->get_string(ctx->db, name, section);
410
+ const STACK_OF(CONF_VALUE) *X509V3_get_section(const X509V3_CTX *ctx,
411
+ const char *section) {
412
+ if (ctx->db == NULL) {
413
+ OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED);
402
414
  return NULL;
415
+ }
416
+ return NCONF_get_section(ctx->db, section);
403
417
  }
404
418
 
405
- STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section)
406
- {
407
- if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
408
- OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED);
409
- return NULL;
410
- }
411
- if (ctx->db_meth->get_section)
412
- return ctx->db_meth->get_section(ctx->db, section);
413
- return NULL;
414
- }
415
-
416
- void X509V3_string_free(X509V3_CTX *ctx, char *str)
417
- {
418
- if (!str)
419
- return;
420
- if (ctx->db_meth->free_string)
421
- ctx->db_meth->free_string(ctx->db, str);
422
- }
423
-
424
- void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
425
- {
426
- if (!section)
427
- return;
428
- if (ctx->db_meth->free_section)
429
- ctx->db_meth->free_section(ctx->db, section);
430
- }
431
-
432
- static char *nconf_get_string(void *db, const char *section, const char *value)
433
- {
434
- /* TODO(fork): This returns a non-const pointer because |X509V3_CONF_METHOD|
435
- * allows |get_string| to return caller-owned pointers, provided they're
436
- * freed by |free_string|. |nconf_method| leaves |free_string| NULL, and
437
- * there are no other implementations of |X509V3_CONF_METHOD|, so this can
438
- * be simplified if we make it private. */
439
- return (char *)NCONF_get_string(db, section, value);
440
- }
441
-
442
- static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, const char *section)
443
- {
444
- return NCONF_get_section(db, section);
445
- }
446
-
447
- static const X509V3_CONF_METHOD nconf_method = {
448
- nconf_get_string,
449
- nconf_get_section,
450
- NULL,
451
- NULL
452
- };
453
-
454
- void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
455
- {
456
- ctx->db_meth = &nconf_method;
457
- ctx->db = conf;
419
+ void X509V3_set_nconf(X509V3_CTX *ctx, const CONF *conf) {
420
+ ctx->db = conf;
458
421
  }
459
422
 
460
- void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
461
- X509_CRL *crl, int flags)
462
- {
463
- ctx->issuer_cert = issuer;
464
- ctx->subject_cert = subj;
465
- ctx->crl = crl;
466
- ctx->subject_req = req;
467
- ctx->flags = flags;
423
+ void X509V3_set_ctx(X509V3_CTX *ctx, const X509 *issuer, const X509 *subj,
424
+ const X509_REQ *req, const X509_CRL *crl, int flags) {
425
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
426
+ ctx->issuer_cert = issuer;
427
+ ctx->subject_cert = subj;
428
+ ctx->crl = crl;
429
+ ctx->subject_req = req;
430
+ ctx->flags = flags;
468
431
  }