grpc 1.56.2 → 1.58.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +549 -292
- data/include/grpc/event_engine/event_engine.h +22 -33
- data/include/grpc/event_engine/memory_allocator.h +2 -2
- data/include/grpc/impl/channel_arg_names.h +371 -0
- data/include/grpc/impl/grpc_types.h +1 -350
- data/include/grpc/module.modulemap +1 -0
- data/include/grpc/support/port_platform.h +29 -23
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +1 -1
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +2 -1
- data/src/core/ext/filters/client_channel/client_channel.cc +51 -11
- data/src/core/ext/filters/client_channel/dynamic_filters.h +3 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +27 -53
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +23 -9
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +25 -35
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +79 -132
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +42 -17
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +22 -6
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric_internal.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +97 -71
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +152 -101
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.h +20 -0
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +13 -34
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +6 -7
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +21 -79
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +32 -20
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +12 -4
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +13 -42
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +3 -67
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +8 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +31 -74
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +7 -51
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +22 -90
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +16 -50
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -74
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +2 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +102 -11
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +9 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +4 -1
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_plugin.cc +6 -0
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +107 -70
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +10 -4
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +25 -13
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +367 -312
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +17 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +39 -2498
- data/src/core/ext/filters/client_channel/retry_filter.h +92 -1
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.cc +2052 -0
- data/src/core/ext/filters/client_channel/retry_filter_legacy_call_data.h +442 -0
- data/src/core/ext/filters/client_channel/retry_service_config.cc +1 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +39 -59
- data/src/core/ext/filters/client_channel/subchannel.cc +9 -5
- data/src/core/ext/filters/client_channel/subchannel.h +11 -5
- data/src/core/ext/filters/client_channel/subchannel_interface_internal.h +3 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -0
- data/src/core/ext/filters/http/client_authority_filter.cc +1 -1
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +1 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/message_size/message_size_filter.cc +1 -0
- data/src/core/ext/filters/rbac/rbac_filter.cc +40 -111
- data/src/core/ext/filters/rbac/rbac_filter.h +12 -30
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +4 -7
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +162 -86
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +0 -6
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +15 -16
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +463 -519
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +6569 -174
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2278 -441
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +6 -20
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +72 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +7 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +3 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +38 -61
- data/src/core/ext/transport/chttp2/transport/parsing.cc +31 -10
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +80 -0
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +55 -0
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +98 -0
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +73 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +82 -91
- data/src/core/ext/transport/inproc/inproc_transport.cc +1 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -6
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +143 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +0 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +13 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +35 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +17 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +85 -20
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +26 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +45 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +4 -3
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +21 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +30 -6
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +180 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.c +558 -0
- data/src/core/ext/upb-generated/envoy/data/accesslog/v3/accesslog.upb.h +2710 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +30 -11
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +53 -24
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +30 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +110 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +41 -15
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +150 -27
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +93 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +88 -76
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +11 -12
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +162 -160
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +129 -118
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +141 -135
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/metrics_service.upbdefs.c +19 -12
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +38 -30
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.c +402 -0
- data/src/core/ext/upbdefs-generated/envoy/data/accesslog/v3/accesslog.upbdefs.h +111 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +80 -74
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +63 -47
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +315 -293
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +29 -29
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +33 -30
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -13
- data/src/core/ext/xds/xds_client_grpc.cc +12 -6
- data/src/core/ext/xds/xds_client_grpc.h +16 -2
- data/src/core/ext/xds/xds_client_stats.h +10 -0
- data/src/core/ext/xds/xds_cluster.cc +26 -16
- data/src/core/ext/xds/xds_endpoint.cc +4 -7
- data/src/core/ext/xds/xds_health_status.cc +0 -17
- data/src/core/ext/xds/xds_health_status.h +5 -25
- data/src/core/ext/xds/xds_http_fault_filter.cc +1 -2
- data/src/core/ext/xds/xds_http_fault_filter.h +1 -2
- data/src/core/ext/xds/xds_http_filters.h +2 -4
- data/src/core/ext/xds/xds_http_rbac_filter.cc +3 -8
- data/src/core/ext/xds/xds_http_rbac_filter.h +1 -2
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +1 -2
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +1 -2
- data/src/core/ext/xds/xds_lb_policy_registry.cc +36 -0
- data/src/core/ext/xds/xds_route_config.cc +4 -0
- data/src/core/ext/xds/xds_routing.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +2 -3
- data/src/core/lib/address_utils/parse_address.cc +63 -1
- data/src/core/lib/address_utils/parse_address.h +8 -0
- data/src/core/lib/address_utils/sockaddr_utils.cc +46 -1
- data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
- data/src/core/lib/avl/avl.h +10 -173
- data/src/core/lib/channel/call_tracer.cc +289 -0
- data/src/core/lib/channel/call_tracer.h +35 -0
- data/src/core/lib/channel/channel_args.cc +98 -82
- data/src/core/lib/channel/channel_args.h +32 -17
- data/src/core/lib/channel/connected_channel.cc +4 -2
- data/src/core/lib/channel/promise_based_filter.cc +4 -1
- data/src/core/lib/channel/promise_based_filter.h +1 -0
- data/src/core/lib/compression/compression_internal.cc +8 -4
- data/src/core/lib/debug/stats_data.cc +93 -21
- data/src/core/lib/debug/stats_data.h +41 -0
- data/src/core/lib/debug/trace.cc +1 -4
- data/src/core/lib/event_engine/ares_resolver.cc +712 -0
- data/src/core/lib/event_engine/ares_resolver.h +150 -0
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +10 -3
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +1 -1
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +2 -2
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +229 -0
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +117 -0
- data/src/core/lib/event_engine/event_engine.cc +0 -12
- data/src/core/lib/event_engine/forkable.cc +62 -43
- data/src/core/lib/event_engine/forkable.h +15 -0
- data/src/core/lib/event_engine/grpc_polled_fd.h +73 -0
- data/src/core/lib/event_engine/handle_containers.h +0 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -6
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +29 -9
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +10 -1
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +197 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +28 -14
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +3 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +49 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +20 -13
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +37 -27
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +4 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +43 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +6 -0
- data/src/core/lib/event_engine/posix_engine/timer.h +10 -37
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +2 -0
- data/src/core/lib/event_engine/tcp_socket_utils.cc +67 -7
- data/src/core/lib/event_engine/tcp_socket_utils.h +3 -0
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +58 -0
- data/src/core/lib/event_engine/thread_pool/thread_count.h +161 -0
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +7 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +122 -94
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +22 -48
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +12 -21
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +8 -12
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +58 -58
- data/src/core/lib/event_engine/windows/windows_endpoint.h +15 -12
- data/src/core/lib/event_engine/windows/windows_engine.cc +2 -1
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -12
- data/src/core/lib/experiments/config.cc +74 -22
- data/src/core/lib/experiments/config.h +20 -8
- data/src/core/lib/experiments/experiments.cc +206 -91
- data/src/core/lib/experiments/experiments.h +71 -14
- data/src/core/lib/gprpp/dual_ref_counted.h +9 -9
- data/src/core/lib/gprpp/fork.cc +8 -9
- data/src/core/lib/gprpp/fork.h +6 -5
- data/src/core/lib/gprpp/if_list.h +4530 -0
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/ref_counted.h +9 -7
- data/src/core/lib/gprpp/ref_counted_string.cc +44 -0
- data/src/core/lib/gprpp/ref_counted_string.h +146 -0
- data/src/core/lib/gprpp/sorted_pack.h +3 -12
- data/src/core/lib/gprpp/status_helper.h +16 -15
- data/src/core/lib/gprpp/time.h +13 -1
- data/src/core/lib/gprpp/type_list.h +32 -0
- data/src/core/lib/gprpp/work_serializer.cc +36 -0
- data/src/core/lib/gprpp/work_serializer.h +5 -0
- data/src/core/lib/http/httpcli.h +6 -9
- data/src/core/lib/http/httpcli_security_connector.cc +1 -0
- data/src/core/lib/iomgr/buffer_list.cc +2 -0
- data/src/core/lib/iomgr/error.cc +32 -2
- data/src/core/lib/iomgr/error.h +9 -10
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +5 -7
- data/src/core/lib/iomgr/ev_poll_posix.cc +6 -5
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +7 -22
- data/src/core/lib/iomgr/exec_ctx.h +11 -0
- data/src/core/lib/iomgr/pollset.h +4 -5
- data/src/core/lib/iomgr/port.h +10 -0
- data/src/core/lib/iomgr/resolve_address.cc +13 -1
- data/src/core/lib/iomgr/resolve_address.h +17 -3
- data/src/core/lib/iomgr/sockaddr_posix.h +7 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +29 -0
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +6 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +4 -1
- data/src/core/lib/iomgr/tcp_posix.cc +24 -7
- data/src/core/lib/iomgr/tcp_server_posix.cc +3 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -2
- data/src/core/lib/iomgr/tcp_windows.cc +1 -3
- data/src/core/lib/iomgr/vsock.cc +59 -0
- data/src/core/lib/iomgr/vsock.h +38 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.h +3 -6
- data/src/core/lib/load_balancing/delegating_helper.h +115 -0
- data/src/core/lib/load_balancing/lb_policy.h +20 -0
- data/src/core/lib/load_balancing/subchannel_interface.h +6 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -372
- data/src/core/lib/promise/detail/seq_state.h +2076 -0
- data/src/core/lib/promise/party.h +1 -1
- data/src/core/lib/promise/seq.h +19 -2
- data/src/core/lib/promise/sleep.h +5 -10
- data/src/core/lib/promise/try_seq.h +34 -2
- data/src/core/lib/resolver/resolver_factory.h +3 -2
- data/src/core/lib/resolver/server_address.cc +9 -94
- data/src/core/lib/resolver/server_address.h +10 -64
- data/src/core/lib/resource_quota/api.cc +1 -0
- data/src/core/lib/resource_quota/arena.cc +2 -0
- data/src/core/lib/resource_quota/arena.h +42 -8
- data/src/core/lib/resource_quota/memory_quota.cc +0 -1
- data/src/core/lib/resource_quota/memory_quota.h +1 -1
- data/src/core/lib/resource_quota/resource_quota.h +1 -0
- data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -1
- data/src/core/lib/security/authorization/rbac_policy.h +1 -1
- data/src/core/lib/security/credentials/channel_creds_registry.h +51 -27
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +169 -9
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.h +3 -1
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +8 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.h +6 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +30 -38
- data/src/core/lib/security/credentials/fake/fake_credentials.h +28 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +17 -0
- data/src/core/lib/security/credentials/jwt/json_token.h +4 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +42 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +1 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +4 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -1
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +1 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/ssl_utils.cc +1 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +8 -5
- data/src/core/lib/security/transport/security_handshaker.cc +1 -0
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -0
- data/src/core/lib/service_config/service_config_call_data.h +5 -0
- data/src/core/lib/slice/slice.h +16 -0
- data/src/core/lib/surface/call.cc +63 -37
- data/src/core/lib/surface/channel.cc +1 -0
- data/src/core/lib/surface/completion_queue.cc +10 -0
- data/src/core/lib/surface/init.cc +1 -0
- data/src/core/lib/surface/server.cc +67 -64
- data/src/core/lib/surface/server.h +1 -15
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata_batch.cc +7 -7
- data/src/core/lib/transport/metadata_batch.h +86 -48
- data/src/core/lib/transport/parsed_metadata.h +34 -20
- data/src/core/lib/transport/simple_slice_based_metadata.h +9 -2
- data/src/core/tsi/alts/crypt/aes_gcm.cc +27 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +4 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +1 -2
- data/src/core/tsi/ssl_transport_security.cc +39 -7
- data/src/ruby/bin/math_pb.rb +24 -18
- data/src/ruby/ext/grpc/extconf.rb +19 -18
- data/src/ruby/ext/grpc/rb_call.c +62 -39
- data/src/ruby/ext/grpc/rb_call_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_channel.c +109 -84
- data/src/ruby/ext/grpc/rb_channel.h +1 -0
- data/src/ruby/ext/grpc/rb_channel_args.c +16 -2
- data/src/ruby/ext/grpc/rb_channel_args.h +4 -0
- data/src/ruby/ext/grpc/rb_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_compression_options.c +0 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +22 -6
- data/src/ruby/ext/grpc/rb_event_thread.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc.c +192 -30
- data/src/ruby/ext/grpc/rb_grpc.h +8 -2
- data/src/ruby/ext/grpc/rb_server.c +62 -45
- data/src/ruby/ext/grpc/rb_server_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +0 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +0 -1
- data/src/ruby/lib/grpc/generic/active_call.rb +9 -14
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +24 -13
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +24 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +25 -111
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +25 -2
- data/src/ruby/pb/test/client.rb +16 -0
- data/src/ruby/spec/generic/rpc_server_spec.rb +3 -3
- data/third_party/abseil-cpp/absl/algorithm/container.h +3 -2
- data/third_party/abseil-cpp/absl/base/attributes.h +58 -5
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +8 -8
- data/third_party/abseil-cpp/absl/base/config.h +89 -106
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +26 -1
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +50 -39
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +2 -1
- data/third_party/abseil-cpp/absl/base/internal/prefetch.h +17 -18
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +32 -3
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +24 -4
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +31 -73
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +9 -8
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +11 -11
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +23 -32
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +2 -3
- data/third_party/abseil-cpp/absl/base/options.h +1 -1
- data/third_party/abseil-cpp/absl/base/policy_checks.h +3 -3
- data/third_party/abseil-cpp/absl/base/prefetch.h +198 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +54 -29
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +5 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +6 -2
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +167 -79
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +3 -21
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +46 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +85 -26
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +35 -18
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +70 -29
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +437 -236
- data/third_party/abseil-cpp/absl/crc/crc32c.h +8 -1
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +14 -8
- data/third_party/abseil-cpp/absl/crc/internal/crc.cc +4 -35
- data/third_party/abseil-cpp/absl/crc/internal/crc.h +2 -10
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.h +4 -4
- data/third_party/abseil-cpp/absl/crc/internal/crc_internal.h +8 -10
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_64.cc +17 -19
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +8 -8
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +2 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +59 -23
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +43 -19
- data/third_party/abseil-cpp/absl/debugging/symbolize_emscripten.inc +3 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +1 -1
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc +1 -1
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +2 -2
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -15
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +1 -1
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +43 -2
- data/third_party/abseil-cpp/absl/flags/marshalling.h +5 -0
- data/third_party/abseil-cpp/absl/functional/any_invocable.h +9 -1
- data/third_party/abseil-cpp/absl/functional/bind_front.h +1 -1
- data/third_party/abseil-cpp/absl/functional/function_ref.h +3 -3
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +37 -24
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +19 -9
- data/third_party/abseil-cpp/absl/hash/hash.h +7 -4
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +38 -15
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +6 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +48 -373
- data/third_party/abseil-cpp/absl/numeric/bits.h +4 -4
- data/third_party/abseil-cpp/absl/numeric/int128.cc +20 -8
- data/third_party/abseil-cpp/absl/numeric/int128.h +36 -39
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +0 -3
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +47 -30
- data/third_party/abseil-cpp/absl/random/internal/fast_uniform_bits.h +4 -3
- data/third_party/abseil-cpp/absl/random/internal/generate_real.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/platform.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +4 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.cc +1 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +1 -1
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +4 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +12 -24
- data/third_party/abseil-cpp/absl/status/status.cc +11 -7
- data/third_party/abseil-cpp/absl/status/status.h +11 -2
- data/third_party/abseil-cpp/absl/status/statusor.h +22 -8
- data/third_party/abseil-cpp/absl/strings/ascii.cc +54 -6
- data/third_party/abseil-cpp/absl/strings/charconv.cc +21 -4
- data/third_party/abseil-cpp/absl/strings/charconv.h +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +1 -2
- data/third_party/abseil-cpp/absl/strings/cord.h +32 -5
- data/third_party/abseil-cpp/absl/strings/cord_analysis.cc +23 -1
- data/third_party/abseil-cpp/absl/strings/cord_analysis.h +18 -0
- data/third_party/abseil-cpp/absl/strings/cord_buffer.h +2 -5
- data/third_party/abseil-cpp/absl/strings/escaping.cc +10 -32
- data/third_party/abseil-cpp/absl/strings/escaping.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +2 -4
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +0 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +15 -13
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.cc +13 -4
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +8 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.cc +5 -3
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.h +4 -7
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +8 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +46 -20
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.h +1 -34
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +23 -0
- data/third_party/abseil-cpp/absl/strings/internal/escaping.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +2 -77
- data/third_party/abseil-cpp/absl/strings/internal/memutil.h +4 -112
- data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +10 -31
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +8 -8
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +5 -20
- data/third_party/abseil-cpp/absl/strings/internal/str_format/constexpr_parser.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +56 -6
- data/third_party/abseil-cpp/absl/strings/match.cc +87 -0
- data/third_party/abseil-cpp/absl/strings/match.h +19 -0
- data/third_party/abseil-cpp/absl/strings/numbers.cc +154 -122
- data/third_party/abseil-cpp/absl/strings/numbers.h +1 -6
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +7 -50
- data/third_party/abseil-cpp/absl/strings/str_cat.h +83 -15
- data/third_party/abseil-cpp/absl/strings/str_format.h +6 -3
- data/third_party/abseil-cpp/absl/strings/str_split.cc +9 -6
- data/third_party/abseil-cpp/absl/strings/string_view.cc +26 -4
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +63 -43
- data/third_party/abseil-cpp/absl/synchronization/internal/futex_waiter.cc +111 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex_waiter.h +63 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -7
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.cc +225 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +122 -114
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +12 -8
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +10 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/pthread_waiter.cc +167 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/pthread_waiter.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/sem_waiter.cc +122 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/sem_waiter.h +65 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/stdcpp_waiter.cc +91 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/stdcpp_waiter.h +56 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +19 -113
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter_base.cc +42 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter_base.h +90 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/win32_waiter.cc +151 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/win32_waiter.h +70 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +407 -411
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +152 -118
- data/third_party/abseil-cpp/absl/time/clock.cc +6 -7
- data/third_party/abseil-cpp/absl/time/duration.cc +24 -26
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +1 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +8 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +6 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +4 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +322 -295
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +8 -17
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +51 -33
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +7 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +128 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +5 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +34 -34
- data/third_party/abseil-cpp/absl/time/time.cc +9 -2
- data/third_party/abseil-cpp/absl/time/time.h +115 -15
- data/third_party/abseil-cpp/absl/types/internal/optional.h +0 -52
- data/third_party/abseil-cpp/absl/types/internal/span.h +2 -2
- data/third_party/abseil-cpp/absl/types/internal/variant.h +2 -2
- data/third_party/abseil-cpp/absl/types/optional.h +15 -13
- data/third_party/abseil-cpp/absl/types/span.h +1 -2
- data/third_party/boringssl-with-bazel/err_data.c +554 -553
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +34 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +11 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +92 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +5 -49
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +18 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +16 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +19 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +31 -192
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +49 -46
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_openbsd.c → curve25519/curve25519_64_adx.c} +3 -16
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +2809 -7417
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +27 -5
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +110 -72
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +24 -28
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +23 -21
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +35 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +34 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +12 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +12 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +17 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +37 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +38 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +277 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +180 -404
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +24 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +33 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +15 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +24 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +11 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +9 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +40 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +21 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +38 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +2 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +33 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +42 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +211 -100
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +25 -46
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fuchsia.c → ios.c} +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_no_threads.c → rand_extra/trusty.c} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +41 -19
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_c11.c → refcount.c} +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +152 -72
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +6 -35
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +5 -26
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +14 -18
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +54 -143
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +8 -19
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +19 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +4 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +4 -119
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +207 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +11 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +0 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +5 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +0 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +28 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +11 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +6 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +0 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +22 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +131 -81
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +236 -213
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +201 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +4 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +3 -2
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +9 -65
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +20 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +4 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +26 -20
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +4 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +37 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +127 -26
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +691 -0
- data/third_party/upb/upb/collections/map.c +3 -3
- metadata +62 -39
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +0 -42
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.h +0 -64
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +0 -177
- data/src/core/ext/transport/chttp2/transport/stream_map.h +0 -68
- data/src/core/lib/promise/detail/basic_join.h +0 -197
- data/src/core/lib/promise/detail/switch.h +0 -1455
- data/src/core/lib/promise/try_join.h +0 -82
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +0 -403
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +0 -62
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +0 -89
- data/third_party/re2/util/benchmark.h +0 -156
- data/third_party/re2/util/flags.h +0 -26
- data/third_party/re2/util/malloc_counter.h +0 -19
- data/third_party/re2/util/pcre.cc +0 -1025
- data/third_party/re2/util/pcre.h +0 -681
- data/third_party/re2/util/test.h +0 -50
- data/third_party/upb/upb/mini_table.h +0 -36
- data/third_party/zlib/gzclose.c +0 -25
- data/third_party/zlib/gzlib.c +0 -639
- data/third_party/zlib/gzread.c +0 -650
- data/third_party/zlib/gzwrite.c +0 -677
|
@@ -64,8 +64,6 @@
|
|
|
64
64
|
#include <openssl/thread.h>
|
|
65
65
|
#include <openssl/x509.h>
|
|
66
66
|
|
|
67
|
-
#if !defined(OPENSSL_TRUSTY)
|
|
68
|
-
|
|
69
67
|
#include "../internal.h"
|
|
70
68
|
#include "internal.h"
|
|
71
69
|
|
|
@@ -81,7 +79,6 @@ typedef struct lookup_dir_entry_st {
|
|
|
81
79
|
} BY_DIR_ENTRY;
|
|
82
80
|
|
|
83
81
|
typedef struct lookup_dir_st {
|
|
84
|
-
BUF_MEM *buffer;
|
|
85
82
|
STACK_OF(BY_DIR_ENTRY) *dirs;
|
|
86
83
|
} BY_DIR;
|
|
87
84
|
|
|
@@ -141,10 +138,6 @@ static int new_dir(X509_LOOKUP *lu) {
|
|
|
141
138
|
if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) {
|
|
142
139
|
return 0;
|
|
143
140
|
}
|
|
144
|
-
if ((a->buffer = BUF_MEM_new()) == NULL) {
|
|
145
|
-
OPENSSL_free(a);
|
|
146
|
-
return 0;
|
|
147
|
-
}
|
|
148
141
|
a->dirs = NULL;
|
|
149
142
|
lu->method_data = a;
|
|
150
143
|
return 1;
|
|
@@ -175,7 +168,6 @@ static void free_dir(X509_LOOKUP *lu) {
|
|
|
175
168
|
BY_DIR *a = lu->method_data;
|
|
176
169
|
if (a != NULL) {
|
|
177
170
|
sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
|
|
178
|
-
BUF_MEM_free(a->buffer);
|
|
179
171
|
OPENSSL_free(a);
|
|
180
172
|
}
|
|
181
173
|
}
|
|
@@ -238,7 +230,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) {
|
|
|
238
230
|
|
|
239
231
|
// g_ent_hashes_lock protects the |hashes| member of all |BY_DIR_ENTRY|
|
|
240
232
|
// objects.
|
|
241
|
-
static
|
|
233
|
+
static CRYPTO_MUTEX g_ent_hashes_lock = CRYPTO_MUTEX_INIT;
|
|
242
234
|
|
|
243
235
|
static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
244
236
|
X509_OBJECT *ret) {
|
|
@@ -304,7 +296,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
|
304
296
|
}
|
|
305
297
|
if (type == X509_LU_CRL && ent->hashes) {
|
|
306
298
|
htmp.hash = h;
|
|
307
|
-
|
|
299
|
+
CRYPTO_MUTEX_lock_read(&g_ent_hashes_lock);
|
|
308
300
|
if (sk_BY_DIR_HASH_find(ent->hashes, &idx, &htmp)) {
|
|
309
301
|
hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
|
|
310
302
|
k = hent->suffix;
|
|
@@ -312,14 +304,13 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
|
312
304
|
hent = NULL;
|
|
313
305
|
k = 0;
|
|
314
306
|
}
|
|
315
|
-
|
|
307
|
+
CRYPTO_MUTEX_unlock_read(&g_ent_hashes_lock);
|
|
316
308
|
} else {
|
|
317
309
|
k = 0;
|
|
318
310
|
hent = NULL;
|
|
319
311
|
}
|
|
320
312
|
for (;;) {
|
|
321
|
-
|
|
322
|
-
k);
|
|
313
|
+
snprintf(b->data, b->max, "%s/%08lx.%s%d", ent->dir, h, postfix, k);
|
|
323
314
|
#ifndef OPENSSL_NO_POSIX_IO
|
|
324
315
|
#if defined(_WIN32) && !defined(stat)
|
|
325
316
|
#define stat _stat
|
|
@@ -357,7 +348,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
|
357
348
|
// If a CRL, update the last file suffix added for this
|
|
358
349
|
|
|
359
350
|
if (type == X509_LU_CRL) {
|
|
360
|
-
|
|
351
|
+
CRYPTO_MUTEX_lock_write(&g_ent_hashes_lock);
|
|
361
352
|
// Look for entry again in case another thread added an entry
|
|
362
353
|
// first.
|
|
363
354
|
if (!hent) {
|
|
@@ -370,14 +361,14 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
|
370
361
|
if (!hent) {
|
|
371
362
|
hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
|
|
372
363
|
if (hent == NULL) {
|
|
373
|
-
|
|
364
|
+
CRYPTO_MUTEX_unlock_write(&g_ent_hashes_lock);
|
|
374
365
|
ok = 0;
|
|
375
366
|
goto finish;
|
|
376
367
|
}
|
|
377
368
|
hent->hash = h;
|
|
378
369
|
hent->suffix = k;
|
|
379
370
|
if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
|
|
380
|
-
|
|
371
|
+
CRYPTO_MUTEX_unlock_write(&g_ent_hashes_lock);
|
|
381
372
|
OPENSSL_free(hent);
|
|
382
373
|
ok = 0;
|
|
383
374
|
goto finish;
|
|
@@ -387,7 +378,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
|
387
378
|
hent->suffix = k;
|
|
388
379
|
}
|
|
389
380
|
|
|
390
|
-
|
|
381
|
+
CRYPTO_MUTEX_unlock_write(&g_ent_hashes_lock);
|
|
391
382
|
}
|
|
392
383
|
|
|
393
384
|
if (tmp != NULL) {
|
|
@@ -409,5 +400,3 @@ finish:
|
|
|
409
400
|
BUF_MEM_free(b);
|
|
410
401
|
return ok;
|
|
411
402
|
}
|
|
412
|
-
|
|
413
|
-
#endif // OPENSSL_TRUSTY
|
|
@@ -62,7 +62,6 @@
|
|
|
62
62
|
|
|
63
63
|
#include "internal.h"
|
|
64
64
|
|
|
65
|
-
#ifndef OPENSSL_NO_STDIO
|
|
66
65
|
|
|
67
66
|
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
|
68
67
|
char **ret);
|
|
@@ -278,5 +277,3 @@ err:
|
|
|
278
277
|
sk_X509_INFO_pop_free(inf, X509_INFO_free);
|
|
279
278
|
return count;
|
|
280
279
|
}
|
|
281
|
-
|
|
282
|
-
#endif // OPENSSL_NO_STDIO
|
|
@@ -64,6 +64,7 @@
|
|
|
64
64
|
#include <openssl/x509.h>
|
|
65
65
|
|
|
66
66
|
#include "../asn1/internal.h"
|
|
67
|
+
#include "../internal.h"
|
|
67
68
|
|
|
68
69
|
#if defined(__cplusplus)
|
|
69
70
|
extern "C" {
|
|
@@ -274,7 +275,6 @@ struct x509_lookup_method_st {
|
|
|
274
275
|
// function is then called to actually check the cert chain.
|
|
275
276
|
struct x509_store_st {
|
|
276
277
|
// The following is a cache of trusted certs
|
|
277
|
-
int cache; // if true, stash any hits
|
|
278
278
|
STACK_OF(X509_OBJECT) *objs; // Cache of all objects
|
|
279
279
|
CRYPTO_MUTEX objs_lock;
|
|
280
280
|
|
|
@@ -57,7 +57,7 @@
|
|
|
57
57
|
#include <openssl/err.h>
|
|
58
58
|
#include <openssl/x509.h>
|
|
59
59
|
|
|
60
|
-
|
|
60
|
+
|
|
61
61
|
int X509_STORE_set_default_paths(X509_STORE *ctx) {
|
|
62
62
|
X509_LOOKUP *lookup;
|
|
63
63
|
|
|
@@ -106,5 +106,3 @@ int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
|
|
|
106
106
|
}
|
|
107
107
|
return 1;
|
|
108
108
|
}
|
|
109
|
-
|
|
110
|
-
#endif
|
|
@@ -173,7 +173,6 @@ X509_STORE *X509_STORE_new(void) {
|
|
|
173
173
|
if (ret->objs == NULL) {
|
|
174
174
|
goto err;
|
|
175
175
|
}
|
|
176
|
-
ret->cache = 1;
|
|
177
176
|
ret->get_cert_methods = sk_X509_LOOKUP_new_null();
|
|
178
177
|
if (ret->get_cert_methods == NULL) {
|
|
179
178
|
goto err;
|
|
@@ -423,9 +422,8 @@ static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
|
|
|
423
422
|
}
|
|
424
423
|
|
|
425
424
|
if (pnmatch != NULL) {
|
|
426
|
-
int tidx;
|
|
427
425
|
*pnmatch = 1;
|
|
428
|
-
for (tidx = idx + 1; tidx <
|
|
426
|
+
for (size_t tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
|
|
429
427
|
const X509_OBJECT *tobj = sk_X509_OBJECT_value(h, tidx);
|
|
430
428
|
if (x509_object_cmp(tobj, &stmp)) {
|
|
431
429
|
break;
|
|
@@ -434,7 +432,7 @@ static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
|
|
|
434
432
|
}
|
|
435
433
|
}
|
|
436
434
|
|
|
437
|
-
return idx;
|
|
435
|
+
return (int)idx;
|
|
438
436
|
}
|
|
439
437
|
|
|
440
438
|
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
|
|
@@ -161,7 +161,7 @@ int X509_REQ_add_extensions(X509_REQ *req,
|
|
|
161
161
|
}
|
|
162
162
|
|
|
163
163
|
int X509_REQ_get_attr_count(const X509_REQ *req) {
|
|
164
|
-
return sk_X509_ATTRIBUTE_num(req->req_info->attributes);
|
|
164
|
+
return (int)sk_X509_ATTRIBUTE_num(req->req_info->attributes);
|
|
165
165
|
}
|
|
166
166
|
|
|
167
167
|
int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos) {
|
|
@@ -181,7 +181,7 @@ int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj,
|
|
|
181
181
|
if (lastpos < 0) {
|
|
182
182
|
lastpos = 0;
|
|
183
183
|
}
|
|
184
|
-
int n = sk_X509_ATTRIBUTE_num(req->req_info->attributes);
|
|
184
|
+
int n = (int)sk_X509_ATTRIBUTE_num(req->req_info->attributes);
|
|
185
185
|
for (; lastpos < n; lastpos++) {
|
|
186
186
|
const X509_ATTRIBUTE *attr =
|
|
187
187
|
sk_X509_ATTRIBUTE_value(req->req_info->attributes, lastpos);
|
|
@@ -168,7 +168,7 @@ int X509_TRUST_set(int *t, int trust) {
|
|
|
168
168
|
}
|
|
169
169
|
|
|
170
170
|
int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
|
|
171
|
-
char *name, int arg1, void *arg2) {
|
|
171
|
+
const char *name, int arg1, void *arg2) {
|
|
172
172
|
int idx;
|
|
173
173
|
X509_TRUST *trtmp;
|
|
174
174
|
char *name_dup;
|
|
@@ -69,7 +69,7 @@ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) {
|
|
|
69
69
|
if (x == NULL) {
|
|
70
70
|
return 0;
|
|
71
71
|
}
|
|
72
|
-
return (sk_X509_EXTENSION_num(x)
|
|
72
|
+
return (int)sk_X509_EXTENSION_num(x);
|
|
73
73
|
}
|
|
74
74
|
|
|
75
75
|
int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
|
|
@@ -83,9 +83,6 @@ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
|
|
|
83
83
|
|
|
84
84
|
int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
|
|
85
85
|
const ASN1_OBJECT *obj, int lastpos) {
|
|
86
|
-
int n;
|
|
87
|
-
X509_EXTENSION *ex;
|
|
88
|
-
|
|
89
86
|
if (sk == NULL) {
|
|
90
87
|
return -1;
|
|
91
88
|
}
|
|
@@ -93,9 +90,9 @@ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
|
|
|
93
90
|
if (lastpos < 0) {
|
|
94
91
|
lastpos = 0;
|
|
95
92
|
}
|
|
96
|
-
n = sk_X509_EXTENSION_num(sk);
|
|
93
|
+
int n = (int)sk_X509_EXTENSION_num(sk);
|
|
97
94
|
for (; lastpos < n; lastpos++) {
|
|
98
|
-
ex = sk_X509_EXTENSION_value(sk, lastpos);
|
|
95
|
+
const X509_EXTENSION *ex = sk_X509_EXTENSION_value(sk, lastpos);
|
|
99
96
|
if (OBJ_cmp(ex->object, obj) == 0) {
|
|
100
97
|
return lastpos;
|
|
101
98
|
}
|
|
@@ -115,7 +112,7 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
|
|
|
115
112
|
}
|
|
116
113
|
|
|
117
114
|
crit = !!crit;
|
|
118
|
-
int n = sk_X509_EXTENSION_num(sk);
|
|
115
|
+
int n = (int)sk_X509_EXTENSION_num(sk);
|
|
119
116
|
for (; lastpos < n; lastpos++) {
|
|
120
117
|
const X509_EXTENSION *ex = sk_X509_EXTENSION_value(sk, lastpos);
|
|
121
118
|
if (X509_EXTENSION_get_critical(ex) == crit) {
|
|
@@ -146,13 +143,12 @@ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) {
|
|
|
146
143
|
STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
147
144
|
const X509_EXTENSION *ex, int loc) {
|
|
148
145
|
X509_EXTENSION *new_ex = NULL;
|
|
149
|
-
int n;
|
|
150
146
|
STACK_OF(X509_EXTENSION) *sk = NULL;
|
|
151
147
|
int free_sk = 0;
|
|
152
148
|
|
|
153
149
|
if (x == NULL) {
|
|
154
150
|
OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER);
|
|
155
|
-
goto
|
|
151
|
+
goto err;
|
|
156
152
|
}
|
|
157
153
|
|
|
158
154
|
if (*x == NULL) {
|
|
@@ -164,7 +160,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
|
164
160
|
sk = *x;
|
|
165
161
|
}
|
|
166
162
|
|
|
167
|
-
n = sk_X509_EXTENSION_num(sk);
|
|
163
|
+
int n = (int)sk_X509_EXTENSION_num(sk);
|
|
168
164
|
if (loc > n) {
|
|
169
165
|
loc = n;
|
|
170
166
|
} else if (loc < 0) {
|
|
@@ -172,7 +168,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
|
172
168
|
}
|
|
173
169
|
|
|
174
170
|
if ((new_ex = X509_EXTENSION_dup(ex)) == NULL) {
|
|
175
|
-
goto
|
|
171
|
+
goto err;
|
|
176
172
|
}
|
|
177
173
|
if (!sk_X509_EXTENSION_insert(sk, new_ex, loc)) {
|
|
178
174
|
goto err;
|
|
@@ -181,8 +177,8 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
|
|
|
181
177
|
*x = sk;
|
|
182
178
|
}
|
|
183
179
|
return sk;
|
|
180
|
+
|
|
184
181
|
err:
|
|
185
|
-
err2:
|
|
186
182
|
X509_EXTENSION_free(new_ex);
|
|
187
183
|
if (free_sk) {
|
|
188
184
|
sk_X509_EXTENSION_free(sk);
|
|
@@ -217,7 +217,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) {
|
|
|
217
217
|
goto end;
|
|
218
218
|
}
|
|
219
219
|
|
|
220
|
-
num = sk_X509_num(ctx->chain);
|
|
220
|
+
num = (int)sk_X509_num(ctx->chain);
|
|
221
221
|
x = sk_X509_value(ctx->chain, num - 1);
|
|
222
222
|
depth = param->depth;
|
|
223
223
|
|
|
@@ -284,7 +284,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) {
|
|
|
284
284
|
|
|
285
285
|
do {
|
|
286
286
|
// Examine last certificate in chain and see if it is self signed.
|
|
287
|
-
i = sk_X509_num(ctx->chain);
|
|
287
|
+
i = (int)sk_X509_num(ctx->chain);
|
|
288
288
|
x = sk_X509_value(ctx->chain, i - 1);
|
|
289
289
|
|
|
290
290
|
int is_self_signed;
|
|
@@ -396,7 +396,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx) {
|
|
|
396
396
|
X509_free(xtmp);
|
|
397
397
|
num--;
|
|
398
398
|
}
|
|
399
|
-
ctx->last_untrusted = sk_X509_num(ctx->chain);
|
|
399
|
+
ctx->last_untrusted = (int)sk_X509_num(ctx->chain);
|
|
400
400
|
retry = 1;
|
|
401
401
|
break;
|
|
402
402
|
}
|
|
@@ -628,7 +628,7 @@ static int check_name_constraints(X509_STORE_CTX *ctx) {
|
|
|
628
628
|
int i, j, rv;
|
|
629
629
|
int has_name_constraints = 0;
|
|
630
630
|
// Check name constraints for all certificates
|
|
631
|
-
for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
|
|
631
|
+
for (i = (int)sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
|
|
632
632
|
X509 *x = sk_X509_value(ctx->chain, i);
|
|
633
633
|
// Ignore self issued certs unless last in chain
|
|
634
634
|
if (i && (x->ex_flags & EXFLAG_SI)) {
|
|
@@ -638,7 +638,7 @@ static int check_name_constraints(X509_STORE_CTX *ctx) {
|
|
|
638
638
|
// including trust anchor. Trust anchor not strictly speaking needed
|
|
639
639
|
// but if it includes constraints it is to be assumed it expects them
|
|
640
640
|
// to be obeyed.
|
|
641
|
-
for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
|
|
641
|
+
for (j = (int)sk_X509_num(ctx->chain) - 1; j > i; j--) {
|
|
642
642
|
NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
|
|
643
643
|
if (nc) {
|
|
644
644
|
has_name_constraints = 1;
|
|
@@ -748,11 +748,10 @@ static int check_id(X509_STORE_CTX *ctx) {
|
|
|
748
748
|
}
|
|
749
749
|
|
|
750
750
|
static int check_trust(X509_STORE_CTX *ctx) {
|
|
751
|
-
size_t i;
|
|
752
751
|
int ok;
|
|
753
752
|
X509 *x = NULL;
|
|
754
753
|
// Check all trusted certificates in chain
|
|
755
|
-
for (i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) {
|
|
754
|
+
for (size_t i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) {
|
|
756
755
|
x = sk_X509_value(ctx->chain, i);
|
|
757
756
|
ok = X509_check_trust(x, ctx->param->trust, 0);
|
|
758
757
|
// If explicitly trusted return trusted
|
|
@@ -762,7 +761,7 @@ static int check_trust(X509_STORE_CTX *ctx) {
|
|
|
762
761
|
// If explicitly rejected notify callback and reject if not
|
|
763
762
|
// overridden.
|
|
764
763
|
if (ok == X509_TRUST_REJECTED) {
|
|
765
|
-
ctx->error_depth = i;
|
|
764
|
+
ctx->error_depth = (int)i;
|
|
766
765
|
ctx->current_cert = x;
|
|
767
766
|
ctx->error = X509_V_ERR_CERT_REJECTED;
|
|
768
767
|
ok = ctx->verify_cb(0, ctx);
|
|
@@ -794,12 +793,12 @@ static int check_trust(X509_STORE_CTX *ctx) {
|
|
|
794
793
|
}
|
|
795
794
|
|
|
796
795
|
static int check_revocation(X509_STORE_CTX *ctx) {
|
|
797
|
-
int i, last, ok;
|
|
798
796
|
if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) {
|
|
799
797
|
return 1;
|
|
800
798
|
}
|
|
799
|
+
int last;
|
|
801
800
|
if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) {
|
|
802
|
-
last = sk_X509_num(ctx->chain) - 1;
|
|
801
|
+
last = (int)sk_X509_num(ctx->chain) - 1;
|
|
803
802
|
} else {
|
|
804
803
|
// If checking CRL paths this isn't the EE certificate
|
|
805
804
|
if (ctx->parent) {
|
|
@@ -807,9 +806,9 @@ static int check_revocation(X509_STORE_CTX *ctx) {
|
|
|
807
806
|
}
|
|
808
807
|
last = 0;
|
|
809
808
|
}
|
|
810
|
-
for (i = 0; i <= last; i++) {
|
|
809
|
+
for (int i = 0; i <= last; i++) {
|
|
811
810
|
ctx->error_depth = i;
|
|
812
|
-
ok = check_cert(ctx);
|
|
811
|
+
int ok = check_cert(ctx);
|
|
813
812
|
if (!ok) {
|
|
814
813
|
return ok;
|
|
815
814
|
}
|
|
@@ -1478,9 +1477,9 @@ done:
|
|
|
1478
1477
|
static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) {
|
|
1479
1478
|
X509 *issuer = NULL;
|
|
1480
1479
|
EVP_PKEY *ikey = NULL;
|
|
1481
|
-
int ok = 0
|
|
1482
|
-
cnum = ctx->error_depth;
|
|
1483
|
-
chnum = sk_X509_num(ctx->chain) - 1;
|
|
1480
|
+
int ok = 0;
|
|
1481
|
+
int cnum = ctx->error_depth;
|
|
1482
|
+
int chnum = (int)sk_X509_num(ctx->chain) - 1;
|
|
1484
1483
|
// if we have an alternative CRL issuer cert use that
|
|
1485
1484
|
if (ctx->current_issuer) {
|
|
1486
1485
|
issuer = ctx->current_issuer;
|
|
@@ -1691,11 +1690,11 @@ static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) {
|
|
|
1691
1690
|
}
|
|
1692
1691
|
|
|
1693
1692
|
static int internal_verify(X509_STORE_CTX *ctx) {
|
|
1694
|
-
int ok = 0
|
|
1693
|
+
int ok = 0;
|
|
1695
1694
|
X509 *xs, *xi;
|
|
1696
1695
|
EVP_PKEY *pkey = NULL;
|
|
1697
1696
|
|
|
1698
|
-
n = sk_X509_num(ctx->chain);
|
|
1697
|
+
int n = (int)sk_X509_num(ctx->chain);
|
|
1699
1698
|
ctx->error_depth = n - 1;
|
|
1700
1699
|
n--;
|
|
1701
1700
|
xi = sk_X509_value(ctx->chain, n);
|
|
@@ -1776,7 +1775,7 @@ int X509_cmp_current_time(const ASN1_TIME *ctm) {
|
|
|
1776
1775
|
return X509_cmp_time_posix(ctm, time(NULL));
|
|
1777
1776
|
}
|
|
1778
1777
|
|
|
1779
|
-
int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) {
|
|
1778
|
+
int X509_cmp_time(const ASN1_TIME *ctm, const time_t *cmp_time) {
|
|
1780
1779
|
int64_t compare_time = (cmp_time == NULL) ? time(NULL) : *cmp_time;
|
|
1781
1780
|
return X509_cmp_time_posix(ctm, compare_time);
|
|
1782
1781
|
}
|
|
@@ -1794,12 +1793,12 @@ ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec) {
|
|
|
1794
1793
|
return X509_time_adj(s, offset_sec, NULL);
|
|
1795
1794
|
}
|
|
1796
1795
|
|
|
1797
|
-
ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm) {
|
|
1796
|
+
ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, const time_t *in_tm) {
|
|
1798
1797
|
return X509_time_adj_ex(s, 0, offset_sec, in_tm);
|
|
1799
1798
|
}
|
|
1800
1799
|
|
|
1801
1800
|
ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec,
|
|
1802
|
-
time_t *in_tm) {
|
|
1801
|
+
const time_t *in_tm) {
|
|
1803
1802
|
int64_t t = 0;
|
|
1804
1803
|
|
|
1805
1804
|
if (in_tm) {
|
|
@@ -99,7 +99,7 @@ int X509_NAME_entry_count(const X509_NAME *name) {
|
|
|
99
99
|
if (name == NULL) {
|
|
100
100
|
return 0;
|
|
101
101
|
}
|
|
102
|
-
return (sk_X509_NAME_ENTRY_num(name->entries)
|
|
102
|
+
return (int)sk_X509_NAME_ENTRY_num(name->entries);
|
|
103
103
|
}
|
|
104
104
|
|
|
105
105
|
int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos) {
|
|
@@ -109,26 +109,22 @@ int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos) {
|
|
|
109
109
|
if (obj == NULL) {
|
|
110
110
|
return -2;
|
|
111
111
|
}
|
|
112
|
-
return
|
|
112
|
+
return X509_NAME_get_index_by_OBJ(name, obj, lastpos);
|
|
113
113
|
}
|
|
114
114
|
|
|
115
115
|
// NOTE: you should be passsing -1, not 0 as lastpos
|
|
116
116
|
int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
|
|
117
117
|
int lastpos) {
|
|
118
|
-
int n;
|
|
119
|
-
X509_NAME_ENTRY *ne;
|
|
120
|
-
STACK_OF(X509_NAME_ENTRY) *sk;
|
|
121
|
-
|
|
122
118
|
if (name == NULL) {
|
|
123
119
|
return -1;
|
|
124
120
|
}
|
|
125
121
|
if (lastpos < 0) {
|
|
126
122
|
lastpos = -1;
|
|
127
123
|
}
|
|
128
|
-
sk = name->entries;
|
|
129
|
-
n = sk_X509_NAME_ENTRY_num(sk);
|
|
124
|
+
const STACK_OF(X509_NAME_ENTRY) *sk = name->entries;
|
|
125
|
+
int n = (int)sk_X509_NAME_ENTRY_num(sk);
|
|
130
126
|
for (lastpos++; lastpos < n; lastpos++) {
|
|
131
|
-
ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
|
|
127
|
+
const X509_NAME_ENTRY *ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
|
|
132
128
|
if (OBJ_cmp(ne->object, obj) == 0) {
|
|
133
129
|
return lastpos;
|
|
134
130
|
}
|
|
@@ -153,9 +149,9 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) {
|
|
|
153
149
|
|
|
154
150
|
STACK_OF(X509_NAME_ENTRY) *sk = name->entries;
|
|
155
151
|
X509_NAME_ENTRY *ret = sk_X509_NAME_ENTRY_delete(sk, loc);
|
|
156
|
-
|
|
152
|
+
size_t n = sk_X509_NAME_ENTRY_num(sk);
|
|
157
153
|
name->modified = 1;
|
|
158
|
-
if (loc == n) {
|
|
154
|
+
if ((size_t)loc == n) {
|
|
159
155
|
return ret;
|
|
160
156
|
}
|
|
161
157
|
|
|
@@ -170,7 +166,7 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) {
|
|
|
170
166
|
// If we removed a singleton RDN, update the RDN indices so they are
|
|
171
167
|
// consecutive again.
|
|
172
168
|
if (set_prev + 1 < set_next) {
|
|
173
|
-
for (
|
|
169
|
+
for (size_t i = loc; i < n; i++) {
|
|
174
170
|
sk_X509_NAME_ENTRY_value(sk, i)->set--;
|
|
175
171
|
}
|
|
176
172
|
}
|
|
@@ -221,14 +217,14 @@ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
|
|
|
221
217
|
int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *entry, int loc,
|
|
222
218
|
int set) {
|
|
223
219
|
X509_NAME_ENTRY *new_name = NULL;
|
|
224
|
-
int
|
|
220
|
+
int i, inc;
|
|
225
221
|
STACK_OF(X509_NAME_ENTRY) *sk;
|
|
226
222
|
|
|
227
223
|
if (name == NULL) {
|
|
228
224
|
return 0;
|
|
229
225
|
}
|
|
230
226
|
sk = name->entries;
|
|
231
|
-
n = sk_X509_NAME_ENTRY_num(sk);
|
|
227
|
+
int n = (int)sk_X509_NAME_ENTRY_num(sk);
|
|
232
228
|
if (loc > n) {
|
|
233
229
|
loc = n;
|
|
234
230
|
} else if (loc < 0) {
|
|
@@ -266,7 +262,7 @@ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *entry, int loc,
|
|
|
266
262
|
goto err;
|
|
267
263
|
}
|
|
268
264
|
if (inc) {
|
|
269
|
-
n = sk_X509_NAME_ENTRY_num(sk);
|
|
265
|
+
n = (int)sk_X509_NAME_ENTRY_num(sk);
|
|
270
266
|
for (i = loc + 1; i < n; i++) {
|
|
271
267
|
sk_X509_NAME_ENTRY_value(sk, i)->set += 1;
|
|
272
268
|
}
|
|
@@ -430,7 +430,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
|
|
|
430
430
|
return 0;
|
|
431
431
|
}
|
|
432
432
|
|
|
433
|
-
static
|
|
433
|
+
static CRYPTO_MUTEX g_crl_sort_lock = CRYPTO_MUTEX_INIT;
|
|
434
434
|
|
|
435
435
|
static int crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
|
|
436
436
|
X509_NAME *issuer) {
|
|
@@ -443,16 +443,16 @@ static int crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
|
|
|
443
443
|
// Sort revoked into serial number order if not already sorted. Do this
|
|
444
444
|
// under a lock to avoid race condition.
|
|
445
445
|
|
|
446
|
-
|
|
446
|
+
CRYPTO_MUTEX_lock_read(&g_crl_sort_lock);
|
|
447
447
|
const int is_sorted = sk_X509_REVOKED_is_sorted(crl->crl->revoked);
|
|
448
|
-
|
|
448
|
+
CRYPTO_MUTEX_unlock_read(&g_crl_sort_lock);
|
|
449
449
|
|
|
450
450
|
if (!is_sorted) {
|
|
451
|
-
|
|
451
|
+
CRYPTO_MUTEX_lock_write(&g_crl_sort_lock);
|
|
452
452
|
if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
|
|
453
453
|
sk_X509_REVOKED_sort(crl->crl->revoked);
|
|
454
454
|
}
|
|
455
|
-
|
|
455
|
+
CRYPTO_MUTEX_unlock_write(&g_crl_sort_lock);
|
|
456
456
|
}
|
|
457
457
|
|
|
458
458
|
if (!sk_X509_REVOKED_find(crl->crl->revoked, &idx, &rtmp)) {
|
|
@@ -230,7 +230,7 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
|
|
|
230
230
|
entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname, i);
|
|
231
231
|
for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
|
|
232
232
|
entry = sk_X509_NAME_ENTRY_value(entries, j);
|
|
233
|
-
entry->set = i;
|
|
233
|
+
entry->set = (int)i;
|
|
234
234
|
if (!sk_X509_NAME_ENTRY_push(nm->entries, entry)) {
|
|
235
235
|
goto err;
|
|
236
236
|
}
|
|
@@ -128,7 +128,7 @@ error:
|
|
|
128
128
|
// |X509_PUBKEY| objects. Really |X509_PUBKEY| should have a |CRYPTO_once_t|
|
|
129
129
|
// inside it for this, but |CRYPTO_once_t| is private and |X509_PUBKEY| is
|
|
130
130
|
// not.
|
|
131
|
-
static
|
|
131
|
+
static CRYPTO_MUTEX g_pubkey_lock = CRYPTO_MUTEX_INIT;
|
|
132
132
|
|
|
133
133
|
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) {
|
|
134
134
|
EVP_PKEY *ret = NULL;
|
|
@@ -138,13 +138,13 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) {
|
|
|
138
138
|
goto error;
|
|
139
139
|
}
|
|
140
140
|
|
|
141
|
-
|
|
141
|
+
CRYPTO_MUTEX_lock_read(&g_pubkey_lock);
|
|
142
142
|
if (key->pkey != NULL) {
|
|
143
|
-
|
|
143
|
+
CRYPTO_MUTEX_unlock_read(&g_pubkey_lock);
|
|
144
144
|
EVP_PKEY_up_ref(key->pkey);
|
|
145
145
|
return key->pkey;
|
|
146
146
|
}
|
|
147
|
-
|
|
147
|
+
CRYPTO_MUTEX_unlock_read(&g_pubkey_lock);
|
|
148
148
|
|
|
149
149
|
// Re-encode the |X509_PUBKEY| to DER and parse it.
|
|
150
150
|
int spki_len = i2d_X509_PUBKEY(key, &spki);
|
|
@@ -160,14 +160,14 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) {
|
|
|
160
160
|
}
|
|
161
161
|
|
|
162
162
|
// Check to see if another thread set key->pkey first
|
|
163
|
-
|
|
163
|
+
CRYPTO_MUTEX_lock_write(&g_pubkey_lock);
|
|
164
164
|
if (key->pkey) {
|
|
165
|
-
|
|
165
|
+
CRYPTO_MUTEX_unlock_write(&g_pubkey_lock);
|
|
166
166
|
EVP_PKEY_free(ret);
|
|
167
167
|
ret = key->pkey;
|
|
168
168
|
} else {
|
|
169
169
|
key->pkey = ret;
|
|
170
|
-
|
|
170
|
+
CRYPTO_MUTEX_unlock_write(&g_pubkey_lock);
|
|
171
171
|
}
|
|
172
172
|
|
|
173
173
|
OPENSSL_free(spki);
|
|
@@ -173,13 +173,12 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(const X509V3_EXT_METHOD *method,
|
|
|
173
173
|
case GEN_IPADD:
|
|
174
174
|
p = gen->d.ip->data;
|
|
175
175
|
if (gen->d.ip->length == 4) {
|
|
176
|
-
|
|
177
|
-
p[3]);
|
|
176
|
+
snprintf(oline, sizeof(oline), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
|
|
178
177
|
} else if (gen->d.ip->length == 16) {
|
|
179
178
|
oline[0] = 0;
|
|
180
179
|
for (i = 0; i < 8; i++) {
|
|
181
180
|
uint16_t v = ((uint16_t)p[0] << 8) | p[1];
|
|
182
|
-
|
|
181
|
+
snprintf(htmp, sizeof(htmp), "%X", v);
|
|
183
182
|
p += 2;
|
|
184
183
|
OPENSSL_strlcat(oline, htmp, sizeof(oline));
|
|
185
184
|
if (i != 7) {
|
|
@@ -195,7 +195,6 @@ void *X509V3_EXT_d2i(const X509_EXTENSION *ext) {
|
|
|
195
195
|
void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *extensions, int nid,
|
|
196
196
|
int *out_critical, int *out_idx) {
|
|
197
197
|
int lastpos;
|
|
198
|
-
size_t i;
|
|
199
198
|
X509_EXTENSION *ex, *found_ex = NULL;
|
|
200
199
|
if (!extensions) {
|
|
201
200
|
if (out_idx) {
|
|
@@ -214,13 +213,13 @@ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *extensions, int nid,
|
|
|
214
213
|
if (lastpos < 0) {
|
|
215
214
|
lastpos = 0;
|
|
216
215
|
}
|
|
217
|
-
for (i = lastpos; i < sk_X509_EXTENSION_num(extensions); i++) {
|
|
216
|
+
for (size_t i = lastpos; i < sk_X509_EXTENSION_num(extensions); i++) {
|
|
218
217
|
ex = sk_X509_EXTENSION_value(extensions, i);
|
|
219
218
|
if (OBJ_obj2nid(ex->object) == nid) {
|
|
220
219
|
if (out_idx) {
|
|
221
220
|
// TODO(https://crbug.com/boringssl/379): Consistently reject
|
|
222
221
|
// duplicate extensions.
|
|
223
|
-
*out_idx = i;
|
|
222
|
+
*out_idx = (int)i;
|
|
224
223
|
found_ex = ex;
|
|
225
224
|
break;
|
|
226
225
|
} else if (found_ex) {
|