grpc 1.32.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1086 -3054
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +15 -7
- data/include/grpc/grpc_security.h +227 -171
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +10 -8
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +22 -55
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +2788 -1535
- data/src/core/ext/filters/client_channel/client_channel.h +0 -6
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
- data/src/core/ext/filters/client_channel/config_selector.h +40 -8
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +7 -8
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
- data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +204 -195
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +58 -26
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +478 -145
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +810 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
- data/src/core/ext/filters/client_channel/resolver.cc +4 -5
- data/src/core/ext/filters/client_channel/resolver.h +5 -13
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +43 -59
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +443 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +22 -23
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +21 -18
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +362 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +37 -30
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +566 -366
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
- data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +86 -0
- data/src/core/ext/filters/client_channel/server_address.h +52 -36
- data/src/core/ext/filters/client_channel/service_config.cc +18 -13
- data/src/core/ext/filters/client_channel/service_config.h +8 -5
- data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
- data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
- data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
- data/src/core/ext/filters/client_channel/subchannel.cc +53 -66
- data/src/core/ext/filters/client_channel/subchannel.h +14 -20
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
- data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +36 -33
- data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +226 -95
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -33
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +171 -98
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +625 -202
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +24 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +62 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +70 -45
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +275 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +41 -41
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +172 -89
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +126 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -14
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +49 -27
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +204 -48
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +47 -26
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +181 -48
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +15 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +70 -37
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +352 -199
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1334 -443
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +129 -80
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +525 -166
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +26 -24
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +121 -64
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +7 -6
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +70 -29
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +51 -34
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +188 -75
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -8
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -3
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +54 -37
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +171 -59
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
- data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +938 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +285 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +504 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +1149 -1058
- data/src/core/ext/xds/xds_api.h +215 -144
- data/src/core/ext/xds/xds_bootstrap.cc +228 -62
- data/src/core/ext/xds/xds_bootstrap.h +35 -12
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/xds/xds_channel_args.h +6 -3
- data/src/core/ext/xds/xds_client.cc +620 -495
- data/src/core/ext/xds/xds_client.h +121 -58
- data/src/core/ext/xds/xds_client_stats.cc +61 -17
- data/src/core/ext/xds/xds_client_stats.h +35 -7
- data/src/core/ext/xds/xds_server_config_fetcher.cc +267 -0
- data/src/core/lib/channel/channel_args.cc +9 -8
- data/src/core/lib/channel/channel_args.h +0 -1
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +23 -59
- data/src/core/lib/channel/channelz.h +13 -22
- data/src/core/lib/channel/channelz_registry.cc +12 -11
- data/src/core/lib/channel/channelz_registry.h +3 -1
- data/src/core/lib/channel/handshaker.cc +4 -7
- data/src/core/lib/channel/handshaker.h +3 -3
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +19 -3
- data/src/core/lib/gpr/log_posix.cc +15 -1
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +23 -22
- data/src/core/lib/gpr/string.h +5 -6
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/time.cc +12 -12
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +91 -68
- data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +3 -3
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
- data/src/core/lib/iomgr/error.cc +17 -12
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +10 -7
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
- data/src/core/lib/iomgr/ev_epollex_linux.cc +29 -21
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/exec_ctx.h +16 -12
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +127 -43
- data/src/core/lib/iomgr/parse_address.h +32 -8
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
- data/src/core/lib/iomgr/python_util.h +4 -4
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/resource_quota.cc +4 -4
- data/src/core/lib/iomgr/sockaddr_utils.cc +11 -11
- data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_custom.cc +22 -17
- data/src/core/lib/iomgr/tcp_posix.cc +16 -12
- data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +3 -3
- data/src/core/lib/iomgr/timer_manager.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/udp_server.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +12 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +204 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
- data/src/core/lib/security/authorization/evaluate_args.h +1 -1
- data/src/core/lib/security/authorization/matchers.cc +339 -0
- data/src/core/lib/security/authorization/matchers.h +158 -0
- data/src/core/lib/security/authorization/mock_cel/activation.h +1 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +13 -7
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +7 -7
- data/src/core/lib/security/credentials/credentials.h +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +25 -18
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +3 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -4
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +7 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +4 -3
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/ssl_utils.cc +5 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +354 -279
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +4 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +7 -8
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/call.cc +41 -32
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/channel.cc +25 -41
- data/src/core/lib/surface/channel.h +9 -3
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +30 -24
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/init.cc +45 -29
- data/src/core/lib/surface/lame_client.cc +20 -46
- data/src/core/lib/surface/lame_client.h +4 -0
- data/src/core/lib/surface/server.cc +66 -20
- data/src/core/lib/surface/server.h +42 -7
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +6 -4
- data/src/core/lib/transport/authority_override.h +7 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +11 -9
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +16 -2
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.h +4 -4
- data/src/core/lib/transport/static_metadata.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +8 -8
- data/src/core/lib/uri/uri_parser.cc +131 -249
- data/src/core/lib/uri/uri_parser.h +57 -21
- data/src/core/plugin_registry/grpc_plugin_registry.cc +47 -20
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +18 -21
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +43 -47
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +7 -4
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -2
- data/src/core/tsi/ssl_transport_security.cc +75 -58
- data/src/core/tsi/ssl_transport_security.h +6 -6
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security_interface.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +35 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +4 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +728 -720
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +128 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +107 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +155 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +112 -36
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +63 -9
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +8 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +27 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +32 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +38 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +32 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +10 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -546
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +15 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +21 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +62 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +10 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +16 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +106 -27
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +462 -163
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +593 -440
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +22 -21
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +13 -23
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +11 -6
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +82 -26
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +49 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +87 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +18 -22
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +537 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +59 -21
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +194 -58
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +248 -167
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +227 -169
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/json_decode.c +1443 -0
- data/third_party/upb/upb/json_decode.h +23 -0
- data/third_party/upb/upb/json_encode.c +713 -0
- data/third_party/upb/upb/json_encode.h +36 -0
- data/third_party/upb/upb/msg.c +167 -88
- data/third_party/upb/upb/msg.h +174 -34
- data/third_party/upb/upb/port_def.inc +74 -61
- data/third_party/upb/upb/port_undef.inc +3 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +34 -197
- data/third_party/upb/upb/table.int.h +14 -5
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +18 -41
- data/third_party/upb/upb/upb.h +36 -7
- data/third_party/upb/upb/upb.hpp +4 -4
- data/third_party/upb/upb/upb.int.h +29 -0
- metadata +309 -63
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/xds/xds_channel.h +0 -46
- data/src/core/ext/xds/xds_channel_secure.cc +0 -103
- data/src/core/lib/gprpp/map.h +0 -53
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/upb/upb/port.c +0 -26
|
@@ -59,10 +59,12 @@
|
|
|
59
59
|
#include <string.h>
|
|
60
60
|
|
|
61
61
|
#include <openssl/asn1.h>
|
|
62
|
+
#include <openssl/blake2.h>
|
|
62
63
|
#include <openssl/bytestring.h>
|
|
63
64
|
#include <openssl/nid.h>
|
|
64
65
|
|
|
65
66
|
#include "../internal.h"
|
|
67
|
+
#include "../fipsmodule/digest/internal.h"
|
|
66
68
|
|
|
67
69
|
|
|
68
70
|
struct nid_to_digest {
|
|
@@ -238,3 +240,26 @@ const EVP_MD *EVP_get_digestbyname(const char *name) {
|
|
|
238
240
|
|
|
239
241
|
return NULL;
|
|
240
242
|
}
|
|
243
|
+
|
|
244
|
+
static void blake2b256_init(EVP_MD_CTX *ctx) { BLAKE2B256_Init(ctx->md_data); }
|
|
245
|
+
|
|
246
|
+
static void blake2b256_update(EVP_MD_CTX *ctx, const void *data, size_t len) {
|
|
247
|
+
BLAKE2B256_Update(ctx->md_data, data, len);
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
static void blake2b256_final(EVP_MD_CTX *ctx, uint8_t *md) {
|
|
251
|
+
BLAKE2B256_Final(md, ctx->md_data);
|
|
252
|
+
}
|
|
253
|
+
|
|
254
|
+
static const EVP_MD evp_md_blake2b256 = {
|
|
255
|
+
NID_undef,
|
|
256
|
+
BLAKE2B256_DIGEST_LENGTH,
|
|
257
|
+
0,
|
|
258
|
+
blake2b256_init,
|
|
259
|
+
blake2b256_update,
|
|
260
|
+
blake2b256_final,
|
|
261
|
+
BLAKE2B_CBLOCK,
|
|
262
|
+
sizeof(BLAKE2B_CTX),
|
|
263
|
+
};
|
|
264
|
+
|
|
265
|
+
const EVP_MD *EVP_blake2b256(void) { return &evp_md_blake2b256; }
|
|
@@ -72,12 +72,11 @@
|
|
|
72
72
|
#include <openssl/sha.h>
|
|
73
73
|
#include <openssl/thread.h>
|
|
74
74
|
|
|
75
|
+
#include "internal.h"
|
|
75
76
|
#include "../fipsmodule/bn/internal.h"
|
|
76
77
|
#include "../internal.h"
|
|
77
78
|
|
|
78
79
|
|
|
79
|
-
#define OPENSSL_DSA_MAX_MODULUS_BITS 10000
|
|
80
|
-
|
|
81
80
|
// Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
|
|
82
81
|
// Miller-Rabin.
|
|
83
82
|
#define DSS_prime_checks 50
|
|
@@ -568,23 +567,7 @@ static int mod_mul_consttime(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
|
568
567
|
}
|
|
569
568
|
|
|
570
569
|
DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) {
|
|
571
|
-
if (!dsa
|
|
572
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
|
|
573
|
-
return NULL;
|
|
574
|
-
}
|
|
575
|
-
|
|
576
|
-
// Reject invalid parameters. In particular, the algorithm will infinite loop
|
|
577
|
-
// if |g| is zero.
|
|
578
|
-
if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
|
|
579
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
|
|
580
|
-
return NULL;
|
|
581
|
-
}
|
|
582
|
-
|
|
583
|
-
// We only support DSA keys that are a multiple of 8 bits. (This is a weaker
|
|
584
|
-
// check than the one in |DSA_do_check_signature|, which only allows 160-,
|
|
585
|
-
// 224-, and 256-bit keys.
|
|
586
|
-
if (BN_num_bits(dsa->q) % 8 != 0) {
|
|
587
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
|
|
570
|
+
if (!dsa_check_parameters(dsa)) {
|
|
588
571
|
return NULL;
|
|
589
572
|
}
|
|
590
573
|
|
|
@@ -678,35 +661,17 @@ int DSA_do_verify(const uint8_t *digest, size_t digest_len, DSA_SIG *sig,
|
|
|
678
661
|
|
|
679
662
|
int DSA_do_check_signature(int *out_valid, const uint8_t *digest,
|
|
680
663
|
size_t digest_len, DSA_SIG *sig, const DSA *dsa) {
|
|
681
|
-
BN_CTX *ctx;
|
|
682
|
-
BIGNUM u1, u2, t1;
|
|
683
|
-
int ret = 0;
|
|
684
|
-
unsigned i;
|
|
685
|
-
|
|
686
664
|
*out_valid = 0;
|
|
687
|
-
|
|
688
|
-
if (!dsa->p || !dsa->q || !dsa->g) {
|
|
689
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
|
|
690
|
-
return 0;
|
|
691
|
-
}
|
|
692
|
-
|
|
693
|
-
i = BN_num_bits(dsa->q);
|
|
694
|
-
// FIPS 186-3 allows only different sizes for q.
|
|
695
|
-
if (i != 160 && i != 224 && i != 256) {
|
|
696
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
|
|
697
|
-
return 0;
|
|
698
|
-
}
|
|
699
|
-
|
|
700
|
-
if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
|
|
701
|
-
OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE);
|
|
665
|
+
if (!dsa_check_parameters(dsa)) {
|
|
702
666
|
return 0;
|
|
703
667
|
}
|
|
704
668
|
|
|
669
|
+
int ret = 0;
|
|
670
|
+
BIGNUM u1, u2, t1;
|
|
705
671
|
BN_init(&u1);
|
|
706
672
|
BN_init(&u2);
|
|
707
673
|
BN_init(&t1);
|
|
708
|
-
|
|
709
|
-
ctx = BN_CTX_new();
|
|
674
|
+
BN_CTX *ctx = BN_CTX_new();
|
|
710
675
|
if (ctx == NULL) {
|
|
711
676
|
goto err;
|
|
712
677
|
}
|
|
@@ -729,11 +694,12 @@ int DSA_do_check_signature(int *out_valid, const uint8_t *digest,
|
|
|
729
694
|
}
|
|
730
695
|
|
|
731
696
|
// save M in u1
|
|
732
|
-
|
|
697
|
+
unsigned q_bits = BN_num_bits(dsa->q);
|
|
698
|
+
if (digest_len > (q_bits >> 3)) {
|
|
733
699
|
// if the digest length is greater than the size of q use the
|
|
734
700
|
// BN_num_bits(dsa->q) leftmost bits of the digest, see
|
|
735
701
|
// fips 186-3, 4.2
|
|
736
|
-
digest_len = (
|
|
702
|
+
digest_len = (q_bits >> 3);
|
|
737
703
|
}
|
|
738
704
|
|
|
739
705
|
if (BN_bin2bn(digest, digest_len, &u1) == NULL) {
|
|
@@ -61,9 +61,45 @@
|
|
|
61
61
|
#include <openssl/err.h>
|
|
62
62
|
#include <openssl/mem.h>
|
|
63
63
|
|
|
64
|
+
#include "internal.h"
|
|
64
65
|
#include "../bytestring/internal.h"
|
|
65
66
|
|
|
66
67
|
|
|
68
|
+
#define OPENSSL_DSA_MAX_MODULUS_BITS 10000
|
|
69
|
+
|
|
70
|
+
// This function is in dsa_asn1.c rather than dsa.c because it is reachable from
|
|
71
|
+
// |EVP_PKEY| parsers. This makes it easier for the static linker to drop most
|
|
72
|
+
// of the DSA implementation.
|
|
73
|
+
int dsa_check_parameters(const DSA *dsa) {
|
|
74
|
+
if (!dsa->p || !dsa->q || !dsa->g) {
|
|
75
|
+
OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS);
|
|
76
|
+
return 0;
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
// Reject invalid parameters. In particular, signing will infinite loop if |g|
|
|
80
|
+
// is zero.
|
|
81
|
+
if (BN_is_zero(dsa->p) || BN_is_zero(dsa->q) || BN_is_zero(dsa->g)) {
|
|
82
|
+
OPENSSL_PUT_ERROR(DSA, DSA_R_INVALID_PARAMETERS);
|
|
83
|
+
return 0;
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
// FIPS 186-4 allows only three different sizes for q.
|
|
87
|
+
unsigned q_bits = BN_num_bits(dsa->q);
|
|
88
|
+
if (q_bits != 160 && q_bits != 224 && q_bits != 256) {
|
|
89
|
+
OPENSSL_PUT_ERROR(DSA, DSA_R_BAD_Q_VALUE);
|
|
90
|
+
return 0;
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
// Bound |dsa->p| to avoid a DoS vector. Note this limit is much larger than
|
|
94
|
+
// the one in FIPS 186-4, which only allows L = 1024, 2048, and 3072.
|
|
95
|
+
if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
|
|
96
|
+
OPENSSL_PUT_ERROR(DSA, DSA_R_MODULUS_TOO_LARGE);
|
|
97
|
+
return 0;
|
|
98
|
+
}
|
|
99
|
+
|
|
100
|
+
return 1;
|
|
101
|
+
}
|
|
102
|
+
|
|
67
103
|
static int parse_integer(CBS *cbs, BIGNUM **out) {
|
|
68
104
|
assert(*out == NULL);
|
|
69
105
|
*out = BN_new();
|
|
@@ -124,10 +160,16 @@ DSA *DSA_parse_public_key(CBS *cbs) {
|
|
|
124
160
|
!parse_integer(&child, &ret->g) ||
|
|
125
161
|
CBS_len(&child) != 0) {
|
|
126
162
|
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
|
|
127
|
-
|
|
128
|
-
|
|
163
|
+
goto err;
|
|
164
|
+
}
|
|
165
|
+
if (!dsa_check_parameters(ret)) {
|
|
166
|
+
goto err;
|
|
129
167
|
}
|
|
130
168
|
return ret;
|
|
169
|
+
|
|
170
|
+
err:
|
|
171
|
+
DSA_free(ret);
|
|
172
|
+
return NULL;
|
|
131
173
|
}
|
|
132
174
|
|
|
133
175
|
int DSA_marshal_public_key(CBB *cbb, const DSA *dsa) {
|
|
@@ -156,10 +198,16 @@ DSA *DSA_parse_parameters(CBS *cbs) {
|
|
|
156
198
|
!parse_integer(&child, &ret->g) ||
|
|
157
199
|
CBS_len(&child) != 0) {
|
|
158
200
|
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
|
|
159
|
-
|
|
160
|
-
|
|
201
|
+
goto err;
|
|
202
|
+
}
|
|
203
|
+
if (!dsa_check_parameters(ret)) {
|
|
204
|
+
goto err;
|
|
161
205
|
}
|
|
162
206
|
return ret;
|
|
207
|
+
|
|
208
|
+
err:
|
|
209
|
+
DSA_free(ret);
|
|
210
|
+
return NULL;
|
|
163
211
|
}
|
|
164
212
|
|
|
165
213
|
int DSA_marshal_parameters(CBB *cbb, const DSA *dsa) {
|
|
@@ -203,6 +251,9 @@ DSA *DSA_parse_private_key(CBS *cbs) {
|
|
|
203
251
|
OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR);
|
|
204
252
|
goto err;
|
|
205
253
|
}
|
|
254
|
+
if (!dsa_check_parameters(ret)) {
|
|
255
|
+
goto err;
|
|
256
|
+
}
|
|
206
257
|
return ret;
|
|
207
258
|
|
|
208
259
|
err:
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
/* Copyright (c) 2020, Google Inc.
|
|
2
|
+
*
|
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
|
6
|
+
*
|
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
|
14
|
+
|
|
15
|
+
#ifndef OPENSSL_HEADER_DSA_INTERNAL_H
|
|
16
|
+
#define OPENSSL_HEADER_DSA_INTERNAL_H
|
|
17
|
+
|
|
18
|
+
#include <openssl/dsa.h>
|
|
19
|
+
|
|
20
|
+
#if defined(__cplusplus)
|
|
21
|
+
extern "C" {
|
|
22
|
+
#endif
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
// dsa_check_parameters checks that |dsa|'s group is within DoS bounds. It
|
|
26
|
+
// returns one on success and zero on error.
|
|
27
|
+
int dsa_check_parameters(const DSA *dsa);
|
|
28
|
+
|
|
29
|
+
|
|
30
|
+
#if defined(__cplusplus)
|
|
31
|
+
} // extern C
|
|
32
|
+
#endif
|
|
33
|
+
|
|
34
|
+
#endif // OPENSSL_HEADER_DSA_INTERNAL_H
|
|
@@ -241,21 +241,6 @@ int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key,
|
|
|
241
241
|
return 1;
|
|
242
242
|
}
|
|
243
243
|
|
|
244
|
-
// is_unsigned_integer returns one if |cbs| is a valid unsigned DER INTEGER and
|
|
245
|
-
// zero otherwise.
|
|
246
|
-
static int is_unsigned_integer(const CBS *cbs) {
|
|
247
|
-
if (CBS_len(cbs) == 0) {
|
|
248
|
-
return 0;
|
|
249
|
-
}
|
|
250
|
-
uint8_t byte = CBS_data(cbs)[0];
|
|
251
|
-
if ((byte & 0x80) ||
|
|
252
|
-
(byte == 0 && CBS_len(cbs) > 1 && (CBS_data(cbs)[1] & 0x80) == 0)) {
|
|
253
|
-
// Negative or not minimally-encoded.
|
|
254
|
-
return 0;
|
|
255
|
-
}
|
|
256
|
-
return 1;
|
|
257
|
-
}
|
|
258
|
-
|
|
259
244
|
// kPrimeFieldOID is the encoding of 1.2.840.10045.1.1.
|
|
260
245
|
static const uint8_t kPrimeField[] = {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01};
|
|
261
246
|
|
|
@@ -276,7 +261,7 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
|
|
|
276
261
|
OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) !=
|
|
277
262
|
0 ||
|
|
278
263
|
!CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
|
|
279
|
-
!
|
|
264
|
+
!CBS_is_unsigned_asn1_integer(out_prime) ||
|
|
280
265
|
CBS_len(&field_id) != 0 ||
|
|
281
266
|
!CBS_get_asn1(¶ms, &curve, CBS_ASN1_SEQUENCE) ||
|
|
282
267
|
!CBS_get_asn1(&curve, out_a, CBS_ASN1_OCTETSTRING) ||
|
|
@@ -286,7 +271,7 @@ static int parse_explicit_prime_curve(CBS *in, CBS *out_prime, CBS *out_a,
|
|
|
286
271
|
CBS_len(&curve) != 0 ||
|
|
287
272
|
!CBS_get_asn1(¶ms, &base, CBS_ASN1_OCTETSTRING) ||
|
|
288
273
|
!CBS_get_asn1(¶ms, out_order, CBS_ASN1_INTEGER) ||
|
|
289
|
-
!
|
|
274
|
+
!CBS_is_unsigned_asn1_integer(out_order) ||
|
|
290
275
|
!CBS_get_optional_asn1(¶ms, &cofactor, &has_cofactor,
|
|
291
276
|
CBS_ASN1_INTEGER) ||
|
|
292
277
|
CBS_len(¶ms) != 0) {
|
|
@@ -76,6 +76,10 @@
|
|
|
76
76
|
// TODO(davidben): Fix Node to not touch the error queue itself and remove this.
|
|
77
77
|
OPENSSL_DECLARE_ERROR_REASON(EVP, NOT_XOF_OR_INVALID_LENGTH)
|
|
78
78
|
|
|
79
|
+
// The HPKE module uses the EVP error namespace, but it lives in another
|
|
80
|
+
// directory.
|
|
81
|
+
OPENSSL_DECLARE_ERROR_REASON(EVP, EMPTY_PSK)
|
|
82
|
+
|
|
79
83
|
EVP_PKEY *EVP_PKEY_new(void) {
|
|
80
84
|
EVP_PKEY *ret;
|
|
81
85
|
|
|
@@ -141,9 +141,13 @@ static int dsa_priv_decode(EVP_PKEY *out, CBS *params, CBS *key) {
|
|
|
141
141
|
goto err;
|
|
142
142
|
}
|
|
143
143
|
|
|
144
|
-
// Decode the key.
|
|
144
|
+
// Decode the key. To avoid DoS attacks when importing private keys, we bound
|
|
145
|
+
// |dsa->priv_key| against |dsa->q|, which itself bound by
|
|
146
|
+
// |DSA_parse_parameters|. (We cannot call |BN_num_bits| on |dsa->priv_key|.
|
|
147
|
+
// That would leak a secret bit width.)
|
|
145
148
|
if (!BN_parse_asn1_unsigned(key, dsa->priv_key) ||
|
|
146
|
-
CBS_len(key) != 0
|
|
149
|
+
CBS_len(key) != 0 ||
|
|
150
|
+
BN_cmp(dsa->priv_key, dsa->q) >= 0) {
|
|
147
151
|
OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
|
|
148
152
|
goto err;
|
|
149
153
|
}
|
|
@@ -60,6 +60,8 @@
|
|
|
60
60
|
#include "cipher/e_aes.c"
|
|
61
61
|
#include "cipher/e_des.c"
|
|
62
62
|
#include "des/des.c"
|
|
63
|
+
#include "dh/check.c"
|
|
64
|
+
#include "dh/dh.c"
|
|
63
65
|
#include "digest/digest.c"
|
|
64
66
|
#include "digest/digests.c"
|
|
65
67
|
#include "ecdh/ecdh.c"
|
|
@@ -193,7 +195,7 @@ BORINGSSL_bcm_power_on_self_test(void) {
|
|
|
193
195
|
assert_within(rodata_start, kP256Params, rodata_end);
|
|
194
196
|
assert_within(rodata_start, kPKCS1SigPrefixes, rodata_end);
|
|
195
197
|
|
|
196
|
-
#if defined(OPENSSL_ANDROID)
|
|
198
|
+
#if defined(OPENSSL_AARCH64) || defined(OPENSSL_ANDROID)
|
|
197
199
|
uint8_t result[SHA256_DIGEST_LENGTH];
|
|
198
200
|
const EVP_MD *const kHashFunction = EVP_sha256();
|
|
199
201
|
#else
|
|
@@ -101,26 +101,7 @@ void BN_free(BIGNUM *bn) {
|
|
|
101
101
|
}
|
|
102
102
|
|
|
103
103
|
void BN_clear_free(BIGNUM *bn) {
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
if (bn == NULL) {
|
|
107
|
-
return;
|
|
108
|
-
}
|
|
109
|
-
|
|
110
|
-
if (bn->d != NULL) {
|
|
111
|
-
if ((bn->flags & BN_FLG_STATIC_DATA) == 0) {
|
|
112
|
-
OPENSSL_free(bn->d);
|
|
113
|
-
} else {
|
|
114
|
-
OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0]));
|
|
115
|
-
}
|
|
116
|
-
}
|
|
117
|
-
|
|
118
|
-
should_free = (bn->flags & BN_FLG_MALLOCED) != 0;
|
|
119
|
-
if (should_free) {
|
|
120
|
-
OPENSSL_free(bn);
|
|
121
|
-
} else {
|
|
122
|
-
OPENSSL_cleanse(bn, sizeof(BIGNUM));
|
|
123
|
-
}
|
|
104
|
+
BN_free(bn);
|
|
124
105
|
}
|
|
125
106
|
|
|
126
107
|
BIGNUM *BN_dup(const BIGNUM *src) {
|
|
@@ -302,6 +283,18 @@ int bn_set_words(BIGNUM *bn, const BN_ULONG *words, size_t num) {
|
|
|
302
283
|
return 1;
|
|
303
284
|
}
|
|
304
285
|
|
|
286
|
+
void bn_set_static_words(BIGNUM *bn, const BN_ULONG *words, size_t num) {
|
|
287
|
+
if ((bn->flags & BN_FLG_STATIC_DATA) == 0) {
|
|
288
|
+
OPENSSL_free(bn->d);
|
|
289
|
+
}
|
|
290
|
+
bn->d = (BN_ULONG *)words;
|
|
291
|
+
|
|
292
|
+
bn->width = num;
|
|
293
|
+
bn->dmax = num;
|
|
294
|
+
bn->neg = 0;
|
|
295
|
+
bn->flags |= BN_FLG_STATIC_DATA;
|
|
296
|
+
}
|
|
297
|
+
|
|
305
298
|
int bn_fits_in_words(const BIGNUM *bn, size_t num) {
|
|
306
299
|
// All words beyond |num| must be zero.
|
|
307
300
|
BN_ULONG mask = 0;
|
|
@@ -64,10 +64,10 @@
|
|
|
64
64
|
#include "internal.h"
|
|
65
65
|
|
|
66
66
|
|
|
67
|
-
#if !defined(BN_CAN_DIVIDE_ULLONG) && !defined(BN_CAN_USE_INLINE_ASM)
|
|
68
67
|
// bn_div_words divides a double-width |h|,|l| by |d| and returns the result,
|
|
69
68
|
// which must fit in a |BN_ULONG|.
|
|
70
|
-
static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l,
|
|
69
|
+
OPENSSL_UNUSED static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l,
|
|
70
|
+
BN_ULONG d) {
|
|
71
71
|
BN_ULONG dh, dl, q, ret = 0, th, tl, t;
|
|
72
72
|
int i, count = 2;
|
|
73
73
|
|
|
@@ -135,7 +135,6 @@ static BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) {
|
|
|
135
135
|
ret |= q;
|
|
136
136
|
return ret;
|
|
137
137
|
}
|
|
138
|
-
#endif // !defined(BN_CAN_DIVIDE_ULLONG) && !defined(BN_CAN_USE_INLINE_ASM)
|
|
139
138
|
|
|
140
139
|
static inline void bn_div_rem_words(BN_ULONG *quotient_out, BN_ULONG *rem_out,
|
|
141
140
|
BN_ULONG n0, BN_ULONG n1, BN_ULONG d0) {
|
|
@@ -123,7 +123,7 @@
|
|
|
123
123
|
#ifndef OPENSSL_HEADER_BN_INTERNAL_H
|
|
124
124
|
#define OPENSSL_HEADER_BN_INTERNAL_H
|
|
125
125
|
|
|
126
|
-
#include <openssl/
|
|
126
|
+
#include <openssl/bn.h>
|
|
127
127
|
|
|
128
128
|
#if defined(OPENSSL_X86_64) && defined(_MSC_VER)
|
|
129
129
|
OPENSSL_MSVC_PRAGMA(warning(push, 3))
|
|
@@ -241,6 +241,14 @@ void bn_select_words(BN_ULONG *r, BN_ULONG mask, const BN_ULONG *a,
|
|
|
241
241
|
// least significant word first.
|
|
242
242
|
int bn_set_words(BIGNUM *bn, const BN_ULONG *words, size_t num);
|
|
243
243
|
|
|
244
|
+
// bn_set_static_words acts like |bn_set_words|, but doesn't copy the data. A
|
|
245
|
+
// flag is set on |bn| so that |BN_free| won't attempt to free the data.
|
|
246
|
+
//
|
|
247
|
+
// The |STATIC_BIGNUM| macro is probably a better solution for this outside of
|
|
248
|
+
// the FIPS module. Inside of the FIPS module that macro generates rel.ro data,
|
|
249
|
+
// which doesn't work with FIPS requirements.
|
|
250
|
+
void bn_set_static_words(BIGNUM *bn, const BN_ULONG *words, size_t num);
|
|
251
|
+
|
|
244
252
|
// bn_fits_in_words returns one if |bn| may be represented in |num| words, plus
|
|
245
253
|
// a sign bit, and zero otherwise.
|
|
246
254
|
int bn_fits_in_words(const BIGNUM *bn, size_t num);
|
|
@@ -68,6 +68,8 @@
|
|
|
68
68
|
OPENSSL_MSVC_PRAGMA(warning(push))
|
|
69
69
|
OPENSSL_MSVC_PRAGMA(warning(disable: 4702)) // Unreachable code.
|
|
70
70
|
|
|
71
|
+
#define AES_GCM_NONCE_LENGTH 12
|
|
72
|
+
|
|
71
73
|
#if defined(BSAES)
|
|
72
74
|
static void vpaes_ctr32_encrypt_blocks_with_bsaes(const uint8_t *in,
|
|
73
75
|
uint8_t *out, size_t blocks,
|
|
@@ -630,7 +632,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_128_gcm_generic) {
|
|
|
630
632
|
out->nid = NID_aes_128_gcm;
|
|
631
633
|
out->block_size = 1;
|
|
632
634
|
out->key_len = 16;
|
|
633
|
-
out->iv_len =
|
|
635
|
+
out->iv_len = AES_GCM_NONCE_LENGTH;
|
|
634
636
|
out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
|
|
635
637
|
out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
|
|
636
638
|
EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
|
|
@@ -698,7 +700,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_192_gcm_generic) {
|
|
|
698
700
|
out->nid = NID_aes_192_gcm;
|
|
699
701
|
out->block_size = 1;
|
|
700
702
|
out->key_len = 24;
|
|
701
|
-
out->iv_len =
|
|
703
|
+
out->iv_len = AES_GCM_NONCE_LENGTH;
|
|
702
704
|
out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
|
|
703
705
|
out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
|
|
704
706
|
EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
|
|
@@ -766,7 +768,7 @@ DEFINE_LOCAL_DATA(EVP_CIPHER, aes_256_gcm_generic) {
|
|
|
766
768
|
out->nid = NID_aes_256_gcm;
|
|
767
769
|
out->block_size = 1;
|
|
768
770
|
out->key_len = 32;
|
|
769
|
-
out->iv_len =
|
|
771
|
+
out->iv_len = AES_GCM_NONCE_LENGTH;
|
|
770
772
|
out->ctx_size = sizeof(EVP_AES_GCM_CTX) + EVP_AES_GCM_CTX_PADDING;
|
|
771
773
|
out->flags = EVP_CIPH_GCM_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_CUSTOM_COPY |
|
|
772
774
|
EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT |
|
|
@@ -931,21 +933,19 @@ static int aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const uint8_t *key,
|
|
|
931
933
|
|
|
932
934
|
static void aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx) {}
|
|
933
935
|
|
|
934
|
-
static int
|
|
935
|
-
|
|
936
|
-
|
|
937
|
-
|
|
938
|
-
|
|
939
|
-
|
|
940
|
-
|
|
941
|
-
|
|
942
|
-
|
|
943
|
-
|
|
944
|
-
if (extra_in_len + ctx->tag_len < ctx->tag_len) {
|
|
936
|
+
static int aead_aes_gcm_seal_scatter_impl(
|
|
937
|
+
const struct aead_aes_gcm_ctx *gcm_ctx,
|
|
938
|
+
uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len,
|
|
939
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
940
|
+
const uint8_t *in, size_t in_len,
|
|
941
|
+
const uint8_t *extra_in, size_t extra_in_len,
|
|
942
|
+
const uint8_t *ad, size_t ad_len,
|
|
943
|
+
size_t tag_len) {
|
|
944
|
+
if (extra_in_len + tag_len < tag_len) {
|
|
945
945
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_TOO_LARGE);
|
|
946
946
|
return 0;
|
|
947
947
|
}
|
|
948
|
-
if (max_out_tag_len < extra_in_len +
|
|
948
|
+
if (max_out_tag_len < extra_in_len + tag_len) {
|
|
949
949
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
|
|
950
950
|
return 0;
|
|
951
951
|
}
|
|
@@ -989,18 +989,35 @@ static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
|
989
989
|
}
|
|
990
990
|
}
|
|
991
991
|
|
|
992
|
-
CRYPTO_gcm128_tag(&gcm, out_tag + extra_in_len,
|
|
993
|
-
*out_tag_len =
|
|
992
|
+
CRYPTO_gcm128_tag(&gcm, out_tag + extra_in_len, tag_len);
|
|
993
|
+
*out_tag_len = tag_len + extra_in_len;
|
|
994
994
|
|
|
995
995
|
return 1;
|
|
996
996
|
}
|
|
997
997
|
|
|
998
|
-
static int
|
|
999
|
-
|
|
1000
|
-
|
|
1001
|
-
|
|
1002
|
-
|
|
1003
|
-
|
|
998
|
+
static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
999
|
+
uint8_t *out_tag, size_t *out_tag_len,
|
|
1000
|
+
size_t max_out_tag_len,
|
|
1001
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
1002
|
+
const uint8_t *in, size_t in_len,
|
|
1003
|
+
const uint8_t *extra_in,
|
|
1004
|
+
size_t extra_in_len,
|
|
1005
|
+
const uint8_t *ad, size_t ad_len) {
|
|
1006
|
+
const struct aead_aes_gcm_ctx *gcm_ctx =
|
|
1007
|
+
(const struct aead_aes_gcm_ctx *)&ctx->state;
|
|
1008
|
+
return aead_aes_gcm_seal_scatter_impl(
|
|
1009
|
+
gcm_ctx, out, out_tag, out_tag_len, max_out_tag_len, nonce, nonce_len, in,
|
|
1010
|
+
in_len, extra_in, extra_in_len, ad, ad_len, ctx->tag_len);
|
|
1011
|
+
}
|
|
1012
|
+
|
|
1013
|
+
static int aead_aes_gcm_open_gather_impl(const struct aead_aes_gcm_ctx *gcm_ctx,
|
|
1014
|
+
uint8_t *out,
|
|
1015
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
1016
|
+
const uint8_t *in, size_t in_len,
|
|
1017
|
+
const uint8_t *in_tag,
|
|
1018
|
+
size_t in_tag_len,
|
|
1019
|
+
const uint8_t *ad, size_t ad_len,
|
|
1020
|
+
size_t tag_len) {
|
|
1004
1021
|
uint8_t tag[EVP_AEAD_AES_GCM_TAG_LEN];
|
|
1005
1022
|
|
|
1006
1023
|
if (nonce_len == 0) {
|
|
@@ -1008,7 +1025,7 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
|
1008
1025
|
return 0;
|
|
1009
1026
|
}
|
|
1010
1027
|
|
|
1011
|
-
if (in_tag_len !=
|
|
1028
|
+
if (in_tag_len != tag_len) {
|
|
1012
1029
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
|
|
1013
1030
|
return 0;
|
|
1014
1031
|
}
|
|
@@ -1035,8 +1052,8 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
|
1035
1052
|
}
|
|
1036
1053
|
}
|
|
1037
1054
|
|
|
1038
|
-
CRYPTO_gcm128_tag(&gcm, tag,
|
|
1039
|
-
if (CRYPTO_memcmp(tag, in_tag,
|
|
1055
|
+
CRYPTO_gcm128_tag(&gcm, tag, tag_len);
|
|
1056
|
+
if (CRYPTO_memcmp(tag, in_tag, tag_len) != 0) {
|
|
1040
1057
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
|
|
1041
1058
|
return 0;
|
|
1042
1059
|
}
|
|
@@ -1044,11 +1061,22 @@ static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
|
1044
1061
|
return 1;
|
|
1045
1062
|
}
|
|
1046
1063
|
|
|
1064
|
+
static int aead_aes_gcm_open_gather(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
1065
|
+
const uint8_t *nonce, size_t nonce_len,
|
|
1066
|
+
const uint8_t *in, size_t in_len,
|
|
1067
|
+
const uint8_t *in_tag, size_t in_tag_len,
|
|
1068
|
+
const uint8_t *ad, size_t ad_len) {
|
|
1069
|
+
struct aead_aes_gcm_ctx *gcm_ctx = (struct aead_aes_gcm_ctx *)&ctx->state;
|
|
1070
|
+
return aead_aes_gcm_open_gather_impl(gcm_ctx, out, nonce, nonce_len, in,
|
|
1071
|
+
in_len, in_tag, in_tag_len, ad, ad_len,
|
|
1072
|
+
ctx->tag_len);
|
|
1073
|
+
}
|
|
1074
|
+
|
|
1047
1075
|
DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm) {
|
|
1048
1076
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1049
1077
|
|
|
1050
1078
|
out->key_len = 16;
|
|
1051
|
-
out->nonce_len =
|
|
1079
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1052
1080
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1053
1081
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1054
1082
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1063,7 +1091,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_192_gcm) {
|
|
|
1063
1091
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1064
1092
|
|
|
1065
1093
|
out->key_len = 24;
|
|
1066
|
-
out->nonce_len =
|
|
1094
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1067
1095
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1068
1096
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1069
1097
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1078,7 +1106,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm) {
|
|
|
1078
1106
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1079
1107
|
|
|
1080
1108
|
out->key_len = 32;
|
|
1081
|
-
out->nonce_len =
|
|
1109
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1082
1110
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1083
1111
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1084
1112
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1089,6 +1117,116 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm) {
|
|
|
1089
1117
|
out->open_gather = aead_aes_gcm_open_gather;
|
|
1090
1118
|
}
|
|
1091
1119
|
|
|
1120
|
+
static int aead_aes_gcm_init_randnonce(EVP_AEAD_CTX *ctx, const uint8_t *key,
|
|
1121
|
+
size_t key_len,
|
|
1122
|
+
size_t requested_tag_len) {
|
|
1123
|
+
if (requested_tag_len != EVP_AEAD_DEFAULT_TAG_LENGTH) {
|
|
1124
|
+
if (requested_tag_len < AES_GCM_NONCE_LENGTH) {
|
|
1125
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
|
|
1126
|
+
return 0;
|
|
1127
|
+
}
|
|
1128
|
+
requested_tag_len -= AES_GCM_NONCE_LENGTH;
|
|
1129
|
+
}
|
|
1130
|
+
|
|
1131
|
+
if (!aead_aes_gcm_init(ctx, key, key_len, requested_tag_len)) {
|
|
1132
|
+
return 0;
|
|
1133
|
+
}
|
|
1134
|
+
|
|
1135
|
+
ctx->tag_len += AES_GCM_NONCE_LENGTH;
|
|
1136
|
+
return 1;
|
|
1137
|
+
}
|
|
1138
|
+
|
|
1139
|
+
static int aead_aes_gcm_seal_scatter_randnonce(
|
|
1140
|
+
const EVP_AEAD_CTX *ctx,
|
|
1141
|
+
uint8_t *out, uint8_t *out_tag, size_t *out_tag_len, size_t max_out_tag_len,
|
|
1142
|
+
const uint8_t *external_nonce, size_t external_nonce_len,
|
|
1143
|
+
const uint8_t *in, size_t in_len,
|
|
1144
|
+
const uint8_t *extra_in, size_t extra_in_len,
|
|
1145
|
+
const uint8_t *ad, size_t ad_len) {
|
|
1146
|
+
if (external_nonce_len != 0) {
|
|
1147
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE);
|
|
1148
|
+
return 0;
|
|
1149
|
+
}
|
|
1150
|
+
|
|
1151
|
+
uint8_t nonce[AES_GCM_NONCE_LENGTH];
|
|
1152
|
+
if (max_out_tag_len < sizeof(nonce)) {
|
|
1153
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BUFFER_TOO_SMALL);
|
|
1154
|
+
return 0;
|
|
1155
|
+
}
|
|
1156
|
+
|
|
1157
|
+
RAND_bytes(nonce, sizeof(nonce));
|
|
1158
|
+
const struct aead_aes_gcm_ctx *gcm_ctx =
|
|
1159
|
+
(const struct aead_aes_gcm_ctx *)&ctx->state;
|
|
1160
|
+
if (!aead_aes_gcm_seal_scatter_impl(gcm_ctx, out, out_tag, out_tag_len,
|
|
1161
|
+
max_out_tag_len - AES_GCM_NONCE_LENGTH,
|
|
1162
|
+
nonce, sizeof(nonce), in, in_len,
|
|
1163
|
+
extra_in, extra_in_len, ad, ad_len,
|
|
1164
|
+
ctx->tag_len - AES_GCM_NONCE_LENGTH)) {
|
|
1165
|
+
return 0;
|
|
1166
|
+
}
|
|
1167
|
+
|
|
1168
|
+
assert(*out_tag_len + sizeof(nonce) <= max_out_tag_len);
|
|
1169
|
+
memcpy(out_tag + *out_tag_len, nonce, sizeof(nonce));
|
|
1170
|
+
*out_tag_len += sizeof(nonce);
|
|
1171
|
+
|
|
1172
|
+
return 1;
|
|
1173
|
+
}
|
|
1174
|
+
|
|
1175
|
+
static int aead_aes_gcm_open_gather_randnonce(
|
|
1176
|
+
const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|
1177
|
+
const uint8_t *external_nonce, size_t external_nonce_len,
|
|
1178
|
+
const uint8_t *in, size_t in_len,
|
|
1179
|
+
const uint8_t *in_tag, size_t in_tag_len,
|
|
1180
|
+
const uint8_t *ad, size_t ad_len) {
|
|
1181
|
+
if (external_nonce_len != 0) {
|
|
1182
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_INVALID_NONCE_SIZE);
|
|
1183
|
+
return 0;
|
|
1184
|
+
}
|
|
1185
|
+
|
|
1186
|
+
if (in_tag_len < AES_GCM_NONCE_LENGTH) {
|
|
1187
|
+
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT);
|
|
1188
|
+
return 0;
|
|
1189
|
+
}
|
|
1190
|
+
const uint8_t *nonce = in_tag + in_tag_len - AES_GCM_NONCE_LENGTH;
|
|
1191
|
+
|
|
1192
|
+
const struct aead_aes_gcm_ctx *gcm_ctx =
|
|
1193
|
+
(const struct aead_aes_gcm_ctx *)&ctx->state;
|
|
1194
|
+
return aead_aes_gcm_open_gather_impl(
|
|
1195
|
+
gcm_ctx, out, nonce, AES_GCM_NONCE_LENGTH, in, in_len, in_tag,
|
|
1196
|
+
in_tag_len - AES_GCM_NONCE_LENGTH, ad, ad_len,
|
|
1197
|
+
ctx->tag_len - AES_GCM_NONCE_LENGTH);
|
|
1198
|
+
}
|
|
1199
|
+
|
|
1200
|
+
DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_randnonce) {
|
|
1201
|
+
memset(out, 0, sizeof(EVP_AEAD));
|
|
1202
|
+
|
|
1203
|
+
out->key_len = 16;
|
|
1204
|
+
out->nonce_len = 0;
|
|
1205
|
+
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
|
|
1206
|
+
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
|
|
1207
|
+
out->seal_scatter_supports_extra_in = 1;
|
|
1208
|
+
|
|
1209
|
+
out->init = aead_aes_gcm_init_randnonce;
|
|
1210
|
+
out->cleanup = aead_aes_gcm_cleanup;
|
|
1211
|
+
out->seal_scatter = aead_aes_gcm_seal_scatter_randnonce;
|
|
1212
|
+
out->open_gather = aead_aes_gcm_open_gather_randnonce;
|
|
1213
|
+
}
|
|
1214
|
+
|
|
1215
|
+
DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_randnonce) {
|
|
1216
|
+
memset(out, 0, sizeof(EVP_AEAD));
|
|
1217
|
+
|
|
1218
|
+
out->key_len = 32;
|
|
1219
|
+
out->nonce_len = 0;
|
|
1220
|
+
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
|
|
1221
|
+
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN + AES_GCM_NONCE_LENGTH;
|
|
1222
|
+
out->seal_scatter_supports_extra_in = 1;
|
|
1223
|
+
|
|
1224
|
+
out->init = aead_aes_gcm_init_randnonce;
|
|
1225
|
+
out->cleanup = aead_aes_gcm_cleanup;
|
|
1226
|
+
out->seal_scatter = aead_aes_gcm_seal_scatter_randnonce;
|
|
1227
|
+
out->open_gather = aead_aes_gcm_open_gather_randnonce;
|
|
1228
|
+
}
|
|
1229
|
+
|
|
1092
1230
|
struct aead_aes_gcm_tls12_ctx {
|
|
1093
1231
|
struct aead_aes_gcm_ctx gcm_ctx;
|
|
1094
1232
|
uint64_t min_next_nonce;
|
|
@@ -1128,7 +1266,7 @@ static int aead_aes_gcm_tls12_seal_scatter(
|
|
|
1128
1266
|
struct aead_aes_gcm_tls12_ctx *gcm_ctx =
|
|
1129
1267
|
(struct aead_aes_gcm_tls12_ctx *) &ctx->state;
|
|
1130
1268
|
|
|
1131
|
-
if (nonce_len !=
|
|
1269
|
+
if (nonce_len != AES_GCM_NONCE_LENGTH) {
|
|
1132
1270
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
|
|
1133
1271
|
return 0;
|
|
1134
1272
|
}
|
|
@@ -1155,7 +1293,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_tls12) {
|
|
|
1155
1293
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1156
1294
|
|
|
1157
1295
|
out->key_len = 16;
|
|
1158
|
-
out->nonce_len =
|
|
1296
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1159
1297
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1160
1298
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1161
1299
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1170,7 +1308,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_tls12) {
|
|
|
1170
1308
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1171
1309
|
|
|
1172
1310
|
out->key_len = 32;
|
|
1173
|
-
out->nonce_len =
|
|
1311
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1174
1312
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1175
1313
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1176
1314
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1223,7 +1361,7 @@ static int aead_aes_gcm_tls13_seal_scatter(
|
|
|
1223
1361
|
struct aead_aes_gcm_tls13_ctx *gcm_ctx =
|
|
1224
1362
|
(struct aead_aes_gcm_tls13_ctx *) &ctx->state;
|
|
1225
1363
|
|
|
1226
|
-
if (nonce_len !=
|
|
1364
|
+
if (nonce_len != AES_GCM_NONCE_LENGTH) {
|
|
1227
1365
|
OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE);
|
|
1228
1366
|
return 0;
|
|
1229
1367
|
}
|
|
@@ -1261,7 +1399,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_128_gcm_tls13) {
|
|
|
1261
1399
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1262
1400
|
|
|
1263
1401
|
out->key_len = 16;
|
|
1264
|
-
out->nonce_len =
|
|
1402
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1265
1403
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1266
1404
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1267
1405
|
out->seal_scatter_supports_extra_in = 1;
|
|
@@ -1276,7 +1414,7 @@ DEFINE_METHOD_FUNCTION(EVP_AEAD, EVP_aead_aes_256_gcm_tls13) {
|
|
|
1276
1414
|
memset(out, 0, sizeof(EVP_AEAD));
|
|
1277
1415
|
|
|
1278
1416
|
out->key_len = 32;
|
|
1279
|
-
out->nonce_len =
|
|
1417
|
+
out->nonce_len = AES_GCM_NONCE_LENGTH;
|
|
1280
1418
|
out->overhead = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1281
1419
|
out->max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
|
|
1282
1420
|
out->seal_scatter_supports_extra_in = 1;
|