aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/restricted
diff options
context:
space:
mode:
authorrobot-contrib <robot-contrib@yandex-team.com>2023-03-25 11:05:32 +0300
committerrobot-contrib <robot-contrib@yandex-team.com>2023-03-25 11:05:32 +0300
commitf60764b94c031a4de74405922773a8076ac173ef (patch)
treec75fcb75a5c17e5472ab5816f0a9fc012710bf59 /contrib/restricted
parentf8cf10ff0fb48496a675933b846456d567cca1af (diff)
downloadydb-f60764b94c031a4de74405922773a8076ac173ef.tar.gz
Update contrib/restricted/aws/aws-c-io to 0.13.19
Diffstat (limited to 'contrib/restricted')
-rw-r--r--contrib/restricted/aws/aws-c-io/include/aws/io/private/pki_utils.h7
-rw-r--r--contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c20
-rw-r--r--contrib/restricted/aws/aws-c-io/ya.make4
3 files changed, 22 insertions, 9 deletions
diff --git a/contrib/restricted/aws/aws-c-io/include/aws/io/private/pki_utils.h b/contrib/restricted/aws/aws-c-io/include/aws/io/private/pki_utils.h
index 7533f0317f..feb8d65ce9 100644
--- a/contrib/restricted/aws/aws-c-io/include/aws/io/private/pki_utils.h
+++ b/contrib/restricted/aws/aws-c-io/include/aws/io/private/pki_utils.h
@@ -39,6 +39,13 @@ AWS_IO_API int aws_decode_pem_to_buffer_list(
struct aws_array_list *cert_chain_or_key);
/**
+ * Returns the path to the directory and file, respectively, which holds the
+ * SSL certificate trust store on the system.
+ */
+AWS_IO_API const char *aws_determine_default_pki_dir(void);
+AWS_IO_API const char *aws_determine_default_pki_ca_file(void);
+
+/**
* Decodes a PEM file at 'filename' and adds the results to 'cert_chain_or_key' if successful.
* Otherwise, 'cert_chain_or_key' will be empty.
* The passed-in parameter 'cert_chain_or_key' should be empty and dynamically initialized array_list
diff --git a/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c b/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
index 550c25f96b..4a7d8bf450 100644
--- a/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
+++ b/contrib/restricted/aws/aws-c-io/source/s2n/s2n_tls_channel_handler.c
@@ -104,8 +104,8 @@ AWS_STATIC_STRING_FROM_LITERAL(s_android_path, "/system/etc/security/cacerts");
AWS_STATIC_STRING_FROM_LITERAL(s_free_bsd_path, "/usr/local/share/certs");
AWS_STATIC_STRING_FROM_LITERAL(s_net_bsd_path, "/etc/openssl/certs");
-static const char *s_determine_default_pki_dir(void) {
- /* debian variants */
+AWS_IO_API const char *aws_determine_default_pki_dir(void) {
+ /* debian variants; OpenBSD (although the directory doesn't exist by default) */
if (aws_path_exists(s_debian_path)) {
return aws_string_c_str(s_debian_path);
}
@@ -120,12 +120,12 @@ static const char *s_determine_default_pki_dir(void) {
return aws_string_c_str(s_android_path);
}
- /* Free BSD */
+ /* FreeBSD */
if (aws_path_exists(s_free_bsd_path)) {
return aws_string_c_str(s_free_bsd_path);
}
- /* Net BSD */
+ /* NetBSD */
if (aws_path_exists(s_net_bsd_path)) {
return aws_string_c_str(s_net_bsd_path);
}
@@ -138,8 +138,9 @@ AWS_STATIC_STRING_FROM_LITERAL(s_old_rhel_ca_file_path, "/etc/pki/tls/certs/ca-b
AWS_STATIC_STRING_FROM_LITERAL(s_open_suse_ca_file_path, "/etc/ssl/ca-bundle.pem");
AWS_STATIC_STRING_FROM_LITERAL(s_open_elec_ca_file_path, "/etc/pki/tls/cacert.pem");
AWS_STATIC_STRING_FROM_LITERAL(s_modern_rhel_ca_file_path, "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem");
+AWS_STATIC_STRING_FROM_LITERAL(s_openbsd_ca_file_path, "/etc/ssl/cert.pem");
-static const char *s_determine_default_pki_ca_file(void) {
+AWS_IO_API const char *aws_determine_default_pki_ca_file(void) {
/* debian variants */
if (aws_path_exists(s_debian_ca_file_path)) {
return aws_string_c_str(s_debian_ca_file_path);
@@ -165,6 +166,11 @@ static const char *s_determine_default_pki_ca_file(void) {
return aws_string_c_str(s_modern_rhel_ca_file_path);
}
+ /* OpenBSD */
+ if (aws_path_exists(s_openbsd_ca_file_path)) {
+ return aws_string_c_str(s_openbsd_ca_file_path);
+ }
+
return NULL;
}
@@ -198,8 +204,8 @@ void aws_tls_init_static_state(struct aws_allocator *alloc) {
}
}
- s_default_ca_dir = s_determine_default_pki_dir();
- s_default_ca_file = s_determine_default_pki_ca_file();
+ s_default_ca_dir = aws_determine_default_pki_dir();
+ s_default_ca_file = aws_determine_default_pki_ca_file();
if (s_default_ca_dir || s_default_ca_file) {
AWS_LOGF_DEBUG(
AWS_LS_IO_TLS,
diff --git a/contrib/restricted/aws/aws-c-io/ya.make b/contrib/restricted/aws/aws-c-io/ya.make
index 95022aa137..10e5050ddd 100644
--- a/contrib/restricted/aws/aws-c-io/ya.make
+++ b/contrib/restricted/aws/aws-c-io/ya.make
@@ -9,9 +9,9 @@ LICENSE(
LICENSE_TEXTS(.yandex_meta/licenses.list.txt)
-VERSION(0.13.18)
+VERSION(0.13.19)
-ORIGINAL_SOURCE(https://github.com/awslabs/aws-c-io/archive/v0.13.18.tar.gz)
+ORIGINAL_SOURCE(https://github.com/awslabs/aws-c-io/archive/v0.13.19.tar.gz)
PEERDIR(
contrib/restricted/aws/aws-c-cal