grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -152,7 +152,6 @@
|
|
152
152
|
#include <string.h>
|
153
153
|
|
154
154
|
#include <openssl/buf.h>
|
155
|
-
#include <openssl/dh.h>
|
156
155
|
#include <openssl/digest.h>
|
157
156
|
#include <openssl/err.h>
|
158
157
|
#include <openssl/md5.h>
|
@@ -163,10 +162,18 @@
|
|
163
162
|
#include "internal.h"
|
164
163
|
|
165
164
|
|
165
|
+
namespace bssl {
|
166
|
+
|
166
167
|
int ssl3_new(SSL *ssl) {
|
167
|
-
|
168
|
+
UniquePtr<SSLAEADContext> aead_read_ctx =
|
169
|
+
SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
|
170
|
+
UniquePtr<SSLAEADContext> aead_write_ctx =
|
171
|
+
SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
|
172
|
+
if (!aead_read_ctx || !aead_write_ctx) {
|
173
|
+
return 0;
|
174
|
+
}
|
168
175
|
|
169
|
-
s3 = OPENSSL_malloc(sizeof *s3);
|
176
|
+
SSL3_STATE *s3 = (SSL3_STATE *)OPENSSL_malloc(sizeof *s3);
|
170
177
|
if (s3 == NULL) {
|
171
178
|
return 0;
|
172
179
|
}
|
@@ -178,13 +185,15 @@ int ssl3_new(SSL *ssl) {
|
|
178
185
|
return 0;
|
179
186
|
}
|
180
187
|
|
188
|
+
s3->aead_read_ctx = aead_read_ctx.release();
|
189
|
+
s3->aead_write_ctx = aead_write_ctx.release();
|
181
190
|
ssl->s3 = s3;
|
182
191
|
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
192
|
+
// Set the version to the highest supported version.
|
193
|
+
//
|
194
|
+
// TODO(davidben): Move this field into |s3|, have it store the normalized
|
195
|
+
// protocol version, and implement this pre-negotiation quirk in |SSL_version|
|
196
|
+
// at the API boundary rather than in internal state.
|
188
197
|
ssl->version = TLS1_2_VERSION;
|
189
198
|
return 1;
|
190
199
|
}
|
@@ -201,8 +210,9 @@ void ssl3_free(SSL *ssl) {
|
|
201
210
|
ssl_handshake_free(ssl->s3->hs);
|
202
211
|
OPENSSL_free(ssl->s3->next_proto_negotiated);
|
203
212
|
OPENSSL_free(ssl->s3->alpn_selected);
|
204
|
-
|
205
|
-
|
213
|
+
OPENSSL_free(ssl->s3->hostname);
|
214
|
+
Delete(ssl->s3->aead_read_ctx);
|
215
|
+
Delete(ssl->s3->aead_write_ctx);
|
206
216
|
BUF_MEM_free(ssl->s3->pending_flight);
|
207
217
|
|
208
218
|
OPENSSL_cleanse(ssl->s3, sizeof *ssl->s3);
|
@@ -218,3 +228,5 @@ const struct ssl_cipher_preference_list_st *ssl_get_cipher_preferences(
|
|
218
228
|
|
219
229
|
return ssl->ctx->cipher_list;
|
220
230
|
}
|
231
|
+
|
232
|
+
} // namespace bssl
|
@@ -122,14 +122,16 @@
|
|
122
122
|
#include "internal.h"
|
123
123
|
|
124
124
|
|
125
|
+
namespace bssl {
|
126
|
+
|
125
127
|
static int do_ssl3_write(SSL *ssl, int type, const uint8_t *buf, unsigned len);
|
126
128
|
|
127
|
-
|
128
|
-
|
129
|
-
|
129
|
+
// ssl3_get_record reads a new input record. On success, it places it in
|
130
|
+
// |ssl->s3->rrec| and returns one. Otherwise it returns <= 0 on error or if
|
131
|
+
// more data is needed.
|
130
132
|
static int ssl3_get_record(SSL *ssl) {
|
131
133
|
again:
|
132
|
-
switch (ssl->s3->
|
134
|
+
switch (ssl->s3->read_shutdown) {
|
133
135
|
case ssl_shutdown_none:
|
134
136
|
break;
|
135
137
|
case ssl_shutdown_fatal_alert:
|
@@ -139,12 +141,11 @@ again:
|
|
139
141
|
return 0;
|
140
142
|
}
|
141
143
|
|
142
|
-
|
144
|
+
Span<uint8_t> body;
|
143
145
|
uint8_t type, alert = SSL_AD_DECODE_ERROR;
|
144
146
|
size_t consumed;
|
145
|
-
enum ssl_open_record_t open_ret =
|
146
|
-
|
147
|
-
ssl_read_buffer(ssl), ssl_read_buffer_len(ssl));
|
147
|
+
enum ssl_open_record_t open_ret = tls_open_record(
|
148
|
+
ssl, &type, &body, &consumed, &alert, ssl_read_buffer(ssl));
|
148
149
|
if (open_ret != ssl_open_record_partial) {
|
149
150
|
ssl_read_buffer_consume(ssl, consumed);
|
150
151
|
}
|
@@ -157,17 +158,18 @@ again:
|
|
157
158
|
goto again;
|
158
159
|
}
|
159
160
|
|
160
|
-
case ssl_open_record_success:
|
161
|
-
if (
|
161
|
+
case ssl_open_record_success: {
|
162
|
+
if (body.size() > 0xffff) {
|
162
163
|
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
163
164
|
return -1;
|
164
165
|
}
|
165
166
|
|
166
167
|
SSL3_RECORD *rr = &ssl->s3->rrec;
|
167
168
|
rr->type = type;
|
168
|
-
rr->length =
|
169
|
-
rr->data = (
|
169
|
+
rr->length = static_cast<uint16_t>(body.size());
|
170
|
+
rr->data = body.data();
|
170
171
|
return 1;
|
172
|
+
}
|
171
173
|
|
172
174
|
case ssl_open_record_discard:
|
173
175
|
goto again;
|
@@ -175,11 +177,10 @@ again:
|
|
175
177
|
case ssl_open_record_close_notify:
|
176
178
|
return 0;
|
177
179
|
|
178
|
-
case ssl_open_record_fatal_alert:
|
179
|
-
return -1;
|
180
|
-
|
181
180
|
case ssl_open_record_error:
|
182
|
-
|
181
|
+
if (alert != 0) {
|
182
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
|
183
|
+
}
|
183
184
|
return -1;
|
184
185
|
}
|
185
186
|
|
@@ -188,8 +189,12 @@ again:
|
|
188
189
|
return -1;
|
189
190
|
}
|
190
191
|
|
191
|
-
int ssl3_write_app_data(SSL *ssl, const uint8_t *buf,
|
192
|
-
|
192
|
+
int ssl3_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
|
193
|
+
int len) {
|
194
|
+
assert(ssl_can_write(ssl));
|
195
|
+
assert(!ssl->s3->aead_write_ctx->is_null_cipher());
|
196
|
+
|
197
|
+
*out_needs_handshake = false;
|
193
198
|
|
194
199
|
unsigned tot, n, nw;
|
195
200
|
|
@@ -197,23 +202,36 @@ int ssl3_write_app_data(SSL *ssl, const uint8_t *buf, int len) {
|
|
197
202
|
tot = ssl->s3->wnum;
|
198
203
|
ssl->s3->wnum = 0;
|
199
204
|
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
205
|
+
// Ensure that if we end up with a smaller value of data to write out than
|
206
|
+
// the the original len from a write which didn't complete for non-blocking
|
207
|
+
// I/O and also somehow ended up avoiding the check for this in
|
208
|
+
// ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be possible to
|
209
|
+
// end up with (len-tot) as a large number that will then promptly send
|
210
|
+
// beyond the end of the users buffer ... so we trap and report the error in
|
211
|
+
// a way the user will notice.
|
207
212
|
if (len < 0 || (size_t)len < tot) {
|
208
213
|
OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_LENGTH);
|
209
214
|
return -1;
|
210
215
|
}
|
211
216
|
|
217
|
+
const int is_early_data_write =
|
218
|
+
!ssl->server && SSL_in_early_data(ssl) && ssl->s3->hs->can_early_write;
|
219
|
+
|
212
220
|
n = len - tot;
|
213
221
|
for (;;) {
|
214
|
-
|
215
|
-
* record. */
|
222
|
+
// max contains the maximum number of bytes that we can put into a record.
|
216
223
|
unsigned max = ssl->max_send_fragment;
|
224
|
+
if (is_early_data_write && max > ssl->session->ticket_max_early_data -
|
225
|
+
ssl->s3->hs->early_data_written) {
|
226
|
+
max = ssl->session->ticket_max_early_data - ssl->s3->hs->early_data_written;
|
227
|
+
if (max == 0) {
|
228
|
+
ssl->s3->wnum = tot;
|
229
|
+
ssl->s3->hs->can_early_write = false;
|
230
|
+
*out_needs_handshake = true;
|
231
|
+
return -1;
|
232
|
+
}
|
233
|
+
}
|
234
|
+
|
217
235
|
if (n > max) {
|
218
236
|
nw = max;
|
219
237
|
} else {
|
@@ -226,6 +244,10 @@ int ssl3_write_app_data(SSL *ssl, const uint8_t *buf, int len) {
|
|
226
244
|
return ret;
|
227
245
|
}
|
228
246
|
|
247
|
+
if (is_early_data_write) {
|
248
|
+
ssl->s3->hs->early_data_written += ret;
|
249
|
+
}
|
250
|
+
|
229
251
|
if (ret == (int)n || (ssl->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
|
230
252
|
return tot + ret;
|
231
253
|
}
|
@@ -249,24 +271,17 @@ static int ssl3_write_pending(SSL *ssl, int type, const uint8_t *buf,
|
|
249
271
|
if (ret <= 0) {
|
250
272
|
return ret;
|
251
273
|
}
|
274
|
+
ssl->s3->wpend_pending = false;
|
252
275
|
return ssl->s3->wpend_ret;
|
253
276
|
}
|
254
277
|
|
255
|
-
|
278
|
+
// do_ssl3_write writes an SSL record of the given type.
|
256
279
|
static int do_ssl3_write(SSL *ssl, int type, const uint8_t *buf, unsigned len) {
|
257
|
-
|
258
|
-
if (
|
280
|
+
// If there is still data from the previous record, flush it.
|
281
|
+
if (ssl->s3->wpend_pending) {
|
259
282
|
return ssl3_write_pending(ssl, type, buf, len);
|
260
283
|
}
|
261
284
|
|
262
|
-
/* The handshake flight buffer is mutually exclusive with application data.
|
263
|
-
*
|
264
|
-
* TODO(davidben): This will not be true when closure alerts use this. */
|
265
|
-
if (ssl->s3->pending_flight != NULL) {
|
266
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
267
|
-
return -1;
|
268
|
-
}
|
269
|
-
|
270
285
|
if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
|
271
286
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
272
287
|
return -1;
|
@@ -276,27 +291,57 @@ static int do_ssl3_write(SSL *ssl, int type, const uint8_t *buf, unsigned len) {
|
|
276
291
|
return 0;
|
277
292
|
}
|
278
293
|
|
294
|
+
size_t flight_len = 0;
|
295
|
+
if (ssl->s3->pending_flight != NULL) {
|
296
|
+
flight_len =
|
297
|
+
ssl->s3->pending_flight->length - ssl->s3->pending_flight_offset;
|
298
|
+
}
|
299
|
+
|
279
300
|
size_t max_out = len + SSL_max_seal_overhead(ssl);
|
280
|
-
if (max_out < len) {
|
301
|
+
if (max_out < len || max_out + flight_len < max_out) {
|
281
302
|
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
282
303
|
return -1;
|
283
304
|
}
|
305
|
+
max_out += flight_len;
|
306
|
+
|
284
307
|
uint8_t *out;
|
285
308
|
size_t ciphertext_len;
|
286
|
-
if (!ssl_write_buffer_init(ssl, &out, max_out)
|
287
|
-
|
309
|
+
if (!ssl_write_buffer_init(ssl, &out, max_out)) {
|
310
|
+
return -1;
|
311
|
+
}
|
312
|
+
|
313
|
+
// Add any unflushed handshake data as a prefix. This may be a KeyUpdate
|
314
|
+
// acknowledgment or 0-RTT key change messages. |pending_flight| must be clear
|
315
|
+
// when data is added to |write_buffer| or it will be written in the wrong
|
316
|
+
// order.
|
317
|
+
if (ssl->s3->pending_flight != NULL) {
|
318
|
+
OPENSSL_memcpy(
|
319
|
+
out, ssl->s3->pending_flight->data + ssl->s3->pending_flight_offset,
|
320
|
+
flight_len);
|
321
|
+
BUF_MEM_free(ssl->s3->pending_flight);
|
322
|
+
ssl->s3->pending_flight = NULL;
|
323
|
+
ssl->s3->pending_flight_offset = 0;
|
324
|
+
}
|
325
|
+
|
326
|
+
if (!tls_seal_record(ssl, out + flight_len, &ciphertext_len,
|
327
|
+
max_out - flight_len, type, buf, len)) {
|
288
328
|
return -1;
|
289
329
|
}
|
290
|
-
ssl_write_buffer_set_len(ssl, ciphertext_len);
|
330
|
+
ssl_write_buffer_set_len(ssl, flight_len + ciphertext_len);
|
331
|
+
|
332
|
+
// Now that we've made progress on the connection, uncork KeyUpdate
|
333
|
+
// acknowledgments.
|
334
|
+
ssl->s3->key_update_pending = false;
|
291
335
|
|
292
|
-
|
293
|
-
|
336
|
+
// Memorize arguments so that ssl3_write_pending can detect bad write retries
|
337
|
+
// later.
|
294
338
|
ssl->s3->wpend_tot = len;
|
295
339
|
ssl->s3->wpend_buf = buf;
|
296
340
|
ssl->s3->wpend_type = type;
|
297
341
|
ssl->s3->wpend_ret = len;
|
342
|
+
ssl->s3->wpend_pending = true;
|
298
343
|
|
299
|
-
|
344
|
+
// We now just need to write the buffer.
|
300
345
|
return ssl3_write_pending(ssl, type, buf, len);
|
301
346
|
}
|
302
347
|
|
@@ -316,27 +361,27 @@ static int consume_record(SSL *ssl, uint8_t *out, int len, int peek) {
|
|
316
361
|
rr->length -= len;
|
317
362
|
rr->data += len;
|
318
363
|
if (rr->length == 0) {
|
319
|
-
|
364
|
+
// The record has been consumed, so we may now clear the buffer.
|
320
365
|
ssl_read_buffer_discard(ssl);
|
321
366
|
}
|
322
367
|
}
|
323
368
|
return len;
|
324
369
|
}
|
325
370
|
|
326
|
-
int ssl3_read_app_data(SSL *ssl,
|
371
|
+
int ssl3_read_app_data(SSL *ssl, bool *out_got_handshake, uint8_t *buf, int len,
|
327
372
|
int peek) {
|
328
|
-
assert(
|
329
|
-
assert(ssl->s3->
|
330
|
-
*out_got_handshake =
|
373
|
+
assert(ssl_can_read(ssl));
|
374
|
+
assert(!ssl->s3->aead_read_ctx->is_null_cipher());
|
375
|
+
*out_got_handshake = false;
|
331
376
|
|
332
377
|
SSL3_RECORD *rr = &ssl->s3->rrec;
|
333
378
|
|
334
379
|
for (;;) {
|
335
|
-
|
336
|
-
|
380
|
+
// A previous iteration may have read a partial handshake message. Do not
|
381
|
+
// allow more app data in that case.
|
337
382
|
int has_hs_data = ssl->init_buf != NULL && ssl->init_buf->length > 0;
|
338
383
|
|
339
|
-
|
384
|
+
// Get new packet if necessary.
|
340
385
|
if (rr->length == 0 && !has_hs_data) {
|
341
386
|
int ret = ssl3_get_record(ssl);
|
342
387
|
if (ret <= 0) {
|
@@ -345,21 +390,49 @@ int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
|
|
345
390
|
}
|
346
391
|
|
347
392
|
if (has_hs_data || rr->type == SSL3_RT_HANDSHAKE) {
|
348
|
-
|
349
|
-
|
350
|
-
|
393
|
+
// If reading 0-RTT data, reject handshake data. 0-RTT data is terminated
|
394
|
+
// by an alert.
|
395
|
+
if (SSL_in_init(ssl)) {
|
396
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
|
397
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
398
|
+
return -1;
|
399
|
+
}
|
400
|
+
|
401
|
+
// Post-handshake data prior to TLS 1.3 is always renegotiation, which we
|
402
|
+
// never accept as a server. Otherwise |ssl3_get_message| will send
|
403
|
+
// |SSL_R_EXCESSIVE_MESSAGE_SIZE|.
|
351
404
|
if (ssl->server && ssl3_protocol_version(ssl) < TLS1_3_VERSION) {
|
352
405
|
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_NO_RENEGOTIATION);
|
353
406
|
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_RENEGOTIATION);
|
354
407
|
return -1;
|
355
408
|
}
|
356
409
|
|
357
|
-
|
358
|
-
int ret =
|
410
|
+
// Parse post-handshake handshake messages.
|
411
|
+
int ret = ssl3_read_message(ssl);
|
359
412
|
if (ret <= 0) {
|
360
413
|
return ret;
|
361
414
|
}
|
362
|
-
*out_got_handshake =
|
415
|
+
*out_got_handshake = true;
|
416
|
+
return -1;
|
417
|
+
}
|
418
|
+
|
419
|
+
const int is_early_data_read = ssl->server &&
|
420
|
+
ssl->s3->hs != NULL &&
|
421
|
+
ssl->s3->hs->can_early_read &&
|
422
|
+
ssl3_protocol_version(ssl) >= TLS1_3_VERSION;
|
423
|
+
|
424
|
+
// Handle the end_of_early_data alert.
|
425
|
+
if (rr->type == SSL3_RT_ALERT &&
|
426
|
+
rr->length == 2 &&
|
427
|
+
rr->data[0] == SSL3_AL_WARNING &&
|
428
|
+
rr->data[1] == TLS1_AD_END_OF_EARLY_DATA &&
|
429
|
+
is_early_data_read) {
|
430
|
+
// Consume the record.
|
431
|
+
rr->length = 0;
|
432
|
+
ssl_read_buffer_discard(ssl);
|
433
|
+
// Stop accepting early data.
|
434
|
+
ssl->s3->hs->can_early_read = false;
|
435
|
+
*out_got_handshake = true;
|
363
436
|
return -1;
|
364
437
|
}
|
365
438
|
|
@@ -369,11 +442,21 @@ int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
|
|
369
442
|
return -1;
|
370
443
|
}
|
371
444
|
|
445
|
+
if (is_early_data_read) {
|
446
|
+
if (rr->length > kMaxEarlyDataAccepted - ssl->s3->hs->early_data_read) {
|
447
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_TOO_MUCH_READ_EARLY_DATA);
|
448
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL3_AD_UNEXPECTED_MESSAGE);
|
449
|
+
return -1;
|
450
|
+
}
|
451
|
+
|
452
|
+
ssl->s3->hs->early_data_read += rr->length;
|
453
|
+
}
|
454
|
+
|
372
455
|
if (rr->length != 0) {
|
373
456
|
return consume_record(ssl, buf, len, peek);
|
374
457
|
}
|
375
458
|
|
376
|
-
|
459
|
+
// Discard empty records and loop again.
|
377
460
|
}
|
378
461
|
}
|
379
462
|
|
@@ -399,8 +482,8 @@ int ssl3_read_change_cipher_spec(SSL *ssl) {
|
|
399
482
|
return -1;
|
400
483
|
}
|
401
484
|
|
402
|
-
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_CHANGE_CIPHER_SPEC,
|
403
|
-
rr->length);
|
485
|
+
ssl_do_msg_callback(ssl, 0 /* read */, SSL3_RT_CHANGE_CIPHER_SPEC,
|
486
|
+
MakeSpan(rr->data, rr->length));
|
404
487
|
|
405
488
|
rr->length = 0;
|
406
489
|
ssl_read_buffer_discard(ssl);
|
@@ -408,7 +491,7 @@ int ssl3_read_change_cipher_spec(SSL *ssl) {
|
|
408
491
|
}
|
409
492
|
|
410
493
|
void ssl3_read_close_notify(SSL *ssl) {
|
411
|
-
|
494
|
+
// Read records until an error or close_notify.
|
412
495
|
while (ssl3_get_record(ssl) > 0) {
|
413
496
|
;
|
414
497
|
}
|
@@ -418,7 +501,7 @@ int ssl3_read_handshake_bytes(SSL *ssl, uint8_t *buf, int len) {
|
|
418
501
|
SSL3_RECORD *rr = &ssl->s3->rrec;
|
419
502
|
|
420
503
|
for (;;) {
|
421
|
-
|
504
|
+
// Get new packet if necessary.
|
422
505
|
if (rr->length == 0) {
|
423
506
|
int ret = ssl3_get_record(ssl);
|
424
507
|
if (ret <= 0) {
|
@@ -426,6 +509,17 @@ int ssl3_read_handshake_bytes(SSL *ssl, uint8_t *buf, int len) {
|
|
426
509
|
}
|
427
510
|
}
|
428
511
|
|
512
|
+
// WatchGuard's TLS 1.3 interference bug is very distinctive: they drop the
|
513
|
+
// ServerHello and send the remaining encrypted application data records
|
514
|
+
// as-is. This manifests as an application data record when we expect
|
515
|
+
// handshake. Report a dedicated error code for this case.
|
516
|
+
if (!ssl->server && rr->type == SSL3_RT_APPLICATION_DATA &&
|
517
|
+
ssl->s3->aead_read_ctx->is_null_cipher()) {
|
518
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_APPLICATION_DATA_INSTEAD_OF_HANDSHAKE);
|
519
|
+
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
520
|
+
return -1;
|
521
|
+
}
|
522
|
+
|
429
523
|
if (rr->type != SSL3_RT_HANDSHAKE) {
|
430
524
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_RECORD);
|
431
525
|
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
@@ -436,34 +530,35 @@ int ssl3_read_handshake_bytes(SSL *ssl, uint8_t *buf, int len) {
|
|
436
530
|
return consume_record(ssl, buf, len, 0 /* consume data */);
|
437
531
|
}
|
438
532
|
|
439
|
-
|
533
|
+
// Discard empty records and loop again.
|
440
534
|
}
|
441
535
|
}
|
442
536
|
|
443
537
|
int ssl3_send_alert(SSL *ssl, int level, int desc) {
|
444
|
-
|
445
|
-
if (ssl->s3->
|
538
|
+
// It is illegal to send an alert when we've already sent a closing one.
|
539
|
+
if (ssl->s3->write_shutdown != ssl_shutdown_none) {
|
446
540
|
OPENSSL_PUT_ERROR(SSL, SSL_R_PROTOCOL_IS_SHUTDOWN);
|
447
541
|
return -1;
|
448
542
|
}
|
449
543
|
|
450
544
|
if (level == SSL3_AL_WARNING && desc == SSL_AD_CLOSE_NOTIFY) {
|
451
|
-
ssl->s3->
|
545
|
+
ssl->s3->write_shutdown = ssl_shutdown_close_notify;
|
452
546
|
} else {
|
453
547
|
assert(level == SSL3_AL_FATAL);
|
454
|
-
|
548
|
+
assert(desc != SSL_AD_CLOSE_NOTIFY);
|
549
|
+
ssl->s3->write_shutdown = ssl_shutdown_fatal_alert;
|
455
550
|
}
|
456
551
|
|
457
552
|
ssl->s3->alert_dispatch = 1;
|
458
553
|
ssl->s3->send_alert[0] = level;
|
459
554
|
ssl->s3->send_alert[1] = desc;
|
460
555
|
if (!ssl_write_buffer_is_pending(ssl)) {
|
461
|
-
|
462
|
-
|
556
|
+
// Nothing is being written out, so the alert may be dispatched
|
557
|
+
// immediately.
|
463
558
|
return ssl->method->dispatch_alert(ssl);
|
464
559
|
}
|
465
560
|
|
466
|
-
|
561
|
+
// The alert will be dispatched later.
|
467
562
|
return -1;
|
468
563
|
}
|
469
564
|
|
@@ -474,16 +569,17 @@ int ssl3_dispatch_alert(SSL *ssl) {
|
|
474
569
|
}
|
475
570
|
ssl->s3->alert_dispatch = 0;
|
476
571
|
|
477
|
-
|
572
|
+
// If the alert is fatal, flush the BIO now.
|
478
573
|
if (ssl->s3->send_alert[0] == SSL3_AL_FATAL) {
|
479
574
|
BIO_flush(ssl->wbio);
|
480
575
|
}
|
481
576
|
|
482
|
-
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_ALERT, ssl->s3->send_alert
|
483
|
-
2);
|
577
|
+
ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_ALERT, ssl->s3->send_alert);
|
484
578
|
|
485
579
|
int alert = (ssl->s3->send_alert[0] << 8) | ssl->s3->send_alert[1];
|
486
580
|
ssl_do_info_callback(ssl, SSL_CB_WRITE_ALERT, alert);
|
487
581
|
|
488
582
|
return 1;
|
489
583
|
}
|
584
|
+
|
585
|
+
} // namespace bssl
|