grpc 1.32.0 → 1.35.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1078 -3049
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +15 -7
- data/include/grpc/grpc_security.h +222 -171
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +10 -8
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +22 -55
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +2776 -1529
- data/src/core/ext/filters/client_channel/client_channel.h +0 -4
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
- data/src/core/ext/filters/client_channel/config_selector.h +40 -8
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +5 -6
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
- data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +201 -190
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +4 -4
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +50 -20
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +341 -127
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +24 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +812 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1262 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
- data/src/core/ext/filters/client_channel/resolver.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver.h +4 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +9 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +454 -16
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +7 -10
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +34 -27
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +618 -366
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
- data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +80 -0
- data/src/core/ext/filters/client_channel/server_address.h +21 -36
- data/src/core/ext/filters/client_channel/service_config.cc +18 -13
- data/src/core/ext/filters/client_channel/service_config.h +8 -5
- data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
- data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
- data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
- data/src/core/ext/filters/client_channel/subchannel.cc +51 -64
- data/src/core/ext/filters/client_channel/subchannel.h +14 -20
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
- data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
- data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +185 -79
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -32
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +177 -99
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +642 -202
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +22 -22
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +47 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -44
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +200 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +39 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +157 -89
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +92 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +46 -26
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +179 -68
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +39 -22
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +149 -48
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +38 -22
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +321 -194
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1228 -443
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +132 -80
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +516 -166
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +24 -25
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +96 -71
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -8
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +46 -8
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +71 -29
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +41 -31
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +165 -64
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +34 -34
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +142 -59
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +173 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +92 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
- data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +687 -767
- data/src/core/ext/xds/xds_api.h +207 -98
- data/src/core/ext/xds/xds_bootstrap.cc +172 -25
- data/src/core/ext/xds/xds_bootstrap.h +23 -8
- data/src/core/ext/xds/xds_certificate_provider.cc +299 -0
- data/src/core/ext/xds/xds_certificate_provider.h +112 -0
- data/src/core/ext/xds/xds_channel_args.h +6 -3
- data/src/core/ext/xds/xds_client.cc +617 -494
- data/src/core/ext/xds/xds_client.h +118 -58
- data/src/core/ext/xds/xds_client_stats.cc +59 -16
- data/src/core/ext/xds/xds_client_stats.h +35 -7
- data/src/core/ext/xds/xds_server_config_fetcher.cc +131 -0
- data/src/core/lib/channel/channel_args.cc +9 -8
- data/src/core/lib/channel/channel_args.h +0 -1
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +23 -59
- data/src/core/lib/channel/channelz.h +13 -22
- data/src/core/lib/channel/channelz_registry.cc +12 -11
- data/src/core/lib/channel/channelz_registry.h +3 -1
- data/src/core/lib/channel/handshaker.cc +2 -2
- data/src/core/lib/channel/handshaker.h +2 -2
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +53 -16
- data/src/core/lib/gpr/log_linux.cc +19 -3
- data/src/core/lib/gpr/log_posix.cc +15 -1
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +23 -22
- data/src/core/lib/gpr/string.h +5 -6
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/time.cc +12 -12
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +91 -68
- data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +1 -1
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
- data/src/core/lib/iomgr/error.cc +17 -12
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
- data/src/core/lib/iomgr/ev_epollex_linux.cc +25 -17
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/exec_ctx.h +16 -12
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +127 -43
- data/src/core/lib/iomgr/parse_address.h +32 -8
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
- data/src/core/lib/iomgr/python_util.h +4 -4
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/resource_quota.cc +4 -4
- data/src/core/lib/iomgr/sockaddr_utils.cc +10 -10
- data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
- data/src/core/lib/iomgr/tcp_custom.cc +22 -17
- data/src/core/lib/iomgr/tcp_posix.cc +12 -8
- data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +3 -3
- data/src/core/lib/iomgr/timer_manager.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/udp_server.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +12 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +204 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
- data/src/core/lib/security/authorization/evaluate_args.h +1 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +7 -7
- data/src/core/lib/security/credentials/credentials.h +3 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +18 -12
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +6 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +8 -4
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +5 -5
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
- data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +175 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +4 -3
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +342 -279
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +3 -3
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +6 -7
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/call.cc +41 -32
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/channel.cc +25 -41
- data/src/core/lib/surface/channel.h +9 -3
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +30 -24
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/init.cc +32 -14
- data/src/core/lib/surface/lame_client.cc +20 -46
- data/src/core/lib/surface/lame_client.h +4 -0
- data/src/core/lib/surface/server.cc +63 -17
- data/src/core/lib/surface/server.h +39 -7
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +6 -4
- data/src/core/lib/transport/authority_override.h +7 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +11 -9
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +11 -1
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.h +4 -4
- data/src/core/lib/transport/static_metadata.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +8 -8
- data/src/core/lib/uri/uri_parser.cc +131 -249
- data/src/core/lib/uri/uri_parser.h +57 -21
- data/src/core/plugin_registry/grpc_plugin_registry.cc +41 -20
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +27 -26
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +6 -3
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
- data/src/core/tsi/ssl_transport_security.cc +78 -58
- data/src/core/tsi/ssl_transport_security.h +9 -6
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security_interface.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +28 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +469 -463
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +56 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +98 -11
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +51 -6
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +7 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +21 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +24 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +13 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +0 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +6 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +12 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +4 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +64 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +188 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +482 -432
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +18 -18
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +45 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +57 -19
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +135 -41
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +248 -167
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +227 -169
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/json_decode.c +1443 -0
- data/third_party/upb/upb/json_decode.h +23 -0
- data/third_party/upb/upb/json_encode.c +713 -0
- data/third_party/upb/upb/json_encode.h +36 -0
- data/third_party/upb/upb/msg.c +167 -88
- data/third_party/upb/upb/msg.h +174 -34
- data/third_party/upb/upb/port_def.inc +74 -61
- data/third_party/upb/upb/port_undef.inc +3 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +34 -197
- data/third_party/upb/upb/table.int.h +14 -5
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +18 -41
- data/third_party/upb/upb/upb.h +36 -7
- data/third_party/upb/upb/upb.hpp +4 -4
- data/third_party/upb/upb/upb.int.h +29 -0
- metadata +288 -54
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/xds/xds_channel.h +0 -46
- data/src/core/ext/xds/xds_channel_secure.cc +0 -103
- data/src/core/lib/gprpp/map.h +0 -53
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/upb/upb/port.c +0 -26
|
@@ -1293,8 +1293,8 @@ OPENSSL_EXPORT const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value);
|
|
|
1293
1293
|
// cast to a |uint16_t| to get it.
|
|
1294
1294
|
OPENSSL_EXPORT uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *cipher);
|
|
1295
1295
|
|
|
1296
|
-
//
|
|
1297
|
-
OPENSSL_EXPORT uint16_t
|
|
1296
|
+
// SSL_CIPHER_get_protocol_id returns |cipher|'s IANA-assigned number.
|
|
1297
|
+
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *cipher);
|
|
1298
1298
|
|
|
1299
1299
|
// SSL_CIPHER_is_aead returns one if |cipher| uses an AEAD cipher.
|
|
1300
1300
|
OPENSSL_EXPORT int SSL_CIPHER_is_aead(const SSL_CIPHER *cipher);
|
|
@@ -2776,6 +2776,51 @@ OPENSSL_EXPORT void SSL_CTX_set_allow_unknown_alpn_protos(SSL_CTX *ctx,
|
|
|
2776
2776
|
int enabled);
|
|
2777
2777
|
|
|
2778
2778
|
|
|
2779
|
+
// Application-layer protocol settings
|
|
2780
|
+
//
|
|
2781
|
+
// The ALPS extension (draft-vvv-tls-alps) allows exchanging application-layer
|
|
2782
|
+
// settings in the TLS handshake for applications negotiated with ALPN. Note
|
|
2783
|
+
// that, when ALPS is negotiated, the client and server each advertise their own
|
|
2784
|
+
// settings, so there are functions to both configure setting to send and query
|
|
2785
|
+
// received settings.
|
|
2786
|
+
|
|
2787
|
+
// SSL_add_application_settings configures |ssl| to enable ALPS with ALPN
|
|
2788
|
+
// protocol |proto|, sending an ALPS value of |settings|. It returns one on
|
|
2789
|
+
// success and zero on error. If |proto| is negotiated via ALPN and the peer
|
|
2790
|
+
// supports ALPS, |settings| will be sent to the peer. The peer's ALPS value can
|
|
2791
|
+
// be retrieved with |SSL_get0_peer_application_settings|.
|
|
2792
|
+
//
|
|
2793
|
+
// On the client, this function should be called before the handshake, once for
|
|
2794
|
+
// each supported ALPN protocol which uses ALPS. |proto| must be included in the
|
|
2795
|
+
// client's ALPN configuration (see |SSL_CTX_set_alpn_protos| and
|
|
2796
|
+
// |SSL_set_alpn_protos|). On the server, ALPS can be preconfigured for each
|
|
2797
|
+
// protocol as in the client, or configuration can be deferred to the ALPN
|
|
2798
|
+
// callback (see |SSL_CTX_set_alpn_select_cb|), in which case only the selected
|
|
2799
|
+
// protocol needs to be configured.
|
|
2800
|
+
//
|
|
2801
|
+
// ALPS can be independently configured from 0-RTT, however changes in protocol
|
|
2802
|
+
// settings will fallback to 1-RTT to negotiate the new value, so it is
|
|
2803
|
+
// recommended for |settings| to be relatively stable.
|
|
2804
|
+
OPENSSL_EXPORT int SSL_add_application_settings(SSL *ssl, const uint8_t *proto,
|
|
2805
|
+
size_t proto_len,
|
|
2806
|
+
const uint8_t *settings,
|
|
2807
|
+
size_t settings_len);
|
|
2808
|
+
|
|
2809
|
+
// SSL_get0_peer_application_settings sets |*out_data| and |*out_len| to a
|
|
2810
|
+
// buffer containing the peer's ALPS value, or the empty string if ALPS was not
|
|
2811
|
+
// negotiated. Note an empty string could also indicate the peer sent an empty
|
|
2812
|
+
// settings value. Use |SSL_has_application_settings| to check if ALPS was
|
|
2813
|
+
// negotiated. The output buffer is owned by |ssl| and is valid until the next
|
|
2814
|
+
// time |ssl| is modified.
|
|
2815
|
+
OPENSSL_EXPORT void SSL_get0_peer_application_settings(const SSL *ssl,
|
|
2816
|
+
const uint8_t **out_data,
|
|
2817
|
+
size_t *out_len);
|
|
2818
|
+
|
|
2819
|
+
// SSL_has_application_settings returns one if ALPS was negotiated on this
|
|
2820
|
+
// connection and zero otherwise.
|
|
2821
|
+
OPENSSL_EXPORT int SSL_has_application_settings(const SSL *ssl);
|
|
2822
|
+
|
|
2823
|
+
|
|
2779
2824
|
// Certificate compression.
|
|
2780
2825
|
//
|
|
2781
2826
|
// Certificates in TLS 1.3 can be compressed[1]. BoringSSL supports this as both
|
|
@@ -3493,8 +3538,10 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3493
3538
|
ssl_early_data_ticket_age_skew = 12,
|
|
3494
3539
|
// QUIC parameters differ between this connection and the original.
|
|
3495
3540
|
ssl_early_data_quic_parameter_mismatch = 13,
|
|
3541
|
+
// The application settings did not match the session.
|
|
3542
|
+
ssl_early_data_alps_mismatch = 14,
|
|
3496
3543
|
// The value of the largest entry.
|
|
3497
|
-
ssl_early_data_reason_max_value =
|
|
3544
|
+
ssl_early_data_reason_max_value = ssl_early_data_alps_mismatch,
|
|
3498
3545
|
};
|
|
3499
3546
|
|
|
3500
3547
|
// SSL_get_early_data_reason returns details why 0-RTT was accepted or rejected
|
|
@@ -3502,6 +3549,11 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3502
3549
|
OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
|
|
3503
3550
|
const SSL *ssl);
|
|
3504
3551
|
|
|
3552
|
+
// SSL_early_data_reason_string returns a string representation for |reason|, or
|
|
3553
|
+
// NULL if |reason| is unknown. This function may be used for logging.
|
|
3554
|
+
OPENSSL_EXPORT const char *SSL_early_data_reason_string(
|
|
3555
|
+
enum ssl_early_data_reason_t reason);
|
|
3556
|
+
|
|
3505
3557
|
|
|
3506
3558
|
// Alerts.
|
|
3507
3559
|
//
|
|
@@ -4717,6 +4769,13 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
|
|
|
4717
4769
|
SSL_R_TLSV1_ALERT_BAD_CERTIFICATE_HASH_VALUE
|
|
4718
4770
|
#define SSL_R_TLSV1_CERTIFICATE_REQUIRED SSL_R_TLSV1_ALERT_CERTIFICATE_REQUIRED
|
|
4719
4771
|
|
|
4772
|
+
// SSL_CIPHER_get_value calls |SSL_CIPHER_get_protocol_id|.
|
|
4773
|
+
//
|
|
4774
|
+
// TODO(davidben): |SSL_CIPHER_get_value| was our name for this function, but
|
|
4775
|
+
// upstream added it as |SSL_CIPHER_get_protocol_id|. Switch callers to the new
|
|
4776
|
+
// name and remove this one.
|
|
4777
|
+
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher);
|
|
4778
|
+
|
|
4720
4779
|
|
|
4721
4780
|
// Nodejs compatibility section (hidden).
|
|
4722
4781
|
//
|
|
@@ -5210,6 +5269,8 @@ BSSL_NAMESPACE_END
|
|
|
5210
5269
|
#define SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED 305
|
|
5211
5270
|
#define SSL_R_UNEXPECTED_COMPATIBILITY_MODE 306
|
|
5212
5271
|
#define SSL_R_MISSING_ALPN 307
|
|
5272
|
+
#define SSL_R_NEGOTIATED_ALPS_WITHOUT_ALPN 308
|
|
5273
|
+
#define SSL_R_ALPS_MISMATCH_ON_EARLY_DATA 309
|
|
5213
5274
|
#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
|
|
5214
5275
|
#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
|
|
5215
5276
|
#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
|
|
@@ -235,6 +235,10 @@ extern "C" {
|
|
|
235
235
|
// ExtensionType value from draft-ietf-tls-subcerts.
|
|
236
236
|
#define TLSEXT_TYPE_delegated_credential 0x22
|
|
237
237
|
|
|
238
|
+
// ExtensionType value from draft-vvv-tls-alps. This is not an IANA defined
|
|
239
|
+
// extension number.
|
|
240
|
+
#define TLSEXT_TYPE_application_settings 17513
|
|
241
|
+
|
|
238
242
|
// ExtensionType value from RFC6962
|
|
239
243
|
#define TLSEXT_TYPE_certificate_timestamp 18
|
|
240
244
|
|
|
@@ -40,6 +40,14 @@ extern "C" {
|
|
|
40
40
|
// PMBTokens and P-384.
|
|
41
41
|
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void);
|
|
42
42
|
|
|
43
|
+
// TRUST_TOKEN_experiment_v2_voprf is an experimental Trust Tokens protocol
|
|
44
|
+
// using VOPRFs and P-384 with up to 6 keys, without RR verification.
|
|
45
|
+
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_voprf(void);
|
|
46
|
+
|
|
47
|
+
// TRUST_TOKEN_experiment_v2_pmb is an experimental Trust Tokens protocol using
|
|
48
|
+
// PMBTokens and P-384 with up to 3 keys, without RR verification.
|
|
49
|
+
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_pmb(void);
|
|
50
|
+
|
|
43
51
|
// trust_token_st represents a single-use token for the Trust Token protocol.
|
|
44
52
|
// For the client, this is the token and its corresponding signature. For the
|
|
45
53
|
// issuer, this is the token itself.
|
|
@@ -138,21 +146,23 @@ OPENSSL_EXPORT STACK_OF(TRUST_TOKEN) *
|
|
|
138
146
|
// |token| and receive a signature over |data| and serializes the request into
|
|
139
147
|
// a newly-allocated buffer, setting |*out| to that buffer and |*out_len| to
|
|
140
148
|
// its length. |time| is the number of seconds since the UNIX epoch and used to
|
|
141
|
-
// verify the validity of the issuer's response
|
|
142
|
-
//
|
|
143
|
-
// or zero on error.
|
|
149
|
+
// verify the validity of the issuer's response in TrustTokenV1 and ignored in
|
|
150
|
+
// other versions. The caller takes ownership of the buffer and must call
|
|
151
|
+
// |OPENSSL_free| when done. It returns one on success or zero on error.
|
|
144
152
|
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_redemption(
|
|
145
153
|
TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len,
|
|
146
154
|
const TRUST_TOKEN *token, const uint8_t *data, size_t data_len,
|
|
147
155
|
uint64_t time);
|
|
148
156
|
|
|
149
|
-
// TRUST_TOKEN_CLIENT_finish_redemption consumes |response| from the issuer
|
|
150
|
-
// verifies the SRR
|
|
151
|
-
// |*
|
|
152
|
-
// newly-allocated buffer containing the SRR (respectively, the SRR
|
|
153
|
-
//
|
|
157
|
+
// TRUST_TOKEN_CLIENT_finish_redemption consumes |response| from the issuer. In
|
|
158
|
+
// |TRUST_TOKEN_experiment_v1|, it then verifies the SRR and if valid sets
|
|
159
|
+
// |*out_rr| and |*out_rr_len| (respectively, |*out_sig| and |*out_sig_len|)
|
|
160
|
+
// to a newly-allocated buffer containing the SRR (respectively, the SRR
|
|
161
|
+
// signature). In other versions, it sets |*out_rr| and |*out_rr_len|
|
|
162
|
+
// to a newly-allocated buffer containing |response| and leaves all validation
|
|
163
|
+
// to the caller. It returns one on success or zero on failure.
|
|
154
164
|
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_finish_redemption(
|
|
155
|
-
TRUST_TOKEN_CLIENT *ctx, uint8_t **
|
|
165
|
+
TRUST_TOKEN_CLIENT *ctx, uint8_t **out_rr, size_t *out_rr_len,
|
|
156
166
|
uint8_t **out_sig, size_t *out_sig_len, const uint8_t *response,
|
|
157
167
|
size_t response_len);
|
|
158
168
|
|
|
@@ -214,16 +224,16 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_issue(
|
|
|
214
224
|
uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
|
|
215
225
|
|
|
216
226
|
// TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
|
|
217
|
-
// verifies the token. If the token is valid, a
|
|
227
|
+
// verifies the token. If the token is valid, a RR is produced with a lifetime
|
|
218
228
|
// of |lifetime| (in seconds), signing over the requested data from the request
|
|
219
229
|
// and the value of the token, storing the result into a newly-allocated buffer
|
|
220
230
|
// and setting |*out| to that buffer and |*out_len| to its length. The extracted
|
|
221
231
|
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
|
|
222
232
|
// |*out_token|. The extracted client data is stored into a newly-allocated
|
|
223
|
-
// buffer and stored in |*out_client_data|.
|
|
224
|
-
// stored in |*out_redemption_time|. The caller takes
|
|
225
|
-
// buffer and must call |OPENSSL_free| when done. It
|
|
226
|
-
// zero on error.
|
|
233
|
+
// buffer and stored in |*out_client_data|. In TrustTokenV1, the extracted
|
|
234
|
+
// redemption time is stored in |*out_redemption_time|. The caller takes
|
|
235
|
+
// ownership of each output buffer and must call |OPENSSL_free| when done. It
|
|
236
|
+
// returns one on success or zero on error.
|
|
227
237
|
//
|
|
228
238
|
// The caller must keep track of all values of |*out_token| seen globally before
|
|
229
239
|
// returning the SRR to the client. If the value has been reused, the caller
|
|
@@ -235,6 +245,24 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
|
|
|
235
245
|
size_t *out_client_data_len, uint64_t *out_redemption_time,
|
|
236
246
|
const uint8_t *request, size_t request_len, uint64_t lifetime);
|
|
237
247
|
|
|
248
|
+
// TRUST_TOKEN_ISSUER_redeem_raw ingests a |request| for token redemption and
|
|
249
|
+
// verifies the token. The public metadata is stored in |*out_public|. The
|
|
250
|
+
// private metadata (if any) is stored in |*out_private|. The extracted
|
|
251
|
+
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
|
|
252
|
+
// |*out_token|. The extracted client data is stored into a newly-allocated
|
|
253
|
+
// buffer and stored in |*out_client_data|. The caller takes ownership of each
|
|
254
|
+
// output buffer and must call |OPENSSL_free| when done. It returns one on
|
|
255
|
+
// success or zero on error.
|
|
256
|
+
//
|
|
257
|
+
// The caller must keep track of all values of |*out_token| seen globally before
|
|
258
|
+
// returning a response to the client. If the value has been reused, the caller
|
|
259
|
+
// must report an error to the client. Returning a response with replayed values
|
|
260
|
+
// allows an attacker to double-spend tokens.
|
|
261
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_raw(
|
|
262
|
+
const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
|
|
263
|
+
TRUST_TOKEN **out_token, uint8_t **out_client_data,
|
|
264
|
+
size_t *out_client_data_len, const uint8_t *request, size_t request_len);
|
|
265
|
+
|
|
238
266
|
// TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
|
|
239
267
|
// private metadata key specified by a |key| buffer of length |key_len| and the
|
|
240
268
|
// nonce by a |nonce| buffer of length |nonce_len|. The nonce in
|
|
@@ -146,7 +146,7 @@ struct X509_name_st {
|
|
|
146
146
|
STACK_OF(X509_NAME_ENTRY) * entries;
|
|
147
147
|
int modified; // true if 'bytes' needs to be built
|
|
148
148
|
BUF_MEM *bytes;
|
|
149
|
-
//
|
|
149
|
+
// unsigned long hash; Keep the hash around for lookups
|
|
150
150
|
unsigned char *canon_enc;
|
|
151
151
|
int canon_enclen;
|
|
152
152
|
} /* X509_NAME */;
|
|
@@ -470,6 +470,11 @@ struct Netscape_spki_st {
|
|
|
470
470
|
extern "C" {
|
|
471
471
|
#endif
|
|
472
472
|
|
|
473
|
+
// TODO(davidben): Document remaining functions, reorganize them, and define
|
|
474
|
+
// supported patterns for using |X509| objects in general. In particular, when
|
|
475
|
+
// it is safe to call mutating functions is a little tricky due to various
|
|
476
|
+
// internal caches.
|
|
477
|
+
|
|
473
478
|
// X509_get_version returns the numerical value of |x509|'s version. That is,
|
|
474
479
|
// it returns zero for X.509v1, one for X.509v2, and two for X.509v3. Unknown
|
|
475
480
|
// versions are rejected by the parser, but a manually-created |X509| object may
|
|
@@ -477,16 +482,54 @@ extern "C" {
|
|
|
477
482
|
// version, or -1 on overflow.
|
|
478
483
|
OPENSSL_EXPORT long X509_get_version(const X509 *x509);
|
|
479
484
|
|
|
480
|
-
//
|
|
481
|
-
|
|
485
|
+
// X509_get0_serialNumber returns |x509|'s serial number.
|
|
486
|
+
OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x509);
|
|
487
|
+
|
|
488
|
+
// X509_get0_notBefore returns |x509|'s notBefore time.
|
|
489
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x509);
|
|
490
|
+
|
|
491
|
+
// X509_get0_notAfter returns |x509|'s notAfter time.
|
|
492
|
+
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x509);
|
|
493
|
+
|
|
494
|
+
// X509_set1_notBefore sets |x509|'s notBefore time to |tm|. It returns one on
|
|
495
|
+
// success and zero on error.
|
|
496
|
+
OPENSSL_EXPORT int X509_set1_notBefore(X509 *x509, const ASN1_TIME *tm);
|
|
497
|
+
|
|
498
|
+
// X509_set1_notAfter sets |x509|'s notAfter time to |tm|. it returns one on
|
|
499
|
+
// success and zero on error.
|
|
500
|
+
OPENSSL_EXPORT int X509_set1_notAfter(X509 *x509, const ASN1_TIME *tm);
|
|
501
|
+
|
|
502
|
+
// X509_getm_notBefore returns a mutable pointer to |x509|'s notBefore time.
|
|
503
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x509);
|
|
504
|
+
|
|
505
|
+
// X509_getm_notAfter returns a mutable pointer to |x509|'s notAfter time.
|
|
506
|
+
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
|
|
507
|
+
|
|
508
|
+
// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
|
|
509
|
+
// const-correct for legacy reasons. Use |X509_get0_notBefore| or
|
|
482
510
|
// |X509_getm_notBefore| instead.
|
|
483
511
|
OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
|
|
484
512
|
|
|
485
|
-
// X509_get_notAfter returns |x509|'s notAfter
|
|
513
|
+
// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
|
|
486
514
|
// const-correct for legacy reasons. Use |X509_get0_notAfter| or
|
|
487
515
|
// |X509_getm_notAfter| instead.
|
|
488
516
|
OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
|
|
489
517
|
|
|
518
|
+
// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
|
|
519
|
+
// instead.
|
|
520
|
+
OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
|
|
521
|
+
|
|
522
|
+
// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
|
|
523
|
+
// instead.
|
|
524
|
+
OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
|
|
525
|
+
|
|
526
|
+
// X509_get0_uids sets |*out_issuer_uid| and |*out_subject_uid| to non-owning
|
|
527
|
+
// pointers to the issuerUID and subjectUID fields, respectively, of |x509|.
|
|
528
|
+
// Either output pointer may be NULL to skip the field.
|
|
529
|
+
OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
|
|
530
|
+
const ASN1_BIT_STRING **out_issuer_uid,
|
|
531
|
+
const ASN1_BIT_STRING **out_subject_uid);
|
|
532
|
+
|
|
490
533
|
// X509_get_cert_info returns |x509|'s TBSCertificate structure. Note this
|
|
491
534
|
// function is not const-correct for legacy reasons.
|
|
492
535
|
//
|
|
@@ -498,6 +541,15 @@ OPENSSL_EXPORT X509_CINF *X509_get_cert_info(const X509 *x509);
|
|
|
498
541
|
// |X509_get_pubkey| instead.
|
|
499
542
|
#define X509_extract_key(x) X509_get_pubkey(x)
|
|
500
543
|
|
|
544
|
+
// X509_get_pathlen returns path length constraint from the basic constraints
|
|
545
|
+
// extension in |x509|. (See RFC5280, section 4.2.1.9.) It returns -1 if the
|
|
546
|
+
// constraint is not present, or if some extension in |x509| was invalid.
|
|
547
|
+
//
|
|
548
|
+
// Note that decoding an |X509| object will not check for invalid extensions. To
|
|
549
|
+
// detect the error case, call |X509_get_extensions_flags| and check the
|
|
550
|
+
// |EXFLAG_INVALID| bit.
|
|
551
|
+
OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
|
|
552
|
+
|
|
501
553
|
// X509_REQ_get_version returns the numerical value of |req|'s version. That is,
|
|
502
554
|
// it returns zero for a v1 request. If |req| is invalid, it may return another
|
|
503
555
|
// value, or -1 on overflow.
|
|
@@ -521,15 +573,29 @@ OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl);
|
|
|
521
573
|
// X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time.
|
|
522
574
|
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
|
|
523
575
|
|
|
524
|
-
//
|
|
576
|
+
// X509_CRL_get0_nextUpdate returns |crl|'s nextUpdate time, or NULL if |crl|
|
|
577
|
+
// has none.
|
|
525
578
|
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
|
|
526
579
|
|
|
580
|
+
// X509_CRL_set1_lastUpdate sets |crl|'s lastUpdate time to |tm|. It returns one
|
|
581
|
+
// on success and zero on error.
|
|
582
|
+
OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
|
|
583
|
+
|
|
584
|
+
// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
|
|
585
|
+
// on success and zero on error.
|
|
586
|
+
OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
|
|
587
|
+
|
|
588
|
+
// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
|
|
589
|
+
#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
|
|
590
|
+
#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
|
|
591
|
+
|
|
527
592
|
// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s lastUpdate time.
|
|
528
|
-
// Use |X509_CRL_get0_lastUpdate| or |
|
|
593
|
+
// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
|
|
529
594
|
OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
|
|
530
595
|
|
|
531
|
-
// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time
|
|
532
|
-
//
|
|
596
|
+
// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
|
|
597
|
+
// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
|
|
598
|
+
// |X509_CRL_set1_nextUpdate| instead.
|
|
533
599
|
OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
|
|
534
600
|
|
|
535
601
|
// X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not
|
|
@@ -543,6 +609,10 @@ OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
|
|
|
543
609
|
// would break existing callers. For now, we match upstream.
|
|
544
610
|
OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
|
|
545
611
|
|
|
612
|
+
// X509_CRL_get0_extensions returns |crl|'s extension list.
|
|
613
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
614
|
+
X509_CRL_get0_extensions(const X509_CRL *crl);
|
|
615
|
+
|
|
546
616
|
// X509_CINF_set_modified marks |cinf| as modified so that changes will be
|
|
547
617
|
// reflected in serializing the structure.
|
|
548
618
|
//
|
|
@@ -586,26 +656,66 @@ OPENSSL_EXPORT void *X509_CRL_get_meth_data(X509_CRL *crl);
|
|
|
586
656
|
// object.
|
|
587
657
|
OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
|
|
588
658
|
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
595
|
-
OPENSSL_EXPORT
|
|
596
|
-
|
|
597
|
-
|
|
659
|
+
// X509_verify_cert_error_string returns |err| as a human-readable string, where
|
|
660
|
+
// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
|
|
661
|
+
// a default description.
|
|
662
|
+
//
|
|
663
|
+
// TODO(davidben): Move this function to x509_vfy.h, with the |X509_V_*|
|
|
664
|
+
// definitions, or fold x509_vfy.h into this function.
|
|
665
|
+
OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
|
|
666
|
+
|
|
667
|
+
// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
|
|
668
|
+
// one if the signature is valid and zero otherwise. Note this function only
|
|
669
|
+
// checks the signature itself and does not perform a full certificate
|
|
670
|
+
// validation.
|
|
671
|
+
OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
|
|
672
|
+
|
|
673
|
+
// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
|
|
674
|
+
// one if the signature is valid and zero otherwise.
|
|
675
|
+
OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
|
|
676
|
+
|
|
677
|
+
// X509_CRL_verify checks that |crl| has a valid signature by |pkey|. It returns
|
|
678
|
+
// one if the signature is valid and zero otherwise.
|
|
679
|
+
OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey);
|
|
680
|
+
|
|
681
|
+
// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
|
|
682
|
+
// returns one if the signature is valid and zero otherwise.
|
|
683
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
|
|
684
|
+
|
|
685
|
+
// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
|
|
686
|
+
// Netscape signed public key and challenge (SPKAC) structure. It returns a
|
|
687
|
+
// newly-allocated |NETSCAPE_SPKI| structure with the result, or NULL on error.
|
|
688
|
+
// If |len| is 0 or negative, the length is calculated with |strlen| and |str|
|
|
689
|
+
// must be a NUL-terminated C string.
|
|
598
690
|
OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
|
|
599
691
|
int len);
|
|
600
|
-
OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
|
|
601
|
-
OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
|
|
602
|
-
OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
|
|
603
692
|
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
|
|
693
|
+
// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded Netscape signed
|
|
694
|
+
// public key and challenge (SPKAC) structure. It returns a newly-allocated
|
|
695
|
+
// NUL-terminated C string with the result, or NULL on error. The caller must
|
|
696
|
+
// release the memory with |OPENSSL_free| when done.
|
|
697
|
+
OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
|
|
698
|
+
|
|
699
|
+
// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
|
|
700
|
+
// |EVP_PKEY|, or NULL on error. The resulting pointer is non-owning and valid
|
|
701
|
+
// until |spki| is released or mutated. The caller should take a reference with
|
|
702
|
+
// |EVP_PKEY_up_ref| to extend the lifetime.
|
|
703
|
+
OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
|
|
704
|
+
|
|
705
|
+
// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
|
|
706
|
+
// on success or zero on error. This function does not take ownership of |pkey|,
|
|
707
|
+
// so the caller may continue to manage its lifetime independently of |spki|.
|
|
708
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
|
|
709
|
+
EVP_PKEY *pkey);
|
|
710
|
+
|
|
711
|
+
// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
|
|
712
|
+
// indented with |indent| spaces. It returns one on success and zero on error.
|
|
713
|
+
OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
|
|
607
714
|
int indent);
|
|
608
|
-
|
|
715
|
+
|
|
716
|
+
// X509_signature_print writes a human-readable representation of |alg| and
|
|
717
|
+
// |sig| to |bio|. It returns one on success and zero on error.
|
|
718
|
+
OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
|
|
609
719
|
const ASN1_STRING *sig);
|
|
610
720
|
|
|
611
721
|
OPENSSL_EXPORT int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
|
|
@@ -627,7 +737,6 @@ OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
|
|
|
627
737
|
unsigned char *md, unsigned int *len);
|
|
628
738
|
OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
|
|
629
739
|
unsigned char *md, unsigned int *len);
|
|
630
|
-
#endif
|
|
631
740
|
|
|
632
741
|
// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
|
|
633
742
|
// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
|
|
@@ -825,10 +934,9 @@ OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
|
|
|
825
934
|
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
|
|
826
935
|
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
|
|
827
936
|
|
|
828
|
-
#ifndef OPENSSL_NO_EVP
|
|
829
937
|
OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
|
|
830
938
|
OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
|
|
831
|
-
OPENSSL_EXPORT char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
|
|
939
|
+
OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
|
|
832
940
|
|
|
833
941
|
OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
|
|
834
942
|
unsigned char *md, unsigned int *len);
|
|
@@ -849,25 +957,19 @@ OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|
|
849
957
|
X509_ALGOR *algor2,
|
|
850
958
|
ASN1_BIT_STRING *signature, void *asn,
|
|
851
959
|
EVP_MD_CTX *ctx);
|
|
852
|
-
#endif
|
|
853
960
|
|
|
854
961
|
OPENSSL_EXPORT int X509_set_version(X509 *x, long version);
|
|
855
962
|
OPENSSL_EXPORT int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
|
|
856
963
|
OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x);
|
|
857
964
|
OPENSSL_EXPORT int X509_set_issuer_name(X509 *x, X509_NAME *name);
|
|
858
|
-
OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(X509 *a);
|
|
965
|
+
OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *a);
|
|
859
966
|
OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name);
|
|
860
|
-
OPENSSL_EXPORT X509_NAME *X509_get_subject_name(X509 *a);
|
|
861
|
-
OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
|
|
862
|
-
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x);
|
|
863
|
-
OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x);
|
|
864
|
-
OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
|
|
865
|
-
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x);
|
|
866
|
-
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
|
|
967
|
+
OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *a);
|
|
867
968
|
OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
|
868
969
|
OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x);
|
|
869
970
|
OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
|
|
870
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
|
971
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
972
|
+
X509_get0_extensions(const X509 *x);
|
|
871
973
|
OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
|
|
872
974
|
|
|
873
975
|
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x, long version);
|
|
@@ -911,8 +1013,6 @@ OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
|
|
911
1013
|
|
|
912
1014
|
OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *x, long version);
|
|
913
1015
|
OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
|
|
914
|
-
OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
|
915
|
-
OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
|
916
1016
|
OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
|
|
917
1017
|
OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
|
|
918
1018
|
|
|
@@ -931,6 +1031,10 @@ OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
|
|
|
931
1031
|
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r,
|
|
932
1032
|
ASN1_TIME *tm);
|
|
933
1033
|
|
|
1034
|
+
// X509_REVOKED_get0_extensions returns |r|'s extensions.
|
|
1035
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
1036
|
+
X509_REVOKED_get0_extensions(const X509_REVOKED *r);
|
|
1037
|
+
|
|
934
1038
|
OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
|
|
935
1039
|
EVP_PKEY *skey, const EVP_MD *md,
|
|
936
1040
|
unsigned int flags);
|
|
@@ -970,12 +1074,12 @@ OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
|
|
|
970
1074
|
OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x);
|
|
971
1075
|
OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
|
|
972
1076
|
OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
|
|
973
|
-
OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm,
|
|
974
|
-
unsigned long flags);
|
|
1077
|
+
OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
|
|
1078
|
+
int indent, unsigned long flags);
|
|
975
1079
|
#endif
|
|
976
1080
|
|
|
977
|
-
OPENSSL_EXPORT int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
|
|
978
|
-
OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
|
|
1081
|
+
OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
|
|
1082
|
+
OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
|
|
979
1083
|
unsigned long flags);
|
|
980
1084
|
OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
|
|
981
1085
|
unsigned long cflag);
|
|
@@ -987,21 +1091,22 @@ OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
|
|
|
987
1091
|
unsigned long cflag);
|
|
988
1092
|
OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
|
|
989
1093
|
|
|
990
|
-
OPENSSL_EXPORT int X509_NAME_entry_count(X509_NAME *name);
|
|
991
|
-
OPENSSL_EXPORT int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
|
|
1094
|
+
OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
|
|
1095
|
+
OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
|
|
992
1096
|
char *buf, int len);
|
|
993
|
-
OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(X509_NAME *name,
|
|
1097
|
+
OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
|
|
994
1098
|
const ASN1_OBJECT *obj, char *buf,
|
|
995
1099
|
int len);
|
|
996
1100
|
|
|
997
1101
|
// NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
|
|
998
1102
|
// lastpos, search after that position on.
|
|
999
|
-
OPENSSL_EXPORT int X509_NAME_get_index_by_NID(X509_NAME *name, int nid,
|
|
1103
|
+
OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
|
|
1000
1104
|
int lastpos);
|
|
1001
|
-
OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(X509_NAME *name,
|
|
1105
|
+
OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
|
|
1002
1106
|
const ASN1_OBJECT *obj,
|
|
1003
1107
|
int lastpos);
|
|
1004
|
-
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name,
|
|
1108
|
+
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
|
|
1109
|
+
int loc);
|
|
1005
1110
|
OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
|
|
1006
1111
|
int loc);
|
|
1007
1112
|
OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
|
|
@@ -1032,8 +1137,9 @@ OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
|
|
|
1032
1137
|
OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
|
|
1033
1138
|
const unsigned char *bytes,
|
|
1034
1139
|
int len);
|
|
1035
|
-
OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
1036
|
-
|
|
1140
|
+
OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
1141
|
+
const X509_NAME_ENTRY *ne);
|
|
1142
|
+
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
|
1037
1143
|
|
|
1038
1144
|
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) * x);
|
|
1039
1145
|
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) * x,
|
|
@@ -1051,59 +1157,63 @@ OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) * x,
|
|
|
1051
1157
|
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
|
1052
1158
|
X509v3_add_ext(STACK_OF(X509_EXTENSION) * *x, X509_EXTENSION *ex, int loc);
|
|
1053
1159
|
|
|
1054
|
-
OPENSSL_EXPORT int X509_get_ext_count(X509 *x);
|
|
1055
|
-
OPENSSL_EXPORT int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
|
|
1056
|
-
OPENSSL_EXPORT int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj,
|
|
1057
|
-
|
|
1058
|
-
OPENSSL_EXPORT
|
|
1160
|
+
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
|
1161
|
+
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
|
1162
|
+
OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
|
|
1163
|
+
int lastpos);
|
|
1164
|
+
OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
|
1165
|
+
int lastpos);
|
|
1166
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
|
1059
1167
|
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
1060
1168
|
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
1061
|
-
OPENSSL_EXPORT void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
|
|
1169
|
+
OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
|
|
1062
1170
|
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
|
1063
1171
|
unsigned long flags);
|
|
1064
1172
|
|
|
1065
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_count(X509_CRL *x);
|
|
1066
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
|
|
1067
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(X509_CRL *x,
|
|
1068
|
-
int lastpos);
|
|
1069
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit,
|
|
1173
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
|
1174
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
|
|
1175
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
|
1176
|
+
const ASN1_OBJECT *obj, int lastpos);
|
|
1177
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
1070
1178
|
int lastpos);
|
|
1071
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
|
|
1179
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
|
1072
1180
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
1073
1181
|
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
1074
|
-
OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit,
|
|
1182
|
+
OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit,
|
|
1075
1183
|
int *idx);
|
|
1076
1184
|
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
|
1077
1185
|
int crit, unsigned long flags);
|
|
1078
1186
|
|
|
1079
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(X509_REVOKED *x);
|
|
1080
|
-
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid,
|
|
1187
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
|
|
1188
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
|
|
1189
|
+
int lastpos);
|
|
1190
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
|
|
1191
|
+
const ASN1_OBJECT *obj,
|
|
1081
1192
|
int lastpos);
|
|
1082
|
-
OPENSSL_EXPORT int
|
|
1083
|
-
|
|
1084
|
-
OPENSSL_EXPORT
|
|
1085
|
-
int
|
|
1086
|
-
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
|
|
1193
|
+
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
|
|
1194
|
+
int crit, int lastpos);
|
|
1195
|
+
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
|
|
1196
|
+
int loc);
|
|
1087
1197
|
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
|
1088
1198
|
int loc);
|
|
1089
1199
|
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
|
1090
1200
|
int loc);
|
|
1091
|
-
OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid,
|
|
1201
|
+
OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid,
|
|
1092
1202
|
int *crit, int *idx);
|
|
1093
1203
|
OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
|
1094
1204
|
void *value, int crit,
|
|
1095
1205
|
unsigned long flags);
|
|
1096
1206
|
|
|
1097
1207
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
|
|
1098
|
-
X509_EXTENSION **ex, int nid, int crit, ASN1_OCTET_STRING *data);
|
|
1208
|
+
X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
|
|
1099
1209
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
|
|
1100
1210
|
X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
|
|
1101
|
-
ASN1_OCTET_STRING *data);
|
|
1211
|
+
const ASN1_OCTET_STRING *data);
|
|
1102
1212
|
OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
|
|
1103
1213
|
const ASN1_OBJECT *obj);
|
|
1104
1214
|
OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
|
|
1105
1215
|
OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
|
|
1106
|
-
ASN1_OCTET_STRING *data);
|
|
1216
|
+
const ASN1_OCTET_STRING *data);
|
|
1107
1217
|
OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
1108
1218
|
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
|
1109
1219
|
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
|
@@ -1190,9 +1300,9 @@ OPENSSL_EXPORT int X509_TRUST_add(int id, int flags,
|
|
|
1190
1300
|
int (*ck)(X509_TRUST *, X509 *, int),
|
|
1191
1301
|
char *name, int arg1, void *arg2);
|
|
1192
1302
|
OPENSSL_EXPORT void X509_TRUST_cleanup(void);
|
|
1193
|
-
OPENSSL_EXPORT int X509_TRUST_get_flags(X509_TRUST *xp);
|
|
1194
|
-
OPENSSL_EXPORT char *X509_TRUST_get0_name(X509_TRUST *xp);
|
|
1195
|
-
OPENSSL_EXPORT int X509_TRUST_get_trust(X509_TRUST *xp);
|
|
1303
|
+
OPENSSL_EXPORT int X509_TRUST_get_flags(const X509_TRUST *xp);
|
|
1304
|
+
OPENSSL_EXPORT char *X509_TRUST_get0_name(const X509_TRUST *xp);
|
|
1305
|
+
OPENSSL_EXPORT int X509_TRUST_get_trust(const X509_TRUST *xp);
|
|
1196
1306
|
|
|
1197
1307
|
|
|
1198
1308
|
typedef struct rsa_pss_params_st {
|