grpc 1.32.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1086 -3054
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +15 -7
- data/include/grpc/grpc_security.h +227 -171
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +10 -8
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +22 -55
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +2788 -1535
- data/src/core/ext/filters/client_channel/client_channel.h +0 -6
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.cc +0 -4
- data/src/core/ext/filters/client_channel/config_selector.h +40 -8
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +186 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +7 -8
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy.cc +6 -2
- data/src/core/ext/filters/client_channel/lb_policy.h +6 -7
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +48 -35
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +7 -5
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +204 -195
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +58 -26
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +5 -5
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +14 -34
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +6 -6
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +478 -145
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +810 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +8 -1
- data/src/core/ext/filters/client_channel/resolver.cc +4 -5
- data/src/core/ext/filters/client_channel/resolver.h +5 -13
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +43 -59
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +3 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +443 -17
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +22 -23
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +21 -18
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +362 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +37 -30
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +566 -366
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
- data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +29 -74
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +12 -10
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +86 -0
- data/src/core/ext/filters/client_channel/server_address.h +52 -36
- data/src/core/ext/filters/client_channel/service_config.cc +18 -13
- data/src/core/ext/filters/client_channel/service_config.h +8 -5
- data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
- data/src/core/ext/filters/client_channel/service_config_parser.cc +8 -6
- data/src/core/ext/filters/client_channel/service_config_parser.h +8 -5
- data/src/core/ext/filters/client_channel/subchannel.cc +53 -66
- data/src/core/ext/filters/client_channel/subchannel.h +14 -20
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
- data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +36 -33
- data/src/core/ext/filters/message_size/message_size_filter.cc +3 -2
- data/src/core/ext/filters/message_size/message_size_filter.h +2 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +20 -8
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +26 -14
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +226 -95
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +28 -42
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +10 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +13 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +5 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +18 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +52 -33
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +199 -34
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +171 -98
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +625 -202
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +24 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +62 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +36 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +133 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +70 -45
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +275 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +31 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +107 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +74 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +248 -43
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +41 -41
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +172 -89
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +63 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +254 -60
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +126 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -14
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +49 -27
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +204 -48
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +47 -26
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +181 -48
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +21 -17
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +96 -33
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +15 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +70 -37
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +352 -199
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +1334 -443
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +8 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +34 -10
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +129 -80
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +525 -166
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +26 -24
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +121 -64
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +7 -6
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +70 -29
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +296 -63
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +51 -34
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +188 -75
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -8
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -3
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +22 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +54 -37
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +171 -59
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
- data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +938 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +285 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +504 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -9
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +1149 -1058
- data/src/core/ext/xds/xds_api.h +215 -144
- data/src/core/ext/xds/xds_bootstrap.cc +228 -62
- data/src/core/ext/xds/xds_bootstrap.h +35 -12
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/xds/xds_channel_args.h +6 -3
- data/src/core/ext/xds/xds_client.cc +620 -495
- data/src/core/ext/xds/xds_client.h +121 -58
- data/src/core/ext/xds/xds_client_stats.cc +61 -17
- data/src/core/ext/xds/xds_client_stats.h +35 -7
- data/src/core/ext/xds/xds_server_config_fetcher.cc +267 -0
- data/src/core/lib/channel/channel_args.cc +9 -8
- data/src/core/lib/channel/channel_args.h +0 -1
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +23 -59
- data/src/core/lib/channel/channelz.h +13 -22
- data/src/core/lib/channel/channelz_registry.cc +12 -11
- data/src/core/lib/channel/channelz_registry.h +3 -1
- data/src/core/lib/channel/handshaker.cc +4 -7
- data/src/core/lib/channel/handshaker.h +3 -3
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +19 -3
- data/src/core/lib/gpr/log_posix.cc +15 -1
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +23 -22
- data/src/core/lib/gpr/string.h +5 -6
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/time.cc +12 -12
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +91 -68
- data/src/core/lib/gprpp/ref_counted_ptr.h +166 -7
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +3 -3
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -5
- data/src/core/lib/iomgr/error.cc +17 -12
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +10 -7
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -13
- data/src/core/lib/iomgr/ev_epollex_linux.cc +29 -21
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/exec_ctx.h +16 -12
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +127 -43
- data/src/core/lib/iomgr/parse_address.h +32 -8
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
- data/src/core/lib/iomgr/python_util.h +4 -4
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/resource_quota.cc +4 -4
- data/src/core/lib/iomgr/sockaddr_utils.cc +11 -11
- data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_custom.cc +22 -17
- data/src/core/lib/iomgr/tcp_posix.cc +16 -12
- data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +3 -3
- data/src/core/lib/iomgr/timer_manager.cc +2 -2
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/udp_server.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +12 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +204 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +5 -10
- data/src/core/lib/security/authorization/evaluate_args.h +1 -1
- data/src/core/lib/security/authorization/matchers.cc +339 -0
- data/src/core/lib/security/authorization/matchers.h +158 -0
- data/src/core/lib/security/authorization/mock_cel/activation.h +1 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +13 -7
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +7 -7
- data/src/core/lib/security/credentials/credentials.h +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +25 -18
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +3 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -4
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +7 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +9 -13
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +4 -3
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/ssl_utils.cc +5 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +19 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +354 -279
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +4 -6
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +7 -8
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/call.cc +41 -32
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/channel.cc +25 -41
- data/src/core/lib/surface/channel.h +9 -3
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +30 -24
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/init.cc +45 -29
- data/src/core/lib/surface/lame_client.cc +20 -46
- data/src/core/lib/surface/lame_client.h +4 -0
- data/src/core/lib/surface/server.cc +66 -20
- data/src/core/lib/surface/server.h +42 -7
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +6 -4
- data/src/core/lib/transport/authority_override.h +7 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +11 -9
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +16 -2
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.h +4 -4
- data/src/core/lib/transport/static_metadata.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +8 -8
- data/src/core/lib/uri/uri_parser.cc +131 -249
- data/src/core/lib/uri/uri_parser.h +57 -21
- data/src/core/plugin_registry/grpc_plugin_registry.cc +47 -20
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +18 -21
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +43 -47
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +7 -4
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -2
- data/src/core/tsi/ssl_transport_security.cc +75 -58
- data/src/core/tsi/ssl_transport_security.h +6 -6
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security_interface.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -16
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -40
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +35 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +4 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +728 -720
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +9 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +128 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +30 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +107 -54
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +155 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +112 -36
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +63 -9
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +118 -49
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +267 -95
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +210 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +8 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +27 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +32 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +29 -35
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +38 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +32 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +55 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +10 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -546
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +15 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +21 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +62 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +10 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +16 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +106 -27
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +42 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +462 -163
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +593 -440
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +22 -21
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +13 -23
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +11 -6
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +82 -26
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +49 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +87 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +18 -22
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +537 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +59 -21
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +194 -58
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +248 -167
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +227 -169
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/json_decode.c +1443 -0
- data/third_party/upb/upb/json_decode.h +23 -0
- data/third_party/upb/upb/json_encode.c +713 -0
- data/third_party/upb/upb/json_encode.h +36 -0
- data/third_party/upb/upb/msg.c +167 -88
- data/third_party/upb/upb/msg.h +174 -34
- data/third_party/upb/upb/port_def.inc +74 -61
- data/third_party/upb/upb/port_undef.inc +3 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +34 -197
- data/third_party/upb/upb/table.int.h +14 -5
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +18 -41
- data/third_party/upb/upb/upb.h +36 -7
- data/third_party/upb/upb/upb.hpp +4 -4
- data/third_party/upb/upb/upb.int.h +29 -0
- metadata +309 -63
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -946
- data/src/core/ext/filters/client_channel/lb_policy/xds/lrs.cc +0 -537
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_routing.cc +0 -1141
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -354
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -142
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/ext/xds/xds_channel.h +0 -46
- data/src/core/ext/xds/xds_channel_secure.cc +0 -103
- data/src/core/lib/gprpp/map.h +0 -53
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/upb/upb/port.c +0 -26
|
@@ -37,12 +37,12 @@ static int ssl_read(BIO *bio, char *out, int outl) {
|
|
|
37
37
|
|
|
38
38
|
case SSL_ERROR_WANT_ACCEPT:
|
|
39
39
|
BIO_set_retry_special(bio);
|
|
40
|
-
bio
|
|
40
|
+
BIO_set_retry_reason(bio, BIO_RR_ACCEPT);
|
|
41
41
|
break;
|
|
42
42
|
|
|
43
43
|
case SSL_ERROR_WANT_CONNECT:
|
|
44
44
|
BIO_set_retry_special(bio);
|
|
45
|
-
bio
|
|
45
|
+
BIO_set_retry_reason(bio, BIO_RR_CONNECT);
|
|
46
46
|
break;
|
|
47
47
|
|
|
48
48
|
case SSL_ERROR_NONE:
|
|
@@ -77,7 +77,7 @@ static int ssl_write(BIO *bio, const char *out, int outl) {
|
|
|
77
77
|
|
|
78
78
|
case SSL_ERROR_WANT_CONNECT:
|
|
79
79
|
BIO_set_retry_special(bio);
|
|
80
|
-
bio
|
|
80
|
+
BIO_set_retry_reason(bio, BIO_RR_CONNECT);
|
|
81
81
|
break;
|
|
82
82
|
|
|
83
83
|
case SSL_ERROR_NONE:
|
|
@@ -98,6 +98,17 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
|
|
|
98
98
|
|
|
99
99
|
switch (cmd) {
|
|
100
100
|
case BIO_C_SET_SSL:
|
|
101
|
+
if (ssl != NULL) {
|
|
102
|
+
// OpenSSL allows reusing an SSL BIO with a different SSL object. We do
|
|
103
|
+
// not support this.
|
|
104
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
105
|
+
return 0;
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
// Note this differs from upstream OpenSSL, which synchronizes
|
|
109
|
+
// |bio->next_bio| with |ssl|'s rbio here, and on |BIO_CTRL_PUSH|. We call
|
|
110
|
+
// into the corresponding |BIO| directly. (We can implement the upstream
|
|
111
|
+
// behavior if it ends up necessary.)
|
|
101
112
|
bio->shutdown = num;
|
|
102
113
|
bio->ptr = ptr;
|
|
103
114
|
bio->init = 1;
|
|
@@ -117,9 +128,11 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
|
|
|
117
128
|
return SSL_pending(ssl);
|
|
118
129
|
|
|
119
130
|
case BIO_CTRL_FLUSH: {
|
|
131
|
+
BIO *wbio = SSL_get_wbio(ssl);
|
|
120
132
|
BIO_clear_retry_flags(bio);
|
|
121
|
-
long ret = BIO_ctrl(
|
|
122
|
-
|
|
133
|
+
long ret = BIO_ctrl(wbio, cmd, num, ptr);
|
|
134
|
+
BIO_set_flags(bio, BIO_get_retry_flags(wbio));
|
|
135
|
+
BIO_set_retry_reason(bio, BIO_get_retry_reason(wbio));
|
|
123
136
|
return ret;
|
|
124
137
|
}
|
|
125
138
|
|
|
@@ -24,6 +24,8 @@ BSSL_NAMESPACE_BEGIN
|
|
|
24
24
|
constexpr int kHandoffVersion = 0;
|
|
25
25
|
constexpr int kHandbackVersion = 0;
|
|
26
26
|
|
|
27
|
+
static const unsigned kHandoffTagALPS = CBS_ASN1_CONTEXT_SPECIFIC | 0;
|
|
28
|
+
|
|
27
29
|
// early_data_t represents the state of early data in a more compact way than
|
|
28
30
|
// the 3 bits used by the implementation.
|
|
29
31
|
enum early_data_t {
|
|
@@ -57,6 +59,16 @@ static bool serialize_features(CBB *out) {
|
|
|
57
59
|
return false;
|
|
58
60
|
}
|
|
59
61
|
}
|
|
62
|
+
// ALPS is a draft protocol and may change over time. The handoff structure
|
|
63
|
+
// contains a [0] IMPLICIT OCTET STRING OPTIONAL, containing a list of u16
|
|
64
|
+
// ALPS versions that the binary supports. For now we name them by codepoint.
|
|
65
|
+
// Once ALPS is finalized and past the support horizon, this field can be
|
|
66
|
+
// removed.
|
|
67
|
+
CBB alps;
|
|
68
|
+
if (!CBB_add_asn1(out, &alps, kHandoffTagALPS) ||
|
|
69
|
+
!CBB_add_u16(&alps, TLSEXT_TYPE_application_settings)) {
|
|
70
|
+
return false;
|
|
71
|
+
}
|
|
60
72
|
return CBB_flush(out);
|
|
61
73
|
}
|
|
62
74
|
|
|
@@ -189,6 +201,29 @@ static bool apply_remote_features(SSL *ssl, CBS *in) {
|
|
|
189
201
|
new_configured_curves.Shrink(idx);
|
|
190
202
|
ssl->config->supported_group_list = std::move(new_configured_curves);
|
|
191
203
|
|
|
204
|
+
CBS alps;
|
|
205
|
+
CBS_init(&alps, nullptr, 0);
|
|
206
|
+
if (!CBS_get_optional_asn1(in, &alps, /*out_present=*/nullptr,
|
|
207
|
+
kHandoffTagALPS)) {
|
|
208
|
+
return false;
|
|
209
|
+
}
|
|
210
|
+
bool supports_alps = false;
|
|
211
|
+
while (CBS_len(&alps) != 0) {
|
|
212
|
+
uint16_t id;
|
|
213
|
+
if (!CBS_get_u16(&alps, &id)) {
|
|
214
|
+
return false;
|
|
215
|
+
}
|
|
216
|
+
// For now, we only support one ALPS code point, so we only need to extract
|
|
217
|
+
// a boolean signal from the feature list.
|
|
218
|
+
if (id == TLSEXT_TYPE_application_settings) {
|
|
219
|
+
supports_alps = true;
|
|
220
|
+
break;
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
if (!supports_alps) {
|
|
224
|
+
ssl->config->alps_configs.clear();
|
|
225
|
+
}
|
|
226
|
+
|
|
192
227
|
return true;
|
|
193
228
|
}
|
|
194
229
|
|
|
@@ -126,6 +126,8 @@ BSSL_NAMESPACE_BEGIN
|
|
|
126
126
|
|
|
127
127
|
SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
|
|
128
128
|
: ssl(ssl_arg),
|
|
129
|
+
ech_present(false),
|
|
130
|
+
ech_is_inner_present(false),
|
|
129
131
|
scts_requested(false),
|
|
130
132
|
needs_psk_binder(false),
|
|
131
133
|
handshake_finalized(false),
|
|
@@ -235,13 +237,13 @@ bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
|
|
235
237
|
return hs->transcript.Update(msg.raw);
|
|
236
238
|
}
|
|
237
239
|
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
240
|
+
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
241
|
+
Span<const SSL_EXTENSION_TYPE> ext_types,
|
|
242
|
+
bool ignore_unknown) {
|
|
241
243
|
// Reset everything.
|
|
242
|
-
for (
|
|
243
|
-
*
|
|
244
|
-
CBS_init(
|
|
244
|
+
for (const SSL_EXTENSION_TYPE &ext_type : ext_types) {
|
|
245
|
+
*ext_type.out_present = false;
|
|
246
|
+
CBS_init(ext_type.out_data, nullptr, 0);
|
|
245
247
|
}
|
|
246
248
|
|
|
247
249
|
CBS copy = *cbs;
|
|
@@ -252,38 +254,38 @@ int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
|
252
254
|
!CBS_get_u16_length_prefixed(©, &data)) {
|
|
253
255
|
OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
|
|
254
256
|
*out_alert = SSL_AD_DECODE_ERROR;
|
|
255
|
-
return
|
|
257
|
+
return false;
|
|
256
258
|
}
|
|
257
259
|
|
|
258
|
-
const SSL_EXTENSION_TYPE *
|
|
259
|
-
for (
|
|
260
|
-
if (type ==
|
|
261
|
-
|
|
260
|
+
const SSL_EXTENSION_TYPE *found = nullptr;
|
|
261
|
+
for (const SSL_EXTENSION_TYPE &ext_type : ext_types) {
|
|
262
|
+
if (type == ext_type.type) {
|
|
263
|
+
found = &ext_type;
|
|
262
264
|
break;
|
|
263
265
|
}
|
|
264
266
|
}
|
|
265
267
|
|
|
266
|
-
if (
|
|
268
|
+
if (found == nullptr) {
|
|
267
269
|
if (ignore_unknown) {
|
|
268
270
|
continue;
|
|
269
271
|
}
|
|
270
272
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
271
273
|
*out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
|
|
272
|
-
return
|
|
274
|
+
return false;
|
|
273
275
|
}
|
|
274
276
|
|
|
275
277
|
// Duplicate ext_types are forbidden.
|
|
276
|
-
if (*
|
|
278
|
+
if (*found->out_present) {
|
|
277
279
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_EXTENSION);
|
|
278
280
|
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
|
|
279
|
-
return
|
|
281
|
+
return false;
|
|
280
282
|
}
|
|
281
283
|
|
|
282
|
-
*
|
|
283
|
-
*
|
|
284
|
+
*found->out_present = 1;
|
|
285
|
+
*found->out_data = data;
|
|
284
286
|
}
|
|
285
287
|
|
|
286
|
-
return
|
|
288
|
+
return true;
|
|
287
289
|
}
|
|
288
290
|
|
|
289
291
|
enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs) {
|
|
@@ -494,9 +496,8 @@ bool ssl_send_finished(SSL_HANDSHAKE *hs) {
|
|
|
494
496
|
}
|
|
495
497
|
|
|
496
498
|
// Log the master secret, if logging is enabled.
|
|
497
|
-
if (!ssl_log_secret(
|
|
498
|
-
|
|
499
|
-
MakeConstSpan(session->master_key, session->master_key_length))) {
|
|
499
|
+
if (!ssl_log_secret(ssl, "CLIENT_RANDOM",
|
|
500
|
+
MakeConstSpan(session->secret, session->secret_length))) {
|
|
500
501
|
return 0;
|
|
501
502
|
}
|
|
502
503
|
|
|
@@ -259,7 +259,7 @@ static bool ssl_write_client_cipher_list(SSL_HANDSHAKE *hs, CBB *out) {
|
|
|
259
259
|
continue;
|
|
260
260
|
}
|
|
261
261
|
any_enabled = true;
|
|
262
|
-
if (!CBB_add_u16(&child,
|
|
262
|
+
if (!CBB_add_u16(&child, SSL_CIPHER_get_protocol_id(cipher))) {
|
|
263
263
|
return false;
|
|
264
264
|
}
|
|
265
265
|
}
|
|
@@ -358,8 +358,7 @@ static bool parse_supported_versions(SSL_HANDSHAKE *hs, uint16_t *version,
|
|
|
358
358
|
|
|
359
359
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
360
360
|
if (!ssl_parse_extensions(&extensions, &alert, ext_types,
|
|
361
|
-
|
|
362
|
-
1 /* ignore unknown */)) {
|
|
361
|
+
/*ignore_unknown=*/true)) {
|
|
363
362
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
364
363
|
return false;
|
|
365
364
|
}
|
|
@@ -460,8 +459,8 @@ static enum ssl_hs_wait_t do_enter_early_data(SSL_HANDSHAKE *hs) {
|
|
|
460
459
|
}
|
|
461
460
|
|
|
462
461
|
if (!tls13_init_early_key_schedule(
|
|
463
|
-
hs,
|
|
464
|
-
|
|
462
|
+
hs,
|
|
463
|
+
MakeConstSpan(ssl->session->secret, ssl->session->secret_length)) ||
|
|
465
464
|
!tls13_derive_early_secret(hs)) {
|
|
466
465
|
return ssl_hs_error;
|
|
467
466
|
}
|
|
@@ -637,12 +636,9 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
637
636
|
.subspan(SSL3_RANDOM_SIZE - sizeof(kTLS13DowngradeRandom));
|
|
638
637
|
if (suffix == kTLS12DowngradeRandom || suffix == kTLS13DowngradeRandom ||
|
|
639
638
|
suffix == kJDK11DowngradeRandom) {
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
644
|
-
return ssl_hs_error;
|
|
645
|
-
}
|
|
639
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_TLS13_DOWNGRADE);
|
|
640
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
641
|
+
return ssl_hs_error;
|
|
646
642
|
}
|
|
647
643
|
}
|
|
648
644
|
|
|
@@ -1411,9 +1407,9 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1411
1407
|
return ssl_hs_error;
|
|
1412
1408
|
}
|
|
1413
1409
|
|
|
1414
|
-
hs->new_session->
|
|
1415
|
-
tls1_generate_master_secret(hs, hs->new_session->
|
|
1416
|
-
if (hs->new_session->
|
|
1410
|
+
hs->new_session->secret_length =
|
|
1411
|
+
tls1_generate_master_secret(hs, hs->new_session->secret, pms);
|
|
1412
|
+
if (hs->new_session->secret_length == 0) {
|
|
1417
1413
|
return ssl_hs_error;
|
|
1418
1414
|
}
|
|
1419
1415
|
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
@@ -1551,18 +1547,12 @@ static bool can_false_start(const SSL_HANDSHAKE *hs) {
|
|
|
1551
1547
|
//
|
|
1552
1548
|
// Now that TLS 1.3 exists, we would like to avoid similar attacks between
|
|
1553
1549
|
// TLS 1.2 and TLS 1.3, but there are too many TLS 1.2 deployments to
|
|
1554
|
-
// sacrifice False Start on them.
|
|
1555
|
-
//
|
|
1556
|
-
// issues.
|
|
1557
|
-
//
|
|
1558
|
-
// |SSL_CTX_set_ignore_tls13_downgrade| normally still retains Finished-based
|
|
1559
|
-
// downgrade protection, but False Start bypasses that. Thus, we disable False
|
|
1560
|
-
// Start based on the TLS 1.3 downgrade signal, even if otherwise unenforced.
|
|
1550
|
+
// sacrifice False Start on them. Instead, we rely on the ServerHello.random
|
|
1551
|
+
// downgrade signal, which we unconditionally enforce.
|
|
1561
1552
|
if (SSL_is_dtls(ssl) ||
|
|
1562
1553
|
SSL_version(ssl) != TLS1_2_VERSION ||
|
|
1563
1554
|
hs->new_cipher->algorithm_mkey != SSL_kECDHE ||
|
|
1564
|
-
hs->new_cipher->algorithm_mac != SSL_AEAD
|
|
1565
|
-
ssl->s3->tls13_downgrade) {
|
|
1555
|
+
hs->new_cipher->algorithm_mac != SSL_AEAD) {
|
|
1566
1556
|
return false;
|
|
1567
1557
|
}
|
|
1568
1558
|
|
|
@@ -644,6 +644,12 @@ static enum ssl_hs_wait_t do_read_client_hello(SSL_HANDSHAKE *hs) {
|
|
|
644
644
|
return ssl_hs_error;
|
|
645
645
|
}
|
|
646
646
|
|
|
647
|
+
if (hs->ech_present && hs->ech_is_inner_present) {
|
|
648
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
649
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
650
|
+
return ssl_hs_error;
|
|
651
|
+
}
|
|
652
|
+
|
|
647
653
|
hs->state = state12_select_certificate;
|
|
648
654
|
return ssl_hs_ok;
|
|
649
655
|
}
|
|
@@ -908,7 +914,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
908
914
|
!CBB_add_u8_length_prefixed(&body, &session_id) ||
|
|
909
915
|
!CBB_add_bytes(&session_id, session->session_id,
|
|
910
916
|
session->session_id_length) ||
|
|
911
|
-
!CBB_add_u16(&body,
|
|
917
|
+
!CBB_add_u16(&body, SSL_CIPHER_get_protocol_id(hs->new_cipher)) ||
|
|
912
918
|
!CBB_add_u8(&body, 0 /* no compression */) ||
|
|
913
919
|
!ssl_add_serverhello_tlsext(hs, &body) ||
|
|
914
920
|
!ssl_add_message_cbb(ssl, cbb.get())) {
|
|
@@ -1402,14 +1408,13 @@ static enum ssl_hs_wait_t do_read_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1402
1408
|
}
|
|
1403
1409
|
|
|
1404
1410
|
// Compute the master secret.
|
|
1405
|
-
hs->new_session->
|
|
1406
|
-
hs, hs->new_session->
|
|
1407
|
-
if (hs->new_session->
|
|
1411
|
+
hs->new_session->secret_length = tls1_generate_master_secret(
|
|
1412
|
+
hs, hs->new_session->secret, premaster_secret);
|
|
1413
|
+
if (hs->new_session->secret_length == 0) {
|
|
1408
1414
|
return ssl_hs_error;
|
|
1409
1415
|
}
|
|
1410
1416
|
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
1411
|
-
CONSTTIME_DECLASSIFY(hs->new_session->
|
|
1412
|
-
hs->new_session->master_key_length);
|
|
1417
|
+
CONSTTIME_DECLASSIFY(hs->new_session->secret, hs->new_session->secret_length);
|
|
1413
1418
|
|
|
1414
1419
|
ssl->method->next_message(ssl);
|
|
1415
1420
|
hs->state = state12_read_client_certificate_verify;
|
|
@@ -345,6 +345,9 @@ class Array {
|
|
|
345
345
|
if (new_size > size_) {
|
|
346
346
|
abort();
|
|
347
347
|
}
|
|
348
|
+
for (size_t i = new_size; i < size_; i++) {
|
|
349
|
+
data_[i].~T();
|
|
350
|
+
}
|
|
348
351
|
size_ = new_size;
|
|
349
352
|
}
|
|
350
353
|
|
|
@@ -386,6 +389,11 @@ class GrowableArray {
|
|
|
386
389
|
T *end() { return array_.data() + size_; }
|
|
387
390
|
const T *cend() const { return array_.data() + size_; }
|
|
388
391
|
|
|
392
|
+
void clear() {
|
|
393
|
+
size_ = 0;
|
|
394
|
+
array_.Reset();
|
|
395
|
+
}
|
|
396
|
+
|
|
389
397
|
// Push adds |elem| at the end of the internal array, growing if necessary. It
|
|
390
398
|
// returns false when allocation fails.
|
|
391
399
|
bool Push(T elem) {
|
|
@@ -631,9 +639,6 @@ const EVP_MD *ssl_get_handshake_digest(uint16_t version,
|
|
|
631
639
|
bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
|
|
632
640
|
const char *rule_str, bool strict);
|
|
633
641
|
|
|
634
|
-
// ssl_cipher_get_value returns the cipher suite id of |cipher|.
|
|
635
|
-
uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher);
|
|
636
|
-
|
|
637
642
|
// ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
|
|
638
643
|
// values suitable for use with |key| in TLS 1.2 and below.
|
|
639
644
|
uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key);
|
|
@@ -1414,6 +1419,15 @@ bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
|
|
|
1414
1419
|
const SSLMessage &msg, CBS *binders);
|
|
1415
1420
|
|
|
1416
1421
|
|
|
1422
|
+
// Encrypted Client Hello.
|
|
1423
|
+
|
|
1424
|
+
// tls13_ech_accept_confirmation computes the server's ECH acceptance signal,
|
|
1425
|
+
// writing it to |out|. It returns true on success, and false on failure.
|
|
1426
|
+
bool tls13_ech_accept_confirmation(
|
|
1427
|
+
SSL_HANDSHAKE *hs, bssl::Span<uint8_t> out,
|
|
1428
|
+
bssl::Span<const uint8_t> server_hello_ech_conf);
|
|
1429
|
+
|
|
1430
|
+
|
|
1417
1431
|
// Handshake functions.
|
|
1418
1432
|
|
|
1419
1433
|
enum ssl_hs_wait_t {
|
|
@@ -1482,6 +1496,7 @@ enum tls13_server_hs_state_t {
|
|
|
1482
1496
|
state13_send_half_rtt_ticket,
|
|
1483
1497
|
state13_read_second_client_flight,
|
|
1484
1498
|
state13_process_end_of_early_data,
|
|
1499
|
+
state13_read_client_encrypted_extensions,
|
|
1485
1500
|
state13_read_client_certificate,
|
|
1486
1501
|
state13_read_client_certificate_verify,
|
|
1487
1502
|
state13_read_channel_id,
|
|
@@ -1632,6 +1647,10 @@ struct SSL_HANDSHAKE {
|
|
|
1632
1647
|
// cookie is the value of the cookie received from the server, if any.
|
|
1633
1648
|
Array<uint8_t> cookie;
|
|
1634
1649
|
|
|
1650
|
+
// ech_grease contains the bytes of the GREASE ECH extension that was sent in
|
|
1651
|
+
// the first ClientHello.
|
|
1652
|
+
Array<uint8_t> ech_grease;
|
|
1653
|
+
|
|
1635
1654
|
// key_share_bytes is the value of the previously sent KeyShare extension by
|
|
1636
1655
|
// the client in TLS 1.3.
|
|
1637
1656
|
Array<uint8_t> key_share_bytes;
|
|
@@ -1710,6 +1729,14 @@ struct SSL_HANDSHAKE {
|
|
|
1710
1729
|
// key_block is the record-layer key block for TLS 1.2 and earlier.
|
|
1711
1730
|
Array<uint8_t> key_block;
|
|
1712
1731
|
|
|
1732
|
+
// ech_present, on the server, indicates whether the ClientHello contained an
|
|
1733
|
+
// encrypted_client_hello extension.
|
|
1734
|
+
bool ech_present : 1;
|
|
1735
|
+
|
|
1736
|
+
// ech_is_inner_present, on the server, indicates whether the ClientHello
|
|
1737
|
+
// contained an ech_is_inner extension.
|
|
1738
|
+
bool ech_is_inner_present : 1;
|
|
1739
|
+
|
|
1713
1740
|
// scts_requested is true if the SCT extension is in the ClientHello.
|
|
1714
1741
|
bool scts_requested : 1;
|
|
1715
1742
|
|
|
@@ -1876,7 +1903,8 @@ bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
|
1876
1903
|
bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
|
|
1877
1904
|
Array<uint8_t> *out_secret,
|
|
1878
1905
|
uint8_t *out_alert, CBS *contents);
|
|
1879
|
-
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out
|
|
1906
|
+
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out,
|
|
1907
|
+
bool dry_run);
|
|
1880
1908
|
|
|
1881
1909
|
bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
1882
1910
|
uint8_t *out_alert,
|
|
@@ -1918,6 +1946,12 @@ bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
|
|
|
1918
1946
|
bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
1919
1947
|
const SSL_CLIENT_HELLO *client_hello);
|
|
1920
1948
|
|
|
1949
|
+
// ssl_negotiate_alps negotiates the ALPS extension, if applicable. It returns
|
|
1950
|
+
// true on successful negotiation or if nothing was negotiated. It returns false
|
|
1951
|
+
// and sets |*out_alert| to an alert on error.
|
|
1952
|
+
bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
1953
|
+
const SSL_CLIENT_HELLO *client_hello);
|
|
1954
|
+
|
|
1921
1955
|
struct SSL_EXTENSION_TYPE {
|
|
1922
1956
|
uint16_t type;
|
|
1923
1957
|
bool *out_present;
|
|
@@ -1926,12 +1960,12 @@ struct SSL_EXTENSION_TYPE {
|
|
|
1926
1960
|
|
|
1927
1961
|
// ssl_parse_extensions parses a TLS extensions block out of |cbs| and advances
|
|
1928
1962
|
// it. It writes the parsed extensions to pointers denoted by |ext_types|. On
|
|
1929
|
-
// success, it fills in the |out_present| and |out_data| fields and returns
|
|
1930
|
-
// Otherwise, it sets |*out_alert| to an alert to send and returns
|
|
1931
|
-
// extensions are rejected unless |ignore_unknown| is
|
|
1932
|
-
|
|
1933
|
-
|
|
1934
|
-
|
|
1963
|
+
// success, it fills in the |out_present| and |out_data| fields and returns
|
|
1964
|
+
// true. Otherwise, it sets |*out_alert| to an alert to send and returns false.
|
|
1965
|
+
// Unknown extensions are rejected unless |ignore_unknown| is true.
|
|
1966
|
+
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
1967
|
+
Span<const SSL_EXTENSION_TYPE> ext_types,
|
|
1968
|
+
bool ignore_unknown);
|
|
1935
1969
|
|
|
1936
1970
|
// ssl_verify_peer_cert verifies the peer certificate for |hs|.
|
|
1937
1971
|
enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
|
|
@@ -2401,9 +2435,6 @@ struct SSL3_STATE {
|
|
|
2401
2435
|
// early_data_accepted is true if early data was accepted by the server.
|
|
2402
2436
|
bool early_data_accepted : 1;
|
|
2403
2437
|
|
|
2404
|
-
// tls13_downgrade is whether the TLS 1.3 anti-downgrade logic fired.
|
|
2405
|
-
bool tls13_downgrade : 1;
|
|
2406
|
-
|
|
2407
2438
|
// token_binding_negotiated is set if Token Binding was negotiated.
|
|
2408
2439
|
bool token_binding_negotiated : 1;
|
|
2409
2440
|
|
|
@@ -2624,6 +2655,12 @@ struct DTLS1_STATE {
|
|
|
2624
2655
|
unsigned timeout_duration_ms = 0;
|
|
2625
2656
|
};
|
|
2626
2657
|
|
|
2658
|
+
// An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
|
|
2659
|
+
struct ALPSConfig {
|
|
2660
|
+
Array<uint8_t> protocol;
|
|
2661
|
+
Array<uint8_t> settings;
|
|
2662
|
+
};
|
|
2663
|
+
|
|
2627
2664
|
// SSL_CONFIG contains configuration bits that can be shed after the handshake
|
|
2628
2665
|
// completes. Objects of this type are not shared; they are unique to a
|
|
2629
2666
|
// particular |SSL|.
|
|
@@ -2690,6 +2727,10 @@ struct SSL_CONFIG {
|
|
|
2690
2727
|
// format.
|
|
2691
2728
|
Array<uint8_t> alpn_client_proto_list;
|
|
2692
2729
|
|
|
2730
|
+
// alps_configs contains the list of supported protocols to use with ALPS,
|
|
2731
|
+
// along with their corresponding ALPS values.
|
|
2732
|
+
GrowableArray<ALPSConfig> alps_configs;
|
|
2733
|
+
|
|
2693
2734
|
// Contains a list of supported Token Binding key parameters.
|
|
2694
2735
|
Array<uint8_t> token_binding_params;
|
|
2695
2736
|
|
|
@@ -2710,6 +2751,10 @@ struct SSL_CONFIG {
|
|
|
2710
2751
|
// verify_mode is a bitmask of |SSL_VERIFY_*| values.
|
|
2711
2752
|
uint8_t verify_mode = SSL_VERIFY_NONE;
|
|
2712
2753
|
|
|
2754
|
+
// ech_grease_enabled controls whether ECH GREASE may be sent in the
|
|
2755
|
+
// ClientHello.
|
|
2756
|
+
bool ech_grease_enabled : 1;
|
|
2757
|
+
|
|
2713
2758
|
// Enable signed certificate time stamps. Currently client only.
|
|
2714
2759
|
bool signed_cert_timestamps_enabled : 1;
|
|
2715
2760
|
|
|
@@ -2742,13 +2787,13 @@ struct SSL_CONFIG {
|
|
|
2742
2787
|
// should be freed after the handshake completes.
|
|
2743
2788
|
bool shed_handshake_config : 1;
|
|
2744
2789
|
|
|
2745
|
-
// ignore_tls13_downgrade is whether the connection should continue when the
|
|
2746
|
-
// server random signals a downgrade.
|
|
2747
|
-
bool ignore_tls13_downgrade : 1;
|
|
2748
|
-
|
|
2749
2790
|
// jdk11_workaround is whether to disable TLS 1.3 for JDK 11 clients, as a
|
|
2750
2791
|
// workaround for https://bugs.openjdk.java.net/browse/JDK-8211806.
|
|
2751
2792
|
bool jdk11_workaround : 1;
|
|
2793
|
+
|
|
2794
|
+
// QUIC drafts up to and including 32 used a different TLS extension
|
|
2795
|
+
// codepoint to convey QUIC's transport parameters.
|
|
2796
|
+
bool quic_use_legacy_codepoint : 1;
|
|
2752
2797
|
};
|
|
2753
2798
|
|
|
2754
2799
|
// From RFC 8446, used in determining PSK modes.
|
|
@@ -3331,10 +3376,6 @@ struct ssl_ctx_st {
|
|
|
3331
3376
|
// |SSL_MODE_ENABLE_FALSE_START| is enabled) is allowed without ALPN.
|
|
3332
3377
|
bool false_start_allowed_without_alpn : 1;
|
|
3333
3378
|
|
|
3334
|
-
// ignore_tls13_downgrade is whether a connection should continue when the
|
|
3335
|
-
// server random signals a downgrade.
|
|
3336
|
-
bool ignore_tls13_downgrade:1;
|
|
3337
|
-
|
|
3338
3379
|
// handoff indicates that a server should stop after receiving the
|
|
3339
3380
|
// ClientHello and pause the handshake in such a way that |SSL_get_error|
|
|
3340
3381
|
// returns |SSL_ERROR_HANDOFF|.
|
|
@@ -3455,10 +3496,12 @@ struct ssl_session_st {
|
|
|
3455
3496
|
// the peer, or zero if not applicable or unknown.
|
|
3456
3497
|
uint16_t peer_signature_algorithm = 0;
|
|
3457
3498
|
|
|
3458
|
-
//
|
|
3459
|
-
// session. In TLS 1.3 and up, it is the resumption
|
|
3460
|
-
|
|
3461
|
-
|
|
3499
|
+
// secret, in TLS 1.2 and below, is the master secret associated with the
|
|
3500
|
+
// session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
|
|
3501
|
+
// the caller, but it stores the resumption secret when stored on |SSL|
|
|
3502
|
+
// objects.
|
|
3503
|
+
int secret_length = 0;
|
|
3504
|
+
uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
|
|
3462
3505
|
|
|
3463
3506
|
// session_id - valid?
|
|
3464
3507
|
unsigned session_id_length = 0;
|
|
@@ -3543,9 +3586,18 @@ struct ssl_session_st {
|
|
|
3543
3586
|
|
|
3544
3587
|
// early_alpn is the ALPN protocol from the initial handshake. This is only
|
|
3545
3588
|
// stored for TLS 1.3 and above in order to enforce ALPN matching for 0-RTT
|
|
3546
|
-
// resumptions.
|
|
3589
|
+
// resumptions. For the current connection's ALPN protocol, see
|
|
3590
|
+
// |alpn_selected| on |SSL3_STATE|.
|
|
3547
3591
|
bssl::Array<uint8_t> early_alpn;
|
|
3548
3592
|
|
|
3593
|
+
// local_application_settings, if |has_application_settings| is true, is the
|
|
3594
|
+
// local ALPS value for this connection.
|
|
3595
|
+
bssl::Array<uint8_t> local_application_settings;
|
|
3596
|
+
|
|
3597
|
+
// peer_application_settings, if |has_application_settings| is true, is the
|
|
3598
|
+
// peer ALPS value for this connection.
|
|
3599
|
+
bssl::Array<uint8_t> peer_application_settings;
|
|
3600
|
+
|
|
3549
3601
|
// extended_master_secret is whether the master secret in this session was
|
|
3550
3602
|
// generated using EMS and thus isn't vulnerable to the Triple Handshake
|
|
3551
3603
|
// attack.
|
|
@@ -3566,6 +3618,10 @@ struct ssl_session_st {
|
|
|
3566
3618
|
// is_quic indicates whether this session was created using QUIC.
|
|
3567
3619
|
bool is_quic : 1;
|
|
3568
3620
|
|
|
3621
|
+
// has_application_settings indicates whether ALPS was negotiated in this
|
|
3622
|
+
// session.
|
|
3623
|
+
bool has_application_settings : 1;
|
|
3624
|
+
|
|
3569
3625
|
// quic_early_data_context is used to determine whether early data must be
|
|
3570
3626
|
// rejected when performing a QUIC handshake.
|
|
3571
3627
|
bssl::Array<uint8_t> quic_early_data_context;
|