grpc 1.32.0 → 1.35.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (938) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1078 -3049
  3. data/etc/roots.pem +257 -573
  4. data/include/grpc/compression.h +1 -1
  5. data/include/grpc/grpc.h +15 -7
  6. data/include/grpc/grpc_security.h +222 -171
  7. data/include/grpc/impl/codegen/atm_windows.h +4 -0
  8. data/include/grpc/impl/codegen/byte_buffer.h +1 -1
  9. data/include/grpc/impl/codegen/grpc_types.h +10 -8
  10. data/include/grpc/impl/codegen/log.h +0 -2
  11. data/include/grpc/impl/codegen/port_platform.h +22 -55
  12. data/include/grpc/impl/codegen/sync_windows.h +4 -0
  13. data/include/grpc/slice_buffer.h +3 -3
  14. data/include/grpc/support/sync.h +3 -3
  15. data/include/grpc/support/time.h +7 -7
  16. data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
  17. data/src/core/ext/filters/client_channel/client_channel.cc +2776 -1529
  18. data/src/core/ext/filters/client_channel/client_channel.h +0 -4
  19. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  20. data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
  21. data/src/core/ext/filters/client_channel/config_selector.h +40 -8
  22. data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
  23. data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
  24. data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
  25. data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
  26. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +5 -6
  27. data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
  28. data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
  29. data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
  30. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
  31. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
  32. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
  33. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
  34. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +201 -190
  35. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
  36. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
  37. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
  38. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -4
  39. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +50 -20
  40. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
  41. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
  42. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
  43. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +341 -127
  44. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
  45. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +24 -0
  46. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +812 -0
  47. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
  48. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1262 -0
  49. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
  50. data/src/core/ext/filters/client_channel/resolver.cc +3 -1
  51. data/src/core/ext/filters/client_channel/resolver.h +4 -1
  52. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +9 -16
  53. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
  54. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
  55. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +454 -16
  56. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
  57. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +7 -10
  58. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +3 -3
  59. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
  60. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +34 -27
  61. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +618 -366
  62. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
  63. data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
  64. data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
  65. data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
  66. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
  67. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
  68. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
  69. data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
  70. data/src/core/ext/filters/client_channel/server_address.cc +80 -0
  71. data/src/core/ext/filters/client_channel/server_address.h +21 -36
  72. data/src/core/ext/filters/client_channel/service_config.cc +18 -13
  73. data/src/core/ext/filters/client_channel/service_config.h +8 -5
  74. data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
  75. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
  76. data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
  77. data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
  78. data/src/core/ext/filters/client_channel/subchannel.cc +51 -64
  79. data/src/core/ext/filters/client_channel/subchannel.h +14 -20
  80. data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
  81. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
  82. data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
  83. data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
  84. data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
  85. data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
  86. data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
  87. data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
  88. data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
  89. data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
  90. data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
  91. data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
  92. data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
  93. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
  94. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
  95. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
  96. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
  97. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +185 -79
  98. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
  99. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
  100. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
  101. data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
  102. data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
  103. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
  104. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
  105. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
  106. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
  107. data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
  108. data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
  109. data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
  110. data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
  111. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
  112. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
  113. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
  114. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -32
  115. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
  116. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
  117. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
  118. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +177 -99
  119. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +642 -202
  120. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
  121. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
  122. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +22 -22
  123. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +47 -21
  124. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
  125. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
  126. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
  127. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
  128. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -44
  129. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +200 -78
  130. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
  131. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
  132. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
  133. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
  134. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
  135. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
  136. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
  137. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
  138. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +39 -39
  139. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +157 -89
  140. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
  141. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
  142. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
  143. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
  144. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -1
  145. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
  146. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
  147. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
  148. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +36 -0
  149. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +92 -0
  150. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -13
  151. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
  152. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
  153. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
  154. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
  155. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
  156. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
  157. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
  158. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +46 -26
  159. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +179 -68
  160. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +39 -22
  161. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +149 -48
  162. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -2
  163. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
  164. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
  165. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
  166. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +7 -7
  167. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +38 -22
  168. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +321 -194
  169. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1228 -443
  170. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
  171. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
  172. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -3
  173. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
  174. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +132 -80
  175. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +516 -166
  176. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
  177. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +24 -25
  178. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +96 -71
  179. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -8
  180. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +46 -8
  181. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +71 -29
  182. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
  183. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
  184. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
  185. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
  186. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
  187. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +41 -31
  188. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +165 -64
  189. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -1
  190. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
  191. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -1
  192. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
  193. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -7
  194. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
  195. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -1
  196. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
  197. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
  198. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
  199. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
  200. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
  201. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
  202. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
  203. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
  204. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
  205. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
  206. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
  207. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -3
  208. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
  209. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
  210. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
  211. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
  212. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
  213. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
  214. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
  215. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
  216. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
  217. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
  218. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
  219. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
  220. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
  221. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
  222. data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
  223. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
  224. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
  225. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +34 -34
  226. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +142 -59
  227. data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
  228. data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
  229. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
  230. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
  231. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
  232. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
  233. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
  234. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
  235. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
  236. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
  237. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
  238. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
  239. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
  240. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
  241. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
  242. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
  243. data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
  244. data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
  245. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
  246. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
  247. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
  248. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
  249. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
  250. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
  251. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
  252. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
  253. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
  254. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
  255. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
  256. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
  257. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
  258. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
  259. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
  260. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
  261. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
  262. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
  263. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
  264. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.c +28 -0
  265. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +60 -0
  266. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +52 -0
  267. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +143 -0
  268. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +42 -0
  269. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +84 -0
  270. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +36 -0
  271. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +94 -0
  272. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +54 -0
  273. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +173 -0
  274. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +36 -0
  275. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +92 -0
  276. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
  277. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
  278. data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
  279. data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
  280. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
  281. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
  282. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
  283. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
  284. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
  285. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
  286. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
  287. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
  288. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
  289. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
  290. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
  291. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
  292. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
  293. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
  294. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
  295. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
  296. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
  297. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
  298. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
  299. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
  300. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
  301. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
  302. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
  303. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
  304. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
  305. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
  306. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
  307. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
  308. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
  309. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
  310. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
  311. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
  312. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
  313. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
  314. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
  315. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
  316. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
  317. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
  318. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
  319. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
  320. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
  321. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
  322. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
  323. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
  324. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
  325. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
  326. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
  327. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
  328. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
  329. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
  330. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
  331. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
  332. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
  333. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
  334. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
  335. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
  336. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
  337. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
  338. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
  339. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
  340. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
  341. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
  342. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
  343. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
  344. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
  345. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
  346. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
  347. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
  348. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
  349. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
  350. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
  351. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
  352. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
  353. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
  354. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
  355. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
  356. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
  357. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
  358. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
  359. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
  360. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
  361. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
  362. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
  363. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
  364. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
  365. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
  366. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
  367. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
  368. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
  369. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
  370. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
  371. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
  372. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
  373. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
  374. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
  375. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
  376. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
  377. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
  378. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
  379. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
  380. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
  381. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
  382. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
  383. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
  384. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
  385. data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
  386. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
  387. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
  388. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
  389. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
  390. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
  391. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
  392. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
  393. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
  394. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
  395. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
  396. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
  397. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
  398. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
  399. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
  400. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
  401. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
  402. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
  403. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
  404. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
  405. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
  406. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
  407. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
  408. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
  409. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
  410. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
  411. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
  412. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
  413. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
  414. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
  415. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
  416. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
  417. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
  418. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
  419. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
  420. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
  421. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
  422. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
  423. data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
  424. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
  425. data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
  426. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
  427. data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
  428. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
  429. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
  430. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
  431. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
  432. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
  433. data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
  434. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
  435. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
  436. data/src/core/ext/xds/certificate_provider_factory.h +61 -0
  437. data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
  438. data/src/core/ext/xds/certificate_provider_registry.h +57 -0
  439. data/src/core/ext/xds/certificate_provider_store.cc +87 -0
  440. data/src/core/ext/xds/certificate_provider_store.h +112 -0
  441. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
  442. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
  443. data/src/core/ext/xds/xds_api.cc +687 -767
  444. data/src/core/ext/xds/xds_api.h +207 -98
  445. data/src/core/ext/xds/xds_bootstrap.cc +172 -25
  446. data/src/core/ext/xds/xds_bootstrap.h +23 -8
  447. data/src/core/ext/xds/xds_certificate_provider.cc +299 -0
  448. data/src/core/ext/xds/xds_certificate_provider.h +112 -0
  449. data/src/core/ext/xds/xds_channel_args.h +6 -3
  450. data/src/core/ext/xds/xds_client.cc +617 -494
  451. data/src/core/ext/xds/xds_client.h +118 -58
  452. data/src/core/ext/xds/xds_client_stats.cc +59 -16
  453. data/src/core/ext/xds/xds_client_stats.h +35 -7
  454. data/src/core/ext/xds/xds_server_config_fetcher.cc +131 -0
  455. data/src/core/lib/channel/channel_args.cc +9 -8
  456. data/src/core/lib/channel/channel_args.h +0 -1
  457. data/src/core/lib/channel/channel_trace.cc +4 -2
  458. data/src/core/lib/channel/channel_trace.h +1 -1
  459. data/src/core/lib/channel/channelz.cc +23 -59
  460. data/src/core/lib/channel/channelz.h +13 -22
  461. data/src/core/lib/channel/channelz_registry.cc +12 -11
  462. data/src/core/lib/channel/channelz_registry.h +3 -1
  463. data/src/core/lib/channel/handshaker.cc +2 -2
  464. data/src/core/lib/channel/handshaker.h +2 -2
  465. data/src/core/lib/compression/compression.cc +8 -4
  466. data/src/core/lib/compression/compression_args.cc +3 -2
  467. data/src/core/lib/compression/compression_internal.cc +10 -5
  468. data/src/core/lib/compression/compression_internal.h +2 -1
  469. data/src/core/lib/compression/stream_compression_identity.cc +1 -3
  470. data/src/core/lib/debug/stats.h +2 -2
  471. data/src/core/lib/debug/stats_data.cc +1 -0
  472. data/src/core/lib/debug/stats_data.h +13 -13
  473. data/src/core/lib/gpr/alloc.cc +3 -2
  474. data/src/core/lib/gpr/cpu_iphone.cc +10 -2
  475. data/src/core/lib/gpr/log.cc +53 -16
  476. data/src/core/lib/gpr/log_linux.cc +19 -3
  477. data/src/core/lib/gpr/log_posix.cc +15 -1
  478. data/src/core/lib/gpr/log_windows.cc +18 -4
  479. data/src/core/lib/gpr/murmur_hash.cc +1 -1
  480. data/src/core/lib/gpr/spinlock.h +10 -2
  481. data/src/core/lib/gpr/string.cc +23 -22
  482. data/src/core/lib/gpr/string.h +5 -6
  483. data/src/core/lib/gpr/sync.cc +4 -4
  484. data/src/core/lib/gpr/time.cc +12 -12
  485. data/src/core/lib/gpr/time_precise.cc +5 -2
  486. data/src/core/lib/gpr/time_precise.h +6 -2
  487. data/src/core/lib/gpr/tls.h +4 -0
  488. data/src/core/lib/gpr/tls_msvc.h +2 -0
  489. data/src/core/lib/gpr/tls_stdcpp.h +48 -0
  490. data/src/core/lib/gpr/useful.h +5 -4
  491. data/src/core/lib/gprpp/arena.h +3 -2
  492. data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
  493. data/src/core/lib/gprpp/examine_stack.cc +43 -0
  494. data/src/core/lib/gprpp/examine_stack.h +46 -0
  495. data/src/core/lib/gprpp/fork.cc +2 -2
  496. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  497. data/src/core/lib/gprpp/orphanable.h +4 -8
  498. data/src/core/lib/gprpp/ref_counted.h +91 -68
  499. data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
  500. data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
  501. data/src/core/lib/gprpp/stat_posix.cc +49 -0
  502. data/src/core/lib/gprpp/stat_windows.cc +48 -0
  503. data/src/core/lib/gprpp/thd.h +2 -2
  504. data/src/core/lib/gprpp/thd_posix.cc +42 -37
  505. data/src/core/lib/gprpp/thd_windows.cc +3 -1
  506. data/src/core/lib/http/httpcli.cc +1 -1
  507. data/src/core/lib/http/httpcli.h +2 -3
  508. data/src/core/lib/http/httpcli_security_connector.cc +1 -1
  509. data/src/core/lib/http/parser.cc +47 -27
  510. data/src/core/lib/iomgr/call_combiner.cc +8 -5
  511. data/src/core/lib/iomgr/combiner.cc +2 -1
  512. data/src/core/lib/iomgr/endpoint.h +1 -1
  513. data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
  514. data/src/core/lib/iomgr/error.cc +17 -12
  515. data/src/core/lib/iomgr/error_internal.h +1 -1
  516. data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
  517. data/src/core/lib/iomgr/ev_epollex_linux.cc +25 -17
  518. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
  519. data/src/core/lib/iomgr/exec_ctx.cc +1 -1
  520. data/src/core/lib/iomgr/exec_ctx.h +16 -12
  521. data/src/core/lib/iomgr/executor.cc +2 -1
  522. data/src/core/lib/iomgr/executor.h +1 -1
  523. data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
  524. data/src/core/lib/iomgr/executor/threadpool.h +4 -4
  525. data/src/core/lib/iomgr/iomgr.cc +1 -1
  526. data/src/core/lib/iomgr/load_file.h +1 -1
  527. data/src/core/lib/iomgr/lockfree_event.cc +19 -14
  528. data/src/core/lib/iomgr/lockfree_event.h +2 -2
  529. data/src/core/lib/iomgr/parse_address.cc +127 -43
  530. data/src/core/lib/iomgr/parse_address.h +32 -8
  531. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
  532. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
  533. data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
  534. data/src/core/lib/iomgr/python_util.h +4 -4
  535. data/src/core/lib/iomgr/resolve_address.cc +4 -4
  536. data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
  537. data/src/core/lib/iomgr/resource_quota.cc +4 -4
  538. data/src/core/lib/iomgr/sockaddr_utils.cc +10 -10
  539. data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
  540. data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
  541. data/src/core/lib/iomgr/socket_mutator.cc +3 -2
  542. data/src/core/lib/iomgr/tcp_client.cc +3 -3
  543. data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
  544. data/src/core/lib/iomgr/tcp_custom.cc +22 -17
  545. data/src/core/lib/iomgr/tcp_posix.cc +12 -8
  546. data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
  547. data/src/core/lib/iomgr/timer_custom.cc +5 -5
  548. data/src/core/lib/iomgr/timer_generic.cc +3 -3
  549. data/src/core/lib/iomgr/timer_manager.cc +2 -2
  550. data/src/core/lib/iomgr/udp_server.cc +1 -2
  551. data/src/core/lib/iomgr/udp_server.h +1 -2
  552. data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
  553. data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
  554. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
  555. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
  556. data/src/core/lib/json/json.h +12 -2
  557. data/src/core/lib/json/json_reader.cc +8 -4
  558. data/src/core/lib/json/json_util.cc +58 -0
  559. data/src/core/lib/json/json_util.h +204 -0
  560. data/src/core/lib/json/json_writer.cc +2 -1
  561. data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
  562. data/src/core/lib/security/authorization/evaluate_args.h +1 -1
  563. data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
  564. data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
  565. data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
  566. data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
  567. data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
  568. data/src/core/lib/security/context/security_context.cc +4 -3
  569. data/src/core/lib/security/context/security_context.h +3 -1
  570. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  571. data/src/core/lib/security/credentials/credentials.cc +7 -7
  572. data/src/core/lib/security/credentials/credentials.h +3 -3
  573. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
  574. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
  575. data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
  576. data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
  577. data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
  578. data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
  579. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
  580. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
  581. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
  582. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
  583. data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -1
  584. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +18 -12
  585. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
  586. data/src/core/lib/security/credentials/jwt/json_token.cc +6 -3
  587. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
  588. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -4
  589. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
  590. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
  591. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
  592. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +5 -5
  593. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
  594. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
  595. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
  596. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
  597. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
  598. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
  599. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
  600. data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
  601. data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
  602. data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
  603. data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
  604. data/src/core/lib/security/credentials/xds/xds_credentials.cc +175 -0
  605. data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
  606. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
  607. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
  608. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
  609. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
  610. data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
  611. data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
  612. data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
  613. data/src/core/lib/security/security_connector/security_connector.cc +4 -3
  614. data/src/core/lib/security/security_connector/security_connector.h +4 -2
  615. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
  616. data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
  617. data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
  618. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +342 -279
  619. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
  620. data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
  621. data/src/core/lib/security/transport/security_handshaker.cc +3 -3
  622. data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
  623. data/src/core/lib/security/util/json_util.h +1 -0
  624. data/src/core/lib/slice/slice.cc +7 -4
  625. data/src/core/lib/slice/slice_buffer.cc +2 -1
  626. data/src/core/lib/slice/slice_intern.cc +6 -7
  627. data/src/core/lib/slice/slice_internal.h +2 -2
  628. data/src/core/lib/surface/call.cc +41 -32
  629. data/src/core/lib/surface/call_details.cc +8 -8
  630. data/src/core/lib/surface/channel.cc +25 -41
  631. data/src/core/lib/surface/channel.h +9 -3
  632. data/src/core/lib/surface/channel_init.cc +1 -1
  633. data/src/core/lib/surface/completion_queue.cc +30 -24
  634. data/src/core/lib/surface/completion_queue.h +16 -16
  635. data/src/core/lib/surface/init.cc +32 -14
  636. data/src/core/lib/surface/lame_client.cc +20 -46
  637. data/src/core/lib/surface/lame_client.h +4 -0
  638. data/src/core/lib/surface/server.cc +63 -17
  639. data/src/core/lib/surface/server.h +39 -7
  640. data/src/core/lib/surface/validate_metadata.h +3 -0
  641. data/src/core/lib/surface/version.cc +2 -2
  642. data/src/core/lib/transport/authority_override.cc +6 -4
  643. data/src/core/lib/transport/authority_override.h +7 -2
  644. data/src/core/lib/transport/bdp_estimator.cc +1 -1
  645. data/src/core/lib/transport/bdp_estimator.h +2 -1
  646. data/src/core/lib/transport/byte_stream.h +3 -3
  647. data/src/core/lib/transport/connectivity_state.h +11 -9
  648. data/src/core/lib/transport/error_utils.h +1 -1
  649. data/src/core/lib/transport/metadata.cc +11 -1
  650. data/src/core/lib/transport/metadata.h +2 -2
  651. data/src/core/lib/transport/metadata_batch.h +4 -4
  652. data/src/core/lib/transport/static_metadata.cc +1 -1
  653. data/src/core/lib/transport/status_metadata.cc +4 -3
  654. data/src/core/lib/transport/timeout_encoding.cc +4 -4
  655. data/src/core/lib/transport/transport.cc +5 -3
  656. data/src/core/lib/transport/transport.h +8 -8
  657. data/src/core/lib/uri/uri_parser.cc +131 -249
  658. data/src/core/lib/uri/uri_parser.h +57 -21
  659. data/src/core/plugin_registry/grpc_plugin_registry.cc +41 -20
  660. data/src/core/tsi/alts/crypt/gsec.cc +5 -4
  661. data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
  662. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
  663. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +27 -26
  664. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
  665. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
  666. data/src/core/tsi/fake_transport_security.cc +6 -3
  667. data/src/core/tsi/local_transport_security.cc +5 -1
  668. data/src/core/tsi/local_transport_security.h +6 -7
  669. data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
  670. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  671. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
  672. data/src/core/tsi/ssl_transport_security.cc +78 -58
  673. data/src/core/tsi/ssl_transport_security.h +9 -6
  674. data/src/core/tsi/transport_security.cc +10 -8
  675. data/src/core/tsi/transport_security_interface.h +1 -1
  676. data/src/ruby/ext/grpc/extconf.rb +1 -1
  677. data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
  678. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
  679. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
  680. data/src/ruby/lib/grpc/version.rb +1 -1
  681. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +28 -0
  682. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
  683. data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
  684. data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
  685. data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
  686. data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
  687. data/third_party/abseil-cpp/absl/base/casts.h +9 -6
  688. data/third_party/abseil-cpp/absl/base/config.h +60 -17
  689. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
  690. data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
  691. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
  692. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
  693. data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
  694. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
  695. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
  696. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
  697. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
  698. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
  699. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
  700. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
  701. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
  702. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
  703. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
  704. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
  705. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
  706. data/third_party/abseil-cpp/absl/base/macros.h +36 -109
  707. data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
  708. data/third_party/abseil-cpp/absl/base/options.h +31 -4
  709. data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
  710. data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
  711. data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
  712. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
  713. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
  714. data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
  715. data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
  716. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
  717. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
  718. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
  719. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
  720. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
  721. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
  722. data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
  723. data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
  724. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
  725. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
  726. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
  727. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
  728. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
  729. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
  730. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
  731. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
  732. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
  733. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
  734. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
  735. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
  736. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
  737. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
  738. data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
  739. data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
  740. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
  741. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
  742. data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
  743. data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
  744. data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
  745. data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
  746. data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
  747. data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
  748. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
  749. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
  750. data/third_party/abseil-cpp/absl/status/status.cc +4 -6
  751. data/third_party/abseil-cpp/absl/status/status.h +502 -113
  752. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
  753. data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
  754. data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
  755. data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
  756. data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
  757. data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
  758. data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
  759. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
  760. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
  761. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
  762. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
  763. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
  764. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
  765. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
  766. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
  767. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
  768. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
  769. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
  770. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
  771. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
  772. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
  773. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
  774. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
  775. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
  776. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
  777. data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
  778. data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
  779. data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
  780. data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
  781. data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
  782. data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
  783. data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
  784. data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
  785. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
  786. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
  787. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
  788. data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
  789. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
  790. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
  791. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
  792. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
  793. data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
  794. data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
  795. data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
  796. data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
  797. data/third_party/abseil-cpp/absl/time/format.cc +43 -36
  798. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
  799. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
  800. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
  801. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
  802. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
  803. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
  804. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
  805. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
  806. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
  807. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
  808. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
  809. data/third_party/abseil-cpp/absl/time/time.h +15 -16
  810. data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
  811. data/third_party/abseil-cpp/absl/types/optional.h +9 -9
  812. data/third_party/abseil-cpp/absl/types/span.h +49 -36
  813. data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
  814. data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
  815. data/third_party/boringssl-with-bazel/err_data.c +469 -463
  816. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -6
  817. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
  818. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
  819. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
  820. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
  821. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
  822. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
  823. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
  824. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
  825. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
  826. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
  827. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +56 -22
  828. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
  829. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +98 -11
  830. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +51 -6
  831. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
  832. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
  833. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
  834. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
  835. data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
  836. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
  837. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
  838. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
  839. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +7 -2
  840. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +21 -18
  841. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
  842. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +24 -3
  843. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
  844. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
  845. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +3 -3
  846. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
  847. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +13 -2
  848. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
  849. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
  850. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +2 -2
  851. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
  852. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
  853. data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
  854. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
  855. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
  856. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +7 -3
  857. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +2 -2
  858. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
  859. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
  860. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
  861. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -1
  862. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
  863. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
  864. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -1
  865. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +6 -3
  866. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
  867. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +6 -0
  868. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
  869. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
  870. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +12 -0
  871. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +9 -0
  872. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +4 -1
  873. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
  874. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
  875. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +64 -3
  876. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
  877. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
  878. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +188 -78
  879. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +482 -432
  880. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
  881. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
  882. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +18 -18
  883. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -3
  884. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
  885. data/third_party/boringssl-with-bazel/src/ssl/internal.h +45 -10
  886. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
  887. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
  888. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
  889. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
  890. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
  891. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
  892. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +57 -19
  893. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +135 -41
  894. data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
  895. data/third_party/upb/upb/decode.c +248 -167
  896. data/third_party/upb/upb/decode.h +20 -1
  897. data/third_party/upb/upb/decode.int.h +163 -0
  898. data/third_party/upb/upb/decode_fast.c +1040 -0
  899. data/third_party/upb/upb/decode_fast.h +126 -0
  900. data/third_party/upb/upb/def.c +2178 -0
  901. data/third_party/upb/upb/def.h +315 -0
  902. data/third_party/upb/upb/def.hpp +439 -0
  903. data/third_party/upb/upb/encode.c +227 -169
  904. data/third_party/upb/upb/encode.h +27 -2
  905. data/third_party/upb/upb/json_decode.c +1443 -0
  906. data/third_party/upb/upb/json_decode.h +23 -0
  907. data/third_party/upb/upb/json_encode.c +713 -0
  908. data/third_party/upb/upb/json_encode.h +36 -0
  909. data/third_party/upb/upb/msg.c +167 -88
  910. data/third_party/upb/upb/msg.h +174 -34
  911. data/third_party/upb/upb/port_def.inc +74 -61
  912. data/third_party/upb/upb/port_undef.inc +3 -7
  913. data/third_party/upb/upb/reflection.c +408 -0
  914. data/third_party/upb/upb/reflection.h +168 -0
  915. data/third_party/upb/upb/table.c +34 -197
  916. data/third_party/upb/upb/table.int.h +14 -5
  917. data/third_party/upb/upb/text_encode.c +421 -0
  918. data/third_party/upb/upb/text_encode.h +38 -0
  919. data/third_party/upb/upb/upb.c +18 -41
  920. data/third_party/upb/upb/upb.h +36 -7
  921. data/third_party/upb/upb/upb.hpp +4 -4
  922. data/third_party/upb/upb/upb.int.h +29 -0
  923. metadata +288 -54
  924. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
  925. data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
  926. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
  927. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
  928. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
  929. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
  930. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
  931. data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
  932. data/src/core/ext/xds/xds_channel.h +0 -46
  933. data/src/core/ext/xds/xds_channel_secure.cc +0 -103
  934. data/src/core/lib/gprpp/map.h +0 -53
  935. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
  936. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
  937. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
  938. data/third_party/upb/upb/port.c +0 -26
data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c CHANGED
@@ -424,12 +424,6 @@ int ASN1_STRING_length(const ASN1_STRING *x)
424
424
  return M_ASN1_STRING_length(x);
425
425
  }
426
426
 
427
- void ASN1_STRING_length_set(ASN1_STRING *x, int len)
428
- {
429
- M_ASN1_STRING_length_set(x, len);
430
- return;
431
- }
432
-
433
427
  int ASN1_STRING_type(const ASN1_STRING *x)
434
428
  {
435
429
  return M_ASN1_STRING_type(x);
data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c CHANGED
@@ -262,6 +262,8 @@ int BIO_should_io_special(const BIO *bio) {
262
262
 
263
263
  int BIO_get_retry_reason(const BIO *bio) { return bio->retry_reason; }
264
264
 
265
+ void BIO_set_retry_reason(BIO *bio, int reason) { bio->retry_reason = reason; }
266
+
265
267
  void BIO_clear_flags(BIO *bio, int flags) {
266
268
  bio->flags &= ~flags;
267
269
  }
data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c CHANGED
@@ -72,12 +72,11 @@
72
72
  #include <openssl/sha.h>
73
73
  #include <openssl/thread.h>
74
74
 
75
+ #include "internal.h"
75
76
  #include "../fipsmodule/bn/internal.h"
76
77
  #include "../internal.h"
77
78
 
78
79
 
79
- #define OPENSSL_DSA_MAX_MODULUS_BITS 10000
80
-
81
80
  // Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
82
81
  // Miller-Rabin.
83
82
  #define DSS_prime_checks 50
@@ -568,23 +567,7 @@ static int mod_mul_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
568
567
  }
569
568
 
570
569
  DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) {
571
- if (!dsa->p || !dsa->q || !dsa->g) {
572
- OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
573
- return NULL;
574
- }
575
-
576
- // Reject invalid parameters. In particular, the algorithm will infinite loop
577
- // if |g| is zero.
578
- if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
579
- OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
580
- return NULL;
581
- }
582
-
583
- // We only support DSA keys that are a multiple of 8 bits. (This is a weaker
584
- // check than the one in |DSA_do_check_signature|, which only allows 160-,
585
- // 224-, and 256-bit keys.
586
- if (BN_num_bits(dsa->q) % 8 != 0) {
587
- OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
570
+ if (!dsa_check_parameters(dsa)) {
588
571
  return NULL;
589
572
  }
590
573
 
@@ -678,35 +661,17 @@ int DSA_do_verify(const uint8_t *digest, size_t digest_len, DSA_SIG *sig,
678
661
 
679
662
  int DSA_do_check_signature(int *out_valid, const uint8_t *digest,
680
663
  size_t digest_len, DSA_SIG *sig, const DSA *dsa) {
681
- BN_CTX *ctx;
682
- BIGNUM u1, u2, t1;
683
- int ret = 0;
684
- unsigned i;
685
-
686
664
  *out_valid = 0;
687
-
688
- if (!dsa->p || !dsa->q || !dsa->g) {
689
- OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
690
- return 0;
691
- }
692
-
693
- i = BN_num_bits(dsa->q);
694
- // FIPS 186-3 allows only different sizes for q.
695
- if (i != 160 && i != 224 && i != 256) {
696
- OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
697
- return 0;
698
- }
699
-
700
- if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
701
- OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE);
665
+ if (!dsa_check_parameters(dsa)) {
702
666
  return 0;
703
667
  }
704
668
 
669
+ int ret = 0;
670
+ BIGNUM u1, u2, t1;
705
671
  BN_init(&u1);
706
672
  BN_init(&u2);
707
673
  BN_init(&t1);
708
-
709
- ctx = BN_CTX_new();
674
+ BN_CTX *ctx = BN_CTX_new();
710
675
  if (ctx == NULL) {
711
676
  goto err;
712
677
  }
@@ -729,11 +694,12 @@ int DSA_do_check_signature(int *out_valid, const uint8_t *digest,
729
694
  }
730
695
 
731
696
  // save M in u1
732
- if (digest_len > (i >> 3)) {
697
+ unsigned q_bits = BN_num_bits(dsa->q);
698
+ if (digest_len > (q_bits >> 3)) {
733
699
  // if the digest length is greater than the size of q use the
734
700
  // BN_num_bits(dsa->q) leftmost bits of the digest, see
735
701
  // fips 186-3, 4.2
736
- digest_len = (i >> 3);
702
+ digest_len = (q_bits >> 3);
737
703
  }
738
704
 
739
705
  if (BN_bin2bn(digest, digest_len, &u1) == NULL) {
data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c CHANGED
@@ -61,9 +61,45 @@
61
61
  #include <openssl/err.h>
62
62
  #include <openssl/mem.h>
63
63
 
64
+ #include "internal.h"
64
65
  #include "../bytestring/internal.h"
65
66
 
66
67
 
68
+ #define OPENSSL_DSA_MAX_MODULUS_BITS 10000
69
+
70
+ // This function is in dsa_asn1.c rather than dsa.c because it is reachable from
71
+ // |EVP_PKEY| parsers. This makes it easier for the static linker to drop most
72
+ // of the DSA implementation.
73
+ int dsa_check_parameters(const DSA *dsa) {
74
+ if (!dsa->p || !dsa->q || !dsa->g) {
75
+ OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
76
+ return 0;
77
+ }
78
+
79
+ // Reject invalid parameters. In particular, signing will infinite loop if |g|
80
+ // is zero.
81
+ if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
82
+ OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
83
+ return 0;
84
+ }
85
+
86
+ // FIPS 186-4 allows only three different sizes for q.
87
+ unsigned q_bits = BN_num_bits(dsa->q);
88
+ if (q_bits != 160 && q_bits != 224 && q_bits != 256) {
89
+ OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
90
+ return 0;
91
+ }
92
+
93
+ // Bound |dsa->p| to avoid a DoS vector. Note this limit is much larger than
94
+ // the one in FIPS 186-4, which only allows L = 1024, 2048, and 3072.
95
+ if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
96
+ OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE);
97
+ return 0;
98
+ }
99
+
100
+ return 1;
101
+ }
102
+
67
103
  static int parse_integer(CBS *cbs, BIGNUM **out) {
68
104
  assert(*out == NULL);
69
105
  *out = BN_new();
@@ -124,10 +160,16 @@ DSA *DSA_parse_public_key(CBS *cbs) {
124
160
  !parse_integer(&child, &ret->g) ||
125
161
  CBS_len(&child) != 0) {
126
162
  OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
127
- DSA_free(ret);
128
- return NULL;
163
+ goto err;
164
+ }
165
+ if (!dsa_check_parameters(ret)) {
166
+ goto err;
129
167
  }
130
168
  return ret;
169
+
170
+ err:
171
+ DSA_free(ret);
172
+ return NULL;
131
173
  }
132
174
 
133
175
  int DSA_marshal_public_key(CBB *cbb, const DSA *dsa) {
@@ -156,10 +198,16 @@ DSA *DSA_parse_parameters(CBS *cbs) {
156
198
  !parse_integer(&child, &ret->g) ||
157
199
  CBS_len(&child) != 0) {
158
200
  OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
159
- DSA_free(ret);
160
- return NULL;
201
+ goto err;
202
+ }
203
+ if (!dsa_check_parameters(ret)) {
204
+ goto err;
161
205
  }
162
206
  return ret;
207
+
208
+ err:
209
+ DSA_free(ret);
210
+ return NULL;
163
211
  }
164
212
 
165
213
  int DSA_marshal_parameters(CBB *cbb, const DSA *dsa) {
@@ -203,6 +251,9 @@ DSA *DSA_parse_private_key(CBS *cbs) {
203
251
  OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
204
252
  goto err;
205
253
  }
254
+ if (!dsa_check_parameters(ret)) {
255
+ goto err;
256
+ }
206
257
  return ret;
207
258
 
208
259
  err:
data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h ADDED
@@ -0,0 +1,34 @@
1
+ /* Copyright (c) 2020, Google Inc.
2
+ *
3
+ * Permission to use, copy, modify, and/or distribute this software for any
4
+ * purpose with or without fee is hereby granted, provided that the above
5
+ * copyright notice and this permission notice appear in all copies.
6
+ *
7
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
+
15
+ #ifndef OPENSSL_HEADER_DSA_INTERNAL_H
16
+ #define OPENSSL_HEADER_DSA_INTERNAL_H
17
+
18
+ #include <openssl/dsa.h>
19
+
20
+ #if defined(__cplusplus)
21
+ extern "C" {
22
+ #endif
23
+
24
+
25
+ // dsa_check_parameters checks that |dsa|'s group is within DoS bounds. It
26
+ // returns one on success and zero on error.
27
+ int dsa_check_parameters(const DSA *dsa);
28
+
29
+
30
+ #if defined(__cplusplus)
31
+ } // extern C
32
+ #endif
33
+
34
+ #endif // OPENSSL_HEADER_DSA_INTERNAL_H
data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c CHANGED
@@ -76,6 +76,10 @@
76
76
  // TODO(davidben): Fix Node to not touch the error queue itself and remove this.
77
77
  OPENSSL_DECLARE_ERROR_REASON(EVP, NOT_XOF_OR_INVALID_LENGTH)
78
78
 
79
+ // The HPKE module uses the EVP error namespace, but it lives in another
80
+ // directory.
81
+ OPENSSL_DECLARE_ERROR_REASON(EVP, EMPTY_PSK)
82
+
79
83
  EVP_PKEY *EVP_PKEY_new(void) {
80
84
  EVP_PKEY *ret;
81
85
 
data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c CHANGED
@@ -141,9 +141,13 @@ static int dsa_priv_decode(EVP_PKEY *out, CBS *params, CBS *key) {
141
141
  goto err;
142
142
  }
143
143
 
144
- // Decode the key.
144
+ // Decode the key. To avoid DoS attacks when importing private keys, we bound
145
+ // |dsa->priv_key| against |dsa->q|, which itself bound by
146
+ // |DSA_parse_parameters|. (We cannot call |BN_num_bits| on |dsa->priv_key|.
147
+ // That would leak a secret bit width.)
145
148
  if (!BN_parse_asn1_unsigned(key, dsa->priv_key) ||
146
- CBS_len(key) != 0) {
149
+ CBS_len(key) != 0 ||
150
+ BN_cmp(dsa->priv_key, dsa->q) >= 0) {
147
151
  OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
148
152
  goto err;
149
153
  }
data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c CHANGED
@@ -68,6 +68,8 @@
68
68
  OPENSSL_MSVC_PRAGMA(warning(push))
69
69
  OPENSSL_MSVC_PRAGMA(warning(disable: 4702)) // Unreachable code.
70
70
 
71
+ #define AES_GCM_NONCE_LENGTH 12
72
+
71
73
  #if defined(BSAES)
72
74
  static void vpaes_ctr32_encrypt_blocks_with_bsaes(const uint8_t *in,
73
75
  uint8_t *out, size_t blocks,
@@ -630,7 +632,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_128_gcm_generic) {
630
632
  out->nid = NID_aes_128_gcm;
631
633
  out->block_size = 1;
632
634
  out->key_len = 16;
633
- out->iv_len = 12;
635
+ out->iv_len = AES_GCM_NONCE_LENGTH;
634
636
  out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
635
637
  out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
636
638
  EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
@@ -698,7 +700,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_192_gcm_generic) {
698
700
  out->nid = NID_aes_192_gcm;
699
701
  out->block_size = 1;
700
702
  out->key_len = 24;
701
- out->iv_len = 12;
703
+ out->iv_len = AES_GCM_NONCE_LENGTH;
702
704
  out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
703
705
  out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
704
706
  EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
@@ -766,7 +768,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_256_gcm_generic) {
766
768
  out->nid = NID_aes_256_gcm;
767
769
  out->block_size = 1;
768
770
  out->key_len = 32;
769
- out->iv_len = 12;
771
+ out->iv_len = AES_GCM_NONCE_LENGTH;
770
772
  out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
771
773
  out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
772
774
  EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
@@ -931,21 +933,19 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
931
933
 
932
934
  static void aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx) {}
933
935
 
934
- static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
935
- uint8_t *out_tag, size_t *out_tag_len,
936
- size_t max_out_tag_len,
937
- const uint8_t *nonce, size_t nonce_len,
938
- const uint8_t *in, size_t in_len,
939
- const uint8_t *extra_in,
940
- size_t extra_in_len,
941
- const uint8_t *ad, size_t ad_len) {
942
- struct aead_aes_gcm_ctx *gcm_ctx = (struct aead_aes_gcm_ctx *) &ctx->state;
943
-
944
- if (extra_in_len + ctx->tag_len < ctx->tag_len) {
936
+ static int aead_aes_gcm_seal_scatter_impl(
937
+ const struct aead_aes_gcm_ctx *gcm_ctx,
938
+ uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len,
939
+ const uint8_t *nonce, size_t nonce_len,
940
+ const uint8_t *in, size_t in_len,
941
+ const uint8_t *extra_in, size_t extra_in_len,
942
+ const uint8_t *ad, size_t ad_len,
943
+ size_t tag_len) {
944
+ if (extra_in_len + tag_len < tag_len) {
945
945
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
946
946
  return 0;
947
947
  }
948
- if (max_out_tag_len < extra_in_len + ctx->tag_len) {
948
+ if (max_out_tag_len < extra_in_len + tag_len) {
949
949
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
950
950
  return 0;
951
951
  }
@@ -989,18 +989,35 @@ static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
989
989
  }
990
990
  }
991
991
 
992
- CRYPTO_gcm128_tag(&gcm, out_tag + extra_in_len, ctx->tag_len);
993
- *out_tag_len = ctx->tag_len + extra_in_len;
992
+ CRYPTO_gcm128_tag(&gcm, out_tag + extra_in_len, tag_len);
993
+ *out_tag_len = tag_len + extra_in_len;
994
994
 
995
995
  return 1;
996
996
  }
997
997
 
998
- static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
999
- const uint8_t *nonce, size_t nonce_len,
1000
- const uint8_t *in, size_t in_len,
1001
- const uint8_t *in_tag, size_t in_tag_len,
1002
- const uint8_t *ad, size_t ad_len) {
1003
- struct aead_aes_gcm_ctx *gcm_ctx = (struct aead_aes_gcm_ctx *) &ctx->state;
998
+ static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
999
+ uint8_t *out_tag, size_t *out_tag_len,
1000
+ size_t max_out_tag_len,
1001
+ const uint8_t *nonce, size_t nonce_len,
1002
+ const uint8_t *in, size_t in_len,
1003
+ const uint8_t *extra_in,
1004
+ size_t extra_in_len,
1005
+ const uint8_t *ad, size_t ad_len) {
1006
+ const struct aead_aes_gcm_ctx *gcm_ctx =
1007
+ (const struct aead_aes_gcm_ctx *)&ctx->state;
1008
+ return aead_aes_gcm_seal_scatter_impl(
1009
+ gcm_ctx, out, out_tag, out_tag_len, max_out_tag_len, nonce, nonce_len, in,
1010
+ in_len, extra_in, extra_in_len, ad, ad_len, ctx->tag_len);
1011
+ }
1012
+
1013
+ static int aead_aes_gcm_open_gather_impl(const struct aead_aes_gcm_ctx *gcm_ctx,
1014
+ uint8_t *out,
1015
+ const uint8_t *nonce, size_t nonce_len,
1016
+ const uint8_t *in, size_t in_len,
1017
+ const uint8_t *in_tag,
1018
+ size_t in_tag_len,
1019
+ const uint8_t *ad, size_t ad_len,
1020
+ size_t tag_len) {
1004
1021
  uint8_t tag[EVP_AEAD_AES_GCM_TAG_LEN];
1005
1022
 
1006
1023
  if (nonce_len == 0) {
@@ -1008,7 +1025,7 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
1008
1025
  return 0;
1009
1026
  }
1010
1027
 
1011
- if (in_tag_len != ctx->tag_len) {
1028
+ if (in_tag_len != tag_len) {
1012
1029
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
1013
1030
  return 0;
1014
1031
  }
@@ -1035,8 +1052,8 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
1035
1052
  }
1036
1053
  }
1037
1054
 
1038
- CRYPTO_gcm128_tag(&gcm, tag, ctx->tag_len);
1039
- if (CRYPTO_memcmp(tag, in_tag, ctx->tag_len) != 0) {
1055
+ CRYPTO_gcm128_tag(&gcm, tag, tag_len);
1056
+ if (CRYPTO_memcmp(tag, in_tag, tag_len) != 0) {
1040
1057
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
1041
1058
  return 0;
1042
1059
  }
@@ -1044,11 +1061,22 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
1044
1061
  return 1;
1045
1062
  }
1046
1063
 
1064
+ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
1065
+ const uint8_t *nonce, size_t nonce_len,
1066
+ const uint8_t *in, size_t in_len,
1067
+ const uint8_t *in_tag, size_t in_tag_len,
1068
+ const uint8_t *ad, size_t ad_len) {
1069
+ struct aead_aes_gcm_ctx *gcm_ctx = (struct aead_aes_gcm_ctx *)&ctx->state;
1070
+ return aead_aes_gcm_open_gather_impl(gcm_ctx, out, nonce, nonce_len, in,
1071
+ in_len, in_tag, in_tag_len, ad, ad_len,
1072
+ ctx->tag_len);
1073
+ }
1074
+
1047
1075
  DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm) {
1048
1076
  memset(out, 0, sizeof(EVP_AEAD));
1049
1077
 
1050
1078
  out->key_len = 16;
1051
- out->nonce_len = 12;
1079
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1052
1080
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1053
1081
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1054
1082
  out->seal_scatter_supports_extra_in = 1;
@@ -1063,7 +1091,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_192_gcm) {
1063
1091
  memset(out, 0, sizeof(EVP_AEAD));
1064
1092
 
1065
1093
  out->key_len = 24;
1066
- out->nonce_len = 12;
1094
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1067
1095
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1068
1096
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1069
1097
  out->seal_scatter_supports_extra_in = 1;
@@ -1078,7 +1106,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm) {
1078
1106
  memset(out, 0, sizeof(EVP_AEAD));
1079
1107
 
1080
1108
  out->key_len = 32;
1081
- out->nonce_len = 12;
1109
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1082
1110
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1083
1111
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1084
1112
  out->seal_scatter_supports_extra_in = 1;
@@ -1089,6 +1117,116 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm) {
1089
1117
  out->open_gather = aead_aes_gcm_open_gather;
1090
1118
  }
1091
1119
 
1120
+ static int aead_aes_gcm_init_randnonce(EVP_AEAD_CTX *ctx, const uint8_t *key,
1121
+ size_t key_len,
1122
+ size_t requested_tag_len) {
1123
+ if (requested_tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH) {
1124
+ if (requested_tag_len < AES_GCM_NONCE_LENGTH) {
1125
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
1126
+ return 0;
1127
+ }
1128
+ requested_tag_len -= AES_GCM_NONCE_LENGTH;
1129
+ }
1130
+
1131
+ if (!aead_aes_gcm_init(ctx, key, key_len, requested_tag_len)) {
1132
+ return 0;
1133
+ }
1134
+
1135
+ ctx->tag_len += AES_GCM_NONCE_LENGTH;
1136
+ return 1;
1137
+ }
1138
+
1139
+ static int aead_aes_gcm_seal_scatter_randnonce(
1140
+ const EVP_AEAD_CTX *ctx,
1141
+ uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len,
1142
+ const uint8_t *external_nonce, size_t external_nonce_len,
1143
+ const uint8_t *in, size_t in_len,
1144
+ const uint8_t *extra_in, size_t extra_in_len,
1145
+ const uint8_t *ad, size_t ad_len) {
1146
+ if (external_nonce_len != 0) {
1147
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE);
1148
+ return 0;
1149
+ }
1150
+
1151
+ uint8_t nonce[AES_GCM_NONCE_LENGTH];
1152
+ if (max_out_tag_len < sizeof(nonce)) {
1153
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
1154
+ return 0;
1155
+ }
1156
+
1157
+ RAND_bytes(nonce, sizeof(nonce));
1158
+ const struct aead_aes_gcm_ctx *gcm_ctx =
1159
+ (const struct aead_aes_gcm_ctx *)&ctx->state;
1160
+ if (!aead_aes_gcm_seal_scatter_impl(gcm_ctx, out, out_tag, out_tag_len,
1161
+ max_out_tag_len - AES_GCM_NONCE_LENGTH,
1162
+ nonce, sizeof(nonce), in, in_len,
1163
+ extra_in, extra_in_len, ad, ad_len,
1164
+ ctx->tag_len - AES_GCM_NONCE_LENGTH)) {
1165
+ return 0;
1166
+ }
1167
+
1168
+ assert(*out_tag_len + sizeof(nonce) <= max_out_tag_len);
1169
+ memcpy(out_tag + *out_tag_len, nonce, sizeof(nonce));
1170
+ *out_tag_len += sizeof(nonce);
1171
+
1172
+ return 1;
1173
+ }
1174
+
1175
+ static int aead_aes_gcm_open_gather_randnonce(
1176
+ const EVP_AEAD_CTX *ctx, uint8_t *out,
1177
+ const uint8_t *external_nonce, size_t external_nonce_len,
1178
+ const uint8_t *in, size_t in_len,
1179
+ const uint8_t *in_tag, size_t in_tag_len,
1180
+ const uint8_t *ad, size_t ad_len) {
1181
+ if (external_nonce_len != 0) {
1182
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE);
1183
+ return 0;
1184
+ }
1185
+
1186
+ if (in_tag_len < AES_GCM_NONCE_LENGTH) {
1187
+ OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
1188
+ return 0;
1189
+ }
1190
+ const uint8_t *nonce = in_tag + in_tag_len - AES_GCM_NONCE_LENGTH;
1191
+
1192
+ const struct aead_aes_gcm_ctx *gcm_ctx =
1193
+ (const struct aead_aes_gcm_ctx *)&ctx->state;
1194
+ return aead_aes_gcm_open_gather_impl(
1195
+ gcm_ctx, out, nonce, AES_GCM_NONCE_LENGTH, in, in_len, in_tag,
1196
+ in_tag_len - AES_GCM_NONCE_LENGTH, ad, ad_len,
1197
+ ctx->tag_len - AES_GCM_NONCE_LENGTH);
1198
+ }
1199
+
1200
+ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_randnonce) {
1201
+ memset(out, 0, sizeof(EVP_AEAD));
1202
+
1203
+ out->key_len = 16;
1204
+ out->nonce_len = 0;
1205
+ out->overhead = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
1206
+ out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
1207
+ out->seal_scatter_supports_extra_in = 1;
1208
+
1209
+ out->init = aead_aes_gcm_init_randnonce;
1210
+ out->cleanup = aead_aes_gcm_cleanup;
1211
+ out->seal_scatter = aead_aes_gcm_seal_scatter_randnonce;
1212
+ out->open_gather = aead_aes_gcm_open_gather_randnonce;
1213
+ }
1214
+
1215
+ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_randnonce) {
1216
+ memset(out, 0, sizeof(EVP_AEAD));
1217
+
1218
+ out->key_len = 32;
1219
+ out->nonce_len = 0;
1220
+ out->overhead = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
1221
+ out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
1222
+ out->seal_scatter_supports_extra_in = 1;
1223
+
1224
+ out->init = aead_aes_gcm_init_randnonce;
1225
+ out->cleanup = aead_aes_gcm_cleanup;
1226
+ out->seal_scatter = aead_aes_gcm_seal_scatter_randnonce;
1227
+ out->open_gather = aead_aes_gcm_open_gather_randnonce;
1228
+ }
1229
+
1092
1230
  struct aead_aes_gcm_tls12_ctx {
1093
1231
  struct aead_aes_gcm_ctx gcm_ctx;
1094
1232
  uint64_t min_next_nonce;
@@ -1128,7 +1266,7 @@ static int aead_aes_gcm_tls12_seal_scatter(
1128
1266
  struct aead_aes_gcm_tls12_ctx *gcm_ctx =
1129
1267
  (struct aead_aes_gcm_tls12_ctx *) &ctx->state;
1130
1268
 
1131
- if (nonce_len != 12) {
1269
+ if (nonce_len != AES_GCM_NONCE_LENGTH) {
1132
1270
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
1133
1271
  return 0;
1134
1272
  }
@@ -1155,7 +1293,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_tls12) {
1155
1293
  memset(out, 0, sizeof(EVP_AEAD));
1156
1294
 
1157
1295
  out->key_len = 16;
1158
- out->nonce_len = 12;
1296
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1159
1297
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1160
1298
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1161
1299
  out->seal_scatter_supports_extra_in = 1;
@@ -1170,7 +1308,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_tls12) {
1170
1308
  memset(out, 0, sizeof(EVP_AEAD));
1171
1309
 
1172
1310
  out->key_len = 32;
1173
- out->nonce_len = 12;
1311
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1174
1312
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1175
1313
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1176
1314
  out->seal_scatter_supports_extra_in = 1;
@@ -1223,7 +1361,7 @@ static int aead_aes_gcm_tls13_seal_scatter(
1223
1361
  struct aead_aes_gcm_tls13_ctx *gcm_ctx =
1224
1362
  (struct aead_aes_gcm_tls13_ctx *) &ctx->state;
1225
1363
 
1226
- if (nonce_len != 12) {
1364
+ if (nonce_len != AES_GCM_NONCE_LENGTH) {
1227
1365
  OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
1228
1366
  return 0;
1229
1367
  }
@@ -1261,7 +1399,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_tls13) {
1261
1399
  memset(out, 0, sizeof(EVP_AEAD));
1262
1400
 
1263
1401
  out->key_len = 16;
1264
- out->nonce_len = 12;
1402
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1265
1403
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1266
1404
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1267
1405
  out->seal_scatter_supports_extra_in = 1;
@@ -1276,7 +1414,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_tls13) {
1276
1414
  memset(out, 0, sizeof(EVP_AEAD));
1277
1415
 
1278
1416
  out->key_len = 32;
1279
- out->nonce_len = 12;
1417
+ out->nonce_len = AES_GCM_NONCE_LENGTH;
1280
1418
  out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
1281
1419
  out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1282
1420
  out->seal_scatter_supports_extra_in = 1;