grpc 1.15.0 → 1.30.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +8591 -13387
- data/etc/roots.pem +455 -130
- data/include/grpc/grpc.h +39 -9
- data/include/grpc/grpc_posix.h +0 -8
- data/include/grpc/grpc_security.h +409 -14
- data/include/grpc/grpc_security_constants.h +55 -22
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer.h +13 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -1
- data/include/grpc/impl/codegen/gpr_types.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +111 -16
- data/include/grpc/impl/codegen/port_platform.h +171 -9
- data/include/grpc/impl/codegen/slice.h +2 -22
- data/include/grpc/impl/codegen/status.h +2 -1
- data/include/grpc/impl/codegen/sync.h +5 -3
- data/include/grpc/impl/codegen/sync_abseil.h +36 -0
- data/include/grpc/impl/codegen/sync_generic.h +1 -1
- data/include/grpc/impl/codegen/sync_posix.h +18 -0
- data/include/grpc/module.modulemap +25 -37
- data/include/grpc/slice.h +3 -3
- data/include/grpc/support/alloc.h +0 -16
- data/include/grpc/support/sync_abseil.h +26 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +81 -0
- data/src/core/ext/filters/client_channel/backend_metric.h +36 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +26 -19
- data/src/core/ext/filters/client_channel/backup_poller.h +8 -2
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +21 -5
- data/src/core/ext/filters/client_channel/client_channel.cc +2888 -2206
- data/src/core/ext/filters/client_channel/client_channel.h +26 -6
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +54 -72
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +33 -26
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +22 -34
- data/src/core/ext/filters/client_channel/client_channel_factory.h +12 -39
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +13 -14
- data/src/core/ext/filters/client_channel/connector.h +43 -37
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +179 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +68 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +606 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.h +175 -0
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +177 -158
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +1 -1
- data/src/core/ext/filters/client_channel/http_proxy.cc +125 -121
- data/src/core/ext/filters/client_channel/http_proxy.h +5 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +105 -26
- data/src/core/ext/filters/client_channel/lb_policy.h +352 -152
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +297 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +83 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +64 -47
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +1010 -1155
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +7 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +12 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +53 -40
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +10 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +19 -16
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +157 -271
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +43 -59
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +235 -384
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +174 -409
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +157 -285
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +734 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +417 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +32 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +834 -0
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +7 -91
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +93 -8
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +13 -2
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +96 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +57 -0
- data/src/core/ext/filters/client_channel/parse_address.cc +76 -30
- data/src/core/ext/filters/client_channel/parse_address.h +4 -1
- data/src/core/ext/filters/client_channel/proxy_mapper.h +14 -34
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +46 -79
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +23 -17
- data/src/core/ext/filters/client_channel/resolver.cc +55 -5
- data/src/core/ext/filters/client_channel/resolver.h +61 -61
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +251 -226
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +200 -36
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +18 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +177 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +8 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +491 -131
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +434 -233
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +20 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +15 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +38 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +7 -2
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +28 -0
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +29 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +92 -131
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +220 -134
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +27 -17
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +73 -99
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +184 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +13 -11
- data/src/core/ext/filters/client_channel/resolver_registry.cc +33 -14
- data/src/core/ext/filters/client_channel/resolver_registry.h +19 -13
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +443 -0
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +127 -0
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +348 -0
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +123 -0
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -5
- data/src/core/ext/filters/client_channel/retry_throttle.h +2 -6
- data/src/core/ext/filters/client_channel/server_address.cc +48 -0
- data/src/core/ext/filters/client_channel/server_address.h +90 -0
- data/src/core/ext/filters/client_channel/service_config.cc +221 -0
- data/src/core/ext/filters/client_channel/service_config.h +123 -0
- data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +903 -634
- data/src/core/ext/filters/client_channel/subchannel.h +364 -131
- data/src/core/ext/filters/client_channel/subchannel_interface.h +94 -0
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +97 -0
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +91 -0
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +1906 -0
- data/src/core/ext/filters/client_channel/xds/xds_api.h +280 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +342 -0
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +88 -0
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +46 -0
- data/src/core/ext/filters/client_channel/xds/xds_channel_args.h +26 -0
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +106 -0
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +2367 -0
- data/src/core/ext/filters/client_channel/xds/xds_client.h +309 -0
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +115 -0
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +211 -0
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +440 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +49 -52
- data/src/core/ext/filters/deadline/deadline_filter.h +11 -14
- data/src/core/ext/filters/http/client/http_client_filter.cc +122 -85
- data/src/core/ext/filters/http/client/http_client_filter.h +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +26 -24
- data/src/core/ext/filters/http/http_filters_plugin.cc +27 -12
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +342 -295
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +358 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +29 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +156 -54
- data/src/core/ext/filters/max_age/max_age_filter.cc +76 -63
- data/src/core/ext/filters/message_size/message_size_filter.cc +218 -119
- data/src/core/ext/filters/message_size/message_size_filter.h +33 -0
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +19 -17
- data/src/core/ext/transport/chttp2/alpn/alpn.h +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +141 -164
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +31 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +36 -34
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +133 -138
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +128 -30
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +2 -2
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +8 -11
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +4 -4
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +11 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +4 -3
- data/src/core/ext/transport/chttp2/transport/chttp2_plugin.cc +9 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +911 -716
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +8 -1
- data/src/core/ext/transport/chttp2/transport/context_list.cc +69 -0
- data/src/core/ext/transport/chttp2/transport/context_list.h +53 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/flow_control.h +22 -30
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +47 -54
- data/src/core/ext/transport/chttp2/transport/frame_data.h +11 -13
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +9 -8
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +5 -5
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +7 -5
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +3 -4
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +17 -7
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +11 -4
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +11 -7
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +7 -6
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +3 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +548 -351
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +26 -15
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +201 -120
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +14 -6
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +47 -169
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +70 -17
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +10 -17
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +19 -10
- data/src/core/ext/transport/chttp2/transport/internal.h +226 -161
- data/src/core/ext/transport/chttp2/transport/parsing.cc +166 -110
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +28 -18
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +95 -35
- data/src/core/ext/transport/inproc/inproc_transport.cc +406 -388
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +54 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +21 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +378 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +28 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +403 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +1447 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +218 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +69 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +55 -0
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +305 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +328 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +313 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +897 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +96 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +322 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +72 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +197 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +642 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +172 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +673 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +80 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +152 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +518 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +89 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +129 -0
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +392 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +31 -0
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +92 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +240 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +18 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +33 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +266 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +324 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +31 -0
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +109 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +399 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +18 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +33 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +145 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +527 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +112 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +30 -0
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +199 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +18 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +33 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +815 -0
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +3032 -0
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +59 -0
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +134 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +28 -0
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +53 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +228 -0
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +725 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +316 -0
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +1132 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +33 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +24 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +50 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +134 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.c +17 -0
- data/src/core/ext/upb-generated/envoy/type/http.upb.h +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +144 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +133 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +258 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +39 -0
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +87 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +50 -0
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +112 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +89 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +249 -0
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +17 -0
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.h +30 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +18 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +30 -0
- data/src/core/ext/upb-generated/google/api/http.upb.c +66 -0
- data/src/core/ext/upb-generated/google/api/http.upb.h +190 -0
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +27 -0
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +58 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +486 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +1696 -0
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +27 -0
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +58 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +22 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +50 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +79 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +215 -0
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +27 -0
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +58 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +106 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +238 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +33 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +74 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +49 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +126 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +212 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +693 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +42 -0
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +109 -0
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +36 -0
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +84 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +141 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +393 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +104 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +65 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +58 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +144 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +448 -0
- data/src/core/ext/upb-generated/validate/validate.upb.h +2073 -0
- data/src/core/lib/avl/avl.cc +1 -1
- data/src/core/lib/channel/channel_args.cc +54 -115
- data/src/core/lib/channel/channel_args.h +44 -40
- data/src/core/lib/channel/channel_stack.cc +6 -5
- data/src/core/lib/channel/channel_stack.h +52 -28
- data/src/core/lib/channel/channel_stack_builder.cc +14 -2
- data/src/core/lib/channel/channel_stack_builder.h +8 -0
- data/src/core/lib/channel/channel_trace.cc +75 -85
- data/src/core/lib/channel/channel_trace.h +37 -32
- data/src/core/lib/channel/channelz.cc +496 -106
- data/src/core/lib/channel/channelz.h +262 -61
- data/src/core/lib/channel/channelz_registry.cc +191 -69
- data/src/core/lib/channel/channelz_registry.h +30 -53
- data/src/core/lib/channel/connected_channel.cc +30 -27
- data/src/core/lib/channel/context.h +6 -6
- data/src/core/lib/channel/handshaker.cc +150 -218
- data/src/core/lib/channel/handshaker.h +111 -102
- data/src/core/lib/channel/handshaker_factory.h +9 -17
- data/src/core/lib/channel/handshaker_registry.cc +57 -49
- data/src/core/lib/channel/handshaker_registry.h +21 -15
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/algorithm_metadata.h +3 -3
- data/src/core/lib/compression/compression.cc +17 -12
- data/src/core/lib/compression/compression_args.cc +134 -0
- data/src/core/lib/compression/compression_args.h +56 -0
- data/src/core/lib/compression/compression_internal.cc +17 -13
- data/src/core/lib/compression/compression_internal.h +9 -1
- data/src/core/lib/compression/message_compress.cc +8 -3
- data/src/core/lib/compression/stream_compression.cc +3 -2
- data/src/core/lib/compression/stream_compression.h +2 -2
- data/src/core/lib/compression/stream_compression_gzip.cc +9 -9
- data/src/core/lib/compression/stream_compression_identity.cc +5 -7
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +3 -1
- data/src/core/lib/debug/trace.cc +16 -7
- data/src/core/lib/debug/trace.h +20 -4
- data/src/core/lib/gpr/alloc.cc +4 -29
- data/src/core/lib/gpr/arena.h +13 -7
- data/src/core/lib/gpr/cpu_linux.cc +1 -1
- data/src/core/lib/gpr/cpu_posix.cc +5 -3
- data/src/core/lib/gpr/env.h +3 -6
- data/src/core/lib/gpr/env_linux.cc +15 -21
- data/src/core/lib/gpr/env_posix.cc +5 -5
- data/src/core/lib/gpr/env_windows.cc +7 -5
- data/src/core/lib/gpr/log.cc +9 -13
- data/src/core/lib/gpr/log_linux.cc +2 -2
- data/src/core/lib/gpr/log_posix.cc +4 -3
- data/src/core/lib/gpr/spinlock.h +2 -3
- data/src/core/lib/gpr/string.cc +29 -35
- data/src/core/lib/gpr/string.h +11 -19
- data/src/core/lib/gpr/sync_abseil.cc +116 -0
- data/src/core/lib/gpr/sync_posix.cc +78 -9
- data/src/core/lib/gpr/sync_windows.cc +4 -2
- data/src/core/lib/gpr/time.cc +12 -0
- data/src/core/lib/gpr/time_posix.cc +22 -3
- data/src/core/lib/gpr/time_precise.cc +123 -36
- data/src/core/lib/gpr/time_precise.h +37 -0
- data/src/core/lib/gprpp/arena.cc +103 -0
- data/src/core/lib/gprpp/arena.h +120 -0
- data/src/core/lib/gprpp/atomic.h +79 -5
- data/src/core/lib/gprpp/debug_location.h +3 -2
- data/src/core/lib/gprpp/fork.cc +30 -56
- data/src/core/lib/gprpp/fork.h +18 -3
- data/src/core/lib/gprpp/global_config.h +96 -0
- data/src/core/lib/gprpp/global_config_custom.h +29 -0
- data/src/core/lib/gprpp/global_config_env.cc +135 -0
- data/src/core/lib/gprpp/global_config_env.h +131 -0
- data/src/core/lib/gprpp/global_config_generic.h +44 -0
- data/src/core/lib/gprpp/host_port.cc +112 -0
- data/src/core/lib/gprpp/host_port.h +56 -0
- data/src/core/lib/gprpp/map.h +53 -0
- data/src/core/lib/gprpp/memory.h +11 -83
- data/src/core/lib/gprpp/mpscq.cc +108 -0
- data/src/core/lib/gprpp/mpscq.h +98 -0
- data/src/core/lib/gprpp/orphanable.h +27 -95
- data/src/core/lib/gprpp/ref_counted.h +228 -83
- data/src/core/lib/gprpp/ref_counted_ptr.h +39 -16
- data/src/core/lib/gprpp/sync.h +135 -0
- data/src/core/lib/gprpp/thd.h +54 -12
- data/src/core/lib/gprpp/thd_posix.cc +57 -13
- data/src/core/lib/gprpp/thd_windows.cc +54 -33
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +11 -11
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +121 -107
- data/src/core/lib/http/parser.cc +4 -3
- data/src/core/lib/http/parser.h +9 -9
- data/src/core/lib/iomgr/buffer_list.cc +308 -0
- data/src/core/lib/iomgr/buffer_list.h +165 -0
- data/src/core/lib/iomgr/call_combiner.cc +113 -69
- data/src/core/lib/iomgr/call_combiner.h +96 -74
- data/src/core/lib/iomgr/cfstream_handle.cc +209 -0
- data/src/core/lib/iomgr/cfstream_handle.h +90 -0
- data/src/core/lib/iomgr/closure.h +44 -141
- data/src/core/lib/iomgr/combiner.cc +50 -86
- data/src/core/lib/iomgr/combiner.h +31 -9
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/dynamic_annotations.h +67 -0
- data/src/core/lib/iomgr/endpoint.cc +8 -4
- data/src/core/lib/iomgr/endpoint.h +12 -4
- data/src/core/lib/iomgr/endpoint_cfstream.cc +376 -0
- data/src/core/lib/iomgr/endpoint_cfstream.h +49 -0
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +1 -1
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +2 -2
- data/src/core/lib/iomgr/error.cc +71 -64
- data/src/core/lib/iomgr/error.h +74 -10
- data/src/core/lib/iomgr/error_cfstream.cc +52 -0
- data/src/core/lib/iomgr/error_cfstream.h +31 -0
- data/src/core/lib/iomgr/error_internal.h +1 -3
- data/src/core/lib/iomgr/ev_apple.cc +356 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +99 -69
- data/src/core/lib/iomgr/ev_epollex_linux.cc +238 -259
- data/src/core/lib/iomgr/ev_poll_posix.cc +52 -504
- data/src/core/lib/iomgr/ev_posix.cc +54 -31
- data/src/core/lib/iomgr/ev_posix.h +29 -3
- data/src/core/lib/iomgr/ev_windows.cc +2 -2
- data/src/core/lib/iomgr/exec_ctx.cc +79 -8
- data/src/core/lib/iomgr/exec_ctx.h +163 -21
- data/src/core/lib/iomgr/executor.cc +137 -101
- data/src/core/lib/iomgr/executor.h +54 -48
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +183 -0
- data/src/core/lib/iomgr/executor/mpmcqueue.h +175 -0
- data/src/core/lib/iomgr/executor/threadpool.cc +137 -0
- data/src/core/lib/iomgr/executor/threadpool.h +149 -0
- data/src/core/lib/iomgr/fork_posix.cc +15 -8
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +30 -0
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +42 -0
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +38 -0
- data/src/core/lib/iomgr/internal_errqueue.cc +67 -0
- data/src/core/lib/iomgr/internal_errqueue.h +191 -0
- data/src/core/lib/iomgr/iocp_windows.cc +2 -2
- data/src/core/lib/iomgr/iomgr.cc +27 -13
- data/src/core/lib/iomgr/iomgr.h +19 -0
- data/src/core/lib/iomgr/iomgr_custom.cc +18 -2
- data/src/core/lib/iomgr/iomgr_custom.h +2 -0
- data/src/core/lib/iomgr/iomgr_internal.cc +14 -0
- data/src/core/lib/iomgr/iomgr_internal.h +16 -0
- data/src/core/lib/iomgr/iomgr_posix.cc +23 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +171 -0
- data/src/core/lib/iomgr/iomgr_uv.cc +3 -0
- data/src/core/lib/iomgr/iomgr_windows.cc +20 -1
- data/src/core/lib/iomgr/load_file.cc +1 -0
- data/src/core/lib/iomgr/lockfree_event.cc +16 -15
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +87 -0
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +88 -0
- data/src/core/lib/iomgr/polling_entity.h +4 -4
- data/src/core/lib/iomgr/pollset_custom.cc +5 -5
- data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
- data/src/core/lib/iomgr/pollset_uv.h +32 -0
- data/src/core/lib/iomgr/pollset_windows.cc +16 -2
- data/src/core/lib/iomgr/port.h +49 -2
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.h +5 -7
- data/src/core/lib/iomgr/resolve_address_custom.cc +36 -50
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +22 -25
- data/src/core/lib/iomgr/resolve_address_windows.cc +14 -26
- data/src/core/lib/iomgr/resource_quota.cc +175 -110
- data/src/core/lib/iomgr/resource_quota.h +30 -11
- data/src/core/lib/iomgr/sockaddr_utils.cc +26 -31
- data/src/core/lib/iomgr/sockaddr_utils.h +9 -14
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +145 -27
- data/src/core/lib/iomgr/socket_utils_posix.h +26 -0
- data/src/core/lib/iomgr/socket_windows.cc +21 -2
- data/src/core/lib/iomgr/socket_windows.h +9 -1
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +215 -0
- data/src/core/lib/iomgr/tcp_client_custom.cc +19 -7
- data/src/core/lib/iomgr/tcp_client_posix.cc +40 -38
- data/src/core/lib/iomgr/tcp_client_posix.h +6 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +11 -10
- data/src/core/lib/iomgr/tcp_custom.cc +37 -32
- data/src/core/lib/iomgr/tcp_custom.h +3 -0
- data/src/core/lib/iomgr/tcp_posix.cc +1196 -168
- data/src/core/lib/iomgr/tcp_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_server.cc +5 -0
- data/src/core/lib/iomgr/tcp_server.h +21 -0
- data/src/core/lib/iomgr/tcp_server_custom.cc +43 -30
- data/src/core/lib/iomgr/tcp_server_posix.cc +97 -21
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +19 -16
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +8 -11
- data/src/core/lib/iomgr/tcp_server_windows.cc +19 -15
- data/src/core/lib/iomgr/tcp_uv.cc +8 -9
- data/src/core/lib/iomgr/tcp_windows.cc +110 -48
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer.h +2 -1
- data/src/core/lib/iomgr/timer_custom.cc +7 -5
- data/src/core/lib/iomgr/timer_generic.cc +42 -40
- data/src/core/lib/iomgr/timer_generic.h +39 -0
- data/src/core/lib/iomgr/timer_heap.cc +2 -2
- data/src/core/lib/iomgr/timer_heap.h +5 -6
- data/src/core/lib/iomgr/timer_manager.cc +34 -16
- data/src/core/lib/iomgr/timer_manager.h +4 -2
- data/src/core/lib/iomgr/udp_server.cc +31 -30
- data/src/core/lib/iomgr/udp_server.h +6 -12
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +3 -4
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +1 -19
- data/src/core/lib/iomgr/work_serializer.cc +155 -0
- data/src/core/lib/iomgr/work_serializer.h +65 -0
- data/src/core/lib/json/json.h +209 -68
- data/src/core/lib/json/json_reader.cc +511 -319
- data/src/core/lib/json/json_writer.cc +202 -110
- data/src/core/lib/profiling/basic_timers.cc +12 -6
- data/src/core/lib/security/context/security_context.cc +92 -119
- data/src/core/lib/security/context/security_context.h +79 -48
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +39 -48
- data/src/core/lib/security/credentials/alts/alts_credentials.h +37 -10
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +45 -57
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +2 -1
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +3 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +119 -159
- data/src/core/lib/security/credentials/composite/composite_credentials.h +71 -24
- data/src/core/lib/security/credentials/credentials.cc +18 -142
- data/src/core/lib/security/credentials/credentials.h +141 -105
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +48 -72
- data/src/core/lib/security/credentials/fake/fake_credentials.h +28 -5
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +186 -99
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +32 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +33 -39
- data/src/core/lib/security/credentials/iam/iam_credentials.h +22 -4
- data/src/core/lib/security/credentials/jwt/json_token.cc +32 -58
- data/src/core/lib/security/credentials/jwt/json_token.h +5 -7
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +70 -88
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +41 -10
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +159 -170
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +4 -5
- data/src/core/lib/security/credentials/local/local_credentials.cc +21 -34
- data/src/core/lib/security/credentials/local/local_credentials.h +32 -11
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +438 -203
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +98 -33
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +89 -91
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +43 -17
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +84 -83
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +60 -15
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +245 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +313 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +128 -0
- data/src/core/lib/security/credentials/tls/tls_credentials.h +62 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +301 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +76 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +324 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +45 -0
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +2 -2
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +15 -9
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +281 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.h +59 -0
- data/src/core/lib/security/security_connector/security_connector.cc +40 -1158
- data/src/core/lib/security/security_connector/security_connector.h +100 -209
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +439 -0
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +77 -0
- data/src/core/lib/security/security_connector/ssl_utils.cc +563 -0
- data/src/core/lib/security/security_connector/ssl_utils.h +184 -0
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +32 -0
- data/src/core/lib/security/security_connector/ssl_utils_config.h +30 -0
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +603 -0
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +183 -0
- data/src/core/lib/security/transport/auth_filters.h +5 -2
- data/src/core/lib/security/transport/client_auth_filter.cc +164 -116
- data/src/core/lib/security/transport/secure_endpoint.cc +70 -53
- data/src/core/lib/security/transport/security_handshaker.cc +340 -297
- data/src/core/lib/security/transport/security_handshaker.h +14 -3
- data/src/core/lib/security/transport/server_auth_filter.cc +115 -55
- data/src/core/lib/security/transport/target_authority_table.h +1 -1
- data/src/core/lib/security/util/json_util.cc +34 -13
- data/src/core/lib/security/util/json_util.h +5 -3
- data/src/core/lib/slice/b64.cc +3 -4
- data/src/core/lib/slice/b64.h +3 -4
- data/src/core/lib/slice/percent_encoding.cc +3 -3
- data/src/core/lib/slice/percent_encoding.h +3 -3
- data/src/core/lib/slice/slice.cc +219 -153
- data/src/core/lib/slice/slice_buffer.cc +60 -26
- data/src/core/lib/slice/slice_hash_table.h +9 -15
- data/src/core/lib/slice/slice_intern.cc +186 -143
- data/src/core/lib/slice/slice_internal.h +318 -3
- data/src/core/lib/slice/slice_string_helpers.cc +10 -1
- data/src/core/lib/slice/slice_string_helpers.h +3 -1
- data/src/core/lib/slice/slice_utils.h +200 -0
- data/src/core/lib/slice/slice_weak_hash_table.h +10 -17
- data/src/core/lib/surface/api_trace.h +1 -1
- data/src/core/lib/surface/byte_buffer_reader.cc +15 -43
- data/src/core/lib/surface/call.cc +419 -438
- data/src/core/lib/surface/call.h +14 -5
- data/src/core/lib/surface/call_details.cc +0 -1
- data/src/core/lib/surface/call_log_batch.cc +51 -60
- data/src/core/lib/surface/channel.cc +205 -144
- data/src/core/lib/surface/channel.h +85 -14
- data/src/core/lib/surface/channel_init.h +5 -0
- data/src/core/lib/surface/channel_ping.cc +3 -4
- data/src/core/lib/surface/completion_queue.cc +322 -281
- data/src/core/lib/surface/completion_queue.h +7 -21
- data/src/core/lib/surface/completion_queue_factory.cc +4 -4
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init.cc +86 -31
- data/src/core/lib/surface/init.h +1 -0
- data/src/core/lib/surface/init_secure.cc +4 -4
- data/src/core/lib/surface/lame_client.cc +46 -35
- data/src/core/lib/surface/server.cc +815 -476
- data/src/core/lib/surface/server.h +50 -9
- data/src/core/lib/surface/validate_metadata.cc +18 -8
- data/src/core/lib/surface/validate_metadata.h +13 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +3 -3
- data/src/core/lib/transport/bdp_estimator.h +2 -2
- data/src/core/lib/transport/byte_stream.cc +5 -7
- data/src/core/lib/transport/byte_stream.h +13 -12
- data/src/core/lib/transport/connectivity_state.cc +114 -129
- data/src/core/lib/transport/connectivity_state.h +102 -58
- data/src/core/lib/transport/error_utils.cc +25 -2
- data/src/core/lib/transport/metadata.cc +428 -288
- data/src/core/lib/transport/metadata.h +307 -26
- data/src/core/lib/transport/metadata_batch.cc +81 -18
- data/src/core/lib/transport/metadata_batch.h +47 -6
- data/src/core/lib/transport/static_metadata.cc +1150 -521
- data/src/core/lib/transport/static_metadata.h +311 -317
- data/src/core/lib/transport/status_conversion.cc +7 -15
- data/src/core/lib/transport/status_metadata.cc +11 -4
- data/src/core/lib/transport/status_metadata.h +18 -0
- data/src/core/lib/transport/timeout_encoding.cc +8 -1
- data/src/core/lib/transport/timeout_encoding.h +4 -3
- data/src/core/lib/transport/transport.cc +49 -80
- data/src/core/lib/transport/transport.h +132 -54
- data/src/core/lib/transport/transport_impl.h +1 -1
- data/src/core/lib/transport/transport_op_string.cc +67 -105
- data/src/core/lib/uri/uri_parser.cc +314 -0
- data/src/core/lib/uri/uri_parser.h +49 -0
- data/src/core/plugin_registry/grpc_plugin_registry.cc +32 -4
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +715 -144
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +49 -35
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +83 -0
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +73 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +373 -217
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +45 -24
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +43 -10
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +13 -7
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +4 -3
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +75 -48
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +35 -27
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +13 -3
- data/src/core/tsi/fake_transport_security.cc +26 -25
- data/src/core/tsi/fake_transport_security.h +2 -0
- data/src/core/tsi/local_transport_security.cc +8 -6
- data/src/core/tsi/ssl/session_cache/ssl_session.h +2 -6
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +2 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +14 -11
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -13
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -3
- data/src/core/tsi/ssl_transport_security.cc +289 -125
- data/src/core/tsi/ssl_transport_security.h +52 -13
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.cc +31 -1
- data/src/core/tsi/transport_security.h +8 -10
- data/src/core/tsi/transport_security_grpc.cc +7 -0
- data/src/core/tsi/transport_security_grpc.h +8 -3
- data/src/core/tsi/transport_security_interface.h +15 -3
- data/src/ruby/bin/math_pb.rb +23 -21
- data/src/ruby/ext/grpc/ext-export.clang +1 -0
- data/src/ruby/ext/grpc/ext-export.gcc +6 -0
- data/src/ruby/ext/grpc/extconf.rb +18 -4
- data/src/ruby/ext/grpc/rb_call.c +11 -2
- data/src/ruby/ext/grpc/rb_call_credentials.c +12 -6
- data/src/ruby/ext/grpc/rb_channel.c +18 -11
- data/src/ruby/ext/grpc/rb_channel_credentials.c +8 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +9 -7
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +22 -0
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc.c +48 -60
- data/src/ruby/ext/grpc/rb_grpc.h +5 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +42 -6
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +67 -13
- data/src/ruby/ext/grpc/rb_server.c +10 -4
- data/src/ruby/lib/grpc.rb +2 -0
- data/src/ruby/lib/grpc/core/status_codes.rb +135 -0
- data/src/ruby/lib/grpc/errors.rb +122 -46
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -2
- data/src/ruby/lib/grpc/generic/interceptors.rb +4 -4
- data/src/ruby/lib/grpc/generic/rpc_desc.rb +3 -3
- data/src/ruby/lib/grpc/generic/rpc_server.rb +64 -4
- data/src/ruby/lib/grpc/generic/service.rb +6 -5
- data/src/ruby/lib/grpc/google_rpc_status_utils.rb +9 -4
- data/src/ruby/lib/grpc/grpc.rb +1 -1
- data/src/ruby/lib/grpc/structs.rb +15 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/README.md +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/grpc/health/checker.rb +2 -3
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +16 -13
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +18 -0
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +4 -2
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +92 -69
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +2 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
- data/src/ruby/spec/channel_spec.rb +44 -0
- data/src/ruby/spec/client_auth_spec.rb +5 -5
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/errors_spec.rb +142 -0
- data/src/ruby/spec/generic/client_stub_spec.rb +13 -9
- data/src/ruby/spec/generic/rpc_server_spec.rb +25 -3
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/google_rpc_status_utils_spec.rb +2 -2
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options.proto +28 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import.proto +22 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +39 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +78 -0
- data/src/ruby/spec/support/services.rb +29 -22
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +159 -0
- data/third_party/abseil-cpp/absl/base/attributes.h +621 -0
- data/third_party/abseil-cpp/absl/base/call_once.h +226 -0
- data/third_party/abseil-cpp/absl/base/casts.h +184 -0
- data/third_party/abseil-cpp/absl/base/config.h +671 -0
- data/third_party/abseil-cpp/absl/base/const_init.h +76 -0
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +129 -0
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +389 -0
- data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +200 -0
- data/third_party/abseil-cpp/absl/base/internal/bits.h +218 -0
- data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +107 -0
- data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +94 -0
- data/third_party/abseil-cpp/absl/base/internal/endian.h +266 -0
- data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
- data/third_party/abseil-cpp/absl/base/internal/hide_ptr.h +51 -0
- data/third_party/abseil-cpp/absl/base/internal/identity.h +37 -0
- data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +107 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +187 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +107 -0
- data/third_party/abseil-cpp/absl/base/internal/per_thread_tls.h +52 -0
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +240 -0
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +183 -0
- data/third_party/abseil-cpp/absl/base/internal/scheduling_mode.h +58 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +233 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +243 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +35 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +66 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +46 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.cc +81 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +93 -0
- data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +37 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +416 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +66 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +271 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +152 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +259 -0
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +108 -0
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.h +75 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +66 -0
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +158 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +140 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +124 -0
- data/third_party/abseil-cpp/absl/base/log_severity.cc +27 -0
- data/third_party/abseil-cpp/absl/base/log_severity.h +121 -0
- data/third_party/abseil-cpp/absl/base/macros.h +220 -0
- data/third_party/abseil-cpp/absl/base/optimization.h +181 -0
- data/third_party/abseil-cpp/absl/base/options.h +211 -0
- data/third_party/abseil-cpp/absl/base/policy_checks.h +111 -0
- data/third_party/abseil-cpp/absl/base/port.h +26 -0
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +280 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +848 -0
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +265 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +892 -0
- data/third_party/abseil-cpp/absl/memory/memory.h +695 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +759 -0
- data/third_party/abseil-cpp/absl/numeric/int128.cc +404 -0
- data/third_party/abseil-cpp/absl/numeric/int128.h +1091 -0
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +302 -0
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +308 -0
- data/third_party/abseil-cpp/absl/strings/ascii.cc +200 -0
- data/third_party/abseil-cpp/absl/strings/ascii.h +242 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +984 -0
- data/third_party/abseil-cpp/absl/strings/charconv.h +119 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +949 -0
- data/third_party/abseil-cpp/absl/strings/escaping.h +164 -0
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +156 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +359 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +423 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +504 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.h +99 -0
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +180 -0
- data/third_party/abseil-cpp/absl/strings/internal/escaping.h +58 -0
- data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +112 -0
- data/third_party/abseil-cpp/absl/strings/internal/memutil.h +148 -0
- data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +36 -0
- data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +89 -0
- data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +73 -0
- data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +248 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +388 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +432 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +245 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +209 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +326 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +51 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +415 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +493 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +23 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +104 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +334 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +333 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +314 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +455 -0
- data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +53 -0
- data/third_party/abseil-cpp/absl/strings/internal/utf8.h +50 -0
- data/third_party/abseil-cpp/absl/strings/match.cc +40 -0
- data/third_party/abseil-cpp/absl/strings/match.h +90 -0
- data/third_party/abseil-cpp/absl/strings/numbers.cc +965 -0
- data/third_party/abseil-cpp/absl/strings/numbers.h +266 -0
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +246 -0
- data/third_party/abseil-cpp/absl/strings/str_cat.h +408 -0
- data/third_party/abseil-cpp/absl/strings/str_format.h +537 -0
- data/third_party/abseil-cpp/absl/strings/str_join.h +293 -0
- data/third_party/abseil-cpp/absl/strings/str_replace.cc +82 -0
- data/third_party/abseil-cpp/absl/strings/str_replace.h +219 -0
- data/third_party/abseil-cpp/absl/strings/str_split.cc +139 -0
- data/third_party/abseil-cpp/absl/strings/str_split.h +513 -0
- data/third_party/abseil-cpp/absl/strings/string_view.cc +235 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +622 -0
- data/third_party/abseil-cpp/absl/strings/strip.h +91 -0
- data/third_party/abseil-cpp/absl/strings/substitute.cc +171 -0
- data/third_party/abseil-cpp/absl/strings/substitute.h +693 -0
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
- data/third_party/abseil-cpp/absl/time/format.cc +153 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1584 -0
- data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +48 -0
- data/third_party/abseil-cpp/absl/types/bad_optional_access.h +78 -0
- data/third_party/abseil-cpp/absl/types/internal/optional.h +396 -0
- data/third_party/abseil-cpp/absl/types/internal/span.h +128 -0
- data/third_party/abseil-cpp/absl/types/optional.h +776 -0
- data/third_party/abseil-cpp/absl/types/span.h +713 -0
- data/third_party/abseil-cpp/absl/utility/utility.h +350 -0
- data/third_party/boringssl-with-bazel/err_data.c +1439 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bitstr.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +123 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +195 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_gentm.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +88 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +420 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +305 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +286 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_octet.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_print.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +313 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +212 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_type.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utctm.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utf8.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +446 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_locl.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_par.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn_pack.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_enum.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_int.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_string.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_dec.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +664 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_fre.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_new.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_typ.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_utl.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/time_support.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +466 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +700 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio_mem.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +545 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +317 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/hexdump.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +488 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/printf.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +206 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +118 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/bn_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +470 -0
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +172 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/asn1_compat.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +265 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +719 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +688 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +96 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +155 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +184 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +45 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +143 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +152 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesccm.c +447 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +283 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +891 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +418 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_null.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc2.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc4.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +688 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +491 -0
- data/third_party/boringssl-with-bazel/src/crypto/cmac/cmac.c +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +810 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf_def.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-fuchsia.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-linux.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +220 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.h +201 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +291 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-ppc64le.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +226 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +2159 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +7872 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +146 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +539 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh/check.c +217 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +533 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh_asn1.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/params.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/digest_extra/digest_extra.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +980 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +574 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +95 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +425 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +124 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +267 -0
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +99 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +850 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +58 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/digestsign.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +443 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +388 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +484 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +269 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +273 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +286 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +255 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +221 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +648 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +194 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +110 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +248 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/pbkdf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/print.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +213 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/sign.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ex_data.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +238 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +236 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +106 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +263 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/add.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +445 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bytes.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +200 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +236 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +886 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +1288 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +378 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +325 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/generic.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +694 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/jacobi.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +502 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +186 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +749 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +1068 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +341 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +226 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +364 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/sqrt.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/aead.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +620 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +1302 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_des.c +237 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +128 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +89 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/des.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +271 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +296 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +268 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +1252 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +465 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +524 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +775 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +328 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +1178 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9497 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +632 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.h +153 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +736 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +175 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +357 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +270 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +255 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +270 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +122 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +328 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +32 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/hmac/hmac.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/is_fips.c +29 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +256 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +301 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +167 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +202 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +200 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +729 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +441 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +96 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/polyval.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +202 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +163 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +378 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +391 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +243 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +127 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +695 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +898 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +1358 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +654 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +53 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1-altivec.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +371 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +343 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +544 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/kdf.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hkdf/hkdf.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +2100 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +834 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +348 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +359 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +549 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +11585 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_xref.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +261 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +360 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +777 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +257 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +218 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_xaux.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +385 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +131 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +316 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +530 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1305 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/internal.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +305 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +856 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +45 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +220 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +52 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/forkunsafe.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +30 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/rand_extra.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +69 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rc4/rc4.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_c11.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +53 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +82 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +431 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +59 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +210 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +260 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1474 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +720 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_digest.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_sign.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +653 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +114 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/algorithm.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +842 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +458 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +275 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/charmap.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/i2d_pr.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/internal.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/rsa_pss.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +125 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +244 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +544 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509a.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/vpm_int.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_att.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +476 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_d2.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +103 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_ext.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +834 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +116 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +341 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +185 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +326 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +204 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_v3.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +2487 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +671 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +210 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +389 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509rset.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509spki.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_algor.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +399 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_attrib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_crl.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_exten.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_info.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_name.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pkey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pubkey.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_req.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_sig.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_spki.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_val.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +334 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509a.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +141 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +286 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_data.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_int.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_lib.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_map.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +189 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +842 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +207 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akeya.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +629 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bcons.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bitst.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +463 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +503 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_crld.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +100 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_extku.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +246 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ia5.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +218 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_int.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +371 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ncons.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +68 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +288 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcia.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcons.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pku.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pmaps.c +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_prn.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +843 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +155 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_sxnet.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1395 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +459 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +195 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/arm_arch.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +911 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1_mac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1t.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +575 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +190 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +933 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +93 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1057 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +137 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buffer.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +561 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +96 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/chacha.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +638 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +180 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +212 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +149 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +201 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/des.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +319 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +331 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +457 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dtls1.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +18 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +424 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +372 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +118 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +205 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +109 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +465 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1050 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ex_data.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hkdf.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +186 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +100 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/is_boringssl.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +282 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +108 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +109 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +175 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +4259 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +236 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj_mac.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/objects.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslconf.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslv.h +0 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ossl_typ.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +435 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs12.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +215 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +269 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +49 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +102 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +111 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rc4.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +108 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +818 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/safestack.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +294 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +37 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +199 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/srtp.h +0 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +5198 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +333 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +542 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +191 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +632 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +291 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +90 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1207 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +681 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +831 -0
- data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/bio_ssl.cc +0 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +837 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +268 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +273 -0
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +232 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +200 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +353 -0
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +675 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +703 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +1890 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1805 -0
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +3572 -0
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +724 -0
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +221 -0
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +458 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +432 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +856 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +306 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +1019 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +1718 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +585 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +397 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +3015 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +835 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +1333 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +230 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +277 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +394 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +1358 -0
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +365 -0
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +3870 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +689 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +1017 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +513 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +1096 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +317 -0
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +703 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +981 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +619 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3147 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1226 -0
- data/third_party/cares/cares/ares.h +12 -0
- data/third_party/cares/cares/ares_create_query.c +5 -1
- data/third_party/cares/cares/ares_data.c +74 -73
- data/third_party/cares/cares/ares_destroy.c +6 -1
- data/third_party/cares/cares/ares_gethostbyaddr.c +5 -5
- data/third_party/cares/cares/ares_gethostbyname.c +15 -4
- data/third_party/cares/cares/ares_getnameinfo.c +11 -0
- data/third_party/cares/cares/ares_init.c +274 -173
- data/third_party/cares/cares/ares_library_init.c +21 -3
- data/third_party/cares/cares/ares_options.c +6 -2
- data/third_party/cares/cares/ares_parse_naptr_reply.c +7 -6
- data/third_party/cares/cares/ares_parse_ptr_reply.c +4 -2
- data/third_party/cares/cares/ares_platform.c +7 -0
- data/third_party/cares/cares/ares_private.h +19 -11
- data/third_party/cares/cares/ares_process.c +27 -2
- data/third_party/cares/cares/ares_rules.h +1 -1
- data/third_party/cares/cares/ares_search.c +7 -0
- data/third_party/cares/cares/ares_send.c +6 -0
- data/third_party/cares/cares/ares_strsplit.c +174 -0
- data/third_party/cares/cares/ares_strsplit.h +43 -0
- data/third_party/cares/cares/ares_version.h +4 -4
- data/third_party/cares/cares/config-win32.h +1 -1
- data/third_party/cares/cares/inet_ntop.c +2 -3
- data/third_party/cares/config_darwin/ares_config.h +3 -0
- data/third_party/cares/config_freebsd/ares_config.h +3 -0
- data/third_party/cares/config_linux/ares_config.h +3 -0
- data/third_party/cares/config_openbsd/ares_config.h +3 -0
- data/third_party/upb/upb/decode.c +609 -0
- data/third_party/upb/upb/decode.h +21 -0
- data/third_party/upb/upb/encode.c +378 -0
- data/third_party/upb/upb/encode.h +21 -0
- data/third_party/upb/upb/generated_util.h +105 -0
- data/third_party/upb/upb/msg.c +111 -0
- data/third_party/upb/upb/msg.h +69 -0
- data/third_party/upb/upb/port.c +26 -0
- data/third_party/upb/upb/port_def.inc +150 -0
- data/third_party/upb/upb/port_undef.inc +21 -0
- data/third_party/upb/upb/table.c +913 -0
- data/third_party/upb/upb/table.int.h +507 -0
- data/third_party/upb/upb/upb.c +261 -0
- data/third_party/upb/upb/upb.h +364 -0
- metadata +968 -542
- data/src/boringssl/err_data.c +0 -1362
- data/src/core/ext/filters/client_channel/connector.cc +0 -41
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/google/protobuf/duration.pb.c +0 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/google/protobuf/duration.pb.h +0 -54
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/google/protobuf/timestamp.pb.c +0 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/google/protobuf/timestamp.pb.h +0 -54
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +0 -89
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +0 -164
- data/src/core/ext/filters/client_channel/lb_policy_factory.cc +0 -163
- data/src/core/ext/filters/client_channel/method_params.cc +0 -178
- data/src/core/ext/filters/client_channel/method_params.h +0 -78
- data/src/core/ext/filters/client_channel/proxy_mapper.cc +0 -48
- data/src/core/ext/filters/client_channel/subchannel_index.cc +0 -254
- data/src/core/ext/filters/client_channel/subchannel_index.h +0 -79
- data/src/core/ext/filters/client_channel/uri_parser.cc +0 -314
- data/src/core/ext/filters/client_channel/uri_parser.h +0 -50
- data/src/core/lib/channel/handshaker_factory.cc +0 -41
- data/src/core/lib/gpr/arena.cc +0 -145
- data/src/core/lib/gpr/host_port.cc +0 -98
- data/src/core/lib/gpr/host_port.h +0 -43
- data/src/core/lib/gpr/mpscq.cc +0 -117
- data/src/core/lib/gpr/mpscq.h +0 -86
- data/src/core/lib/gprpp/abstract.h +0 -37
- data/src/core/lib/gprpp/atomic_with_atm.h +0 -57
- data/src/core/lib/gprpp/atomic_with_std.h +0 -35
- data/src/core/lib/gprpp/inlined_vector.h +0 -186
- data/src/core/lib/gprpp/mutex_lock.h +0 -42
- data/src/core/lib/iomgr/ev_epollsig_linux.cc +0 -1743
- data/src/core/lib/iomgr/ev_epollsig_linux.h +0 -35
- data/src/core/lib/iomgr/network_status_tracker.cc +0 -36
- data/src/core/lib/iomgr/network_status_tracker.h +0 -32
- data/src/core/lib/iomgr/wakeup_fd_cv.cc +0 -107
- data/src/core/lib/iomgr/wakeup_fd_cv.h +0 -69
- data/src/core/lib/json/json.cc +0 -97
- data/src/core/lib/json/json_common.h +0 -34
- data/src/core/lib/json/json_reader.h +0 -146
- data/src/core/lib/json/json_string.cc +0 -367
- data/src/core/lib/json/json_writer.h +0 -84
- data/src/core/lib/security/security_connector/alts_security_connector.cc +0 -288
- data/src/core/lib/security/security_connector/alts_security_connector.h +0 -69
- data/src/core/lib/security/security_connector/local_security_connector.cc +0 -245
- data/src/core/lib/security/security_connector/local_security_connector.h +0 -58
- data/src/core/lib/transport/service_config.cc +0 -106
- data/src/core/lib/transport/service_config.h +0 -249
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.cc +0 -520
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api.h +0 -323
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.cc +0 -143
- data/src/core/tsi/alts/handshaker/alts_handshaker_service_api_util.h +0 -149
- data/src/core/tsi/alts/handshaker/alts_tsi_event.cc +0 -73
- data/src/core/tsi/alts/handshaker/alts_tsi_event.h +0 -93
- data/src/core/tsi/alts/handshaker/altscontext.pb.c +0 -47
- data/src/core/tsi/alts/handshaker/altscontext.pb.h +0 -63
- data/src/core/tsi/alts/handshaker/handshaker.pb.c +0 -122
- data/src/core/tsi/alts/handshaker/handshaker.pb.h +0 -254
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.c +0 -49
- data/src/core/tsi/alts/handshaker/transport_security_common.pb.h +0 -78
- data/src/core/tsi/alts_transport_security.cc +0 -63
- data/src/core/tsi/alts_transport_security.h +0 -47
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3006
- data/third_party/boringssl/crypto/asn1/a_bool.c +0 -110
- data/third_party/boringssl/crypto/asn1/a_d2i_fp.c +0 -297
- data/third_party/boringssl/crypto/asn1/a_dup.c +0 -111
- data/third_party/boringssl/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl/crypto/asn1/a_i2d_fp.c +0 -150
- data/third_party/boringssl/crypto/asn1/a_int.c +0 -479
- data/third_party/boringssl/crypto/asn1/a_mbstr.c +0 -411
- data/third_party/boringssl/crypto/asn1/a_object.c +0 -275
- data/third_party/boringssl/crypto/asn1/a_strnid.c +0 -312
- data/third_party/boringssl/crypto/asn1/a_time.c +0 -213
- data/third_party/boringssl/crypto/asn1/asn1_lib.c +0 -442
- data/third_party/boringssl/crypto/asn1/tasn_enc.c +0 -662
- data/third_party/boringssl/crypto/base64/base64.c +0 -466
- data/third_party/boringssl/crypto/bio/bio.c +0 -636
- data/third_party/boringssl/crypto/bio/connect.c +0 -542
- data/third_party/boringssl/crypto/bio/fd.c +0 -276
- data/third_party/boringssl/crypto/bio/file.c +0 -315
- data/third_party/boringssl/crypto/bio/pair.c +0 -489
- data/third_party/boringssl/crypto/bio/socket.c +0 -202
- data/third_party/boringssl/crypto/bio/socket_helper.c +0 -114
- data/third_party/boringssl/crypto/bn_extra/convert.c +0 -466
- data/third_party/boringssl/crypto/buf/buf.c +0 -231
- data/third_party/boringssl/crypto/bytestring/ber.c +0 -261
- data/third_party/boringssl/crypto/bytestring/cbb.c +0 -668
- data/third_party/boringssl/crypto/bytestring/cbs.c +0 -618
- data/third_party/boringssl/crypto/bytestring/internal.h +0 -75
- data/third_party/boringssl/crypto/chacha/chacha.c +0 -167
- data/third_party/boringssl/crypto/cipher_extra/cipher_extra.c +0 -114
- data/third_party/boringssl/crypto/cipher_extra/derive_key.c +0 -152
- data/third_party/boringssl/crypto/cipher_extra/e_aesccm.c +0 -203
- data/third_party/boringssl/crypto/cipher_extra/e_aesctrhmac.c +0 -281
- data/third_party/boringssl/crypto/cipher_extra/e_aesgcmsiv.c +0 -867
- data/third_party/boringssl/crypto/cipher_extra/e_chacha20poly1305.c +0 -326
- data/third_party/boringssl/crypto/cipher_extra/e_ssl3.c +0 -460
- data/third_party/boringssl/crypto/cipher_extra/e_tls.c +0 -680
- data/third_party/boringssl/crypto/cipher_extra/tls_cbc.c +0 -482
- data/third_party/boringssl/crypto/cmac/cmac.c +0 -241
- data/third_party/boringssl/crypto/conf/conf.c +0 -803
- data/third_party/boringssl/crypto/cpu-arm-linux.c +0 -363
- data/third_party/boringssl/crypto/cpu-intel.c +0 -288
- data/third_party/boringssl/crypto/crypto.c +0 -198
- data/third_party/boringssl/crypto/curve25519/spake25519.c +0 -539
- data/third_party/boringssl/crypto/dh/check.c +0 -217
- data/third_party/boringssl/crypto/dh/dh.c +0 -519
- data/third_party/boringssl/crypto/dsa/dsa.c +0 -946
- data/third_party/boringssl/crypto/ec_extra/ec_asn1.c +0 -562
- data/third_party/boringssl/crypto/ecdh/ecdh.c +0 -162
- data/third_party/boringssl/crypto/ecdsa_extra/ecdsa_asn1.c +0 -275
- data/third_party/boringssl/crypto/engine/engine.c +0 -98
- data/third_party/boringssl/crypto/err/err.c +0 -847
- data/third_party/boringssl/crypto/err/internal.h +0 -58
- data/third_party/boringssl/crypto/evp/evp.c +0 -362
- data/third_party/boringssl/crypto/evp/evp_asn1.c +0 -337
- data/third_party/boringssl/crypto/evp/evp_ctx.c +0 -446
- data/third_party/boringssl/crypto/evp/internal.h +0 -252
- data/third_party/boringssl/crypto/evp/p_dsa_asn1.c +0 -268
- data/third_party/boringssl/crypto/evp/p_ec.c +0 -239
- data/third_party/boringssl/crypto/evp/p_ec_asn1.c +0 -256
- data/third_party/boringssl/crypto/evp/p_ed25519.c +0 -71
- data/third_party/boringssl/crypto/evp/p_ed25519_asn1.c +0 -190
- data/third_party/boringssl/crypto/evp/p_rsa.c +0 -634
- data/third_party/boringssl/crypto/evp/p_rsa_asn1.c +0 -189
- data/third_party/boringssl/crypto/evp/scrypt.c +0 -209
- data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +0 -1100
- data/third_party/boringssl/crypto/fipsmodule/aes/internal.h +0 -100
- data/third_party/boringssl/crypto/fipsmodule/aes/key_wrap.c +0 -138
- data/third_party/boringssl/crypto/fipsmodule/aes/mode_wrappers.c +0 -112
- data/third_party/boringssl/crypto/fipsmodule/bcm.c +0 -148
- data/third_party/boringssl/crypto/fipsmodule/bn/bn.c +0 -428
- data/third_party/boringssl/crypto/fipsmodule/bn/cmp.c +0 -200
- data/third_party/boringssl/crypto/fipsmodule/bn/ctx.c +0 -303
- data/third_party/boringssl/crypto/fipsmodule/bn/div.c +0 -895
- data/third_party/boringssl/crypto/fipsmodule/bn/exponentiation.c +0 -1356
- data/third_party/boringssl/crypto/fipsmodule/bn/gcd.c +0 -683
- data/third_party/boringssl/crypto/fipsmodule/bn/internal.h +0 -573
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery.c +0 -526
- data/third_party/boringssl/crypto/fipsmodule/bn/montgomery_inv.c +0 -185
- data/third_party/boringssl/crypto/fipsmodule/bn/mul.c +0 -876
- data/third_party/boringssl/crypto/fipsmodule/bn/prime.c +0 -1154
- data/third_party/boringssl/crypto/fipsmodule/bn/random.c +0 -351
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.c +0 -231
- data/third_party/boringssl/crypto/fipsmodule/bn/rsaz_exp.h +0 -33
- data/third_party/boringssl/crypto/fipsmodule/bn/shift.c +0 -364
- data/third_party/boringssl/crypto/fipsmodule/cipher/cipher.c +0 -615
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_aes.c +0 -1437
- data/third_party/boringssl/crypto/fipsmodule/cipher/e_des.c +0 -233
- data/third_party/boringssl/crypto/fipsmodule/cipher/internal.h +0 -129
- data/third_party/boringssl/crypto/fipsmodule/delocate.h +0 -88
- data/third_party/boringssl/crypto/fipsmodule/digest/digest.c +0 -256
- data/third_party/boringssl/crypto/fipsmodule/digest/digests.c +0 -280
- data/third_party/boringssl/crypto/fipsmodule/digest/md32_common.h +0 -268
- data/third_party/boringssl/crypto/fipsmodule/ec/ec.c +0 -974
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_key.c +0 -453
- data/third_party/boringssl/crypto/fipsmodule/ec/ec_montgomery.c +0 -270
- data/third_party/boringssl/crypto/fipsmodule/ec/internal.h +0 -337
- data/third_party/boringssl/crypto/fipsmodule/ec/oct.c +0 -373
- data/third_party/boringssl/crypto/fipsmodule/ec/p224-64.c +0 -1104
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -9503
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.c +0 -447
- data/third_party/boringssl/crypto/fipsmodule/ec/p256-x86_64.h +0 -117
- data/third_party/boringssl/crypto/fipsmodule/ec/simple.c +0 -1046
- data/third_party/boringssl/crypto/fipsmodule/ec/util.c +0 -104
- data/third_party/boringssl/crypto/fipsmodule/ec/wnaf.c +0 -354
- data/third_party/boringssl/crypto/fipsmodule/ecdsa/ecdsa.c +0 -458
- data/third_party/boringssl/crypto/fipsmodule/is_fips.c +0 -27
- data/third_party/boringssl/crypto/fipsmodule/md4/md4.c +0 -254
- data/third_party/boringssl/crypto/fipsmodule/md5/md5.c +0 -298
- data/third_party/boringssl/crypto/fipsmodule/modes/cbc.c +0 -211
- data/third_party/boringssl/crypto/fipsmodule/modes/ccm.c +0 -256
- data/third_party/boringssl/crypto/fipsmodule/modes/cfb.c +0 -234
- data/third_party/boringssl/crypto/fipsmodule/modes/ctr.c +0 -220
- data/third_party/boringssl/crypto/fipsmodule/modes/gcm.c +0 -1063
- data/third_party/boringssl/crypto/fipsmodule/modes/internal.h +0 -388
- data/third_party/boringssl/crypto/fipsmodule/modes/ofb.c +0 -95
- data/third_party/boringssl/crypto/fipsmodule/rand/ctrdrbg.c +0 -202
- data/third_party/boringssl/crypto/fipsmodule/rand/internal.h +0 -92
- data/third_party/boringssl/crypto/fipsmodule/rand/rand.c +0 -358
- data/third_party/boringssl/crypto/fipsmodule/rand/urandom.c +0 -302
- data/third_party/boringssl/crypto/fipsmodule/rsa/blinding.c +0 -239
- data/third_party/boringssl/crypto/fipsmodule/rsa/internal.h +0 -126
- data/third_party/boringssl/crypto/fipsmodule/rsa/padding.c +0 -692
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa.c +0 -875
- data/third_party/boringssl/crypto/fipsmodule/rsa/rsa_impl.c +0 -1218
- data/third_party/boringssl/crypto/fipsmodule/self_check/self_check.c +0 -581
- data/third_party/boringssl/crypto/fipsmodule/sha/sha1.c +0 -375
- data/third_party/boringssl/crypto/fipsmodule/sha/sha256.c +0 -337
- data/third_party/boringssl/crypto/fipsmodule/sha/sha512.c +0 -608
- data/third_party/boringssl/crypto/internal.h +0 -739
- data/third_party/boringssl/crypto/lhash/lhash.c +0 -336
- data/third_party/boringssl/crypto/mem.c +0 -235
- data/third_party/boringssl/crypto/obj/obj.c +0 -554
- data/third_party/boringssl/crypto/obj/obj_dat.h +0 -6244
- data/third_party/boringssl/crypto/pem/pem_all.c +0 -262
- data/third_party/boringssl/crypto/pem/pem_info.c +0 -379
- data/third_party/boringssl/crypto/pem/pem_lib.c +0 -776
- data/third_party/boringssl/crypto/pem/pem_oth.c +0 -88
- data/third_party/boringssl/crypto/pem/pem_pk8.c +0 -258
- data/third_party/boringssl/crypto/pem/pem_pkey.c +0 -227
- data/third_party/boringssl/crypto/pkcs7/pkcs7.c +0 -166
- data/third_party/boringssl/crypto/pkcs7/pkcs7_x509.c +0 -233
- data/third_party/boringssl/crypto/pkcs8/internal.h +0 -120
- data/third_party/boringssl/crypto/pkcs8/p5_pbev2.c +0 -307
- data/third_party/boringssl/crypto/pkcs8/pkcs8.c +0 -513
- data/third_party/boringssl/crypto/pkcs8/pkcs8_x509.c +0 -789
- data/third_party/boringssl/crypto/poly1305/poly1305.c +0 -318
- data/third_party/boringssl/crypto/poly1305/poly1305_arm.c +0 -304
- data/third_party/boringssl/crypto/poly1305/poly1305_vec.c +0 -839
- data/third_party/boringssl/crypto/pool/internal.h +0 -45
- data/third_party/boringssl/crypto/pool/pool.c +0 -200
- data/third_party/boringssl/crypto/rand_extra/deterministic.c +0 -48
- data/third_party/boringssl/crypto/rand_extra/fuchsia.c +0 -43
- data/third_party/boringssl/crypto/rand_extra/windows.c +0 -53
- data/third_party/boringssl/crypto/refcount_lock.c +0 -53
- data/third_party/boringssl/crypto/stack/stack.c +0 -380
- data/third_party/boringssl/crypto/thread_none.c +0 -59
- data/third_party/boringssl/crypto/thread_pthread.c +0 -206
- data/third_party/boringssl/crypto/thread_win.c +0 -237
- data/third_party/boringssl/crypto/x509/a_strex.c +0 -633
- data/third_party/boringssl/crypto/x509/a_verify.c +0 -115
- data/third_party/boringssl/crypto/x509/asn1_gen.c +0 -841
- data/third_party/boringssl/crypto/x509/by_dir.c +0 -451
- data/third_party/boringssl/crypto/x509/by_file.c +0 -274
- data/third_party/boringssl/crypto/x509/t_crl.c +0 -128
- data/third_party/boringssl/crypto/x509/t_req.c +0 -246
- data/third_party/boringssl/crypto/x509/t_x509.c +0 -547
- data/third_party/boringssl/crypto/x509/x509_cmp.c +0 -477
- data/third_party/boringssl/crypto/x509/x509_def.c +0 -103
- data/third_party/boringssl/crypto/x509/x509_lu.c +0 -725
- data/third_party/boringssl/crypto/x509/x509_obj.c +0 -198
- data/third_party/boringssl/crypto/x509/x509_r2x.c +0 -117
- data/third_party/boringssl/crypto/x509/x509_req.c +0 -322
- data/third_party/boringssl/crypto/x509/x509_set.c +0 -164
- data/third_party/boringssl/crypto/x509/x509_trs.c +0 -326
- data/third_party/boringssl/crypto/x509/x509_txt.c +0 -205
- data/third_party/boringssl/crypto/x509/x509_vfy.c +0 -2476
- data/third_party/boringssl/crypto/x509/x509_vpm.c +0 -670
- data/third_party/boringssl/crypto/x509/x509cset.c +0 -170
- data/third_party/boringssl/crypto/x509/x509name.c +0 -389
- data/third_party/boringssl/crypto/x509/x_all.c +0 -501
- data/third_party/boringssl/crypto/x509/x_x509.c +0 -328
- data/third_party/boringssl/crypto/x509v3/ext_dat.h +0 -143
- data/third_party/boringssl/crypto/x509v3/pcy_cache.c +0 -284
- data/third_party/boringssl/crypto/x509v3/pcy_node.c +0 -188
- data/third_party/boringssl/crypto/x509v3/pcy_tree.c +0 -840
- data/third_party/boringssl/crypto/x509v3/v3_akey.c +0 -204
- data/third_party/boringssl/crypto/x509v3/v3_alt.c +0 -623
- data/third_party/boringssl/crypto/x509v3/v3_conf.c +0 -462
- data/third_party/boringssl/crypto/x509v3/v3_cpols.c +0 -502
- data/third_party/boringssl/crypto/x509v3/v3_enum.c +0 -100
- data/third_party/boringssl/crypto/x509v3/v3_genn.c +0 -251
- data/third_party/boringssl/crypto/x509v3/v3_info.c +0 -219
- data/third_party/boringssl/crypto/x509v3/v3_lib.c +0 -370
- data/third_party/boringssl/crypto/x509v3/v3_pci.c +0 -287
- data/third_party/boringssl/crypto/x509v3/v3_purp.c +0 -866
- data/third_party/boringssl/crypto/x509v3/v3_skey.c +0 -152
- data/third_party/boringssl/crypto/x509v3/v3_utl.c +0 -1352
- data/third_party/boringssl/include/openssl/aead.h +0 -433
- data/third_party/boringssl/include/openssl/aes.h +0 -170
- data/third_party/boringssl/include/openssl/asn1.h +0 -981
- data/third_party/boringssl/include/openssl/base.h +0 -457
- data/third_party/boringssl/include/openssl/base64.h +0 -187
- data/third_party/boringssl/include/openssl/bio.h +0 -902
- data/third_party/boringssl/include/openssl/blowfish.h +0 -93
- data/third_party/boringssl/include/openssl/bn.h +0 -1019
- data/third_party/boringssl/include/openssl/buf.h +0 -137
- data/third_party/boringssl/include/openssl/bytestring.h +0 -505
- data/third_party/boringssl/include/openssl/cast.h +0 -96
- data/third_party/boringssl/include/openssl/cipher.h +0 -608
- data/third_party/boringssl/include/openssl/cmac.h +0 -87
- data/third_party/boringssl/include/openssl/conf.h +0 -183
- data/third_party/boringssl/include/openssl/cpu.h +0 -196
- data/third_party/boringssl/include/openssl/crypto.h +0 -122
- data/third_party/boringssl/include/openssl/curve25519.h +0 -201
- data/third_party/boringssl/include/openssl/dh.h +0 -298
- data/third_party/boringssl/include/openssl/digest.h +0 -316
- data/third_party/boringssl/include/openssl/dsa.h +0 -435
- data/third_party/boringssl/include/openssl/ec.h +0 -413
- data/third_party/boringssl/include/openssl/ec_key.h +0 -342
- data/third_party/boringssl/include/openssl/ecdh.h +0 -101
- data/third_party/boringssl/include/openssl/ecdsa.h +0 -199
- data/third_party/boringssl/include/openssl/engine.h +0 -109
- data/third_party/boringssl/include/openssl/err.h +0 -458
- data/third_party/boringssl/include/openssl/evp.h +0 -873
- data/third_party/boringssl/include/openssl/hmac.h +0 -186
- data/third_party/boringssl/include/openssl/lhash.h +0 -174
- data/third_party/boringssl/include/openssl/lhash_macros.h +0 -174
- data/third_party/boringssl/include/openssl/md4.h +0 -106
- data/third_party/boringssl/include/openssl/md5.h +0 -107
- data/third_party/boringssl/include/openssl/mem.h +0 -156
- data/third_party/boringssl/include/openssl/nid.h +0 -4242
- data/third_party/boringssl/include/openssl/obj.h +0 -233
- data/third_party/boringssl/include/openssl/pem.h +0 -397
- data/third_party/boringssl/include/openssl/pkcs7.h +0 -82
- data/third_party/boringssl/include/openssl/pkcs8.h +0 -230
- data/third_party/boringssl/include/openssl/poly1305.h +0 -51
- data/third_party/boringssl/include/openssl/pool.h +0 -91
- data/third_party/boringssl/include/openssl/rand.h +0 -125
- data/third_party/boringssl/include/openssl/ripemd.h +0 -107
- data/third_party/boringssl/include/openssl/rsa.h +0 -756
- data/third_party/boringssl/include/openssl/sha.h +0 -256
- data/third_party/boringssl/include/openssl/span.h +0 -191
- data/third_party/boringssl/include/openssl/ssl.h +0 -4740
- data/third_party/boringssl/include/openssl/ssl3.h +0 -332
- data/third_party/boringssl/include/openssl/stack.h +0 -485
- data/third_party/boringssl/include/openssl/thread.h +0 -191
- data/third_party/boringssl/include/openssl/tls1.h +0 -618
- data/third_party/boringssl/include/openssl/type_check.h +0 -91
- data/third_party/boringssl/include/openssl/x509.h +0 -1180
- data/third_party/boringssl/include/openssl/x509_vfy.h +0 -614
- data/third_party/boringssl/include/openssl/x509v3.h +0 -827
- data/third_party/boringssl/ssl/custom_extensions.cc +0 -265
- data/third_party/boringssl/ssl/d1_both.cc +0 -851
- data/third_party/boringssl/ssl/d1_lib.cc +0 -267
- data/third_party/boringssl/ssl/d1_pkt.cc +0 -274
- data/third_party/boringssl/ssl/d1_srtp.cc +0 -232
- data/third_party/boringssl/ssl/dtls_method.cc +0 -193
- data/third_party/boringssl/ssl/dtls_record.cc +0 -353
- data/third_party/boringssl/ssl/handoff.cc +0 -285
- data/third_party/boringssl/ssl/handshake.cc +0 -630
- data/third_party/boringssl/ssl/handshake_client.cc +0 -1842
- data/third_party/boringssl/ssl/handshake_server.cc +0 -1674
- data/third_party/boringssl/ssl/internal.h +0 -3064
- data/third_party/boringssl/ssl/s3_both.cc +0 -585
- data/third_party/boringssl/ssl/s3_lib.cc +0 -226
- data/third_party/boringssl/ssl/s3_pkt.cc +0 -425
- data/third_party/boringssl/ssl/ssl_aead_ctx.cc +0 -412
- data/third_party/boringssl/ssl/ssl_asn1.cc +0 -844
- data/third_party/boringssl/ssl/ssl_buffer.cc +0 -286
- data/third_party/boringssl/ssl/ssl_cert.cc +0 -913
- data/third_party/boringssl/ssl/ssl_cipher.cc +0 -1781
- data/third_party/boringssl/ssl/ssl_file.cc +0 -583
- data/third_party/boringssl/ssl/ssl_key_share.cc +0 -252
- data/third_party/boringssl/ssl/ssl_lib.cc +0 -2719
- data/third_party/boringssl/ssl/ssl_privkey.cc +0 -494
- data/third_party/boringssl/ssl/ssl_session.cc +0 -1221
- data/third_party/boringssl/ssl/ssl_stat.cc +0 -224
- data/third_party/boringssl/ssl/ssl_transcript.cc +0 -398
- data/third_party/boringssl/ssl/ssl_versions.cc +0 -399
- data/third_party/boringssl/ssl/ssl_x509.cc +0 -1297
- data/third_party/boringssl/ssl/t1_enc.cc +0 -452
- data/third_party/boringssl/ssl/t1_lib.cc +0 -3783
- data/third_party/boringssl/ssl/tls13_both.cc +0 -559
- data/third_party/boringssl/ssl/tls13_client.cc +0 -891
- data/third_party/boringssl/ssl/tls13_enc.cc +0 -493
- data/third_party/boringssl/ssl/tls13_server.cc +0 -1022
- data/third_party/boringssl/ssl/tls_method.cc +0 -274
- data/third_party/boringssl/ssl/tls_record.cc +0 -703
- data/third_party/boringssl/third_party/fiat/curve25519.c +0 -3230
- data/third_party/boringssl/third_party/fiat/curve25519_tables.h +0 -7880
- data/third_party/boringssl/third_party/fiat/internal.h +0 -154
- data/third_party/boringssl/third_party/fiat/p256.c +0 -1824
- data/third_party/nanopb/pb.h +0 -579
- data/third_party/nanopb/pb_common.c +0 -97
- data/third_party/nanopb/pb_common.h +0 -42
- data/third_party/nanopb/pb_decode.c +0 -1347
- data/third_party/nanopb/pb_decode.h +0 -149
- data/third_party/nanopb/pb_encode.c +0 -696
- data/third_party/nanopb/pb_encode.h +0 -154
data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc
CHANGED
@@ -61,7 +61,7 @@ static tsi_result alts_grpc_privacy_integrity_protect(
|
|
61
61
|
if (status != GRPC_STATUS_OK) {
|
62
62
|
gpr_log(GPR_ERROR, "Failed to protect, %s", error_details);
|
63
63
|
gpr_free(error_details);
|
64
|
-
|
64
|
+
grpc_slice_unref_internal(protected_slice);
|
65
65
|
return TSI_INTERNAL_ERROR;
|
66
66
|
}
|
67
67
|
grpc_slice_buffer_add(protected_slices, protected_slice);
|
@@ -106,7 +106,7 @@ static tsi_result alts_grpc_privacy_integrity_unprotect(
|
|
106
106
|
if (status != GRPC_STATUS_OK) {
|
107
107
|
gpr_log(GPR_ERROR, "Failed to unprotect, %s", error_details);
|
108
108
|
gpr_free(error_details);
|
109
|
-
|
109
|
+
grpc_slice_unref_internal(unprotected_slice);
|
110
110
|
return TSI_INTERNAL_ERROR;
|
111
111
|
}
|
112
112
|
grpc_slice_buffer_reset_and_unref_internal(&rp->header_sb);
|
@@ -31,7 +31,7 @@
|
|
31
31
|
#include "src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h"
|
32
32
|
|
33
33
|
/* V-table for alts_grpc_record_protocol implementations. */
|
34
|
-
|
34
|
+
struct alts_grpc_record_protocol_vtable {
|
35
35
|
tsi_result (*protect)(alts_grpc_record_protocol* self,
|
36
36
|
grpc_slice_buffer* unprotected_slices,
|
37
37
|
grpc_slice_buffer* protected_slices);
|
@@ -39,8 +39,7 @@ typedef struct {
|
|
39
39
|
grpc_slice_buffer* protected_slices,
|
40
40
|
grpc_slice_buffer* unprotected_slices);
|
41
41
|
void (*destruct)(alts_grpc_record_protocol* self);
|
42
|
-
}
|
43
|
-
|
42
|
+
};
|
44
43
|
/* Main struct for alts_grpc_record_protocol implementation, shared by both
|
45
44
|
* integrity-only record protocol and privacy-integrity record protocol.
|
46
45
|
* Integrity-only record protocol has additional data elements.
|
@@ -37,7 +37,7 @@
|
|
37
37
|
|
38
38
|
constexpr size_t kMinFrameLength = 1024;
|
39
39
|
constexpr size_t kDefaultFrameLength = 16 * 1024;
|
40
|
-
constexpr size_t kMaxFrameLength = 1024 * 1024;
|
40
|
+
constexpr size_t kMaxFrameLength = 16 * 1024 * 1024;
|
41
41
|
|
42
42
|
/**
|
43
43
|
* Main struct for alts_zero_copy_grpc_protector.
|
@@ -105,7 +105,7 @@ static bool read_frame_size(const grpc_slice_buffer* sb,
|
|
105
105
|
* Creates an alts_grpc_record_protocol object, given key, key size, and flags
|
106
106
|
* to indicate whether the record_protocol object uses the rekeying AEAD,
|
107
107
|
* whether the object is for client or server, whether the object is for
|
108
|
-
* integrity-only or privacy-integrity mode, and whether the object is
|
108
|
+
* integrity-only or privacy-integrity mode, and whether the object is used
|
109
109
|
* for protect or unprotect.
|
110
110
|
*/
|
111
111
|
static tsi_result create_alts_grpc_record_protocol(
|
@@ -233,11 +233,21 @@ static void alts_zero_copy_grpc_protector_destroy(
|
|
233
233
|
gpr_free(protector);
|
234
234
|
}
|
235
235
|
|
236
|
+
static tsi_result alts_zero_copy_grpc_protector_max_frame_size(
|
237
|
+
tsi_zero_copy_grpc_protector* self, size_t* max_frame_size) {
|
238
|
+
if (self == nullptr || max_frame_size == nullptr) return TSI_INVALID_ARGUMENT;
|
239
|
+
alts_zero_copy_grpc_protector* protector =
|
240
|
+
reinterpret_cast<alts_zero_copy_grpc_protector*>(self);
|
241
|
+
*max_frame_size = protector->max_protected_frame_size;
|
242
|
+
return TSI_OK;
|
243
|
+
}
|
244
|
+
|
236
245
|
static const tsi_zero_copy_grpc_protector_vtable
|
237
246
|
alts_zero_copy_grpc_protector_vtable = {
|
238
247
|
alts_zero_copy_grpc_protector_protect,
|
239
248
|
alts_zero_copy_grpc_protector_unprotect,
|
240
|
-
alts_zero_copy_grpc_protector_destroy
|
249
|
+
alts_zero_copy_grpc_protector_destroy,
|
250
|
+
alts_zero_copy_grpc_protector_max_frame_size};
|
241
251
|
|
242
252
|
tsi_result alts_zero_copy_grpc_protector_create(
|
243
253
|
const uint8_t* key, size_t key_size, bool is_rekey, bool is_client,
|
@@ -42,14 +42,13 @@
|
|
42
42
|
| size | data |
|
43
43
|
where the size field value is the size of the size field plus the size of
|
44
44
|
the data encoded in little endian on 4 bytes. */
|
45
|
-
|
45
|
+
struct tsi_fake_frame {
|
46
46
|
unsigned char* data;
|
47
47
|
size_t size;
|
48
48
|
size_t allocated_size;
|
49
49
|
size_t offset;
|
50
50
|
int needs_draining;
|
51
|
-
}
|
52
|
-
|
51
|
+
};
|
53
52
|
typedef enum {
|
54
53
|
TSI_FAKE_CLIENT_INIT = 0,
|
55
54
|
TSI_FAKE_SERVER_INIT = 1,
|
@@ -58,7 +57,7 @@ typedef enum {
|
|
58
57
|
TSI_FAKE_HANDSHAKE_MESSAGE_MAX = 4
|
59
58
|
} tsi_fake_handshake_message;
|
60
59
|
|
61
|
-
|
60
|
+
struct tsi_fake_handshaker {
|
62
61
|
tsi_handshaker base;
|
63
62
|
int is_client;
|
64
63
|
tsi_fake_handshake_message next_message_to_send;
|
@@ -68,23 +67,20 @@ typedef struct {
|
|
68
67
|
unsigned char* outgoing_bytes_buffer;
|
69
68
|
size_t outgoing_bytes_buffer_size;
|
70
69
|
tsi_result result;
|
71
|
-
}
|
72
|
-
|
73
|
-
typedef struct {
|
70
|
+
};
|
71
|
+
struct tsi_fake_frame_protector {
|
74
72
|
tsi_frame_protector base;
|
75
73
|
tsi_fake_frame protect_frame;
|
76
74
|
tsi_fake_frame unprotect_frame;
|
77
75
|
size_t max_frame_size;
|
78
|
-
}
|
79
|
-
|
80
|
-
typedef struct {
|
76
|
+
};
|
77
|
+
struct tsi_fake_zero_copy_grpc_protector {
|
81
78
|
tsi_zero_copy_grpc_protector base;
|
82
79
|
grpc_slice_buffer header_sb;
|
83
80
|
grpc_slice_buffer protected_sb;
|
84
81
|
size_t max_frame_size;
|
85
82
|
size_t parsed_frame_size;
|
86
|
-
}
|
87
|
-
|
83
|
+
};
|
88
84
|
/* --- Utils. ---*/
|
89
85
|
|
90
86
|
static const char* tsi_fake_handshake_message_strings[] = {
|
@@ -483,30 +479,35 @@ static const tsi_zero_copy_grpc_protector_vtable
|
|
483
479
|
fake_zero_copy_grpc_protector_protect,
|
484
480
|
fake_zero_copy_grpc_protector_unprotect,
|
485
481
|
fake_zero_copy_grpc_protector_destroy,
|
482
|
+
nullptr /* fake_zero_copy_grpc_protector_max_frame_size */
|
486
483
|
};
|
487
484
|
|
488
485
|
/* --- tsi_handshaker_result methods implementation. ---*/
|
489
486
|
|
490
|
-
|
487
|
+
struct fake_handshaker_result {
|
491
488
|
tsi_handshaker_result base;
|
492
489
|
unsigned char* unused_bytes;
|
493
490
|
size_t unused_bytes_size;
|
494
|
-
}
|
495
|
-
|
491
|
+
};
|
496
492
|
static tsi_result fake_handshaker_result_extract_peer(
|
497
493
|
const tsi_handshaker_result* self, tsi_peer* peer) {
|
498
|
-
/* Construct a tsi_peer with 1 property: certificate type. */
|
499
|
-
tsi_result result = tsi_construct_peer(
|
494
|
+
/* Construct a tsi_peer with 1 property: certificate type, security_level. */
|
495
|
+
tsi_result result = tsi_construct_peer(2, peer);
|
500
496
|
if (result != TSI_OK) return result;
|
501
497
|
result = tsi_construct_string_peer_property_from_cstring(
|
502
498
|
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_FAKE_CERTIFICATE_TYPE,
|
503
499
|
&peer->properties[0]);
|
504
500
|
if (result != TSI_OK) tsi_peer_destruct(peer);
|
501
|
+
result = tsi_construct_string_peer_property_from_cstring(
|
502
|
+
TSI_SECURITY_LEVEL_PEER_PROPERTY,
|
503
|
+
tsi_security_level_to_string(TSI_SECURITY_NONE), &peer->properties[1]);
|
504
|
+
if (result != TSI_OK) tsi_peer_destruct(peer);
|
505
505
|
return result;
|
506
506
|
}
|
507
507
|
|
508
508
|
static tsi_result fake_handshaker_result_create_zero_copy_grpc_protector(
|
509
|
-
const tsi_handshaker_result* self
|
509
|
+
const tsi_handshaker_result* /*self*/,
|
510
|
+
size_t* max_output_protected_frame_size,
|
510
511
|
tsi_zero_copy_grpc_protector** protector) {
|
511
512
|
*protector =
|
512
513
|
tsi_create_fake_zero_copy_grpc_protector(max_output_protected_frame_size);
|
@@ -514,8 +515,8 @@ static tsi_result fake_handshaker_result_create_zero_copy_grpc_protector(
|
|
514
515
|
}
|
515
516
|
|
516
517
|
static tsi_result fake_handshaker_result_create_frame_protector(
|
517
|
-
const tsi_handshaker_result* self
|
518
|
-
tsi_frame_protector** protector) {
|
518
|
+
const tsi_handshaker_result* /*self*/,
|
519
|
+
size_t* max_output_protected_frame_size, tsi_frame_protector** protector) {
|
519
520
|
*protector = tsi_create_fake_frame_protector(max_output_protected_frame_size);
|
520
521
|
return TSI_OK;
|
521
522
|
}
|
@@ -585,7 +586,7 @@ static tsi_result fake_handshaker_get_bytes_to_send_to_peer(
|
|
585
586
|
if (next_message_to_send > TSI_FAKE_HANDSHAKE_MESSAGE_MAX) {
|
586
587
|
next_message_to_send = TSI_FAKE_HANDSHAKE_MESSAGE_MAX;
|
587
588
|
}
|
588
|
-
if (tsi_tracing_enabled
|
589
|
+
if (GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
589
590
|
gpr_log(GPR_INFO, "%s prepared %s.",
|
590
591
|
impl->is_client ? "Client" : "Server",
|
591
592
|
tsi_fake_handshake_message_to_string(impl->next_message_to_send));
|
@@ -597,7 +598,7 @@ static tsi_result fake_handshaker_get_bytes_to_send_to_peer(
|
|
597
598
|
if (!impl->is_client &&
|
598
599
|
impl->next_message_to_send == TSI_FAKE_HANDSHAKE_MESSAGE_MAX) {
|
599
600
|
/* We're done. */
|
600
|
-
if (tsi_tracing_enabled
|
601
|
+
if (GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
601
602
|
gpr_log(GPR_INFO, "Server is done.");
|
602
603
|
}
|
603
604
|
impl->result = TSI_OK;
|
@@ -636,7 +637,7 @@ static tsi_result fake_handshaker_process_bytes_from_peer(
|
|
636
637
|
tsi_fake_handshake_message_to_string(received_msg),
|
637
638
|
tsi_fake_handshake_message_to_string(expected_msg));
|
638
639
|
}
|
639
|
-
if (tsi_tracing_enabled
|
640
|
+
if (GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
640
641
|
gpr_log(GPR_INFO, "%s received %s.", impl->is_client ? "Client" : "Server",
|
641
642
|
tsi_fake_handshake_message_to_string(received_msg));
|
642
643
|
}
|
@@ -644,7 +645,7 @@ static tsi_result fake_handshaker_process_bytes_from_peer(
|
|
644
645
|
impl->needs_incoming_message = 0;
|
645
646
|
if (impl->next_message_to_send == TSI_FAKE_HANDSHAKE_MESSAGE_MAX) {
|
646
647
|
/* We're done. */
|
647
|
-
if (tsi_tracing_enabled
|
648
|
+
if (GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
648
649
|
gpr_log(GPR_INFO, "%s is done.", impl->is_client ? "Client" : "Server");
|
649
650
|
}
|
650
651
|
impl->result = TSI_OK;
|
@@ -669,7 +670,7 @@ static tsi_result fake_handshaker_next(
|
|
669
670
|
tsi_handshaker* self, const unsigned char* received_bytes,
|
670
671
|
size_t received_bytes_size, const unsigned char** bytes_to_send,
|
671
672
|
size_t* bytes_to_send_size, tsi_handshaker_result** handshaker_result,
|
672
|
-
tsi_handshaker_on_next_done_cb cb
|
673
|
+
tsi_handshaker_on_next_done_cb /*cb*/, void* /*user_data*/) {
|
673
674
|
/* Sanity check the arguments. */
|
674
675
|
if ((received_bytes_size > 0 && received_bytes == nullptr) ||
|
675
676
|
bytes_to_send == nullptr || bytes_to_send_size == nullptr ||
|
@@ -25,6 +25,8 @@
|
|
25
25
|
|
26
26
|
/* Value for the TSI_CERTIFICATE_TYPE_PEER_PROPERTY property for FAKE certs. */
|
27
27
|
#define TSI_FAKE_CERTIFICATE_TYPE "FAKE"
|
28
|
+
/* Value of the TSI_SECURITY_LEVEL_PEER_PROPERTY property for FAKE certs. */
|
29
|
+
#define TSI_FAKE_SECURITY_LEVEL "TSI_SECURITY_NONE"
|
28
30
|
|
29
31
|
/* Creates a fake handshaker that will create a fake frame protector.
|
30
32
|
|
@@ -84,7 +84,8 @@ static const tsi_zero_copy_grpc_protector_vtable
|
|
84
84
|
local_zero_copy_grpc_protector_vtable = {
|
85
85
|
local_zero_copy_grpc_protector_protect,
|
86
86
|
local_zero_copy_grpc_protector_unprotect,
|
87
|
-
local_zero_copy_grpc_protector_destroy
|
87
|
+
local_zero_copy_grpc_protector_destroy,
|
88
|
+
nullptr /* local_zero_copy_grpc_protector_max_frame_size */};
|
88
89
|
|
89
90
|
tsi_result local_zero_copy_grpc_protector_create(
|
90
91
|
tsi_zero_copy_grpc_protector** protector) {
|
@@ -104,12 +105,13 @@ tsi_result local_zero_copy_grpc_protector_create(
|
|
104
105
|
/* --- tsi_handshaker_result methods implementation. --- */
|
105
106
|
|
106
107
|
static tsi_result handshaker_result_extract_peer(
|
107
|
-
const tsi_handshaker_result* self
|
108
|
+
const tsi_handshaker_result* /*self*/, tsi_peer* /*peer*/) {
|
108
109
|
return TSI_OK;
|
109
110
|
}
|
110
111
|
|
111
112
|
static tsi_result handshaker_result_create_zero_copy_grpc_protector(
|
112
|
-
const tsi_handshaker_result* self,
|
113
|
+
const tsi_handshaker_result* self,
|
114
|
+
size_t* /*max_output_protected_frame_size*/,
|
113
115
|
tsi_zero_copy_grpc_protector** protector) {
|
114
116
|
if (self == nullptr || protector == nullptr) {
|
115
117
|
gpr_log(GPR_ERROR,
|
@@ -157,10 +159,10 @@ static tsi_result create_handshaker_result(bool is_client,
|
|
157
159
|
/* --- tsi_handshaker methods implementation. --- */
|
158
160
|
|
159
161
|
static tsi_result handshaker_next(
|
160
|
-
tsi_handshaker* self, const unsigned char* received_bytes
|
161
|
-
size_t received_bytes_size
|
162
|
+
tsi_handshaker* self, const unsigned char* /*received_bytes*/,
|
163
|
+
size_t /*received_bytes_size*/, const unsigned char** /*bytes_to_send*/,
|
162
164
|
size_t* bytes_to_send_size, tsi_handshaker_result** result,
|
163
|
-
tsi_handshaker_on_next_done_cb cb
|
165
|
+
tsi_handshaker_on_next_done_cb /*cb*/, void* /*user_data*/) {
|
164
166
|
if (self == nullptr) {
|
165
167
|
gpr_log(GPR_ERROR, "Invalid arguments to handshaker_next()");
|
166
168
|
return TSI_INVALID_ARGUMENT;
|
@@ -21,8 +21,6 @@
|
|
21
21
|
|
22
22
|
#include <grpc/support/port_platform.h>
|
23
23
|
|
24
|
-
#include "src/core/tsi/grpc_shadow_boringssl.h"
|
25
|
-
|
26
24
|
#include <grpc/slice.h>
|
27
25
|
|
28
26
|
extern "C" {
|
@@ -57,14 +55,12 @@ class SslCachedSession {
|
|
57
55
|
SslCachedSession& operator=(const SslCachedSession&) = delete;
|
58
56
|
|
59
57
|
/// Create single cached instance of \a session.
|
60
|
-
static
|
58
|
+
static std::unique_ptr<SslCachedSession> Create(SslSessionPtr session);
|
61
59
|
|
62
60
|
virtual ~SslCachedSession() = default;
|
63
61
|
|
64
62
|
/// Returns a copy of previously cached session.
|
65
|
-
virtual SslSessionPtr CopySession() const
|
66
|
-
|
67
|
-
GRPC_ABSTRACT_BASE_CLASS
|
63
|
+
virtual SslSessionPtr CopySession() const = 0;
|
68
64
|
|
69
65
|
protected:
|
70
66
|
SslCachedSession() = default;
|
@@ -47,10 +47,9 @@ class BoringSslCachedSession : public SslCachedSession {
|
|
47
47
|
|
48
48
|
} // namespace
|
49
49
|
|
50
|
-
|
50
|
+
std::unique_ptr<SslCachedSession> SslCachedSession::Create(
|
51
51
|
SslSessionPtr session) {
|
52
|
-
return
|
53
|
-
grpc_core::New<BoringSslCachedSession>(std::move(session)));
|
52
|
+
return absl::make_unique<BoringSslCachedSession>(std::move(session));
|
54
53
|
}
|
55
54
|
|
56
55
|
} // namespace tsi
|
@@ -18,7 +18,8 @@
|
|
18
18
|
|
19
19
|
#include <grpc/support/port_platform.h>
|
20
20
|
|
21
|
-
#include "src/core/lib/gprpp/
|
21
|
+
#include "src/core/lib/gprpp/sync.h"
|
22
|
+
#include "src/core/lib/slice/slice_internal.h"
|
22
23
|
#include "src/core/tsi/ssl/session_cache/ssl_session.h"
|
23
24
|
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
|
24
25
|
|
@@ -27,18 +28,20 @@
|
|
27
28
|
|
28
29
|
namespace tsi {
|
29
30
|
|
30
|
-
static void cache_key_avl_destroy(void* key
|
31
|
+
static void cache_key_avl_destroy(void* /*key*/, void* /*unused*/) {}
|
31
32
|
|
32
|
-
static void* cache_key_avl_copy(void* key, void* unused) { return key; }
|
33
|
+
static void* cache_key_avl_copy(void* key, void* /*unused*/) { return key; }
|
33
34
|
|
34
|
-
static long cache_key_avl_compare(void* key1, void* key2, void* unused) {
|
35
|
+
static long cache_key_avl_compare(void* key1, void* key2, void* /*unused*/) {
|
35
36
|
return grpc_slice_cmp(*static_cast<grpc_slice*>(key1),
|
36
37
|
*static_cast<grpc_slice*>(key2));
|
37
38
|
}
|
38
39
|
|
39
|
-
static void cache_value_avl_destroy(void* value
|
40
|
+
static void cache_value_avl_destroy(void* /*value*/, void* /*unused*/) {}
|
40
41
|
|
41
|
-
static void* cache_value_avl_copy(void* value, void* unused) {
|
42
|
+
static void* cache_value_avl_copy(void* value, void* /*unused*/) {
|
43
|
+
return value;
|
44
|
+
}
|
42
45
|
|
43
46
|
// AVL only stores pointers, ownership belonges to the linked list.
|
44
47
|
static const grpc_avl_vtable cache_avl_vtable = {
|
@@ -53,7 +56,7 @@ class SslSessionLRUCache::Node {
|
|
53
56
|
SetSession(std::move(session));
|
54
57
|
}
|
55
58
|
|
56
|
-
~Node() {
|
59
|
+
~Node() { grpc_slice_unref_internal(key_); }
|
57
60
|
|
58
61
|
// Not copyable nor movable.
|
59
62
|
Node(const Node&) = delete;
|
@@ -73,7 +76,7 @@ class SslSessionLRUCache::Node {
|
|
73
76
|
friend class SslSessionLRUCache;
|
74
77
|
|
75
78
|
grpc_slice key_;
|
76
|
-
|
79
|
+
std::unique_ptr<SslCachedSession> session_;
|
77
80
|
|
78
81
|
Node* next_ = nullptr;
|
79
82
|
Node* prev_ = nullptr;
|
@@ -89,7 +92,7 @@ SslSessionLRUCache::~SslSessionLRUCache() {
|
|
89
92
|
Node* node = use_order_list_head_;
|
90
93
|
while (node) {
|
91
94
|
Node* next = node->next_;
|
92
|
-
|
95
|
+
delete node;
|
93
96
|
node = next;
|
94
97
|
}
|
95
98
|
grpc_avl_unref(entry_by_key_, nullptr);
|
@@ -124,7 +127,7 @@ void SslSessionLRUCache::Put(const char* key, SslSessionPtr session) {
|
|
124
127
|
return;
|
125
128
|
}
|
126
129
|
grpc_slice key_slice = grpc_slice_from_copied_string(key);
|
127
|
-
node =
|
130
|
+
node = new Node(key_slice, std::move(session));
|
128
131
|
PushFront(node);
|
129
132
|
entry_by_key_ = grpc_avl_add(entry_by_key_, node->AvlKey(), node, nullptr);
|
130
133
|
AssertInvariants();
|
@@ -134,7 +137,7 @@ void SslSessionLRUCache::Put(const char* key, SslSessionPtr session) {
|
|
134
137
|
Remove(node);
|
135
138
|
// Order matters, key is destroyed after deleting node.
|
136
139
|
entry_by_key_ = grpc_avl_remove(entry_by_key_, node->AvlKey(), nullptr);
|
137
|
-
|
140
|
+
delete node;
|
138
141
|
AssertInvariants();
|
139
142
|
}
|
140
143
|
}
|
@@ -21,8 +21,6 @@
|
|
21
21
|
|
22
22
|
#include <grpc/support/port_platform.h>
|
23
23
|
|
24
|
-
#include "src/core/tsi/grpc_shadow_boringssl.h"
|
25
|
-
|
26
24
|
#include <grpc/slice.h>
|
27
25
|
#include <grpc/support/sync.h>
|
28
26
|
|
@@ -53,6 +51,10 @@ class SslSessionLRUCache : public grpc_core::RefCounted<SslSessionLRUCache> {
|
|
53
51
|
return grpc_core::MakeRefCounted<SslSessionLRUCache>(capacity);
|
54
52
|
}
|
55
53
|
|
54
|
+
// Use Create function instead of using this directly.
|
55
|
+
explicit SslSessionLRUCache(size_t capacity);
|
56
|
+
~SslSessionLRUCache();
|
57
|
+
|
56
58
|
// Not copyable nor movable.
|
57
59
|
SslSessionLRUCache(const SslSessionLRUCache&) = delete;
|
58
60
|
SslSessionLRUCache& operator=(const SslSessionLRUCache&) = delete;
|
@@ -67,19 +69,8 @@ class SslSessionLRUCache : public grpc_core::RefCounted<SslSessionLRUCache> {
|
|
67
69
|
SslSessionPtr Get(const char* key);
|
68
70
|
|
69
71
|
private:
|
70
|
-
// So New() can call our private ctor.
|
71
|
-
template <typename T, typename... Args>
|
72
|
-
friend T* grpc_core::New(Args&&... args);
|
73
|
-
|
74
|
-
// So Delete() can call our private dtor.
|
75
|
-
template <typename T>
|
76
|
-
friend void grpc_core::Delete(T*);
|
77
|
-
|
78
72
|
class Node;
|
79
73
|
|
80
|
-
explicit SslSessionLRUCache(size_t capacity);
|
81
|
-
~SslSessionLRUCache();
|
82
|
-
|
83
74
|
Node* FindLocked(const grpc_slice& key);
|
84
75
|
void Remove(Node* node);
|
85
76
|
void PushFront(Node* node);
|
@@ -65,10 +65,9 @@ class OpenSslCachedSession : public SslCachedSession {
|
|
65
65
|
|
66
66
|
} // namespace
|
67
67
|
|
68
|
-
|
68
|
+
std::unique_ptr<SslCachedSession> SslCachedSession::Create(
|
69
69
|
SslSessionPtr session) {
|
70
|
-
return
|
71
|
-
grpc_core::New<OpenSslCachedSession>(std::move(session)));
|
70
|
+
return absl::make_unique<OpenSslCachedSession>(std::move(session));
|
72
71
|
}
|
73
72
|
|
74
73
|
} // namespace tsi
|
@@ -18,8 +18,6 @@
|
|
18
18
|
|
19
19
|
#include <grpc/support/port_platform.h>
|
20
20
|
|
21
|
-
#include "src/core/tsi/grpc_shadow_boringssl.h"
|
22
|
-
|
23
21
|
#include "src/core/tsi/ssl_transport_security.h"
|
24
22
|
|
25
23
|
#include <limits.h>
|
@@ -35,15 +33,20 @@
|
|
35
33
|
#include <sys/socket.h>
|
36
34
|
#endif
|
37
35
|
|
36
|
+
#include <grpc/grpc_security.h>
|
38
37
|
#include <grpc/support/alloc.h>
|
39
38
|
#include <grpc/support/log.h>
|
40
39
|
#include <grpc/support/string_util.h>
|
41
40
|
#include <grpc/support/sync.h>
|
42
41
|
#include <grpc/support/thd_id.h>
|
43
42
|
|
43
|
+
#include "absl/strings/match.h"
|
44
|
+
#include "absl/strings/string_view.h"
|
45
|
+
|
44
46
|
extern "C" {
|
45
47
|
#include <openssl/bio.h>
|
46
48
|
#include <openssl/crypto.h> /* For OPENSSL_free */
|
49
|
+
#include <openssl/engine.h>
|
47
50
|
#include <openssl/err.h>
|
48
51
|
#include <openssl/ssl.h>
|
49
52
|
#include <openssl/x509.h>
|
@@ -103,7 +106,7 @@ struct tsi_ssl_server_handshaker_factory {
|
|
103
106
|
size_t alpn_protocol_list_length;
|
104
107
|
};
|
105
108
|
|
106
|
-
|
109
|
+
struct tsi_ssl_handshaker {
|
107
110
|
tsi_handshaker base;
|
108
111
|
SSL* ssl;
|
109
112
|
BIO* network_io;
|
@@ -111,30 +114,30 @@ typedef struct {
|
|
111
114
|
unsigned char* outgoing_bytes_buffer;
|
112
115
|
size_t outgoing_bytes_buffer_size;
|
113
116
|
tsi_ssl_handshaker_factory* factory_ref;
|
114
|
-
}
|
115
|
-
|
116
|
-
typedef struct {
|
117
|
+
};
|
118
|
+
struct tsi_ssl_handshaker_result {
|
117
119
|
tsi_handshaker_result base;
|
118
120
|
SSL* ssl;
|
119
121
|
BIO* network_io;
|
120
122
|
unsigned char* unused_bytes;
|
121
123
|
size_t unused_bytes_size;
|
122
|
-
}
|
123
|
-
|
124
|
-
typedef struct {
|
124
|
+
};
|
125
|
+
struct tsi_ssl_frame_protector {
|
125
126
|
tsi_frame_protector base;
|
126
127
|
SSL* ssl;
|
127
128
|
BIO* network_io;
|
128
129
|
unsigned char* buffer;
|
129
130
|
size_t buffer_size;
|
130
131
|
size_t buffer_offset;
|
131
|
-
}
|
132
|
-
|
132
|
+
};
|
133
133
|
/* --- Library Initialization. ---*/
|
134
134
|
|
135
135
|
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
136
136
|
static int g_ssl_ctx_ex_factory_index = -1;
|
137
137
|
static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
|
138
|
+
#ifndef OPENSSL_IS_BORINGSSL
|
139
|
+
static const char kSslEnginePrefix[] = "engine:";
|
140
|
+
#endif
|
138
141
|
|
139
142
|
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
140
143
|
static gpr_mu* g_openssl_mutexes = nullptr;
|
@@ -156,9 +159,13 @@ static unsigned long openssl_thread_id_cb(void) {
|
|
156
159
|
#endif
|
157
160
|
|
158
161
|
static void init_openssl(void) {
|
162
|
+
#if OPENSSL_API_COMPAT >= 0x10100000L
|
163
|
+
OPENSSL_init_ssl(0, NULL);
|
164
|
+
#else
|
159
165
|
SSL_library_init();
|
160
166
|
SSL_load_error_strings();
|
161
167
|
OpenSSL_add_all_algorithms();
|
168
|
+
#endif
|
162
169
|
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
163
170
|
if (!CRYPTO_get_locking_callback()) {
|
164
171
|
int num_locks = CRYPTO_num_locks();
|
@@ -209,7 +216,7 @@ static const char* ssl_error_string(int error) {
|
|
209
216
|
/* TODO(jboeuf): Remove when we are past the debugging phase with this code. */
|
210
217
|
static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
211
218
|
const char* msg) {
|
212
|
-
if ((where & flag) && tsi_tracing_enabled
|
219
|
+
if ((where & flag) && GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
213
220
|
gpr_log(GPR_INFO, "%20.20s - %30.30s - %5.10s", msg,
|
214
221
|
SSL_state_string_long(ssl), SSL_state_string(ssl));
|
215
222
|
}
|
@@ -229,11 +236,10 @@ static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
|
229
236
|
|
230
237
|
/* Returns 1 if name looks like an IP address, 0 otherwise.
|
231
238
|
This is a very rough heuristic, and only handles IPv6 in hexadecimal form. */
|
232
|
-
static int looks_like_ip_address(
|
233
|
-
size_t i;
|
239
|
+
static int looks_like_ip_address(absl::string_view name) {
|
234
240
|
size_t dot_count = 0;
|
235
241
|
size_t num_size = 0;
|
236
|
-
for (i = 0; i <
|
242
|
+
for (size_t i = 0; i < name.size(); ++i) {
|
237
243
|
if (name[i] == ':') {
|
238
244
|
/* IPv6 Address in hexadecimal form, : is not allowed in DNS names. */
|
239
245
|
return 1;
|
@@ -337,21 +343,26 @@ static tsi_result add_pem_certificate(X509* cert, tsi_peer_property* property) {
|
|
337
343
|
/* Gets the subject SANs from an X509 cert as a tsi_peer_property. */
|
338
344
|
static tsi_result add_subject_alt_names_properties_to_peer(
|
339
345
|
tsi_peer* peer, GENERAL_NAMES* subject_alt_names,
|
340
|
-
size_t subject_alt_name_count) {
|
346
|
+
size_t subject_alt_name_count, int* current_insert_index) {
|
341
347
|
size_t i;
|
342
348
|
tsi_result result = TSI_OK;
|
343
349
|
|
344
|
-
/* Reset for DNS entries filtering. */
|
345
|
-
peer->property_count -= subject_alt_name_count;
|
346
|
-
|
347
350
|
for (i = 0; i < subject_alt_name_count; i++) {
|
348
351
|
GENERAL_NAME* subject_alt_name =
|
349
352
|
sk_GENERAL_NAME_value(subject_alt_names, TSI_SIZE_AS_SIZE(i));
|
350
|
-
|
351
|
-
|
353
|
+
if (subject_alt_name->type == GEN_DNS ||
|
354
|
+
subject_alt_name->type == GEN_EMAIL ||
|
355
|
+
subject_alt_name->type == GEN_URI) {
|
352
356
|
unsigned char* name = nullptr;
|
353
357
|
int name_size;
|
354
|
-
|
358
|
+
if (subject_alt_name->type == GEN_DNS) {
|
359
|
+
name_size = ASN1_STRING_to_UTF8(&name, subject_alt_name->d.dNSName);
|
360
|
+
} else if (subject_alt_name->type == GEN_EMAIL) {
|
361
|
+
name_size = ASN1_STRING_to_UTF8(&name, subject_alt_name->d.rfc822Name);
|
362
|
+
} else {
|
363
|
+
name_size = ASN1_STRING_to_UTF8(
|
364
|
+
&name, subject_alt_name->d.uniformResourceIdentifier);
|
365
|
+
}
|
355
366
|
if (name_size < 0) {
|
356
367
|
gpr_log(GPR_ERROR, "Could not get utf8 from asn1 string.");
|
357
368
|
result = TSI_INTERNAL_ERROR;
|
@@ -360,7 +371,17 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
360
371
|
result = tsi_construct_string_peer_property(
|
361
372
|
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
|
362
373
|
reinterpret_cast<const char*>(name), static_cast<size_t>(name_size),
|
363
|
-
&peer->properties[
|
374
|
+
&peer->properties[(*current_insert_index)++]);
|
375
|
+
if (result != TSI_OK) {
|
376
|
+
OPENSSL_free(name);
|
377
|
+
break;
|
378
|
+
}
|
379
|
+
if (subject_alt_name->type == GEN_URI) {
|
380
|
+
result = tsi_construct_string_peer_property(
|
381
|
+
TSI_X509_URI_PEER_PROPERTY, reinterpret_cast<const char*>(name),
|
382
|
+
static_cast<size_t>(name_size),
|
383
|
+
&peer->properties[(*current_insert_index)++]);
|
384
|
+
}
|
364
385
|
OPENSSL_free(name);
|
365
386
|
} else if (subject_alt_name->type == GEN_IPADD) {
|
366
387
|
char ntop_buf[INET6_ADDRSTRLEN];
|
@@ -385,7 +406,7 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
385
406
|
|
386
407
|
result = tsi_construct_string_peer_property_from_cstring(
|
387
408
|
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY, name,
|
388
|
-
&peer->properties[
|
409
|
+
&peer->properties[(*current_insert_index)++]);
|
389
410
|
}
|
390
411
|
if (result != TSI_OK) break;
|
391
412
|
}
|
@@ -408,26 +429,35 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
408
429
|
property_count = (include_certificate_type ? static_cast<size_t>(1) : 0) +
|
409
430
|
2 /* common name, certificate */ +
|
410
431
|
static_cast<size_t>(subject_alt_name_count);
|
432
|
+
for (int i = 0; i < subject_alt_name_count; i++) {
|
433
|
+
GENERAL_NAME* subject_alt_name =
|
434
|
+
sk_GENERAL_NAME_value(subject_alt_names, TSI_SIZE_AS_SIZE(i));
|
435
|
+
if (subject_alt_name->type == GEN_URI) {
|
436
|
+
property_count += 1;
|
437
|
+
}
|
438
|
+
}
|
411
439
|
result = tsi_construct_peer(property_count, peer);
|
412
440
|
if (result != TSI_OK) return result;
|
441
|
+
int current_insert_index = 0;
|
413
442
|
do {
|
414
443
|
if (include_certificate_type) {
|
415
444
|
result = tsi_construct_string_peer_property_from_cstring(
|
416
445
|
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
|
417
|
-
&peer->properties[
|
446
|
+
&peer->properties[current_insert_index++]);
|
418
447
|
if (result != TSI_OK) break;
|
419
448
|
}
|
420
449
|
result = peer_property_from_x509_common_name(
|
421
|
-
cert, &peer->properties[
|
450
|
+
cert, &peer->properties[current_insert_index++]);
|
422
451
|
if (result != TSI_OK) break;
|
423
452
|
|
424
|
-
result =
|
425
|
-
cert, &peer->properties[
|
453
|
+
result =
|
454
|
+
add_pem_certificate(cert, &peer->properties[current_insert_index++]);
|
426
455
|
if (result != TSI_OK) break;
|
427
456
|
|
428
457
|
if (subject_alt_name_count != 0) {
|
429
458
|
result = add_subject_alt_names_properties_to_peer(
|
430
|
-
peer, subject_alt_names, static_cast<size_t>(subject_alt_name_count)
|
459
|
+
peer, subject_alt_names, static_cast<size_t>(subject_alt_name_count),
|
460
|
+
¤t_insert_index);
|
431
461
|
if (result != TSI_OK) break;
|
432
462
|
}
|
433
463
|
} while (0);
|
@@ -436,6 +466,8 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
436
466
|
sk_GENERAL_NAME_pop_free(subject_alt_names, GENERAL_NAME_free);
|
437
467
|
}
|
438
468
|
if (result != TSI_OK) tsi_peer_destruct(peer);
|
469
|
+
|
470
|
+
GPR_ASSERT((int)peer->property_count == current_insert_index);
|
439
471
|
return result;
|
440
472
|
}
|
441
473
|
|
@@ -539,7 +571,8 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
539
571
|
break;
|
540
572
|
}
|
541
573
|
/* We don't need to free certificate_authority as its ownership has been
|
542
|
-
|
574
|
+
transferred to the context. That is not the case for certificate
|
575
|
+
though.
|
543
576
|
*/
|
544
577
|
}
|
545
578
|
} while (0);
|
@@ -549,9 +582,84 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
549
582
|
return result;
|
550
583
|
}
|
551
584
|
|
552
|
-
|
553
|
-
static tsi_result
|
554
|
-
|
585
|
+
#ifndef OPENSSL_IS_BORINGSSL
|
586
|
+
static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
587
|
+
const char* pem_key,
|
588
|
+
size_t pem_key_size) {
|
589
|
+
tsi_result result = TSI_OK;
|
590
|
+
EVP_PKEY* private_key = nullptr;
|
591
|
+
ENGINE* engine = nullptr;
|
592
|
+
char* engine_name = nullptr;
|
593
|
+
// Parse key which is in following format engine:<engine_id>:<key_id>
|
594
|
+
do {
|
595
|
+
char* engine_start = (char*)pem_key + strlen(kSslEnginePrefix);
|
596
|
+
char* engine_end = (char*)strchr(engine_start, ':');
|
597
|
+
if (engine_end == nullptr) {
|
598
|
+
result = TSI_INVALID_ARGUMENT;
|
599
|
+
break;
|
600
|
+
}
|
601
|
+
char* key_id = engine_end + 1;
|
602
|
+
int engine_name_length = engine_end - engine_start;
|
603
|
+
if (engine_name_length == 0) {
|
604
|
+
result = TSI_INVALID_ARGUMENT;
|
605
|
+
break;
|
606
|
+
}
|
607
|
+
engine_name = static_cast<char*>(gpr_zalloc(engine_name_length + 1));
|
608
|
+
memcpy(engine_name, engine_start, engine_name_length);
|
609
|
+
gpr_log(GPR_DEBUG, "ENGINE key: %s", engine_name);
|
610
|
+
ENGINE_load_dynamic();
|
611
|
+
engine = ENGINE_by_id(engine_name);
|
612
|
+
if (engine == nullptr) {
|
613
|
+
// If not available at ENGINE_DIR, use dynamic to load from
|
614
|
+
// current working directory.
|
615
|
+
engine = ENGINE_by_id("dynamic");
|
616
|
+
if (engine == nullptr) {
|
617
|
+
gpr_log(GPR_ERROR, "Cannot load dynamic engine");
|
618
|
+
result = TSI_INVALID_ARGUMENT;
|
619
|
+
break;
|
620
|
+
}
|
621
|
+
if (!ENGINE_ctrl_cmd_string(engine, "ID", engine_name, 0) ||
|
622
|
+
!ENGINE_ctrl_cmd_string(engine, "DIR_LOAD", "2", 0) ||
|
623
|
+
!ENGINE_ctrl_cmd_string(engine, "DIR_ADD", ".", 0) ||
|
624
|
+
!ENGINE_ctrl_cmd_string(engine, "LIST_ADD", "1", 0) ||
|
625
|
+
!ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0)) {
|
626
|
+
gpr_log(GPR_ERROR, "Cannot find engine");
|
627
|
+
result = TSI_INVALID_ARGUMENT;
|
628
|
+
break;
|
629
|
+
}
|
630
|
+
}
|
631
|
+
if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL)) {
|
632
|
+
gpr_log(GPR_ERROR, "ENGINE_set_default with ENGINE_METHOD_ALL failed");
|
633
|
+
result = TSI_INVALID_ARGUMENT;
|
634
|
+
break;
|
635
|
+
}
|
636
|
+
if (!ENGINE_init(engine)) {
|
637
|
+
gpr_log(GPR_ERROR, "ENGINE_init failed");
|
638
|
+
result = TSI_INVALID_ARGUMENT;
|
639
|
+
break;
|
640
|
+
}
|
641
|
+
private_key = ENGINE_load_private_key(engine, key_id, 0, 0);
|
642
|
+
if (private_key == nullptr) {
|
643
|
+
gpr_log(GPR_ERROR, "ENGINE_load_private_key failed");
|
644
|
+
result = TSI_INVALID_ARGUMENT;
|
645
|
+
break;
|
646
|
+
}
|
647
|
+
if (!SSL_CTX_use_PrivateKey(context, private_key)) {
|
648
|
+
gpr_log(GPR_ERROR, "SSL_CTX_use_PrivateKey failed");
|
649
|
+
result = TSI_INVALID_ARGUMENT;
|
650
|
+
break;
|
651
|
+
}
|
652
|
+
} while (0);
|
653
|
+
if (engine != nullptr) ENGINE_free(engine);
|
654
|
+
if (private_key != nullptr) EVP_PKEY_free(private_key);
|
655
|
+
if (engine_name != nullptr) gpr_free(engine_name);
|
656
|
+
return result;
|
657
|
+
}
|
658
|
+
#endif /* OPENSSL_IS_BORINGSSL */
|
659
|
+
|
660
|
+
static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
661
|
+
const char* pem_key,
|
662
|
+
size_t pem_key_size) {
|
555
663
|
tsi_result result = TSI_OK;
|
556
664
|
EVP_PKEY* private_key = nullptr;
|
557
665
|
BIO* pem;
|
@@ -574,6 +682,20 @@ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
|
574
682
|
return result;
|
575
683
|
}
|
576
684
|
|
685
|
+
/* Loads an in-memory PEM private key into the SSL context. */
|
686
|
+
static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
687
|
+
size_t pem_key_size) {
|
688
|
+
// BoringSSL does not have ENGINE support
|
689
|
+
#ifndef OPENSSL_IS_BORINGSSL
|
690
|
+
if (strncmp(pem_key, kSslEnginePrefix, strlen(kSslEnginePrefix)) == 0) {
|
691
|
+
return ssl_ctx_use_engine_private_key(context, pem_key, pem_key_size);
|
692
|
+
} else
|
693
|
+
#endif /* OPENSSL_IS_BORINGSSL */
|
694
|
+
{
|
695
|
+
return ssl_ctx_use_pem_private_key(context, pem_key, pem_key_size);
|
696
|
+
}
|
697
|
+
}
|
698
|
+
|
577
699
|
/* Loads in-memory PEM verification certs into the SSL context and optionally
|
578
700
|
returns the verification cert names (root_names can be NULL). */
|
579
701
|
static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
@@ -615,15 +737,19 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
615
737
|
sk_X509_NAME_push(*root_names, root_name);
|
616
738
|
root_name = nullptr;
|
617
739
|
}
|
740
|
+
ERR_clear_error();
|
618
741
|
if (!X509_STORE_add_cert(cert_store, root)) {
|
619
|
-
|
620
|
-
|
621
|
-
|
742
|
+
unsigned long error = ERR_get_error();
|
743
|
+
if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
|
744
|
+
ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
|
745
|
+
gpr_log(GPR_ERROR, "Could not add root certificate to ssl context.");
|
746
|
+
result = TSI_INTERNAL_ERROR;
|
747
|
+
break;
|
748
|
+
}
|
622
749
|
}
|
623
750
|
X509_free(root);
|
624
751
|
num_roots++;
|
625
752
|
}
|
626
|
-
|
627
753
|
if (num_roots == 0) {
|
628
754
|
gpr_log(GPR_ERROR, "Could not load any root certificate.");
|
629
755
|
result = TSI_INVALID_ARGUMENT;
|
@@ -647,6 +773,8 @@ static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
|
647
773
|
STACK_OF(X509_NAME) *
|
648
774
|
*root_name) {
|
649
775
|
X509_STORE* cert_store = SSL_CTX_get_cert_store(context);
|
776
|
+
X509_STORE_set_flags(cert_store,
|
777
|
+
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_TRUSTED_FIRST);
|
650
778
|
return x509_store_load_certs(cert_store, pem_roots, pem_roots_size,
|
651
779
|
root_name);
|
652
780
|
}
|
@@ -694,8 +822,8 @@ static tsi_result populate_ssl_context(
|
|
694
822
|
}
|
695
823
|
|
696
824
|
/* Extracts the CN and the SANs from an X509 cert as a peer object. */
|
697
|
-
|
698
|
-
|
825
|
+
tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
826
|
+
const char* pem_cert, tsi_peer* peer) {
|
699
827
|
tsi_result result = TSI_OK;
|
700
828
|
X509* cert = nullptr;
|
701
829
|
BIO* pem;
|
@@ -756,7 +884,7 @@ static tsi_result build_alpn_protocol_name_list(
|
|
756
884
|
// the server's certificate, but we need to pull it anyway, in case a higher
|
757
885
|
// layer wants to look at it. In this case the verification may fail, but
|
758
886
|
// we don't really care.
|
759
|
-
static int NullVerifyCallback(int preverify_ok
|
887
|
+
static int NullVerifyCallback(int /*preverify_ok*/, X509_STORE_CTX* /*ctx*/) {
|
760
888
|
return 1;
|
761
889
|
}
|
762
890
|
|
@@ -1006,8 +1134,31 @@ static void tsi_ssl_handshaker_factory_init(
|
|
1006
1134
|
gpr_ref_init(&factory->refcount, 1);
|
1007
1135
|
}
|
1008
1136
|
|
1009
|
-
/*
|
1137
|
+
/* Gets the X509 cert chain in PEM format as a tsi_peer_property. */
|
1138
|
+
tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
|
1139
|
+
tsi_peer_property* property) {
|
1140
|
+
BIO* bio = BIO_new(BIO_s_mem());
|
1141
|
+
const auto peer_chain_len = sk_X509_num(peer_chain);
|
1142
|
+
for (auto i = decltype(peer_chain_len){0}; i < peer_chain_len; i++) {
|
1143
|
+
if (!PEM_write_bio_X509(bio, sk_X509_value(peer_chain, i))) {
|
1144
|
+
BIO_free(bio);
|
1145
|
+
return TSI_INTERNAL_ERROR;
|
1146
|
+
}
|
1147
|
+
}
|
1148
|
+
char* contents;
|
1149
|
+
long len = BIO_get_mem_data(bio, &contents);
|
1150
|
+
if (len <= 0) {
|
1151
|
+
BIO_free(bio);
|
1152
|
+
return TSI_INTERNAL_ERROR;
|
1153
|
+
}
|
1154
|
+
tsi_result result = tsi_construct_string_peer_property(
|
1155
|
+
TSI_X509_PEM_CERT_CHAIN_PROPERTY, (const char*)contents,
|
1156
|
+
static_cast<size_t>(len), property);
|
1157
|
+
BIO_free(bio);
|
1158
|
+
return result;
|
1159
|
+
}
|
1010
1160
|
|
1161
|
+
/* --- tsi_handshaker_result methods implementation. ---*/
|
1011
1162
|
static tsi_result ssl_handshaker_result_extract_peer(
|
1012
1163
|
const tsi_handshaker_result* self, tsi_peer* peer) {
|
1013
1164
|
tsi_result result = TSI_OK;
|
@@ -1029,10 +1180,14 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1029
1180
|
SSL_get0_next_proto_negotiated(impl->ssl, &alpn_selected,
|
1030
1181
|
&alpn_selected_len);
|
1031
1182
|
}
|
1032
|
-
|
1183
|
+
// When called on the client side, the stack also contains the
|
1184
|
+
// peer's certificate; When called on the server side,
|
1185
|
+
// the peer's certificate is not present in the stack
|
1186
|
+
STACK_OF(X509)* peer_chain = SSL_get_peer_cert_chain(impl->ssl);
|
1033
1187
|
// 1 is for session reused property.
|
1034
|
-
size_t new_property_count = peer->property_count +
|
1188
|
+
size_t new_property_count = peer->property_count + 3;
|
1035
1189
|
if (alpn_selected != nullptr) new_property_count++;
|
1190
|
+
if (peer_chain != nullptr) new_property_count++;
|
1036
1191
|
tsi_peer_property* new_properties = static_cast<tsi_peer_property*>(
|
1037
1192
|
gpr_zalloc(sizeof(*new_properties) * new_property_count));
|
1038
1193
|
for (size_t i = 0; i < peer->property_count; i++) {
|
@@ -1040,7 +1195,12 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1040
1195
|
}
|
1041
1196
|
if (peer->properties != nullptr) gpr_free(peer->properties);
|
1042
1197
|
peer->properties = new_properties;
|
1043
|
-
|
1198
|
+
// Add peer chain if available
|
1199
|
+
if (peer_chain != nullptr) {
|
1200
|
+
result = tsi_ssl_get_cert_chain_contents(
|
1201
|
+
peer_chain, &peer->properties[peer->property_count]);
|
1202
|
+
if (result == TSI_OK) peer->property_count++;
|
1203
|
+
}
|
1044
1204
|
if (alpn_selected != nullptr) {
|
1045
1205
|
result = tsi_construct_string_peer_property(
|
1046
1206
|
TSI_SSL_ALPN_SELECTED_PROTOCOL,
|
@@ -1049,6 +1209,13 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1049
1209
|
if (result != TSI_OK) return result;
|
1050
1210
|
peer->property_count++;
|
1051
1211
|
}
|
1212
|
+
// Add security_level peer property.
|
1213
|
+
result = tsi_construct_string_peer_property_from_cstring(
|
1214
|
+
TSI_SECURITY_LEVEL_PEER_PROPERTY,
|
1215
|
+
tsi_security_level_to_string(TSI_PRIVACY_AND_INTEGRITY),
|
1216
|
+
&peer->properties[peer->property_count]);
|
1217
|
+
if (result != TSI_OK) return result;
|
1218
|
+
peer->property_count++;
|
1052
1219
|
|
1053
1220
|
const char* session_reused = SSL_session_reused(impl->ssl) ? "true" : "false";
|
1054
1221
|
result = tsi_construct_string_peer_property_from_cstring(
|
@@ -1056,7 +1223,6 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1056
1223
|
&peer->properties[peer->property_count]);
|
1057
1224
|
if (result != TSI_OK) return result;
|
1058
1225
|
peer->property_count++;
|
1059
|
-
|
1060
1226
|
return result;
|
1061
1227
|
}
|
1062
1228
|
|
@@ -1248,7 +1414,7 @@ static tsi_result ssl_handshaker_next(
|
|
1248
1414
|
tsi_handshaker* self, const unsigned char* received_bytes,
|
1249
1415
|
size_t received_bytes_size, const unsigned char** bytes_to_send,
|
1250
1416
|
size_t* bytes_to_send_size, tsi_handshaker_result** handshaker_result,
|
1251
|
-
tsi_handshaker_on_next_done_cb cb
|
1417
|
+
tsi_handshaker_on_next_done_cb /*cb*/, void* /*user_data*/) {
|
1252
1418
|
/* Input sanity check. */
|
1253
1419
|
if ((received_bytes_size > 0 && received_bytes == nullptr) ||
|
1254
1420
|
bytes_to_send == nullptr || bytes_to_send_size == nullptr ||
|
@@ -1390,7 +1556,6 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1390
1556
|
static_cast<unsigned char*>(gpr_zalloc(impl->outgoing_bytes_buffer_size));
|
1391
1557
|
impl->base.vtable = &handshaker_vtable;
|
1392
1558
|
impl->factory_ref = tsi_ssl_handshaker_factory_ref(factory);
|
1393
|
-
|
1394
1559
|
*handshaker = &impl->base;
|
1395
1560
|
return TSI_OK;
|
1396
1561
|
}
|
@@ -1449,11 +1614,9 @@ static void tsi_ssl_client_handshaker_factory_destroy(
|
|
1449
1614
|
gpr_free(self);
|
1450
1615
|
}
|
1451
1616
|
|
1452
|
-
static int client_handshaker_factory_npn_callback(
|
1453
|
-
|
1454
|
-
|
1455
|
-
unsigned int inlen,
|
1456
|
-
void* arg) {
|
1617
|
+
static int client_handshaker_factory_npn_callback(
|
1618
|
+
SSL* /*ssl*/, unsigned char** out, unsigned char* outlen,
|
1619
|
+
const unsigned char* in, unsigned int inlen, void* arg) {
|
1457
1620
|
tsi_ssl_client_handshaker_factory* factory =
|
1458
1621
|
static_cast<tsi_ssl_client_handshaker_factory*>(arg);
|
1459
1622
|
return select_protocol_list((const unsigned char**)out, outlen,
|
@@ -1498,55 +1661,49 @@ static void tsi_ssl_server_handshaker_factory_destroy(
|
|
1498
1661
|
gpr_free(self);
|
1499
1662
|
}
|
1500
1663
|
|
1501
|
-
static int does_entry_match_name(
|
1502
|
-
|
1503
|
-
|
1504
|
-
const char* name_subdomain = nullptr;
|
1505
|
-
size_t name_length = strlen(name);
|
1506
|
-
size_t name_subdomain_length;
|
1507
|
-
if (entry_length == 0) return 0;
|
1664
|
+
static int does_entry_match_name(absl::string_view entry,
|
1665
|
+
absl::string_view name) {
|
1666
|
+
if (entry.empty()) return 0;
|
1508
1667
|
|
1509
1668
|
/* Take care of '.' terminations. */
|
1510
|
-
if (name
|
1511
|
-
|
1669
|
+
if (name.back() == '.') {
|
1670
|
+
name.remove_suffix(1);
|
1512
1671
|
}
|
1513
|
-
if (entry
|
1514
|
-
|
1515
|
-
if (
|
1672
|
+
if (entry.back() == '.') {
|
1673
|
+
entry.remove_suffix(1);
|
1674
|
+
if (entry.empty()) return 0;
|
1516
1675
|
}
|
1517
1676
|
|
1518
|
-
if ((
|
1519
|
-
strncmp(name, entry, entry_length) == 0) {
|
1677
|
+
if (absl::EqualsIgnoreCase(name, entry)) {
|
1520
1678
|
return 1; /* Perfect match. */
|
1521
1679
|
}
|
1522
|
-
if (entry
|
1680
|
+
if (entry.front() != '*') return 0;
|
1523
1681
|
|
1524
1682
|
/* Wildchar subdomain matching. */
|
1525
|
-
if (
|
1683
|
+
if (entry.size() < 3 || entry[1] != '.') { /* At least *.x */
|
1526
1684
|
gpr_log(GPR_ERROR, "Invalid wildchar entry.");
|
1527
1685
|
return 0;
|
1528
1686
|
}
|
1529
|
-
|
1530
|
-
if (
|
1531
|
-
|
1532
|
-
|
1533
|
-
|
1534
|
-
|
1535
|
-
|
1536
|
-
|
1537
|
-
|
1538
|
-
|
1539
|
-
gpr_log(GPR_ERROR, "Invalid toplevel subdomain: %s", name_subdomain);
|
1687
|
+
size_t name_subdomain_pos = name.find('.');
|
1688
|
+
if (name_subdomain_pos == absl::string_view::npos) return 0;
|
1689
|
+
if (name_subdomain_pos >= name.size() - 2) return 0;
|
1690
|
+
absl::string_view name_subdomain =
|
1691
|
+
name.substr(name_subdomain_pos + 1); /* Starts after the dot. */
|
1692
|
+
entry.remove_prefix(2); /* Remove *. */
|
1693
|
+
size_t dot = name_subdomain.find('.');
|
1694
|
+
if (dot == absl::string_view::npos || dot == name_subdomain.size() - 1) {
|
1695
|
+
gpr_log(GPR_ERROR, "Invalid toplevel subdomain: %s",
|
1696
|
+
std::string(name_subdomain).c_str());
|
1540
1697
|
return 0;
|
1541
1698
|
}
|
1542
|
-
if (name_subdomain
|
1543
|
-
|
1699
|
+
if (name_subdomain.back() == '.') {
|
1700
|
+
name_subdomain.remove_suffix(1);
|
1544
1701
|
}
|
1545
|
-
return (
|
1546
|
-
strncmp(entry, name_subdomain, entry_length) == 0);
|
1702
|
+
return !entry.empty() && absl::EqualsIgnoreCase(name_subdomain, entry);
|
1547
1703
|
}
|
1548
1704
|
|
1549
|
-
static int ssl_server_handshaker_factory_servername_callback(SSL* ssl,
|
1705
|
+
static int ssl_server_handshaker_factory_servername_callback(SSL* ssl,
|
1706
|
+
int* /*ap*/,
|
1550
1707
|
void* arg) {
|
1551
1708
|
tsi_ssl_server_handshaker_factory* impl =
|
1552
1709
|
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
@@ -1564,12 +1721,12 @@ static int ssl_server_handshaker_factory_servername_callback(SSL* ssl, int* ap,
|
|
1564
1721
|
}
|
1565
1722
|
}
|
1566
1723
|
gpr_log(GPR_ERROR, "No match found for server name: %s.", servername);
|
1567
|
-
return
|
1724
|
+
return SSL_TLSEXT_ERR_NOACK;
|
1568
1725
|
}
|
1569
1726
|
|
1570
1727
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
1571
1728
|
static int server_handshaker_factory_alpn_callback(
|
1572
|
-
SSL* ssl
|
1729
|
+
SSL* /*ssl*/, const unsigned char** out, unsigned char* outlen,
|
1573
1730
|
const unsigned char* in, unsigned int inlen, void* arg) {
|
1574
1731
|
tsi_ssl_server_handshaker_factory* factory =
|
1575
1732
|
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
@@ -1580,7 +1737,7 @@ static int server_handshaker_factory_alpn_callback(
|
|
1580
1737
|
#endif /* TSI_OPENSSL_ALPN_SUPPORT */
|
1581
1738
|
|
1582
1739
|
static int server_handshaker_factory_npn_advertised_callback(
|
1583
|
-
SSL* ssl
|
1740
|
+
SSL* /*ssl*/, const unsigned char** out, unsigned int* outlen, void* arg) {
|
1584
1741
|
tsi_ssl_server_handshaker_factory* factory =
|
1585
1742
|
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
1586
1743
|
*out = factory->alpn_protocol_list;
|
@@ -1609,7 +1766,7 @@ static int server_handshaker_factory_new_session_callback(
|
|
1609
1766
|
return 0;
|
1610
1767
|
}
|
1611
1768
|
factory->session_cache->Put(server_name, tsi::SslSessionPtr(session));
|
1612
|
-
// Return 1 to indicate
|
1769
|
+
// Return 1 to indicate transferred ownership over the given session.
|
1613
1770
|
return 1;
|
1614
1771
|
}
|
1615
1772
|
|
@@ -1624,7 +1781,6 @@ tsi_result tsi_create_ssl_client_handshaker_factory(
|
|
1624
1781
|
const char** alpn_protocols, uint16_t num_alpn_protocols,
|
1625
1782
|
tsi_ssl_client_handshaker_factory** factory) {
|
1626
1783
|
tsi_ssl_client_handshaker_options options;
|
1627
|
-
memset(&options, 0, sizeof(options));
|
1628
1784
|
options.pem_key_cert_pair = pem_key_cert_pair;
|
1629
1785
|
options.pem_root_certs = pem_root_certs;
|
1630
1786
|
options.cipher_suites = cipher_suites;
|
@@ -1649,7 +1805,11 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
1649
1805
|
return TSI_INVALID_ARGUMENT;
|
1650
1806
|
}
|
1651
1807
|
|
1808
|
+
#if defined(OPENSSL_NO_TLS1_2_METHOD) || OPENSSL_API_COMPAT >= 0x10100000L
|
1809
|
+
ssl_context = SSL_CTX_new(TLS_method());
|
1810
|
+
#else
|
1652
1811
|
ssl_context = SSL_CTX_new(TLSv1_2_method());
|
1812
|
+
#endif
|
1653
1813
|
if (ssl_context == nullptr) {
|
1654
1814
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
1655
1815
|
return TSI_INVALID_ARGUMENT;
|
@@ -1720,7 +1880,11 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
1720
1880
|
tsi_ssl_handshaker_factory_unref(&impl->base);
|
1721
1881
|
return result;
|
1722
1882
|
}
|
1723
|
-
|
1883
|
+
if (options->skip_server_certificate_verification) {
|
1884
|
+
SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, NullVerifyCallback);
|
1885
|
+
} else {
|
1886
|
+
SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, nullptr);
|
1887
|
+
}
|
1724
1888
|
/* TODO(jboeuf): Add revocation verification. */
|
1725
1889
|
|
1726
1890
|
*factory = impl;
|
@@ -1750,7 +1914,6 @@ tsi_result tsi_create_ssl_server_handshaker_factory_ex(
|
|
1750
1914
|
const char* cipher_suites, const char** alpn_protocols,
|
1751
1915
|
uint16_t num_alpn_protocols, tsi_ssl_server_handshaker_factory** factory) {
|
1752
1916
|
tsi_ssl_server_handshaker_options options;
|
1753
|
-
memset(&options, 0, sizeof(options));
|
1754
1917
|
options.pem_key_cert_pairs = pem_key_cert_pairs;
|
1755
1918
|
options.num_key_cert_pairs = num_key_cert_pairs;
|
1756
1919
|
options.pem_client_root_certs = pem_client_root_certs;
|
@@ -1806,7 +1969,11 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
1806
1969
|
|
1807
1970
|
for (i = 0; i < options->num_key_cert_pairs; i++) {
|
1808
1971
|
do {
|
1972
|
+
#if defined(OPENSSL_NO_TLS1_2_METHOD) || OPENSSL_API_COMPAT >= 0x10100000L
|
1973
|
+
impl->ssl_contexts[i] = SSL_CTX_new(TLS_method());
|
1974
|
+
#else
|
1809
1975
|
impl->ssl_contexts[i] = SSL_CTX_new(TLSv1_2_method());
|
1976
|
+
#endif
|
1810
1977
|
if (impl->ssl_contexts[i] == nullptr) {
|
1811
1978
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
1812
1979
|
result = TSI_OUT_OF_RESOURCES;
|
@@ -1850,33 +2017,32 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
1850
2017
|
break;
|
1851
2018
|
}
|
1852
2019
|
SSL_CTX_set_client_CA_list(impl->ssl_contexts[i], root_names);
|
1853
|
-
switch (options->client_certificate_request) {
|
1854
|
-
case TSI_DONT_REQUEST_CLIENT_CERTIFICATE:
|
1855
|
-
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_NONE, nullptr);
|
1856
|
-
break;
|
1857
|
-
case TSI_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
1858
|
-
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER,
|
1859
|
-
NullVerifyCallback);
|
1860
|
-
break;
|
1861
|
-
case TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
|
1862
|
-
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER, nullptr);
|
1863
|
-
break;
|
1864
|
-
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
1865
|
-
SSL_CTX_set_verify(
|
1866
|
-
impl->ssl_contexts[i],
|
1867
|
-
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
|
1868
|
-
NullVerifyCallback);
|
1869
|
-
break;
|
1870
|
-
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY:
|
1871
|
-
SSL_CTX_set_verify(
|
1872
|
-
impl->ssl_contexts[i],
|
1873
|
-
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
|
1874
|
-
break;
|
1875
|
-
}
|
1876
|
-
/* TODO(jboeuf): Add revocation verification. */
|
1877
2020
|
}
|
2021
|
+
switch (options->client_certificate_request) {
|
2022
|
+
case TSI_DONT_REQUEST_CLIENT_CERTIFICATE:
|
2023
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_NONE, nullptr);
|
2024
|
+
break;
|
2025
|
+
case TSI_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
2026
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER,
|
2027
|
+
NullVerifyCallback);
|
2028
|
+
break;
|
2029
|
+
case TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
|
2030
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER, nullptr);
|
2031
|
+
break;
|
2032
|
+
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
2033
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i],
|
2034
|
+
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
|
2035
|
+
NullVerifyCallback);
|
2036
|
+
break;
|
2037
|
+
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY:
|
2038
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i],
|
2039
|
+
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
|
2040
|
+
nullptr);
|
2041
|
+
break;
|
2042
|
+
}
|
2043
|
+
/* TODO(jboeuf): Add revocation verification. */
|
1878
2044
|
|
1879
|
-
result =
|
2045
|
+
result = tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
1880
2046
|
options->pem_key_cert_pairs[i].cert_chain,
|
1881
2047
|
&impl->ssl_context_x509_subject_names[i]);
|
1882
2048
|
if (result != TSI_OK) break;
|
@@ -1906,7 +2072,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
1906
2072
|
|
1907
2073
|
/* --- tsi_ssl utils. --- */
|
1908
2074
|
|
1909
|
-
int tsi_ssl_peer_matches_name(const tsi_peer* peer,
|
2075
|
+
int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
1910
2076
|
size_t i = 0;
|
1911
2077
|
size_t san_count = 0;
|
1912
2078
|
const tsi_peer_property* cn_property = nullptr;
|
@@ -1920,13 +2086,10 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, const char* name) {
|
|
1920
2086
|
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY) == 0) {
|
1921
2087
|
san_count++;
|
1922
2088
|
|
1923
|
-
|
1924
|
-
|
2089
|
+
absl::string_view entry(property->value.data, property->value.length);
|
2090
|
+
if (!like_ip && does_entry_match_name(entry, name)) {
|
1925
2091
|
return 1;
|
1926
|
-
} else if (like_ip &&
|
1927
|
-
strncmp(name, property->value.data, property->value.length) ==
|
1928
|
-
0 &&
|
1929
|
-
strlen(name) == property->value.length) {
|
2092
|
+
} else if (like_ip && name == entry) {
|
1930
2093
|
/* IP Addresses are exact matches only. */
|
1931
2094
|
return 1;
|
1932
2095
|
}
|
@@ -1938,8 +2101,9 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, const char* name) {
|
|
1938
2101
|
|
1939
2102
|
/* If there's no SAN, try the CN, but only if its not like an IP Address */
|
1940
2103
|
if (san_count == 0 && cn_property != nullptr && !like_ip) {
|
1941
|
-
if (does_entry_match_name(cn_property->value.data,
|
1942
|
-
|
2104
|
+
if (does_entry_match_name(absl::string_view(cn_property->value.data,
|
2105
|
+
cn_property->value.length),
|
2106
|
+
name)) {
|
1943
2107
|
return 1;
|
1944
2108
|
}
|
1945
2109
|
}
|