grpc 1.32.0.pre1 → 1.35.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (938) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1078 -3049
  3. data/etc/roots.pem +257 -573
  4. data/include/grpc/compression.h +1 -1
  5. data/include/grpc/grpc.h +15 -7
  6. data/include/grpc/grpc_security.h +222 -171
  7. data/include/grpc/impl/codegen/atm_windows.h +4 -0
  8. data/include/grpc/impl/codegen/byte_buffer.h +1 -1
  9. data/include/grpc/impl/codegen/grpc_types.h +10 -8
  10. data/include/grpc/impl/codegen/log.h +0 -2
  11. data/include/grpc/impl/codegen/port_platform.h +22 -55
  12. data/include/grpc/impl/codegen/sync_windows.h +4 -0
  13. data/include/grpc/slice_buffer.h +3 -3
  14. data/include/grpc/support/sync.h +3 -3
  15. data/include/grpc/support/time.h +7 -7
  16. data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
  17. data/src/core/ext/filters/client_channel/client_channel.cc +2776 -1529
  18. data/src/core/ext/filters/client_channel/client_channel.h +0 -4
  19. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  20. data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
  21. data/src/core/ext/filters/client_channel/config_selector.h +40 -8
  22. data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
  23. data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
  24. data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
  25. data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
  26. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +5 -6
  27. data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
  28. data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
  29. data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
  30. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
  31. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
  32. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
  33. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
  34. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +201 -190
  35. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
  36. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
  37. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
  38. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -4
  39. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +50 -20
  40. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
  41. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
  42. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
  43. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +341 -127
  44. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
  45. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +24 -0
  46. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +812 -0
  47. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
  48. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1262 -0
  49. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
  50. data/src/core/ext/filters/client_channel/resolver.cc +3 -1
  51. data/src/core/ext/filters/client_channel/resolver.h +4 -1
  52. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +9 -16
  53. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
  54. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
  55. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +454 -16
  56. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
  57. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +7 -10
  58. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +3 -3
  59. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
  60. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +34 -27
  61. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +618 -366
  62. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
  63. data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
  64. data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
  65. data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
  66. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
  67. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
  68. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
  69. data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
  70. data/src/core/ext/filters/client_channel/server_address.cc +80 -0
  71. data/src/core/ext/filters/client_channel/server_address.h +21 -36
  72. data/src/core/ext/filters/client_channel/service_config.cc +18 -13
  73. data/src/core/ext/filters/client_channel/service_config.h +8 -5
  74. data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
  75. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
  76. data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
  77. data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
  78. data/src/core/ext/filters/client_channel/subchannel.cc +51 -64
  79. data/src/core/ext/filters/client_channel/subchannel.h +14 -20
  80. data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
  81. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
  82. data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
  83. data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
  84. data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
  85. data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
  86. data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
  87. data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
  88. data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
  89. data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
  90. data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
  91. data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
  92. data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
  93. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
  94. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
  95. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
  96. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
  97. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +185 -79
  98. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
  99. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
  100. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
  101. data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
  102. data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
  103. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
  104. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
  105. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
  106. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
  107. data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
  108. data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
  109. data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
  110. data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
  111. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
  112. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
  113. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
  114. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -32
  115. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
  116. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
  117. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
  118. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +177 -99
  119. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +642 -202
  120. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
  121. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
  122. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +22 -22
  123. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +47 -21
  124. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
  125. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
  126. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
  127. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
  128. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -44
  129. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +200 -78
  130. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
  131. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
  132. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
  133. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
  134. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
  135. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
  136. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
  137. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
  138. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +39 -39
  139. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +157 -89
  140. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
  141. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
  142. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
  143. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
  144. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -1
  145. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
  146. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
  147. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
  148. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +36 -0
  149. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +92 -0
  150. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -13
  151. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
  152. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
  153. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
  154. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
  155. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
  156. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
  157. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
  158. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +46 -26
  159. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +179 -68
  160. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +39 -22
  161. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +149 -48
  162. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -2
  163. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
  164. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
  165. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
  166. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +7 -7
  167. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +38 -22
  168. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +321 -194
  169. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1228 -443
  170. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
  171. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
  172. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -3
  173. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
  174. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +132 -80
  175. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +516 -166
  176. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
  177. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +24 -25
  178. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +96 -71
  179. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -8
  180. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +46 -8
  181. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +71 -29
  182. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
  183. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
  184. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
  185. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
  186. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
  187. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +41 -31
  188. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +165 -64
  189. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -1
  190. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
  191. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -1
  192. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
  193. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -7
  194. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
  195. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -1
  196. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
  197. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
  198. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
  199. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
  200. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
  201. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
  202. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
  203. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
  204. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
  205. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
  206. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
  207. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -3
  208. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
  209. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
  210. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
  211. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
  212. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
  213. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
  214. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
  215. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
  216. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
  217. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
  218. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
  219. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
  220. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
  221. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
  222. data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
  223. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
  224. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
  225. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +34 -34
  226. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +142 -59
  227. data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
  228. data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
  229. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
  230. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
  231. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
  232. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
  233. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
  234. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
  235. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
  236. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
  237. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
  238. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
  239. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
  240. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
  241. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
  242. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
  243. data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
  244. data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
  245. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
  246. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
  247. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
  248. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
  249. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
  250. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
  251. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
  252. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
  253. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
  254. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
  255. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
  256. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
  257. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
  258. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
  259. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
  260. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
  261. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
  262. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
  263. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
  264. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.c +28 -0
  265. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +60 -0
  266. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +52 -0
  267. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +143 -0
  268. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +42 -0
  269. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +84 -0
  270. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +36 -0
  271. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +94 -0
  272. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +54 -0
  273. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +173 -0
  274. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +36 -0
  275. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +92 -0
  276. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
  277. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
  278. data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
  279. data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
  280. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
  281. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
  282. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
  283. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
  284. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
  285. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
  286. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
  287. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
  288. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
  289. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
  290. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
  291. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
  292. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
  293. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
  294. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
  295. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
  296. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
  297. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
  298. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
  299. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
  300. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
  301. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
  302. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
  303. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
  304. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
  305. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
  306. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
  307. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
  308. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
  309. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
  310. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
  311. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
  312. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
  313. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
  314. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
  315. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
  316. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
  317. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
  318. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
  319. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
  320. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
  321. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
  322. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
  323. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
  324. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
  325. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
  326. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
  327. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
  328. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
  329. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
  330. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
  331. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
  332. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
  333. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
  334. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
  335. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
  336. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
  337. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
  338. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
  339. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
  340. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
  341. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
  342. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
  343. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
  344. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
  345. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
  346. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
  347. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
  348. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
  349. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
  350. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
  351. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
  352. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
  353. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
  354. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
  355. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
  356. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
  357. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
  358. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
  359. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
  360. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
  361. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
  362. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
  363. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
  364. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
  365. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
  366. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
  367. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
  368. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
  369. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
  370. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
  371. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
  372. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
  373. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
  374. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
  375. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
  376. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
  377. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
  378. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
  379. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
  380. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
  381. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
  382. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
  383. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
  384. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
  385. data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
  386. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
  387. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
  388. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
  389. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
  390. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
  391. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
  392. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
  393. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
  394. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
  395. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
  396. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
  397. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
  398. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
  399. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
  400. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
  401. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
  402. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
  403. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
  404. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
  405. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
  406. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
  407. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
  408. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
  409. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
  410. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
  411. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
  412. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
  413. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
  414. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
  415. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
  416. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
  417. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
  418. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
  419. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
  420. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
  421. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
  422. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
  423. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
  424. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
  425. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
  426. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
  427. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
  428. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
  429. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
  430. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
  431. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
  432. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
  433. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
  434. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
  435. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
  436. data/src/core/ext/xds/certificate_provider_factory.h +61 -0
  437. data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
  438. data/src/core/ext/xds/certificate_provider_registry.h +57 -0
  439. data/src/core/ext/xds/certificate_provider_store.cc +87 -0
  440. data/src/core/ext/xds/certificate_provider_store.h +112 -0
  441. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
  442. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
  443. data/src/core/ext/xds/xds_api.cc +687 -767
  444. data/src/core/ext/xds/xds_api.h +207 -98
  445. data/src/core/ext/xds/xds_bootstrap.cc +172 -25
  446. data/src/core/ext/xds/xds_bootstrap.h +23 -8
  447. data/src/core/ext/xds/xds_certificate_provider.cc +299 -0
  448. data/src/core/ext/xds/xds_certificate_provider.h +112 -0
  449. data/src/core/ext/xds/xds_channel_args.h +6 -3
  450. data/src/core/ext/xds/xds_client.cc +617 -494
  451. data/src/core/ext/xds/xds_client.h +118 -58
  452. data/src/core/ext/xds/xds_client_stats.cc +59 -16
  453. data/src/core/ext/xds/xds_client_stats.h +35 -7
  454. data/src/core/ext/xds/xds_server_config_fetcher.cc +131 -0
  455. data/src/core/lib/channel/channel_args.cc +9 -8
  456. data/src/core/lib/channel/channel_args.h +0 -1
  457. data/src/core/lib/channel/channel_trace.cc +4 -2
  458. data/src/core/lib/channel/channel_trace.h +1 -1
  459. data/src/core/lib/channel/channelz.cc +23 -59
  460. data/src/core/lib/channel/channelz.h +13 -22
  461. data/src/core/lib/channel/channelz_registry.cc +12 -11
  462. data/src/core/lib/channel/channelz_registry.h +3 -1
  463. data/src/core/lib/channel/handshaker.cc +2 -2
  464. data/src/core/lib/channel/handshaker.h +2 -2
  465. data/src/core/lib/compression/compression.cc +8 -4
  466. data/src/core/lib/compression/compression_args.cc +3 -2
  467. data/src/core/lib/compression/compression_internal.cc +10 -5
  468. data/src/core/lib/compression/compression_internal.h +2 -1
  469. data/src/core/lib/compression/stream_compression_identity.cc +1 -3
  470. data/src/core/lib/debug/stats.h +2 -2
  471. data/src/core/lib/debug/stats_data.cc +1 -0
  472. data/src/core/lib/debug/stats_data.h +13 -13
  473. data/src/core/lib/gpr/alloc.cc +3 -2
  474. data/src/core/lib/gpr/cpu_iphone.cc +10 -2
  475. data/src/core/lib/gpr/log.cc +53 -16
  476. data/src/core/lib/gpr/log_linux.cc +19 -3
  477. data/src/core/lib/gpr/log_posix.cc +15 -1
  478. data/src/core/lib/gpr/log_windows.cc +18 -4
  479. data/src/core/lib/gpr/murmur_hash.cc +1 -1
  480. data/src/core/lib/gpr/spinlock.h +10 -2
  481. data/src/core/lib/gpr/string.cc +23 -22
  482. data/src/core/lib/gpr/string.h +5 -6
  483. data/src/core/lib/gpr/sync.cc +4 -4
  484. data/src/core/lib/gpr/time.cc +12 -12
  485. data/src/core/lib/gpr/time_precise.cc +5 -2
  486. data/src/core/lib/gpr/time_precise.h +6 -2
  487. data/src/core/lib/gpr/tls.h +4 -0
  488. data/src/core/lib/gpr/tls_msvc.h +2 -0
  489. data/src/core/lib/gpr/tls_stdcpp.h +48 -0
  490. data/src/core/lib/gpr/useful.h +5 -4
  491. data/src/core/lib/gprpp/arena.h +3 -2
  492. data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
  493. data/src/core/lib/gprpp/examine_stack.cc +43 -0
  494. data/src/core/lib/gprpp/examine_stack.h +46 -0
  495. data/src/core/lib/gprpp/fork.cc +2 -2
  496. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  497. data/src/core/lib/gprpp/orphanable.h +4 -8
  498. data/src/core/lib/gprpp/ref_counted.h +91 -68
  499. data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
  500. data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
  501. data/src/core/lib/gprpp/stat_posix.cc +49 -0
  502. data/src/core/lib/gprpp/stat_windows.cc +48 -0
  503. data/src/core/lib/gprpp/thd.h +2 -2
  504. data/src/core/lib/gprpp/thd_posix.cc +42 -37
  505. data/src/core/lib/gprpp/thd_windows.cc +3 -1
  506. data/src/core/lib/http/httpcli.cc +1 -1
  507. data/src/core/lib/http/httpcli.h +2 -3
  508. data/src/core/lib/http/httpcli_security_connector.cc +1 -1
  509. data/src/core/lib/http/parser.cc +47 -27
  510. data/src/core/lib/iomgr/call_combiner.cc +8 -5
  511. data/src/core/lib/iomgr/combiner.cc +2 -1
  512. data/src/core/lib/iomgr/endpoint.h +1 -1
  513. data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
  514. data/src/core/lib/iomgr/error.cc +17 -12
  515. data/src/core/lib/iomgr/error_internal.h +1 -1
  516. data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
  517. data/src/core/lib/iomgr/ev_epollex_linux.cc +25 -17
  518. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
  519. data/src/core/lib/iomgr/exec_ctx.cc +1 -1
  520. data/src/core/lib/iomgr/exec_ctx.h +16 -12
  521. data/src/core/lib/iomgr/executor.cc +2 -1
  522. data/src/core/lib/iomgr/executor.h +1 -1
  523. data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
  524. data/src/core/lib/iomgr/executor/threadpool.h +4 -4
  525. data/src/core/lib/iomgr/iomgr.cc +1 -1
  526. data/src/core/lib/iomgr/load_file.h +1 -1
  527. data/src/core/lib/iomgr/lockfree_event.cc +19 -14
  528. data/src/core/lib/iomgr/lockfree_event.h +2 -2
  529. data/src/core/lib/iomgr/parse_address.cc +127 -43
  530. data/src/core/lib/iomgr/parse_address.h +32 -8
  531. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
  532. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
  533. data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
  534. data/src/core/lib/iomgr/python_util.h +4 -4
  535. data/src/core/lib/iomgr/resolve_address.cc +4 -4
  536. data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
  537. data/src/core/lib/iomgr/resource_quota.cc +4 -4
  538. data/src/core/lib/iomgr/sockaddr_utils.cc +10 -10
  539. data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
  540. data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
  541. data/src/core/lib/iomgr/socket_mutator.cc +3 -2
  542. data/src/core/lib/iomgr/tcp_client.cc +3 -3
  543. data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
  544. data/src/core/lib/iomgr/tcp_custom.cc +22 -17
  545. data/src/core/lib/iomgr/tcp_posix.cc +12 -8
  546. data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
  547. data/src/core/lib/iomgr/timer_custom.cc +5 -5
  548. data/src/core/lib/iomgr/timer_generic.cc +3 -3
  549. data/src/core/lib/iomgr/timer_manager.cc +2 -2
  550. data/src/core/lib/iomgr/udp_server.cc +1 -2
  551. data/src/core/lib/iomgr/udp_server.h +1 -2
  552. data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
  553. data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
  554. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
  555. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
  556. data/src/core/lib/json/json.h +12 -2
  557. data/src/core/lib/json/json_reader.cc +8 -4
  558. data/src/core/lib/json/json_util.cc +58 -0
  559. data/src/core/lib/json/json_util.h +204 -0
  560. data/src/core/lib/json/json_writer.cc +2 -1
  561. data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
  562. data/src/core/lib/security/authorization/evaluate_args.h +1 -1
  563. data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
  564. data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
  565. data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
  566. data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
  567. data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
  568. data/src/core/lib/security/context/security_context.cc +4 -3
  569. data/src/core/lib/security/context/security_context.h +3 -1
  570. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  571. data/src/core/lib/security/credentials/credentials.cc +7 -7
  572. data/src/core/lib/security/credentials/credentials.h +3 -3
  573. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
  574. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
  575. data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
  576. data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
  577. data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
  578. data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
  579. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
  580. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
  581. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
  582. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
  583. data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -1
  584. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +18 -12
  585. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
  586. data/src/core/lib/security/credentials/jwt/json_token.cc +6 -3
  587. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
  588. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -4
  589. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
  590. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
  591. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
  592. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +5 -5
  593. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
  594. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
  595. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
  596. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
  597. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
  598. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
  599. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
  600. data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
  601. data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
  602. data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
  603. data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
  604. data/src/core/lib/security/credentials/xds/xds_credentials.cc +175 -0
  605. data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
  606. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
  607. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
  608. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
  609. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
  610. data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
  611. data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
  612. data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
  613. data/src/core/lib/security/security_connector/security_connector.cc +4 -3
  614. data/src/core/lib/security/security_connector/security_connector.h +4 -2
  615. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
  616. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
  617. data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
  618. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +342 -279
  619. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
  620. data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
  621. data/src/core/lib/security/transport/security_handshaker.cc +3 -3
  622. data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
  623. data/src/core/lib/security/util/json_util.h +1 -0
  624. data/src/core/lib/slice/slice.cc +7 -4
  625. data/src/core/lib/slice/slice_buffer.cc +2 -1
  626. data/src/core/lib/slice/slice_intern.cc +6 -7
  627. data/src/core/lib/slice/slice_internal.h +2 -2
  628. data/src/core/lib/surface/call.cc +41 -32
  629. data/src/core/lib/surface/call_details.cc +8 -8
  630. data/src/core/lib/surface/channel.cc +25 -41
  631. data/src/core/lib/surface/channel.h +9 -3
  632. data/src/core/lib/surface/channel_init.cc +1 -1
  633. data/src/core/lib/surface/completion_queue.cc +30 -24
  634. data/src/core/lib/surface/completion_queue.h +16 -16
  635. data/src/core/lib/surface/init.cc +32 -14
  636. data/src/core/lib/surface/lame_client.cc +20 -46
  637. data/src/core/lib/surface/lame_client.h +4 -0
  638. data/src/core/lib/surface/server.cc +63 -17
  639. data/src/core/lib/surface/server.h +39 -7
  640. data/src/core/lib/surface/validate_metadata.h +3 -0
  641. data/src/core/lib/surface/version.cc +2 -2
  642. data/src/core/lib/transport/authority_override.cc +6 -4
  643. data/src/core/lib/transport/authority_override.h +7 -2
  644. data/src/core/lib/transport/bdp_estimator.cc +1 -1
  645. data/src/core/lib/transport/bdp_estimator.h +2 -1
  646. data/src/core/lib/transport/byte_stream.h +3 -3
  647. data/src/core/lib/transport/connectivity_state.h +11 -9
  648. data/src/core/lib/transport/error_utils.h +1 -1
  649. data/src/core/lib/transport/metadata.cc +11 -1
  650. data/src/core/lib/transport/metadata.h +2 -2
  651. data/src/core/lib/transport/metadata_batch.h +4 -4
  652. data/src/core/lib/transport/static_metadata.cc +1 -1
  653. data/src/core/lib/transport/status_metadata.cc +4 -3
  654. data/src/core/lib/transport/timeout_encoding.cc +4 -4
  655. data/src/core/lib/transport/transport.cc +5 -3
  656. data/src/core/lib/transport/transport.h +8 -8
  657. data/src/core/lib/uri/uri_parser.cc +131 -249
  658. data/src/core/lib/uri/uri_parser.h +57 -21
  659. data/src/core/plugin_registry/grpc_plugin_registry.cc +41 -20
  660. data/src/core/tsi/alts/crypt/gsec.cc +5 -4
  661. data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
  662. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  663. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +27 -26
  664. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
  665. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
  666. data/src/core/tsi/fake_transport_security.cc +6 -3
  667. data/src/core/tsi/local_transport_security.cc +5 -1
  668. data/src/core/tsi/local_transport_security.h +6 -7
  669. data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
  670. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  671. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
  672. data/src/core/tsi/ssl_transport_security.cc +78 -58
  673. data/src/core/tsi/ssl_transport_security.h +9 -6
  674. data/src/core/tsi/transport_security.cc +10 -8
  675. data/src/core/tsi/transport_security_interface.h +1 -1
  676. data/src/ruby/ext/grpc/extconf.rb +1 -1
  677. data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
  678. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
  679. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
  680. data/src/ruby/lib/grpc/version.rb +1 -1
  681. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +28 -0
  682. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
  683. data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
  684. data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
  685. data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
  686. data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
  687. data/third_party/abseil-cpp/absl/base/casts.h +9 -6
  688. data/third_party/abseil-cpp/absl/base/config.h +60 -17
  689. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
  690. data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
  691. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
  692. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
  693. data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
  694. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
  695. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
  696. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
  697. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
  698. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
  699. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
  700. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
  701. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
  702. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
  703. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
  704. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
  705. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
  706. data/third_party/abseil-cpp/absl/base/macros.h +36 -109
  707. data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
  708. data/third_party/abseil-cpp/absl/base/options.h +31 -4
  709. data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
  710. data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
  711. data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
  712. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
  713. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
  714. data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
  715. data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
  716. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
  717. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
  718. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
  719. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
  720. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
  721. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
  722. data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
  723. data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
  724. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
  725. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
  726. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
  727. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
  728. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
  729. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
  730. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
  731. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
  732. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
  733. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
  734. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
  735. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
  736. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
  737. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
  738. data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
  739. data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
  740. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
  741. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
  742. data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
  743. data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
  744. data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
  745. data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
  746. data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
  747. data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
  748. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
  749. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
  750. data/third_party/abseil-cpp/absl/status/status.cc +4 -6
  751. data/third_party/abseil-cpp/absl/status/status.h +502 -113
  752. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
  753. data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
  754. data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
  755. data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
  756. data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
  757. data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
  758. data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
  759. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
  760. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
  761. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
  762. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
  763. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
  764. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
  765. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
  766. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
  767. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
  768. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
  769. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
  770. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
  771. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
  772. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
  773. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
  774. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
  775. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
  776. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
  777. data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
  778. data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
  779. data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
  780. data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
  781. data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
  782. data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
  783. data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
  784. data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
  785. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
  786. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
  787. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
  788. data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
  789. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
  790. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
  791. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
  792. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
  793. data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
  794. data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
  795. data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
  796. data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
  797. data/third_party/abseil-cpp/absl/time/format.cc +43 -36
  798. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
  799. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
  800. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
  801. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
  802. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
  803. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
  804. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
  805. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
  806. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
  807. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
  808. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
  809. data/third_party/abseil-cpp/absl/time/time.h +15 -16
  810. data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
  811. data/third_party/abseil-cpp/absl/types/optional.h +9 -9
  812. data/third_party/abseil-cpp/absl/types/span.h +49 -36
  813. data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
  814. data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
  815. data/third_party/boringssl-with-bazel/err_data.c +469 -463
  816. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -6
  817. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
  818. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
  819. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
  820. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
  821. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
  822. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
  823. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
  824. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
  825. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
  826. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
  827. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +56 -22
  828. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
  829. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +98 -11
  830. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +51 -6
  831. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
  832. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
  833. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
  834. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
  835. data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
  836. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
  837. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
  838. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
  839. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +7 -2
  840. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +21 -18
  841. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
  842. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +24 -3
  843. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
  844. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
  845. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +3 -3
  846. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
  847. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +13 -2
  848. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
  849. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
  850. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +2 -2
  851. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
  852. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
  853. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
  854. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
  855. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
  856. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +7 -3
  857. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +2 -2
  858. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
  859. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
  860. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
  861. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -1
  862. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
  863. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
  864. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -1
  865. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +6 -3
  866. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
  867. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +6 -0
  868. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
  869. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
  870. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +12 -0
  871. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +9 -0
  872. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +4 -1
  873. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
  874. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
  875. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +64 -3
  876. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
  877. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
  878. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +188 -78
  879. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +482 -432
  880. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
  881. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
  882. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +18 -18
  883. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -3
  884. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
  885. data/third_party/boringssl-with-bazel/src/ssl/internal.h +45 -10
  886. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
  887. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
  888. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
  889. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
  890. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
  891. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
  892. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +57 -19
  893. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +135 -41
  894. data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
  895. data/third_party/upb/upb/decode.c +248 -167
  896. data/third_party/upb/upb/decode.h +20 -1
  897. data/third_party/upb/upb/decode.int.h +163 -0
  898. data/third_party/upb/upb/decode_fast.c +1040 -0
  899. data/third_party/upb/upb/decode_fast.h +126 -0
  900. data/third_party/upb/upb/def.c +2178 -0
  901. data/third_party/upb/upb/def.h +315 -0
  902. data/third_party/upb/upb/def.hpp +439 -0
  903. data/third_party/upb/upb/encode.c +227 -169
  904. data/third_party/upb/upb/encode.h +27 -2
  905. data/third_party/upb/upb/json_decode.c +1443 -0
  906. data/third_party/upb/upb/json_decode.h +23 -0
  907. data/third_party/upb/upb/json_encode.c +713 -0
  908. data/third_party/upb/upb/json_encode.h +36 -0
  909. data/third_party/upb/upb/msg.c +167 -88
  910. data/third_party/upb/upb/msg.h +174 -34
  911. data/third_party/upb/upb/port_def.inc +74 -61
  912. data/third_party/upb/upb/port_undef.inc +3 -7
  913. data/third_party/upb/upb/reflection.c +408 -0
  914. data/third_party/upb/upb/reflection.h +168 -0
  915. data/third_party/upb/upb/table.c +34 -197
  916. data/third_party/upb/upb/table.int.h +14 -5
  917. data/third_party/upb/upb/text_encode.c +421 -0
  918. data/third_party/upb/upb/text_encode.h +38 -0
  919. data/third_party/upb/upb/upb.c +18 -41
  920. data/third_party/upb/upb/upb.h +36 -7
  921. data/third_party/upb/upb/upb.hpp +4 -4
  922. data/third_party/upb/upb/upb.int.h +29 -0
  923. metadata +291 -57
  924. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
  925. data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
  926. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
  927. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
  928. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
  929. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
  930. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
  931. data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
  932. data/src/core/ext/xds/xds_channel.h +0 -46
  933. data/src/core/ext/xds/xds_channel_secure.cc +0 -103
  934. data/src/core/lib/gprpp/map.h +0 -53
  935. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
  936. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
  937. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
  938. data/third_party/upb/upb/port.c +0 -26
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c CHANGED
@@ -122,6 +122,8 @@ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, uint8_t *out, size_t len) {
122
122
 
123
123
  uint32_t EVP_MD_meth_get_flags(const EVP_MD *md) { return EVP_MD_flags(md); }
124
124
 
125
+ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) {}
126
+
125
127
  int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) {
126
128
  // |in->digest| may be NULL if this is a signing |EVP_MD_CTX| for, e.g.,
127
129
  // Ed25519 which does not hash with |EVP_MD_CTX|.
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h CHANGED
@@ -108,6 +108,10 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(uint8_t *out, size_t *out_len,
108
108
  int RSA_padding_add_none(uint8_t *to, size_t to_len, const uint8_t *from,
109
109
  size_t from_len);
110
110
 
111
+ // rsa_check_public_key checks that |rsa|'s public modulus and exponent are
112
+ // within DoS bounds.
113
+ int rsa_check_public_key(const RSA *rsa);
114
+
111
115
  // RSA_private_transform calls either the method-specific |private_transform|
112
116
  // function (if given) or the generic one. See the comment for
113
117
  // |private_transform| in |rsa_meth_st|.
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c CHANGED
@@ -661,6 +661,9 @@ static int check_mod_inverse(int *out_ok, const BIGNUM *a, const BIGNUM *ainv,
661
661
  return 1;
662
662
  }
663
663
 
664
+ // Note |bn_mul_consttime| and |bn_div_consttime| do not scale linearly, but
665
+ // checking |ainv| is in range bounds the running time, assuming |m|'s bounds
666
+ // were checked by the caller.
664
667
  BN_CTX_start(ctx);
665
668
  BIGNUM *tmp = BN_CTX_get(ctx);
666
669
  int ret = tmp != NULL &&
@@ -674,22 +677,35 @@ static int check_mod_inverse(int *out_ok, const BIGNUM *a, const BIGNUM *ainv,
674
677
  }
675
678
 
676
679
  int RSA_check_key(const RSA *key) {
680
+ // TODO(davidben): RSA key initialization is spread across
681
+ // |rsa_check_public_key|, |RSA_check_key|, |freeze_private_key|, and
682
+ // |BN_MONT_CTX_set_locked| as a result of API issues. See
683
+ // https://crbug.com/boringssl/316. As a result, we inconsistently check RSA
684
+ // invariants. We should fix this and integrate that logic.
685
+
677
686
  if (RSA_is_opaque(key)) {
678
687
  // Opaque keys can't be checked.
679
688
  return 1;
680
689
  }
681
690
 
691
+ if (!rsa_check_public_key(key)) {
692
+ return 0;
693
+ }
694
+
682
695
  if ((key->p != NULL) != (key->q != NULL)) {
683
696
  OPENSSL_PUT_ERROR(RSA, RSA_R_ONLY_ONE_OF_P_Q_GIVEN);
684
697
  return 0;
685
698
  }
686
699
 
687
- if (!key->n || !key->e) {
688
- OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
700
+ // |key->d| must be bounded by |key->n|. This ensures bounds on |RSA_bits|
701
+ // translate to bounds on the running time of private key operations.
702
+ if (key->d != NULL &&
703
+ (BN_is_negative(key->d) || BN_cmp(key->d, key->n) >= 0)) {
704
+ OPENSSL_PUT_ERROR(RSA, RSA_R_D_OUT_OF_RANGE);
689
705
  return 0;
690
706
  }
691
707
 
692
- if (!key->d || !key->p) {
708
+ if (key->d == NULL || key->p == NULL) {
693
709
  // For a public key, or without p and q, there's nothing that can be
694
710
  // checked.
695
711
  return 1;
@@ -709,24 +725,28 @@ int RSA_check_key(const RSA *key) {
709
725
  BN_init(&qm1);
710
726
  BN_init(&dmp1);
711
727
  BN_init(&dmq1);
728
+
729
+ // Check that p * q == n. Before we multiply, we check that p and q are in
730
+ // bounds, to avoid a DoS vector in |bn_mul_consttime| below. Note that
731
+ // n was bound by |rsa_check_public_key|.
732
+ if (BN_is_negative(key->p) || BN_cmp(key->p, key->n) >= 0 ||
733
+ BN_is_negative(key->q) || BN_cmp(key->q, key->n) >= 0) {
734
+ OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q);
735
+ goto out;
736
+ }
712
737
  if (!bn_mul_consttime(&tmp, key->p, key->q, ctx)) {
713
738
  OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);
714
739
  goto out;
715
740
  }
716
-
717
741
  if (BN_cmp(&tmp, key->n) != 0) {
718
742
  OPENSSL_PUT_ERROR(RSA, RSA_R_N_NOT_EQUAL_P_Q);
719
743
  goto out;
720
744
  }
721
745
 
722
- if (BN_is_negative(key->d) || BN_cmp(key->d, key->n) >= 0) {
723
- OPENSSL_PUT_ERROR(RSA, RSA_R_D_OUT_OF_RANGE);
724
- goto out;
725
- }
726
-
727
746
  // d must be an inverse of e mod the Carmichael totient, lcm(p-1, q-1), but it
728
747
  // may be unreduced because other implementations use the Euler totient. We
729
- // simply check that d * e is one mod p-1 and mod q-1.
748
+ // simply check that d * e is one mod p-1 and mod q-1. Note d and e were bound
749
+ // by earlier checks in this function.
730
750
  if (!bn_usub_consttime(&pm1, key->p, BN_value_one()) ||
731
751
  !bn_usub_consttime(&qm1, key->q, BN_value_one()) ||
732
752
  !bn_mul_consttime(&de, key->d, key->e, ctx) ||
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c CHANGED
@@ -73,7 +73,12 @@
73
73
  #include "../rand/fork_detect.h"
74
74
 
75
75
 
76
- static int check_modulus_and_exponent_sizes(const RSA *rsa) {
76
+ int rsa_check_public_key(const RSA *rsa) {
77
+ if (rsa->n == NULL || rsa->e == NULL) {
78
+ OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
79
+ return 0;
80
+ }
81
+
77
82
  unsigned rsa_bits = BN_num_bits(rsa->n);
78
83
 
79
84
  if (rsa_bits > 16 * 1024) {
@@ -253,8 +258,7 @@ size_t rsa_default_size(const RSA *rsa) {
253
258
 
254
259
  int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
255
260
  const uint8_t *in, size_t in_len, int padding) {
256
- if (rsa->n == NULL || rsa->e == NULL) {
257
- OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
261
+ if (!rsa_check_public_key(rsa)) {
258
262
  return 0;
259
263
  }
260
264
 
@@ -269,10 +273,6 @@ int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
269
273
  return 0;
270
274
  }
271
275
 
272
- if (!check_modulus_and_exponent_sizes(rsa)) {
273
- return 0;
274
- }
275
-
276
276
  ctx = BN_CTX_new();
277
277
  if (ctx == NULL) {
278
278
  goto err;
@@ -592,8 +592,7 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
592
592
 
593
593
  int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
594
594
  const uint8_t *in, size_t in_len, int padding) {
595
- if (rsa->n == NULL || rsa->e == NULL) {
596
- OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
595
+ if (!rsa_check_public_key(rsa)) {
597
596
  return 0;
598
597
  }
599
598
 
@@ -610,10 +609,6 @@ int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
610
609
  return 0;
611
610
  }
612
611
 
613
- if (!check_modulus_and_exponent_sizes(rsa)) {
614
- return 0;
615
- }
616
-
617
612
  BN_CTX *ctx = BN_CTX_new();
618
613
  if (ctx == NULL) {
619
614
  return 0;
@@ -938,20 +933,57 @@ static int ensure_bignum(BIGNUM **out) {
938
933
  return *out != NULL;
939
934
  }
940
935
 
941
- // kBoringSSLRSASqrtTwo is the BIGNUM representation of ⌊2¹⁵³⁵×√2⌋. This is
942
- // chosen to give enough precision for 3072-bit RSA, the largest key size FIPS
936
+ // kBoringSSLRSASqrtTwo is the BIGNUM representation of ⌊2²⁰⁴⁷×√2⌋. This is
937
+ // chosen to give enough precision for 4096-bit RSA, the largest key size FIPS
943
938
  // specifies. Key sizes beyond this will round up.
944
939
  //
945
- // To verify this number, check that < 2³⁰⁷¹ < (n+1)², where n is value
940
+ // To calculate, use the following Haskell code:
941
+ //
942
+ // import Text.Printf (printf)
943
+ // import Data.List (intercalate)
944
+ //
945
+ // pow2 = 4095
946
+ // target = 2^pow2
947
+ //
948
+ // f x = x*x - (toRational target)
949
+ //
950
+ // fprime x = 2*x
951
+ //
952
+ // newtonIteration x = x - (f x) / (fprime x)
953
+ //
954
+ // converge x =
955
+ // let n = floor x in
956
+ // if n*n - target < 0 && (n+1)*(n+1) - target > 0
957
+ // then n
958
+ // else converge (newtonIteration x)
959
+ //
960
+ // divrem bits x = (x `div` (2^bits), x `rem` (2^bits))
961
+ //
962
+ // bnWords :: Integer -> [Integer]
963
+ // bnWords x =
964
+ // if x == 0
965
+ // then []
966
+ // else let (high, low) = divrem 64 x in low : bnWords high
967
+ //
968
+ // showWord x = let (high, low) = divrem 32 x in printf "TOBN(0x%08x, 0x%08x)" high low
969
+ //
970
+ // output :: String
971
+ // output = intercalate ", " $ map showWord $ bnWords $ converge (2 ^ (pow2 `div` 2))
972
+ //
973
+ // To verify this number, check that n² < 2⁴⁰⁹⁵ < (n+1)², where n is value
946
974
  // represented here. Note the components are listed in little-endian order. Here
947
975
  // is some sample Python code to check:
948
976
  //
949
977
  // >>> TOBN = lambda a, b: a << 32 | b
950
978
  // >>> l = [ <paste the contents of kSqrtTwo> ]
951
979
  // >>> n = sum(a * 2**(64*i) for i, a in enumerate(l))
952
- // >>> n**2 < 2**3071 < (n+1)**2
980
+ // >>> n**2 < 2**4095 < (n+1)**2
953
981
  // True
954
982
  const BN_ULONG kBoringSSLRSASqrtTwo[] = {
983
+ TOBN(0x4d7c60a5, 0xe633e3e1), TOBN(0x5fcf8f7b, 0xca3ea33b),
984
+ TOBN(0xc246785e, 0x92957023), TOBN(0xf9acce41, 0x797f2805),
985
+ TOBN(0xfdfe170f, 0xd3b1f780), TOBN(0xd24f4a76, 0x3facb882),
986
+ TOBN(0x18838a2e, 0xaff5f3b2), TOBN(0xc1fcbdde, 0xa2f7dc33),
955
987
  TOBN(0xdea06241, 0xf7aa81c2), TOBN(0xf6a1be3f, 0xca221307),
956
988
  TOBN(0x332a5e9f, 0x7bda1ebf), TOBN(0x0104dc01, 0xfe32352f),
957
989
  TOBN(0xb8cf341b, 0x6f8236c7), TOBN(0x4264dabc, 0xd528b651),
@@ -1121,8 +1153,8 @@ static int rsa_generate_key_impl(RSA *rsa, int bits, const BIGNUM *e_value,
1121
1153
 
1122
1154
  // Reject excessively large public exponents. Windows CryptoAPI and Go don't
1123
1155
  // support values larger than 32 bits, so match their limits for generating
1124
- // keys. (|check_modulus_and_exponent_sizes| uses a slightly more conservative
1125
- // value, but we don't need to support generating such keys.)
1156
+ // keys. (|rsa_check_public_key| uses a slightly more conservative value, but
1157
+ // we don't need to support generating such keys.)
1126
1158
  // https://github.com/golang/go/issues/3161
1127
1159
  // https://msdn.microsoft.com/en-us/library/aa387685(VS.85).aspx
1128
1160
  if (BN_num_bits(e_value) > 32) {
@@ -1172,13 +1204,13 @@ static int rsa_generate_key_impl(RSA *rsa, int bits, const BIGNUM *e_value,
1172
1204
  int sqrt2_bits = kBoringSSLRSASqrtTwoLen * BN_BITS2;
1173
1205
  assert(sqrt2_bits == (int)BN_num_bits(sqrt2));
1174
1206
  if (sqrt2_bits > prime_bits) {
1175
- // For key sizes up to 3072 (prime_bits = 1536), this is exactly
1207
+ // For key sizes up to 4096 (prime_bits = 2048), this is exactly
1176
1208
  // ⌊2^(prime_bits-1)×√2⌋.
1177
1209
  if (!BN_rshift(sqrt2, sqrt2, sqrt2_bits - prime_bits)) {
1178
1210
  goto bn_err;
1179
1211
  }
1180
1212
  } else if (prime_bits > sqrt2_bits) {
1181
- // For key sizes beyond 3072, this is approximate. We err towards retrying
1213
+ // For key sizes beyond 4096, this is approximate. We err towards retrying
1182
1214
  // to ensure our key is the right size and round up.
1183
1215
  if (!BN_add_word(sqrt2, 1) ||
1184
1216
  !BN_lshift(sqrt2, sqrt2, prime_bits - sqrt2_bits)) {
@@ -1335,7 +1367,9 @@ int RSA_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e_value,
1335
1367
  int RSA_generate_key_fips(RSA *rsa, int bits, BN_GENCB *cb) {
1336
1368
  // FIPS 186-4 allows 2048-bit and 3072-bit RSA keys (1024-bit and 1536-bit
1337
1369
  // primes, respectively) with the prime generation method we use.
1338
- if (bits != 2048 && bits != 3072) {
1370
+ // Subsequently, IG A.14 stated that larger modulus sizes can be used and ACVP
1371
+ // testing supports 4096 bits.
1372
+ if (bits != 2048 && bits != 3072 && bits != 4096) {
1339
1373
  OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
1340
1374
  return 0;
1341
1375
  }
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c CHANGED
@@ -611,7 +611,7 @@ int boringssl_fips_self_test(
611
611
  goto err;
612
612
  }
613
613
 
614
- // ECDSA Sign/Verify PWCT
614
+ // ECDSA Sign/Verify KAT
615
615
 
616
616
  // The 'k' value for ECDSA is fixed to avoid an entropy draw.
617
617
  ec_key->fixed_k = BN_new();
@@ -632,7 +632,13 @@ int boringssl_fips_self_test(
632
632
  !BN_bn2bin(sig->s, ecdsa_s_bytes) ||
633
633
  !check_test(kECDSASigR, ecdsa_r_bytes, sizeof(kECDSASigR), "ECDSA R") ||
634
634
  !check_test(kECDSASigS, ecdsa_s_bytes, sizeof(kECDSASigS), "ECDSA S")) {
635
- fprintf(stderr, "ECDSA KAT failed.\n");
635
+ fprintf(stderr, "ECDSA signature KAT failed.\n");
636
+ goto err;
637
+ }
638
+
639
+ if (!ECDSA_do_verify(kPlaintextSHA256, sizeof(kPlaintextSHA256), sig,
640
+ ec_key)) {
641
+ fprintf(stderr, "ECDSA verification KAT failed.\n");
636
642
  goto err;
637
643
  }
638
644
 
data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c CHANGED
@@ -38,6 +38,7 @@
38
38
  #define HPKE_SUITE_ID_LEN 10
39
39
 
40
40
  #define HPKE_MODE_BASE 0
41
+ #define HPKE_MODE_PSK 1
41
42
 
42
43
  static const char kHpkeRfcId[] = "HPKE-05 ";
43
44
 
@@ -115,7 +116,7 @@ static int hpke_extract_and_expand(const EVP_MD *hkdf_md, uint8_t *out_key,
115
116
  X25519_PUBLIC_VALUE_LEN)) {
116
117
  return 0;
117
118
  }
118
- const char kPRKExpandLabel[] = "shared_secret";
119
+ static const char kPRKExpandLabel[] = "shared_secret";
119
120
  if (!hpke_labeled_expand(hkdf_md, out_key, out_len, prk, prk_len,
120
121
  kX25519SuiteID, sizeof(kX25519SuiteID),
121
122
  kPRKExpandLabel, kem_context, KEM_CONTEXT_LEN)) {
@@ -150,9 +151,28 @@ static const EVP_MD *hpke_get_kdf(uint16_t kdf_id) {
150
151
  return NULL;
151
152
  }
152
153
 
153
- static int hpke_key_schedule(EVP_HPKE_CTX *hpke, const uint8_t *shared_secret,
154
+ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, uint8_t mode,
155
+ const uint8_t *shared_secret,
154
156
  size_t shared_secret_len, const uint8_t *info,
155
- size_t info_len) {
157
+ size_t info_len, const uint8_t *psk,
158
+ size_t psk_len, const uint8_t *psk_id,
159
+ size_t psk_id_len) {
160
+ // Verify the PSK inputs.
161
+ switch (mode) {
162
+ case HPKE_MODE_BASE:
163
+ // This is an internal error, unreachable from the caller.
164
+ assert(psk_len == 0 && psk_id_len == 0);
165
+ break;
166
+ case HPKE_MODE_PSK:
167
+ if (psk_len == 0 || psk_id_len == 0) {
168
+ OPENSSL_PUT_ERROR(EVP, EVP_R_EMPTY_PSK);
169
+ return 0;
170
+ }
171
+ break;
172
+ default:
173
+ return 0;
174
+ }
175
+
156
176
  // Attempt to get an EVP_AEAD*.
157
177
  const EVP_AEAD *aead = hpke_get_aead(hpke->aead_id);
158
178
  if (aead == NULL) {
@@ -170,7 +190,7 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, const uint8_t *shared_secret,
170
190
  size_t psk_id_hash_len;
171
191
  if (!hpke_labeled_extract(hpke->hkdf_md, psk_id_hash, &psk_id_hash_len, NULL,
172
192
  0, suite_id, sizeof(suite_id), kPskIdHashLabel,
173
- NULL, 0)) {
193
+ psk_id, psk_id_len)) {
174
194
  return 0;
175
195
  }
176
196
 
@@ -189,7 +209,7 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, const uint8_t *shared_secret,
189
209
  size_t context_len;
190
210
  CBB context_cbb;
191
211
  if (!CBB_init_fixed(&context_cbb, context, sizeof(context)) ||
192
- !CBB_add_u8(&context_cbb, HPKE_MODE_BASE) ||
212
+ !CBB_add_u8(&context_cbb, mode) ||
193
213
  !CBB_add_bytes(&context_cbb, psk_id_hash, psk_id_hash_len) ||
194
214
  !CBB_add_bytes(&context_cbb, info_hash, info_hash_len) ||
195
215
  !CBB_finish(&context_cbb, NULL, &context_len)) {
@@ -201,8 +221,8 @@ static int hpke_key_schedule(EVP_HPKE_CTX *hpke, const uint8_t *shared_secret,
201
221
  uint8_t psk_hash[EVP_MAX_MD_SIZE];
202
222
  size_t psk_hash_len;
203
223
  if (!hpke_labeled_extract(hpke->hkdf_md, psk_hash, &psk_hash_len, NULL, 0,
204
- suite_id, sizeof(suite_id), kPskHashLabel, NULL,
205
- 0)) {
224
+ suite_id, sizeof(suite_id), kPskHashLabel, psk,
225
+ psk_len)) {
206
226
  return 0;
207
227
  }
208
228
 
@@ -338,8 +358,9 @@ int EVP_HPKE_CTX_setup_base_s_x25519_for_test(
338
358
  uint8_t shared_secret[SHA256_DIGEST_LENGTH];
339
359
  if (!hpke_encap(hpke, shared_secret, peer_public_value, ephemeral_private,
340
360
  ephemeral_public) ||
341
- !hpke_key_schedule(hpke, shared_secret, sizeof(shared_secret), info,
342
- info_len)) {
361
+ !hpke_key_schedule(hpke, HPKE_MODE_BASE, shared_secret,
362
+ sizeof(shared_secret), info, info_len, NULL, 0, NULL,
363
+ 0)) {
343
364
  return 0;
344
365
  }
345
366
  return 1;
@@ -360,8 +381,74 @@ int EVP_HPKE_CTX_setup_base_r_x25519(
360
381
  }
361
382
  uint8_t shared_secret[SHA256_DIGEST_LENGTH];
362
383
  if (!hpke_decap(hpke, shared_secret, enc, public_key, private_key) ||
363
- !hpke_key_schedule(hpke, shared_secret, sizeof(shared_secret), info,
364
- info_len)) {
384
+ !hpke_key_schedule(hpke, HPKE_MODE_BASE, shared_secret,
385
+ sizeof(shared_secret), info, info_len, NULL, 0, NULL,
386
+ 0)) {
387
+ return 0;
388
+ }
389
+ return 1;
390
+ }
391
+
392
+ int EVP_HPKE_CTX_setup_psk_s_x25519(
393
+ EVP_HPKE_CTX *hpke, uint8_t out_enc[X25519_PUBLIC_VALUE_LEN],
394
+ uint16_t kdf_id, uint16_t aead_id,
395
+ const uint8_t peer_public_value[X25519_PUBLIC_VALUE_LEN],
396
+ const uint8_t *info, size_t info_len, const uint8_t *psk, size_t psk_len,
397
+ const uint8_t *psk_id, size_t psk_id_len) {
398
+ // The GenerateKeyPair() step technically belongs in the KEM's Encap()
399
+ // function, but we've moved it up a layer to make it easier for tests to
400
+ // inject an ephemeral keypair.
401
+ uint8_t ephemeral_private[X25519_PRIVATE_KEY_LEN];
402
+ X25519_keypair(out_enc, ephemeral_private);
403
+ return EVP_HPKE_CTX_setup_psk_s_x25519_for_test(
404
+ hpke, kdf_id, aead_id, peer_public_value, info, info_len, psk, psk_len,
405
+ psk_id, psk_id_len, ephemeral_private, out_enc);
406
+ }
407
+
408
+ int EVP_HPKE_CTX_setup_psk_s_x25519_for_test(
409
+ EVP_HPKE_CTX *hpke, uint16_t kdf_id, uint16_t aead_id,
410
+ const uint8_t peer_public_value[X25519_PUBLIC_VALUE_LEN],
411
+ const uint8_t *info, size_t info_len, const uint8_t *psk, size_t psk_len,
412
+ const uint8_t *psk_id, size_t psk_id_len,
413
+ const uint8_t ephemeral_private[X25519_PRIVATE_KEY_LEN],
414
+ const uint8_t ephemeral_public[X25519_PUBLIC_VALUE_LEN]) {
415
+ hpke->is_sender = 1;
416
+ hpke->kdf_id = kdf_id;
417
+ hpke->aead_id = aead_id;
418
+ hpke->hkdf_md = hpke_get_kdf(kdf_id);
419
+ if (hpke->hkdf_md == NULL) {
420
+ return 0;
421
+ }
422
+ uint8_t shared_secret[SHA256_DIGEST_LENGTH];
423
+ if (!hpke_encap(hpke, shared_secret, peer_public_value, ephemeral_private,
424
+ ephemeral_public) ||
425
+ !hpke_key_schedule(hpke, HPKE_MODE_PSK, shared_secret,
426
+ sizeof(shared_secret), info, info_len, psk, psk_len,
427
+ psk_id, psk_id_len)) {
428
+ return 0;
429
+ }
430
+ return 1;
431
+ }
432
+
433
+ int EVP_HPKE_CTX_setup_psk_r_x25519(
434
+ EVP_HPKE_CTX *hpke, uint16_t kdf_id, uint16_t aead_id,
435
+ const uint8_t enc[X25519_PUBLIC_VALUE_LEN],
436
+ const uint8_t public_key[X25519_PUBLIC_VALUE_LEN],
437
+ const uint8_t private_key[X25519_PRIVATE_KEY_LEN], const uint8_t *info,
438
+ size_t info_len, const uint8_t *psk, size_t psk_len, const uint8_t *psk_id,
439
+ size_t psk_id_len) {
440
+ hpke->is_sender = 0;
441
+ hpke->kdf_id = kdf_id;
442
+ hpke->aead_id = aead_id;
443
+ hpke->hkdf_md = hpke_get_kdf(kdf_id);
444
+ if (hpke->hkdf_md == NULL) {
445
+ return 0;
446
+ }
447
+ uint8_t shared_secret[SHA256_DIGEST_LENGTH];
448
+ if (!hpke_decap(hpke, shared_secret, enc, public_key, private_key) ||
449
+ !hpke_key_schedule(hpke, HPKE_MODE_PSK, shared_secret,
450
+ sizeof(shared_secret), info, info_len, psk, psk_len,
451
+ psk_id, psk_id_len)) {
365
452
  return 0;
366
453
  }
367
454
  return 1;
data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h CHANGED
@@ -27,9 +27,10 @@ extern "C" {
27
27
  // Hybrid Public Key Encryption.
28
28
  //
29
29
  // Hybrid Public Key Encryption (HPKE) enables a sender to encrypt messages to a
30
- // receiver with a public key.
30
+ // receiver with a public key. Optionally, the sender may authenticate its
31
+ // possession of a pre-shared key to the recipient.
31
32
  //
32
- // See https://tools.ietf.org/html/draft-irtf-cfrg-hpke-04.
33
+ // See https://tools.ietf.org/html/draft-irtf-cfrg-hpke-05.
33
34
 
34
35
  // EVP_HPKE_AEAD_* are AEAD identifiers.
35
36
  #define EVP_HPKE_AEAD_AES_GCM_128 0x0001
@@ -78,13 +79,11 @@ OPENSSL_EXPORT void EVP_HPKE_CTX_cleanup(EVP_HPKE_CTX *ctx);
78
79
  // must be one of the |EVP_HPKE_HKDF_*| constants. |aead_id| selects the AEAD
79
80
  // for the "open" and "seal" operations and must be one of the |EVP_HPKE_AEAD_*"
80
81
  // constants."
81
- //
82
- // See https://www.ietf.org/id/draft-irtf-cfrg-hpke-04.html#section-5.1.1.
83
82
 
84
83
  // EVP_HPKE_CTX_setup_base_s_x25519 sets up |hpke| as a sender context that can
85
84
  // encrypt for the private key corresponding to |peer_public_value| (the
86
85
  // recipient's public key). It returns one on success, and zero otherwise. Note
87
- // that this function may fail if |peer_public_value| is invalid.
86
+ // that this function will fail if |peer_public_value| is invalid.
88
87
  //
89
88
  // This function writes the encapsulated shared secret to |out_enc|.
90
89
  OPENSSL_EXPORT int EVP_HPKE_CTX_setup_base_s_x25519(
@@ -106,7 +105,7 @@ OPENSSL_EXPORT int EVP_HPKE_CTX_setup_base_s_x25519_for_test(
106
105
  // EVP_HPKE_CTX_setup_base_r_x25519 sets up |hpke| as a recipient context that
107
106
  // can decrypt messages. |private_key| is the recipient's private key, and |enc|
108
107
  // is the encapsulated shared secret from the sender. Note that this function
109
- // may fail if |enc| is invalid.
108
+ // will fail if |enc| is invalid.
110
109
  OPENSSL_EXPORT int EVP_HPKE_CTX_setup_base_r_x25519(
111
110
  EVP_HPKE_CTX *hpke, uint16_t kdf_id, uint16_t aead_id,
112
111
  const uint8_t enc[X25519_PUBLIC_VALUE_LEN],
@@ -114,6 +113,52 @@ OPENSSL_EXPORT int EVP_HPKE_CTX_setup_base_r_x25519(
114
113
  const uint8_t private_key[X25519_PRIVATE_KEY_LEN], const uint8_t *info,
115
114
  size_t info_len);
116
115
 
116
+ // EVP_HPKE_CTX_setup_psk_s_x25519 sets up |hpke| as a sender context that can
117
+ // encrypt for the private key corresponding to |peer_public_value| (the
118
+ // recipient's public key) and authenticate its possession of a PSK. It returns
119
+ // one on success, and zero otherwise. Note that this function will fail if
120
+ // |peer_public_value| is invalid.
121
+ //
122
+ // The PSK and its ID must be provided in |psk| and |psk_id|, respectively. Both
123
+ // must be nonempty (|psk_len| and |psk_id_len| must be non-zero), or this
124
+ // function will fail.
125
+ //
126
+ // This function writes the encapsulated shared secret to |out_enc|.
127
+ OPENSSL_EXPORT int EVP_HPKE_CTX_setup_psk_s_x25519(
128
+ EVP_HPKE_CTX *hpke, uint8_t out_enc[X25519_PUBLIC_VALUE_LEN],
129
+ uint16_t kdf_id, uint16_t aead_id,
130
+ const uint8_t peer_public_value[X25519_PUBLIC_VALUE_LEN],
131
+ const uint8_t *info, size_t info_len, const uint8_t *psk, size_t psk_len,
132
+ const uint8_t *psk_id, size_t psk_id_len);
133
+
134
+ // EVP_HPKE_CTX_setup_psk_s_x25519_for_test behaves like
135
+ // |EVP_HPKE_CTX_setup_psk_s_x25519|, but takes a pre-generated ephemeral sender
136
+ // key.
137
+ OPENSSL_EXPORT int EVP_HPKE_CTX_setup_psk_s_x25519_for_test(
138
+ EVP_HPKE_CTX *hpke, uint16_t kdf_id, uint16_t aead_id,
139
+ const uint8_t peer_public_value[X25519_PUBLIC_VALUE_LEN],
140
+ const uint8_t *info, size_t info_len, const uint8_t *psk, size_t psk_len,
141
+ const uint8_t *psk_id, size_t psk_id_len,
142
+ const uint8_t ephemeral_private[X25519_PRIVATE_KEY_LEN],
143
+ const uint8_t ephemeral_public[X25519_PUBLIC_VALUE_LEN]);
144
+
145
+ // EVP_HPKE_CTX_setup_psk_r_x25519 sets up |hpke| as a recipient context that
146
+ // can decrypt messages. Future open (decrypt) operations will fail if the
147
+ // sender does not possess the PSK indicated by |psk| and |psk_id|.
148
+ // |private_key| is the recipient's private key, and |enc| is the encapsulated
149
+ // shared secret from the sender. If |enc| is invalid, this function will fail.
150
+ //
151
+ // The PSK and its ID must be provided in |psk| and |psk_id|, respectively. Both
152
+ // must be nonempty (|psk_len| and |psk_id_len| must be non-zero), or this
153
+ // function will fail.
154
+ OPENSSL_EXPORT int EVP_HPKE_CTX_setup_psk_r_x25519(
155
+ EVP_HPKE_CTX *hpke, uint16_t kdf_id, uint16_t aead_id,
156
+ const uint8_t enc[X25519_PUBLIC_VALUE_LEN],
157
+ const uint8_t public_key[X25519_PUBLIC_VALUE_LEN],
158
+ const uint8_t private_key[X25519_PRIVATE_KEY_LEN], const uint8_t *info,
159
+ size_t info_len, const uint8_t *psk, size_t psk_len, const uint8_t *psk_id,
160
+ size_t psk_id_len);
161
+
117
162
 
118
163
  // Using an HPKE context.
119
164