grpc 1.57.0 → 1.58.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +534 -284
- data/include/grpc/event_engine/event_engine.h +0 -1
- data/include/grpc/event_engine/memory_allocator.h +2 -2
- data/include/grpc/impl/channel_arg_names.h +371 -0
- data/include/grpc/impl/grpc_types.h +1 -353
- data/include/grpc/module.modulemap +1 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +1 -1
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +2 -1
- data/src/core/ext/filters/client_channel/client_channel.cc +7 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +10 -5
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +5 -3
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +115 -109
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.h +0 -5
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +7 -2
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +1 -0
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +8 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +102 -11
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +9 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +4 -1
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_plugin.cc +6 -0
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +41 -14
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +3 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/retry_filter.h +1 -0
- data/src/core/ext/filters/client_channel/retry_service_config.cc +1 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +1 -1
- data/src/core/ext/filters/client_channel/subchannel.cc +9 -5
- data/src/core/ext/filters/client_channel/subchannel.h +8 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -0
- data/src/core/ext/filters/http/client_authority_filter.cc +1 -1
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +1 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/message_size/message_size_filter.cc +1 -0
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +4 -7
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +357 -358
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +5 -18
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +63 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +7 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +30 -57
- data/src/core/ext/transport/chttp2/transport/parsing.cc +16 -7
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +80 -0
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +55 -0
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +98 -0
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +73 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +81 -89
- data/src/core/ext/transport/inproc/inproc_transport.cc +1 -0
- data/src/core/ext/xds/xds_client_grpc.cc +1 -0
- data/src/core/ext/xds/xds_http_fault_filter.cc +1 -2
- data/src/core/ext/xds/xds_http_fault_filter.h +1 -2
- data/src/core/ext/xds/xds_http_filters.h +2 -4
- data/src/core/ext/xds/xds_http_rbac_filter.cc +3 -8
- data/src/core/ext/xds/xds_http_rbac_filter.h +1 -2
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +1 -2
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +1 -2
- data/src/core/ext/xds/xds_lb_policy_registry.cc +3 -6
- data/src/core/ext/xds/xds_routing.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -0
- data/src/core/lib/avl/avl.h +10 -173
- data/src/core/lib/channel/call_tracer.cc +289 -0
- data/src/core/lib/channel/call_tracer.h +35 -0
- data/src/core/lib/channel/channel_args.cc +84 -79
- data/src/core/lib/channel/channel_args.h +29 -17
- data/src/core/lib/channel/connected_channel.cc +0 -1
- data/src/core/lib/channel/promise_based_filter.cc +4 -1
- data/src/core/lib/compression/compression_internal.cc +8 -4
- data/src/core/lib/debug/stats_data.cc +93 -21
- data/src/core/lib/debug/stats_data.h +41 -0
- data/src/core/lib/event_engine/ares_resolver.cc +712 -0
- data/src/core/lib/event_engine/ares_resolver.h +150 -0
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +9 -3
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +2 -2
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +229 -0
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +117 -0
- data/src/core/lib/event_engine/forkable.cc +15 -1
- data/src/core/lib/event_engine/forkable.h +15 -0
- data/src/core/lib/event_engine/grpc_polled_fd.h +73 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +25 -3
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +10 -1
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +197 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +3 -3
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +47 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +12 -1
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +1 -0
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +2 -0
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +58 -0
- data/src/core/lib/event_engine/thread_pool/thread_count.h +161 -0
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +7 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +86 -111
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +15 -61
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +3 -4
- data/src/core/lib/experiments/config.cc +14 -0
- data/src/core/lib/experiments/experiments.cc +141 -304
- data/src/core/lib/experiments/experiments.h +16 -17
- data/src/core/lib/gprpp/ref_counted.h +3 -1
- data/src/core/lib/gprpp/ref_counted_string.cc +44 -0
- data/src/core/lib/gprpp/ref_counted_string.h +146 -0
- data/src/core/lib/gprpp/time.h +2 -2
- data/src/core/lib/gprpp/work_serializer.cc +36 -0
- data/src/core/lib/gprpp/work_serializer.h +5 -0
- data/src/core/lib/http/httpcli_security_connector.cc +1 -0
- data/src/core/lib/iomgr/buffer_list.cc +2 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +7 -22
- data/src/core/lib/iomgr/tcp_posix.cc +3 -3
- data/src/core/lib/promise/detail/basic_seq.h +1 -372
- data/src/core/lib/promise/detail/seq_state.h +2076 -0
- data/src/core/lib/promise/seq.h +19 -2
- data/src/core/lib/promise/sleep.h +5 -10
- data/src/core/lib/promise/try_seq.h +34 -2
- data/src/core/lib/resource_quota/api.cc +1 -0
- data/src/core/lib/resource_quota/arena.cc +2 -0
- data/src/core/lib/resource_quota/arena.h +42 -8
- data/src/core/lib/resource_quota/memory_quota.cc +0 -1
- data/src/core/lib/resource_quota/resource_quota.h +1 -0
- data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -1
- data/src/core/lib/security/authorization/rbac_policy.h +1 -1
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +8 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +17 -0
- data/src/core/lib/security/credentials/jwt/json_token.h +4 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +42 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +1 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +4 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +1 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +1 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +1 -0
- data/src/core/lib/security/security_connector/ssl_utils.cc +1 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +8 -5
- data/src/core/lib/security/transport/security_handshaker.cc +1 -0
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -0
- data/src/core/lib/surface/call.cc +32 -8
- data/src/core/lib/surface/channel.cc +1 -0
- data/src/core/lib/surface/completion_queue.cc +10 -0
- data/src/core/lib/surface/init.cc +1 -0
- data/src/core/lib/surface/server.cc +67 -64
- data/src/core/lib/surface/server.h +1 -15
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/tsi/alts/crypt/aes_gcm.cc +27 -2
- data/src/core/tsi/ssl_transport_security.cc +11 -0
- data/src/ruby/lib/grpc/generic/active_call.rb +9 -14
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +16 -0
- data/src/ruby/spec/generic/rpc_server_spec.rb +3 -3
- data/third_party/abseil-cpp/absl/algorithm/container.h +3 -2
- data/third_party/abseil-cpp/absl/base/attributes.h +58 -5
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +8 -8
- data/third_party/abseil-cpp/absl/base/config.h +89 -106
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +26 -1
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +50 -39
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +2 -1
- data/third_party/abseil-cpp/absl/base/internal/prefetch.h +17 -18
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +32 -3
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +24 -4
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +31 -73
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +9 -8
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +11 -11
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +23 -32
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +2 -3
- data/third_party/abseil-cpp/absl/base/options.h +1 -1
- data/third_party/abseil-cpp/absl/base/policy_checks.h +3 -3
- data/third_party/abseil-cpp/absl/base/prefetch.h +198 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +54 -29
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +5 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +6 -2
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +167 -79
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +3 -21
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +46 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +85 -26
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +35 -18
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +70 -29
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +437 -236
- data/third_party/abseil-cpp/absl/crc/crc32c.h +8 -1
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +14 -8
- data/third_party/abseil-cpp/absl/crc/internal/crc.cc +4 -35
- data/third_party/abseil-cpp/absl/crc/internal/crc.h +2 -10
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.h +4 -4
- data/third_party/abseil-cpp/absl/crc/internal/crc_internal.h +8 -10
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_64.cc +17 -19
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +8 -8
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +2 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +59 -23
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +43 -19
- data/third_party/abseil-cpp/absl/debugging/symbolize_emscripten.inc +3 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +1 -1
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc +1 -1
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +2 -2
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -15
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +1 -1
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +43 -2
- data/third_party/abseil-cpp/absl/flags/marshalling.h +5 -0
- data/third_party/abseil-cpp/absl/functional/any_invocable.h +9 -1
- data/third_party/abseil-cpp/absl/functional/bind_front.h +1 -1
- data/third_party/abseil-cpp/absl/functional/function_ref.h +3 -3
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +37 -24
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +19 -9
- data/third_party/abseil-cpp/absl/hash/hash.h +7 -4
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +38 -15
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +6 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +48 -373
- data/third_party/abseil-cpp/absl/numeric/bits.h +4 -4
- data/third_party/abseil-cpp/absl/numeric/int128.cc +20 -8
- data/third_party/abseil-cpp/absl/numeric/int128.h +36 -39
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +0 -3
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +47 -30
- data/third_party/abseil-cpp/absl/random/internal/fast_uniform_bits.h +4 -3
- data/third_party/abseil-cpp/absl/random/internal/generate_real.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/platform.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +4 -0
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +1 -1
- data/third_party/abseil-cpp/absl/random/internal/randen_hwaes.cc +1 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +1 -1
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +4 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +12 -24
- data/third_party/abseil-cpp/absl/status/status.cc +11 -7
- data/third_party/abseil-cpp/absl/status/status.h +11 -2
- data/third_party/abseil-cpp/absl/status/statusor.h +22 -8
- data/third_party/abseil-cpp/absl/strings/ascii.cc +54 -6
- data/third_party/abseil-cpp/absl/strings/charconv.cc +21 -4
- data/third_party/abseil-cpp/absl/strings/charconv.h +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +1 -2
- data/third_party/abseil-cpp/absl/strings/cord.h +32 -5
- data/third_party/abseil-cpp/absl/strings/cord_analysis.cc +23 -1
- data/third_party/abseil-cpp/absl/strings/cord_analysis.h +18 -0
- data/third_party/abseil-cpp/absl/strings/cord_buffer.h +2 -5
- data/third_party/abseil-cpp/absl/strings/escaping.cc +10 -32
- data/third_party/abseil-cpp/absl/strings/escaping.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +2 -4
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +0 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +15 -13
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.cc +13 -4
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +8 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.cc +5 -3
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.h +4 -7
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +8 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +46 -20
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.h +1 -34
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +23 -0
- data/third_party/abseil-cpp/absl/strings/internal/escaping.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +2 -77
- data/third_party/abseil-cpp/absl/strings/internal/memutil.h +4 -112
- data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +10 -31
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +8 -8
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +5 -20
- data/third_party/abseil-cpp/absl/strings/internal/str_format/constexpr_parser.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +56 -6
- data/third_party/abseil-cpp/absl/strings/match.cc +87 -0
- data/third_party/abseil-cpp/absl/strings/match.h +19 -0
- data/third_party/abseil-cpp/absl/strings/numbers.cc +154 -122
- data/third_party/abseil-cpp/absl/strings/numbers.h +1 -6
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +7 -50
- data/third_party/abseil-cpp/absl/strings/str_cat.h +83 -15
- data/third_party/abseil-cpp/absl/strings/str_format.h +6 -3
- data/third_party/abseil-cpp/absl/strings/str_split.cc +9 -6
- data/third_party/abseil-cpp/absl/strings/string_view.cc +26 -4
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +63 -43
- data/third_party/abseil-cpp/absl/synchronization/internal/futex_waiter.cc +111 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex_waiter.h +63 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -7
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.cc +225 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +122 -114
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +12 -8
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +10 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/pthread_waiter.cc +167 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/pthread_waiter.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/sem_waiter.cc +122 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/sem_waiter.h +65 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/stdcpp_waiter.cc +91 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/stdcpp_waiter.h +56 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +19 -113
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter_base.cc +42 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter_base.h +90 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/win32_waiter.cc +151 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/win32_waiter.h +70 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +407 -411
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +152 -118
- data/third_party/abseil-cpp/absl/time/clock.cc +6 -7
- data/third_party/abseil-cpp/absl/time/duration.cc +24 -26
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +1 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +8 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +6 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +4 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +322 -295
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +8 -17
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +51 -33
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +7 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +128 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +5 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +34 -34
- data/third_party/abseil-cpp/absl/time/time.cc +9 -2
- data/third_party/abseil-cpp/absl/time/time.h +115 -15
- data/third_party/abseil-cpp/absl/types/internal/optional.h +0 -52
- data/third_party/abseil-cpp/absl/types/internal/span.h +2 -2
- data/third_party/abseil-cpp/absl/types/internal/variant.h +2 -2
- data/third_party/abseil-cpp/absl/types/optional.h +15 -13
- data/third_party/abseil-cpp/absl/types/span.h +1 -2
- data/third_party/boringssl-with-bazel/err_data.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +92 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -48
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +16 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +9 -14
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +37 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +38 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +4 -7
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +13 -21
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +6 -23
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +2 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +11 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +7 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +6 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +22 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +20 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +50 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +4 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +2 -0
- metadata +41 -33
- data/src/core/lib/promise/detail/basic_join.h +0 -197
- data/src/core/lib/promise/detail/switch.h +0 -1455
- data/src/core/lib/promise/try_join.h +0 -82
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +0 -403
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +0 -62
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_openbsd.c +0 -31
- data/third_party/re2/util/benchmark.h +0 -156
- data/third_party/re2/util/flags.h +0 -26
- data/third_party/re2/util/malloc_counter.h +0 -19
- data/third_party/re2/util/pcre.cc +0 -1025
- data/third_party/re2/util/pcre.h +0 -681
- data/third_party/re2/util/test.h +0 -50
- data/third_party/upb/upb/mini_table.h +0 -36
- data/third_party/zlib/gzclose.c +0 -25
- data/third_party/zlib/gzlib.c +0 -639
- data/third_party/zlib/gzread.c +0 -650
- data/third_party/zlib/gzwrite.c +0 -677
@@ -26,8 +26,7 @@
|
|
26
26
|
#include "../internal.h"
|
27
27
|
|
28
28
|
|
29
|
-
// This file implements hash-to-curve, as described in
|
30
|
-
// draft-irtf-cfrg-hash-to-curve-16.
|
29
|
+
// This file implements hash-to-curve, as described in RFC 9380.
|
31
30
|
//
|
32
31
|
// This hash-to-curve implementation is written generically with the
|
33
32
|
// expectation that we will eventually wish to support other curves. If it
|
@@ -48,8 +47,7 @@
|
|
48
47
|
// templates to make specializing more convenient.
|
49
48
|
|
50
49
|
// expand_message_xmd implements the operation described in section 5.3.1 of
|
51
|
-
//
|
52
|
-
// error.
|
50
|
+
// RFC 9380. It returns one on success and zero on error.
|
53
51
|
static int expand_message_xmd(const EVP_MD *md, uint8_t *out, size_t out_len,
|
54
52
|
const uint8_t *msg, size_t msg_len,
|
55
53
|
const uint8_t *dst, size_t dst_len) {
|
@@ -138,7 +136,7 @@ err:
|
|
138
136
|
|
139
137
|
// num_bytes_to_derive determines the number of bytes to derive when hashing to
|
140
138
|
// a number modulo |modulus|. See the hash_to_field operation defined in
|
141
|
-
// section 5.2 of
|
139
|
+
// section 5.2 of RFC 9380.
|
142
140
|
static int num_bytes_to_derive(size_t *out, const BIGNUM *modulus, unsigned k) {
|
143
141
|
size_t bits = BN_num_bits(modulus);
|
144
142
|
size_t L = (bits + k + 7) / 8;
|
@@ -171,8 +169,7 @@ static void big_endian_to_words(BN_ULONG *out, size_t num_words,
|
|
171
169
|
}
|
172
170
|
|
173
171
|
// hash_to_field implements the operation described in section 5.2
|
174
|
-
// of
|
175
|
-
// factor.
|
172
|
+
// of RFC 9380, with count = 2. |k| is the security factor.
|
176
173
|
static int hash_to_field2(const EC_GROUP *group, const EVP_MD *md,
|
177
174
|
EC_FELEM *out1, EC_FELEM *out2, const uint8_t *dst,
|
178
175
|
size_t dst_len, unsigned k, const uint8_t *msg,
|
@@ -221,8 +218,7 @@ static inline void mul_A(const EC_GROUP *group, EC_FELEM *out,
|
|
221
218
|
ec_felem_sub(group, out, in, &tmp); // out = -3*in
|
222
219
|
}
|
223
220
|
|
224
|
-
// sgn0 implements the operation described in section 4.1.2 of
|
225
|
-
// draft-irtf-cfrg-hash-to-curve-16.
|
221
|
+
// sgn0 implements the operation described in section 4.1.2 of RFC 9380.
|
226
222
|
static BN_ULONG sgn0(const EC_GROUP *group, const EC_FELEM *a) {
|
227
223
|
uint8_t buf[EC_MAX_BYTES];
|
228
224
|
size_t len;
|
@@ -235,7 +231,7 @@ OPENSSL_UNUSED static int is_3mod4(const EC_GROUP *group) {
|
|
235
231
|
}
|
236
232
|
|
237
233
|
// sqrt_ratio_3mod4 implements the operation described in appendix F.2.1.2
|
238
|
-
// of
|
234
|
+
// of RFC 9380.
|
239
235
|
static BN_ULONG sqrt_ratio_3mod4(const EC_GROUP *group, const EC_FELEM *Z,
|
240
236
|
const BN_ULONG *c1, size_t num_c1,
|
241
237
|
const EC_FELEM *c2, EC_FELEM *out_y,
|
@@ -270,8 +266,7 @@ static BN_ULONG sqrt_ratio_3mod4(const EC_GROUP *group, const EC_FELEM *Z,
|
|
270
266
|
}
|
271
267
|
|
272
268
|
// map_to_curve_simple_swu implements the operation described in section 6.6.2
|
273
|
-
// of
|
274
|
-
// in appendix F.2.
|
269
|
+
// of RFC 9380, using the straight-line implementation in appendix F.2.
|
275
270
|
static void map_to_curve_simple_swu(const EC_GROUP *group, const EC_FELEM *Z,
|
276
271
|
const BN_ULONG *c1, size_t num_c1,
|
277
272
|
const EC_FELEM *c2, EC_JACOBIAN *out,
|
@@ -405,7 +400,7 @@ int ec_hash_to_curve_p256_xmd_sha256_sswu(const EC_GROUP *group,
|
|
405
400
|
EC_JACOBIAN *out, const uint8_t *dst,
|
406
401
|
size_t dst_len, const uint8_t *msg,
|
407
402
|
size_t msg_len) {
|
408
|
-
// See section 8.3 of
|
403
|
+
// See section 8.3 of RFC 9380.
|
409
404
|
if (EC_GROUP_get_curve_name(group) != NID_X9_62_prime256v1) {
|
410
405
|
OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH);
|
411
406
|
return 0;
|
@@ -438,7 +433,7 @@ int ec_hash_to_curve_p384_xmd_sha384_sswu(const EC_GROUP *group,
|
|
438
433
|
EC_JACOBIAN *out, const uint8_t *dst,
|
439
434
|
size_t dst_len, const uint8_t *msg,
|
440
435
|
size_t msg_len) {
|
441
|
-
// See section 8.3 of
|
436
|
+
// See section 8.3 of RFC 9380.
|
442
437
|
if (EC_GROUP_get_curve_name(group) != NID_secp384r1) {
|
443
438
|
OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH);
|
444
439
|
return 0;
|
@@ -30,24 +30,22 @@ extern "C" {
|
|
30
30
|
|
31
31
|
// ec_hash_to_curve_p256_xmd_sha256_sswu hashes |msg| to a point on |group| and
|
32
32
|
// writes the result to |out|, implementing the P256_XMD:SHA-256_SSWU_RO_ suite
|
33
|
-
// from
|
34
|
-
// error.
|
33
|
+
// from RFC 9380. It returns one on success and zero on error.
|
35
34
|
OPENSSL_EXPORT int ec_hash_to_curve_p256_xmd_sha256_sswu(
|
36
35
|
const EC_GROUP *group, EC_JACOBIAN *out, const uint8_t *dst, size_t dst_len,
|
37
36
|
const uint8_t *msg, size_t msg_len);
|
38
37
|
|
39
38
|
// ec_hash_to_curve_p384_xmd_sha384_sswu hashes |msg| to a point on |group| and
|
40
39
|
// writes the result to |out|, implementing the P384_XMD:SHA-384_SSWU_RO_ suite
|
41
|
-
// from
|
42
|
-
// error.
|
40
|
+
// from RFC 9380. It returns one on success and zero on error.
|
43
41
|
OPENSSL_EXPORT int ec_hash_to_curve_p384_xmd_sha384_sswu(
|
44
42
|
const EC_GROUP *group, EC_JACOBIAN *out, const uint8_t *dst, size_t dst_len,
|
45
43
|
const uint8_t *msg, size_t msg_len);
|
46
44
|
|
47
45
|
// ec_hash_to_scalar_p384_xmd_sha384 hashes |msg| to a scalar on |group|
|
48
46
|
// and writes the result to |out|, using the hash_to_field operation from the
|
49
|
-
// P384_XMD:SHA-384_SSWU_RO_ suite from
|
50
|
-
//
|
47
|
+
// P384_XMD:SHA-384_SSWU_RO_ suite from RFC 9380, but generating a value modulo
|
48
|
+
// the group order rather than a field element.
|
51
49
|
OPENSSL_EXPORT int ec_hash_to_scalar_p384_xmd_sha384(
|
52
50
|
const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len,
|
53
51
|
const uint8_t *msg, size_t msg_len);
|
@@ -552,22 +552,21 @@ char *ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) {
|
|
552
552
|
const char *lib_str = err_lib_error_string(packed_error);
|
553
553
|
const char *reason_str = err_reason_error_string(packed_error);
|
554
554
|
|
555
|
-
char lib_buf[
|
555
|
+
char lib_buf[32], reason_buf[32];
|
556
556
|
if (lib_str == NULL) {
|
557
|
-
|
557
|
+
snprintf(lib_buf, sizeof(lib_buf), "lib(%u)", lib);
|
558
558
|
lib_str = lib_buf;
|
559
559
|
}
|
560
560
|
|
561
|
-
|
562
|
-
|
561
|
+
if (reason_str == NULL) {
|
562
|
+
snprintf(reason_buf, sizeof(reason_buf), "reason(%u)", reason);
|
563
563
|
reason_str = reason_buf;
|
564
564
|
}
|
565
565
|
|
566
|
-
|
567
|
-
|
568
|
-
|
569
|
-
|
570
|
-
// output may be truncated; make sure we always have 5 colon-separated
|
566
|
+
int ret = snprintf(buf, len, "error:%08" PRIx32 ":%s:OPENSSL_internal:%s",
|
567
|
+
packed_error, lib_str, reason_str);
|
568
|
+
if (ret >= 0 && (size_t)ret >= len) {
|
569
|
+
// The output was truncated; make sure we always have 5 colon-separated
|
571
570
|
// fields, i.e. 4 colons.
|
572
571
|
static const unsigned num_colons = 4;
|
573
572
|
unsigned i;
|
@@ -617,8 +616,8 @@ void ERR_print_errors_cb(ERR_print_errors_callback_t callback, void *ctx) {
|
|
617
616
|
}
|
618
617
|
|
619
618
|
ERR_error_string_n(packed_error, buf, sizeof(buf));
|
620
|
-
|
621
|
-
|
619
|
+
snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", thread_hash, buf, file,
|
620
|
+
line, (flags & ERR_FLAG_STRING) ? data : "");
|
622
621
|
if (callback(buf2, strlen(buf2), ctx) <= 0) {
|
623
622
|
break;
|
624
623
|
}
|
@@ -57,12 +57,40 @@
|
|
57
57
|
#include <openssl/dh.h>
|
58
58
|
|
59
59
|
#include <openssl/bn.h>
|
60
|
+
#include <openssl/err.h>
|
60
61
|
|
61
62
|
#include "internal.h"
|
62
63
|
|
63
64
|
|
65
|
+
int dh_check_params_fast(const DH *dh) {
|
66
|
+
// Most operations scale with p and q.
|
67
|
+
if (BN_is_negative(dh->p) || !BN_is_odd(dh->p) ||
|
68
|
+
BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
69
|
+
OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PARAMETERS);
|
70
|
+
return 0;
|
71
|
+
}
|
72
|
+
|
73
|
+
// q must be bounded by p.
|
74
|
+
if (dh->q != NULL && (BN_is_negative(dh->q) || BN_ucmp(dh->q, dh->p) > 0)) {
|
75
|
+
OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PARAMETERS);
|
76
|
+
return 0;
|
77
|
+
}
|
78
|
+
|
79
|
+
// g must be an element of p's multiplicative group.
|
80
|
+
if (BN_is_negative(dh->g) || BN_is_zero(dh->g) ||
|
81
|
+
BN_ucmp(dh->g, dh->p) >= 0) {
|
82
|
+
OPENSSL_PUT_ERROR(DH, DH_R_INVALID_PARAMETERS);
|
83
|
+
return 0;
|
84
|
+
}
|
85
|
+
|
86
|
+
return 1;
|
87
|
+
}
|
88
|
+
|
64
89
|
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *out_flags) {
|
65
90
|
*out_flags = 0;
|
91
|
+
if (!dh_check_params_fast(dh)) {
|
92
|
+
return 0;
|
93
|
+
}
|
66
94
|
|
67
95
|
BN_CTX *ctx = BN_CTX_new();
|
68
96
|
if (ctx == NULL) {
|
@@ -73,17 +101,14 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *out_flags) {
|
|
73
101
|
int ok = 0;
|
74
102
|
|
75
103
|
// Check |pub_key| is greater than 1.
|
76
|
-
|
77
|
-
if (tmp == NULL ||
|
78
|
-
!BN_set_word(tmp, 1)) {
|
79
|
-
goto err;
|
80
|
-
}
|
81
|
-
if (BN_cmp(pub_key, tmp) <= 0) {
|
104
|
+
if (BN_cmp(pub_key, BN_value_one()) <= 0) {
|
82
105
|
*out_flags |= DH_CHECK_PUBKEY_TOO_SMALL;
|
83
106
|
}
|
84
107
|
|
85
108
|
// Check |pub_key| is less than |dh->p| - 1.
|
86
|
-
|
109
|
+
BIGNUM *tmp = BN_CTX_get(ctx);
|
110
|
+
if (tmp == NULL ||
|
111
|
+
!BN_copy(tmp, dh->p) ||
|
87
112
|
!BN_sub_word(tmp, 1)) {
|
88
113
|
goto err;
|
89
114
|
}
|
@@ -113,6 +138,11 @@ err:
|
|
113
138
|
|
114
139
|
|
115
140
|
int DH_check(const DH *dh, int *out_flags) {
|
141
|
+
*out_flags = 0;
|
142
|
+
if (!dh_check_params_fast(dh)) {
|
143
|
+
return 0;
|
144
|
+
}
|
145
|
+
|
116
146
|
// Check that p is a safe prime and if g is 2, 3 or 5, check that it is a
|
117
147
|
// suitable generator where:
|
118
148
|
// for 2, p mod 24 == 11
|
@@ -124,7 +154,6 @@ int DH_check(const DH *dh, int *out_flags) {
|
|
124
154
|
BN_ULONG l;
|
125
155
|
BIGNUM *t1 = NULL, *t2 = NULL;
|
126
156
|
|
127
|
-
*out_flags = 0;
|
128
157
|
ctx = BN_CTX_new();
|
129
158
|
if (ctx == NULL) {
|
130
159
|
goto err;
|
@@ -70,8 +70,6 @@
|
|
70
70
|
#include "internal.h"
|
71
71
|
|
72
72
|
|
73
|
-
#define OPENSSL_DH_MAX_MODULUS_BITS 10000
|
74
|
-
|
75
73
|
DH *DH_new(void) {
|
76
74
|
DH *dh = OPENSSL_malloc(sizeof(DH));
|
77
75
|
if (dh == NULL) {
|
@@ -191,15 +189,14 @@ int DH_set_length(DH *dh, unsigned priv_length) {
|
|
191
189
|
int DH_generate_key(DH *dh) {
|
192
190
|
boringssl_ensure_ffdh_self_test();
|
193
191
|
|
192
|
+
if (!dh_check_params_fast(dh)) {
|
193
|
+
return 0;
|
194
|
+
}
|
195
|
+
|
194
196
|
int ok = 0;
|
195
197
|
int generate_new_key = 0;
|
196
198
|
BN_CTX *ctx = NULL;
|
197
|
-
BIGNUM *pub_key = NULL, *priv_key = NULL;
|
198
|
-
|
199
|
-
if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
|
200
|
-
OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE);
|
201
|
-
goto err;
|
202
|
-
}
|
199
|
+
BIGNUM *pub_key = NULL, *priv_key = NULL, *priv_key_limit = NULL;
|
203
200
|
|
204
201
|
ctx = BN_CTX_new();
|
205
202
|
if (ctx == NULL) {
|
@@ -232,22 +229,44 @@ int DH_generate_key(DH *dh) {
|
|
232
229
|
|
233
230
|
if (generate_new_key) {
|
234
231
|
if (dh->q) {
|
235
|
-
|
232
|
+
// Section 5.6.1.1.4 of SP 800-56A Rev3 generates a private key uniformly
|
233
|
+
// from [1, min(2^N-1, q-1)].
|
234
|
+
//
|
235
|
+
// Although SP 800-56A Rev3 now permits a private key length N,
|
236
|
+
// |dh->priv_length| historically was ignored when q is available. We
|
237
|
+
// continue to ignore it and interpret such a configuration as N = len(q).
|
238
|
+
if (!BN_rand_range_ex(priv_key, 1, dh->q)) {
|
236
239
|
goto err;
|
237
240
|
}
|
238
241
|
} else {
|
239
|
-
//
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
242
|
+
// If q is unspecified, we expect p to be a safe prime, with g generating
|
243
|
+
// the (p-1)/2 subgroup. So, we use q = (p-1)/2. (If g generates a smaller
|
244
|
+
// prime-order subgroup, q will still divide (p-1)/2.)
|
245
|
+
//
|
246
|
+
// We set N from |dh->priv_length|. Section 5.6.1.1.4 of SP 800-56A Rev3
|
247
|
+
// says to reject N > len(q), or N > num_bits(p) - 1. However, this logic
|
248
|
+
// originally aligned with PKCS#3, which allows num_bits(p). Instead, we
|
249
|
+
// clamp |dh->priv_length| before invoking the algorithm.
|
250
|
+
|
251
|
+
// Compute M = min(2^N, q).
|
252
|
+
priv_key_limit = BN_new();
|
253
|
+
if (priv_key_limit == NULL) {
|
254
|
+
goto err;
|
255
|
+
}
|
256
|
+
if (dh->priv_length == 0 || dh->priv_length >= BN_num_bits(dh->p) - 1) {
|
257
|
+
// M = q = (p - 1) / 2.
|
258
|
+
if (!BN_rshift1(priv_key_limit, dh->p)) {
|
259
|
+
goto err;
|
260
|
+
}
|
261
|
+
} else {
|
262
|
+
// M = 2^N.
|
263
|
+
if (!BN_set_bit(priv_key_limit, dh->priv_length)) {
|
244
264
|
goto err;
|
245
265
|
}
|
246
|
-
|
247
|
-
priv_bits = p_bits - 1;
|
248
266
|
}
|
249
267
|
|
250
|
-
|
268
|
+
// Choose a private key uniformly from [1, M-1].
|
269
|
+
if (!BN_rand_range_ex(priv_key, 1, priv_key_limit)) {
|
251
270
|
goto err;
|
252
271
|
}
|
253
272
|
}
|
@@ -273,14 +292,14 @@ err:
|
|
273
292
|
if (dh->priv_key == NULL) {
|
274
293
|
BN_free(priv_key);
|
275
294
|
}
|
295
|
+
BN_free(priv_key_limit);
|
276
296
|
BN_CTX_free(ctx);
|
277
297
|
return ok;
|
278
298
|
}
|
279
299
|
|
280
300
|
static int dh_compute_key(DH *dh, BIGNUM *out_shared_key,
|
281
301
|
const BIGNUM *peers_key, BN_CTX *ctx) {
|
282
|
-
if (
|
283
|
-
OPENSSL_PUT_ERROR(DH, DH_R_MODULUS_TOO_LARGE);
|
302
|
+
if (!dh_check_params_fast(dh)) {
|
284
303
|
return 0;
|
285
304
|
}
|
286
305
|
|
@@ -26,6 +26,8 @@ extern "C" {
|
|
26
26
|
#endif
|
27
27
|
|
28
28
|
|
29
|
+
#define OPENSSL_DH_MAX_MODULUS_BITS 10000
|
30
|
+
|
29
31
|
struct dh_st {
|
30
32
|
BIGNUM *p;
|
31
33
|
BIGNUM *g;
|
@@ -44,6 +46,11 @@ struct dh_st {
|
|
44
46
|
CRYPTO_refcount_t references;
|
45
47
|
};
|
46
48
|
|
49
|
+
// dh_check_params_fast checks basic invariants on |dh|'s domain parameters. It
|
50
|
+
// does not check that |dh| forms a valid group, only that the sizes are within
|
51
|
+
// DoS bounds.
|
52
|
+
int dh_check_params_fast(const DH *dh);
|
53
|
+
|
47
54
|
// dh_compute_key_padded_no_self_test does the same as |DH_compute_key_padded|,
|
48
55
|
// but doesn't try to run the self-test first. This is for use in the self tests
|
49
56
|
// themselves, to prevent an infinite loop.
|
@@ -913,11 +913,6 @@ static int boringssl_self_test_fast(void) {
|
|
913
913
|
}
|
914
914
|
|
915
915
|
// TLS KDF KAT
|
916
|
-
static const uint8_t kTLSSecret[32] = {
|
917
|
-
0xab, 0xc3, 0x65, 0x7b, 0x09, 0x4c, 0x76, 0x28, 0xa0, 0xb2, 0x82,
|
918
|
-
0x99, 0x6f, 0xe7, 0x5a, 0x75, 0xf4, 0x98, 0x4f, 0xd9, 0x4d, 0x4e,
|
919
|
-
0xcc, 0x2f, 0xcf, 0x53, 0xa2, 0xc4, 0x69, 0xa3, 0xf7, 0x31,
|
920
|
-
};
|
921
916
|
static const char kTLSLabel[] = "FIPS self test";
|
922
917
|
static const uint8_t kTLSSeed1[16] = {
|
923
918
|
0x8f, 0x0d, 0xe8, 0xb6, 0x90, 0x8f, 0xb1, 0xd2,
|
@@ -927,17 +922,45 @@ static int boringssl_self_test_fast(void) {
|
|
927
922
|
0x7d, 0x24, 0x1a, 0x9d, 0x3c, 0x59, 0xbf, 0x3c,
|
928
923
|
0x31, 0x1e, 0x2b, 0x21, 0x41, 0x8d, 0x32, 0x81,
|
929
924
|
};
|
930
|
-
|
931
|
-
|
932
|
-
|
933
|
-
|
925
|
+
|
926
|
+
static const uint8_t kTLS10Secret[32] = {
|
927
|
+
0xab, 0xc3, 0x65, 0x7b, 0x09, 0x4c, 0x76, 0x28, 0xa0, 0xb2, 0x82,
|
928
|
+
0x99, 0x6f, 0xe7, 0x5a, 0x75, 0xf4, 0x98, 0x4f, 0xd9, 0x4d, 0x4e,
|
929
|
+
0xcc, 0x2f, 0xcf, 0x53, 0xa2, 0xc4, 0x69, 0xa3, 0xf7, 0x31,
|
930
|
+
};
|
931
|
+
static const uint8_t kTLS10Output[32] = {
|
932
|
+
0x69, 0x7c, 0x4e, 0x2c, 0xee, 0x82, 0xb1, 0xd2, 0x8b, 0xac, 0x90,
|
933
|
+
0x7a, 0xa1, 0x8a, 0x81, 0xfe, 0xc5, 0x58, 0x45, 0x57, 0x61, 0x2f,
|
934
|
+
0x7a, 0x8d, 0x80, 0xfb, 0x44, 0xd8, 0x81, 0x60, 0xe5, 0xf8,
|
935
|
+
};
|
936
|
+
uint8_t tls10_output[sizeof(kTLS10Output)];
|
937
|
+
if (!CRYPTO_tls1_prf(EVP_md5_sha1(), tls10_output, sizeof(tls10_output),
|
938
|
+
kTLS10Secret, sizeof(kTLS10Secret), kTLSLabel,
|
939
|
+
sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
|
940
|
+
kTLSSeed2, sizeof(kTLSSeed2)) ||
|
941
|
+
!check_test(kTLS10Output, tls10_output, sizeof(kTLS10Output),
|
942
|
+
"TLS10-KDF KAT")) {
|
943
|
+
fprintf(stderr, "TLS KDF failed.\n");
|
944
|
+
goto err;
|
945
|
+
}
|
946
|
+
|
947
|
+
static const uint8_t kTLS12Secret[32] = {
|
948
|
+
0xc5, 0x43, 0x8e, 0xe2, 0x6f, 0xd4, 0xac, 0xbd, 0x25, 0x9f, 0xc9,
|
949
|
+
0x18, 0x55, 0xdc, 0x69, 0xbf, 0x88, 0x4e, 0xe2, 0x93, 0x22, 0xfc,
|
950
|
+
0xbf, 0xd2, 0x96, 0x6a, 0x46, 0x23, 0xd4, 0x2e, 0xc7, 0x81,
|
951
|
+
};
|
952
|
+
static const uint8_t kTLS12Output[32] = {
|
953
|
+
0xee, 0x4a, 0xcd, 0x3f, 0xa3, 0xd3, 0x55, 0x89, 0x9e, 0x6f, 0xf1,
|
954
|
+
0x38, 0x46, 0x9d, 0x2b, 0x33, 0xaa, 0x7f, 0xc4, 0x7f, 0x51, 0x85,
|
955
|
+
0x8a, 0xf3, 0x13, 0x84, 0xbf, 0x53, 0x6a, 0x65, 0x37, 0x51,
|
934
956
|
};
|
935
|
-
uint8_t
|
936
|
-
if (!CRYPTO_tls1_prf(EVP_sha256(),
|
937
|
-
sizeof(
|
938
|
-
kTLSSeed1, sizeof(kTLSSeed1),
|
939
|
-
sizeof(kTLSSeed2)) ||
|
940
|
-
!check_test(
|
957
|
+
uint8_t tls12_output[sizeof(kTLS12Output)];
|
958
|
+
if (!CRYPTO_tls1_prf(EVP_sha256(), tls12_output, sizeof(tls12_output),
|
959
|
+
kTLS12Secret, sizeof(kTLS12Secret), kTLSLabel,
|
960
|
+
sizeof(kTLSLabel), kTLSSeed1, sizeof(kTLSSeed1),
|
961
|
+
kTLSSeed2, sizeof(kTLSSeed2)) ||
|
962
|
+
!check_test(kTLS12Output, tls12_output, sizeof(kTLS12Output),
|
963
|
+
"TLS12-KDF KAT")) {
|
941
964
|
fprintf(stderr, "TLS KDF failed.\n");
|
942
965
|
goto err;
|
943
966
|
}
|
@@ -978,7 +1001,7 @@ static int boringssl_self_test_fast(void) {
|
|
978
1001
|
!check_test(kTLS13ExpandLabelOutput, tls13_expand_label_output,
|
979
1002
|
sizeof(kTLS13ExpandLabelOutput),
|
980
1003
|
"CRYPTO_tls13_hkdf_expand_label")) {
|
981
|
-
fprintf(stderr, "
|
1004
|
+
fprintf(stderr, "TLS13-KDF failed.\n");
|
982
1005
|
goto err;
|
983
1006
|
}
|
984
1007
|
|
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c
CHANGED
@@ -303,14 +303,11 @@ void HMAC_verify_service_indicator(const EVP_MD *evp_md) {
|
|
303
303
|
}
|
304
304
|
|
305
305
|
void TLSKDF_verify_service_indicator(const EVP_MD *md) {
|
306
|
-
// HMAC-MD5
|
307
|
-
// approved for use in the KDF in
|
308
|
-
//
|
309
|
-
//
|
310
|
-
// protocol.
|
306
|
+
// HMAC-MD5/HMAC-SHA1 (both used concurrently) is approved for use in the KDF
|
307
|
+
// in TLS 1.0/1.1. HMAC-SHA{256, 384, 512} are approved for use in the KDF in
|
308
|
+
// TLS 1.2. These Key Derivation functions are to be used in the context of
|
309
|
+
// the TLS protocol.
|
311
310
|
switch (EVP_MD_type(md)) {
|
312
|
-
case NID_md5:
|
313
|
-
case NID_sha1:
|
314
311
|
case NID_md5_sha1:
|
315
312
|
case NID_sha256:
|
316
313
|
case NID_sha384:
|
@@ -352,6 +352,13 @@ int EVP_HPKE_KEY_copy(EVP_HPKE_KEY *dst, const EVP_HPKE_KEY *src) {
|
|
352
352
|
return 1;
|
353
353
|
}
|
354
354
|
|
355
|
+
void EVP_HPKE_KEY_move(EVP_HPKE_KEY *out, EVP_HPKE_KEY *in) {
|
356
|
+
EVP_HPKE_KEY_cleanup(out);
|
357
|
+
// For now, |EVP_HPKE_KEY| is trivially movable.
|
358
|
+
OPENSSL_memcpy(out, in, sizeof(EVP_HPKE_KEY));
|
359
|
+
EVP_HPKE_KEY_zero(in);
|
360
|
+
}
|
361
|
+
|
355
362
|
int EVP_HPKE_KEY_init(EVP_HPKE_KEY *key, const EVP_HPKE_KEM *kem,
|
356
363
|
const uint8_t *priv_key, size_t priv_key_len) {
|
357
364
|
EVP_HPKE_KEY_zero(key);
|
@@ -109,6 +109,7 @@
|
|
109
109
|
#ifndef OPENSSL_HEADER_CRYPTO_INTERNAL_H
|
110
110
|
#define OPENSSL_HEADER_CRYPTO_INTERNAL_H
|
111
111
|
|
112
|
+
#include <openssl/arm_arch.h>
|
112
113
|
#include <openssl/crypto.h>
|
113
114
|
#include <openssl/ex_data.h>
|
114
115
|
#include <openssl/stack.h>
|
@@ -1353,9 +1354,15 @@ OPENSSL_INLINE int CRYPTO_is_ADX_capable(void) {
|
|
1353
1354
|
|
1354
1355
|
#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)
|
1355
1356
|
|
1356
|
-
|
1357
|
-
|
1358
|
-
//
|
1357
|
+
extern uint32_t OPENSSL_armcap_P;
|
1358
|
+
|
1359
|
+
// We do not detect any features at runtime on several 32-bit Arm platforms.
|
1360
|
+
// Apple platforms and OpenBSD require NEON and moved to 64-bit to pick up Armv8
|
1361
|
+
// extensions. Android baremetal does not aim to support 32-bit Arm at all, but
|
1362
|
+
// it simplifies things to make it build.
|
1363
|
+
#if defined(OPENSSL_ARM) && !defined(OPENSSL_STATIC_ARMCAP) && \
|
1364
|
+
(defined(OPENSSL_APPLE) || defined(OPENSSL_OPENBSD) || \
|
1365
|
+
defined(ANDROID_BAREMETAL))
|
1359
1366
|
#define OPENSSL_STATIC_ARMCAP
|
1360
1367
|
#endif
|
1361
1368
|
|
@@ -1373,21 +1380,6 @@ OPENSSL_INLINE int CRYPTO_is_ADX_capable(void) {
|
|
1373
1380
|
#endif
|
1374
1381
|
#endif
|
1375
1382
|
|
1376
|
-
#if !defined(OPENSSL_STATIC_ARMCAP)
|
1377
|
-
// CRYPTO_is_NEON_capable_at_runtime returns true if the current CPU has a NEON
|
1378
|
-
// unit. Note that |OPENSSL_armcap_P| also exists and contains the same
|
1379
|
-
// information in a form that's easier for assembly to use.
|
1380
|
-
OPENSSL_EXPORT int CRYPTO_is_NEON_capable_at_runtime(void);
|
1381
|
-
|
1382
|
-
// CRYPTO_is_ARMv8_AES_capable_at_runtime returns true if the current CPU
|
1383
|
-
// supports the ARMv8 AES instruction.
|
1384
|
-
int CRYPTO_is_ARMv8_AES_capable_at_runtime(void);
|
1385
|
-
|
1386
|
-
// CRYPTO_is_ARMv8_PMULL_capable_at_runtime returns true if the current CPU
|
1387
|
-
// supports the ARMv8 PMULL instruction.
|
1388
|
-
int CRYPTO_is_ARMv8_PMULL_capable_at_runtime(void);
|
1389
|
-
#endif // !OPENSSL_STATIC_ARMCAP
|
1390
|
-
|
1391
1383
|
// CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. If
|
1392
1384
|
// this is known statically, it is a constant inline function.
|
1393
1385
|
OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
|
@@ -1396,7 +1388,7 @@ OPENSSL_INLINE int CRYPTO_is_NEON_capable(void) {
|
|
1396
1388
|
#elif defined(OPENSSL_STATIC_ARMCAP)
|
1397
1389
|
return 0;
|
1398
1390
|
#else
|
1399
|
-
return
|
1391
|
+
return (OPENSSL_armcap_P & ARMV7_NEON) != 0;
|
1400
1392
|
#endif
|
1401
1393
|
}
|
1402
1394
|
|
@@ -1406,7 +1398,7 @@ OPENSSL_INLINE int CRYPTO_is_ARMv8_AES_capable(void) {
|
|
1406
1398
|
#elif defined(OPENSSL_STATIC_ARMCAP)
|
1407
1399
|
return 0;
|
1408
1400
|
#else
|
1409
|
-
return
|
1401
|
+
return (OPENSSL_armcap_P & ARMV8_AES) != 0;
|
1410
1402
|
#endif
|
1411
1403
|
}
|
1412
1404
|
|
@@ -1416,7 +1408,7 @@ OPENSSL_INLINE int CRYPTO_is_ARMv8_PMULL_capable(void) {
|
|
1416
1408
|
#elif defined(OPENSSL_STATIC_ARMCAP)
|
1417
1409
|
return 0;
|
1418
1410
|
#else
|
1419
|
-
return
|
1411
|
+
return (OPENSSL_armcap_P & ARMV8_PMULL) != 0;
|
1420
1412
|
#endif
|
1421
1413
|
}
|
1422
1414
|
|
@@ -159,11 +159,10 @@ err:
|
|
159
159
|
}
|
160
160
|
|
161
161
|
int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
return ret;
|
162
|
+
if (a->length < b->length) {
|
163
|
+
return -1;
|
164
|
+
} else if (a->length > b->length) {
|
165
|
+
return 1;
|
167
166
|
}
|
168
167
|
return OPENSSL_memcmp(a->data, b->data, a->length);
|
169
168
|
}
|
@@ -189,15 +188,7 @@ size_t OBJ_length(const ASN1_OBJECT *obj) {
|
|
189
188
|
// unsigned int in the array.
|
190
189
|
static int obj_cmp(const void *key, const void *element) {
|
191
190
|
uint16_t nid = *((const uint16_t *)element);
|
192
|
-
|
193
|
-
const ASN1_OBJECT *b = &kObjects[nid];
|
194
|
-
|
195
|
-
if (a->length < b->length) {
|
196
|
-
return -1;
|
197
|
-
} else if (a->length > b->length) {
|
198
|
-
return 1;
|
199
|
-
}
|
200
|
-
return OPENSSL_memcmp(a->data, b->data, a->length);
|
191
|
+
return OBJ_cmp(key, &kObjects[nid]);
|
201
192
|
}
|
202
193
|
|
203
194
|
int OBJ_obj2nid(const ASN1_OBJECT *obj) {
|
@@ -474,14 +465,6 @@ static uint32_t hash_data(const ASN1_OBJECT *obj) {
|
|
474
465
|
return OPENSSL_hash32(obj->data, obj->length);
|
475
466
|
}
|
476
467
|
|
477
|
-
static int cmp_data(const ASN1_OBJECT *a, const ASN1_OBJECT *b) {
|
478
|
-
int i = a->length - b->length;
|
479
|
-
if (i) {
|
480
|
-
return i;
|
481
|
-
}
|
482
|
-
return OPENSSL_memcmp(a->data, b->data, a->length);
|
483
|
-
}
|
484
|
-
|
485
468
|
static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
|
486
469
|
return OPENSSL_strhash(obj->sn);
|
487
470
|
}
|
@@ -509,7 +492,7 @@ static int obj_add_object(ASN1_OBJECT *obj) {
|
|
509
492
|
global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid);
|
510
493
|
}
|
511
494
|
if (global_added_by_data == NULL) {
|
512
|
-
global_added_by_data = lh_ASN1_OBJECT_new(hash_data,
|
495
|
+
global_added_by_data = lh_ASN1_OBJECT_new(hash_data, OBJ_cmp);
|
513
496
|
}
|
514
497
|
if (global_added_by_short_name == NULL) {
|
515
498
|
global_added_by_short_name =
|
@@ -12,6 +12,10 @@
|
|
12
12
|
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
13
|
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
14
|
|
15
|
+
#if !defined(_DEFAULT_SOURCE)
|
16
|
+
#define _DEFAULT_SOURCE // Needed for getentropy on musl and glibc
|
17
|
+
#endif
|
18
|
+
|
15
19
|
#include <openssl/rand.h>
|
16
20
|
|
17
21
|
#include "../fipsmodule/rand/internal.h"
|
@@ -532,3 +532,8 @@ void sk_free(OPENSSL_STACK *sk) { OPENSSL_sk_free(sk); }
|
|
532
532
|
size_t sk_push(OPENSSL_STACK *sk, void *p) { return OPENSSL_sk_push(sk, p); }
|
533
533
|
|
534
534
|
void *sk_pop(OPENSSL_STACK *sk) { return OPENSSL_sk_pop(sk); }
|
535
|
+
|
536
|
+
void sk_pop_free_ex(OPENSSL_STACK *sk, OPENSSL_sk_call_free_func call_free_func,
|
537
|
+
OPENSSL_sk_free_func free_func) {
|
538
|
+
OPENSSL_sk_pop_free_ex(sk, call_free_func, free_func);
|
539
|
+
}
|
@@ -64,8 +64,6 @@
|
|
64
64
|
#include <openssl/thread.h>
|
65
65
|
#include <openssl/x509.h>
|
66
66
|
|
67
|
-
#if !defined(OPENSSL_TRUSTY)
|
68
|
-
|
69
67
|
#include "../internal.h"
|
70
68
|
#include "internal.h"
|
71
69
|
|
@@ -312,8 +310,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
|
|
312
310
|
hent = NULL;
|
313
311
|
}
|
314
312
|
for (;;) {
|
315
|
-
|
316
|
-
k);
|
313
|
+
snprintf(b->data, b->max, "%s/%08lx.%s%d", ent->dir, h, postfix, k);
|
317
314
|
#ifndef OPENSSL_NO_POSIX_IO
|
318
315
|
#if defined(_WIN32) && !defined(stat)
|
319
316
|
#define stat _stat
|
@@ -403,5 +400,3 @@ finish:
|
|
403
400
|
BUF_MEM_free(b);
|
404
401
|
return ok;
|
405
402
|
}
|
406
|
-
|
407
|
-
#endif // OPENSSL_TRUSTY
|
@@ -62,7 +62,6 @@
|
|
62
62
|
|
63
63
|
#include "internal.h"
|
64
64
|
|
65
|
-
#ifndef OPENSSL_NO_STDIO
|
66
65
|
|
67
66
|
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
68
67
|
char **ret);
|
@@ -278,5 +277,3 @@ err:
|
|
278
277
|
sk_X509_INFO_pop_free(inf, X509_INFO_free);
|
279
278
|
return count;
|
280
279
|
}
|
281
|
-
|
282
|
-
#endif // OPENSSL_NO_STDIO
|