grpc 1.32.0 → 1.35.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (938) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1078 -3049
  3. data/etc/roots.pem +257 -573
  4. data/include/grpc/compression.h +1 -1
  5. data/include/grpc/grpc.h +15 -7
  6. data/include/grpc/grpc_security.h +222 -171
  7. data/include/grpc/impl/codegen/atm_windows.h +4 -0
  8. data/include/grpc/impl/codegen/byte_buffer.h +1 -1
  9. data/include/grpc/impl/codegen/grpc_types.h +10 -8
  10. data/include/grpc/impl/codegen/log.h +0 -2
  11. data/include/grpc/impl/codegen/port_platform.h +22 -55
  12. data/include/grpc/impl/codegen/sync_windows.h +4 -0
  13. data/include/grpc/slice_buffer.h +3 -3
  14. data/include/grpc/support/sync.h +3 -3
  15. data/include/grpc/support/time.h +7 -7
  16. data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
  17. data/src/core/ext/filters/client_channel/client_channel.cc +2776 -1529
  18. data/src/core/ext/filters/client_channel/client_channel.h +0 -4
  19. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  20. data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
  21. data/src/core/ext/filters/client_channel/config_selector.h +40 -8
  22. data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
  23. data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
  24. data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
  25. data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
  26. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +5 -6
  27. data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
  28. data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
  29. data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
  30. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
  31. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
  32. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
  33. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
  34. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +201 -190
  35. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
  36. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
  37. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
  38. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -4
  39. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +50 -20
  40. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
  41. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
  42. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
  43. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +341 -127
  44. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
  45. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +24 -0
  46. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +812 -0
  47. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
  48. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1262 -0
  49. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
  50. data/src/core/ext/filters/client_channel/resolver.cc +3 -1
  51. data/src/core/ext/filters/client_channel/resolver.h +4 -1
  52. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +9 -16
  53. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
  54. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
  55. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +454 -16
  56. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
  57. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +7 -10
  58. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +3 -3
  59. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
  60. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +34 -27
  61. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +618 -366
  62. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
  63. data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
  64. data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
  65. data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
  66. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
  67. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
  68. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
  69. data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
  70. data/src/core/ext/filters/client_channel/server_address.cc +80 -0
  71. data/src/core/ext/filters/client_channel/server_address.h +21 -36
  72. data/src/core/ext/filters/client_channel/service_config.cc +18 -13
  73. data/src/core/ext/filters/client_channel/service_config.h +8 -5
  74. data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
  75. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
  76. data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
  77. data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
  78. data/src/core/ext/filters/client_channel/subchannel.cc +51 -64
  79. data/src/core/ext/filters/client_channel/subchannel.h +14 -20
  80. data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
  81. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
  82. data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
  83. data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
  84. data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
  85. data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
  86. data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
  87. data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
  88. data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
  89. data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
  90. data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
  91. data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
  92. data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
  93. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
  94. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
  95. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
  96. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
  97. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +185 -79
  98. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
  99. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
  100. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
  101. data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
  102. data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
  103. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
  104. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
  105. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
  106. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
  107. data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
  108. data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
  109. data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
  110. data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
  111. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
  112. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
  113. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
  114. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -32
  115. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
  116. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
  117. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
  118. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +177 -99
  119. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +642 -202
  120. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
  121. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
  122. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +22 -22
  123. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +47 -21
  124. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
  125. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
  126. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
  127. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
  128. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -44
  129. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +200 -78
  130. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
  131. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
  132. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
  133. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
  134. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
  135. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
  136. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
  137. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
  138. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +39 -39
  139. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +157 -89
  140. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
  141. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
  142. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
  143. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
  144. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -1
  145. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
  146. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
  147. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
  148. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +36 -0
  149. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +92 -0
  150. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -13
  151. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
  152. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
  153. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
  154. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
  155. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
  156. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
  157. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
  158. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +46 -26
  159. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +179 -68
  160. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +39 -22
  161. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +149 -48
  162. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -2
  163. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
  164. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
  165. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
  166. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +7 -7
  167. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +38 -22
  168. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +321 -194
  169. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1228 -443
  170. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
  171. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
  172. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -3
  173. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
  174. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +132 -80
  175. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +516 -166
  176. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
  177. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +24 -25
  178. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +96 -71
  179. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -8
  180. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +46 -8
  181. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +71 -29
  182. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
  183. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
  184. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
  185. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
  186. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
  187. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +41 -31
  188. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +165 -64
  189. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -1
  190. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
  191. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -1
  192. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
  193. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -7
  194. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
  195. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -1
  196. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
  197. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
  198. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
  199. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
  200. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
  201. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
  202. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
  203. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
  204. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
  205. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
  206. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
  207. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -3
  208. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
  209. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
  210. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
  211. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
  212. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
  213. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
  214. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
  215. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
  216. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
  217. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
  218. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
  219. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
  220. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
  221. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
  222. data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
  223. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
  224. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
  225. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +34 -34
  226. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +142 -59
  227. data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
  228. data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
  229. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
  230. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
  231. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
  232. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
  233. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
  234. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
  235. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
  236. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
  237. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
  238. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
  239. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
  240. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
  241. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
  242. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
  243. data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
  244. data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
  245. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
  246. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
  247. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
  248. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
  249. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
  250. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
  251. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
  252. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
  253. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
  254. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
  255. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
  256. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
  257. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
  258. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
  259. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
  260. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
  261. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
  262. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
  263. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
  264. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.c +28 -0
  265. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +60 -0
  266. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +52 -0
  267. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +143 -0
  268. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +42 -0
  269. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +84 -0
  270. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +36 -0
  271. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +94 -0
  272. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +54 -0
  273. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +173 -0
  274. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +36 -0
  275. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +92 -0
  276. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
  277. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
  278. data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
  279. data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
  280. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
  281. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
  282. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
  283. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
  284. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
  285. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
  286. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
  287. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
  288. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
  289. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
  290. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
  291. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
  292. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
  293. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
  294. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
  295. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
  296. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
  297. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
  298. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
  299. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
  300. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
  301. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
  302. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
  303. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
  304. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
  305. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
  306. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
  307. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
  308. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
  309. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
  310. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
  311. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
  312. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
  313. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
  314. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
  315. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
  316. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
  317. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
  318. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
  319. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
  320. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
  321. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
  322. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
  323. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
  324. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
  325. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
  326. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
  327. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
  328. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
  329. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
  330. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
  331. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
  332. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
  333. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
  334. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
  335. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
  336. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
  337. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
  338. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
  339. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
  340. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
  341. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
  342. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
  343. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
  344. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
  345. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
  346. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
  347. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
  348. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
  349. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
  350. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
  351. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
  352. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
  353. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
  354. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
  355. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
  356. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
  357. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
  358. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
  359. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
  360. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
  361. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
  362. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
  363. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
  364. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
  365. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
  366. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
  367. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
  368. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
  369. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
  370. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
  371. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
  372. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
  373. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
  374. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
  375. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
  376. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
  377. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
  378. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
  379. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
  380. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
  381. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
  382. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
  383. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
  384. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
  385. data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
  386. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
  387. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
  388. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
  389. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
  390. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
  391. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
  392. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
  393. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
  394. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
  395. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
  396. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
  397. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
  398. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
  399. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
  400. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
  401. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
  402. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
  403. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
  404. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
  405. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
  406. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
  407. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
  408. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
  409. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
  410. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
  411. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
  412. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
  413. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
  414. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
  415. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
  416. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
  417. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
  418. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
  419. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
  420. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
  421. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
  422. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
  423. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
  424. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
  425. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
  426. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
  427. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
  428. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
  429. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
  430. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
  431. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
  432. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
  433. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
  434. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
  435. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
  436. data/src/core/ext/xds/certificate_provider_factory.h +61 -0
  437. data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
  438. data/src/core/ext/xds/certificate_provider_registry.h +57 -0
  439. data/src/core/ext/xds/certificate_provider_store.cc +87 -0
  440. data/src/core/ext/xds/certificate_provider_store.h +112 -0
  441. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
  442. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
  443. data/src/core/ext/xds/xds_api.cc +687 -767
  444. data/src/core/ext/xds/xds_api.h +207 -98
  445. data/src/core/ext/xds/xds_bootstrap.cc +172 -25
  446. data/src/core/ext/xds/xds_bootstrap.h +23 -8
  447. data/src/core/ext/xds/xds_certificate_provider.cc +299 -0
  448. data/src/core/ext/xds/xds_certificate_provider.h +112 -0
  449. data/src/core/ext/xds/xds_channel_args.h +6 -3
  450. data/src/core/ext/xds/xds_client.cc +617 -494
  451. data/src/core/ext/xds/xds_client.h +118 -58
  452. data/src/core/ext/xds/xds_client_stats.cc +59 -16
  453. data/src/core/ext/xds/xds_client_stats.h +35 -7
  454. data/src/core/ext/xds/xds_server_config_fetcher.cc +131 -0
  455. data/src/core/lib/channel/channel_args.cc +9 -8
  456. data/src/core/lib/channel/channel_args.h +0 -1
  457. data/src/core/lib/channel/channel_trace.cc +4 -2
  458. data/src/core/lib/channel/channel_trace.h +1 -1
  459. data/src/core/lib/channel/channelz.cc +23 -59
  460. data/src/core/lib/channel/channelz.h +13 -22
  461. data/src/core/lib/channel/channelz_registry.cc +12 -11
  462. data/src/core/lib/channel/channelz_registry.h +3 -1
  463. data/src/core/lib/channel/handshaker.cc +2 -2
  464. data/src/core/lib/channel/handshaker.h +2 -2
  465. data/src/core/lib/compression/compression.cc +8 -4
  466. data/src/core/lib/compression/compression_args.cc +3 -2
  467. data/src/core/lib/compression/compression_internal.cc +10 -5
  468. data/src/core/lib/compression/compression_internal.h +2 -1
  469. data/src/core/lib/compression/stream_compression_identity.cc +1 -3
  470. data/src/core/lib/debug/stats.h +2 -2
  471. data/src/core/lib/debug/stats_data.cc +1 -0
  472. data/src/core/lib/debug/stats_data.h +13 -13
  473. data/src/core/lib/gpr/alloc.cc +3 -2
  474. data/src/core/lib/gpr/cpu_iphone.cc +10 -2
  475. data/src/core/lib/gpr/log.cc +53 -16
  476. data/src/core/lib/gpr/log_linux.cc +19 -3
  477. data/src/core/lib/gpr/log_posix.cc +15 -1
  478. data/src/core/lib/gpr/log_windows.cc +18 -4
  479. data/src/core/lib/gpr/murmur_hash.cc +1 -1
  480. data/src/core/lib/gpr/spinlock.h +10 -2
  481. data/src/core/lib/gpr/string.cc +23 -22
  482. data/src/core/lib/gpr/string.h +5 -6
  483. data/src/core/lib/gpr/sync.cc +4 -4
  484. data/src/core/lib/gpr/time.cc +12 -12
  485. data/src/core/lib/gpr/time_precise.cc +5 -2
  486. data/src/core/lib/gpr/time_precise.h +6 -2
  487. data/src/core/lib/gpr/tls.h +4 -0
  488. data/src/core/lib/gpr/tls_msvc.h +2 -0
  489. data/src/core/lib/gpr/tls_stdcpp.h +48 -0
  490. data/src/core/lib/gpr/useful.h +5 -4
  491. data/src/core/lib/gprpp/arena.h +3 -2
  492. data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
  493. data/src/core/lib/gprpp/examine_stack.cc +43 -0
  494. data/src/core/lib/gprpp/examine_stack.h +46 -0
  495. data/src/core/lib/gprpp/fork.cc +2 -2
  496. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  497. data/src/core/lib/gprpp/orphanable.h +4 -8
  498. data/src/core/lib/gprpp/ref_counted.h +91 -68
  499. data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
  500. data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
  501. data/src/core/lib/gprpp/stat_posix.cc +49 -0
  502. data/src/core/lib/gprpp/stat_windows.cc +48 -0
  503. data/src/core/lib/gprpp/thd.h +2 -2
  504. data/src/core/lib/gprpp/thd_posix.cc +42 -37
  505. data/src/core/lib/gprpp/thd_windows.cc +3 -1
  506. data/src/core/lib/http/httpcli.cc +1 -1
  507. data/src/core/lib/http/httpcli.h +2 -3
  508. data/src/core/lib/http/httpcli_security_connector.cc +1 -1
  509. data/src/core/lib/http/parser.cc +47 -27
  510. data/src/core/lib/iomgr/call_combiner.cc +8 -5
  511. data/src/core/lib/iomgr/combiner.cc +2 -1
  512. data/src/core/lib/iomgr/endpoint.h +1 -1
  513. data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
  514. data/src/core/lib/iomgr/error.cc +17 -12
  515. data/src/core/lib/iomgr/error_internal.h +1 -1
  516. data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
  517. data/src/core/lib/iomgr/ev_epollex_linux.cc +25 -17
  518. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
  519. data/src/core/lib/iomgr/exec_ctx.cc +1 -1
  520. data/src/core/lib/iomgr/exec_ctx.h +16 -12
  521. data/src/core/lib/iomgr/executor.cc +2 -1
  522. data/src/core/lib/iomgr/executor.h +1 -1
  523. data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
  524. data/src/core/lib/iomgr/executor/threadpool.h +4 -4
  525. data/src/core/lib/iomgr/iomgr.cc +1 -1
  526. data/src/core/lib/iomgr/load_file.h +1 -1
  527. data/src/core/lib/iomgr/lockfree_event.cc +19 -14
  528. data/src/core/lib/iomgr/lockfree_event.h +2 -2
  529. data/src/core/lib/iomgr/parse_address.cc +127 -43
  530. data/src/core/lib/iomgr/parse_address.h +32 -8
  531. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
  532. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
  533. data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
  534. data/src/core/lib/iomgr/python_util.h +4 -4
  535. data/src/core/lib/iomgr/resolve_address.cc +4 -4
  536. data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
  537. data/src/core/lib/iomgr/resource_quota.cc +4 -4
  538. data/src/core/lib/iomgr/sockaddr_utils.cc +10 -10
  539. data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
  540. data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
  541. data/src/core/lib/iomgr/socket_mutator.cc +3 -2
  542. data/src/core/lib/iomgr/tcp_client.cc +3 -3
  543. data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
  544. data/src/core/lib/iomgr/tcp_custom.cc +22 -17
  545. data/src/core/lib/iomgr/tcp_posix.cc +12 -8
  546. data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
  547. data/src/core/lib/iomgr/timer_custom.cc +5 -5
  548. data/src/core/lib/iomgr/timer_generic.cc +3 -3
  549. data/src/core/lib/iomgr/timer_manager.cc +2 -2
  550. data/src/core/lib/iomgr/udp_server.cc +1 -2
  551. data/src/core/lib/iomgr/udp_server.h +1 -2
  552. data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
  553. data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
  554. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
  555. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
  556. data/src/core/lib/json/json.h +12 -2
  557. data/src/core/lib/json/json_reader.cc +8 -4
  558. data/src/core/lib/json/json_util.cc +58 -0
  559. data/src/core/lib/json/json_util.h +204 -0
  560. data/src/core/lib/json/json_writer.cc +2 -1
  561. data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
  562. data/src/core/lib/security/authorization/evaluate_args.h +1 -1
  563. data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
  564. data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
  565. data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
  566. data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
  567. data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
  568. data/src/core/lib/security/context/security_context.cc +4 -3
  569. data/src/core/lib/security/context/security_context.h +3 -1
  570. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  571. data/src/core/lib/security/credentials/credentials.cc +7 -7
  572. data/src/core/lib/security/credentials/credentials.h +3 -3
  573. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
  574. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
  575. data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
  576. data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
  577. data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
  578. data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
  579. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
  580. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
  581. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
  582. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
  583. data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -1
  584. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +18 -12
  585. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
  586. data/src/core/lib/security/credentials/jwt/json_token.cc +6 -3
  587. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
  588. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -4
  589. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
  590. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
  591. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
  592. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +5 -5
  593. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
  594. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
  595. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
  596. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
  597. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
  598. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
  599. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
  600. data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
  601. data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
  602. data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
  603. data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
  604. data/src/core/lib/security/credentials/xds/xds_credentials.cc +175 -0
  605. data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
  606. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
  607. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
  608. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
  609. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
  610. data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
  611. data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
  612. data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
  613. data/src/core/lib/security/security_connector/security_connector.cc +4 -3
  614. data/src/core/lib/security/security_connector/security_connector.h +4 -2
  615. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
  616. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
  617. data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
  618. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +342 -279
  619. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
  620. data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
  621. data/src/core/lib/security/transport/security_handshaker.cc +3 -3
  622. data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
  623. data/src/core/lib/security/util/json_util.h +1 -0
  624. data/src/core/lib/slice/slice.cc +7 -4
  625. data/src/core/lib/slice/slice_buffer.cc +2 -1
  626. data/src/core/lib/slice/slice_intern.cc +6 -7
  627. data/src/core/lib/slice/slice_internal.h +2 -2
  628. data/src/core/lib/surface/call.cc +41 -32
  629. data/src/core/lib/surface/call_details.cc +8 -8
  630. data/src/core/lib/surface/channel.cc +25 -41
  631. data/src/core/lib/surface/channel.h +9 -3
  632. data/src/core/lib/surface/channel_init.cc +1 -1
  633. data/src/core/lib/surface/completion_queue.cc +30 -24
  634. data/src/core/lib/surface/completion_queue.h +16 -16
  635. data/src/core/lib/surface/init.cc +32 -14
  636. data/src/core/lib/surface/lame_client.cc +20 -46
  637. data/src/core/lib/surface/lame_client.h +4 -0
  638. data/src/core/lib/surface/server.cc +63 -17
  639. data/src/core/lib/surface/server.h +39 -7
  640. data/src/core/lib/surface/validate_metadata.h +3 -0
  641. data/src/core/lib/surface/version.cc +2 -2
  642. data/src/core/lib/transport/authority_override.cc +6 -4
  643. data/src/core/lib/transport/authority_override.h +7 -2
  644. data/src/core/lib/transport/bdp_estimator.cc +1 -1
  645. data/src/core/lib/transport/bdp_estimator.h +2 -1
  646. data/src/core/lib/transport/byte_stream.h +3 -3
  647. data/src/core/lib/transport/connectivity_state.h +11 -9
  648. data/src/core/lib/transport/error_utils.h +1 -1
  649. data/src/core/lib/transport/metadata.cc +11 -1
  650. data/src/core/lib/transport/metadata.h +2 -2
  651. data/src/core/lib/transport/metadata_batch.h +4 -4
  652. data/src/core/lib/transport/static_metadata.cc +1 -1
  653. data/src/core/lib/transport/status_metadata.cc +4 -3
  654. data/src/core/lib/transport/timeout_encoding.cc +4 -4
  655. data/src/core/lib/transport/transport.cc +5 -3
  656. data/src/core/lib/transport/transport.h +8 -8
  657. data/src/core/lib/uri/uri_parser.cc +131 -249
  658. data/src/core/lib/uri/uri_parser.h +57 -21
  659. data/src/core/plugin_registry/grpc_plugin_registry.cc +41 -20
  660. data/src/core/tsi/alts/crypt/gsec.cc +5 -4
  661. data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
  662. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  663. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +27 -26
  664. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
  665. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
  666. data/src/core/tsi/fake_transport_security.cc +6 -3
  667. data/src/core/tsi/local_transport_security.cc +5 -1
  668. data/src/core/tsi/local_transport_security.h +6 -7
  669. data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
  670. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  671. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
  672. data/src/core/tsi/ssl_transport_security.cc +78 -58
  673. data/src/core/tsi/ssl_transport_security.h +9 -6
  674. data/src/core/tsi/transport_security.cc +10 -8
  675. data/src/core/tsi/transport_security_interface.h +1 -1
  676. data/src/ruby/ext/grpc/extconf.rb +1 -1
  677. data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
  678. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
  679. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
  680. data/src/ruby/lib/grpc/version.rb +1 -1
  681. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +28 -0
  682. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
  683. data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
  684. data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
  685. data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
  686. data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
  687. data/third_party/abseil-cpp/absl/base/casts.h +9 -6
  688. data/third_party/abseil-cpp/absl/base/config.h +60 -17
  689. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
  690. data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
  691. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
  692. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
  693. data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
  694. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
  695. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
  696. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
  697. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
  698. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
  699. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
  700. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
  701. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
  702. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
  703. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
  704. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
  705. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
  706. data/third_party/abseil-cpp/absl/base/macros.h +36 -109
  707. data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
  708. data/third_party/abseil-cpp/absl/base/options.h +31 -4
  709. data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
  710. data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
  711. data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
  712. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
  713. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
  714. data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
  715. data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
  716. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
  717. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
  718. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
  719. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
  720. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
  721. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
  722. data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
  723. data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
  724. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
  725. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
  726. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
  727. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
  728. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
  729. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
  730. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
  731. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
  732. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
  733. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
  734. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
  735. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
  736. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
  737. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
  738. data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
  739. data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
  740. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
  741. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
  742. data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
  743. data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
  744. data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
  745. data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
  746. data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
  747. data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
  748. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
  749. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
  750. data/third_party/abseil-cpp/absl/status/status.cc +4 -6
  751. data/third_party/abseil-cpp/absl/status/status.h +502 -113
  752. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
  753. data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
  754. data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
  755. data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
  756. data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
  757. data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
  758. data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
  759. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
  760. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
  761. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
  762. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
  763. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
  764. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
  765. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
  766. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
  767. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
  768. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
  769. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
  770. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
  771. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
  772. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
  773. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
  774. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
  775. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
  776. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
  777. data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
  778. data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
  779. data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
  780. data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
  781. data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
  782. data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
  783. data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
  784. data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
  785. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
  786. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
  787. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
  788. data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
  789. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
  790. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
  791. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
  792. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
  793. data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
  794. data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
  795. data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
  796. data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
  797. data/third_party/abseil-cpp/absl/time/format.cc +43 -36
  798. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
  799. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
  800. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
  801. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
  802. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
  803. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
  804. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
  805. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
  806. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
  807. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
  808. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
  809. data/third_party/abseil-cpp/absl/time/time.h +15 -16
  810. data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
  811. data/third_party/abseil-cpp/absl/types/optional.h +9 -9
  812. data/third_party/abseil-cpp/absl/types/span.h +49 -36
  813. data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
  814. data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
  815. data/third_party/boringssl-with-bazel/err_data.c +469 -463
  816. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -6
  817. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
  818. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
  819. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
  820. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
  821. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
  822. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
  823. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
  824. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
  825. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
  826. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
  827. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +56 -22
  828. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
  829. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +98 -11
  830. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +51 -6
  831. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
  832. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
  833. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
  834. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
  835. data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
  836. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
  837. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
  838. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
  839. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +7 -2
  840. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +21 -18
  841. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
  842. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +24 -3
  843. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
  844. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
  845. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +3 -3
  846. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
  847. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +13 -2
  848. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
  849. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
  850. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +2 -2
  851. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
  852. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
  853. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
  854. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
  855. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
  856. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +7 -3
  857. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +2 -2
  858. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
  859. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
  860. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
  861. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -1
  862. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
  863. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
  864. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -1
  865. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +6 -3
  866. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
  867. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +6 -0
  868. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
  869. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
  870. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +12 -0
  871. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +9 -0
  872. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +4 -1
  873. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
  874. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
  875. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +64 -3
  876. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
  877. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
  878. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +188 -78
  879. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +482 -432
  880. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
  881. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
  882. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +18 -18
  883. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -3
  884. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
  885. data/third_party/boringssl-with-bazel/src/ssl/internal.h +45 -10
  886. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
  887. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
  888. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
  889. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
  890. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
  891. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
  892. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +57 -19
  893. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +135 -41
  894. data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
  895. data/third_party/upb/upb/decode.c +248 -167
  896. data/third_party/upb/upb/decode.h +20 -1
  897. data/third_party/upb/upb/decode.int.h +163 -0
  898. data/third_party/upb/upb/decode_fast.c +1040 -0
  899. data/third_party/upb/upb/decode_fast.h +126 -0
  900. data/third_party/upb/upb/def.c +2178 -0
  901. data/third_party/upb/upb/def.h +315 -0
  902. data/third_party/upb/upb/def.hpp +439 -0
  903. data/third_party/upb/upb/encode.c +227 -169
  904. data/third_party/upb/upb/encode.h +27 -2
  905. data/third_party/upb/upb/json_decode.c +1443 -0
  906. data/third_party/upb/upb/json_decode.h +23 -0
  907. data/third_party/upb/upb/json_encode.c +713 -0
  908. data/third_party/upb/upb/json_encode.h +36 -0
  909. data/third_party/upb/upb/msg.c +167 -88
  910. data/third_party/upb/upb/msg.h +174 -34
  911. data/third_party/upb/upb/port_def.inc +74 -61
  912. data/third_party/upb/upb/port_undef.inc +3 -7
  913. data/third_party/upb/upb/reflection.c +408 -0
  914. data/third_party/upb/upb/reflection.h +168 -0
  915. data/third_party/upb/upb/table.c +34 -197
  916. data/third_party/upb/upb/table.int.h +14 -5
  917. data/third_party/upb/upb/text_encode.c +421 -0
  918. data/third_party/upb/upb/text_encode.h +38 -0
  919. data/third_party/upb/upb/upb.c +18 -41
  920. data/third_party/upb/upb/upb.h +36 -7
  921. data/third_party/upb/upb/upb.hpp +4 -4
  922. data/third_party/upb/upb/upb.int.h +29 -0
  923. metadata +288 -54
  924. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
  925. data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
  926. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
  927. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
  928. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
  929. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
  930. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
  931. data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
  932. data/src/core/ext/xds/xds_channel.h +0 -46
  933. data/src/core/ext/xds/xds_channel_secure.cc +0 -103
  934. data/src/core/lib/gprpp/map.h +0 -53
  935. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
  936. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
  937. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
  938. data/third_party/upb/upb/port.c +0 -26
@@ -107,7 +107,8 @@ class grpc_oauth2_token_fetcher_credentials : public grpc_call_credentials {
107
107
  class grpc_google_refresh_token_credentials final
108
108
  : public grpc_oauth2_token_fetcher_credentials {
109
109
  public:
110
- grpc_google_refresh_token_credentials(grpc_auth_refresh_token refresh_token);
110
+ explicit grpc_google_refresh_token_credentials(
111
+ grpc_auth_refresh_token refresh_token);
111
112
  ~grpc_google_refresh_token_credentials() override;
112
113
 
113
114
  const grpc_auth_refresh_token& refresh_token() const {
@@ -130,7 +131,7 @@ class grpc_google_refresh_token_credentials final
130
131
  // Access token credentials.
131
132
  class grpc_access_token_credentials final : public grpc_call_credentials {
132
133
  public:
133
- grpc_access_token_credentials(const char* access_token);
134
+ explicit grpc_access_token_credentials(const char* access_token);
134
135
  ~grpc_access_token_credentials() override;
135
136
 
136
137
  bool get_request_metadata(grpc_polling_entity* pollent,
@@ -164,8 +165,8 @@ namespace grpc_core {
164
165
  // Exposed for testing only. This function validates the options, ensuring that
165
166
  // the required fields are set, and outputs the parsed URL of the STS token
166
167
  // exchanged service.
167
- grpc_error* ValidateStsCredentialsOptions(
168
- const grpc_sts_credentials_options* options, grpc_uri** sts_url);
168
+ absl::StatusOr<URI> ValidateStsCredentialsOptions(
169
+ const grpc_sts_credentials_options* options);
169
170
  } // namespace grpc_core
170
171
 
171
172
  #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_OAUTH2_OAUTH2_CREDENTIALS_H */
@@ -224,7 +224,7 @@ bool grpc_plugin_credentials::get_request_metadata(
224
224
  grpc_slice_unref_internal(creds_md[i].key);
225
225
  grpc_slice_unref_internal(creds_md[i].value);
226
226
  }
227
- gpr_free((void*)error_details);
227
+ gpr_free(const_cast<char*>(error_details));
228
228
  gpr_free(request);
229
229
  }
230
230
  return retval;
@@ -38,8 +38,8 @@ void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp,
38
38
  size_t num_key_cert_pairs) {
39
39
  if (kp == nullptr) return;
40
40
  for (size_t i = 0; i < num_key_cert_pairs; i++) {
41
- gpr_free((void*)kp[i].private_key);
42
- gpr_free((void*)kp[i].cert_chain);
41
+ gpr_free(const_cast<char*>(kp[i].private_key));
42
+ gpr_free(const_cast<char*>(kp[i].cert_chain));
43
43
  }
44
44
  gpr_free(kp);
45
45
  }
@@ -87,7 +87,7 @@ grpc_ssl_credentials::create_security_connector(
87
87
  return sc;
88
88
  }
89
89
  grpc_arg new_arg = grpc_channel_arg_string_create(
90
- (char*)GRPC_ARG_HTTP2_SCHEME, (char*)"https");
90
+ const_cast<char*>(GRPC_ARG_HTTP2_SCHEME), const_cast<char*>("https"));
91
91
  *new_args = grpc_channel_args_copy_and_add(args, &new_arg, 1);
92
92
  return sc;
93
93
  }
@@ -262,8 +262,8 @@ void grpc_ssl_server_certificate_config_destroy(
262
262
  grpc_ssl_server_certificate_config* config) {
263
263
  if (config == nullptr) return;
264
264
  for (size_t i = 0; i < config->num_key_cert_pairs; i++) {
265
- gpr_free((void*)config->pem_key_cert_pairs[i].private_key);
266
- gpr_free((void*)config->pem_key_cert_pairs[i].cert_chain);
265
+ gpr_free(const_cast<char*>(config->pem_key_cert_pairs[i].private_key));
266
+ gpr_free(const_cast<char*>(config->pem_key_cert_pairs[i].cert_chain));
267
267
  }
268
268
  gpr_free(config->pem_key_cert_pairs);
269
269
  gpr_free(config->pem_root_certs);
@@ -64,7 +64,7 @@ struct grpc_ssl_server_certificate_config_fetcher {
64
64
 
65
65
  class grpc_ssl_server_credentials final : public grpc_server_credentials {
66
66
  public:
67
- grpc_ssl_server_credentials(
67
+ explicit grpc_ssl_server_credentials(
68
68
  const grpc_ssl_server_credentials_options& options);
69
69
  ~grpc_ssl_server_credentials() override;
70
70
 
@@ -0,0 +1,346 @@
1
+ //
2
+ // Copyright 2020 gRPC authors.
3
+ //
4
+ // Licensed under the Apache License, Version 2.0 (the "License");
5
+ // you may not use this file except in compliance with the License.
6
+ // You may obtain a copy of the License at
7
+ //
8
+ // http://www.apache.org/licenses/LICENSE-2.0
9
+ //
10
+ // Unless required by applicable law or agreed to in writing, software
11
+ // distributed under the License is distributed on an "AS IS" BASIS,
12
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ // See the License for the specific language governing permissions and
14
+ // limitations under the License.
15
+ //
16
+
17
+ #include <grpc/support/port_platform.h>
18
+
19
+ #include "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h"
20
+
21
+ #include <grpc/support/alloc.h>
22
+ #include <grpc/support/log.h>
23
+ #include <grpc/support/string_util.h>
24
+ #include <stdlib.h>
25
+ #include <string.h>
26
+
27
+ void grpc_tls_certificate_distributor::SetKeyMaterials(
28
+ const std::string& cert_name, absl::optional<std::string> pem_root_certs,
29
+ absl::optional<grpc_core::PemKeyCertPairList> pem_key_cert_pairs) {
30
+ GPR_ASSERT(pem_root_certs.has_value() || pem_key_cert_pairs.has_value());
31
+ grpc_core::MutexLock lock(&mu_);
32
+ auto& cert_info = certificate_info_map_[cert_name];
33
+ if (pem_root_certs.has_value()) {
34
+ // Successful credential updates will clear any pre-existing error.
35
+ cert_info.SetRootError(GRPC_ERROR_NONE);
36
+ for (auto* watcher_ptr : cert_info.root_cert_watchers) {
37
+ GPR_ASSERT(watcher_ptr != nullptr);
38
+ const auto watcher_it = watchers_.find(watcher_ptr);
39
+ GPR_ASSERT(watcher_it != watchers_.end());
40
+ GPR_ASSERT(watcher_it->second.root_cert_name.has_value());
41
+ absl::optional<grpc_core::PemKeyCertPairList>
42
+ pem_key_cert_pairs_to_report;
43
+ if (pem_key_cert_pairs.has_value() &&
44
+ watcher_it->second.identity_cert_name == cert_name) {
45
+ pem_key_cert_pairs_to_report = pem_key_cert_pairs;
46
+ } else if (watcher_it->second.identity_cert_name.has_value()) {
47
+ auto& identity_cert_info =
48
+ certificate_info_map_[*watcher_it->second.identity_cert_name];
49
+ if (!identity_cert_info.pem_key_cert_pairs.empty()) {
50
+ pem_key_cert_pairs_to_report = identity_cert_info.pem_key_cert_pairs;
51
+ }
52
+ }
53
+ watcher_ptr->OnCertificatesChanged(
54
+ pem_root_certs, std::move(pem_key_cert_pairs_to_report));
55
+ }
56
+ cert_info.pem_root_certs = std::move(*pem_root_certs);
57
+ }
58
+ if (pem_key_cert_pairs.has_value()) {
59
+ // Successful credential updates will clear any pre-existing error.
60
+ cert_info.SetIdentityError(GRPC_ERROR_NONE);
61
+ for (const auto watcher_ptr : cert_info.identity_cert_watchers) {
62
+ GPR_ASSERT(watcher_ptr != nullptr);
63
+ const auto watcher_it = watchers_.find(watcher_ptr);
64
+ GPR_ASSERT(watcher_it != watchers_.end());
65
+ GPR_ASSERT(watcher_it->second.identity_cert_name.has_value());
66
+ absl::optional<absl::string_view> pem_root_certs_to_report;
67
+ if (pem_root_certs.has_value() &&
68
+ watcher_it->second.root_cert_name == cert_name) {
69
+ // In this case, We've already sent the credential updates at the time
70
+ // when checking pem_root_certs, so we will skip here.
71
+ continue;
72
+ } else if (watcher_it->second.root_cert_name.has_value()) {
73
+ auto& root_cert_info =
74
+ certificate_info_map_[*watcher_it->second.root_cert_name];
75
+ if (!root_cert_info.pem_root_certs.empty()) {
76
+ pem_root_certs_to_report = root_cert_info.pem_root_certs;
77
+ }
78
+ }
79
+ watcher_ptr->OnCertificatesChanged(pem_root_certs_to_report,
80
+ pem_key_cert_pairs);
81
+ }
82
+ cert_info.pem_key_cert_pairs = std::move(*pem_key_cert_pairs);
83
+ }
84
+ }
85
+
86
+ bool grpc_tls_certificate_distributor::HasRootCerts(
87
+ const std::string& root_cert_name) {
88
+ grpc_core::MutexLock lock(&mu_);
89
+ const auto it = certificate_info_map_.find(root_cert_name);
90
+ return it != certificate_info_map_.end() &&
91
+ !it->second.pem_root_certs.empty();
92
+ };
93
+
94
+ bool grpc_tls_certificate_distributor::HasKeyCertPairs(
95
+ const std::string& identity_cert_name) {
96
+ grpc_core::MutexLock lock(&mu_);
97
+ const auto it = certificate_info_map_.find(identity_cert_name);
98
+ return it != certificate_info_map_.end() &&
99
+ !it->second.pem_key_cert_pairs.empty();
100
+ };
101
+
102
+ void grpc_tls_certificate_distributor::SetErrorForCert(
103
+ const std::string& cert_name, absl::optional<grpc_error*> root_cert_error,
104
+ absl::optional<grpc_error*> identity_cert_error) {
105
+ GPR_ASSERT(root_cert_error.has_value() || identity_cert_error.has_value());
106
+ grpc_core::MutexLock lock(&mu_);
107
+ CertificateInfo& cert_info = certificate_info_map_[cert_name];
108
+ if (root_cert_error.has_value()) {
109
+ for (auto* watcher_ptr : cert_info.root_cert_watchers) {
110
+ GPR_ASSERT(watcher_ptr != nullptr);
111
+ const auto watcher_it = watchers_.find(watcher_ptr);
112
+ GPR_ASSERT(watcher_it != watchers_.end());
113
+ // identity_cert_error_to_report is the error of the identity cert this
114
+ // watcher is watching, if there is any.
115
+ grpc_error* identity_cert_error_to_report = GRPC_ERROR_NONE;
116
+ if (identity_cert_error.has_value() &&
117
+ watcher_it->second.identity_cert_name == cert_name) {
118
+ identity_cert_error_to_report = *identity_cert_error;
119
+ } else if (watcher_it->second.identity_cert_name.has_value()) {
120
+ auto& identity_cert_info =
121
+ certificate_info_map_[*watcher_it->second.identity_cert_name];
122
+ identity_cert_error_to_report = identity_cert_info.identity_cert_error;
123
+ }
124
+ watcher_ptr->OnError(GRPC_ERROR_REF(*root_cert_error),
125
+ GRPC_ERROR_REF(identity_cert_error_to_report));
126
+ }
127
+ cert_info.SetRootError(*root_cert_error);
128
+ }
129
+ if (identity_cert_error.has_value()) {
130
+ for (auto* watcher_ptr : cert_info.identity_cert_watchers) {
131
+ GPR_ASSERT(watcher_ptr != nullptr);
132
+ const auto watcher_it = watchers_.find(watcher_ptr);
133
+ GPR_ASSERT(watcher_it != watchers_.end());
134
+ // root_cert_error_to_report is the error of the root cert this watcher is
135
+ // watching, if there is any.
136
+ grpc_error* root_cert_error_to_report = GRPC_ERROR_NONE;
137
+ if (root_cert_error.has_value() &&
138
+ watcher_it->second.root_cert_name == cert_name) {
139
+ // In this case, We've already sent the error updates at the time when
140
+ // checking root_cert_error, so we will skip here.
141
+ continue;
142
+ } else if (watcher_it->second.root_cert_name.has_value()) {
143
+ auto& root_cert_info =
144
+ certificate_info_map_[*watcher_it->second.root_cert_name];
145
+ root_cert_error_to_report = root_cert_info.root_cert_error;
146
+ }
147
+ watcher_ptr->OnError(GRPC_ERROR_REF(root_cert_error_to_report),
148
+ GRPC_ERROR_REF(*identity_cert_error));
149
+ }
150
+ cert_info.SetIdentityError(*identity_cert_error);
151
+ }
152
+ };
153
+
154
+ void grpc_tls_certificate_distributor::SetError(grpc_error* error) {
155
+ GPR_ASSERT(error != GRPC_ERROR_NONE);
156
+ grpc_core::MutexLock lock(&mu_);
157
+ for (const auto& watcher : watchers_) {
158
+ const auto watcher_ptr = watcher.first;
159
+ GPR_ASSERT(watcher_ptr != nullptr);
160
+ const auto& watcher_info = watcher.second;
161
+ watcher_ptr->OnError(
162
+ watcher_info.root_cert_name.has_value() ? GRPC_ERROR_REF(error)
163
+ : GRPC_ERROR_NONE,
164
+ watcher_info.identity_cert_name.has_value() ? GRPC_ERROR_REF(error)
165
+ : GRPC_ERROR_NONE);
166
+ }
167
+ for (auto& cert_info_entry : certificate_info_map_) {
168
+ auto& cert_info = cert_info_entry.second;
169
+ cert_info.SetRootError(GRPC_ERROR_REF(error));
170
+ cert_info.SetIdentityError(GRPC_ERROR_REF(error));
171
+ }
172
+ GRPC_ERROR_UNREF(error);
173
+ };
174
+
175
+ void grpc_tls_certificate_distributor::WatchTlsCertificates(
176
+ std::unique_ptr<TlsCertificatesWatcherInterface> watcher,
177
+ absl::optional<std::string> root_cert_name,
178
+ absl::optional<std::string> identity_cert_name) {
179
+ bool start_watching_root_cert = false;
180
+ bool already_watching_identity_for_root_cert = false;
181
+ bool start_watching_identity_cert = false;
182
+ bool already_watching_root_for_identity_cert = false;
183
+ GPR_ASSERT(root_cert_name.has_value() || identity_cert_name.has_value());
184
+ TlsCertificatesWatcherInterface* watcher_ptr = watcher.get();
185
+ GPR_ASSERT(watcher_ptr != nullptr);
186
+ // Update watchers_ and certificate_info_map_.
187
+ {
188
+ grpc_core::MutexLock lock(&mu_);
189
+ const auto watcher_it = watchers_.find(watcher_ptr);
190
+ // The caller needs to cancel the watcher first if it wants to re-register
191
+ // the watcher.
192
+ GPR_ASSERT(watcher_it == watchers_.end());
193
+ watchers_[watcher_ptr] = {std::move(watcher), root_cert_name,
194
+ identity_cert_name};
195
+ absl::optional<absl::string_view> updated_root_certs;
196
+ absl::optional<grpc_core::PemKeyCertPairList> updated_identity_pairs;
197
+ grpc_error* root_error = GRPC_ERROR_NONE;
198
+ grpc_error* identity_error = GRPC_ERROR_NONE;
199
+ if (root_cert_name.has_value()) {
200
+ CertificateInfo& cert_info = certificate_info_map_[*root_cert_name];
201
+ start_watching_root_cert = cert_info.root_cert_watchers.empty();
202
+ already_watching_identity_for_root_cert =
203
+ !cert_info.identity_cert_watchers.empty();
204
+ cert_info.root_cert_watchers.insert(watcher_ptr);
205
+ root_error = GRPC_ERROR_REF(cert_info.root_cert_error);
206
+ // Empty credentials will be treated as no updates.
207
+ if (!cert_info.pem_root_certs.empty()) {
208
+ updated_root_certs = cert_info.pem_root_certs;
209
+ }
210
+ }
211
+ if (identity_cert_name.has_value()) {
212
+ CertificateInfo& cert_info = certificate_info_map_[*identity_cert_name];
213
+ start_watching_identity_cert = cert_info.identity_cert_watchers.empty();
214
+ already_watching_root_for_identity_cert =
215
+ !cert_info.root_cert_watchers.empty();
216
+ cert_info.identity_cert_watchers.insert(watcher_ptr);
217
+ identity_error = GRPC_ERROR_REF(cert_info.identity_cert_error);
218
+ // Empty credentials will be treated as no updates.
219
+ if (!cert_info.pem_key_cert_pairs.empty()) {
220
+ updated_identity_pairs = cert_info.pem_key_cert_pairs;
221
+ }
222
+ }
223
+ // Notify this watcher if the certs it is watching already had some
224
+ // contents. Note that an *_cert_error in cert_info only indicates error
225
+ // occurred while trying to fetch the latest cert, but the updated_*_certs
226
+ // should always be valid. So we will send the updates regardless of
227
+ // *_cert_error.
228
+ if (updated_root_certs.has_value() || updated_identity_pairs.has_value()) {
229
+ watcher_ptr->OnCertificatesChanged(updated_root_certs,
230
+ std::move(updated_identity_pairs));
231
+ }
232
+ // Notify this watcher if the certs it is watching already had some errors.
233
+ if (root_error != GRPC_ERROR_NONE || identity_error != GRPC_ERROR_NONE) {
234
+ watcher_ptr->OnError(GRPC_ERROR_REF(root_error),
235
+ GRPC_ERROR_REF(identity_error));
236
+ }
237
+ GRPC_ERROR_UNREF(root_error);
238
+ GRPC_ERROR_UNREF(identity_error);
239
+ }
240
+ // Invoke watch status callback if needed.
241
+ {
242
+ grpc_core::MutexLock lock(&callback_mu_);
243
+ if (watch_status_callback_ != nullptr) {
244
+ if (root_cert_name == identity_cert_name &&
245
+ (start_watching_root_cert || start_watching_identity_cert)) {
246
+ watch_status_callback_(*root_cert_name, start_watching_root_cert,
247
+ start_watching_identity_cert);
248
+ } else {
249
+ if (start_watching_root_cert) {
250
+ watch_status_callback_(*root_cert_name, true,
251
+ already_watching_identity_for_root_cert);
252
+ }
253
+ if (start_watching_identity_cert) {
254
+ watch_status_callback_(*identity_cert_name,
255
+ already_watching_root_for_identity_cert, true);
256
+ }
257
+ }
258
+ }
259
+ }
260
+ };
261
+
262
+ void grpc_tls_certificate_distributor::CancelTlsCertificatesWatch(
263
+ TlsCertificatesWatcherInterface* watcher) {
264
+ absl::optional<std::string> root_cert_name;
265
+ absl::optional<std::string> identity_cert_name;
266
+ bool stop_watching_root_cert = false;
267
+ bool already_watching_identity_for_root_cert = false;
268
+ bool stop_watching_identity_cert = false;
269
+ bool already_watching_root_for_identity_cert = false;
270
+ // Update watchers_ and certificate_info_map_.
271
+ {
272
+ grpc_core::MutexLock lock(&mu_);
273
+ auto it = watchers_.find(watcher);
274
+ if (it == watchers_.end()) return;
275
+ WatcherInfo& watcher_info = it->second;
276
+ root_cert_name = std::move(watcher_info.root_cert_name);
277
+ identity_cert_name = std::move(watcher_info.identity_cert_name);
278
+ watchers_.erase(it);
279
+ if (root_cert_name.has_value()) {
280
+ auto it = certificate_info_map_.find(*root_cert_name);
281
+ GPR_ASSERT(it != certificate_info_map_.end());
282
+ CertificateInfo& cert_info = it->second;
283
+ cert_info.root_cert_watchers.erase(watcher);
284
+ stop_watching_root_cert = cert_info.root_cert_watchers.empty();
285
+ already_watching_identity_for_root_cert =
286
+ !cert_info.identity_cert_watchers.empty();
287
+ if (stop_watching_root_cert && !already_watching_identity_for_root_cert) {
288
+ certificate_info_map_.erase(it);
289
+ }
290
+ }
291
+ if (identity_cert_name.has_value()) {
292
+ auto it = certificate_info_map_.find(*identity_cert_name);
293
+ GPR_ASSERT(it != certificate_info_map_.end());
294
+ CertificateInfo& cert_info = it->second;
295
+ cert_info.identity_cert_watchers.erase(watcher);
296
+ stop_watching_identity_cert = cert_info.identity_cert_watchers.empty();
297
+ already_watching_root_for_identity_cert =
298
+ !cert_info.root_cert_watchers.empty();
299
+ if (stop_watching_identity_cert &&
300
+ !already_watching_root_for_identity_cert) {
301
+ certificate_info_map_.erase(it);
302
+ }
303
+ }
304
+ }
305
+ // Invoke watch status callback if needed.
306
+ {
307
+ grpc_core::MutexLock lock(&callback_mu_);
308
+ if (watch_status_callback_ != nullptr) {
309
+ if (root_cert_name == identity_cert_name &&
310
+ (stop_watching_root_cert || stop_watching_identity_cert)) {
311
+ watch_status_callback_(*root_cert_name, !stop_watching_root_cert,
312
+ !stop_watching_identity_cert);
313
+ } else {
314
+ if (stop_watching_root_cert) {
315
+ watch_status_callback_(*root_cert_name, false,
316
+ already_watching_identity_for_root_cert);
317
+ }
318
+ if (stop_watching_identity_cert) {
319
+ watch_status_callback_(*identity_cert_name,
320
+ already_watching_root_for_identity_cert,
321
+ false);
322
+ }
323
+ }
324
+ }
325
+ }
326
+ };
327
+
328
+ /** -- Wrapper APIs declared in grpc_security.h -- **/
329
+
330
+ grpc_tls_identity_pairs* grpc_tls_identity_pairs_create() {
331
+ return new grpc_tls_identity_pairs();
332
+ }
333
+
334
+ void grpc_tls_identity_pairs_add_pair(grpc_tls_identity_pairs* pairs,
335
+ const char* private_key,
336
+ const char* cert_chain) {
337
+ GPR_ASSERT(pairs != nullptr);
338
+ GPR_ASSERT(private_key != nullptr);
339
+ GPR_ASSERT(cert_chain != nullptr);
340
+ pairs->pem_key_cert_pairs.emplace_back(private_key, cert_chain);
341
+ }
342
+
343
+ void grpc_tls_identity_pairs_destroy(grpc_tls_identity_pairs* pairs) {
344
+ GPR_ASSERT(pairs != nullptr);
345
+ delete pairs;
346
+ }
@@ -0,0 +1,213 @@
1
+ //
2
+ // Copyright 2020 gRPC authors.
3
+ //
4
+ // Licensed under the Apache License, Version 2.0 (the "License");
5
+ // you may not use this file except in compliance with the License.
6
+ // You may obtain a copy of the License at
7
+ //
8
+ // http://www.apache.org/licenses/LICENSE-2.0
9
+ //
10
+ // Unless required by applicable law or agreed to in writing, software
11
+ // distributed under the License is distributed on an "AS IS" BASIS,
12
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ // See the License for the specific language governing permissions and
14
+ // limitations under the License.
15
+ //
16
+
17
+ #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_DISTRIBUTOR_H
18
+ #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_DISTRIBUTOR_H
19
+
20
+ #include <grpc/support/port_platform.h>
21
+
22
+ #include <grpc/grpc_security.h>
23
+
24
+ #include <utility>
25
+
26
+ #include "absl/container/inlined_vector.h"
27
+ #include "absl/types/optional.h"
28
+ #include "src/core/lib/gprpp/ref_counted.h"
29
+ #include "src/core/lib/security/security_connector/ssl_utils.h"
30
+
31
+ struct grpc_tls_identity_pairs {
32
+ grpc_core::PemKeyCertPairList pem_key_cert_pairs;
33
+ };
34
+
35
+ // TLS certificate distributor.
36
+ struct grpc_tls_certificate_distributor
37
+ : public grpc_core::RefCounted<grpc_tls_certificate_distributor> {
38
+ public:
39
+ // Interface for watching TLS certificates update.
40
+ class TlsCertificatesWatcherInterface {
41
+ public:
42
+ virtual ~TlsCertificatesWatcherInterface() = default;
43
+
44
+ // Handles the delivery of the updated root and identity certificates.
45
+ // An absl::nullopt value indicates no corresponding contents for
46
+ // root_certs or key_cert_pairs. Note that we will send updates of the
47
+ // latest contents for both root and identity certificates, even when only
48
+ // one side of it got updated.
49
+ //
50
+ // @param root_certs the contents of the reloaded root certs.
51
+ // @param key_cert_pairs the contents of the reloaded identity key-cert
52
+ // pairs.
53
+ virtual void OnCertificatesChanged(
54
+ absl::optional<absl::string_view> root_certs,
55
+ absl::optional<grpc_core::PemKeyCertPairList> key_cert_pairs) = 0;
56
+
57
+ // Handles an error that occurs while attempting to fetch certificate data.
58
+ // Note that if a watcher sees an error, it simply means the Provider is
59
+ // having problems renewing new data. If the watcher has previously received
60
+ // several OnCertificatesChanged, all the data received from that function
61
+ // is valid.
62
+ // In that case, watcher might simply log the error. If the watcher hasn't
63
+ // received any OnCertificatesChanged before the error occurs, no valid
64
+ // data is available yet, and the watcher should either fail or "waiting"
65
+ // for the valid data in a non-blocking way.
66
+ //
67
+ // @param root_cert_error the error occurred while reloading root
68
+ // certificates.
69
+ // @param identity_cert_error the error occurred while reloading identity
70
+ // certificates.
71
+ virtual void OnError(grpc_error* root_cert_error,
72
+ grpc_error* identity_cert_error) = 0;
73
+ };
74
+
75
+ // Sets the key materials based on their certificate name.
76
+ //
77
+ // @param cert_name The name of the certificates being updated.
78
+ // @param pem_root_certs The content of root certificates.
79
+ // @param pem_key_cert_pairs The content of identity key-cert pairs.
80
+ void SetKeyMaterials(
81
+ const std::string& cert_name, absl::optional<std::string> pem_root_certs,
82
+ absl::optional<grpc_core::PemKeyCertPairList> pem_key_cert_pairs);
83
+
84
+ bool HasRootCerts(const std::string& root_cert_name);
85
+
86
+ bool HasKeyCertPairs(const std::string& identity_cert_name);
87
+
88
+ // Propagates the error that the caller (e.g. Producer) encounters to all the
89
+ // watchers watching a particular certificate name.
90
+ //
91
+ // @param cert_name The watching cert name of the watchers that the caller
92
+ // wants to notify when encountering error.
93
+ // @param root_cert_error The error that the caller encounters when reloading
94
+ // root certs.
95
+ // @param identity_cert_error The error that the caller encounters when
96
+ // reloading identity certs.
97
+ void SetErrorForCert(const std::string& cert_name,
98
+ absl::optional<grpc_error*> root_cert_error,
99
+ absl::optional<grpc_error*> identity_cert_error);
100
+
101
+ // Propagates the error that the caller (e.g. Producer) encounters to all
102
+ // watchers.
103
+ //
104
+ // @param error The error that the caller encounters.
105
+ void SetError(grpc_error* error);
106
+
107
+ // Sets the TLS certificate watch status callback function. The
108
+ // grpc_tls_certificate_distributor will invoke this callback when a new
109
+ // certificate name is watched by a newly registered watcher, or when a
110
+ // certificate name is no longer watched by any watchers.
111
+ // Note that when the callback shows a cert is no longer being watched, the
112
+ // distributor will delete the corresponding certificate data from its cache,
113
+ // and clear the corresponding error, if there is any. This means that if the
114
+ // callback subsequently says the same cert is now being watched again, the
115
+ // provider must re-provide the credentials or re-invoke the errors to the
116
+ // distributor, to indicate a successful or failed reloading.
117
+ // @param callback The callback function being set by the caller, e.g the
118
+ // Producer. Note that this callback will be invoked for each certificate
119
+ // name.
120
+ //
121
+ // For the parameters in the callback function:
122
+ // string_value The name of the certificates being watched.
123
+ // bool_value_1 If the root certificates with the specific name are being
124
+ // watched. bool_value_2 If the identity certificates with the specific name
125
+ // are being watched.
126
+ void SetWatchStatusCallback(
127
+ std::function<void(std::string, bool, bool)> callback) {
128
+ grpc_core::MutexLock lock(&mu_);
129
+ watch_status_callback_ = std::move(callback);
130
+ };
131
+
132
+ // Registers a watcher. The caller may keep a raw pointer to the watcher,
133
+ // which may be used only for cancellation. (Because the caller does not own
134
+ // the watcher, the pointer must not be used for any other purpose.) At least
135
+ // one of root_cert_name and identity_cert_name must be specified.
136
+ //
137
+ // @param watcher The watcher being registered.
138
+ // @param root_cert_name The name of the root certificates that will be
139
+ // watched. If set to absl::nullopt, the root certificates won't be watched.
140
+ // @param identity_cert_name The name of the identity certificates that will
141
+ // be watched. If set to absl::nullopt, the identity certificates won't be
142
+ // watched.
143
+ void WatchTlsCertificates(
144
+ std::unique_ptr<TlsCertificatesWatcherInterface> watcher,
145
+ absl::optional<std::string> root_cert_name,
146
+ absl::optional<std::string> identity_cert_name);
147
+
148
+ // Cancels a watcher.
149
+ //
150
+ // @param watcher The watcher being cancelled.
151
+ void CancelTlsCertificatesWatch(TlsCertificatesWatcherInterface* watcher);
152
+
153
+ private:
154
+ // Contains the information about each watcher.
155
+ struct WatcherInfo {
156
+ std::unique_ptr<TlsCertificatesWatcherInterface> watcher;
157
+ absl::optional<std::string> root_cert_name;
158
+ absl::optional<std::string> identity_cert_name;
159
+ };
160
+ // CertificateInfo contains the credential contents and some additional
161
+ // watcher information.
162
+ // Note that having errors doesn't indicate the corresponding credentials are
163
+ // invalid. For example, if root_cert_error != nullptr but pem_root_certs has
164
+ // value, it simply means an error occurs while trying to fetch the latest
165
+ // root certs, while pem_root_certs still contains the valid old data.
166
+ struct CertificateInfo {
167
+ // The contents of the root certificates.
168
+ std::string pem_root_certs;
169
+ // The contents of the identity key-certificate pairs.
170
+ grpc_core::PemKeyCertPairList pem_key_cert_pairs;
171
+ // The root cert reloading error propagated by the caller.
172
+ grpc_error* root_cert_error = GRPC_ERROR_NONE;
173
+ // The identity cert reloading error propagated by the caller.
174
+ grpc_error* identity_cert_error = GRPC_ERROR_NONE;
175
+ // The set of watchers watching root certificates.
176
+ // This is mainly used for quickly looking up the affected watchers while
177
+ // performing a credential reloading.
178
+ std::set<TlsCertificatesWatcherInterface*> root_cert_watchers;
179
+ // The set of watchers watching identity certificates. This is mainly used
180
+ // for quickly looking up the affected watchers while performing a
181
+ // credential reloading.
182
+ std::set<TlsCertificatesWatcherInterface*> identity_cert_watchers;
183
+
184
+ ~CertificateInfo() {
185
+ GRPC_ERROR_UNREF(root_cert_error);
186
+ GRPC_ERROR_UNREF(identity_cert_error);
187
+ }
188
+ void SetRootError(grpc_error* error) {
189
+ GRPC_ERROR_UNREF(root_cert_error);
190
+ root_cert_error = error;
191
+ }
192
+ void SetIdentityError(grpc_error* error) {
193
+ GRPC_ERROR_UNREF(identity_cert_error);
194
+ identity_cert_error = error;
195
+ }
196
+ };
197
+
198
+ grpc_core::Mutex mu_;
199
+ // We need a dedicated mutex for watch_status_callback_ for allowing
200
+ // callers(e.g. Producer) to directly set key materials in the callback
201
+ // functions.
202
+ grpc_core::Mutex callback_mu_;
203
+ // Stores information about each watcher.
204
+ std::map<TlsCertificatesWatcherInterface*, WatcherInfo> watchers_;
205
+ // The callback to notify the caller, e.g. the Producer, that the watch status
206
+ // is changed.
207
+ std::function<void(std::string, bool, bool)> watch_status_callback_;
208
+ // Stores the names of each certificate, and their corresponding credential
209
+ // contents as well as some additional watcher information.
210
+ std::map<std::string, CertificateInfo> certificate_info_map_;
211
+ };
212
+
213
+ #endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_DISTRIBUTOR_H