grpc 1.69.0 → 1.70.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +251 -249
- data/include/grpc/support/atm.h +0 -13
- data/src/core/call/request_buffer.cc +224 -0
- data/src/core/call/request_buffer.h +192 -0
- data/src/core/client_channel/client_channel.cc +2 -3
- data/src/core/client_channel/client_channel_args.h +21 -0
- data/src/core/client_channel/client_channel_filter.h +1 -3
- data/src/core/client_channel/retry_interceptor.cc +406 -0
- data/src/core/client_channel/retry_interceptor.h +157 -0
- data/src/core/client_channel/retry_service_config.h +13 -0
- data/src/core/client_channel/retry_throttle.cc +33 -18
- data/src/core/client_channel/retry_throttle.h +3 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +596 -94
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +189 -13
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_security.cc +1 -3
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +40 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +3 -1
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +66 -36
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +19 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +116 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +31 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +67 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +228 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +65 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +6 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +7 -106
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +7 -28
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +85 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +25 -3
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +2 -1
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +152 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +40 -10
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +135 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +41 -9
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +0 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +16 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +60 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -2
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +0 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +102 -24
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +28 -19
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +251 -18
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +41 -16
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +2 -0
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +11 -10
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +418 -413
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +161 -153
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +267 -261
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +29 -19
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +58 -65
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +73 -63
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +49 -48
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +117 -100
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +905 -897
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +460 -457
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +16 -19
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +95 -95
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +202 -191
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +148 -135
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +23 -22
- data/src/core/filter/filter_args.h +112 -0
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +1 -1
- data/src/core/lib/channel/promise_based_filter.h +5 -79
- data/src/core/lib/debug/trace_flags.cc +2 -0
- data/src/core/lib/debug/trace_flags.h +1 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +14 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +7 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +1 -0
- data/src/core/lib/experiments/experiments.cc +90 -39
- data/src/core/lib/experiments/experiments.h +43 -24
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +1 -1
- data/src/core/lib/promise/activity.cc +2 -0
- data/src/core/lib/promise/activity.h +29 -8
- data/src/core/lib/promise/map.h +42 -0
- data/src/core/lib/promise/party.cc +36 -1
- data/src/core/lib/promise/party.h +13 -5
- data/src/core/lib/promise/sleep.h +1 -0
- data/src/core/lib/promise/status_flag.h +10 -0
- data/src/core/lib/resource_quota/arena.h +8 -0
- data/src/core/lib/resource_quota/connection_quota.h +4 -0
- data/src/core/lib/surface/call_utils.h +2 -0
- data/src/core/lib/surface/client_call.cc +43 -35
- data/src/core/lib/surface/client_call.h +5 -0
- data/src/core/lib/surface/event_string.cc +7 -1
- data/src/core/lib/surface/init_internally.h +13 -2
- data/src/core/lib/surface/server_call.cc +100 -85
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/call_filters.cc +10 -4
- data/src/core/lib/transport/call_filters.h +8 -0
- data/src/core/lib/transport/call_spine.cc +36 -71
- data/src/core/lib/transport/call_spine.h +131 -7
- data/src/core/lib/transport/call_state.h +132 -39
- data/src/core/lib/transport/interception_chain.cc +8 -0
- data/src/core/lib/transport/interception_chain.h +9 -0
- data/src/core/load_balancing/endpoint_list.cc +10 -0
- data/src/core/load_balancing/endpoint_list.h +13 -6
- data/src/core/load_balancing/lb_policy.h +0 -8
- data/src/core/load_balancing/pick_first/pick_first.cc +89 -56
- data/src/core/load_balancing/ring_hash/ring_hash.cc +158 -70
- data/src/core/load_balancing/ring_hash/ring_hash.h +4 -11
- data/src/core/load_balancing/round_robin/round_robin.cc +9 -14
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +12 -15
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +4 -4
- data/src/core/resolver/xds/xds_dependency_manager.cc +139 -135
- data/src/core/resolver/xds/xds_dependency_manager.h +24 -18
- data/src/core/resolver/xds/xds_resolver.cc +28 -47
- data/src/core/server/server.cc +290 -24
- data/src/core/server/server.h +199 -61
- data/src/core/server/xds_server_config_fetcher.cc +78 -142
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
- data/src/core/util/backoff.cc +15 -4
- data/src/core/util/http_client/httpcli.cc +66 -18
- data/src/core/util/http_client/httpcli.h +14 -4
- data/src/core/util/matchers.h +5 -10
- data/src/core/util/ref_counted.h +1 -0
- data/src/core/util/ref_counted_ptr.h +1 -1
- data/src/core/util/useful.h +9 -11
- data/src/core/xds/grpc/xds_endpoint_parser.cc +54 -23
- data/src/core/xds/grpc/xds_metadata.h +8 -0
- data/src/core/xds/xds_client/xds_api.cc +0 -223
- data/src/core/xds/xds_client/xds_api.h +1 -133
- data/src/core/xds/xds_client/xds_client.cc +599 -466
- data/src/core/xds/xds_client/xds_client.h +107 -26
- data/src/core/xds/xds_client/xds_resource_type_impl.h +10 -5
- data/src/ruby/ext/grpc/extconf.rb +1 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bitstr.c → a_bitstr.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_d2i_fp.c → a_d2i_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_dup.c → a_dup.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_i2d_fp.c → a_i2d_fp.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_int.c → a_int.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_mbstr.c → a_mbstr.cc} +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_object.c → a_object.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strnid.c → a_strnid.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_type.c → a_type.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_lib.c → asn1_lib.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn_pack.c → asn_pack.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{posix_time.c → posix_time.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_dec.c → tasn_dec.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_enc.c → tasn_enc.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_fre.c → tasn_fre.cc} +14 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_new.c → tasn_new.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_utl.c → tasn_utl.cc} +13 -10
- data/third_party/boringssl-with-bazel/src/crypto/base64/{base64.c → base64.cc} +9 -12
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio.c → bio.cc} +32 -58
- data/third_party/boringssl-with-bazel/src/crypto/bio/{bio_mem.c → bio_mem.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/{connect.c → connect.cc} +24 -16
- data/third_party/boringssl-with-bazel/src/crypto/bio/{file.c → file.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/{pair.c → pair.cc} +22 -20
- data/third_party/boringssl-with-bazel/src/crypto/bio/{printf.c → printf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/{socket_helper.c → socket_helper.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/blake2/{blake2.c → blake2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{bn_asn1.c → bn_asn1.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/{convert.c → convert.cc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/buf/{buf.c → buf.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{asn1_compat.c → asn1_compat.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{ber.c → ber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbb.c → cbb.cc} +33 -49
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbs.c → cbs.cc} +20 -27
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/{unicode.c → unicode.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/{chacha.c → chacha.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesctrhmac.c → e_aesctrhmac.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_aesgcmsiv.c → e_aesgcmsiv.cc} +23 -26
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_chacha20poly1305.c → e_chacha20poly1305.cc} +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_des.c → e_des.cc} +61 -49
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_null.c → e_null.cc} +12 -9
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc2.c → e_rc2.cc} +23 -19
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_rc4.c → e_rc4.cc} +10 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{e_tls.c → e_tls.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/{conf.c → conf.cc} +17 -14
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_apple.c → cpu_aarch64_apple.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_fuchsia.c → cpu_aarch64_fuchsia.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_linux.c → cpu_aarch64_linux.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_openbsd.c → cpu_aarch64_openbsd.cc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_sysreg.c → cpu_aarch64_sysreg.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_win.c → cpu_aarch64_win.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_freebsd.c → cpu_arm_freebsd.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_linux.c → cpu_arm_linux.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{cpu_intel.c → cpu_intel.cc} +47 -32
- data/third_party/boringssl-with-bazel/src/crypto/{crypto.c → crypto.cc} +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519.c → curve25519.cc} +28 -31
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519_64_adx.c → curve25519_64_adx.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/{spake25519.c → spake25519.cc} +20 -16
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{dh_asn1.c → dh_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/{digest_extra.c → digest_extra.cc} +113 -31
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa.c → dsa.cc} +153 -154
- data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa_asn1.c → dsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_asn1.c → ec_asn1.cc} +35 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{ec_derive.c → ec_derive.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/{hash_to_curve.c → hash_to_curve.cc} +66 -64
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/{ecdsa_asn1.c → ecdsa_asn1.cc} +15 -25
- data/third_party/boringssl-with-bazel/src/crypto/engine/{engine.c → engine.cc} +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/err/{err.c → err.cc} +24 -27
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp.c → evp.cc} +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_ctx.c → evp_ctx.cc} +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh.c → p_dh.cc} +23 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh_asn1.c → p_dh_asn1.cc} +38 -21
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dsa_asn1.c → p_dsa_asn1.cc} +19 -24
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec.c → p_ec.cc} +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec_asn1.c → p_ec_asn1.cc} +20 -20
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519.c → p_ed25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519_asn1.c → p_ed25519_asn1.cc} +14 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_hkdf.c → p_hkdf.cc} +18 -14
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa.c → p_rsa.cc} +38 -37
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa_asn1.c → p_rsa_asn1.cc} +16 -18
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519.c → p_x25519.cc} +22 -19
- data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519_asn1.c → p_x25519_asn1.cc} +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/evp/{pbkdf.c → pbkdf.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/{print.c → print.cc} +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/{scrypt.c → scrypt.cc} +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/{ex_data.c → ex_data.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c.inc → aes_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{bcm.c → bcm.cc} +96 -101
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +165 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c.inc → add.cc.inc} +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c.inc → x86_64-gcc.cc.inc} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} +12 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} +5 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} +29 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} +22 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} +33 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c.inc → montgomery.cc.inc} +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c.inc → mul.cc.inc} +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c.inc → prime.cc.inc} +31 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c.inc → shift.cc.inc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c.inc → aead.cc.inc} +18 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c.inc → cipher.cc.inc} +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c.inc → e_aes.cc.inc} +46 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c.inc → cmac.cc.inc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +14 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c.inc → dh.cc.inc} +15 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c.inc → digest.cc.inc} +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digests.c.inc → digests.cc.inc} +29 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c.inc → digestsign.cc.inc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c.inc → ec.cc.inc} +10 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c.inc → ec_key.cc.inc} +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c.inc → felem.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c.inc → oct.cc.inc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c.inc → p224-64.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c.inc → p256-nistz.cc.inc} +15 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c.inc → p256.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c.inc → scalar.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c.inc → simple_mul.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c.inc → util.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c.inc → wnaf.cc.inc} +24 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/{ecdh.c.inc → ecdh.cc.inc} +14 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c.inc → ecdsa.cc.inc} +6 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{fips_shared_support.c → fips_shared_support.cc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c.inc → hkdf.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c.inc → hmac.cc.inc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm.c.inc → gcm.cc.inc} +69 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{gcm_nohw.c.inc → gcm_nohw.cc.inc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +53 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{polyval.c.inc → polyval.cc.inc} +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c.inc → ctrdrbg.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c.inc → rand.cc.inc} +20 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{blinding.c.inc → blinding.cc.inc} +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c.inc → padding.cc.inc} +21 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c.inc → rsa.cc.inc} +77 -73
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c.inc → rsa_impl.cc.inc} +50 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c.inc → fips.cc.inc} +14 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c.inc → self_check.cc.inc} +56 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c.inc → service_indicator.cc.inc} +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c.inc → sha1.cc.inc} +26 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c.inc → sha256.cc.inc} +37 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c.inc → sha512.cc.inc} +48 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/hpke/{hpke.c → hpke.cc} +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/hrss/{hrss.c → hrss.cc} +53 -110
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +191 -248
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/keccak/{keccak.c → keccak.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/{kyber.c → kyber.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/lhash/{lhash.c → lhash.cc} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md4/md4.c.inc → md4/md4.cc} +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5 → md5}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5/md5.c.inc → md5/md5.cc} +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/{mem.c → mem.cc} +34 -22
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/{mldsa.c → mldsa.cc} +646 -543
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/obj/{obj.c → obj.cc} +27 -30
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_info.c → pem_info.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_lib.c → pem_lib.cc} +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_oth.c → pem_oth.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7.c → pkcs7.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7_x509.c → pkcs7_x509.cc} +26 -25
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{p5_pbev2.c → p5_pbev2.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8.c → pkcs8.cc} +159 -158
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} +90 -97
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} +12 -11
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{deterministic.c → deterministic.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{fork_detect.c → fork_detect.cc} +11 -12
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{forkunsafe.c → forkunsafe.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{getentropy.c → getentropy.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getrandom_fillin.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{ios.c → ios.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{passive.c → passive.cc} +22 -18
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{rand_extra.c → rand_extra.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{trusty.c → trusty.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{urandom.c → urandom.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/{windows.c → windows.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{refcount.c → refcount.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_asn1.c → rsa_asn1.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_crypt.c → rsa_crypt.cc} +81 -78
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_extra.cc +17 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/{siphash.c → siphash.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/address.h +123 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.cc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/internal.h +63 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.cc +161 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/params.h +83 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +307 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.cc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.cc +171 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/{stack.c → stack.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/{thread_none.c → thread_none.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{thread_pthread.c → thread_pthread.cc} +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/{thread_win.c → thread_win.cc} +21 -17
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{pmbtoken.c → pmbtoken.cc} +146 -158
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{trust_token.c → trust_token.cc} +19 -21
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/{voprf.c → voprf.cc} +165 -169
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_digest.c → a_digest.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_sign.c → a_sign.cc} +37 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/{a_verify.c → a_verify.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{algorithm.c → algorithm.cc} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{asn1_gen.c → asn1_gen.cc} +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{by_dir.c → by_dir.cc} +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{policy.c → policy.cc} +188 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/{rsa_pss.c → rsa_pss.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akey.c → v3_akey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_alt.c → v3_alt.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bcons.c → v3_bcons.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_bitst.c → v3_bitst.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_conf.c → v3_conf.cc} +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_cpols.c → v3_cpols.cc} +47 -41
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_crld.c → v3_crld.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_enum.c → v3_enum.cc} +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_extku.c → v3_extku.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_genn.c → v3_genn.cc} +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ia5.c → v3_ia5.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_info.c → v3_info.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_int.c → v3_int.cc} +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_lib.c → v3_lib.cc} +9 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ncons.c → v3_ncons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ocsp.c → v3_ocsp.cc} +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pcons.c → v3_pcons.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pmaps.c → v3_pmaps.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_prn.c → v3_prn.cc} +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_purp.c → v3_purp.cc} +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_skey.c → v3_skey.cc} +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_utl.c → v3_utl.cc} +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_att.c → x509_att.cc} +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_lu.c → x509_lu.cc} +6 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_v3.c → x509_v3.cc} +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vfy.c → x509_vfy.cc} +216 -212
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vpm.c → x509_vpm.cc} +55 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x509spki.c → x509spki.cc} +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_all.c → x_all.cc} +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_crl.c → x_crl.cc} +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_name.c → x_name.cc} +39 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_pubkey.c → x_pubkey.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509.c → x_x509.cc} +48 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509a.c → x_x509a.cc} +4 -2
- data/third_party/boringssl-with-bazel/src/gen/crypto/{err_data.c → err_data.cc} +359 -358
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +237 -275
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +13 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +17 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +8 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +2 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +133 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +6 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +160 -116
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -6
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +667 -322
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +116 -119
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +163 -21
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +4 -12
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +94 -49
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +296 -198
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +23 -14
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +363 -343
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +48 -58
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +44 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -159
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +65 -58
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +910 -356
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +29 -41
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +90 -183
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +38 -64
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +103 -44
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +210 -220
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +70 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +20 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +146 -169
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +15 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +79 -95
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +91 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +30 -16
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +51 -56
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +22 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +43 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +63 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +204 -121
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +86 -59
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +51 -62
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +37 -25
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
- metadata +339 -339
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -426
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -87
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -32
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -408
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -124
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -38
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -108
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -33
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -48
- data/src/core/util/atm.cc +0 -34
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bool.c → a_bool.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_gentm.c → a_gentm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_octet.c → a_octet.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strex.c → a_strex.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_time.c → a_time.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_utctm.c → a_utctm.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_par.c → asn1_par.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_int.c → f_int.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{f_string.c → f_string.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_typ.c → tasn_typ.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{errno.c → errno.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{fd.c → fd.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{hexdump.c → hexdump.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/bio/{socket.c → socket.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{cipher_extra.c → cipher_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{derive_key.c → derive_key.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/{tls_cbc.c → tls_cbc.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/des/{des.c → des.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/dh_extra/{params.c → params.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/{ecdh_extra.c → ecdh_extra.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_asn1.c → evp_asn1.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/evp/{sign.c → sign.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes.c.inc → aes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{mode_wrappers.c.inc → mode_wrappers.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c.inc → bytes.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c.inc → cmp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c.inc → generic.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{jacobi.c.inc → jacobi.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c.inc → montgomery_inv.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c.inc → random.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c.inc → rsaz_exp.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c.inc → sqrt.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c.inc → e_aesccm.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c.inc → check.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c.inc → ec_montgomery.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c.inc → simple.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cbc.c.inc → cbc.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{cfb.c.inc → cfb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ctr.c.inc → ctr.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/{ofb.c.inc → ofb.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c.inc → kdf.cc.inc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/obj/{obj_xref.c → obj_xref.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_all.c → pem_all.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pk8.c → pem_pk8.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pkey.c → pem_pkey.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_x509.c → pem_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_xaux.c → pem_xaux.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rc4/{rc4.c → rc4.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/{rsa_print.c → rsa_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/{thread.c → thread.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{by_file.c → by_file.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{i2d_pr.c → i2d_pr.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{name_print.c → name_print.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_crl.c → t_crl.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_req.c → t_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509.c → t_x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509a.c → t_x509a.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akeya.c → v3_akeya.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509.c → x509.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_cmp.c → x509_cmp.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_d2.c → x509_d2.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_def.c → x509_def.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_ext.c → x509_ext.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_obj.c → x509_obj.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_req.c → x509_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_set.c → x509_set.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_trs.c → x509_trs.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_txt.c → x509_txt.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509cset.c → x509cset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509name.c → x509name.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x509rset.c → x509rset.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_algor.c → x_algor.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_attrib.c → x_attrib.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_exten.c → x_exten.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_req.c → x_req.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_sig.c → x_sig.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_spki.c → x_spki.cc} +0 -0
- /data/third_party/boringssl-with-bazel/src/crypto/x509/{x_val.c → x_val.cc} +0 -0
|
@@ -179,7 +179,6 @@ enum ssl_client_hs_state_t {
|
|
|
179
179
|
state_start_connect = 0,
|
|
180
180
|
state_enter_early_data,
|
|
181
181
|
state_early_reverify_server_certificate,
|
|
182
|
-
state_read_hello_verify_request,
|
|
183
182
|
state_read_server_hello,
|
|
184
183
|
state_tls13,
|
|
185
184
|
state_read_server_certificate,
|
|
@@ -327,9 +326,9 @@ bool ssl_write_client_hello_without_extensions(const SSL_HANDSHAKE *hs,
|
|
|
327
326
|
}
|
|
328
327
|
|
|
329
328
|
// Do not send a session ID on renegotiation.
|
|
330
|
-
if (!ssl->s3->initial_handshake_complete &&
|
|
331
|
-
!empty_session_id &&
|
|
332
|
-
!CBB_add_bytes(&child, hs->session_id, hs->
|
|
329
|
+
if (!ssl->s3->initial_handshake_complete && //
|
|
330
|
+
!empty_session_id && //
|
|
331
|
+
!CBB_add_bytes(&child, hs->session_id.data(), hs->session_id.size())) {
|
|
333
332
|
return false;
|
|
334
333
|
}
|
|
335
334
|
|
|
@@ -408,8 +407,8 @@ static bool parse_server_version(const SSL_HANDSHAKE *hs, uint16_t *out_version,
|
|
|
408
407
|
return true;
|
|
409
408
|
}
|
|
410
409
|
|
|
411
|
-
if (!CBS_get_u16(&supported_versions.data, out_version) ||
|
|
412
|
-
|
|
410
|
+
if (!CBS_get_u16(&supported_versions.data, out_version) || //
|
|
411
|
+
CBS_len(&supported_versions.data) != 0) {
|
|
413
412
|
*out_alert = SSL_AD_DECODE_ERROR;
|
|
414
413
|
return false;
|
|
415
414
|
}
|
|
@@ -427,9 +426,11 @@ static ssl_early_data_reason_t should_offer_early_data(
|
|
|
427
426
|
return ssl_early_data_disabled;
|
|
428
427
|
}
|
|
429
428
|
|
|
430
|
-
if (hs->max_version < TLS1_3_VERSION) {
|
|
429
|
+
if (hs->max_version < TLS1_3_VERSION || SSL_is_dtls(ssl)) {
|
|
431
430
|
// We discard inapplicable sessions, so this is redundant with the session
|
|
432
431
|
// checks below, but reporting that TLS 1.3 was disabled is more useful.
|
|
432
|
+
//
|
|
433
|
+
// TODO(crbug.com/381113363): Support early data in DTLS 1.3.
|
|
433
434
|
return ssl_early_data_protocol_version;
|
|
434
435
|
}
|
|
435
436
|
|
|
@@ -502,7 +503,9 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
502
503
|
|
|
503
504
|
// If the configured session has expired or is not usable, drop it. We also do
|
|
504
505
|
// not offer sessions on renegotiation.
|
|
506
|
+
SSLSessionType session_type = SSLSessionType::kNotResumable;
|
|
505
507
|
if (ssl->session != nullptr) {
|
|
508
|
+
session_type = ssl_session_get_type(ssl->session.get());
|
|
506
509
|
if (ssl->session->is_server ||
|
|
507
510
|
!ssl_supports_version(hs, ssl->session->ssl_version) ||
|
|
508
511
|
// Do not offer TLS 1.2 sessions with ECH. ClientHelloInner does not
|
|
@@ -510,11 +513,15 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
510
513
|
// identity.
|
|
511
514
|
(hs->selected_ech_config &&
|
|
512
515
|
ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION) ||
|
|
513
|
-
|
|
516
|
+
session_type == SSLSessionType::kNotResumable ||
|
|
517
|
+
// Don't offer TLS 1.2 tickets if disabled.
|
|
518
|
+
(session_type == SSLSessionType::kTicket &&
|
|
519
|
+
(SSL_get_options(ssl) & SSL_OP_NO_TICKET)) ||
|
|
514
520
|
!ssl_session_is_time_valid(ssl, ssl->session.get()) ||
|
|
515
|
-
(ssl
|
|
521
|
+
SSL_is_quic(ssl) != int{ssl->session->is_quic} ||
|
|
516
522
|
ssl->s3->initial_handshake_complete) {
|
|
517
523
|
ssl_set_session(ssl, nullptr);
|
|
524
|
+
session_type = SSLSessionType::kNotResumable;
|
|
518
525
|
}
|
|
519
526
|
}
|
|
520
527
|
|
|
@@ -526,27 +533,17 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
526
533
|
return ssl_hs_error;
|
|
527
534
|
}
|
|
528
535
|
|
|
529
|
-
const bool has_id_session = ssl->session != nullptr &&
|
|
530
|
-
ssl->session->session_id_length > 0 &&
|
|
531
|
-
ssl->session->ticket.empty();
|
|
532
|
-
const bool has_ticket_session =
|
|
533
|
-
ssl->session != nullptr && !ssl->session->ticket.empty();
|
|
534
|
-
// TLS 1.2 session tickets require a placeholder value to signal resumption.
|
|
535
|
-
const bool ticket_session_requires_random_id =
|
|
536
|
-
has_ticket_session &&
|
|
537
|
-
ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION;
|
|
538
536
|
// Compatibility mode sends a random session ID. Compatibility mode is
|
|
539
537
|
// enabled for TLS 1.3, but not when it's run over QUIC or DTLS.
|
|
540
538
|
const bool enable_compatibility_mode = hs->max_version >= TLS1_3_VERSION &&
|
|
541
|
-
ssl
|
|
542
|
-
|
|
543
|
-
|
|
544
|
-
|
|
545
|
-
|
|
546
|
-
|
|
547
|
-
|
|
548
|
-
hs->
|
|
549
|
-
if (!RAND_bytes(hs->session_id, hs->session_id_len)) {
|
|
539
|
+
!SSL_is_quic(ssl) && !SSL_is_dtls(ssl);
|
|
540
|
+
if (session_type == SSLSessionType::kID) {
|
|
541
|
+
hs->session_id = ssl->session->session_id;
|
|
542
|
+
} else if (session_type == SSLSessionType::kTicket ||
|
|
543
|
+
enable_compatibility_mode) {
|
|
544
|
+
// TLS 1.2 session tickets require a placeholder value to signal resumption.
|
|
545
|
+
hs->session_id.ResizeForOverwrite(SSL_MAX_SSL_SESSION_ID_LENGTH);
|
|
546
|
+
if (!RAND_bytes(hs->session_id.data(), hs->session_id.size())) {
|
|
550
547
|
return ssl_hs_error;
|
|
551
548
|
}
|
|
552
549
|
}
|
|
@@ -571,39 +568,29 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
571
568
|
|
|
572
569
|
static enum ssl_hs_wait_t do_enter_early_data(SSL_HANDSHAKE *hs) {
|
|
573
570
|
SSL *const ssl = hs->ssl;
|
|
574
|
-
|
|
575
|
-
if (SSL_is_dtls(ssl)) {
|
|
576
|
-
hs->state = state_read_hello_verify_request;
|
|
577
|
-
return ssl_hs_ok;
|
|
578
|
-
}
|
|
579
|
-
|
|
580
571
|
if (!hs->early_data_offered) {
|
|
581
572
|
hs->state = state_read_server_hello;
|
|
582
573
|
return ssl_hs_ok;
|
|
583
574
|
}
|
|
584
575
|
|
|
585
|
-
|
|
586
|
-
|
|
587
|
-
|
|
588
|
-
|
|
589
|
-
|
|
590
|
-
if (!tls13_init_early_key_schedule(hs, ssl->session.get()) ||
|
|
591
|
-
!tls13_derive_early_secret(hs)) {
|
|
592
|
-
return ssl_hs_error;
|
|
593
|
-
}
|
|
594
|
-
|
|
595
|
-
// Stash the early data session, so connection properties may be queried out
|
|
596
|
-
// of it.
|
|
576
|
+
// Stash the early data session and activate the early version. This must
|
|
577
|
+
// happen before |do_early_reverify_server_certificate|, so early connection
|
|
578
|
+
// properties are available to the callback. Note the early version may be
|
|
579
|
+
// overwritten later by the final version.
|
|
597
580
|
hs->early_session = UpRef(ssl->session);
|
|
581
|
+
ssl->s3->version = hs->early_session->ssl_version;
|
|
582
|
+
hs->is_early_version = true;
|
|
598
583
|
hs->state = state_early_reverify_server_certificate;
|
|
599
584
|
return ssl_hs_ok;
|
|
600
585
|
}
|
|
601
586
|
|
|
602
|
-
static enum ssl_hs_wait_t do_early_reverify_server_certificate(
|
|
603
|
-
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
//
|
|
587
|
+
static enum ssl_hs_wait_t do_early_reverify_server_certificate(
|
|
588
|
+
SSL_HANDSHAKE *hs) {
|
|
589
|
+
SSL *const ssl = hs->ssl;
|
|
590
|
+
if (ssl->ctx->reverify_on_resume) {
|
|
591
|
+
// Don't send an alert on error. The alert would be in the clear, which the
|
|
592
|
+
// server is not expecting anyway. Alerts in between ClientHello and
|
|
593
|
+
// ServerHello cannot usefully be delivered in TLS 1.3.
|
|
607
594
|
//
|
|
608
595
|
// TODO(davidben): The client behavior should be to verify the certificate
|
|
609
596
|
// before deciding whether to offer the session and, if invalid, decline to
|
|
@@ -619,11 +606,17 @@ static enum ssl_hs_wait_t do_early_reverify_server_certificate(SSL_HANDSHAKE *hs
|
|
|
619
606
|
}
|
|
620
607
|
}
|
|
621
608
|
|
|
609
|
+
if (!ssl->method->add_change_cipher_spec(ssl)) {
|
|
610
|
+
return ssl_hs_error;
|
|
611
|
+
}
|
|
612
|
+
|
|
622
613
|
// Defer releasing the 0-RTT key to after certificate reverification, so the
|
|
623
614
|
// QUIC implementation does not accidentally write data too early.
|
|
624
|
-
if (!
|
|
615
|
+
if (!tls13_init_early_key_schedule(hs, hs->early_session.get()) ||
|
|
616
|
+
!tls13_derive_early_secret(hs) ||
|
|
617
|
+
!tls13_set_traffic_key(hs->ssl, ssl_encryption_early_data, evp_aead_seal,
|
|
625
618
|
hs->early_session.get(),
|
|
626
|
-
hs->early_traffic_secret
|
|
619
|
+
hs->early_traffic_secret)) {
|
|
627
620
|
return ssl_hs_error;
|
|
628
621
|
}
|
|
629
622
|
|
|
@@ -633,26 +626,12 @@ static enum ssl_hs_wait_t do_early_reverify_server_certificate(SSL_HANDSHAKE *hs
|
|
|
633
626
|
return ssl_hs_early_return;
|
|
634
627
|
}
|
|
635
628
|
|
|
636
|
-
static
|
|
629
|
+
static bool handle_hello_verify_request(SSL_HANDSHAKE *hs,
|
|
630
|
+
const SSLMessage &msg) {
|
|
637
631
|
SSL *const ssl = hs->ssl;
|
|
638
|
-
|
|
639
632
|
assert(SSL_is_dtls(ssl));
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
if (!ssl->method->get_message(ssl, &msg)) {
|
|
643
|
-
return ssl_hs_read_message;
|
|
644
|
-
}
|
|
645
|
-
|
|
646
|
-
if (msg.type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
|
|
647
|
-
hs->state = state_read_server_hello;
|
|
648
|
-
return ssl_hs_ok;
|
|
649
|
-
}
|
|
650
|
-
|
|
651
|
-
// TODO(crbug.com/boringssl/715): At the point when we read an HVR, we don't
|
|
652
|
-
// know whether the connection is DTLS 1.2 (or earlier) or DTLS 1.3 - that's
|
|
653
|
-
// determined when we read the supported_versions in the ServerHello. If we
|
|
654
|
-
// receive HVR and then the ServerHello selects DTLS 1.3, that is an error and
|
|
655
|
-
// we should close the connection.
|
|
633
|
+
assert(msg.type == DTLS1_MT_HELLO_VERIFY_REQUEST);
|
|
634
|
+
assert(!hs->received_hello_verify_request);
|
|
656
635
|
|
|
657
636
|
CBS hello_verify_request = msg.body, cookie;
|
|
658
637
|
uint16_t server_version;
|
|
@@ -661,27 +640,23 @@ static enum ssl_hs_wait_t do_read_hello_verify_request(SSL_HANDSHAKE *hs) {
|
|
|
661
640
|
CBS_len(&hello_verify_request) != 0) {
|
|
662
641
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
|
663
642
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
|
664
|
-
return
|
|
643
|
+
return false;
|
|
665
644
|
}
|
|
666
645
|
|
|
667
646
|
if (!hs->dtls_cookie.CopyFrom(cookie)) {
|
|
668
647
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
|
|
669
|
-
return
|
|
648
|
+
return false;
|
|
670
649
|
}
|
|
650
|
+
hs->received_hello_verify_request = true;
|
|
671
651
|
|
|
672
652
|
ssl->method->next_message(ssl);
|
|
673
653
|
|
|
674
654
|
// DTLS resets the handshake buffer after HelloVerifyRequest.
|
|
675
655
|
if (!hs->transcript.Init()) {
|
|
676
|
-
return
|
|
677
|
-
}
|
|
678
|
-
|
|
679
|
-
if (!ssl_add_client_hello(hs)) {
|
|
680
|
-
return ssl_hs_error;
|
|
656
|
+
return false;
|
|
681
657
|
}
|
|
682
658
|
|
|
683
|
-
hs
|
|
684
|
-
return ssl_hs_flush;
|
|
659
|
+
return ssl_add_client_hello(hs);
|
|
685
660
|
}
|
|
686
661
|
|
|
687
662
|
bool ssl_parse_server_hello(ParsedServerHello *out, uint8_t *out_alert,
|
|
@@ -723,6 +698,16 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
723
698
|
return ssl_hs_read_server_hello;
|
|
724
699
|
}
|
|
725
700
|
|
|
701
|
+
if (SSL_is_dtls(ssl) && !hs->received_hello_verify_request &&
|
|
702
|
+
msg.type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
|
|
703
|
+
if (!handle_hello_verify_request(hs, msg)) {
|
|
704
|
+
return ssl_hs_error;
|
|
705
|
+
}
|
|
706
|
+
hs->received_hello_verify_request = true;
|
|
707
|
+
hs->state = state_read_server_hello;
|
|
708
|
+
return ssl_hs_flush;
|
|
709
|
+
}
|
|
710
|
+
|
|
726
711
|
ParsedServerHello server_hello;
|
|
727
712
|
uint16_t server_version;
|
|
728
713
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
@@ -738,53 +723,68 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
738
723
|
return ssl_hs_error;
|
|
739
724
|
}
|
|
740
725
|
|
|
741
|
-
|
|
742
|
-
|
|
743
|
-
|
|
744
|
-
|
|
745
|
-
|
|
746
|
-
|
|
747
|
-
|
|
748
|
-
|
|
749
|
-
|
|
750
|
-
assert(ssl->s3->have_version == ssl->s3->initial_handshake_complete);
|
|
751
|
-
if (!ssl->s3->have_version) {
|
|
752
|
-
ssl->version = server_version;
|
|
753
|
-
// At this point, the connection's version is known and ssl->version is
|
|
754
|
-
// fixed. Begin enforcing the record-layer version.
|
|
755
|
-
ssl->s3->have_version = true;
|
|
756
|
-
ssl->s3->aead_write_ctx->SetVersionIfNullCipher(ssl->version);
|
|
757
|
-
} else if (server_version != ssl->version) {
|
|
726
|
+
if (!ssl->s3->initial_handshake_complete) {
|
|
727
|
+
// |ssl->s3->version| may be set due to 0-RTT. If it was to a different
|
|
728
|
+
// value, the check below will fire.
|
|
729
|
+
assert(ssl->s3->version == 0 ||
|
|
730
|
+
(hs->is_early_version &&
|
|
731
|
+
ssl->s3->version == hs->early_session->ssl_version));
|
|
732
|
+
ssl->s3->version = server_version;
|
|
733
|
+
hs->is_early_version = false;
|
|
734
|
+
} else if (server_version != ssl->s3->version) {
|
|
758
735
|
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_SSL_VERSION);
|
|
759
736
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
|
|
760
737
|
return ssl_hs_error;
|
|
761
738
|
}
|
|
762
739
|
|
|
763
|
-
|
|
764
|
-
|
|
765
|
-
|
|
766
|
-
|
|
767
|
-
|
|
768
|
-
|
|
769
|
-
|
|
770
|
-
|
|
771
|
-
|
|
772
|
-
|
|
773
|
-
|
|
774
|
-
|
|
775
|
-
|
|
776
|
-
|
|
740
|
+
// If the version did not match, stop sending 0-RTT data.
|
|
741
|
+
if (hs->early_data_offered &&
|
|
742
|
+
ssl->s3->version != hs->early_session->ssl_version) {
|
|
743
|
+
// This is currently only possible by reading a TLS 1.2 (or earlier)
|
|
744
|
+
// ServerHello in response to TLS 1.3. If there is ever a TLS 1.4, or
|
|
745
|
+
// another variant of TLS 1.3, the fatal error below will need to be a clean
|
|
746
|
+
// 0-RTT reject.
|
|
747
|
+
assert(ssl_protocol_version(ssl) < TLS1_3_VERSION);
|
|
748
|
+
assert(ssl_session_protocol_version(hs->early_session.get()) >=
|
|
749
|
+
TLS1_3_VERSION);
|
|
750
|
+
|
|
751
|
+
// A TLS 1.2 server would not know to skip the early data we offered, so
|
|
752
|
+
// there is no point in continuing the handshake. Report an error code as
|
|
753
|
+
// soon as we detect this. The caller may use this error code to implement
|
|
754
|
+
// the fallback described in RFC 8446 appendix D.3.
|
|
755
|
+
//
|
|
777
756
|
// Disconnect early writes. This ensures subsequent |SSL_write| calls query
|
|
778
757
|
// the handshake which, in turn, will replay the error code rather than fail
|
|
779
758
|
// at the |write_shutdown| check. See https://crbug.com/1078515.
|
|
780
759
|
// TODO(davidben): Should all handshake errors do this? What about record
|
|
781
760
|
// decryption failures?
|
|
761
|
+
//
|
|
762
|
+
// TODO(crbug.com/381113363): Although missing from the spec, a DTLS 1.2
|
|
763
|
+
// server will already naturally skip 0-RTT data. If we implement DTLS 1.3
|
|
764
|
+
// 0-RTT, we may want a clean reject.
|
|
765
|
+
assert(!SSL_is_dtls(ssl));
|
|
782
766
|
hs->can_early_write = false;
|
|
783
767
|
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_ON_EARLY_DATA);
|
|
784
768
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
|
|
785
769
|
return ssl_hs_error;
|
|
786
770
|
}
|
|
787
771
|
|
|
772
|
+
if (ssl_protocol_version(ssl) >= TLS1_3_VERSION) {
|
|
773
|
+
if (hs->received_hello_verify_request) {
|
|
774
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_MESSAGE);
|
|
775
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION);
|
|
776
|
+
return ssl_hs_error;
|
|
777
|
+
}
|
|
778
|
+
|
|
779
|
+
hs->state = state_tls13;
|
|
780
|
+
return ssl_hs_ok;
|
|
781
|
+
}
|
|
782
|
+
|
|
783
|
+
// Clear some TLS 1.3 state that no longer needs to be retained.
|
|
784
|
+
hs->key_shares[0].reset();
|
|
785
|
+
hs->key_shares[1].reset();
|
|
786
|
+
ssl_done_writing_client_hello(hs);
|
|
787
|
+
|
|
788
788
|
// TLS 1.2 handshakes cannot accept ECH.
|
|
789
789
|
if (hs->selected_ech_config) {
|
|
790
790
|
ssl->s3->ech_status = ssl_ech_rejected;
|
|
@@ -796,7 +796,7 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
796
796
|
|
|
797
797
|
// Enforce the TLS 1.3 anti-downgrade feature.
|
|
798
798
|
if (!ssl->s3->initial_handshake_complete &&
|
|
799
|
-
|
|
799
|
+
hs->max_version >= TLS1_3_VERSION) {
|
|
800
800
|
static_assert(
|
|
801
801
|
sizeof(kTLS12DowngradeRandom) == sizeof(kTLS13DowngradeRandom),
|
|
802
802
|
"downgrade signals have different size");
|
|
@@ -818,11 +818,11 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
818
818
|
const SSL_CIPHER *cipher = SSL_get_cipher_by_value(server_hello.cipher_suite);
|
|
819
819
|
uint32_t mask_a, mask_k;
|
|
820
820
|
ssl_get_client_disabled(hs, &mask_a, &mask_k);
|
|
821
|
-
if (cipher == nullptr ||
|
|
822
|
-
(cipher->algorithm_mkey & mask_k) ||
|
|
823
|
-
(cipher->algorithm_auth & mask_a) ||
|
|
824
|
-
SSL_CIPHER_get_min_version(cipher) > ssl_protocol_version(ssl) ||
|
|
825
|
-
SSL_CIPHER_get_max_version(cipher) < ssl_protocol_version(ssl) ||
|
|
821
|
+
if (cipher == nullptr || //
|
|
822
|
+
(cipher->algorithm_mkey & mask_k) || //
|
|
823
|
+
(cipher->algorithm_auth & mask_a) || //
|
|
824
|
+
SSL_CIPHER_get_min_version(cipher) > ssl_protocol_version(ssl) || //
|
|
825
|
+
SSL_CIPHER_get_max_version(cipher) < ssl_protocol_version(ssl) || //
|
|
826
826
|
!sk_SSL_CIPHER_find(SSL_get_ciphers(ssl), nullptr, cipher)) {
|
|
827
827
|
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CIPHER_RETURNED);
|
|
828
828
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
@@ -831,9 +831,8 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
831
831
|
|
|
832
832
|
hs->new_cipher = cipher;
|
|
833
833
|
|
|
834
|
-
if (hs->
|
|
835
|
-
|
|
836
|
-
hs->session_id_len)) {
|
|
834
|
+
if (!hs->session_id.empty() &&
|
|
835
|
+
Span<const uint8_t>(server_hello.session_id) == hs->session_id) {
|
|
837
836
|
// Echoing the ClientHello session ID in TLS 1.2, whether from the session
|
|
838
837
|
// or a synthetic one, indicates resumption. If there was no session (or if
|
|
839
838
|
// the session was only offered in ECH ClientHelloInner), this was the
|
|
@@ -846,7 +845,7 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
846
845
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
847
846
|
return ssl_hs_error;
|
|
848
847
|
}
|
|
849
|
-
if (ssl->session->ssl_version != ssl->version) {
|
|
848
|
+
if (ssl->session->ssl_version != ssl->s3->version) {
|
|
850
849
|
OPENSSL_PUT_ERROR(SSL, SSL_R_OLD_SESSION_VERSION_NOT_RETURNED);
|
|
851
850
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
852
851
|
return ssl_hs_error;
|
|
@@ -875,16 +874,9 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
875
874
|
}
|
|
876
875
|
|
|
877
876
|
// Save the session ID from the server. This may be empty if the session
|
|
878
|
-
// isn't resumable, or if we'll receive a session ticket later.
|
|
879
|
-
|
|
880
|
-
|
|
881
|
-
"max session ID is too large");
|
|
882
|
-
hs->new_session->session_id_length =
|
|
883
|
-
static_cast<uint8_t>(CBS_len(&server_hello.session_id));
|
|
884
|
-
OPENSSL_memcpy(hs->new_session->session_id,
|
|
885
|
-
CBS_data(&server_hello.session_id),
|
|
886
|
-
CBS_len(&server_hello.session_id));
|
|
887
|
-
|
|
877
|
+
// isn't resumable, or if we'll receive a session ticket later. The
|
|
878
|
+
// ServerHello parser ensures |server_hello.session_id| is within bounds.
|
|
879
|
+
hs->new_session->session_id.CopyFrom(server_hello.session_id);
|
|
888
880
|
hs->new_session->cipher = hs->new_cipher;
|
|
889
881
|
}
|
|
890
882
|
|
|
@@ -1026,10 +1018,10 @@ static enum ssl_hs_wait_t do_read_certificate_status(SSL_HANDSHAKE *hs) {
|
|
|
1026
1018
|
|
|
1027
1019
|
CBS certificate_status = msg.body, ocsp_response;
|
|
1028
1020
|
uint8_t status_type;
|
|
1029
|
-
if (!CBS_get_u8(&certificate_status, &status_type) ||
|
|
1030
|
-
status_type != TLSEXT_STATUSTYPE_ocsp ||
|
|
1031
|
-
!CBS_get_u24_length_prefixed(&certificate_status, &ocsp_response) ||
|
|
1032
|
-
CBS_len(&ocsp_response) == 0 ||
|
|
1021
|
+
if (!CBS_get_u8(&certificate_status, &status_type) || //
|
|
1022
|
+
status_type != TLSEXT_STATUSTYPE_ocsp || //
|
|
1023
|
+
!CBS_get_u24_length_prefixed(&certificate_status, &ocsp_response) || //
|
|
1024
|
+
CBS_len(&ocsp_response) == 0 || //
|
|
1033
1025
|
CBS_len(&certificate_status) != 0) {
|
|
1034
1026
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
|
|
1035
1027
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
|
@@ -1312,7 +1304,7 @@ static enum ssl_hs_wait_t do_read_certificate_request(SSL_HANDSHAKE *hs) {
|
|
|
1312
1304
|
|
|
1313
1305
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
1314
1306
|
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names =
|
|
1315
|
-
|
|
1307
|
+
SSL_parse_CA_list(ssl, &alert, &body);
|
|
1316
1308
|
if (!ca_names) {
|
|
1317
1309
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
1318
1310
|
return ssl_hs_error;
|
|
@@ -1539,16 +1531,15 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1539
1531
|
|
|
1540
1532
|
// Depending on the key exchange method, compute |pms|.
|
|
1541
1533
|
if (alg_k & SSL_kRSA) {
|
|
1542
|
-
if (!pms.Init(SSL_MAX_MASTER_KEY_LENGTH)) {
|
|
1543
|
-
return ssl_hs_error;
|
|
1544
|
-
}
|
|
1545
|
-
|
|
1546
1534
|
RSA *rsa = EVP_PKEY_get0_RSA(hs->peer_pubkey.get());
|
|
1547
1535
|
if (rsa == NULL) {
|
|
1548
1536
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
1549
1537
|
return ssl_hs_error;
|
|
1550
1538
|
}
|
|
1551
1539
|
|
|
1540
|
+
if (!pms.InitForOverwrite(SSL_MAX_MASTER_KEY_LENGTH)) {
|
|
1541
|
+
return ssl_hs_error;
|
|
1542
|
+
}
|
|
1552
1543
|
pms[0] = hs->client_version >> 8;
|
|
1553
1544
|
pms[1] = hs->client_version & 0xff;
|
|
1554
1545
|
if (!RAND_bytes(&pms[2], SSL_MAX_MASTER_KEY_LENGTH - 2)) {
|
|
@@ -1558,11 +1549,11 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1558
1549
|
CBB enc_pms;
|
|
1559
1550
|
uint8_t *ptr;
|
|
1560
1551
|
size_t enc_pms_len;
|
|
1561
|
-
if (!CBB_add_u16_length_prefixed(&body, &enc_pms) ||
|
|
1562
|
-
!CBB_reserve(&enc_pms, &ptr, RSA_size(rsa)) ||
|
|
1552
|
+
if (!CBB_add_u16_length_prefixed(&body, &enc_pms) || //
|
|
1553
|
+
!CBB_reserve(&enc_pms, &ptr, RSA_size(rsa)) || //
|
|
1563
1554
|
!RSA_encrypt(rsa, &enc_pms_len, ptr, RSA_size(rsa), pms.data(),
|
|
1564
|
-
pms.size(), RSA_PKCS1_PADDING) ||
|
|
1565
|
-
!CBB_did_write(&enc_pms, enc_pms_len) ||
|
|
1555
|
+
pms.size(), RSA_PKCS1_PADDING) || //
|
|
1556
|
+
!CBB_did_write(&enc_pms, enc_pms_len) || //
|
|
1566
1557
|
!CBB_flush(&body)) {
|
|
1567
1558
|
return ssl_hs_error;
|
|
1568
1559
|
}
|
|
@@ -1592,7 +1583,6 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1592
1583
|
if (!pms.Init(psk_len)) {
|
|
1593
1584
|
return ssl_hs_error;
|
|
1594
1585
|
}
|
|
1595
|
-
OPENSSL_memset(pms.data(), 0, pms.size());
|
|
1596
1586
|
} else {
|
|
1597
1587
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
|
|
1598
1588
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
@@ -1620,13 +1610,13 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1620
1610
|
return ssl_hs_error;
|
|
1621
1611
|
}
|
|
1622
1612
|
|
|
1623
|
-
hs->new_session->
|
|
1624
|
-
|
|
1625
|
-
|
|
1613
|
+
hs->new_session->secret.ResizeForOverwrite(SSL3_MASTER_SECRET_SIZE);
|
|
1614
|
+
if (!tls1_generate_master_secret(hs, MakeSpan(hs->new_session->secret),
|
|
1615
|
+
pms)) {
|
|
1626
1616
|
return ssl_hs_error;
|
|
1627
1617
|
}
|
|
1628
|
-
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
1629
1618
|
|
|
1619
|
+
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
1630
1620
|
hs->state = state_send_client_certificate_verify;
|
|
1631
1621
|
return ssl_hs_ok;
|
|
1632
1622
|
}
|
|
@@ -1676,7 +1666,7 @@ static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL_HANDSHAKE *hs) {
|
|
|
1676
1666
|
return ssl_hs_private_key_operation;
|
|
1677
1667
|
}
|
|
1678
1668
|
|
|
1679
|
-
if (!CBB_did_write(&child, sig_len) ||
|
|
1669
|
+
if (!CBB_did_write(&child, sig_len) || //
|
|
1680
1670
|
!ssl_add_message_cbb(ssl, cbb.get())) {
|
|
1681
1671
|
return ssl_hs_error;
|
|
1682
1672
|
}
|
|
@@ -1746,9 +1736,9 @@ static bool can_false_start(const SSL_HANDSHAKE *hs) {
|
|
|
1746
1736
|
// TLS 1.2 and TLS 1.3, but there are too many TLS 1.2 deployments to
|
|
1747
1737
|
// sacrifice False Start on them. Instead, we rely on the ServerHello.random
|
|
1748
1738
|
// downgrade signal, which we unconditionally enforce.
|
|
1749
|
-
if (SSL_is_dtls(ssl) ||
|
|
1750
|
-
SSL_version(ssl) != TLS1_2_VERSION ||
|
|
1751
|
-
hs->new_cipher->algorithm_mkey != SSL_kECDHE ||
|
|
1739
|
+
if (SSL_is_dtls(ssl) || //
|
|
1740
|
+
SSL_version(ssl) != TLS1_2_VERSION || //
|
|
1741
|
+
hs->new_cipher->algorithm_mkey != SSL_kECDHE || //
|
|
1752
1742
|
hs->new_cipher->algorithm_mac != SSL_AEAD) {
|
|
1753
1743
|
return false;
|
|
1754
1744
|
}
|
|
@@ -1861,8 +1851,9 @@ static enum ssl_hs_wait_t do_read_session_ticket(SSL_HANDSHAKE *hs) {
|
|
|
1861
1851
|
|
|
1862
1852
|
// Historically, OpenSSL filled in fake session IDs for ticket-based sessions.
|
|
1863
1853
|
// TODO(davidben): Are external callers relying on this? Try removing this.
|
|
1864
|
-
|
|
1865
|
-
|
|
1854
|
+
hs->new_session->session_id.ResizeForOverwrite(SHA256_DIGEST_LENGTH);
|
|
1855
|
+
SHA256(CBS_data(&ticket), CBS_len(&ticket),
|
|
1856
|
+
hs->new_session->session_id.data());
|
|
1866
1857
|
|
|
1867
1858
|
ssl->method->next_message(ssl);
|
|
1868
1859
|
hs->state = state_process_change_cipher_spec;
|
|
@@ -1956,9 +1947,6 @@ enum ssl_hs_wait_t ssl_client_handshake(SSL_HANDSHAKE *hs) {
|
|
|
1956
1947
|
case state_early_reverify_server_certificate:
|
|
1957
1948
|
ret = do_early_reverify_server_certificate(hs);
|
|
1958
1949
|
break;
|
|
1959
|
-
case state_read_hello_verify_request:
|
|
1960
|
-
ret = do_read_hello_verify_request(hs);
|
|
1961
|
-
break;
|
|
1962
1950
|
case state_read_server_hello:
|
|
1963
1951
|
ret = do_read_server_hello(hs);
|
|
1964
1952
|
break;
|
|
@@ -2041,8 +2029,6 @@ const char *ssl_client_handshake_state(SSL_HANDSHAKE *hs) {
|
|
|
2041
2029
|
return "TLS client enter_early_data";
|
|
2042
2030
|
case state_early_reverify_server_certificate:
|
|
2043
2031
|
return "TLS client early_reverify_server_certificate";
|
|
2044
|
-
case state_read_hello_verify_request:
|
|
2045
|
-
return "TLS client read_hello_verify_request";
|
|
2046
2032
|
case state_read_server_hello:
|
|
2047
2033
|
return "TLS client read_server_hello";
|
|
2048
2034
|
case state_tls13:
|