grpc 1.9.1 → 1.10.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2654 -953
- data/etc/roots.pem +282 -683
- data/include/grpc/compression.h +9 -26
- data/include/grpc/grpc.h +10 -24
- data/include/grpc/grpc_security.h +7 -1
- data/include/grpc/impl/codegen/compression_types.h +5 -62
- data/include/grpc/impl/codegen/grpc_types.h +10 -6
- data/include/grpc/module.modulemap +1 -10
- data/include/grpc/support/alloc.h +3 -2
- data/include/grpc/support/log.h +1 -2
- data/{src/core/lib/gpr/thd_internal.h → include/grpc/support/thd_id.h} +23 -9
- data/src/boringssl/err_data.c +550 -496
- data/src/core/ext/census/grpc_context.cc +2 -1
- data/src/core/ext/filters/client_channel/backup_poller.cc +5 -4
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -7
- data/src/core/ext/filters/client_channel/client_channel.cc +162 -172
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +4 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +10 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +18 -14
- data/src/core/ext/filters/client_channel/http_proxy.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +21 -105
- data/src/core/ext/filters/client_channel/lb_policy.h +166 -170
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +41 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1452 -1459
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +7 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +27 -27
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +279 -304
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +358 -330
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +30 -41
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +7 -14
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +8 -21
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +23 -27
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +58 -33
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +25 -12
- data/src/core/ext/filters/client_channel/parse_address.cc +10 -8
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver.cc +6 -52
- data/src/core/ext/filters/client_channel/resolver.h +98 -55
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +266 -237
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +31 -27
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +244 -207
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +161 -148
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +47 -31
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +126 -126
- data/src/core/ext/filters/client_channel/resolver_factory.h +33 -32
- data/src/core/ext/filters/client_channel/resolver_registry.cc +110 -90
- data/src/core/ext/filters/client_channel/resolver_registry.h +49 -36
- data/src/core/ext/filters/client_channel/retry_throttle.cc +29 -22
- data/src/core/ext/filters/client_channel/subchannel.cc +173 -173
- data/src/core/ext/filters/client_channel/subchannel.h +38 -45
- data/src/core/ext/filters/client_channel/subchannel_index.cc +44 -40
- data/src/core/ext/filters/client_channel/uri_parser.cc +3 -3
- data/src/core/ext/filters/deadline/deadline_filter.cc +27 -18
- data/src/core/ext/filters/http/client/http_client_filter.cc +26 -23
- data/src/core/ext/filters/http/http_filters_plugin.cc +3 -2
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +78 -110
- data/src/core/ext/filters/http/server/http_server_filter.cc +29 -26
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +9 -11
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.cc +2 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +14 -14
- data/src/core/ext/filters/message_size/message_size_filter.cc +20 -18
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -4
- data/src/core/ext/filters/workarounds/workaround_utils.cc +4 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +10 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +4 -4
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +11 -12
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +16 -13
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +36 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +3 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -145
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +16 -14
- data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +35 -33
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +27 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +12 -12
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +23 -22
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +35 -35
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +35 -39
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/varint.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/writing.cc +18 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +43 -23
- data/src/core/lib/{gpr → avl}/avl.cc +61 -57
- data/{include/grpc/support → src/core/lib/avl}/avl.h +25 -35
- data/src/core/lib/backoff/backoff.cc +6 -5
- data/src/core/lib/channel/channel_args.cc +23 -109
- data/src/core/lib/channel/channel_args.h +5 -31
- data/src/core/lib/channel/channel_stack.cc +11 -8
- data/src/core/lib/channel/channel_stack_builder.cc +10 -7
- data/src/core/lib/channel/connected_channel.cc +18 -17
- data/src/core/lib/channel/handshaker.cc +8 -8
- data/src/core/lib/channel/handshaker_registry.cc +3 -2
- data/src/core/lib/compression/algorithm_metadata.h +13 -6
- data/src/core/lib/compression/compression.cc +72 -183
- data/src/core/lib/compression/compression_internal.cc +274 -0
- data/src/core/lib/compression/compression_internal.h +86 -0
- data/src/core/lib/compression/message_compress.cc +15 -15
- data/src/core/lib/compression/message_compress.h +4 -3
- data/src/core/lib/compression/stream_compression_gzip.cc +8 -8
- data/src/core/lib/compression/stream_compression_identity.cc +1 -1
- data/src/core/lib/debug/stats.cc +10 -8
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/trace.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +7 -11
- data/src/core/lib/gpr/arena.cc +34 -12
- data/src/core/lib/gpr/atm.cc +2 -1
- data/src/core/lib/gpr/cpu_linux.cc +3 -3
- data/src/core/lib/gpr/cpu_posix.cc +2 -1
- data/src/core/lib/gpr/env.h +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -1
- data/src/core/lib/gpr/env_windows.cc +4 -4
- data/src/core/lib/gpr/fork.cc +16 -2
- data/src/core/lib/gpr/host_port.cc +5 -4
- data/{include/grpc/support → src/core/lib/gpr}/host_port.h +5 -13
- data/src/core/lib/gpr/log.cc +5 -4
- data/src/core/lib/gpr/log_linux.cc +1 -1
- data/src/core/lib/gpr/mpscq.cc +1 -0
- data/src/core/lib/gpr/murmur_hash.cc +4 -4
- data/src/core/lib/gpr/string.cc +19 -16
- data/src/core/lib/gpr/string_posix.cc +3 -3
- data/src/core/lib/gpr/sync_posix.cc +5 -9
- data/src/core/lib/gpr/thd.cc +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/thd.h +20 -28
- data/src/core/lib/gpr/thd_posix.cc +6 -4
- data/src/core/lib/gpr/thd_windows.cc +3 -1
- data/src/core/lib/gpr/time.cc +6 -4
- data/src/core/lib/gpr/time_posix.cc +2 -2
- data/{include/grpc/support → src/core/lib/gpr}/tls.h +6 -6
- data/{include/grpc/support → src/core/lib/gpr}/tls_gcc.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/tls_msvc.h +3 -3
- data/src/core/lib/gpr/tls_pthread.cc +1 -1
- data/{include/grpc/support → src/core/lib/gpr}/tls_pthread.h +3 -3
- data/{include/grpc/support → src/core/lib/gpr}/useful.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/abstract.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic.h +5 -5
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_atm.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/atomic_with_std.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/debug_location.h +3 -3
- data/src/core/lib/{gpr++ → gprpp}/inlined_vector.h +44 -22
- data/src/core/lib/{gpr++ → gprpp}/manual_constructor.h +2 -2
- data/src/core/lib/{gpr++ → gprpp}/memory.h +14 -5
- data/src/core/lib/{gpr++ → gprpp}/orphanable.h +39 -14
- data/src/core/lib/{gpr++ → gprpp}/ref_counted.h +42 -10
- data/src/core/lib/{gpr++ → gprpp}/ref_counted_ptr.h +18 -8
- data/src/core/lib/http/format_request.cc +3 -3
- data/src/core/lib/http/httpcli.cc +6 -7
- data/src/core/lib/http/httpcli_security_connector.cc +10 -10
- data/src/core/lib/http/parser.cc +16 -12
- data/src/core/lib/iomgr/call_combiner.cc +12 -13
- data/src/core/lib/iomgr/closure.h +4 -6
- data/src/core/lib/iomgr/combiner.cc +10 -21
- data/src/core/lib/iomgr/error.cc +50 -55
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +41 -52
- data/src/core/lib/iomgr/ev_epollex_linux.cc +80 -28
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +23 -30
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -46
- data/src/core/lib/iomgr/ev_posix.cc +47 -6
- data/src/core/lib/iomgr/exec_ctx.cc +10 -10
- data/src/core/lib/iomgr/exec_ctx.h +1 -1
- data/src/core/lib/iomgr/executor.cc +16 -13
- data/src/core/lib/iomgr/fork_posix.cc +1 -3
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +1 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -2
- data/src/core/lib/iomgr/iomgr.cc +2 -2
- data/src/core/lib/iomgr/iomgr_uv.cc +2 -0
- data/src/core/lib/iomgr/iomgr_uv.h +1 -1
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +5 -4
- data/src/core/lib/iomgr/load_file.cc +3 -3
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -9
- data/src/core/lib/iomgr/resolve_address_uv.cc +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +3 -2
- data/src/core/lib/iomgr/resource_quota.cc +36 -34
- data/src/core/lib/iomgr/sockaddr_utils.cc +39 -23
- data/src/core/lib/iomgr/socket_factory_posix.cc +5 -5
- data/src/core/lib/iomgr/socket_mutator.cc +7 -7
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +7 -4
- data/src/core/lib/iomgr/socket_utils_linux.cc +3 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +0 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -55
- data/src/core/lib/iomgr/tcp_server_posix.cc +12 -10
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -3
- data/src/core/lib/iomgr/tcp_windows.cc +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +16 -14
- data/src/core/lib/iomgr/timer_heap.cc +8 -7
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/udp_server.cc +24 -16
- data/src/core/lib/iomgr/unix_sockets_posix.cc +15 -10
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +6 -5
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +1 -2
- data/src/core/lib/json/json.cc +1 -1
- data/src/core/lib/json/json_reader.cc +8 -6
- data/src/core/lib/json/json_string.cc +19 -18
- data/src/core/lib/json/json_writer.cc +10 -8
- data/src/core/lib/profiling/basic_timers.cc +1 -1
- data/src/core/lib/profiling/timers.h +3 -20
- data/src/core/lib/security/context/security_context.cc +16 -14
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +17 -14
- data/src/core/lib/security/credentials/credentials.cc +9 -8
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +12 -13
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -4
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -3
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -7
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +21 -18
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +23 -18
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +11 -7
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +22 -21
- data/src/core/lib/security/{transport → security_connector}/security_connector.cc +46 -43
- data/src/core/lib/security/{transport → security_connector}/security_connector.h +3 -3
- data/src/core/lib/security/transport/client_auth_filter.cc +32 -34
- data/src/core/lib/security/transport/lb_targets_info.cc +7 -5
- data/src/core/lib/security/transport/secure_endpoint.cc +21 -21
- data/src/core/lib/security/transport/security_handshaker.cc +19 -18
- data/src/core/lib/security/transport/security_handshaker.h +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/slice/b64.cc +19 -16
- data/src/core/lib/slice/percent_encoding.cc +5 -5
- data/src/core/lib/slice/slice.cc +35 -33
- data/src/core/lib/slice/slice_buffer.cc +16 -14
- data/src/core/lib/slice/slice_hash_table.cc +3 -2
- data/src/core/lib/slice/slice_intern.cc +21 -25
- data/src/core/lib/slice/slice_string_helpers.cc +45 -9
- data/src/core/lib/slice/slice_string_helpers.h +6 -0
- data/src/core/lib/surface/byte_buffer.cc +2 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +6 -3
- data/src/core/lib/surface/call.cc +171 -260
- data/src/core/lib/surface/call_test_only.h +1 -13
- data/src/core/lib/surface/channel.cc +20 -43
- data/src/core/lib/surface/channel_init.cc +7 -7
- data/src/core/lib/surface/channel_ping.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +69 -75
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/init_secure.cc +1 -1
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/server.cc +64 -59
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +6 -5
- data/src/core/lib/transport/byte_stream.cc +23 -14
- data/src/core/lib/transport/byte_stream.h +1 -1
- data/src/core/lib/transport/connectivity_state.cc +9 -13
- data/src/core/lib/transport/error_utils.cc +10 -7
- data/src/core/lib/transport/metadata.cc +27 -26
- data/src/core/lib/transport/metadata.h +1 -1
- data/src/core/lib/transport/pid_controller.cc +2 -1
- data/src/core/lib/transport/service_config.cc +5 -5
- data/src/core/lib/transport/static_metadata.cc +225 -222
- data/src/core/lib/transport/static_metadata.h +77 -76
- data/src/core/lib/transport/timeout_encoding.cc +3 -2
- data/src/core/lib/transport/transport.cc +6 -5
- data/src/core/lib/transport/transport_op_string.cc +0 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts_transport_security.cc +61 -0
- data/src/core/tsi/{gts_transport_security.h → alts_transport_security.h} +16 -8
- data/src/core/tsi/fake_transport_security.cc +59 -43
- data/src/core/tsi/ssl_transport_security.cc +122 -107
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_adapter.cc +16 -10
- data/src/ruby/bin/apis/pubsub_demo.rb +1 -1
- data/src/ruby/ext/grpc/rb_channel.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +13 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -76
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +8 -120
- data/src/ruby/ext/grpc/rb_server.c +52 -28
- data/src/ruby/lib/grpc/generic/rpc_server.rb +7 -4
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/test/client.rb +1 -1
- data/src/ruby/pb/test/server.rb +1 -1
- data/src/ruby/spec/client_server_spec.rb +4 -2
- data/src/ruby/spec/generic/active_call_spec.rb +2 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +32 -8
- data/src/ruby/spec/server_spec.rb +26 -7
- data/third_party/boringssl/crypto/asn1/a_bitstr.c +7 -2
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +15 -0
- data/third_party/boringssl/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl/crypto/asn1/a_print.c +0 -28
- data/third_party/boringssl/crypto/asn1/a_strnid.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_time.c +17 -9
- data/third_party/boringssl/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +5 -49
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +1 -1
- data/third_party/boringssl/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -6
- data/third_party/boringssl/crypto/asn1/time_support.c +5 -5
- data/third_party/boringssl/crypto/base64/base64.c +65 -43
- data/third_party/boringssl/crypto/bio/bio.c +134 -110
- data/third_party/boringssl/crypto/bio/bio_mem.c +9 -9
- data/third_party/boringssl/crypto/bio/connect.c +17 -17
- data/third_party/boringssl/crypto/bio/fd.c +2 -1
- data/third_party/boringssl/crypto/bio/file.c +14 -14
- data/third_party/boringssl/crypto/bio/hexdump.c +15 -16
- data/third_party/boringssl/crypto/bio/internal.h +14 -14
- data/third_party/boringssl/crypto/bio/pair.c +45 -45
- data/third_party/boringssl/crypto/bio/printf.c +6 -10
- data/third_party/boringssl/crypto/{bn → bn_extra}/bn_asn1.c +9 -9
- data/third_party/boringssl/crypto/{bn → bn_extra}/convert.c +18 -223
- data/third_party/boringssl/crypto/buf/buf.c +20 -44
- data/third_party/boringssl/crypto/bytestring/ber.c +35 -35
- data/third_party/boringssl/crypto/bytestring/cbb.c +24 -24
- data/third_party/boringssl/crypto/bytestring/cbs.c +33 -37
- data/third_party/boringssl/crypto/bytestring/internal.h +38 -38
- data/third_party/boringssl/crypto/chacha/chacha.c +7 -7
- data/third_party/boringssl/crypto/{asn1/t_bitst.c → cipher_extra/cipher_extra.c} +49 -38
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/derive_key.c +0 -2
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +281 -0
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +867 -0
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +326 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_null.c +0 -1
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc2.c +22 -10
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_rc4.c +0 -0
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_ssl3.c +120 -64
- data/third_party/boringssl/crypto/{cipher → cipher_extra}/e_tls.c +220 -141
- data/third_party/boringssl/crypto/{asn1/x_bignum.c → cipher_extra/internal.h} +61 -86
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +482 -0
- data/third_party/boringssl/crypto/cmac/cmac.c +20 -20
- data/third_party/boringssl/crypto/conf/conf.c +32 -20
- data/third_party/boringssl/crypto/conf/internal.h +3 -3
- data/third_party/boringssl/crypto/cpu-aarch64-linux.c +5 -5
- data/third_party/boringssl/crypto/cpu-arm-linux.c +44 -41
- data/third_party/boringssl/crypto/cpu-intel.c +68 -43
- data/third_party/boringssl/crypto/cpu-ppc64le.c +5 -7
- data/third_party/boringssl/crypto/crypto.c +54 -32
- data/third_party/boringssl/crypto/curve25519/curve25519.c +269 -269
- data/third_party/boringssl/crypto/curve25519/internal.h +28 -8
- data/third_party/boringssl/crypto/curve25519/spake25519.c +180 -106
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +9 -9
- data/third_party/boringssl/crypto/dh/check.c +33 -34
- data/third_party/boringssl/crypto/dh/dh.c +72 -36
- data/third_party/boringssl/crypto/dh/dh_asn1.c +1 -1
- data/third_party/boringssl/crypto/dh/params.c +1 -161
- data/third_party/boringssl/crypto/digest_extra/digest_extra.c +240 -0
- data/third_party/boringssl/crypto/dsa/dsa.c +127 -87
- data/third_party/boringssl/crypto/dsa/dsa_asn1.c +1 -1
- data/third_party/boringssl/crypto/{ec → ec_extra}/ec_asn1.c +83 -70
- data/third_party/boringssl/crypto/ecdh/ecdh.c +1 -1
- data/third_party/boringssl/crypto/{ecdsa → ecdsa_extra}/ecdsa_asn1.c +86 -31
- data/third_party/boringssl/crypto/engine/engine.c +6 -6
- data/third_party/boringssl/crypto/err/err.c +197 -106
- data/third_party/boringssl/crypto/err/internal.h +58 -0
- data/third_party/boringssl/crypto/evp/digestsign.c +86 -14
- data/third_party/boringssl/crypto/evp/evp.c +6 -11
- data/third_party/boringssl/crypto/evp/evp_asn1.c +17 -17
- data/third_party/boringssl/crypto/evp/evp_ctx.c +15 -11
- data/third_party/boringssl/crypto/evp/internal.h +66 -51
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +11 -11
- data/third_party/boringssl/crypto/evp/p_ec.c +10 -8
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +11 -12
- data/third_party/boringssl/crypto/evp/p_ed25519.c +71 -0
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +190 -0
- data/third_party/boringssl/crypto/evp/p_rsa.c +50 -95
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +28 -18
- data/third_party/boringssl/crypto/evp/pbkdf.c +49 -56
- data/third_party/boringssl/crypto/evp/print.c +5 -36
- data/third_party/boringssl/crypto/evp/scrypt.c +209 -0
- data/third_party/boringssl/crypto/ex_data.c +15 -45
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +100 -0
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +679 -0
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/internal.h +40 -27
- data/third_party/boringssl/crypto/{bn → fipsmodule/bn}/rsaz_exp.h +0 -0
- data/third_party/boringssl/crypto/{cipher → fipsmodule/cipher}/internal.h +34 -67
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +88 -0
- data/third_party/boringssl/crypto/{des → fipsmodule/des}/internal.h +18 -4
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/internal.h +18 -18
- data/third_party/boringssl/crypto/{digest → fipsmodule/digest}/md32_common.h +58 -64
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/internal.h +58 -52
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64-table.h +11 -11
- data/third_party/boringssl/crypto/{ec → fipsmodule/ec}/p256-x86_64.h +32 -32
- data/third_party/boringssl/crypto/{rand/internal.h → fipsmodule/is_fips.c} +10 -15
- data/third_party/boringssl/crypto/{modes → fipsmodule/modes}/internal.h +112 -119
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +92 -0
- data/third_party/boringssl/crypto/{rsa → fipsmodule/rsa}/internal.h +36 -49
- data/third_party/boringssl/crypto/hkdf/hkdf.c +6 -6
- data/third_party/boringssl/crypto/internal.h +301 -233
- data/third_party/boringssl/crypto/lhash/lhash.c +26 -45
- data/third_party/boringssl/crypto/mem.c +76 -33
- data/third_party/boringssl/crypto/obj/obj.c +44 -28
- data/third_party/boringssl/crypto/obj/obj_dat.h +102 -34
- data/third_party/boringssl/crypto/obj/obj_xref.c +6 -6
- data/third_party/boringssl/crypto/pem/pem_info.c +3 -5
- data/third_party/boringssl/crypto/pem/pem_lib.c +1 -6
- data/third_party/boringssl/crypto/pem/pem_pk8.c +1 -0
- data/third_party/boringssl/crypto/pem/pem_pkey.c +1 -1
- data/third_party/boringssl/crypto/pem/pem_xaux.c +0 -2
- data/third_party/boringssl/crypto/pkcs7/internal.h +49 -0
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +166 -0
- data/third_party/boringssl/crypto/{x509/pkcs7.c → pkcs7/pkcs7_x509.c} +27 -147
- data/third_party/boringssl/crypto/pkcs8/internal.h +34 -16
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +120 -39
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +144 -857
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +789 -0
- data/third_party/boringssl/crypto/poly1305/internal.h +4 -3
- data/third_party/boringssl/crypto/poly1305/poly1305.c +14 -14
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +11 -11
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +41 -41
- data/third_party/boringssl/crypto/pool/internal.h +2 -2
- data/third_party/boringssl/crypto/pool/pool.c +15 -15
- data/third_party/boringssl/crypto/{rand → rand_extra}/deterministic.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/forkunsafe.c +46 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/fuchsia.c +7 -7
- data/third_party/boringssl/crypto/rand_extra/rand_extra.c +70 -0
- data/third_party/boringssl/crypto/{rand → rand_extra}/windows.c +5 -5
- data/third_party/boringssl/crypto/refcount_c11.c +2 -2
- data/third_party/boringssl/crypto/refcount_lock.c +1 -1
- data/third_party/boringssl/crypto/{rsa → rsa_extra}/rsa_asn1.c +12 -120
- data/third_party/boringssl/crypto/stack/stack.c +13 -13
- data/third_party/boringssl/crypto/thread_none.c +1 -1
- data/third_party/boringssl/crypto/thread_pthread.c +1 -1
- data/third_party/boringssl/crypto/thread_win.c +40 -40
- data/third_party/boringssl/crypto/x509/a_sign.c +5 -12
- data/third_party/boringssl/crypto/x509/a_verify.c +6 -18
- data/third_party/boringssl/crypto/x509/algorithm.c +22 -6
- data/third_party/boringssl/crypto/x509/asn1_gen.c +30 -7
- data/third_party/boringssl/crypto/x509/by_dir.c +2 -2
- data/third_party/boringssl/crypto/x509/by_file.c +2 -2
- data/third_party/boringssl/crypto/x509/rsa_pss.c +5 -5
- data/third_party/boringssl/crypto/x509/t_x509.c +2 -1
- data/third_party/boringssl/crypto/x509/x509_def.c +5 -0
- data/third_party/boringssl/crypto/x509/x509_lu.c +35 -4
- data/third_party/boringssl/crypto/x509/x509_set.c +10 -0
- data/third_party/boringssl/crypto/x509/x509_vfy.c +20 -17
- data/third_party/boringssl/crypto/x509/x_name.c +13 -16
- data/third_party/boringssl/crypto/x509/x_x509.c +3 -3
- data/third_party/boringssl/crypto/x509/x_x509a.c +0 -7
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +8 -0
- data/third_party/boringssl/crypto/x509v3/pcy_int.h +2 -2
- data/third_party/boringssl/crypto/x509v3/pcy_lib.c +0 -9
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +1 -1
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +25 -15
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +21 -11
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +9 -3
- data/third_party/boringssl/crypto/x509v3/v3_info.c +22 -14
- data/third_party/boringssl/crypto/x509v3/v3_ncons.c +27 -11
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -33
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +4 -4
- data/third_party/boringssl/include/openssl/aead.h +280 -191
- data/third_party/boringssl/include/openssl/aes.h +50 -50
- data/third_party/boringssl/include/openssl/arm_arch.h +12 -12
- data/third_party/boringssl/include/openssl/asn1.h +14 -77
- data/third_party/boringssl/include/openssl/asn1t.h +11 -15
- data/third_party/boringssl/include/openssl/base.h +78 -51
- data/third_party/boringssl/include/openssl/base64.h +68 -68
- data/third_party/boringssl/include/openssl/bio.h +472 -406
- data/third_party/boringssl/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl/include/openssl/bn.h +454 -435
- data/third_party/boringssl/include/openssl/buf.h +27 -27
- data/third_party/boringssl/include/openssl/bytestring.h +282 -267
- data/third_party/boringssl/include/openssl/cast.h +2 -2
- data/third_party/boringssl/include/openssl/chacha.h +5 -5
- data/third_party/boringssl/include/openssl/cipher.h +209 -200
- data/third_party/boringssl/include/openssl/cmac.h +27 -27
- data/third_party/boringssl/include/openssl/conf.h +49 -46
- data/third_party/boringssl/include/openssl/cpu.h +60 -45
- data/third_party/boringssl/include/openssl/crypto.h +59 -35
- data/third_party/boringssl/include/openssl/curve25519.h +97 -92
- data/third_party/boringssl/include/openssl/des.h +25 -25
- data/third_party/boringssl/include/openssl/dh.h +98 -97
- data/third_party/boringssl/include/openssl/digest.h +143 -114
- data/third_party/boringssl/include/openssl/dsa.h +217 -202
- data/third_party/boringssl/include/openssl/ec.h +132 -131
- data/third_party/boringssl/include/openssl/ec_key.h +132 -128
- data/third_party/boringssl/include/openssl/ecdh.h +9 -9
- data/third_party/boringssl/include/openssl/ecdsa.h +66 -66
- data/third_party/boringssl/include/openssl/engine.h +38 -38
- data/third_party/boringssl/include/openssl/err.h +189 -219
- data/third_party/boringssl/include/openssl/evp.h +473 -397
- data/third_party/boringssl/include/openssl/ex_data.h +46 -56
- data/third_party/boringssl/include/openssl/hkdf.h +17 -17
- data/third_party/boringssl/include/openssl/hmac.h +55 -43
- data/third_party/boringssl/include/openssl/is_boringssl.h +16 -0
- data/third_party/boringssl/include/openssl/lhash.h +67 -67
- data/third_party/boringssl/include/openssl/lhash_macros.h +4 -4
- data/third_party/boringssl/include/openssl/md4.h +14 -14
- data/third_party/boringssl/include/openssl/md5.h +14 -14
- data/third_party/boringssl/include/openssl/mem.h +39 -33
- data/third_party/boringssl/include/openssl/nid.h +43 -0
- data/third_party/boringssl/include/openssl/obj.h +93 -87
- data/third_party/boringssl/include/openssl/opensslconf.h +8 -1
- data/third_party/boringssl/include/openssl/pem.h +2 -122
- data/third_party/boringssl/include/openssl/pkcs7.h +68 -2
- data/third_party/boringssl/include/openssl/pkcs8.h +81 -66
- data/third_party/boringssl/include/openssl/poly1305.h +11 -11
- data/third_party/boringssl/include/openssl/pool.h +29 -25
- data/third_party/boringssl/include/openssl/rand.h +48 -45
- data/third_party/boringssl/include/openssl/rc4.h +9 -9
- data/third_party/boringssl/include/openssl/ripemd.h +13 -13
- data/third_party/boringssl/include/openssl/rsa.h +371 -340
- data/third_party/boringssl/include/openssl/sha.h +71 -71
- data/third_party/boringssl/include/openssl/span.h +191 -0
- data/third_party/boringssl/include/openssl/ssl.h +2639 -2519
- data/third_party/boringssl/include/openssl/ssl3.h +39 -122
- data/third_party/boringssl/include/openssl/stack.h +355 -164
- data/third_party/boringssl/include/openssl/thread.h +43 -43
- data/third_party/boringssl/include/openssl/tls1.h +60 -63
- data/third_party/boringssl/include/openssl/type_check.h +10 -14
- data/third_party/boringssl/include/openssl/x509.h +41 -116
- data/third_party/boringssl/include/openssl/x509_vfy.h +17 -25
- data/third_party/boringssl/include/openssl/x509v3.h +27 -21
- data/third_party/boringssl/ssl/{bio_ssl.c → bio_ssl.cc} +9 -5
- data/third_party/boringssl/ssl/{custom_extensions.c → custom_extensions.cc} +19 -12
- data/third_party/boringssl/ssl/{d1_both.c → d1_both.cc} +224 -193
- data/third_party/boringssl/ssl/{d1_lib.c → d1_lib.cc} +86 -79
- data/third_party/boringssl/ssl/{d1_pkt.c → d1_pkt.cc} +55 -87
- data/third_party/boringssl/ssl/{d1_srtp.c → d1_srtp.cc} +12 -16
- data/third_party/boringssl/ssl/{dtls_method.c → dtls_method.cc} +33 -50
- data/third_party/boringssl/ssl/{dtls_record.c → dtls_record.cc} +76 -64
- data/third_party/boringssl/ssl/handshake.cc +547 -0
- data/third_party/boringssl/ssl/handshake_client.cc +1828 -0
- data/third_party/boringssl/ssl/handshake_server.cc +1672 -0
- data/third_party/boringssl/ssl/internal.h +2027 -1280
- data/third_party/boringssl/ssl/s3_both.cc +603 -0
- data/third_party/boringssl/ssl/{s3_lib.c → s3_lib.cc} +22 -10
- data/third_party/boringssl/ssl/{s3_pkt.c → s3_pkt.cc} +171 -75
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +415 -0
- data/third_party/boringssl/ssl/{ssl_asn1.c → ssl_asn1.cc} +257 -261
- data/third_party/boringssl/ssl/{ssl_buffer.c → ssl_buffer.cc} +81 -97
- data/third_party/boringssl/ssl/{ssl_cert.c → ssl_cert.cc} +304 -414
- data/third_party/boringssl/ssl/{ssl_cipher.c → ssl_cipher.cc} +427 -505
- data/third_party/boringssl/ssl/{ssl_file.c → ssl_file.cc} +24 -16
- data/third_party/boringssl/ssl/ssl_key_share.cc +245 -0
- data/third_party/boringssl/ssl/{ssl_lib.c → ssl_lib.cc} +665 -828
- data/third_party/boringssl/ssl/ssl_privkey.cc +518 -0
- data/third_party/boringssl/ssl/{ssl_session.c → ssl_session.cc} +596 -471
- data/third_party/boringssl/ssl/{ssl_stat.c → ssl_stat.cc} +5 -224
- data/third_party/boringssl/ssl/{ssl_transcript.c → ssl_transcript.cc} +117 -140
- data/third_party/boringssl/ssl/ssl_versions.cc +439 -0
- data/third_party/boringssl/ssl/{ssl_x509.c → ssl_x509.cc} +751 -267
- data/third_party/boringssl/ssl/{t1_enc.c → t1_enc.cc} +120 -161
- data/third_party/boringssl/ssl/{t1_lib.c → t1_lib.cc} +859 -966
- data/third_party/boringssl/ssl/{tls13_both.c → tls13_both.cc} +202 -284
- data/third_party/boringssl/ssl/tls13_client.cc +842 -0
- data/third_party/boringssl/ssl/{tls13_enc.c → tls13_enc.cc} +108 -90
- data/third_party/boringssl/ssl/tls13_server.cc +967 -0
- data/third_party/boringssl/ssl/{tls_method.c → tls_method.cc} +94 -73
- data/third_party/boringssl/ssl/tls_record.cc +675 -0
- metadata +117 -168
- data/include/grpc/support/cmdline.h +0 -88
- data/include/grpc/support/subprocess.h +0 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +0 -29
- data/src/core/ext/filters/client_channel/resolver_factory.cc +0 -40
- data/src/core/lib/gpr/cmdline.cc +0 -330
- data/src/core/lib/gpr/subprocess_posix.cc +0 -99
- data/src/core/lib/gpr/subprocess_windows.cc +0 -126
- data/src/core/lib/surface/alarm.cc +0 -137
- data/src/core/lib/surface/alarm_internal.h +0 -40
- data/src/core/tsi/gts_transport_security.cc +0 -40
- data/third_party/boringssl/crypto/aes/aes.c +0 -1142
- data/third_party/boringssl/crypto/aes/internal.h +0 -87
- data/third_party/boringssl/crypto/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/asn1/x_long.c +0 -200
- data/third_party/boringssl/crypto/bn/add.c +0 -377
- data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +0 -532
- data/third_party/boringssl/crypto/bn/bn.c +0 -365
- data/third_party/boringssl/crypto/bn/cmp.c +0 -239
- data/third_party/boringssl/crypto/bn/ctx.c +0 -313
- data/third_party/boringssl/crypto/bn/div.c +0 -728
- data/third_party/boringssl/crypto/bn/exponentiation.c +0 -1240
- data/third_party/boringssl/crypto/bn/gcd.c +0 -635
- data/third_party/boringssl/crypto/bn/generic.c +0 -707
- data/third_party/boringssl/crypto/bn/kronecker.c +0 -176
- data/third_party/boringssl/crypto/bn/montgomery.c +0 -409
- data/third_party/boringssl/crypto/bn/montgomery_inv.c +0 -207
- data/third_party/boringssl/crypto/bn/mul.c +0 -871
- data/third_party/boringssl/crypto/bn/prime.c +0 -861
- data/third_party/boringssl/crypto/bn/random.c +0 -343
- data/third_party/boringssl/crypto/bn/rsaz_exp.c +0 -254
- data/third_party/boringssl/crypto/bn/shift.c +0 -307
- data/third_party/boringssl/crypto/bn/sqrt.c +0 -506
- data/third_party/boringssl/crypto/cipher/aead.c +0 -156
- data/third_party/boringssl/crypto/cipher/cipher.c +0 -657
- data/third_party/boringssl/crypto/cipher/e_aes.c +0 -1771
- data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +0 -276
- data/third_party/boringssl/crypto/cipher/e_des.c +0 -205
- data/third_party/boringssl/crypto/cipher/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/des/des.c +0 -771
- data/third_party/boringssl/crypto/digest/digest.c +0 -251
- data/third_party/boringssl/crypto/digest/digests.c +0 -358
- data/third_party/boringssl/crypto/ec/ec.c +0 -847
- data/third_party/boringssl/crypto/ec/ec_key.c +0 -479
- data/third_party/boringssl/crypto/ec/ec_montgomery.c +0 -303
- data/third_party/boringssl/crypto/ec/oct.c +0 -416
- data/third_party/boringssl/crypto/ec/p224-64.c +0 -1143
- data/third_party/boringssl/crypto/ec/p256-64.c +0 -1701
- data/third_party/boringssl/crypto/ec/p256-x86_64.c +0 -561
- data/third_party/boringssl/crypto/ec/simple.c +0 -1118
- data/third_party/boringssl/crypto/ec/util-64.c +0 -109
- data/third_party/boringssl/crypto/ec/wnaf.c +0 -458
- data/third_party/boringssl/crypto/ecdsa/ecdsa.c +0 -479
- data/third_party/boringssl/crypto/hmac/hmac.c +0 -215
- data/third_party/boringssl/crypto/md4/md4.c +0 -236
- data/third_party/boringssl/crypto/md5/md5.c +0 -285
- data/third_party/boringssl/crypto/modes/cbc.c +0 -212
- data/third_party/boringssl/crypto/modes/cfb.c +0 -230
- data/third_party/boringssl/crypto/modes/ctr.c +0 -219
- data/third_party/boringssl/crypto/modes/gcm.c +0 -1071
- data/third_party/boringssl/crypto/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/modes/polyval.c +0 -94
- data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +0 -85
- data/third_party/boringssl/crypto/rand/rand.c +0 -244
- data/third_party/boringssl/crypto/rand/urandom.c +0 -335
- data/third_party/boringssl/crypto/rsa/blinding.c +0 -265
- data/third_party/boringssl/crypto/rsa/padding.c +0 -708
- data/third_party/boringssl/crypto/rsa/rsa.c +0 -830
- data/third_party/boringssl/crypto/rsa/rsa_impl.c +0 -1100
- data/third_party/boringssl/crypto/sha/sha1-altivec.c +0 -346
- data/third_party/boringssl/crypto/sha/sha1.c +0 -355
- data/third_party/boringssl/crypto/sha/sha256.c +0 -329
- data/third_party/boringssl/crypto/sha/sha512.c +0 -609
- data/third_party/boringssl/crypto/x509/x509type.c +0 -126
- data/third_party/boringssl/include/openssl/stack_macros.h +0 -3987
- data/third_party/boringssl/ssl/handshake_client.c +0 -1883
- data/third_party/boringssl/ssl/handshake_server.c +0 -1950
- data/third_party/boringssl/ssl/s3_both.c +0 -895
- data/third_party/boringssl/ssl/ssl_aead_ctx.c +0 -335
- data/third_party/boringssl/ssl/ssl_ecdh.c +0 -465
- data/third_party/boringssl/ssl/ssl_privkey.c +0 -683
- data/third_party/boringssl/ssl/ssl_privkey_cc.cc +0 -76
- data/third_party/boringssl/ssl/tls13_client.c +0 -712
- data/third_party/boringssl/ssl/tls13_server.c +0 -680
- data/third_party/boringssl/ssl/tls_record.c +0 -556
@@ -88,236 +88,17 @@
|
|
88
88
|
#include "internal.h"
|
89
89
|
|
90
90
|
|
91
|
-
|
91
|
+
const char *SSL_state_string_long(const SSL *ssl) {
|
92
92
|
if (ssl->s3->hs == NULL) {
|
93
|
-
|
94
|
-
return SSL_ST_OK;
|
93
|
+
return "SSL negotiation finished successfully";
|
95
94
|
}
|
96
95
|
|
97
|
-
return ssl->s3->hs
|
98
|
-
|
99
|
-
|
100
|
-
const char *SSL_state_string_long(const SSL *ssl) {
|
101
|
-
switch (ssl_state(ssl)) {
|
102
|
-
case SSL_ST_ACCEPT:
|
103
|
-
return "before accept initialization";
|
104
|
-
|
105
|
-
case SSL_ST_CONNECT:
|
106
|
-
return "before connect initialization";
|
107
|
-
|
108
|
-
case SSL_ST_OK:
|
109
|
-
return "SSL negotiation finished successfully";
|
110
|
-
|
111
|
-
case SSL_ST_RENEGOTIATE:
|
112
|
-
return "SSL renegotiate ciphers";
|
113
|
-
|
114
|
-
/* SSLv3 additions */
|
115
|
-
case SSL3_ST_CW_CLNT_HELLO_A:
|
116
|
-
return "SSLv3 write client hello A";
|
117
|
-
|
118
|
-
case SSL3_ST_CR_SRVR_HELLO_A:
|
119
|
-
return "SSLv3 read server hello A";
|
120
|
-
|
121
|
-
case SSL3_ST_CR_CERT_A:
|
122
|
-
return "SSLv3 read server certificate A";
|
123
|
-
|
124
|
-
case SSL3_ST_CR_KEY_EXCH_A:
|
125
|
-
return "SSLv3 read server key exchange A";
|
126
|
-
|
127
|
-
case SSL3_ST_CR_CERT_REQ_A:
|
128
|
-
return "SSLv3 read server certificate request A";
|
129
|
-
|
130
|
-
case SSL3_ST_CR_SESSION_TICKET_A:
|
131
|
-
return "SSLv3 read server session ticket A";
|
132
|
-
|
133
|
-
case SSL3_ST_CR_SRVR_DONE_A:
|
134
|
-
return "SSLv3 read server done A";
|
135
|
-
|
136
|
-
case SSL3_ST_CW_CERT_A:
|
137
|
-
return "SSLv3 write client certificate A";
|
138
|
-
|
139
|
-
case SSL3_ST_CW_KEY_EXCH_A:
|
140
|
-
return "SSLv3 write client key exchange A";
|
141
|
-
|
142
|
-
case SSL3_ST_CW_CERT_VRFY_A:
|
143
|
-
return "SSLv3 write certificate verify A";
|
144
|
-
|
145
|
-
case SSL3_ST_CW_CERT_VRFY_B:
|
146
|
-
return "SSLv3 write certificate verify B";
|
147
|
-
|
148
|
-
case SSL3_ST_CW_CHANGE:
|
149
|
-
case SSL3_ST_SW_CHANGE:
|
150
|
-
return "SSLv3 write change cipher spec";
|
151
|
-
|
152
|
-
case SSL3_ST_CW_FINISHED_A:
|
153
|
-
case SSL3_ST_SW_FINISHED_A:
|
154
|
-
return "SSLv3 write finished A";
|
155
|
-
|
156
|
-
case SSL3_ST_CR_CHANGE:
|
157
|
-
case SSL3_ST_SR_CHANGE:
|
158
|
-
return "SSLv3 read change cipher spec";
|
159
|
-
|
160
|
-
case SSL3_ST_CR_FINISHED_A:
|
161
|
-
case SSL3_ST_SR_FINISHED_A:
|
162
|
-
return "SSLv3 read finished A";
|
163
|
-
|
164
|
-
case SSL3_ST_CW_FLUSH:
|
165
|
-
case SSL3_ST_SW_FLUSH:
|
166
|
-
return "SSLv3 flush data";
|
167
|
-
|
168
|
-
case SSL3_ST_SR_CLNT_HELLO_A:
|
169
|
-
return "SSLv3 read client hello A";
|
170
|
-
|
171
|
-
case SSL3_ST_SR_CLNT_HELLO_B:
|
172
|
-
return "SSLv3 read client hello B";
|
173
|
-
|
174
|
-
case SSL3_ST_SR_CLNT_HELLO_C:
|
175
|
-
return "SSLv3 read client hello C";
|
176
|
-
|
177
|
-
case SSL3_ST_SW_SRVR_HELLO_A:
|
178
|
-
return "SSLv3 write server hello A";
|
179
|
-
|
180
|
-
case SSL3_ST_SW_CERT_A:
|
181
|
-
return "SSLv3 write certificate A";
|
182
|
-
|
183
|
-
case SSL3_ST_SW_KEY_EXCH_A:
|
184
|
-
return "SSLv3 write key exchange A";
|
185
|
-
|
186
|
-
case SSL3_ST_SW_CERT_REQ_A:
|
187
|
-
return "SSLv3 write certificate request A";
|
188
|
-
|
189
|
-
case SSL3_ST_SW_SESSION_TICKET_A:
|
190
|
-
return "SSLv3 write session ticket A";
|
191
|
-
|
192
|
-
case SSL3_ST_SW_SRVR_DONE_A:
|
193
|
-
return "SSLv3 write server done A";
|
194
|
-
|
195
|
-
case SSL3_ST_SR_CERT_A:
|
196
|
-
return "SSLv3 read client certificate A";
|
197
|
-
|
198
|
-
case SSL3_ST_SR_KEY_EXCH_A:
|
199
|
-
return "SSLv3 read client key exchange A";
|
200
|
-
|
201
|
-
case SSL3_ST_SR_KEY_EXCH_B:
|
202
|
-
return "SSLv3 read client key exchange B";
|
203
|
-
|
204
|
-
case SSL3_ST_SR_CERT_VRFY_A:
|
205
|
-
return "SSLv3 read certificate verify A";
|
206
|
-
|
207
|
-
/* DTLS */
|
208
|
-
case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
|
209
|
-
return "DTLS1 read hello verify request A";
|
210
|
-
|
211
|
-
default:
|
212
|
-
return "unknown state";
|
213
|
-
}
|
96
|
+
return ssl->server ? ssl_server_handshake_state(ssl->s3->hs)
|
97
|
+
: ssl_client_handshake_state(ssl->s3->hs);
|
214
98
|
}
|
215
99
|
|
216
100
|
const char *SSL_state_string(const SSL *ssl) {
|
217
|
-
|
218
|
-
case SSL_ST_ACCEPT:
|
219
|
-
return "AINIT ";
|
220
|
-
|
221
|
-
case SSL_ST_CONNECT:
|
222
|
-
return "CINIT ";
|
223
|
-
|
224
|
-
case SSL_ST_OK:
|
225
|
-
return "SSLOK ";
|
226
|
-
|
227
|
-
/* SSLv3 additions */
|
228
|
-
case SSL3_ST_SW_FLUSH:
|
229
|
-
case SSL3_ST_CW_FLUSH:
|
230
|
-
return "3FLUSH";
|
231
|
-
|
232
|
-
case SSL3_ST_CW_CLNT_HELLO_A:
|
233
|
-
return "3WCH_A";
|
234
|
-
|
235
|
-
case SSL3_ST_CR_SRVR_HELLO_A:
|
236
|
-
return "3RSH_A";
|
237
|
-
|
238
|
-
case SSL3_ST_CR_CERT_A:
|
239
|
-
return "3RSC_A";
|
240
|
-
|
241
|
-
case SSL3_ST_CR_KEY_EXCH_A:
|
242
|
-
return "3RSKEA";
|
243
|
-
|
244
|
-
case SSL3_ST_CR_CERT_REQ_A:
|
245
|
-
return "3RCR_A";
|
246
|
-
|
247
|
-
case SSL3_ST_CR_SRVR_DONE_A:
|
248
|
-
return "3RSD_A";
|
249
|
-
|
250
|
-
case SSL3_ST_CW_CERT_A:
|
251
|
-
return "3WCC_A";
|
252
|
-
|
253
|
-
case SSL3_ST_CW_KEY_EXCH_A:
|
254
|
-
return "3WCKEA";
|
255
|
-
|
256
|
-
case SSL3_ST_CW_CERT_VRFY_A:
|
257
|
-
return "3WCV_A";
|
258
|
-
|
259
|
-
case SSL3_ST_CW_CERT_VRFY_B:
|
260
|
-
return "3WCV_B";
|
261
|
-
|
262
|
-
case SSL3_ST_SW_CHANGE:
|
263
|
-
case SSL3_ST_CW_CHANGE:
|
264
|
-
return "3WCCS_";
|
265
|
-
|
266
|
-
case SSL3_ST_SW_FINISHED_A:
|
267
|
-
case SSL3_ST_CW_FINISHED_A:
|
268
|
-
return "3WFINA";
|
269
|
-
|
270
|
-
case SSL3_ST_CR_CHANGE:
|
271
|
-
case SSL3_ST_SR_CHANGE:
|
272
|
-
return "3RCCS_";
|
273
|
-
|
274
|
-
case SSL3_ST_SR_FINISHED_A:
|
275
|
-
case SSL3_ST_CR_FINISHED_A:
|
276
|
-
return "3RFINA";
|
277
|
-
|
278
|
-
case SSL3_ST_SR_CLNT_HELLO_A:
|
279
|
-
return "3RCH_A";
|
280
|
-
|
281
|
-
case SSL3_ST_SR_CLNT_HELLO_B:
|
282
|
-
return "3RCH_B";
|
283
|
-
|
284
|
-
case SSL3_ST_SR_CLNT_HELLO_C:
|
285
|
-
return "3RCH_C";
|
286
|
-
|
287
|
-
case SSL3_ST_SW_SRVR_HELLO_A:
|
288
|
-
return "3WSH_A";
|
289
|
-
|
290
|
-
case SSL3_ST_SW_CERT_A:
|
291
|
-
return "3WSC_A";
|
292
|
-
|
293
|
-
case SSL3_ST_SW_KEY_EXCH_A:
|
294
|
-
return "3WSKEA";
|
295
|
-
|
296
|
-
case SSL3_ST_SW_KEY_EXCH_B:
|
297
|
-
return "3WSKEB";
|
298
|
-
|
299
|
-
case SSL3_ST_SW_CERT_REQ_A:
|
300
|
-
return "3WCR_A";
|
301
|
-
|
302
|
-
case SSL3_ST_SW_SRVR_DONE_A:
|
303
|
-
return "3WSD_A";
|
304
|
-
|
305
|
-
case SSL3_ST_SR_CERT_A:
|
306
|
-
return "3RCC_A";
|
307
|
-
|
308
|
-
case SSL3_ST_SR_KEY_EXCH_A:
|
309
|
-
return "3RCKEA";
|
310
|
-
|
311
|
-
case SSL3_ST_SR_CERT_VRFY_A:
|
312
|
-
return "3RCV_A";
|
313
|
-
|
314
|
-
/* DTLS */
|
315
|
-
case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
|
316
|
-
return "DRCHVA";
|
317
|
-
|
318
|
-
default:
|
319
|
-
return "UNKWN ";
|
320
|
-
}
|
101
|
+
return "!!!!!!";
|
321
102
|
}
|
322
103
|
|
323
104
|
const char *SSL_alert_type_string_long(int value) {
|
@@ -150,136 +150,117 @@
|
|
150
150
|
#include "internal.h"
|
151
151
|
|
152
152
|
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
153
|
+
namespace bssl {
|
154
|
+
|
155
|
+
SSLTranscript::SSLTranscript() {}
|
156
|
+
|
157
|
+
SSLTranscript::~SSLTranscript() {}
|
158
|
+
|
159
|
+
bool SSLTranscript::Init() {
|
160
|
+
buffer_.reset(BUF_MEM_new());
|
161
|
+
if (!buffer_) {
|
162
|
+
return false;
|
163
|
+
}
|
164
|
+
|
165
|
+
hash_.Reset();
|
166
|
+
md5_.Reset();
|
167
|
+
return true;
|
157
168
|
}
|
158
169
|
|
159
|
-
|
160
|
-
|
161
|
-
static
|
162
|
-
|
170
|
+
// InitDigestWithData calls |EVP_DigestInit_ex| on |ctx| with |md| and then
|
171
|
+
// writes the data in |buf| to it.
|
172
|
+
static bool InitDigestWithData(EVP_MD_CTX *ctx, const EVP_MD *md,
|
173
|
+
const BUF_MEM *buf) {
|
163
174
|
if (!EVP_DigestInit_ex(ctx, md, NULL)) {
|
164
|
-
return
|
175
|
+
return false;
|
165
176
|
}
|
166
177
|
EVP_DigestUpdate(ctx, buf->data, buf->length);
|
167
|
-
return
|
178
|
+
return true;
|
168
179
|
}
|
169
180
|
|
170
|
-
|
171
|
-
|
172
|
-
const EVP_MD *md = ssl_get_handshake_digest(algorithm_prf, version);
|
181
|
+
bool SSLTranscript::InitHash(uint16_t version, const SSL_CIPHER *cipher) {
|
182
|
+
const EVP_MD *md = ssl_get_handshake_digest(version, cipher);
|
173
183
|
|
174
|
-
|
175
|
-
|
176
|
-
|
184
|
+
// To support SSL 3.0's Finished and CertificateVerify constructions,
|
185
|
+
// EVP_md5_sha1() is split into MD5 and SHA-1 halves. When SSL 3.0 is removed,
|
186
|
+
// we can simplify this.
|
177
187
|
if (md == EVP_md5_sha1()) {
|
178
|
-
if (!
|
179
|
-
|
180
|
-
return 0;
|
188
|
+
if (!InitDigestWithData(md5_.get(), EVP_md5(), buffer_.get())) {
|
189
|
+
return false;
|
181
190
|
}
|
182
191
|
md = EVP_sha1();
|
183
192
|
}
|
184
193
|
|
185
|
-
|
186
|
-
return 0;
|
187
|
-
}
|
188
|
-
|
189
|
-
return 1;
|
190
|
-
}
|
191
|
-
|
192
|
-
void SSL_TRANSCRIPT_cleanup(SSL_TRANSCRIPT *transcript) {
|
193
|
-
SSL_TRANSCRIPT_free_buffer(transcript);
|
194
|
-
EVP_MD_CTX_cleanup(&transcript->hash);
|
195
|
-
EVP_MD_CTX_cleanup(&transcript->md5);
|
194
|
+
return InitDigestWithData(hash_.get(), md, buffer_.get());
|
196
195
|
}
|
197
196
|
|
198
|
-
void
|
199
|
-
|
200
|
-
transcript->buffer = NULL;
|
197
|
+
void SSLTranscript::FreeBuffer() {
|
198
|
+
buffer_.reset();
|
201
199
|
}
|
202
200
|
|
203
|
-
size_t
|
204
|
-
return EVP_MD_size(
|
201
|
+
size_t SSLTranscript::DigestLen() const {
|
202
|
+
return EVP_MD_size(Digest());
|
205
203
|
}
|
206
204
|
|
207
|
-
const EVP_MD *
|
208
|
-
if (EVP_MD_CTX_md(
|
205
|
+
const EVP_MD *SSLTranscript::Digest() const {
|
206
|
+
if (EVP_MD_CTX_md(md5_.get()) != nullptr) {
|
209
207
|
return EVP_md5_sha1();
|
210
208
|
}
|
211
|
-
return EVP_MD_CTX_md(
|
209
|
+
return EVP_MD_CTX_md(hash_.get());
|
212
210
|
}
|
213
211
|
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
size_t new_len = transcript->buffer->length + in_len;
|
212
|
+
bool SSLTranscript::Update(const uint8_t *in, size_t in_len) {
|
213
|
+
// Depending on the state of the handshake, either the handshake buffer may be
|
214
|
+
// active, the rolling hash, or both.
|
215
|
+
if (buffer_) {
|
216
|
+
size_t new_len = buffer_->length + in_len;
|
220
217
|
if (new_len < in_len) {
|
221
218
|
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
222
|
-
return
|
219
|
+
return false;
|
223
220
|
}
|
224
|
-
if (!BUF_MEM_grow(
|
225
|
-
return
|
221
|
+
if (!BUF_MEM_grow(buffer_.get(), new_len)) {
|
222
|
+
return false;
|
226
223
|
}
|
227
|
-
OPENSSL_memcpy(
|
224
|
+
OPENSSL_memcpy(buffer_->data + new_len - in_len, in, in_len);
|
228
225
|
}
|
229
226
|
|
230
|
-
if (EVP_MD_CTX_md(
|
231
|
-
EVP_DigestUpdate(
|
227
|
+
if (EVP_MD_CTX_md(hash_.get()) != NULL) {
|
228
|
+
EVP_DigestUpdate(hash_.get(), in, in_len);
|
232
229
|
}
|
233
|
-
if (EVP_MD_CTX_md(
|
234
|
-
EVP_DigestUpdate(
|
230
|
+
if (EVP_MD_CTX_md(md5_.get()) != NULL) {
|
231
|
+
EVP_DigestUpdate(md5_.get(), in, in_len);
|
235
232
|
}
|
236
233
|
|
237
|
-
return
|
234
|
+
return true;
|
238
235
|
}
|
239
236
|
|
240
|
-
|
241
|
-
|
242
|
-
int ret = 0;
|
243
|
-
EVP_MD_CTX ctx;
|
244
|
-
EVP_MD_CTX_init(&ctx);
|
237
|
+
bool SSLTranscript::GetHash(uint8_t *out, size_t *out_len) {
|
238
|
+
ScopedEVP_MD_CTX ctx;
|
245
239
|
unsigned md5_len = 0;
|
246
|
-
if (EVP_MD_CTX_md(
|
247
|
-
if (!EVP_MD_CTX_copy_ex(
|
248
|
-
!EVP_DigestFinal_ex(
|
249
|
-
|
240
|
+
if (EVP_MD_CTX_md(md5_.get()) != NULL) {
|
241
|
+
if (!EVP_MD_CTX_copy_ex(ctx.get(), md5_.get()) ||
|
242
|
+
!EVP_DigestFinal_ex(ctx.get(), out, &md5_len)) {
|
243
|
+
return false;
|
250
244
|
}
|
251
245
|
}
|
252
246
|
|
253
247
|
unsigned len;
|
254
|
-
if (!EVP_MD_CTX_copy_ex(
|
255
|
-
!EVP_DigestFinal_ex(
|
256
|
-
|
248
|
+
if (!EVP_MD_CTX_copy_ex(ctx.get(), hash_.get()) ||
|
249
|
+
!EVP_DigestFinal_ex(ctx.get(), out + md5_len, &len)) {
|
250
|
+
return false;
|
257
251
|
}
|
258
252
|
|
259
253
|
*out_len = md5_len + len;
|
260
|
-
|
261
|
-
|
262
|
-
err:
|
263
|
-
EVP_MD_CTX_cleanup(&ctx);
|
264
|
-
return ret;
|
254
|
+
return true;
|
265
255
|
}
|
266
256
|
|
267
|
-
static
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
unsigned int len;
|
273
|
-
size_t npad, n;
|
274
|
-
unsigned int i;
|
275
|
-
uint8_t md_buf[EVP_MAX_MD_SIZE];
|
276
|
-
EVP_MD_CTX ctx;
|
277
|
-
|
278
|
-
EVP_MD_CTX_init(&ctx);
|
279
|
-
if (!EVP_MD_CTX_copy_ex(&ctx, ctx_template)) {
|
280
|
-
EVP_MD_CTX_cleanup(&ctx);
|
257
|
+
static bool SSL3HandshakeMAC(const SSL_SESSION *session,
|
258
|
+
const EVP_MD_CTX *ctx_template, const char *sender,
|
259
|
+
size_t sender_len, uint8_t *p, size_t *out_len) {
|
260
|
+
ScopedEVP_MD_CTX ctx;
|
261
|
+
if (!EVP_MD_CTX_copy_ex(ctx.get(), ctx_template)) {
|
281
262
|
OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
|
282
|
-
return
|
263
|
+
return false;
|
283
264
|
}
|
284
265
|
|
285
266
|
static const uint8_t kPad1[48] = {
|
@@ -296,89 +277,83 @@ static int ssl3_handshake_mac(SSL_TRANSCRIPT *transcript,
|
|
296
277
|
0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
|
297
278
|
};
|
298
279
|
|
299
|
-
n = EVP_MD_CTX_size(
|
280
|
+
size_t n = EVP_MD_CTX_size(ctx.get());
|
300
281
|
|
301
|
-
npad = (48 / n) * n;
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
EVP_DigestFinal_ex(
|
282
|
+
size_t npad = (48 / n) * n;
|
283
|
+
EVP_DigestUpdate(ctx.get(), sender, sender_len);
|
284
|
+
EVP_DigestUpdate(ctx.get(), session->master_key, session->master_key_length);
|
285
|
+
EVP_DigestUpdate(ctx.get(), kPad1, npad);
|
286
|
+
unsigned md_buf_len;
|
287
|
+
uint8_t md_buf[EVP_MAX_MD_SIZE];
|
288
|
+
EVP_DigestFinal_ex(ctx.get(), md_buf, &md_buf_len);
|
308
289
|
|
309
|
-
if (!EVP_DigestInit_ex(
|
310
|
-
EVP_MD_CTX_cleanup(&ctx);
|
290
|
+
if (!EVP_DigestInit_ex(ctx.get(), EVP_MD_CTX_md(ctx.get()), NULL)) {
|
311
291
|
OPENSSL_PUT_ERROR(SSL, ERR_LIB_EVP);
|
312
|
-
return
|
292
|
+
return false;
|
313
293
|
}
|
314
|
-
EVP_DigestUpdate(
|
315
|
-
EVP_DigestUpdate(
|
316
|
-
EVP_DigestUpdate(
|
317
|
-
|
318
|
-
|
319
|
-
EVP_MD_CTX_cleanup(&ctx);
|
294
|
+
EVP_DigestUpdate(ctx.get(), session->master_key, session->master_key_length);
|
295
|
+
EVP_DigestUpdate(ctx.get(), kPad2, npad);
|
296
|
+
EVP_DigestUpdate(ctx.get(), md_buf, md_buf_len);
|
297
|
+
unsigned len;
|
298
|
+
EVP_DigestFinal_ex(ctx.get(), p, &len);
|
320
299
|
|
321
300
|
*out_len = len;
|
322
|
-
return
|
301
|
+
return true;
|
323
302
|
}
|
324
303
|
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
if (SSL_TRANSCRIPT_md(transcript) != EVP_md5_sha1()) {
|
304
|
+
bool SSLTranscript::GetSSL3CertVerifyHash(uint8_t *out, size_t *out_len,
|
305
|
+
const SSL_SESSION *session,
|
306
|
+
uint16_t signature_algorithm) {
|
307
|
+
if (Digest() != EVP_md5_sha1()) {
|
330
308
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
331
|
-
return
|
309
|
+
return false;
|
332
310
|
}
|
333
311
|
|
334
312
|
if (signature_algorithm == SSL_SIGN_RSA_PKCS1_MD5_SHA1) {
|
335
313
|
size_t md5_len, len;
|
336
|
-
if (!
|
337
|
-
|
338
|
-
|
339
|
-
out + md5_len, &len)) {
|
340
|
-
return 0;
|
314
|
+
if (!SSL3HandshakeMAC(session, md5_.get(), NULL, 0, out, &md5_len) ||
|
315
|
+
!SSL3HandshakeMAC(session, hash_.get(), NULL, 0, out + md5_len, &len)) {
|
316
|
+
return false;
|
341
317
|
}
|
342
318
|
*out_len = md5_len + len;
|
343
|
-
return
|
319
|
+
return true;
|
344
320
|
}
|
345
321
|
|
346
322
|
if (signature_algorithm == SSL_SIGN_ECDSA_SHA1) {
|
347
|
-
return
|
348
|
-
out, out_len);
|
323
|
+
return SSL3HandshakeMAC(session, hash_.get(), NULL, 0, out, out_len);
|
349
324
|
}
|
350
325
|
|
351
326
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
352
|
-
return
|
327
|
+
return false;
|
353
328
|
}
|
354
329
|
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
if (
|
359
|
-
if (
|
330
|
+
bool SSLTranscript::GetFinishedMAC(uint8_t *out, size_t *out_len,
|
331
|
+
const SSL_SESSION *session,
|
332
|
+
bool from_server) {
|
333
|
+
if (session->ssl_version == SSL3_VERSION) {
|
334
|
+
if (Digest() != EVP_md5_sha1()) {
|
360
335
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
361
|
-
return
|
336
|
+
return false;
|
362
337
|
}
|
363
338
|
|
364
339
|
const char *sender = from_server ? SSL3_MD_SERVER_FINISHED_CONST
|
365
340
|
: SSL3_MD_CLIENT_FINISHED_CONST;
|
366
341
|
const size_t sender_len = 4;
|
367
342
|
size_t md5_len, len;
|
368
|
-
if (!
|
369
|
-
|
370
|
-
!
|
371
|
-
|
372
|
-
return
|
343
|
+
if (!SSL3HandshakeMAC(session, md5_.get(), sender, sender_len, out,
|
344
|
+
&md5_len) ||
|
345
|
+
!SSL3HandshakeMAC(session, hash_.get(), sender, sender_len,
|
346
|
+
out + md5_len, &len)) {
|
347
|
+
return false;
|
373
348
|
}
|
374
349
|
|
375
350
|
*out_len = md5_len + len;
|
376
|
-
return
|
351
|
+
return true;
|
377
352
|
}
|
378
353
|
|
379
|
-
|
380
|
-
|
381
|
-
assert(
|
354
|
+
// At this point, the handshake should have released the handshake buffer on
|
355
|
+
// its own.
|
356
|
+
assert(!buffer_);
|
382
357
|
|
383
358
|
const char *label = TLS_MD_CLIENT_FINISH_CONST;
|
384
359
|
size_t label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
|
@@ -389,17 +364,19 @@ int SSL_TRANSCRIPT_finish_mac(SSL_TRANSCRIPT *transcript, uint8_t *out,
|
|
389
364
|
|
390
365
|
uint8_t digests[EVP_MAX_MD_SIZE];
|
391
366
|
size_t digests_len;
|
392
|
-
if (!
|
393
|
-
return
|
367
|
+
if (!GetHash(digests, &digests_len)) {
|
368
|
+
return false;
|
394
369
|
}
|
395
370
|
|
396
371
|
static const size_t kFinishedLen = 12;
|
397
|
-
if (!tls1_prf(
|
398
|
-
session->
|
399
|
-
|
400
|
-
return
|
372
|
+
if (!tls1_prf(Digest(), out, kFinishedLen, session->master_key,
|
373
|
+
session->master_key_length, label, label_len, digests,
|
374
|
+
digests_len, NULL, 0)) {
|
375
|
+
return false;
|
401
376
|
}
|
402
377
|
|
403
378
|
*out_len = kFinishedLen;
|
404
|
-
return
|
379
|
+
return true;
|
405
380
|
}
|
381
|
+
|
382
|
+
} // namespace bssl
|