grpc 1.10.0 → 1.11.0.pre2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +2098 -501
- data/include/grpc/byte_buffer.h +2 -0
- data/include/grpc/byte_buffer_reader.h +2 -0
- data/include/grpc/census.h +2 -0
- data/include/grpc/fork.h +2 -0
- data/include/grpc/grpc.h +10 -0
- data/include/grpc/grpc_cronet.h +2 -0
- data/include/grpc/grpc_posix.h +2 -1
- data/include/grpc/grpc_security.h +21 -0
- data/include/grpc/grpc_security_constants.h +1 -0
- data/include/grpc/impl/codegen/byte_buffer.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +24 -0
- data/include/grpc/impl/codegen/slice.h +1 -1
- data/include/grpc/impl/codegen/sync.h +1 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +2 -0
- data/include/grpc/impl/codegen/sync_posix.h +2 -0
- data/include/grpc/impl/codegen/sync_windows.h +2 -0
- data/include/grpc/slice.h +2 -0
- data/include/grpc/slice_buffer.h +2 -0
- data/include/grpc/status.h +2 -0
- data/include/grpc/support/alloc.h +2 -2
- data/include/grpc/support/atm.h +2 -0
- data/include/grpc/support/atm_gcc_atomic.h +2 -0
- data/include/grpc/support/atm_gcc_sync.h +2 -0
- data/include/grpc/support/atm_windows.h +2 -0
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/sync.h +2 -0
- data/include/grpc/support/sync_custom.h +2 -0
- data/include/grpc/support/sync_generic.h +2 -0
- data/include/grpc/support/sync_posix.h +2 -0
- data/include/grpc/support/sync_windows.h +2 -0
- data/include/grpc/support/time.h +2 -0
- data/src/boringssl/err_data.c +444 -438
- data/src/core/ext/census/grpc_context.cc +2 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +13 -8
- data/src/core/ext/filters/client_channel/backup_poller.h +3 -2
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +2 -0
- data/src/core/ext/filters/client_channel/client_channel.cc +1988 -433
- data/src/core/ext/filters/client_channel/client_channel.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +2 -0
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +2 -27
- data/src/core/ext/filters/client_channel/connector.cc +2 -0
- data/src/core/ext/filters/client_channel/connector.h +2 -0
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -0
- data/src/core/ext/filters/client_channel/http_proxy.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +96 -78
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +9 -17
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +70 -62
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +4 -2
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -0
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +2 -1
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +2 -1
- data/src/core/ext/filters/client_channel/method_params.cc +178 -0
- data/src/core/ext/filters/client_channel/method_params.h +74 -0
- data/src/core/ext/filters/client_channel/parse_address.cc +17 -13
- data/src/core/ext/filters/client_channel/parse_address.h +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper.cc +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper.h +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +2 -0
- data/src/core/ext/filters/client_channel/resolver.cc +2 -0
- data/src/core/ext/filters/client_channel/resolver.h +6 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +24 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +2 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +55 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +8 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +30 -3
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +7 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/ext/filters/client_channel/resolver_factory.h +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.cc +2 -0
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -0
- data/src/core/ext/filters/client_channel/retry_throttle.cc +102 -120
- data/src/core/ext/filters/client_channel/retry_throttle.h +52 -25
- data/src/core/ext/filters/client_channel/subchannel.cc +14 -4
- data/src/core/ext/filters/client_channel/subchannel.h +10 -1
- data/src/core/ext/filters/client_channel/subchannel_index.cc +2 -0
- data/src/core/ext/filters/client_channel/subchannel_index.h +2 -0
- data/src/core/ext/filters/client_channel/uri_parser.cc +2 -1
- data/src/core/ext/filters/client_channel/uri_parser.h +2 -1
- data/src/core/ext/filters/deadline/deadline_filter.cc +2 -1
- data/src/core/ext/filters/deadline/deadline_filter.h +2 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +27 -25
- data/src/core/ext/filters/http/client/http_client_filter.h +2 -0
- data/src/core/ext/filters/http/client_authority_filter.cc +156 -0
- data/src/core/ext/filters/http/client_authority_filter.h +34 -0
- data/src/core/ext/filters/http/http_filters_plugin.cc +2 -0
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +21 -22
- data/src/core/ext/filters/http/message_compress/message_compress_filter.h +2 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +11 -8
- data/src/core/ext/filters/http/server/http_server_filter.h +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.cc +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_filter.h +2 -0
- data/src/core/ext/filters/load_reporting/server_load_reporting_plugin.h +2 -0
- data/src/core/ext/filters/max_age/max_age_filter.cc +2 -0
- data/src/core/ext/filters/max_age/max_age_filter.h +2 -0
- data/src/core/ext/filters/message_size/message_size_filter.cc +52 -49
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -0
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +5 -1
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.h +2 -0
- data/src/core/ext/filters/workarounds/workaround_utils.cc +2 -0
- data/src/core/ext/filters/workarounds/workaround_utils.h +2 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +3 -1
- data/src/core/ext/transport/chttp2/alpn/alpn.h +2 -0
- data/src/core/ext/transport/chttp2/client/authority.cc +42 -0
- data/src/core/ext/transport/chttp2/client/authority.h +36 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +10 -3
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +2 -2
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +37 -25
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +2 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +3 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +2 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +2 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +152 -182
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +2 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +15 -19
- data/src/core/ext/transport/chttp2/transport/frame_data.h +7 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -1
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -0
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +2 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +60 -24
- data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -4
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/varint.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -6
- data/src/core/ext/transport/inproc/inproc_plugin.cc +2 -0
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -23
- data/src/core/ext/transport/inproc/inproc_transport.h +2 -0
- data/src/core/lib/avl/avl.cc +2 -0
- data/src/core/lib/avl/avl.h +2 -0
- data/src/core/lib/backoff/backoff.cc +2 -0
- data/src/core/lib/backoff/backoff.h +2 -0
- data/src/core/lib/channel/channel_args.h +2 -0
- data/src/core/lib/channel/channel_stack.cc +3 -1
- data/src/core/lib/channel/channel_stack.h +2 -0
- data/src/core/lib/channel/channel_stack_builder.cc +2 -0
- data/src/core/lib/channel/channel_stack_builder.h +2 -0
- data/src/core/lib/channel/channel_trace.cc +239 -0
- data/src/core/lib/channel/channel_trace.h +133 -0
- data/src/core/lib/channel/channel_trace_registry.cc +80 -0
- data/src/core/lib/channel/channel_trace_registry.h +43 -0
- data/src/core/lib/channel/connected_channel.cc +2 -0
- data/src/core/lib/channel/connected_channel.h +2 -0
- data/src/core/lib/channel/handshaker.cc +2 -0
- data/src/core/lib/channel/handshaker.h +2 -0
- data/src/core/lib/channel/handshaker_factory.cc +2 -0
- data/src/core/lib/channel/handshaker_factory.h +2 -1
- data/src/core/lib/channel/handshaker_registry.cc +2 -0
- data/src/core/lib/channel/handshaker_registry.h +2 -1
- data/src/core/lib/channel/status_util.cc +100 -0
- data/src/core/lib/channel/status_util.h +58 -0
- data/src/core/lib/compression/algorithm_metadata.h +2 -0
- data/src/core/lib/compression/compression.cc +2 -0
- data/src/core/lib/compression/compression_internal.cc +2 -0
- data/src/core/lib/compression/compression_internal.h +2 -0
- data/src/core/lib/compression/message_compress.cc +2 -0
- data/src/core/lib/compression/message_compress.h +2 -0
- data/src/core/lib/compression/stream_compression.cc +2 -0
- data/src/core/lib/compression/stream_compression.h +2 -0
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -0
- data/src/core/lib/compression/stream_compression_gzip.h +2 -0
- data/src/core/lib/compression/stream_compression_identity.cc +2 -1
- data/src/core/lib/compression/stream_compression_identity.h +2 -0
- data/src/core/lib/debug/stats.cc +2 -0
- data/src/core/lib/debug/stats.h +2 -0
- data/src/core/lib/debug/stats_data.cc +3 -1
- data/src/core/lib/debug/stats_data.h +2 -0
- data/src/core/lib/debug/trace.cc +2 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/gpr/alloc.cc +2 -1
- data/src/core/lib/gpr/arena.cc +47 -0
- data/src/core/lib/gpr/arena.h +2 -0
- data/src/core/lib/gpr/atm.cc +2 -0
- data/src/core/lib/gpr/cpu_linux.cc +5 -1
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/env.h +2 -0
- data/src/core/lib/gpr/fork.cc +2 -0
- data/src/core/lib/gpr/host_port.cc +2 -0
- data/src/core/lib/gpr/log.cc +2 -1
- data/src/core/lib/gpr/log_linux.cc +1 -0
- data/src/core/lib/gpr/mpscq.cc +2 -0
- data/src/core/lib/gpr/mpscq.h +2 -0
- data/src/core/lib/gpr/murmur_hash.cc +2 -0
- data/src/core/lib/gpr/spinlock.h +2 -0
- data/src/core/lib/gpr/string.cc +2 -1
- data/src/core/lib/gpr/string.h +2 -2
- data/src/core/lib/gpr/sync.cc +2 -0
- data/src/core/lib/gpr/time.cc +2 -0
- data/src/core/lib/gpr/time_posix.cc +1 -0
- data/src/core/lib/gpr/time_precise.cc +2 -0
- data/src/core/lib/gpr/time_precise.h +2 -0
- data/src/core/lib/gpr/tls_gcc.h +2 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_pthread.h +2 -0
- data/src/core/lib/gpr/tmpfile.h +2 -0
- data/src/core/lib/gprpp/atomic_with_atm.h +2 -0
- data/src/core/lib/gprpp/atomic_with_std.h +2 -0
- data/src/core/lib/gprpp/inlined_vector.h +2 -0
- data/src/core/lib/gprpp/manual_constructor.h +3 -1
- data/src/core/lib/gprpp/memory.h +5 -3
- data/src/core/lib/gprpp/orphanable.h +3 -0
- data/src/core/lib/gprpp/ref_counted.h +4 -0
- data/src/core/lib/gprpp/ref_counted_ptr.h +3 -0
- data/src/core/lib/gprpp/thd.h +135 -0
- data/src/core/lib/gprpp/thd_posix.cc +209 -0
- data/src/core/lib/gprpp/thd_windows.cc +162 -0
- data/src/core/lib/http/format_request.cc +2 -0
- data/src/core/lib/http/format_request.h +2 -0
- data/src/core/lib/http/httpcli.cc +2 -0
- data/src/core/lib/http/httpcli.h +2 -0
- data/src/core/lib/http/httpcli_security_connector.cc +16 -7
- data/src/core/lib/http/parser.cc +2 -0
- data/src/core/lib/http/parser.h +2 -1
- data/src/core/lib/iomgr/call_combiner.cc +2 -0
- data/src/core/lib/iomgr/call_combiner.h +2 -1
- data/src/core/lib/iomgr/combiner.cc +2 -0
- data/src/core/lib/iomgr/combiner.h +2 -0
- data/src/core/lib/iomgr/endpoint.cc +4 -0
- data/src/core/lib/iomgr/endpoint.h +2 -0
- data/src/core/lib/iomgr/endpoint_pair.h +2 -0
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -0
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +2 -0
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +7 -4
- data/src/core/lib/iomgr/error.h +2 -0
- data/src/core/lib/iomgr/error_internal.h +2 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +2 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.h +2 -0
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -18
- data/src/core/lib/iomgr/ev_epollex_linux.h +2 -0
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +2 -0
- data/src/core/lib/iomgr/ev_epollsig_linux.h +2 -0
- data/src/core/lib/iomgr/ev_poll_posix.cc +61 -31
- data/src/core/lib/iomgr/ev_poll_posix.h +2 -0
- data/src/core/lib/iomgr/ev_posix.cc +35 -19
- data/src/core/lib/iomgr/ev_posix.h +2 -0
- data/src/core/lib/iomgr/ev_windows.cc +2 -0
- data/src/core/lib/iomgr/exec_ctx.cc +3 -1
- data/src/core/lib/iomgr/exec_ctx.h +21 -9
- data/src/core/lib/iomgr/executor.cc +13 -11
- data/src/core/lib/iomgr/executor.h +2 -0
- data/src/core/lib/iomgr/fork_posix.cc +4 -2
- data/src/core/lib/iomgr/fork_windows.cc +2 -0
- data/src/core/lib/iomgr/gethostname_fallback.cc +2 -0
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +2 -0
- data/src/core/lib/iomgr/gethostname_sysconf.cc +2 -0
- data/src/core/lib/iomgr/iocp_windows.cc +3 -1
- data/src/core/lib/iomgr/iocp_windows.h +3 -0
- data/src/core/lib/iomgr/iomgr.cc +2 -1
- data/src/core/lib/iomgr/iomgr.h +2 -0
- data/src/core/lib/iomgr/iomgr_custom.cc +63 -0
- data/src/core/lib/iomgr/iomgr_custom.h +47 -0
- data/src/core/lib/iomgr/iomgr_internal.cc +43 -0
- data/src/core/lib/iomgr/iomgr_internal.h +14 -0
- data/src/core/lib/iomgr/iomgr_posix.cc +30 -3
- data/src/core/lib/iomgr/iomgr_posix.h +2 -0
- data/src/core/lib/iomgr/iomgr_uv.cc +17 -20
- data/src/core/lib/iomgr/iomgr_windows.cc +29 -3
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +2 -0
- data/src/core/lib/iomgr/is_epollexclusive_available.h +2 -0
- data/src/core/lib/iomgr/load_file.cc +2 -0
- data/src/core/lib/iomgr/load_file.h +2 -0
- data/src/core/lib/iomgr/lockfree_event.cc +2 -0
- data/src/core/lib/iomgr/lockfree_event.h +14 -1
- data/src/core/lib/iomgr/nameser.h +2 -0
- data/src/core/lib/iomgr/network_status_tracker.cc +3 -1
- data/src/core/lib/iomgr/network_status_tracker.h +2 -0
- data/src/core/lib/iomgr/polling_entity.cc +2 -0
- data/src/core/lib/iomgr/polling_entity.h +2 -0
- data/src/core/lib/iomgr/pollset.cc +56 -0
- data/src/core/lib/iomgr/pollset.h +19 -0
- data/src/core/lib/iomgr/pollset_custom.cc +106 -0
- data/src/core/lib/iomgr/{timer_generic.h → pollset_custom.h} +15 -17
- data/src/core/lib/iomgr/pollset_set.cc +55 -0
- data/src/core/lib/iomgr/pollset_set.h +13 -0
- data/src/core/lib/iomgr/pollset_set_custom.cc +48 -0
- data/src/core/lib/iomgr/{pollset_uv.h → pollset_set_custom.h} +6 -7
- data/src/core/lib/iomgr/pollset_set_windows.cc +17 -10
- data/src/core/lib/iomgr/pollset_set_windows.h +2 -0
- data/src/core/lib/iomgr/pollset_uv.cc +42 -105
- data/src/core/lib/iomgr/pollset_windows.cc +20 -12
- data/src/core/lib/iomgr/pollset_windows.h +2 -0
- data/src/core/lib/iomgr/port.h +10 -19
- data/src/core/lib/iomgr/resolve_address.cc +50 -0
- data/src/core/lib/iomgr/resolve_address.h +39 -10
- data/src/core/lib/iomgr/resolve_address_custom.cc +187 -0
- data/src/core/lib/iomgr/resolve_address_custom.h +43 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +10 -22
- data/src/core/lib/iomgr/resolve_address_windows.cc +10 -22
- data/src/core/lib/iomgr/resource_quota.cc +2 -0
- data/src/core/lib/iomgr/resource_quota.h +3 -5
- data/src/core/lib/iomgr/sockaddr.h +3 -11
- data/src/core/lib/iomgr/sockaddr_custom.h +54 -0
- data/src/core/lib/iomgr/sockaddr_posix.h +26 -0
- data/src/core/lib/iomgr/sockaddr_utils.cc +91 -71
- data/src/core/lib/iomgr/sockaddr_utils.h +4 -0
- data/src/core/lib/iomgr/sockaddr_windows.h +21 -0
- data/src/core/lib/iomgr/socket_factory_posix.cc +2 -0
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -0
- data/src/core/lib/iomgr/socket_mutator.cc +2 -0
- data/src/core/lib/iomgr/socket_mutator.h +2 -0
- data/src/core/lib/iomgr/socket_utils.h +11 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +15 -6
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -0
- data/src/core/lib/iomgr/socket_utils_uv.cc +13 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +10 -0
- data/src/core/lib/iomgr/socket_windows.cc +2 -0
- data/src/core/lib/iomgr/socket_windows.h +2 -1
- data/src/core/lib/iomgr/sys_epoll_wrapper.h +2 -0
- data/src/core/lib/iomgr/tcp_client.cc +36 -0
- data/src/core/lib/iomgr/tcp_client.h +13 -0
- data/src/core/lib/iomgr/tcp_client_custom.cc +151 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +11 -24
- data/src/core/lib/iomgr/tcp_client_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_client_windows.cc +10 -23
- data/src/core/lib/iomgr/tcp_custom.cc +365 -0
- data/src/core/lib/iomgr/tcp_custom.h +81 -0
- data/src/core/lib/iomgr/tcp_posix.cc +3 -1
- data/src/core/lib/iomgr/tcp_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_server.cc +73 -0
- data/src/core/lib/iomgr/tcp_server.h +24 -0
- data/src/core/lib/iomgr/tcp_server_custom.cc +472 -0
- data/src/core/lib/iomgr/tcp_server_posix.cc +41 -23
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -7
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -6
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +2 -0
- data/src/core/lib/iomgr/tcp_server_windows.cc +43 -21
- data/src/core/lib/iomgr/tcp_uv.cc +308 -314
- data/src/core/lib/iomgr/tcp_windows.cc +3 -1
- data/src/core/lib/iomgr/tcp_windows.h +2 -0
- data/src/core/lib/iomgr/time_averaged_stats.cc +2 -0
- data/src/core/lib/iomgr/timer.cc +45 -0
- data/src/core/lib/iomgr/timer.h +36 -15
- data/src/core/lib/iomgr/timer_custom.cc +93 -0
- data/src/core/lib/iomgr/timer_custom.h +43 -0
- data/src/core/lib/iomgr/timer_generic.cc +12 -10
- data/src/core/lib/iomgr/timer_heap.cc +2 -4
- data/src/core/lib/iomgr/timer_heap.h +2 -0
- data/src/core/lib/iomgr/timer_manager.cc +12 -20
- data/src/core/lib/iomgr/timer_manager.h +2 -0
- data/src/core/lib/iomgr/timer_uv.cc +15 -49
- data/src/core/lib/iomgr/udp_server.cc +271 -230
- data/src/core/lib/iomgr/udp_server.h +44 -20
- data/src/core/lib/iomgr/unix_sockets_posix.cc +10 -7
- data/src/core/lib/iomgr/unix_sockets_posix.h +2 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +3 -1
- data/src/core/lib/iomgr/wakeup_fd_cv.h +2 -0
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.h +2 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +2 -0
- data/src/core/lib/iomgr/wakeup_fd_posix.h +2 -0
- data/src/core/lib/json/json.cc +38 -0
- data/src/core/lib/json/json.h +22 -1
- data/src/core/lib/json/json_reader.cc +2 -2
- data/src/core/lib/json/json_reader.h +1 -0
- data/src/core/lib/json/json_string.cc +2 -0
- data/src/core/lib/json/json_writer.cc +2 -2
- data/src/core/lib/json/json_writer.h +2 -0
- data/src/core/lib/profiling/basic_timers.cc +11 -9
- data/src/core/lib/profiling/timers.h +6 -3
- data/src/core/lib/security/context/security_context.cc +2 -0
- data/src/core/lib/security/context/security_context.h +2 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +119 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.h +102 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +72 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment.h +57 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +67 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +33 -0
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +114 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +126 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +46 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +112 -0
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +58 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +2 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -0
- data/src/core/lib/security/credentials/credentials.cc +2 -0
- data/src/core/lib/security/credentials/credentials.h +2 -0
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -3
- data/src/core/lib/security/credentials/fake/fake_credentials.h +5 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +2 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +2 -0
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -0
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +2 -0
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +2 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +2 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +2 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +11 -2
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -0
- data/src/core/lib/security/security_connector/alts_security_connector.cc +287 -0
- data/src/core/lib/security/security_connector/alts_security_connector.h +69 -0
- data/src/core/lib/security/security_connector/security_connector.cc +174 -74
- data/src/core/lib/security/security_connector/security_connector.h +41 -7
- data/src/core/lib/security/transport/auth_filters.h +2 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +14 -28
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -0
- data/src/core/lib/security/transport/secure_endpoint.h +2 -0
- data/src/core/lib/security/transport/security_handshaker.cc +2 -0
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -0
- data/src/core/lib/security/transport/target_authority_table.cc +75 -0
- data/src/core/lib/security/transport/{lb_targets_info.h → target_authority_table.h} +16 -8
- data/src/core/lib/security/transport/tsi_error.cc +2 -0
- data/src/core/lib/security/transport/tsi_error.h +2 -0
- data/src/core/lib/security/util/json_util.cc +2 -0
- data/src/core/lib/security/util/json_util.h +2 -0
- data/src/core/lib/slice/b64.cc +2 -0
- data/src/core/lib/slice/b64.h +2 -0
- data/src/core/lib/slice/percent_encoding.cc +2 -0
- data/src/core/lib/slice/percent_encoding.h +2 -0
- data/src/core/lib/slice/slice.cc +2 -0
- data/src/core/lib/slice/slice_buffer.cc +3 -1
- data/src/core/lib/slice/slice_hash_table.h +178 -45
- data/src/core/lib/slice/slice_intern.cc +2 -0
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/slice/slice_string_helpers.cc +2 -0
- data/src/core/lib/slice/slice_string_helpers.h +2 -1
- data/src/core/lib/slice/slice_weak_hash_table.h +105 -0
- data/src/core/lib/surface/api_trace.cc +3 -1
- data/src/core/lib/surface/api_trace.h +2 -0
- data/src/core/lib/surface/byte_buffer.cc +3 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +3 -0
- data/src/core/lib/surface/call.cc +46 -80
- data/src/core/lib/surface/call.h +2 -0
- data/src/core/lib/surface/call_details.cc +2 -0
- data/src/core/lib/surface/call_log_batch.cc +2 -0
- data/src/core/lib/surface/call_test_only.h +2 -0
- data/src/core/lib/surface/channel.cc +72 -41
- data/src/core/lib/surface/channel.h +2 -0
- data/src/core/lib/surface/channel_init.cc +2 -0
- data/src/core/lib/surface/channel_init.h +2 -0
- data/src/core/lib/surface/channel_ping.cc +2 -0
- data/src/core/lib/surface/channel_stack_type.cc +3 -2
- data/src/core/lib/surface/channel_stack_type.h +2 -0
- data/src/core/lib/surface/completion_queue.h +2 -0
- data/src/core/lib/surface/completion_queue_factory.cc +3 -1
- data/src/core/lib/surface/completion_queue_factory.h +2 -0
- data/src/core/lib/surface/event_string.cc +2 -0
- data/src/core/lib/surface/event_string.h +2 -0
- data/src/core/lib/surface/init.cc +5 -2
- data/src/core/lib/surface/init_secure.cc +5 -2
- data/src/core/lib/surface/lame_client.cc +7 -5
- data/src/core/lib/surface/lame_client.h +2 -0
- data/src/core/lib/surface/metadata_array.cc +2 -0
- data/src/core/lib/surface/server.cc +2 -0
- data/src/core/lib/surface/server.h +2 -0
- data/src/core/lib/surface/validate_metadata.cc +2 -1
- data/src/core/lib/surface/validate_metadata.h +2 -0
- data/src/core/lib/surface/version.cc +4 -2
- data/src/core/lib/transport/bdp_estimator.cc +2 -0
- data/src/core/lib/transport/byte_stream.cc +94 -116
- data/src/core/lib/transport/byte_stream.h +111 -78
- data/src/core/lib/transport/connectivity_state.cc +2 -0
- data/src/core/lib/transport/connectivity_state.h +3 -1
- data/src/core/lib/transport/error_utils.cc +2 -0
- data/src/core/lib/transport/error_utils.h +2 -0
- data/src/core/lib/transport/metadata.cc +2 -0
- data/src/core/lib/transport/metadata.h +3 -1
- data/src/core/lib/transport/metadata_batch.cc +26 -0
- data/src/core/lib/transport/metadata_batch.h +12 -1
- data/src/core/lib/transport/pid_controller.cc +2 -0
- data/src/core/lib/transport/pid_controller.h +2 -0
- data/src/core/lib/transport/service_config.cc +21 -175
- data/src/core/lib/transport/service_config.h +223 -35
- data/src/core/lib/transport/static_metadata.cc +310 -294
- data/src/core/lib/transport/static_metadata.h +96 -82
- data/src/core/lib/transport/status_conversion.cc +2 -0
- data/src/core/lib/transport/status_conversion.h +3 -0
- data/src/core/lib/transport/status_metadata.cc +54 -0
- data/src/core/lib/{iomgr/timer_uv.h → transport/status_metadata.h} +10 -12
- data/src/core/lib/transport/timeout_encoding.cc +2 -1
- data/src/core/lib/transport/timeout_encoding.h +2 -0
- data/src/core/lib/transport/transport.cc +3 -1
- data/src/core/lib/transport/transport.h +33 -7
- data/src/core/lib/transport/transport_impl.h +2 -0
- data/src/core/lib/transport/transport_op_string.cc +10 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +10 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +687 -0
- data/src/core/tsi/alts/crypt/gsec.cc +189 -0
- data/src/core/tsi/alts/crypt/gsec.h +454 -0
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +118 -0
- data/src/core/tsi/alts/frame_protector/alts_counter.h +98 -0
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +66 -0
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +255 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +407 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +55 -0
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +114 -0
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +114 -0
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +105 -0
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +103 -0
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +218 -0
- data/src/core/tsi/alts/frame_protector/frame_handler.h +236 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +316 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +137 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc +520 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h +323 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc +143 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h +149 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_event.cc +73 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_event.h +93 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +483 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +83 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +52 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +58 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +52 -0
- data/src/core/tsi/alts/handshaker/altscontext.pb.c +48 -0
- data/src/core/tsi/alts/handshaker/altscontext.pb.h +64 -0
- data/src/core/tsi/alts/handshaker/handshaker.pb.c +123 -0
- data/src/core/tsi/alts/handshaker/handshaker.pb.h +255 -0
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.c +50 -0
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.h +78 -0
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +196 -0
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +163 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +180 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +52 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +144 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +49 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +91 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +174 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +100 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +476 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +199 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +296 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +52 -0
- data/src/core/tsi/alts_transport_security.cc +3 -1
- data/src/core/tsi/alts_transport_security.h +4 -2
- data/src/core/tsi/fake_transport_security.cc +2 -1
- data/src/core/tsi/fake_transport_security.h +2 -0
- data/src/core/tsi/ssl/session_cache/ssl_session.h +73 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +58 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +211 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +93 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +76 -0
- data/src/core/tsi/ssl_transport_security.cc +266 -62
- data/src/core/tsi/ssl_transport_security.h +128 -6
- data/src/core/tsi/ssl_types.h +2 -0
- data/src/core/tsi/transport_security.cc +2 -0
- data/src/core/tsi/transport_security.h +2 -0
- data/src/core/tsi/transport_security_adapter.cc +2 -0
- data/src/core/tsi/transport_security_adapter.h +2 -0
- data/src/core/tsi/transport_security_grpc.cc +2 -0
- data/src/core/tsi/transport_security_grpc.h +2 -0
- data/src/core/tsi/transport_security_interface.h +2 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -2
- data/src/ruby/ext/grpc/rb_call.c +1 -13
- data/src/ruby/ext/grpc/rb_channel.c +6 -6
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +10 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +15 -0
- data/src/ruby/lib/grpc/core/time_consts.rb +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +19 -8
- data/src/ruby/lib/grpc/generic/client_stub.rb +6 -10
- data/src/ruby/lib/grpc/generic/interceptors.rb +1 -1
- data/src/ruby/lib/grpc/generic/rpc_server.rb +2 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +133 -0
- data/src/ruby/spec/pb/package_with_underscore/checker_spec.rb +54 -0
- data/src/ruby/spec/pb/package_with_underscore/data.proto +23 -0
- data/src/ruby/spec/pb/package_with_underscore/service.proto +23 -0
- data/third_party/address_sorting/address_sorting.c +369 -0
- data/third_party/address_sorting/address_sorting_internal.h +70 -0
- data/third_party/address_sorting/address_sorting_posix.c +97 -0
- data/third_party/address_sorting/address_sorting_windows.c +55 -0
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +110 -0
- data/third_party/boringssl/crypto/asn1/a_enum.c +20 -9
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +3 -0
- data/third_party/boringssl/crypto/asn1/a_int.c +19 -8
- data/third_party/boringssl/crypto/asn1/a_object.c +0 -128
- data/third_party/boringssl/crypto/asn1/asn1_locl.h +3 -0
- data/third_party/boringssl/crypto/asn1/tasn_fre.c +2 -4
- data/third_party/boringssl/crypto/asn1/tasn_new.c +3 -2
- data/third_party/boringssl/crypto/bn_extra/bn_asn1.c +0 -16
- data/third_party/boringssl/crypto/buf/buf.c +14 -0
- data/third_party/boringssl/crypto/bytestring/cbb.c +93 -0
- data/third_party/boringssl/crypto/conf/conf.c +2 -2
- data/third_party/boringssl/crypto/cpu-intel.c +17 -17
- data/third_party/boringssl/crypto/crypto.c +16 -4
- data/third_party/boringssl/crypto/curve25519/spake25519.c +11 -11
- data/third_party/boringssl/crypto/curve25519/x25519-x86_64.c +1 -1
- data/third_party/boringssl/crypto/dsa/dsa.c +9 -21
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +2 -2
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +1 -8
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +2 -23
- data/third_party/boringssl/crypto/ex_data.c +0 -1
- data/third_party/boringssl/crypto/fipsmodule/bn/add.c +7 -11
- data/third_party/boringssl/crypto/fipsmodule/bn/asm/x86_64-gcc.c +19 -16
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +15 -0
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +53 -46
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +242 -85
- data/third_party/boringssl/crypto/fipsmodule/bn/generic.c +42 -47
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +176 -34
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +118 -65
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +94 -61
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +79 -63
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +26 -28
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +250 -149
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +0 -27
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +54 -20
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +3 -3
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +7 -41
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-64.c +6 -40
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +17 -122
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +3 -64
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +27 -9
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +203 -205
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +14 -15
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +12 -8
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +4 -3
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +25 -36
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +10 -0
- data/third_party/boringssl/crypto/fipsmodule/rsa/internal.h +0 -4
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +2 -0
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +9 -19
- data/third_party/boringssl/crypto/lhash/lhash.c +19 -0
- data/third_party/boringssl/crypto/obj/obj.c +29 -69
- data/third_party/boringssl/crypto/pem/pem_lib.c +2 -2
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +4 -55
- data/third_party/boringssl/crypto/rsa_extra/rsa_asn1.c +3 -22
- data/third_party/boringssl/crypto/x509/by_dir.c +1 -3
- data/third_party/boringssl/crypto/x509/by_file.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_lu.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_obj.c +1 -3
- data/third_party/boringssl/crypto/x509/x509_txt.c +0 -6
- data/third_party/boringssl/crypto/x509/x509_vfy.c +0 -1
- data/third_party/boringssl/crypto/x509/x509_vpm.c +0 -1
- data/third_party/boringssl/crypto/x509/x_algor.c +2 -2
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +3 -4
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +1 -0
- data/third_party/boringssl/crypto/x509v3/v3_info.c +1 -2
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +15 -7
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +41 -2
- data/third_party/boringssl/include/openssl/asn1.h +0 -1
- data/third_party/boringssl/include/openssl/base.h +1 -1
- data/third_party/boringssl/include/openssl/bio.h +5 -2
- data/third_party/boringssl/include/openssl/bn.h +2 -17
- data/third_party/boringssl/include/openssl/buf.h +4 -0
- data/third_party/boringssl/include/openssl/bytestring.h +11 -0
- data/third_party/boringssl/include/openssl/chacha.h +5 -1
- data/third_party/boringssl/include/openssl/cipher.h +10 -0
- data/third_party/boringssl/include/openssl/conf.h +4 -8
- data/third_party/boringssl/include/openssl/dsa.h +2 -18
- data/third_party/boringssl/include/openssl/ec.h +5 -5
- data/third_party/boringssl/include/openssl/ecdsa.h +10 -28
- data/third_party/boringssl/include/openssl/evp.h +0 -4
- data/third_party/boringssl/include/openssl/lhash.h +1 -18
- data/third_party/boringssl/include/openssl/obj.h +1 -0
- data/third_party/boringssl/include/openssl/rsa.h +3 -4
- data/third_party/boringssl/include/openssl/ssl.h +35 -54
- data/third_party/boringssl/include/openssl/ssl3.h +2 -0
- data/third_party/boringssl/include/openssl/stack.h +1 -1
- data/third_party/boringssl/include/openssl/tls1.h +1 -16
- data/third_party/boringssl/include/openssl/x509.h +3 -2
- data/third_party/boringssl/include/openssl/x509_vfy.h +0 -2
- data/third_party/boringssl/include/openssl/x509v3.h +1 -0
- data/third_party/boringssl/ssl/custom_extensions.cc +1 -1
- data/third_party/boringssl/ssl/d1_both.cc +120 -129
- data/third_party/boringssl/ssl/d1_lib.cc +23 -21
- data/third_party/boringssl/ssl/d1_pkt.cc +39 -143
- data/third_party/boringssl/ssl/dtls_method.cc +16 -23
- data/third_party/boringssl/ssl/dtls_record.cc +11 -4
- data/third_party/boringssl/ssl/handshake.cc +109 -40
- data/third_party/boringssl/ssl/handshake_client.cc +104 -96
- data/third_party/boringssl/ssl/handshake_server.cc +62 -72
- data/third_party/boringssl/ssl/internal.h +397 -318
- data/third_party/boringssl/ssl/s3_both.cc +173 -191
- data/third_party/boringssl/ssl/s3_lib.cc +26 -34
- data/third_party/boringssl/ssl/s3_pkt.cc +105 -247
- data/third_party/boringssl/ssl/ssl_asn1.cc +22 -22
- data/third_party/boringssl/ssl/ssl_buffer.cc +98 -108
- data/third_party/boringssl/ssl/ssl_cert.cc +12 -1
- data/third_party/boringssl/ssl/ssl_cipher.cc +23 -28
- data/third_party/boringssl/ssl/ssl_key_share.cc +11 -6
- data/third_party/boringssl/ssl/ssl_lib.cc +190 -113
- data/third_party/boringssl/ssl/ssl_privkey.cc +76 -106
- data/third_party/boringssl/ssl/ssl_session.cc +3 -3
- data/third_party/boringssl/ssl/ssl_stat.cc +3 -3
- data/third_party/boringssl/ssl/ssl_transcript.cc +38 -22
- data/third_party/boringssl/ssl/ssl_versions.cc +64 -31
- data/third_party/boringssl/ssl/t1_enc.cc +137 -154
- data/third_party/boringssl/ssl/t1_lib.cc +463 -478
- data/third_party/boringssl/ssl/tls13_both.cc +57 -58
- data/third_party/boringssl/ssl/tls13_client.cc +256 -121
- data/third_party/boringssl/ssl/tls13_enc.cc +187 -72
- data/third_party/boringssl/ssl/tls13_server.cc +187 -86
- data/third_party/boringssl/ssl/tls_method.cc +20 -30
- data/third_party/boringssl/ssl/tls_record.cc +77 -40
- data/third_party/boringssl/third_party/fiat/curve25519.c +5062 -0
- data/third_party/boringssl/{crypto/curve25519 → third_party/fiat}/internal.h +40 -27
- data/third_party/nanopb/pb.h +1 -1
- metadata +147 -45
- data/src/core/lib/gpr/thd.cc +0 -49
- data/src/core/lib/gpr/thd.h +0 -71
- data/src/core/lib/gpr/thd_posix.cc +0 -154
- data/src/core/lib/gpr/thd_windows.cc +0 -107
- data/src/core/lib/iomgr/iomgr_uv.h +0 -37
- data/src/core/lib/iomgr/pollset_set_uv.cc +0 -43
- data/src/core/lib/iomgr/resolve_address_uv.cc +0 -284
- data/src/core/lib/iomgr/tcp_client_uv.cc +0 -175
- data/src/core/lib/iomgr/tcp_server_uv.cc +0 -471
- data/src/core/lib/iomgr/tcp_uv.h +0 -51
- data/src/core/lib/security/transport/lb_targets_info.cc +0 -59
- data/src/core/lib/slice/slice_hash_table.cc +0 -145
- data/third_party/boringssl/crypto/curve25519/curve25519.c +0 -4938
@@ -0,0 +1,93 @@
|
|
1
|
+
/*
|
2
|
+
*
|
3
|
+
* Copyright 2018 gRPC authors.
|
4
|
+
*
|
5
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
* you may not use this file except in compliance with the License.
|
7
|
+
* You may obtain a copy of the License at
|
8
|
+
*
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
*
|
11
|
+
* Unless required by applicable law or agreed to in writing, software
|
12
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
* See the License for the specific language governing permissions and
|
15
|
+
* limitations under the License.
|
16
|
+
*
|
17
|
+
*/
|
18
|
+
|
19
|
+
#ifndef GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_CACHE_H
|
20
|
+
#define GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_CACHE_H
|
21
|
+
|
22
|
+
#include <grpc/support/port_platform.h>
|
23
|
+
|
24
|
+
#include <grpc/slice.h>
|
25
|
+
#include <grpc/support/sync.h>
|
26
|
+
|
27
|
+
extern "C" {
|
28
|
+
#include <openssl/ssl.h>
|
29
|
+
}
|
30
|
+
|
31
|
+
#include "src/core/lib/avl/avl.h"
|
32
|
+
#include "src/core/lib/gprpp/memory.h"
|
33
|
+
#include "src/core/lib/gprpp/ref_counted.h"
|
34
|
+
#include "src/core/tsi/ssl/session_cache/ssl_session.h"
|
35
|
+
|
36
|
+
/// Cache for SSL sessions for sessions resumption.
|
37
|
+
///
|
38
|
+
/// Older sessions may be evicted from the cache using LRU policy if capacity
|
39
|
+
/// limit is hit. All sessions are associated with some key, usually server
|
40
|
+
/// name. Note that servers are required to share session ticket encryption keys
|
41
|
+
/// in order for cache to be effective.
|
42
|
+
///
|
43
|
+
/// This class is thread safe.
|
44
|
+
|
45
|
+
namespace tsi {
|
46
|
+
|
47
|
+
class SslSessionLRUCache : public grpc_core::RefCounted<SslSessionLRUCache> {
|
48
|
+
public:
|
49
|
+
/// Create new LRU cache with the given capacity.
|
50
|
+
static grpc_core::RefCountedPtr<SslSessionLRUCache> Create(size_t capacity) {
|
51
|
+
return grpc_core::MakeRefCounted<SslSessionLRUCache>(capacity);
|
52
|
+
}
|
53
|
+
|
54
|
+
// Not copyable nor movable.
|
55
|
+
SslSessionLRUCache(const SslSessionLRUCache&) = delete;
|
56
|
+
SslSessionLRUCache& operator=(const SslSessionLRUCache&) = delete;
|
57
|
+
|
58
|
+
/// Returns current number of sessions in the cache.
|
59
|
+
size_t Size();
|
60
|
+
/// Add \a session in the cache using \a key. This operation may discard older
|
61
|
+
/// sessions.
|
62
|
+
void Put(const char* key, SslSessionPtr session);
|
63
|
+
/// Returns the session from the cache associated with \a key or null if not
|
64
|
+
/// found.
|
65
|
+
SslSessionPtr Get(const char* key);
|
66
|
+
|
67
|
+
private:
|
68
|
+
// So New() can call our private ctor.
|
69
|
+
template <typename T, typename... Args>
|
70
|
+
friend T* grpc_core::New(Args&&... args);
|
71
|
+
|
72
|
+
class Node;
|
73
|
+
|
74
|
+
explicit SslSessionLRUCache(size_t capacity);
|
75
|
+
~SslSessionLRUCache();
|
76
|
+
|
77
|
+
Node* FindLocked(const grpc_slice& key);
|
78
|
+
void Remove(Node* node);
|
79
|
+
void PushFront(Node* node);
|
80
|
+
void AssertInvariants();
|
81
|
+
|
82
|
+
gpr_mu lock_;
|
83
|
+
size_t capacity_;
|
84
|
+
|
85
|
+
Node* use_order_list_head_ = nullptr;
|
86
|
+
Node* use_order_list_tail_ = nullptr;
|
87
|
+
size_t use_order_list_size_ = 0;
|
88
|
+
grpc_avl entry_by_key_;
|
89
|
+
};
|
90
|
+
|
91
|
+
} // namespace tsi
|
92
|
+
|
93
|
+
#endif /* GRPC_CORE_TSI_SSL_SESSION_CACHE_SSL_SESSION_CACHE_H */
|
@@ -0,0 +1,76 @@
|
|
1
|
+
/*
|
2
|
+
*
|
3
|
+
* Copyright 2018 gRPC authors.
|
4
|
+
*
|
5
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
* you may not use this file except in compliance with the License.
|
7
|
+
* You may obtain a copy of the License at
|
8
|
+
*
|
9
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
*
|
11
|
+
* Unless required by applicable law or agreed to in writing, software
|
12
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
* See the License for the specific language governing permissions and
|
15
|
+
* limitations under the License.
|
16
|
+
*
|
17
|
+
*/
|
18
|
+
|
19
|
+
#include <grpc/support/port_platform.h>
|
20
|
+
|
21
|
+
#include "src/core/tsi/ssl/session_cache/ssl_session.h"
|
22
|
+
|
23
|
+
#include <grpc/support/log.h>
|
24
|
+
|
25
|
+
#ifndef OPENSSL_IS_BORINGSSL
|
26
|
+
|
27
|
+
// OpenSSL invalidates SSL_SESSION on SSL destruction making it pointless
|
28
|
+
// to cache sessions. The workaround is to serialize (relatively expensive)
|
29
|
+
// session into binary blob and re-create it from blob on every handshake.
|
30
|
+
// Note that it's safe to keep serialized session outside of SSL lifetime
|
31
|
+
// as openssl performs all necessary validation while attempting to use a
|
32
|
+
// session and creates a new one if something is wrong (e.g. server changed
|
33
|
+
// set of allowed codecs).
|
34
|
+
|
35
|
+
namespace tsi {
|
36
|
+
namespace {
|
37
|
+
|
38
|
+
class OpenSslCachedSession : public SslCachedSession {
|
39
|
+
public:
|
40
|
+
OpenSslCachedSession(SslSessionPtr session) {
|
41
|
+
int size = i2d_SSL_SESSION(session.get(), nullptr);
|
42
|
+
GPR_ASSERT(size > 0);
|
43
|
+
grpc_slice slice = grpc_slice_malloc(size_t(size));
|
44
|
+
unsigned char* start = GRPC_SLICE_START_PTR(slice);
|
45
|
+
int second_size = i2d_SSL_SESSION(session.get(), &start);
|
46
|
+
GPR_ASSERT(size == second_size);
|
47
|
+
serialized_session_ = slice;
|
48
|
+
}
|
49
|
+
|
50
|
+
virtual ~OpenSslCachedSession() { grpc_slice_unref(serialized_session_); }
|
51
|
+
|
52
|
+
SslSessionPtr CopySession() const override {
|
53
|
+
const unsigned char* data = GRPC_SLICE_START_PTR(serialized_session_);
|
54
|
+
size_t length = GRPC_SLICE_LENGTH(serialized_session_);
|
55
|
+
SSL_SESSION* session = d2i_SSL_SESSION(nullptr, &data, length);
|
56
|
+
if (session == nullptr) {
|
57
|
+
return SslSessionPtr();
|
58
|
+
}
|
59
|
+
return SslSessionPtr(session);
|
60
|
+
}
|
61
|
+
|
62
|
+
private:
|
63
|
+
grpc_slice serialized_session_;
|
64
|
+
};
|
65
|
+
|
66
|
+
} // namespace
|
67
|
+
|
68
|
+
grpc_core::UniquePtr<SslCachedSession> SslCachedSession::Create(
|
69
|
+
SslSessionPtr session) {
|
70
|
+
return grpc_core::UniquePtr<SslCachedSession>(
|
71
|
+
grpc_core::New<OpenSslCachedSession>(std::move(session)));
|
72
|
+
}
|
73
|
+
|
74
|
+
} // namespace tsi
|
75
|
+
|
76
|
+
#endif /* OPENSSL_IS_BORINGSSL */
|
@@ -16,10 +16,10 @@
|
|
16
16
|
*
|
17
17
|
*/
|
18
18
|
|
19
|
-
#include "src/core/tsi/ssl_transport_security.h"
|
20
|
-
|
21
19
|
#include <grpc/support/port_platform.h>
|
22
20
|
|
21
|
+
#include "src/core/tsi/ssl_transport_security.h"
|
22
|
+
|
23
23
|
#include <limits.h>
|
24
24
|
#include <string.h>
|
25
25
|
|
@@ -35,6 +35,7 @@
|
|
35
35
|
|
36
36
|
#include <grpc/support/alloc.h>
|
37
37
|
#include <grpc/support/log.h>
|
38
|
+
#include <grpc/support/string_util.h>
|
38
39
|
#include <grpc/support/sync.h>
|
39
40
|
#include <grpc/support/thd_id.h>
|
40
41
|
|
@@ -47,6 +48,8 @@ extern "C" {
|
|
47
48
|
#include <openssl/x509v3.h>
|
48
49
|
}
|
49
50
|
|
51
|
+
#include "src/core/lib/gpr/useful.h"
|
52
|
+
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
|
50
53
|
#include "src/core/tsi/ssl_types.h"
|
51
54
|
#include "src/core/tsi/transport_security.h"
|
52
55
|
|
@@ -68,6 +71,10 @@ extern "C" {
|
|
68
71
|
|
69
72
|
/* --- Structure definitions. ---*/
|
70
73
|
|
74
|
+
struct tsi_ssl_root_certs_store {
|
75
|
+
X509_STORE* store;
|
76
|
+
};
|
77
|
+
|
71
78
|
struct tsi_ssl_handshaker_factory {
|
72
79
|
const tsi_ssl_handshaker_factory_vtable* vtable;
|
73
80
|
gpr_refcount refcount;
|
@@ -78,6 +85,7 @@ struct tsi_ssl_client_handshaker_factory {
|
|
78
85
|
SSL_CTX* ssl_context;
|
79
86
|
unsigned char* alpn_protocol_list;
|
80
87
|
size_t alpn_protocol_list_length;
|
88
|
+
grpc_core::RefCountedPtr<tsi::SslSessionLRUCache> session_cache;
|
81
89
|
};
|
82
90
|
|
83
91
|
struct tsi_ssl_server_handshaker_factory {
|
@@ -111,17 +119,19 @@ typedef struct {
|
|
111
119
|
|
112
120
|
/* --- Library Initialization. ---*/
|
113
121
|
|
114
|
-
static gpr_once
|
115
|
-
static gpr_mu*
|
122
|
+
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
123
|
+
static gpr_mu* g_openssl_mutexes = nullptr;
|
124
|
+
static int g_ssl_ctx_ex_factory_index = -1;
|
116
125
|
static void openssl_locking_cb(int mode, int type, const char* file,
|
117
126
|
int line) GRPC_UNUSED;
|
118
127
|
static unsigned long openssl_thread_id_cb(void) GRPC_UNUSED;
|
128
|
+
static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
|
119
129
|
|
120
130
|
static void openssl_locking_cb(int mode, int type, const char* file, int line) {
|
121
131
|
if (mode & CRYPTO_LOCK) {
|
122
|
-
gpr_mu_lock(&
|
132
|
+
gpr_mu_lock(&g_openssl_mutexes[type]);
|
123
133
|
} else {
|
124
|
-
gpr_mu_unlock(&
|
134
|
+
gpr_mu_unlock(&g_openssl_mutexes[type]);
|
125
135
|
}
|
126
136
|
}
|
127
137
|
|
@@ -137,13 +147,16 @@ static void init_openssl(void) {
|
|
137
147
|
OpenSSL_add_all_algorithms();
|
138
148
|
num_locks = CRYPTO_num_locks();
|
139
149
|
GPR_ASSERT(num_locks > 0);
|
140
|
-
|
150
|
+
g_openssl_mutexes = static_cast<gpr_mu*>(
|
141
151
|
gpr_malloc(static_cast<size_t>(num_locks) * sizeof(gpr_mu)));
|
142
152
|
for (i = 0; i < CRYPTO_num_locks(); i++) {
|
143
|
-
gpr_mu_init(&
|
153
|
+
gpr_mu_init(&g_openssl_mutexes[i]);
|
144
154
|
}
|
145
155
|
CRYPTO_set_locking_callback(openssl_locking_cb);
|
146
156
|
CRYPTO_set_id_callback(openssl_thread_id_cb);
|
157
|
+
g_ssl_ctx_ex_factory_index =
|
158
|
+
SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
159
|
+
GPR_ASSERT(g_ssl_ctx_ex_factory_index != -1);
|
147
160
|
}
|
148
161
|
|
149
162
|
/* --- Ssl utils. ---*/
|
@@ -544,21 +557,18 @@ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
|
544
557
|
|
545
558
|
/* Loads in-memory PEM verification certs into the SSL context and optionally
|
546
559
|
returns the verification cert names (root_names can be NULL). */
|
547
|
-
static tsi_result
|
548
|
-
|
549
|
-
|
550
|
-
|
551
|
-
*root_names) {
|
560
|
+
static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
561
|
+
const char* pem_roots,
|
562
|
+
size_t pem_roots_size,
|
563
|
+
STACK_OF(X509_NAME) * *root_names) {
|
552
564
|
tsi_result result = TSI_OK;
|
553
565
|
size_t num_roots = 0;
|
554
566
|
X509* root = nullptr;
|
555
567
|
X509_NAME* root_name = nullptr;
|
556
568
|
BIO* pem;
|
557
|
-
X509_STORE* root_store;
|
558
569
|
GPR_ASSERT(pem_roots_size <= INT_MAX);
|
559
570
|
pem = BIO_new_mem_buf((void*)pem_roots, static_cast<int>(pem_roots_size));
|
560
|
-
|
561
|
-
if (root_store == nullptr) return TSI_INVALID_ARGUMENT;
|
571
|
+
if (cert_store == nullptr) return TSI_INVALID_ARGUMENT;
|
562
572
|
if (pem == nullptr) return TSI_OUT_OF_RESOURCES;
|
563
573
|
if (root_names != nullptr) {
|
564
574
|
*root_names = sk_X509_NAME_new_null();
|
@@ -586,7 +596,7 @@ static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
|
586
596
|
sk_X509_NAME_push(*root_names, root_name);
|
587
597
|
root_name = nullptr;
|
588
598
|
}
|
589
|
-
if (!X509_STORE_add_cert(
|
599
|
+
if (!X509_STORE_add_cert(cert_store, root)) {
|
590
600
|
gpr_log(GPR_ERROR, "Could not add root certificate to ssl context.");
|
591
601
|
result = TSI_INTERNAL_ERROR;
|
592
602
|
break;
|
@@ -612,6 +622,16 @@ static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
|
612
622
|
return result;
|
613
623
|
}
|
614
624
|
|
625
|
+
static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
626
|
+
const char* pem_roots,
|
627
|
+
size_t pem_roots_size,
|
628
|
+
STACK_OF(X509_NAME) *
|
629
|
+
*root_name) {
|
630
|
+
X509_STORE* cert_store = SSL_CTX_get_cert_store(context);
|
631
|
+
return x509_store_load_certs(cert_store, pem_roots, pem_roots_size,
|
632
|
+
root_name);
|
633
|
+
}
|
634
|
+
|
615
635
|
/* Populates the SSL context with a private key and a cert chain, and sets the
|
616
636
|
cipher list and the ephemeral ECDH key. */
|
617
637
|
static tsi_result populate_ssl_context(
|
@@ -721,6 +741,60 @@ static int NullVerifyCallback(int preverify_ok, X509_STORE_CTX* ctx) {
|
|
721
741
|
return 1;
|
722
742
|
}
|
723
743
|
|
744
|
+
/* --- tsi_ssl_root_certs_store methods implementation. ---*/
|
745
|
+
|
746
|
+
tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create(
|
747
|
+
const char* pem_roots) {
|
748
|
+
if (pem_roots == nullptr) {
|
749
|
+
gpr_log(GPR_ERROR, "The root certificates are empty.");
|
750
|
+
return nullptr;
|
751
|
+
}
|
752
|
+
tsi_ssl_root_certs_store* root_store = static_cast<tsi_ssl_root_certs_store*>(
|
753
|
+
gpr_zalloc(sizeof(tsi_ssl_root_certs_store)));
|
754
|
+
if (root_store == nullptr) {
|
755
|
+
gpr_log(GPR_ERROR, "Could not allocate buffer for ssl_root_certs_store.");
|
756
|
+
return nullptr;
|
757
|
+
}
|
758
|
+
root_store->store = X509_STORE_new();
|
759
|
+
if (root_store->store == nullptr) {
|
760
|
+
gpr_log(GPR_ERROR, "Could not allocate buffer for X509_STORE.");
|
761
|
+
gpr_free(root_store);
|
762
|
+
return nullptr;
|
763
|
+
}
|
764
|
+
tsi_result result = x509_store_load_certs(root_store->store, pem_roots,
|
765
|
+
strlen(pem_roots), nullptr);
|
766
|
+
if (result != TSI_OK) {
|
767
|
+
gpr_log(GPR_ERROR, "Could not load root certificates.");
|
768
|
+
X509_STORE_free(root_store->store);
|
769
|
+
gpr_free(root_store);
|
770
|
+
return nullptr;
|
771
|
+
}
|
772
|
+
return root_store;
|
773
|
+
}
|
774
|
+
|
775
|
+
void tsi_ssl_root_certs_store_destroy(tsi_ssl_root_certs_store* self) {
|
776
|
+
if (self == nullptr) return;
|
777
|
+
X509_STORE_free(self->store);
|
778
|
+
gpr_free(self);
|
779
|
+
}
|
780
|
+
|
781
|
+
/* --- tsi_ssl_session_cache methods implementation. ---*/
|
782
|
+
|
783
|
+
tsi_ssl_session_cache* tsi_ssl_session_cache_create_lru(size_t capacity) {
|
784
|
+
/* Pointer will be dereferenced by unref call. */
|
785
|
+
return reinterpret_cast<tsi_ssl_session_cache*>(
|
786
|
+
tsi::SslSessionLRUCache::Create(capacity).release());
|
787
|
+
}
|
788
|
+
|
789
|
+
void tsi_ssl_session_cache_ref(tsi_ssl_session_cache* cache) {
|
790
|
+
/* Pointer will be dereferenced by unref call. */
|
791
|
+
reinterpret_cast<tsi::SslSessionLRUCache*>(cache)->Ref().release();
|
792
|
+
}
|
793
|
+
|
794
|
+
void tsi_ssl_session_cache_unref(tsi_ssl_session_cache* cache) {
|
795
|
+
reinterpret_cast<tsi::SslSessionLRUCache*>(cache)->Unref();
|
796
|
+
}
|
797
|
+
|
724
798
|
/* --- tsi_frame_protector methods implementation. ---*/
|
725
799
|
|
726
800
|
static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
@@ -1015,25 +1089,34 @@ static tsi_result ssl_handshaker_extract_peer(tsi_handshaker* self,
|
|
1015
1089
|
SSL_get0_next_proto_negotiated(impl->ssl, &alpn_selected,
|
1016
1090
|
&alpn_selected_len);
|
1017
1091
|
}
|
1092
|
+
|
1093
|
+
// 1 is for session reused property.
|
1094
|
+
size_t new_property_count = peer->property_count + 1;
|
1095
|
+
if (alpn_selected != nullptr) new_property_count++;
|
1096
|
+
tsi_peer_property* new_properties = static_cast<tsi_peer_property*>(
|
1097
|
+
gpr_zalloc(sizeof(*new_properties) * new_property_count));
|
1098
|
+
for (size_t i = 0; i < peer->property_count; i++) {
|
1099
|
+
new_properties[i] = peer->properties[i];
|
1100
|
+
}
|
1101
|
+
if (peer->properties != nullptr) gpr_free(peer->properties);
|
1102
|
+
peer->properties = new_properties;
|
1103
|
+
|
1018
1104
|
if (alpn_selected != nullptr) {
|
1019
|
-
size_t i;
|
1020
|
-
tsi_peer_property* new_properties = static_cast<tsi_peer_property*>(
|
1021
|
-
gpr_zalloc(sizeof(*new_properties) * (peer->property_count + 1)));
|
1022
|
-
for (i = 0; i < peer->property_count; i++) {
|
1023
|
-
new_properties[i] = peer->properties[i];
|
1024
|
-
}
|
1025
1105
|
result = tsi_construct_string_peer_property(
|
1026
1106
|
TSI_SSL_ALPN_SELECTED_PROTOCOL,
|
1027
1107
|
reinterpret_cast<const char*>(alpn_selected), alpn_selected_len,
|
1028
|
-
&
|
1029
|
-
if (result != TSI_OK)
|
1030
|
-
gpr_free(new_properties);
|
1031
|
-
return result;
|
1032
|
-
}
|
1033
|
-
if (peer->properties != nullptr) gpr_free(peer->properties);
|
1108
|
+
&peer->properties[peer->property_count]);
|
1109
|
+
if (result != TSI_OK) return result;
|
1034
1110
|
peer->property_count++;
|
1035
|
-
peer->properties = new_properties;
|
1036
1111
|
}
|
1112
|
+
|
1113
|
+
const char* session_reused = SSL_session_reused(impl->ssl) ? "true" : "false";
|
1114
|
+
result = tsi_construct_string_peer_property(
|
1115
|
+
TSI_SSL_SESSION_REUSED_PEER_PROPERTY, session_reused,
|
1116
|
+
strlen(session_reused) + 1, &peer->properties[peer->property_count]);
|
1117
|
+
if (result != TSI_OK) return result;
|
1118
|
+
peer->property_count++;
|
1119
|
+
|
1037
1120
|
return result;
|
1038
1121
|
}
|
1039
1122
|
|
@@ -1103,6 +1186,19 @@ static const tsi_handshaker_vtable handshaker_vtable = {
|
|
1103
1186
|
|
1104
1187
|
/* --- tsi_ssl_handshaker_factory common methods. --- */
|
1105
1188
|
|
1189
|
+
static void tsi_ssl_handshaker_resume_session(
|
1190
|
+
SSL* ssl, tsi::SslSessionLRUCache* session_cache) {
|
1191
|
+
const char* server_name = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
|
1192
|
+
if (server_name == nullptr) {
|
1193
|
+
return;
|
1194
|
+
}
|
1195
|
+
tsi::SslSessionPtr session = session_cache->Get(server_name);
|
1196
|
+
if (session != nullptr) {
|
1197
|
+
// SSL_set_session internally increments reference counter.
|
1198
|
+
SSL_set_session(ssl, session.get());
|
1199
|
+
}
|
1200
|
+
}
|
1201
|
+
|
1106
1202
|
static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
1107
1203
|
const char* server_name_indication,
|
1108
1204
|
tsi_ssl_handshaker_factory* factory,
|
@@ -1139,6 +1235,12 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1139
1235
|
return TSI_INTERNAL_ERROR;
|
1140
1236
|
}
|
1141
1237
|
}
|
1238
|
+
tsi_ssl_client_handshaker_factory* client_factory =
|
1239
|
+
reinterpret_cast<tsi_ssl_client_handshaker_factory*>(factory);
|
1240
|
+
if (client_factory->session_cache != nullptr) {
|
1241
|
+
tsi_ssl_handshaker_resume_session(ssl,
|
1242
|
+
client_factory->session_cache.get());
|
1243
|
+
}
|
1142
1244
|
ssl_result = SSL_do_handshake(ssl);
|
1143
1245
|
ssl_result = SSL_get_error(ssl, ssl_result);
|
1144
1246
|
if (ssl_result != SSL_ERROR_WANT_READ) {
|
@@ -1214,6 +1316,7 @@ static void tsi_ssl_client_handshaker_factory_destroy(
|
|
1214
1316
|
reinterpret_cast<tsi_ssl_client_handshaker_factory*>(factory);
|
1215
1317
|
if (self->ssl_context != nullptr) SSL_CTX_free(self->ssl_context);
|
1216
1318
|
if (self->alpn_protocol_list != nullptr) gpr_free(self->alpn_protocol_list);
|
1319
|
+
self->session_cache.reset();
|
1217
1320
|
gpr_free(self);
|
1218
1321
|
}
|
1219
1322
|
|
@@ -1357,6 +1460,30 @@ static int server_handshaker_factory_npn_advertised_callback(
|
|
1357
1460
|
return SSL_TLSEXT_ERR_OK;
|
1358
1461
|
}
|
1359
1462
|
|
1463
|
+
/// This callback is called when new \a session is established and ready to
|
1464
|
+
/// be cached. This session can be reused for new connections to similar
|
1465
|
+
/// servers at later point of time.
|
1466
|
+
/// It's intended to be used with SSL_CTX_sess_set_new_cb function.
|
1467
|
+
///
|
1468
|
+
/// It returns 1 if callback takes ownership over \a session and 0 otherwise.
|
1469
|
+
static int server_handshaker_factory_new_session_callback(
|
1470
|
+
SSL* ssl, SSL_SESSION* session) {
|
1471
|
+
SSL_CTX* ssl_context = SSL_get_SSL_CTX(ssl);
|
1472
|
+
if (ssl_context == nullptr) {
|
1473
|
+
return 0;
|
1474
|
+
}
|
1475
|
+
void* arg = SSL_CTX_get_ex_data(ssl_context, g_ssl_ctx_ex_factory_index);
|
1476
|
+
tsi_ssl_client_handshaker_factory* factory =
|
1477
|
+
static_cast<tsi_ssl_client_handshaker_factory*>(arg);
|
1478
|
+
const char* server_name = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
|
1479
|
+
if (server_name == nullptr) {
|
1480
|
+
return 0;
|
1481
|
+
}
|
1482
|
+
factory->session_cache->Put(server_name, tsi::SslSessionPtr(session));
|
1483
|
+
// Return 1 to indicate transfered ownership over the given session.
|
1484
|
+
return 1;
|
1485
|
+
}
|
1486
|
+
|
1360
1487
|
/* --- tsi_ssl_handshaker_factory constructors. --- */
|
1361
1488
|
|
1362
1489
|
static tsi_ssl_handshaker_factory_vtable client_handshaker_factory_vtable = {
|
@@ -1367,15 +1494,31 @@ tsi_result tsi_create_ssl_client_handshaker_factory(
|
|
1367
1494
|
const char* pem_root_certs, const char* cipher_suites,
|
1368
1495
|
const char** alpn_protocols, uint16_t num_alpn_protocols,
|
1369
1496
|
tsi_ssl_client_handshaker_factory** factory) {
|
1497
|
+
tsi_ssl_client_handshaker_options options;
|
1498
|
+
memset(&options, 0, sizeof(options));
|
1499
|
+
options.pem_key_cert_pair = pem_key_cert_pair;
|
1500
|
+
options.pem_root_certs = pem_root_certs;
|
1501
|
+
options.cipher_suites = cipher_suites;
|
1502
|
+
options.alpn_protocols = alpn_protocols;
|
1503
|
+
options.num_alpn_protocols = num_alpn_protocols;
|
1504
|
+
return tsi_create_ssl_client_handshaker_factory_with_options(&options,
|
1505
|
+
factory);
|
1506
|
+
}
|
1507
|
+
|
1508
|
+
tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
1509
|
+
const tsi_ssl_client_handshaker_options* options,
|
1510
|
+
tsi_ssl_client_handshaker_factory** factory) {
|
1370
1511
|
SSL_CTX* ssl_context = nullptr;
|
1371
1512
|
tsi_ssl_client_handshaker_factory* impl = nullptr;
|
1372
1513
|
tsi_result result = TSI_OK;
|
1373
1514
|
|
1374
|
-
gpr_once_init(&
|
1515
|
+
gpr_once_init(&g_init_openssl_once, init_openssl);
|
1375
1516
|
|
1376
1517
|
if (factory == nullptr) return TSI_INVALID_ARGUMENT;
|
1377
1518
|
*factory = nullptr;
|
1378
|
-
if (pem_root_certs == nullptr)
|
1519
|
+
if (options->pem_root_certs == nullptr && options->root_store == nullptr) {
|
1520
|
+
return TSI_INVALID_ARGUMENT;
|
1521
|
+
}
|
1379
1522
|
|
1380
1523
|
ssl_context = SSL_CTX_new(TLSv1_2_method());
|
1381
1524
|
if (ssl_context == nullptr) {
|
@@ -1387,24 +1530,44 @@ tsi_result tsi_create_ssl_client_handshaker_factory(
|
|
1387
1530
|
gpr_zalloc(sizeof(*impl)));
|
1388
1531
|
tsi_ssl_handshaker_factory_init(&impl->base);
|
1389
1532
|
impl->base.vtable = &client_handshaker_factory_vtable;
|
1390
|
-
|
1391
1533
|
impl->ssl_context = ssl_context;
|
1534
|
+
if (options->session_cache != nullptr) {
|
1535
|
+
// Unref is called manually on factory destruction.
|
1536
|
+
impl->session_cache =
|
1537
|
+
reinterpret_cast<tsi::SslSessionLRUCache*>(options->session_cache)
|
1538
|
+
->Ref();
|
1539
|
+
SSL_CTX_set_ex_data(ssl_context, g_ssl_ctx_ex_factory_index, impl);
|
1540
|
+
SSL_CTX_sess_set_new_cb(ssl_context,
|
1541
|
+
server_handshaker_factory_new_session_callback);
|
1542
|
+
SSL_CTX_set_session_cache_mode(ssl_context, SSL_SESS_CACHE_CLIENT);
|
1543
|
+
}
|
1392
1544
|
|
1393
1545
|
do {
|
1394
|
-
result =
|
1395
|
-
|
1546
|
+
result = populate_ssl_context(ssl_context, options->pem_key_cert_pair,
|
1547
|
+
options->cipher_suites);
|
1396
1548
|
if (result != TSI_OK) break;
|
1397
|
-
|
1398
|
-
|
1399
|
-
|
1400
|
-
|
1401
|
-
|
1549
|
+
|
1550
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
1551
|
+
// X509_STORE_up_ref is only available since OpenSSL 1.1.
|
1552
|
+
if (options->root_store != nullptr) {
|
1553
|
+
X509_STORE_up_ref(options->root_store->store);
|
1554
|
+
SSL_CTX_set_cert_store(ssl_context, options->root_store->store);
|
1555
|
+
}
|
1556
|
+
#endif
|
1557
|
+
if (OPENSSL_VERSION_NUMBER < 0x10100000 || options->root_store == nullptr) {
|
1558
|
+
result = ssl_ctx_load_verification_certs(
|
1559
|
+
ssl_context, options->pem_root_certs, strlen(options->pem_root_certs),
|
1560
|
+
nullptr);
|
1561
|
+
if (result != TSI_OK) {
|
1562
|
+
gpr_log(GPR_ERROR, "Cannot load server root certificates.");
|
1563
|
+
break;
|
1564
|
+
}
|
1402
1565
|
}
|
1403
1566
|
|
1404
|
-
if (num_alpn_protocols != 0) {
|
1405
|
-
result = build_alpn_protocol_name_list(
|
1406
|
-
|
1407
|
-
|
1567
|
+
if (options->num_alpn_protocols != 0) {
|
1568
|
+
result = build_alpn_protocol_name_list(
|
1569
|
+
options->alpn_protocols, options->num_alpn_protocols,
|
1570
|
+
&impl->alpn_protocol_list, &impl->alpn_protocol_list_length);
|
1408
1571
|
if (result != TSI_OK) {
|
1409
1572
|
gpr_log(GPR_ERROR, "Building alpn list failed with error %s.",
|
1410
1573
|
tsi_result_to_string(result));
|
@@ -1457,15 +1620,32 @@ tsi_result tsi_create_ssl_server_handshaker_factory_ex(
|
|
1457
1620
|
tsi_client_certificate_request_type client_certificate_request,
|
1458
1621
|
const char* cipher_suites, const char** alpn_protocols,
|
1459
1622
|
uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory** factory) {
|
1623
|
+
tsi_ssl_server_handshaker_options options;
|
1624
|
+
memset(&options, 0, sizeof(options));
|
1625
|
+
options.pem_key_cert_pairs = pem_key_cert_pairs;
|
1626
|
+
options.num_key_cert_pairs = num_key_cert_pairs;
|
1627
|
+
options.pem_client_root_certs = pem_client_root_certs;
|
1628
|
+
options.client_certificate_request = client_certificate_request;
|
1629
|
+
options.cipher_suites = cipher_suites;
|
1630
|
+
options.alpn_protocols = alpn_protocols;
|
1631
|
+
options.num_alpn_protocols = num_alpn_protocols;
|
1632
|
+
return tsi_create_ssl_server_handshaker_factory_with_options(&options,
|
1633
|
+
factory);
|
1634
|
+
}
|
1635
|
+
|
1636
|
+
tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
1637
|
+
const tsi_ssl_server_handshaker_options* options,
|
1638
|
+
tsi_ssl_server_handshaker_factory** factory) {
|
1460
1639
|
tsi_ssl_server_handshaker_factory* impl = nullptr;
|
1461
1640
|
tsi_result result = TSI_OK;
|
1462
1641
|
size_t i = 0;
|
1463
1642
|
|
1464
|
-
gpr_once_init(&
|
1643
|
+
gpr_once_init(&g_init_openssl_once, init_openssl);
|
1465
1644
|
|
1466
1645
|
if (factory == nullptr) return TSI_INVALID_ARGUMENT;
|
1467
1646
|
*factory = nullptr;
|
1468
|
-
if (num_key_cert_pairs == 0 ||
|
1647
|
+
if (options->num_key_cert_pairs == 0 ||
|
1648
|
+
options->pem_key_cert_pairs == nullptr) {
|
1469
1649
|
return TSI_INVALID_ARGUMENT;
|
1470
1650
|
}
|
1471
1651
|
|
@@ -1474,28 +1654,28 @@ tsi_result tsi_create_ssl_server_handshaker_factory_ex(
|
|
1474
1654
|
tsi_ssl_handshaker_factory_init(&impl->base);
|
1475
1655
|
impl->base.vtable = &server_handshaker_factory_vtable;
|
1476
1656
|
|
1477
|
-
impl->ssl_contexts =
|
1478
|
-
|
1479
|
-
impl->ssl_context_x509_subject_names =
|
1480
|
-
|
1657
|
+
impl->ssl_contexts = static_cast<SSL_CTX**>(
|
1658
|
+
gpr_zalloc(options->num_key_cert_pairs * sizeof(SSL_CTX*)));
|
1659
|
+
impl->ssl_context_x509_subject_names = static_cast<tsi_peer*>(
|
1660
|
+
gpr_zalloc(options->num_key_cert_pairs * sizeof(tsi_peer)));
|
1481
1661
|
if (impl->ssl_contexts == nullptr ||
|
1482
1662
|
impl->ssl_context_x509_subject_names == nullptr) {
|
1483
1663
|
tsi_ssl_handshaker_factory_unref(&impl->base);
|
1484
1664
|
return TSI_OUT_OF_RESOURCES;
|
1485
1665
|
}
|
1486
|
-
impl->ssl_context_count = num_key_cert_pairs;
|
1666
|
+
impl->ssl_context_count = options->num_key_cert_pairs;
|
1487
1667
|
|
1488
|
-
if (num_alpn_protocols > 0) {
|
1489
|
-
result = build_alpn_protocol_name_list(
|
1490
|
-
|
1491
|
-
|
1668
|
+
if (options->num_alpn_protocols > 0) {
|
1669
|
+
result = build_alpn_protocol_name_list(
|
1670
|
+
options->alpn_protocols, options->num_alpn_protocols,
|
1671
|
+
&impl->alpn_protocol_list, &impl->alpn_protocol_list_length);
|
1492
1672
|
if (result != TSI_OK) {
|
1493
1673
|
tsi_ssl_handshaker_factory_unref(&impl->base);
|
1494
1674
|
return result;
|
1495
1675
|
}
|
1496
1676
|
}
|
1497
1677
|
|
1498
|
-
for (i = 0; i < num_key_cert_pairs; i++) {
|
1678
|
+
for (i = 0; i < options->num_key_cert_pairs; i++) {
|
1499
1679
|
do {
|
1500
1680
|
impl->ssl_contexts[i] = SSL_CTX_new(TLSv1_2_method());
|
1501
1681
|
if (impl->ssl_contexts[i] == nullptr) {
|
@@ -1504,20 +1684,44 @@ tsi_result tsi_create_ssl_server_handshaker_factory_ex(
|
|
1504
1684
|
break;
|
1505
1685
|
}
|
1506
1686
|
result = populate_ssl_context(impl->ssl_contexts[i],
|
1507
|
-
&pem_key_cert_pairs[i],
|
1687
|
+
&options->pem_key_cert_pairs[i],
|
1688
|
+
options->cipher_suites);
|
1508
1689
|
if (result != TSI_OK) break;
|
1509
1690
|
|
1510
|
-
|
1691
|
+
// TODO(elessar): Provide ability to disable session ticket keys.
|
1692
|
+
|
1693
|
+
// Allow client cache sessions (it's needed for OpenSSL only).
|
1694
|
+
int set_sid_ctx_result = SSL_CTX_set_session_id_context(
|
1695
|
+
impl->ssl_contexts[i], kSslSessionIdContext,
|
1696
|
+
GPR_ARRAY_SIZE(kSslSessionIdContext));
|
1697
|
+
if (set_sid_ctx_result == 0) {
|
1698
|
+
gpr_log(GPR_ERROR, "Failed to set session id context.");
|
1699
|
+
result = TSI_INTERNAL_ERROR;
|
1700
|
+
break;
|
1701
|
+
}
|
1702
|
+
|
1703
|
+
if (options->session_ticket_key != nullptr) {
|
1704
|
+
if (SSL_CTX_set_tlsext_ticket_keys(
|
1705
|
+
impl->ssl_contexts[i],
|
1706
|
+
const_cast<char*>(options->session_ticket_key),
|
1707
|
+
options->session_ticket_key_size) == 0) {
|
1708
|
+
gpr_log(GPR_ERROR, "Invalid STEK size.");
|
1709
|
+
result = TSI_INVALID_ARGUMENT;
|
1710
|
+
break;
|
1711
|
+
}
|
1712
|
+
}
|
1713
|
+
|
1714
|
+
if (options->pem_client_root_certs != nullptr) {
|
1511
1715
|
STACK_OF(X509_NAME)* root_names = nullptr;
|
1512
1716
|
result = ssl_ctx_load_verification_certs(
|
1513
|
-
impl->ssl_contexts[i], pem_client_root_certs,
|
1514
|
-
strlen(pem_client_root_certs), &root_names);
|
1717
|
+
impl->ssl_contexts[i], options->pem_client_root_certs,
|
1718
|
+
strlen(options->pem_client_root_certs), &root_names);
|
1515
1719
|
if (result != TSI_OK) {
|
1516
1720
|
gpr_log(GPR_ERROR, "Invalid verification certs.");
|
1517
1721
|
break;
|
1518
1722
|
}
|
1519
1723
|
SSL_CTX_set_client_CA_list(impl->ssl_contexts[i], root_names);
|
1520
|
-
switch (client_certificate_request) {
|
1724
|
+
switch (options->client_certificate_request) {
|
1521
1725
|
case TSI_DONT_REQUEST_CLIENT_CERTIFICATE:
|
1522
1726
|
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_NONE, nullptr);
|
1523
1727
|
break;
|
@@ -1544,7 +1748,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_ex(
|
|
1544
1748
|
}
|
1545
1749
|
|
1546
1750
|
result = extract_x509_subject_names_from_pem_cert(
|
1547
|
-
pem_key_cert_pairs[i].cert_chain,
|
1751
|
+
options->pem_key_cert_pairs[i].cert_chain,
|
1548
1752
|
&impl->ssl_context_x509_subject_names[i]);
|
1549
1753
|
if (result != TSI_OK) break;
|
1550
1754
|
|