wearefair-grpc 1.3.1.pre.a

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1161) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +1 -0
  3. data/Makefile +19484 -0
  4. data/etc/roots.pem +5288 -0
  5. data/include/grpc/byte_buffer.h +102 -0
  6. data/include/grpc/byte_buffer_reader.h +39 -0
  7. data/include/grpc/census.h +484 -0
  8. data/include/grpc/compression.h +85 -0
  9. data/include/grpc/grpc.h +509 -0
  10. data/include/grpc/grpc_cronet.h +51 -0
  11. data/include/grpc/grpc_posix.h +81 -0
  12. data/include/grpc/grpc_security.h +390 -0
  13. data/include/grpc/grpc_security_constants.h +114 -0
  14. data/include/grpc/impl/codegen/atm.h +100 -0
  15. data/include/grpc/impl/codegen/atm_gcc_atomic.h +97 -0
  16. data/include/grpc/impl/codegen/atm_gcc_sync.h +97 -0
  17. data/include/grpc/impl/codegen/atm_windows.h +140 -0
  18. data/include/grpc/impl/codegen/byte_buffer_reader.h +57 -0
  19. data/include/grpc/impl/codegen/compression_types.h +122 -0
  20. data/include/grpc/impl/codegen/connectivity_state.h +61 -0
  21. data/include/grpc/impl/codegen/exec_ctx_fwd.h +41 -0
  22. data/include/grpc/impl/codegen/gpr_slice.h +84 -0
  23. data/include/grpc/impl/codegen/gpr_types.h +75 -0
  24. data/include/grpc/impl/codegen/grpc_types.h +550 -0
  25. data/include/grpc/impl/codegen/port_platform.h +421 -0
  26. data/include/grpc/impl/codegen/propagation_bits.h +67 -0
  27. data/include/grpc/impl/codegen/slice.h +157 -0
  28. data/include/grpc/impl/codegen/status.h +163 -0
  29. data/include/grpc/impl/codegen/sync.h +75 -0
  30. data/include/grpc/impl/codegen/sync_generic.h +55 -0
  31. data/include/grpc/impl/codegen/sync_posix.h +47 -0
  32. data/include/grpc/impl/codegen/sync_windows.h +49 -0
  33. data/include/grpc/load_reporting.h +63 -0
  34. data/include/grpc/module.modulemap +13 -0
  35. data/include/grpc/slice.h +168 -0
  36. data/include/grpc/slice_buffer.h +94 -0
  37. data/include/grpc/status.h +39 -0
  38. data/include/grpc/support/alloc.h +82 -0
  39. data/include/grpc/support/atm.h +39 -0
  40. data/include/grpc/support/atm_gcc_atomic.h +39 -0
  41. data/include/grpc/support/atm_gcc_sync.h +39 -0
  42. data/include/grpc/support/atm_windows.h +39 -0
  43. data/include/grpc/support/avl.h +97 -0
  44. data/include/grpc/support/cmdline.h +103 -0
  45. data/include/grpc/support/cpu.h +59 -0
  46. data/include/grpc/support/histogram.h +79 -0
  47. data/include/grpc/support/host_port.h +66 -0
  48. data/include/grpc/support/log.h +118 -0
  49. data/include/grpc/support/log_windows.h +53 -0
  50. data/include/grpc/support/port_platform.h +39 -0
  51. data/include/grpc/support/string_util.h +64 -0
  52. data/include/grpc/support/subprocess.h +59 -0
  53. data/include/grpc/support/sync.h +295 -0
  54. data/include/grpc/support/sync_generic.h +39 -0
  55. data/include/grpc/support/sync_posix.h +39 -0
  56. data/include/grpc/support/sync_windows.h +39 -0
  57. data/include/grpc/support/thd.h +91 -0
  58. data/include/grpc/support/time.h +105 -0
  59. data/include/grpc/support/tls.h +77 -0
  60. data/include/grpc/support/tls_gcc.h +100 -0
  61. data/include/grpc/support/tls_msvc.h +56 -0
  62. data/include/grpc/support/tls_pthread.h +60 -0
  63. data/include/grpc/support/useful.h +80 -0
  64. data/src/boringssl/err_data.c +1270 -0
  65. data/src/core/ext/census/aggregation.h +66 -0
  66. data/src/core/ext/census/base_resources.c +71 -0
  67. data/src/core/ext/census/base_resources.h +39 -0
  68. data/src/core/ext/census/census_interface.h +76 -0
  69. data/src/core/ext/census/census_rpc_stats.h +101 -0
  70. data/src/core/ext/census/context.c +509 -0
  71. data/src/core/ext/census/gen/census.pb.c +176 -0
  72. data/src/core/ext/census/gen/census.pb.h +295 -0
  73. data/src/core/ext/census/gen/trace_context.pb.c +54 -0
  74. data/src/core/ext/census/gen/trace_context.pb.h +93 -0
  75. data/src/core/ext/census/grpc_context.c +53 -0
  76. data/src/core/ext/census/grpc_filter.c +213 -0
  77. data/src/core/ext/census/grpc_filter.h +44 -0
  78. data/src/core/ext/census/grpc_plugin.c +85 -0
  79. data/src/core/ext/census/initialize.c +66 -0
  80. data/src/core/ext/census/mlog.c +600 -0
  81. data/src/core/ext/census/mlog.h +95 -0
  82. data/src/core/ext/census/operation.c +63 -0
  83. data/src/core/ext/census/placeholders.c +64 -0
  84. data/src/core/ext/census/resource.c +312 -0
  85. data/src/core/ext/census/resource.h +63 -0
  86. data/src/core/ext/census/rpc_metric_id.h +51 -0
  87. data/src/core/ext/census/trace_context.c +86 -0
  88. data/src/core/ext/census/trace_context.h +71 -0
  89. data/src/core/ext/census/trace_label.h +61 -0
  90. data/src/core/ext/census/trace_propagation.h +63 -0
  91. data/src/core/ext/census/trace_status.h +45 -0
  92. data/src/core/ext/census/trace_string.h +50 -0
  93. data/src/core/ext/census/tracing.c +71 -0
  94. data/src/core/ext/census/tracing.h +124 -0
  95. data/src/core/ext/filters/client_channel/channel_connectivity.c +226 -0
  96. data/src/core/ext/filters/client_channel/client_channel.c +1410 -0
  97. data/src/core/ext/filters/client_channel/client_channel.h +64 -0
  98. data/src/core/ext/filters/client_channel/client_channel_factory.c +87 -0
  99. data/src/core/ext/filters/client_channel/client_channel_factory.h +92 -0
  100. data/src/core/ext/filters/client_channel/client_channel_plugin.c +106 -0
  101. data/src/core/ext/filters/client_channel/connector.c +55 -0
  102. data/src/core/ext/filters/client_channel/connector.h +88 -0
  103. data/src/core/ext/filters/client_channel/http_connect_handshaker.c +389 -0
  104. data/src/core/ext/filters/client_channel/http_connect_handshaker.h +49 -0
  105. data/src/core/ext/filters/client_channel/http_proxy.c +125 -0
  106. data/src/core/ext/filters/client_channel/http_proxy.h +39 -0
  107. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.c +1419 -0
  108. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +44 -0
  109. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +57 -0
  110. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.c +107 -0
  111. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.c +249 -0
  112. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +105 -0
  113. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +88 -0
  114. data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +158 -0
  115. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.c +476 -0
  116. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.c +795 -0
  117. data/src/core/ext/filters/client_channel/lb_policy.c +167 -0
  118. data/src/core/ext/filters/client_channel/lb_policy.h +209 -0
  119. data/src/core/ext/filters/client_channel/lb_policy_factory.c +163 -0
  120. data/src/core/ext/filters/client_channel/lb_policy_factory.h +134 -0
  121. data/src/core/ext/filters/client_channel/lb_policy_registry.c +85 -0
  122. data/src/core/ext/filters/client_channel/lb_policy_registry.h +55 -0
  123. data/src/core/ext/filters/client_channel/parse_address.c +170 -0
  124. data/src/core/ext/filters/client_channel/parse_address.h +54 -0
  125. data/src/core/ext/filters/client_channel/proxy_mapper.c +63 -0
  126. data/src/core/ext/filters/client_channel/proxy_mapper.h +89 -0
  127. data/src/core/ext/filters/client_channel/proxy_mapper_registry.c +139 -0
  128. data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +59 -0
  129. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.c +350 -0
  130. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +66 -0
  131. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.c +319 -0
  132. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.c +289 -0
  133. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +64 -0
  134. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.c +325 -0
  135. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.c +234 -0
  136. data/src/core/ext/filters/client_channel/resolver.c +88 -0
  137. data/src/core/ext/filters/client_channel/resolver.h +101 -0
  138. data/src/core/ext/filters/client_channel/resolver_factory.c +56 -0
  139. data/src/core/ext/filters/client_channel/resolver_factory.h +85 -0
  140. data/src/core/ext/filters/client_channel/resolver_registry.c +174 -0
  141. data/src/core/ext/filters/client_channel/resolver_registry.h +84 -0
  142. data/src/core/ext/filters/client_channel/retry_throttle.c +210 -0
  143. data/src/core/ext/filters/client_channel/retry_throttle.h +65 -0
  144. data/src/core/ext/filters/client_channel/subchannel.c +835 -0
  145. data/src/core/ext/filters/client_channel/subchannel.h +203 -0
  146. data/src/core/ext/filters/client_channel/subchannel_index.c +262 -0
  147. data/src/core/ext/filters/client_channel/subchannel_index.h +77 -0
  148. data/src/core/ext/filters/client_channel/uri_parser.c +315 -0
  149. data/src/core/ext/filters/client_channel/uri_parser.h +65 -0
  150. data/src/core/ext/filters/load_reporting/load_reporting.c +106 -0
  151. data/src/core/ext/filters/load_reporting/load_reporting.h +73 -0
  152. data/src/core/ext/filters/load_reporting/load_reporting_filter.c +218 -0
  153. data/src/core/ext/filters/load_reporting/load_reporting_filter.h +42 -0
  154. data/src/core/ext/filters/max_age/max_age_filter.c +439 -0
  155. data/src/core/ext/filters/max_age/max_age_filter.h +39 -0
  156. data/src/core/ext/transport/chttp2/alpn/alpn.c +56 -0
  157. data/src/core/ext/transport/chttp2/alpn/alpn.h +49 -0
  158. data/src/core/ext/transport/chttp2/client/chttp2_connector.c +221 -0
  159. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +41 -0
  160. data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +121 -0
  161. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.c +95 -0
  162. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.c +239 -0
  163. data/src/core/ext/transport/chttp2/server/chttp2_server.c +304 -0
  164. data/src/core/ext/transport/chttp2/server/chttp2_server.h +47 -0
  165. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.c +59 -0
  166. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.c +90 -0
  167. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c +101 -0
  168. data/src/core/ext/transport/chttp2/transport/bin_decoder.c +236 -0
  169. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +67 -0
  170. data/src/core/ext/transport/chttp2/transport/bin_encoder.c +241 -0
  171. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +54 -0
  172. data/src/core/ext/transport/chttp2/transport/chttp2_plugin.c +43 -0
  173. data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +2847 -0
  174. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +53 -0
  175. data/src/core/ext/transport/chttp2/transport/frame.h +61 -0
  176. data/src/core/ext/transport/chttp2/transport/frame_data.c +287 -0
  177. data/src/core/ext/transport/chttp2/transport/frame_data.h +104 -0
  178. data/src/core/ext/transport/chttp2/transport/frame_goaway.c +198 -0
  179. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +78 -0
  180. data/src/core/ext/transport/chttp2/transport/frame_ping.c +145 -0
  181. data/src/core/ext/transport/chttp2/transport/frame_ping.h +59 -0
  182. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +125 -0
  183. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +58 -0
  184. data/src/core/ext/transport/chttp2/transport/frame_settings.c +239 -0
  185. data/src/core/ext/transport/chttp2/transport/frame_settings.h +76 -0
  186. data/src/core/ext/transport/chttp2/transport/frame_window_update.c +134 -0
  187. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +57 -0
  188. data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +661 -0
  189. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +107 -0
  190. data/src/core/ext/transport/chttp2/transport/hpack_parser.c +1734 -0
  191. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +129 -0
  192. data/src/core/ext/transport/chttp2/transport/hpack_table.c +383 -0
  193. data/src/core/ext/transport/chttp2/transport/hpack_table.h +112 -0
  194. data/src/core/ext/transport/chttp2/transport/http2_settings.c +75 -0
  195. data/src/core/ext/transport/chttp2/transport/http2_settings.h +74 -0
  196. data/src/core/ext/transport/chttp2/transport/huffsyms.c +105 -0
  197. data/src/core/ext/transport/chttp2/transport/huffsyms.h +48 -0
  198. data/src/core/ext/transport/chttp2/transport/incoming_metadata.c +88 -0
  199. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +63 -0
  200. data/src/core/ext/transport/chttp2/transport/internal.h +852 -0
  201. data/src/core/ext/transport/chttp2/transport/parsing.c +825 -0
  202. data/src/core/ext/transport/chttp2/transport/stream_lists.c +194 -0
  203. data/src/core/ext/transport/chttp2/transport/stream_map.c +176 -0
  204. data/src/core/ext/transport/chttp2/transport/stream_map.h +83 -0
  205. data/src/core/ext/transport/chttp2/transport/varint.c +65 -0
  206. data/src/core/ext/transport/chttp2/transport/varint.h +75 -0
  207. data/src/core/ext/transport/chttp2/transport/writing.c +429 -0
  208. data/src/core/lib/channel/channel_args.c +355 -0
  209. data/src/core/lib/channel/channel_args.h +126 -0
  210. data/src/core/lib/channel/channel_stack.c +291 -0
  211. data/src/core/lib/channel/channel_stack.h +319 -0
  212. data/src/core/lib/channel/channel_stack_builder.c +284 -0
  213. data/src/core/lib/channel/channel_stack_builder.h +170 -0
  214. data/src/core/lib/channel/compress_filter.c +353 -0
  215. data/src/core/lib/channel/compress_filter.h +67 -0
  216. data/src/core/lib/channel/connected_channel.c +188 -0
  217. data/src/core/lib/channel/connected_channel.h +48 -0
  218. data/src/core/lib/channel/context.h +64 -0
  219. data/src/core/lib/channel/deadline_filter.c +348 -0
  220. data/src/core/lib/channel/deadline_filter.h +102 -0
  221. data/src/core/lib/channel/handshaker.c +281 -0
  222. data/src/core/lib/channel/handshaker.h +182 -0
  223. data/src/core/lib/channel/handshaker_factory.c +54 -0
  224. data/src/core/lib/channel/handshaker_factory.h +66 -0
  225. data/src/core/lib/channel/handshaker_registry.c +113 -0
  226. data/src/core/lib/channel/handshaker_registry.h +63 -0
  227. data/src/core/lib/channel/http_client_filter.c +601 -0
  228. data/src/core/lib/channel/http_client_filter.h +47 -0
  229. data/src/core/lib/channel/http_server_filter.c +445 -0
  230. data/src/core/lib/channel/http_server_filter.h +42 -0
  231. data/src/core/lib/channel/message_size_filter.c +270 -0
  232. data/src/core/lib/channel/message_size_filter.h +39 -0
  233. data/src/core/lib/compression/algorithm_metadata.h +53 -0
  234. data/src/core/lib/compression/compression.c +198 -0
  235. data/src/core/lib/compression/message_compress.c +204 -0
  236. data/src/core/lib/compression/message_compress.h +54 -0
  237. data/src/core/lib/debug/trace.c +140 -0
  238. data/src/core/lib/debug/trace.h +43 -0
  239. data/src/core/lib/http/format_request.c +135 -0
  240. data/src/core/lib/http/format_request.h +47 -0
  241. data/src/core/lib/http/httpcli.c +336 -0
  242. data/src/core/lib/http/httpcli.h +141 -0
  243. data/src/core/lib/http/httpcli_security_connector.c +199 -0
  244. data/src/core/lib/http/parser.c +379 -0
  245. data/src/core/lib/http/parser.h +126 -0
  246. data/src/core/lib/iomgr/closure.c +168 -0
  247. data/src/core/lib/iomgr/closure.h +153 -0
  248. data/src/core/lib/iomgr/combiner.c +460 -0
  249. data/src/core/lib/iomgr/combiner.h +83 -0
  250. data/src/core/lib/iomgr/endpoint.c +78 -0
  251. data/src/core/lib/iomgr/endpoint.h +117 -0
  252. data/src/core/lib/iomgr/endpoint_pair.h +47 -0
  253. data/src/core/lib/iomgr/endpoint_pair_posix.c +87 -0
  254. data/src/core/lib/iomgr/endpoint_pair_uv.c +53 -0
  255. data/src/core/lib/iomgr/endpoint_pair_windows.c +101 -0
  256. data/src/core/lib/iomgr/error.c +793 -0
  257. data/src/core/lib/iomgr/error.h +218 -0
  258. data/src/core/lib/iomgr/error_internal.h +75 -0
  259. data/src/core/lib/iomgr/ev_epoll_linux.c +1965 -0
  260. data/src/core/lib/iomgr/ev_epoll_linux.h +48 -0
  261. data/src/core/lib/iomgr/ev_poll_posix.c +1593 -0
  262. data/src/core/lib/iomgr/ev_poll_posix.h +42 -0
  263. data/src/core/lib/iomgr/ev_posix.c +287 -0
  264. data/src/core/lib/iomgr/ev_posix.h +189 -0
  265. data/src/core/lib/iomgr/exec_ctx.c +117 -0
  266. data/src/core/lib/iomgr/exec_ctx.h +117 -0
  267. data/src/core/lib/iomgr/executor.c +170 -0
  268. data/src/core/lib/iomgr/executor.h +51 -0
  269. data/src/core/lib/iomgr/iocp_windows.c +168 -0
  270. data/src/core/lib/iomgr/iocp_windows.h +55 -0
  271. data/src/core/lib/iomgr/iomgr.c +183 -0
  272. data/src/core/lib/iomgr/iomgr.h +47 -0
  273. data/src/core/lib/iomgr/iomgr_internal.h +58 -0
  274. data/src/core/lib/iomgr/iomgr_posix.c +56 -0
  275. data/src/core/lib/iomgr/iomgr_posix.h +39 -0
  276. data/src/core/lib/iomgr/iomgr_uv.c +49 -0
  277. data/src/core/lib/iomgr/iomgr_windows.c +76 -0
  278. data/src/core/lib/iomgr/load_file.c +92 -0
  279. data/src/core/lib/iomgr/load_file.h +56 -0
  280. data/src/core/lib/iomgr/lockfree_event.c +238 -0
  281. data/src/core/lib/iomgr/lockfree_event.h +54 -0
  282. data/src/core/lib/iomgr/network_status_tracker.c +48 -0
  283. data/src/core/lib/iomgr/network_status_tracker.h +45 -0
  284. data/src/core/lib/iomgr/polling_entity.c +104 -0
  285. data/src/core/lib/iomgr/polling_entity.h +81 -0
  286. data/src/core/lib/iomgr/pollset.h +97 -0
  287. data/src/core/lib/iomgr/pollset_set.h +62 -0
  288. data/src/core/lib/iomgr/pollset_set_uv.c +63 -0
  289. data/src/core/lib/iomgr/pollset_set_windows.c +64 -0
  290. data/src/core/lib/iomgr/pollset_set_windows.h +39 -0
  291. data/src/core/lib/iomgr/pollset_uv.c +156 -0
  292. data/src/core/lib/iomgr/pollset_uv.h +42 -0
  293. data/src/core/lib/iomgr/pollset_windows.c +232 -0
  294. data/src/core/lib/iomgr/pollset_windows.h +78 -0
  295. data/src/core/lib/iomgr/port.h +138 -0
  296. data/src/core/lib/iomgr/resolve_address.h +70 -0
  297. data/src/core/lib/iomgr/resolve_address_posix.c +207 -0
  298. data/src/core/lib/iomgr/resolve_address_uv.c +284 -0
  299. data/src/core/lib/iomgr/resolve_address_windows.c +190 -0
  300. data/src/core/lib/iomgr/resource_quota.c +877 -0
  301. data/src/core/lib/iomgr/resource_quota.h +167 -0
  302. data/src/core/lib/iomgr/sockaddr.h +55 -0
  303. data/src/core/lib/iomgr/sockaddr_posix.h +44 -0
  304. data/src/core/lib/iomgr/sockaddr_utils.c +272 -0
  305. data/src/core/lib/iomgr/sockaddr_utils.h +93 -0
  306. data/src/core/lib/iomgr/sockaddr_windows.h +43 -0
  307. data/src/core/lib/iomgr/socket_factory_posix.c +110 -0
  308. data/src/core/lib/iomgr/socket_factory_posix.h +90 -0
  309. data/src/core/lib/iomgr/socket_mutator.c +98 -0
  310. data/src/core/lib/iomgr/socket_mutator.h +80 -0
  311. data/src/core/lib/iomgr/socket_utils.h +42 -0
  312. data/src/core/lib/iomgr/socket_utils_common_posix.c +330 -0
  313. data/src/core/lib/iomgr/socket_utils_linux.c +57 -0
  314. data/src/core/lib/iomgr/socket_utils_posix.c +73 -0
  315. data/src/core/lib/iomgr/socket_utils_posix.h +147 -0
  316. data/src/core/lib/iomgr/socket_utils_uv.c +49 -0
  317. data/src/core/lib/iomgr/socket_utils_windows.c +52 -0
  318. data/src/core/lib/iomgr/socket_windows.c +167 -0
  319. data/src/core/lib/iomgr/socket_windows.h +125 -0
  320. data/src/core/lib/iomgr/tcp_client.h +55 -0
  321. data/src/core/lib/iomgr/tcp_client_posix.c +368 -0
  322. data/src/core/lib/iomgr/tcp_client_posix.h +45 -0
  323. data/src/core/lib/iomgr/tcp_client_uv.c +192 -0
  324. data/src/core/lib/iomgr/tcp_client_windows.c +260 -0
  325. data/src/core/lib/iomgr/tcp_posix.c +677 -0
  326. data/src/core/lib/iomgr/tcp_posix.h +70 -0
  327. data/src/core/lib/iomgr/tcp_server.h +116 -0
  328. data/src/core/lib/iomgr/tcp_server_posix.c +579 -0
  329. data/src/core/lib/iomgr/tcp_server_utils_posix.h +135 -0
  330. data/src/core/lib/iomgr/tcp_server_utils_posix_common.c +221 -0
  331. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.c +196 -0
  332. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.c +49 -0
  333. data/src/core/lib/iomgr/tcp_server_uv.c +393 -0
  334. data/src/core/lib/iomgr/tcp_server_windows.c +558 -0
  335. data/src/core/lib/iomgr/tcp_uv.c +374 -0
  336. data/src/core/lib/iomgr/tcp_uv.h +59 -0
  337. data/src/core/lib/iomgr/tcp_windows.c +462 -0
  338. data/src/core/lib/iomgr/tcp_windows.h +59 -0
  339. data/src/core/lib/iomgr/time_averaged_stats.c +77 -0
  340. data/src/core/lib/iomgr/time_averaged_stats.h +88 -0
  341. data/src/core/lib/iomgr/timer.h +111 -0
  342. data/src/core/lib/iomgr/timer_generic.c +567 -0
  343. data/src/core/lib/iomgr/timer_generic.h +49 -0
  344. data/src/core/lib/iomgr/timer_heap.c +152 -0
  345. data/src/core/lib/iomgr/timer_heap.h +57 -0
  346. data/src/core/lib/iomgr/timer_uv.c +103 -0
  347. data/src/core/lib/iomgr/timer_uv.h +47 -0
  348. data/src/core/lib/iomgr/udp_server.c +529 -0
  349. data/src/core/lib/iomgr/udp_server.h +89 -0
  350. data/src/core/lib/iomgr/unix_sockets_posix.c +108 -0
  351. data/src/core/lib/iomgr/unix_sockets_posix.h +56 -0
  352. data/src/core/lib/iomgr/unix_sockets_posix_noop.c +62 -0
  353. data/src/core/lib/iomgr/wakeup_fd_cv.c +118 -0
  354. data/src/core/lib/iomgr/wakeup_fd_cv.h +80 -0
  355. data/src/core/lib/iomgr/wakeup_fd_eventfd.c +97 -0
  356. data/src/core/lib/iomgr/wakeup_fd_nospecial.c +51 -0
  357. data/src/core/lib/iomgr/wakeup_fd_pipe.c +112 -0
  358. data/src/core/lib/iomgr/wakeup_fd_pipe.h +41 -0
  359. data/src/core/lib/iomgr/wakeup_fd_posix.c +101 -0
  360. data/src/core/lib/iomgr/wakeup_fd_posix.h +109 -0
  361. data/src/core/lib/iomgr/workqueue.h +87 -0
  362. data/src/core/lib/iomgr/workqueue_uv.c +65 -0
  363. data/src/core/lib/iomgr/workqueue_uv.h +37 -0
  364. data/src/core/lib/iomgr/workqueue_windows.c +63 -0
  365. data/src/core/lib/iomgr/workqueue_windows.h +37 -0
  366. data/src/core/lib/json/json.c +63 -0
  367. data/src/core/lib/json/json.h +88 -0
  368. data/src/core/lib/json/json_common.h +49 -0
  369. data/src/core/lib/json/json_reader.c +675 -0
  370. data/src/core/lib/json/json_reader.h +160 -0
  371. data/src/core/lib/json/json_string.c +379 -0
  372. data/src/core/lib/json/json_writer.c +258 -0
  373. data/src/core/lib/json/json_writer.h +97 -0
  374. data/src/core/lib/profiling/basic_timers.c +298 -0
  375. data/src/core/lib/profiling/stap_timers.c +65 -0
  376. data/src/core/lib/profiling/timers.h +121 -0
  377. data/src/core/lib/security/context/security_context.c +350 -0
  378. data/src/core/lib/security/context/security_context.h +134 -0
  379. data/src/core/lib/security/credentials/composite/composite_credentials.c +274 -0
  380. data/src/core/lib/security/credentials/composite/composite_credentials.h +72 -0
  381. data/src/core/lib/security/credentials/credentials.c +308 -0
  382. data/src/core/lib/security/credentials/credentials.h +268 -0
  383. data/src/core/lib/security/credentials/credentials_metadata.c +103 -0
  384. data/src/core/lib/security/credentials/fake/fake_credentials.c +141 -0
  385. data/src/core/lib/security/credentials/fake/fake_credentials.h +71 -0
  386. data/src/core/lib/security/credentials/google_default/credentials_generic.c +54 -0
  387. data/src/core/lib/security/credentials/google_default/google_default_credentials.c +337 -0
  388. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +60 -0
  389. data/src/core/lib/security/credentials/iam/iam_credentials.c +85 -0
  390. data/src/core/lib/security/credentials/iam/iam_credentials.h +44 -0
  391. data/src/core/lib/security/credentials/jwt/json_token.c +321 -0
  392. data/src/core/lib/security/credentials/jwt/json_token.h +88 -0
  393. data/src/core/lib/security/credentials/jwt/jwt_credentials.c +195 -0
  394. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +63 -0
  395. data/src/core/lib/security/credentials/jwt/jwt_verifier.c +910 -0
  396. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +140 -0
  397. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +468 -0
  398. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +109 -0
  399. data/src/core/lib/security/credentials/plugin/plugin_credentials.c +153 -0
  400. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +45 -0
  401. data/src/core/lib/security/credentials/ssl/ssl_credentials.c +242 -0
  402. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +48 -0
  403. data/src/core/lib/security/transport/auth_filters.h +42 -0
  404. data/src/core/lib/security/transport/client_auth_filter.c +384 -0
  405. data/src/core/lib/security/transport/lb_targets_info.c +70 -0
  406. data/src/core/lib/security/transport/lb_targets_info.h +47 -0
  407. data/src/core/lib/security/transport/secure_endpoint.c +427 -0
  408. data/src/core/lib/security/transport/secure_endpoint.h +49 -0
  409. data/src/core/lib/security/transport/security_connector.c +909 -0
  410. data/src/core/lib/security/transport/security_connector.h +252 -0
  411. data/src/core/lib/security/transport/security_handshaker.c +507 -0
  412. data/src/core/lib/security/transport/security_handshaker.h +49 -0
  413. data/src/core/lib/security/transport/server_auth_filter.c +277 -0
  414. data/src/core/lib/security/transport/tsi_error.c +42 -0
  415. data/src/core/lib/security/transport/tsi_error.h +42 -0
  416. data/src/core/lib/security/util/json_util.c +61 -0
  417. data/src/core/lib/security/util/json_util.h +55 -0
  418. data/src/core/lib/slice/b64.c +251 -0
  419. data/src/core/lib/slice/b64.h +65 -0
  420. data/src/core/lib/slice/percent_encoding.c +182 -0
  421. data/src/core/lib/slice/percent_encoding.h +78 -0
  422. data/src/core/lib/slice/slice.c +466 -0
  423. data/src/core/lib/slice/slice_buffer.c +355 -0
  424. data/src/core/lib/slice/slice_hash_table.c +125 -0
  425. data/src/core/lib/slice/slice_hash_table.h +77 -0
  426. data/src/core/lib/slice/slice_intern.c +346 -0
  427. data/src/core/lib/slice/slice_internal.h +64 -0
  428. data/src/core/lib/slice/slice_string_helpers.c +95 -0
  429. data/src/core/lib/slice/slice_string_helpers.h +63 -0
  430. data/src/core/lib/support/alloc.c +117 -0
  431. data/src/core/lib/support/arena.c +98 -0
  432. data/src/core/lib/support/arena.h +54 -0
  433. data/src/core/lib/support/atm.c +47 -0
  434. data/src/core/lib/support/avl.c +299 -0
  435. data/src/core/lib/support/backoff.c +87 -0
  436. data/src/core/lib/support/backoff.h +71 -0
  437. data/src/core/lib/support/block_annotate.h +48 -0
  438. data/src/core/lib/support/cmdline.c +345 -0
  439. data/src/core/lib/support/cpu_iphone.c +49 -0
  440. data/src/core/lib/support/cpu_linux.c +83 -0
  441. data/src/core/lib/support/cpu_posix.c +72 -0
  442. data/src/core/lib/support/cpu_windows.c +47 -0
  443. data/src/core/lib/support/env.h +58 -0
  444. data/src/core/lib/support/env_linux.c +89 -0
  445. data/src/core/lib/support/env_posix.c +57 -0
  446. data/src/core/lib/support/env_windows.c +79 -0
  447. data/src/core/lib/support/histogram.c +243 -0
  448. data/src/core/lib/support/host_port.c +110 -0
  449. data/src/core/lib/support/log.c +103 -0
  450. data/src/core/lib/support/log_android.c +87 -0
  451. data/src/core/lib/support/log_linux.c +105 -0
  452. data/src/core/lib/support/log_posix.c +106 -0
  453. data/src/core/lib/support/log_windows.c +112 -0
  454. data/src/core/lib/support/mpscq.c +83 -0
  455. data/src/core/lib/support/mpscq.h +65 -0
  456. data/src/core/lib/support/murmur_hash.c +94 -0
  457. data/src/core/lib/support/murmur_hash.h +44 -0
  458. data/src/core/lib/support/spinlock.h +52 -0
  459. data/src/core/lib/support/stack_lockfree.c +185 -0
  460. data/src/core/lib/support/stack_lockfree.h +53 -0
  461. data/src/core/lib/support/string.c +315 -0
  462. data/src/core/lib/support/string.h +128 -0
  463. data/src/core/lib/support/string_posix.c +86 -0
  464. data/src/core/lib/support/string_util_windows.c +94 -0
  465. data/src/core/lib/support/string_windows.c +83 -0
  466. data/src/core/lib/support/string_windows.h +47 -0
  467. data/src/core/lib/support/subprocess_posix.c +114 -0
  468. data/src/core/lib/support/subprocess_windows.c +141 -0
  469. data/src/core/lib/support/sync.c +137 -0
  470. data/src/core/lib/support/sync_posix.c +113 -0
  471. data/src/core/lib/support/sync_windows.c +133 -0
  472. data/src/core/lib/support/thd.c +64 -0
  473. data/src/core/lib/support/thd_internal.h +39 -0
  474. data/src/core/lib/support/thd_posix.c +95 -0
  475. data/src/core/lib/support/thd_windows.c +117 -0
  476. data/src/core/lib/support/time.c +262 -0
  477. data/src/core/lib/support/time_posix.c +176 -0
  478. data/src/core/lib/support/time_precise.c +89 -0
  479. data/src/core/lib/support/time_precise.h +42 -0
  480. data/src/core/lib/support/time_windows.c +116 -0
  481. data/src/core/lib/support/tls_pthread.c +45 -0
  482. data/src/core/lib/support/tmpfile.h +53 -0
  483. data/src/core/lib/support/tmpfile_msys.c +73 -0
  484. data/src/core/lib/support/tmpfile_posix.c +85 -0
  485. data/src/core/lib/support/tmpfile_windows.c +84 -0
  486. data/src/core/lib/support/wrap_memcpy.c +55 -0
  487. data/src/core/lib/surface/alarm.c +87 -0
  488. data/src/core/lib/surface/api_trace.c +36 -0
  489. data/src/core/lib/surface/api_trace.h +65 -0
  490. data/src/core/lib/surface/byte_buffer.c +103 -0
  491. data/src/core/lib/surface/byte_buffer_reader.c +140 -0
  492. data/src/core/lib/surface/call.c +1835 -0
  493. data/src/core/lib/surface/call.h +135 -0
  494. data/src/core/lib/surface/call_details.c +56 -0
  495. data/src/core/lib/surface/call_log_batch.c +131 -0
  496. data/src/core/lib/surface/call_test_only.h +64 -0
  497. data/src/core/lib/surface/channel.c +434 -0
  498. data/src/core/lib/surface/channel.h +99 -0
  499. data/src/core/lib/surface/channel_init.c +140 -0
  500. data/src/core/lib/surface/channel_init.h +96 -0
  501. data/src/core/lib/surface/channel_ping.c +80 -0
  502. data/src/core/lib/surface/channel_stack_type.c +54 -0
  503. data/src/core/lib/surface/channel_stack_type.h +58 -0
  504. data/src/core/lib/surface/completion_queue.c +692 -0
  505. data/src/core/lib/surface/completion_queue.h +102 -0
  506. data/src/core/lib/surface/completion_queue_factory.c +77 -0
  507. data/src/core/lib/surface/completion_queue_factory.h +51 -0
  508. data/src/core/lib/surface/event_string.c +81 -0
  509. data/src/core/lib/surface/event_string.h +42 -0
  510. data/src/core/lib/surface/init.c +261 -0
  511. data/src/core/lib/surface/init.h +42 -0
  512. data/src/core/lib/surface/init_secure.c +94 -0
  513. data/src/core/lib/surface/lame_client.c +188 -0
  514. data/src/core/lib/surface/lame_client.h +41 -0
  515. data/src/core/lib/surface/metadata_array.c +49 -0
  516. data/src/core/lib/surface/server.c +1529 -0
  517. data/src/core/lib/surface/server.h +71 -0
  518. data/src/core/lib/surface/validate_metadata.c +108 -0
  519. data/src/core/lib/surface/validate_metadata.h +43 -0
  520. data/src/core/lib/surface/version.c +41 -0
  521. data/src/core/lib/transport/bdp_estimator.c +104 -0
  522. data/src/core/lib/transport/bdp_estimator.h +76 -0
  523. data/src/core/lib/transport/byte_stream.c +81 -0
  524. data/src/core/lib/transport/byte_stream.h +85 -0
  525. data/src/core/lib/transport/connectivity_state.c +219 -0
  526. data/src/core/lib/transport/connectivity_state.h +101 -0
  527. data/src/core/lib/transport/error_utils.c +124 -0
  528. data/src/core/lib/transport/error_utils.h +56 -0
  529. data/src/core/lib/transport/http2_errors.h +56 -0
  530. data/src/core/lib/transport/metadata.c +529 -0
  531. data/src/core/lib/transport/metadata.h +186 -0
  532. data/src/core/lib/transport/metadata_batch.c +328 -0
  533. data/src/core/lib/transport/metadata_batch.h +166 -0
  534. data/src/core/lib/transport/pid_controller.c +78 -0
  535. data/src/core/lib/transport/pid_controller.h +77 -0
  536. data/src/core/lib/transport/service_config.c +266 -0
  537. data/src/core/lib/transport/service_config.h +77 -0
  538. data/src/core/lib/transport/static_metadata.c +801 -0
  539. data/src/core/lib/transport/static_metadata.h +557 -0
  540. data/src/core/lib/transport/status_conversion.c +113 -0
  541. data/src/core/lib/transport/status_conversion.h +49 -0
  542. data/src/core/lib/transport/timeout_encoding.c +190 -0
  543. data/src/core/lib/transport/timeout_encoding.h +49 -0
  544. data/src/core/lib/transport/transport.c +282 -0
  545. data/src/core/lib/transport/transport.h +354 -0
  546. data/src/core/lib/transport/transport_impl.h +90 -0
  547. data/src/core/lib/transport/transport_op_string.c +217 -0
  548. data/src/core/plugin_registry/grpc_plugin_registry.c +82 -0
  549. data/src/core/tsi/fake_transport_security.c +527 -0
  550. data/src/core/tsi/fake_transport_security.h +61 -0
  551. data/src/core/tsi/ssl_transport_security.c +1533 -0
  552. data/src/core/tsi/ssl_transport_security.h +214 -0
  553. data/src/core/tsi/ssl_types.h +55 -0
  554. data/src/core/tsi/transport_security.c +266 -0
  555. data/src/core/tsi/transport_security.h +111 -0
  556. data/src/core/tsi/transport_security_interface.h +353 -0
  557. data/src/ruby/bin/apis/google/protobuf/empty.rb +44 -0
  558. data/src/ruby/bin/apis/pubsub_demo.rb +256 -0
  559. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub.rb +174 -0
  560. data/src/ruby/bin/apis/tech/pubsub/proto/pubsub_services.rb +103 -0
  561. data/src/ruby/bin/math_client.rb +147 -0
  562. data/src/ruby/bin/math_pb.rb +32 -0
  563. data/src/ruby/bin/math_server.rb +206 -0
  564. data/src/ruby/bin/math_services_pb.rb +66 -0
  565. data/src/ruby/bin/noproto_client.rb +108 -0
  566. data/src/ruby/bin/noproto_server.rb +112 -0
  567. data/src/ruby/ext/grpc/extconf.rb +131 -0
  568. data/src/ruby/ext/grpc/rb_byte_buffer.c +77 -0
  569. data/src/ruby/ext/grpc/rb_byte_buffer.h +50 -0
  570. data/src/ruby/ext/grpc/rb_call.c +1009 -0
  571. data/src/ruby/ext/grpc/rb_call.h +66 -0
  572. data/src/ruby/ext/grpc/rb_call_credentials.c +295 -0
  573. data/src/ruby/ext/grpc/rb_call_credentials.h +46 -0
  574. data/src/ruby/ext/grpc/rb_channel.c +662 -0
  575. data/src/ruby/ext/grpc/rb_channel.h +49 -0
  576. data/src/ruby/ext/grpc/rb_channel_args.c +168 -0
  577. data/src/ruby/ext/grpc/rb_channel_args.h +53 -0
  578. data/src/ruby/ext/grpc/rb_channel_credentials.c +268 -0
  579. data/src/ruby/ext/grpc/rb_channel_credentials.h +47 -0
  580. data/src/ruby/ext/grpc/rb_completion_queue.c +117 -0
  581. data/src/ruby/ext/grpc/rb_completion_queue.h +51 -0
  582. data/src/ruby/ext/grpc/rb_compression_options.c +472 -0
  583. data/src/ruby/ext/grpc/rb_compression_options.h +44 -0
  584. data/src/ruby/ext/grpc/rb_event_thread.c +158 -0
  585. data/src/ruby/ext/grpc/rb_event_thread.h +37 -0
  586. data/src/ruby/ext/grpc/rb_grpc.c +343 -0
  587. data/src/ruby/ext/grpc/rb_grpc.h +87 -0
  588. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +634 -0
  589. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +955 -0
  590. data/src/ruby/ext/grpc/rb_loader.c +72 -0
  591. data/src/ruby/ext/grpc/rb_loader.h +40 -0
  592. data/src/ruby/ext/grpc/rb_server.c +359 -0
  593. data/src/ruby/ext/grpc/rb_server.h +47 -0
  594. data/src/ruby/ext/grpc/rb_server_credentials.c +258 -0
  595. data/src/ruby/ext/grpc/rb_server_credentials.h +47 -0
  596. data/src/ruby/lib/grpc/core/time_consts.rb +71 -0
  597. data/src/ruby/lib/grpc/errors.rb +215 -0
  598. data/src/ruby/lib/grpc/generic/active_call.rb +547 -0
  599. data/src/ruby/lib/grpc/generic/bidi_call.rb +229 -0
  600. data/src/ruby/lib/grpc/generic/client_stub.rb +463 -0
  601. data/src/ruby/lib/grpc/generic/rpc_desc.rb +173 -0
  602. data/src/ruby/lib/grpc/generic/rpc_server.rb +476 -0
  603. data/src/ruby/lib/grpc/generic/service.rb +225 -0
  604. data/src/ruby/lib/grpc/grpc.rb +39 -0
  605. data/src/ruby/lib/grpc/grpc_c.bundle +0 -0
  606. data/src/ruby/lib/grpc/logconfig.rb +59 -0
  607. data/src/ruby/lib/grpc/notifier.rb +60 -0
  608. data/src/ruby/lib/grpc/version.rb +33 -0
  609. data/src/ruby/lib/grpc.rb +49 -0
  610. data/src/ruby/pb/README.md +42 -0
  611. data/src/ruby/pb/generate_proto_ruby.sh +58 -0
  612. data/src/ruby/pb/grpc/health/checker.rb +77 -0
  613. data/src/ruby/pb/grpc/health/v1/health_pb.rb +28 -0
  614. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +56 -0
  615. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +58 -0
  616. data/src/ruby/pb/grpc/testing/metrics_pb.rb +28 -0
  617. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +64 -0
  618. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +15 -0
  619. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +82 -0
  620. data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +14 -0
  621. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +117 -0
  622. data/src/ruby/pb/test/client.rb +779 -0
  623. data/src/ruby/pb/test/server.rb +267 -0
  624. data/src/ruby/spec/call_credentials_spec.rb +57 -0
  625. data/src/ruby/spec/call_spec.rb +162 -0
  626. data/src/ruby/spec/channel_connection_spec.rb +141 -0
  627. data/src/ruby/spec/channel_credentials_spec.rb +97 -0
  628. data/src/ruby/spec/channel_spec.rb +205 -0
  629. data/src/ruby/spec/client_server_spec.rb +491 -0
  630. data/src/ruby/spec/compression_options_spec.rb +164 -0
  631. data/src/ruby/spec/error_sanity_spec.rb +64 -0
  632. data/src/ruby/spec/generic/active_call_spec.rb +632 -0
  633. data/src/ruby/spec/generic/client_stub_spec.rb +556 -0
  634. data/src/ruby/spec/generic/rpc_desc_spec.rb +351 -0
  635. data/src/ruby/spec/generic/rpc_server_pool_spec.rb +142 -0
  636. data/src/ruby/spec/generic/rpc_server_spec.rb +524 -0
  637. data/src/ruby/spec/generic/service_spec.rb +276 -0
  638. data/src/ruby/spec/pb/duplicate/codegen_spec.rb +71 -0
  639. data/src/ruby/spec/pb/health/checker_spec.rb +222 -0
  640. data/src/ruby/spec/server_credentials_spec.rb +94 -0
  641. data/src/ruby/spec/server_spec.rb +205 -0
  642. data/src/ruby/spec/spec_helper.rb +71 -0
  643. data/src/ruby/spec/testdata/README +1 -0
  644. data/src/ruby/spec/testdata/ca.pem +15 -0
  645. data/src/ruby/spec/testdata/server1.key +16 -0
  646. data/src/ruby/spec/testdata/server1.pem +16 -0
  647. data/src/ruby/spec/time_consts_spec.rb +89 -0
  648. data/third_party/boringssl/crypto/aes/aes.c +1142 -0
  649. data/third_party/boringssl/crypto/aes/internal.h +87 -0
  650. data/third_party/boringssl/crypto/aes/mode_wrappers.c +112 -0
  651. data/third_party/boringssl/crypto/asn1/a_bitstr.c +263 -0
  652. data/third_party/boringssl/crypto/asn1/a_bool.c +110 -0
  653. data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +282 -0
  654. data/third_party/boringssl/crypto/asn1/a_dup.c +111 -0
  655. data/third_party/boringssl/crypto/asn1/a_enum.c +181 -0
  656. data/third_party/boringssl/crypto/asn1/a_gentm.c +256 -0
  657. data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +147 -0
  658. data/third_party/boringssl/crypto/asn1/a_int.c +460 -0
  659. data/third_party/boringssl/crypto/asn1/a_mbstr.c +409 -0
  660. data/third_party/boringssl/crypto/asn1/a_object.c +400 -0
  661. data/third_party/boringssl/crypto/asn1/a_octet.c +77 -0
  662. data/third_party/boringssl/crypto/asn1/a_print.c +121 -0
  663. data/third_party/boringssl/crypto/asn1/a_strnid.c +309 -0
  664. data/third_party/boringssl/crypto/asn1/a_time.c +206 -0
  665. data/third_party/boringssl/crypto/asn1/a_type.c +151 -0
  666. data/third_party/boringssl/crypto/asn1/a_utctm.c +304 -0
  667. data/third_party/boringssl/crypto/asn1/a_utf8.c +234 -0
  668. data/third_party/boringssl/crypto/asn1/asn1_lib.c +483 -0
  669. data/third_party/boringssl/crypto/asn1/asn1_locl.h +63 -0
  670. data/third_party/boringssl/crypto/asn1/asn1_par.c +80 -0
  671. data/third_party/boringssl/crypto/asn1/asn_pack.c +105 -0
  672. data/third_party/boringssl/crypto/asn1/f_enum.c +93 -0
  673. data/third_party/boringssl/crypto/asn1/f_int.c +97 -0
  674. data/third_party/boringssl/crypto/asn1/f_string.c +91 -0
  675. data/third_party/boringssl/crypto/asn1/t_bitst.c +103 -0
  676. data/third_party/boringssl/crypto/asn1/tasn_dec.c +1221 -0
  677. data/third_party/boringssl/crypto/asn1/tasn_enc.c +665 -0
  678. data/third_party/boringssl/crypto/asn1/tasn_fre.c +246 -0
  679. data/third_party/boringssl/crypto/asn1/tasn_new.c +381 -0
  680. data/third_party/boringssl/crypto/asn1/tasn_typ.c +131 -0
  681. data/third_party/boringssl/crypto/asn1/tasn_utl.c +266 -0
  682. data/third_party/boringssl/crypto/asn1/x_bignum.c +153 -0
  683. data/third_party/boringssl/crypto/asn1/x_long.c +197 -0
  684. data/third_party/boringssl/crypto/base64/base64.c +442 -0
  685. data/third_party/boringssl/crypto/bio/bio.c +598 -0
  686. data/third_party/boringssl/crypto/bio/bio_mem.c +328 -0
  687. data/third_party/boringssl/crypto/bio/buffer.c +496 -0
  688. data/third_party/boringssl/crypto/bio/connect.c +553 -0
  689. data/third_party/boringssl/crypto/bio/fd.c +277 -0
  690. data/third_party/boringssl/crypto/bio/file.c +313 -0
  691. data/third_party/boringssl/crypto/bio/hexdump.c +191 -0
  692. data/third_party/boringssl/crypto/bio/internal.h +111 -0
  693. data/third_party/boringssl/crypto/bio/pair.c +803 -0
  694. data/third_party/boringssl/crypto/bio/printf.c +119 -0
  695. data/third_party/boringssl/crypto/bio/socket.c +203 -0
  696. data/third_party/boringssl/crypto/bio/socket_helper.c +113 -0
  697. data/third_party/boringssl/crypto/bn/add.c +377 -0
  698. data/third_party/boringssl/crypto/bn/asm/x86_64-gcc.c +531 -0
  699. data/third_party/boringssl/crypto/bn/bn.c +379 -0
  700. data/third_party/boringssl/crypto/bn/bn_asn1.c +80 -0
  701. data/third_party/boringssl/crypto/bn/cmp.c +225 -0
  702. data/third_party/boringssl/crypto/bn/convert.c +599 -0
  703. data/third_party/boringssl/crypto/bn/ctx.c +311 -0
  704. data/third_party/boringssl/crypto/bn/div.c +671 -0
  705. data/third_party/boringssl/crypto/bn/exponentiation.c +1258 -0
  706. data/third_party/boringssl/crypto/bn/gcd.c +628 -0
  707. data/third_party/boringssl/crypto/bn/generic.c +703 -0
  708. data/third_party/boringssl/crypto/bn/internal.h +245 -0
  709. data/third_party/boringssl/crypto/bn/kronecker.c +175 -0
  710. data/third_party/boringssl/crypto/bn/montgomery.c +410 -0
  711. data/third_party/boringssl/crypto/bn/montgomery_inv.c +160 -0
  712. data/third_party/boringssl/crypto/bn/mul.c +869 -0
  713. data/third_party/boringssl/crypto/bn/prime.c +861 -0
  714. data/third_party/boringssl/crypto/bn/random.c +340 -0
  715. data/third_party/boringssl/crypto/bn/rsaz_exp.c +319 -0
  716. data/third_party/boringssl/crypto/bn/rsaz_exp.h +56 -0
  717. data/third_party/boringssl/crypto/bn/shift.c +299 -0
  718. data/third_party/boringssl/crypto/bn/sqrt.c +504 -0
  719. data/third_party/boringssl/crypto/buf/buf.c +239 -0
  720. data/third_party/boringssl/crypto/bytestring/asn1_compat.c +51 -0
  721. data/third_party/boringssl/crypto/bytestring/ber.c +263 -0
  722. data/third_party/boringssl/crypto/bytestring/cbb.c +473 -0
  723. data/third_party/boringssl/crypto/bytestring/cbs.c +439 -0
  724. data/third_party/boringssl/crypto/bytestring/internal.h +75 -0
  725. data/third_party/boringssl/crypto/chacha/chacha.c +167 -0
  726. data/third_party/boringssl/crypto/cipher/aead.c +156 -0
  727. data/third_party/boringssl/crypto/cipher/cipher.c +652 -0
  728. data/third_party/boringssl/crypto/cipher/derive_key.c +154 -0
  729. data/third_party/boringssl/crypto/cipher/e_aes.c +1717 -0
  730. data/third_party/boringssl/crypto/cipher/e_chacha20poly1305.c +300 -0
  731. data/third_party/boringssl/crypto/cipher/e_des.c +205 -0
  732. data/third_party/boringssl/crypto/cipher/e_null.c +85 -0
  733. data/third_party/boringssl/crypto/cipher/e_rc2.c +443 -0
  734. data/third_party/boringssl/crypto/cipher/e_rc4.c +87 -0
  735. data/third_party/boringssl/crypto/cipher/e_ssl3.c +403 -0
  736. data/third_party/boringssl/crypto/cipher/e_tls.c +602 -0
  737. data/third_party/boringssl/crypto/cipher/internal.h +162 -0
  738. data/third_party/boringssl/crypto/cipher/tls_cbc.c +553 -0
  739. data/third_party/boringssl/crypto/cmac/cmac.c +239 -0
  740. data/third_party/boringssl/crypto/conf/conf.c +788 -0
  741. data/third_party/boringssl/crypto/conf/conf_def.h +127 -0
  742. data/third_party/boringssl/crypto/conf/internal.h +31 -0
  743. data/third_party/boringssl/crypto/cpu-aarch64-linux.c +61 -0
  744. data/third_party/boringssl/crypto/cpu-arm-linux.c +360 -0
  745. data/third_party/boringssl/crypto/cpu-arm.c +38 -0
  746. data/third_party/boringssl/crypto/cpu-intel.c +263 -0
  747. data/third_party/boringssl/crypto/cpu-ppc64le.c +40 -0
  748. data/third_party/boringssl/crypto/crypto.c +164 -0
  749. data/third_party/boringssl/crypto/curve25519/curve25519.c +4944 -0
  750. data/third_party/boringssl/crypto/curve25519/internal.h +109 -0
  751. data/third_party/boringssl/crypto/curve25519/spake25519.c +464 -0
  752. data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +246 -0
  753. data/third_party/boringssl/crypto/des/des.c +771 -0
  754. data/third_party/boringssl/crypto/des/internal.h +212 -0
  755. data/third_party/boringssl/crypto/dh/check.c +218 -0
  756. data/third_party/boringssl/crypto/dh/dh.c +487 -0
  757. data/third_party/boringssl/crypto/dh/dh_asn1.c +160 -0
  758. data/third_party/boringssl/crypto/dh/params.c +253 -0
  759. data/third_party/boringssl/crypto/digest/digest.c +248 -0
  760. data/third_party/boringssl/crypto/digest/digests.c +321 -0
  761. data/third_party/boringssl/crypto/digest/internal.h +112 -0
  762. data/third_party/boringssl/crypto/digest/md32_common.h +262 -0
  763. data/third_party/boringssl/crypto/dsa/dsa.c +964 -0
  764. data/third_party/boringssl/crypto/dsa/dsa_asn1.c +339 -0
  765. data/third_party/boringssl/crypto/ec/ec.c +847 -0
  766. data/third_party/boringssl/crypto/ec/ec_asn1.c +549 -0
  767. data/third_party/boringssl/crypto/ec/ec_key.c +479 -0
  768. data/third_party/boringssl/crypto/ec/ec_montgomery.c +308 -0
  769. data/third_party/boringssl/crypto/ec/internal.h +276 -0
  770. data/third_party/boringssl/crypto/ec/oct.c +428 -0
  771. data/third_party/boringssl/crypto/ec/p224-64.c +1187 -0
  772. data/third_party/boringssl/crypto/ec/p256-64.c +1741 -0
  773. data/third_party/boringssl/crypto/ec/p256-x86_64-table.h +9543 -0
  774. data/third_party/boringssl/crypto/ec/p256-x86_64.c +574 -0
  775. data/third_party/boringssl/crypto/ec/simple.c +1117 -0
  776. data/third_party/boringssl/crypto/ec/util-64.c +109 -0
  777. data/third_party/boringssl/crypto/ec/wnaf.c +449 -0
  778. data/third_party/boringssl/crypto/ecdh/ecdh.c +159 -0
  779. data/third_party/boringssl/crypto/ecdsa/ecdsa.c +478 -0
  780. data/third_party/boringssl/crypto/ecdsa/ecdsa_asn1.c +227 -0
  781. data/third_party/boringssl/crypto/engine/engine.c +96 -0
  782. data/third_party/boringssl/crypto/err/err.c +756 -0
  783. data/third_party/boringssl/crypto/evp/digestsign.c +159 -0
  784. data/third_party/boringssl/crypto/evp/evp.c +367 -0
  785. data/third_party/boringssl/crypto/evp/evp_asn1.c +337 -0
  786. data/third_party/boringssl/crypto/evp/evp_ctx.c +448 -0
  787. data/third_party/boringssl/crypto/evp/internal.h +237 -0
  788. data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +268 -0
  789. data/third_party/boringssl/crypto/evp/p_ec.c +236 -0
  790. data/third_party/boringssl/crypto/evp/p_ec_asn1.c +257 -0
  791. data/third_party/boringssl/crypto/evp/p_rsa.c +673 -0
  792. data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +200 -0
  793. data/third_party/boringssl/crypto/evp/pbkdf.c +151 -0
  794. data/third_party/boringssl/crypto/evp/print.c +520 -0
  795. data/third_party/boringssl/crypto/evp/sign.c +151 -0
  796. data/third_party/boringssl/crypto/ex_data.c +292 -0
  797. data/third_party/boringssl/crypto/hkdf/hkdf.c +110 -0
  798. data/third_party/boringssl/crypto/hmac/hmac.c +213 -0
  799. data/third_party/boringssl/crypto/internal.h +527 -0
  800. data/third_party/boringssl/crypto/lhash/lhash.c +342 -0
  801. data/third_party/boringssl/crypto/md4/md4.c +234 -0
  802. data/third_party/boringssl/crypto/md5/md5.c +275 -0
  803. data/third_party/boringssl/crypto/mem.c +200 -0
  804. data/third_party/boringssl/crypto/modes/cbc.c +216 -0
  805. data/third_party/boringssl/crypto/modes/cfb.c +230 -0
  806. data/third_party/boringssl/crypto/modes/ctr.c +219 -0
  807. data/third_party/boringssl/crypto/modes/gcm.c +1288 -0
  808. data/third_party/boringssl/crypto/modes/internal.h +358 -0
  809. data/third_party/boringssl/crypto/modes/ofb.c +95 -0
  810. data/third_party/boringssl/crypto/newhope/error_correction.c +131 -0
  811. data/third_party/boringssl/crypto/newhope/internal.h +71 -0
  812. data/third_party/boringssl/crypto/newhope/newhope.c +174 -0
  813. data/third_party/boringssl/crypto/newhope/ntt.c +148 -0
  814. data/third_party/boringssl/crypto/newhope/poly.c +183 -0
  815. data/third_party/boringssl/crypto/newhope/precomp.c +306 -0
  816. data/third_party/boringssl/crypto/newhope/reduce.c +42 -0
  817. data/third_party/boringssl/crypto/obj/obj.c +640 -0
  818. data/third_party/boringssl/crypto/obj/obj_dat.h +5254 -0
  819. data/third_party/boringssl/crypto/obj/obj_xref.c +124 -0
  820. data/third_party/boringssl/crypto/obj/obj_xref.h +96 -0
  821. data/third_party/boringssl/crypto/pem/pem_all.c +262 -0
  822. data/third_party/boringssl/crypto/pem/pem_info.c +381 -0
  823. data/third_party/boringssl/crypto/pem/pem_lib.c +778 -0
  824. data/third_party/boringssl/crypto/pem/pem_oth.c +88 -0
  825. data/third_party/boringssl/crypto/pem/pem_pk8.c +257 -0
  826. data/third_party/boringssl/crypto/pem/pem_pkey.c +227 -0
  827. data/third_party/boringssl/crypto/pem/pem_x509.c +65 -0
  828. data/third_party/boringssl/crypto/pem/pem_xaux.c +67 -0
  829. data/third_party/boringssl/crypto/pkcs8/internal.h +83 -0
  830. data/third_party/boringssl/crypto/pkcs8/p5_pbe.c +151 -0
  831. data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +441 -0
  832. data/third_party/boringssl/crypto/pkcs8/p8_pkey.c +85 -0
  833. data/third_party/boringssl/crypto/pkcs8/pkcs8.c +1219 -0
  834. data/third_party/boringssl/crypto/poly1305/internal.h +40 -0
  835. data/third_party/boringssl/crypto/poly1305/poly1305.c +324 -0
  836. data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +304 -0
  837. data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +890 -0
  838. data/third_party/boringssl/crypto/rand/deterministic.c +47 -0
  839. data/third_party/boringssl/crypto/rand/internal.h +32 -0
  840. data/third_party/boringssl/crypto/rand/rand.c +244 -0
  841. data/third_party/boringssl/crypto/rand/urandom.c +221 -0
  842. data/third_party/boringssl/crypto/rand/windows.c +53 -0
  843. data/third_party/boringssl/crypto/rc4/rc4.c +98 -0
  844. data/third_party/boringssl/crypto/refcount_c11.c +67 -0
  845. data/third_party/boringssl/crypto/refcount_lock.c +53 -0
  846. data/third_party/boringssl/crypto/rsa/blinding.c +264 -0
  847. data/third_party/boringssl/crypto/rsa/internal.h +148 -0
  848. data/third_party/boringssl/crypto/rsa/padding.c +708 -0
  849. data/third_party/boringssl/crypto/rsa/rsa.c +830 -0
  850. data/third_party/boringssl/crypto/rsa/rsa_asn1.c +446 -0
  851. data/third_party/boringssl/crypto/rsa/rsa_impl.c +1139 -0
  852. data/third_party/boringssl/crypto/sha/sha1.c +337 -0
  853. data/third_party/boringssl/crypto/sha/sha256.c +327 -0
  854. data/third_party/boringssl/crypto/sha/sha512.c +607 -0
  855. data/third_party/boringssl/crypto/stack/stack.c +377 -0
  856. data/third_party/boringssl/crypto/thread.c +110 -0
  857. data/third_party/boringssl/crypto/thread_none.c +59 -0
  858. data/third_party/boringssl/crypto/thread_pthread.c +176 -0
  859. data/third_party/boringssl/crypto/thread_win.c +237 -0
  860. data/third_party/boringssl/crypto/time_support.c +206 -0
  861. data/third_party/boringssl/crypto/x509/a_digest.c +96 -0
  862. data/third_party/boringssl/crypto/x509/a_sign.c +135 -0
  863. data/third_party/boringssl/crypto/x509/a_strex.c +633 -0
  864. data/third_party/boringssl/crypto/x509/a_verify.c +127 -0
  865. data/third_party/boringssl/crypto/x509/algorithm.c +137 -0
  866. data/third_party/boringssl/crypto/x509/asn1_gen.c +818 -0
  867. data/third_party/boringssl/crypto/x509/by_dir.c +453 -0
  868. data/third_party/boringssl/crypto/x509/by_file.c +275 -0
  869. data/third_party/boringssl/crypto/x509/charmap.h +15 -0
  870. data/third_party/boringssl/crypto/x509/i2d_pr.c +83 -0
  871. data/third_party/boringssl/crypto/x509/internal.h +66 -0
  872. data/third_party/boringssl/crypto/x509/pkcs7.c +353 -0
  873. data/third_party/boringssl/crypto/x509/rsa_pss.c +385 -0
  874. data/third_party/boringssl/crypto/x509/t_crl.c +128 -0
  875. data/third_party/boringssl/crypto/x509/t_req.c +246 -0
  876. data/third_party/boringssl/crypto/x509/t_x509.c +506 -0
  877. data/third_party/boringssl/crypto/x509/t_x509a.c +111 -0
  878. data/third_party/boringssl/crypto/x509/vpm_int.h +70 -0
  879. data/third_party/boringssl/crypto/x509/x509.c +157 -0
  880. data/third_party/boringssl/crypto/x509/x509_att.c +381 -0
  881. data/third_party/boringssl/crypto/x509/x509_cmp.c +474 -0
  882. data/third_party/boringssl/crypto/x509/x509_d2.c +106 -0
  883. data/third_party/boringssl/crypto/x509/x509_def.c +98 -0
  884. data/third_party/boringssl/crypto/x509/x509_ext.c +206 -0
  885. data/third_party/boringssl/crypto/x509/x509_lu.c +690 -0
  886. data/third_party/boringssl/crypto/x509/x509_obj.c +197 -0
  887. data/third_party/boringssl/crypto/x509/x509_r2x.c +117 -0
  888. data/third_party/boringssl/crypto/x509/x509_req.c +322 -0
  889. data/third_party/boringssl/crypto/x509/x509_set.c +154 -0
  890. data/third_party/boringssl/crypto/x509/x509_trs.c +326 -0
  891. data/third_party/boringssl/crypto/x509/x509_txt.c +211 -0
  892. data/third_party/boringssl/crypto/x509/x509_v3.c +278 -0
  893. data/third_party/boringssl/crypto/x509/x509_vfy.c +2436 -0
  894. data/third_party/boringssl/crypto/x509/x509_vpm.c +647 -0
  895. data/third_party/boringssl/crypto/x509/x509cset.c +170 -0
  896. data/third_party/boringssl/crypto/x509/x509name.c +386 -0
  897. data/third_party/boringssl/crypto/x509/x509rset.c +81 -0
  898. data/third_party/boringssl/crypto/x509/x509spki.c +137 -0
  899. data/third_party/boringssl/crypto/x509/x509type.c +126 -0
  900. data/third_party/boringssl/crypto/x509/x_algor.c +151 -0
  901. data/third_party/boringssl/crypto/x509/x_all.c +501 -0
  902. data/third_party/boringssl/crypto/x509/x_attrib.c +111 -0
  903. data/third_party/boringssl/crypto/x509/x_crl.c +539 -0
  904. data/third_party/boringssl/crypto/x509/x_exten.c +75 -0
  905. data/third_party/boringssl/crypto/x509/x_info.c +98 -0
  906. data/third_party/boringssl/crypto/x509/x_name.c +534 -0
  907. data/third_party/boringssl/crypto/x509/x_pkey.c +103 -0
  908. data/third_party/boringssl/crypto/x509/x_pubkey.c +368 -0
  909. data/third_party/boringssl/crypto/x509/x_req.c +109 -0
  910. data/third_party/boringssl/crypto/x509/x_sig.c +69 -0
  911. data/third_party/boringssl/crypto/x509/x_spki.c +80 -0
  912. data/third_party/boringssl/crypto/x509/x_val.c +69 -0
  913. data/third_party/boringssl/crypto/x509/x_x509.c +289 -0
  914. data/third_party/boringssl/crypto/x509/x_x509a.c +205 -0
  915. data/third_party/boringssl/crypto/x509v3/ext_dat.h +135 -0
  916. data/third_party/boringssl/crypto/x509v3/pcy_cache.c +284 -0
  917. data/third_party/boringssl/crypto/x509v3/pcy_data.c +130 -0
  918. data/third_party/boringssl/crypto/x509v3/pcy_int.h +217 -0
  919. data/third_party/boringssl/crypto/x509v3/pcy_lib.c +164 -0
  920. data/third_party/boringssl/crypto/x509v3/pcy_map.c +130 -0
  921. data/third_party/boringssl/crypto/x509v3/pcy_node.c +188 -0
  922. data/third_party/boringssl/crypto/x509v3/pcy_tree.c +829 -0
  923. data/third_party/boringssl/crypto/x509v3/v3_akey.c +204 -0
  924. data/third_party/boringssl/crypto/x509v3/v3_akeya.c +72 -0
  925. data/third_party/boringssl/crypto/x509v3/v3_alt.c +614 -0
  926. data/third_party/boringssl/crypto/x509v3/v3_bcons.c +133 -0
  927. data/third_party/boringssl/crypto/x509v3/v3_bitst.c +141 -0
  928. data/third_party/boringssl/crypto/x509v3/v3_conf.c +462 -0
  929. data/third_party/boringssl/crypto/x509v3/v3_cpols.c +496 -0
  930. data/third_party/boringssl/crypto/x509v3/v3_crld.c +561 -0
  931. data/third_party/boringssl/crypto/x509v3/v3_enum.c +100 -0
  932. data/third_party/boringssl/crypto/x509v3/v3_extku.c +148 -0
  933. data/third_party/boringssl/crypto/x509v3/v3_genn.c +250 -0
  934. data/third_party/boringssl/crypto/x509v3/v3_ia5.c +119 -0
  935. data/third_party/boringssl/crypto/x509v3/v3_info.c +212 -0
  936. data/third_party/boringssl/crypto/x509v3/v3_int.c +91 -0
  937. data/third_party/boringssl/crypto/x509v3/v3_lib.c +362 -0
  938. data/third_party/boringssl/crypto/x509v3/v3_ncons.c +482 -0
  939. data/third_party/boringssl/crypto/x509v3/v3_pci.c +317 -0
  940. data/third_party/boringssl/crypto/x509v3/v3_pcia.c +57 -0
  941. data/third_party/boringssl/crypto/x509v3/v3_pcons.c +139 -0
  942. data/third_party/boringssl/crypto/x509v3/v3_pku.c +110 -0
  943. data/third_party/boringssl/crypto/x509v3/v3_pmaps.c +154 -0
  944. data/third_party/boringssl/crypto/x509v3/v3_prn.c +229 -0
  945. data/third_party/boringssl/crypto/x509v3/v3_purp.c +874 -0
  946. data/third_party/boringssl/crypto/x509v3/v3_skey.c +152 -0
  947. data/third_party/boringssl/crypto/x509v3/v3_sxnet.c +274 -0
  948. data/third_party/boringssl/crypto/x509v3/v3_utl.c +1327 -0
  949. data/third_party/boringssl/include/openssl/aead.h +345 -0
  950. data/third_party/boringssl/include/openssl/aes.h +158 -0
  951. data/third_party/boringssl/include/openssl/arm_arch.h +121 -0
  952. data/third_party/boringssl/include/openssl/asn1.h +1038 -0
  953. data/third_party/boringssl/include/openssl/asn1_mac.h +18 -0
  954. data/third_party/boringssl/include/openssl/asn1t.h +896 -0
  955. data/third_party/boringssl/include/openssl/base.h +412 -0
  956. data/third_party/boringssl/include/openssl/base64.h +187 -0
  957. data/third_party/boringssl/include/openssl/bio.h +926 -0
  958. data/third_party/boringssl/include/openssl/blowfish.h +93 -0
  959. data/third_party/boringssl/include/openssl/bn.h +955 -0
  960. data/third_party/boringssl/include/openssl/buf.h +133 -0
  961. data/third_party/boringssl/include/openssl/buffer.h +18 -0
  962. data/third_party/boringssl/include/openssl/bytestring.h +437 -0
  963. data/third_party/boringssl/include/openssl/cast.h +96 -0
  964. data/third_party/boringssl/include/openssl/chacha.h +37 -0
  965. data/third_party/boringssl/include/openssl/cipher.h +588 -0
  966. data/third_party/boringssl/include/openssl/cmac.h +87 -0
  967. data/third_party/boringssl/include/openssl/conf.h +181 -0
  968. data/third_party/boringssl/include/openssl/cpu.h +181 -0
  969. data/third_party/boringssl/include/openssl/crypto.h +94 -0
  970. data/third_party/boringssl/include/openssl/curve25519.h +183 -0
  971. data/third_party/boringssl/include/openssl/des.h +177 -0
  972. data/third_party/boringssl/include/openssl/dh.h +297 -0
  973. data/third_party/boringssl/include/openssl/digest.h +285 -0
  974. data/third_party/boringssl/include/openssl/dsa.h +436 -0
  975. data/third_party/boringssl/include/openssl/dtls1.h +16 -0
  976. data/third_party/boringssl/include/openssl/ec.h +406 -0
  977. data/third_party/boringssl/include/openssl/ec_key.h +337 -0
  978. data/third_party/boringssl/include/openssl/ecdh.h +102 -0
  979. data/third_party/boringssl/include/openssl/ecdsa.h +217 -0
  980. data/third_party/boringssl/include/openssl/engine.h +109 -0
  981. data/third_party/boringssl/include/openssl/err.h +488 -0
  982. data/third_party/boringssl/include/openssl/evp.h +797 -0
  983. data/third_party/boringssl/include/openssl/ex_data.h +213 -0
  984. data/third_party/boringssl/include/openssl/hkdf.h +64 -0
  985. data/third_party/boringssl/include/openssl/hmac.h +174 -0
  986. data/third_party/boringssl/include/openssl/lhash.h +192 -0
  987. data/third_party/boringssl/include/openssl/lhash_macros.h +132 -0
  988. data/third_party/boringssl/include/openssl/md4.h +106 -0
  989. data/third_party/boringssl/include/openssl/md5.h +107 -0
  990. data/third_party/boringssl/include/openssl/mem.h +150 -0
  991. data/third_party/boringssl/include/openssl/newhope.h +158 -0
  992. data/third_party/boringssl/include/openssl/nid.h +4166 -0
  993. data/third_party/boringssl/include/openssl/obj.h +226 -0
  994. data/third_party/boringssl/include/openssl/obj_mac.h +18 -0
  995. data/third_party/boringssl/include/openssl/objects.h +18 -0
  996. data/third_party/boringssl/include/openssl/opensslconf.h +60 -0
  997. data/third_party/boringssl/include/openssl/opensslv.h +18 -0
  998. data/third_party/boringssl/include/openssl/ossl_typ.h +18 -0
  999. data/third_party/boringssl/include/openssl/pem.h +517 -0
  1000. data/third_party/boringssl/include/openssl/pkcs12.h +18 -0
  1001. data/third_party/boringssl/include/openssl/pkcs7.h +16 -0
  1002. data/third_party/boringssl/include/openssl/pkcs8.h +236 -0
  1003. data/third_party/boringssl/include/openssl/poly1305.h +51 -0
  1004. data/third_party/boringssl/include/openssl/rand.h +122 -0
  1005. data/third_party/boringssl/include/openssl/rc4.h +96 -0
  1006. data/third_party/boringssl/include/openssl/ripemd.h +107 -0
  1007. data/third_party/boringssl/include/openssl/rsa.h +699 -0
  1008. data/third_party/boringssl/include/openssl/safestack.h +16 -0
  1009. data/third_party/boringssl/include/openssl/sha.h +260 -0
  1010. data/third_party/boringssl/include/openssl/srtp.h +18 -0
  1011. data/third_party/boringssl/include/openssl/ssl.h +4826 -0
  1012. data/third_party/boringssl/include/openssl/ssl3.h +434 -0
  1013. data/third_party/boringssl/include/openssl/stack.h +293 -0
  1014. data/third_party/boringssl/include/openssl/stack_macros.h +3902 -0
  1015. data/third_party/boringssl/include/openssl/thread.h +191 -0
  1016. data/third_party/boringssl/include/openssl/time_support.h +91 -0
  1017. data/third_party/boringssl/include/openssl/tls1.h +657 -0
  1018. data/third_party/boringssl/include/openssl/type_check.h +91 -0
  1019. data/third_party/boringssl/include/openssl/x509.h +1299 -0
  1020. data/third_party/boringssl/include/openssl/x509_vfy.h +618 -0
  1021. data/third_party/boringssl/include/openssl/x509v3.h +819 -0
  1022. data/third_party/boringssl/ssl/custom_extensions.c +255 -0
  1023. data/third_party/boringssl/ssl/d1_both.c +845 -0
  1024. data/third_party/boringssl/ssl/d1_lib.c +270 -0
  1025. data/third_party/boringssl/ssl/d1_pkt.c +419 -0
  1026. data/third_party/boringssl/ssl/d1_srtp.c +236 -0
  1027. data/third_party/boringssl/ssl/dtls_method.c +203 -0
  1028. data/third_party/boringssl/ssl/dtls_record.c +309 -0
  1029. data/third_party/boringssl/ssl/handshake_client.c +2002 -0
  1030. data/third_party/boringssl/ssl/handshake_server.c +1932 -0
  1031. data/third_party/boringssl/ssl/internal.h +1551 -0
  1032. data/third_party/boringssl/ssl/s3_both.c +745 -0
  1033. data/third_party/boringssl/ssl/s3_enc.c +412 -0
  1034. data/third_party/boringssl/ssl/s3_lib.c +336 -0
  1035. data/third_party/boringssl/ssl/s3_pkt.c +497 -0
  1036. data/third_party/boringssl/ssl/ssl_aead_ctx.c +329 -0
  1037. data/third_party/boringssl/ssl/ssl_asn1.c +748 -0
  1038. data/third_party/boringssl/ssl/ssl_buffer.c +311 -0
  1039. data/third_party/boringssl/ssl/ssl_cert.c +814 -0
  1040. data/third_party/boringssl/ssl/ssl_cipher.c +2062 -0
  1041. data/third_party/boringssl/ssl/ssl_ecdh.c +610 -0
  1042. data/third_party/boringssl/ssl/ssl_file.c +586 -0
  1043. data/third_party/boringssl/ssl/ssl_lib.c +3063 -0
  1044. data/third_party/boringssl/ssl/ssl_rsa.c +793 -0
  1045. data/third_party/boringssl/ssl/ssl_session.c +985 -0
  1046. data/third_party/boringssl/ssl/ssl_stat.c +509 -0
  1047. data/third_party/boringssl/ssl/t1_enc.c +547 -0
  1048. data/third_party/boringssl/ssl/t1_lib.c +3279 -0
  1049. data/third_party/boringssl/ssl/tls13_both.c +440 -0
  1050. data/third_party/boringssl/ssl/tls13_client.c +682 -0
  1051. data/third_party/boringssl/ssl/tls13_enc.c +391 -0
  1052. data/third_party/boringssl/ssl/tls13_server.c +672 -0
  1053. data/third_party/boringssl/ssl/tls_method.c +245 -0
  1054. data/third_party/boringssl/ssl/tls_record.c +461 -0
  1055. data/third_party/cares/ares_build.h +264 -0
  1056. data/third_party/cares/cares/ares.h +636 -0
  1057. data/third_party/cares/cares/ares__close_sockets.c +61 -0
  1058. data/third_party/cares/cares/ares__get_hostent.c +261 -0
  1059. data/third_party/cares/cares/ares__read_line.c +73 -0
  1060. data/third_party/cares/cares/ares__timeval.c +111 -0
  1061. data/third_party/cares/cares/ares_cancel.c +63 -0
  1062. data/third_party/cares/cares/ares_create_query.c +202 -0
  1063. data/third_party/cares/cares/ares_data.c +221 -0
  1064. data/third_party/cares/cares/ares_data.h +72 -0
  1065. data/third_party/cares/cares/ares_destroy.c +108 -0
  1066. data/third_party/cares/cares/ares_dns.h +103 -0
  1067. data/third_party/cares/cares/ares_expand_name.c +205 -0
  1068. data/third_party/cares/cares/ares_expand_string.c +70 -0
  1069. data/third_party/cares/cares/ares_fds.c +59 -0
  1070. data/third_party/cares/cares/ares_free_hostent.c +41 -0
  1071. data/third_party/cares/cares/ares_free_string.c +25 -0
  1072. data/third_party/cares/cares/ares_getenv.c +30 -0
  1073. data/third_party/cares/cares/ares_getenv.h +26 -0
  1074. data/third_party/cares/cares/ares_gethostbyaddr.c +294 -0
  1075. data/third_party/cares/cares/ares_gethostbyname.c +518 -0
  1076. data/third_party/cares/cares/ares_getnameinfo.c +422 -0
  1077. data/third_party/cares/cares/ares_getopt.c +122 -0
  1078. data/third_party/cares/cares/ares_getopt.h +53 -0
  1079. data/third_party/cares/cares/ares_getsock.c +66 -0
  1080. data/third_party/cares/cares/ares_inet_net_pton.h +25 -0
  1081. data/third_party/cares/cares/ares_init.c +2146 -0
  1082. data/third_party/cares/cares/ares_iphlpapi.h +221 -0
  1083. data/third_party/cares/cares/ares_ipv6.h +78 -0
  1084. data/third_party/cares/cares/ares_library_init.c +167 -0
  1085. data/third_party/cares/cares/ares_library_init.h +42 -0
  1086. data/third_party/cares/cares/ares_llist.c +63 -0
  1087. data/third_party/cares/cares/ares_llist.h +39 -0
  1088. data/third_party/cares/cares/ares_mkquery.c +24 -0
  1089. data/third_party/cares/cares/ares_nowarn.c +260 -0
  1090. data/third_party/cares/cares/ares_nowarn.h +61 -0
  1091. data/third_party/cares/cares/ares_options.c +402 -0
  1092. data/third_party/cares/cares/ares_parse_a_reply.c +264 -0
  1093. data/third_party/cares/cares/ares_parse_aaaa_reply.c +264 -0
  1094. data/third_party/cares/cares/ares_parse_mx_reply.c +170 -0
  1095. data/third_party/cares/cares/ares_parse_naptr_reply.c +188 -0
  1096. data/third_party/cares/cares/ares_parse_ns_reply.c +183 -0
  1097. data/third_party/cares/cares/ares_parse_ptr_reply.c +219 -0
  1098. data/third_party/cares/cares/ares_parse_soa_reply.c +133 -0
  1099. data/third_party/cares/cares/ares_parse_srv_reply.c +179 -0
  1100. data/third_party/cares/cares/ares_parse_txt_reply.c +220 -0
  1101. data/third_party/cares/cares/ares_platform.c +11035 -0
  1102. data/third_party/cares/cares/ares_platform.h +43 -0
  1103. data/third_party/cares/cares/ares_private.h +363 -0
  1104. data/third_party/cares/cares/ares_process.c +1359 -0
  1105. data/third_party/cares/cares/ares_query.c +186 -0
  1106. data/third_party/cares/cares/ares_rules.h +125 -0
  1107. data/third_party/cares/cares/ares_search.c +316 -0
  1108. data/third_party/cares/cares/ares_send.c +131 -0
  1109. data/third_party/cares/cares/ares_setup.h +217 -0
  1110. data/third_party/cares/cares/ares_strcasecmp.c +66 -0
  1111. data/third_party/cares/cares/ares_strcasecmp.h +30 -0
  1112. data/third_party/cares/cares/ares_strdup.c +49 -0
  1113. data/third_party/cares/cares/ares_strdup.h +24 -0
  1114. data/third_party/cares/cares/ares_strerror.c +56 -0
  1115. data/third_party/cares/cares/ares_timeout.c +88 -0
  1116. data/third_party/cares/cares/ares_version.c +11 -0
  1117. data/third_party/cares/cares/ares_version.h +24 -0
  1118. data/third_party/cares/cares/ares_writev.c +79 -0
  1119. data/third_party/cares/cares/bitncmp.c +59 -0
  1120. data/third_party/cares/cares/bitncmp.h +26 -0
  1121. data/third_party/cares/cares/config-win32.h +377 -0
  1122. data/third_party/cares/cares/inet_net_pton.c +450 -0
  1123. data/third_party/cares/cares/inet_ntop.c +208 -0
  1124. data/third_party/cares/cares/setup_once.h +554 -0
  1125. data/third_party/cares/cares/windows_port.c +22 -0
  1126. data/third_party/cares/config_darwin/ares_config.h +523 -0
  1127. data/third_party/cares/config_linux/ares_config.h +524 -0
  1128. data/third_party/nanopb/pb.h +579 -0
  1129. data/third_party/nanopb/pb_common.c +97 -0
  1130. data/third_party/nanopb/pb_common.h +42 -0
  1131. data/third_party/nanopb/pb_decode.c +1347 -0
  1132. data/third_party/nanopb/pb_decode.h +149 -0
  1133. data/third_party/nanopb/pb_encode.c +696 -0
  1134. data/third_party/nanopb/pb_encode.h +154 -0
  1135. data/third_party/zlib/adler32.c +179 -0
  1136. data/third_party/zlib/compress.c +80 -0
  1137. data/third_party/zlib/crc32.c +425 -0
  1138. data/third_party/zlib/crc32.h +441 -0
  1139. data/third_party/zlib/deflate.c +1967 -0
  1140. data/third_party/zlib/deflate.h +346 -0
  1141. data/third_party/zlib/gzclose.c +25 -0
  1142. data/third_party/zlib/gzguts.h +209 -0
  1143. data/third_party/zlib/gzlib.c +634 -0
  1144. data/third_party/zlib/gzread.c +594 -0
  1145. data/third_party/zlib/gzwrite.c +577 -0
  1146. data/third_party/zlib/infback.c +640 -0
  1147. data/third_party/zlib/inffast.c +340 -0
  1148. data/third_party/zlib/inffast.h +11 -0
  1149. data/third_party/zlib/inffixed.h +94 -0
  1150. data/third_party/zlib/inflate.c +1512 -0
  1151. data/third_party/zlib/inflate.h +122 -0
  1152. data/third_party/zlib/inftrees.c +306 -0
  1153. data/third_party/zlib/inftrees.h +62 -0
  1154. data/third_party/zlib/trees.c +1226 -0
  1155. data/third_party/zlib/trees.h +128 -0
  1156. data/third_party/zlib/uncompr.c +59 -0
  1157. data/third_party/zlib/zconf.h +511 -0
  1158. data/third_party/zlib/zlib.h +1768 -0
  1159. data/third_party/zlib/zutil.c +324 -0
  1160. data/third_party/zlib/zutil.h +253 -0
  1161. metadata +1397 -0
data/third_party/boringssl/ssl/handshake_server.c ADDED
@@ -0,0 +1,1932 @@
1
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
+ * All rights reserved.
3
+ *
4
+ * This package is an SSL implementation written
5
+ * by Eric Young (eay@cryptsoft.com).
6
+ * The implementation was written so as to conform with Netscapes SSL.
7
+ *
8
+ * This library is free for commercial and non-commercial use as long as
9
+ * the following conditions are aheared to. The following conditions
10
+ * apply to all code found in this distribution, be it the RC4, RSA,
11
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
+ * included with this distribution is covered by the same copyright terms
13
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
+ *
15
+ * Copyright remains Eric Young's, and as such any Copyright notices in
16
+ * the code are not to be removed.
17
+ * If this package is used in a product, Eric Young should be given attribution
18
+ * as the author of the parts of the library used.
19
+ * This can be in the form of a textual message at program startup or
20
+ * in documentation (online or textual) provided with the package.
21
+ *
22
+ * Redistribution and use in source and binary forms, with or without
23
+ * modification, are permitted provided that the following conditions
24
+ * are met:
25
+ * 1. Redistributions of source code must retain the copyright
26
+ * notice, this list of conditions and the following disclaimer.
27
+ * 2. Redistributions in binary form must reproduce the above copyright
28
+ * notice, this list of conditions and the following disclaimer in the
29
+ * documentation and/or other materials provided with the distribution.
30
+ * 3. All advertising materials mentioning features or use of this software
31
+ * must display the following acknowledgement:
32
+ * "This product includes cryptographic software written by
33
+ * Eric Young (eay@cryptsoft.com)"
34
+ * The word 'cryptographic' can be left out if the rouines from the library
35
+ * being used are not cryptographic related :-).
36
+ * 4. If you include any Windows specific code (or a derivative thereof) from
37
+ * the apps directory (application code) you must include an acknowledgement:
38
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
+ *
40
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
+ * SUCH DAMAGE.
51
+ *
52
+ * The licence and distribution terms for any publically available version or
53
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
54
+ * copied and put under another distribution licence
55
+ * [including the GNU Public Licence.]
56
+ */
57
+ /* ====================================================================
58
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
+ *
60
+ * Redistribution and use in source and binary forms, with or without
61
+ * modification, are permitted provided that the following conditions
62
+ * are met:
63
+ *
64
+ * 1. Redistributions of source code must retain the above copyright
65
+ * notice, this list of conditions and the following disclaimer.
66
+ *
67
+ * 2. Redistributions in binary form must reproduce the above copyright
68
+ * notice, this list of conditions and the following disclaimer in
69
+ * the documentation and/or other materials provided with the
70
+ * distribution.
71
+ *
72
+ * 3. All advertising materials mentioning features or use of this
73
+ * software must display the following acknowledgment:
74
+ * "This product includes software developed by the OpenSSL Project
75
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
+ *
77
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
+ * endorse or promote products derived from this software without
79
+ * prior written permission. For written permission, please contact
80
+ * openssl-core@openssl.org.
81
+ *
82
+ * 5. Products derived from this software may not be called "OpenSSL"
83
+ * nor may "OpenSSL" appear in their names without prior written
84
+ * permission of the OpenSSL Project.
85
+ *
86
+ * 6. Redistributions of any form whatsoever must retain the following
87
+ * acknowledgment:
88
+ * "This product includes software developed by the OpenSSL Project
89
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
+ *
91
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
103
+ * ====================================================================
104
+ *
105
+ * This product includes cryptographic software written by Eric Young
106
+ * (eay@cryptsoft.com). This product includes software written by Tim
107
+ * Hudson (tjh@cryptsoft.com).
108
+ *
109
+ */
110
+ /* ====================================================================
111
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
+ *
113
+ * Portions of the attached software ("Contribution") are developed by
114
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
115
+ *
116
+ * The Contribution is licensed pursuant to the OpenSSL open source
117
+ * license provided above.
118
+ *
119
+ * ECC cipher suite support in OpenSSL originally written by
120
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
121
+ *
122
+ */
123
+ /* ====================================================================
124
+ * Copyright 2005 Nokia. All rights reserved.
125
+ *
126
+ * The portions of the attached software ("Contribution") is developed by
127
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
128
+ * license.
129
+ *
130
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
131
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
132
+ * support (see RFC 4279) to OpenSSL.
133
+ *
134
+ * No patent licenses or other rights except those expressly stated in
135
+ * the OpenSSL open source license shall be deemed granted or received
136
+ * expressly, by implication, estoppel, or otherwise.
137
+ *
138
+ * No assurances are provided by Nokia that the Contribution does not
139
+ * infringe the patent or other intellectual property rights of any third
140
+ * party or that the license provides you with all the necessary rights
141
+ * to make use of the Contribution.
142
+ *
143
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
144
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
145
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
146
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
147
+ * OTHERWISE. */
148
+
149
+ #include <openssl/ssl.h>
150
+
151
+ #include <assert.h>
152
+ #include <string.h>
153
+
154
+ #include <openssl/bn.h>
155
+ #include <openssl/buf.h>
156
+ #include <openssl/bytestring.h>
157
+ #include <openssl/cipher.h>
158
+ #include <openssl/dh.h>
159
+ #include <openssl/ec.h>
160
+ #include <openssl/ecdsa.h>
161
+ #include <openssl/err.h>
162
+ #include <openssl/evp.h>
163
+ #include <openssl/hmac.h>
164
+ #include <openssl/md5.h>
165
+ #include <openssl/mem.h>
166
+ #include <openssl/nid.h>
167
+ #include <openssl/rand.h>
168
+ #include <openssl/x509.h>
169
+
170
+ #include "internal.h"
171
+ #include "../crypto/internal.h"
172
+
173
+
174
+ static int ssl3_get_client_hello(SSL *ssl);
175
+ static int ssl3_send_server_hello(SSL *ssl);
176
+ static int ssl3_send_server_certificate(SSL *ssl);
177
+ static int ssl3_send_certificate_status(SSL *ssl);
178
+ static int ssl3_send_server_key_exchange(SSL *ssl);
179
+ static int ssl3_send_certificate_request(SSL *ssl);
180
+ static int ssl3_send_server_hello_done(SSL *ssl);
181
+ static int ssl3_get_client_certificate(SSL *ssl);
182
+ static int ssl3_get_client_key_exchange(SSL *ssl);
183
+ static int ssl3_get_cert_verify(SSL *ssl);
184
+ static int ssl3_get_next_proto(SSL *ssl);
185
+ static int ssl3_get_channel_id(SSL *ssl);
186
+ static int ssl3_send_new_session_ticket(SSL *ssl);
187
+
188
+ int ssl3_accept(SSL *ssl) {
189
+ uint32_t alg_a;
190
+ int ret = -1;
191
+ int state, skip = 0;
192
+
193
+ assert(ssl->handshake_func == ssl3_accept);
194
+ assert(ssl->server);
195
+
196
+ for (;;) {
197
+ state = ssl->state;
198
+
199
+ switch (ssl->state) {
200
+ case SSL_ST_INIT:
201
+ ssl->state = SSL_ST_ACCEPT;
202
+ skip = 1;
203
+ break;
204
+
205
+ case SSL_ST_ACCEPT:
206
+ ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_START, 1);
207
+
208
+ ssl->s3->hs = ssl_handshake_new(tls13_server_handshake);
209
+ if (ssl->s3->hs == NULL) {
210
+ ret = -1;
211
+ goto end;
212
+ }
213
+
214
+ /* Enable a write buffer. This groups handshake messages within a flight
215
+ * into a single write. */
216
+ if (!ssl_init_wbio_buffer(ssl)) {
217
+ ret = -1;
218
+ goto end;
219
+ }
220
+
221
+ if (!ssl3_init_handshake_buffer(ssl)) {
222
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
223
+ ret = -1;
224
+ goto end;
225
+ }
226
+
227
+ ssl->state = SSL3_ST_SR_CLNT_HELLO_A;
228
+ break;
229
+
230
+ case SSL3_ST_SR_CLNT_HELLO_A:
231
+ case SSL3_ST_SR_CLNT_HELLO_B:
232
+ case SSL3_ST_SR_CLNT_HELLO_C:
233
+ case SSL3_ST_SR_CLNT_HELLO_D:
234
+ ret = ssl3_get_client_hello(ssl);
235
+ if (ssl->state == SSL_ST_TLS13) {
236
+ break;
237
+ }
238
+ if (ret <= 0) {
239
+ goto end;
240
+ }
241
+ ssl->method->received_flight(ssl);
242
+ ssl->state = SSL3_ST_SW_SRVR_HELLO_A;
243
+ break;
244
+
245
+ case SSL3_ST_SW_SRVR_HELLO_A:
246
+ case SSL3_ST_SW_SRVR_HELLO_B:
247
+ ret = ssl3_send_server_hello(ssl);
248
+ if (ret <= 0) {
249
+ goto end;
250
+ }
251
+ if (ssl->session != NULL) {
252
+ ssl->state = SSL3_ST_SW_SESSION_TICKET_A;
253
+ } else {
254
+ ssl->state = SSL3_ST_SW_CERT_A;
255
+ }
256
+ break;
257
+
258
+ case SSL3_ST_SW_CERT_A:
259
+ case SSL3_ST_SW_CERT_B:
260
+ if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
261
+ ret = ssl3_send_server_certificate(ssl);
262
+ if (ret <= 0) {
263
+ goto end;
264
+ }
265
+ } else {
266
+ skip = 1;
267
+ }
268
+ ssl->state = SSL3_ST_SW_CERT_STATUS_A;
269
+ break;
270
+
271
+ case SSL3_ST_SW_CERT_STATUS_A:
272
+ case SSL3_ST_SW_CERT_STATUS_B:
273
+ if (ssl->s3->tmp.certificate_status_expected) {
274
+ ret = ssl3_send_certificate_status(ssl);
275
+ if (ret <= 0) {
276
+ goto end;
277
+ }
278
+ } else {
279
+ skip = 1;
280
+ }
281
+ ssl->state = SSL3_ST_SW_KEY_EXCH_A;
282
+ break;
283
+
284
+ case SSL3_ST_SW_KEY_EXCH_A:
285
+ case SSL3_ST_SW_KEY_EXCH_B:
286
+ case SSL3_ST_SW_KEY_EXCH_C:
287
+ alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
288
+
289
+ /* PSK ciphers send ServerKeyExchange if there is an identity hint. */
290
+ if (ssl_cipher_requires_server_key_exchange(ssl->s3->tmp.new_cipher) ||
291
+ ((alg_a & SSL_aPSK) && ssl->psk_identity_hint)) {
292
+ ret = ssl3_send_server_key_exchange(ssl);
293
+ if (ret <= 0) {
294
+ goto end;
295
+ }
296
+ } else {
297
+ skip = 1;
298
+ }
299
+
300
+ ssl->state = SSL3_ST_SW_CERT_REQ_A;
301
+ break;
302
+
303
+ case SSL3_ST_SW_CERT_REQ_A:
304
+ case SSL3_ST_SW_CERT_REQ_B:
305
+ if (ssl->s3->tmp.cert_request) {
306
+ ret = ssl3_send_certificate_request(ssl);
307
+ if (ret <= 0) {
308
+ goto end;
309
+ }
310
+ } else {
311
+ skip = 1;
312
+ }
313
+ ssl->state = SSL3_ST_SW_SRVR_DONE_A;
314
+ break;
315
+
316
+ case SSL3_ST_SW_SRVR_DONE_A:
317
+ case SSL3_ST_SW_SRVR_DONE_B:
318
+ ret = ssl3_send_server_hello_done(ssl);
319
+ if (ret <= 0) {
320
+ goto end;
321
+ }
322
+ ssl->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
323
+ ssl->state = SSL3_ST_SW_FLUSH;
324
+ break;
325
+
326
+ case SSL3_ST_SR_CERT_A:
327
+ if (ssl->s3->tmp.cert_request) {
328
+ ret = ssl3_get_client_certificate(ssl);
329
+ if (ret <= 0) {
330
+ goto end;
331
+ }
332
+ }
333
+ ssl->state = SSL3_ST_SR_KEY_EXCH_A;
334
+ break;
335
+
336
+ case SSL3_ST_SR_KEY_EXCH_A:
337
+ case SSL3_ST_SR_KEY_EXCH_B:
338
+ ret = ssl3_get_client_key_exchange(ssl);
339
+ if (ret <= 0) {
340
+ goto end;
341
+ }
342
+ ssl->state = SSL3_ST_SR_CERT_VRFY_A;
343
+ break;
344
+
345
+ case SSL3_ST_SR_CERT_VRFY_A:
346
+ ret = ssl3_get_cert_verify(ssl);
347
+ if (ret <= 0) {
348
+ goto end;
349
+ }
350
+
351
+ ssl->state = SSL3_ST_SR_CHANGE;
352
+ break;
353
+
354
+ case SSL3_ST_SR_CHANGE:
355
+ ret = ssl->method->read_change_cipher_spec(ssl);
356
+ if (ret <= 0) {
357
+ goto end;
358
+ }
359
+
360
+ if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_READ)) {
361
+ ret = -1;
362
+ goto end;
363
+ }
364
+
365
+ ssl->state = SSL3_ST_SR_NEXT_PROTO_A;
366
+ break;
367
+
368
+ case SSL3_ST_SR_NEXT_PROTO_A:
369
+ if (ssl->s3->next_proto_neg_seen) {
370
+ ret = ssl3_get_next_proto(ssl);
371
+ if (ret <= 0) {
372
+ goto end;
373
+ }
374
+ } else {
375
+ skip = 1;
376
+ }
377
+ ssl->state = SSL3_ST_SR_CHANNEL_ID_A;
378
+ break;
379
+
380
+ case SSL3_ST_SR_CHANNEL_ID_A:
381
+ if (ssl->s3->tlsext_channel_id_valid) {
382
+ ret = ssl3_get_channel_id(ssl);
383
+ if (ret <= 0) {
384
+ goto end;
385
+ }
386
+ } else {
387
+ skip = 1;
388
+ }
389
+ ssl->state = SSL3_ST_SR_FINISHED_A;
390
+ break;
391
+
392
+ case SSL3_ST_SR_FINISHED_A:
393
+ ret = ssl3_get_finished(ssl);
394
+ if (ret <= 0) {
395
+ goto end;
396
+ }
397
+
398
+ ssl->method->received_flight(ssl);
399
+ if (ssl->session != NULL) {
400
+ ssl->state = SSL_ST_OK;
401
+ } else {
402
+ ssl->state = SSL3_ST_SW_SESSION_TICKET_A;
403
+ }
404
+
405
+ /* If this is a full handshake with ChannelID then record the handshake
406
+ * hashes in |ssl->s3->new_session| in case we need them to verify a
407
+ * ChannelID signature on a resumption of this session in the future. */
408
+ if (ssl->session == NULL && ssl->s3->tlsext_channel_id_valid) {
409
+ ret = tls1_record_handshake_hashes_for_channel_id(ssl);
410
+ if (ret <= 0) {
411
+ goto end;
412
+ }
413
+ }
414
+ break;
415
+
416
+ case SSL3_ST_SW_SESSION_TICKET_A:
417
+ case SSL3_ST_SW_SESSION_TICKET_B:
418
+ if (ssl->tlsext_ticket_expected) {
419
+ ret = ssl3_send_new_session_ticket(ssl);
420
+ if (ret <= 0) {
421
+ goto end;
422
+ }
423
+ } else {
424
+ skip = 1;
425
+ }
426
+ ssl->state = SSL3_ST_SW_CHANGE;
427
+ break;
428
+
429
+ case SSL3_ST_SW_CHANGE:
430
+ ret = ssl->method->send_change_cipher_spec(ssl);
431
+ if (ret <= 0) {
432
+ goto end;
433
+ }
434
+ ssl->state = SSL3_ST_SW_FINISHED_A;
435
+
436
+ if (!tls1_change_cipher_state(ssl, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
437
+ ret = -1;
438
+ goto end;
439
+ }
440
+ break;
441
+
442
+ case SSL3_ST_SW_FINISHED_A:
443
+ case SSL3_ST_SW_FINISHED_B:
444
+ ret = ssl3_send_finished(ssl, SSL3_ST_SW_FINISHED_A,
445
+ SSL3_ST_SW_FINISHED_B);
446
+ if (ret <= 0) {
447
+ goto end;
448
+ }
449
+ ssl->state = SSL3_ST_SW_FLUSH;
450
+ if (ssl->session != NULL) {
451
+ ssl->s3->tmp.next_state = SSL3_ST_SR_CHANGE;
452
+ } else {
453
+ ssl->s3->tmp.next_state = SSL_ST_OK;
454
+ }
455
+ break;
456
+
457
+ case SSL3_ST_SW_FLUSH:
458
+ if (BIO_flush(ssl->wbio) <= 0) {
459
+ ssl->rwstate = SSL_WRITING;
460
+ ret = -1;
461
+ goto end;
462
+ }
463
+
464
+ ssl->state = ssl->s3->tmp.next_state;
465
+ if (ssl->state != SSL_ST_OK) {
466
+ ssl->method->expect_flight(ssl);
467
+ }
468
+ break;
469
+
470
+ case SSL_ST_TLS13:
471
+ ret = tls13_handshake(ssl);
472
+ if (ret <= 0) {
473
+ goto end;
474
+ }
475
+ ssl->state = SSL_ST_OK;
476
+ break;
477
+
478
+ case SSL_ST_OK:
479
+ /* Clean a few things up. */
480
+ ssl3_cleanup_key_block(ssl);
481
+ ssl->method->release_current_message(ssl, 1 /* free_buffer */);
482
+
483
+ /* If we aren't retaining peer certificates then we can discard it
484
+ * now. */
485
+ if (ssl->s3->new_session != NULL &&
486
+ ssl->ctx->retain_only_sha256_of_client_certs) {
487
+ X509_free(ssl->s3->new_session->peer);
488
+ ssl->s3->new_session->peer = NULL;
489
+ sk_X509_pop_free(ssl->s3->new_session->cert_chain, X509_free);
490
+ ssl->s3->new_session->cert_chain = NULL;
491
+ }
492
+
493
+ SSL_SESSION_free(ssl->s3->established_session);
494
+ if (ssl->session != NULL) {
495
+ SSL_SESSION_up_ref(ssl->session);
496
+ ssl->s3->established_session = ssl->session;
497
+ } else {
498
+ ssl->s3->established_session = ssl->s3->new_session;
499
+ ssl->s3->established_session->not_resumable = 0;
500
+ ssl->s3->new_session = NULL;
501
+ }
502
+
503
+ /* remove buffering on output */
504
+ ssl_free_wbio_buffer(ssl);
505
+
506
+ ssl_handshake_free(ssl->s3->hs);
507
+ ssl->s3->hs = NULL;
508
+
509
+ ssl->s3->initial_handshake_complete = 1;
510
+
511
+ ssl_update_cache(ssl, SSL_SESS_CACHE_SERVER);
512
+
513
+ ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_DONE, 1);
514
+
515
+ ret = 1;
516
+ goto end;
517
+
518
+ default:
519
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_STATE);
520
+ ret = -1;
521
+ goto end;
522
+ }
523
+
524
+ if (!ssl->s3->tmp.reuse_message && !skip && ssl->state != state) {
525
+ int new_state = ssl->state;
526
+ ssl->state = state;
527
+ ssl_do_info_callback(ssl, SSL_CB_ACCEPT_LOOP, 1);
528
+ ssl->state = new_state;
529
+ }
530
+ skip = 0;
531
+ }
532
+
533
+ end:
534
+ ssl_do_info_callback(ssl, SSL_CB_ACCEPT_EXIT, ret);
535
+ return ret;
536
+ }
537
+
538
+ int ssl_client_cipher_list_contains_cipher(
539
+ const struct ssl_early_callback_ctx *client_hello, uint16_t id) {
540
+ CBS cipher_suites;
541
+ CBS_init(&cipher_suites, client_hello->cipher_suites,
542
+ client_hello->cipher_suites_len);
543
+
544
+ while (CBS_len(&cipher_suites) > 0) {
545
+ uint16_t got_id;
546
+ if (!CBS_get_u16(&cipher_suites, &got_id)) {
547
+ return 0;
548
+ }
549
+
550
+ if (got_id == id) {
551
+ return 1;
552
+ }
553
+ }
554
+
555
+ return 0;
556
+ }
557
+
558
+ static int negotiate_version(
559
+ SSL *ssl, int *out_alert,
560
+ const struct ssl_early_callback_ctx *client_hello) {
561
+ uint16_t min_version, max_version;
562
+ if (!ssl_get_version_range(ssl, &min_version, &max_version)) {
563
+ *out_alert = SSL_AD_PROTOCOL_VERSION;
564
+ return 0;
565
+ }
566
+
567
+ uint16_t version = 0;
568
+ /* Check supported_versions extension if it is present. */
569
+ CBS supported_versions;
570
+ if (ssl_early_callback_get_extension(client_hello, &supported_versions,
571
+ TLSEXT_TYPE_supported_versions)) {
572
+ CBS versions;
573
+ if (!CBS_get_u8_length_prefixed(&supported_versions, &versions) ||
574
+ CBS_len(&supported_versions) != 0 ||
575
+ CBS_len(&versions) == 0) {
576
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
577
+ *out_alert = SSL_AD_DECODE_ERROR;
578
+ return 0;
579
+ }
580
+
581
+ int found_version = 0;
582
+ while (CBS_len(&versions) != 0) {
583
+ uint16_t ext_version;
584
+ if (!CBS_get_u16(&versions, &ext_version)) {
585
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
586
+ *out_alert = SSL_AD_DECODE_ERROR;
587
+ return 0;
588
+ }
589
+ if (!ssl->method->version_from_wire(&ext_version, ext_version)) {
590
+ continue;
591
+ }
592
+ if (min_version <= ext_version &&
593
+ ext_version <= max_version) {
594
+ version = ext_version;
595
+ found_version = 1;
596
+ break;
597
+ }
598
+ }
599
+
600
+ if (!found_version) {
601
+ goto unsupported_protocol;
602
+ }
603
+ } else {
604
+ /* Process ClientHello.version instead. Note that versions beyond (D)TLS 1.2
605
+ * do not use this mechanism. */
606
+ if (SSL_is_dtls(ssl)) {
607
+ if (client_hello->version <= DTLS1_2_VERSION) {
608
+ version = TLS1_2_VERSION;
609
+ } else if (client_hello->version <= DTLS1_VERSION) {
610
+ version = TLS1_1_VERSION;
611
+ } else {
612
+ goto unsupported_protocol;
613
+ }
614
+ } else {
615
+ if (client_hello->version >= TLS1_2_VERSION) {
616
+ version = TLS1_2_VERSION;
617
+ } else if (client_hello->version >= TLS1_1_VERSION) {
618
+ version = TLS1_1_VERSION;
619
+ } else if (client_hello->version >= TLS1_VERSION) {
620
+ version = TLS1_VERSION;
621
+ } else if (client_hello->version >= SSL3_VERSION) {
622
+ version = SSL3_VERSION;
623
+ } else {
624
+ goto unsupported_protocol;
625
+ }
626
+ }
627
+
628
+ /* Apply our minimum and maximum version. */
629
+ if (version > max_version) {
630
+ version = max_version;
631
+ }
632
+
633
+ if (version < min_version) {
634
+ goto unsupported_protocol;
635
+ }
636
+ }
637
+
638
+ /* Handle FALLBACK_SCSV. */
639
+ if (ssl_client_cipher_list_contains_cipher(client_hello,
640
+ SSL3_CK_FALLBACK_SCSV & 0xffff) &&
641
+ version < max_version) {
642
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INAPPROPRIATE_FALLBACK);
643
+ *out_alert = SSL3_AD_INAPPROPRIATE_FALLBACK;
644
+ return 0;
645
+ }
646
+
647
+ ssl->client_version = client_hello->version;
648
+ ssl->version = ssl->method->version_to_wire(version);
649
+ ssl->s3->enc_method = ssl3_get_enc_method(version);
650
+ assert(ssl->s3->enc_method != NULL);
651
+
652
+ /* At this point, the connection's version is known and |ssl->version| is
653
+ * fixed. Begin enforcing the record-layer version. */
654
+ ssl->s3->have_version = 1;
655
+
656
+ return 1;
657
+
658
+ unsupported_protocol:
659
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL);
660
+ *out_alert = SSL_AD_PROTOCOL_VERSION;
661
+ return 0;
662
+ }
663
+
664
+ static int ssl3_get_client_hello(SSL *ssl) {
665
+ int al = SSL_AD_INTERNAL_ERROR, ret = -1;
666
+ SSL_SESSION *session = NULL;
667
+
668
+ if (ssl->state == SSL3_ST_SR_CLNT_HELLO_A) {
669
+ /* The first time around, read the ClientHello. */
670
+ int msg_ret = ssl->method->ssl_get_message(ssl, SSL3_MT_CLIENT_HELLO,
671
+ ssl_hash_message);
672
+ if (msg_ret <= 0) {
673
+ return msg_ret;
674
+ }
675
+
676
+ ssl->state = SSL3_ST_SR_CLNT_HELLO_B;
677
+ }
678
+
679
+ struct ssl_early_callback_ctx client_hello;
680
+ if (!ssl_early_callback_init(ssl, &client_hello, ssl->init_msg,
681
+ ssl->init_num)) {
682
+ al = SSL_AD_DECODE_ERROR;
683
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
684
+ goto f_err;
685
+ }
686
+
687
+ if (ssl->state == SSL3_ST_SR_CLNT_HELLO_B) {
688
+ /* Unlike other callbacks, the early callback is not run a second time if
689
+ * paused. */
690
+ ssl->state = SSL3_ST_SR_CLNT_HELLO_C;
691
+
692
+ /* Run the early callback. */
693
+ if (ssl->ctx->select_certificate_cb != NULL) {
694
+ switch (ssl->ctx->select_certificate_cb(&client_hello)) {
695
+ case 0:
696
+ ssl->rwstate = SSL_CERTIFICATE_SELECTION_PENDING;
697
+ goto err;
698
+
699
+ case -1:
700
+ /* Connection rejected. */
701
+ al = SSL_AD_HANDSHAKE_FAILURE;
702
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED);
703
+ goto f_err;
704
+
705
+ default:
706
+ /* fallthrough */;
707
+ }
708
+ }
709
+ }
710
+
711
+ /* Negotiate the protocol version if we have not done so yet. */
712
+ if (!ssl->s3->have_version) {
713
+ if (!negotiate_version(ssl, &al, &client_hello)) {
714
+ goto f_err;
715
+ }
716
+
717
+ if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
718
+ ssl->state = SSL_ST_TLS13;
719
+ return 1;
720
+ }
721
+ }
722
+
723
+ if (ssl->state == SSL3_ST_SR_CLNT_HELLO_C) {
724
+ /* Load the client random. */
725
+ if (client_hello.random_len != SSL3_RANDOM_SIZE) {
726
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
727
+ return -1;
728
+ }
729
+ memcpy(ssl->s3->client_random, client_hello.random,
730
+ client_hello.random_len);
731
+
732
+ /* Determine whether we are doing session resumption. */
733
+ int send_new_ticket = 0;
734
+ switch (
735
+ ssl_get_prev_session(ssl, &session, &send_new_ticket, &client_hello)) {
736
+ case ssl_session_success:
737
+ break;
738
+ case ssl_session_error:
739
+ goto err;
740
+ case ssl_session_retry:
741
+ ssl->rwstate = SSL_PENDING_SESSION;
742
+ goto err;
743
+ }
744
+ ssl->tlsext_ticket_expected = send_new_ticket;
745
+
746
+ /* The EMS state is needed when making the resumption decision, but
747
+ * extensions are not normally parsed until later. This detects the EMS
748
+ * extension for the resumption decision and it's checked against the result
749
+ * of the normal parse later in this function. */
750
+ CBS ems;
751
+ int have_extended_master_secret =
752
+ ssl->version != SSL3_VERSION &&
753
+ ssl_early_callback_get_extension(&client_hello, &ems,
754
+ TLSEXT_TYPE_extended_master_secret) &&
755
+ CBS_len(&ems) == 0;
756
+
757
+ int has_session = 0;
758
+ if (session != NULL) {
759
+ if (session->extended_master_secret &&
760
+ !have_extended_master_secret) {
761
+ /* A ClientHello without EMS that attempts to resume a session with EMS
762
+ * is fatal to the connection. */
763
+ al = SSL_AD_HANDSHAKE_FAILURE;
764
+ OPENSSL_PUT_ERROR(SSL, SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION);
765
+ goto f_err;
766
+ }
767
+
768
+ has_session =
769
+ /* Only resume if the session's version matches the negotiated
770
+ * version: most clients do not accept a mismatch. */
771
+ ssl->version == session->ssl_version &&
772
+ /* If the client offers the EMS extension, but the previous session
773
+ * didn't use it, then negotiate a new session. */
774
+ have_extended_master_secret == session->extended_master_secret;
775
+ }
776
+
777
+ if (has_session) {
778
+ /* Use the old session. */
779
+ ssl->session = session;
780
+ session = NULL;
781
+ ssl->s3->session_reused = 1;
782
+ } else {
783
+ ssl_set_session(ssl, NULL);
784
+ if (!ssl_get_new_session(ssl, 1 /* server */)) {
785
+ goto err;
786
+ }
787
+
788
+ /* Clear the session ID if we want the session to be single-use. */
789
+ if (!(ssl->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) {
790
+ ssl->s3->new_session->session_id_length = 0;
791
+ }
792
+ }
793
+
794
+ if (ssl->ctx->dos_protection_cb != NULL &&
795
+ ssl->ctx->dos_protection_cb(&client_hello) == 0) {
796
+ /* Connection rejected for DOS reasons. */
797
+ al = SSL_AD_INTERNAL_ERROR;
798
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED);
799
+ goto f_err;
800
+ }
801
+
802
+ /* Only null compression is supported. */
803
+ if (memchr(client_hello.compression_methods, 0,
804
+ client_hello.compression_methods_len) == NULL) {
805
+ al = SSL_AD_ILLEGAL_PARAMETER;
806
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_COMPRESSION_SPECIFIED);
807
+ goto f_err;
808
+ }
809
+
810
+ /* TLS extensions. */
811
+ if (!ssl_parse_clienthello_tlsext(ssl, &client_hello)) {
812
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
813
+ goto err;
814
+ }
815
+
816
+ if (have_extended_master_secret != ssl->s3->tmp.extended_master_secret) {
817
+ al = SSL_AD_INTERNAL_ERROR;
818
+ OPENSSL_PUT_ERROR(SSL, SSL_R_EMS_STATE_INCONSISTENT);
819
+ goto f_err;
820
+ }
821
+
822
+ ssl->state = SSL3_ST_SR_CLNT_HELLO_D;
823
+ }
824
+
825
+ /* Determine the remaining connection parameters. This is a separate state so
826
+ * |cert_cb| does not cause earlier logic to run multiple times. */
827
+ assert(ssl->state == SSL3_ST_SR_CLNT_HELLO_D);
828
+
829
+ if (ssl->session != NULL) {
830
+ /* Check that the cipher is in the list. */
831
+ if (!ssl_client_cipher_list_contains_cipher(
832
+ &client_hello, (uint16_t)ssl->session->cipher->id)) {
833
+ al = SSL_AD_ILLEGAL_PARAMETER;
834
+ OPENSSL_PUT_ERROR(SSL, SSL_R_REQUIRED_CIPHER_MISSING);
835
+ goto f_err;
836
+ }
837
+
838
+ ssl->s3->tmp.new_cipher = ssl->session->cipher;
839
+ ssl->s3->tmp.cert_request = 0;
840
+ } else {
841
+ /* Call |cert_cb| to update server certificates if required. */
842
+ if (ssl->cert->cert_cb != NULL) {
843
+ int rv = ssl->cert->cert_cb(ssl, ssl->cert->cert_cb_arg);
844
+ if (rv == 0) {
845
+ al = SSL_AD_INTERNAL_ERROR;
846
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_CB_ERROR);
847
+ goto f_err;
848
+ }
849
+ if (rv < 0) {
850
+ ssl->rwstate = SSL_X509_LOOKUP;
851
+ goto err;
852
+ }
853
+ }
854
+
855
+ const SSL_CIPHER *c =
856
+ ssl3_choose_cipher(ssl, &client_hello, ssl_get_cipher_preferences(ssl));
857
+ if (c == NULL) {
858
+ al = SSL_AD_HANDSHAKE_FAILURE;
859
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER);
860
+ goto f_err;
861
+ }
862
+
863
+ ssl->s3->new_session->cipher = c;
864
+ ssl->s3->tmp.new_cipher = c;
865
+
866
+ /* Determine whether to request a client certificate. */
867
+ ssl->s3->tmp.cert_request = !!(ssl->verify_mode & SSL_VERIFY_PEER);
868
+ /* Only request a certificate if Channel ID isn't negotiated. */
869
+ if ((ssl->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) &&
870
+ ssl->s3->tlsext_channel_id_valid) {
871
+ ssl->s3->tmp.cert_request = 0;
872
+ }
873
+ /* CertificateRequest may only be sent in certificate-based ciphers. */
874
+ if (!ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
875
+ ssl->s3->tmp.cert_request = 0;
876
+ }
877
+
878
+ if (!ssl->s3->tmp.cert_request) {
879
+ /* OpenSSL returns X509_V_OK when no certificates are requested. This is
880
+ * classed by them as a bug, but it's assumed by at least NGINX. */
881
+ ssl->s3->new_session->verify_result = X509_V_OK;
882
+ }
883
+ }
884
+
885
+ /* Now that the cipher is known, initialize the handshake hash. */
886
+ if (!ssl3_init_handshake_hash(ssl)) {
887
+ goto f_err;
888
+ }
889
+
890
+ /* Release the handshake buffer if client authentication isn't required. */
891
+ if (!ssl->s3->tmp.cert_request) {
892
+ ssl3_free_handshake_buffer(ssl);
893
+ }
894
+
895
+ ret = 1;
896
+
897
+ if (0) {
898
+ f_err:
899
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
900
+ }
901
+
902
+ err:
903
+ SSL_SESSION_free(session);
904
+ return ret;
905
+ }
906
+
907
+ static int ssl3_send_server_hello(SSL *ssl) {
908
+ if (ssl->state == SSL3_ST_SW_SRVR_HELLO_B) {
909
+ return ssl->method->write_message(ssl);
910
+ }
911
+
912
+ assert(ssl->state == SSL3_ST_SW_SRVR_HELLO_A);
913
+
914
+ /* We only accept ChannelIDs on connections with ECDHE in order to avoid a
915
+ * known attack while we fix ChannelID itself. */
916
+ if (ssl->s3->tlsext_channel_id_valid &&
917
+ (ssl->s3->tmp.new_cipher->algorithm_mkey & SSL_kECDHE) == 0) {
918
+ ssl->s3->tlsext_channel_id_valid = 0;
919
+ }
920
+
921
+ /* If this is a resumption and the original handshake didn't support
922
+ * ChannelID then we didn't record the original handshake hashes in the
923
+ * session and so cannot resume with ChannelIDs. */
924
+ if (ssl->session != NULL &&
925
+ ssl->session->original_handshake_hash_len == 0) {
926
+ ssl->s3->tlsext_channel_id_valid = 0;
927
+ }
928
+
929
+ struct timeval now;
930
+ ssl_get_current_time(ssl, &now);
931
+ ssl->s3->server_random[0] = now.tv_sec >> 24;
932
+ ssl->s3->server_random[1] = now.tv_sec >> 16;
933
+ ssl->s3->server_random[2] = now.tv_sec >> 8;
934
+ ssl->s3->server_random[3] = now.tv_sec;
935
+ if (!RAND_bytes(ssl->s3->server_random + 4, SSL3_RANDOM_SIZE - 4)) {
936
+ return -1;
937
+ }
938
+
939
+ /* TODO(davidben): Implement the TLS 1.1 and 1.2 downgrade sentinels once TLS
940
+ * 1.3 is finalized and we are not implementing a draft version. */
941
+
942
+ const SSL_SESSION *session = ssl->s3->new_session;
943
+ if (ssl->session != NULL) {
944
+ session = ssl->session;
945
+ }
946
+
947
+ CBB cbb, body, session_id;
948
+ if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_SERVER_HELLO) ||
949
+ !CBB_add_u16(&body, ssl->version) ||
950
+ !CBB_add_bytes(&body, ssl->s3->server_random, SSL3_RANDOM_SIZE) ||
951
+ !CBB_add_u8_length_prefixed(&body, &session_id) ||
952
+ !CBB_add_bytes(&session_id, session->session_id,
953
+ session->session_id_length) ||
954
+ !CBB_add_u16(&body, ssl_cipher_get_value(ssl->s3->tmp.new_cipher)) ||
955
+ !CBB_add_u8(&body, 0 /* no compression */) ||
956
+ !ssl_add_serverhello_tlsext(ssl, &body) ||
957
+ !ssl->method->finish_message(ssl, &cbb)) {
958
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
959
+ CBB_cleanup(&cbb);
960
+ return -1;
961
+ }
962
+
963
+ ssl->state = SSL3_ST_SW_SRVR_HELLO_B;
964
+ return ssl->method->write_message(ssl);
965
+ }
966
+
967
+ static int ssl3_send_server_certificate(SSL *ssl) {
968
+ if (ssl->state == SSL3_ST_SW_CERT_B) {
969
+ return ssl->method->write_message(ssl);
970
+ }
971
+
972
+ if (!ssl_has_certificate(ssl)) {
973
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET);
974
+ return 0;
975
+ }
976
+
977
+ if (!ssl3_output_cert_chain(ssl)) {
978
+ return 0;
979
+ }
980
+ ssl->state = SSL3_ST_SW_CERT_B;
981
+ return ssl->method->write_message(ssl);
982
+ }
983
+
984
+ static int ssl3_send_certificate_status(SSL *ssl) {
985
+ if (ssl->state == SSL3_ST_SW_CERT_STATUS_B) {
986
+ return ssl->method->write_message(ssl);
987
+ }
988
+
989
+ CBB cbb, body, ocsp_response;
990
+ if (!ssl->method->init_message(ssl, &cbb, &body,
991
+ SSL3_MT_CERTIFICATE_STATUS) ||
992
+ !CBB_add_u8(&body, TLSEXT_STATUSTYPE_ocsp) ||
993
+ !CBB_add_u24_length_prefixed(&body, &ocsp_response) ||
994
+ !CBB_add_bytes(&ocsp_response, ssl->ctx->ocsp_response,
995
+ ssl->ctx->ocsp_response_length) ||
996
+ !ssl->method->finish_message(ssl, &cbb)) {
997
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
998
+ CBB_cleanup(&cbb);
999
+ return -1;
1000
+ }
1001
+
1002
+ ssl->state = SSL3_ST_SW_CERT_STATUS_B;
1003
+ return ssl->method->write_message(ssl);
1004
+ }
1005
+
1006
+ static int ssl3_send_server_key_exchange(SSL *ssl) {
1007
+ if (ssl->state == SSL3_ST_SW_KEY_EXCH_C) {
1008
+ return ssl->method->write_message(ssl);
1009
+ }
1010
+
1011
+ CBB cbb, child;
1012
+ CBB_zero(&cbb);
1013
+
1014
+ /* Put together the parameters. */
1015
+ if (ssl->state == SSL3_ST_SW_KEY_EXCH_A) {
1016
+ uint32_t alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
1017
+ uint32_t alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
1018
+
1019
+ /* Pre-allocate enough room to comfortably fit an ECDHE public key. */
1020
+ if (!CBB_init(&cbb, 128)) {
1021
+ goto err;
1022
+ }
1023
+
1024
+ /* PSK ciphers begin with an identity hint. */
1025
+ if (alg_a & SSL_aPSK) {
1026
+ size_t len =
1027
+ (ssl->psk_identity_hint == NULL) ? 0 : strlen(ssl->psk_identity_hint);
1028
+ if (!CBB_add_u16_length_prefixed(&cbb, &child) ||
1029
+ !CBB_add_bytes(&child, (const uint8_t *)ssl->psk_identity_hint,
1030
+ len)) {
1031
+ goto err;
1032
+ }
1033
+ }
1034
+
1035
+ if (alg_k & SSL_kDHE) {
1036
+ /* Determine the group to use. */
1037
+ DH *params = ssl->cert->dh_tmp;
1038
+ if (params == NULL && ssl->cert->dh_tmp_cb != NULL) {
1039
+ params = ssl->cert->dh_tmp_cb(ssl, 0, 1024);
1040
+ }
1041
+ if (params == NULL) {
1042
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_TMP_DH_KEY);
1043
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1044
+ goto err;
1045
+ }
1046
+ ssl->s3->new_session->key_exchange_info = DH_num_bits(params);
1047
+
1048
+ /* Set up DH, generate a key, and emit the public half. */
1049
+ DH *dh = DHparams_dup(params);
1050
+ if (dh == NULL) {
1051
+ goto err;
1052
+ }
1053
+
1054
+ SSL_ECDH_CTX_init_for_dhe(&ssl->s3->tmp.ecdh_ctx, dh);
1055
+ if (!CBB_add_u16_length_prefixed(&cbb, &child) ||
1056
+ !BN_bn2cbb_padded(&child, BN_num_bytes(params->p), params->p) ||
1057
+ !CBB_add_u16_length_prefixed(&cbb, &child) ||
1058
+ !BN_bn2cbb_padded(&child, BN_num_bytes(params->g), params->g) ||
1059
+ !CBB_add_u16_length_prefixed(&cbb, &child) ||
1060
+ !SSL_ECDH_CTX_offer(&ssl->s3->tmp.ecdh_ctx, &child)) {
1061
+ goto err;
1062
+ }
1063
+ } else if (alg_k & SSL_kECDHE) {
1064
+ /* Determine the group to use. */
1065
+ uint16_t group_id;
1066
+ if (!tls1_get_shared_group(ssl, &group_id)) {
1067
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_TMP_ECDH_KEY);
1068
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1069
+ goto err;
1070
+ }
1071
+ ssl->s3->new_session->key_exchange_info = group_id;
1072
+
1073
+ /* Set up ECDH, generate a key, and emit the public half. */
1074
+ if (!SSL_ECDH_CTX_init(&ssl->s3->tmp.ecdh_ctx, group_id) ||
1075
+ !CBB_add_u8(&cbb, NAMED_CURVE_TYPE) ||
1076
+ !CBB_add_u16(&cbb, group_id) ||
1077
+ !CBB_add_u8_length_prefixed(&cbb, &child) ||
1078
+ !SSL_ECDH_CTX_offer(&ssl->s3->tmp.ecdh_ctx, &child)) {
1079
+ goto err;
1080
+ }
1081
+ } else if (alg_k & SSL_kCECPQ1) {
1082
+ SSL_ECDH_CTX_init_for_cecpq1(&ssl->s3->tmp.ecdh_ctx);
1083
+ if (!CBB_add_u16_length_prefixed(&cbb, &child) ||
1084
+ !SSL_ECDH_CTX_offer(&ssl->s3->tmp.ecdh_ctx, &child)) {
1085
+ goto err;
1086
+ }
1087
+ } else {
1088
+ assert(alg_k & SSL_kPSK);
1089
+ }
1090
+
1091
+ size_t len;
1092
+ if (!CBB_finish(&cbb, &ssl->s3->tmp.server_params, &len) ||
1093
+ len > 0xffffffffu) {
1094
+ OPENSSL_free(ssl->s3->tmp.server_params);
1095
+ ssl->s3->tmp.server_params = NULL;
1096
+ goto err;
1097
+ }
1098
+ ssl->s3->tmp.server_params_len = (uint32_t)len;
1099
+ }
1100
+
1101
+ /* Assemble the message. */
1102
+ CBB body;
1103
+ if (!ssl->method->init_message(ssl, &cbb, &body,
1104
+ SSL3_MT_SERVER_KEY_EXCHANGE) ||
1105
+ !CBB_add_bytes(&body, ssl->s3->tmp.server_params,
1106
+ ssl->s3->tmp.server_params_len)) {
1107
+ goto err;
1108
+ }
1109
+
1110
+ /* Add a signature. */
1111
+ if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
1112
+ if (!ssl_has_private_key(ssl)) {
1113
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1114
+ goto err;
1115
+ }
1116
+
1117
+ /* Determine the signature algorithm. */
1118
+ uint16_t signature_algorithm;
1119
+ if (!tls1_choose_signature_algorithm(ssl, &signature_algorithm)) {
1120
+ goto err;
1121
+ }
1122
+ if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1123
+ if (!CBB_add_u16(&body, signature_algorithm)) {
1124
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1125
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1126
+ goto err;
1127
+ }
1128
+ }
1129
+
1130
+ /* Add space for the signature. */
1131
+ const size_t max_sig_len = ssl_private_key_max_signature_len(ssl);
1132
+ uint8_t *ptr;
1133
+ if (!CBB_add_u16_length_prefixed(&body, &child) ||
1134
+ !CBB_reserve(&child, &ptr, max_sig_len)) {
1135
+ goto err;
1136
+ }
1137
+
1138
+ size_t sig_len;
1139
+ enum ssl_private_key_result_t sign_result;
1140
+ if (ssl->state == SSL3_ST_SW_KEY_EXCH_A) {
1141
+ CBB transcript;
1142
+ uint8_t *transcript_data;
1143
+ size_t transcript_len;
1144
+ if (!CBB_init(&transcript,
1145
+ 2*SSL3_RANDOM_SIZE + ssl->s3->tmp.server_params_len) ||
1146
+ !CBB_add_bytes(&transcript, ssl->s3->client_random, SSL3_RANDOM_SIZE) ||
1147
+ !CBB_add_bytes(&transcript, ssl->s3->server_random, SSL3_RANDOM_SIZE) ||
1148
+ !CBB_add_bytes(&transcript, ssl->s3->tmp.server_params,
1149
+ ssl->s3->tmp.server_params_len) ||
1150
+ !CBB_finish(&transcript, &transcript_data, &transcript_len)) {
1151
+ CBB_cleanup(&transcript);
1152
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1153
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
1154
+ goto err;
1155
+ }
1156
+
1157
+ sign_result = ssl_private_key_sign(ssl, ptr, &sig_len, max_sig_len,
1158
+ signature_algorithm, transcript_data,
1159
+ transcript_len);
1160
+ OPENSSL_free(transcript_data);
1161
+ } else {
1162
+ assert(ssl->state == SSL3_ST_SW_KEY_EXCH_B);
1163
+ sign_result = ssl_private_key_complete(ssl, ptr, &sig_len, max_sig_len);
1164
+ }
1165
+
1166
+ switch (sign_result) {
1167
+ case ssl_private_key_success:
1168
+ if (!CBB_did_write(&child, sig_len)) {
1169
+ goto err;
1170
+ }
1171
+ break;
1172
+ case ssl_private_key_failure:
1173
+ goto err;
1174
+ case ssl_private_key_retry:
1175
+ ssl->rwstate = SSL_PRIVATE_KEY_OPERATION;
1176
+ ssl->state = SSL3_ST_SW_KEY_EXCH_B;
1177
+ goto err;
1178
+ }
1179
+ }
1180
+
1181
+ if (!ssl->method->finish_message(ssl, &cbb)) {
1182
+ goto err;
1183
+ }
1184
+
1185
+ OPENSSL_free(ssl->s3->tmp.server_params);
1186
+ ssl->s3->tmp.server_params = NULL;
1187
+ ssl->s3->tmp.server_params_len = 0;
1188
+
1189
+ ssl->state = SSL3_ST_SW_KEY_EXCH_C;
1190
+ return ssl->method->write_message(ssl);
1191
+
1192
+ err:
1193
+ CBB_cleanup(&cbb);
1194
+ return -1;
1195
+ }
1196
+
1197
+ static int add_cert_types(SSL *ssl, CBB *cbb) {
1198
+ /* Get configured signature algorithms. */
1199
+ int have_rsa_sign = 0;
1200
+ int have_ecdsa_sign = 0;
1201
+ const uint16_t *sig_algs;
1202
+ size_t sig_algs_len = tls12_get_psigalgs(ssl, &sig_algs);
1203
+ for (size_t i = 0; i < sig_algs_len; i++) {
1204
+ switch (sig_algs[i]) {
1205
+ case SSL_SIGN_RSA_PKCS1_SHA512:
1206
+ case SSL_SIGN_RSA_PKCS1_SHA384:
1207
+ case SSL_SIGN_RSA_PKCS1_SHA256:
1208
+ case SSL_SIGN_RSA_PKCS1_SHA1:
1209
+ have_rsa_sign = 1;
1210
+ break;
1211
+
1212
+ case SSL_SIGN_ECDSA_SECP521R1_SHA512:
1213
+ case SSL_SIGN_ECDSA_SECP384R1_SHA384:
1214
+ case SSL_SIGN_ECDSA_SECP256R1_SHA256:
1215
+ case SSL_SIGN_ECDSA_SHA1:
1216
+ have_ecdsa_sign = 1;
1217
+ break;
1218
+ }
1219
+ }
1220
+
1221
+ if (have_rsa_sign && !CBB_add_u8(cbb, SSL3_CT_RSA_SIGN)) {
1222
+ return 0;
1223
+ }
1224
+
1225
+ /* ECDSA certs can be used with RSA cipher suites as well so we don't need to
1226
+ * check for SSL_kECDH or SSL_kECDHE. */
1227
+ if (ssl->version >= TLS1_VERSION && have_ecdsa_sign &&
1228
+ !CBB_add_u8(cbb, TLS_CT_ECDSA_SIGN)) {
1229
+ return 0;
1230
+ }
1231
+
1232
+ return 1;
1233
+ }
1234
+
1235
+ static int ssl3_send_certificate_request(SSL *ssl) {
1236
+ if (ssl->state == SSL3_ST_SW_CERT_REQ_B) {
1237
+ return ssl->method->write_message(ssl);
1238
+ }
1239
+
1240
+ CBB cbb, body, cert_types, sigalgs_cbb;
1241
+ if (!ssl->method->init_message(ssl, &cbb, &body,
1242
+ SSL3_MT_CERTIFICATE_REQUEST) ||
1243
+ !CBB_add_u8_length_prefixed(&body, &cert_types) ||
1244
+ !add_cert_types(ssl, &cert_types)) {
1245
+ goto err;
1246
+ }
1247
+
1248
+ if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1249
+ const uint16_t *sigalgs;
1250
+ size_t num_sigalgs = tls12_get_psigalgs(ssl, &sigalgs);
1251
+ if (!CBB_add_u16_length_prefixed(&body, &sigalgs_cbb)) {
1252
+ goto err;
1253
+ }
1254
+
1255
+ for (size_t i = 0; i < num_sigalgs; i++) {
1256
+ if (!CBB_add_u16(&sigalgs_cbb, sigalgs[i])) {
1257
+ goto err;
1258
+ }
1259
+ }
1260
+ }
1261
+
1262
+ if (!ssl_add_client_CA_list(ssl, &body) ||
1263
+ !ssl->method->finish_message(ssl, &cbb)) {
1264
+ goto err;
1265
+ }
1266
+
1267
+ ssl->state = SSL3_ST_SW_CERT_REQ_B;
1268
+ return ssl->method->write_message(ssl);
1269
+
1270
+ err:
1271
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1272
+ CBB_cleanup(&cbb);
1273
+ return -1;
1274
+ }
1275
+
1276
+ static int ssl3_send_server_hello_done(SSL *ssl) {
1277
+ if (ssl->state == SSL3_ST_SW_SRVR_DONE_B) {
1278
+ return ssl->method->write_message(ssl);
1279
+ }
1280
+
1281
+ CBB cbb, body;
1282
+ if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_SERVER_HELLO_DONE) ||
1283
+ !ssl->method->finish_message(ssl, &cbb)) {
1284
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1285
+ CBB_cleanup(&cbb);
1286
+ return -1;
1287
+ }
1288
+
1289
+ ssl->state = SSL3_ST_SW_SRVR_DONE_B;
1290
+ return ssl->method->write_message(ssl);
1291
+ }
1292
+
1293
+ static int ssl3_get_client_certificate(SSL *ssl) {
1294
+ assert(ssl->s3->tmp.cert_request);
1295
+
1296
+ int msg_ret = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message);
1297
+ if (msg_ret <= 0) {
1298
+ return msg_ret;
1299
+ }
1300
+
1301
+ if (ssl->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
1302
+ if (ssl->version == SSL3_VERSION &&
1303
+ ssl->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
1304
+ /* In SSL 3.0, the Certificate message is omitted to signal no
1305
+ * certificate. */
1306
+ if (ssl->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
1307
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1308
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1309
+ return -1;
1310
+ }
1311
+
1312
+ /* OpenSSL returns X509_V_OK when no certificates are received. This is
1313
+ * classed by them as a bug, but it's assumed by at least NGINX. */
1314
+ ssl->s3->new_session->verify_result = X509_V_OK;
1315
+ ssl->s3->tmp.reuse_message = 1;
1316
+ return 1;
1317
+ }
1318
+
1319
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
1320
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1321
+ return -1;
1322
+ }
1323
+
1324
+ CBS certificate_msg;
1325
+ CBS_init(&certificate_msg, ssl->init_msg, ssl->init_num);
1326
+ uint8_t alert;
1327
+ STACK_OF(X509) *chain = ssl_parse_cert_chain(
1328
+ ssl, &alert, ssl->ctx->retain_only_sha256_of_client_certs
1329
+ ? ssl->s3->new_session->peer_sha256
1330
+ : NULL,
1331
+ &certificate_msg);
1332
+ if (chain == NULL) {
1333
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
1334
+ goto err;
1335
+ }
1336
+
1337
+ if (CBS_len(&certificate_msg) != 0) {
1338
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1339
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1340
+ goto err;
1341
+ }
1342
+
1343
+ if (sk_X509_num(chain) == 0) {
1344
+ /* No client certificate so the handshake buffer may be discarded. */
1345
+ ssl3_free_handshake_buffer(ssl);
1346
+
1347
+ /* In SSL 3.0, sending no certificate is signaled by omitting the
1348
+ * Certificate message. */
1349
+ if (ssl->version == SSL3_VERSION) {
1350
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATES_RETURNED);
1351
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1352
+ goto err;
1353
+ }
1354
+
1355
+ if (ssl->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
1356
+ /* Fail for TLS only if we required a certificate */
1357
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
1358
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1359
+ goto err;
1360
+ }
1361
+
1362
+ /* OpenSSL returns X509_V_OK when no certificates are received. This is
1363
+ * classed by them as a bug, but it's assumed by at least NGINX. */
1364
+ ssl->s3->new_session->verify_result = X509_V_OK;
1365
+ } else {
1366
+ /* The hash would have been filled in. */
1367
+ if (ssl->ctx->retain_only_sha256_of_client_certs) {
1368
+ ssl->s3->new_session->peer_sha256_valid = 1;
1369
+ }
1370
+
1371
+ if (!ssl_verify_cert_chain(ssl, &ssl->s3->new_session->verify_result,
1372
+ chain)) {
1373
+ goto err;
1374
+ }
1375
+ }
1376
+
1377
+ X509_free(ssl->s3->new_session->peer);
1378
+ ssl->s3->new_session->peer = sk_X509_shift(chain);
1379
+
1380
+ sk_X509_pop_free(ssl->s3->new_session->cert_chain, X509_free);
1381
+ ssl->s3->new_session->cert_chain = chain;
1382
+ /* Inconsistency alert: cert_chain does *not* include the peer's own
1383
+ * certificate, while we do include it in s3_clnt.c */
1384
+
1385
+ return 1;
1386
+
1387
+ err:
1388
+ sk_X509_pop_free(chain, X509_free);
1389
+ return -1;
1390
+ }
1391
+
1392
+ static int ssl3_get_client_key_exchange(SSL *ssl) {
1393
+ int al;
1394
+ CBS client_key_exchange;
1395
+ uint32_t alg_k;
1396
+ uint32_t alg_a;
1397
+ uint8_t *premaster_secret = NULL;
1398
+ size_t premaster_secret_len = 0;
1399
+ uint8_t *decrypt_buf = NULL;
1400
+
1401
+ unsigned psk_len = 0;
1402
+ uint8_t psk[PSK_MAX_PSK_LEN];
1403
+
1404
+ if (ssl->state == SSL3_ST_SR_KEY_EXCH_A) {
1405
+ int ret = ssl->method->ssl_get_message(ssl, SSL3_MT_CLIENT_KEY_EXCHANGE,
1406
+ ssl_hash_message);
1407
+ if (ret <= 0) {
1408
+ return ret;
1409
+ }
1410
+ }
1411
+
1412
+ CBS_init(&client_key_exchange, ssl->init_msg, ssl->init_num);
1413
+ alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
1414
+ alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
1415
+
1416
+ /* If using a PSK key exchange, prepare the pre-shared key. */
1417
+ if (alg_a & SSL_aPSK) {
1418
+ CBS psk_identity;
1419
+
1420
+ /* If using PSK, the ClientKeyExchange contains a psk_identity. If PSK,
1421
+ * then this is the only field in the message. */
1422
+ if (!CBS_get_u16_length_prefixed(&client_key_exchange, &psk_identity) ||
1423
+ ((alg_k & SSL_kPSK) && CBS_len(&client_key_exchange) != 0)) {
1424
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1425
+ al = SSL_AD_DECODE_ERROR;
1426
+ goto f_err;
1427
+ }
1428
+
1429
+ if (ssl->psk_server_callback == NULL) {
1430
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_NO_SERVER_CB);
1431
+ al = SSL_AD_INTERNAL_ERROR;
1432
+ goto f_err;
1433
+ }
1434
+
1435
+ if (CBS_len(&psk_identity) > PSK_MAX_IDENTITY_LEN ||
1436
+ CBS_contains_zero_byte(&psk_identity)) {
1437
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG);
1438
+ al = SSL_AD_ILLEGAL_PARAMETER;
1439
+ goto f_err;
1440
+ }
1441
+
1442
+ if (!CBS_strdup(&psk_identity, &ssl->s3->new_session->psk_identity)) {
1443
+ al = SSL_AD_INTERNAL_ERROR;
1444
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1445
+ goto f_err;
1446
+ }
1447
+
1448
+ /* Look up the key for the identity. */
1449
+ psk_len = ssl->psk_server_callback(ssl, ssl->s3->new_session->psk_identity,
1450
+ psk, sizeof(psk));
1451
+ if (psk_len > PSK_MAX_PSK_LEN) {
1452
+ OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
1453
+ al = SSL_AD_INTERNAL_ERROR;
1454
+ goto f_err;
1455
+ } else if (psk_len == 0) {
1456
+ /* PSK related to the given identity not found */
1457
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND);
1458
+ al = SSL_AD_UNKNOWN_PSK_IDENTITY;
1459
+ goto f_err;
1460
+ }
1461
+ }
1462
+
1463
+ /* Depending on the key exchange method, compute |premaster_secret| and
1464
+ * |premaster_secret_len|. */
1465
+ if (alg_k & SSL_kRSA) {
1466
+ /* Allocate a buffer large enough for an RSA decryption. */
1467
+ const size_t rsa_size = ssl_private_key_max_signature_len(ssl);
1468
+ decrypt_buf = OPENSSL_malloc(rsa_size);
1469
+ if (decrypt_buf == NULL) {
1470
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1471
+ goto err;
1472
+ }
1473
+
1474
+ enum ssl_private_key_result_t decrypt_result;
1475
+ size_t decrypt_len;
1476
+ if (ssl->state == SSL3_ST_SR_KEY_EXCH_A) {
1477
+ if (!ssl_has_private_key(ssl) ||
1478
+ ssl_private_key_type(ssl) != NID_rsaEncryption) {
1479
+ al = SSL_AD_HANDSHAKE_FAILURE;
1480
+ OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_RSA_CERTIFICATE);
1481
+ goto f_err;
1482
+ }
1483
+ CBS encrypted_premaster_secret;
1484
+ if (ssl->version > SSL3_VERSION) {
1485
+ if (!CBS_get_u16_length_prefixed(&client_key_exchange,
1486
+ &encrypted_premaster_secret) ||
1487
+ CBS_len(&client_key_exchange) != 0) {
1488
+ al = SSL_AD_DECODE_ERROR;
1489
+ OPENSSL_PUT_ERROR(SSL,
1490
+ SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1491
+ goto f_err;
1492
+ }
1493
+ } else {
1494
+ encrypted_premaster_secret = client_key_exchange;
1495
+ }
1496
+
1497
+ /* Decrypt with no padding. PKCS#1 padding will be removed as part of the
1498
+ * timing-sensitive code below. */
1499
+ decrypt_result = ssl_private_key_decrypt(
1500
+ ssl, decrypt_buf, &decrypt_len, rsa_size,
1501
+ CBS_data(&encrypted_premaster_secret),
1502
+ CBS_len(&encrypted_premaster_secret));
1503
+ } else {
1504
+ assert(ssl->state == SSL3_ST_SR_KEY_EXCH_B);
1505
+ /* Complete async decrypt. */
1506
+ decrypt_result =
1507
+ ssl_private_key_complete(ssl, decrypt_buf, &decrypt_len, rsa_size);
1508
+ }
1509
+
1510
+ switch (decrypt_result) {
1511
+ case ssl_private_key_success:
1512
+ break;
1513
+ case ssl_private_key_failure:
1514
+ goto err;
1515
+ case ssl_private_key_retry:
1516
+ ssl->rwstate = SSL_PRIVATE_KEY_OPERATION;
1517
+ ssl->state = SSL3_ST_SR_KEY_EXCH_B;
1518
+ goto err;
1519
+ }
1520
+
1521
+ if (decrypt_len != rsa_size) {
1522
+ al = SSL_AD_DECRYPT_ERROR;
1523
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECRYPTION_FAILED);
1524
+ goto f_err;
1525
+ }
1526
+
1527
+ /* Prepare a random premaster, to be used on invalid padding. See RFC 5246,
1528
+ * section 7.4.7.1. */
1529
+ premaster_secret_len = SSL_MAX_MASTER_KEY_LENGTH;
1530
+ premaster_secret = OPENSSL_malloc(premaster_secret_len);
1531
+ if (premaster_secret == NULL) {
1532
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1533
+ goto err;
1534
+ }
1535
+ if (!RAND_bytes(premaster_secret, premaster_secret_len)) {
1536
+ goto err;
1537
+ }
1538
+
1539
+ /* The smallest padded premaster is 11 bytes of overhead. Small keys are
1540
+ * publicly invalid. */
1541
+ if (decrypt_len < 11 + premaster_secret_len) {
1542
+ al = SSL_AD_DECRYPT_ERROR;
1543
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECRYPTION_FAILED);
1544
+ goto f_err;
1545
+ }
1546
+
1547
+ /* Check the padding. See RFC 3447, section 7.2.2. */
1548
+ size_t padding_len = decrypt_len - premaster_secret_len;
1549
+ uint8_t good = constant_time_eq_int_8(decrypt_buf[0], 0) &
1550
+ constant_time_eq_int_8(decrypt_buf[1], 2);
1551
+ for (size_t i = 2; i < padding_len - 1; i++) {
1552
+ good &= ~constant_time_is_zero_8(decrypt_buf[i]);
1553
+ }
1554
+ good &= constant_time_is_zero_8(decrypt_buf[padding_len - 1]);
1555
+
1556
+ /* The premaster secret must begin with |client_version|. This too must be
1557
+ * checked in constant time (http://eprint.iacr.org/2003/052/). */
1558
+ good &= constant_time_eq_8(decrypt_buf[padding_len],
1559
+ (unsigned)(ssl->client_version >> 8));
1560
+ good &= constant_time_eq_8(decrypt_buf[padding_len + 1],
1561
+ (unsigned)(ssl->client_version & 0xff));
1562
+
1563
+ /* Select, in constant time, either the decrypted premaster or the random
1564
+ * premaster based on |good|. */
1565
+ for (size_t i = 0; i < premaster_secret_len; i++) {
1566
+ premaster_secret[i] = constant_time_select_8(
1567
+ good, decrypt_buf[padding_len + i], premaster_secret[i]);
1568
+ }
1569
+
1570
+ OPENSSL_free(decrypt_buf);
1571
+ decrypt_buf = NULL;
1572
+ } else if (alg_k & (SSL_kECDHE|SSL_kDHE|SSL_kCECPQ1)) {
1573
+ /* Parse the ClientKeyExchange. */
1574
+ CBS peer_key;
1575
+ if (!SSL_ECDH_CTX_get_key(&ssl->s3->tmp.ecdh_ctx, &client_key_exchange,
1576
+ &peer_key) ||
1577
+ CBS_len(&client_key_exchange) != 0) {
1578
+ al = SSL_AD_DECODE_ERROR;
1579
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1580
+ goto f_err;
1581
+ }
1582
+
1583
+ /* Compute the premaster. */
1584
+ uint8_t alert;
1585
+ if (!SSL_ECDH_CTX_finish(&ssl->s3->tmp.ecdh_ctx, &premaster_secret,
1586
+ &premaster_secret_len, &alert, CBS_data(&peer_key),
1587
+ CBS_len(&peer_key))) {
1588
+ al = alert;
1589
+ goto f_err;
1590
+ }
1591
+
1592
+ /* The key exchange state may now be discarded. */
1593
+ SSL_ECDH_CTX_cleanup(&ssl->s3->tmp.ecdh_ctx);
1594
+ } else if (alg_k & SSL_kPSK) {
1595
+ /* For plain PSK, other_secret is a block of 0s with the same length as the
1596
+ * pre-shared key. */
1597
+ premaster_secret_len = psk_len;
1598
+ premaster_secret = OPENSSL_malloc(premaster_secret_len);
1599
+ if (premaster_secret == NULL) {
1600
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1601
+ goto err;
1602
+ }
1603
+ memset(premaster_secret, 0, premaster_secret_len);
1604
+ } else {
1605
+ al = SSL_AD_HANDSHAKE_FAILURE;
1606
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CIPHER_TYPE);
1607
+ goto f_err;
1608
+ }
1609
+
1610
+ /* For a PSK cipher suite, the actual pre-master secret is combined with the
1611
+ * pre-shared key. */
1612
+ if (alg_a & SSL_aPSK) {
1613
+ CBB new_premaster, child;
1614
+ uint8_t *new_data;
1615
+ size_t new_len;
1616
+
1617
+ CBB_zero(&new_premaster);
1618
+ if (!CBB_init(&new_premaster, 2 + psk_len + 2 + premaster_secret_len) ||
1619
+ !CBB_add_u16_length_prefixed(&new_premaster, &child) ||
1620
+ !CBB_add_bytes(&child, premaster_secret, premaster_secret_len) ||
1621
+ !CBB_add_u16_length_prefixed(&new_premaster, &child) ||
1622
+ !CBB_add_bytes(&child, psk, psk_len) ||
1623
+ !CBB_finish(&new_premaster, &new_data, &new_len)) {
1624
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
1625
+ CBB_cleanup(&new_premaster);
1626
+ goto err;
1627
+ }
1628
+
1629
+ OPENSSL_cleanse(premaster_secret, premaster_secret_len);
1630
+ OPENSSL_free(premaster_secret);
1631
+ premaster_secret = new_data;
1632
+ premaster_secret_len = new_len;
1633
+ }
1634
+
1635
+ /* Compute the master secret */
1636
+ ssl->s3->new_session->master_key_length = tls1_generate_master_secret(
1637
+ ssl, ssl->s3->new_session->master_key, premaster_secret,
1638
+ premaster_secret_len);
1639
+ if (ssl->s3->new_session->master_key_length == 0) {
1640
+ goto err;
1641
+ }
1642
+ ssl->s3->new_session->extended_master_secret =
1643
+ ssl->s3->tmp.extended_master_secret;
1644
+
1645
+ OPENSSL_cleanse(premaster_secret, premaster_secret_len);
1646
+ OPENSSL_free(premaster_secret);
1647
+ return 1;
1648
+
1649
+ f_err:
1650
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
1651
+ err:
1652
+ if (premaster_secret != NULL) {
1653
+ OPENSSL_cleanse(premaster_secret, premaster_secret_len);
1654
+ OPENSSL_free(premaster_secret);
1655
+ }
1656
+ OPENSSL_free(decrypt_buf);
1657
+
1658
+ return -1;
1659
+ }
1660
+
1661
+ static int ssl3_get_cert_verify(SSL *ssl) {
1662
+ int al, ret = 0;
1663
+ CBS certificate_verify, signature;
1664
+ X509 *peer = ssl->s3->new_session->peer;
1665
+ EVP_PKEY *pkey = NULL;
1666
+
1667
+ /* Only RSA and ECDSA client certificates are supported, so a
1668
+ * CertificateVerify is required if and only if there's a client certificate.
1669
+ * */
1670
+ if (peer == NULL) {
1671
+ ssl3_free_handshake_buffer(ssl);
1672
+ return 1;
1673
+ }
1674
+
1675
+ int msg_ret = ssl->method->ssl_get_message(ssl, SSL3_MT_CERTIFICATE_VERIFY,
1676
+ ssl_dont_hash_message);
1677
+ if (msg_ret <= 0) {
1678
+ return msg_ret;
1679
+ }
1680
+
1681
+ /* Filter out unsupported certificate types. */
1682
+ pkey = X509_get_pubkey(peer);
1683
+ if (pkey == NULL) {
1684
+ goto err;
1685
+ }
1686
+
1687
+ CBS_init(&certificate_verify, ssl->init_msg, ssl->init_num);
1688
+
1689
+ /* Determine the digest type if needbe. */
1690
+ uint16_t signature_algorithm = 0;
1691
+ if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
1692
+ if (!CBS_get_u16(&certificate_verify, &signature_algorithm)) {
1693
+ al = SSL_AD_DECODE_ERROR;
1694
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1695
+ goto f_err;
1696
+ }
1697
+ if (!tls12_check_peer_sigalg(ssl, &al, signature_algorithm)) {
1698
+ goto f_err;
1699
+ }
1700
+ ssl->s3->tmp.peer_signature_algorithm = signature_algorithm;
1701
+ } else if (pkey->type == EVP_PKEY_RSA) {
1702
+ signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
1703
+ } else if (pkey->type == EVP_PKEY_EC) {
1704
+ signature_algorithm = SSL_SIGN_ECDSA_SHA1;
1705
+ } else {
1706
+ al = SSL_AD_UNSUPPORTED_CERTIFICATE;
1707
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
1708
+ goto f_err;
1709
+ }
1710
+
1711
+ /* Parse and verify the signature. */
1712
+ if (!CBS_get_u16_length_prefixed(&certificate_verify, &signature) ||
1713
+ CBS_len(&certificate_verify) != 0) {
1714
+ al = SSL_AD_DECODE_ERROR;
1715
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1716
+ goto f_err;
1717
+ }
1718
+
1719
+ int sig_ok;
1720
+ /* The SSL3 construction for CertificateVerify does not decompose into a
1721
+ * single final digest and signature, and must be special-cased. */
1722
+ if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
1723
+ const EVP_MD *md;
1724
+ uint8_t digest[EVP_MAX_MD_SIZE];
1725
+ size_t digest_len;
1726
+ if (!ssl3_cert_verify_hash(ssl, &md, digest, &digest_len,
1727
+ signature_algorithm)) {
1728
+ goto err;
1729
+ }
1730
+
1731
+ EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
1732
+ sig_ok = pctx != NULL &&
1733
+ EVP_PKEY_verify_init(pctx) &&
1734
+ EVP_PKEY_CTX_set_signature_md(pctx, md) &&
1735
+ EVP_PKEY_verify(pctx, CBS_data(&signature), CBS_len(&signature),
1736
+ digest, digest_len);
1737
+ EVP_PKEY_CTX_free(pctx);
1738
+ } else {
1739
+ sig_ok = ssl_public_key_verify(
1740
+ ssl, CBS_data(&signature), CBS_len(&signature), signature_algorithm,
1741
+ pkey, (const uint8_t *)ssl->s3->handshake_buffer->data,
1742
+ ssl->s3->handshake_buffer->length);
1743
+ }
1744
+
1745
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
1746
+ sig_ok = 1;
1747
+ ERR_clear_error();
1748
+ #endif
1749
+ if (!sig_ok) {
1750
+ al = SSL_AD_DECRYPT_ERROR;
1751
+ OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
1752
+ goto f_err;
1753
+ }
1754
+
1755
+ /* The handshake buffer is no longer necessary, and we may hash the current
1756
+ * message.*/
1757
+ ssl3_free_handshake_buffer(ssl);
1758
+ if (!ssl->method->hash_current_message(ssl)) {
1759
+ goto err;
1760
+ }
1761
+
1762
+ ret = 1;
1763
+
1764
+ if (0) {
1765
+ f_err:
1766
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
1767
+ }
1768
+
1769
+ err:
1770
+ EVP_PKEY_free(pkey);
1771
+
1772
+ return ret;
1773
+ }
1774
+
1775
+ /* ssl3_get_next_proto reads a Next Protocol Negotiation handshake message. It
1776
+ * sets the next_proto member in s if found */
1777
+ static int ssl3_get_next_proto(SSL *ssl) {
1778
+ int ret =
1779
+ ssl->method->ssl_get_message(ssl, SSL3_MT_NEXT_PROTO, ssl_hash_message);
1780
+ if (ret <= 0) {
1781
+ return ret;
1782
+ }
1783
+
1784
+ CBS next_protocol, selected_protocol, padding;
1785
+ CBS_init(&next_protocol, ssl->init_msg, ssl->init_num);
1786
+ if (!CBS_get_u8_length_prefixed(&next_protocol, &selected_protocol) ||
1787
+ !CBS_get_u8_length_prefixed(&next_protocol, &padding) ||
1788
+ CBS_len(&next_protocol) != 0) {
1789
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1790
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1791
+ return 0;
1792
+ }
1793
+
1794
+ if (!CBS_stow(&selected_protocol, &ssl->s3->next_proto_negotiated,
1795
+ &ssl->s3->next_proto_negotiated_len)) {
1796
+ return 0;
1797
+ }
1798
+
1799
+ return 1;
1800
+ }
1801
+
1802
+ /* ssl3_get_channel_id reads and verifies a ClientID handshake message. */
1803
+ static int ssl3_get_channel_id(SSL *ssl) {
1804
+ int ret = -1;
1805
+ uint8_t channel_id_hash[EVP_MAX_MD_SIZE];
1806
+ size_t channel_id_hash_len;
1807
+ const uint8_t *p;
1808
+ uint16_t extension_type;
1809
+ EC_GROUP *p256 = NULL;
1810
+ EC_KEY *key = NULL;
1811
+ EC_POINT *point = NULL;
1812
+ ECDSA_SIG sig;
1813
+ BIGNUM x, y;
1814
+ CBS encrypted_extensions, extension;
1815
+
1816
+ int msg_ret = ssl->method->ssl_get_message(ssl, SSL3_MT_CHANNEL_ID,
1817
+ ssl_dont_hash_message);
1818
+ if (msg_ret <= 0) {
1819
+ return msg_ret;
1820
+ }
1821
+
1822
+ /* Before incorporating the EncryptedExtensions message to the handshake
1823
+ * hash, compute the hash that should have been signed. */
1824
+ if (!tls1_channel_id_hash(ssl, channel_id_hash, &channel_id_hash_len)) {
1825
+ return -1;
1826
+ }
1827
+ assert(channel_id_hash_len == SHA256_DIGEST_LENGTH);
1828
+
1829
+ if (!ssl->method->hash_current_message(ssl)) {
1830
+ return -1;
1831
+ }
1832
+
1833
+ CBS_init(&encrypted_extensions, ssl->init_msg, ssl->init_num);
1834
+
1835
+ /* EncryptedExtensions could include multiple extensions, but the only
1836
+ * extension that could be negotiated is Channel ID, so there can only be one
1837
+ * entry. */
1838
+ if (!CBS_get_u16(&encrypted_extensions, &extension_type) ||
1839
+ !CBS_get_u16_length_prefixed(&encrypted_extensions, &extension) ||
1840
+ CBS_len(&encrypted_extensions) != 0 ||
1841
+ extension_type != TLSEXT_TYPE_channel_id ||
1842
+ CBS_len(&extension) != TLSEXT_CHANNEL_ID_SIZE) {
1843
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
1844
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1845
+ return -1;
1846
+ }
1847
+
1848
+ p256 = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
1849
+ if (!p256) {
1850
+ OPENSSL_PUT_ERROR(SSL, SSL_R_NO_P256_SUPPORT);
1851
+ return -1;
1852
+ }
1853
+
1854
+ BN_init(&x);
1855
+ BN_init(&y);
1856
+ sig.r = BN_new();
1857
+ sig.s = BN_new();
1858
+ if (sig.r == NULL || sig.s == NULL) {
1859
+ goto err;
1860
+ }
1861
+
1862
+ p = CBS_data(&extension);
1863
+ if (BN_bin2bn(p + 0, 32, &x) == NULL ||
1864
+ BN_bin2bn(p + 32, 32, &y) == NULL ||
1865
+ BN_bin2bn(p + 64, 32, sig.r) == NULL ||
1866
+ BN_bin2bn(p + 96, 32, sig.s) == NULL) {
1867
+ goto err;
1868
+ }
1869
+
1870
+ point = EC_POINT_new(p256);
1871
+ if (!point ||
1872
+ !EC_POINT_set_affine_coordinates_GFp(p256, point, &x, &y, NULL)) {
1873
+ goto err;
1874
+ }
1875
+
1876
+ key = EC_KEY_new();
1877
+ if (!key || !EC_KEY_set_group(key, p256) ||
1878
+ !EC_KEY_set_public_key(key, point)) {
1879
+ goto err;
1880
+ }
1881
+
1882
+ /* We stored the handshake hash in |tlsext_channel_id| the first time that we
1883
+ * were called. */
1884
+ int sig_ok = ECDSA_do_verify(channel_id_hash, channel_id_hash_len, &sig, key);
1885
+ #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
1886
+ sig_ok = 1;
1887
+ #endif
1888
+ if (!sig_ok) {
1889
+ OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID);
1890
+ ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
1891
+ ssl->s3->tlsext_channel_id_valid = 0;
1892
+ goto err;
1893
+ }
1894
+
1895
+ memcpy(ssl->s3->tlsext_channel_id, p, 64);
1896
+ ret = 1;
1897
+
1898
+ err:
1899
+ BN_free(&x);
1900
+ BN_free(&y);
1901
+ BN_free(sig.r);
1902
+ BN_free(sig.s);
1903
+ EC_KEY_free(key);
1904
+ EC_POINT_free(point);
1905
+ EC_GROUP_free(p256);
1906
+ return ret;
1907
+ }
1908
+
1909
+ static int ssl3_send_new_session_ticket(SSL *ssl) {
1910
+ if (ssl->state == SSL3_ST_SW_SESSION_TICKET_B) {
1911
+ return ssl->method->write_message(ssl);
1912
+ }
1913
+
1914
+ CBB cbb, body, ticket;
1915
+ if (!ssl->method->init_message(ssl, &cbb, &body,
1916
+ SSL3_MT_NEW_SESSION_TICKET) ||
1917
+ /* Ticket lifetime hint (advisory only): We leave this unspecified for
1918
+ * resumed session (for simplicity), and guess that tickets for new
1919
+ * sessions will live as long as their sessions. */
1920
+ !CBB_add_u32(&body,
1921
+ ssl->session != NULL ? 0 : ssl->s3->new_session->timeout) ||
1922
+ !CBB_add_u16_length_prefixed(&body, &ticket) ||
1923
+ !ssl_encrypt_ticket(ssl, &ticket, ssl->session != NULL
1924
+ ? ssl->session
1925
+ : ssl->s3->new_session) ||
1926
+ !ssl->method->finish_message(ssl, &cbb)) {
1927
+ return 0;
1928
+ }
1929
+
1930
+ ssl->state = SSL3_ST_SW_SESSION_TICKET_B;
1931
+ return ssl->method->write_message(ssl);
1932
+ }