Upgrade BoringSSL version

Upgrade to commit d24a38200fef19150eef00cad35b138936c08767, which is the
current 'chromium-stable' tag.

.github/workflows/build-and-test-make.yml

@@ -12,7 +12,7 @@ on:
 
 env:
   NSS_VERSION: nss-3.77
-  BORING_SSL_COMMIT: 3a667d10e94186fd503966f5638e134fe9fb4080
+  BORING_SSL_COMMIT: d24a38200fef19150eef00cad35b138936c08767
 
 jobs:
   build-and-test:

Dockerfile.template

@@ -97,7 +97,7 @@ RUN tar xf ${NSS_VERSION}.tar.gz && \
 {{#chrome}}
 # BoringSSL doesn't have versions. Choose a commit that is used in a stable
 # Chromium version.
-ARG BORING_SSL_COMMIT=3a667d10e94186fd503966f5638e134fe9fb4080
+ARG BORING_SSL_COMMIT=d24a38200fef19150eef00cad35b138936c08767
 RUN curl -L https://github.com/google/boringssl/archive/${BORING_SSL_COMMIT}.zip -o boringssl.zip && \
     unzip boringssl && \
     mv boringssl-${BORING_SSL_COMMIT} boringssl

Makefile.in

@@ -13,7 +13,7 @@ BROTLI_VERSION := 1.0.9
 NSS_VERSION := nss-3.92
 NSS_URL := https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_92_RTM/src/nss-3.92-with-nspr-4.35.tar.gz
  # In case this is changed, update build-and-test-make.yml as well
-BORING_SSL_COMMIT := 3a667d10e94186fd503966f5638e134fe9fb4080
+BORING_SSL_COMMIT := d24a38200fef19150eef00cad35b138936c08767
 NGHTTP2_VERSION := nghttp2-1.56.0
 NGHTTP2_URL := https://github.com/nghttp2/nghttp2/releases/download/v1.56.0/nghttp2-1.56.0.tar.bz2
 CURL_VERSION := curl-8.1.1

chrome/Dockerfile

@@ -39,7 +39,7 @@ RUN cd brotli-${BROTLI_VERSION} && \
 
 # BoringSSL doesn't have versions. Choose a commit that is used in a stable
 # Chromium version.
-ARG BORING_SSL_COMMIT=3a667d10e94186fd503966f5638e134fe9fb4080
+ARG BORING_SSL_COMMIT=d24a38200fef19150eef00cad35b138936c08767
 RUN curl -L https://github.com/google/boringssl/archive/${BORING_SSL_COMMIT}.zip -o boringssl.zip && \
     unzip boringssl && \
     mv boringssl-${BORING_SSL_COMMIT} boringssl

chrome/Dockerfile.alpine

@@ -32,7 +32,7 @@ RUN cd brotli-${BROTLI_VERSION} && \
 
 # BoringSSL doesn't have versions. Choose a commit that is used in a stable
 # Chromium version.
-ARG BORING_SSL_COMMIT=3a667d10e94186fd503966f5638e134fe9fb4080
+ARG BORING_SSL_COMMIT=d24a38200fef19150eef00cad35b138936c08767
 RUN curl -L https://github.com/google/boringssl/archive/${BORING_SSL_COMMIT}.zip -o boringssl.zip && \
     unzip boringssl && \
     mv boringssl-${BORING_SSL_COMMIT} boringssl

chrome/patches/boringssl-old-ciphers.patch

@@ -1,31 +1,30 @@
-diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f5638e134fe9fb4080/ssl/internal.h boringssl/ssl/internal.h
---- boringssl-3a667d10e94186fd503966f5638e134fe9fb4080/ssl/internal.h	2021-11-22 19:06:04.000000000 +0200
-+++ boringssl/ssl/internal.h	2022-02-27 12:20:25.308284303 +0200
-@@ -566,4 +566,10 @@
- #define SSL_SHA1 0x00000001u
+diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/internal.h boringssl/ssl/internal.h
+--- boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/internal.h	2023-09-27 05:13:00.000000000 +0300
++++ boringssl/ssl/internal.h	2024-02-10 19:41:05.916013082 +0200
+@@ -577,4 +577,9 @@
+ #define SSL_SHA256 0x00000002u
 +// curl-impersonate:
-+// SSL_SHA256 and SSL_SHA384 were removed in
++// SSL_SHA384 was removed in
 +// https://boringssl-review.googlesource.com/c/boringssl/+/27944/
 +// but restored to impersonate browsers with older ciphers.
-+#define SSL_SHA256 0x00000002u
 +#define SSL_SHA384 0x00000004u
  // SSL_AEAD is set for all AEADs.
--#define SSL_AEAD 0x00000002u
+-#define SSL_AEAD 0x00000004u
 +#define SSL_AEAD 0x00000008u
 
-diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f5638e134fe9fb4080/ssl/ssl_cipher.cc boringssl/ssl/ssl_cipher.cc
---- boringssl-3a667d10e94186fd503966f5638e134fe9fb4080/ssl/ssl_cipher.cc	2021-11-22 19:06:04.000000000 +0200
-+++ boringssl/ssl/ssl_cipher.cc	2022-02-27 13:54:05.378053046 +0200
-@@ -210,2 +210,33 @@
+diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_cipher.cc boringssl/ssl/ssl_cipher.cc
+--- boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_cipher.cc	2023-09-27 05:13:00.000000000 +0300
++++ boringssl/ssl/ssl_cipher.cc	2024-02-10 19:52:54.366879729 +0200
+@@ -199,2 +199,33 @@
 
 +    // curl-impersonate: Ciphers 3C, 3D were removed in
 +    // https://boringssl-review.googlesource.com/c/boringssl/+/27944/
 +    // but restored here to impersonate browsers with older ciphers. They are
 +    // not expected to actually work; but just to be included in the TLS
 +    // Client Hello.
-+
++ 
 +    // TLS v1.2 ciphersuites
-+
++ 
 +    // Cipher 3C
 +    {
 +     TLS1_TXT_RSA_WITH_AES_128_SHA256,
@@ -50,13 +49,13 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f56
 +    },
 +
      // PSK cipher suites.
-@@ -300,2 +331,19 @@
+@@ -289,2 +320,19 @@
 
 +    // curl-impersonate: Cipher C008 was missing from BoringSSL,
 +    // probably because it is weak. Add it back from OpenSSL (ssl/s3_lib.c)
 +    // where it is called ECDHE-ECDSA-DES-CBC3-SHA.
 +    // It's not supposed to really work but just appear in the TLS client hello.
-+
++ 
 +    // Cipher C008
 +    {
 +     "ECDHE-ECDSA-DES-CBC3-SHA",
@@ -70,7 +69,7 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f56
 +    },
 +
      // Cipher C009
-@@ -324,2 +372,17 @@
+@@ -313,2 +361,17 @@
 
 +    // curl-impersonate: Cipher C012 was missing from BoringSSL,
 +    // probably because it is weak. Add it back from OpenSSL (ssl/s3_lib.c)
@@ -88,9 +87,9 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f56
 +    },
 +
      // Cipher C013
-@@ -348,2 +411,55 @@
+@@ -337,2 +400,33 @@
 
-+    // curl-impersonate: Ciphers C023, C024, C027, C028 were removed in
++    // curl-impersonate: Ciphers C023, C024, C028 were removed in
 +    // https://boringssl-review.googlesource.com/c/boringssl/+/27944/
 +    // but restored here to impersonate browsers with older ciphers. They are
 +    // not expected to actually work; but just to be included in the TLS
@@ -120,17 +119,10 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f56
 +     SSL_SHA384,
 +     SSL_HANDSHAKE_MAC_SHA384,
 +    },
-+    // Cipher C027
-+    {
-+     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-+     "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-+     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-+     SSL_kECDHE,
-+     SSL_aRSA,
-+     SSL_AES128,
-+     SSL_SHA256,
-+     SSL_HANDSHAKE_MAC_SHA256,
-+    },
++
+     // Cipher C027
+@@ -349,2 +443,14 @@
+
 +    // Cipher C028
 +    {
 +     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
@@ -144,11 +136,22 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-3a667d10e94186fd503966f56
 +    },
 +
      // GCM based TLS v1.2 ciphersuites from RFC 5289
-@@ -539,2 +655,7 @@
-     {"SHA", ~0u, ~0u, ~0u, SSL_SHA1, 0},
+@@ -555,2 +661,7 @@
+     {"SHA1", ~0u, ~0u, ~0u, SSL_SHA1, 0},
 +    // curl-impersonate:
 +    // Removed in https://boringssl-review.googlesource.com/c/boringssl/+/27944/
 +    // but restored to impersonate browsers with older ciphers.
 +    {"SHA256", ~0u, ~0u, ~0u, SSL_SHA256, 0},
 +    {"SHA384", ~0u, ~0u, ~0u, SSL_SHA384, 0},
-
+     {"SHA", ~0u, ~0u, ~0u, SSL_SHA1, 0},
+@@ -1170,2 +1281,10 @@
+       SSL3_CK_RSA_DES_192_CBC3_SHA & 0xffff,
++      // curl-impersonate: add legacy cipehrs.
++      TLS1_CK_RSA_WITH_AES_128_SHA256 & 0xffff,
++      TLS1_CK_RSA_WITH_AES_256_SHA256 & 0xffff,
++      0x0300C008 & 0xffff,
++      0x0300C012 & 0xffff,
++      TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 & 0xffff,
++      TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 & 0xffff,
++      TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 & 0xffff,
+   };