chromium 77.0.3865.90

VERSION

@@ -1 +1 @@
-76.0.3809.132
+77.0.3865.90

patch/boringssl.patch

@@ -1,4 +1,4 @@
-From 6f22fd23b4d8243c7d714b2d1eecafd7121b487a Mon Sep 17 00:00:00 2001
+From 00b6a60f175826c4c3114ce489b0cbfdcaff8517 Mon Sep 17 00:00:00 2001
 From: Dmitrii Pichulin <[email protected]>
 Date: Wed, 30 Jan 2019 15:04:56 +0300
 Subject: [PATCH] boringssl GOSTSSL
@@ -13,7 +13,7 @@ Subject: [PATCH] boringssl GOSTSSL
  6 files changed, 405 insertions(+)
 
 diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
-index b28dcf68a..c38b38d5a 100644
+index 9285b3f18..eb08b698e 100644
 --- a/include/openssl/ssl.h
 +++ b/include/openssl/ssl.h
 @@ -167,6 +167,8 @@
@@ -25,7 +25,7 @@ index b28dcf68a..c38b38d5a 100644
  #if defined(__cplusplus)
  extern "C" {
  #endif
-@@ -4780,6 +4782,10 @@ BSSL_NAMESPACE_END
+@@ -4838,6 +4840,10 @@ BSSL_NAMESPACE_END
 
  #endif
 
@@ -37,10 +37,10 @@ index b28dcf68a..c38b38d5a 100644
  #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 101
  #define SSL_R_BAD_ALERT 102
 diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
-index 384d102ba..7d39d46b1 100644
+index e3209b6fc..97cce11b0 100644
 --- a/include/openssl/tls1.h
 +++ b/include/openssl/tls1.h
-@@ -607,6 +607,11 @@ extern "C" {
+@@ -610,6 +610,11 @@ extern "C" {
  #define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \
    "ECDHE-PSK-CHACHA20-POLY1305"
 
@@ -50,10 +50,10 @@ index 384d102ba..7d39d46b1 100644
 +  "GOST2012-GOST8912-GOST8912"
 +
  // TLS 1.3 ciphersuites from RFC 8446.
- #define TLS1_TXT_AES_128_GCM_SHA256 "AEAD-AES128-GCM-SHA256"
- #define TLS1_TXT_AES_256_GCM_SHA384 "AEAD-AES256-GCM-SHA384"
+ #define TLS1_TXT_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
+ #define TLS1_TXT_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
 diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
-index b0de67086..4c3a63b6b 100644
+index a53e43030..8425c4db3 100644
 --- a/ssl/handshake_client.cc
 +++ b/ssl/handshake_client.cc
 @@ -703,6 +703,17 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
@@ -75,7 +75,7 @@ index b0de67086..4c3a63b6b 100644
    // ServerHello.
    if (!hs->transcript.InitHash(ssl_protocol_version(ssl), hs->new_cipher) ||
 diff --git a/ssl/internal.h b/ssl/internal.h
-index 0df9a5fba..d3560aff4 100644
+index 85b811275..bce238554 100644
 --- a/ssl/internal.h
 +++ b/ssl/internal.h
 @@ -435,6 +435,11 @@ BSSL_NAMESPACE_BEGIN
@@ -124,7 +124,7 @@ index 0df9a5fba..d3560aff4 100644
  // Bits for |algorithm_prf| (handshake digest).
  #define SSL_HANDSHAKE_MAC_DEFAULT 0x1
  #define SSL_HANDSHAKE_MAC_SHA256 0x2
-@@ -2856,6 +2874,71 @@ void ssl_set_read_error(SSL *ssl);
+@@ -2874,6 +2892,71 @@ void ssl_set_read_error(SSL *ssl);
 
  BSSL_NAMESPACE_END
 
@@ -293,7 +293,7 @@ index a420f4dd9..acd23752b 100644
        alg_bits = 256;
        strength_bits = 256;
 diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
-index a4f204448..5770f47b5 100644
+index 00ee7da23..aa9a4fdd3 100644
 --- a/ssl/ssl_lib.cc
 +++ b/ssl/ssl_lib.cc
 @@ -554,6 +554,211 @@ static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) {
@@ -508,7 +508,7 @@ index a4f204448..5770f47b5 100644
  ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method)
      : method(ssl_method->method),
        x509_method(ssl_method->x509_method),
-@@ -745,6 +950,11 @@ SSL_CONFIG::~SSL_CONFIG() {
+@@ -746,6 +951,11 @@ SSL_CONFIG::~SSL_CONFIG() {
  }
 
  void SSL_free(SSL *ssl) {
@@ -520,7 +520,7 @@ index a4f204448..5770f47b5 100644
    Delete(ssl);
  }
 
-@@ -873,6 +1083,17 @@ int SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
+@@ -874,6 +1084,17 @@ int SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
  }
 
  int SSL_do_handshake(SSL *ssl) {
@@ -538,7 +538,7 @@ index a4f204448..5770f47b5 100644
    ssl_reset_error_state(ssl);
 
    if (ssl->do_handshake == NULL) {
-@@ -1064,6 +1285,18 @@ static int ssl_read_impl(SSL *ssl) {
+@@ -1065,6 +1286,18 @@ static int ssl_read_impl(SSL *ssl) {
  }
 
  int SSL_read(SSL *ssl, void *buf, int num) {
@@ -557,7 +557,7 @@ index a4f204448..5770f47b5 100644
    int ret = SSL_peek(ssl, buf, num);
    if (ret <= 0) {
      return ret;
-@@ -1098,6 +1331,19 @@ int SSL_peek(SSL *ssl, void *buf, int num) {
+@@ -1099,6 +1332,19 @@ int SSL_peek(SSL *ssl, void *buf, int num) {
  }
 
  int SSL_write(SSL *ssl, const void *buf, int num) {
@@ -577,7 +577,7 @@ index a4f204448..5770f47b5 100644
    ssl_reset_error_state(ssl);
 
    if (ssl->quic_method != nullptr) {
-@@ -2343,6 +2589,10 @@ EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx) {
+@@ -2356,6 +2602,10 @@ EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx) {
  }
 
  const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl) {

patch/chromium.patch

@@ -1,4 +1,4 @@
-From d24fce688d42d73cea13ddc49685f60f4c52da25 Mon Sep 17 00:00:00 2001
+From e16046b3ff4ce43c3f789b742a5fa389a770904a Mon Sep 17 00:00:00 2001
 From: Dmitrii Pichulin <[email protected]>
 Date: Mon, 5 Aug 2019 15:55:13 +0300
 Subject: [PATCH] chromium GOSTSSL
@@ -24,10 +24,10 @@ Subject: [PATCH] chromium GOSTSSL
  17 files changed, 530 insertions(+), 5 deletions(-)
 
 diff --git a/chrome/browser/devtools/devtools_window.cc b/chrome/browser/devtools/devtools_window.cc
-index be0c8603874a..6e5d957855f7 100644
+index 3dbd95ca379a..99c9ff384fd6 100644
 --- a/chrome/browser/devtools/devtools_window.cc
 +++ b/chrome/browser/devtools/devtools_window.cc
-@@ -1451,6 +1451,24 @@ void DevToolsWindow::RenderProcessGone(bool crashed) {
+@@ -1446,6 +1446,24 @@ void DevToolsWindow::RenderProcessGone(bool crashed) {
    }
  }
 
@@ -52,7 +52,7 @@ index be0c8603874a..6e5d957855f7 100644
  void DevToolsWindow::ShowCertificateViewer(const std::string& cert_chain) {
    base::Optional<base::Value> value = base::JSONReader::Read(cert_chain);
    CHECK(value && value->is_list());
-@@ -1459,6 +1477,26 @@ void DevToolsWindow::ShowCertificateViewer(const std::string& cert_chain) {
+@@ -1454,6 +1472,26 @@ void DevToolsWindow::ShowCertificateViewer(const std::string& cert_chain) {
      CHECK(item.is_string());
      std::string temp;
      CHECK(base::Base64Decode(item.GetString(), &temp));
@@ -80,10 +80,10 @@ index be0c8603874a..6e5d957855f7 100644
    }
 
 diff --git a/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm b/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm
-index 88179a7a2716..aa84ce4cac31 100644
+index 81080ad3f498..3e65e667d74c 100644
 --- a/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm
 +++ b/chrome/browser/ui/views/ssl_client_certificate_selector_mac.mm
-@@ -238,6 +238,15 @@ initWithBrowserContext:(const content::BrowserContext*)browserContext
+@@ -239,6 +239,15 @@ initWithBrowserContext:(const content::BrowserContext*)browserContext
                   clientCerts:(net::ClientCertIdentityList)inputClientCerts {
    cert_identities_ = std::move(inputClientCerts);
 
@@ -168,10 +168,10 @@ index 55a35677b9c4..abbc16d5f5f1 100644
  case $CHANNEL in
    stable )
 diff --git a/content/browser/network_service_client.cc b/content/browser/network_service_client.cc
-index 90ffdf4a0ab0..ea4642e9f19c 100644
+index b89e764feb03..fddc14da1231 100644
 --- a/content/browser/network_service_client.cc
 +++ b/content/browser/network_service_client.cc
-@@ -45,6 +45,10 @@
+@@ -46,6 +46,10 @@
  #include "net/android/http_auth_negotiate_android.h"
  #endif
 
@@ -182,7 +182,7 @@ index 90ffdf4a0ab0..ea4642e9f19c 100644
  namespace content {
  namespace {
 
-@@ -113,6 +117,11 @@ class SSLClientAuthDelegate : public SSLClientAuthHandler::Delegate {
+@@ -114,6 +118,11 @@ class SSLClientAuthDelegate : public SSLClientAuthHandler::Delegate {
        scoped_refptr<net::X509Certificate> cert,
        scoped_refptr<net::SSLPrivateKey> private_key) override {
      DCHECK_CURRENTLY_ON(BrowserThread::IO);
@@ -195,7 +195,7 @@ index 90ffdf4a0ab0..ea4642e9f19c 100644
 
      if (cert && private_key) {
 diff --git a/net/base/net_error_list.h b/net/base/net_error_list.h
-index 9614b3d857d1..55601225fc52 100644
+index 6fc8c5ea1d27..712cedc9fb6d 100644
 --- a/net/base/net_error_list.h
 +++ b/net/base/net_error_list.h
 @@ -22,6 +22,12 @@
@@ -212,10 +212,10 @@ index 9614b3d857d1..55601225fc52 100644
  // indicate a fatal error.  Typically this error will be generated as a
  // notification to wait for some external notification that the IO operation
 diff --git a/net/cert/cert_verify_proc.cc b/net/cert/cert_verify_proc.cc
-index 1fb2c2c5db95..dae35aac6404 100644
+index 906b843e3a97..2272ff5daa11 100644
 --- a/net/cert/cert_verify_proc.cc
 +++ b/net/cert/cert_verify_proc.cc
-@@ -472,6 +472,36 @@ scoped_refptr<CertVerifyProc> CertVerifyProc::CreateDefault(
+@@ -486,6 +486,36 @@ scoped_refptr<CertVerifyProc> CertVerifyProc::CreateDefault(
 
  CertVerifyProc::CertVerifyProc() {}
 
@@ -252,7 +252,7 @@ index 1fb2c2c5db95..dae35aac6404 100644
  CertVerifyProc::~CertVerifyProc() = default;
 
  int CertVerifyProc::Verify(X509Certificate* cert,
-@@ -498,6 +528,37 @@ int CertVerifyProc::Verify(X509Certificate* cert,
+@@ -512,6 +542,37 @@ int CertVerifyProc::Verify(X509Certificate* cert,
    int rv = VerifyInternal(cert, hostname, ocsp_response, sct_list, flags,
                            crl_set, additional_trust_anchors, verify_result);
 
@@ -291,10 +291,10 @@ index 1fb2c2c5db95..dae35aac6404 100644
    // in the chain. Also fills in the has_* booleans for the digest algorithms
    // present in the chain.
 diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc
-index 010c62a496b5..9c83a582f18d 100644
+index 9aea7f000c9f..55cea9dee2fc 100644
 --- a/net/http/http_network_transaction.cc
 +++ b/net/http/http_network_transaction.cc
-@@ -1581,6 +1581,15 @@ int HttpNetworkTransaction::HandleSSLClientAuthError(int error) {
+@@ -1572,6 +1572,15 @@ int HttpNetworkTransaction::HandleSSLClientAuthError(int error) {
        return OK;
      }
    }
@@ -311,10 +311,10 @@ index 010c62a496b5..9c83a582f18d 100644
  }
 
 diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc
-index 857dc8a00a89..8ce52d2cef12 100644
+index 1af7e165fb9b..e19dd055e2dc 100644
 --- a/net/socket/ssl_client_socket_impl.cc
 +++ b/net/socket/ssl_client_socket_impl.cc
-@@ -463,6 +463,32 @@ int SSLClientSocketImpl::ExportKeyingMaterial(const base::StringPiece& label,
+@@ -452,6 +452,32 @@ int SSLClientSocketImpl::ExportKeyingMaterial(const base::StringPiece& label,
    return OK;
  }
 
@@ -347,7 +347,7 @@ index 857dc8a00a89..8ce52d2cef12 100644
  int SSLClientSocketImpl::Connect(CompletionOnceCallback callback) {
    // Although StreamSocket does allow calling Connect() after Disconnect(),
    // this has never worked for layered sockets. CHECK to detect any consumers
-@@ -481,6 +507,27 @@ int SSLClientSocketImpl::Connect(CompletionOnceCallback callback) {
+@@ -470,6 +496,27 @@ int SSLClientSocketImpl::Connect(CompletionOnceCallback callback) {
      return rv;
    }
 
@@ -375,7 +375,7 @@ index 857dc8a00a89..8ce52d2cef12 100644
    // Set SSL to client mode. Handshake happens in the loop below.
    SSL_set_connect_state(ssl_.get());
 
-@@ -1132,6 +1179,98 @@ ssl_verify_result_t SSLClientSocketImpl::VerifyCert() {
+@@ -1145,6 +1192,98 @@ ssl_verify_result_t SSLClientSocketImpl::VerifyCert() {
 
    start_cert_verification_time_ = base::TimeTicks::Now();
 
@@ -474,7 +474,7 @@ index 857dc8a00a89..8ce52d2cef12 100644
    const uint8_t* ocsp_response_raw;
    size_t ocsp_response_len;
    SSL_get0_ocsp_response(ssl_.get(), &ocsp_response_raw, &ocsp_response_len);
-@@ -1569,6 +1708,30 @@ int SSLClientSocketImpl::ClientCertRequestCallback(SSL* ssl) {
+@@ -1580,6 +1719,30 @@ int SSLClientSocketImpl::ClientCertRequestCallback(SSL* ssl) {
      return -1;
    }
 
@@ -506,10 +506,10 @@ index 857dc8a00a89..8ce52d2cef12 100644
    if (ssl_config_.client_cert.get()) {
      if (!ssl_config_.client_private_key) {
 diff --git a/net/spdy/spdy_session.cc b/net/spdy/spdy_session.cc
-index 6e71a07e045e..960d4b769027 100644
+index ba7797357e76..00101fc38f02 100644
 --- a/net/spdy/spdy_session.cc
 +++ b/net/spdy/spdy_session.cc
-@@ -1538,6 +1538,19 @@ bool SpdySession::HasAcceptableTransportSecurity() const {
+@@ -1513,6 +1513,19 @@ bool SpdySession::HasAcceptableTransportSecurity() const {
    SSLInfo ssl_info;
    CHECK(GetSSLInfo(&ssl_info));
 
@@ -717,7 +717,7 @@ index 6bb552aff508..e5343d93d81b 100644
  }
 
 diff --git a/net/ssl/openssl_ssl_util.cc b/net/ssl/openssl_ssl_util.cc
-index fea33f4f03d9..992634b80f03 100644
+index f5185218e4ee..8a77015f8748 100644
 --- a/net/ssl/openssl_ssl_util.cc
 +++ b/net/ssl/openssl_ssl_util.cc
 @@ -84,6 +84,10 @@ int MapOpenSSLErrorSSL(uint32_t error_code) {
@@ -808,7 +808,7 @@ index 9baac3b2db27..fe884fc267d0 100644
      const X509Certificate* certificate) {
    crypto::OpenSSLErrStackTracer tracker(FROM_HERE);
 diff --git a/net/ssl/ssl_platform_key_util.h b/net/ssl/ssl_platform_key_util.h
-index eaf9ccc3501f..39170452e158 100644
+index 02729fecba76..c9cd8a71260e 100644
 --- a/net/ssl/ssl_platform_key_util.h
 +++ b/net/ssl/ssl_platform_key_util.h
 @@ -15,6 +15,10 @@
@@ -822,9 +822,9 @@ index eaf9ccc3501f..39170452e158 100644
  #include "third_party/boringssl/src/include/openssl/base.h"
 
  namespace net {
-@@ -27,6 +31,10 @@ class X509Certificate;
- // TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN semantics.
- scoped_refptr<base::SingleThreadTaskRunner> GetSSLPlatformKeyTaskRunner();
+@@ -28,6 +32,10 @@ class X509Certificate;
+ NET_EXPORT_PRIVATE scoped_refptr<base::SingleThreadTaskRunner>
+ GetSSLPlatformKeyTaskRunner();
 
 +#if defined(GOSTSSL)
 +NET_EXPORT_PRIVATE scoped_refptr<SSLPrivateKey> GetEmptyPrivateKey();