grpc 1.66.0.pre5 → 1.67.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +19 -10
- data/include/grpc/credentials.h +1 -1
- data/include/grpc/event_engine/README.md +1 -1
- data/include/grpc/event_engine/internal/slice_cast.h +1 -1
- data/include/grpc/event_engine/slice.h +0 -1
- data/include/grpc/event_engine/slice_buffer.h +0 -1
- data/include/grpc/grpc_crl_provider.h +1 -1
- data/include/grpc/impl/channel_arg_names.h +1 -1
- data/include/grpc/support/log.h +34 -32
- data/include/grpc/support/sync_generic.h +2 -4
- data/src/core/channelz/channelz.cc +0 -1
- data/src/core/channelz/channelz_registry.cc +0 -1
- data/src/core/client_channel/client_channel.cc +10 -7
- data/src/core/client_channel/client_channel.h +1 -1
- data/src/core/client_channel/client_channel_filter.cc +21 -18
- data/src/core/client_channel/client_channel_filter.h +1 -1
- data/src/core/client_channel/client_channel_internal.h +0 -2
- data/src/core/client_channel/config_selector.h +0 -1
- data/src/core/client_channel/dynamic_filters.cc +0 -2
- data/src/core/client_channel/local_subchannel_pool.cc +0 -2
- data/src/core/client_channel/retry_filter.h +0 -1
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +175 -257
- data/src/core/client_channel/subchannel.cc +21 -27
- data/src/core/client_channel/subchannel_stream_client.cc +1 -1
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +8 -9
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +0 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +3 -4
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +167 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +82 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +81 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +87 -0
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +7 -9
- data/src/core/ext/filters/http/server/http_server_filter.cc +2 -4
- data/src/core/ext/filters/message_size/message_size_filter.cc +6 -7
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +0 -2
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +0 -1
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +6 -8
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +288 -265
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -4
- data/src/core/ext/transport/chttp2/transport/flow_control.h +0 -1
- data/src/core/ext/transport/chttp2/transport/frame.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -4
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +0 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +37 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +27 -6
- data/src/core/ext/transport/chttp2/transport/internal.h +2 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +21 -32
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +6 -8
- data/src/core/ext/transport/chttp2/transport/varint.h +0 -1
- data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +0 -1
- data/src/core/ext/transport/chttp2/transport/writing.cc +22 -22
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +431 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +129 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.h +33 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +16 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +13 -2
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +397 -22
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +94 -20
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.h +2 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +86 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +47 -0
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +108 -107
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +101 -78
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +10 -0
- data/src/core/handshaker/handshaker.cc +21 -29
- data/src/core/handshaker/security/secure_endpoint.cc +3 -3
- data/src/core/handshaker/security/security_handshaker.cc +60 -72
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +0 -1
- data/src/core/lib/backoff/backoff.cc +7 -10
- data/src/core/lib/backoff/backoff.h +4 -6
- data/src/core/lib/channel/channel_stack.cc +0 -1
- data/src/core/lib/channel/channel_stack.h +0 -1
- data/src/core/lib/channel/channel_stack_builder_impl.cc +0 -1
- data/src/core/lib/channel/connected_channel.cc +0 -1
- data/src/core/lib/channel/promise_based_filter.cc +146 -194
- data/src/core/lib/channel/promise_based_filter.h +1 -1
- data/src/core/lib/compression/compression_internal.cc +0 -1
- data/src/core/lib/config/config_vars.cc +11 -1
- data/src/core/lib/config/config_vars.h +8 -0
- data/src/core/lib/config/core_configuration.cc +0 -1
- data/src/core/lib/config/core_configuration.h +0 -1
- data/src/core/lib/debug/event_log.cc +0 -1
- data/src/core/lib/debug/trace_flags.cc +4 -18
- data/src/core/lib/debug/trace_flags.h +2 -5
- data/src/core/lib/debug/trace_impl.h +6 -0
- data/src/core/lib/event_engine/ares_resolver.cc +89 -56
- data/src/core/lib/event_engine/ares_resolver.h +0 -9
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +14 -1
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +1 -1
- data/src/core/lib/event_engine/forkable.cc +0 -1
- data/src/core/lib/event_engine/forkable.h +0 -1
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +1 -1
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +4 -4
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -1
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +0 -1
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +9 -1
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +0 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +1 -2
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +4 -9
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +0 -1
- data/src/core/lib/event_engine/resolved_address.cc +0 -1
- data/src/core/lib/event_engine/slice.cc +0 -1
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +0 -1
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +3 -5
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +121 -93
- data/src/core/lib/experiments/config.cc +12 -10
- data/src/core/lib/experiments/experiments.cc +45 -66
- data/src/core/lib/experiments/experiments.h +22 -27
- data/src/core/lib/gprpp/chunked_vector.h +0 -1
- data/src/core/lib/gprpp/down_cast.h +0 -1
- data/src/core/lib/gprpp/host_port.cc +0 -1
- data/src/core/lib/gprpp/load_file.cc +0 -1
- data/src/core/lib/gprpp/mpscq.h +0 -1
- data/src/core/lib/gprpp/single_set_ptr.h +0 -1
- data/src/core/lib/gprpp/status_helper.cc +0 -1
- data/src/core/lib/gprpp/sync.h +0 -1
- data/src/core/lib/gprpp/table.h +28 -0
- data/src/core/lib/gprpp/thd.h +0 -1
- data/src/core/lib/gprpp/time.h +0 -1
- data/src/core/lib/gprpp/time_util.cc +0 -1
- data/src/core/lib/gprpp/windows/directory_reader.cc +0 -2
- data/src/core/lib/gprpp/windows/thd.cc +0 -1
- data/src/core/lib/gprpp/work_serializer.cc +23 -34
- data/src/core/lib/iomgr/buffer_list.cc +0 -1
- data/src/core/lib/iomgr/call_combiner.h +6 -8
- data/src/core/lib/iomgr/cfstream_handle.cc +6 -8
- data/src/core/lib/iomgr/closure.h +5 -8
- data/src/core/lib/iomgr/combiner.cc +6 -8
- data/src/core/lib/iomgr/endpoint_cfstream.cc +17 -22
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +0 -1
- data/src/core/lib/iomgr/error.h +0 -1
- data/src/core/lib/iomgr/ev_apple.cc +13 -18
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +47 -85
- data/src/core/lib/iomgr/ev_poll_posix.cc +17 -24
- data/src/core/lib/iomgr/ev_posix.cc +55 -44
- data/src/core/lib/iomgr/ev_posix.h +0 -5
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +7 -9
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +3 -4
- data/src/core/lib/iomgr/exec_ctx.cc +6 -9
- data/src/core/lib/iomgr/exec_ctx.h +26 -16
- data/src/core/lib/iomgr/executor.cc +43 -33
- data/src/core/lib/iomgr/fork_windows.cc +0 -1
- data/src/core/lib/iomgr/internal_errqueue.cc +0 -1
- data/src/core/lib/iomgr/iocp_windows.cc +0 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +0 -2
- data/src/core/lib/iomgr/lockfree_event.cc +7 -11
- data/src/core/lib/iomgr/polling_entity.cc +10 -3
- data/src/core/lib/iomgr/pollset_windows.cc +0 -2
- data/src/core/lib/iomgr/resolve_address.cc +0 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +0 -1
- data/src/core/lib/iomgr/resolve_address_windows.cc +0 -1
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +0 -1
- data/src/core/lib/iomgr/socket_mutator.cc +0 -1
- data/src/core/lib/iomgr/socket_utils_linux.cc +0 -2
- data/src/core/lib/iomgr/socket_utils_posix.cc +0 -1
- data/src/core/lib/iomgr/socket_utils_windows.cc +0 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +7 -12
- data/src/core/lib/iomgr/tcp_client_posix.cc +8 -12
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +32 -68
- data/src/core/lib/iomgr/tcp_server_posix.cc +7 -11
- data/src/core/lib/iomgr/tcp_windows.cc +4 -12
- data/src/core/lib/iomgr/timer_generic.cc +46 -65
- data/src/core/lib/iomgr/timer_manager.cc +4 -5
- data/src/core/lib/iomgr/unix_sockets_posix.cc +0 -1
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +0 -2
- data/src/core/lib/iomgr/vsock.cc +0 -1
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +0 -2
- data/src/core/lib/promise/activity.h +0 -1
- data/src/core/lib/promise/context.h +0 -1
- data/src/core/lib/promise/detail/join_state.h +44 -44
- data/src/core/lib/promise/detail/seq_state.h +1101 -1356
- data/src/core/lib/promise/for_each.h +8 -15
- data/src/core/lib/promise/interceptor_list.h +17 -27
- data/src/core/lib/promise/latch.h +16 -24
- data/src/core/lib/promise/map.h +1 -1
- data/src/core/lib/promise/party.cc +238 -114
- data/src/core/lib/promise/party.h +105 -308
- data/src/core/lib/promise/pipe.h +3 -4
- data/src/core/lib/promise/poll.h +0 -1
- data/src/core/lib/promise/status_flag.h +0 -1
- data/src/core/lib/resource_quota/connection_quota.cc +0 -1
- data/src/core/lib/resource_quota/memory_quota.cc +11 -19
- data/src/core/lib/resource_quota/memory_quota.h +2 -4
- data/src/core/lib/resource_quota/periodic_update.cc +2 -3
- data/src/core/lib/resource_quota/thread_quota.cc +0 -1
- data/src/core/lib/security/authorization/audit_logging.cc +0 -1
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +0 -1
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +14 -19
- data/src/core/lib/security/authorization/stdout_logger.cc +0 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +0 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +0 -1
- data/src/core/lib/security/credentials/call_creds_util.cc +0 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +0 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -0
- data/src/core/lib/security/credentials/credentials.h +1 -2
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +322 -324
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +53 -42
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +391 -353
- data/src/core/lib/security/credentials/external/external_account_credentials.h +121 -51
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +83 -44
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +27 -7
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +91 -116
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +14 -17
- data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -0
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +196 -0
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.h +90 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +27 -41
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +0 -1
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +163 -259
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +34 -56
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +12 -16
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +0 -1
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +298 -0
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +176 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +0 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +0 -1
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +0 -1
- data/src/core/lib/security/security_connector/load_system_roots_windows.cc +0 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +4 -6
- data/src/core/lib/slice/percent_encoding.cc +0 -1
- data/src/core/lib/slice/slice.cc +0 -1
- data/src/core/lib/slice/slice.h +0 -1
- data/src/core/lib/slice/slice_buffer.cc +0 -1
- data/src/core/lib/slice/slice_internal.h +0 -1
- data/src/core/lib/slice/slice_refcount.h +6 -8
- data/src/core/lib/surface/byte_buffer_reader.cc +0 -1
- data/src/core/lib/surface/call.cc +3 -5
- data/src/core/lib/surface/call_utils.h +0 -1
- data/src/core/lib/surface/channel.cc +0 -1
- data/src/core/lib/surface/channel_create.cc +0 -1
- data/src/core/lib/surface/channel_init.h +0 -1
- data/src/core/lib/surface/client_call.cc +0 -1
- data/src/core/lib/surface/client_call.h +0 -1
- data/src/core/lib/surface/completion_queue.cc +28 -4
- data/src/core/lib/surface/completion_queue_factory.cc +0 -1
- data/src/core/lib/surface/filter_stack_call.cc +9 -9
- data/src/core/lib/surface/filter_stack_call.h +0 -1
- data/src/core/lib/surface/lame_client.cc +0 -1
- data/src/core/lib/surface/server_call.cc +0 -1
- data/src/core/lib/surface/server_call.h +0 -1
- data/src/core/lib/surface/validate_metadata.h +0 -1
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +9 -12
- data/src/core/lib/transport/bdp_estimator.h +6 -8
- data/src/core/lib/transport/call_arena_allocator.cc +2 -16
- data/src/core/lib/transport/call_arena_allocator.h +20 -5
- data/src/core/lib/transport/call_filters.cc +6 -9
- data/src/core/lib/transport/call_spine.h +24 -13
- data/src/core/lib/transport/connectivity_state.cc +34 -42
- data/src/core/lib/transport/metadata_batch.h +41 -1
- data/src/core/lib/transport/timeout_encoding.cc +0 -1
- data/src/core/lib/transport/transport.h +6 -8
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/lib/uri/uri_parser.cc +0 -1
- data/src/core/load_balancing/grpclb/grpclb.cc +55 -71
- data/src/core/load_balancing/health_check_client.cc +31 -42
- data/src/core/load_balancing/oob_backend_metric.cc +2 -4
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +99 -129
- data/src/core/load_balancing/pick_first/pick_first.cc +168 -228
- data/src/core/load_balancing/priority/priority.cc +77 -106
- data/src/core/load_balancing/ring_hash/ring_hash.cc +32 -46
- data/src/core/load_balancing/rls/rls.cc +142 -187
- data/src/core/load_balancing/round_robin/round_robin.cc +36 -55
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +0 -1
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +85 -110
- data/src/core/load_balancing/weighted_target/weighted_target.cc +52 -75
- data/src/core/load_balancing/xds/cds.cc +26 -43
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +57 -54
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +36 -50
- data/src/core/load_balancing/xds/xds_override_host.cc +95 -131
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +15 -23
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +3 -0
- data/src/core/resolver/binder/binder_resolver.cc +0 -2
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +62 -44
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +0 -2
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +110 -89
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +132 -96
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +0 -7
- data/src/core/resolver/dns/dns_resolver_plugin.cc +0 -1
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +40 -39
- data/src/core/resolver/dns/native/dns_resolver.cc +8 -14
- data/src/core/resolver/endpoint_addresses.cc +0 -1
- data/src/core/resolver/fake/fake_resolver.cc +0 -1
- data/src/core/resolver/polling_resolver.cc +6 -15
- data/src/core/resolver/polling_resolver.h +1 -1
- data/src/core/resolver/xds/xds_config.cc +96 -0
- data/src/core/resolver/xds/xds_config.h +109 -0
- data/src/core/resolver/xds/xds_dependency_manager.cc +59 -154
- data/src/core/resolver/xds/xds_dependency_manager.h +1 -69
- data/src/core/resolver/xds/xds_resolver.cc +51 -55
- data/src/core/server/server.cc +2 -2
- data/src/core/server/server_config_selector_filter.cc +0 -1
- data/src/core/server/xds_server_config_fetcher.cc +4 -6
- data/src/core/service_config/service_config_call_data.h +2 -3
- data/src/core/service_config/service_config_channel_arg_filter.cc +0 -1
- data/src/core/service_config/service_config_impl.h +0 -1
- data/src/core/telemetry/call_tracer.cc +0 -1
- data/src/core/telemetry/metrics.h +0 -1
- data/src/core/telemetry/stats_data.cc +67 -0
- data/src/core/telemetry/stats_data.h +48 -0
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +0 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +0 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +0 -1
- data/src/core/tsi/fake_transport_security.cc +6 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -1
- data/src/core/util/alloc.cc +0 -1
- data/src/core/util/gcp_metadata_query.cc +0 -1
- data/src/core/util/http_client/httpcli.cc +12 -15
- data/src/core/util/http_client/httpcli.h +16 -11
- data/src/core/util/http_client/parser.cc +3 -4
- data/src/core/util/json/json_reader.cc +0 -1
- data/src/core/util/latent_see.cc +29 -9
- data/src/core/util/latent_see.h +122 -27
- data/src/core/util/log.cc +36 -55
- data/src/core/util/lru_cache.h +104 -0
- data/src/core/util/msys/tmpfile.cc +0 -1
- data/src/core/util/posix/sync.cc +0 -1
- data/src/core/util/posix/time.cc +0 -1
- data/src/core/util/ring_buffer.h +123 -0
- data/src/core/util/spinlock.h +1 -2
- data/src/core/util/string.cc +7 -7
- data/src/core/util/sync.cc +0 -1
- data/src/core/util/sync_abseil.cc +0 -1
- data/src/core/util/time.cc +0 -1
- data/src/core/util/unique_ptr_with_bitset.h +86 -0
- data/src/core/util/useful.h +0 -24
- data/src/core/util/windows/cpu.cc +0 -1
- data/src/core/util/windows/sync.cc +0 -1
- data/src/core/util/windows/time.cc +0 -1
- data/src/core/util/windows/tmpfile.cc +0 -1
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +0 -32
- data/src/core/xds/grpc/xds_bootstrap_grpc.h +0 -5
- data/src/core/xds/grpc/xds_certificate_provider.cc +0 -1
- data/src/core/xds/grpc/xds_client_grpc.cc +11 -16
- data/src/core/xds/grpc/xds_cluster.cc +2 -8
- data/src/core/xds/grpc/xds_cluster.h +4 -4
- data/src/core/xds/grpc/xds_cluster_parser.cc +58 -96
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +0 -1
- data/src/core/xds/grpc/xds_common_types_parser.cc +4 -4
- data/src/core/xds/grpc/xds_common_types_parser.h +17 -0
- data/src/core/xds/grpc/xds_endpoint_parser.cc +14 -14
- data/src/core/xds/grpc/xds_http_fault_filter.cc +15 -6
- data/src/core/xds/grpc/xds_http_fault_filter.h +5 -1
- data/src/core/xds/grpc/xds_http_filter.h +11 -1
- data/src/core/xds/grpc/xds_http_filter_registry.cc +7 -1
- data/src/core/xds/grpc/xds_http_filter_registry.h +8 -1
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +142 -0
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +61 -0
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +14 -6
- data/src/core/xds/grpc/xds_http_rbac_filter.h +5 -1
- data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +9 -1
- data/src/core/xds/grpc/xds_http_stateful_session_filter.h +5 -1
- data/src/core/xds/grpc/xds_lb_policy_registry.cc +14 -16
- data/src/core/xds/grpc/xds_listener_parser.cc +10 -11
- data/src/core/xds/grpc/xds_metadata.cc +62 -0
- data/src/core/xds/grpc/xds_metadata.h +127 -0
- data/src/core/xds/grpc/xds_metadata_parser.cc +143 -0
- data/src/core/xds/grpc/xds_metadata_parser.h +36 -0
- data/src/core/xds/grpc/xds_route_config_parser.cc +12 -17
- data/src/core/xds/grpc/xds_routing.cc +57 -22
- data/src/core/xds/grpc/xds_routing.h +10 -2
- data/src/core/xds/grpc/xds_transport_grpc.cc +0 -1
- data/src/core/xds/xds_client/xds_client.cc +124 -165
- data/src/core/xds/xds_client/xds_client_stats.cc +20 -27
- data/src/ruby/ext/grpc/rb_call.c +1 -1
- data/src/ruby/ext/grpc/rb_call_credentials.c +34 -27
- data/src/ruby/ext/grpc/rb_channel.c +22 -16
- data/src/ruby/ext/grpc/rb_event_thread.c +3 -2
- data/src/ruby/ext/grpc/rb_grpc.c +9 -8
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +6 -10
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +9 -15
- data/src/ruby/ext/grpc/rb_server.c +10 -8
- data/src/ruby/lib/grpc/generic/active_call.rb +8 -5
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/call_spec.rb +53 -40
- data/src/ruby/spec/channel_spec.rb +4 -2
- data/src/ruby/spec/client_server_spec.rb +148 -507
- data/src/ruby/spec/generic/active_call_spec.rb +64 -86
- data/src/ruby/spec/support/services.rb +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/rand/fork_detect.h → bcm_support.h} +51 -6
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +43 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +72 -23
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +160 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +79 -78
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c → div.c.inc} +146 -179
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c → random.c.inc} +6 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c → sqrt.c.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c → e_aes.c.inc} +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c → ec_key.c.inc} +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c → p256-nistz.c.inc} +104 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +65 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c → ecdsa.c.inc} +52 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +28 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -80
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c → rand.c.inc} +26 -40
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c → padding.c.inc} +2 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c → rsa_impl.c.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c → self_check.c.inc} +9 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c → service_indicator.c.inc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +293 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +69 -14
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.c +1687 -0
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +90 -0
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +1097 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/rand → rand_extra}/fork_detect.c +26 -28
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +19 -3
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/rand → rand_extra}/urandom.c +19 -19
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +14 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +13 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +8 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +136 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +246 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +3 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +22 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +35 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +5 -6
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +6 -1
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -1
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +289 -55
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +69 -38
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +14 -3
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +107 -14
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +44 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +86 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +97 -3
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +31 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +18 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +96 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +15 -5
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +3 -23
- metadata +113 -87
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +0 -45
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +0 -67
- data/src/core/util/android/log.cc +0 -48
- data/src/core/util/linux/log.cc +0 -69
- data/src/core/util/posix/log.cc +0 -69
- data/src/core/util/windows/log.cc +0 -73
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes.c → aes.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c → aes_nohw.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c → key_wrap.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{mode_wrappers.c → mode_wrappers.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c → add.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c → x86_64-gcc.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c → bn.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c → bytes.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c → cmp.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c → ctx.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c → div_extra.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c → exponentiation.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c → gcd.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c → gcd_extra.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c → generic.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{jacobi.c → jacobi.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c → montgomery.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c → montgomery_inv.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c → mul.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c → prime.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c → rsaz_exp.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c → shift.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c → aead.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c → cipher.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c → e_aesccm.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c → cmac.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c → check.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c → dh.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c → digest.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digests.c → digests.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c → digestsign.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c → ec.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c → ec_montgomery.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c → felem.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c → oct.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c → p224-64.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c → p256.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c → scalar.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c → simple.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c → simple_mul.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c → util.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c → wnaf.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/{ecdh.c → ecdh.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c → hkdf.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c → hmac.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/{md4.c → md4.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/{md5.c → md5.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cbc.c → cbc.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cfb.c → cfb.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ctr.c → ctr.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm.c → gcm.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm_nohw.c → gcm_nohw.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ofb.c → ofb.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{polyval.c → polyval.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c → ctrdrbg.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{blinding.c → blinding.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c → rsa.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c → fips.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c → sha1.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c → sha256.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c → sha512.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c → kdf.c.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/rand → rand_extra}/getrandom_fillin.h +0 -0
@@ -385,10 +385,9 @@ OPENSSL_EXPORT int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
|
|
385
385
|
pem_password_cb *callback, void *u);
|
386
386
|
|
387
387
|
// PEM_def_callback treats |userdata| as a string and copies it into |buf|,
|
388
|
-
// assuming its |size| is sufficient. Returns the length of the string, or
|
389
|
-
//
|
390
|
-
//
|
391
|
-
// password.
|
388
|
+
// assuming its |size| is sufficient. Returns the length of the string, or -1 on
|
389
|
+
// error. Error cases the buffer being too small, or |buf| and |userdata| being
|
390
|
+
// NULL. Note that this is different from OpenSSL, which prompts for a password.
|
392
391
|
OPENSSL_EXPORT int PEM_def_callback(char *buf, int size, int rwflag,
|
393
392
|
void *userdata);
|
394
393
|
|
@@ -56,7 +56,7 @@ extern "C++" {
|
|
56
56
|
return func; \
|
57
57
|
}()
|
58
58
|
|
59
|
-
|
59
|
+
BSSL_NAMESPACE_BEGIN
|
60
60
|
|
61
61
|
enum class FIPSStatus {
|
62
62
|
NOT_APPROVED = 0,
|
@@ -87,7 +87,7 @@ class FIPSIndicatorHelper {
|
|
87
87
|
const uint64_t before_;
|
88
88
|
};
|
89
89
|
|
90
|
-
|
90
|
+
BSSL_NAMESPACE_END
|
91
91
|
} // extern "C++"
|
92
92
|
|
93
93
|
#endif // !BORINGSSL_NO_CXX
|
@@ -30,6 +30,28 @@ extern "C++" {
|
|
30
30
|
#include <string_view>
|
31
31
|
#endif
|
32
32
|
|
33
|
+
#if defined(__has_include)
|
34
|
+
#if __has_include(<version>)
|
35
|
+
#include <version>
|
36
|
+
#endif
|
37
|
+
#endif
|
38
|
+
|
39
|
+
#if defined(__cpp_lib_ranges) && __cpp_lib_ranges >= 201911L
|
40
|
+
#include <ranges>
|
41
|
+
BSSL_NAMESPACE_BEGIN
|
42
|
+
template <typename T>
|
43
|
+
class Span;
|
44
|
+
BSSL_NAMESPACE_END
|
45
|
+
|
46
|
+
// Mark `Span` as satisfying the `view` and `borrowed_range` concepts. This
|
47
|
+
// should be done before the definition of `Span`, so that any inlined calls to
|
48
|
+
// range functionality use the correct specializations.
|
49
|
+
template <typename T>
|
50
|
+
inline constexpr bool std::ranges::enable_view<bssl::Span<T>> = true;
|
51
|
+
template <typename T>
|
52
|
+
inline constexpr bool std::ranges::enable_borrowed_range<bssl::Span<T>> = true;
|
53
|
+
#endif
|
54
|
+
|
33
55
|
BSSL_NAMESPACE_BEGIN
|
34
56
|
|
35
57
|
template <typename T>
|
@@ -651,6 +651,17 @@ OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl);
|
|
651
651
|
|
652
652
|
#define DTLS1_VERSION 0xfeff
|
653
653
|
#define DTLS1_2_VERSION 0xfefd
|
654
|
+
// DTLS1_3_EXPERIMENTAL_VERSION gates experimental, in-progress code for DTLS
|
655
|
+
// 1.3.
|
656
|
+
//
|
657
|
+
// WARNING: Do not use this value. BoringSSL's DTLS 1.3 implementation is still
|
658
|
+
// under development. The code enabled by this value is neither stable nor
|
659
|
+
// secure. It does not correspond to any real protocol. It is also incompatible
|
660
|
+
// with other DTLS implementations, and it is not compatible with future or past
|
661
|
+
// versions of BoringSSL.
|
662
|
+
//
|
663
|
+
// When the DTLS 1.3 implementation is complete, this symbol will be replaced.
|
664
|
+
#define DTLS1_3_EXPERIMENTAL_VERSION 0xfc25
|
654
665
|
|
655
666
|
// SSL_CTX_set_min_proto_version sets the minimum protocol version for |ctx| to
|
656
667
|
// |version|. If |version| is zero, the default minimum version is used. It
|
@@ -2537,6 +2548,7 @@ OPENSSL_EXPORT size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
|
|
2537
2548
|
#define SSL_GROUP_SECP384R1 24
|
2538
2549
|
#define SSL_GROUP_SECP521R1 25
|
2539
2550
|
#define SSL_GROUP_X25519 29
|
2551
|
+
#define SSL_GROUP_X25519_MLKEM768 0x11ec
|
2540
2552
|
#define SSL_GROUP_X25519_KYBER768_DRAFT00 0x6399
|
2541
2553
|
|
2542
2554
|
// SSL_CTX_set1_group_ids sets the preferred groups for |ctx| to |group_ids|.
|
@@ -3635,13 +3647,13 @@ OPENSSL_EXPORT int SSL_CREDENTIAL_set1_delegated_credential(
|
|
3635
3647
|
// holds for any application protocol state remembered for 0-RTT, e.g. HTTP/3
|
3636
3648
|
// SETTINGS.
|
3637
3649
|
|
3638
|
-
// ssl_encryption_level_t represents
|
3639
|
-
//
|
3650
|
+
// ssl_encryption_level_t represents an encryption level in TLS 1.3. Values in
|
3651
|
+
// this enum match the first 4 epochs used in DTLS 1.3 (section 6.1).
|
3640
3652
|
enum ssl_encryption_level_t BORINGSSL_ENUM_INT {
|
3641
3653
|
ssl_encryption_initial = 0,
|
3642
|
-
ssl_encryption_early_data,
|
3643
|
-
ssl_encryption_handshake,
|
3644
|
-
ssl_encryption_application,
|
3654
|
+
ssl_encryption_early_data = 1,
|
3655
|
+
ssl_encryption_handshake = 2,
|
3656
|
+
ssl_encryption_application = 3,
|
3645
3657
|
};
|
3646
3658
|
|
3647
3659
|
// ssl_quic_method_st (aka |SSL_QUIC_METHOD|) describes custom QUIC hooks.
|
@@ -4617,6 +4629,16 @@ enum ssl_select_cert_result_t BORINGSSL_ENUM_INT {
|
|
4617
4629
|
// ssl_select_cert_error indicates that a fatal error occured and the
|
4618
4630
|
// handshake should be terminated.
|
4619
4631
|
ssl_select_cert_error = -1,
|
4632
|
+
// ssl_select_cert_disable_ech indicates that, although an encrypted
|
4633
|
+
// ClientHelloInner was decrypted, it should be discarded. The certificate
|
4634
|
+
// selection callback will then be called again, passing in the
|
4635
|
+
// ClientHelloOuter instead. From there, the handshake will proceed
|
4636
|
+
// without retry_configs, to signal to the client to disable ECH.
|
4637
|
+
//
|
4638
|
+
// This value may only be returned when |SSL_ech_accepted| returnes one. It
|
4639
|
+
// may be useful if the ClientHelloInner indicated a service which does not
|
4640
|
+
// support ECH, e.g. if it is a TLS-1.2 only service.
|
4641
|
+
ssl_select_cert_disable_ech = -2,
|
4620
4642
|
};
|
4621
4643
|
|
4622
4644
|
// SSL_early_callback_ctx_extension_get searches the extensions in
|
@@ -5616,6 +5638,14 @@ enum ssl_compliance_policy_t BORINGSSL_ENUM_INT {
|
|
5616
5638
|
// implementation risks of using a more obscure primitive like P-384
|
5617
5639
|
// dominate other considerations.
|
5618
5640
|
ssl_compliance_policy_wpa3_192_202304,
|
5641
|
+
|
5642
|
+
// ssl_compliance_policy_cnsa_202407 confingures a TLS connection to use:
|
5643
|
+
// * For TLS 1.3, AES-256-GCM over AES-128-GCM over ChaCha20-Poly1305.
|
5644
|
+
//
|
5645
|
+
// I.e. it ensures that AES-GCM will be used whenever the client supports it.
|
5646
|
+
// The cipher suite configuration mini-language can be used to similarly
|
5647
|
+
// configure prior TLS versions if they are enabled.
|
5648
|
+
ssl_compliance_policy_cnsa_202407,
|
5619
5649
|
};
|
5620
5650
|
|
5621
5651
|
// SSL_CTX_set_compliance_policy configures various aspects of |ctx| based on
|
@@ -584,6 +584,11 @@ bool dtls1_add_message(SSL *ssl, Array<uint8_t> data) {
|
|
584
584
|
}
|
585
585
|
|
586
586
|
bool dtls1_add_change_cipher_spec(SSL *ssl) {
|
587
|
+
// DTLS 1.3 disables compatibility mode, which means that DTLS 1.3 never sends
|
588
|
+
// a ChangeCipherSpec message.
|
589
|
+
if (ssl_protocol_version(ssl) > TLS1_2_VERSION) {
|
590
|
+
return true;
|
591
|
+
}
|
587
592
|
return add_outgoing(ssl, true /* ChangeCipherSpec */, Array<uint8_t>());
|
588
593
|
}
|
589
594
|
|
@@ -624,12 +629,6 @@ static enum seal_result_t seal_next_message(SSL *ssl, uint8_t *out,
|
|
624
629
|
assert(ssl->d1->outgoing_written < ssl->d1->outgoing_messages_len);
|
625
630
|
assert(msg == &ssl->d1->outgoing_messages[ssl->d1->outgoing_written]);
|
626
631
|
|
627
|
-
if (msg->epoch != ssl->d1->w_epoch &&
|
628
|
-
(ssl->d1->w_epoch == 0 || msg->epoch != ssl->d1->w_epoch - 1)) {
|
629
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
630
|
-
return seal_error;
|
631
|
-
}
|
632
|
-
|
633
632
|
size_t overhead = dtls_max_seal_overhead(ssl, msg->epoch);
|
634
633
|
size_t prefix = dtls_seal_prefix_len(ssl, msg->epoch);
|
635
634
|
|
@@ -95,6 +95,12 @@ bool dtls1_new(SSL *ssl) {
|
|
95
95
|
return false;
|
96
96
|
}
|
97
97
|
|
98
|
+
d1->initial_aead_write_ctx = SSLAEADContext::CreateNullCipher(true);
|
99
|
+
if (!d1->initial_aead_write_ctx) {
|
100
|
+
tls_free(ssl);
|
101
|
+
return false;
|
102
|
+
}
|
103
|
+
|
98
104
|
ssl->d1 = d1.release();
|
99
105
|
|
100
106
|
// Set the version to the highest supported version.
|
@@ -216,6 +216,11 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
|
|
216
216
|
return 1;
|
217
217
|
}
|
218
218
|
|
219
|
+
static size_t dtls_seal_align_prefix_len(const SSL *ssl, uint16_t epoch) {
|
220
|
+
return dtls_record_header_write_len(ssl, epoch) +
|
221
|
+
ssl->s3->aead_write_ctx->ExplicitNonceLen();
|
222
|
+
}
|
223
|
+
|
219
224
|
int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
|
220
225
|
uint16_t epoch) {
|
221
226
|
SSLBuffer *buf = &ssl->s3->write_buffer;
|
@@ -231,7 +236,7 @@ int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
|
|
231
236
|
}
|
232
237
|
|
233
238
|
size_t ciphertext_len;
|
234
|
-
if (!buf->EnsureCap(
|
239
|
+
if (!buf->EnsureCap(dtls_seal_align_prefix_len(ssl, epoch),
|
235
240
|
in.size() + SSL_max_seal_overhead(ssl)) ||
|
236
241
|
!dtls_seal_record(ssl, buf->remaining().data(), &ciphertext_len,
|
237
242
|
buf->remaining().size(), type, in.data(), in.size(),
|
@@ -88,7 +88,16 @@ static bool dtls1_set_read_state(SSL *ssl, ssl_encryption_level_t level,
|
|
88
88
|
return false;
|
89
89
|
}
|
90
90
|
|
91
|
-
ssl
|
91
|
+
if (ssl_protocol_version(ssl) > TLS1_2_VERSION) {
|
92
|
+
// TODO(crbug.com/boringssl/715): Handle the additional epochs used for key
|
93
|
+
// update.
|
94
|
+
// TODO(crbug.com/boringssl/715): If we want to gracefully handle packet
|
95
|
+
// reordering around KeyUpdate (i.e. accept records from both epochs), we'll
|
96
|
+
// need a separate bitmap for each epoch.
|
97
|
+
ssl->d1->r_epoch = level;
|
98
|
+
} else {
|
99
|
+
ssl->d1->r_epoch++;
|
100
|
+
}
|
92
101
|
ssl->d1->bitmap = DTLS1_BITMAP();
|
93
102
|
ssl->s3->read_sequence = 0;
|
94
103
|
|
@@ -106,6 +115,9 @@ static bool dtls1_set_write_state(SSL *ssl, ssl_encryption_level_t level,
|
|
106
115
|
ssl->d1->last_write_sequence = ssl->s3->write_sequence;
|
107
116
|
ssl->s3->write_sequence = 0;
|
108
117
|
|
118
|
+
if (ssl_protocol_version(ssl) > TLS1_2_VERSION) {
|
119
|
+
ssl->d1->w_epoch = level;
|
120
|
+
}
|
109
121
|
ssl->d1->last_aead_write_ctx = std::move(ssl->s3->aead_write_ctx);
|
110
122
|
ssl->s3->aead_write_ctx = std::move(aead_ctx);
|
111
123
|
ssl->s3->write_level = level;
|
@@ -159,6 +159,148 @@ static void dtls1_bitmap_record(DTLS1_BITMAP *bitmap, uint64_t seq_num) {
|
|
159
159
|
}
|
160
160
|
}
|
161
161
|
|
162
|
+
// reconstruct_epoch finds the largest epoch that ends with the epoch bits from
|
163
|
+
// |wire_epoch| that is less than or equal to |current_epoch|, to match the
|
164
|
+
// epoch reconstruction algorithm described in RFC 9147 section 4.2.2.
|
165
|
+
static uint16_t reconstruct_epoch(uint8_t wire_epoch, uint16_t current_epoch) {
|
166
|
+
uint16_t current_epoch_high = current_epoch & 0xfffc;
|
167
|
+
uint16_t epoch = (wire_epoch & 0x3) | current_epoch_high;
|
168
|
+
if (epoch > current_epoch && current_epoch_high > 0) {
|
169
|
+
epoch -= 0x4;
|
170
|
+
}
|
171
|
+
return epoch;
|
172
|
+
}
|
173
|
+
|
174
|
+
uint64_t reconstruct_seqnum(uint16_t wire_seq, uint64_t seq_mask,
|
175
|
+
uint64_t max_valid_seqnum) {
|
176
|
+
uint64_t max_seqnum_plus_one = max_valid_seqnum + 1;
|
177
|
+
uint64_t diff = (wire_seq - max_seqnum_plus_one) & seq_mask;
|
178
|
+
uint64_t step = seq_mask + 1;
|
179
|
+
uint64_t seqnum = max_seqnum_plus_one + diff;
|
180
|
+
// seqnum is computed as the addition of 3 non-negative values
|
181
|
+
// (max_valid_seqnum, 1, and diff). The values 1 and diff are small (relative
|
182
|
+
// to the size of a uint64_t), while max_valid_seqnum can span the range of
|
183
|
+
// all uint64_t values. If seqnum is less than max_valid_seqnum, then the
|
184
|
+
// addition overflowed.
|
185
|
+
bool overflowed = seqnum < max_valid_seqnum;
|
186
|
+
// If the diff is larger than half the step size, then the closest seqnum
|
187
|
+
// to max_seqnum_plus_one (in Z_{2^64}) is seqnum minus step instead of
|
188
|
+
// seqnum.
|
189
|
+
bool closer_is_less = diff > step / 2;
|
190
|
+
// Subtracting step from seqnum will cause underflow if seqnum is too small.
|
191
|
+
bool would_underflow = seqnum < step;
|
192
|
+
if (overflowed || (closer_is_less && !would_underflow)) {
|
193
|
+
seqnum -= step;
|
194
|
+
}
|
195
|
+
return seqnum;
|
196
|
+
}
|
197
|
+
|
198
|
+
static bool parse_dtls13_record_header(SSL *ssl, CBS *in, Span<uint8_t> packet,
|
199
|
+
uint8_t type, CBS *out_body,
|
200
|
+
uint64_t *out_sequence,
|
201
|
+
uint16_t *out_epoch,
|
202
|
+
size_t *out_header_len) {
|
203
|
+
// TODO(crbug.com/boringssl/715): Decrypt the sequence number before
|
204
|
+
// decoding it.
|
205
|
+
if ((type & 0x10) == 0x10) {
|
206
|
+
// Connection ID bit set, which we didn't negotiate.
|
207
|
+
return false;
|
208
|
+
}
|
209
|
+
|
210
|
+
// TODO(crbug.com/boringssl/715): Add a runner test that performs many
|
211
|
+
// key updates to verify epoch reconstruction works for epochs larger than
|
212
|
+
// 3.
|
213
|
+
*out_epoch = reconstruct_epoch(type, ssl->d1->r_epoch);
|
214
|
+
size_t seqlen = 1;
|
215
|
+
if ((type & 0x08) == 0x08) {
|
216
|
+
// If this bit is set, the sequence number is 16 bits long, otherwise it is
|
217
|
+
// 8 bits. The seqlen variable tracks the length of the sequence number in
|
218
|
+
// bytes.
|
219
|
+
seqlen = 2;
|
220
|
+
}
|
221
|
+
if (!CBS_skip(in, seqlen)) {
|
222
|
+
// The record header was incomplete or malformed.
|
223
|
+
return false;
|
224
|
+
}
|
225
|
+
*out_header_len = packet.size() - CBS_len(in);
|
226
|
+
if ((type & 0x04) == 0x04) {
|
227
|
+
*out_header_len += 2;
|
228
|
+
// 16-bit length present
|
229
|
+
if (!CBS_get_u16_length_prefixed(in, out_body)) {
|
230
|
+
// The record header was incomplete or malformed.
|
231
|
+
return false;
|
232
|
+
}
|
233
|
+
} else {
|
234
|
+
// No length present - the remaining contents are the whole packet.
|
235
|
+
// CBS_get_bytes is used here to advance |in| to the end so that future
|
236
|
+
// code that computes the number of consumed bytes functions correctly.
|
237
|
+
if (!CBS_get_bytes(in, out_body, CBS_len(in))) {
|
238
|
+
return false;
|
239
|
+
}
|
240
|
+
}
|
241
|
+
|
242
|
+
// Decrypt and reconstruct the sequence number:
|
243
|
+
uint8_t mask[AES_BLOCK_SIZE];
|
244
|
+
SSLAEADContext *aead = ssl->s3->aead_read_ctx.get();
|
245
|
+
if (!aead->GenerateRecordNumberMask(mask, *out_body)) {
|
246
|
+
// GenerateRecordNumberMask most likely failed because the record body was
|
247
|
+
// not long enough.
|
248
|
+
return false;
|
249
|
+
}
|
250
|
+
// Apply the mask to the sequence number as it exists in the header. The
|
251
|
+
// header (with the decrypted sequence number bytes) is used as the
|
252
|
+
// additional data for the AEAD function. Since we don't support Connection
|
253
|
+
// ID, the sequence number starts immediately after the type byte.
|
254
|
+
uint64_t seq = 0;
|
255
|
+
for (size_t i = 0; i < seqlen; i++) {
|
256
|
+
packet[i + 1] ^= mask[i];
|
257
|
+
seq = (seq << 8) | packet[i + 1];
|
258
|
+
}
|
259
|
+
*out_sequence = reconstruct_seqnum(seq, (1 << (seqlen * 8)) - 1,
|
260
|
+
ssl->d1->bitmap.max_seq_num);
|
261
|
+
return true;
|
262
|
+
}
|
263
|
+
|
264
|
+
static bool parse_dtls_plaintext_record_header(
|
265
|
+
SSL *ssl, CBS *in, size_t packet_size, uint8_t type, CBS *out_body,
|
266
|
+
uint64_t *out_sequence, uint16_t *out_epoch, size_t *out_header_len,
|
267
|
+
uint16_t *out_version) {
|
268
|
+
SSLAEADContext *aead = ssl->s3->aead_read_ctx.get();
|
269
|
+
uint8_t sequence_bytes[8];
|
270
|
+
if (!CBS_get_u16(in, out_version) ||
|
271
|
+
!CBS_copy_bytes(in, sequence_bytes, sizeof(sequence_bytes))) {
|
272
|
+
return false;
|
273
|
+
}
|
274
|
+
*out_header_len = packet_size - CBS_len(in) + 2;
|
275
|
+
if (!CBS_get_u16_length_prefixed(in, out_body) ||
|
276
|
+
CBS_len(out_body) > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
|
277
|
+
return false;
|
278
|
+
}
|
279
|
+
|
280
|
+
bool version_ok;
|
281
|
+
if (aead->is_null_cipher()) {
|
282
|
+
// Only check the first byte. Enforcing beyond that can prevent decoding
|
283
|
+
// version negotiation failure alerts.
|
284
|
+
version_ok = (*out_version >> 8) == DTLS1_VERSION_MAJOR;
|
285
|
+
} else {
|
286
|
+
version_ok = *out_version == aead->RecordVersion();
|
287
|
+
}
|
288
|
+
|
289
|
+
if (!version_ok) {
|
290
|
+
return false;
|
291
|
+
}
|
292
|
+
|
293
|
+
*out_sequence = CRYPTO_load_u64_be(sequence_bytes);
|
294
|
+
*out_epoch = static_cast<uint16_t>(*out_sequence >> 48);
|
295
|
+
|
296
|
+
// Discard the packet if we're expecting an encrypted DTLS 1.3 record but we
|
297
|
+
// get the old record header format.
|
298
|
+
if (!aead->is_null_cipher() && aead->ProtocolVersion() >= TLS1_3_VERSION) {
|
299
|
+
return false;
|
300
|
+
}
|
301
|
+
return true;
|
302
|
+
}
|
303
|
+
|
162
304
|
enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
163
305
|
Span<uint8_t> *out,
|
164
306
|
size_t *out_consumed,
|
@@ -174,41 +316,41 @@ enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
174
316
|
|
175
317
|
CBS cbs = CBS(in);
|
176
318
|
|
177
|
-
// Decode the record.
|
178
319
|
uint8_t type;
|
179
|
-
|
180
|
-
|
181
|
-
CBS body;
|
182
|
-
if (!CBS_get_u8(&cbs, &type) ||
|
183
|
-
!CBS_get_u16(&cbs, &version) ||
|
184
|
-
!CBS_copy_bytes(&cbs, sequence_bytes, sizeof(sequence_bytes)) ||
|
185
|
-
!CBS_get_u16_length_prefixed(&cbs, &body) ||
|
186
|
-
CBS_len(&body) > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
|
320
|
+
size_t record_header_len;
|
321
|
+
if (!CBS_get_u8(&cbs, &type)) {
|
187
322
|
// The record header was incomplete or malformed. Drop the entire packet.
|
188
323
|
*out_consumed = in.size();
|
189
324
|
return ssl_open_record_discard;
|
190
325
|
}
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
326
|
+
SSLAEADContext *aead = ssl->s3->aead_read_ctx.get();
|
327
|
+
uint64_t sequence;
|
328
|
+
uint16_t epoch;
|
329
|
+
uint16_t version = 0;
|
330
|
+
CBS body;
|
331
|
+
bool valid_record_header;
|
332
|
+
// Decode the record header. If the 3 high bits of the type are 001, then the
|
333
|
+
// record header is the DTLS 1.3 format. The DTLS 1.3 format should only be
|
334
|
+
// used for encrypted records with DTLS 1.3. Plaintext records or DTLS 1.2
|
335
|
+
// records use the old record header format.
|
336
|
+
if ((type & 0xe0) == 0x20 && !aead->is_null_cipher() &&
|
337
|
+
aead->ProtocolVersion() >= TLS1_3_VERSION) {
|
338
|
+
valid_record_header = parse_dtls13_record_header(
|
339
|
+
ssl, &cbs, in, type, &body, &sequence, &epoch, &record_header_len);
|
197
340
|
} else {
|
198
|
-
|
341
|
+
valid_record_header = parse_dtls_plaintext_record_header(
|
342
|
+
ssl, &cbs, in.size(), type, &body, &sequence, &epoch,
|
343
|
+
&record_header_len, &version);
|
199
344
|
}
|
200
|
-
|
201
|
-
if (!version_ok) {
|
345
|
+
if (!valid_record_header) {
|
202
346
|
// The record header was incomplete or malformed. Drop the entire packet.
|
203
347
|
*out_consumed = in.size();
|
204
348
|
return ssl_open_record_discard;
|
205
349
|
}
|
206
350
|
|
207
|
-
Span<const uint8_t> header = in.subspan(0,
|
351
|
+
Span<const uint8_t> header = in.subspan(0, record_header_len);
|
208
352
|
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_HEADER, header);
|
209
353
|
|
210
|
-
uint64_t sequence = CRYPTO_load_u64_be(sequence_bytes);
|
211
|
-
uint16_t epoch = static_cast<uint16_t>(sequence >> 48);
|
212
354
|
if (epoch != ssl->d1->r_epoch ||
|
213
355
|
dtls1_bitmap_should_discard(&ssl->d1->bitmap, sequence)) {
|
214
356
|
// Drop this record. It's from the wrong epoch or is a replay. Note that if
|
@@ -220,7 +362,7 @@ enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
220
362
|
}
|
221
363
|
|
222
364
|
// discard the body in-place.
|
223
|
-
if (!
|
365
|
+
if (!aead->Open(
|
224
366
|
out, type, version, sequence, header,
|
225
367
|
MakeSpan(const_cast<uint8_t *>(CBS_data(&body)), CBS_len(&body)))) {
|
226
368
|
// Bad packets are silently dropped in DTLS. See section 4.2.1 of RFC 6347.
|
@@ -235,13 +377,29 @@ enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
235
377
|
}
|
236
378
|
*out_consumed = in.size() - CBS_len(&cbs);
|
237
379
|
|
380
|
+
// DTLS 1.3 hides the record type inside the encrypted data.
|
381
|
+
bool has_padding =
|
382
|
+
!aead->is_null_cipher() && aead->ProtocolVersion() >= TLS1_3_VERSION;
|
238
383
|
// Check the plaintext length.
|
239
|
-
|
384
|
+
size_t plaintext_limit = SSL3_RT_MAX_PLAIN_LENGTH + (has_padding ? 1 : 0);
|
385
|
+
if (out->size() > plaintext_limit) {
|
240
386
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG);
|
241
387
|
*out_alert = SSL_AD_RECORD_OVERFLOW;
|
242
388
|
return ssl_open_record_error;
|
243
389
|
}
|
244
390
|
|
391
|
+
if (has_padding) {
|
392
|
+
do {
|
393
|
+
if (out->empty()) {
|
394
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
|
395
|
+
*out_alert = SSL_AD_DECRYPT_ERROR;
|
396
|
+
return ssl_open_record_error;
|
397
|
+
}
|
398
|
+
type = out->back();
|
399
|
+
*out = out->subspan(0, out->size() - 1);
|
400
|
+
} while (type == 0);
|
401
|
+
}
|
402
|
+
|
245
403
|
dtls1_bitmap_record(&ssl->d1->bitmap, sequence);
|
246
404
|
|
247
405
|
// TODO(davidben): Limit the number of empty records as in TLS? This is only
|
@@ -257,24 +415,52 @@ enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
257
415
|
return ssl_open_record_success;
|
258
416
|
}
|
259
417
|
|
260
|
-
static
|
261
|
-
|
418
|
+
static SSLAEADContext *get_write_aead(const SSL *ssl, uint16_t epoch) {
|
419
|
+
if (epoch == 0) {
|
420
|
+
return ssl->d1->initial_aead_write_ctx.get();
|
421
|
+
}
|
422
|
+
|
262
423
|
if (epoch < ssl->d1->w_epoch) {
|
263
|
-
|
424
|
+
BSSL_CHECK(epoch + 1 == ssl->d1->w_epoch);
|
264
425
|
return ssl->d1->last_aead_write_ctx.get();
|
265
426
|
}
|
266
427
|
|
267
|
-
|
428
|
+
BSSL_CHECK(epoch == ssl->d1->w_epoch);
|
268
429
|
return ssl->s3->aead_write_ctx.get();
|
269
430
|
}
|
270
431
|
|
432
|
+
static bool use_dtls13_record_header(const SSL *ssl, uint16_t epoch) {
|
433
|
+
// Plaintext records in DTLS 1.3 also use the DTLSPlaintext structure for
|
434
|
+
// backwards compatibility.
|
435
|
+
return ssl->s3->have_version && ssl_protocol_version(ssl) > TLS1_2_VERSION &&
|
436
|
+
epoch > 0;
|
437
|
+
}
|
438
|
+
|
439
|
+
size_t dtls_record_header_write_len(const SSL *ssl, uint16_t epoch) {
|
440
|
+
if (!use_dtls13_record_header(ssl, epoch)) {
|
441
|
+
return DTLS_PLAINTEXT_RECORD_HEADER_LENGTH;
|
442
|
+
}
|
443
|
+
// The DTLS 1.3 has a variable length record header. We never send Connection
|
444
|
+
// ID, we always send 16-bit sequence numbers, and we send a length. (Length
|
445
|
+
// can be omitted, but only for the last record of a packet. Since we send
|
446
|
+
// multiple records in one packet, it's easier to implement always sending the
|
447
|
+
// length.)
|
448
|
+
return DTLS1_3_RECORD_HEADER_WRITE_LENGTH;
|
449
|
+
}
|
450
|
+
|
271
451
|
size_t dtls_max_seal_overhead(const SSL *ssl,
|
272
452
|
uint16_t epoch) {
|
273
|
-
|
453
|
+
size_t ret = dtls_record_header_write_len(ssl, epoch) +
|
454
|
+
get_write_aead(ssl, epoch)->MaxOverhead();
|
455
|
+
if (use_dtls13_record_header(ssl, epoch)) {
|
456
|
+
// Add 1 byte for the encrypted record type.
|
457
|
+
ret++;
|
458
|
+
}
|
459
|
+
return ret;
|
274
460
|
}
|
275
461
|
|
276
462
|
size_t dtls_seal_prefix_len(const SSL *ssl, uint16_t epoch) {
|
277
|
-
return
|
463
|
+
return dtls_record_header_write_len(ssl, epoch) +
|
278
464
|
get_write_aead(ssl, epoch)->ExplicitNonceLen();
|
279
465
|
}
|
280
466
|
|
@@ -289,26 +475,15 @@ bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
|
|
289
475
|
}
|
290
476
|
|
291
477
|
// Determine the parameters for the current epoch.
|
292
|
-
SSLAEADContext *aead = ssl
|
478
|
+
SSLAEADContext *aead = get_write_aead(ssl, epoch);
|
293
479
|
uint64_t *seq = &ssl->s3->write_sequence;
|
294
480
|
if (epoch < ssl->d1->w_epoch) {
|
295
|
-
assert(epoch + 1 == ssl->d1->w_epoch);
|
296
|
-
aead = ssl->d1->last_aead_write_ctx.get();
|
297
481
|
seq = &ssl->d1->last_write_sequence;
|
298
|
-
} else {
|
299
|
-
assert(epoch == ssl->d1->w_epoch);
|
300
482
|
}
|
483
|
+
// TODO(crbug.com/boringssl/715): If epoch is initial or handshake, the value
|
484
|
+
// of seq is probably wrong for a retransmission.
|
301
485
|
|
302
|
-
|
303
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
|
304
|
-
return false;
|
305
|
-
}
|
306
|
-
|
307
|
-
out[0] = type;
|
308
|
-
|
309
|
-
uint16_t record_version = ssl->s3->aead_write_ctx->RecordVersion();
|
310
|
-
out[1] = record_version >> 8;
|
311
|
-
out[2] = record_version & 0xff;
|
486
|
+
const size_t record_header_len = dtls_record_header_write_len(ssl, epoch);
|
312
487
|
|
313
488
|
// Ensure the sequence number update does not overflow.
|
314
489
|
const uint64_t kMaxSequenceNumber = (uint64_t{1} << 48) - 1;
|
@@ -317,28 +492,87 @@ bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
|
|
317
492
|
return false;
|
318
493
|
}
|
319
494
|
|
495
|
+
uint16_t record_version = ssl->s3->aead_write_ctx->RecordVersion();
|
320
496
|
uint64_t seq_with_epoch = (uint64_t{epoch} << 48) | *seq;
|
321
|
-
|
497
|
+
|
498
|
+
bool dtls13_header = use_dtls13_record_header(ssl, epoch);
|
499
|
+
uint8_t *extra_in = NULL;
|
500
|
+
size_t extra_in_len = 0;
|
501
|
+
if (dtls13_header) {
|
502
|
+
extra_in = &type;
|
503
|
+
extra_in_len = 1;
|
504
|
+
}
|
322
505
|
|
323
506
|
size_t ciphertext_len;
|
324
|
-
if (!aead->CiphertextLen(&ciphertext_len, in_len,
|
507
|
+
if (!aead->CiphertextLen(&ciphertext_len, in_len, extra_in_len)) {
|
325
508
|
OPENSSL_PUT_ERROR(SSL, SSL_R_RECORD_TOO_LARGE);
|
326
509
|
return false;
|
327
510
|
}
|
328
|
-
|
329
|
-
|
330
|
-
|
511
|
+
if (max_out < record_header_len + ciphertext_len) {
|
512
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);
|
513
|
+
return false;
|
514
|
+
}
|
515
|
+
|
516
|
+
if (dtls13_header) {
|
517
|
+
// The first byte of the DTLS 1.3 record header has the following format:
|
518
|
+
// 0 1 2 3 4 5 6 7
|
519
|
+
// +-+-+-+-+-+-+-+-+
|
520
|
+
// |0|0|1|C|S|L|E E|
|
521
|
+
// +-+-+-+-+-+-+-+-+
|
522
|
+
//
|
523
|
+
// We set C=0 (no Connection ID), S=1 (16-bit sequence number), L=1 (length
|
524
|
+
// is present), which is a mask of 0x2c. The E E bits are the low-order two
|
525
|
+
// bits of the epoch.
|
526
|
+
//
|
527
|
+
// +-+-+-+-+-+-+-+-+
|
528
|
+
// |0|0|1|0|1|1|E E|
|
529
|
+
// +-+-+-+-+-+-+-+-+
|
530
|
+
out[0] = 0x2c | (epoch & 0x3);
|
531
|
+
out[1] = *seq >> 8;
|
532
|
+
out[2] = *seq & 0xff;
|
533
|
+
out[3] = ciphertext_len >> 8;
|
534
|
+
out[4] = ciphertext_len & 0xff;
|
535
|
+
// DTLS 1.3 uses the sequence number without the epoch for the AEAD.
|
536
|
+
seq_with_epoch = *seq;
|
537
|
+
} else {
|
538
|
+
out[0] = type;
|
539
|
+
out[1] = record_version >> 8;
|
540
|
+
out[2] = record_version & 0xff;
|
541
|
+
CRYPTO_store_u64_be(&out[3], seq_with_epoch);
|
542
|
+
out[11] = ciphertext_len >> 8;
|
543
|
+
out[12] = ciphertext_len & 0xff;
|
544
|
+
}
|
545
|
+
Span<const uint8_t> header = MakeConstSpan(out, record_header_len);
|
546
|
+
|
331
547
|
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
548
|
+
if (!aead->SealScatter(out + record_header_len, out + prefix,
|
549
|
+
out + prefix + in_len, type, record_version,
|
550
|
+
seq_with_epoch, header, in, in_len, extra_in,
|
551
|
+
extra_in_len)) {
|
336
552
|
return false;
|
337
553
|
}
|
338
|
-
|
554
|
+
|
555
|
+
// Perform record number encryption (RFC 9147 section 4.2.3).
|
556
|
+
if (dtls13_header) {
|
557
|
+
// Record number encryption uses bytes from the ciphertext as a sample to
|
558
|
+
// generate the mask used for encryption. For simplicity, pass in the whole
|
559
|
+
// ciphertext as the sample - GenerateRecordNumberMask will read only what
|
560
|
+
// it needs (and error if |sample| is too short).
|
561
|
+
Span<const uint8_t> sample =
|
562
|
+
MakeConstSpan(out + record_header_len, ciphertext_len);
|
563
|
+
// AES cipher suites require the mask be exactly AES_BLOCK_SIZE; ChaCha20
|
564
|
+
// cipher suites have no requirements on the mask size. We only need the
|
565
|
+
// first two bytes from the mask.
|
566
|
+
uint8_t mask[AES_BLOCK_SIZE];
|
567
|
+
if (!aead->GenerateRecordNumberMask(mask, sample)) {
|
568
|
+
return false;
|
569
|
+
}
|
570
|
+
out[1] ^= mask[0];
|
571
|
+
out[2] ^= mask[1];
|
572
|
+
}
|
339
573
|
|
340
574
|
(*seq)++;
|
341
|
-
*out_len =
|
575
|
+
*out_len = record_header_len + ciphertext_len;
|
342
576
|
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HEADER, header);
|
343
577
|
return true;
|
344
578
|
}
|