grpc 1.28.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1692 -22343
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +17 -9
- data/include/grpc/grpc_security.h +274 -180
- data/include/grpc/grpc_security_constants.h +4 -0
- data/include/grpc/impl/codegen/README.md +22 -0
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +32 -30
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +34 -90
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/module.modulemap +24 -39
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +16 -12
- data/src/core/ext/filters/client_channel/backup_poller.cc +3 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +3750 -2341
- data/src/core/ext/filters/client_channel/client_channel.h +1 -7
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +4 -3
- data/src/core/ext/filters/client_channel/config_selector.cc +58 -0
- data/src/core/ext/filters/client_channel/config_selector.h +125 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +25 -30
- data/src/core/ext/filters/client_channel/health/health_check_client.h +7 -7
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +15 -16
- data/src/core/ext/filters/client_channel/http_proxy.cc +44 -34
- data/src/core/ext/filters/client_channel/lb_policy.cc +25 -20
- data/src/core/ext/filters/client_channel/lb_policy.h +50 -38
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +96 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +101 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +20 -11
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +481 -510
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +76 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +37 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +6 -41
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +24 -18
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +922 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +11 -10
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +18 -46
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +744 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +520 -134
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +53 -26
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +810 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +18 -8
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +2 -1
- data/src/core/ext/filters/client_channel/resolver.cc +6 -10
- data/src/core/ext/filters/client_channel/resolver.h +10 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +111 -110
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +4 -34
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +22 -24
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +13 -11
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +79 -122
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +642 -180
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +10 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +61 -61
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +102 -108
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -5
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +362 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +38 -31
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +625 -46
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +55 -52
- data/src/core/ext/filters/client_channel/resolver_registry.h +10 -10
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +47 -93
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +30 -26
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +129 -13
- data/src/core/ext/filters/client_channel/server_address.h +80 -32
- data/src/core/ext/filters/client_channel/service_config.cc +114 -149
- data/src/core/ext/filters/client_channel/service_config.h +33 -100
- data/src/core/ext/filters/client_channel/service_config_call_data.h +86 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +142 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +89 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +92 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +156 -98
- data/src/core/ext/filters/client_channel/subchannel.h +65 -35
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +29 -34
- data/src/core/ext/filters/http/client_authority_filter.cc +10 -10
- data/src/core/ext/filters/http/http_filters_plugin.cc +34 -15
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +399 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +31 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +38 -34
- data/src/core/ext/filters/message_size/message_size_filter.cc +64 -90
- data/src/core/ext/filters/message_size/message_size_filter.h +12 -5
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +87 -31
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +19 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +34 -47
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +505 -344
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +16 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +13 -3
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +19 -18
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +65 -21
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +307 -343
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +1 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +36 -33
- data/src/core/ext/transport/chttp2/transport/flow_control.h +27 -19
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +9 -12
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +6 -7
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +12 -13
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +8 -9
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +15 -18
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +37 -37
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +13 -17
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +37 -23
- data/src/core/ext/transport/chttp2/transport/parsing.cc +52 -74
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +30 -28
- data/src/core/ext/transport/inproc/inproc_transport.cc +106 -33
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +10 -4
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +243 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +865 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +253 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +453 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +1801 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +77 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +364 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +124 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +428 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +334 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1066 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +103 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +388 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +241 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +839 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +170 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +767 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +176 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +730 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +95 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +126 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +243 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +305 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +367 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +33 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +73 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +130 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +557 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +159 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +623 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +107 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +178 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +662 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +65 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +237 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +926 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +3746 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +159 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +122 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +361 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1484 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +19 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +35 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +458 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +73 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +219 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +146 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +621 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/rds.upb.c → service/cluster/v3/cds.upb.c} +7 -9
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +25 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +146 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +499 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +151 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/srds.upb.c → service/route/v3/rds.upb.c} +7 -7
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/cds.upb.c → service/route/v3/srds.upb.c} +7 -7
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +128 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +84 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +64 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +166 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +146 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +207 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +301 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +283 -0
- data/src/core/ext/upb-generated/envoy/type/{http.upb.c → v3/http.upb.c} +3 -2
- data/src/core/ext/upb-generated/envoy/type/{http.upb.h → v3/http.upb.h} +9 -9
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +99 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +130 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +30 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +68 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +251 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +871 -0
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +52 -32
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +107 -106
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +691 -496
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +8 -2
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +5 -5
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +55 -57
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +82 -28
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +17 -10
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +40 -45
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +43 -43
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +236 -184
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +29 -13
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +19 -7
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +122 -62
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +30 -12
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +71 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +27 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +60 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +9 -9
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +48 -68
- data/src/core/ext/upb-generated/validate/validate.upb.c +71 -70
- data/src/core/ext/upb-generated/validate/validate.upb.h +732 -586
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +938 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +285 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +504 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -10
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +2479 -0
- data/src/core/ext/xds/xds_api.h +431 -0
- data/src/core/ext/xds/xds_bootstrap.cc +539 -0
- data/src/core/ext/xds/xds_bootstrap.h +116 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_channel_args.h +9 -6
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client.cc +839 -774
- data/src/core/ext/xds/xds_client.h +339 -0
- data/src/core/ext/xds/xds_client_stats.cc +159 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client_stats.h +78 -38
- data/src/core/ext/xds/xds_server_config_fetcher.cc +267 -0
- data/src/core/lib/channel/channel_args.cc +24 -22
- data/src/core/lib/channel/channel_args.h +3 -2
- data/src/core/lib/channel/channel_stack.h +20 -13
- data/src/core/lib/channel/channel_trace.cc +6 -8
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +46 -94
- data/src/core/lib/channel/channelz.h +17 -25
- data/src/core/lib/channel/channelz_registry.cc +20 -15
- data/src/core/lib/channel/channelz_registry.h +3 -1
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +15 -20
- data/src/core/lib/channel/handshaker.h +7 -5
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +2 -3
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +5 -3
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +23 -9
- data/src/core/lib/gpr/log_posix.cc +19 -7
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +12 -5
- data/src/core/lib/gpr/string.cc +33 -55
- data/src/core/lib/gpr/string.h +9 -24
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/sync_abseil.cc +2 -0
- data/src/core/lib/gpr/sync_posix.cc +2 -8
- data/src/core/lib/gpr/time.cc +16 -12
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/atomic.h +6 -6
- data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +3 -3
- data/src/core/lib/gprpp/global_config_env.cc +8 -6
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +91 -68
- data/src/core/lib/gprpp/ref_counted_ptr.h +171 -7
- data/src/core/lib/gprpp/stat.h +38 -0
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +16 -14
- data/src/core/lib/http/httpcli.h +4 -6
- data/src/core/lib/http/httpcli_security_connector.cc +13 -13
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.h +22 -21
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +4 -2
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint.cc +5 -1
- data/src/core/lib/iomgr/endpoint.h +8 -4
- data/src/core/lib/iomgr/endpoint_cfstream.cc +38 -14
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +10 -10
- data/src/core/lib/iomgr/error.cc +23 -21
- data/src/core/lib/iomgr/error.h +0 -1
- data/src/core/lib/iomgr/error_cfstream.cc +9 -8
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +359 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +43 -40
- data/src/core/lib/iomgr/ev_epollex_linux.cc +46 -45
- data/src/core/lib/iomgr/ev_poll_posix.cc +18 -15
- data/src/core/lib/iomgr/ev_posix.cc +2 -3
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/exec_ctx.h +26 -10
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -21
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +14 -0
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +322 -0
- data/src/core/lib/iomgr/parse_address.h +77 -0
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +11 -11
- data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
- data/src/core/lib/iomgr/port.h +2 -21
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +42 -57
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +11 -16
- data/src/core/lib/iomgr/resolve_address_windows.cc +16 -25
- data/src/core/lib/iomgr/resource_quota.cc +38 -37
- data/src/core/lib/iomgr/sockaddr_utils.cc +41 -44
- data/src/core/lib/iomgr/sockaddr_utils.h +13 -17
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +103 -81
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/socket_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -18
- data/src/core/lib/iomgr/tcp_client_custom.cc +13 -15
- data/src/core/lib/iomgr/tcp_client_posix.cc +31 -37
- data/src/core/lib/iomgr/tcp_client_windows.cc +10 -11
- data/src/core/lib/iomgr/tcp_custom.cc +56 -36
- data/src/core/lib/iomgr/tcp_custom.h +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +47 -25
- data/src/core/lib/iomgr/tcp_server.cc +3 -4
- data/src/core/lib/iomgr/tcp_server.h +7 -5
- data/src/core/lib/iomgr/tcp_server_custom.cc +39 -45
- data/src/core/lib/iomgr/tcp_server_posix.cc +38 -44
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -8
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +10 -18
- data/src/core/lib/iomgr/tcp_server_windows.cc +16 -16
- data/src/core/lib/iomgr/tcp_uv.cc +3 -2
- data/src/core/lib/iomgr/tcp_windows.cc +26 -10
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +18 -18
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +33 -38
- data/src/core/lib/iomgr/udp_server.h +6 -4
- data/src/core/lib/iomgr/unix_sockets_posix.cc +36 -30
- data/src/core/lib/iomgr/unix_sockets_posix.h +8 -1
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +12 -2
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +15 -4
- data/src/core/lib/json/json_reader.cc +33 -30
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +204 -0
- data/src/core/lib/json/json_writer.cc +15 -13
- data/src/core/lib/security/authorization/authorization_engine.cc +177 -0
- data/src/core/lib/security/authorization/authorization_engine.h +84 -0
- data/src/core/lib/security/authorization/evaluate_args.cc +148 -0
- data/src/core/lib/security/authorization/evaluate_args.h +59 -0
- data/src/core/lib/security/authorization/matchers.cc +339 -0
- data/src/core/lib/security/authorization/matchers.h +158 -0
- data/src/core/lib/security/authorization/mock_cel/activation.h +57 -0
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +44 -0
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +69 -0
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +99 -0
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +67 -0
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +57 -0
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +7 -91
- data/src/core/lib/security/credentials/credentials.h +18 -66
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -6
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +90 -67
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -4
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -4
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +13 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +13 -19
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +109 -97
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +14 -7
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +20 -7
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +27 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +12 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -140
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +74 -167
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +22 -7
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +27 -32
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/security_connector.cc +6 -3
- data/src/core/lib/security/security_connector/security_connector.h +6 -4
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +42 -40
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +8 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +94 -23
- data/src/core/lib/security/security_connector/ssl_utils.h +37 -31
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +388 -284
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +108 -42
- data/src/core/lib/security/transport/auth_filters.h +0 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +11 -11
- data/src/core/lib/security/transport/secure_endpoint.cc +9 -3
- data/src/core/lib/security/transport/security_handshaker.cc +4 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.cc +12 -13
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +45 -5
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +9 -11
- data/src/core/lib/slice/slice_internal.h +17 -2
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +95 -88
- data/src/core/lib/surface/call.h +2 -1
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +86 -72
- data/src/core/lib/surface/channel.h +54 -7
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +63 -62
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init.cc +45 -29
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/lame_client.cc +20 -46
- data/src/core/lib/surface/lame_client.h +4 -0
- data/src/core/lib/surface/server.cc +1311 -1309
- data/src/core/lib/surface/server.h +410 -45
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +40 -0
- data/src/core/lib/transport/authority_override.h +37 -0
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.h +10 -5
- data/src/core/lib/transport/connectivity_state.cc +23 -17
- data/src/core/lib/transport/connectivity_state.h +31 -15
- data/src/core/lib/transport/error_utils.cc +13 -0
- data/src/core/lib/transport/error_utils.h +7 -1
- data/src/core/lib/transport/metadata.cc +19 -5
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.h +6 -7
- data/src/core/lib/transport/static_metadata.cc +296 -277
- data/src/core/lib/transport/static_metadata.h +81 -74
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +7 -6
- data/src/core/lib/transport/transport.h +24 -10
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.cc +135 -258
- data/src/core/lib/uri/uri_parser.h +60 -23
- data/src/core/plugin_registry/grpc_plugin_registry.cc +59 -12
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +48 -34
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +98 -48
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -0
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +17 -19
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -4
- data/src/core/tsi/ssl_transport_security.cc +226 -105
- data/src/core/tsi/ssl_transport_security.h +28 -16
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +9 -4
- data/src/ruby/bin/math_services_pb.rb +4 -4
- data/src/ruby/ext/grpc/extconf.rb +6 -3
- data/src/ruby/ext/grpc/rb_call.c +12 -3
- data/src/ruby/ext/grpc/rb_call.h +4 -0
- data/src/ruby/ext/grpc/rb_call_credentials.c +57 -12
- data/src/ruby/ext/grpc/rb_channel_credentials.c +9 -0
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +42 -18
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +80 -44
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/client_stub.rb +1 -1
- data/src/ruby/lib/grpc/generic/interceptors.rb +5 -5
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +2 -2
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +51 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +61 -11
- data/src/ruby/spec/channel_credentials_spec.rb +10 -0
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/generic/active_call_spec.rb +19 -8
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +29 -7
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/src/ruby/spec/user_agent_spec.rb +74 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +1764 -0
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +166 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.cc +93 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.h +130 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +532 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +504 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +206 -0
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +460 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +161 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +208 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +270 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +321 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +30 -0
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/layout.h +743 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +48 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1903 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +139 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1945 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +382 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +196 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +89 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +108 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +248 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +93 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +346 -0
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +149 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +173 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +140 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +36 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1560 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +139 -0
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +325 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +346 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.h +96 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +55 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +996 -0
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +445 -0
- data/third_party/abseil-cpp/absl/status/status.h +817 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +38 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +1998 -0
- data/third_party/abseil-cpp/absl/strings/cord.h +1276 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +173 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +57 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +99 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +698 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +155 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +249 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +492 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +159 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2739 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +1065 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +953 -0
- data/third_party/abseil-cpp/absl/time/format.cc +160 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +632 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +386 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1029 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +113 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +965 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +137 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +309 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +116 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1583 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/types/variant.h +861 -0
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +759 -707
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +6 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +7 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +19 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +385 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +34 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +149 -211
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +301 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +22 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +434 -161
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +18 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +104 -122
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +740 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +69 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +155 -50
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -121
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +73 -40
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +122 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +217 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +532 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +47 -16
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -5
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1399 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +858 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +21 -9
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +27 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +89 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +62 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +67 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +38 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -154
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +66 -9
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +32 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +126 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +54 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +662 -556
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +21 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +82 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +11 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +85 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +6 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +335 -112
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +33 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +310 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1141 -755
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +593 -440
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +181 -57
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +45 -26
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +43 -45
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +32 -10
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +160 -80
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +77 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +7 -6
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +131 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +50 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +53 -30
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +611 -89
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +187 -68
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +71 -90
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +247 -73
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +5 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- data/third_party/re2/re2/bitmap256.h +117 -0
- data/third_party/re2/re2/bitstate.cc +385 -0
- data/third_party/re2/re2/compile.cc +1279 -0
- data/third_party/re2/re2/dfa.cc +2130 -0
- data/third_party/re2/re2/filtered_re2.cc +121 -0
- data/third_party/re2/re2/filtered_re2.h +109 -0
- data/third_party/re2/re2/mimics_pcre.cc +197 -0
- data/third_party/re2/re2/nfa.cc +713 -0
- data/third_party/re2/re2/onepass.cc +623 -0
- data/third_party/re2/re2/parse.cc +2464 -0
- data/third_party/re2/re2/perl_groups.cc +119 -0
- data/third_party/re2/re2/pod_array.h +55 -0
- data/third_party/re2/re2/prefilter.cc +710 -0
- data/third_party/re2/re2/prefilter.h +108 -0
- data/third_party/re2/re2/prefilter_tree.cc +407 -0
- data/third_party/re2/re2/prefilter_tree.h +139 -0
- data/third_party/re2/re2/prog.cc +988 -0
- data/third_party/re2/re2/prog.h +436 -0
- data/third_party/re2/re2/re2.cc +1362 -0
- data/third_party/re2/re2/re2.h +1002 -0
- data/third_party/re2/re2/regexp.cc +980 -0
- data/third_party/re2/re2/regexp.h +659 -0
- data/third_party/re2/re2/set.cc +154 -0
- data/third_party/re2/re2/set.h +80 -0
- data/third_party/re2/re2/simplify.cc +657 -0
- data/third_party/re2/re2/sparse_array.h +392 -0
- data/third_party/re2/re2/sparse_set.h +264 -0
- data/third_party/re2/re2/stringpiece.cc +65 -0
- data/third_party/re2/re2/stringpiece.h +210 -0
- data/third_party/re2/re2/tostring.cc +351 -0
- data/third_party/re2/re2/unicode_casefold.cc +582 -0
- data/third_party/re2/re2/unicode_casefold.h +78 -0
- data/third_party/re2/re2/unicode_groups.cc +6269 -0
- data/third_party/re2/re2/unicode_groups.h +67 -0
- data/third_party/re2/re2/walker-inl.h +246 -0
- data/third_party/re2/util/benchmark.h +156 -0
- data/third_party/re2/util/flags.h +26 -0
- data/third_party/re2/util/logging.h +109 -0
- data/third_party/re2/util/malloc_counter.h +19 -0
- data/third_party/re2/util/mix.h +41 -0
- data/third_party/re2/util/mutex.h +148 -0
- data/third_party/re2/util/pcre.cc +1025 -0
- data/third_party/re2/util/pcre.h +681 -0
- data/third_party/re2/util/rune.cc +260 -0
- data/third_party/re2/util/strutil.cc +149 -0
- data/third_party/re2/util/strutil.h +21 -0
- data/third_party/re2/util/test.h +50 -0
- data/third_party/re2/util/utf.h +44 -0
- data/third_party/re2/util/util.h +42 -0
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +604 -511
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +311 -211
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/json_decode.c +1443 -0
- data/third_party/upb/upb/json_decode.h +23 -0
- data/third_party/upb/upb/json_encode.c +713 -0
- data/third_party/upb/upb/json_encode.h +36 -0
- data/third_party/upb/upb/msg.c +215 -70
- data/third_party/upb/upb/msg.h +558 -14
- data/third_party/upb/upb/port_def.inc +105 -63
- data/third_party/upb/upb/port_undef.inc +10 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +73 -269
- data/third_party/upb/upb/table.int.h +25 -57
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +138 -135
- data/third_party/upb/upb/upb.h +119 -146
- data/third_party/upb/upb/upb.hpp +88 -0
- data/third_party/upb/upb/upb.int.h +29 -0
- metadata +646 -164
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/ext/filters/client_channel/parse_address.cc +0 -237
- data/src/core/ext/filters/client_channel/parse_address.h +0 -53
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -484
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -65
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -359
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -122
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +0 -1779
- data/src/core/ext/filters/client_channel/xds/xds_api.h +0 -280
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +0 -347
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +0 -87
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +0 -46
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +0 -104
- data/src/core/ext/filters/client_channel/xds/xds_client.h +0 -274
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +0 -116
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -246
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +0 -905
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +0 -390
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +0 -1411
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -73
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +0 -218
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +0 -69
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +0 -54
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +0 -305
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +0 -328
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +0 -292
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +0 -847
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +0 -95
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +0 -322
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +0 -196
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +0 -642
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +0 -168
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +0 -658
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +0 -80
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +0 -132
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +0 -436
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -128
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +0 -392
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +0 -91
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +0 -240
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +0 -324
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +0 -104
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +0 -383
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +0 -144
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +0 -527
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +0 -42
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +0 -62
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +0 -199
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +0 -793
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +0 -2936
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +0 -58
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +0 -227
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +0 -725
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +0 -296
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +0 -1072
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +0 -32
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +0 -65
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +0 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +0 -50
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +0 -130
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +0 -47
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +0 -108
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +0 -133
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +0 -87
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +0 -38
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +0 -87
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +0 -49
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +0 -28
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +0 -62
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +0 -249
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/lib/gprpp/map.h +0 -59
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/transport/target_authority_table.cc +0 -75
- data/src/core/lib/security/transport/target_authority_table.h +0 -40
- data/src/core/lib/slice/slice_hash_table.h +0 -199
- data/src/core/lib/slice/slice_weak_hash_table.h +0 -102
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
- data/third_party/upb/upb/generated_util.h +0 -105
- data/third_party/upb/upb/port.c +0 -26
|
@@ -99,6 +99,36 @@ OPENSSL_EXPORT int RSA_up_ref(RSA *rsa);
|
|
|
99
99
|
// RSA_bits returns the size of |rsa|, in bits.
|
|
100
100
|
OPENSSL_EXPORT unsigned RSA_bits(const RSA *rsa);
|
|
101
101
|
|
|
102
|
+
// RSA_get0_n returns |rsa|'s public modulus.
|
|
103
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_n(const RSA *rsa);
|
|
104
|
+
|
|
105
|
+
// RSA_get0_e returns |rsa|'s public exponent.
|
|
106
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_e(const RSA *rsa);
|
|
107
|
+
|
|
108
|
+
// RSA_get0_d returns |rsa|'s private exponent. If |rsa| is a public key, this
|
|
109
|
+
// value will be NULL.
|
|
110
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_d(const RSA *rsa);
|
|
111
|
+
|
|
112
|
+
// RSA_get0_p returns |rsa|'s first private prime factor. If |rsa| is a public
|
|
113
|
+
// key or lacks its prime factors, this value will be NULL.
|
|
114
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_p(const RSA *rsa);
|
|
115
|
+
|
|
116
|
+
// RSA_get0_q returns |rsa|'s second private prime factor. If |rsa| is a public
|
|
117
|
+
// key or lacks its prime factors, this value will be NULL.
|
|
118
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_q(const RSA *rsa);
|
|
119
|
+
|
|
120
|
+
// RSA_get0_dmp1 returns d (mod p-1) for |rsa|. If |rsa| is a public key or
|
|
121
|
+
// lacks CRT parameters, this value will be NULL.
|
|
122
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_dmp1(const RSA *rsa);
|
|
123
|
+
|
|
124
|
+
// RSA_get0_dmq1 returns d (mod q-1) for |rsa|. If |rsa| is a public key or
|
|
125
|
+
// lacks CRT parameters, this value will be NULL.
|
|
126
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_dmq1(const RSA *rsa);
|
|
127
|
+
|
|
128
|
+
// RSA_get0_iqmp returns q^-1 (mod p). If |rsa| is a public key or lacks CRT
|
|
129
|
+
// parameters, this value will be NULL.
|
|
130
|
+
OPENSSL_EXPORT const BIGNUM *RSA_get0_iqmp(const RSA *rsa);
|
|
131
|
+
|
|
102
132
|
// RSA_get0_key sets |*out_n|, |*out_e|, and |*out_d|, if non-NULL, to |rsa|'s
|
|
103
133
|
// modulus, public exponent, and private exponent, respectively. If |rsa| is a
|
|
104
134
|
// public key, the private exponent will be set to NULL.
|
|
@@ -711,6 +741,7 @@ struct rsa_st {
|
|
|
711
741
|
// |blindings_inuse| from 0 to 1.
|
|
712
742
|
BN_BLINDING **blindings;
|
|
713
743
|
unsigned char *blindings_inuse;
|
|
744
|
+
uint64_t blinding_fork_generation;
|
|
714
745
|
|
|
715
746
|
// private_key_frozen is one if the key has been used for a private key
|
|
716
747
|
// operation and may no longer be mutated.
|
|
@@ -261,6 +261,32 @@ struct sha512_state_st {
|
|
|
261
261
|
};
|
|
262
262
|
|
|
263
263
|
|
|
264
|
+
// SHA-512-256
|
|
265
|
+
//
|
|
266
|
+
// See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf section 5.3.6
|
|
267
|
+
|
|
268
|
+
#define SHA512_256_DIGEST_LENGTH 32
|
|
269
|
+
|
|
270
|
+
// SHA512_256_Init initialises |sha| and returns 1.
|
|
271
|
+
OPENSSL_EXPORT int SHA512_256_Init(SHA512_CTX *sha);
|
|
272
|
+
|
|
273
|
+
// SHA512_256_Update adds |len| bytes from |data| to |sha| and returns 1.
|
|
274
|
+
OPENSSL_EXPORT int SHA512_256_Update(SHA512_CTX *sha, const void *data,
|
|
275
|
+
size_t len);
|
|
276
|
+
|
|
277
|
+
// SHA512_256_Final adds the final padding to |sha| and writes the resulting
|
|
278
|
+
// digest to |out|, which must have at least |SHA512_256_DIGEST_LENGTH| bytes of
|
|
279
|
+
// space. It returns one on success and zero on programmer error.
|
|
280
|
+
OPENSSL_EXPORT int SHA512_256_Final(uint8_t out[SHA512_256_DIGEST_LENGTH],
|
|
281
|
+
SHA512_CTX *sha);
|
|
282
|
+
|
|
283
|
+
// SHA512_256 writes the digest of |len| bytes from |data| to |out| and returns
|
|
284
|
+
// |out|. There must be at least |SHA512_256_DIGEST_LENGTH| bytes of space in
|
|
285
|
+
// |out|.
|
|
286
|
+
OPENSSL_EXPORT uint8_t *SHA512_256(const uint8_t *data, size_t len,
|
|
287
|
+
uint8_t out[SHA512_256_DIGEST_LENGTH]);
|
|
288
|
+
|
|
289
|
+
|
|
264
290
|
#if defined(__cplusplus)
|
|
265
291
|
} // extern C
|
|
266
292
|
#endif
|
|
@@ -267,7 +267,7 @@ OPENSSL_EXPORT int SSL_is_dtls(const SSL *ssl);
|
|
|
267
267
|
// |SSL_set0_rbio| and |SSL_set0_wbio| instead.
|
|
268
268
|
OPENSSL_EXPORT void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
|
|
269
269
|
|
|
270
|
-
// SSL_set0_rbio configures |ssl| to
|
|
270
|
+
// SSL_set0_rbio configures |ssl| to read from |rbio|. It takes ownership of
|
|
271
271
|
// |rbio|.
|
|
272
272
|
//
|
|
273
273
|
// Note that, although this function and |SSL_set0_wbio| may be called on the
|
|
@@ -953,6 +953,18 @@ OPENSSL_EXPORT size_t SSL_get0_certificate_types(const SSL *ssl,
|
|
|
953
953
|
OPENSSL_EXPORT size_t
|
|
954
954
|
SSL_get0_peer_verify_algorithms(const SSL *ssl, const uint16_t **out_sigalgs);
|
|
955
955
|
|
|
956
|
+
// SSL_get0_peer_delegation_algorithms sets |*out_sigalgs| to an array
|
|
957
|
+
// containing the signature algorithms the peer is willing to use with delegated
|
|
958
|
+
// credentials. It returns the length of the array. If not sent, the empty
|
|
959
|
+
// array is returned.
|
|
960
|
+
//
|
|
961
|
+
// The behavior of this function is undefined except during the callbacks set by
|
|
962
|
+
// by |SSL_CTX_set_cert_cb| and |SSL_CTX_set_client_cert_cb| or when the
|
|
963
|
+
// handshake is paused because of them.
|
|
964
|
+
OPENSSL_EXPORT size_t
|
|
965
|
+
SSL_get0_peer_delegation_algorithms(const SSL *ssl,
|
|
966
|
+
const uint16_t **out_sigalgs);
|
|
967
|
+
|
|
956
968
|
// SSL_certs_clear resets the private key, leaf certificate, and certificate
|
|
957
969
|
// chain of |ssl|.
|
|
958
970
|
OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl);
|
|
@@ -1098,6 +1110,20 @@ OPENSSL_EXPORT int SSL_set_chain_and_key(
|
|
|
1098
1110
|
SSL *ssl, CRYPTO_BUFFER *const *certs, size_t num_certs, EVP_PKEY *privkey,
|
|
1099
1111
|
const SSL_PRIVATE_KEY_METHOD *privkey_method);
|
|
1100
1112
|
|
|
1113
|
+
// SSL_CTX_get0_chain returns the list of |CRYPTO_BUFFER|s that were set by
|
|
1114
|
+
// |SSL_CTX_set_chain_and_key|. Reference counts are not incremented by this
|
|
1115
|
+
// call. The return value may be |NULL| if no chain has been set.
|
|
1116
|
+
//
|
|
1117
|
+
// (Note: if a chain was configured by non-|CRYPTO_BUFFER|-based functions then
|
|
1118
|
+
// the return value is undefined and, even if not NULL, the stack itself may
|
|
1119
|
+
// contain nullptrs. Thus you shouldn't mix this function with
|
|
1120
|
+
// non-|CRYPTO_BUFFER| functions for manipulating the chain.)
|
|
1121
|
+
//
|
|
1122
|
+
// There is no |SSL*| version of this function because connections discard
|
|
1123
|
+
// configuration after handshaking, thus making it of questionable utility.
|
|
1124
|
+
OPENSSL_EXPORT const STACK_OF(CRYPTO_BUFFER)*
|
|
1125
|
+
SSL_CTX_get0_chain(const SSL_CTX *ctx);
|
|
1126
|
+
|
|
1101
1127
|
// SSL_CTX_use_RSAPrivateKey sets |ctx|'s private key to |rsa|. It returns one
|
|
1102
1128
|
// on success and zero on failure.
|
|
1103
1129
|
OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
|
|
@@ -1267,8 +1293,8 @@ OPENSSL_EXPORT const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value);
|
|
|
1267
1293
|
// cast to a |uint16_t| to get it.
|
|
1268
1294
|
OPENSSL_EXPORT uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *cipher);
|
|
1269
1295
|
|
|
1270
|
-
//
|
|
1271
|
-
OPENSSL_EXPORT uint16_t
|
|
1296
|
+
// SSL_CIPHER_get_protocol_id returns |cipher|'s IANA-assigned number.
|
|
1297
|
+
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *cipher);
|
|
1272
1298
|
|
|
1273
1299
|
// SSL_CIPHER_is_aead returns one if |cipher| uses an AEAD cipher.
|
|
1274
1300
|
OPENSSL_EXPORT int SSL_CIPHER_is_aead(const SSL_CIPHER *cipher);
|
|
@@ -1712,9 +1738,9 @@ OPENSSL_EXPORT void SSL_SESSION_get0_ocsp_response(const SSL_SESSION *session,
|
|
|
1712
1738
|
// SSL_MAX_MASTER_KEY_LENGTH is the maximum length of a master secret.
|
|
1713
1739
|
#define SSL_MAX_MASTER_KEY_LENGTH 48
|
|
1714
1740
|
|
|
1715
|
-
// SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s
|
|
1716
|
-
//
|
|
1717
|
-
//
|
|
1741
|
+
// SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s secret
|
|
1742
|
+
// to |out| and returns the number of bytes written. If |max_out| is zero, it
|
|
1743
|
+
// returns the size of the secret.
|
|
1718
1744
|
OPENSSL_EXPORT size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
|
|
1719
1745
|
uint8_t *out, size_t max_out);
|
|
1720
1746
|
|
|
@@ -2183,6 +2209,20 @@ struct ssl_ticket_aead_method_st {
|
|
|
2183
2209
|
OPENSSL_EXPORT void SSL_CTX_set_ticket_aead_method(
|
|
2184
2210
|
SSL_CTX *ctx, const SSL_TICKET_AEAD_METHOD *aead_method);
|
|
2185
2211
|
|
|
2212
|
+
// SSL_process_tls13_new_session_ticket processes an unencrypted TLS 1.3
|
|
2213
|
+
// NewSessionTicket message from |buf| and returns a resumable |SSL_SESSION|,
|
|
2214
|
+
// or NULL on error. The caller takes ownership of the returned session and
|
|
2215
|
+
// must call |SSL_SESSION_free| to free it.
|
|
2216
|
+
//
|
|
2217
|
+
// |buf| contains |buf_len| bytes that represents a complete NewSessionTicket
|
|
2218
|
+
// message including its header, i.e., one byte for the type (0x04) and three
|
|
2219
|
+
// bytes for the length. |buf| must contain only one such message.
|
|
2220
|
+
//
|
|
2221
|
+
// This function may be used to process NewSessionTicket messages in TLS 1.3
|
|
2222
|
+
// clients that are handling the record layer externally.
|
|
2223
|
+
OPENSSL_EXPORT SSL_SESSION *SSL_process_tls13_new_session_ticket(
|
|
2224
|
+
SSL *ssl, const uint8_t *buf, size_t buf_len);
|
|
2225
|
+
|
|
2186
2226
|
|
|
2187
2227
|
// Elliptic curve Diffie-Hellman.
|
|
2188
2228
|
//
|
|
@@ -2436,7 +2476,7 @@ OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
|
|
|
2436
2476
|
// one on success and zero on failure.
|
|
2437
2477
|
//
|
|
2438
2478
|
// See
|
|
2439
|
-
// https://www.openssl.org/docs/
|
|
2479
|
+
// https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_load_verify_locations.html
|
|
2440
2480
|
// for documentation on the directory format.
|
|
2441
2481
|
OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx,
|
|
2442
2482
|
const char *ca_file,
|
|
@@ -2518,20 +2558,22 @@ OPENSSL_EXPORT int SSL_set0_verify_cert_store(SSL *ssl, X509_STORE *store);
|
|
|
2518
2558
|
// reference to |store| will be taken.
|
|
2519
2559
|
OPENSSL_EXPORT int SSL_set1_verify_cert_store(SSL *ssl, X509_STORE *store);
|
|
2520
2560
|
|
|
2521
|
-
// SSL_CTX_set_ed25519_enabled configures whether |ctx| advertises support for
|
|
2522
|
-
// the Ed25519 signature algorithm when using the default preference list. It is
|
|
2523
|
-
// disabled by default and may be enabled if the certificate verifier supports
|
|
2524
|
-
// Ed25519.
|
|
2525
|
-
OPENSSL_EXPORT void SSL_CTX_set_ed25519_enabled(SSL_CTX *ctx, int enabled);
|
|
2526
|
-
|
|
2527
2561
|
// SSL_CTX_set_verify_algorithm_prefs configures |ctx| to use |prefs| as the
|
|
2528
|
-
// preference list when verifying
|
|
2562
|
+
// preference list when verifying signatures from the peer's long-term key. It
|
|
2529
2563
|
// returns one on zero on error. |prefs| should not include the internal-only
|
|
2530
2564
|
// value |SSL_SIGN_RSA_PKCS1_MD5_SHA1|.
|
|
2531
2565
|
OPENSSL_EXPORT int SSL_CTX_set_verify_algorithm_prefs(SSL_CTX *ctx,
|
|
2532
2566
|
const uint16_t *prefs,
|
|
2533
2567
|
size_t num_prefs);
|
|
2534
2568
|
|
|
2569
|
+
// SSL_set_verify_algorithm_prefs configures |ssl| to use |prefs| as the
|
|
2570
|
+
// preference list when verifying signatures from the peer's long-term key. It
|
|
2571
|
+
// returns one on zero on error. |prefs| should not include the internal-only
|
|
2572
|
+
// value |SSL_SIGN_RSA_PKCS1_MD5_SHA1|.
|
|
2573
|
+
OPENSSL_EXPORT int SSL_set_verify_algorithm_prefs(SSL *ssl,
|
|
2574
|
+
const uint16_t *prefs,
|
|
2575
|
+
size_t num_prefs);
|
|
2576
|
+
|
|
2535
2577
|
|
|
2536
2578
|
// Client certificate CA list.
|
|
2537
2579
|
//
|
|
@@ -2734,15 +2776,58 @@ OPENSSL_EXPORT void SSL_CTX_set_allow_unknown_alpn_protos(SSL_CTX *ctx,
|
|
|
2734
2776
|
int enabled);
|
|
2735
2777
|
|
|
2736
2778
|
|
|
2779
|
+
// Application-layer protocol settings
|
|
2780
|
+
//
|
|
2781
|
+
// The ALPS extension (draft-vvv-tls-alps) allows exchanging application-layer
|
|
2782
|
+
// settings in the TLS handshake for applications negotiated with ALPN. Note
|
|
2783
|
+
// that, when ALPS is negotiated, the client and server each advertise their own
|
|
2784
|
+
// settings, so there are functions to both configure setting to send and query
|
|
2785
|
+
// received settings.
|
|
2786
|
+
|
|
2787
|
+
// SSL_add_application_settings configures |ssl| to enable ALPS with ALPN
|
|
2788
|
+
// protocol |proto|, sending an ALPS value of |settings|. It returns one on
|
|
2789
|
+
// success and zero on error. If |proto| is negotiated via ALPN and the peer
|
|
2790
|
+
// supports ALPS, |settings| will be sent to the peer. The peer's ALPS value can
|
|
2791
|
+
// be retrieved with |SSL_get0_peer_application_settings|.
|
|
2792
|
+
//
|
|
2793
|
+
// On the client, this function should be called before the handshake, once for
|
|
2794
|
+
// each supported ALPN protocol which uses ALPS. |proto| must be included in the
|
|
2795
|
+
// client's ALPN configuration (see |SSL_CTX_set_alpn_protos| and
|
|
2796
|
+
// |SSL_set_alpn_protos|). On the server, ALPS can be preconfigured for each
|
|
2797
|
+
// protocol as in the client, or configuration can be deferred to the ALPN
|
|
2798
|
+
// callback (see |SSL_CTX_set_alpn_select_cb|), in which case only the selected
|
|
2799
|
+
// protocol needs to be configured.
|
|
2800
|
+
//
|
|
2801
|
+
// ALPS can be independently configured from 0-RTT, however changes in protocol
|
|
2802
|
+
// settings will fallback to 1-RTT to negotiate the new value, so it is
|
|
2803
|
+
// recommended for |settings| to be relatively stable.
|
|
2804
|
+
OPENSSL_EXPORT int SSL_add_application_settings(SSL *ssl, const uint8_t *proto,
|
|
2805
|
+
size_t proto_len,
|
|
2806
|
+
const uint8_t *settings,
|
|
2807
|
+
size_t settings_len);
|
|
2808
|
+
|
|
2809
|
+
// SSL_get0_peer_application_settings sets |*out_data| and |*out_len| to a
|
|
2810
|
+
// buffer containing the peer's ALPS value, or the empty string if ALPS was not
|
|
2811
|
+
// negotiated. Note an empty string could also indicate the peer sent an empty
|
|
2812
|
+
// settings value. Use |SSL_has_application_settings| to check if ALPS was
|
|
2813
|
+
// negotiated. The output buffer is owned by |ssl| and is valid until the next
|
|
2814
|
+
// time |ssl| is modified.
|
|
2815
|
+
OPENSSL_EXPORT void SSL_get0_peer_application_settings(const SSL *ssl,
|
|
2816
|
+
const uint8_t **out_data,
|
|
2817
|
+
size_t *out_len);
|
|
2818
|
+
|
|
2819
|
+
// SSL_has_application_settings returns one if ALPS was negotiated on this
|
|
2820
|
+
// connection and zero otherwise.
|
|
2821
|
+
OPENSSL_EXPORT int SSL_has_application_settings(const SSL *ssl);
|
|
2822
|
+
|
|
2823
|
+
|
|
2737
2824
|
// Certificate compression.
|
|
2738
2825
|
//
|
|
2739
|
-
// Certificates in TLS 1.3 can be compressed
|
|
2740
|
-
// a client and a server, but does not link against any specific
|
|
2741
|
-
// libraries in order to keep dependencies to a minimum. Instead,
|
|
2742
|
-
// compression and decompression can be installed in an |SSL_CTX| to
|
|
2743
|
-
// support.
|
|
2744
|
-
//
|
|
2745
|
-
// [1] https://tools.ietf.org/html/draft-ietf-tls-certificate-compression-03.
|
|
2826
|
+
// Certificates in TLS 1.3 can be compressed (RFC 8879). BoringSSL supports this
|
|
2827
|
+
// as both a client and a server, but does not link against any specific
|
|
2828
|
+
// compression libraries in order to keep dependencies to a minimum. Instead,
|
|
2829
|
+
// hooks for compression and decompression can be installed in an |SSL_CTX| to
|
|
2830
|
+
// enable support.
|
|
2746
2831
|
|
|
2747
2832
|
// ssl_cert_compression_func_t is a pointer to a function that performs
|
|
2748
2833
|
// compression. It must write the compressed representation of |in| to |out|,
|
|
@@ -3051,38 +3136,6 @@ OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *ssl);
|
|
|
3051
3136
|
OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl);
|
|
3052
3137
|
|
|
3053
3138
|
|
|
3054
|
-
// QUIC transport parameters.
|
|
3055
|
-
//
|
|
3056
|
-
// draft-ietf-quic-tls defines a new TLS extension quic_transport_parameters
|
|
3057
|
-
// used by QUIC for each endpoint to unilaterally declare its supported
|
|
3058
|
-
// transport parameters. draft-ietf-quic-transport (section 7.4) defines the
|
|
3059
|
-
// contents of that extension (a TransportParameters struct) and describes how
|
|
3060
|
-
// to handle it and its semantic meaning.
|
|
3061
|
-
//
|
|
3062
|
-
// BoringSSL handles this extension as an opaque byte string. The caller is
|
|
3063
|
-
// responsible for serializing and parsing it.
|
|
3064
|
-
|
|
3065
|
-
// SSL_set_quic_transport_params configures |ssl| to send |params| (of length
|
|
3066
|
-
// |params_len|) in the quic_transport_parameters extension in either the
|
|
3067
|
-
// ClientHello or EncryptedExtensions handshake message. This extension will
|
|
3068
|
-
// only be sent if the TLS version is at least 1.3, and for a server, only if
|
|
3069
|
-
// the client sent the extension. The buffer pointed to by |params| only need be
|
|
3070
|
-
// valid for the duration of the call to this function. This function returns 1
|
|
3071
|
-
// on success and 0 on failure.
|
|
3072
|
-
OPENSSL_EXPORT int SSL_set_quic_transport_params(SSL *ssl,
|
|
3073
|
-
const uint8_t *params,
|
|
3074
|
-
size_t params_len);
|
|
3075
|
-
|
|
3076
|
-
// SSL_get_peer_quic_transport_params provides the caller with the value of the
|
|
3077
|
-
// quic_transport_parameters extension sent by the peer. A pointer to the buffer
|
|
3078
|
-
// containing the TransportParameters will be put in |*out_params|, and its
|
|
3079
|
-
// length in |*params_len|. This buffer will be valid for the lifetime of the
|
|
3080
|
-
// |SSL|. If no params were received from the peer, |*out_params_len| will be 0.
|
|
3081
|
-
OPENSSL_EXPORT void SSL_get_peer_quic_transport_params(const SSL *ssl,
|
|
3082
|
-
const uint8_t **out_params,
|
|
3083
|
-
size_t *out_params_len);
|
|
3084
|
-
|
|
3085
|
-
|
|
3086
3139
|
// Delegated credentials.
|
|
3087
3140
|
//
|
|
3088
3141
|
// *** EXPERIMENTAL — PRONE TO CHANGE ***
|
|
@@ -3131,10 +3184,11 @@ OPENSSL_EXPORT int SSL_delegated_credential_used(const SSL *ssl);
|
|
|
3131
3184
|
// When configured for QUIC, |SSL_do_handshake| will drive the handshake as
|
|
3132
3185
|
// before, but it will not use the configured |BIO|. It will call functions on
|
|
3133
3186
|
// |SSL_QUIC_METHOD| to configure secrets and send data. If data is needed from
|
|
3134
|
-
// the peer, it will return |SSL_ERROR_WANT_READ|.
|
|
3135
|
-
//
|
|
3136
|
-
//
|
|
3137
|
-
//
|
|
3187
|
+
// the peer, it will return |SSL_ERROR_WANT_READ|. As the caller receives data
|
|
3188
|
+
// it can decrypt, it calls |SSL_provide_quic_data|. Subsequent
|
|
3189
|
+
// |SSL_do_handshake| calls will then consume that data and progress the
|
|
3190
|
+
// handshake. After the handshake is complete, the caller should continue to
|
|
3191
|
+
// call |SSL_provide_quic_data| for any post-handshake data, followed by
|
|
3138
3192
|
// |SSL_process_quic_post_handshake| to process it. It is an error to call
|
|
3139
3193
|
// |SSL_read| and |SSL_write| in QUIC.
|
|
3140
3194
|
//
|
|
@@ -3145,13 +3199,6 @@ OPENSSL_EXPORT int SSL_delegated_credential_used(const SSL *ssl);
|
|
|
3145
3199
|
// confirm the handshake. As a client, |SSL_ERROR_EARLY_DATA_REJECTED| and
|
|
3146
3200
|
// |SSL_reset_early_data_reject| behave as usual.
|
|
3147
3201
|
//
|
|
3148
|
-
// Note that secrets for an encryption level may be available to QUIC before the
|
|
3149
|
-
// level is active in TLS. Callers should use |SSL_quic_read_level| to determine
|
|
3150
|
-
// the active read level for |SSL_provide_quic_data|. |SSL_do_handshake| will
|
|
3151
|
-
// pass the active write level to |SSL_QUIC_METHOD| when writing data. Callers
|
|
3152
|
-
// can use |SSL_quic_write_level| to query the active write level when
|
|
3153
|
-
// generating their own errors.
|
|
3154
|
-
//
|
|
3155
3202
|
// See https://tools.ietf.org/html/draft-ietf-quic-tls-15#section-4.1 for more
|
|
3156
3203
|
// details.
|
|
3157
3204
|
//
|
|
@@ -3160,8 +3207,37 @@ OPENSSL_EXPORT int SSL_delegated_credential_used(const SSL *ssl);
|
|
|
3160
3207
|
// |SSL_quic_max_handshake_flight_len| to get the maximum buffer length at each
|
|
3161
3208
|
// encryption level.
|
|
3162
3209
|
//
|
|
3163
|
-
//
|
|
3164
|
-
//
|
|
3210
|
+
// QUIC implementations must additionally configure transport parameters with
|
|
3211
|
+
// |SSL_set_quic_transport_params|. |SSL_get_peer_quic_transport_params| may be
|
|
3212
|
+
// used to query the value received from the peer. BoringSSL handles this
|
|
3213
|
+
// extension as an opaque byte string. The caller is responsible for serializing
|
|
3214
|
+
// and parsing them. See draft-ietf-quic-transport (section 7.3) for details.
|
|
3215
|
+
//
|
|
3216
|
+
// QUIC additionally imposes restrictions on 0-RTT. In particular, the QUIC
|
|
3217
|
+
// transport layer requires that if a server accepts 0-RTT data, then the
|
|
3218
|
+
// transport parameters sent on the resumed connection must not lower any limits
|
|
3219
|
+
// compared to the transport parameters that the server sent on the connection
|
|
3220
|
+
// where the ticket for 0-RTT was issued. In effect, the server must remember
|
|
3221
|
+
// the transport parameters with the ticket. Application protocols running on
|
|
3222
|
+
// QUIC may impose similar restrictions, for example HTTP/3's restrictions on
|
|
3223
|
+
// SETTINGS frames.
|
|
3224
|
+
//
|
|
3225
|
+
// BoringSSL implements this check by doing a byte-for-byte comparison of an
|
|
3226
|
+
// opaque context passed in by the server. This context must be the same on the
|
|
3227
|
+
// connection where the ticket was issued and the connection where that ticket
|
|
3228
|
+
// is used for 0-RTT. If there is a mismatch, or the context was not set,
|
|
3229
|
+
// BoringSSL will reject early data (but not reject the resumption attempt).
|
|
3230
|
+
// This context is set via |SSL_set_quic_early_data_context| and should cover
|
|
3231
|
+
// both transport parameters and any application state.
|
|
3232
|
+
// |SSL_set_quic_early_data_context| must be called on the server with a
|
|
3233
|
+
// non-empty context if the server is to support 0-RTT in QUIC.
|
|
3234
|
+
//
|
|
3235
|
+
// BoringSSL does not perform any client-side checks on the transport
|
|
3236
|
+
// parameters received from a server that also accepted early data. It is up to
|
|
3237
|
+
// the caller to verify that the received transport parameters do not lower any
|
|
3238
|
+
// limits, and to close the QUIC connection if that is not the case. The same
|
|
3239
|
+
// holds for any application protocol state remembered for 0-RTT, e.g. HTTP/3
|
|
3240
|
+
// SETTINGS.
|
|
3165
3241
|
|
|
3166
3242
|
// ssl_encryption_level_t represents a specific QUIC encryption level used to
|
|
3167
3243
|
// transmit handshake messages.
|
|
@@ -3174,26 +3250,51 @@ enum ssl_encryption_level_t BORINGSSL_ENUM_INT {
|
|
|
3174
3250
|
|
|
3175
3251
|
// ssl_quic_method_st (aka |SSL_QUIC_METHOD|) describes custom QUIC hooks.
|
|
3176
3252
|
struct ssl_quic_method_st {
|
|
3177
|
-
//
|
|
3178
|
-
// encryption level.
|
|
3179
|
-
//
|
|
3180
|
-
//
|
|
3181
|
-
// data at that level.
|
|
3253
|
+
// set_read_secret configures the read secret and cipher suite for the given
|
|
3254
|
+
// encryption level. It returns one on success and zero to terminate the
|
|
3255
|
+
// handshake with an error. It will be called at most once per encryption
|
|
3256
|
+
// level.
|
|
3182
3257
|
//
|
|
3183
|
-
//
|
|
3184
|
-
//
|
|
3185
|
-
//
|
|
3186
|
-
//
|
|
3187
|
-
//
|
|
3188
|
-
// which will be configured in the same |SSL_do_handshake| call.
|
|
3258
|
+
// BoringSSL will not release read keys before QUIC may use them. Once a level
|
|
3259
|
+
// has been initialized, QUIC may begin processing data from it. Handshake
|
|
3260
|
+
// data should be passed to |SSL_provide_quic_data| and application data (if
|
|
3261
|
+
// |level| is |ssl_encryption_early_data| or |ssl_encryption_application|) may
|
|
3262
|
+
// be processed according to the rules of the QUIC protocol.
|
|
3189
3263
|
//
|
|
3190
|
-
//
|
|
3191
|
-
//
|
|
3264
|
+
// QUIC ACKs packets at the same encryption level they were received at,
|
|
3265
|
+
// except that client |ssl_encryption_early_data| (0-RTT) packets trigger
|
|
3266
|
+
// server |ssl_encryption_application| (1-RTT) ACKs. BoringSSL will always
|
|
3267
|
+
// install ACK-writing keys with |set_write_secret| before the packet-reading
|
|
3268
|
+
// keys with |set_read_secret|. This ensures the caller can always ACK any
|
|
3269
|
+
// packet it decrypts. Note this means the server installs 1-RTT write keys
|
|
3270
|
+
// before 0-RTT read keys.
|
|
3192
3271
|
//
|
|
3193
|
-
//
|
|
3194
|
-
|
|
3195
|
-
|
|
3196
|
-
|
|
3272
|
+
// The converse is not true. An encryption level may be configured with write
|
|
3273
|
+
// secrets a roundtrip before the corresponding secrets for reading ACKs is
|
|
3274
|
+
// available.
|
|
3275
|
+
int (*set_read_secret)(SSL *ssl, enum ssl_encryption_level_t level,
|
|
3276
|
+
const SSL_CIPHER *cipher, const uint8_t *secret,
|
|
3277
|
+
size_t secret_len);
|
|
3278
|
+
// set_write_secret behaves like |set_read_secret| but configures the write
|
|
3279
|
+
// secret and cipher suite for the given encryption level. It will be called
|
|
3280
|
+
// at most once per encryption level.
|
|
3281
|
+
//
|
|
3282
|
+
// BoringSSL will not release write keys before QUIC may use them. If |level|
|
|
3283
|
+
// is |ssl_encryption_early_data| or |ssl_encryption_application|, QUIC may
|
|
3284
|
+
// begin sending application data at |level|. However, note that BoringSSL
|
|
3285
|
+
// configures server |ssl_encryption_application| write keys before the client
|
|
3286
|
+
// Finished. This allows QUIC to send half-RTT data, but the handshake is not
|
|
3287
|
+
// confirmed at this point and, if requesting client certificates, the client
|
|
3288
|
+
// is not yet authenticated.
|
|
3289
|
+
//
|
|
3290
|
+
// See |set_read_secret| for additional invariants between packets and their
|
|
3291
|
+
// ACKs.
|
|
3292
|
+
//
|
|
3293
|
+
// Note that, on 0-RTT reject, the |ssl_encryption_early_data| write secret
|
|
3294
|
+
// may use a different cipher suite from the other keys.
|
|
3295
|
+
int (*set_write_secret)(SSL *ssl, enum ssl_encryption_level_t level,
|
|
3296
|
+
const SSL_CIPHER *cipher, const uint8_t *secret,
|
|
3297
|
+
size_t secret_len);
|
|
3197
3298
|
// add_handshake_data adds handshake data to the current flight at the given
|
|
3198
3299
|
// encryption level. It returns one on success and zero on error.
|
|
3199
3300
|
//
|
|
@@ -3201,6 +3302,9 @@ struct ssl_quic_method_st {
|
|
|
3201
3302
|
// single handshake flight may include multiple encryption levels. Callers
|
|
3202
3303
|
// should defer writing data to the network until |flush_flight| to better
|
|
3203
3304
|
// pack QUIC packets into transport datagrams.
|
|
3305
|
+
//
|
|
3306
|
+
// If |level| is not |ssl_encryption_initial|, this function will not be
|
|
3307
|
+
// called before |level| is initialized with |set_write_secret|.
|
|
3204
3308
|
int (*add_handshake_data)(SSL *ssl, enum ssl_encryption_level_t level,
|
|
3205
3309
|
const uint8_t *data, size_t len);
|
|
3206
3310
|
// flush_flight is called when the current flight is complete and should be
|
|
@@ -3209,6 +3313,9 @@ struct ssl_quic_method_st {
|
|
|
3209
3313
|
int (*flush_flight)(SSL *ssl);
|
|
3210
3314
|
// send_alert sends a fatal alert at the specified encryption level. It
|
|
3211
3315
|
// returns one on success and zero on error.
|
|
3316
|
+
//
|
|
3317
|
+
// If |level| is not |ssl_encryption_initial|, this function will not be
|
|
3318
|
+
// called before |level| is initialized with |set_write_secret|.
|
|
3212
3319
|
int (*send_alert)(SSL *ssl, enum ssl_encryption_level_t level, uint8_t alert);
|
|
3213
3320
|
};
|
|
3214
3321
|
|
|
@@ -3221,15 +3328,22 @@ OPENSSL_EXPORT size_t SSL_quic_max_handshake_flight_len(
|
|
|
3221
3328
|
const SSL *ssl, enum ssl_encryption_level_t level);
|
|
3222
3329
|
|
|
3223
3330
|
// SSL_quic_read_level returns the current read encryption level.
|
|
3331
|
+
//
|
|
3332
|
+
// TODO(davidben): Is it still necessary to expose this function to callers?
|
|
3333
|
+
// QUICHE does not use it.
|
|
3224
3334
|
OPENSSL_EXPORT enum ssl_encryption_level_t SSL_quic_read_level(const SSL *ssl);
|
|
3225
3335
|
|
|
3226
3336
|
// SSL_quic_write_level returns the current write encryption level.
|
|
3337
|
+
//
|
|
3338
|
+
// TODO(davidben): Is it still necessary to expose this function to callers?
|
|
3339
|
+
// QUICHE does not use it.
|
|
3227
3340
|
OPENSSL_EXPORT enum ssl_encryption_level_t SSL_quic_write_level(const SSL *ssl);
|
|
3228
3341
|
|
|
3229
3342
|
// SSL_provide_quic_data provides data from QUIC at a particular encryption
|
|
3230
|
-
// level |level|. It
|
|
3231
|
-
//
|
|
3232
|
-
//
|
|
3343
|
+
// level |level|. It returns one on success and zero on error. Note this
|
|
3344
|
+
// function will return zero if the handshake is not expecting data from |level|
|
|
3345
|
+
// at this time. The QUIC implementation should then close the connection with
|
|
3346
|
+
// an error.
|
|
3233
3347
|
OPENSSL_EXPORT int SSL_provide_quic_data(SSL *ssl,
|
|
3234
3348
|
enum ssl_encryption_level_t level,
|
|
3235
3349
|
const uint8_t *data, size_t len);
|
|
@@ -3252,6 +3366,46 @@ OPENSSL_EXPORT int SSL_CTX_set_quic_method(SSL_CTX *ctx,
|
|
|
3252
3366
|
OPENSSL_EXPORT int SSL_set_quic_method(SSL *ssl,
|
|
3253
3367
|
const SSL_QUIC_METHOD *quic_method);
|
|
3254
3368
|
|
|
3369
|
+
// SSL_set_quic_transport_params configures |ssl| to send |params| (of length
|
|
3370
|
+
// |params_len|) in the quic_transport_parameters extension in either the
|
|
3371
|
+
// ClientHello or EncryptedExtensions handshake message. It is an error to set
|
|
3372
|
+
// transport parameters if |ssl| is not configured for QUIC. The buffer pointed
|
|
3373
|
+
// to by |params| only need be valid for the duration of the call to this
|
|
3374
|
+
// function. This function returns 1 on success and 0 on failure.
|
|
3375
|
+
OPENSSL_EXPORT int SSL_set_quic_transport_params(SSL *ssl,
|
|
3376
|
+
const uint8_t *params,
|
|
3377
|
+
size_t params_len);
|
|
3378
|
+
|
|
3379
|
+
// SSL_get_peer_quic_transport_params provides the caller with the value of the
|
|
3380
|
+
// quic_transport_parameters extension sent by the peer. A pointer to the buffer
|
|
3381
|
+
// containing the TransportParameters will be put in |*out_params|, and its
|
|
3382
|
+
// length in |*params_len|. This buffer will be valid for the lifetime of the
|
|
3383
|
+
// |SSL|. If no params were received from the peer, |*out_params_len| will be 0.
|
|
3384
|
+
OPENSSL_EXPORT void SSL_get_peer_quic_transport_params(
|
|
3385
|
+
const SSL *ssl, const uint8_t **out_params, size_t *out_params_len);
|
|
3386
|
+
|
|
3387
|
+
// SSL_set_quic_use_legacy_codepoint configures whether to use the legacy QUIC
|
|
3388
|
+
// extension codepoint 0xffa5 as opposed to the official value 57. Call with
|
|
3389
|
+
// |use_legacy| set to 1 to use 0xffa5 and call with 0 to use 57. The default
|
|
3390
|
+
// value for this is currently 1 but it will change to 0 at a later date.
|
|
3391
|
+
OPENSSL_EXPORT void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
|
|
3392
|
+
|
|
3393
|
+
// SSL_set_quic_early_data_context configures a context string in QUIC servers
|
|
3394
|
+
// for accepting early data. If a resumption connection offers early data, the
|
|
3395
|
+
// server will check if the value matches that of the connection which minted
|
|
3396
|
+
// the ticket. If not, resumption still succeeds but early data is rejected.
|
|
3397
|
+
// This should include all QUIC Transport Parameters except ones specified that
|
|
3398
|
+
// the client MUST NOT remember. This should also include any application
|
|
3399
|
+
// protocol-specific state. For HTTP/3, this should be the serialized server
|
|
3400
|
+
// SETTINGS frame and the QUIC Transport Parameters (except the stateless reset
|
|
3401
|
+
// token).
|
|
3402
|
+
//
|
|
3403
|
+
// This function may be called before |SSL_do_handshake| or during server
|
|
3404
|
+
// certificate selection. It returns 1 on success and 0 on failure.
|
|
3405
|
+
OPENSSL_EXPORT int SSL_set_quic_early_data_context(SSL *ssl,
|
|
3406
|
+
const uint8_t *context,
|
|
3407
|
+
size_t context_len);
|
|
3408
|
+
|
|
3255
3409
|
|
|
3256
3410
|
// Early data.
|
|
3257
3411
|
//
|
|
@@ -3325,6 +3479,18 @@ OPENSSL_EXPORT int SSL_in_early_data(const SSL *ssl);
|
|
|
3325
3479
|
// attempted with |session| if enabled.
|
|
3326
3480
|
OPENSSL_EXPORT int SSL_SESSION_early_data_capable(const SSL_SESSION *session);
|
|
3327
3481
|
|
|
3482
|
+
// SSL_SESSION_copy_without_early_data returns a copy of |session| with early
|
|
3483
|
+
// data disabled. If |session| already does not support early data, it returns
|
|
3484
|
+
// |session| with the reference count increased. The caller takes ownership of
|
|
3485
|
+
// the result and must release it with |SSL_SESSION_free|.
|
|
3486
|
+
//
|
|
3487
|
+
// This function may be used on the client to clear early data support from
|
|
3488
|
+
// existing sessions when the server rejects early data. In particular,
|
|
3489
|
+
// |SSL_R_WRONG_VERSION_ON_EARLY_DATA| requires a fresh connection to retry, and
|
|
3490
|
+
// the client would not want 0-RTT enabled for the next connection attempt.
|
|
3491
|
+
OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_copy_without_early_data(
|
|
3492
|
+
SSL_SESSION *session);
|
|
3493
|
+
|
|
3328
3494
|
// SSL_early_data_accepted returns whether early data was accepted on the
|
|
3329
3495
|
// handshake performed by |ssl|.
|
|
3330
3496
|
OPENSSL_EXPORT int SSL_early_data_accepted(const SSL *ssl);
|
|
@@ -3374,8 +3540,12 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3374
3540
|
ssl_early_data_token_binding = 11,
|
|
3375
3541
|
// The client and server ticket age were too far apart.
|
|
3376
3542
|
ssl_early_data_ticket_age_skew = 12,
|
|
3543
|
+
// QUIC parameters differ between this connection and the original.
|
|
3544
|
+
ssl_early_data_quic_parameter_mismatch = 13,
|
|
3545
|
+
// The application settings did not match the session.
|
|
3546
|
+
ssl_early_data_alps_mismatch = 14,
|
|
3377
3547
|
// The value of the largest entry.
|
|
3378
|
-
ssl_early_data_reason_max_value =
|
|
3548
|
+
ssl_early_data_reason_max_value = ssl_early_data_alps_mismatch,
|
|
3379
3549
|
};
|
|
3380
3550
|
|
|
3381
3551
|
// SSL_get_early_data_reason returns details why 0-RTT was accepted or rejected
|
|
@@ -3383,6 +3553,26 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3383
3553
|
OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
|
|
3384
3554
|
const SSL *ssl);
|
|
3385
3555
|
|
|
3556
|
+
// SSL_early_data_reason_string returns a string representation for |reason|, or
|
|
3557
|
+
// NULL if |reason| is unknown. This function may be used for logging.
|
|
3558
|
+
OPENSSL_EXPORT const char *SSL_early_data_reason_string(
|
|
3559
|
+
enum ssl_early_data_reason_t reason);
|
|
3560
|
+
|
|
3561
|
+
|
|
3562
|
+
// Encrypted Client Hello.
|
|
3563
|
+
//
|
|
3564
|
+
// ECH is a mechanism for encrypting the entire ClientHello message in TLS 1.3.
|
|
3565
|
+
// This can prevent observers from seeing cleartext information about the
|
|
3566
|
+
// connection, such as the server_name extension.
|
|
3567
|
+
//
|
|
3568
|
+
// ECH support in BoringSSL is still experimental and under development.
|
|
3569
|
+
//
|
|
3570
|
+
// See https://tools.ietf.org/html/draft-ietf-tls-esni-09.
|
|
3571
|
+
|
|
3572
|
+
// SSL_set_enable_ech_grease configures whether the client may send ECH GREASE
|
|
3573
|
+
// as part of this connection.
|
|
3574
|
+
OPENSSL_EXPORT void SSL_set_enable_ech_grease(SSL *ssl, int enable);
|
|
3575
|
+
|
|
3386
3576
|
|
|
3387
3577
|
// Alerts.
|
|
3388
3578
|
//
|
|
@@ -3436,6 +3626,7 @@ OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
|
|
|
3436
3626
|
#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
|
|
3437
3627
|
#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
|
|
3438
3628
|
#define SSL_AD_CERTIFICATE_REQUIRED TLS1_AD_CERTIFICATE_REQUIRED
|
|
3629
|
+
#define SSL_AD_NO_APPLICATION_PROTOCOL TLS1_AD_NO_APPLICATION_PROTOCOL
|
|
3439
3630
|
|
|
3440
3631
|
// SSL_alert_type_string_long returns a string description of |value| as an
|
|
3441
3632
|
// alert type (warning or fatal).
|
|
@@ -3496,11 +3687,13 @@ OPENSSL_EXPORT int SSL_get_ivs(const SSL *ssl, const uint8_t **out_read_iv,
|
|
|
3496
3687
|
const uint8_t **out_write_iv,
|
|
3497
3688
|
size_t *out_iv_len);
|
|
3498
3689
|
|
|
3499
|
-
// SSL_get_key_block_len returns the length of |ssl|'s key block.
|
|
3690
|
+
// SSL_get_key_block_len returns the length of |ssl|'s key block. It is an error
|
|
3691
|
+
// to call this function during a handshake.
|
|
3500
3692
|
OPENSSL_EXPORT size_t SSL_get_key_block_len(const SSL *ssl);
|
|
3501
3693
|
|
|
3502
3694
|
// SSL_generate_key_block generates |out_len| bytes of key material for |ssl|'s
|
|
3503
|
-
// current connection state.
|
|
3695
|
+
// current connection state. It is an error to call this function during a
|
|
3696
|
+
// handshake.
|
|
3504
3697
|
OPENSSL_EXPORT int SSL_generate_key_block(const SSL *ssl, uint8_t *out,
|
|
3505
3698
|
size_t out_len);
|
|
3506
3699
|
|
|
@@ -3913,19 +4106,6 @@ OPENSSL_EXPORT size_t SSL_max_seal_overhead(const SSL *ssl);
|
|
|
3913
4106
|
OPENSSL_EXPORT void SSL_CTX_set_false_start_allowed_without_alpn(SSL_CTX *ctx,
|
|
3914
4107
|
int allowed);
|
|
3915
4108
|
|
|
3916
|
-
// SSL_CTX_set_ignore_tls13_downgrade configures whether connections on |ctx|
|
|
3917
|
-
// ignore the downgrade signal in the server's random value.
|
|
3918
|
-
OPENSSL_EXPORT void SSL_CTX_set_ignore_tls13_downgrade(SSL_CTX *ctx,
|
|
3919
|
-
int ignore);
|
|
3920
|
-
|
|
3921
|
-
// SSL_set_ignore_tls13_downgrade configures whether |ssl| ignores the downgrade
|
|
3922
|
-
// signal in the server's random value.
|
|
3923
|
-
OPENSSL_EXPORT void SSL_set_ignore_tls13_downgrade(SSL *ssl, int ignore);
|
|
3924
|
-
|
|
3925
|
-
// SSL_is_tls13_downgrade returns one if the TLS 1.3 anti-downgrade
|
|
3926
|
-
// mechanism would have aborted |ssl|'s handshake and zero otherwise.
|
|
3927
|
-
OPENSSL_EXPORT int SSL_is_tls13_downgrade(const SSL *ssl);
|
|
3928
|
-
|
|
3929
4109
|
// SSL_used_hello_retry_request returns one if the TLS 1.3 HelloRetryRequest
|
|
3930
4110
|
// message has been either sent by the server or received by the client. It
|
|
3931
4111
|
// returns zero otherwise.
|
|
@@ -4211,7 +4391,7 @@ OPENSSL_EXPORT int SSL_set1_sigalgs(SSL *ssl, const int *values,
|
|
|
4211
4391
|
// SSL_CTX_set1_sigalgs_list takes a textual specification of a set of signature
|
|
4212
4392
|
// algorithms and configures them on |ctx|. It returns one on success and zero
|
|
4213
4393
|
// on error. See
|
|
4214
|
-
// https://www.openssl.org/docs/man1.1.0/
|
|
4394
|
+
// https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set1_sigalgs_list.html for
|
|
4215
4395
|
// a description of the text format. Also note that TLS 1.3 names (e.g.
|
|
4216
4396
|
// "rsa_pkcs1_md5_sha1") can also be used (as in OpenSSL, although OpenSSL
|
|
4217
4397
|
// doesn't document that).
|
|
@@ -4224,7 +4404,7 @@ OPENSSL_EXPORT int SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
|
|
|
4224
4404
|
// SSL_set1_sigalgs_list takes a textual specification of a set of signature
|
|
4225
4405
|
// algorithms and configures them on |ssl|. It returns one on success and zero
|
|
4226
4406
|
// on error. See
|
|
4227
|
-
// https://www.openssl.org/docs/man1.1.0/
|
|
4407
|
+
// https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_set1_sigalgs_list.html for
|
|
4228
4408
|
// a description of the text format. Also note that TLS 1.3 names (e.g.
|
|
4229
4409
|
// "rsa_pkcs1_md5_sha1") can also be used (as in OpenSSL, although OpenSSL
|
|
4230
4410
|
// doesn't document that).
|
|
@@ -4578,6 +4758,42 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx,
|
|
|
4578
4758
|
// |SSL_CTX_set_tlsext_status_cb|'s callback and returns one.
|
|
4579
4759
|
OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
|
|
4580
4760
|
|
|
4761
|
+
// The following symbols are compatibility aliases for reason codes used when
|
|
4762
|
+
// receiving an alert from the peer. Use the other names instead, which fit the
|
|
4763
|
+
// naming convention.
|
|
4764
|
+
//
|
|
4765
|
+
// TODO(davidben): Fix references to |SSL_R_TLSV1_CERTIFICATE_REQUIRED| and
|
|
4766
|
+
// remove the compatibility value. The others come from OpenSSL.
|
|
4767
|
+
#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION \
|
|
4768
|
+
SSL_R_TLSV1_ALERT_UNSUPPORTED_EXTENSION
|
|
4769
|
+
#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE \
|
|
4770
|
+
SSL_R_TLSV1_ALERT_CERTIFICATE_UNOBTAINABLE
|
|
4771
|
+
#define SSL_R_TLSV1_UNRECOGNIZED_NAME SSL_R_TLSV1_ALERT_UNRECOGNIZED_NAME
|
|
4772
|
+
#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE \
|
|
4773
|
+
SSL_R_TLSV1_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE
|
|
4774
|
+
#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE \
|
|
4775
|
+
SSL_R_TLSV1_ALERT_BAD_CERTIFICATE_HASH_VALUE
|
|
4776
|
+
#define SSL_R_TLSV1_CERTIFICATE_REQUIRED SSL_R_TLSV1_ALERT_CERTIFICATE_REQUIRED
|
|
4777
|
+
|
|
4778
|
+
// SSL_CIPHER_get_value calls |SSL_CIPHER_get_protocol_id|.
|
|
4779
|
+
//
|
|
4780
|
+
// TODO(davidben): |SSL_CIPHER_get_value| was our name for this function, but
|
|
4781
|
+
// upstream added it as |SSL_CIPHER_get_protocol_id|. Switch callers to the new
|
|
4782
|
+
// name and remove this one.
|
|
4783
|
+
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher);
|
|
4784
|
+
|
|
4785
|
+
// SSL_CTX_set_ignore_tls13_downgrade does nothing.
|
|
4786
|
+
OPENSSL_EXPORT void SSL_CTX_set_ignore_tls13_downgrade(SSL_CTX *ctx,
|
|
4787
|
+
int ignore);
|
|
4788
|
+
|
|
4789
|
+
// SSL_set_ignore_tls13_downgrade does nothing.
|
|
4790
|
+
OPENSSL_EXPORT void SSL_set_ignore_tls13_downgrade(SSL *ssl, int ignore);
|
|
4791
|
+
|
|
4792
|
+
// SSL_is_tls13_downgrade returns zero. Historically, this function returned
|
|
4793
|
+
// whether the TLS 1.3 downgrade signal would have been enforced if not
|
|
4794
|
+
// disabled. The TLS 1.3 downgrade signal is now always enforced.
|
|
4795
|
+
OPENSSL_EXPORT int SSL_is_tls13_downgrade(const SSL *ssl);
|
|
4796
|
+
|
|
4581
4797
|
|
|
4582
4798
|
// Nodejs compatibility section (hidden).
|
|
4583
4799
|
//
|
|
@@ -5018,7 +5234,7 @@ BSSL_NAMESPACE_END
|
|
|
5018
5234
|
#define SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY 252
|
|
5019
5235
|
#define SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS 253
|
|
5020
5236
|
#define SSL_R_DOWNGRADE_DETECTED 254
|
|
5021
|
-
#define
|
|
5237
|
+
#define SSL_R_EXCESS_HANDSHAKE_DATA 255
|
|
5022
5238
|
#define SSL_R_INVALID_COMPRESSION_LIST 256
|
|
5023
5239
|
#define SSL_R_DUPLICATE_EXTENSION 257
|
|
5024
5240
|
#define SSL_R_MISSING_KEY_SHARE 258
|
|
@@ -5067,6 +5283,12 @@ BSSL_NAMESPACE_END
|
|
|
5067
5283
|
#define SSL_R_INVALID_DELEGATED_CREDENTIAL 301
|
|
5068
5284
|
#define SSL_R_KEY_USAGE_BIT_INCORRECT 302
|
|
5069
5285
|
#define SSL_R_INCONSISTENT_CLIENT_HELLO 303
|
|
5286
|
+
#define SSL_R_CIPHER_MISMATCH_ON_EARLY_DATA 304
|
|
5287
|
+
#define SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED 305
|
|
5288
|
+
#define SSL_R_UNEXPECTED_COMPATIBILITY_MODE 306
|
|
5289
|
+
#define SSL_R_MISSING_ALPN 307
|
|
5290
|
+
#define SSL_R_NEGOTIATED_ALPS_WITHOUT_ALPN 308
|
|
5291
|
+
#define SSL_R_ALPS_MISMATCH_ON_EARLY_DATA 309
|
|
5070
5292
|
#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
|
|
5071
5293
|
#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
|
|
5072
5294
|
#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
|
|
@@ -5092,12 +5314,13 @@ BSSL_NAMESPACE_END
|
|
|
5092
5314
|
#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
|
|
5093
5315
|
#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
|
|
5094
5316
|
#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
|
|
5095
|
-
#define
|
|
5096
|
-
#define
|
|
5097
|
-
#define
|
|
5098
|
-
#define
|
|
5099
|
-
#define
|
|
5100
|
-
#define
|
|
5101
|
-
#define
|
|
5317
|
+
#define SSL_R_TLSV1_ALERT_UNSUPPORTED_EXTENSION 1110
|
|
5318
|
+
#define SSL_R_TLSV1_ALERT_CERTIFICATE_UNOBTAINABLE 1111
|
|
5319
|
+
#define SSL_R_TLSV1_ALERT_UNRECOGNIZED_NAME 1112
|
|
5320
|
+
#define SSL_R_TLSV1_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE 1113
|
|
5321
|
+
#define SSL_R_TLSV1_ALERT_BAD_CERTIFICATE_HASH_VALUE 1114
|
|
5322
|
+
#define SSL_R_TLSV1_ALERT_UNKNOWN_PSK_IDENTITY 1115
|
|
5323
|
+
#define SSL_R_TLSV1_ALERT_CERTIFICATE_REQUIRED 1116
|
|
5324
|
+
#define SSL_R_TLSV1_ALERT_NO_APPLICATION_PROTOCOL 1120
|
|
5102
5325
|
|
|
5103
5326
|
#endif // OPENSSL_HEADER_SSL_H
|