grpc 1.30.2 → 1.32.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +723 -15910
- data/include/grpc/grpc_security.h +31 -14
- data/include/grpc/grpc_security_constants.h +3 -0
- data/include/grpc/impl/codegen/README.md +22 -0
- data/include/grpc/impl/codegen/grpc_types.h +7 -5
- data/include/grpc/impl/codegen/port_platform.h +6 -33
- data/src/core/ext/filters/client_channel/backend_metric.cc +12 -9
- data/src/core/ext/filters/client_channel/backup_poller.cc +3 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +470 -285
- data/src/core/ext/filters/client_channel/client_channel.h +1 -1
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +0 -3
- data/src/core/ext/filters/client_channel/config_selector.cc +62 -0
- data/src/core/ext/filters/client_channel/config_selector.h +93 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -2
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +8 -1
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +8 -8
- data/src/core/ext/filters/client_channel/http_proxy.cc +6 -4
- data/src/core/ext/filters/client_channel/lb_policy.h +4 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +6 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +59 -36
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -13
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +0 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -37
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +19 -13
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +29 -10
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -4
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +4 -6
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +23 -13
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +18 -12
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +22 -14
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +18 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +385 -78
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +5 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +6 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +8 -6
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +9 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +7 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +36 -51
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +6 -2
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +383 -31
- data/src/core/ext/filters/client_channel/resolver_registry.cc +13 -14
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +6 -7
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +0 -1
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +38 -32
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +39 -20
- data/src/core/ext/filters/client_channel/server_address.cc +40 -7
- data/src/core/ext/filters/client_channel/server_address.h +42 -4
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +142 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +65 -24
- data/src/core/ext/filters/client_channel/subchannel.h +16 -4
- data/src/core/ext/filters/http/client/http_client_filter.cc +5 -5
- data/src/core/ext/filters/http/http_filters_plugin.cc +2 -1
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +74 -33
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +3 -1
- data/src/core/ext/filters/max_age/max_age_filter.cc +2 -1
- data/src/core/ext/filters/message_size/message_size_filter.cc +56 -80
- data/src/core/ext/filters/message_size/message_size_filter.h +6 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +87 -31
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +18 -1
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +10 -35
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +378 -348
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +7 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +3 -3
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +10 -16
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +9 -9
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +256 -279
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +23 -28
- data/src/core/ext/transport/chttp2/transport/flow_control.h +14 -16
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +9 -12
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +12 -13
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +8 -9
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +9 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +25 -29
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +13 -17
- data/src/core/ext/transport/chttp2/transport/internal.h +18 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +34 -71
- data/src/core/ext/transport/chttp2/transport/writing.cc +15 -19
- data/src/core/ext/transport/inproc/inproc_transport.cc +47 -27
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +0 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +3 -4
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +224 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +700 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +226 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +380 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +1378 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/cluster → config/cluster/v3}/filter.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +69 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/cluster → config/cluster/v3}/outlier_detection.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +334 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/core → config/core/v3}/backoff.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +79 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +309 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +869 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +96 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +328 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +71 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +195 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +634 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +170 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +684 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/core → config/core/v3}/http_uri.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +80 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +152 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +536 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +28 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +58 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/core → config/core/v3}/socket_option.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +220 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +273 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +332 -0
- data/src/core/ext/upb-generated/envoy/config/listener/{v2 → v3}/api_listener.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +108 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +401 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +138 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +490 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +94 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +174 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +599 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +204 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +773 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +2855 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +59 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +135 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +50 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +108 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +312 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1125 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +20 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +34 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +111 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +401 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +72 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +198 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +105 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +388 -0
- data/src/core/ext/upb-generated/envoy/{api/v2 → service/cluster/v3}/cds.upb.c +5 -6
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/{v2 → v3}/ads.upb.c +5 -4
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +129 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +386 -0
- data/src/core/ext/upb-generated/envoy/{api/v2 → service/endpoint/v3}/eds.upb.c +5 -6
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/{api/v2 → service/listener/v3}/lds.upb.c +5 -6
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +55 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +136 -0
- data/src/core/ext/upb-generated/envoy/{api/v2 → service/route/v3}/rds.upb.c +5 -6
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/{api/v2 → service/route/v3}/srds.upb.c +5 -6
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +49 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +114 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +77 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +71 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +64 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +145 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +127 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +188 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +258 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +250 -0
- data/src/core/ext/upb-generated/envoy/type/{http.upb.c → v3/http.upb.c} +2 -2
- data/src/core/ext/upb-generated/envoy/type/{http.upb.h → v3/http.upb.h} +8 -9
- data/src/core/ext/upb-generated/envoy/type/{percent.upb.c → v3/percent.upb.c} +9 -8
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +86 -0
- data/src/core/ext/upb-generated/envoy/type/{range.upb.c → v3/range.upb.c} +12 -11
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +111 -0
- data/src/core/ext/upb-generated/envoy/type/{semantic_version.upb.c → v3/semantic_version.upb.c} +6 -5
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +61 -0
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.h +0 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +0 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +234 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +759 -0
- data/src/core/ext/upb-generated/google/api/http.upb.h +29 -28
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +5 -6
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +39 -39
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +412 -386
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +5 -6
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +1 -2
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +34 -55
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +5 -6
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +27 -28
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +8 -8
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +1 -1
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +32 -45
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +157 -178
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +14 -13
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +6 -7
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +59 -56
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +11 -12
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +0 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +5 -6
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +27 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +53 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +6 -6
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +41 -68
- data/src/core/ext/upb-generated/validate/validate.upb.c +11 -11
- data/src/core/ext/upb-generated/validate/validate.upb.h +537 -536
- data/src/core/ext/xds/xds_api.cc +2388 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_api.h +120 -40
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_bootstrap.cc +56 -25
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_bootstrap.h +8 -3
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_channel.h +4 -4
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_channel_args.h +3 -3
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_channel_secure.cc +2 -5
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client.cc +94 -347
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client.h +12 -45
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client_stats.cc +2 -2
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client_stats.h +13 -13
- data/src/core/lib/channel/channel_trace.cc +2 -6
- data/src/core/lib/channel/channelz.cc +19 -30
- data/src/core/lib/channel/channelz.h +1 -1
- data/src/core/lib/channel/channelz_registry.cc +3 -1
- data/src/core/lib/gpr/log_linux.cc +6 -8
- data/src/core/lib/gpr/log_posix.cc +6 -8
- data/src/core/lib/gpr/string.cc +10 -9
- data/src/core/lib/gpr/string.h +4 -2
- data/src/core/lib/gpr/sync_posix.cc +2 -8
- data/src/core/lib/gprpp/global_config_env.cc +8 -6
- data/src/core/lib/http/httpcli.cc +13 -10
- data/src/core/lib/http/httpcli_security_connector.cc +5 -5
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -0
- data/src/core/lib/iomgr/endpoint.cc +5 -1
- data/src/core/lib/iomgr/endpoint.h +7 -3
- data/src/core/lib/iomgr/endpoint_cfstream.cc +32 -11
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +10 -10
- data/src/core/lib/iomgr/error_cfstream.cc +9 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +5 -6
- data/src/core/lib/iomgr/ev_epollex_linux.cc +15 -21
- data/src/core/lib/iomgr/ev_poll_posix.cc +6 -5
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +14 -0
- data/src/core/{ext/filters/client_channel → lib/iomgr}/parse_address.cc +1 -1
- data/src/core/{ext/filters/client_channel → lib/iomgr}/parse_address.h +3 -3
- data/src/core/lib/iomgr/port.h +1 -21
- data/src/core/lib/iomgr/resolve_address_custom.cc +13 -18
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -8
- data/src/core/lib/iomgr/resource_quota.cc +34 -31
- data/src/core/lib/iomgr/sockaddr_utils.cc +9 -6
- data/src/core/lib/iomgr/sockaddr_utils.h +3 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +95 -55
- data/src/core/lib/iomgr/socket_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +9 -11
- data/src/core/lib/iomgr/tcp_client_custom.cc +6 -9
- data/src/core/lib/iomgr/tcp_client_posix.cc +27 -36
- data/src/core/lib/iomgr/tcp_client_windows.cc +9 -9
- data/src/core/lib/iomgr/tcp_custom.cc +33 -17
- data/src/core/lib/iomgr/tcp_custom.h +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +31 -13
- data/src/core/lib/iomgr/tcp_server.cc +3 -4
- data/src/core/lib/iomgr/tcp_server.h +7 -5
- data/src/core/lib/iomgr/tcp_server_custom.cc +6 -14
- data/src/core/lib/iomgr/tcp_server_posix.cc +34 -41
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +5 -7
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -9
- data/src/core/lib/iomgr/tcp_server_windows.cc +16 -16
- data/src/core/lib/iomgr/tcp_windows.cc +26 -10
- data/src/core/lib/iomgr/timer_generic.cc +13 -12
- data/src/core/lib/iomgr/udp_server.cc +24 -23
- data/src/core/lib/iomgr/udp_server.h +5 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +9 -14
- data/src/core/lib/iomgr/unix_sockets_posix.h +3 -1
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +5 -2
- data/src/core/lib/json/json_reader.cc +20 -21
- data/src/core/lib/security/authorization/authorization_engine.cc +177 -0
- data/src/core/lib/security/authorization/authorization_engine.h +84 -0
- data/src/core/lib/security/authorization/evaluate_args.cc +153 -0
- data/src/core/lib/security/authorization/evaluate_args.h +59 -0
- data/src/core/lib/security/authorization/mock_cel/activation.h +57 -0
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +42 -0
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +68 -0
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +93 -0
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +67 -0
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +56 -0
- data/src/core/lib/security/authorization/mock_cel/statusor.h +50 -0
- data/src/core/lib/security/credentials/credentials.h +5 -3
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -6
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +64 -43
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +19 -28
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +20 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +10 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +10 -0
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +11 -12
- data/src/core/lib/security/security_connector/security_connector.cc +2 -0
- data/src/core/lib/security/security_connector/security_connector.h +1 -1
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +18 -11
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +5 -0
- data/src/core/lib/security/security_connector/ssl_utils.cc +44 -23
- data/src/core/lib/security/security_connector/ssl_utils.h +6 -2
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +27 -24
- data/src/core/lib/security/transport/client_auth_filter.cc +10 -9
- data/src/core/lib/security/transport/secure_endpoint.cc +7 -1
- data/src/core/lib/security/util/json_util.cc +12 -13
- data/src/core/lib/slice/slice.cc +38 -1
- data/src/core/lib/slice/slice_internal.h +1 -0
- data/src/core/lib/surface/call.cc +52 -53
- data/src/core/lib/surface/call.h +2 -1
- data/src/core/lib/surface/channel.cc +28 -20
- data/src/core/lib/surface/channel.h +12 -2
- data/src/core/lib/surface/completion_queue.cc +0 -5
- data/src/core/lib/surface/init.cc +1 -1
- data/src/core/lib/surface/server.cc +1102 -1347
- data/src/core/lib/surface/server.h +369 -71
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +38 -0
- data/src/core/lib/transport/authority_override.h +32 -0
- data/src/core/lib/transport/connectivity_state.cc +18 -13
- data/src/core/lib/transport/connectivity_state.h +18 -6
- data/src/core/lib/transport/error_utils.cc +13 -0
- data/src/core/lib/transport/error_utils.h +6 -0
- data/src/core/lib/transport/static_metadata.cc +295 -276
- data/src/core/lib/transport/static_metadata.h +80 -73
- data/src/core/lib/transport/transport.h +13 -0
- data/src/core/lib/uri/uri_parser.cc +30 -35
- data/src/core/lib/uri/uri_parser.h +3 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +23 -13
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +24 -0
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -0
- data/src/core/tsi/ssl_transport_security.cc +102 -11
- data/src/core/tsi/ssl_transport_security.h +14 -2
- data/src/core/tsi/transport_security_interface.h +5 -0
- data/src/ruby/bin/math_services_pb.rb +4 -4
- data/src/ruby/ext/grpc/extconf.rb +5 -2
- data/src/ruby/ext/grpc/rb_call.c +3 -2
- data/src/ruby/ext/grpc/rb_call.h +4 -0
- data/src/ruby/ext/grpc/rb_call_credentials.c +54 -10
- data/src/ruby/ext/grpc/rb_channel_credentials.c +9 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -4
- data/src/ruby/lib/grpc/generic/client_stub.rb +1 -1
- data/src/ruby/lib/grpc/generic/interceptors.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +2 -2
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +5 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +28 -12
- data/src/ruby/spec/channel_credentials_spec.rb +10 -0
- data/src/ruby/spec/generic/active_call_spec.rb +19 -8
- data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +20 -0
- data/src/ruby/spec/user_agent_spec.rb +74 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +1727 -0
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +161 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.cc +93 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.h +130 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +515 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +503 -0
- data/third_party/abseil-cpp/absl/container/internal/common.h +202 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +440 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +146 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +191 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +269 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +297 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +30 -0
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +49 -0
- data/third_party/abseil-cpp/absl/container/internal/layout.h +741 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +48 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1882 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +138 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1895 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +382 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +192 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +125 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +70 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +99 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +248 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +85 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +346 -0
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +128 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +194 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +140 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +25 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1480 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +139 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +324 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +346 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.h +96 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +55 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +988 -0
- data/third_party/abseil-cpp/absl/status/status.cc +447 -0
- data/third_party/abseil-cpp/absl/status/status.h +428 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +43 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
- data/third_party/abseil-cpp/absl/strings/cord.cc +2019 -0
- data/third_party/abseil-cpp/absl/strings/cord.h +1121 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +151 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +57 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +99 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +697 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +155 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +261 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +484 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +159 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2728 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +1056 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
- data/third_party/abseil-cpp/absl/types/variant.h +861 -0
- data/third_party/boringssl-with-bazel/err_data.c +266 -254
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +12 -52
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +11 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +24 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +20 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +456 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +192 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -5
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +116 -363
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +7 -45
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +13 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +28 -9
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +35 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -154
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +28 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +74 -35
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +52 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +22 -22
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +69 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +72 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +2 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +800 -715
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +9 -2
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +9 -0
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +21 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -7
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +3 -6
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +38 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +4 -24
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -24
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +34 -9
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +31 -21
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +17 -9
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +5 -3
- data/third_party/re2/re2/bitmap256.h +117 -0
- data/third_party/re2/re2/bitstate.cc +385 -0
- data/third_party/re2/re2/compile.cc +1279 -0
- data/third_party/re2/re2/dfa.cc +2130 -0
- data/third_party/re2/re2/filtered_re2.cc +121 -0
- data/third_party/re2/re2/filtered_re2.h +109 -0
- data/third_party/re2/re2/mimics_pcre.cc +197 -0
- data/third_party/re2/re2/nfa.cc +713 -0
- data/third_party/re2/re2/onepass.cc +623 -0
- data/third_party/re2/re2/parse.cc +2464 -0
- data/third_party/re2/re2/perl_groups.cc +119 -0
- data/third_party/re2/re2/pod_array.h +55 -0
- data/third_party/re2/re2/prefilter.cc +710 -0
- data/third_party/re2/re2/prefilter.h +108 -0
- data/third_party/re2/re2/prefilter_tree.cc +407 -0
- data/third_party/re2/re2/prefilter_tree.h +139 -0
- data/third_party/re2/re2/prog.cc +988 -0
- data/third_party/re2/re2/prog.h +436 -0
- data/third_party/re2/re2/re2.cc +1362 -0
- data/third_party/re2/re2/re2.h +1002 -0
- data/third_party/re2/re2/regexp.cc +980 -0
- data/third_party/re2/re2/regexp.h +659 -0
- data/third_party/re2/re2/set.cc +154 -0
- data/third_party/re2/re2/set.h +80 -0
- data/third_party/re2/re2/simplify.cc +657 -0
- data/third_party/re2/re2/sparse_array.h +392 -0
- data/third_party/re2/re2/sparse_set.h +264 -0
- data/third_party/re2/re2/stringpiece.cc +65 -0
- data/third_party/re2/re2/stringpiece.h +210 -0
- data/third_party/re2/re2/tostring.cc +351 -0
- data/third_party/re2/re2/unicode_casefold.cc +582 -0
- data/third_party/re2/re2/unicode_casefold.h +78 -0
- data/third_party/re2/re2/unicode_groups.cc +6269 -0
- data/third_party/re2/re2/unicode_groups.h +67 -0
- data/third_party/re2/re2/walker-inl.h +246 -0
- data/third_party/re2/util/benchmark.h +156 -0
- data/third_party/re2/util/flags.h +26 -0
- data/third_party/re2/util/logging.h +109 -0
- data/third_party/re2/util/malloc_counter.h +19 -0
- data/third_party/re2/util/mix.h +41 -0
- data/third_party/re2/util/mutex.h +148 -0
- data/third_party/re2/util/pcre.cc +1025 -0
- data/third_party/re2/util/pcre.h +681 -0
- data/third_party/re2/util/rune.cc +260 -0
- data/third_party/re2/util/strutil.cc +149 -0
- data/third_party/re2/util/strutil.h +21 -0
- data/third_party/re2/util/test.h +50 -0
- data/third_party/re2/util/utf.h +44 -0
- data/third_party/re2/util/util.h +42 -0
- data/third_party/upb/upb/decode.c +517 -505
- data/third_party/upb/upb/encode.c +165 -123
- data/third_party/upb/upb/msg.c +130 -64
- data/third_party/upb/upb/msg.h +418 -14
- data/third_party/upb/upb/port_def.inc +35 -6
- data/third_party/upb/upb/port_undef.inc +8 -1
- data/third_party/upb/upb/table.c +53 -86
- data/third_party/upb/upb/table.int.h +11 -52
- data/third_party/upb/upb/upb.c +151 -125
- data/third_party/upb/upb/upb.h +91 -147
- data/third_party/upb/upb/upb.hpp +88 -0
- metadata +308 -148
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +0 -1906
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -21
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.c +0 -114
- data/src/core/ext/upb-generated/envoy/api/v2/auth/common.upb.h +0 -418
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.c +0 -72
- data/src/core/ext/upb-generated/envoy/api/v2/auth/secret.upb.h +0 -197
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.c +0 -105
- data/src/core/ext/upb-generated/envoy/api/v2/auth/tls.upb.h +0 -378
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +0 -403
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +0 -1447
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -74
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +0 -218
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +0 -69
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +0 -305
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +0 -328
- data/src/core/ext/upb-generated/envoy/api/v2/core/backoff.upb.h +0 -78
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +0 -313
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +0 -897
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +0 -96
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +0 -322
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/core/event_service_config.upb.h +0 -72
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +0 -197
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +0 -642
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +0 -172
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +0 -673
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +0 -80
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +0 -152
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +0 -518
- data/src/core/ext/upb-generated/envoy/api/v2/core/socket_option.upb.h +0 -89
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -129
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +0 -392
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +0 -92
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +0 -240
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +0 -91
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +0 -266
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +0 -324
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +0 -109
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +0 -399
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +0 -145
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +0 -527
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +0 -43
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +0 -63
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +0 -199
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +0 -18
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +0 -815
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +0 -3032
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +0 -59
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +0 -228
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +0 -725
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +0 -316
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +0 -1132
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +0 -65
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.c +0 -51
- data/src/core/ext/upb-generated/envoy/config/trace/v2/http_tracer.upb.h +0 -125
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +0 -50
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +0 -54
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +0 -63
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +0 -144
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +0 -53
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +0 -133
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +0 -87
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +0 -62
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +0 -89
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +0 -249
- data/src/core/lib/security/transport/target_authority_table.cc +0 -75
- data/src/core/lib/security/transport/target_authority_table.h +0 -40
- data/src/core/lib/slice/slice_hash_table.h +0 -199
- data/src/core/lib/slice/slice_weak_hash_table.h +0 -102
- data/third_party/upb/upb/generated_util.h +0 -105
|
@@ -86,7 +86,7 @@ struct x509_crl_method_st {
|
|
|
86
86
|
};
|
|
87
87
|
|
|
88
88
|
static int X509_REVOKED_cmp(const X509_REVOKED **a, const X509_REVOKED **b);
|
|
89
|
-
static
|
|
89
|
+
static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
|
|
90
90
|
|
|
91
91
|
ASN1_SEQUENCE(X509_REVOKED) = {
|
|
92
92
|
ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
|
|
@@ -126,6 +126,9 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
126
126
|
* affect the output of X509_CRL_print().
|
|
127
127
|
*/
|
|
128
128
|
case ASN1_OP_D2I_POST:
|
|
129
|
+
/* TODO(davidben): Check that default |versions| are never encoded and
|
|
130
|
+
* that |extensions| is only present in v2. */
|
|
131
|
+
|
|
129
132
|
(void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
|
|
130
133
|
break;
|
|
131
134
|
}
|
|
@@ -226,6 +229,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
226
229
|
STACK_OF(X509_EXTENSION) *exts;
|
|
227
230
|
X509_EXTENSION *ext;
|
|
228
231
|
size_t idx;
|
|
232
|
+
int i;
|
|
229
233
|
|
|
230
234
|
switch (operation) {
|
|
231
235
|
case ASN1_OP_NEW_POST:
|
|
@@ -242,26 +246,44 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
242
246
|
break;
|
|
243
247
|
|
|
244
248
|
case ASN1_OP_D2I_POST:
|
|
245
|
-
X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL)
|
|
249
|
+
if (!X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL)) {
|
|
250
|
+
return 0;
|
|
251
|
+
}
|
|
252
|
+
|
|
246
253
|
crl->idp = X509_CRL_get_ext_d2i(crl,
|
|
247
|
-
NID_issuing_distribution_point,
|
|
254
|
+
NID_issuing_distribution_point, &i,
|
|
248
255
|
NULL);
|
|
249
|
-
if (crl->idp)
|
|
250
|
-
setup_idp(crl, crl->idp)
|
|
256
|
+
if (crl->idp != NULL) {
|
|
257
|
+
if (!setup_idp(crl, crl->idp)) {
|
|
258
|
+
return 0;
|
|
259
|
+
}
|
|
260
|
+
} else if (i != -1) {
|
|
261
|
+
return 0;
|
|
262
|
+
}
|
|
251
263
|
|
|
252
264
|
crl->akid = X509_CRL_get_ext_d2i(crl,
|
|
253
|
-
NID_authority_key_identifier,
|
|
265
|
+
NID_authority_key_identifier, &i,
|
|
254
266
|
NULL);
|
|
267
|
+
if (crl->akid == NULL && i != -1) {
|
|
268
|
+
return 0;
|
|
269
|
+
}
|
|
255
270
|
|
|
256
271
|
crl->crl_number = X509_CRL_get_ext_d2i(crl,
|
|
257
|
-
NID_crl_number,
|
|
272
|
+
NID_crl_number, &i, NULL);
|
|
273
|
+
if (crl->crl_number == NULL && i != -1) {
|
|
274
|
+
return 0;
|
|
275
|
+
}
|
|
258
276
|
|
|
259
|
-
crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
|
|
260
|
-
NID_delta_crl, NULL,
|
|
277
|
+
crl->base_crl_number = X509_CRL_get_ext_d2i(crl, NID_delta_crl, &i,
|
|
261
278
|
NULL);
|
|
279
|
+
if (crl->base_crl_number == NULL && i != -1) {
|
|
280
|
+
return 0;
|
|
281
|
+
}
|
|
262
282
|
/* Delta CRLs must have CRL number */
|
|
263
|
-
if (crl->base_crl_number && !crl->crl_number)
|
|
264
|
-
|
|
283
|
+
if (crl->base_crl_number && !crl->crl_number) {
|
|
284
|
+
OPENSSL_PUT_ERROR(X509, X509_R_DELTA_CRL_WITHOUT_CRL_NUMBER);
|
|
285
|
+
return 0;
|
|
286
|
+
}
|
|
265
287
|
|
|
266
288
|
/*
|
|
267
289
|
* See if we have any unhandled critical CRL extensions and indicate
|
|
@@ -319,7 +341,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
319
341
|
|
|
320
342
|
/* Convert IDP into a more convenient form */
|
|
321
343
|
|
|
322
|
-
static
|
|
344
|
+
static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
|
|
323
345
|
{
|
|
324
346
|
int idp_only = 0;
|
|
325
347
|
/* Set various flags according to IDP */
|
|
@@ -352,7 +374,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
|
|
|
352
374
|
crl->idp_reasons &= CRLDP_ALL_REASONS;
|
|
353
375
|
}
|
|
354
376
|
|
|
355
|
-
DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
|
|
377
|
+
return DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
|
|
356
378
|
}
|
|
357
379
|
|
|
358
380
|
ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = {
|
|
@@ -180,160 +180,6 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
|
|
|
180
180
|
return NULL;
|
|
181
181
|
}
|
|
182
182
|
|
|
183
|
-
/*
|
|
184
|
-
* Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
|
|
185
|
-
* decode as X509_PUBKEY
|
|
186
|
-
*/
|
|
187
|
-
|
|
188
|
-
EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
|
|
189
|
-
{
|
|
190
|
-
X509_PUBKEY *xpk;
|
|
191
|
-
EVP_PKEY *pktmp;
|
|
192
|
-
xpk = d2i_X509_PUBKEY(NULL, pp, length);
|
|
193
|
-
if (!xpk)
|
|
194
|
-
return NULL;
|
|
195
|
-
pktmp = X509_PUBKEY_get(xpk);
|
|
196
|
-
X509_PUBKEY_free(xpk);
|
|
197
|
-
if (!pktmp)
|
|
198
|
-
return NULL;
|
|
199
|
-
if (a) {
|
|
200
|
-
EVP_PKEY_free(*a);
|
|
201
|
-
*a = pktmp;
|
|
202
|
-
}
|
|
203
|
-
return pktmp;
|
|
204
|
-
}
|
|
205
|
-
|
|
206
|
-
int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp)
|
|
207
|
-
{
|
|
208
|
-
X509_PUBKEY *xpk = NULL;
|
|
209
|
-
int ret;
|
|
210
|
-
if (!a)
|
|
211
|
-
return 0;
|
|
212
|
-
if (!X509_PUBKEY_set(&xpk, (EVP_PKEY *)a))
|
|
213
|
-
return 0;
|
|
214
|
-
ret = i2d_X509_PUBKEY(xpk, pp);
|
|
215
|
-
X509_PUBKEY_free(xpk);
|
|
216
|
-
return ret;
|
|
217
|
-
}
|
|
218
|
-
|
|
219
|
-
/*
|
|
220
|
-
* The following are equivalents but which return RSA and DSA keys
|
|
221
|
-
*/
|
|
222
|
-
RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
|
|
223
|
-
{
|
|
224
|
-
EVP_PKEY *pkey;
|
|
225
|
-
RSA *key;
|
|
226
|
-
const unsigned char *q;
|
|
227
|
-
q = *pp;
|
|
228
|
-
pkey = d2i_PUBKEY(NULL, &q, length);
|
|
229
|
-
if (!pkey)
|
|
230
|
-
return NULL;
|
|
231
|
-
key = EVP_PKEY_get1_RSA(pkey);
|
|
232
|
-
EVP_PKEY_free(pkey);
|
|
233
|
-
if (!key)
|
|
234
|
-
return NULL;
|
|
235
|
-
*pp = q;
|
|
236
|
-
if (a) {
|
|
237
|
-
RSA_free(*a);
|
|
238
|
-
*a = key;
|
|
239
|
-
}
|
|
240
|
-
return key;
|
|
241
|
-
}
|
|
242
|
-
|
|
243
|
-
int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp)
|
|
244
|
-
{
|
|
245
|
-
EVP_PKEY *pktmp;
|
|
246
|
-
int ret;
|
|
247
|
-
if (!a)
|
|
248
|
-
return 0;
|
|
249
|
-
pktmp = EVP_PKEY_new();
|
|
250
|
-
if (!pktmp) {
|
|
251
|
-
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
|
|
252
|
-
return 0;
|
|
253
|
-
}
|
|
254
|
-
EVP_PKEY_set1_RSA(pktmp, (RSA *)a);
|
|
255
|
-
ret = i2d_PUBKEY(pktmp, pp);
|
|
256
|
-
EVP_PKEY_free(pktmp);
|
|
257
|
-
return ret;
|
|
258
|
-
}
|
|
259
|
-
|
|
260
|
-
#ifndef OPENSSL_NO_DSA
|
|
261
|
-
DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
|
|
262
|
-
{
|
|
263
|
-
EVP_PKEY *pkey;
|
|
264
|
-
DSA *key;
|
|
265
|
-
const unsigned char *q;
|
|
266
|
-
q = *pp;
|
|
267
|
-
pkey = d2i_PUBKEY(NULL, &q, length);
|
|
268
|
-
if (!pkey)
|
|
269
|
-
return NULL;
|
|
270
|
-
key = EVP_PKEY_get1_DSA(pkey);
|
|
271
|
-
EVP_PKEY_free(pkey);
|
|
272
|
-
if (!key)
|
|
273
|
-
return NULL;
|
|
274
|
-
*pp = q;
|
|
275
|
-
if (a) {
|
|
276
|
-
DSA_free(*a);
|
|
277
|
-
*a = key;
|
|
278
|
-
}
|
|
279
|
-
return key;
|
|
280
|
-
}
|
|
281
|
-
|
|
282
|
-
int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
|
|
283
|
-
{
|
|
284
|
-
EVP_PKEY *pktmp;
|
|
285
|
-
int ret;
|
|
286
|
-
if (!a)
|
|
287
|
-
return 0;
|
|
288
|
-
pktmp = EVP_PKEY_new();
|
|
289
|
-
if (!pktmp) {
|
|
290
|
-
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
|
|
291
|
-
return 0;
|
|
292
|
-
}
|
|
293
|
-
EVP_PKEY_set1_DSA(pktmp, (DSA *)a);
|
|
294
|
-
ret = i2d_PUBKEY(pktmp, pp);
|
|
295
|
-
EVP_PKEY_free(pktmp);
|
|
296
|
-
return ret;
|
|
297
|
-
}
|
|
298
|
-
#endif
|
|
299
|
-
|
|
300
|
-
EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
|
|
301
|
-
{
|
|
302
|
-
EVP_PKEY *pkey;
|
|
303
|
-
EC_KEY *key;
|
|
304
|
-
const unsigned char *q;
|
|
305
|
-
q = *pp;
|
|
306
|
-
pkey = d2i_PUBKEY(NULL, &q, length);
|
|
307
|
-
if (!pkey)
|
|
308
|
-
return (NULL);
|
|
309
|
-
key = EVP_PKEY_get1_EC_KEY(pkey);
|
|
310
|
-
EVP_PKEY_free(pkey);
|
|
311
|
-
if (!key)
|
|
312
|
-
return (NULL);
|
|
313
|
-
*pp = q;
|
|
314
|
-
if (a) {
|
|
315
|
-
EC_KEY_free(*a);
|
|
316
|
-
*a = key;
|
|
317
|
-
}
|
|
318
|
-
return (key);
|
|
319
|
-
}
|
|
320
|
-
|
|
321
|
-
int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp)
|
|
322
|
-
{
|
|
323
|
-
EVP_PKEY *pktmp;
|
|
324
|
-
int ret;
|
|
325
|
-
if (!a)
|
|
326
|
-
return (0);
|
|
327
|
-
if ((pktmp = EVP_PKEY_new()) == NULL) {
|
|
328
|
-
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
|
|
329
|
-
return (0);
|
|
330
|
-
}
|
|
331
|
-
EVP_PKEY_set1_EC_KEY(pktmp, (EC_KEY *)a);
|
|
332
|
-
ret = i2d_PUBKEY(pktmp, pp);
|
|
333
|
-
EVP_PKEY_free(pktmp);
|
|
334
|
-
return (ret);
|
|
335
|
-
}
|
|
336
|
-
|
|
337
183
|
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, const ASN1_OBJECT *aobj,
|
|
338
184
|
int ptype, void *pval,
|
|
339
185
|
unsigned char *penc, int penclen)
|
|
@@ -67,3 +67,23 @@ ASN1_SEQUENCE(X509_SIG) = {
|
|
|
67
67
|
} ASN1_SEQUENCE_END(X509_SIG)
|
|
68
68
|
|
|
69
69
|
IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
|
|
70
|
+
|
|
71
|
+
void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **out_alg,
|
|
72
|
+
const ASN1_OCTET_STRING **out_digest) {
|
|
73
|
+
if (out_alg != NULL) {
|
|
74
|
+
*out_alg = sig->algor;
|
|
75
|
+
}
|
|
76
|
+
if (out_digest != NULL) {
|
|
77
|
+
*out_digest = sig->digest;
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
|
|
82
|
+
ASN1_OCTET_STRING **out_digest) {
|
|
83
|
+
if (out_alg != NULL) {
|
|
84
|
+
*out_alg = sig->algor;
|
|
85
|
+
}
|
|
86
|
+
if (out_digest != NULL) {
|
|
87
|
+
*out_digest = sig->digest;
|
|
88
|
+
}
|
|
89
|
+
}
|
|
@@ -98,7 +98,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
98
98
|
switch (operation) {
|
|
99
99
|
|
|
100
100
|
case ASN1_OP_NEW_POST:
|
|
101
|
-
ret->name = NULL;
|
|
102
101
|
ret->ex_flags = 0;
|
|
103
102
|
ret->ex_pathlen = -1;
|
|
104
103
|
ret->skid = NULL;
|
|
@@ -115,11 +114,35 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
115
114
|
ret->buf = NULL;
|
|
116
115
|
break;
|
|
117
116
|
|
|
118
|
-
case ASN1_OP_D2I_POST:
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
117
|
+
case ASN1_OP_D2I_POST: {
|
|
118
|
+
/* The version must be one of v1(0), v2(1), or v3(2). */
|
|
119
|
+
long version = 0;
|
|
120
|
+
if (ret->cert_info->version != NULL) {
|
|
121
|
+
version = ASN1_INTEGER_get(ret->cert_info->version);
|
|
122
|
+
/* TODO(https://crbug.com/boringssl/364): |version| = 0 should also
|
|
123
|
+
* be rejected. This means an explicitly-encoded X.509v1 version.
|
|
124
|
+
* v1 is DEFAULT, so DER requires it be omitted. */
|
|
125
|
+
if (version < 0 || version > 2) {
|
|
126
|
+
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
|
|
127
|
+
return 0;
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
/* Per RFC5280, section 4.1.2.8, these fields require v2 or v3. */
|
|
132
|
+
if (version == 0 && (ret->cert_info->issuerUID != NULL ||
|
|
133
|
+
ret->cert_info->subjectUID != NULL)) {
|
|
134
|
+
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
|
|
135
|
+
return 0;
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
/* Per RFC5280, section 4.1.2.9, extensions require v3. */
|
|
139
|
+
if (version != 2 && ret->cert_info->extensions != NULL) {
|
|
140
|
+
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION);
|
|
141
|
+
return 0;
|
|
142
|
+
}
|
|
143
|
+
|
|
122
144
|
break;
|
|
145
|
+
}
|
|
123
146
|
|
|
124
147
|
case ASN1_OP_FREE_POST:
|
|
125
148
|
CRYPTO_MUTEX_cleanup(&ret->lock);
|
|
@@ -132,7 +155,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|
|
132
155
|
GENERAL_NAMES_free(ret->altname);
|
|
133
156
|
NAME_CONSTRAINTS_free(ret->nc);
|
|
134
157
|
CRYPTO_BUFFER_free(ret->buf);
|
|
135
|
-
OPENSSL_free(ret->name);
|
|
136
158
|
break;
|
|
137
159
|
|
|
138
160
|
}
|
|
@@ -48,6 +48,11 @@ int x509v3_name_cmp(const char *name, const char *cmp);
|
|
|
48
48
|
OPENSSL_EXPORT int x509v3_looks_like_dns_name(const unsigned char *in,
|
|
49
49
|
size_t len);
|
|
50
50
|
|
|
51
|
+
// x509v3_cache_extensions fills in a number of fields relating to X.509
|
|
52
|
+
// extensions in |x|. It returns one on success and zero if some extensions were
|
|
53
|
+
// invalid.
|
|
54
|
+
int x509v3_cache_extensions(X509 *x);
|
|
55
|
+
|
|
51
56
|
|
|
52
57
|
#if defined(__cplusplus)
|
|
53
58
|
} /* extern C */
|
|
@@ -68,6 +68,7 @@
|
|
|
68
68
|
#include <openssl/x509v3.h>
|
|
69
69
|
|
|
70
70
|
#include "../internal.h"
|
|
71
|
+
#include "internal.h"
|
|
71
72
|
|
|
72
73
|
#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
|
|
73
74
|
#define ku_reject(x, usage) \
|
|
@@ -77,8 +78,6 @@
|
|
|
77
78
|
#define ns_reject(x, usage) \
|
|
78
79
|
(((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
|
|
79
80
|
|
|
80
|
-
static void x509v3_cache_extensions(X509 *x);
|
|
81
|
-
|
|
82
81
|
static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
|
|
83
82
|
int ca);
|
|
84
83
|
static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
|
|
@@ -144,7 +143,10 @@ int X509_check_purpose(X509 *x, int id, int ca)
|
|
|
144
143
|
{
|
|
145
144
|
int idx;
|
|
146
145
|
const X509_PURPOSE *pt;
|
|
147
|
-
x509v3_cache_extensions(x)
|
|
146
|
+
if (!x509v3_cache_extensions(x)) {
|
|
147
|
+
return -1;
|
|
148
|
+
}
|
|
149
|
+
|
|
148
150
|
if (id == -1)
|
|
149
151
|
return 1;
|
|
150
152
|
idx = X509_PURPOSE_get_by_id(id);
|
|
@@ -368,7 +370,7 @@ int X509_supported_extension(X509_EXTENSION *ex)
|
|
|
368
370
|
return 0;
|
|
369
371
|
}
|
|
370
372
|
|
|
371
|
-
static
|
|
373
|
+
static int setup_dp(X509 *x, DIST_POINT *dp)
|
|
372
374
|
{
|
|
373
375
|
X509_NAME *iname = NULL;
|
|
374
376
|
size_t i;
|
|
@@ -381,7 +383,7 @@ static void setup_dp(X509 *x, DIST_POINT *dp)
|
|
|
381
383
|
} else
|
|
382
384
|
dp->dp_reasons = CRLDP_ALL_REASONS;
|
|
383
385
|
if (!dp->distpoint || (dp->distpoint->type != 1))
|
|
384
|
-
return;
|
|
386
|
+
return 1;
|
|
385
387
|
for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
|
|
386
388
|
GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
|
|
387
389
|
if (gen->type == GEN_DIRNAME) {
|
|
@@ -392,19 +394,25 @@ static void setup_dp(X509 *x, DIST_POINT *dp)
|
|
|
392
394
|
if (!iname)
|
|
393
395
|
iname = X509_get_issuer_name(x);
|
|
394
396
|
|
|
395
|
-
DIST_POINT_set_dpname(dp->distpoint, iname);
|
|
396
|
-
|
|
397
|
+
return DIST_POINT_set_dpname(dp->distpoint, iname);
|
|
397
398
|
}
|
|
398
399
|
|
|
399
|
-
static
|
|
400
|
+
static int setup_crldp(X509 *x)
|
|
400
401
|
{
|
|
401
|
-
|
|
402
|
-
x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points,
|
|
403
|
-
|
|
404
|
-
|
|
402
|
+
int j;
|
|
403
|
+
x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &j, NULL);
|
|
404
|
+
if (x->crldp == NULL && j != -1) {
|
|
405
|
+
return 0;
|
|
406
|
+
}
|
|
407
|
+
for (size_t i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
|
|
408
|
+
if (!setup_dp(x, sk_DIST_POINT_value(x->crldp, i))) {
|
|
409
|
+
return 0;
|
|
410
|
+
}
|
|
411
|
+
}
|
|
412
|
+
return 1;
|
|
405
413
|
}
|
|
406
414
|
|
|
407
|
-
|
|
415
|
+
int x509v3_cache_extensions(X509 *x)
|
|
408
416
|
{
|
|
409
417
|
BASIC_CONSTRAINTS *bs;
|
|
410
418
|
PROXY_CERT_INFO_EXTENSION *pci;
|
|
@@ -420,21 +428,22 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
420
428
|
CRYPTO_MUTEX_unlock_read(&x->lock);
|
|
421
429
|
|
|
422
430
|
if (is_set) {
|
|
423
|
-
return;
|
|
431
|
+
return (x->ex_flags & EXFLAG_INVALID) == 0;
|
|
424
432
|
}
|
|
425
433
|
|
|
426
434
|
CRYPTO_MUTEX_lock_write(&x->lock);
|
|
427
435
|
if (x->ex_flags & EXFLAG_SET) {
|
|
428
436
|
CRYPTO_MUTEX_unlock_write(&x->lock);
|
|
429
|
-
return;
|
|
437
|
+
return (x->ex_flags & EXFLAG_INVALID) == 0;
|
|
430
438
|
}
|
|
431
439
|
|
|
432
|
-
X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)
|
|
440
|
+
if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
|
|
441
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
433
442
|
/* V1 should mean no extensions ... */
|
|
434
443
|
if (!X509_get_version(x))
|
|
435
444
|
x->ex_flags |= EXFLAG_V1;
|
|
436
445
|
/* Handle basic constraints */
|
|
437
|
-
if ((bs = X509_get_ext_d2i(x, NID_basic_constraints,
|
|
446
|
+
if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &j, NULL))) {
|
|
438
447
|
if (bs->ca)
|
|
439
448
|
x->ex_flags |= EXFLAG_CA;
|
|
440
449
|
if (bs->pathlen) {
|
|
@@ -448,9 +457,11 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
448
457
|
x->ex_pathlen = -1;
|
|
449
458
|
BASIC_CONSTRAINTS_free(bs);
|
|
450
459
|
x->ex_flags |= EXFLAG_BCONS;
|
|
460
|
+
} else if (j != -1) {
|
|
461
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
451
462
|
}
|
|
452
463
|
/* Handle proxy certificates */
|
|
453
|
-
if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo,
|
|
464
|
+
if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, &j, NULL))) {
|
|
454
465
|
if (x->ex_flags & EXFLAG_CA
|
|
455
466
|
|| X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
|
|
456
467
|
|| X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
|
|
@@ -462,9 +473,11 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
462
473
|
x->ex_pcpathlen = -1;
|
|
463
474
|
PROXY_CERT_INFO_EXTENSION_free(pci);
|
|
464
475
|
x->ex_flags |= EXFLAG_PROXY;
|
|
476
|
+
} else if (j != -1) {
|
|
477
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
465
478
|
}
|
|
466
479
|
/* Handle key usage */
|
|
467
|
-
if ((usage = X509_get_ext_d2i(x, NID_key_usage,
|
|
480
|
+
if ((usage = X509_get_ext_d2i(x, NID_key_usage, &j, NULL))) {
|
|
468
481
|
if (usage->length > 0) {
|
|
469
482
|
x->ex_kusage = usage->data[0];
|
|
470
483
|
if (usage->length > 1)
|
|
@@ -473,9 +486,11 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
473
486
|
x->ex_kusage = 0;
|
|
474
487
|
x->ex_flags |= EXFLAG_KUSAGE;
|
|
475
488
|
ASN1_BIT_STRING_free(usage);
|
|
489
|
+
} else if (j != -1) {
|
|
490
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
476
491
|
}
|
|
477
492
|
x->ex_xkusage = 0;
|
|
478
|
-
if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage,
|
|
493
|
+
if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &j, NULL))) {
|
|
479
494
|
x->ex_flags |= EXFLAG_XKUSAGE;
|
|
480
495
|
for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
|
|
481
496
|
switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {
|
|
@@ -518,18 +533,28 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
518
533
|
}
|
|
519
534
|
}
|
|
520
535
|
sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
|
|
536
|
+
} else if (j != -1) {
|
|
537
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
521
538
|
}
|
|
522
539
|
|
|
523
|
-
if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type,
|
|
540
|
+
if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &j, NULL))) {
|
|
524
541
|
if (ns->length > 0)
|
|
525
542
|
x->ex_nscert = ns->data[0];
|
|
526
543
|
else
|
|
527
544
|
x->ex_nscert = 0;
|
|
528
545
|
x->ex_flags |= EXFLAG_NSCERT;
|
|
529
546
|
ASN1_BIT_STRING_free(ns);
|
|
547
|
+
} else if (j != -1) {
|
|
548
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
549
|
+
}
|
|
550
|
+
x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &j, NULL);
|
|
551
|
+
if (x->skid == NULL && j != -1) {
|
|
552
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
553
|
+
}
|
|
554
|
+
x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &j, NULL);
|
|
555
|
+
if (x->akid == NULL && j != -1) {
|
|
556
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
530
557
|
}
|
|
531
|
-
x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
|
|
532
|
-
x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
|
|
533
558
|
/* Does subject name match issuer ? */
|
|
534
559
|
if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {
|
|
535
560
|
x->ex_flags |= EXFLAG_SI;
|
|
@@ -538,11 +563,17 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
538
563
|
!ku_reject(x, KU_KEY_CERT_SIGN))
|
|
539
564
|
x->ex_flags |= EXFLAG_SS;
|
|
540
565
|
}
|
|
541
|
-
x->altname = X509_get_ext_d2i(x, NID_subject_alt_name,
|
|
566
|
+
x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &j, NULL);
|
|
567
|
+
if (x->altname == NULL && j != -1) {
|
|
568
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
569
|
+
}
|
|
542
570
|
x->nc = X509_get_ext_d2i(x, NID_name_constraints, &j, NULL);
|
|
543
|
-
if (
|
|
571
|
+
if (x->nc == NULL && j != -1) {
|
|
572
|
+
x->ex_flags |= EXFLAG_INVALID;
|
|
573
|
+
}
|
|
574
|
+
if (!setup_crldp(x)) {
|
|
544
575
|
x->ex_flags |= EXFLAG_INVALID;
|
|
545
|
-
|
|
576
|
+
}
|
|
546
577
|
|
|
547
578
|
for (j = 0; j < X509_get_ext_count(x); j++) {
|
|
548
579
|
ex = X509_get_ext(x, j);
|
|
@@ -559,6 +590,7 @@ static void x509v3_cache_extensions(X509 *x)
|
|
|
559
590
|
x->ex_flags |= EXFLAG_SET;
|
|
560
591
|
|
|
561
592
|
CRYPTO_MUTEX_unlock_write(&x->lock);
|
|
593
|
+
return (x->ex_flags & EXFLAG_INVALID) == 0;
|
|
562
594
|
}
|
|
563
595
|
|
|
564
596
|
/* check_ca returns one if |x| should be considered a CA certificate and zero
|
|
@@ -579,7 +611,9 @@ static int check_ca(const X509 *x)
|
|
|
579
611
|
|
|
580
612
|
int X509_check_ca(X509 *x)
|
|
581
613
|
{
|
|
582
|
-
x509v3_cache_extensions(x)
|
|
614
|
+
if (!x509v3_cache_extensions(x)) {
|
|
615
|
+
return 0;
|
|
616
|
+
}
|
|
583
617
|
return check_ca(x);
|
|
584
618
|
}
|
|
585
619
|
|
|
@@ -761,8 +795,10 @@ int X509_check_issued(X509 *issuer, X509 *subject)
|
|
|
761
795
|
if (X509_NAME_cmp(X509_get_subject_name(issuer),
|
|
762
796
|
X509_get_issuer_name(subject)))
|
|
763
797
|
return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
|
|
764
|
-
x509v3_cache_extensions(issuer)
|
|
765
|
-
|
|
798
|
+
if (!x509v3_cache_extensions(issuer) ||
|
|
799
|
+
!x509v3_cache_extensions(subject)) {
|
|
800
|
+
return X509_V_ERR_UNSPECIFIED;
|
|
801
|
+
}
|
|
766
802
|
|
|
767
803
|
if (subject->akid) {
|
|
768
804
|
int ret = X509_check_akid(issuer, subject->akid);
|
|
@@ -819,15 +855,17 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
|
|
|
819
855
|
|
|
820
856
|
uint32_t X509_get_extension_flags(X509 *x)
|
|
821
857
|
{
|
|
822
|
-
|
|
823
|
-
|
|
858
|
+
if (!x509v3_cache_extensions(x)) {
|
|
859
|
+
return 0;
|
|
860
|
+
}
|
|
824
861
|
return x->ex_flags;
|
|
825
862
|
}
|
|
826
863
|
|
|
827
864
|
uint32_t X509_get_key_usage(X509 *x)
|
|
828
865
|
{
|
|
829
|
-
|
|
830
|
-
|
|
866
|
+
if (!x509v3_cache_extensions(x)) {
|
|
867
|
+
return 0;
|
|
868
|
+
}
|
|
831
869
|
if (x->ex_flags & EXFLAG_KUSAGE)
|
|
832
870
|
return x->ex_kusage;
|
|
833
871
|
return UINT32_MAX;
|
|
@@ -835,8 +873,9 @@ uint32_t X509_get_key_usage(X509 *x)
|
|
|
835
873
|
|
|
836
874
|
uint32_t X509_get_extended_key_usage(X509 *x)
|
|
837
875
|
{
|
|
838
|
-
|
|
839
|
-
|
|
876
|
+
if (!x509v3_cache_extensions(x)) {
|
|
877
|
+
return 0;
|
|
878
|
+
}
|
|
840
879
|
if (x->ex_flags & EXFLAG_XKUSAGE)
|
|
841
880
|
return x->ex_xkusage;
|
|
842
881
|
return UINT32_MAX;
|