Sync pki to chromium d740199e083b70d13506973c6f479f0b01165a05 This also removes fillins/check.h which is no longer needed. Crbug: 1322914 Change-Id: If5e8355700472bf6703c80809ea276c4c07ddc52 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62485 Auto-Submit: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>

commit: 0500756f10ad48e16c2e8fe06be69986b495b66b [log] [tgz]
author: Bob Beck <bbe@google.com> Thu Aug 17 20:22:17 2023 +0000
committer: Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Thu Aug 17 20:40:22 2023 +0000
tree: 1689b1b8adaba4b8f46a4eeb60a2f98b9fd7dd80
parent: 257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01 [diff] [blame]
diff --git a/pki/crl.cc b/pki/crl.cc
index 99eb359..dbd1ca1 100644
--- a/pki/crl.cc
+++ b/pki/crl.cc

@@ -5,6 +5,8 @@
 #include <algorithm>
 #include <iterator>
 
+#include <openssl/base.h>
+
 #include "cert_errors.h"
 #include "crl.h"
 #include "revocation_util.h"
@@ -370,7 +372,7 @@
                              const ParsedDistributionPoint& cert_dp,
                              int64_t verify_time_epoch_seconds,
                              std::optional<int64_t> max_age_seconds) {
-  DCHECK_LT(target_cert_index, valid_chain.size());
+  BSSL_CHECK(target_cert_index < valid_chain.size());
 
   if (cert_dp.reasons) {
     // Reason codes are not supported. If the distribution point contains a
commit	0500756f10ad48e16c2e8fe06be69986b495b66b	[log] [tgz]
author	Bob Beck <bbe@google.com>	Thu Aug 17 20:22:17 2023 +0000
committer	Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>	Thu Aug 17 20:40:22 2023 +0000
tree	1689b1b8adaba4b8f46a4eeb60a2f98b9fd7dd80
parent	257bfaa3294d2a7aa01ebdbd3e0f9eeea0071e01 [diff] [blame]