grpc 1.26.0 → 1.28.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (829) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1699 -1482
  3. data/etc/roots.pem +44 -0
  4. data/include/grpc/grpc_security.h +37 -15
  5. data/include/grpc/grpc_security_constants.h +27 -0
  6. data/include/grpc/impl/codegen/grpc_types.h +19 -0
  7. data/include/grpc/impl/codegen/port_platform.h +8 -1
  8. data/include/grpc/impl/codegen/sync.h +5 -3
  9. data/include/grpc/impl/codegen/sync_abseil.h +36 -0
  10. data/include/grpc/module.modulemap +3 -0
  11. data/{src/core/lib/json/json_common.h → include/grpc/support/sync_abseil.h} +7 -15
  12. data/src/core/ext/filters/client_channel/client_channel.cc +74 -32
  13. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +31 -47
  14. data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -3
  15. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
  16. data/src/core/ext/filters/client_channel/http_proxy.cc +8 -5
  17. data/src/core/ext/filters/client_channel/lb_policy.cc +4 -3
  18. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +291 -0
  19. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +83 -0
  20. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +224 -367
  21. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +88 -121
  22. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +28 -57
  23. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +18 -21
  24. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +9 -13
  25. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +85 -83
  26. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +623 -767
  27. data/src/core/ext/filters/client_channel/lb_policy_factory.h +3 -3
  28. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +43 -75
  29. data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
  30. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +57 -70
  31. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +1 -1
  32. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -1
  33. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +1 -1
  34. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +3 -3
  35. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -2
  36. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
  37. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +3 -3
  38. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +31 -7
  39. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +228 -286
  40. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +2 -2
  41. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +37 -176
  42. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +7 -11
  43. data/src/core/ext/filters/client_channel/service_config.cc +91 -160
  44. data/src/core/ext/filters/client_channel/service_config.h +14 -21
  45. data/src/core/ext/filters/client_channel/xds/xds_api.cc +1426 -229
  46. data/src/core/ext/filters/client_channel/xds/xds_api.h +214 -115
  47. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +236 -339
  48. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +32 -45
  49. data/src/core/ext/filters/client_channel/xds/xds_channel.h +3 -1
  50. data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +14 -9
  51. data/src/core/ext/filters/client_channel/xds/xds_client.cc +986 -252
  52. data/src/core/ext/filters/client_channel/xds/xds_client.h +84 -36
  53. data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +53 -131
  54. data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +119 -152
  55. data/src/core/ext/filters/message_size/message_size_filter.cc +32 -35
  56. data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
  57. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +3 -6
  58. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +6 -8
  59. data/src/core/ext/transport/chttp2/transport/writing.cc +1 -1
  60. data/src/core/ext/transport/inproc/inproc_transport.cc +22 -42
  61. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +17 -0
  62. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +30 -0
  63. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +27 -0
  64. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +54 -0
  65. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +46 -21
  66. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +116 -29
  67. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +4 -362
  68. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +14 -1337
  69. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +390 -0
  70. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +1411 -0
  71. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +29 -8
  72. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +60 -0
  73. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
  74. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
  75. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +5 -3
  76. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +6 -2
  77. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +48 -5
  78. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +154 -4
  79. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +19 -15
  80. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +46 -32
  81. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +26 -4
  82. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +70 -0
  83. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +42 -25
  84. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +83 -25
  85. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
  86. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +43 -7
  87. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +115 -0
  88. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +1 -0
  89. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +7 -68
  90. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +14 -201
  91. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +91 -0
  92. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +240 -0
  93. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -71
  94. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +3 -228
  95. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +88 -0
  96. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +258 -0
  97. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
  98. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +30 -0
  99. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +53 -0
  100. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +104 -0
  101. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +383 -0
  102. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +17 -0
  103. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +33 -0
  104. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +144 -0
  105. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +527 -0
  106. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +42 -0
  107. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +112 -0
  108. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +29 -0
  109. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +53 -0
  110. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +62 -0
  111. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +199 -0
  112. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +17 -0
  113. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +33 -0
  114. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +793 -0
  115. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +2936 -0
  116. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +58 -0
  117. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +134 -0
  118. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +27 -0
  119. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +53 -0
  120. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +227 -0
  121. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +725 -0
  122. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +296 -0
  123. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +1072 -0
  124. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +32 -0
  125. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +65 -0
  126. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +47 -0
  127. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +108 -0
  128. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +52 -0
  129. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +133 -0
  130. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +87 -0
  131. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +258 -0
  132. data/src/core/ext/upb-generated/envoy/type/range.upb.c +11 -0
  133. data/src/core/ext/upb-generated/envoy/type/range.upb.h +27 -0
  134. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +28 -0
  135. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +62 -0
  136. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +88 -0
  137. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +249 -0
  138. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +30 -27
  139. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +64 -52
  140. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +13 -5
  141. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +34 -0
  142. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +48 -0
  143. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +104 -0
  144. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +17 -0
  145. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +30 -0
  146. data/src/core/ext/upb-generated/validate/validate.upb.c +38 -34
  147. data/src/core/ext/upb-generated/validate/validate.upb.h +129 -99
  148. data/src/core/lib/channel/channel_trace.cc +32 -41
  149. data/src/core/lib/channel/channel_trace.h +3 -3
  150. data/src/core/lib/channel/channelz.cc +158 -248
  151. data/src/core/lib/channel/channelz.h +17 -10
  152. data/src/core/lib/channel/channelz_registry.cc +47 -74
  153. data/src/core/lib/channel/channelz_registry.h +4 -4
  154. data/src/core/lib/gpr/sync_abseil.cc +114 -0
  155. data/src/core/lib/gpr/sync_posix.cc +8 -5
  156. data/src/core/lib/gpr/sync_windows.cc +4 -2
  157. data/src/core/lib/gpr/time_precise.cc +1 -1
  158. data/src/core/lib/gprpp/host_port.cc +1 -1
  159. data/src/core/lib/gprpp/inlined_vector.h +1 -210
  160. data/src/core/lib/gprpp/memory.h +2 -6
  161. data/src/core/lib/gprpp/optional.h +6 -21
  162. data/src/core/lib/gprpp/string_view.h +5 -110
  163. data/src/core/lib/gprpp/sync.h +9 -0
  164. data/src/core/lib/iomgr/buffer_list.cc +36 -35
  165. data/src/core/lib/iomgr/error.h +4 -4
  166. data/src/core/lib/iomgr/ev_epollex_linux.cc +12 -4
  167. data/src/core/lib/iomgr/executor.cc +1 -1
  168. data/src/core/lib/iomgr/fork_posix.cc +4 -0
  169. data/src/core/lib/iomgr/load_file.cc +1 -0
  170. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +87 -0
  171. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +88 -0
  172. data/src/core/lib/iomgr/socket_utils_common_posix.cc +14 -0
  173. data/src/core/lib/iomgr/socket_utils_posix.h +12 -0
  174. data/src/core/lib/iomgr/tcp_client_posix.cc +17 -17
  175. data/src/core/lib/iomgr/tcp_client_posix.h +6 -6
  176. data/src/core/lib/iomgr/tcp_custom.h +3 -0
  177. data/src/core/lib/iomgr/tcp_posix.cc +608 -56
  178. data/src/core/lib/iomgr/tcp_server_custom.cc +15 -2
  179. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +8 -0
  180. data/src/core/lib/iomgr/work_serializer.cc +155 -0
  181. data/src/core/lib/iomgr/work_serializer.h +65 -0
  182. data/src/core/lib/json/json.h +208 -68
  183. data/src/core/lib/json/json_reader.cc +511 -319
  184. data/src/core/lib/json/json_writer.cc +201 -110
  185. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  186. data/src/core/lib/security/credentials/composite/composite_credentials.cc +7 -0
  187. data/src/core/lib/security/credentials/composite/composite_credentials.h +5 -1
  188. data/src/core/lib/security/credentials/credentials.h +10 -1
  189. data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -1
  190. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +10 -8
  191. data/src/core/lib/security/credentials/jwt/json_token.cc +26 -56
  192. data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
  193. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +8 -18
  194. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +149 -159
  195. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
  196. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +38 -35
  197. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
  198. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -4
  199. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -1
  200. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +20 -0
  201. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +9 -0
  202. data/src/core/lib/security/credentials/tls/{spiffe_credentials.cc → tls_credentials.cc} +23 -24
  203. data/src/core/lib/security/credentials/tls/{spiffe_credentials.h → tls_credentials.h} +9 -9
  204. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +13 -0
  205. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +22 -2
  206. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +2 -2
  207. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +2 -2
  208. data/src/core/lib/security/security_connector/local/local_security_connector.cc +31 -6
  209. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +3 -15
  210. data/src/core/lib/security/security_connector/ssl_utils.cc +48 -4
  211. data/src/core/lib/security/security_connector/ssl_utils.h +12 -1
  212. data/src/core/lib/security/security_connector/tls/{spiffe_security_connector.cc → tls_security_connector.cc} +106 -70
  213. data/src/core/lib/security/security_connector/tls/{spiffe_security_connector.h → tls_security_connector.h} +22 -19
  214. data/src/core/lib/security/transport/client_auth_filter.cc +33 -0
  215. data/src/core/lib/security/transport/security_handshaker.cc +2 -2
  216. data/src/core/lib/security/util/json_util.cc +22 -15
  217. data/src/core/lib/security/util/json_util.h +2 -2
  218. data/src/core/lib/surface/completion_queue.cc +22 -1
  219. data/src/core/lib/surface/version.cc +1 -1
  220. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  221. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +12 -2
  222. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
  223. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +3 -3
  224. data/src/core/tsi/fake_transport_security.cc +7 -3
  225. data/src/core/tsi/fake_transport_security.h +2 -0
  226. data/src/core/tsi/grpc_shadow_boringssl.h +1333 -1319
  227. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  228. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +1 -1
  229. data/src/core/tsi/ssl_transport_security.cc +145 -8
  230. data/src/core/tsi/ssl_transport_security.h +15 -1
  231. data/src/core/tsi/transport_security.cc +13 -0
  232. data/src/core/tsi/transport_security_grpc.cc +2 -2
  233. data/src/core/tsi/transport_security_grpc.h +2 -2
  234. data/src/core/tsi/transport_security_interface.h +12 -0
  235. data/src/ruby/bin/math_pb.rb +5 -5
  236. data/src/ruby/ext/grpc/rb_call_credentials.c +4 -1
  237. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
  238. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
  239. data/src/ruby/lib/grpc/version.rb +1 -1
  240. data/src/ruby/pb/grpc/health/v1/health_pb.rb +3 -3
  241. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +1 -1
  242. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +23 -13
  243. data/third_party/abseil-cpp/absl/algorithm/algorithm.h +159 -0
  244. data/third_party/abseil-cpp/absl/base/attributes.h +621 -0
  245. data/third_party/abseil-cpp/absl/base/call_once.h +226 -0
  246. data/third_party/abseil-cpp/absl/base/casts.h +184 -0
  247. data/third_party/abseil-cpp/absl/base/config.h +671 -0
  248. data/third_party/abseil-cpp/absl/base/const_init.h +76 -0
  249. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +129 -0
  250. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +389 -0
  251. data/third_party/abseil-cpp/absl/base/internal/atomic_hook.h +200 -0
  252. data/third_party/abseil-cpp/absl/base/internal/bits.h +218 -0
  253. data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +107 -0
  254. data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +94 -0
  255. data/third_party/abseil-cpp/absl/base/internal/endian.h +266 -0
  256. data/third_party/abseil-cpp/absl/base/internal/errno_saver.h +43 -0
  257. data/third_party/abseil-cpp/absl/base/internal/hide_ptr.h +51 -0
  258. data/third_party/abseil-cpp/absl/base/internal/identity.h +37 -0
  259. data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +107 -0
  260. data/third_party/abseil-cpp/absl/base/internal/invoke.h +187 -0
  261. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +107 -0
  262. data/third_party/abseil-cpp/absl/base/internal/per_thread_tls.h +52 -0
  263. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +240 -0
  264. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +183 -0
  265. data/third_party/abseil-cpp/absl/base/internal/scheduling_mode.h +58 -0
  266. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +233 -0
  267. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +243 -0
  268. data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +35 -0
  269. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +66 -0
  270. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +46 -0
  271. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.cc +81 -0
  272. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +93 -0
  273. data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +37 -0
  274. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +416 -0
  275. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +66 -0
  276. data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +271 -0
  277. data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +152 -0
  278. data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +259 -0
  279. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +108 -0
  280. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.h +75 -0
  281. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +66 -0
  282. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +158 -0
  283. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +140 -0
  284. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +124 -0
  285. data/third_party/abseil-cpp/absl/base/log_severity.cc +27 -0
  286. data/third_party/abseil-cpp/absl/base/log_severity.h +121 -0
  287. data/third_party/abseil-cpp/absl/base/macros.h +220 -0
  288. data/third_party/abseil-cpp/absl/base/optimization.h +181 -0
  289. data/third_party/abseil-cpp/absl/base/options.h +211 -0
  290. data/third_party/abseil-cpp/absl/base/policy_checks.h +111 -0
  291. data/third_party/abseil-cpp/absl/base/port.h +26 -0
  292. data/third_party/abseil-cpp/absl/base/thread_annotations.h +280 -0
  293. data/third_party/abseil-cpp/absl/container/inlined_vector.h +848 -0
  294. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +265 -0
  295. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +892 -0
  296. data/third_party/abseil-cpp/absl/memory/memory.h +695 -0
  297. data/third_party/abseil-cpp/absl/meta/type_traits.h +759 -0
  298. data/third_party/abseil-cpp/absl/numeric/int128.cc +404 -0
  299. data/third_party/abseil-cpp/absl/numeric/int128.h +1091 -0
  300. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +302 -0
  301. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +308 -0
  302. data/third_party/abseil-cpp/absl/strings/ascii.cc +200 -0
  303. data/third_party/abseil-cpp/absl/strings/ascii.h +242 -0
  304. data/third_party/abseil-cpp/absl/strings/charconv.cc +984 -0
  305. data/third_party/abseil-cpp/absl/strings/charconv.h +119 -0
  306. data/third_party/abseil-cpp/absl/strings/escaping.cc +949 -0
  307. data/third_party/abseil-cpp/absl/strings/escaping.h +164 -0
  308. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +156 -0
  309. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +359 -0
  310. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +423 -0
  311. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +504 -0
  312. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.h +99 -0
  313. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +180 -0
  314. data/third_party/abseil-cpp/absl/strings/internal/escaping.h +58 -0
  315. data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +112 -0
  316. data/third_party/abseil-cpp/absl/strings/internal/memutil.h +148 -0
  317. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +36 -0
  318. data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +89 -0
  319. data/third_party/abseil-cpp/absl/strings/internal/resize_uninitialized.h +73 -0
  320. data/third_party/abseil-cpp/absl/strings/internal/stl_type_traits.h +248 -0
  321. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +388 -0
  322. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +432 -0
  323. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +245 -0
  324. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +209 -0
  325. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +326 -0
  326. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +51 -0
  327. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +415 -0
  328. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +493 -0
  329. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +23 -0
  330. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.cc +72 -0
  331. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +104 -0
  332. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +334 -0
  333. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +333 -0
  334. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +314 -0
  335. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +455 -0
  336. data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +53 -0
  337. data/third_party/abseil-cpp/absl/strings/internal/utf8.h +50 -0
  338. data/third_party/abseil-cpp/absl/strings/match.cc +40 -0
  339. data/third_party/abseil-cpp/absl/strings/match.h +90 -0
  340. data/third_party/abseil-cpp/absl/strings/numbers.cc +965 -0
  341. data/third_party/abseil-cpp/absl/strings/numbers.h +266 -0
  342. data/third_party/abseil-cpp/absl/strings/str_cat.cc +246 -0
  343. data/third_party/abseil-cpp/absl/strings/str_cat.h +408 -0
  344. data/third_party/abseil-cpp/absl/strings/str_format.h +537 -0
  345. data/third_party/abseil-cpp/absl/strings/str_join.h +293 -0
  346. data/third_party/abseil-cpp/absl/strings/str_replace.cc +82 -0
  347. data/third_party/abseil-cpp/absl/strings/str_replace.h +219 -0
  348. data/third_party/abseil-cpp/absl/strings/str_split.cc +139 -0
  349. data/third_party/abseil-cpp/absl/strings/str_split.h +513 -0
  350. data/third_party/abseil-cpp/absl/strings/string_view.cc +235 -0
  351. data/third_party/abseil-cpp/absl/strings/string_view.h +622 -0
  352. data/third_party/abseil-cpp/absl/strings/strip.h +91 -0
  353. data/third_party/abseil-cpp/absl/strings/substitute.cc +171 -0
  354. data/third_party/abseil-cpp/absl/strings/substitute.h +693 -0
  355. data/third_party/abseil-cpp/absl/types/bad_optional_access.cc +48 -0
  356. data/third_party/abseil-cpp/absl/types/bad_optional_access.h +78 -0
  357. data/third_party/abseil-cpp/absl/types/internal/optional.h +396 -0
  358. data/third_party/abseil-cpp/absl/types/internal/span.h +128 -0
  359. data/third_party/abseil-cpp/absl/types/optional.h +776 -0
  360. data/third_party/abseil-cpp/absl/types/span.h +713 -0
  361. data/third_party/abseil-cpp/absl/utility/utility.h +350 -0
  362. data/{src/boringssl → third_party/boringssl-with-bazel}/err_data.c +0 -0
  363. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bitstr.c +0 -0
  364. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_bool.c +0 -0
  365. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_d2i_fp.c +0 -0
  366. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_dup.c +0 -0
  367. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_enum.c +0 -0
  368. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_gentm.c +0 -0
  369. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_i2d_fp.c +0 -0
  370. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_int.c +0 -0
  371. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_mbstr.c +0 -0
  372. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_object.c +0 -0
  373. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_octet.c +0 -0
  374. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_print.c +0 -0
  375. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_strnid.c +0 -0
  376. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_time.c +3 -4
  377. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_type.c +0 -0
  378. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utctm.c +0 -0
  379. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/a_utf8.c +0 -0
  380. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_lib.c +0 -0
  381. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_locl.h +0 -0
  382. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn1_par.c +0 -0
  383. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/asn_pack.c +0 -0
  384. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_enum.c +0 -0
  385. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_int.c +0 -0
  386. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/f_string.c +0 -0
  387. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_dec.c +0 -0
  388. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_enc.c +0 -0
  389. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_fre.c +0 -0
  390. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_new.c +0 -0
  391. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_typ.c +0 -0
  392. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/tasn_utl.c +0 -0
  393. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/asn1/time_support.c +0 -0
  394. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/base64/base64.c +0 -0
  395. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio.c +0 -0
  396. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/bio_mem.c +0 -0
  397. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/connect.c +3 -4
  398. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/fd.c +0 -1
  399. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/file.c +5 -6
  400. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/hexdump.c +0 -0
  401. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/internal.h +0 -0
  402. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/pair.c +0 -1
  403. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/printf.c +0 -0
  404. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket.c +0 -0
  405. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bio/socket_helper.c +0 -0
  406. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/bn_asn1.c +0 -0
  407. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bn_extra/convert.c +0 -0
  408. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/buf/buf.c +10 -69
  409. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/asn1_compat.c +0 -0
  410. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/ber.c +0 -0
  411. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbb.c +41 -2
  412. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/cbs.c +60 -3
  413. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/internal.h +0 -0
  414. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/bytestring/unicode.c +0 -0
  415. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/chacha.c +0 -0
  416. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/chacha/internal.h +0 -0
  417. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/cipher_extra.c +0 -0
  418. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/derive_key.c +0 -0
  419. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesccm.c +0 -0
  420. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesctrhmac.c +0 -0
  421. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_aesgcmsiv.c +8 -0
  422. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_chacha20poly1305.c +0 -0
  423. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_null.c +0 -0
  424. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc2.c +0 -0
  425. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_rc4.c +0 -0
  426. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/e_tls.c +0 -0
  427. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/internal.h +0 -0
  428. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cipher_extra/tls_cbc.c +0 -0
  429. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cmac/cmac.c +0 -0
  430. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf.c +0 -0
  431. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/conf_def.h +0 -0
  432. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/conf/internal.h +0 -0
  433. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-fuchsia.c +0 -0
  434. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-aarch64-linux.c +0 -0
  435. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.c +0 -1
  436. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm-linux.h +0 -0
  437. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-arm.c +0 -0
  438. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-intel.c +0 -0
  439. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/cpu-ppc64le.c +0 -0
  440. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/crypto.c +0 -0
  441. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/curve25519/spake25519.c +0 -0
  442. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/check.c +3 -3
  443. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh.c +1 -2
  444. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/dh_asn1.c +0 -0
  445. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dh/params.c +0 -0
  446. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/digest_extra/digest_extra.c +0 -0
  447. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa.c +0 -0
  448. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/dsa/dsa_asn1.c +0 -0
  449. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_asn1.c +0 -0
  450. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ec_extra/ec_derive.c +2 -3
  451. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdh_extra/ecdh_extra.c +0 -0
  452. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ecdsa_extra/ecdsa_asn1.c +0 -0
  453. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/engine/engine.c +0 -0
  454. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/err.c +6 -6
  455. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/err/internal.h +0 -0
  456. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/digestsign.c +0 -0
  457. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp.c +0 -0
  458. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_asn1.c +0 -0
  459. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/evp_ctx.c +0 -0
  460. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/internal.h +0 -0
  461. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_dsa_asn1.c +0 -0
  462. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec.c +0 -1
  463. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ec_asn1.c +0 -0
  464. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519.c +0 -0
  465. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_ed25519_asn1.c +0 -0
  466. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa.c +14 -2
  467. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_rsa_asn1.c +0 -0
  468. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519.c +0 -0
  469. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/p_x25519_asn1.c +1 -2
  470. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/pbkdf.c +0 -0
  471. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/print.c +0 -0
  472. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/scrypt.c +0 -0
  473. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/evp/sign.c +0 -0
  474. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/ex_data.c +0 -0
  475. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +108 -0
  476. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1282 -0
  477. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/internal.h +5 -7
  478. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/key_wrap.c +0 -0
  479. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/aes/mode_wrappers.c +0 -2
  480. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bcm.c +2 -0
  481. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/add.c +0 -0
  482. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -0
  483. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bn.c +0 -0
  484. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/bytes.c +0 -0
  485. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/cmp.c +0 -0
  486. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/ctx.c +0 -0
  487. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div.c +0 -0
  488. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/div_extra.c +0 -0
  489. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/exponentiation.c +0 -0
  490. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd.c +0 -0
  491. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/gcd_extra.c +0 -0
  492. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/generic.c +0 -0
  493. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/internal.h +0 -0
  494. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/jacobi.c +0 -0
  495. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery.c +0 -0
  496. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/montgomery_inv.c +0 -0
  497. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/mul.c +0 -0
  498. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/prime.c +11 -12
  499. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/random.c +0 -0
  500. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.c +0 -0
  501. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/rsaz_exp.h +0 -0
  502. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/shift.c +0 -0
  503. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/bn/sqrt.c +0 -0
  504. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/aead.c +0 -0
  505. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/cipher.c +0 -0
  506. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_aes.c +3 -5
  507. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/e_des.c +0 -0
  508. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/cipher/internal.h +0 -0
  509. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/delocate.h +0 -0
  510. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/des.c +0 -0
  511. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/des/internal.h +0 -0
  512. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digest.c +0 -0
  513. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/digests.c +0 -0
  514. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/internal.h +0 -0
  515. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/digest/md32_common.h +0 -0
  516. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec.c +0 -0
  517. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_key.c +1 -1
  518. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/ec_montgomery.c +0 -0
  519. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/felem.c +0 -0
  520. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/internal.h +0 -0
  521. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/oct.c +0 -0
  522. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p224-64.c +0 -0
  523. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64-table.h +0 -0
  524. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.c +0 -0
  525. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/p256-x86_64.h +0 -0
  526. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/scalar.c +0 -0
  527. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple.c +0 -0
  528. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/simple_mul.c +0 -0
  529. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/util.c +0 -0
  530. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ec/wnaf.c +0 -0
  531. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdh/ecdh.c +0 -0
  532. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/ecdsa/ecdsa.c +0 -0
  533. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/fips_shared_support.c +0 -0
  534. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/hmac/hmac.c +0 -0
  535. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/is_fips.c +0 -0
  536. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md4/md4.c +0 -0
  537. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/internal.h +0 -0
  538. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/md5/md5.c +0 -0
  539. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cbc.c +0 -0
  540. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/cfb.c +0 -0
  541. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ctr.c +0 -0
  542. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/gcm.c +45 -193
  543. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +304 -0
  544. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/internal.h +8 -18
  545. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/ofb.c +0 -0
  546. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/modes/polyval.c +0 -0
  547. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/ctrdrbg.c +0 -0
  548. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/internal.h +0 -0
  549. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/rand.c +0 -0
  550. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rand/urandom.c +0 -0
  551. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/blinding.c +0 -0
  552. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/internal.h +0 -0
  553. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/padding.c +0 -0
  554. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa.c +7 -1
  555. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/rsa/rsa_impl.c +60 -51
  556. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/self_check/self_check.c +0 -0
  557. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/internal.h +0 -0
  558. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1-altivec.c +0 -0
  559. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha1.c +0 -0
  560. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha256.c +0 -0
  561. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/sha/sha512.c +0 -0
  562. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/internal.h +0 -0
  563. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/fipsmodule/tls/kdf.c +0 -0
  564. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hkdf/hkdf.c +0 -0
  565. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/hrss.c +210 -311
  566. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/hrss/internal.h +0 -1
  567. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/internal.h +21 -1
  568. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/lhash/lhash.c +0 -0
  569. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/mem.c +70 -0
  570. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj.c +16 -21
  571. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_dat.h +27 -6
  572. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/obj/obj_xref.c +0 -0
  573. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_all.c +0 -0
  574. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_info.c +0 -1
  575. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_lib.c +7 -7
  576. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_oth.c +0 -1
  577. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pk8.c +0 -1
  578. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_pkey.c +0 -1
  579. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_x509.c +0 -0
  580. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pem/pem_xaux.c +0 -0
  581. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/internal.h +0 -0
  582. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7.c +0 -0
  583. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs7/pkcs7_x509.c +1 -1
  584. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/internal.h +0 -0
  585. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/p5_pbev2.c +0 -0
  586. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8.c +0 -0
  587. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pkcs8/pkcs8_x509.c +0 -0
  588. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/internal.h +0 -0
  589. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305.c +2 -2
  590. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_arm.c +21 -20
  591. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/poly1305/poly1305_vec.c +34 -17
  592. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/internal.h +0 -0
  593. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/pool/pool.c +1 -2
  594. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/deterministic.c +0 -0
  595. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/forkunsafe.c +0 -0
  596. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/fuchsia.c +0 -0
  597. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/rand_extra.c +0 -0
  598. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rand_extra/windows.c +0 -0
  599. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rc4/rc4.c +0 -0
  600. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_c11.c +0 -0
  601. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/refcount_lock.c +0 -0
  602. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_asn1.c +0 -0
  603. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/rsa_extra/rsa_print.c +0 -0
  604. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/siphash/siphash.c +3 -1
  605. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/stack/stack.c +0 -0
  606. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread.c +0 -0
  607. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_none.c +0 -0
  608. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_pthread.c +0 -0
  609. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/thread_win.c +0 -0
  610. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_digest.c +0 -0
  611. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_sign.c +0 -0
  612. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_strex.c +0 -0
  613. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/a_verify.c +0 -1
  614. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/algorithm.c +0 -0
  615. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/asn1_gen.c +0 -0
  616. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_dir.c +1 -1
  617. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/by_file.c +0 -1
  618. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/charmap.h +0 -0
  619. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/i2d_pr.c +0 -0
  620. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/internal.h +0 -0
  621. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/rsa_pss.c +0 -0
  622. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_crl.c +0 -0
  623. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_req.c +0 -0
  624. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509.c +0 -0
  625. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/t_x509a.c +0 -0
  626. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/vpm_int.h +0 -0
  627. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509.c +0 -0
  628. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_att.c +0 -0
  629. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_cmp.c +0 -1
  630. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_d2.c +0 -0
  631. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_def.c +0 -0
  632. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_ext.c +0 -0
  633. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_lu.c +0 -0
  634. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_obj.c +1 -1
  635. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_r2x.c +0 -1
  636. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_req.c +0 -1
  637. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_set.c +0 -0
  638. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_trs.c +1 -2
  639. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_txt.c +0 -0
  640. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_v3.c +0 -0
  641. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vfy.c +0 -1
  642. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509_vpm.c +3 -4
  643. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509cset.c +0 -0
  644. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509name.c +0 -0
  645. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509rset.c +0 -0
  646. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x509spki.c +0 -0
  647. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_algor.c +0 -0
  648. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_all.c +0 -1
  649. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_attrib.c +0 -0
  650. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_crl.c +0 -0
  651. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_exten.c +0 -0
  652. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_info.c +0 -0
  653. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_name.c +0 -0
  654. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pkey.c +0 -0
  655. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_pubkey.c +0 -0
  656. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_req.c +0 -0
  657. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_sig.c +0 -0
  658. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_spki.c +0 -0
  659. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_val.c +0 -0
  660. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509.c +0 -0
  661. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509/x_x509a.c +0 -0
  662. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/ext_dat.h +0 -0
  663. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/internal.h +0 -0
  664. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_cache.c +0 -0
  665. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_data.c +0 -0
  666. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_int.h +0 -0
  667. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_lib.c +0 -0
  668. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_map.c +0 -0
  669. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_node.c +0 -0
  670. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/pcy_tree.c +0 -0
  671. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akey.c +0 -0
  672. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_akeya.c +0 -0
  673. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_alt.c +3 -3
  674. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bcons.c +0 -0
  675. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_bitst.c +0 -0
  676. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_conf.c +0 -0
  677. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_cpols.c +0 -0
  678. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_crld.c +0 -0
  679. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_enum.c +2 -2
  680. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_extku.c +0 -0
  681. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_genn.c +0 -0
  682. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ia5.c +0 -0
  683. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_info.c +4 -5
  684. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_int.c +0 -0
  685. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_lib.c +0 -0
  686. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ncons.c +0 -0
  687. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_ocsp.c +0 -0
  688. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pci.c +0 -0
  689. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcia.c +0 -0
  690. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pcons.c +0 -0
  691. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pku.c +0 -0
  692. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_pmaps.c +0 -0
  693. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_prn.c +0 -0
  694. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_purp.c +2 -3
  695. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_skey.c +0 -0
  696. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_sxnet.c +0 -0
  697. data/third_party/{boringssl → boringssl-with-bazel/src}/crypto/x509v3/v3_utl.c +11 -12
  698. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aead.h +0 -0
  699. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/aes.h +0 -0
  700. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/arm_arch.h +0 -0
  701. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1.h +0 -0
  702. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1_mac.h +0 -0
  703. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/asn1t.h +0 -0
  704. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base.h +0 -0
  705. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/base64.h +0 -0
  706. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bio.h +0 -0
  707. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/blowfish.h +0 -0
  708. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bn.h +32 -20
  709. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buf.h +9 -9
  710. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/buffer.h +0 -0
  711. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/bytestring.h +34 -0
  712. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cast.h +0 -0
  713. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/chacha.h +0 -0
  714. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cipher.h +0 -0
  715. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cmac.h +0 -0
  716. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/conf.h +0 -0
  717. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/cpu.h +0 -0
  718. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/crypto.h +0 -0
  719. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/curve25519.h +0 -0
  720. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/des.h +0 -0
  721. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dh.h +0 -0
  722. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/digest.h +0 -0
  723. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dsa.h +0 -0
  724. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/dtls1.h +0 -0
  725. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/e_os2.h +0 -0
  726. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec.h +11 -4
  727. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ec_key.h +4 -2
  728. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdh.h +0 -0
  729. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ecdsa.h +0 -0
  730. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/engine.h +0 -0
  731. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/err.h +11 -9
  732. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/evp.h +20 -0
  733. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ex_data.h +0 -0
  734. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hkdf.h +0 -0
  735. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hmac.h +0 -0
  736. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/hrss.h +0 -0
  737. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/is_boringssl.h +0 -0
  738. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/lhash.h +0 -0
  739. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md4.h +0 -0
  740. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/md5.h +0 -0
  741. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/mem.h +17 -2
  742. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/nid.h +9 -0
  743. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj.h +0 -0
  744. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/obj_mac.h +0 -0
  745. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/objects.h +0 -0
  746. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslconf.h +0 -0
  747. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/opensslv.h +0 -0
  748. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ossl_typ.h +0 -0
  749. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pem.h +0 -0
  750. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs12.h +0 -0
  751. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs7.h +0 -0
  752. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pkcs8.h +0 -0
  753. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/poly1305.h +5 -7
  754. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/pool.h +0 -0
  755. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rand.h +0 -0
  756. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rc4.h +0 -0
  757. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ripemd.h +0 -0
  758. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/rsa.h +0 -0
  759. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/safestack.h +0 -0
  760. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/sha.h +0 -0
  761. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/siphash.h +0 -0
  762. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/span.h +0 -0
  763. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/srtp.h +0 -0
  764. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl.h +10 -20
  765. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/ssl3.h +0 -0
  766. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/stack.h +0 -0
  767. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/thread.h +0 -0
  768. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/tls1.h +0 -3
  769. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/type_check.h +0 -0
  770. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509.h +0 -0
  771. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509_vfy.h +0 -0
  772. data/third_party/{boringssl → boringssl-with-bazel/src}/include/openssl/x509v3.h +0 -0
  773. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/bio_ssl.cc +0 -0
  774. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_both.cc +0 -1
  775. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_lib.cc +0 -0
  776. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_pkt.cc +0 -1
  777. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/d1_srtp.cc +0 -0
  778. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_method.cc +0 -1
  779. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/dtls_record.cc +0 -0
  780. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handoff.cc +126 -29
  781. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake.cc +5 -4
  782. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_client.cc +24 -13
  783. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/handshake_server.cc +1 -5
  784. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/internal.h +32 -26
  785. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_both.cc +0 -0
  786. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_lib.cc +2 -3
  787. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/s3_pkt.cc +0 -1
  788. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_aead_ctx.cc +0 -0
  789. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_asn1.cc +1 -2
  790. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_buffer.cc +34 -15
  791. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cert.cc +0 -1
  792. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_cipher.cc +0 -1
  793. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_file.cc +0 -0
  794. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_key_share.cc +0 -0
  795. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_lib.cc +13 -14
  796. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_privkey.cc +0 -0
  797. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_session.cc +2 -1
  798. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_stat.cc +0 -0
  799. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_transcript.cc +0 -0
  800. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_versions.cc +1 -1
  801. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/ssl_x509.cc +0 -0
  802. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_enc.cc +0 -0
  803. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/t1_lib.cc +11 -171
  804. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_both.cc +0 -0
  805. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_client.cc +3 -4
  806. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_enc.cc +5 -1
  807. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls13_server.cc +78 -101
  808. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_method.cc +1 -1
  809. data/third_party/{boringssl → boringssl-with-bazel/src}/ssl/tls_record.cc +7 -2
  810. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519.c +0 -0
  811. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_32.h +0 -0
  812. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_64.h +0 -0
  813. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/curve25519_tables.h +0 -0
  814. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/internal.h +0 -0
  815. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256.c +0 -0
  816. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_32.h +0 -0
  817. data/third_party/{boringssl → boringssl-with-bazel/src}/third_party/fiat/p256_64.h +0 -0
  818. data/third_party/upb/upb/decode.c +4 -0
  819. data/third_party/upb/upb/port.c +0 -1
  820. data/third_party/upb/upb/port_def.inc +1 -3
  821. data/third_party/upb/upb/table.c +2 -1
  822. metadata +680 -505
  823. data/src/core/lib/iomgr/logical_thread.cc +0 -103
  824. data/src/core/lib/iomgr/logical_thread.h +0 -52
  825. data/src/core/lib/json/json.cc +0 -94
  826. data/src/core/lib/json/json_reader.h +0 -146
  827. data/src/core/lib/json/json_string.cc +0 -367
  828. data/src/core/lib/json/json_writer.h +0 -84
  829. data/third_party/boringssl/crypto/fipsmodule/aes/aes.c +0 -860
data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc CHANGED
@@ -49,7 +49,7 @@ class BoringSslCachedSession : public SslCachedSession {
49
49
 
50
50
  std::unique_ptr<SslCachedSession> SslCachedSession::Create(
51
51
  SslSessionPtr session) {
52
- return grpc_core::MakeUnique<BoringSslCachedSession>(std::move(session));
52
+ return absl::make_unique<BoringSslCachedSession>(std::move(session));
53
53
  }
54
54
 
55
55
  } // namespace tsi
data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc CHANGED
@@ -67,7 +67,7 @@ class OpenSslCachedSession : public SslCachedSession {
67
67
 
68
68
  std::unique_ptr<SslCachedSession> SslCachedSession::Create(
69
69
  SslSessionPtr session) {
70
- return grpc_core::MakeUnique<OpenSslCachedSession>(std::move(session));
70
+ return absl::make_unique<OpenSslCachedSession>(std::move(session));
71
71
  }
72
72
 
73
73
  } // namespace tsi
data/src/core/tsi/ssl_transport_security.cc CHANGED
@@ -35,6 +35,7 @@
35
35
  #include <sys/socket.h>
36
36
  #endif
37
37
 
38
+ #include <grpc/grpc_security.h>
38
39
  #include <grpc/support/alloc.h>
39
40
  #include <grpc/support/log.h>
40
41
  #include <grpc/support/string_util.h>
@@ -44,6 +45,7 @@
44
45
  extern "C" {
45
46
  #include <openssl/bio.h>
46
47
  #include <openssl/crypto.h> /* For OPENSSL_free */
48
+ #include <openssl/engine.h>
47
49
  #include <openssl/err.h>
48
50
  #include <openssl/ssl.h>
49
51
  #include <openssl/x509.h>
@@ -135,6 +137,9 @@ typedef struct {
135
137
  static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
136
138
  static int g_ssl_ctx_ex_factory_index = -1;
137
139
  static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
140
+ #ifndef OPENSSL_IS_BORINGSSL
141
+ static const char kSslEnginePrefix[] = "engine:";
142
+ #endif
138
143
 
139
144
  #if OPENSSL_VERSION_NUMBER < 0x10100000
140
145
  static gpr_mu* g_openssl_mutexes = nullptr;
@@ -561,9 +566,84 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
561
566
  return result;
562
567
  }
563
568
 
564
- /* Loads an in-memory PEM private key into the SSL context. */
565
- static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
566
- size_t pem_key_size) {
569
+ #ifndef OPENSSL_IS_BORINGSSL
570
+ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
571
+ const char* pem_key,
572
+ size_t pem_key_size) {
573
+ tsi_result result = TSI_OK;
574
+ EVP_PKEY* private_key = nullptr;
575
+ ENGINE* engine = nullptr;
576
+ char* engine_name = nullptr;
577
+ // Parse key which is in following format engine:<engine_id>:<key_id>
578
+ do {
579
+ char* engine_start = (char*)pem_key + strlen(kSslEnginePrefix);
580
+ char* engine_end = (char*)strchr(engine_start, ':');
581
+ if (engine_end == nullptr) {
582
+ result = TSI_INVALID_ARGUMENT;
583
+ break;
584
+ }
585
+ char* key_id = engine_end + 1;
586
+ int engine_name_length = engine_end - engine_start;
587
+ if (engine_name_length == 0) {
588
+ result = TSI_INVALID_ARGUMENT;
589
+ break;
590
+ }
591
+ engine_name = static_cast<char*>(gpr_zalloc(engine_name_length + 1));
592
+ memcpy(engine_name, engine_start, engine_name_length);
593
+ gpr_log(GPR_DEBUG, "ENGINE key: %s", engine_name);
594
+ ENGINE_load_dynamic();
595
+ engine = ENGINE_by_id(engine_name);
596
+ if (engine == nullptr) {
597
+ // If not available at ENGINE_DIR, use dynamic to load from
598
+ // current working directory.
599
+ engine = ENGINE_by_id("dynamic");
600
+ if (engine == nullptr) {
601
+ gpr_log(GPR_ERROR, "Cannot load dynamic engine");
602
+ result = TSI_INVALID_ARGUMENT;
603
+ break;
604
+ }
605
+ if (!ENGINE_ctrl_cmd_string(engine, "ID", engine_name, 0) ||
606
+ !ENGINE_ctrl_cmd_string(engine, "DIR_LOAD", "2", 0) ||
607
+ !ENGINE_ctrl_cmd_string(engine, "DIR_ADD", ".", 0) ||
608
+ !ENGINE_ctrl_cmd_string(engine, "LIST_ADD", "1", 0) ||
609
+ !ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0)) {
610
+ gpr_log(GPR_ERROR, "Cannot find engine");
611
+ result = TSI_INVALID_ARGUMENT;
612
+ break;
613
+ }
614
+ }
615
+ if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL)) {
616
+ gpr_log(GPR_ERROR, "ENGINE_set_default with ENGINE_METHOD_ALL failed");
617
+ result = TSI_INVALID_ARGUMENT;
618
+ break;
619
+ }
620
+ if (!ENGINE_init(engine)) {
621
+ gpr_log(GPR_ERROR, "ENGINE_init failed");
622
+ result = TSI_INVALID_ARGUMENT;
623
+ break;
624
+ }
625
+ private_key = ENGINE_load_private_key(engine, key_id, 0, 0);
626
+ if (private_key == nullptr) {
627
+ gpr_log(GPR_ERROR, "ENGINE_load_private_key failed");
628
+ result = TSI_INVALID_ARGUMENT;
629
+ break;
630
+ }
631
+ if (!SSL_CTX_use_PrivateKey(context, private_key)) {
632
+ gpr_log(GPR_ERROR, "SSL_CTX_use_PrivateKey failed");
633
+ result = TSI_INVALID_ARGUMENT;
634
+ break;
635
+ }
636
+ } while (0);
637
+ if (engine != nullptr) ENGINE_free(engine);
638
+ if (private_key != nullptr) EVP_PKEY_free(private_key);
639
+ if (engine_name != nullptr) gpr_free(engine_name);
640
+ return result;
641
+ }
642
+ #endif /* OPENSSL_IS_BORINGSSL */
643
+
644
+ static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
645
+ const char* pem_key,
646
+ size_t pem_key_size) {
567
647
  tsi_result result = TSI_OK;
568
648
  EVP_PKEY* private_key = nullptr;
569
649
  BIO* pem;
@@ -586,6 +666,20 @@ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
586
666
  return result;
587
667
  }
588
668
 
669
+ /* Loads an in-memory PEM private key into the SSL context. */
670
+ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
671
+ size_t pem_key_size) {
672
+ // BoringSSL does not have ENGINE support
673
+ #ifndef OPENSSL_IS_BORINGSSL
674
+ if (strncmp(pem_key, kSslEnginePrefix, strlen(kSslEnginePrefix)) == 0) {
675
+ return ssl_ctx_use_engine_private_key(context, pem_key, pem_key_size);
676
+ } else
677
+ #endif /* OPENSSL_IS_BORINGSSL */
678
+ {
679
+ return ssl_ctx_use_pem_private_key(context, pem_key, pem_key_size);
680
+ }
681
+ }
682
+
589
683
  /* Loads in-memory PEM verification certs into the SSL context and optionally
590
684
  returns the verification cert names (root_names can be NULL). */
591
685
  static tsi_result x509_store_load_certs(X509_STORE* cert_store,
@@ -1024,6 +1118,30 @@ static void tsi_ssl_handshaker_factory_init(
1024
1118
  gpr_ref_init(&factory->refcount, 1);
1025
1119
  }
1026
1120
 
1121
+ /* Gets the X509 cert chain in PEM format as a tsi_peer_property. */
1122
+ tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
1123
+ tsi_peer_property* property) {
1124
+ BIO* bio = BIO_new(BIO_s_mem());
1125
+ const auto peer_chain_len = sk_X509_num(peer_chain);
1126
+ for (auto i = decltype(peer_chain_len){0}; i < peer_chain_len; i++) {
1127
+ if (!PEM_write_bio_X509(bio, sk_X509_value(peer_chain, i))) {
1128
+ BIO_free(bio);
1129
+ return TSI_INTERNAL_ERROR;
1130
+ }
1131
+ }
1132
+ char* contents;
1133
+ long len = BIO_get_mem_data(bio, &contents);
1134
+ if (len <= 0) {
1135
+ BIO_free(bio);
1136
+ return TSI_INTERNAL_ERROR;
1137
+ }
1138
+ tsi_result result = tsi_construct_string_peer_property(
1139
+ TSI_X509_PEM_CERT_CHAIN_PROPERTY, (const char*)contents,
1140
+ static_cast<size_t>(len), property);
1141
+ BIO_free(bio);
1142
+ return result;
1143
+ }
1144
+
1027
1145
  /* --- tsi_handshaker_result methods implementation. ---*/
1028
1146
  static tsi_result ssl_handshaker_result_extract_peer(
1029
1147
  const tsi_handshaker_result* self, tsi_peer* peer) {
@@ -1032,7 +1150,6 @@ static tsi_result ssl_handshaker_result_extract_peer(
1032
1150
  unsigned int alpn_selected_len;
1033
1151
  const tsi_ssl_handshaker_result* impl =
1034
1152
  reinterpret_cast<const tsi_ssl_handshaker_result*>(self);
1035
- // TODO(yihuazhang): Return a full certificate chain as a peer property.
1036
1153
  X509* peer_cert = SSL_get_peer_certificate(impl->ssl);
1037
1154
  if (peer_cert != nullptr) {
1038
1155
  result = peer_from_x509(peer_cert, 1, peer);
@@ -1047,10 +1164,14 @@ static tsi_result ssl_handshaker_result_extract_peer(
1047
1164
  SSL_get0_next_proto_negotiated(impl->ssl, &alpn_selected,
1048
1165
  &alpn_selected_len);
1049
1166
  }
1050
-
1167
+ // When called on the client side, the stack also contains the
1168
+ // peer's certificate; When called on the server side,
1169
+ // the peer's certificate is not present in the stack
1170
+ STACK_OF(X509)* peer_chain = SSL_get_peer_cert_chain(impl->ssl);
1051
1171
  // 1 is for session reused property.
1052
- size_t new_property_count = peer->property_count + 1;
1172
+ size_t new_property_count = peer->property_count + 3;
1053
1173
  if (alpn_selected != nullptr) new_property_count++;
1174
+ if (peer_chain != nullptr) new_property_count++;
1054
1175
  tsi_peer_property* new_properties = static_cast<tsi_peer_property*>(
1055
1176
  gpr_zalloc(sizeof(*new_properties) * new_property_count));
1056
1177
  for (size_t i = 0; i < peer->property_count; i++) {
@@ -1058,7 +1179,12 @@ static tsi_result ssl_handshaker_result_extract_peer(
1058
1179
  }
1059
1180
  if (peer->properties != nullptr) gpr_free(peer->properties);
1060
1181
  peer->properties = new_properties;
1061
-
1182
+ // Add peer chain if available
1183
+ if (peer_chain != nullptr) {
1184
+ result = tsi_ssl_get_cert_chain_contents(
1185
+ peer_chain, &peer->properties[peer->property_count]);
1186
+ if (result == TSI_OK) peer->property_count++;
1187
+ }
1062
1188
  if (alpn_selected != nullptr) {
1063
1189
  result = tsi_construct_string_peer_property(
1064
1190
  TSI_SSL_ALPN_SELECTED_PROTOCOL,
@@ -1067,6 +1193,13 @@ static tsi_result ssl_handshaker_result_extract_peer(
1067
1193
  if (result != TSI_OK) return result;
1068
1194
  peer->property_count++;
1069
1195
  }
1196
+ // Add security_level peer property.
1197
+ result = tsi_construct_string_peer_property_from_cstring(
1198
+ TSI_SECURITY_LEVEL_PEER_PROPERTY,
1199
+ tsi_security_level_to_string(TSI_PRIVACY_AND_INTEGRITY),
1200
+ &peer->properties[peer->property_count]);
1201
+ if (result != TSI_OK) return result;
1202
+ peer->property_count++;
1070
1203
 
1071
1204
  const char* session_reused = SSL_session_reused(impl->ssl) ? "true" : "false";
1072
1205
  result = tsi_construct_string_peer_property_from_cstring(
@@ -1733,7 +1866,11 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
1733
1866
  tsi_ssl_handshaker_factory_unref(&impl->base);
1734
1867
  return result;
1735
1868
  }
1736
- SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, nullptr);
1869
+ if (options->skip_server_certificate_verification) {
1870
+ SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, NullVerifyCallback);
1871
+ } else {
1872
+ SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, nullptr);
1873
+ }
1737
1874
  /* TODO(jboeuf): Add revocation verification. */
1738
1875
 
1739
1876
  *factory = impl;
data/src/core/tsi/ssl_transport_security.h CHANGED
@@ -24,6 +24,10 @@
24
24
  #include "src/core/lib/gprpp/string_view.h"
25
25
  #include "src/core/tsi/transport_security_interface.h"
26
26
 
27
+ extern "C" {
28
+ #include <openssl/x509.h>
29
+ }
30
+
27
31
  /* Value for the TSI_CERTIFICATE_TYPE_PEER_PROPERTY property for X509 certs. */
28
32
  #define TSI_X509_CERTIFICATE_TYPE "X509"
29
33
 
@@ -35,6 +39,8 @@
35
39
 
36
40
  #define TSI_X509_PEM_CERT_PROPERTY "x509_pem_cert"
37
41
 
42
+ #define TSI_X509_PEM_CERT_CHAIN_PROPERTY "x509_pem_cert_chain"
43
+
38
44
  #define TSI_SSL_ALPN_SELECTED_PROTOCOL "ssl_alpn_selected_protocol"
39
45
 
40
46
  /* --- tsi_ssl_root_certs_store object ---
@@ -142,6 +148,9 @@ struct tsi_ssl_client_handshaker_options {
142
148
  /* ssl_session_cache is a cache for reusable client-side sessions. */
143
149
  tsi_ssl_session_cache* session_cache;
144
150
 
151
+ /* skip server certificate verification. */
152
+ bool skip_server_certificate_verification;
153
+
145
154
  tsi_ssl_client_handshaker_options()
146
155
  : pem_key_cert_pair(nullptr),
147
156
  pem_root_certs(nullptr),
@@ -149,7 +158,8 @@ struct tsi_ssl_client_handshaker_options {
149
158
  cipher_suites(nullptr),
150
159
  alpn_protocols(nullptr),
151
160
  num_alpn_protocols(0),
152
- session_cache(nullptr) {}
161
+ session_cache(nullptr),
162
+ skip_server_certificate_verification(false) {}
153
163
  };
154
164
 
155
165
  /* Creates a client handshaker factory.
@@ -336,4 +346,8 @@ const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable(
336
346
  tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
337
347
  const char* pem_cert, tsi_peer* peer);
338
348
 
349
+ /* Exposed for testing only. */
350
+ tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
351
+ tsi_peer_property* property);
352
+
339
353
  #endif /* GRPC_CORE_TSI_SSL_TRANSPORT_SECURITY_H */
data/src/core/tsi/transport_security.cc CHANGED
@@ -67,6 +67,19 @@ const char* tsi_result_to_string(tsi_result result) {
67
67
  }
68
68
  }
69
69
 
70
+ const char* tsi_security_level_to_string(tsi_security_level security_level) {
71
+ switch (security_level) {
72
+ case TSI_SECURITY_NONE:
73
+ return "TSI_SECURITY_NONE";
74
+ case TSI_INTEGRITY_ONLY:
75
+ return "TSI_INTEGRITY_ONLY";
76
+ case TSI_PRIVACY_AND_INTEGRITY:
77
+ return "TSI_PRIVACY_AND_INTEGRITY";
78
+ default:
79
+ return "UNKNOWN";
80
+ }
81
+ }
82
+
70
83
  /* --- tsi_frame_protector common implementation. ---
71
84
 
72
85
  Calls specific implementation after state/input validation. */
data/src/core/tsi/transport_security_grpc.cc CHANGED
@@ -66,8 +66,8 @@ void tsi_zero_copy_grpc_protector_destroy(tsi_zero_copy_grpc_protector* self) {
66
66
  }
67
67
 
68
68
  tsi_result tsi_zero_copy_grpc_protector_max_frame_size(
69
- tsi_zero_copy_grpc_protector* self, size_t& max_frame_size) {
70
- if (self == nullptr) return TSI_INVALID_ARGUMENT;
69
+ tsi_zero_copy_grpc_protector* self, size_t* max_frame_size) {
70
+ if (self == nullptr || max_frame_size == nullptr) return TSI_INVALID_ARGUMENT;
71
71
  if (self->vtable->max_frame_size == nullptr) return TSI_UNIMPLEMENTED;
72
72
  return self->vtable->max_frame_size(self, max_frame_size);
73
73
  }
data/src/core/tsi/transport_security_grpc.h CHANGED
@@ -58,7 +58,7 @@ void tsi_zero_copy_grpc_protector_destroy(tsi_zero_copy_grpc_protector* self);
58
58
 
59
59
  /* Returns value of max protected frame size. Useful for testing. */
60
60
  tsi_result tsi_zero_copy_grpc_protector_max_frame_size(
61
- tsi_zero_copy_grpc_protector* self, size_t& max_frame_size);
61
+ tsi_zero_copy_grpc_protector* self, size_t* max_frame_size);
62
62
 
63
63
  /* Base for tsi_zero_copy_grpc_protector implementations. */
64
64
  typedef struct {
@@ -70,7 +70,7 @@ typedef struct {
70
70
  grpc_slice_buffer* unprotected_slices);
71
71
  void (*destroy)(tsi_zero_copy_grpc_protector* self);
72
72
  tsi_result (*max_frame_size)(tsi_zero_copy_grpc_protector* self,
73
- size_t& max_frame_size);
73
+ size_t* max_frame_size);
74
74
  } tsi_zero_copy_grpc_protector_vtable;
75
75
 
76
76
  struct tsi_zero_copy_grpc_protector {
data/src/core/tsi/transport_security_interface.h CHANGED
@@ -46,6 +46,14 @@ typedef enum {
46
46
  TSI_HANDSHAKE_SHUTDOWN = 14,
47
47
  } tsi_result;
48
48
 
49
+ typedef enum {
50
+ TSI_SECURITY_MIN,
51
+ TSI_SECURITY_NONE = TSI_SECURITY_MIN,
52
+ TSI_INTEGRITY_ONLY,
53
+ TSI_PRIVACY_AND_INTEGRITY,
54
+ TSI_SECURITY_MAX = TSI_PRIVACY_AND_INTEGRITY,
55
+ } tsi_security_level;
56
+
49
57
  typedef enum {
50
58
  // Default option
51
59
  TSI_DONT_REQUEST_CLIENT_CERTIFICATE,
@@ -56,6 +64,7 @@ typedef enum {
56
64
  } tsi_client_certificate_request_type;
57
65
 
58
66
  const char* tsi_result_to_string(tsi_result result);
67
+ const char* tsi_security_level_to_string(tsi_security_level security_level);
59
68
 
60
69
  /* --- tsi tracing --- */
61
70
 
@@ -185,6 +194,9 @@ void tsi_frame_protector_destroy(tsi_frame_protector* self);
185
194
  /* This property is of type TSI_PEER_PROPERTY_STRING. */
186
195
  #define TSI_CERTIFICATE_TYPE_PEER_PROPERTY "certificate_type"
187
196
 
197
+ /* This property represents security level of a channel. */
198
+ #define TSI_SECURITY_LEVEL_PEER_PROPERTY "security_level"
199
+
188
200
  /* Property values may contain NULL characters just like C++ strings.
189
201
  The length field gives the length of the string. */
190
202
  typedef struct tsi_peer_property {
data/src/ruby/bin/math_pb.rb CHANGED
@@ -26,9 +26,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
26
26
  end
27
27
 
28
28
  module Math
29
- DivArgs = Google::Protobuf::DescriptorPool.generated_pool.lookup("math.DivArgs").msgclass
30
- DivReply = Google::Protobuf::DescriptorPool.generated_pool.lookup("math.DivReply").msgclass
31
- FibArgs = Google::Protobuf::DescriptorPool.generated_pool.lookup("math.FibArgs").msgclass
32
- Num = Google::Protobuf::DescriptorPool.generated_pool.lookup("math.Num").msgclass
33
- FibReply = Google::Protobuf::DescriptorPool.generated_pool.lookup("math.FibReply").msgclass
29
+ DivArgs = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("math.DivArgs").msgclass
30
+ DivReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("math.DivReply").msgclass
31
+ FibArgs = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("math.FibArgs").msgclass
32
+ Num = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("math.Num").msgclass
33
+ FibReply = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("math.FibReply").msgclass
34
34
  end
data/src/ruby/ext/grpc/rb_call_credentials.c CHANGED
@@ -229,7 +229,10 @@ static VALUE grpc_rb_call_credentials_init(VALUE self, VALUE proc) {
229
229
  plugin.state = (void*)proc;
230
230
  plugin.type = "";
231
231
 
232
- creds = grpc_metadata_credentials_create_from_plugin(plugin, NULL);
232
+ // TODO(yihuazhang): Expose min_security_level via the Ruby API so that
233
+ // applications can decide what minimum security level their plugins require.
234
+ creds = grpc_metadata_credentials_create_from_plugin(
235
+ plugin, GRPC_PRIVACY_AND_INTEGRITY, NULL);
233
236
  if (creds == NULL) {
234
237
  rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why");
235
238
  return Qnil;
data/src/ruby/ext/grpc/rb_grpc_imports.generated.c CHANGED
@@ -159,6 +159,7 @@ grpc_local_credentials_create_type grpc_local_credentials_create_import;
159
159
  grpc_local_server_credentials_create_type grpc_local_server_credentials_create_import;
160
160
  grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import;
161
161
  grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import;
162
+ grpc_tls_credentials_options_set_server_verification_option_type grpc_tls_credentials_options_set_server_verification_option_import;
162
163
  grpc_tls_credentials_options_set_key_materials_config_type grpc_tls_credentials_options_set_key_materials_config_import;
163
164
  grpc_tls_credentials_options_set_credential_reload_config_type grpc_tls_credentials_options_set_credential_reload_config_import;
164
165
  grpc_tls_credentials_options_set_server_authorization_check_config_type grpc_tls_credentials_options_set_server_authorization_check_config_import;
@@ -430,6 +431,7 @@ void grpc_rb_load_imports(HMODULE library) {
430
431
  grpc_local_server_credentials_create_import = (grpc_local_server_credentials_create_type) GetProcAddress(library, "grpc_local_server_credentials_create");
431
432
  grpc_tls_credentials_options_create_import = (grpc_tls_credentials_options_create_type) GetProcAddress(library, "grpc_tls_credentials_options_create");
432
433
  grpc_tls_credentials_options_set_cert_request_type_import = (grpc_tls_credentials_options_set_cert_request_type_type) GetProcAddress(library, "grpc_tls_credentials_options_set_cert_request_type");
434
+ grpc_tls_credentials_options_set_server_verification_option_import = (grpc_tls_credentials_options_set_server_verification_option_type) GetProcAddress(library, "grpc_tls_credentials_options_set_server_verification_option");
433
435
  grpc_tls_credentials_options_set_key_materials_config_import = (grpc_tls_credentials_options_set_key_materials_config_type) GetProcAddress(library, "grpc_tls_credentials_options_set_key_materials_config");
434
436
  grpc_tls_credentials_options_set_credential_reload_config_import = (grpc_tls_credentials_options_set_credential_reload_config_type) GetProcAddress(library, "grpc_tls_credentials_options_set_credential_reload_config");
435
437
  grpc_tls_credentials_options_set_server_authorization_check_config_import = (grpc_tls_credentials_options_set_server_authorization_check_config_type) GetProcAddress(library, "grpc_tls_credentials_options_set_server_authorization_check_config");
data/src/ruby/ext/grpc/rb_grpc_imports.generated.h CHANGED
@@ -380,7 +380,7 @@ extern grpc_google_iam_credentials_create_type grpc_google_iam_credentials_creat
380
380
  typedef grpc_call_credentials*(*grpc_sts_credentials_create_type)(const grpc_sts_credentials_options* options, void* reserved);
381
381
  extern grpc_sts_credentials_create_type grpc_sts_credentials_create_import;
382
382
  #define grpc_sts_credentials_create grpc_sts_credentials_create_import
383
- typedef grpc_call_credentials*(*grpc_metadata_credentials_create_from_plugin_type)(grpc_metadata_credentials_plugin plugin, void* reserved);
383
+ typedef grpc_call_credentials*(*grpc_metadata_credentials_create_from_plugin_type)(grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void* reserved);
384
384
  extern grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import;
385
385
  #define grpc_metadata_credentials_create_from_plugin grpc_metadata_credentials_create_from_plugin_import
386
386
  typedef grpc_channel*(*grpc_secure_channel_create_type)(grpc_channel_credentials* creds, const char* target, const grpc_channel_args* args, void* reserved);
@@ -452,6 +452,9 @@ extern grpc_tls_credentials_options_create_type grpc_tls_credentials_options_cre
452
452
  typedef int(*grpc_tls_credentials_options_set_cert_request_type_type)(grpc_tls_credentials_options* options, grpc_ssl_client_certificate_request_type type);
453
453
  extern grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import;
454
454
  #define grpc_tls_credentials_options_set_cert_request_type grpc_tls_credentials_options_set_cert_request_type_import
455
+ typedef int(*grpc_tls_credentials_options_set_server_verification_option_type)(grpc_tls_credentials_options* options, grpc_tls_server_verification_option server_verification_option);
456
+ extern grpc_tls_credentials_options_set_server_verification_option_type grpc_tls_credentials_options_set_server_verification_option_import;
457
+ #define grpc_tls_credentials_options_set_server_verification_option grpc_tls_credentials_options_set_server_verification_option_import
455
458
  typedef int(*grpc_tls_credentials_options_set_key_materials_config_type)(grpc_tls_credentials_options* options, grpc_tls_key_materials_config* config);
456
459
  extern grpc_tls_credentials_options_set_key_materials_config_type grpc_tls_credentials_options_set_key_materials_config_import;
457
460
  #define grpc_tls_credentials_options_set_key_materials_config grpc_tls_credentials_options_set_key_materials_config_import
data/src/ruby/lib/grpc/version.rb CHANGED
@@ -14,5 +14,5 @@
14
14
 
15
15
  # GRPC contains the General RPC module.
16
16
  module GRPC
17
- VERSION = '1.26.0'
17
+ VERSION = '1.28.0'
18
18
  end