grpc 1.33.0.pre1 → 1.34.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +342 -134
- data/include/grpc/grpc.h +1 -2
- data/include/grpc/grpc_security.h +149 -172
- data/include/grpc/impl/codegen/grpc_types.h +9 -2
- data/include/grpc/impl/codegen/port_platform.h +22 -55
- data/src/core/ext/filters/client_channel/client_channel.cc +11 -34
- data/src/core/ext/filters/client_channel/config_selector.h +2 -3
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +4 -1
- data/src/core/ext/filters/client_channel/health/health_check_client.h +2 -2
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy.cc +5 -1
- data/src/core/ext/filters/client_channel/lb_policy.h +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +80 -71
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +47 -17
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +8 -5
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +16 -243
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +53 -17
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +809 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +20 -25
- data/src/core/ext/filters/client_channel/resolver.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver.h +4 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +20 -0
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +66 -7
- data/src/core/ext/filters/client_channel/resolver_registry.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +13 -25
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +1 -1
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +2 -2
- data/src/core/ext/filters/client_channel/retry_throttle.h +1 -1
- data/src/core/ext/filters/client_channel/server_address.h +0 -4
- data/src/core/ext/filters/client_channel/service_config.cc +3 -1
- data/src/core/ext/filters/client_channel/service_config.h +1 -1
- data/src/core/ext/filters/client_channel/subchannel.cc +18 -15
- data/src/core/ext/filters/client_channel/subchannel.h +2 -2
- data/src/core/ext/filters/client_channel/subchannel_interface.h +7 -15
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +6 -2
- data/src/core/ext/filters/deadline/deadline_filter.cc +83 -77
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +17 -3
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +4 -24
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +0 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/writing.cc +1 -2
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +254 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +558 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +133 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +266 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +125 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +228 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +80 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +110 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +190 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +185 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +915 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +280 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +511 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +166 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +105 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +249 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +152 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +82 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +83 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +86 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +307 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/xds/certificate_provider_factory.h +7 -5
- data/src/core/ext/xds/certificate_provider_store.cc +84 -0
- data/src/core/ext/xds/certificate_provider_store.h +65 -8
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +119 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +72 -0
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +28 -140
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +6 -4
- data/src/core/ext/xds/xds_api.cc +241 -718
- data/src/core/ext/xds/xds_api.h +50 -9
- data/src/core/ext/xds/xds_bootstrap.cc +172 -25
- data/src/core/ext/xds/xds_bootstrap.h +23 -7
- data/src/core/ext/xds/xds_certificate_provider.cc +240 -0
- data/src/core/ext/xds/xds_certificate_provider.h +74 -0
- data/src/core/ext/xds/xds_client.cc +161 -128
- data/src/core/ext/xds/xds_client.h +12 -11
- data/src/core/ext/xds/xds_client_stats.cc +41 -4
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/lib/channel/channel_args.cc +2 -1
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channelz.h +2 -2
- data/src/core/lib/channel/handshaker.h +2 -2
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log_linux.cc +17 -3
- data/src/core/lib/gpr/log_posix.cc +13 -1
- data/src/core/lib/gpr/log_windows.cc +16 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/string.cc +1 -1
- data/src/core/lib/gpr/time_precise.cc +3 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/dual_ref_counted.h +44 -49
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +40 -46
- data/src/core/lib/gprpp/ref_counted_ptr.h +9 -11
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/thd.h +2 -2
- data/src/core/lib/gprpp/thd_posix.cc +36 -36
- data/src/core/lib/http/parser.cc +46 -25
- data/src/core/lib/iomgr/error.cc +2 -1
- data/src/core/lib/iomgr/ev_epollex_linux.cc +8 -4
- data/src/core/lib/iomgr/exec_ctx.cc +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +3 -3
- data/src/core/lib/iomgr/parse_address.cc +84 -6
- data/src/core/lib/iomgr/parse_address.h +20 -0
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/python_util.h +3 -3
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/tcp_posix.cc +3 -2
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +27 -15
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +2 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.h +167 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +3 -1
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +5 -4
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +4 -0
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +6 -6
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +10 -9
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/credentials.cc +1 -1
- data/src/core/lib/security/credentials/credentials.h +3 -3
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +208 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +73 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +311 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +118 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +136 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +49 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +211 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +59 -0
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +51 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +5 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +35 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +12 -8
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +78 -0
- data/src/core/lib/security/{certificate_provider.h → credentials/tls/grpc_tls_certificate_provider.h} +32 -18
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +77 -149
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +58 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +16 -12
- data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +88 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +70 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl_utils.h +4 -2
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +293 -275
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +106 -61
- data/src/core/lib/security/transport/security_handshaker.cc +1 -1
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +2 -2
- data/src/core/lib/surface/call.cc +9 -8
- data/src/core/lib/surface/completion_queue.cc +7 -6
- data/src/core/lib/surface/server.cc +4 -2
- data/src/core/lib/surface/server.h +2 -2
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.h +2 -0
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +3 -3
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +1 -1
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +4 -3
- data/src/core/tsi/fake_transport_security.cc +1 -0
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -0
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +4 -1
- data/src/core/tsi/ssl_transport_security.cc +14 -7
- data/src/core/tsi/ssl_transport_security.h +3 -0
- data/src/core/tsi/transport_security.cc +4 -2
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +22 -14
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +36 -24
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +2 -1
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +340 -336
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +46 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +8 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +90 -63
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +60 -60
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +179 -47
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +7 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +55 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +31 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +435 -394
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +36 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +42 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +67 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +11 -14
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +216 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +53 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +133 -39
- data/third_party/upb/upb/def.c +2169 -0
- data/third_party/upb/upb/def.h +330 -0
- data/third_party/upb/upb/def.hpp +525 -0
- data/third_party/upb/upb/reflection.c +391 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/text_encode.c +398 -0
- data/third_party/upb/upb/text_encode.h +35 -0
- metadata +227 -37
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds_drop.cc +0 -571
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
@@ -0,0 +1,59 @@
|
|
1
|
+
//
|
2
|
+
// Copyright 2020 gRPC authors.
|
3
|
+
//
|
4
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
// you may not use this file except in compliance with the License.
|
6
|
+
// You may obtain a copy of the License at
|
7
|
+
//
|
8
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
//
|
10
|
+
// Unless required by applicable law or agreed to in writing, software
|
11
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
// See the License for the specific language governing permissions and
|
14
|
+
// limitations under the License.
|
15
|
+
//
|
16
|
+
|
17
|
+
#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_EXTERNAL_URL_EXTERNAL_ACCOUNT_CREDENTIALS_H
|
18
|
+
#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_EXTERNAL_URL_EXTERNAL_ACCOUNT_CREDENTIALS_H
|
19
|
+
|
20
|
+
#include <grpc/support/port_platform.h>
|
21
|
+
|
22
|
+
#include "src/core/lib/security/credentials/external/external_account_credentials.h"
|
23
|
+
|
24
|
+
namespace grpc_core {
|
25
|
+
|
26
|
+
class UrlExternalAccountCredentials final : public ExternalAccountCredentials {
|
27
|
+
public:
|
28
|
+
static RefCountedPtr<UrlExternalAccountCredentials> Create(
|
29
|
+
ExternalAccountCredentialsOptions options,
|
30
|
+
std::vector<std::string> scopes, grpc_error** error);
|
31
|
+
|
32
|
+
UrlExternalAccountCredentials(ExternalAccountCredentialsOptions options,
|
33
|
+
std::vector<std::string> scopes,
|
34
|
+
grpc_error** error);
|
35
|
+
~UrlExternalAccountCredentials() override;
|
36
|
+
|
37
|
+
private:
|
38
|
+
void RetrieveSubjectToken(
|
39
|
+
HTTPRequestContext* ctx, const ExternalAccountCredentialsOptions& options,
|
40
|
+
std::function<void(std::string, grpc_error*)> cb) override;
|
41
|
+
|
42
|
+
static void OnRetrieveSubjectToken(void* arg, grpc_error* error);
|
43
|
+
void OnRetrieveSubjectTokenInternal(grpc_error* error);
|
44
|
+
|
45
|
+
void FinishRetrieveSubjectToken(std::string subject_token, grpc_error* error);
|
46
|
+
|
47
|
+
// Fields of credential source
|
48
|
+
grpc_uri* url_ = nullptr;
|
49
|
+
std::map<std::string, std::string> headers_;
|
50
|
+
std::string format_type_;
|
51
|
+
std::string format_subject_token_field_name_;
|
52
|
+
|
53
|
+
HTTPRequestContext* ctx_ = nullptr;
|
54
|
+
std::function<void(std::string, grpc_error*)> cb_ = nullptr;
|
55
|
+
};
|
56
|
+
|
57
|
+
} // namespace grpc_core
|
58
|
+
|
59
|
+
#endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_EXTERNAL_URL_EXTERNAL_ACCOUNT_CREDENTIALS_H
|
@@ -0,0 +1,51 @@
|
|
1
|
+
//
|
2
|
+
//
|
3
|
+
// Copyright 2020 gRPC authors.
|
4
|
+
//
|
5
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
// you may not use this file except in compliance with the License.
|
7
|
+
// You may obtain a copy of the License at
|
8
|
+
//
|
9
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
//
|
11
|
+
// Unless required by applicable law or agreed to in writing, software
|
12
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
// See the License for the specific language governing permissions and
|
15
|
+
// limitations under the License.
|
16
|
+
//
|
17
|
+
//
|
18
|
+
|
19
|
+
#include <grpc/support/port_platform.h>
|
20
|
+
|
21
|
+
#include <grpc/grpc_security.h>
|
22
|
+
|
23
|
+
#include "src/core/lib/security/credentials/credentials.h"
|
24
|
+
#include "src/core/lib/security/security_connector/insecure/insecure_security_connector.h"
|
25
|
+
|
26
|
+
namespace grpc_core {
|
27
|
+
namespace {
|
28
|
+
|
29
|
+
constexpr char kCredentialsTypeInsecure[] = "insecure";
|
30
|
+
|
31
|
+
class InsecureCredentials final : public grpc_channel_credentials {
|
32
|
+
public:
|
33
|
+
explicit InsecureCredentials()
|
34
|
+
: grpc_channel_credentials(kCredentialsTypeInsecure) {}
|
35
|
+
|
36
|
+
grpc_core::RefCountedPtr<grpc_channel_security_connector>
|
37
|
+
create_security_connector(
|
38
|
+
grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
|
39
|
+
const char* /* target_name */, const grpc_channel_args* /* args */,
|
40
|
+
grpc_channel_args** /* new_args */) override {
|
41
|
+
return MakeRefCounted<InsecureChannelSecurityConnector>(
|
42
|
+
Ref(), std::move(call_creds));
|
43
|
+
}
|
44
|
+
};
|
45
|
+
|
46
|
+
} // namespace
|
47
|
+
} // namespace grpc_core
|
48
|
+
|
49
|
+
grpc_channel_credentials* grpc_insecure_credentials_create() {
|
50
|
+
return new grpc_core::InsecureCredentials();
|
51
|
+
}
|
@@ -33,11 +33,14 @@
|
|
33
33
|
#include "src/core/lib/security/util/json_util.h"
|
34
34
|
#include "src/core/lib/slice/b64.h"
|
35
35
|
|
36
|
+
#pragma clang diagnostic push
|
37
|
+
#pragma clang diagnostic ignored "-Wmodule-import-in-extern-c"
|
36
38
|
extern "C" {
|
37
39
|
#include <openssl/bio.h>
|
38
40
|
#include <openssl/evp.h>
|
39
41
|
#include <openssl/pem.h>
|
40
42
|
}
|
43
|
+
#pragma clang diagnostic pop
|
41
44
|
|
42
45
|
using grpc_core::Json;
|
43
46
|
|
@@ -64,7 +67,7 @@ static grpc_jwt_encode_and_sign_override g_jwt_encode_and_sign_override =
|
|
64
67
|
|
65
68
|
int grpc_auth_json_key_is_valid(const grpc_auth_json_key* json_key) {
|
66
69
|
return (json_key != nullptr) &&
|
67
|
-
strcmp(json_key->type, GRPC_AUTH_JSON_TYPE_INVALID);
|
70
|
+
strcmp(json_key->type, GRPC_AUTH_JSON_TYPE_INVALID) != 0;
|
68
71
|
}
|
69
72
|
|
70
73
|
grpc_auth_json_key grpc_auth_json_key_create_from_json(const Json& json) {
|
@@ -84,7 +87,7 @@ grpc_auth_json_key grpc_auth_json_key_create_from_json(const Json& json) {
|
|
84
87
|
prop_value = grpc_json_get_string_property(json, "type", &error);
|
85
88
|
GRPC_LOG_IF_ERROR("JSON key parsing", error);
|
86
89
|
if (prop_value == nullptr ||
|
87
|
-
strcmp(prop_value, GRPC_AUTH_JSON_TYPE_SERVICE_ACCOUNT)) {
|
90
|
+
strcmp(prop_value, GRPC_AUTH_JSON_TYPE_SERVICE_ACCOUNT) != 0) {
|
88
91
|
goto end;
|
89
92
|
}
|
90
93
|
result.type = GRPC_AUTH_JSON_TYPE_SERVICE_ACCOUNT;
|
@@ -50,9 +50,10 @@ class grpc_service_account_jwt_access_credentials
|
|
50
50
|
const grpc_auth_json_key& key() const { return key_; }
|
51
51
|
|
52
52
|
std::string debug_string() override {
|
53
|
-
return absl::StrFormat(
|
54
|
-
|
55
|
-
|
53
|
+
return absl::StrFormat(
|
54
|
+
"JWTAccessCredentials{ExpirationTime:%s}",
|
55
|
+
absl::FormatTime(absl::FromUnixMicros(
|
56
|
+
static_cast<int64_t>(gpr_timespec_to_micros(jwt_lifetime_)))));
|
56
57
|
};
|
57
58
|
|
58
59
|
private:
|
@@ -28,11 +28,14 @@
|
|
28
28
|
#include <grpc/support/string_util.h>
|
29
29
|
#include <grpc/support/sync.h>
|
30
30
|
|
31
|
+
#pragma clang diagnostic push
|
32
|
+
#pragma clang diagnostic ignored "-Wmodule-import-in-extern-c"
|
31
33
|
extern "C" {
|
32
34
|
#include <openssl/bn.h>
|
33
35
|
#include <openssl/pem.h>
|
34
36
|
#include <openssl/rsa.h>
|
35
37
|
}
|
38
|
+
#pragma clang diagnostic pop
|
36
39
|
|
37
40
|
#include "src/core/lib/gpr/string.h"
|
38
41
|
#include "src/core/lib/gprpp/manual_constructor.h"
|
@@ -149,7 +152,8 @@ static jose_header* jose_header_from_json(Json json) {
|
|
149
152
|
https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
|
150
153
|
*/
|
151
154
|
alg_value = it->second.string_value().c_str();
|
152
|
-
if (it->second.type() != Json::Type::STRING ||
|
155
|
+
if (it->second.type() != Json::Type::STRING ||
|
156
|
+
strncmp(alg_value, "RS", 2) != 0 ||
|
153
157
|
evp_md_from_alg(alg_value) == nullptr) {
|
154
158
|
gpr_log(GPR_ERROR, "Invalid alg field");
|
155
159
|
goto error;
|
@@ -53,7 +53,7 @@ using grpc_core::Json;
|
|
53
53
|
int grpc_auth_refresh_token_is_valid(
|
54
54
|
const grpc_auth_refresh_token* refresh_token) {
|
55
55
|
return (refresh_token != nullptr) &&
|
56
|
-
strcmp(refresh_token->type, GRPC_AUTH_JSON_TYPE_INVALID);
|
56
|
+
strcmp(refresh_token->type, GRPC_AUTH_JSON_TYPE_INVALID) != 0;
|
57
57
|
}
|
58
58
|
|
59
59
|
grpc_auth_refresh_token grpc_auth_refresh_token_create_from_json(
|
@@ -73,7 +73,7 @@ grpc_auth_refresh_token grpc_auth_refresh_token_create_from_json(
|
|
73
73
|
prop_value = grpc_json_get_string_property(json, "type", &error);
|
74
74
|
GRPC_LOG_IF_ERROR("Parsing refresh token", error);
|
75
75
|
if (prop_value == nullptr ||
|
76
|
-
strcmp(prop_value, GRPC_AUTH_JSON_TYPE_AUTHORIZED_USER)) {
|
76
|
+
strcmp(prop_value, GRPC_AUTH_JSON_TYPE_AUTHORIZED_USER) != 0) {
|
77
77
|
goto end;
|
78
78
|
}
|
79
79
|
result.type = GRPC_AUTH_JSON_TYPE_AUTHORIZED_USER;
|
@@ -26,7 +26,7 @@
|
|
26
26
|
|
27
27
|
void grpc_tls_certificate_distributor::SetKeyMaterials(
|
28
28
|
const std::string& cert_name, absl::optional<std::string> pem_root_certs,
|
29
|
-
absl::optional<PemKeyCertPairList> pem_key_cert_pairs) {
|
29
|
+
absl::optional<grpc_core::PemKeyCertPairList> pem_key_cert_pairs) {
|
30
30
|
GPR_ASSERT(pem_root_certs.has_value() || pem_key_cert_pairs.has_value());
|
31
31
|
grpc_core::MutexLock lock(&mu_);
|
32
32
|
auto& cert_info = certificate_info_map_[cert_name];
|
@@ -38,14 +38,17 @@ void grpc_tls_certificate_distributor::SetKeyMaterials(
|
|
38
38
|
const auto watcher_it = watchers_.find(watcher_ptr);
|
39
39
|
GPR_ASSERT(watcher_it != watchers_.end());
|
40
40
|
GPR_ASSERT(watcher_it->second.root_cert_name.has_value());
|
41
|
-
absl::optional<PemKeyCertPairList>
|
41
|
+
absl::optional<grpc_core::PemKeyCertPairList>
|
42
|
+
pem_key_cert_pairs_to_report;
|
42
43
|
if (pem_key_cert_pairs.has_value() &&
|
43
44
|
watcher_it->second.identity_cert_name == cert_name) {
|
44
45
|
pem_key_cert_pairs_to_report = pem_key_cert_pairs;
|
45
46
|
} else if (watcher_it->second.identity_cert_name.has_value()) {
|
46
47
|
auto& identity_cert_info =
|
47
48
|
certificate_info_map_[*watcher_it->second.identity_cert_name];
|
48
|
-
|
49
|
+
if (!identity_cert_info.pem_key_cert_pairs.empty()) {
|
50
|
+
pem_key_cert_pairs_to_report = identity_cert_info.pem_key_cert_pairs;
|
51
|
+
}
|
49
52
|
}
|
50
53
|
watcher_ptr->OnCertificatesChanged(
|
51
54
|
pem_root_certs, std::move(pem_key_cert_pairs_to_report));
|
@@ -69,7 +72,9 @@ void grpc_tls_certificate_distributor::SetKeyMaterials(
|
|
69
72
|
} else if (watcher_it->second.root_cert_name.has_value()) {
|
70
73
|
auto& root_cert_info =
|
71
74
|
certificate_info_map_[*watcher_it->second.root_cert_name];
|
72
|
-
|
75
|
+
if (!root_cert_info.pem_root_certs.empty()) {
|
76
|
+
pem_root_certs_to_report = root_cert_info.pem_root_certs;
|
77
|
+
}
|
73
78
|
}
|
74
79
|
watcher_ptr->OnCertificatesChanged(pem_root_certs_to_report,
|
75
80
|
pem_key_cert_pairs);
|
@@ -188,7 +193,7 @@ void grpc_tls_certificate_distributor::WatchTlsCertificates(
|
|
188
193
|
watchers_[watcher_ptr] = {std::move(watcher), root_cert_name,
|
189
194
|
identity_cert_name};
|
190
195
|
absl::optional<absl::string_view> updated_root_certs;
|
191
|
-
absl::optional<PemKeyCertPairList> updated_identity_pairs;
|
196
|
+
absl::optional<grpc_core::PemKeyCertPairList> updated_identity_pairs;
|
192
197
|
grpc_error* root_error = GRPC_ERROR_NONE;
|
193
198
|
grpc_error* identity_error = GRPC_ERROR_NONE;
|
194
199
|
if (root_cert_name.has_value()) {
|
@@ -319,3 +324,28 @@ void grpc_tls_certificate_distributor::CancelTlsCertificatesWatch(
|
|
319
324
|
}
|
320
325
|
}
|
321
326
|
};
|
327
|
+
|
328
|
+
/** -- Wrapper APIs declared in grpc_security.h -- **/
|
329
|
+
|
330
|
+
grpc_tls_identity_pairs* grpc_tls_identity_pairs_create() {
|
331
|
+
return new grpc_tls_identity_pairs();
|
332
|
+
}
|
333
|
+
|
334
|
+
void grpc_tls_identity_pairs_add_pair(grpc_tls_identity_pairs* pairs,
|
335
|
+
const char* private_key,
|
336
|
+
const char* cert_chain) {
|
337
|
+
GPR_ASSERT(pairs != nullptr);
|
338
|
+
GPR_ASSERT(private_key != nullptr);
|
339
|
+
GPR_ASSERT(cert_chain != nullptr);
|
340
|
+
grpc_ssl_pem_key_cert_pair* ssl_pair =
|
341
|
+
static_cast<grpc_ssl_pem_key_cert_pair*>(
|
342
|
+
gpr_malloc(sizeof(grpc_ssl_pem_key_cert_pair)));
|
343
|
+
ssl_pair->private_key = gpr_strdup(private_key);
|
344
|
+
ssl_pair->cert_chain = gpr_strdup(cert_chain);
|
345
|
+
pairs->pem_key_cert_pairs.emplace_back(ssl_pair);
|
346
|
+
}
|
347
|
+
|
348
|
+
void grpc_tls_identity_pairs_destroy(grpc_tls_identity_pairs* pairs) {
|
349
|
+
GPR_ASSERT(pairs != nullptr);
|
350
|
+
delete pairs;
|
351
|
+
}
|
@@ -21,17 +21,21 @@
|
|
21
21
|
|
22
22
|
#include <grpc/grpc_security.h>
|
23
23
|
|
24
|
+
#include <utility>
|
25
|
+
|
24
26
|
#include "absl/container/inlined_vector.h"
|
25
27
|
#include "absl/types/optional.h"
|
26
28
|
#include "src/core/lib/gprpp/ref_counted.h"
|
27
29
|
#include "src/core/lib/security/security_connector/ssl_utils.h"
|
28
30
|
|
31
|
+
struct grpc_tls_identity_pairs {
|
32
|
+
grpc_core::PemKeyCertPairList pem_key_cert_pairs;
|
33
|
+
};
|
34
|
+
|
29
35
|
// TLS certificate distributor.
|
30
36
|
struct grpc_tls_certificate_distributor
|
31
37
|
: public grpc_core::RefCounted<grpc_tls_certificate_distributor> {
|
32
38
|
public:
|
33
|
-
typedef absl::InlinedVector<grpc_core::PemKeyCertPair, 1> PemKeyCertPairList;
|
34
|
-
|
35
39
|
// Interface for watching TLS certificates update.
|
36
40
|
class TlsCertificatesWatcherInterface {
|
37
41
|
public:
|
@@ -48,7 +52,7 @@ struct grpc_tls_certificate_distributor
|
|
48
52
|
// pairs.
|
49
53
|
virtual void OnCertificatesChanged(
|
50
54
|
absl::optional<absl::string_view> root_certs,
|
51
|
-
absl::optional<PemKeyCertPairList> key_cert_pairs) = 0;
|
55
|
+
absl::optional<grpc_core::PemKeyCertPairList> key_cert_pairs) = 0;
|
52
56
|
|
53
57
|
// Handles an error that occurs while attempting to fetch certificate data.
|
54
58
|
// Note that if a watcher sees an error, it simply means the Provider is
|
@@ -78,9 +82,9 @@ struct grpc_tls_certificate_distributor
|
|
78
82
|
// @param cert_name The name of the certificates being updated.
|
79
83
|
// @param pem_root_certs The content of root certificates.
|
80
84
|
// @param pem_key_cert_pairs The content of identity key-cert pairs.
|
81
|
-
void SetKeyMaterials(
|
82
|
-
|
83
|
-
|
85
|
+
void SetKeyMaterials(
|
86
|
+
const std::string& cert_name, absl::optional<std::string> pem_root_certs,
|
87
|
+
absl::optional<grpc_core::PemKeyCertPairList> pem_key_cert_pairs);
|
84
88
|
|
85
89
|
bool HasRootCerts(const std::string& root_cert_name);
|
86
90
|
|
@@ -127,7 +131,7 @@ struct grpc_tls_certificate_distributor
|
|
127
131
|
void SetWatchStatusCallback(
|
128
132
|
std::function<void(std::string, bool, bool)> callback) {
|
129
133
|
grpc_core::MutexLock lock(&mu_);
|
130
|
-
watch_status_callback_ = callback;
|
134
|
+
watch_status_callback_ = std::move(callback);
|
131
135
|
};
|
132
136
|
|
133
137
|
// Registers a watcher. The caller may keep a raw pointer to the watcher,
|
@@ -168,7 +172,7 @@ struct grpc_tls_certificate_distributor
|
|
168
172
|
// The contents of the root certificates.
|
169
173
|
std::string pem_root_certs;
|
170
174
|
// The contents of the identity key-certificate pairs.
|
171
|
-
PemKeyCertPairList pem_key_cert_pairs;
|
175
|
+
grpc_core::PemKeyCertPairList pem_key_cert_pairs;
|
172
176
|
// The root cert reloading error propagated by the caller.
|
173
177
|
grpc_error* root_cert_error = GRPC_ERROR_NONE;
|
174
178
|
// The identity cert reloading error propagated by the caller.
|
@@ -0,0 +1,78 @@
|
|
1
|
+
//
|
2
|
+
// Copyright 2020 gRPC authors.
|
3
|
+
//
|
4
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
// you may not use this file except in compliance with the License.
|
6
|
+
// You may obtain a copy of the License at
|
7
|
+
//
|
8
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
//
|
10
|
+
// Unless required by applicable law or agreed to in writing, software
|
11
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
// See the License for the specific language governing permissions and
|
14
|
+
// limitations under the License.
|
15
|
+
//
|
16
|
+
|
17
|
+
#include <grpc/support/port_platform.h>
|
18
|
+
|
19
|
+
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
|
20
|
+
|
21
|
+
#include <grpc/support/alloc.h>
|
22
|
+
#include <grpc/support/log.h>
|
23
|
+
#include <grpc/support/string_util.h>
|
24
|
+
|
25
|
+
#include "src/core/lib/surface/api_trace.h"
|
26
|
+
|
27
|
+
namespace grpc_core {
|
28
|
+
|
29
|
+
StaticDataCertificateProvider::StaticDataCertificateProvider(
|
30
|
+
std::string root_certificate,
|
31
|
+
grpc_core::PemKeyCertPairList pem_key_cert_pairs)
|
32
|
+
: distributor_(MakeRefCounted<grpc_tls_certificate_distributor>()),
|
33
|
+
root_certificate_(std::move(root_certificate)),
|
34
|
+
pem_key_cert_pairs_(std::move(pem_key_cert_pairs)) {
|
35
|
+
distributor_->SetWatchStatusCallback([this](std::string cert_name,
|
36
|
+
bool root_being_watched,
|
37
|
+
bool identity_being_watched) {
|
38
|
+
if (!root_being_watched && !identity_being_watched) return;
|
39
|
+
absl::optional<std::string> root_certificate;
|
40
|
+
absl::optional<grpc_core::PemKeyCertPairList> pem_key_cert_pairs;
|
41
|
+
if (root_being_watched) {
|
42
|
+
root_certificate = root_certificate_;
|
43
|
+
}
|
44
|
+
if (identity_being_watched) {
|
45
|
+
pem_key_cert_pairs = pem_key_cert_pairs_;
|
46
|
+
}
|
47
|
+
distributor_->SetKeyMaterials(cert_name, std::move(root_certificate),
|
48
|
+
std::move(pem_key_cert_pairs));
|
49
|
+
});
|
50
|
+
}
|
51
|
+
|
52
|
+
} // namespace grpc_core
|
53
|
+
|
54
|
+
/** -- Wrapper APIs declared in grpc_security.h -- **/
|
55
|
+
|
56
|
+
grpc_tls_certificate_provider* grpc_tls_certificate_provider_static_data_create(
|
57
|
+
const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs) {
|
58
|
+
GPR_ASSERT(root_certificate != nullptr || pem_key_cert_pairs != nullptr);
|
59
|
+
grpc_core::PemKeyCertPairList identity_pairs_core;
|
60
|
+
if (pem_key_cert_pairs != nullptr) {
|
61
|
+
identity_pairs_core = std::move(pem_key_cert_pairs->pem_key_cert_pairs);
|
62
|
+
delete pem_key_cert_pairs;
|
63
|
+
}
|
64
|
+
std::string root_cert_core;
|
65
|
+
if (root_certificate != nullptr) {
|
66
|
+
root_cert_core = root_certificate;
|
67
|
+
}
|
68
|
+
return new grpc_core::StaticDataCertificateProvider(
|
69
|
+
std::move(root_cert_core), std::move(identity_pairs_core));
|
70
|
+
}
|
71
|
+
|
72
|
+
void grpc_tls_certificate_provider_release(
|
73
|
+
grpc_tls_certificate_provider* provider) {
|
74
|
+
GRPC_API_TRACE("grpc_tls_certificate_provider_release(provider=%p)", 1,
|
75
|
+
(provider));
|
76
|
+
grpc_core::ExecCtx exec_ctx;
|
77
|
+
if (provider != nullptr) provider->Unref();
|
78
|
+
}
|
@@ -1,5 +1,4 @@
|
|
1
1
|
//
|
2
|
-
//
|
3
2
|
// Copyright 2020 gRPC authors.
|
4
3
|
//
|
5
4
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
@@ -14,20 +13,22 @@
|
|
14
13
|
// See the License for the specific language governing permissions and
|
15
14
|
// limitations under the License.
|
16
15
|
//
|
17
|
-
//
|
18
16
|
|
19
|
-
#ifndef
|
20
|
-
#define
|
17
|
+
#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_PROVIDER_H
|
18
|
+
#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_PROVIDER_H
|
21
19
|
|
22
20
|
#include <grpc/support/port_platform.h>
|
23
21
|
|
22
|
+
#include <grpc/grpc_security.h>
|
23
|
+
#include <string.h>
|
24
|
+
|
25
|
+
#include "absl/container/inlined_vector.h"
|
26
|
+
|
24
27
|
#include "src/core/lib/gprpp/ref_counted.h"
|
25
28
|
#include "src/core/lib/gprpp/ref_counted_ptr.h"
|
26
29
|
#include "src/core/lib/iomgr/pollset_set.h"
|
27
|
-
|
28
|
-
|
29
|
-
// forward declaration and include the header for the distributor instead.
|
30
|
-
struct grpc_tls_certificate_distributor;
|
30
|
+
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h"
|
31
|
+
#include "src/core/lib/security/security_connector/ssl_utils.h"
|
31
32
|
|
32
33
|
// Interface for a grpc_tls_certificate_provider that handles the process to
|
33
34
|
// fetch credentials and validation contexts. Implementations are free to rely
|
@@ -41,20 +42,33 @@ struct grpc_tls_certificate_distributor;
|
|
41
42
|
struct grpc_tls_certificate_provider
|
42
43
|
: public grpc_core::RefCounted<grpc_tls_certificate_provider> {
|
43
44
|
public:
|
44
|
-
|
45
|
-
: interested_parties_(grpc_pollset_set_create()) {}
|
46
|
-
|
47
|
-
virtual ~grpc_tls_certificate_provider() {
|
48
|
-
grpc_pollset_set_destroy(interested_parties_);
|
49
|
-
}
|
50
|
-
|
51
|
-
grpc_pollset_set* interested_parties() const { return interested_parties_; }
|
45
|
+
virtual grpc_pollset_set* interested_parties() const { return nullptr; }
|
52
46
|
|
53
47
|
virtual grpc_core::RefCountedPtr<grpc_tls_certificate_distributor>
|
54
48
|
distributor() const = 0;
|
49
|
+
};
|
50
|
+
|
51
|
+
namespace grpc_core {
|
52
|
+
|
53
|
+
// A basic provider class that will get credentials from string during
|
54
|
+
// initialization.
|
55
|
+
class StaticDataCertificateProvider final
|
56
|
+
: public grpc_tls_certificate_provider {
|
57
|
+
public:
|
58
|
+
StaticDataCertificateProvider(
|
59
|
+
std::string root_certificate,
|
60
|
+
grpc_core::PemKeyCertPairList pem_key_cert_pairs);
|
61
|
+
|
62
|
+
RefCountedPtr<grpc_tls_certificate_distributor> distributor() const override {
|
63
|
+
return distributor_;
|
64
|
+
}
|
55
65
|
|
56
66
|
private:
|
57
|
-
|
67
|
+
RefCountedPtr<grpc_tls_certificate_distributor> distributor_;
|
68
|
+
std::string root_certificate_;
|
69
|
+
grpc_core::PemKeyCertPairList pem_key_cert_pairs_;
|
58
70
|
};
|
59
71
|
|
60
|
-
|
72
|
+
} // namespace grpc_core
|
73
|
+
|
74
|
+
#endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_PROVIDER_H
|