grpc 1.28.0 → 1.31.0.pre2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (707) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +8314 -11869
  3. data/include/grpc/grpc.h +2 -2
  4. data/include/grpc/grpc_security.h +30 -9
  5. data/include/grpc/grpc_security_constants.h +4 -0
  6. data/include/grpc/impl/codegen/grpc_types.h +23 -23
  7. data/include/grpc/impl/codegen/port_platform.h +6 -34
  8. data/include/grpc/module.modulemap +24 -39
  9. data/src/core/ext/filters/client_channel/backend_metric.cc +18 -12
  10. data/src/core/ext/filters/client_channel/client_channel.cc +591 -479
  11. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +3 -2
  12. data/src/core/ext/filters/client_channel/config_selector.cc +62 -0
  13. data/src/core/ext/filters/client_channel/config_selector.h +93 -0
  14. data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -2
  15. data/src/core/ext/filters/client_channel/health/health_check_client.cc +9 -22
  16. data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
  17. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +6 -5
  18. data/src/core/ext/filters/client_channel/http_proxy.cc +23 -14
  19. data/src/core/ext/filters/client_channel/lb_policy.cc +19 -18
  20. data/src/core/ext/filters/client_channel/lb_policy.h +44 -33
  21. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +83 -0
  22. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +99 -0
  23. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +10 -4
  24. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +279 -324
  25. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +89 -0
  26. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +40 -0
  27. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +11 -9
  28. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
  29. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +871 -0
  30. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +1 -1
  31. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +9 -17
  32. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +733 -0
  33. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +84 -37
  34. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +938 -0
  35. data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +528 -0
  36. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +1 -2
  37. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +1143 -0
  38. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +10 -7
  39. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
  40. data/src/core/ext/filters/client_channel/parse_address.cc +22 -21
  41. data/src/core/ext/filters/client_channel/resolver.cc +5 -8
  42. data/src/core/ext/filters/client_channel/resolver.h +12 -14
  43. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +78 -61
  44. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +41 -40
  45. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +8 -7
  46. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +22 -24
  47. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +12 -10
  48. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +79 -122
  49. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +199 -163
  50. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -3
  51. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +7 -4
  52. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +46 -45
  53. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +93 -102
  54. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +0 -4
  55. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +2 -2
  56. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +38 -8
  57. data/src/core/ext/filters/client_channel/resolver_factory.h +2 -2
  58. data/src/core/ext/filters/client_channel/resolver_registry.cc +19 -17
  59. data/src/core/ext/filters/client_channel/resolver_registry.h +8 -8
  60. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +21 -22
  61. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +19 -16
  62. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +49 -55
  63. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +43 -23
  64. data/src/core/ext/filters/client_channel/server_address.cc +6 -9
  65. data/src/core/ext/filters/client_channel/server_address.h +6 -12
  66. data/src/core/ext/filters/client_channel/service_config.cc +104 -144
  67. data/src/core/ext/filters/client_channel/service_config.h +28 -98
  68. data/src/core/ext/filters/client_channel/service_config_call_data.h +68 -0
  69. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +142 -0
  70. data/src/core/ext/filters/client_channel/service_config_parser.cc +87 -0
  71. data/src/core/ext/filters/client_channel/service_config_parser.h +89 -0
  72. data/src/core/ext/filters/client_channel/subchannel.cc +55 -25
  73. data/src/core/ext/filters/client_channel/subchannel.h +35 -11
  74. data/src/core/ext/filters/client_channel/xds/xds_api.cc +565 -234
  75. data/src/core/ext/filters/client_channel/xds/xds_api.h +102 -37
  76. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +55 -71
  77. data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +4 -3
  78. data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +4 -2
  79. data/src/core/ext/filters/client_channel/xds/xds_client.cc +619 -347
  80. data/src/core/ext/filters/client_channel/xds/xds_client.h +57 -22
  81. data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +11 -12
  82. data/src/core/ext/filters/client_channel/xds/xds_client_stats.h +40 -28
  83. data/src/core/ext/filters/http/client/http_client_filter.cc +28 -33
  84. data/src/core/ext/filters/http/client_authority_filter.cc +4 -4
  85. data/src/core/ext/filters/http/http_filters_plugin.cc +28 -12
  86. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
  87. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +399 -0
  88. data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +31 -0
  89. data/src/core/ext/filters/message_size/message_size_filter.cc +61 -88
  90. data/src/core/ext/filters/message_size/message_size_filter.h +10 -4
  91. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +386 -350
  92. data/src/core/ext/transport/chttp2/server/chttp2_server.h +6 -2
  93. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +1 -1
  94. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +7 -13
  95. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +7 -8
  96. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
  97. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +42 -26
  98. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
  99. data/src/core/ext/transport/chttp2/transport/flow_control.cc +25 -30
  100. data/src/core/ext/transport/chttp2/transport/flow_control.h +14 -16
  101. data/src/core/ext/transport/chttp2/transport/frame_data.cc +9 -12
  102. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +4 -6
  103. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
  104. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +5 -6
  105. data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
  106. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +12 -13
  107. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
  108. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +6 -7
  109. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -3
  110. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +9 -12
  111. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
  112. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
  113. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
  114. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +25 -29
  115. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
  116. data/src/core/ext/transport/chttp2/transport/hpack_table.cc +13 -17
  117. data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
  118. data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
  119. data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
  120. data/src/core/ext/transport/chttp2/transport/internal.h +27 -21
  121. data/src/core/ext/transport/chttp2/transport/parsing.cc +33 -43
  122. data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
  123. data/src/core/ext/transport/chttp2/transport/writing.cc +24 -22
  124. data/src/core/ext/transport/inproc/inproc_transport.cc +54 -15
  125. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +0 -1
  126. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +3 -4
  127. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +4 -229
  128. data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +5 -876
  129. data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +114 -0
  130. data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +429 -0
  131. data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +72 -0
  132. data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +198 -0
  133. data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +105 -0
  134. data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +388 -0
  135. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +1 -0
  136. data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +1 -2
  137. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +23 -10
  138. data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +352 -310
  139. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +1 -0
  140. data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +42 -34
  141. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +1 -0
  142. data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +7 -7
  143. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +1 -0
  144. data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +79 -61
  145. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +2 -1
  146. data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +55 -49
  147. data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.c +35 -0
  148. data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +79 -0
  149. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +48 -27
  150. data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +258 -214
  151. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +1 -0
  152. data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +51 -45
  153. data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +34 -0
  154. data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +71 -0
  155. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +2 -1
  156. data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +107 -100
  157. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +24 -20
  158. data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +157 -122
  159. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +1 -0
  160. data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +9 -9
  161. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +38 -18
  162. data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +173 -73
  163. data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.c +34 -0
  164. data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +88 -0
  165. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +2 -1
  166. data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +95 -101
  167. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +1 -0
  168. data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +1 -2
  169. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +2 -1
  170. data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +49 -65
  171. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +1 -0
  172. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -1
  173. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +9 -6
  174. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +53 -38
  175. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +1 -0
  176. data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +70 -62
  177. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +1 -0
  178. data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +1 -2
  179. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +15 -10
  180. data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +95 -63
  181. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +1 -0
  182. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -1
  183. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +3 -2
  184. data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +91 -80
  185. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +1 -0
  186. data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +9 -10
  187. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +1 -0
  188. data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +1 -2
  189. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +1 -0
  190. data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +36 -31
  191. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +1 -0
  192. data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -1
  193. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +68 -46
  194. data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +770 -722
  195. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +1 -0
  196. data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +16 -15
  197. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.c +1 -0
  198. data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +1 -2
  199. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +2 -1
  200. data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +95 -88
  201. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +48 -28
  202. data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +305 -210
  203. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +1 -0
  204. data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +5 -5
  205. data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +51 -0
  206. data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +125 -0
  207. data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +1 -0
  208. data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +1 -2
  209. data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +4 -2
  210. data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +22 -16
  211. data/src/core/ext/upb-generated/envoy/type/http.upb.c +1 -0
  212. data/src/core/ext/upb-generated/envoy/type/http.upb.h +0 -1
  213. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +16 -0
  214. data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +48 -11
  215. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +1 -0
  216. data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +14 -14
  217. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +1 -0
  218. data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +23 -23
  219. data/src/core/ext/upb-generated/envoy/type/percent.upb.c +1 -0
  220. data/src/core/ext/upb-generated/envoy/type/percent.upb.h +8 -9
  221. data/src/core/ext/upb-generated/envoy/type/range.upb.c +1 -0
  222. data/src/core/ext/upb-generated/envoy/type/range.upb.h +15 -16
  223. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +1 -0
  224. data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +7 -8
  225. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +1 -0
  226. data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +36 -35
  227. data/src/core/ext/upb-generated/gogoproto/gogo.upb.h +0 -1
  228. data/src/core/ext/upb-generated/google/api/annotations.upb.h +0 -1
  229. data/src/core/ext/upb-generated/google/api/http.upb.h +29 -28
  230. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +5 -6
  231. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +12 -11
  232. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +421 -389
  233. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +5 -6
  234. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +1 -2
  235. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +1 -1
  236. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +33 -54
  237. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +5 -6
  238. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +27 -28
  239. data/src/core/ext/upb-generated/google/rpc/status.upb.h +8 -8
  240. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +1 -1
  241. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +32 -45
  242. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +4 -4
  243. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +157 -178
  244. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +14 -13
  245. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +6 -7
  246. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +59 -56
  247. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +11 -12
  248. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +0 -1
  249. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
  250. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +64 -0
  251. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +6 -6
  252. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +41 -68
  253. data/src/core/ext/upb-generated/validate/validate.upb.c +21 -20
  254. data/src/core/ext/upb-generated/validate/validate.upb.h +569 -562
  255. data/src/core/lib/channel/channel_args.cc +15 -14
  256. data/src/core/lib/channel/channel_args.h +3 -1
  257. data/src/core/lib/channel/channel_stack.h +20 -13
  258. data/src/core/lib/channel/channel_trace.cc +2 -6
  259. data/src/core/lib/channel/channelz.cc +10 -21
  260. data/src/core/lib/channel/channelz.h +3 -2
  261. data/src/core/lib/channel/channelz_registry.cc +5 -3
  262. data/src/core/lib/channel/connected_channel.cc +7 -5
  263. data/src/core/lib/channel/context.h +1 -1
  264. data/src/core/lib/channel/handshaker.cc +11 -13
  265. data/src/core/lib/channel/handshaker.h +4 -2
  266. data/src/core/lib/channel/handshaker_registry.cc +5 -17
  267. data/src/core/lib/channel/status_util.cc +2 -3
  268. data/src/core/lib/compression/message_compress.cc +5 -1
  269. data/src/core/lib/debug/stats.cc +21 -27
  270. data/src/core/lib/debug/stats.h +3 -1
  271. data/src/core/lib/gpr/log_linux.cc +6 -8
  272. data/src/core/lib/gpr/log_posix.cc +6 -8
  273. data/src/core/lib/gpr/spinlock.h +2 -3
  274. data/src/core/lib/gpr/string.cc +10 -33
  275. data/src/core/lib/gpr/string.h +4 -18
  276. data/src/core/lib/gpr/sync_abseil.cc +2 -0
  277. data/src/core/lib/gpr/time.cc +4 -0
  278. data/src/core/lib/gpr/time_posix.cc +1 -1
  279. data/src/core/lib/gprpp/atomic.h +6 -6
  280. data/src/core/lib/gprpp/fork.cc +1 -1
  281. data/src/core/lib/gprpp/global_config_env.cc +8 -6
  282. data/src/core/lib/gprpp/host_port.cc +29 -35
  283. data/src/core/lib/gprpp/host_port.h +14 -17
  284. data/src/core/lib/gprpp/map.h +5 -11
  285. data/src/core/lib/gprpp/ref_counted_ptr.h +5 -0
  286. data/src/core/lib/http/format_request.cc +46 -65
  287. data/src/core/lib/http/httpcli.cc +15 -13
  288. data/src/core/lib/http/httpcli.h +2 -3
  289. data/src/core/lib/http/httpcli_security_connector.cc +10 -10
  290. data/src/core/lib/http/parser.h +2 -3
  291. data/src/core/lib/iomgr/buffer_list.h +22 -21
  292. data/src/core/lib/iomgr/call_combiner.h +3 -2
  293. data/src/core/lib/iomgr/cfstream_handle.cc +4 -2
  294. data/src/core/lib/iomgr/closure.h +2 -3
  295. data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
  296. data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -3
  297. data/src/core/lib/iomgr/endpoint_pair.h +2 -3
  298. data/src/core/lib/iomgr/endpoint_pair_posix.cc +10 -10
  299. data/src/core/lib/iomgr/error.cc +6 -9
  300. data/src/core/lib/iomgr/error.h +0 -1
  301. data/src/core/lib/iomgr/error_cfstream.cc +9 -8
  302. data/src/core/lib/iomgr/ev_apple.cc +356 -0
  303. data/src/core/lib/iomgr/ev_apple.h +43 -0
  304. data/src/core/lib/iomgr/ev_epoll1_linux.cc +25 -29
  305. data/src/core/lib/iomgr/ev_epollex_linux.cc +17 -24
  306. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -8
  307. data/src/core/lib/iomgr/ev_posix.cc +4 -3
  308. data/src/core/lib/iomgr/exec_ctx.h +14 -2
  309. data/src/core/lib/iomgr/iomgr.cc +10 -0
  310. data/src/core/lib/iomgr/iomgr.h +10 -0
  311. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -20
  312. data/src/core/lib/iomgr/is_epollexclusive_available.cc +14 -0
  313. data/src/core/lib/iomgr/pollset_set_custom.cc +10 -10
  314. data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
  315. data/src/core/lib/iomgr/port.h +2 -21
  316. data/src/core/lib/iomgr/python_util.h +46 -0
  317. data/src/core/lib/iomgr/resolve_address.h +4 -6
  318. data/src/core/lib/iomgr/resolve_address_custom.cc +42 -57
  319. data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
  320. data/src/core/lib/iomgr/resolve_address_posix.cc +10 -11
  321. data/src/core/lib/iomgr/resolve_address_windows.cc +16 -25
  322. data/src/core/lib/iomgr/resource_quota.cc +38 -37
  323. data/src/core/lib/iomgr/sockaddr_utils.cc +29 -33
  324. data/src/core/lib/iomgr/sockaddr_utils.h +10 -15
  325. data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
  326. data/src/core/lib/iomgr/socket_mutator.h +2 -3
  327. data/src/core/lib/iomgr/socket_utils_common_posix.cc +102 -81
  328. data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
  329. data/src/core/lib/iomgr/socket_windows.cc +4 -5
  330. data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -18
  331. data/src/core/lib/iomgr/tcp_client_custom.cc +6 -9
  332. data/src/core/lib/iomgr/tcp_client_posix.cc +30 -36
  333. data/src/core/lib/iomgr/tcp_client_windows.cc +10 -11
  334. data/src/core/lib/iomgr/tcp_custom.cc +3 -4
  335. data/src/core/lib/iomgr/tcp_custom.h +1 -1
  336. data/src/core/lib/iomgr/tcp_server.cc +3 -4
  337. data/src/core/lib/iomgr/tcp_server.h +7 -5
  338. data/src/core/lib/iomgr/tcp_server_custom.cc +11 -23
  339. data/src/core/lib/iomgr/tcp_server_posix.cc +38 -44
  340. data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -4
  341. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -8
  342. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +10 -18
  343. data/src/core/lib/iomgr/tcp_server_windows.cc +16 -16
  344. data/src/core/lib/iomgr/tcp_uv.cc +3 -2
  345. data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
  346. data/src/core/lib/iomgr/timer_generic.cc +15 -15
  347. data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
  348. data/src/core/lib/iomgr/timer_heap.h +2 -3
  349. data/src/core/lib/iomgr/udp_server.cc +32 -36
  350. data/src/core/lib/iomgr/udp_server.h +5 -2
  351. data/src/core/lib/iomgr/unix_sockets_posix.cc +9 -14
  352. data/src/core/lib/iomgr/unix_sockets_posix.h +3 -1
  353. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +5 -2
  354. data/src/core/lib/json/json.h +3 -2
  355. data/src/core/lib/json/json_reader.cc +25 -26
  356. data/src/core/lib/json/json_writer.cc +13 -12
  357. data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
  358. data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
  359. data/src/core/lib/security/credentials/credentials.cc +0 -84
  360. data/src/core/lib/security/credentials/credentials.h +13 -62
  361. data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
  362. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -6
  363. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +15 -17
  364. data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
  365. data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
  366. data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
  367. data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
  368. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -4
  369. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +12 -0
  370. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -15
  371. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
  372. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +73 -54
  373. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +9 -3
  374. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +19 -6
  375. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
  376. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +20 -0
  377. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +10 -0
  378. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -13
  379. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +48 -11
  380. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +21 -6
  381. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +17 -17
  382. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
  383. data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
  384. data/src/core/lib/security/security_connector/security_connector.cc +2 -0
  385. data/src/core/lib/security/security_connector/security_connector.h +2 -2
  386. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +38 -36
  387. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +8 -5
  388. data/src/core/lib/security/security_connector/ssl_utils.cc +89 -21
  389. data/src/core/lib/security/security_connector/ssl_utils.h +18 -12
  390. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +101 -72
  391. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +27 -5
  392. data/src/core/lib/security/transport/auth_filters.h +0 -5
  393. data/src/core/lib/security/transport/client_auth_filter.cc +11 -11
  394. data/src/core/lib/security/util/json_util.cc +12 -13
  395. data/src/core/lib/slice/slice.cc +38 -1
  396. data/src/core/lib/slice/slice_intern.cc +2 -3
  397. data/src/core/lib/slice/slice_internal.h +15 -0
  398. data/src/core/lib/slice/slice_utils.h +9 -0
  399. data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
  400. data/src/core/lib/surface/call.cc +42 -44
  401. data/src/core/lib/surface/call_log_batch.cc +50 -58
  402. data/src/core/lib/surface/channel.cc +53 -31
  403. data/src/core/lib/surface/channel.h +35 -4
  404. data/src/core/lib/surface/channel_ping.cc +2 -3
  405. data/src/core/lib/surface/completion_queue.cc +304 -47
  406. data/src/core/lib/surface/completion_queue.h +8 -0
  407. data/src/core/lib/surface/event_string.cc +18 -25
  408. data/src/core/lib/surface/event_string.h +3 -1
  409. data/src/core/lib/surface/init.cc +2 -0
  410. data/src/core/lib/surface/init_secure.cc +1 -4
  411. data/src/core/lib/surface/server.cc +971 -837
  412. data/src/core/lib/surface/server.h +66 -12
  413. data/src/core/lib/surface/version.cc +2 -2
  414. data/src/core/lib/transport/byte_stream.h +7 -2
  415. data/src/core/lib/transport/connectivity_state.cc +7 -6
  416. data/src/core/lib/transport/connectivity_state.h +5 -3
  417. data/src/core/lib/transport/metadata.cc +3 -3
  418. data/src/core/lib/transport/metadata_batch.h +2 -3
  419. data/src/core/lib/transport/static_metadata.h +1 -1
  420. data/src/core/lib/transport/status_conversion.cc +6 -14
  421. data/src/core/lib/transport/transport.cc +2 -3
  422. data/src/core/lib/transport/transport.h +9 -2
  423. data/src/core/lib/transport/transport_op_string.cc +61 -102
  424. data/src/core/lib/uri/uri_parser.cc +8 -15
  425. data/src/core/lib/uri/uri_parser.h +2 -3
  426. data/src/core/plugin_registry/grpc_plugin_registry.cc +24 -4
  427. data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
  428. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +31 -14
  429. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
  430. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +34 -2
  431. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
  432. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -0
  433. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
  434. data/src/core/tsi/fake_transport_security.cc +10 -15
  435. data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
  436. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +0 -2
  437. data/src/core/tsi/ssl_transport_security.cc +154 -50
  438. data/src/core/tsi/ssl_transport_security.h +22 -10
  439. data/src/core/tsi/ssl_types.h +0 -2
  440. data/src/core/tsi/transport_security.h +6 -9
  441. data/src/core/tsi/transport_security_grpc.h +2 -3
  442. data/src/core/tsi/transport_security_interface.h +8 -3
  443. data/src/ruby/ext/grpc/extconf.rb +5 -2
  444. data/src/ruby/ext/grpc/rb_call.c +12 -3
  445. data/src/ruby/ext/grpc/rb_call.h +4 -0
  446. data/src/ruby/ext/grpc/rb_call_credentials.c +57 -12
  447. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +4 -0
  448. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +6 -0
  449. data/src/ruby/lib/grpc/errors.rb +103 -42
  450. data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
  451. data/src/ruby/lib/grpc/generic/interceptors.rb +5 -5
  452. data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
  453. data/src/ruby/lib/grpc/generic/service.rb +5 -4
  454. data/src/ruby/lib/grpc/structs.rb +1 -1
  455. data/src/ruby/lib/grpc/version.rb +1 -1
  456. data/src/ruby/pb/generate_proto_ruby.sh +5 -3
  457. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +11 -0
  458. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +16 -0
  459. data/src/ruby/spec/debug_message_spec.rb +134 -0
  460. data/src/ruby/spec/generic/service_spec.rb +2 -0
  461. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
  462. data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
  463. data/src/ruby/spec/pb/codegen/package_option_spec.rb +7 -1
  464. data/src/ruby/spec/support/services.rb +10 -4
  465. data/src/ruby/spec/testdata/ca.pem +18 -13
  466. data/src/ruby/spec/testdata/client.key +26 -14
  467. data/src/ruby/spec/testdata/client.pem +18 -12
  468. data/src/ruby/spec/testdata/server1.key +26 -14
  469. data/src/ruby/spec/testdata/server1.pem +20 -14
  470. data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
  471. data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
  472. data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
  473. data/third_party/abseil-cpp/absl/time/clock.h +74 -0
  474. data/third_party/abseil-cpp/absl/time/duration.cc +922 -0
  475. data/third_party/abseil-cpp/absl/time/format.cc +153 -0
  476. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
  477. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +622 -0
  478. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +384 -0
  479. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
  480. data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
  481. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
  482. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
  483. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +922 -0
  484. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
  485. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
  486. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +121 -0
  487. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
  488. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +958 -0
  489. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +138 -0
  490. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +308 -0
  491. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
  492. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
  493. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
  494. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
  495. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
  496. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +115 -0
  497. data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
  498. data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
  499. data/third_party/abseil-cpp/absl/time/time.cc +499 -0
  500. data/third_party/abseil-cpp/absl/time/time.h +1584 -0
  501. data/third_party/boringssl-with-bazel/err_data.c +335 -297
  502. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
  503. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +3 -3
  504. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +1 -1
  505. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -3
  506. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
  507. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
  508. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +1 -1
  509. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +1 -1
  510. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +1 -1
  511. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +1 -1
  512. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
  513. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
  514. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +1 -0
  515. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
  516. data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
  517. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
  518. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
  519. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
  520. data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
  521. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
  522. data/third_party/boringssl-with-bazel/src/crypto/dh/dh.c +15 -0
  523. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +10 -0
  524. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +385 -0
  525. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +56 -0
  526. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
  527. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
  528. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +143 -0
  529. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
  530. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
  531. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +2 -1
  532. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
  533. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -12
  534. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
  535. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
  536. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
  537. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +289 -117
  538. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +13 -27
  539. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
  540. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
  541. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +434 -161
  542. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
  543. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +18 -25
  544. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
  545. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +104 -122
  546. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +740 -0
  547. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
  548. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
  549. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
  550. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
  551. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
  552. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
  553. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
  554. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
  555. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
  556. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
  557. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
  558. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +41 -5
  559. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +32 -17
  560. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -114
  561. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
  562. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +1 -0
  563. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +51 -38
  564. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +15 -1
  565. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +62 -0
  566. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
  567. data/third_party/boringssl-with-bazel/src/crypto/mem.c +47 -16
  568. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
  569. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -0
  570. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -5
  571. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
  572. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
  573. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
  574. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
  575. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +249 -0
  576. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1227 -0
  577. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +682 -0
  578. data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +4 -4
  579. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +8 -0
  580. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +4 -4
  581. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
  582. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +13 -6
  583. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +10 -0
  584. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +57 -0
  585. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +4 -1
  586. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +33 -9
  587. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +25 -0
  588. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +4 -3
  589. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +35 -13
  590. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -154
  591. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +28 -6
  592. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +5 -0
  593. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +74 -35
  594. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
  595. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +22 -22
  596. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +6 -2
  597. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +9 -4
  598. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +20 -0
  599. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
  600. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
  601. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
  602. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
  603. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +69 -0
  604. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
  605. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -17
  606. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
  607. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
  608. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +191 -79
  609. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +1 -0
  610. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +282 -0
  611. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +791 -715
  612. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
  613. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
  614. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
  615. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
  616. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +146 -57
  617. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +23 -5
  618. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +30 -22
  619. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +21 -4
  620. data/third_party/boringssl-with-bazel/src/ssl/internal.h +74 -54
  621. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
  622. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  623. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
  624. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +29 -0
  625. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -0
  626. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +34 -1
  627. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
  628. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +44 -5
  629. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
  630. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +5 -5
  631. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +51 -26
  632. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +47 -53
  633. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -1
  634. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +129 -48
  635. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +23 -75
  636. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +55 -22
  637. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
  638. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
  639. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
  640. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
  641. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
  642. data/third_party/re2/re2/bitmap256.h +117 -0
  643. data/third_party/re2/re2/bitstate.cc +385 -0
  644. data/third_party/re2/re2/compile.cc +1279 -0
  645. data/third_party/re2/re2/dfa.cc +2130 -0
  646. data/third_party/re2/re2/filtered_re2.cc +121 -0
  647. data/third_party/re2/re2/filtered_re2.h +109 -0
  648. data/third_party/re2/re2/mimics_pcre.cc +197 -0
  649. data/third_party/re2/re2/nfa.cc +713 -0
  650. data/third_party/re2/re2/onepass.cc +623 -0
  651. data/third_party/re2/re2/parse.cc +2464 -0
  652. data/third_party/re2/re2/perl_groups.cc +119 -0
  653. data/third_party/re2/re2/pod_array.h +55 -0
  654. data/third_party/re2/re2/prefilter.cc +710 -0
  655. data/third_party/re2/re2/prefilter.h +108 -0
  656. data/third_party/re2/re2/prefilter_tree.cc +407 -0
  657. data/third_party/re2/re2/prefilter_tree.h +139 -0
  658. data/third_party/re2/re2/prog.cc +988 -0
  659. data/third_party/re2/re2/prog.h +436 -0
  660. data/third_party/re2/re2/re2.cc +1362 -0
  661. data/third_party/re2/re2/re2.h +1002 -0
  662. data/third_party/re2/re2/regexp.cc +980 -0
  663. data/third_party/re2/re2/regexp.h +659 -0
  664. data/third_party/re2/re2/set.cc +154 -0
  665. data/third_party/re2/re2/set.h +80 -0
  666. data/third_party/re2/re2/simplify.cc +657 -0
  667. data/third_party/re2/re2/sparse_array.h +392 -0
  668. data/third_party/re2/re2/sparse_set.h +264 -0
  669. data/third_party/re2/re2/stringpiece.cc +65 -0
  670. data/third_party/re2/re2/stringpiece.h +210 -0
  671. data/third_party/re2/re2/tostring.cc +351 -0
  672. data/third_party/re2/re2/unicode_casefold.cc +582 -0
  673. data/third_party/re2/re2/unicode_casefold.h +78 -0
  674. data/third_party/re2/re2/unicode_groups.cc +6269 -0
  675. data/third_party/re2/re2/unicode_groups.h +67 -0
  676. data/third_party/re2/re2/walker-inl.h +246 -0
  677. data/third_party/re2/util/benchmark.h +156 -0
  678. data/third_party/re2/util/flags.h +26 -0
  679. data/third_party/re2/util/logging.h +109 -0
  680. data/third_party/re2/util/malloc_counter.h +19 -0
  681. data/third_party/re2/util/mix.h +41 -0
  682. data/third_party/re2/util/mutex.h +148 -0
  683. data/third_party/re2/util/pcre.cc +1025 -0
  684. data/third_party/re2/util/pcre.h +681 -0
  685. data/third_party/re2/util/rune.cc +260 -0
  686. data/third_party/re2/util/strutil.cc +149 -0
  687. data/third_party/re2/util/strutil.h +21 -0
  688. data/third_party/re2/util/test.h +50 -0
  689. data/third_party/re2/util/utf.h +44 -0
  690. data/third_party/re2/util/util.h +42 -0
  691. data/third_party/upb/upb/decode.c +467 -504
  692. data/third_party/upb/upb/encode.c +163 -121
  693. data/third_party/upb/upb/msg.c +130 -64
  694. data/third_party/upb/upb/msg.h +418 -14
  695. data/third_party/upb/upb/port_def.inc +35 -6
  696. data/third_party/upb/upb/port_undef.inc +8 -1
  697. data/third_party/upb/upb/table.c +53 -75
  698. data/third_party/upb/upb/table.int.h +11 -43
  699. data/third_party/upb/upb/upb.c +148 -124
  700. data/third_party/upb/upb/upb.h +65 -147
  701. data/third_party/upb/upb/upb.hpp +86 -0
  702. metadata +175 -47
  703. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
  704. data/src/core/lib/gprpp/string_view.h +0 -60
  705. data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
  706. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
  707. data/third_party/upb/upb/generated_util.h +0 -105
data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc CHANGED
@@ -29,10 +29,28 @@
29
29
 
30
30
  /** -- gRPC TLS key materials config API implementation. -- **/
31
31
  void grpc_tls_key_materials_config::set_key_materials(
32
- grpc_core::UniquePtr<char> pem_root_certs,
33
- PemKeyCertPairList pem_key_cert_pair_list) {
34
- pem_key_cert_pair_list_ = std::move(pem_key_cert_pair_list);
35
- pem_root_certs_ = std::move(pem_root_certs);
32
+ const char* pem_root_certs,
33
+ const grpc_ssl_pem_key_cert_pair** pem_key_cert_pairs,
34
+ size_t num_key_cert_pairs) {
35
+ this->set_pem_root_certs(pem_root_certs);
36
+ grpc_tls_key_materials_config::PemKeyCertPairList cert_pair_list;
37
+ for (size_t i = 0; i < num_key_cert_pairs; i++) {
38
+ auto current_pair = static_cast<grpc_ssl_pem_key_cert_pair*>(
39
+ gpr_zalloc(sizeof(grpc_ssl_pem_key_cert_pair)));
40
+ current_pair->cert_chain = gpr_strdup(pem_key_cert_pairs[i]->cert_chain);
41
+ current_pair->private_key = gpr_strdup(pem_key_cert_pairs[i]->private_key);
42
+ cert_pair_list.emplace_back(grpc_core::PemKeyCertPair(current_pair));
43
+ }
44
+ pem_key_cert_pair_list_ = std::move(cert_pair_list);
45
+ }
46
+
47
+ void grpc_tls_key_materials_config::set_key_materials(
48
+ const char* pem_root_certs,
49
+ const PemKeyCertPairList& pem_key_cert_pair_list) {
50
+ this->set_pem_root_certs(pem_root_certs);
51
+ grpc_tls_key_materials_config::PemKeyCertPairList dup_list(
52
+ pem_key_cert_pair_list);
53
+ pem_key_cert_pair_list_ = std::move(dup_list);
36
54
  }
37
55
 
38
56
  /** -- gRPC TLS credential reload config API implementation. -- **/
@@ -165,15 +183,7 @@ int grpc_tls_key_materials_config_set_key_materials(
165
183
  "grpc_tls_key_materials_config_set_key_materials()");
166
184
  return 0;
167
185
  }
168
- grpc_core::UniquePtr<char> pem_root(const_cast<char*>(root_certs));
169
- grpc_tls_key_materials_config::PemKeyCertPairList cert_pair_list;
170
- for (size_t i = 0; i < num; i++) {
171
- grpc_core::PemKeyCertPair key_cert_pair(
172
- const_cast<grpc_ssl_pem_key_cert_pair*>(key_cert_pairs[i]));
173
- cert_pair_list.emplace_back(std::move(key_cert_pair));
174
- }
175
- config->set_key_materials(std::move(pem_root), std::move(cert_pair_list));
176
- gpr_free(key_cert_pairs);
186
+ config->set_key_materials(root_certs, key_cert_pairs, num);
177
187
  return 1;
178
188
  }
179
189
 
data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h CHANGED
@@ -23,16 +23,29 @@
23
23
 
24
24
  #include <grpc/grpc_security.h>
25
25
 
26
- #include "src/core/lib/gprpp/inlined_vector.h"
26
+ #include "absl/container/inlined_vector.h"
27
+
27
28
  #include "src/core/lib/gprpp/ref_counted.h"
28
29
  #include "src/core/lib/security/security_connector/ssl_utils.h"
29
30
 
31
+ struct grpc_tls_error_details
32
+ : public grpc_core::RefCounted<grpc_tls_error_details> {
33
+ public:
34
+ grpc_tls_error_details() : error_details_("") {}
35
+ void set_error_details(const char* err_details) {
36
+ error_details_ = err_details;
37
+ }
38
+ const std::string& error_details() { return error_details_; }
39
+
40
+ private:
41
+ std::string error_details_;
42
+ };
43
+
30
44
  /** TLS key materials config. **/
31
45
  struct grpc_tls_key_materials_config
32
46
  : public grpc_core::RefCounted<grpc_tls_key_materials_config> {
33
47
  public:
34
- typedef grpc_core::InlinedVector<grpc_core::PemKeyCertPair, 1>
35
- PemKeyCertPairList;
48
+ typedef absl::InlinedVector<grpc_core::PemKeyCertPair, 1> PemKeyCertPairList;
36
49
 
37
50
  /** Getters for member fields. **/
38
51
  const char* pem_root_certs() const { return pem_root_certs_.get(); }
@@ -42,14 +55,28 @@ struct grpc_tls_key_materials_config
42
55
  int version() const { return version_; }
43
56
 
44
57
  /** Setters for member fields. **/
58
+ // TODO(ZhenLian): Remove this function
45
59
  void set_pem_root_certs(grpc_core::UniquePtr<char> pem_root_certs) {
46
60
  pem_root_certs_ = std::move(pem_root_certs);
47
61
  }
62
+ // The ownerships of |pem_root_certs| remain with the caller.
63
+ void set_pem_root_certs(const char* pem_root_certs) {
64
+ // make a copy of pem_root_certs.
65
+ grpc_core::UniquePtr<char> pem_root_ptr(gpr_strdup(pem_root_certs));
66
+ pem_root_certs_ = std::move(pem_root_ptr);
67
+ }
48
68
  void add_pem_key_cert_pair(grpc_core::PemKeyCertPair pem_key_cert_pair) {
49
69
  pem_key_cert_pair_list_.push_back(pem_key_cert_pair);
50
70
  }
51
- void set_key_materials(grpc_core::UniquePtr<char> pem_root_certs,
52
- PemKeyCertPairList pem_key_cert_pair_list);
71
+ // The ownerships of |pem_root_certs| and |pem_key_cert_pairs| remain with the
72
+ // caller.
73
+ void set_key_materials(const char* pem_root_certs,
74
+ const grpc_ssl_pem_key_cert_pair** pem_key_cert_pairs,
75
+ size_t num_key_cert_pairs);
76
+ // The ownerships of |pem_root_certs| and |pem_key_cert_pair_list| remain with
77
+ // the caller.
78
+ void set_key_materials(const char* pem_root_certs,
79
+ const PemKeyCertPairList& pem_key_cert_pair_list);
53
80
  void set_version(int version) { version_ = version; }
54
81
 
55
82
  private:
@@ -79,8 +106,8 @@ struct grpc_tls_credential_reload_config
79
106
  gpr_log(GPR_ERROR, "schedule API is nullptr");
80
107
  if (arg != nullptr) {
81
108
  arg->status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL;
82
- arg->error_details =
83
- gpr_strdup("schedule API in credential reload config is nullptr");
109
+ arg->error_details->set_error_details(
110
+ "schedule API in credential reload config is nullptr");
84
111
  }
85
112
  return 1;
86
113
  }
@@ -94,8 +121,8 @@ struct grpc_tls_credential_reload_config
94
121
  gpr_log(GPR_ERROR, "cancel API is nullptr.");
95
122
  if (arg != nullptr) {
96
123
  arg->status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL;
97
- arg->error_details =
98
- gpr_strdup("cancel API in credential reload config is nullptr");
124
+ arg->error_details->set_error_details(
125
+ "cancel API in credential reload config is nullptr");
99
126
  }
100
127
  return;
101
128
  }
@@ -155,7 +182,7 @@ struct grpc_tls_server_authorization_check_config
155
182
  gpr_log(GPR_ERROR, "schedule API is nullptr");
156
183
  if (arg != nullptr) {
157
184
  arg->status = GRPC_STATUS_NOT_FOUND;
158
- arg->error_details = gpr_strdup(
185
+ arg->error_details->set_error_details(
159
186
  "schedule API in server authorization check config is nullptr");
160
187
  }
161
188
  return 1;
@@ -171,7 +198,7 @@ struct grpc_tls_server_authorization_check_config
171
198
  gpr_log(GPR_ERROR, "cancel API is nullptr.");
172
199
  if (arg != nullptr) {
173
200
  arg->status = GRPC_STATUS_NOT_FOUND;
174
- arg->error_details = gpr_strdup(
201
+ arg->error_details->set_error_details(
175
202
  "schedule API in server authorization check config is nullptr");
176
203
  }
177
204
  return;
@@ -237,6 +264,8 @@ struct grpc_tls_credentials_options
237
264
  grpc_tls_server_verification_option server_verification_option() const {
238
265
  return server_verification_option_;
239
266
  }
267
+ grpc_tls_version min_tls_version() const { return min_tls_version_; }
268
+ grpc_tls_version max_tls_version() const { return max_tls_version_; }
240
269
  grpc_tls_key_materials_config* key_materials_config() const {
241
270
  return key_materials_config_.get();
242
271
  }
@@ -257,6 +286,12 @@ struct grpc_tls_credentials_options
257
286
  const grpc_tls_server_verification_option server_verification_option) {
258
287
  server_verification_option_ = server_verification_option;
259
288
  }
289
+ void set_min_tls_version(grpc_tls_version min_tls_version) {
290
+ min_tls_version_ = min_tls_version;
291
+ }
292
+ void set_max_tls_version(grpc_tls_version max_tls_version) {
293
+ max_tls_version_ = max_tls_version;
294
+ }
260
295
  void set_key_materials_config(
261
296
  grpc_core::RefCountedPtr<grpc_tls_key_materials_config> config) {
262
297
  key_materials_config_ = std::move(config);
@@ -275,6 +310,8 @@ struct grpc_tls_credentials_options
275
310
  grpc_ssl_client_certificate_request_type cert_request_type_;
276
311
  grpc_tls_server_verification_option server_verification_option_ =
277
312
  GRPC_TLS_SERVER_VERIFICATION;
313
+ grpc_tls_version min_tls_version_ = grpc_tls_version::TLS1_2;
314
+ grpc_tls_version max_tls_version_ = grpc_tls_version::TLS1_3;
278
315
  grpc_core::RefCountedPtr<grpc_tls_key_materials_config> key_materials_config_;
279
316
  grpc_core::RefCountedPtr<grpc_tls_credential_reload_config>
280
317
  credential_reload_config_;
data/src/core/lib/security/security_connector/alts/alts_security_connector.cc CHANGED
@@ -82,10 +82,17 @@ class grpc_alts_channel_security_connector final
82
82
  tsi_handshaker* handshaker = nullptr;
83
83
  const grpc_alts_credentials* creds =
84
84
  static_cast<const grpc_alts_credentials*>(channel_creds());
85
- GPR_ASSERT(alts_tsi_handshaker_create(creds->options(), target_name_,
86
- creds->handshaker_service_url(), true,
87
- interested_parties,
88
- &handshaker) == TSI_OK);
85
+ size_t user_specified_max_frame_size = 0;
86
+ const grpc_arg* arg =
87
+ grpc_channel_args_find(args, GRPC_ARG_TSI_MAX_FRAME_SIZE);
88
+ if (arg != nullptr && arg->type == GRPC_ARG_INTEGER) {
89
+ user_specified_max_frame_size = grpc_channel_arg_get_integer(
90
+ arg, {0, 0, std::numeric_limits<int>::max()});
91
+ }
92
+ GPR_ASSERT(alts_tsi_handshaker_create(
93
+ creds->options(), target_name_,
94
+ creds->handshaker_service_url(), true, interested_parties,
95
+ &handshaker, user_specified_max_frame_size) == TSI_OK);
89
96
  handshake_manager->Add(
90
97
  grpc_core::SecurityHandshakerCreate(handshaker, this, args));
91
98
  }
@@ -104,7 +111,7 @@ class grpc_alts_channel_security_connector final
104
111
  return strcmp(target_name_, other->target_name_);
105
112
  }
106
113
 
107
- bool check_call_host(grpc_core::StringView host,
114
+ bool check_call_host(absl::string_view host,
108
115
  grpc_auth_context* /*auth_context*/,
109
116
  grpc_closure* /*on_call_host_checked*/,
110
117
  grpc_error** error) override {
@@ -140,9 +147,17 @@ class grpc_alts_server_security_connector final
140
147
  tsi_handshaker* handshaker = nullptr;
141
148
  const grpc_alts_server_credentials* creds =
142
149
  static_cast<const grpc_alts_server_credentials*>(server_creds());
150
+ size_t user_specified_max_frame_size = 0;
151
+ const grpc_arg* arg =
152
+ grpc_channel_args_find(args, GRPC_ARG_TSI_MAX_FRAME_SIZE);
153
+ if (arg != nullptr && arg->type == GRPC_ARG_INTEGER) {
154
+ user_specified_max_frame_size = grpc_channel_arg_get_integer(
155
+ arg, {0, 0, std::numeric_limits<int>::max()});
156
+ }
143
157
  GPR_ASSERT(alts_tsi_handshaker_create(
144
158
  creds->options(), nullptr, creds->handshaker_service_url(),
145
- false, interested_parties, &handshaker) == TSI_OK);
159
+ false, interested_parties, &handshaker,
160
+ user_specified_max_frame_size) == TSI_OK);
146
161
  handshake_manager->Add(
147
162
  grpc_core::SecurityHandshakerCreate(handshaker, this, args));
148
163
  }
data/src/core/lib/security/security_connector/fake/fake_security_connector.cc CHANGED
@@ -22,6 +22,8 @@
22
22
 
23
23
  #include <stdbool.h>
24
24
 
25
+ #include "absl/strings/str_cat.h"
26
+
25
27
  #include <grpc/support/alloc.h>
26
28
  #include <grpc/support/log.h>
27
29
  #include <grpc/support/string_util.h>
@@ -103,20 +105,20 @@ class grpc_fake_channel_security_connector final
103
105
  tsi_create_fake_handshaker(/*is_client=*/true), this, args));
104
106
  }
105
107
 
106
- bool check_call_host(grpc_core::StringView host,
108
+ bool check_call_host(absl::string_view host,
107
109
  grpc_auth_context* /*auth_context*/,
108
110
  grpc_closure* /*on_call_host_checked*/,
109
111
  grpc_error** /*error*/) override {
110
- grpc_core::StringView authority_hostname;
111
- grpc_core::StringView authority_ignored_port;
112
- grpc_core::StringView target_hostname;
113
- grpc_core::StringView target_ignored_port;
112
+ absl::string_view authority_hostname;
113
+ absl::string_view authority_ignored_port;
114
+ absl::string_view target_hostname;
115
+ absl::string_view target_ignored_port;
114
116
  grpc_core::SplitHostPort(host, &authority_hostname,
115
117
  &authority_ignored_port);
116
118
  grpc_core::SplitHostPort(target_, &target_hostname, &target_ignored_port);
117
119
  if (target_name_override_ != nullptr) {
118
- grpc_core::StringView fake_security_target_name_override_hostname;
119
- grpc_core::StringView fake_security_target_name_override_ignored_port;
120
+ absl::string_view fake_security_target_name_override_hostname;
121
+ absl::string_view fake_security_target_name_override_ignored_port;
120
122
  grpc_core::SplitHostPort(
121
123
  target_name_override_, &fake_security_target_name_override_hostname,
122
124
  &fake_security_target_name_override_ignored_port);
@@ -227,11 +229,10 @@ static void fake_check_peer(
227
229
  prop_name = peer.properties[0].name;
228
230
  if (prop_name == nullptr ||
229
231
  strcmp(prop_name, TSI_CERTIFICATE_TYPE_PEER_PROPERTY)) {
230
- char* msg;
231
- gpr_asprintf(&msg, "Unexpected property in fake peer: %s.",
232
- prop_name == nullptr ? "<EMPTY>" : prop_name);
233
- error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg);
234
- gpr_free(msg);
232
+ error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(
233
+ absl::StrCat("Unexpected property in fake peer: ",
234
+ prop_name == nullptr ? "<EMPTY>" : prop_name)
235
+ .c_str());
235
236
  goto end;
236
237
  }
237
238
  if (strncmp(peer.properties[0].value.data, TSI_FAKE_CERTIFICATE_TYPE,
@@ -243,11 +244,10 @@ static void fake_check_peer(
243
244
  prop_name = peer.properties[1].name;
244
245
  if (prop_name == nullptr ||
245
246
  strcmp(prop_name, TSI_SECURITY_LEVEL_PEER_PROPERTY) != 0) {
246
- char* msg;
247
- gpr_asprintf(&msg, "Unexpected property in fake peer: %s.",
248
- prop_name == nullptr ? "<EMPTY>" : prop_name);
249
- error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg);
250
- gpr_free(msg);
247
+ error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(
248
+ absl::StrCat("Unexpected property in fake peer: ",
249
+ prop_name == nullptr ? "<EMPTY>" : prop_name)
250
+ .c_str());
251
251
  goto end;
252
252
  }
253
253
  if (strncmp(peer.properties[1].value.data, TSI_FAKE_SECURITY_LEVEL,
data/src/core/lib/security/security_connector/load_system_roots_linux.cc CHANGED
@@ -34,6 +34,8 @@
34
34
  #include <sys/types.h>
35
35
  #include <unistd.h>
36
36
 
37
+ #include "absl/container/inlined_vector.h"
38
+
37
39
  #include <grpc/support/alloc.h>
38
40
  #include <grpc/support/log.h>
39
41
  #include <grpc/support/string_util.h>
@@ -41,7 +43,6 @@
41
43
  #include "src/core/lib/gpr/string.h"
42
44
  #include "src/core/lib/gpr/useful.h"
43
45
  #include "src/core/lib/gprpp/global_config.h"
44
- #include "src/core/lib/gprpp/inlined_vector.h"
45
46
  #include "src/core/lib/iomgr/load_file.h"
46
47
 
47
48
  GPR_GLOBAL_CONFIG_DEFINE_STRING(grpc_system_ssl_roots_dir, "",
@@ -100,7 +101,7 @@ grpc_slice CreateRootCertsBundle(const char* certs_directory) {
100
101
  char path[MAXPATHLEN];
101
102
  off_t size;
102
103
  };
103
- InlinedVector<FileData, 2> roots_filenames;
104
+ absl::InlinedVector<FileData, 2> roots_filenames;
104
105
  size_t total_bundle_size = 0;
105
106
  struct dirent* directory_entry;
106
107
  while ((directory_entry = readdir(ca_directory)) != nullptr) {
data/src/core/lib/security/security_connector/local/local_security_connector.cc CHANGED
@@ -181,7 +181,7 @@ class grpc_local_channel_security_connector final
181
181
  creds->connect_type());
182
182
  }
183
183
 
184
- bool check_call_host(grpc_core::StringView host,
184
+ bool check_call_host(absl::string_view host,
185
185
  grpc_auth_context* /*auth_context*/,
186
186
  grpc_closure* /*on_call_host_checked*/,
187
187
  grpc_error** error) override {
data/src/core/lib/security/security_connector/security_connector.cc CHANGED
@@ -46,6 +46,8 @@ grpc_server_security_connector::grpc_server_security_connector(
46
46
  : grpc_security_connector(url_scheme),
47
47
  server_creds_(std::move(server_creds)) {}
48
48
 
49
+ grpc_server_security_connector::~grpc_server_security_connector() = default;
50
+
49
51
  grpc_channel_security_connector::grpc_channel_security_connector(
50
52
  const char* url_scheme,
51
53
  grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
data/src/core/lib/security/security_connector/security_connector.h CHANGED
@@ -98,7 +98,7 @@ class grpc_channel_security_connector : public grpc_security_connector {
98
98
  /// Returns true if completed synchronously, in which case \a error will
99
99
  /// be set to indicate the result. Otherwise, \a on_call_host_checked
100
100
  /// will be invoked when complete.
101
- virtual bool check_call_host(grpc_core::StringView host,
101
+ virtual bool check_call_host(absl::string_view host,
102
102
  grpc_auth_context* auth_context,
103
103
  grpc_closure* on_call_host_checked,
104
104
  grpc_error** error) = 0;
@@ -151,7 +151,7 @@ class grpc_server_security_connector : public grpc_security_connector {
151
151
  grpc_server_security_connector(
152
152
  const char* url_scheme,
153
153
  grpc_core::RefCountedPtr<grpc_server_credentials> server_creds);
154
- ~grpc_server_security_connector() override = default;
154
+ ~grpc_server_security_connector() override;
155
155
 
156
156
  virtual void add_handshakers(const grpc_channel_args* args,
157
157
  grpc_pollset_set* interested_parties,
data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc CHANGED
@@ -22,15 +22,19 @@
22
22
 
23
23
  #include <stdbool.h>
24
24
 
25
+ #include "absl/strings/str_cat.h"
26
+ #include "absl/strings/str_format.h"
27
+ #include "absl/strings/string_view.h"
28
+
25
29
  #include <grpc/support/alloc.h>
26
30
  #include <grpc/support/log.h>
27
- #include <grpc/support/string_util.h>
28
31
 
29
32
  #include "src/core/ext/transport/chttp2/alpn/alpn.h"
30
33
  #include "src/core/lib/channel/handshaker.h"
31
34
  #include "src/core/lib/gpr/string.h"
32
35
  #include "src/core/lib/gprpp/host_port.h"
33
36
  #include "src/core/lib/gprpp/ref_counted_ptr.h"
37
+ #include "src/core/lib/gprpp/sync.h"
34
38
  #include "src/core/lib/security/context/security_context.h"
35
39
  #include "src/core/lib/security/credentials/credentials.h"
36
40
  #include "src/core/lib/security/credentials/ssl/ssl_credentials.h"
@@ -50,11 +54,9 @@ grpc_error* ssl_check_peer(
50
54
  }
51
55
  /* Check the peer name if specified. */
52
56
  if (peer_name != nullptr && !grpc_ssl_host_matches_name(peer, peer_name)) {
53
- char* msg;
54
- gpr_asprintf(&msg, "Peer name %s is not in peer certificate", peer_name);
55
- error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg);
56
- gpr_free(msg);
57
- return error;
57
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
58
+ absl::StrCat("Peer name ", peer_name, " is not in peer certificate")
59
+ .c_str());
58
60
  }
59
61
  *auth_context =
60
62
  grpc_ssl_peer_to_auth_context(peer, GRPC_SSL_TRANSPORT_SECURITY_TYPE);
@@ -72,14 +74,13 @@ class grpc_ssl_channel_security_connector final
72
74
  : grpc_channel_security_connector(GRPC_SSL_URL_SCHEME,
73
75
  std::move(channel_creds),
74
76
  std::move(request_metadata_creds)),
75
- overridden_target_name_(overridden_target_name == nullptr
76
- ? nullptr
77
- : gpr_strdup(overridden_target_name)),
77
+ overridden_target_name_(
78
+ overridden_target_name == nullptr ? "" : overridden_target_name),
78
79
  verify_options_(&config->verify_options) {
79
- grpc_core::StringView host;
80
- grpc_core::StringView port;
80
+ absl::string_view host;
81
+ absl::string_view port;
81
82
  grpc_core::SplitHostPort(target_name, &host, &port);
82
- target_name_ = grpc_core::StringViewToCString(host);
83
+ target_name_ = std::string(host);
83
84
  }
84
85
 
85
86
  ~grpc_ssl_channel_security_connector() override {
@@ -105,6 +106,8 @@ class grpc_ssl_channel_security_connector final
105
106
  }
106
107
  options.cipher_suites = grpc_get_ssl_cipher_suites();
107
108
  options.session_cache = ssl_session_cache;
109
+ options.min_tls_version = grpc_get_tsi_tls_version(config->min_tls_version);
110
+ options.max_tls_version = grpc_get_tsi_tls_version(config->max_tls_version);
108
111
  const tsi_result result =
109
112
  tsi_create_ssl_client_handshaker_factory_with_options(
110
113
  &options, &client_handshaker_factory_);
@@ -124,8 +127,8 @@ class grpc_ssl_channel_security_connector final
124
127
  tsi_handshaker* tsi_hs = nullptr;
125
128
  tsi_result result = tsi_ssl_client_handshaker_factory_create_handshaker(
126
129
  client_handshaker_factory_,
127
- overridden_target_name_ != nullptr ? overridden_target_name_.get()
128
- : target_name_.get(),
130
+ overridden_target_name_.empty() ? target_name_.c_str()
131
+ : overridden_target_name_.c_str(),
129
132
  &tsi_hs);
130
133
  if (result != TSI_OK) {
131
134
  gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.",
@@ -139,9 +142,9 @@ class grpc_ssl_channel_security_connector final
139
142
  void check_peer(tsi_peer peer, grpc_endpoint* /*ep*/,
140
143
  grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
141
144
  grpc_closure* on_peer_checked) override {
142
- const char* target_name = overridden_target_name_ != nullptr
143
- ? overridden_target_name_.get()
144
- : target_name_.get();
145
+ const char* target_name = overridden_target_name_.empty()
146
+ ? target_name_.c_str()
147
+ : overridden_target_name_.c_str();
145
148
  grpc_error* error = ssl_check_peer(target_name, &peer, auth_context);
146
149
  if (error == GRPC_ERROR_NONE &&
147
150
  verify_options_->verify_peer_callback != nullptr) {
@@ -159,11 +162,10 @@ class grpc_ssl_channel_security_connector final
159
162
  verify_options_->verify_peer_callback_userdata);
160
163
  gpr_free(peer_pem);
161
164
  if (callback_status) {
162
- char* msg;
163
- gpr_asprintf(&msg, "Verify peer callback returned a failure (%d)",
164
- callback_status);
165
- error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg);
166
- gpr_free(msg);
165
+ error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(
166
+ absl::StrFormat("Verify peer callback returned a failure (%d)",
167
+ callback_status)
168
+ .c_str());
167
169
  }
168
170
  }
169
171
  }
@@ -176,23 +178,17 @@ class grpc_ssl_channel_security_connector final
176
178
  reinterpret_cast<const grpc_ssl_channel_security_connector*>(other_sc);
177
179
  int c = channel_security_connector_cmp(other);
178
180
  if (c != 0) return c;
179
- c = strcmp(target_name_.get(), other->target_name_.get());
181
+ c = target_name_.compare(other->target_name_);
180
182
  if (c != 0) return c;
181
- return (overridden_target_name_ == nullptr ||
182
- other->overridden_target_name_ == nullptr)
183
- ? GPR_ICMP(overridden_target_name_.get(),
184
- other->overridden_target_name_.get())
185
- : strcmp(overridden_target_name_.get(),
186
- other->overridden_target_name_.get());
183
+ return overridden_target_name_.compare(other->overridden_target_name_);
187
184
  }
188
185
 
189
- bool check_call_host(grpc_core::StringView host,
190
- grpc_auth_context* auth_context,
186
+ bool check_call_host(absl::string_view host, grpc_auth_context* auth_context,
191
187
  grpc_closure* /*on_call_host_checked*/,
192
188
  grpc_error** error) override {
193
- return grpc_ssl_check_call_host(host, target_name_.get(),
194
- overridden_target_name_.get(), auth_context,
195
- error);
189
+ return grpc_ssl_check_call_host(host, target_name_.c_str(),
190
+ overridden_target_name_.c_str(),
191
+ auth_context, error);
196
192
  }
197
193
 
198
194
  void cancel_check_call_host(grpc_closure* /*on_call_host_checked*/,
@@ -202,8 +198,8 @@ class grpc_ssl_channel_security_connector final
202
198
 
203
199
  private:
204
200
  tsi_ssl_client_handshaker_factory* client_handshaker_factory_;
205
- grpc_core::UniquePtr<char> target_name_;
206
- grpc_core::UniquePtr<char> overridden_target_name_;
201
+ std::string target_name_;
202
+ std::string overridden_target_name_;
207
203
  const verify_peer_options* verify_options_;
208
204
  };
209
205
 
@@ -255,6 +251,10 @@ class grpc_ssl_server_security_connector
255
251
  options.cipher_suites = grpc_get_ssl_cipher_suites();
256
252
  options.alpn_protocols = alpn_protocol_strings;
257
253
  options.num_alpn_protocols = static_cast<uint16_t>(num_alpn_protocols);
254
+ options.min_tls_version = grpc_get_tsi_tls_version(
255
+ server_credentials->config().min_tls_version);
256
+ options.max_tls_version = grpc_get_tsi_tls_version(
257
+ server_credentials->config().max_tls_version);
258
258
  const tsi_result result =
259
259
  tsi_create_ssl_server_handshaker_factory_with_options(
260
260
  &options, &server_handshaker_factory_);
@@ -307,6 +307,7 @@ class grpc_ssl_server_security_connector
307
307
  bool status;
308
308
  if (!has_cert_config_fetcher()) return false;
309
309
 
310
+ grpc_core::MutexLock lock(&mu_);
310
311
  grpc_ssl_server_credentials* server_creds =
311
312
  static_cast<grpc_ssl_server_credentials*>(this->mutable_server_creds());
312
313
  grpc_ssl_certificate_config_reload_status cb_result =
@@ -386,6 +387,7 @@ class grpc_ssl_server_security_connector
386
387
  server_handshaker_factory_ = new_factory;
387
388
  }
388
389
 
390
+ grpc_core::Mutex mu_;
389
391
  tsi_ssl_server_handshaker_factory* server_handshaker_factory_ = nullptr;
390
392
  };
391
393
  } // namespace