grpc 1.28.0 → 1.42.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1824 -22390
- data/etc/roots.pem +592 -899
- data/include/grpc/byte_buffer.h +1 -1
- data/include/grpc/byte_buffer_reader.h +1 -1
- data/include/grpc/compression.h +1 -1
- data/include/grpc/event_engine/README.md +38 -0
- data/include/grpc/event_engine/endpoint_config.h +43 -0
- data/include/grpc/event_engine/event_engine.h +375 -0
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +98 -0
- data/include/grpc/event_engine/memory_allocator.h +210 -0
- data/include/grpc/event_engine/port.h +39 -0
- data/include/grpc/fork.h +1 -1
- data/include/grpc/grpc.h +52 -13
- data/include/grpc/grpc_posix.h +5 -2
- data/include/grpc/grpc_security.h +324 -180
- data/include/grpc/grpc_security_constants.h +20 -0
- data/include/grpc/impl/codegen/README.md +22 -0
- data/include/grpc/impl/codegen/atm.h +5 -3
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +6 -0
- data/include/grpc/impl/codegen/byte_buffer.h +3 -1
- data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -0
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/fork.h +2 -0
- data/include/grpc/impl/codegen/gpr_slice.h +2 -0
- data/include/grpc/impl/codegen/gpr_types.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +80 -54
- data/include/grpc/impl/codegen/log.h +2 -2
- data/include/grpc/impl/codegen/port_platform.h +103 -100
- data/include/grpc/impl/codegen/propagation_bits.h +2 -0
- data/include/grpc/impl/codegen/slice.h +2 -0
- data/include/grpc/impl/codegen/status.h +2 -0
- data/include/grpc/impl/codegen/sync.h +8 -5
- data/include/grpc/impl/codegen/sync_abseil.h +2 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +3 -0
- data/include/grpc/impl/codegen/sync_posix.h +4 -2
- data/include/grpc/impl/codegen/sync_windows.h +6 -0
- data/include/grpc/module.modulemap +31 -46
- data/include/grpc/slice.h +1 -1
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/atm.h +1 -1
- data/include/grpc/support/atm_gcc_atomic.h +1 -1
- data/include/grpc/support/atm_gcc_sync.h +1 -1
- data/include/grpc/support/atm_windows.h +1 -1
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/port_platform.h +1 -1
- data/include/grpc/support/sync.h +4 -4
- data/include/grpc/support/sync_abseil.h +1 -1
- data/include/grpc/support/sync_custom.h +1 -1
- data/include/grpc/support/sync_generic.h +1 -1
- data/include/grpc/support/sync_posix.h +1 -1
- data/include/grpc/support/sync_windows.h +1 -1
- data/include/grpc/support/time.h +9 -9
- data/src/core/ext/filters/census/grpc_context.cc +1 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +30 -28
- data/src/core/ext/filters/client_channel/backup_poller.cc +8 -6
- data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +158 -202
- data/src/core/ext/filters/client_channel/client_channel.cc +2207 -3176
- data/src/core/ext/filters/client_channel/client_channel.h +561 -62
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +2 -5
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +2 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.h +18 -19
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +18 -13
- data/src/core/ext/filters/client_channel/config_selector.cc +59 -0
- data/src/core/ext/filters/client_channel/config_selector.h +145 -0
- data/src/core/ext/filters/client_channel/connector.h +19 -19
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +190 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +26 -122
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -11
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +71 -73
- data/src/core/ext/filters/client_channel/health/health_check_client.h +37 -35
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +43 -40
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
- data/src/core/ext/filters/client_channel/http_proxy.cc +59 -34
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +96 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +101 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +26 -13
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +12 -21
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +659 -608
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +4 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +76 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +37 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +8 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +5 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +5 -6
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +57 -44
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +918 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +757 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +37 -0
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2502 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +25 -26
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +19 -47
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +741 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +512 -137
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +53 -26
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +795 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +701 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1362 -0
- data/src/core/ext/filters/client_channel/lb_policy.cc +29 -35
- data/src/core/ext/filters/client_channel/lb_policy.h +130 -117
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +2 -1
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +19 -12
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +12 -10
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +139 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +136 -131
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +6 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc +31 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +20 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +98 -138
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +651 -216
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +32 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc +28 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +79 -68
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +124 -136
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +8 -10
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +384 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +38 -31
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +892 -47
- data/src/core/ext/filters/client_channel/{xds/xds_channel_args.h → resolver/xds/xds_resolver.h} +9 -7
- data/src/core/ext/filters/client_channel/resolver.cc +9 -10
- data/src/core/ext/filters/client_channel/resolver.h +13 -23
- data/src/core/ext/filters/client_channel/resolver_factory.h +10 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +57 -56
- data/src/core/ext/filters/client_channel/resolver_registry.h +10 -10
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +61 -315
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +42 -67
- data/src/core/ext/filters/client_channel/retry_filter.cc +2573 -0
- data/src/core/ext/filters/{workarounds/workaround_cronet_compression_filter.h → client_channel/retry_filter.h} +9 -6
- data/src/core/ext/filters/client_channel/retry_service_config.cc +316 -0
- data/src/core/ext/filters/client_channel/retry_service_config.h +96 -0
- data/src/core/ext/filters/client_channel/retry_throttle.cc +20 -49
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +132 -13
- data/src/core/ext/filters/client_channel/server_address.h +80 -32
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +156 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +271 -347
- data/src/core/ext/filters/client_channel/subchannel.h +142 -163
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +38 -9
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +27 -12
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +47 -223
- data/src/core/ext/filters/client_idle/idle_filter_state.cc +96 -0
- data/src/core/ext/filters/client_idle/idle_filter_state.h +66 -0
- data/src/core/ext/filters/deadline/deadline_filter.cc +113 -108
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +503 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +181 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +104 -101
- data/src/core/ext/filters/http/client_authority_filter.cc +21 -21
- data/src/core/ext/filters/http/http_filters_plugin.cc +54 -53
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +274 -230
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +398 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +31 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +107 -98
- data/src/core/ext/filters/max_age/max_age_filter.cc +74 -70
- data/src/core/ext/filters/message_size/message_size_filter.cc +89 -113
- data/src/core/ext/filters/message_size/message_size_filter.h +12 -5
- data/src/core/ext/service_config/service_config.cc +227 -0
- data/src/core/ext/service_config/service_config.h +127 -0
- data/src/core/ext/service_config/service_config_call_data.h +72 -0
- data/src/core/ext/service_config/service_config_parser.cc +89 -0
- data/src/core/ext/service_config/service_config_parser.h +97 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +119 -49
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +24 -5
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +42 -35
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +32 -16
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +52 -88
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +829 -357
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +16 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +14 -6
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +32 -24
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +64 -25
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +11 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +548 -542
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +17 -2
- data/src/core/ext/transport/chttp2/transport/context_list.cc +4 -5
- data/src/core/ext/transport/chttp2/transport/context_list.h +5 -6
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +82 -60
- data/src/core/ext/transport/chttp2/transport/flow_control.h +47 -33
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +30 -29
- data/src/core/ext/transport/chttp2/transport/frame_data.h +11 -10
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +25 -25
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +9 -9
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +15 -16
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +10 -9
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +18 -22
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +9 -9
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +53 -22
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +11 -10
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +25 -25
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +7 -9
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +311 -652
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +241 -72
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +868 -1175
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +102 -84
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +146 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +137 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.h +30 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +77 -56
- data/src/core/ext/transport/chttp2/transport/parsing.cc +168 -320
- data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/varint.cc +13 -7
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
- data/src/core/ext/transport/chttp2/transport/writing.cc +97 -80
- data/src/core/ext/transport/inproc/inproc_transport.cc +263 -180
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1591 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +2 -2
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +243 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +955 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +371 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1554 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +271 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +494 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +2116 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +83 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +370 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +124 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +470 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +94 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +382 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1295 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +103 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +418 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +84 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +161 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +241 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +917 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +171 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +830 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +94 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +244 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +1089 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +71 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +133 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +101 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +132 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +96 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +261 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +125 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +462 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +397 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +33 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +79 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +138 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +640 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +161 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +680 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +177 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +127 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +536 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +153 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +550 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +185 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +738 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +82 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +312 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +960 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +4213 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +177 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +134 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +73 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +298 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +303 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +123 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +403 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1785 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +19 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +35 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +130 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +559 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +73 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +237 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +148 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +674 -0
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +25 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +146 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +535 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +163 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/srds.upb.c → service/route/v3/rds.upb.c} +8 -8
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +62 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +121 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +468 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +205 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +48 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +144 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +96 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +84 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +65 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +184 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +158 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +136 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +225 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +343 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +313 -0
- data/src/core/ext/upb-generated/envoy/type/{http.upb.c → v3/http.upb.c} +4 -3
- data/src/core/ext/upb-generated/envoy/type/{http.upb.h → v3/http.upb.h} +10 -10
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +111 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +148 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +30 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +74 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +1 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +2 -2
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +896 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +251 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +943 -0
- data/src/core/ext/upb-generated/google/api/http.upb.c +18 -18
- data/src/core/ext/upb-generated/google/api/http.upb.h +74 -36
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +20 -8
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +155 -154
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +881 -524
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +20 -8
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +2 -2
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +16 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +15 -15
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +77 -61
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +20 -8
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +19 -19
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +146 -38
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +5 -5
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +25 -12
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +12 -12
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +48 -47
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +63 -63
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +307 -195
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +8 -8
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +44 -16
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +34 -10
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +31 -31
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +186 -72
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +55 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +154 -0
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +8 -8
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +52 -16
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +29 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +70 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +77 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +27 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +66 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +243 -226
- data/src/core/ext/upb-generated/validate/validate.upb.h +1048 -668
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +182 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +66 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +155 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +90 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +100 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +178 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +91 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +58 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +130 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +83 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +252 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +424 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +120 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +596 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +155 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +313 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +150 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +144 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +236 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +300 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +140 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +205 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +201 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +90 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +152 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +982 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +295 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +123 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +79 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +567 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +125 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +196 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +163 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -10
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +52 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +332 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.c +75 -0
- data/src/core/ext/upbdefs-generated/xds/annotations/v3/status.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +3965 -0
- data/src/core/ext/xds/xds_api.h +744 -0
- data/src/core/ext/xds/xds_bootstrap.cc +471 -0
- data/src/core/ext/xds/xds_bootstrap.h +125 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/xds/xds_channel_args.h +32 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +113 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.h +52 -0
- data/src/core/ext/xds/xds_client.cc +2791 -0
- data/src/core/ext/xds/xds_client.h +380 -0
- data/src/core/ext/xds/xds_client_stats.cc +160 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client_stats.h +87 -46
- data/src/core/ext/xds/xds_http_fault_filter.cc +227 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +64 -0
- data/src/core/ext/xds/xds_http_filters.cc +116 -0
- data/src/core/ext/xds/xds_http_filters.h +133 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +544 -0
- data/src/core/lib/address_utils/parse_address.cc +320 -0
- data/src/core/lib/address_utils/parse_address.h +77 -0
- data/src/core/lib/{iomgr → address_utils}/sockaddr_utils.cc +159 -46
- data/src/core/lib/{iomgr → address_utils}/sockaddr_utils.h +46 -20
- data/src/core/lib/avl/avl.cc +5 -5
- data/src/core/lib/backoff/backoff.cc +1 -1
- data/src/core/lib/channel/call_tracer.h +85 -0
- data/src/core/lib/channel/channel_args.cc +50 -29
- data/src/core/lib/channel/channel_args.h +12 -2
- data/src/core/lib/channel/channel_stack.cc +27 -12
- data/src/core/lib/channel/channel_stack.h +38 -23
- data/src/core/lib/channel/channel_stack_builder.cc +6 -16
- data/src/core/lib/channel/channel_stack_builder.h +1 -9
- data/src/core/lib/channel/channel_trace.cc +11 -12
- data/src/core/lib/channel/channel_trace.h +3 -2
- data/src/core/lib/channel/channelz.cc +194 -142
- data/src/core/lib/channel/channelz.h +79 -55
- data/src/core/lib/channel/channelz_registry.cc +42 -22
- data/src/core/lib/channel/channelz_registry.h +4 -2
- data/src/core/lib/channel/connected_channel.cc +13 -12
- data/src/core/lib/channel/connected_channel.h +1 -2
- data/src/core/lib/channel/context.h +4 -1
- data/src/core/lib/channel/handshaker.cc +23 -65
- data/src/core/lib/channel/handshaker.h +12 -28
- data/src/core/lib/channel/handshaker_factory.h +10 -2
- data/src/core/lib/channel/handshaker_registry.cc +15 -82
- data/src/core/lib/channel/handshaker_registry.h +29 -12
- data/src/core/lib/channel/status_util.cc +14 -5
- data/src/core/lib/channel/status_util.h +11 -2
- data/src/core/lib/compression/algorithm_metadata.h +1 -0
- data/src/core/lib/compression/compression.cc +10 -6
- data/src/core/lib/compression/compression_args.cc +11 -7
- data/src/core/lib/compression/compression_internal.cc +14 -11
- data/src/core/lib/compression/compression_internal.h +3 -2
- data/src/core/lib/compression/message_compress.cc +7 -3
- data/src/core/lib/compression/stream_compression.cc +2 -1
- data/src/core/lib/compression/stream_compression.h +3 -2
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -1
- data/src/core/lib/compression/stream_compression_gzip.h +1 -1
- data/src/core/lib/compression/stream_compression_identity.cc +3 -4
- data/src/core/lib/compression/stream_compression_identity.h +1 -1
- data/src/core/lib/config/core_configuration.cc +96 -0
- data/src/core/lib/config/core_configuration.h +146 -0
- data/src/core/lib/debug/stats.cc +22 -28
- data/src/core/lib/debug/stats.h +7 -4
- data/src/core/lib/debug/stats_data.cc +16 -14
- data/src/core/lib/debug/stats_data.h +14 -13
- data/src/core/lib/debug/trace.cc +1 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/event_engine/endpoint_config.cc +45 -0
- data/src/core/lib/event_engine/endpoint_config_internal.h +42 -0
- data/src/core/lib/event_engine/event_engine.cc +50 -0
- data/src/core/lib/event_engine/sockaddr.cc +40 -0
- data/src/core/lib/event_engine/sockaddr.h +44 -0
- data/src/core/lib/gpr/alloc.cc +7 -5
- data/src/core/lib/gpr/atm.cc +1 -1
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/cpu_posix.cc +1 -1
- data/src/core/lib/gpr/env_linux.cc +1 -2
- data/src/core/lib/gpr/env_posix.cc +2 -3
- data/src/core/lib/gpr/log.cc +61 -19
- data/src/core/lib/gpr/log_android.cc +3 -2
- data/src/core/lib/gpr/log_linux.cc +30 -13
- data/src/core/lib/gpr/log_posix.cc +25 -10
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +5 -3
- data/src/core/lib/gpr/spinlock.h +12 -5
- data/src/core/lib/gpr/string.cc +35 -57
- data/src/core/lib/gpr/string.h +11 -26
- data/src/core/lib/gpr/sync.cc +6 -6
- data/src/core/lib/gpr/sync_abseil.cc +12 -12
- data/src/core/lib/gpr/sync_posix.cc +5 -11
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gpr/time.cc +19 -14
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/time_windows.cc +3 -2
- data/src/core/lib/gpr/tls.h +119 -36
- data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
- data/src/core/lib/gpr/useful.h +79 -31
- data/src/core/lib/gpr/wrap_memcpy.cc +2 -1
- data/src/core/lib/gprpp/arena.cc +2 -1
- data/src/core/lib/gprpp/arena.h +18 -7
- data/src/core/lib/gprpp/atomic_utils.h +47 -0
- data/src/core/lib/gprpp/bitset.h +188 -0
- data/src/core/lib/gprpp/chunked_vector.h +211 -0
- data/src/core/lib/gprpp/construct_destruct.h +39 -0
- data/src/core/lib/gprpp/dual_ref_counted.h +330 -0
- data/src/core/lib/gprpp/{optional.h → examine_stack.cc} +19 -9
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +17 -15
- data/src/core/lib/gprpp/fork.h +4 -4
- data/src/core/lib/gprpp/global_config.h +1 -2
- data/src/core/lib/gprpp/global_config_env.cc +11 -9
- data/src/core/lib/gprpp/global_config_generic.h +2 -2
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/manual_constructor.h +10 -7
- data/src/core/lib/gprpp/match.h +73 -0
- data/src/core/lib/gprpp/memory.h +9 -3
- data/src/core/lib/gprpp/mpscq.cc +9 -9
- data/src/core/lib/gprpp/mpscq.h +6 -5
- data/src/core/lib/gprpp/orphanable.h +10 -14
- data/src/core/lib/gprpp/overload.h +59 -0
- data/src/core/lib/gprpp/ref_counted.h +123 -86
- data/src/core/lib/gprpp/ref_counted_ptr.h +173 -7
- data/src/core/lib/gprpp/stat.h +38 -0
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/status_helper.cc +427 -0
- data/src/core/lib/gprpp/status_helper.h +194 -0
- data/src/core/lib/gprpp/sync.h +106 -43
- data/src/core/lib/gprpp/table.h +411 -0
- data/src/core/lib/gprpp/thd.h +3 -3
- data/src/core/lib/gprpp/thd_posix.cc +47 -42
- data/src/core/lib/gprpp/thd_windows.cc +7 -12
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/format_request.cc +47 -65
- data/src/core/lib/http/format_request.h +1 -0
- data/src/core/lib/http/httpcli.cc +213 -193
- data/src/core/lib/http/httpcli.h +7 -6
- data/src/core/lib/http/httpcli_security_connector.cc +25 -24
- data/src/core/lib/http/parser.cc +65 -45
- data/src/core/lib/http/parser.h +7 -7
- data/src/core/lib/iomgr/buffer_list.cc +10 -11
- data/src/core/lib/iomgr/buffer_list.h +27 -28
- data/src/core/lib/iomgr/call_combiner.cc +46 -21
- data/src/core/lib/iomgr/call_combiner.h +15 -16
- data/src/core/lib/iomgr/cfstream_handle.cc +10 -8
- data/src/core/lib/iomgr/cfstream_handle.h +1 -1
- data/src/core/lib/iomgr/closure.h +9 -9
- data/src/core/lib/iomgr/combiner.cc +25 -36
- data/src/core/lib/iomgr/combiner.h +3 -2
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +48 -0
- data/src/core/lib/iomgr/endpoint.cc +6 -6
- data/src/core/lib/iomgr/endpoint.h +10 -8
- data/src/core/lib/iomgr/endpoint_cfstream.cc +60 -48
- data/src/core/lib/iomgr/endpoint_cfstream.h +1 -1
- data/src/core/lib/iomgr/endpoint_pair.h +2 -2
- data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +32 -0
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +21 -17
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +17 -9
- data/src/core/lib/iomgr/error.cc +285 -115
- data/src/core/lib/iomgr/error.h +280 -115
- data/src/core/lib/iomgr/error_cfstream.cc +17 -10
- data/src/core/lib/iomgr/error_cfstream.h +2 -2
- data/src/core/lib/iomgr/error_internal.h +7 -2
- data/src/core/lib/iomgr/ev_apple.cc +359 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +76 -80
- data/src/core/lib/iomgr/ev_epollex_linux.cc +106 -109
- data/src/core/lib/iomgr/ev_poll_posix.cc +79 -76
- data/src/core/lib/iomgr/ev_posix.cc +15 -16
- data/src/core/lib/iomgr/ev_posix.h +9 -9
- data/src/core/lib/iomgr/event_engine/closure.cc +77 -0
- data/src/core/lib/iomgr/event_engine/closure.h +42 -0
- data/src/core/lib/iomgr/event_engine/endpoint.cc +173 -0
- data/src/core/lib/iomgr/event_engine/endpoint.h +52 -0
- data/src/core/lib/iomgr/event_engine/iomgr.cc +104 -0
- data/src/core/lib/iomgr/event_engine/iomgr.h +42 -0
- data/src/core/lib/iomgr/event_engine/pollset.cc +88 -0
- data/src/core/lib/iomgr/event_engine/pollset.h +25 -0
- data/src/core/lib/iomgr/event_engine/promise.h +51 -0
- data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +41 -0
- data/src/core/lib/iomgr/event_engine/resolved_address_internal.h +35 -0
- data/src/core/lib/iomgr/event_engine/resolver.cc +114 -0
- data/src/core/lib/iomgr/event_engine/tcp.cc +293 -0
- data/src/core/lib/iomgr/event_engine/timer.cc +62 -0
- data/src/core/lib/iomgr/exec_ctx.cc +15 -12
- data/src/core/lib/iomgr/exec_ctx.h +37 -30
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +15 -16
- data/src/core/lib/iomgr/executor/mpmcqueue.h +11 -15
- data/src/core/lib/iomgr/executor/threadpool.cc +4 -5
- data/src/core/lib/iomgr/executor/threadpool.h +8 -7
- data/src/core/lib/iomgr/executor.cc +19 -33
- data/src/core/lib/iomgr/executor.h +3 -3
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
- data/src/core/lib/iomgr/iocp_windows.cc +1 -0
- data/src/core/lib/iomgr/iomgr.cc +6 -4
- data/src/core/lib/iomgr/iomgr.h +3 -3
- data/src/core/lib/iomgr/iomgr_custom.cc +3 -3
- data/src/core/lib/iomgr/iomgr_custom.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +8 -12
- data/src/core/lib/iomgr/iomgr_internal.h +6 -5
- data/src/core/lib/iomgr/iomgr_posix.cc +3 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +115 -22
- data/src/core/lib/iomgr/iomgr_windows.cc +2 -3
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +18 -4
- data/src/core/lib/iomgr/load_file.cc +6 -6
- data/src/core/lib/iomgr/load_file.h +2 -2
- data/src/core/lib/iomgr/lockfree_event.cc +38 -15
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/polling_entity.cc +2 -2
- data/src/core/lib/iomgr/pollset.cc +5 -5
- data/src/core/lib/iomgr/pollset.h +9 -9
- data/src/core/lib/iomgr/pollset_custom.cc +10 -11
- data/src/core/lib/iomgr/pollset_custom.h +3 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +12 -13
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
- data/src/core/lib/iomgr/pollset_windows.cc +5 -5
- data/src/core/lib/iomgr/port.h +9 -31
- data/src/core/lib/iomgr/python_util.h +47 -0
- data/src/core/lib/iomgr/resolve_address.cc +14 -9
- data/src/core/lib/iomgr/resolve_address.h +15 -15
- data/src/core/lib/iomgr/resolve_address_custom.cc +48 -62
- data/src/core/lib/iomgr/resolve_address_custom.h +5 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +21 -30
- data/src/core/lib/iomgr/resolve_address_windows.cc +22 -33
- data/src/core/lib/iomgr/resource_quota.cc +185 -94
- data/src/core/lib/iomgr/resource_quota.h +66 -17
- data/src/core/lib/iomgr/sockaddr.h +2 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +8 -7
- data/src/core/lib/iomgr/socket_factory_posix.h +3 -3
- data/src/core/lib/iomgr/socket_mutator.cc +20 -6
- data/src/core/lib/iomgr/socket_mutator.h +28 -5
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +128 -105
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +25 -22
- data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
- data/src/core/lib/iomgr/socket_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_client.cc +5 -3
- data/src/core/lib/iomgr/tcp_client.h +4 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +31 -43
- data/src/core/lib/iomgr/tcp_client_custom.cc +23 -34
- data/src/core/lib/iomgr/tcp_client_posix.cc +72 -69
- data/src/core/lib/iomgr/tcp_client_posix.h +8 -6
- data/src/core/lib/iomgr/tcp_client_windows.cc +31 -23
- data/src/core/lib/iomgr/tcp_custom.cc +77 -71
- data/src/core/lib/iomgr/tcp_custom.h +16 -14
- data/src/core/lib/iomgr/tcp_posix.cc +149 -156
- data/src/core/lib/iomgr/tcp_posix.h +19 -12
- data/src/core/lib/iomgr/tcp_server.cc +12 -11
- data/src/core/lib/iomgr/tcp_server.h +23 -17
- data/src/core/lib/iomgr/tcp_server_custom.cc +72 -94
- data/src/core/lib/iomgr/tcp_server_posix.cc +84 -76
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +19 -16
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +29 -28
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +19 -28
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +46 -42
- data/src/core/lib/iomgr/tcp_windows.cc +44 -47
- data/src/core/lib/iomgr/tcp_windows.h +4 -3
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer.cc +1 -0
- data/src/core/lib/iomgr/timer.h +7 -3
- data/src/core/lib/iomgr/timer_custom.cc +9 -8
- data/src/core/lib/iomgr/timer_custom.h +1 -1
- data/src/core/lib/iomgr/timer_generic.cc +46 -76
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +17 -14
- data/src/core/lib/iomgr/timer_heap.cc +2 -3
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +4 -4
- data/src/core/lib/iomgr/unix_sockets_posix.cc +37 -33
- data/src/core/lib/iomgr/unix_sockets_posix.h +9 -3
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +20 -7
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +3 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +2 -1
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +8 -9
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +4 -3
- data/src/core/lib/iomgr/wakeup_fd_posix.h +8 -6
- data/src/core/lib/iomgr/work_serializer.cc +4 -4
- data/src/core/lib/iomgr/work_serializer.h +18 -2
- data/src/core/lib/json/json.h +15 -4
- data/src/core/lib/json/json_reader.cc +31 -37
- data/src/core/lib/json/json_util.cc +126 -0
- data/src/core/lib/json/json_util.h +154 -0
- data/src/core/lib/json/json_writer.cc +14 -15
- data/src/core/lib/matchers/matchers.cc +327 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/profiling/basic_timers.cc +8 -6
- data/src/core/lib/profiling/stap_timers.cc +2 -2
- data/src/core/lib/security/authorization/authorization_engine.h +44 -0
- data/src/core/lib/security/authorization/authorization_policy_provider.h +33 -0
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +46 -0
- data/src/core/lib/security/authorization/evaluate_args.cc +213 -0
- data/src/core/lib/security/authorization/evaluate_args.h +91 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +171 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
- data/src/core/lib/security/context/security_context.cc +15 -11
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +21 -8
- data/src/core/lib/security/credentials/composite/composite_credentials.h +8 -5
- data/src/core/lib/security/credentials/credentials.cc +17 -99
- data/src/core/lib/security/credentials/credentials.h +27 -70
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +404 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +81 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +214 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +527 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +122 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +136 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +49 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +211 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +60 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +5 -4
- data/src/core/lib/security/credentials/fake/fake_credentials.h +6 -2
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -7
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +154 -77
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +10 -7
- data/src/core/lib/security/credentials/iam/iam_credentials.h +6 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +7 -7
- data/src/core/lib/security/credentials/jwt/json_token.h +3 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +39 -19
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +24 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +25 -35
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +5 -6
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +128 -118
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +20 -12
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +25 -14
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +4 -2
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +31 -10
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +12 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +348 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +217 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +455 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +147 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +82 -140
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +74 -167
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +123 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +51 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +35 -10
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +40 -37
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +97 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +7 -6
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +26 -13
- data/src/core/lib/security/security_connector/security_connector.cc +15 -7
- data/src/core/lib/security/security_connector/security_connector.h +16 -9
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +55 -46
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +9 -7
- data/src/core/lib/security/security_connector/ssl_utils.cc +126 -31
- data/src/core/lib/security/security_connector/ssl_utils.h +40 -34
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +393 -303
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +144 -62
- data/src/core/lib/security/transport/auth_filters.h +1 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +34 -28
- data/src/core/lib/security/transport/secure_endpoint.cc +16 -20
- data/src/core/lib/security/transport/secure_endpoint.h +1 -0
- data/src/core/lib/security/transport/security_handshaker.cc +159 -91
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +22 -17
- data/src/core/lib/security/transport/tsi_error.cc +5 -6
- data/src/core/lib/security/transport/tsi_error.h +2 -1
- data/src/core/lib/security/util/json_util.cc +10 -13
- data/src/core/lib/security/util/json_util.h +2 -1
- data/src/core/lib/slice/percent_encoding.cc +73 -30
- data/src/core/lib/slice/percent_encoding.h +29 -28
- data/src/core/lib/slice/slice.cc +59 -26
- data/src/core/lib/{gpr/tls_pthread.cc → slice/slice_api.cc} +15 -6
- data/src/core/lib/slice/slice_buffer.cc +8 -8
- data/src/core/lib/slice/slice_intern.cc +23 -32
- data/src/core/lib/slice/slice_internal.h +19 -246
- data/src/core/lib/slice/slice_refcount.cc +17 -0
- data/src/core/lib/slice/slice_refcount.h +121 -0
- data/src/core/lib/slice/slice_refcount_base.h +173 -0
- data/src/core/lib/slice/slice_split.cc +100 -0
- data/src/core/lib/slice/slice_split.h +40 -0
- data/src/core/lib/slice/slice_string_helpers.cc +0 -83
- data/src/core/lib/slice/slice_string_helpers.h +0 -11
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/slice/static_slice.cc +529 -0
- data/src/core/lib/slice/static_slice.h +331 -0
- data/src/core/lib/surface/api_trace.cc +2 -1
- data/src/core/lib/surface/api_trace.h +1 -0
- data/src/core/lib/surface/builtins.cc +49 -0
- data/src/core/lib/surface/builtins.h +26 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +3 -48
- data/src/core/lib/surface/call.cc +252 -241
- data/src/core/lib/surface/call.h +12 -6
- data/src/core/lib/surface/call_details.cc +10 -10
- data/src/core/lib/surface/call_log_batch.cc +52 -60
- data/src/core/lib/surface/channel.cc +99 -85
- data/src/core/lib/surface/channel.h +60 -9
- data/src/core/lib/surface/channel_init.cc +23 -76
- data/src/core/lib/surface/channel_init.h +52 -44
- data/src/core/lib/surface/channel_ping.cc +4 -6
- data/src/core/lib/surface/channel_stack_type.cc +2 -1
- data/src/core/lib/surface/completion_queue.cc +179 -188
- data/src/core/lib/surface/completion_queue.h +18 -17
- data/src/core/lib/surface/completion_queue_factory.cc +3 -3
- data/src/core/lib/surface/completion_queue_factory.h +1 -0
- data/src/core/lib/surface/event_string.cc +19 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init.cc +44 -74
- data/src/core/lib/surface/init.h +10 -2
- data/src/core/lib/surface/init_secure.cc +36 -17
- data/src/core/lib/surface/lame_client.cc +62 -61
- data/src/core/lib/surface/lame_client.h +5 -0
- data/src/core/lib/surface/metadata_array.cc +2 -2
- data/src/core/lib/surface/server.cc +1314 -1305
- data/src/core/lib/surface/server.h +475 -45
- data/src/core/lib/surface/validate_metadata.cc +55 -24
- data/src/core/lib/surface/validate_metadata.h +6 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.cc +5 -5
- data/src/core/lib/transport/byte_stream.h +19 -13
- data/src/core/lib/transport/connectivity_state.cc +32 -23
- data/src/core/lib/transport/connectivity_state.h +33 -17
- data/src/core/lib/transport/error_utils.cc +71 -21
- data/src/core/lib/transport/error_utils.h +16 -4
- data/src/core/lib/transport/metadata.cc +60 -25
- data/src/core/lib/transport/metadata.h +17 -14
- data/src/core/lib/transport/metadata_batch.cc +41 -339
- data/src/core/lib/transport/metadata_batch.h +932 -69
- data/src/core/lib/transport/parsed_metadata.h +263 -0
- data/src/core/lib/transport/pid_controller.cc +4 -4
- data/src/core/lib/transport/static_metadata.cc +718 -831
- data/src/core/lib/transport/static_metadata.h +115 -372
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/status_metadata.cc +5 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +15 -14
- data/src/core/lib/transport/transport.h +29 -13
- data/src/core/lib/transport/transport_op_string.cc +91 -112
- data/src/core/lib/uri/uri_parser.cc +135 -258
- data/src/core/lib/uri/uri_parser.h +60 -23
- data/src/core/plugin_registry/grpc_plugin_registry.cc +136 -44
- data/src/core/tsi/alts/crypt/aes_gcm.cc +6 -5
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/crypt/gsec.h +5 -0
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +13 -12
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +18 -17
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +56 -45
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +10 -7
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +116 -55
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +2 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +3 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +6 -6
- data/src/core/tsi/fake_transport_security.cc +41 -26
- data/src/core/tsi/local_transport_security.cc +41 -74
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +20 -55
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +7 -7
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
- data/src/core/tsi/ssl_transport_security.cc +262 -113
- data/src/core/tsi/ssl_transport_security.h +32 -19
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.cc +25 -11
- data/src/core/tsi/transport_security.h +22 -10
- data/src/core/tsi/transport_security_grpc.h +3 -3
- data/src/core/tsi/transport_security_interface.h +35 -4
- data/src/ruby/bin/math_services_pb.rb +5 -5
- data/src/ruby/ext/grpc/extconf.rb +25 -9
- data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
- data/src/ruby/ext/grpc/rb_call.c +17 -8
- data/src/ruby/ext/grpc/rb_call.h +4 -0
- data/src/ruby/ext/grpc/rb_call_credentials.c +62 -17
- data/src/ruby/ext/grpc/rb_channel.c +19 -8
- data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
- data/src/ruby/ext/grpc/rb_channel_credentials.c +24 -5
- data/src/ruby/ext/grpc/rb_channel_credentials.h +5 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
- data/src/ruby/ext/grpc/rb_compression_options.c +6 -5
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +4 -2
- data/src/ruby/ext/grpc/rb_grpc.c +9 -4
- data/src/ruby/ext/grpc/rb_grpc.h +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +54 -18
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +99 -45
- data/src/ruby/ext/grpc/rb_server.c +19 -6
- data/src/ruby/ext/grpc/rb_server_credentials.c +22 -6
- data/src/ruby/ext/grpc/rb_server_credentials.h +5 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +218 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +37 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +170 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +37 -0
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/client_stub.rb +5 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +5 -5
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +3 -3
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +51 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +2 -2
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +64 -14
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +42 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/client_server_spec.rb +1 -1
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +21 -10
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +29 -7
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/src/ruby/spec/user_agent_spec.rb +74 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +1764 -0
- data/third_party/abseil-cpp/absl/base/attributes.h +122 -41
- data/third_party/abseil-cpp/absl/base/call_once.h +3 -10
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +97 -26
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +442 -335
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +169 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/endian.h +61 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.cc +93 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.h +130 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +31 -4
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +35 -33
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +17 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +36 -40
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +33 -30
- data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +11 -3
- data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +11 -11
- data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +5 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +9 -6
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +54 -48
- data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +111 -7
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +0 -76
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +1 -3
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/log_severity.h +4 -4
- data/third_party/abseil-cpp/absl/base/macros.h +47 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +69 -6
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/port.h +0 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +95 -40
- data/third_party/abseil-cpp/absl/container/fixed_array.h +532 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +38 -39
- data/third_party/abseil-cpp/absl/container/internal/common.h +206 -0
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +34 -9
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +460 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +161 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +208 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +274 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +322 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +31 -0
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +141 -66
- data/third_party/abseil-cpp/absl/container/internal/layout.h +743 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +61 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1903 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +139 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1949 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +382 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +199 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +80 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +108 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +253 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +93 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +346 -0
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +147 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +173 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +140 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +36 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1560 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +139 -0
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +325 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +349 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.h +78 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +70 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +1045 -0
- data/third_party/abseil-cpp/absl/hash/internal/wyhash.cc +111 -0
- data/third_party/abseil-cpp/absl/hash/internal/wyhash.h +48 -0
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +18 -10
- data/third_party/abseil-cpp/absl/numeric/bits.h +177 -0
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/numeric/internal/bits.h +358 -0
- data/third_party/abseil-cpp/absl/numeric/internal/representation.h +55 -0
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +69 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +396 -0
- data/third_party/abseil-cpp/absl/status/status.cc +452 -0
- data/third_party/abseil-cpp/absl/status/status.h +878 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +38 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +7 -7
- data/third_party/abseil-cpp/absl/strings/cord.cc +1953 -0
- data/third_party/abseil-cpp/absl/strings/cord.h +1394 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +13 -13
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +8 -8
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +83 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +543 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +146 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +897 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +589 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +114 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +236 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +150 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +16 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +29 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +21 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +1017 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +17 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +22 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +27 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +15 -40
- data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +64 -0
- data/third_party/abseil-cpp/absl/strings/match.cc +6 -3
- data/third_party/abseil-cpp/absl/strings/match.h +16 -6
- data/third_party/abseil-cpp/absl/strings/numbers.cc +132 -4
- data/third_party/abseil-cpp/absl/strings/numbers.h +10 -10
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_join.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +39 -4
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +57 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +99 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +154 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +698 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +156 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +428 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +155 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2751 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +1082 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +585 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +954 -0
- data/third_party/abseil-cpp/absl/time/format.cc +160 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +628 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +386 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1029 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +113 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +965 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +137 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +315 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +116 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +500 -0
- data/third_party/abseil-cpp/absl/time/time.h +1585 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/types/variant.h +866 -0
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/address_sorting_posix.c +1 -0
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +789 -707
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +57 -52
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +22 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +6 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +16 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +29 -27
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/a_strex.c +269 -272
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +106 -153
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +23 -11
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +3 -42
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +16 -22
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +196 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +35 -86
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +326 -281
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +15 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +20 -75
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +156 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +68 -45
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +38 -47
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +49 -65
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +1 -88
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +101 -3
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +120 -273
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +18 -7
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +19 -27
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +15 -23
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +31 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +19 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/is_fips.c → dsa/internal.h} +16 -11
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +385 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +120 -112
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +28 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +40 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +208 -37
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/des.c +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/des/internal.h +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +149 -211
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +11 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +24 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +87 -160
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +305 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +22 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +434 -165
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +18 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +104 -122
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +740 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +117 -91
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +56 -72
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +56 -73
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +33 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +17 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +1 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +62 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +150 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +49 -129
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +116 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +135 -63
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +231 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +93 -107
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +91 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +86 -113
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +618 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +125 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +75 -25
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +156 -15
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +131 -53
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -28
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1399 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +858 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +11 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +345 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +13 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -180
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +7 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +24 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +24 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +52 -89
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +83 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +87 -113
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +54 -74
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +99 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +15 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +21 -19
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +13 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +21 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +52 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +49 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +21 -172
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +5 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +75 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +27 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +42 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +33 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +10 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +7 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +27 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +128 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +86 -44
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +25 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +119 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +1035 -625
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +2 -176
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +71 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +32 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +29 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +32 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +82 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +20 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +20 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +39 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +5 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +110 -51
- data/third_party/boringssl-with-bazel/src/{crypto/x509/x509_r2x.c → include/openssl/evp_errors.h} +41 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +350 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +12 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +26 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +194 -146
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +33 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +8 -19
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +135 -63
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +39 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +697 -194
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +54 -38
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +310 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2071 -826
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +16 -678
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +639 -450
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +16 -22
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +1084 -0
- data/third_party/boringssl-with-bazel/src/ssl/{t1_lib.cc → extensions.cc} +1083 -634
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +478 -78
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +122 -56
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +340 -236
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +199 -40
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +607 -209
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +17 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -4
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +35 -40
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +77 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +11 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +10 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +34 -31
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +169 -111
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +15 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +179 -111
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +9 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +12 -17
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +12 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +28 -23
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +53 -30
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +81 -37
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +411 -235
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +183 -166
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +434 -151
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +65 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +5 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- data/third_party/re2/re2/bitmap256.h +117 -0
- data/third_party/re2/re2/bitstate.cc +385 -0
- data/third_party/re2/re2/compile.cc +1261 -0
- data/third_party/re2/re2/dfa.cc +2118 -0
- data/third_party/re2/re2/filtered_re2.cc +137 -0
- data/third_party/re2/re2/filtered_re2.h +114 -0
- data/third_party/re2/re2/mimics_pcre.cc +197 -0
- data/third_party/re2/re2/nfa.cc +713 -0
- data/third_party/re2/re2/onepass.cc +623 -0
- data/third_party/re2/re2/parse.cc +2483 -0
- data/third_party/re2/re2/perl_groups.cc +119 -0
- data/third_party/re2/re2/pod_array.h +55 -0
- data/third_party/re2/re2/prefilter.cc +711 -0
- data/third_party/re2/re2/prefilter.h +108 -0
- data/third_party/re2/re2/prefilter_tree.cc +407 -0
- data/third_party/re2/re2/prefilter_tree.h +139 -0
- data/third_party/re2/re2/prog.cc +1166 -0
- data/third_party/re2/re2/prog.h +455 -0
- data/third_party/re2/re2/re2.cc +1331 -0
- data/third_party/re2/re2/re2.h +1017 -0
- data/third_party/re2/re2/regexp.cc +987 -0
- data/third_party/re2/re2/regexp.h +665 -0
- data/third_party/re2/re2/set.cc +176 -0
- data/third_party/re2/re2/set.h +85 -0
- data/third_party/re2/re2/simplify.cc +665 -0
- data/third_party/re2/re2/sparse_array.h +392 -0
- data/third_party/re2/re2/sparse_set.h +264 -0
- data/third_party/re2/re2/stringpiece.cc +65 -0
- data/third_party/re2/re2/stringpiece.h +210 -0
- data/third_party/re2/re2/tostring.cc +351 -0
- data/third_party/re2/re2/unicode_casefold.cc +582 -0
- data/third_party/re2/re2/unicode_casefold.h +78 -0
- data/third_party/re2/re2/unicode_groups.cc +6269 -0
- data/third_party/re2/re2/unicode_groups.h +67 -0
- data/third_party/re2/re2/walker-inl.h +246 -0
- data/third_party/re2/util/benchmark.h +156 -0
- data/third_party/re2/util/flags.h +26 -0
- data/third_party/re2/util/logging.h +109 -0
- data/third_party/re2/util/malloc_counter.h +19 -0
- data/third_party/re2/util/mix.h +41 -0
- data/third_party/re2/util/mutex.h +148 -0
- data/third_party/re2/util/pcre.cc +1025 -0
- data/third_party/re2/util/pcre.h +681 -0
- data/third_party/re2/util/rune.cc +260 -0
- data/third_party/re2/util/strutil.cc +149 -0
- data/third_party/re2/util/strutil.h +21 -0
- data/third_party/re2/util/test.h +50 -0
- data/third_party/re2/util/utf.h +44 -0
- data/third_party/re2/util/util.h +42 -0
- data/third_party/upb/upb/decode.c +668 -506
- data/third_party/upb/upb/decode.h +50 -3
- data/third_party/upb/upb/decode_fast.c +1053 -0
- data/third_party/upb/upb/decode_fast.h +153 -0
- data/third_party/upb/upb/decode_internal.h +193 -0
- data/third_party/upb/upb/def.c +2168 -0
- data/third_party/upb/upb/def.h +337 -0
- data/third_party/upb/upb/def.hpp +468 -0
- data/third_party/upb/upb/encode.c +346 -213
- data/third_party/upb/upb/encode.h +56 -4
- data/third_party/upb/upb/msg.c +356 -70
- data/third_party/upb/upb/msg.h +84 -45
- data/third_party/upb/upb/msg_internal.h +687 -0
- data/third_party/upb/upb/port_def.inc +187 -84
- data/third_party/upb/upb/port_undef.inc +47 -7
- data/third_party/upb/upb/reflection.c +400 -0
- data/third_party/upb/upb/reflection.h +196 -0
- data/third_party/upb/upb/reflection.hpp +37 -0
- data/third_party/upb/upb/table.c +265 -336
- data/third_party/upb/upb/{table.int.h → table_internal.h} +73 -229
- data/third_party/upb/upb/text_encode.c +449 -0
- data/third_party/upb/upb/text_encode.h +64 -0
- data/third_party/upb/upb/upb.c +189 -135
- data/third_party/upb/upb/upb.h +153 -150
- data/third_party/upb/upb/upb.hpp +112 -0
- data/third_party/upb/upb/upb_internal.h +58 -0
- data/third_party/xxhash/xxhash.h +5325 -0
- metadata +810 -204
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/ext/filters/client_channel/parse_address.cc +0 -237
- data/src/core/ext/filters/client_channel/parse_address.h +0 -53
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -484
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -181
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -65
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -359
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -122
- data/src/core/ext/filters/client_channel/service_config.cc +0 -261
- data/src/core/ext/filters/client_channel/service_config.h +0 -193
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +0 -1779
- data/src/core/ext/filters/client_channel/xds/xds_api.h +0 -280
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +0 -347
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +0 -87
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +0 -46
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +0 -104
- data/src/core/ext/filters/client_channel/xds/xds_client.cc +0 -2174
- data/src/core/ext/filters/client_channel/xds/xds_client.h +0 -274
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +0 -116
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +0 -210
- data/src/core/ext/filters/workarounds/workaround_utils.cc +0 -53
- data/src/core/ext/filters/workarounds/workaround_utils.h +0 -39
- data/src/core/ext/transport/chttp2/client/authority.cc +0 -42
- data/src/core/ext/transport/chttp2/client/authority.h +0 -36
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -246
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +0 -66
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +0 -58
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -246
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +0 -905
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.c +0 -27
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -73
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +0 -218
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +0 -69
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +0 -54
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +0 -305
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +0 -390
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +0 -1411
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +0 -328
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +0 -292
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +0 -847
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +0 -95
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +0 -322
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +0 -196
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +0 -642
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +0 -168
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +0 -658
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +0 -80
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +0 -132
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +0 -436
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -128
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +0 -392
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +0 -324
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +0 -91
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +0 -240
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +0 -144
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +0 -527
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +0 -42
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +0 -104
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +0 -383
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.c +0 -29
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +0 -793
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +0 -2936
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +0 -62
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +0 -199
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +0 -58
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +0 -227
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +0 -725
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +0 -296
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +0 -1072
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +0 -32
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +0 -65
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +0 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +0 -50
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +0 -130
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +0 -47
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +0 -108
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +0 -133
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +0 -87
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +0 -38
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +0 -87
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +0 -49
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +0 -28
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +0 -62
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +0 -249
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +0 -58
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +0 -144
- data/src/core/lib/gpr/arena.h +0 -47
- data/src/core/lib/gpr/tls_gcc.h +0 -52
- data/src/core/lib/gpr/tls_msvc.h +0 -52
- data/src/core/lib/gpr/tls_pthread.h +0 -56
- data/src/core/lib/gprpp/atomic.h +0 -104
- data/src/core/lib/gprpp/map.h +0 -59
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +0 -87
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +0 -88
- data/src/core/lib/iomgr/pollset_uv.cc +0 -93
- data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
- data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
- data/src/core/lib/iomgr/tcp_uv.cc +0 -418
- data/src/core/lib/iomgr/timer_uv.cc +0 -66
- data/src/core/lib/iomgr/udp_server.cc +0 -752
- data/src/core/lib/iomgr/udp_server.h +0 -101
- data/src/core/lib/security/transport/target_authority_table.cc +0 -75
- data/src/core/lib/security/transport/target_authority_table.h +0 -40
- data/src/core/lib/slice/slice_hash_table.h +0 -199
- data/src/core/lib/slice/slice_weak_hash_table.h +0 -102
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/abseil-cpp/absl/base/internal/bits.h +0 -218
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +0 -104
- data/third_party/boringssl-with-bazel/src/crypto/x509/vpm_int.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
- data/third_party/upb/upb/generated_util.h +0 -105
- data/third_party/upb/upb/port.c +0 -26
|
@@ -146,13 +146,16 @@
|
|
|
146
146
|
|
|
147
147
|
#include <stdlib.h>
|
|
148
148
|
|
|
149
|
+
#include <initializer_list>
|
|
149
150
|
#include <limits>
|
|
150
151
|
#include <new>
|
|
151
152
|
#include <type_traits>
|
|
152
153
|
#include <utility>
|
|
153
154
|
|
|
154
155
|
#include <openssl/aead.h>
|
|
156
|
+
#include <openssl/curve25519.h>
|
|
155
157
|
#include <openssl/err.h>
|
|
158
|
+
#include <openssl/hpke.h>
|
|
156
159
|
#include <openssl/lhash.h>
|
|
157
160
|
#include <openssl/mem.h>
|
|
158
161
|
#include <openssl/span.h>
|
|
@@ -161,6 +164,7 @@
|
|
|
161
164
|
|
|
162
165
|
#include "../crypto/err/internal.h"
|
|
163
166
|
#include "../crypto/internal.h"
|
|
167
|
+
#include "../crypto/lhash/internal.h"
|
|
164
168
|
|
|
165
169
|
|
|
166
170
|
#if defined(OPENSSL_WINDOWS)
|
|
@@ -276,9 +280,9 @@ class Array {
|
|
|
276
280
|
T &operator[](size_t i) { return data_[i]; }
|
|
277
281
|
|
|
278
282
|
T *begin() { return data_; }
|
|
279
|
-
const T *
|
|
283
|
+
const T *begin() const { return data_; }
|
|
280
284
|
T *end() { return data_ + size_; }
|
|
281
|
-
const T *
|
|
285
|
+
const T *end() const { return data_ + size_; }
|
|
282
286
|
|
|
283
287
|
void Reset() { Reset(nullptr, 0); }
|
|
284
288
|
|
|
@@ -345,6 +349,9 @@ class Array {
|
|
|
345
349
|
if (new_size > size_) {
|
|
346
350
|
abort();
|
|
347
351
|
}
|
|
352
|
+
for (size_t i = new_size; i < size_; i++) {
|
|
353
|
+
data_[i].~T();
|
|
354
|
+
}
|
|
348
355
|
size_ = new_size;
|
|
349
356
|
}
|
|
350
357
|
|
|
@@ -375,6 +382,8 @@ class GrowableArray {
|
|
|
375
382
|
return *this;
|
|
376
383
|
}
|
|
377
384
|
|
|
385
|
+
const T *data() const { return array_.data(); }
|
|
386
|
+
T *data() { return array_.data(); }
|
|
378
387
|
size_t size() const { return size_; }
|
|
379
388
|
bool empty() const { return size_ == 0; }
|
|
380
389
|
|
|
@@ -382,9 +391,14 @@ class GrowableArray {
|
|
|
382
391
|
T &operator[](size_t i) { return array_[i]; }
|
|
383
392
|
|
|
384
393
|
T *begin() { return array_.data(); }
|
|
385
|
-
const T *
|
|
394
|
+
const T *begin() const { return array_.data(); }
|
|
386
395
|
T *end() { return array_.data() + size_; }
|
|
387
|
-
const T *
|
|
396
|
+
const T *end() const { return array_.data() + size_; }
|
|
397
|
+
|
|
398
|
+
void clear() {
|
|
399
|
+
size_ = 0;
|
|
400
|
+
array_.Reset();
|
|
401
|
+
}
|
|
388
402
|
|
|
389
403
|
// Push adds |elem| at the end of the internal array, growing if necessary. It
|
|
390
404
|
// returns false when allocation fails.
|
|
@@ -476,15 +490,17 @@ bool ssl_get_version_range(const SSL_HANDSHAKE *hs, uint16_t *out_min_version,
|
|
|
476
490
|
uint16_t *out_max_version);
|
|
477
491
|
|
|
478
492
|
// ssl_supports_version returns whether |hs| supports |version|.
|
|
479
|
-
bool ssl_supports_version(SSL_HANDSHAKE *hs, uint16_t version);
|
|
493
|
+
bool ssl_supports_version(const SSL_HANDSHAKE *hs, uint16_t version);
|
|
480
494
|
|
|
481
495
|
// ssl_method_supports_version returns whether |method| supports |version|.
|
|
482
496
|
bool ssl_method_supports_version(const SSL_PROTOCOL_METHOD *method,
|
|
483
497
|
uint16_t version);
|
|
484
498
|
|
|
485
499
|
// ssl_add_supported_versions writes the supported versions of |hs| to |cbb|, in
|
|
486
|
-
// decreasing preference order.
|
|
487
|
-
|
|
500
|
+
// decreasing preference order. The version list is filtered to those whose
|
|
501
|
+
// protocol version is at least |extra_min_version|.
|
|
502
|
+
bool ssl_add_supported_versions(const SSL_HANDSHAKE *hs, CBB *cbb,
|
|
503
|
+
uint16_t extra_min_version);
|
|
488
504
|
|
|
489
505
|
// ssl_negotiate_version negotiates a common version based on |hs|'s preferences
|
|
490
506
|
// and the peer preference list in |peer_versions|. On success, it returns true
|
|
@@ -631,9 +647,6 @@ const EVP_MD *ssl_get_handshake_digest(uint16_t version,
|
|
|
631
647
|
bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
|
|
632
648
|
const char *rule_str, bool strict);
|
|
633
649
|
|
|
634
|
-
// ssl_cipher_get_value returns the cipher suite id of |cipher|.
|
|
635
|
-
uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher);
|
|
636
|
-
|
|
637
650
|
// ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
|
|
638
651
|
// values suitable for use with |key| in TLS 1.2 and below.
|
|
639
652
|
uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key);
|
|
@@ -670,6 +683,9 @@ class SSLTranscript {
|
|
|
670
683
|
SSLTranscript();
|
|
671
684
|
~SSLTranscript();
|
|
672
685
|
|
|
686
|
+
SSLTranscript(SSLTranscript &&other) = default;
|
|
687
|
+
SSLTranscript &operator=(SSLTranscript &&other) = default;
|
|
688
|
+
|
|
673
689
|
// Init initializes the handshake transcript. If called on an existing
|
|
674
690
|
// transcript, it resets the transcript and hash. It returns true on success
|
|
675
691
|
// and false on failure.
|
|
@@ -678,7 +694,8 @@ class SSLTranscript {
|
|
|
678
694
|
// InitHash initializes the handshake hash based on the PRF and contents of
|
|
679
695
|
// the handshake transcript. Subsequent calls to |Update| will update the
|
|
680
696
|
// rolling hash. It returns one on success and zero on failure. It is an error
|
|
681
|
-
// to call this function after the handshake buffer is released.
|
|
697
|
+
// to call this function after the handshake buffer is released. This may be
|
|
698
|
+
// called multiple times to change the hash function.
|
|
682
699
|
bool InitHash(uint16_t version, const SSL_CIPHER *cipher);
|
|
683
700
|
|
|
684
701
|
// UpdateForHelloRetryRequest resets the rolling hash with the
|
|
@@ -691,9 +708,9 @@ class SSLTranscript {
|
|
|
691
708
|
// the transcript. It returns true on success and false on failure. If the
|
|
692
709
|
// handshake buffer is still present, |digest| may be any supported digest.
|
|
693
710
|
// Otherwise, |digest| must match the transcript hash.
|
|
694
|
-
bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest);
|
|
711
|
+
bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
|
|
695
712
|
|
|
696
|
-
Span<const uint8_t> buffer() {
|
|
713
|
+
Span<const uint8_t> buffer() const {
|
|
697
714
|
return MakeConstSpan(reinterpret_cast<const uint8_t *>(buffer_->data),
|
|
698
715
|
buffer_->length);
|
|
699
716
|
}
|
|
@@ -716,14 +733,14 @@ class SSLTranscript {
|
|
|
716
733
|
// GetHash writes the handshake hash to |out| which must have room for at
|
|
717
734
|
// least |DigestLen| bytes. On success, it returns true and sets |*out_len| to
|
|
718
735
|
// the number of bytes written. Otherwise, it returns false.
|
|
719
|
-
bool GetHash(uint8_t *out, size_t *out_len);
|
|
736
|
+
bool GetHash(uint8_t *out, size_t *out_len) const;
|
|
720
737
|
|
|
721
738
|
// GetFinishedMAC computes the MAC for the Finished message into the bytes
|
|
722
739
|
// pointed by |out| and writes the number of bytes to |*out_len|. |out| must
|
|
723
740
|
// have room for |EVP_MAX_MD_SIZE| bytes. It returns true on success and false
|
|
724
741
|
// on failure.
|
|
725
742
|
bool GetFinishedMAC(uint8_t *out, size_t *out_len, const SSL_SESSION *session,
|
|
726
|
-
bool from_server);
|
|
743
|
+
bool from_server) const;
|
|
727
744
|
|
|
728
745
|
private:
|
|
729
746
|
// buffer_, if non-null, contains the handshake transcript.
|
|
@@ -1061,6 +1078,10 @@ class SSLKeyShare {
|
|
|
1061
1078
|
// |Serialize|.
|
|
1062
1079
|
static UniquePtr<SSLKeyShare> Create(CBS *in);
|
|
1063
1080
|
|
|
1081
|
+
// Serializes writes the group ID and private key, in a format that can be
|
|
1082
|
+
// read by |Create|.
|
|
1083
|
+
bool Serialize(CBB *out);
|
|
1084
|
+
|
|
1064
1085
|
// GroupID returns the group ID.
|
|
1065
1086
|
virtual uint16_t GroupID() const PURE_VIRTUAL;
|
|
1066
1087
|
|
|
@@ -1085,13 +1106,13 @@ class SSLKeyShare {
|
|
|
1085
1106
|
virtual bool Finish(Array<uint8_t> *out_secret, uint8_t *out_alert,
|
|
1086
1107
|
Span<const uint8_t> peer_key) PURE_VIRTUAL;
|
|
1087
1108
|
|
|
1088
|
-
//
|
|
1089
|
-
// successful and false otherwise.
|
|
1090
|
-
virtual bool
|
|
1109
|
+
// SerializePrivateKey writes the private key to |out|, returning true if
|
|
1110
|
+
// successful and false otherwise. It should be called after |Offer|.
|
|
1111
|
+
virtual bool SerializePrivateKey(CBB *out) { return false; }
|
|
1091
1112
|
|
|
1092
|
-
//
|
|
1093
|
-
// true if successful and false otherwise.
|
|
1094
|
-
virtual bool
|
|
1113
|
+
// DeserializePrivateKey initializes the state of the key exchange from |in|,
|
|
1114
|
+
// returning true if successful and false otherwise.
|
|
1115
|
+
virtual bool DeserializePrivateKey(CBS *in) { return false; }
|
|
1095
1116
|
};
|
|
1096
1117
|
|
|
1097
1118
|
struct NamedGroup {
|
|
@@ -1347,32 +1368,27 @@ bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
|
|
|
1347
1368
|
bool tls13_init_key_schedule(SSL_HANDSHAKE *hs, Span<const uint8_t> psk);
|
|
1348
1369
|
|
|
1349
1370
|
// tls13_init_early_key_schedule initializes the handshake hash and key
|
|
1350
|
-
// derivation state from
|
|
1351
|
-
//
|
|
1352
|
-
bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs,
|
|
1371
|
+
// derivation state from |session| for use with 0-RTT. It returns one on success
|
|
1372
|
+
// and zero on error.
|
|
1373
|
+
bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs,
|
|
1374
|
+
const SSL_SESSION *session);
|
|
1353
1375
|
|
|
1354
1376
|
// tls13_advance_key_schedule incorporates |in| into the key schedule with
|
|
1355
1377
|
// HKDF-Extract. It returns true on success and false on error.
|
|
1356
1378
|
bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, Span<const uint8_t> in);
|
|
1357
1379
|
|
|
1358
1380
|
// tls13_set_traffic_key sets the read or write traffic keys to
|
|
1359
|
-
// |traffic_secret|.
|
|
1381
|
+
// |traffic_secret|. The version and cipher suite are determined from |session|.
|
|
1382
|
+
// It returns true on success and false on error.
|
|
1360
1383
|
bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
|
|
1361
1384
|
enum evp_aead_direction_t direction,
|
|
1385
|
+
const SSL_SESSION *session,
|
|
1362
1386
|
Span<const uint8_t> traffic_secret);
|
|
1363
1387
|
|
|
1364
1388
|
// tls13_derive_early_secret derives the early traffic secret. It returns true
|
|
1365
|
-
// on success and false on error.
|
|
1366
|
-
// function does not pass the keys to QUIC. Call
|
|
1367
|
-
// |tls13_set_early_secret_for_quic| to do so. This is done to due to an
|
|
1368
|
-
// ordering complication around resolving HelloRetryRequest on the server.
|
|
1389
|
+
// on success and false on error.
|
|
1369
1390
|
bool tls13_derive_early_secret(SSL_HANDSHAKE *hs);
|
|
1370
1391
|
|
|
1371
|
-
// tls13_set_early_secret_for_quic passes the early traffic secrets, as
|
|
1372
|
-
// derived by |tls13_derive_early_secret|, to QUIC. It returns true on success
|
|
1373
|
-
// and false on error.
|
|
1374
|
-
bool tls13_set_early_secret_for_quic(SSL_HANDSHAKE *hs);
|
|
1375
|
-
|
|
1376
1392
|
// tls13_derive_handshake_secrets derives the handshake traffic secret. It
|
|
1377
1393
|
// returns true on success and false on error.
|
|
1378
1394
|
bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
|
|
@@ -1408,16 +1424,184 @@ bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
|
|
|
1408
1424
|
// on failure.
|
|
1409
1425
|
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce);
|
|
1410
1426
|
|
|
1411
|
-
// tls13_write_psk_binder calculates the PSK binder value
|
|
1412
|
-
// bytes of |msg| with the resulting value. It
|
|
1413
|
-
// false on failure.
|
|
1414
|
-
|
|
1427
|
+
// tls13_write_psk_binder calculates the PSK binder value over |transcript| and
|
|
1428
|
+
// |msg|, and replaces the last bytes of |msg| with the resulting value. It
|
|
1429
|
+
// returns true on success, and false on failure. If |out_binder_len| is
|
|
1430
|
+
// non-NULL, it sets |*out_binder_len| to the length of the value computed.
|
|
1431
|
+
bool tls13_write_psk_binder(const SSL_HANDSHAKE *hs,
|
|
1432
|
+
const SSLTranscript &transcript, Span<uint8_t> msg,
|
|
1433
|
+
size_t *out_binder_len);
|
|
1415
1434
|
|
|
1416
1435
|
// tls13_verify_psk_binder verifies that the handshake transcript, truncated up
|
|
1417
1436
|
// to the binders has a valid signature using the value of |session|'s
|
|
1418
1437
|
// resumption secret. It returns true on success, and false on failure.
|
|
1419
|
-
bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs,
|
|
1420
|
-
const SSLMessage &msg,
|
|
1438
|
+
bool tls13_verify_psk_binder(const SSL_HANDSHAKE *hs,
|
|
1439
|
+
const SSL_SESSION *session, const SSLMessage &msg,
|
|
1440
|
+
CBS *binders);
|
|
1441
|
+
|
|
1442
|
+
|
|
1443
|
+
// Encrypted ClientHello.
|
|
1444
|
+
|
|
1445
|
+
struct ECHConfig {
|
|
1446
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1447
|
+
// raw contains the serialized ECHConfig.
|
|
1448
|
+
Array<uint8_t> raw;
|
|
1449
|
+
// The following fields alias into |raw|.
|
|
1450
|
+
Span<const uint8_t> public_key;
|
|
1451
|
+
Span<const uint8_t> public_name;
|
|
1452
|
+
Span<const uint8_t> cipher_suites;
|
|
1453
|
+
uint16_t kem_id = 0;
|
|
1454
|
+
uint8_t maximum_name_length = 0;
|
|
1455
|
+
uint8_t config_id = 0;
|
|
1456
|
+
};
|
|
1457
|
+
|
|
1458
|
+
class ECHServerConfig {
|
|
1459
|
+
public:
|
|
1460
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1461
|
+
ECHServerConfig() = default;
|
|
1462
|
+
ECHServerConfig(const ECHServerConfig &other) = delete;
|
|
1463
|
+
ECHServerConfig &operator=(ECHServerConfig &&) = delete;
|
|
1464
|
+
|
|
1465
|
+
// Init parses |ech_config| as an ECHConfig and saves a copy of |key|.
|
|
1466
|
+
// It returns true on success and false on error.
|
|
1467
|
+
bool Init(Span<const uint8_t> ech_config, const EVP_HPKE_KEY *key,
|
|
1468
|
+
bool is_retry_config);
|
|
1469
|
+
|
|
1470
|
+
// SetupContext sets up |ctx| for a new connection, given the specified
|
|
1471
|
+
// HPKE ciphersuite and encapsulated KEM key. It returns true on success and
|
|
1472
|
+
// false on error. This function may only be called on an initialized object.
|
|
1473
|
+
bool SetupContext(EVP_HPKE_CTX *ctx, uint16_t kdf_id, uint16_t aead_id,
|
|
1474
|
+
Span<const uint8_t> enc) const;
|
|
1475
|
+
|
|
1476
|
+
const ECHConfig &ech_config() const { return ech_config_; }
|
|
1477
|
+
bool is_retry_config() const { return is_retry_config_; }
|
|
1478
|
+
|
|
1479
|
+
private:
|
|
1480
|
+
ECHConfig ech_config_;
|
|
1481
|
+
ScopedEVP_HPKE_KEY key_;
|
|
1482
|
+
bool is_retry_config_ = false;
|
|
1483
|
+
};
|
|
1484
|
+
|
|
1485
|
+
enum ssl_client_hello_type_t {
|
|
1486
|
+
ssl_client_hello_unencrypted,
|
|
1487
|
+
ssl_client_hello_inner,
|
|
1488
|
+
ssl_client_hello_outer,
|
|
1489
|
+
};
|
|
1490
|
+
|
|
1491
|
+
// ECH_CLIENT_* are types for the ClientHello encrypted_client_hello extension.
|
|
1492
|
+
#define ECH_CLIENT_OUTER 0
|
|
1493
|
+
#define ECH_CLIENT_INNER 1
|
|
1494
|
+
|
|
1495
|
+
// ssl_decode_client_hello_inner recovers the full ClientHelloInner from the
|
|
1496
|
+
// EncodedClientHelloInner |encoded_client_hello_inner| by replacing its
|
|
1497
|
+
// outer_extensions extension with the referenced extensions from the
|
|
1498
|
+
// ClientHelloOuter |client_hello_outer|. If successful, it writes the recovered
|
|
1499
|
+
// ClientHelloInner to |out_client_hello_inner|. It returns true on success and
|
|
1500
|
+
// false on failure.
|
|
1501
|
+
OPENSSL_EXPORT bool ssl_decode_client_hello_inner(
|
|
1502
|
+
SSL *ssl, uint8_t *out_alert, Array<uint8_t> *out_client_hello_inner,
|
|
1503
|
+
Span<const uint8_t> encoded_client_hello_inner,
|
|
1504
|
+
const SSL_CLIENT_HELLO *client_hello_outer);
|
|
1505
|
+
|
|
1506
|
+
// ssl_client_hello_decrypt attempts to decrypt the |payload| and writes the
|
|
1507
|
+
// result to |*out|. |payload| must point into |client_hello_outer|. It returns
|
|
1508
|
+
// true on success and false on error. On error, it sets |*out_is_decrypt_error|
|
|
1509
|
+
// to whether the failure was due to a bad ciphertext.
|
|
1510
|
+
bool ssl_client_hello_decrypt(EVP_HPKE_CTX *hpke_ctx, Array<uint8_t> *out,
|
|
1511
|
+
bool *out_is_decrypt_error,
|
|
1512
|
+
const SSL_CLIENT_HELLO *client_hello_outer,
|
|
1513
|
+
Span<const uint8_t> payload);
|
|
1514
|
+
|
|
1515
|
+
#define ECH_CONFIRMATION_SIGNAL_LEN 8
|
|
1516
|
+
|
|
1517
|
+
// ssl_ech_confirmation_signal_hello_offset returns the offset of the ECH
|
|
1518
|
+
// confirmation signal in a ServerHello message, including the handshake header.
|
|
1519
|
+
size_t ssl_ech_confirmation_signal_hello_offset(const SSL *ssl);
|
|
1520
|
+
|
|
1521
|
+
// ssl_ech_accept_confirmation computes the server's ECH acceptance signal,
|
|
1522
|
+
// writing it to |out|. The transcript portion is the concatenation of
|
|
1523
|
+
// |transcript| with |msg|. The |ECH_CONFIRMATION_SIGNAL_LEN| bytes from
|
|
1524
|
+
// |offset| in |msg| are replaced with zeros before hashing. This function
|
|
1525
|
+
// returns true on success, and false on failure.
|
|
1526
|
+
bool ssl_ech_accept_confirmation(const SSL_HANDSHAKE *hs, Span<uint8_t> out,
|
|
1527
|
+
Span<const uint8_t> client_random,
|
|
1528
|
+
const SSLTranscript &transcript, bool is_hrr,
|
|
1529
|
+
Span<const uint8_t> msg, size_t offset);
|
|
1530
|
+
|
|
1531
|
+
// ssl_is_valid_ech_public_name returns true if |public_name| is a valid ECH
|
|
1532
|
+
// public name and false otherwise. It is exported for testing.
|
|
1533
|
+
OPENSSL_EXPORT bool ssl_is_valid_ech_public_name(
|
|
1534
|
+
Span<const uint8_t> public_name);
|
|
1535
|
+
|
|
1536
|
+
// ssl_is_valid_ech_config_list returns true if |ech_config_list| is a valid
|
|
1537
|
+
// ECHConfigList structure and false otherwise.
|
|
1538
|
+
bool ssl_is_valid_ech_config_list(Span<const uint8_t> ech_config_list);
|
|
1539
|
+
|
|
1540
|
+
// ssl_select_ech_config selects an ECHConfig and associated parameters to offer
|
|
1541
|
+
// on the client and updates |hs|. It returns true on success, whether an
|
|
1542
|
+
// ECHConfig was found or not, and false on internal error. On success, the
|
|
1543
|
+
// encapsulated key is written to |out_enc| and |*out_enc_len| is set to the
|
|
1544
|
+
// number of bytes written. If the function did not select an ECHConfig, the
|
|
1545
|
+
// encapsulated key is the empty string.
|
|
1546
|
+
bool ssl_select_ech_config(SSL_HANDSHAKE *hs, Span<uint8_t> out_enc,
|
|
1547
|
+
size_t *out_enc_len);
|
|
1548
|
+
|
|
1549
|
+
// ssl_ech_extension_body_length returns the length of the body of a ClientHello
|
|
1550
|
+
// ECH extension that encrypts |in_len| bytes with |aead| and an 'enc' value of
|
|
1551
|
+
// length |enc_len|. The result does not include the four-byte extension header.
|
|
1552
|
+
size_t ssl_ech_extension_body_length(const EVP_HPKE_AEAD *aead, size_t enc_len,
|
|
1553
|
+
size_t in_len);
|
|
1554
|
+
|
|
1555
|
+
// ssl_encrypt_client_hello constructs a new ClientHelloInner, adds it to the
|
|
1556
|
+
// inner transcript, and encrypts for inclusion in the ClientHelloOuter. |enc|
|
|
1557
|
+
// is the encapsulated key to include in the extension. It returns true on
|
|
1558
|
+
// success and false on error. If not offering ECH, |enc| is ignored and the
|
|
1559
|
+
// function will compute a GREASE ECH extension if necessary, and otherwise
|
|
1560
|
+
// return success while doing nothing.
|
|
1561
|
+
//
|
|
1562
|
+
// Encrypting the ClientHelloInner incorporates all extensions in the
|
|
1563
|
+
// ClientHelloOuter, so all other state necessary for |ssl_add_client_hello|
|
|
1564
|
+
// must already be computed.
|
|
1565
|
+
bool ssl_encrypt_client_hello(SSL_HANDSHAKE *hs, Span<const uint8_t> enc);
|
|
1566
|
+
|
|
1567
|
+
|
|
1568
|
+
// Delegated credentials.
|
|
1569
|
+
|
|
1570
|
+
// This structure stores a delegated credential (DC) as defined by
|
|
1571
|
+
// draft-ietf-tls-subcerts-03.
|
|
1572
|
+
struct DC {
|
|
1573
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1574
|
+
~DC();
|
|
1575
|
+
|
|
1576
|
+
// Dup returns a copy of this DC and takes references to |raw| and |pkey|.
|
|
1577
|
+
UniquePtr<DC> Dup();
|
|
1578
|
+
|
|
1579
|
+
// Parse parses the delegated credential stored in |in|. If successful it
|
|
1580
|
+
// returns the parsed structure, otherwise it returns |nullptr| and sets
|
|
1581
|
+
// |*out_alert|.
|
|
1582
|
+
static UniquePtr<DC> Parse(CRYPTO_BUFFER *in, uint8_t *out_alert);
|
|
1583
|
+
|
|
1584
|
+
// raw is the delegated credential encoded as specified in draft-ietf-tls-
|
|
1585
|
+
// subcerts-03.
|
|
1586
|
+
UniquePtr<CRYPTO_BUFFER> raw;
|
|
1587
|
+
|
|
1588
|
+
// expected_cert_verify_algorithm is the signature scheme of the DC public
|
|
1589
|
+
// key.
|
|
1590
|
+
uint16_t expected_cert_verify_algorithm = 0;
|
|
1591
|
+
|
|
1592
|
+
// pkey is the public key parsed from |public_key|.
|
|
1593
|
+
UniquePtr<EVP_PKEY> pkey;
|
|
1594
|
+
|
|
1595
|
+
private:
|
|
1596
|
+
friend DC* New<DC>();
|
|
1597
|
+
DC();
|
|
1598
|
+
};
|
|
1599
|
+
|
|
1600
|
+
// ssl_signing_with_dc returns true if the peer has indicated support for
|
|
1601
|
+
// delegated credentials and this host has sent a delegated credential in
|
|
1602
|
+
// response. If this is true then we've committed to using the DC in the
|
|
1603
|
+
// handshake.
|
|
1604
|
+
bool ssl_signing_with_dc(const SSL_HANDSHAKE *hs);
|
|
1421
1605
|
|
|
1422
1606
|
|
|
1423
1607
|
// Handshake functions.
|
|
@@ -1432,7 +1616,6 @@ enum ssl_hs_wait_t {
|
|
|
1432
1616
|
ssl_hs_handoff,
|
|
1433
1617
|
ssl_hs_handback,
|
|
1434
1618
|
ssl_hs_x509_lookup,
|
|
1435
|
-
ssl_hs_channel_id_lookup,
|
|
1436
1619
|
ssl_hs_private_key_operation,
|
|
1437
1620
|
ssl_hs_pending_session,
|
|
1438
1621
|
ssl_hs_pending_ticket,
|
|
@@ -1441,6 +1624,7 @@ enum ssl_hs_wait_t {
|
|
|
1441
1624
|
ssl_hs_read_end_of_early_data,
|
|
1442
1625
|
ssl_hs_read_change_cipher_spec,
|
|
1443
1626
|
ssl_hs_certificate_verify,
|
|
1627
|
+
ssl_hs_hints_ready,
|
|
1444
1628
|
};
|
|
1445
1629
|
|
|
1446
1630
|
enum ssl_grease_index_t {
|
|
@@ -1450,12 +1634,14 @@ enum ssl_grease_index_t {
|
|
|
1450
1634
|
ssl_grease_extension2,
|
|
1451
1635
|
ssl_grease_version,
|
|
1452
1636
|
ssl_grease_ticket_extension,
|
|
1453
|
-
|
|
1637
|
+
ssl_grease_ech_config_id,
|
|
1638
|
+
ssl_grease_last_index = ssl_grease_ech_config_id,
|
|
1454
1639
|
};
|
|
1455
1640
|
|
|
1456
1641
|
enum tls12_server_hs_state_t {
|
|
1457
1642
|
state12_start_accept = 0,
|
|
1458
1643
|
state12_read_client_hello,
|
|
1644
|
+
state12_read_client_hello_after_ech,
|
|
1459
1645
|
state12_select_certificate,
|
|
1460
1646
|
state12_tls13,
|
|
1461
1647
|
state12_select_parameters,
|
|
@@ -1485,8 +1671,10 @@ enum tls13_server_hs_state_t {
|
|
|
1485
1671
|
state13_send_server_hello,
|
|
1486
1672
|
state13_send_server_certificate_verify,
|
|
1487
1673
|
state13_send_server_finished,
|
|
1674
|
+
state13_send_half_rtt_ticket,
|
|
1488
1675
|
state13_read_second_client_flight,
|
|
1489
1676
|
state13_process_end_of_early_data,
|
|
1677
|
+
state13_read_client_encrypted_extensions,
|
|
1490
1678
|
state13_read_client_certificate,
|
|
1491
1679
|
state13_read_client_certificate_verify,
|
|
1492
1680
|
state13_read_channel_id,
|
|
@@ -1498,52 +1686,37 @@ enum tls13_server_hs_state_t {
|
|
|
1498
1686
|
// handback_t lists the points in the state machine where a handback can occur.
|
|
1499
1687
|
// These are the different points at which key material is no longer needed.
|
|
1500
1688
|
enum handback_t {
|
|
1501
|
-
handback_after_session_resumption,
|
|
1502
|
-
handback_after_ecdhe,
|
|
1503
|
-
handback_after_handshake,
|
|
1504
|
-
handback_tls13,
|
|
1689
|
+
handback_after_session_resumption = 0,
|
|
1690
|
+
handback_after_ecdhe = 1,
|
|
1691
|
+
handback_after_handshake = 2,
|
|
1692
|
+
handback_tls13 = 3,
|
|
1693
|
+
handback_max_value = handback_tls13,
|
|
1505
1694
|
};
|
|
1506
1695
|
|
|
1507
|
-
|
|
1508
|
-
//
|
|
1509
|
-
|
|
1510
|
-
// This structure stores a delegated credential (DC) as defined by
|
|
1511
|
-
// draft-ietf-tls-subcerts-03.
|
|
1512
|
-
struct DC {
|
|
1696
|
+
// SSL_HANDSHAKE_HINTS contains handshake hints for a connection. See
|
|
1697
|
+
// |SSL_request_handshake_hints| and related functions.
|
|
1698
|
+
struct SSL_HANDSHAKE_HINTS {
|
|
1513
1699
|
static constexpr bool kAllowUniquePtr = true;
|
|
1514
|
-
~DC();
|
|
1515
|
-
|
|
1516
|
-
// Dup returns a copy of this DC and takes references to |raw| and |pkey|.
|
|
1517
|
-
UniquePtr<DC> Dup();
|
|
1518
1700
|
|
|
1519
|
-
|
|
1520
|
-
// returns the parsed structure, otherwise it returns |nullptr| and sets
|
|
1521
|
-
// |*out_alert|.
|
|
1522
|
-
static UniquePtr<DC> Parse(CRYPTO_BUFFER *in, uint8_t *out_alert);
|
|
1701
|
+
Array<uint8_t> server_random;
|
|
1523
1702
|
|
|
1524
|
-
|
|
1525
|
-
|
|
1526
|
-
|
|
1703
|
+
uint16_t key_share_group_id = 0;
|
|
1704
|
+
Array<uint8_t> key_share_public_key;
|
|
1705
|
+
Array<uint8_t> key_share_secret;
|
|
1527
1706
|
|
|
1528
|
-
|
|
1529
|
-
|
|
1530
|
-
|
|
1707
|
+
uint16_t signature_algorithm = 0;
|
|
1708
|
+
Array<uint8_t> signature_input;
|
|
1709
|
+
Array<uint8_t> signature_spki;
|
|
1710
|
+
Array<uint8_t> signature;
|
|
1531
1711
|
|
|
1532
|
-
|
|
1533
|
-
|
|
1712
|
+
Array<uint8_t> decrypted_psk;
|
|
1713
|
+
bool ignore_psk = false;
|
|
1534
1714
|
|
|
1535
|
-
|
|
1536
|
-
|
|
1537
|
-
|
|
1715
|
+
uint16_t cert_compression_alg_id = 0;
|
|
1716
|
+
Array<uint8_t> cert_compression_input;
|
|
1717
|
+
Array<uint8_t> cert_compression_output;
|
|
1538
1718
|
};
|
|
1539
1719
|
|
|
1540
|
-
// ssl_signing_with_dc returns true if the peer has indicated support for
|
|
1541
|
-
// delegated credentials and this host has sent a delegated credential in
|
|
1542
|
-
// response. If this is true then we've committed to using the DC in the
|
|
1543
|
-
// handshake.
|
|
1544
|
-
bool ssl_signing_with_dc(const SSL_HANDSHAKE *hs);
|
|
1545
|
-
|
|
1546
|
-
|
|
1547
1720
|
struct SSL_HANDSHAKE {
|
|
1548
1721
|
explicit SSL_HANDSHAKE(SSL *ssl);
|
|
1549
1722
|
~SSL_HANDSHAKE();
|
|
@@ -1588,7 +1761,21 @@ struct SSL_HANDSHAKE {
|
|
|
1588
1761
|
public:
|
|
1589
1762
|
void ResizeSecrets(size_t hash_len);
|
|
1590
1763
|
|
|
1764
|
+
// GetClientHello, on the server, returns either the normal ClientHello
|
|
1765
|
+
// message or the ClientHelloInner if it has been serialized to
|
|
1766
|
+
// |ech_client_hello_buf|. This function should only be called when the
|
|
1767
|
+
// current message is a ClientHello. It returns true on success and false on
|
|
1768
|
+
// error.
|
|
1769
|
+
//
|
|
1770
|
+
// Note that fields of the returned |out_msg| and |out_client_hello| point
|
|
1771
|
+
// into a handshake-owned buffer, so their lifetimes should not exceed this
|
|
1772
|
+
// SSL_HANDSHAKE.
|
|
1773
|
+
bool GetClientHello(SSLMessage *out_msg, SSL_CLIENT_HELLO *out_client_hello);
|
|
1774
|
+
|
|
1591
1775
|
Span<uint8_t> secret() { return MakeSpan(secret_, hash_len_); }
|
|
1776
|
+
Span<const uint8_t> secret() const {
|
|
1777
|
+
return MakeConstSpan(secret_, hash_len_);
|
|
1778
|
+
}
|
|
1592
1779
|
Span<uint8_t> early_traffic_secret() {
|
|
1593
1780
|
return MakeSpan(early_traffic_secret_, hash_len_);
|
|
1594
1781
|
}
|
|
@@ -1610,7 +1797,7 @@ struct SSL_HANDSHAKE {
|
|
|
1610
1797
|
|
|
1611
1798
|
union {
|
|
1612
1799
|
// sent is a bitset where the bits correspond to elements of kExtensions
|
|
1613
|
-
// in
|
|
1800
|
+
// in extensions.cc. Each bit is set if that extension was sent in a
|
|
1614
1801
|
// ClientHello. It's not used by servers.
|
|
1615
1802
|
uint32_t sent = 0;
|
|
1616
1803
|
// received is a bitset, like |sent|, but is used by servers to record
|
|
@@ -1618,9 +1805,9 @@ struct SSL_HANDSHAKE {
|
|
|
1618
1805
|
uint32_t received;
|
|
1619
1806
|
} extensions;
|
|
1620
1807
|
|
|
1621
|
-
//
|
|
1622
|
-
//
|
|
1623
|
-
|
|
1808
|
+
// inner_extensions_sent, on clients that offer ECH, is |extensions.sent| for
|
|
1809
|
+
// the ClientHelloInner.
|
|
1810
|
+
uint32_t inner_extensions_sent = 0;
|
|
1624
1811
|
|
|
1625
1812
|
// error, if |wait| is |ssl_hs_error|, is the error the handshake failed on.
|
|
1626
1813
|
UniquePtr<ERR_SAVE_STATE> error;
|
|
@@ -1633,11 +1820,31 @@ struct SSL_HANDSHAKE {
|
|
|
1633
1820
|
// transcript is the current handshake transcript.
|
|
1634
1821
|
SSLTranscript transcript;
|
|
1635
1822
|
|
|
1823
|
+
// inner_transcript, on the client, is the handshake transcript for the
|
|
1824
|
+
// ClientHelloInner handshake. It is moved to |transcript| if the server
|
|
1825
|
+
// accepts ECH.
|
|
1826
|
+
SSLTranscript inner_transcript;
|
|
1827
|
+
|
|
1828
|
+
// inner_client_random is the ClientHello random value used with
|
|
1829
|
+
// ClientHelloInner.
|
|
1830
|
+
uint8_t inner_client_random[SSL3_RANDOM_SIZE] = {0};
|
|
1831
|
+
|
|
1636
1832
|
// cookie is the value of the cookie received from the server, if any.
|
|
1637
1833
|
Array<uint8_t> cookie;
|
|
1638
1834
|
|
|
1639
|
-
//
|
|
1640
|
-
// the
|
|
1835
|
+
// ech_client_outer contains the outer ECH extension to send in the
|
|
1836
|
+
// ClientHello, excluding the header and type byte.
|
|
1837
|
+
Array<uint8_t> ech_client_outer;
|
|
1838
|
+
|
|
1839
|
+
// ech_retry_configs, on the client, contains the retry configs from the
|
|
1840
|
+
// server as a serialized ECHConfigList.
|
|
1841
|
+
Array<uint8_t> ech_retry_configs;
|
|
1842
|
+
|
|
1843
|
+
// ech_client_hello_buf, on the server, contains the bytes of the
|
|
1844
|
+
// reconstructed ClientHelloInner message.
|
|
1845
|
+
Array<uint8_t> ech_client_hello_buf;
|
|
1846
|
+
|
|
1847
|
+
// key_share_bytes is the key_share extension that the client should send.
|
|
1641
1848
|
Array<uint8_t> key_share_bytes;
|
|
1642
1849
|
|
|
1643
1850
|
// ecdh_public_key, for servers, is the key share to be sent to the client in
|
|
@@ -1654,20 +1861,28 @@ struct SSL_HANDSHAKE {
|
|
|
1654
1861
|
// advertise this extension to the client.
|
|
1655
1862
|
Array<uint16_t> peer_supported_group_list;
|
|
1656
1863
|
|
|
1864
|
+
// peer_delegated_credential_sigalgs are the signature algorithms the peer
|
|
1865
|
+
// supports with delegated credentials.
|
|
1866
|
+
Array<uint16_t> peer_delegated_credential_sigalgs;
|
|
1867
|
+
|
|
1657
1868
|
// peer_key is the peer's ECDH key for a TLS 1.2 client.
|
|
1658
1869
|
Array<uint8_t> peer_key;
|
|
1659
1870
|
|
|
1660
|
-
//
|
|
1661
|
-
//
|
|
1662
|
-
//
|
|
1663
|
-
|
|
1664
|
-
uint16_t negotiated_token_binding_version;
|
|
1871
|
+
// extension_permutation is the permutation to apply to ClientHello
|
|
1872
|
+
// extensions. It maps indices into the |kExtensions| table into other
|
|
1873
|
+
// indices.
|
|
1874
|
+
Array<uint8_t> extension_permutation;
|
|
1665
1875
|
|
|
1666
1876
|
// cert_compression_alg_id, for a server, contains the negotiated certificate
|
|
1667
1877
|
// compression algorithm for this client. It is only valid if
|
|
1668
1878
|
// |cert_compression_negotiated| is true.
|
|
1669
1879
|
uint16_t cert_compression_alg_id;
|
|
1670
1880
|
|
|
1881
|
+
// ech_hpke_ctx is the HPKE context used in ECH. On the server, it is
|
|
1882
|
+
// initialized if |ech_status| is |ssl_ech_accepted|. On the client, it is
|
|
1883
|
+
// initialized if |selected_ech_config| is not nullptr.
|
|
1884
|
+
ScopedEVP_HPKE_CTX ech_hpke_ctx;
|
|
1885
|
+
|
|
1671
1886
|
// server_params, in a TLS 1.2 server, stores the ServerKeyExchange
|
|
1672
1887
|
// parameters. It has client and server randoms prepended for signing
|
|
1673
1888
|
// convenience.
|
|
@@ -1704,19 +1919,40 @@ struct SSL_HANDSHAKE {
|
|
|
1704
1919
|
// the client if |in_early_data| is true.
|
|
1705
1920
|
UniquePtr<SSL_SESSION> early_session;
|
|
1706
1921
|
|
|
1922
|
+
// ssl_ech_keys, for servers, is the set of ECH keys to use with this
|
|
1923
|
+
// handshake. This is copied from |SSL_CTX| to ensure consistent behavior as
|
|
1924
|
+
// |SSL_CTX| rotates keys.
|
|
1925
|
+
UniquePtr<SSL_ECH_KEYS> ech_keys;
|
|
1926
|
+
|
|
1927
|
+
// selected_ech_config, for clients, is the ECHConfig the client uses to offer
|
|
1928
|
+
// ECH, or nullptr if ECH is not being offered. If non-NULL, |ech_hpke_ctx|
|
|
1929
|
+
// will be initialized.
|
|
1930
|
+
UniquePtr<ECHConfig> selected_ech_config;
|
|
1931
|
+
|
|
1707
1932
|
// new_cipher is the cipher being negotiated in this handshake.
|
|
1708
1933
|
const SSL_CIPHER *new_cipher = nullptr;
|
|
1709
1934
|
|
|
1710
1935
|
// key_block is the record-layer key block for TLS 1.2 and earlier.
|
|
1711
1936
|
Array<uint8_t> key_block;
|
|
1712
1937
|
|
|
1938
|
+
// hints contains the handshake hints for this connection. If
|
|
1939
|
+
// |hints_requested| is true, this field is non-null and contains the pending
|
|
1940
|
+
// hints to filled as the predicted handshake progresses. Otherwise, this
|
|
1941
|
+
// field, if non-null, contains hints configured by the caller and will
|
|
1942
|
+
// influence the handshake on match.
|
|
1943
|
+
UniquePtr<SSL_HANDSHAKE_HINTS> hints;
|
|
1944
|
+
|
|
1945
|
+
// ech_is_inner, on the server, indicates whether the ClientHello contained an
|
|
1946
|
+
// inner ECH extension.
|
|
1947
|
+
bool ech_is_inner : 1;
|
|
1948
|
+
|
|
1949
|
+
// ech_authenticated_reject, on the client, indicates whether an ECH rejection
|
|
1950
|
+
// handshake has been authenticated.
|
|
1951
|
+
bool ech_authenticated_reject : 1;
|
|
1952
|
+
|
|
1713
1953
|
// scts_requested is true if the SCT extension is in the ClientHello.
|
|
1714
1954
|
bool scts_requested : 1;
|
|
1715
1955
|
|
|
1716
|
-
// needs_psk_binder is true if the ClientHello has a placeholder PSK binder to
|
|
1717
|
-
// be filled in.
|
|
1718
|
-
bool needs_psk_binder : 1;
|
|
1719
|
-
|
|
1720
1956
|
// handshake_finalized is true once the handshake has completed, at which
|
|
1721
1957
|
// point accessors should use the established state.
|
|
1722
1958
|
bool handshake_finalized : 1;
|
|
@@ -1778,15 +2014,17 @@ struct SSL_HANDSHAKE {
|
|
|
1778
2014
|
// in progress.
|
|
1779
2015
|
bool pending_private_key_op : 1;
|
|
1780
2016
|
|
|
1781
|
-
// grease_seeded is true if |grease_seed| has been initialized.
|
|
1782
|
-
bool grease_seeded : 1;
|
|
1783
|
-
|
|
1784
2017
|
// handback indicates that a server should pause the handshake after
|
|
1785
2018
|
// finishing operations that require private key material, in such a way that
|
|
1786
2019
|
// |SSL_get_error| returns |SSL_ERROR_HANDBACK|. It is set by
|
|
1787
2020
|
// |SSL_apply_handoff|.
|
|
1788
2021
|
bool handback : 1;
|
|
1789
2022
|
|
|
2023
|
+
// hints_requested indicates the caller has requested handshake hints. Only
|
|
2024
|
+
// the first round-trip of the handshake will complete, after which the
|
|
2025
|
+
// |hints| structure can be serialized.
|
|
2026
|
+
bool hints_requested : 1;
|
|
2027
|
+
|
|
1790
2028
|
// cert_compression_negotiated is true iff |cert_compression_alg_id| is valid.
|
|
1791
2029
|
bool cert_compression_negotiated : 1;
|
|
1792
2030
|
|
|
@@ -1794,6 +2032,14 @@ struct SSL_HANDSHAKE {
|
|
|
1794
2032
|
// which implemented TLS 1.3 incorrectly.
|
|
1795
2033
|
bool apply_jdk11_workaround : 1;
|
|
1796
2034
|
|
|
2035
|
+
// can_release_private_key is true if the private key will no longer be used
|
|
2036
|
+
// in this handshake.
|
|
2037
|
+
bool can_release_private_key : 1;
|
|
2038
|
+
|
|
2039
|
+
// channel_id_negotiated is true if Channel ID should be used in this
|
|
2040
|
+
// handshake.
|
|
2041
|
+
bool channel_id_negotiated : 1;
|
|
2042
|
+
|
|
1797
2043
|
// client_version is the value sent or received in the ClientHello version.
|
|
1798
2044
|
uint16_t client_version = 0;
|
|
1799
2045
|
|
|
@@ -1805,12 +2051,14 @@ struct SSL_HANDSHAKE {
|
|
|
1805
2051
|
// record layer.
|
|
1806
2052
|
uint16_t early_data_written = 0;
|
|
1807
2053
|
|
|
2054
|
+
// ech_config_id is the ECH config sent by the client.
|
|
2055
|
+
uint8_t ech_config_id = 0;
|
|
2056
|
+
|
|
1808
2057
|
// session_id is the session ID in the ClientHello.
|
|
1809
2058
|
uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
|
|
1810
2059
|
uint8_t session_id_len = 0;
|
|
1811
2060
|
|
|
1812
|
-
// grease_seed is the entropy for GREASE values.
|
|
1813
|
-
// |grease_seeded| is true.
|
|
2061
|
+
// grease_seed is the entropy for GREASE values.
|
|
1814
2062
|
uint8_t grease_seed[ssl_grease_last_index + 1] = {0};
|
|
1815
2063
|
};
|
|
1816
2064
|
|
|
@@ -1867,13 +2115,26 @@ enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs);
|
|
|
1867
2115
|
|
|
1868
2116
|
bool tls13_add_finished(SSL_HANDSHAKE *hs);
|
|
1869
2117
|
bool tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg);
|
|
2118
|
+
bssl::UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl,
|
|
2119
|
+
CBS *body);
|
|
2120
|
+
|
|
2121
|
+
// ssl_setup_extension_permutation computes a ClientHello extension permutation
|
|
2122
|
+
// for |hs|, if applicable. It returns true on success and false on error.
|
|
2123
|
+
bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
|
|
2124
|
+
|
|
2125
|
+
// ssl_setup_key_shares computes client key shares and saves them in |hs|. It
|
|
2126
|
+
// returns true on success and false on failure. If |override_group_id| is zero,
|
|
2127
|
+
// it offers the default groups, including GREASE. If it is non-zero, it offers
|
|
2128
|
+
// a single key share of the specified group.
|
|
2129
|
+
bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id);
|
|
1870
2130
|
|
|
1871
2131
|
bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
1872
2132
|
Array<uint8_t> *out_secret,
|
|
1873
2133
|
uint8_t *out_alert, CBS *contents);
|
|
1874
2134
|
bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
|
|
1875
|
-
|
|
1876
|
-
uint8_t *out_alert,
|
|
2135
|
+
Span<const uint8_t> *out_peer_key,
|
|
2136
|
+
uint8_t *out_alert,
|
|
2137
|
+
const SSL_CLIENT_HELLO *client_hello);
|
|
1877
2138
|
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
1878
2139
|
|
|
1879
2140
|
bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
@@ -1889,7 +2150,33 @@ bool ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
|
1889
2150
|
// returns whether it's valid.
|
|
1890
2151
|
bool ssl_is_sct_list_valid(const CBS *contents);
|
|
1891
2152
|
|
|
1892
|
-
|
|
2153
|
+
// ssl_write_client_hello_without_extensions writes a ClientHello to |out|,
|
|
2154
|
+
// up to the extensions field. |type| determines the type of ClientHello to
|
|
2155
|
+
// write. If |omit_session_id| is true, the session ID is empty.
|
|
2156
|
+
bool ssl_write_client_hello_without_extensions(const SSL_HANDSHAKE *hs,
|
|
2157
|
+
CBB *cbb,
|
|
2158
|
+
ssl_client_hello_type_t type,
|
|
2159
|
+
bool empty_session_id);
|
|
2160
|
+
|
|
2161
|
+
// ssl_add_client_hello constructs a ClientHello and adds it to the outgoing
|
|
2162
|
+
// flight. It returns true on success and false on error.
|
|
2163
|
+
bool ssl_add_client_hello(SSL_HANDSHAKE *hs);
|
|
2164
|
+
|
|
2165
|
+
struct ParsedServerHello {
|
|
2166
|
+
CBS raw;
|
|
2167
|
+
uint16_t legacy_version = 0;
|
|
2168
|
+
CBS random;
|
|
2169
|
+
CBS session_id;
|
|
2170
|
+
uint16_t cipher_suite = 0;
|
|
2171
|
+
uint8_t compression_method = 0;
|
|
2172
|
+
CBS extensions;
|
|
2173
|
+
};
|
|
2174
|
+
|
|
2175
|
+
// ssl_parse_server_hello parses |msg| as a ServerHello. On success, it writes
|
|
2176
|
+
// the result to |*out| and returns true. Otherwise, it returns false and sets
|
|
2177
|
+
// |*out_alert| to an alert to send to the peer.
|
|
2178
|
+
bool ssl_parse_server_hello(ParsedServerHello *out, uint8_t *out_alert,
|
|
2179
|
+
const SSLMessage &msg);
|
|
1893
2180
|
|
|
1894
2181
|
enum ssl_cert_verify_context_t {
|
|
1895
2182
|
ssl_cert_verify_server,
|
|
@@ -1905,6 +2192,9 @@ bool tls13_get_cert_verify_signature_input(
|
|
|
1905
2192
|
SSL_HANDSHAKE *hs, Array<uint8_t> *out,
|
|
1906
2193
|
enum ssl_cert_verify_context_t cert_verify_context);
|
|
1907
2194
|
|
|
2195
|
+
// ssl_is_valid_alpn_list returns whether |in| is a valid ALPN protocol list.
|
|
2196
|
+
bool ssl_is_valid_alpn_list(Span<const uint8_t> in);
|
|
2197
|
+
|
|
1908
2198
|
// ssl_is_alpn_protocol_allowed returns whether |protocol| is a valid server
|
|
1909
2199
|
// selection for |hs->ssl|'s client preferences.
|
|
1910
2200
|
bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
|
|
@@ -1916,20 +2206,39 @@ bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
|
|
|
1916
2206
|
bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
1917
2207
|
const SSL_CLIENT_HELLO *client_hello);
|
|
1918
2208
|
|
|
1919
|
-
|
|
2209
|
+
// ssl_get_local_application_settings looks up the configured ALPS value for
|
|
2210
|
+
// |protocol|. If found, it sets |*out_settings| to the value and returns true.
|
|
2211
|
+
// Otherwise, it returns false.
|
|
2212
|
+
bool ssl_get_local_application_settings(const SSL_HANDSHAKE *hs,
|
|
2213
|
+
Span<const uint8_t> *out_settings,
|
|
2214
|
+
Span<const uint8_t> protocol);
|
|
2215
|
+
|
|
2216
|
+
// ssl_negotiate_alps negotiates the ALPS extension, if applicable. It returns
|
|
2217
|
+
// true on successful negotiation or if nothing was negotiated. It returns false
|
|
2218
|
+
// and sets |*out_alert| to an alert on error.
|
|
2219
|
+
bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
2220
|
+
const SSL_CLIENT_HELLO *client_hello);
|
|
2221
|
+
|
|
2222
|
+
struct SSLExtension {
|
|
2223
|
+
SSLExtension(uint16_t type_arg, bool allowed_arg = true)
|
|
2224
|
+
: type(type_arg), allowed(allowed_arg), present(false) {
|
|
2225
|
+
CBS_init(&data, nullptr, 0);
|
|
2226
|
+
}
|
|
2227
|
+
|
|
1920
2228
|
uint16_t type;
|
|
1921
|
-
bool
|
|
1922
|
-
|
|
2229
|
+
bool allowed;
|
|
2230
|
+
bool present;
|
|
2231
|
+
CBS data;
|
|
1923
2232
|
};
|
|
1924
2233
|
|
|
1925
2234
|
// ssl_parse_extensions parses a TLS extensions block out of |cbs| and advances
|
|
1926
|
-
// it. It writes the parsed extensions to pointers
|
|
1927
|
-
//
|
|
1928
|
-
//
|
|
1929
|
-
//
|
|
1930
|
-
|
|
1931
|
-
|
|
1932
|
-
|
|
2235
|
+
// it. It writes the parsed extensions to pointers in |extensions|. On success,
|
|
2236
|
+
// it fills in the |present| and |data| fields and returns true. Otherwise, it
|
|
2237
|
+
// sets |*out_alert| to an alert to send and returns false. Unknown extensions
|
|
2238
|
+
// are rejected unless |ignore_unknown| is true.
|
|
2239
|
+
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
2240
|
+
std::initializer_list<SSLExtension *> extensions,
|
|
2241
|
+
bool ignore_unknown);
|
|
1933
2242
|
|
|
1934
2243
|
// ssl_verify_peer_cert verifies the peer certificate for |hs|.
|
|
1935
2244
|
enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
|
|
@@ -1942,6 +2251,15 @@ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
|
|
|
1942
2251
|
bool ssl_send_finished(SSL_HANDSHAKE *hs);
|
|
1943
2252
|
bool ssl_output_cert_chain(SSL_HANDSHAKE *hs);
|
|
1944
2253
|
|
|
2254
|
+
// ssl_handshake_session returns the |SSL_SESSION| corresponding to the current
|
|
2255
|
+
// handshake. Note, in TLS 1.2 resumptions, this session is immutable.
|
|
2256
|
+
const SSL_SESSION *ssl_handshake_session(const SSL_HANDSHAKE *hs);
|
|
2257
|
+
|
|
2258
|
+
// ssl_done_writing_client_hello is called after the last ClientHello is written
|
|
2259
|
+
// by |hs|. It releases some memory that is no longer needed.
|
|
2260
|
+
void ssl_done_writing_client_hello(SSL_HANDSHAKE *hs);
|
|
2261
|
+
|
|
2262
|
+
|
|
1945
2263
|
// SSLKEYLOGFILE functions.
|
|
1946
2264
|
|
|
1947
2265
|
// ssl_log_secret logs |secret| with label |label|, if logging is enabled for
|
|
@@ -1952,8 +2270,14 @@ bool ssl_log_secret(const SSL *ssl, const char *label,
|
|
|
1952
2270
|
|
|
1953
2271
|
// ClientHello functions.
|
|
1954
2272
|
|
|
1955
|
-
|
|
1956
|
-
|
|
2273
|
+
// ssl_client_hello_init parses |body| as a ClientHello message, excluding the
|
|
2274
|
+
// message header, and writes the result to |*out|. It returns true on success
|
|
2275
|
+
// and false on error. This function is exported for testing.
|
|
2276
|
+
OPENSSL_EXPORT bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
2277
|
+
Span<const uint8_t> body);
|
|
2278
|
+
|
|
2279
|
+
bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
|
|
2280
|
+
SSL_CLIENT_HELLO *out);
|
|
1957
2281
|
|
|
1958
2282
|
bool ssl_client_hello_get_extension(const SSL_CLIENT_HELLO *client_hello,
|
|
1959
2283
|
CBS *out, uint16_t extension_type);
|
|
@@ -1968,7 +2292,8 @@ bool ssl_client_cipher_list_contains_cipher(
|
|
|
1968
2292
|
// connection, the values for each index will be deterministic. This allows the
|
|
1969
2293
|
// same ClientHello be sent twice for a HelloRetryRequest or the same group be
|
|
1970
2294
|
// advertised in both supported_groups and key_shares.
|
|
1971
|
-
uint16_t ssl_get_grease_value(SSL_HANDSHAKE *hs,
|
|
2295
|
+
uint16_t ssl_get_grease_value(const SSL_HANDSHAKE *hs,
|
|
2296
|
+
enum ssl_grease_index_t index);
|
|
1972
2297
|
|
|
1973
2298
|
|
|
1974
2299
|
// Signature algorithms.
|
|
@@ -1999,12 +2324,12 @@ Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs);
|
|
|
1999
2324
|
|
|
2000
2325
|
// tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
|
|
2001
2326
|
// peer signature to |out|. It returns true on success and false on error.
|
|
2002
|
-
bool tls12_add_verify_sigalgs(const
|
|
2327
|
+
bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out);
|
|
2003
2328
|
|
|
2004
2329
|
// tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
|
|
2005
2330
|
// signature. It returns true on success and false on error, setting
|
|
2006
2331
|
// |*out_alert| to an alert to send.
|
|
2007
|
-
bool tls12_check_peer_sigalg(const
|
|
2332
|
+
bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
2008
2333
|
uint16_t sigalg);
|
|
2009
2334
|
|
|
2010
2335
|
|
|
@@ -2014,7 +2339,7 @@ bool tls12_check_peer_sigalg(const SSL *ssl, uint8_t *out_alert,
|
|
|
2014
2339
|
|
|
2015
2340
|
#define TLSEXT_CHANNEL_ID_SIZE 128
|
|
2016
2341
|
|
|
2017
|
-
// From
|
|
2342
|
+
// From RFC 4492, used in encoding the curve type in ECParameters
|
|
2018
2343
|
#define NAMED_CURVE_TYPE 3
|
|
2019
2344
|
|
|
2020
2345
|
struct CERT {
|
|
@@ -2108,6 +2433,9 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2108
2433
|
bool (*get_message)(const SSL *ssl, SSLMessage *out);
|
|
2109
2434
|
// next_message is called to release the current handshake message.
|
|
2110
2435
|
void (*next_message)(SSL *ssl);
|
|
2436
|
+
// has_unprocessed_handshake_data returns whether there is buffered
|
|
2437
|
+
// handshake data that has not been consumed by |get_message|.
|
|
2438
|
+
bool (*has_unprocessed_handshake_data)(const SSL *ssl);
|
|
2111
2439
|
// Use the |ssl_open_handshake| wrapper.
|
|
2112
2440
|
ssl_open_record_t (*open_handshake)(SSL *ssl, size_t *out_consumed,
|
|
2113
2441
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
@@ -2125,10 +2453,11 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2125
2453
|
// init_message begins a new handshake message of type |type|. |cbb| is the
|
|
2126
2454
|
// root CBB to be passed into |finish_message|. |*body| is set to a child CBB
|
|
2127
2455
|
// the caller should write to. It returns true on success and false on error.
|
|
2128
|
-
bool (*init_message)(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
2456
|
+
bool (*init_message)(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
2129
2457
|
// finish_message finishes a handshake message. It sets |*out_msg| to the
|
|
2130
2458
|
// serialized message. It returns true on success and false on error.
|
|
2131
|
-
bool (*finish_message)(SSL *ssl, CBB *cbb,
|
|
2459
|
+
bool (*finish_message)(const SSL *ssl, CBB *cbb,
|
|
2460
|
+
bssl::Array<uint8_t> *out_msg);
|
|
2132
2461
|
// add_message adds a handshake message to the pending flight. It returns
|
|
2133
2462
|
// true on success and false on error.
|
|
2134
2463
|
bool (*add_message)(SSL *ssl, bssl::Array<uint8_t> msg);
|
|
@@ -2140,14 +2469,20 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2140
2469
|
int (*flush_flight)(SSL *ssl);
|
|
2141
2470
|
// on_handshake_complete is called when the handshake is complete.
|
|
2142
2471
|
void (*on_handshake_complete)(SSL *ssl);
|
|
2143
|
-
// set_read_state sets |ssl|'s read cipher state to |aead_ctx
|
|
2144
|
-
//
|
|
2145
|
-
//
|
|
2146
|
-
|
|
2147
|
-
|
|
2148
|
-
|
|
2149
|
-
|
|
2150
|
-
|
|
2472
|
+
// set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
|
|
2473
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
|
|
2474
|
+
// is the original secret. This function returns true on success and false on
|
|
2475
|
+
// error.
|
|
2476
|
+
bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2477
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2478
|
+
Span<const uint8_t> secret_for_quic);
|
|
2479
|
+
// set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
|
|
2480
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
|
|
2481
|
+
// is the original secret. This function returns true on success and false on
|
|
2482
|
+
// error.
|
|
2483
|
+
bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2484
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2485
|
+
Span<const uint8_t> secret_for_quic);
|
|
2151
2486
|
};
|
|
2152
2487
|
|
|
2153
2488
|
// The following wrappers call |open_*| but handle |read_shutdown| correctly.
|
|
@@ -2271,6 +2606,16 @@ enum ssl_shutdown_t {
|
|
|
2271
2606
|
ssl_shutdown_error = 2,
|
|
2272
2607
|
};
|
|
2273
2608
|
|
|
2609
|
+
enum ssl_ech_status_t {
|
|
2610
|
+
// ssl_ech_none indicates ECH was not offered, or we have not gotten far
|
|
2611
|
+
// enough in the handshake to determine the status.
|
|
2612
|
+
ssl_ech_none,
|
|
2613
|
+
// ssl_ech_accepted indicates the server accepted ECH.
|
|
2614
|
+
ssl_ech_accepted,
|
|
2615
|
+
// ssl_ech_rejected indicates the server was offered ECH but rejected it.
|
|
2616
|
+
ssl_ech_rejected,
|
|
2617
|
+
};
|
|
2618
|
+
|
|
2274
2619
|
struct SSL3_STATE {
|
|
2275
2620
|
static constexpr bool kAllowUniquePtr = true;
|
|
2276
2621
|
|
|
@@ -2333,9 +2678,8 @@ struct SSL3_STATE {
|
|
|
2333
2678
|
// key_update_count is the number of consecutive KeyUpdates received.
|
|
2334
2679
|
uint8_t key_update_count = 0;
|
|
2335
2680
|
|
|
2336
|
-
//
|
|
2337
|
-
|
|
2338
|
-
uint8_t negotiated_token_binding_param = 0;
|
|
2681
|
+
// ech_status indicates whether ECH was accepted by the server.
|
|
2682
|
+
ssl_ech_status_t ech_status = ssl_ech_none;
|
|
2339
2683
|
|
|
2340
2684
|
// skip_early_data instructs the record layer to skip unexpected early data
|
|
2341
2685
|
// messages when 0RTT is rejected.
|
|
@@ -2370,9 +2714,8 @@ struct SSL3_STATE {
|
|
|
2370
2714
|
|
|
2371
2715
|
bool send_connection_binding : 1;
|
|
2372
2716
|
|
|
2373
|
-
//
|
|
2374
|
-
// Channel ID
|
|
2375
|
-
// Channel IDs and that |channel_id| will be valid after the handshake.
|
|
2717
|
+
// channel_id_valid is true if, on the server, the client has negotiated a
|
|
2718
|
+
// Channel ID and the |channel_id| field is filled in.
|
|
2376
2719
|
bool channel_id_valid : 1;
|
|
2377
2720
|
|
|
2378
2721
|
// key_update_pending is true if we have a KeyUpdate acknowledgment
|
|
@@ -2385,12 +2728,6 @@ struct SSL3_STATE {
|
|
|
2385
2728
|
// early_data_accepted is true if early data was accepted by the server.
|
|
2386
2729
|
bool early_data_accepted : 1;
|
|
2387
2730
|
|
|
2388
|
-
// tls13_downgrade is whether the TLS 1.3 anti-downgrade logic fired.
|
|
2389
|
-
bool tls13_downgrade : 1;
|
|
2390
|
-
|
|
2391
|
-
// token_binding_negotiated is set if Token Binding was negotiated.
|
|
2392
|
-
bool token_binding_negotiated : 1;
|
|
2393
|
-
|
|
2394
2731
|
// alert_dispatch is true there is an alert in |send_alert| to be sent.
|
|
2395
2732
|
bool alert_dispatch : 1;
|
|
2396
2733
|
|
|
@@ -2608,6 +2945,12 @@ struct DTLS1_STATE {
|
|
|
2608
2945
|
unsigned timeout_duration_ms = 0;
|
|
2609
2946
|
};
|
|
2610
2947
|
|
|
2948
|
+
// An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
|
|
2949
|
+
struct ALPSConfig {
|
|
2950
|
+
Array<uint8_t> protocol;
|
|
2951
|
+
Array<uint8_t> settings;
|
|
2952
|
+
};
|
|
2953
|
+
|
|
2611
2954
|
// SSL_CONFIG contains configuration bits that can be shed after the handshake
|
|
2612
2955
|
// completes. Objects of this type are not shared; they are unique to a
|
|
2613
2956
|
// particular |SSL|.
|
|
@@ -2667,19 +3010,24 @@ struct SSL_CONFIG {
|
|
|
2667
3010
|
|
|
2668
3011
|
Array<uint16_t> supported_group_list; // our list
|
|
2669
3012
|
|
|
2670
|
-
//
|
|
3013
|
+
// channel_id_private is the client's Channel ID private key, or null if
|
|
3014
|
+
// Channel ID should not be offered on this connection.
|
|
2671
3015
|
UniquePtr<EVP_PKEY> channel_id_private;
|
|
2672
3016
|
|
|
2673
3017
|
// For a client, this contains the list of supported protocols in wire
|
|
2674
3018
|
// format.
|
|
2675
3019
|
Array<uint8_t> alpn_client_proto_list;
|
|
2676
3020
|
|
|
2677
|
-
//
|
|
2678
|
-
|
|
3021
|
+
// alps_configs contains the list of supported protocols to use with ALPS,
|
|
3022
|
+
// along with their corresponding ALPS values.
|
|
3023
|
+
GrowableArray<ALPSConfig> alps_configs;
|
|
2679
3024
|
|
|
2680
3025
|
// Contains the QUIC transport params that this endpoint will send.
|
|
2681
3026
|
Array<uint8_t> quic_transport_params;
|
|
2682
3027
|
|
|
3028
|
+
// Contains the context used to decide whether to accept early data in QUIC.
|
|
3029
|
+
Array<uint8_t> quic_early_data_context;
|
|
3030
|
+
|
|
2683
3031
|
// verify_sigalgs, if not empty, is the set of signature algorithms
|
|
2684
3032
|
// accepted from the peer in decreasing order of preference.
|
|
2685
3033
|
Array<uint16_t> verify_sigalgs;
|
|
@@ -2688,9 +3036,17 @@ struct SSL_CONFIG {
|
|
|
2688
3036
|
// DTLS-SRTP.
|
|
2689
3037
|
UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
|
|
2690
3038
|
|
|
3039
|
+
// client_ech_config_list, if not empty, is a serialized ECHConfigList
|
|
3040
|
+
// structure for the client to use when negotiating ECH.
|
|
3041
|
+
Array<uint8_t> client_ech_config_list;
|
|
3042
|
+
|
|
2691
3043
|
// verify_mode is a bitmask of |SSL_VERIFY_*| values.
|
|
2692
3044
|
uint8_t verify_mode = SSL_VERIFY_NONE;
|
|
2693
3045
|
|
|
3046
|
+
// ech_grease_enabled controls whether ECH GREASE may be sent in the
|
|
3047
|
+
// ClientHello.
|
|
3048
|
+
bool ech_grease_enabled : 1;
|
|
3049
|
+
|
|
2694
3050
|
// Enable signed certificate time stamps. Currently client only.
|
|
2695
3051
|
bool signed_cert_timestamps_enabled : 1;
|
|
2696
3052
|
|
|
@@ -2698,9 +3054,8 @@ struct SSL_CONFIG {
|
|
|
2698
3054
|
// whether OCSP stapling will be requested.
|
|
2699
3055
|
bool ocsp_stapling_enabled : 1;
|
|
2700
3056
|
|
|
2701
|
-
// channel_id_enabled is copied from the |SSL_CTX|. For a server, means
|
|
2702
|
-
// we'll accept Channel IDs from clients.
|
|
2703
|
-
// advertise support.
|
|
3057
|
+
// channel_id_enabled is copied from the |SSL_CTX|. For a server, it means
|
|
3058
|
+
// that we'll accept Channel IDs from clients. It is ignored on the client.
|
|
2704
3059
|
bool channel_id_enabled : 1;
|
|
2705
3060
|
|
|
2706
3061
|
// If enforce_rsa_key_usage is true, the handshake will fail if the
|
|
@@ -2723,13 +3078,16 @@ struct SSL_CONFIG {
|
|
|
2723
3078
|
// should be freed after the handshake completes.
|
|
2724
3079
|
bool shed_handshake_config : 1;
|
|
2725
3080
|
|
|
2726
|
-
// ignore_tls13_downgrade is whether the connection should continue when the
|
|
2727
|
-
// server random signals a downgrade.
|
|
2728
|
-
bool ignore_tls13_downgrade : 1;
|
|
2729
|
-
|
|
2730
3081
|
// jdk11_workaround is whether to disable TLS 1.3 for JDK 11 clients, as a
|
|
2731
3082
|
// workaround for https://bugs.openjdk.java.net/browse/JDK-8211806.
|
|
2732
3083
|
bool jdk11_workaround : 1;
|
|
3084
|
+
|
|
3085
|
+
// QUIC drafts up to and including 32 used a different TLS extension
|
|
3086
|
+
// codepoint to convey QUIC's transport parameters.
|
|
3087
|
+
bool quic_use_legacy_codepoint : 1;
|
|
3088
|
+
|
|
3089
|
+
// permute_extensions is whether to permute extensions when sending messages.
|
|
3090
|
+
bool permute_extensions : 1;
|
|
2733
3091
|
};
|
|
2734
3092
|
|
|
2735
3093
|
// From RFC 8446, used in determining PSK modes.
|
|
@@ -2750,7 +3108,7 @@ bool ssl_is_key_type_supported(int key_type);
|
|
|
2750
3108
|
bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
|
|
2751
3109
|
const EVP_PKEY *privkey);
|
|
2752
3110
|
bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
|
|
2753
|
-
|
|
3111
|
+
bool ssl_get_new_session(SSL_HANDSHAKE *hs);
|
|
2754
3112
|
int ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out, const SSL_SESSION *session);
|
|
2755
3113
|
int ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
|
|
2756
3114
|
|
|
@@ -2831,36 +3189,36 @@ void ssl_session_rebase_time(SSL *ssl, SSL_SESSION *session);
|
|
|
2831
3189
|
void ssl_session_renew_timeout(SSL *ssl, SSL_SESSION *session,
|
|
2832
3190
|
uint32_t timeout);
|
|
2833
3191
|
|
|
2834
|
-
void ssl_update_cache(
|
|
3192
|
+
void ssl_update_cache(SSL *ssl);
|
|
2835
3193
|
|
|
2836
3194
|
void ssl_send_alert(SSL *ssl, int level, int desc);
|
|
2837
3195
|
int ssl_send_alert_impl(SSL *ssl, int level, int desc);
|
|
2838
|
-
bool
|
|
2839
|
-
ssl_open_record_t
|
|
2840
|
-
|
|
2841
|
-
void
|
|
3196
|
+
bool tls_get_message(const SSL *ssl, SSLMessage *out);
|
|
3197
|
+
ssl_open_record_t tls_open_handshake(SSL *ssl, size_t *out_consumed,
|
|
3198
|
+
uint8_t *out_alert, Span<uint8_t> in);
|
|
3199
|
+
void tls_next_message(SSL *ssl);
|
|
2842
3200
|
|
|
2843
|
-
int
|
|
2844
|
-
ssl_open_record_t
|
|
2845
|
-
|
|
2846
|
-
|
|
2847
|
-
ssl_open_record_t
|
|
2848
|
-
|
|
2849
|
-
|
|
2850
|
-
int
|
|
2851
|
-
|
|
3201
|
+
int tls_dispatch_alert(SSL *ssl);
|
|
3202
|
+
ssl_open_record_t tls_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
3203
|
+
size_t *out_consumed, uint8_t *out_alert,
|
|
3204
|
+
Span<uint8_t> in);
|
|
3205
|
+
ssl_open_record_t tls_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
|
|
3206
|
+
uint8_t *out_alert,
|
|
3207
|
+
Span<uint8_t> in);
|
|
3208
|
+
int tls_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
|
|
3209
|
+
int len);
|
|
2852
3210
|
|
|
2853
|
-
bool
|
|
2854
|
-
void
|
|
3211
|
+
bool tls_new(SSL *ssl);
|
|
3212
|
+
void tls_free(SSL *ssl);
|
|
2855
3213
|
|
|
2856
|
-
bool
|
|
2857
|
-
bool
|
|
2858
|
-
bool
|
|
2859
|
-
bool
|
|
2860
|
-
int
|
|
3214
|
+
bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
3215
|
+
bool tls_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3216
|
+
bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
3217
|
+
bool tls_add_change_cipher_spec(SSL *ssl);
|
|
3218
|
+
int tls_flush_flight(SSL *ssl);
|
|
2861
3219
|
|
|
2862
|
-
bool dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
2863
|
-
bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3220
|
+
bool dtls1_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
3221
|
+
bool dtls1_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
2864
3222
|
bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
2865
3223
|
bool dtls1_add_change_cipher_spec(SSL *ssl);
|
|
2866
3224
|
int dtls1_flush_flight(SSL *ssl);
|
|
@@ -2911,13 +3269,14 @@ int dtls1_dispatch_alert(SSL *ssl);
|
|
|
2911
3269
|
// determined by |direction|) using the keys generated by the TLS KDF. The
|
|
2912
3270
|
// |key_block_cache| argument is used to store the generated key block, if
|
|
2913
3271
|
// empty. Otherwise it's assumed that the key block is already contained within
|
|
2914
|
-
// it.
|
|
2915
|
-
|
|
2916
|
-
|
|
2917
|
-
|
|
2918
|
-
|
|
2919
|
-
|
|
2920
|
-
|
|
3272
|
+
// it. It returns true on success or false on error.
|
|
3273
|
+
bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
|
|
3274
|
+
Array<uint8_t> *key_block_cache,
|
|
3275
|
+
const SSL_SESSION *session,
|
|
3276
|
+
Span<const uint8_t> iv_override);
|
|
3277
|
+
|
|
3278
|
+
bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
|
|
3279
|
+
evp_aead_direction_t direction);
|
|
2921
3280
|
int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
|
|
2922
3281
|
Span<const uint8_t> premaster);
|
|
2923
3282
|
|
|
@@ -2944,16 +3303,28 @@ bool tls1_set_curves(Array<uint16_t> *out_group_ids, Span<const int> curves);
|
|
|
2944
3303
|
// false.
|
|
2945
3304
|
bool tls1_set_curves_list(Array<uint16_t> *out_group_ids, const char *curves);
|
|
2946
3305
|
|
|
2947
|
-
// ssl_add_clienthello_tlsext writes ClientHello extensions to |out
|
|
2948
|
-
// true on success and false on failure. The |header_len| argument is
|
|
2949
|
-
// of the ClientHello written so far and is used to compute the
|
|
2950
|
-
// (It does not include the record header.)
|
|
2951
|
-
|
|
3306
|
+
// ssl_add_clienthello_tlsext writes ClientHello extensions to |out| for |type|.
|
|
3307
|
+
// It returns true on success and false on failure. The |header_len| argument is
|
|
3308
|
+
// the length of the ClientHello written so far and is used to compute the
|
|
3309
|
+
// padding length. (It does not include the record header or handshake headers.)
|
|
3310
|
+
//
|
|
3311
|
+
// If |type| is |ssl_client_hello_inner|, this function also writes the
|
|
3312
|
+
// compressed extensions to |out_encoded|. Otherwise, |out_encoded| should be
|
|
3313
|
+
// nullptr.
|
|
3314
|
+
//
|
|
3315
|
+
// On success, the function sets |*out_needs_psk_binder| to whether the last
|
|
3316
|
+
// ClientHello extension was the pre_shared_key extension and needs a PSK binder
|
|
3317
|
+
// filled in. The caller should then update |out| and, if applicable,
|
|
3318
|
+
// |out_encoded| with the binder after completing the whole message.
|
|
3319
|
+
bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
|
|
3320
|
+
bool *out_needs_psk_binder,
|
|
3321
|
+
ssl_client_hello_type_t type,
|
|
3322
|
+
size_t header_len);
|
|
2952
3323
|
|
|
2953
3324
|
bool ssl_add_serverhello_tlsext(SSL_HANDSHAKE *hs, CBB *out);
|
|
2954
3325
|
bool ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
|
|
2955
3326
|
const SSL_CLIENT_HELLO *client_hello);
|
|
2956
|
-
bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *
|
|
3327
|
+
bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *extensions);
|
|
2957
3328
|
|
|
2958
3329
|
#define tlsext_tick_md EVP_sha256
|
|
2959
3330
|
|
|
@@ -2991,12 +3362,6 @@ bool tls1_channel_id_hash(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len);
|
|
|
2991
3362
|
// data.
|
|
2992
3363
|
bool tls1_record_handshake_hashes_for_channel_id(SSL_HANDSHAKE *hs);
|
|
2993
3364
|
|
|
2994
|
-
// ssl_do_channel_id_callback checks runs |hs->ssl->ctx->channel_id_cb| if
|
|
2995
|
-
// necessary. It returns true on success and false on fatal error. Note that, on
|
|
2996
|
-
// success, |hs->ssl->channel_id_private| may be unset, in which case the
|
|
2997
|
-
// operation should be retried later.
|
|
2998
|
-
bool ssl_do_channel_id_callback(SSL_HANDSHAKE *hs);
|
|
2999
|
-
|
|
3000
3365
|
// ssl_can_write returns whether |ssl| is allowed to write.
|
|
3001
3366
|
bool ssl_can_write(const SSL *ssl);
|
|
3002
3367
|
|
|
@@ -3120,9 +3485,6 @@ struct ssl_ctx_st {
|
|
|
3120
3485
|
int (*client_cert_cb)(SSL *ssl, X509 **out_x509,
|
|
3121
3486
|
EVP_PKEY **out_pkey) = nullptr;
|
|
3122
3487
|
|
|
3123
|
-
// get channel id callback
|
|
3124
|
-
void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey) = nullptr;
|
|
3125
|
-
|
|
3126
3488
|
CRYPTO_EX_DATA ex_data;
|
|
3127
3489
|
|
|
3128
3490
|
// Default values used when no per-SSL value is defined follow
|
|
@@ -3250,9 +3612,15 @@ struct ssl_ctx_st {
|
|
|
3250
3612
|
// Supported group values inherited by SSL structure
|
|
3251
3613
|
bssl::Array<uint16_t> supported_group_list;
|
|
3252
3614
|
|
|
3253
|
-
//
|
|
3615
|
+
// channel_id_private is the client's Channel ID private key, or null if
|
|
3616
|
+
// Channel ID should not be offered on this connection.
|
|
3254
3617
|
bssl::UniquePtr<EVP_PKEY> channel_id_private;
|
|
3255
3618
|
|
|
3619
|
+
// ech_keys contains the server's list of ECHConfig values and associated
|
|
3620
|
+
// private keys. This list may be swapped out at any time, so all access must
|
|
3621
|
+
// be synchronized through |lock|.
|
|
3622
|
+
bssl::UniquePtr<SSL_ECH_KEYS> ech_keys;
|
|
3623
|
+
|
|
3256
3624
|
// keylog_callback, if not NULL, is the key logging callback. See
|
|
3257
3625
|
// |SSL_CTX_set_keylog_callback|.
|
|
3258
3626
|
void (*keylog_callback)(const SSL *ssl, const char *line) = nullptr;
|
|
@@ -3300,24 +3668,20 @@ struct ssl_ctx_st {
|
|
|
3300
3668
|
// advertise support.
|
|
3301
3669
|
bool channel_id_enabled : 1;
|
|
3302
3670
|
|
|
3303
|
-
// grease_enabled is whether
|
|
3671
|
+
// grease_enabled is whether GREASE (RFC 8701) is enabled.
|
|
3304
3672
|
bool grease_enabled : 1;
|
|
3305
3673
|
|
|
3674
|
+
// permute_extensions is whether to permute extensions when sending messages.
|
|
3675
|
+
bool permute_extensions : 1;
|
|
3676
|
+
|
|
3306
3677
|
// allow_unknown_alpn_protos is whether the client allows unsolicited ALPN
|
|
3307
3678
|
// protocols from the peer.
|
|
3308
3679
|
bool allow_unknown_alpn_protos : 1;
|
|
3309
3680
|
|
|
3310
|
-
// ed25519_enabled is whether Ed25519 is advertised in the handshake.
|
|
3311
|
-
bool ed25519_enabled : 1;
|
|
3312
|
-
|
|
3313
3681
|
// false_start_allowed_without_alpn is whether False Start (if
|
|
3314
3682
|
// |SSL_MODE_ENABLE_FALSE_START| is enabled) is allowed without ALPN.
|
|
3315
3683
|
bool false_start_allowed_without_alpn : 1;
|
|
3316
3684
|
|
|
3317
|
-
// ignore_tls13_downgrade is whether a connection should continue when the
|
|
3318
|
-
// server random signals a downgrade.
|
|
3319
|
-
bool ignore_tls13_downgrade:1;
|
|
3320
|
-
|
|
3321
3685
|
// handoff indicates that a server should stop after receiving the
|
|
3322
3686
|
// ClientHello and pause the handshake in such a way that |SSL_get_error|
|
|
3323
3687
|
// returns |SSL_ERROR_HANDOFF|.
|
|
@@ -3438,10 +3802,12 @@ struct ssl_session_st {
|
|
|
3438
3802
|
// the peer, or zero if not applicable or unknown.
|
|
3439
3803
|
uint16_t peer_signature_algorithm = 0;
|
|
3440
3804
|
|
|
3441
|
-
//
|
|
3442
|
-
// session. In TLS 1.3 and up, it is the resumption
|
|
3443
|
-
|
|
3444
|
-
|
|
3805
|
+
// secret, in TLS 1.2 and below, is the master secret associated with the
|
|
3806
|
+
// session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
|
|
3807
|
+
// the caller, but it stores the resumption secret when stored on |SSL|
|
|
3808
|
+
// objects.
|
|
3809
|
+
int secret_length = 0;
|
|
3810
|
+
uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
|
|
3445
3811
|
|
|
3446
3812
|
// session_id - valid?
|
|
3447
3813
|
unsigned session_id_length = 0;
|
|
@@ -3526,9 +3892,18 @@ struct ssl_session_st {
|
|
|
3526
3892
|
|
|
3527
3893
|
// early_alpn is the ALPN protocol from the initial handshake. This is only
|
|
3528
3894
|
// stored for TLS 1.3 and above in order to enforce ALPN matching for 0-RTT
|
|
3529
|
-
// resumptions.
|
|
3895
|
+
// resumptions. For the current connection's ALPN protocol, see
|
|
3896
|
+
// |alpn_selected| on |SSL3_STATE|.
|
|
3530
3897
|
bssl::Array<uint8_t> early_alpn;
|
|
3531
3898
|
|
|
3899
|
+
// local_application_settings, if |has_application_settings| is true, is the
|
|
3900
|
+
// local ALPS value for this connection.
|
|
3901
|
+
bssl::Array<uint8_t> local_application_settings;
|
|
3902
|
+
|
|
3903
|
+
// peer_application_settings, if |has_application_settings| is true, is the
|
|
3904
|
+
// peer ALPS value for this connection.
|
|
3905
|
+
bssl::Array<uint8_t> peer_application_settings;
|
|
3906
|
+
|
|
3532
3907
|
// extended_master_secret is whether the master secret in this session was
|
|
3533
3908
|
// generated using EMS and thus isn't vulnerable to the Triple Handshake
|
|
3534
3909
|
// attack.
|
|
@@ -3546,10 +3921,33 @@ struct ssl_session_st {
|
|
|
3546
3921
|
// is_server is whether this session was created by a server.
|
|
3547
3922
|
bool is_server : 1;
|
|
3548
3923
|
|
|
3924
|
+
// is_quic indicates whether this session was created using QUIC.
|
|
3925
|
+
bool is_quic : 1;
|
|
3926
|
+
|
|
3927
|
+
// has_application_settings indicates whether ALPS was negotiated in this
|
|
3928
|
+
// session.
|
|
3929
|
+
bool has_application_settings : 1;
|
|
3930
|
+
|
|
3931
|
+
// quic_early_data_context is used to determine whether early data must be
|
|
3932
|
+
// rejected when performing a QUIC handshake.
|
|
3933
|
+
bssl::Array<uint8_t> quic_early_data_context;
|
|
3934
|
+
|
|
3549
3935
|
private:
|
|
3550
3936
|
~ssl_session_st();
|
|
3551
3937
|
friend void SSL_SESSION_free(SSL_SESSION *);
|
|
3552
3938
|
};
|
|
3553
3939
|
|
|
3940
|
+
struct ssl_ech_keys_st {
|
|
3941
|
+
ssl_ech_keys_st() = default;
|
|
3942
|
+
ssl_ech_keys_st(const ssl_ech_keys_st &) = delete;
|
|
3943
|
+
ssl_ech_keys_st &operator=(const ssl_ech_keys_st &) = delete;
|
|
3944
|
+
|
|
3945
|
+
bssl::GrowableArray<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
|
|
3946
|
+
CRYPTO_refcount_t references = 1;
|
|
3947
|
+
|
|
3948
|
+
private:
|
|
3949
|
+
~ssl_ech_keys_st() = default;
|
|
3950
|
+
friend void SSL_ECH_KEYS_free(SSL_ECH_KEYS *);
|
|
3951
|
+
};
|
|
3554
3952
|
|
|
3555
3953
|
#endif // OPENSSL_HEADER_SSL_INTERNAL_H
|