grpc 1.33.0.pre1 → 1.37.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1075 -2814
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +29 -2
- data/include/grpc/grpc_security.h +215 -175
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +10 -3
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +24 -55
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +2829 -1588
- data/src/core/ext/filters/client_channel/client_channel.h +0 -6
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.h +15 -4
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +191 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +7 -8
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy.cc +9 -2
- data/src/core/ext/filters/client_channel/lb_policy.h +5 -6
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +115 -106
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +55 -23
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +8 -5
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +370 -109
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/{eds_drop.cc → xds_cluster_impl.cc} +332 -108
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +22 -27
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver.cc +7 -5
- data/src/core/ext/filters/client_channel/resolver.h +5 -13
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +42 -58
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +444 -22
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +22 -23
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +21 -18
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +37 -30
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +342 -133
- data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
- data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +24 -38
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +8 -8
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +9 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -4
- data/src/core/ext/filters/client_channel/service_config.cc +3 -1
- data/src/core/ext/filters/client_channel/service_config.h +1 -1
- data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
- data/src/core/ext/filters/client_channel/subchannel.cc +117 -207
- data/src/core/ext/filters/client_channel/subchannel.h +75 -113
- data/src/core/ext/filters/client_channel/subchannel_interface.h +7 -15
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +16 -10
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +495 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
- data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +36 -33
- data/src/core/ext/filters/message_size/message_size_filter.cc +1 -1
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +23 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +29 -16
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +629 -211
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +50 -39
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.h +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
- data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
- data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -28
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +139 -40
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +119 -124
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +450 -284
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +24 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +62 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +21 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +88 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +69 -45
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +275 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +19 -19
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +80 -43
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +27 -11
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +30 -30
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +136 -49
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +41 -41
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +172 -89
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +53 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +188 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +48 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -14
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +34 -32
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +151 -61
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +33 -29
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +138 -54
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +81 -35
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +15 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +70 -37
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +257 -216
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +995 -495
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +26 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +96 -98
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +378 -226
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +28 -25
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +124 -53
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +9 -12
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +29 -24
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +32 -33
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +118 -67
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +51 -44
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +179 -129
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -8
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -3
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +16 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +34 -34
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +149 -72
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +54 -37
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +171 -59
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
- data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +231 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +944 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +290 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +505 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +7 -5
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +70 -8
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +2378 -1183
- data/src/core/ext/xds/xds_api.h +373 -99
- data/src/core/ext/xds/xds_bootstrap.cc +250 -68
- data/src/core/ext/xds/xds_bootstrap.h +40 -13
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/xds/xds_client.cc +364 -182
- data/src/core/ext/xds/xds_client.h +47 -12
- data/src/core/ext/xds/xds_client_stats.cc +43 -5
- data/src/core/ext/xds/xds_client_stats.h +4 -4
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +532 -0
- data/src/core/lib/channel/channel_args.cc +9 -8
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +7 -0
- data/src/core/lib/channel/channel_trace.cc +4 -2
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +105 -18
- data/src/core/lib/channel/channelz.h +32 -4
- data/src/core/lib/channel/channelz_registry.cc +14 -0
- data/src/core/lib/channel/channelz_registry.h +0 -1
- data/src/core/lib/channel/handshaker.cc +4 -46
- data/src/core/lib/channel/handshaker.h +3 -20
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +19 -3
- data/src/core/lib/gpr/log_posix.cc +15 -1
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +23 -22
- data/src/core/lib/gpr/string.h +5 -6
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/sync_abseil.cc +3 -6
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gpr/time.cc +12 -12
- data/src/core/lib/gpr/time_precise.cc +3 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/atomic.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +46 -51
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +42 -48
- data/src/core/lib/gprpp/ref_counted_ptr.h +20 -12
- data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +3 -3
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +3 -3
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/iomgr/buffer_list.h +1 -1
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/error.cc +17 -12
- data/src/core/lib/iomgr/error.h +1 -1
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +11 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +23 -16
- data/src/core/lib/iomgr/ev_epollex_linux.cc +29 -21
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
- data/src/core/lib/iomgr/ev_posix.cc +3 -3
- data/src/core/lib/iomgr/exec_ctx.cc +7 -3
- data/src/core/lib/iomgr/exec_ctx.h +6 -4
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +127 -43
- data/src/core/lib/iomgr/parse_address.h +32 -8
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
- data/src/core/lib/iomgr/python_util.h +4 -4
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
- data/src/core/lib/iomgr/resource_quota.cc +5 -5
- data/src/core/lib/iomgr/sockaddr_utils.cc +131 -11
- data/src/core/lib/iomgr/sockaddr_utils.h +26 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_custom.cc +22 -17
- data/src/core/lib/iomgr/tcp_posix.cc +17 -16
- data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
- data/src/core/lib/iomgr/tcp_uv.cc +2 -2
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +5 -5
- data/src/core/lib/iomgr/timer_manager.cc +3 -3
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/udp_server.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +12 -2
- data/src/core/lib/json/json_reader.cc +8 -4
- data/src/core/lib/json/json_util.h +167 -0
- data/src/core/lib/json/json_writer.cc +2 -1
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +7 -7
- data/src/core/lib/security/credentials/credentials.h +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +25 -18
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +3 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -4
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +7 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +30 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +13 -14
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +209 -10
- data/src/core/lib/security/credentials/xds/xds_credentials.h +27 -9
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +4 -3
- data/src/core/lib/security/security_connector/security_connector.h +4 -2
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -6
- data/src/core/lib/security/security_connector/ssl_utils.h +16 -21
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +360 -279
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +36 -8
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +7 -4
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +11 -13
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/call.cc +41 -32
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/channel.cc +16 -10
- data/src/core/lib/surface/channel.h +6 -5
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +31 -25
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/init.cc +19 -20
- data/src/core/lib/surface/lame_client.cc +47 -54
- data/src/core/lib/surface/lame_client.h +5 -0
- data/src/core/lib/surface/server.cc +106 -53
- data/src/core/lib/surface/server.h +114 -20
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +6 -4
- data/src/core/lib/transport/authority_override.h +7 -2
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/byte_stream.h +3 -3
- data/src/core/lib/transport/connectivity_state.h +9 -7
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +18 -4
- data/src/core/lib/transport/static_metadata.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +5 -3
- data/src/core/lib/transport/transport.h +8 -8
- data/src/core/lib/uri/uri_parser.cc +131 -249
- data/src/core/lib/uri/uri_parser.h +57 -21
- data/src/core/plugin_registry/grpc_plugin_registry.cc +26 -8
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -25
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +43 -47
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +17 -5
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -2
- data/src/core/tsi/ssl_transport_security.cc +73 -56
- data/src/core/tsi/ssl_transport_security.h +6 -6
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security_interface.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +10 -2
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -14
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -37
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +35 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +32 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +2 -2
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
- data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
- data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +4 -6
- data/third_party/abseil-cpp/absl/status/status.h +502 -113
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
- data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +4 -3
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
- data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
- data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
- data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
- data/third_party/abseil-cpp/absl/time/format.cc +43 -36
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
- data/third_party/abseil-cpp/absl/time/time.h +15 -16
- data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +728 -722
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +97 -39
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +155 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +90 -63
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +60 -60
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +179 -47
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +10 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +14 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +122 -34
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +31 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +546 -402
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +73 -17
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +49 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +87 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +18 -22
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +570 -53
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +55 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +192 -56
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +248 -167
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +227 -169
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/msg.c +167 -88
- data/third_party/upb/upb/msg.h +174 -34
- data/third_party/upb/upb/port_def.inc +74 -61
- data/third_party/upb/upb/port_undef.inc +3 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +34 -197
- data/third_party/upb/upb/table.int.h +14 -5
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +18 -41
- data/third_party/upb/upb/upb.h +36 -7
- data/third_party/upb/upb/upb.hpp +4 -4
- data/third_party/upb/upb/upb.int.h +29 -0
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +335 -75
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -1136
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -355
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -138
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -53
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -129
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -77
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -85
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -160
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -84
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +0 -377
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +0 -102
- data/src/core/lib/gprpp/map.h +0 -53
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
- data/src/core/lib/security/authorization/authorization_engine.h +0 -84
- data/src/core/lib/security/authorization/evaluate_args.cc +0 -153
- data/src/core/lib/security/authorization/evaluate_args.h +0 -59
- data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -42
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -68
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -93
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -56
- data/src/core/lib/security/certificate_provider.h +0 -60
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -503
- data/third_party/upb/upb/port.c +0 -26
|
@@ -97,6 +97,9 @@ struct rand_meth_st {
|
|
|
97
97
|
// RAND_SSLeay returns a pointer to a dummy |RAND_METHOD|.
|
|
98
98
|
OPENSSL_EXPORT RAND_METHOD *RAND_SSLeay(void);
|
|
99
99
|
|
|
100
|
+
// RAND_OpenSSL returns a pointer to a dummy |RAND_METHOD|.
|
|
101
|
+
OPENSSL_EXPORT RAND_METHOD *RAND_OpenSSL(void);
|
|
102
|
+
|
|
100
103
|
// RAND_get_rand_method returns |RAND_SSLeay()|.
|
|
101
104
|
OPENSSL_EXPORT const RAND_METHOD *RAND_get_rand_method(void);
|
|
102
105
|
|
|
@@ -267,7 +267,7 @@ OPENSSL_EXPORT int SSL_is_dtls(const SSL *ssl);
|
|
|
267
267
|
// |SSL_set0_rbio| and |SSL_set0_wbio| instead.
|
|
268
268
|
OPENSSL_EXPORT void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
|
|
269
269
|
|
|
270
|
-
// SSL_set0_rbio configures |ssl| to
|
|
270
|
+
// SSL_set0_rbio configures |ssl| to read from |rbio|. It takes ownership of
|
|
271
271
|
// |rbio|.
|
|
272
272
|
//
|
|
273
273
|
// Note that, although this function and |SSL_set0_wbio| may be called on the
|
|
@@ -1738,9 +1738,9 @@ OPENSSL_EXPORT void SSL_SESSION_get0_ocsp_response(const SSL_SESSION *session,
|
|
|
1738
1738
|
// SSL_MAX_MASTER_KEY_LENGTH is the maximum length of a master secret.
|
|
1739
1739
|
#define SSL_MAX_MASTER_KEY_LENGTH 48
|
|
1740
1740
|
|
|
1741
|
-
// SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s
|
|
1742
|
-
//
|
|
1743
|
-
//
|
|
1741
|
+
// SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s secret
|
|
1742
|
+
// to |out| and returns the number of bytes written. If |max_out| is zero, it
|
|
1743
|
+
// returns the size of the secret.
|
|
1744
1744
|
OPENSSL_EXPORT size_t SSL_SESSION_get_master_key(const SSL_SESSION *session,
|
|
1745
1745
|
uint8_t *out, size_t max_out);
|
|
1746
1746
|
|
|
@@ -2743,18 +2743,34 @@ OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos,
|
|
|
2743
2743
|
|
|
2744
2744
|
// SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called
|
|
2745
2745
|
// during ClientHello processing in order to select an ALPN protocol from the
|
|
2746
|
-
// client's list of offered protocols.
|
|
2747
|
-
// a server.
|
|
2746
|
+
// client's list of offered protocols.
|
|
2748
2747
|
//
|
|
2749
2748
|
// The callback is passed a wire-format (i.e. a series of non-empty, 8-bit
|
|
2750
|
-
// length-prefixed strings) ALPN protocol list in |in|.
|
|
2751
|
-
// |*out_len| to the selected protocol and
|
|
2752
|
-
// success. It does not pass ownership of the
|
|
2753
|
-
//
|
|
2754
|
-
//
|
|
2749
|
+
// length-prefixed strings) ALPN protocol list in |in|. To select a protocol,
|
|
2750
|
+
// the callback should set |*out| and |*out_len| to the selected protocol and
|
|
2751
|
+
// return |SSL_TLSEXT_ERR_OK| on success. It does not pass ownership of the
|
|
2752
|
+
// buffer, so |*out| should point to a static string, a buffer that outlives the
|
|
2753
|
+
// callback call, or the corresponding entry in |in|.
|
|
2754
|
+
//
|
|
2755
|
+
// If the server supports ALPN, but there are no protocols in common, the
|
|
2756
|
+
// callback should return |SSL_TLSEXT_ERR_ALERT_FATAL| to abort the connection
|
|
2757
|
+
// with a no_application_protocol alert.
|
|
2758
|
+
//
|
|
2759
|
+
// If the server does not support ALPN, it can return |SSL_TLSEXT_ERR_NOACK| to
|
|
2760
|
+
// continue the handshake without negotiating a protocol. This may be useful if
|
|
2761
|
+
// multiple server configurations share an |SSL_CTX|, only some of which have
|
|
2762
|
+
// ALPN protocols configured.
|
|
2763
|
+
//
|
|
2764
|
+
// |SSL_TLSEXT_ERR_ALERT_WARNING| is ignored and will be treated as
|
|
2765
|
+
// |SSL_TLSEXT_ERR_NOACK|.
|
|
2766
|
+
//
|
|
2767
|
+
// The callback will only be called if the client supports ALPN. Callers that
|
|
2768
|
+
// wish to require ALPN for all clients must check |SSL_get0_alpn_selected|
|
|
2769
|
+
// after the handshake. In QUIC connections, this is done automatically.
|
|
2755
2770
|
//
|
|
2756
2771
|
// The cipher suite is selected before negotiating ALPN. The callback may use
|
|
2757
|
-
// |SSL_get_pending_cipher| to query the cipher suite.
|
|
2772
|
+
// |SSL_get_pending_cipher| to query the cipher suite. This may be used to
|
|
2773
|
+
// implement HTTP/2's cipher suite constraints.
|
|
2758
2774
|
OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb(
|
|
2759
2775
|
SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *out_len,
|
|
2760
2776
|
const uint8_t *in, unsigned in_len, void *arg),
|
|
@@ -2776,15 +2792,58 @@ OPENSSL_EXPORT void SSL_CTX_set_allow_unknown_alpn_protos(SSL_CTX *ctx,
|
|
|
2776
2792
|
int enabled);
|
|
2777
2793
|
|
|
2778
2794
|
|
|
2795
|
+
// Application-layer protocol settings
|
|
2796
|
+
//
|
|
2797
|
+
// The ALPS extension (draft-vvv-tls-alps) allows exchanging application-layer
|
|
2798
|
+
// settings in the TLS handshake for applications negotiated with ALPN. Note
|
|
2799
|
+
// that, when ALPS is negotiated, the client and server each advertise their own
|
|
2800
|
+
// settings, so there are functions to both configure setting to send and query
|
|
2801
|
+
// received settings.
|
|
2802
|
+
|
|
2803
|
+
// SSL_add_application_settings configures |ssl| to enable ALPS with ALPN
|
|
2804
|
+
// protocol |proto|, sending an ALPS value of |settings|. It returns one on
|
|
2805
|
+
// success and zero on error. If |proto| is negotiated via ALPN and the peer
|
|
2806
|
+
// supports ALPS, |settings| will be sent to the peer. The peer's ALPS value can
|
|
2807
|
+
// be retrieved with |SSL_get0_peer_application_settings|.
|
|
2808
|
+
//
|
|
2809
|
+
// On the client, this function should be called before the handshake, once for
|
|
2810
|
+
// each supported ALPN protocol which uses ALPS. |proto| must be included in the
|
|
2811
|
+
// client's ALPN configuration (see |SSL_CTX_set_alpn_protos| and
|
|
2812
|
+
// |SSL_set_alpn_protos|). On the server, ALPS can be preconfigured for each
|
|
2813
|
+
// protocol as in the client, or configuration can be deferred to the ALPN
|
|
2814
|
+
// callback (see |SSL_CTX_set_alpn_select_cb|), in which case only the selected
|
|
2815
|
+
// protocol needs to be configured.
|
|
2816
|
+
//
|
|
2817
|
+
// ALPS can be independently configured from 0-RTT, however changes in protocol
|
|
2818
|
+
// settings will fallback to 1-RTT to negotiate the new value, so it is
|
|
2819
|
+
// recommended for |settings| to be relatively stable.
|
|
2820
|
+
OPENSSL_EXPORT int SSL_add_application_settings(SSL *ssl, const uint8_t *proto,
|
|
2821
|
+
size_t proto_len,
|
|
2822
|
+
const uint8_t *settings,
|
|
2823
|
+
size_t settings_len);
|
|
2824
|
+
|
|
2825
|
+
// SSL_get0_peer_application_settings sets |*out_data| and |*out_len| to a
|
|
2826
|
+
// buffer containing the peer's ALPS value, or the empty string if ALPS was not
|
|
2827
|
+
// negotiated. Note an empty string could also indicate the peer sent an empty
|
|
2828
|
+
// settings value. Use |SSL_has_application_settings| to check if ALPS was
|
|
2829
|
+
// negotiated. The output buffer is owned by |ssl| and is valid until the next
|
|
2830
|
+
// time |ssl| is modified.
|
|
2831
|
+
OPENSSL_EXPORT void SSL_get0_peer_application_settings(const SSL *ssl,
|
|
2832
|
+
const uint8_t **out_data,
|
|
2833
|
+
size_t *out_len);
|
|
2834
|
+
|
|
2835
|
+
// SSL_has_application_settings returns one if ALPS was negotiated on this
|
|
2836
|
+
// connection and zero otherwise.
|
|
2837
|
+
OPENSSL_EXPORT int SSL_has_application_settings(const SSL *ssl);
|
|
2838
|
+
|
|
2839
|
+
|
|
2779
2840
|
// Certificate compression.
|
|
2780
2841
|
//
|
|
2781
|
-
// Certificates in TLS 1.3 can be compressed
|
|
2782
|
-
// a client and a server, but does not link against any specific
|
|
2783
|
-
// libraries in order to keep dependencies to a minimum. Instead,
|
|
2784
|
-
// compression and decompression can be installed in an |SSL_CTX| to
|
|
2785
|
-
// support.
|
|
2786
|
-
//
|
|
2787
|
-
// [1] https://tools.ietf.org/html/draft-ietf-tls-certificate-compression-03.
|
|
2842
|
+
// Certificates in TLS 1.3 can be compressed (RFC 8879). BoringSSL supports this
|
|
2843
|
+
// as both a client and a server, but does not link against any specific
|
|
2844
|
+
// compression libraries in order to keep dependencies to a minimum. Instead,
|
|
2845
|
+
// hooks for compression and decompression can be installed in an |SSL_CTX| to
|
|
2846
|
+
// enable support.
|
|
2788
2847
|
|
|
2789
2848
|
// ssl_cert_compression_func_t is a pointer to a function that performs
|
|
2790
2849
|
// compression. It must write the compressed representation of |in| to |out|,
|
|
@@ -3341,6 +3400,12 @@ OPENSSL_EXPORT int SSL_set_quic_transport_params(SSL *ssl,
|
|
|
3341
3400
|
OPENSSL_EXPORT void SSL_get_peer_quic_transport_params(
|
|
3342
3401
|
const SSL *ssl, const uint8_t **out_params, size_t *out_params_len);
|
|
3343
3402
|
|
|
3403
|
+
// SSL_set_quic_use_legacy_codepoint configures whether to use the legacy QUIC
|
|
3404
|
+
// extension codepoint 0xffa5 as opposed to the official value 57. Call with
|
|
3405
|
+
// |use_legacy| set to 1 to use 0xffa5 and call with 0 to use 57. The default
|
|
3406
|
+
// value for this is currently 1 but it will change to 0 at a later date.
|
|
3407
|
+
OPENSSL_EXPORT void SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy);
|
|
3408
|
+
|
|
3344
3409
|
// SSL_set_quic_early_data_context configures a context string in QUIC servers
|
|
3345
3410
|
// for accepting early data. If a resumption connection offers early data, the
|
|
3346
3411
|
// server will check if the value matches that of the connection which minted
|
|
@@ -3493,8 +3558,10 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3493
3558
|
ssl_early_data_ticket_age_skew = 12,
|
|
3494
3559
|
// QUIC parameters differ between this connection and the original.
|
|
3495
3560
|
ssl_early_data_quic_parameter_mismatch = 13,
|
|
3561
|
+
// The application settings did not match the session.
|
|
3562
|
+
ssl_early_data_alps_mismatch = 14,
|
|
3496
3563
|
// The value of the largest entry.
|
|
3497
|
-
ssl_early_data_reason_max_value =
|
|
3564
|
+
ssl_early_data_reason_max_value = ssl_early_data_alps_mismatch,
|
|
3498
3565
|
};
|
|
3499
3566
|
|
|
3500
3567
|
// SSL_get_early_data_reason returns details why 0-RTT was accepted or rejected
|
|
@@ -3502,6 +3569,26 @@ enum ssl_early_data_reason_t BORINGSSL_ENUM_INT {
|
|
|
3502
3569
|
OPENSSL_EXPORT enum ssl_early_data_reason_t SSL_get_early_data_reason(
|
|
3503
3570
|
const SSL *ssl);
|
|
3504
3571
|
|
|
3572
|
+
// SSL_early_data_reason_string returns a string representation for |reason|, or
|
|
3573
|
+
// NULL if |reason| is unknown. This function may be used for logging.
|
|
3574
|
+
OPENSSL_EXPORT const char *SSL_early_data_reason_string(
|
|
3575
|
+
enum ssl_early_data_reason_t reason);
|
|
3576
|
+
|
|
3577
|
+
|
|
3578
|
+
// Encrypted Client Hello.
|
|
3579
|
+
//
|
|
3580
|
+
// ECH is a mechanism for encrypting the entire ClientHello message in TLS 1.3.
|
|
3581
|
+
// This can prevent observers from seeing cleartext information about the
|
|
3582
|
+
// connection, such as the server_name extension.
|
|
3583
|
+
//
|
|
3584
|
+
// ECH support in BoringSSL is still experimental and under development.
|
|
3585
|
+
//
|
|
3586
|
+
// See https://tools.ietf.org/html/draft-ietf-tls-esni-09.
|
|
3587
|
+
|
|
3588
|
+
// SSL_set_enable_ech_grease configures whether the client may send ECH GREASE
|
|
3589
|
+
// as part of this connection.
|
|
3590
|
+
OPENSSL_EXPORT void SSL_set_enable_ech_grease(SSL *ssl, int enable);
|
|
3591
|
+
|
|
3505
3592
|
|
|
3506
3593
|
// Alerts.
|
|
3507
3594
|
//
|
|
@@ -4035,19 +4122,6 @@ OPENSSL_EXPORT size_t SSL_max_seal_overhead(const SSL *ssl);
|
|
|
4035
4122
|
OPENSSL_EXPORT void SSL_CTX_set_false_start_allowed_without_alpn(SSL_CTX *ctx,
|
|
4036
4123
|
int allowed);
|
|
4037
4124
|
|
|
4038
|
-
// SSL_CTX_set_ignore_tls13_downgrade configures whether connections on |ctx|
|
|
4039
|
-
// ignore the downgrade signal in the server's random value.
|
|
4040
|
-
OPENSSL_EXPORT void SSL_CTX_set_ignore_tls13_downgrade(SSL_CTX *ctx,
|
|
4041
|
-
int ignore);
|
|
4042
|
-
|
|
4043
|
-
// SSL_set_ignore_tls13_downgrade configures whether |ssl| ignores the downgrade
|
|
4044
|
-
// signal in the server's random value.
|
|
4045
|
-
OPENSSL_EXPORT void SSL_set_ignore_tls13_downgrade(SSL *ssl, int ignore);
|
|
4046
|
-
|
|
4047
|
-
// SSL_is_tls13_downgrade returns one if the TLS 1.3 anti-downgrade
|
|
4048
|
-
// mechanism would have aborted |ssl|'s handshake and zero otherwise.
|
|
4049
|
-
OPENSSL_EXPORT int SSL_is_tls13_downgrade(const SSL *ssl);
|
|
4050
|
-
|
|
4051
4125
|
// SSL_used_hello_retry_request returns one if the TLS 1.3 HelloRetryRequest
|
|
4052
4126
|
// message has been either sent by the server or received by the client. It
|
|
4053
4127
|
// returns zero otherwise.
|
|
@@ -4724,6 +4798,18 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
|
|
|
4724
4798
|
// name and remove this one.
|
|
4725
4799
|
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher);
|
|
4726
4800
|
|
|
4801
|
+
// SSL_CTX_set_ignore_tls13_downgrade does nothing.
|
|
4802
|
+
OPENSSL_EXPORT void SSL_CTX_set_ignore_tls13_downgrade(SSL_CTX *ctx,
|
|
4803
|
+
int ignore);
|
|
4804
|
+
|
|
4805
|
+
// SSL_set_ignore_tls13_downgrade does nothing.
|
|
4806
|
+
OPENSSL_EXPORT void SSL_set_ignore_tls13_downgrade(SSL *ssl, int ignore);
|
|
4807
|
+
|
|
4808
|
+
// SSL_is_tls13_downgrade returns zero. Historically, this function returned
|
|
4809
|
+
// whether the TLS 1.3 downgrade signal would have been enforced if not
|
|
4810
|
+
// disabled. The TLS 1.3 downgrade signal is now always enforced.
|
|
4811
|
+
OPENSSL_EXPORT int SSL_is_tls13_downgrade(const SSL *ssl);
|
|
4812
|
+
|
|
4727
4813
|
|
|
4728
4814
|
// Nodejs compatibility section (hidden).
|
|
4729
4815
|
//
|
|
@@ -5216,7 +5302,9 @@ BSSL_NAMESPACE_END
|
|
|
5216
5302
|
#define SSL_R_CIPHER_MISMATCH_ON_EARLY_DATA 304
|
|
5217
5303
|
#define SSL_R_QUIC_TRANSPORT_PARAMETERS_MISCONFIGURED 305
|
|
5218
5304
|
#define SSL_R_UNEXPECTED_COMPATIBILITY_MODE 306
|
|
5219
|
-
#define
|
|
5305
|
+
#define SSL_R_NO_APPLICATION_PROTOCOL 307
|
|
5306
|
+
#define SSL_R_NEGOTIATED_ALPS_WITHOUT_ALPN 308
|
|
5307
|
+
#define SSL_R_ALPS_MISMATCH_ON_EARLY_DATA 309
|
|
5220
5308
|
#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
|
|
5221
5309
|
#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
|
|
5222
5310
|
#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
|
|
@@ -206,13 +206,27 @@ extern "C" {
|
|
|
206
206
|
// ExtensionType value from draft-ietf-tokbind-negotiation-10
|
|
207
207
|
#define TLSEXT_TYPE_token_binding 24
|
|
208
208
|
|
|
209
|
-
// ExtensionType value from draft-ietf-quic-tls.
|
|
210
|
-
//
|
|
211
|
-
//
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
209
|
+
// ExtensionType value from draft-ietf-quic-tls. Drafts 00 through 32 use
|
|
210
|
+
// 0xffa5 which is part of the Private Use section of the registry, and it
|
|
211
|
+
// collides with TLS-LTS and, based on scans, something else too (though this
|
|
212
|
+
// hasn't been a problem in practice since it's QUIC-only). Drafts 33 onward
|
|
213
|
+
// use the value 57 which was officially registered with IANA.
|
|
214
|
+
#define TLSEXT_TYPE_quic_transport_parameters_legacy 0xffa5
|
|
215
|
+
#define TLSEXT_TYPE_quic_transport_parameters_standard 57
|
|
216
|
+
|
|
217
|
+
// TLSEXT_TYPE_quic_transport_parameters is an alias for
|
|
218
|
+
// |TLSEXT_TYPE_quic_transport_parameters_legacy|. It will switch to
|
|
219
|
+
// |TLSEXT_TYPE_quic_transport_parameters_standard| at a later date.
|
|
220
|
+
//
|
|
221
|
+
// Callers using |SSL_set_quic_use_legacy_codepoint| should use
|
|
222
|
+
// |TLSEXT_TYPE_quic_transport_parameters_legacy| or
|
|
223
|
+
// |TLSEXT_TYPE_quic_transport_parameters_standard| rather than this constant.
|
|
224
|
+
// When the default code point is switched to the standard one, this value will
|
|
225
|
+
// be updated and we will transition callers back to the unsuffixed constant.
|
|
226
|
+
#define TLSEXT_TYPE_quic_transport_parameters \
|
|
227
|
+
TLSEXT_TYPE_quic_transport_parameters_legacy
|
|
228
|
+
|
|
229
|
+
// ExtensionType value from RFC8879
|
|
216
230
|
#define TLSEXT_TYPE_cert_compression 27
|
|
217
231
|
|
|
218
232
|
// ExtensionType value from RFC4507
|
|
@@ -235,6 +249,15 @@ extern "C" {
|
|
|
235
249
|
// ExtensionType value from draft-ietf-tls-subcerts.
|
|
236
250
|
#define TLSEXT_TYPE_delegated_credential 0x22
|
|
237
251
|
|
|
252
|
+
// ExtensionType value from draft-vvv-tls-alps. This is not an IANA defined
|
|
253
|
+
// extension number.
|
|
254
|
+
#define TLSEXT_TYPE_application_settings 17513
|
|
255
|
+
|
|
256
|
+
// ExtensionType values from draft-ietf-tls-esni-09. This is not an IANA defined
|
|
257
|
+
// extension number.
|
|
258
|
+
#define TLSEXT_TYPE_encrypted_client_hello 0xfe09
|
|
259
|
+
#define TLSEXT_TYPE_ech_is_inner 0xda09
|
|
260
|
+
|
|
238
261
|
// ExtensionType value from RFC6962
|
|
239
262
|
#define TLSEXT_TYPE_certificate_timestamp 18
|
|
240
263
|
|
|
@@ -267,7 +290,7 @@ extern "C" {
|
|
|
267
290
|
#define TLSEXT_hash_sha384 5
|
|
268
291
|
#define TLSEXT_hash_sha512 6
|
|
269
292
|
|
|
270
|
-
// From https://
|
|
293
|
+
// From https://www.rfc-editor.org/rfc/rfc8879.html#section-3
|
|
271
294
|
#define TLSEXT_cert_compression_zlib 1
|
|
272
295
|
#define TLSEXT_cert_compression_brotli 2
|
|
273
296
|
|
|
@@ -40,18 +40,12 @@ extern "C" {
|
|
|
40
40
|
// PMBTokens and P-384.
|
|
41
41
|
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void);
|
|
42
42
|
|
|
43
|
-
//
|
|
44
|
-
//
|
|
45
|
-
|
|
46
|
-
//
|
|
47
|
-
// This version is incomplete and should not be used.
|
|
48
|
-
// TODO(svaldez): Update to use the PrivacyPass primitive
|
|
49
|
-
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_pp(void);
|
|
43
|
+
// TRUST_TOKEN_experiment_v2_voprf is an experimental Trust Tokens protocol
|
|
44
|
+
// using VOPRFs and P-384 with up to 6 keys, without RR verification.
|
|
45
|
+
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_voprf(void);
|
|
50
46
|
|
|
51
47
|
// TRUST_TOKEN_experiment_v2_pmb is an experimental Trust Tokens protocol using
|
|
52
48
|
// PMBTokens and P-384 with up to 3 keys, without RR verification.
|
|
53
|
-
//
|
|
54
|
-
// This version is incomplete and should not be used.
|
|
55
49
|
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_pmb(void);
|
|
56
50
|
|
|
57
51
|
// trust_token_st represents a single-use token for the Trust Token protocol.
|
|
@@ -152,9 +146,9 @@ OPENSSL_EXPORT STACK_OF(TRUST_TOKEN) *
|
|
|
152
146
|
// |token| and receive a signature over |data| and serializes the request into
|
|
153
147
|
// a newly-allocated buffer, setting |*out| to that buffer and |*out_len| to
|
|
154
148
|
// its length. |time| is the number of seconds since the UNIX epoch and used to
|
|
155
|
-
// verify the validity of the issuer's response
|
|
156
|
-
//
|
|
157
|
-
// or zero on error.
|
|
149
|
+
// verify the validity of the issuer's response in TrustTokenV1 and ignored in
|
|
150
|
+
// other versions. The caller takes ownership of the buffer and must call
|
|
151
|
+
// |OPENSSL_free| when done. It returns one on success or zero on error.
|
|
158
152
|
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_redemption(
|
|
159
153
|
TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len,
|
|
160
154
|
const TRUST_TOKEN *token, const uint8_t *data, size_t data_len,
|
|
@@ -165,12 +159,8 @@ OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_redemption(
|
|
|
165
159
|
// |*out_rr| and |*out_rr_len| (respectively, |*out_sig| and |*out_sig_len|)
|
|
166
160
|
// to a newly-allocated buffer containing the SRR (respectively, the SRR
|
|
167
161
|
// signature). In other versions, it sets |*out_rr| and |*out_rr_len|
|
|
168
|
-
//
|
|
169
|
-
//
|
|
170
|
-
// success or zero on failure.
|
|
171
|
-
//
|
|
172
|
-
// TODO(svaldez): Return the entire response in |*out_rr| and omit |*out_sig| in
|
|
173
|
-
// non-|TRUST_TOKEN_experiment_v1| versions.
|
|
162
|
+
// to a newly-allocated buffer containing |response| and leaves all validation
|
|
163
|
+
// to the caller. It returns one on success or zero on failure.
|
|
174
164
|
OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_finish_redemption(
|
|
175
165
|
TRUST_TOKEN_CLIENT *ctx, uint8_t **out_rr, size_t *out_rr_len,
|
|
176
166
|
uint8_t **out_sig, size_t *out_sig_len, const uint8_t *response,
|
|
@@ -234,16 +224,16 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_issue(
|
|
|
234
224
|
uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
|
|
235
225
|
|
|
236
226
|
// TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
|
|
237
|
-
// verifies the token. If the token is valid, a
|
|
227
|
+
// verifies the token. If the token is valid, a RR is produced with a lifetime
|
|
238
228
|
// of |lifetime| (in seconds), signing over the requested data from the request
|
|
239
229
|
// and the value of the token, storing the result into a newly-allocated buffer
|
|
240
230
|
// and setting |*out| to that buffer and |*out_len| to its length. The extracted
|
|
241
231
|
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
|
|
242
232
|
// |*out_token|. The extracted client data is stored into a newly-allocated
|
|
243
|
-
// buffer and stored in |*out_client_data|.
|
|
244
|
-
// stored in |*out_redemption_time|. The caller takes
|
|
245
|
-
// buffer and must call |OPENSSL_free| when done. It
|
|
246
|
-
// zero on error.
|
|
233
|
+
// buffer and stored in |*out_client_data|. In TrustTokenV1, the extracted
|
|
234
|
+
// redemption time is stored in |*out_redemption_time|. The caller takes
|
|
235
|
+
// ownership of each output buffer and must call |OPENSSL_free| when done. It
|
|
236
|
+
// returns one on success or zero on error.
|
|
247
237
|
//
|
|
248
238
|
// The caller must keep track of all values of |*out_token| seen globally before
|
|
249
239
|
// returning the SRR to the client. If the value has been reused, the caller
|
|
@@ -255,6 +245,24 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
|
|
|
255
245
|
size_t *out_client_data_len, uint64_t *out_redemption_time,
|
|
256
246
|
const uint8_t *request, size_t request_len, uint64_t lifetime);
|
|
257
247
|
|
|
248
|
+
// TRUST_TOKEN_ISSUER_redeem_raw ingests a |request| for token redemption and
|
|
249
|
+
// verifies the token. The public metadata is stored in |*out_public|. The
|
|
250
|
+
// private metadata (if any) is stored in |*out_private|. The extracted
|
|
251
|
+
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
|
|
252
|
+
// |*out_token|. The extracted client data is stored into a newly-allocated
|
|
253
|
+
// buffer and stored in |*out_client_data|. The caller takes ownership of each
|
|
254
|
+
// output buffer and must call |OPENSSL_free| when done. It returns one on
|
|
255
|
+
// success or zero on error.
|
|
256
|
+
//
|
|
257
|
+
// The caller must keep track of all values of |*out_token| seen globally before
|
|
258
|
+
// returning a response to the client. If the value has been reused, the caller
|
|
259
|
+
// must report an error to the client. Returning a response with replayed values
|
|
260
|
+
// allows an attacker to double-spend tokens.
|
|
261
|
+
OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_raw(
|
|
262
|
+
const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
|
|
263
|
+
TRUST_TOKEN **out_token, uint8_t **out_client_data,
|
|
264
|
+
size_t *out_client_data_len, const uint8_t *request, size_t request_len);
|
|
265
|
+
|
|
258
266
|
// TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
|
|
259
267
|
// private metadata key specified by a |key| buffer of length |key_len| and the
|
|
260
268
|
// nonce by a |nonce| buffer of length |nonce_len|. The nonce in
|
|
@@ -143,7 +143,7 @@ DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
|
|
|
143
143
|
|
|
144
144
|
// we always keep X509_NAMEs in 2 forms.
|
|
145
145
|
struct X509_name_st {
|
|
146
|
-
STACK_OF(X509_NAME_ENTRY) *
|
|
146
|
+
STACK_OF(X509_NAME_ENTRY) *entries;
|
|
147
147
|
int modified; // true if 'bytes' needs to be built
|
|
148
148
|
BUF_MEM *bytes;
|
|
149
149
|
// unsigned long hash; Keep the hash around for lookups
|
|
@@ -170,7 +170,7 @@ struct x509_attributes_st {
|
|
|
170
170
|
int single; // 0 for a set, 1 for a single item (which is wrong)
|
|
171
171
|
union {
|
|
172
172
|
char *ptr;
|
|
173
|
-
/* 0 */ STACK_OF(ASN1_TYPE) *
|
|
173
|
+
/* 0 */ STACK_OF(ASN1_TYPE) *set;
|
|
174
174
|
/* 1 */ ASN1_TYPE *single;
|
|
175
175
|
} value;
|
|
176
176
|
} /* X509_ATTRIBUTE */;
|
|
@@ -185,7 +185,7 @@ struct X509_req_info_st {
|
|
|
185
185
|
X509_NAME *subject;
|
|
186
186
|
X509_PUBKEY *pubkey;
|
|
187
187
|
// d=2 hl=2 l= 0 cons: cont: 00
|
|
188
|
-
STACK_OF(X509_ATTRIBUTE) *
|
|
188
|
+
STACK_OF(X509_ATTRIBUTE) *attributes; // [ 0 ]
|
|
189
189
|
} /* X509_REQ_INFO */;
|
|
190
190
|
|
|
191
191
|
struct X509_req_st {
|
|
@@ -203,9 +203,9 @@ struct x509_cinf_st {
|
|
|
203
203
|
X509_VAL *validity;
|
|
204
204
|
X509_NAME *subject;
|
|
205
205
|
X509_PUBKEY *key;
|
|
206
|
-
ASN1_BIT_STRING *issuerUID;
|
|
207
|
-
ASN1_BIT_STRING *subjectUID;
|
|
208
|
-
STACK_OF(X509_EXTENSION) *
|
|
206
|
+
ASN1_BIT_STRING *issuerUID; // [ 1 ] optional in v2
|
|
207
|
+
ASN1_BIT_STRING *subjectUID; // [ 2 ] optional in v2
|
|
208
|
+
STACK_OF(X509_EXTENSION) *extensions; // [ 3 ] optional in v3
|
|
209
209
|
ASN1_ENCODING enc;
|
|
210
210
|
} /* X509_CINF */;
|
|
211
211
|
|
|
@@ -215,11 +215,11 @@ struct x509_cinf_st {
|
|
|
215
215
|
// the end of the certificate itself
|
|
216
216
|
|
|
217
217
|
struct x509_cert_aux_st {
|
|
218
|
-
STACK_OF(ASN1_OBJECT) *
|
|
219
|
-
STACK_OF(ASN1_OBJECT) *
|
|
220
|
-
ASN1_UTF8STRING *alias;
|
|
221
|
-
ASN1_OCTET_STRING *keyid;
|
|
222
|
-
STACK_OF(X509_ALGOR) *
|
|
218
|
+
STACK_OF(ASN1_OBJECT) *trust; // trusted uses
|
|
219
|
+
STACK_OF(ASN1_OBJECT) *reject; // rejected uses
|
|
220
|
+
ASN1_UTF8STRING *alias; // "friendly name"
|
|
221
|
+
ASN1_OCTET_STRING *keyid; // key id of private key
|
|
222
|
+
STACK_OF(X509_ALGOR) *other; // other unspecified info
|
|
223
223
|
} /* X509_CERT_AUX */;
|
|
224
224
|
|
|
225
225
|
DECLARE_STACK_OF(DIST_POINT)
|
|
@@ -241,8 +241,8 @@ struct x509_st {
|
|
|
241
241
|
ASN1_OCTET_STRING *skid;
|
|
242
242
|
AUTHORITY_KEYID *akid;
|
|
243
243
|
X509_POLICY_CACHE *policy_cache;
|
|
244
|
-
STACK_OF(DIST_POINT) *
|
|
245
|
-
STACK_OF(GENERAL_NAME) *
|
|
244
|
+
STACK_OF(DIST_POINT) *crldp;
|
|
245
|
+
STACK_OF(GENERAL_NAME) *altname;
|
|
246
246
|
NAME_CONSTRAINTS *nc;
|
|
247
247
|
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
248
248
|
X509_CERT_AUX *aux;
|
|
@@ -364,9 +364,9 @@ DEFINE_STACK_OF(X509_TRUST)
|
|
|
364
364
|
struct x509_revoked_st {
|
|
365
365
|
ASN1_INTEGER *serialNumber;
|
|
366
366
|
ASN1_TIME *revocationDate;
|
|
367
|
-
STACK_OF(X509_EXTENSION) /* optional */ *
|
|
367
|
+
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
|
|
368
368
|
// Set up if indirect CRL
|
|
369
|
-
STACK_OF(GENERAL_NAME) *
|
|
369
|
+
STACK_OF(GENERAL_NAME) *issuer;
|
|
370
370
|
// Revocation reason
|
|
371
371
|
int reason;
|
|
372
372
|
int sequence; // load sequence
|
|
@@ -381,8 +381,8 @@ struct X509_crl_info_st {
|
|
|
381
381
|
X509_NAME *issuer;
|
|
382
382
|
ASN1_TIME *lastUpdate;
|
|
383
383
|
ASN1_TIME *nextUpdate;
|
|
384
|
-
STACK_OF(X509_REVOKED) *
|
|
385
|
-
STACK_OF(X509_EXTENSION) /* [0] */ *
|
|
384
|
+
STACK_OF(X509_REVOKED) *revoked;
|
|
385
|
+
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
|
|
386
386
|
ASN1_ENCODING enc;
|
|
387
387
|
} /* X509_CRL_INFO */;
|
|
388
388
|
|
|
@@ -405,7 +405,7 @@ struct X509_crl_st {
|
|
|
405
405
|
ASN1_INTEGER *crl_number;
|
|
406
406
|
ASN1_INTEGER *base_crl_number;
|
|
407
407
|
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
|
408
|
-
STACK_OF(GENERAL_NAMES) *
|
|
408
|
+
STACK_OF(GENERAL_NAMES) *issuers;
|
|
409
409
|
const X509_CRL_METHOD *meth;
|
|
410
410
|
void *meth_data;
|
|
411
411
|
} /* X509_CRL */;
|
|
@@ -610,8 +610,8 @@ OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
|
|
|
610
610
|
OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
|
|
611
611
|
|
|
612
612
|
// X509_CRL_get0_extensions returns |crl|'s extension list.
|
|
613
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
614
|
-
|
|
613
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(
|
|
614
|
+
const X509_CRL *crl);
|
|
615
615
|
|
|
616
616
|
// X509_CINF_set_modified marks |cinf| as modified so that changes will be
|
|
617
617
|
// reflected in serializing the structure.
|
|
@@ -697,9 +697,8 @@ OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
|
|
|
697
697
|
OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
|
|
698
698
|
|
|
699
699
|
// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
|
|
700
|
-
// |EVP_PKEY|, or NULL on error. The
|
|
701
|
-
//
|
|
702
|
-
// |EVP_PKEY_up_ref| to extend the lifetime.
|
|
700
|
+
// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
|
|
701
|
+
// pointer and must call |EVP_PKEY_free| when done.
|
|
703
702
|
OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
|
|
704
703
|
|
|
705
704
|
// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
|
|
@@ -718,25 +717,95 @@ OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
|
|
|
718
717
|
OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
|
|
719
718
|
const ASN1_STRING *sig);
|
|
720
719
|
|
|
721
|
-
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
|
|
725
|
-
OPENSSL_EXPORT int
|
|
726
|
-
|
|
727
|
-
|
|
720
|
+
// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
|
|
721
|
+
// signature fields. It returns one on success and zero on error. This function
|
|
722
|
+
// uses digest algorithm |md|, or |pkey|'s default if NULL. Other signing
|
|
723
|
+
// parameters use |pkey|'s defaults. To customize them, use |X509_sign_ctx|.
|
|
724
|
+
OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
|
|
725
|
+
|
|
726
|
+
// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
|
|
727
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
728
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
729
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
730
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
731
|
+
OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
|
|
732
|
+
|
|
733
|
+
// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
|
|
734
|
+
// and signature fields. It returns one on success and zero on error. This
|
|
735
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
736
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
|
737
|
+
// |X509_REQ_sign_ctx|.
|
|
738
|
+
OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
|
|
739
|
+
const EVP_MD *md);
|
|
740
|
+
|
|
741
|
+
// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
|
|
742
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
743
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
744
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
745
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
746
|
+
OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
|
|
747
|
+
|
|
748
|
+
// X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm
|
|
749
|
+
// and signature fields. It returns one on success and zero on error. This
|
|
750
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
751
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
|
752
|
+
// |X509_CRL_sign_ctx|.
|
|
753
|
+
OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey,
|
|
754
|
+
const EVP_MD *md);
|
|
755
|
+
|
|
756
|
+
// X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm
|
|
757
|
+
// and signature fields. It returns one on success and zero on error. The
|
|
758
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
|
759
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
|
760
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
|
761
|
+
OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx);
|
|
762
|
+
|
|
763
|
+
// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
|
|
764
|
+
// algorithm and signature fields. It returns one on success and zero on error.
|
|
765
|
+
// This function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
|
766
|
+
// signing parameters use |pkey|'s defaults.
|
|
767
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
|
|
728
768
|
const EVP_MD *md);
|
|
729
769
|
|
|
730
|
-
|
|
731
|
-
|
|
732
|
-
|
|
733
|
-
|
|
734
|
-
|
|
735
|
-
|
|
736
|
-
|
|
737
|
-
|
|
738
|
-
|
|
739
|
-
|
|
770
|
+
// X509_pubkey_digest hashes the DER encoding of |x509|'s subjectPublicKeyInfo
|
|
771
|
+
// field with |md| and writes the result to |out|. |EVP_MD_CTX_size| bytes are
|
|
772
|
+
// written, which is at most |EVP_MAX_MD_SIZE|. If |out_len| is not NULL,
|
|
773
|
+
// |*out_len| is set to the number of bytes written. This function returns one
|
|
774
|
+
// on success and zero on error.
|
|
775
|
+
OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
|
|
776
|
+
uint8_t *out, unsigned *out_len);
|
|
777
|
+
|
|
778
|
+
// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
|
|
779
|
+
// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
780
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
781
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
782
|
+
// Note this digest covers the entire certificate, not just the signed portion.
|
|
783
|
+
OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
|
|
784
|
+
unsigned *out_len);
|
|
785
|
+
|
|
786
|
+
// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
|
|
787
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
788
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
789
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
790
|
+
// Note this digest covers the entire CRL, not just the signed portion.
|
|
791
|
+
OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
|
|
792
|
+
uint8_t *out, unsigned *out_len);
|
|
793
|
+
|
|
794
|
+
// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
|
|
795
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
796
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
797
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
798
|
+
// Note this digest covers the entire certificate request, not just the signed
|
|
799
|
+
// portion.
|
|
800
|
+
OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
|
|
801
|
+
uint8_t *out, unsigned *out_len);
|
|
802
|
+
|
|
803
|
+
// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
|
|
804
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
|
805
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
|
806
|
+
// of bytes written. This function returns one on success and zero on error.
|
|
807
|
+
OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
|
|
808
|
+
uint8_t *out, unsigned *out_len);
|
|
740
809
|
|
|
741
810
|
// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
|
|
742
811
|
// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
|
|
@@ -899,14 +968,58 @@ OPENSSL_EXPORT int i2d_X509_AUX(X509 *a, unsigned char **pp);
|
|
|
899
968
|
OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp,
|
|
900
969
|
long length);
|
|
901
970
|
|
|
902
|
-
|
|
971
|
+
// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|. If |outp| is
|
|
972
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
|
973
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
|
974
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
|
975
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
|
976
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
|
977
|
+
// function returns the number of bytes in the result, whether written or not,
|
|
978
|
+
// or a negative value on error.
|
|
979
|
+
//
|
|
980
|
+
// This function re-encodes the TBSCertificate and may not reflect |x509|'s
|
|
981
|
+
// original encoding. It may be used to manually generate a signature for a new
|
|
982
|
+
// certificate. To verify certificates, use |i2d_X509_tbs| instead.
|
|
983
|
+
OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
|
|
984
|
+
|
|
985
|
+
// i2d_X509_tbs serializes the TBSCertificate portion of |x509|. If |outp| is
|
|
986
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
|
987
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
|
988
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
|
989
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
|
990
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
|
991
|
+
// function returns the number of bytes in the result, whether written or not,
|
|
992
|
+
// or a negative value on error.
|
|
993
|
+
//
|
|
994
|
+
// This function preserves the original encoding of the TBSCertificate and may
|
|
995
|
+
// not reflect modifications made to |x509|. It may be used to manually verify
|
|
996
|
+
// the signature of an existing certificate. To generate certificates, use
|
|
997
|
+
// |i2d_re_X509_tbs| instead.
|
|
998
|
+
OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
|
|
999
|
+
|
|
1000
|
+
// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
|
|
1001
|
+
// returns one on success or zero on error. It updates both the signature field
|
|
1002
|
+
// of the TBSCertificate structure, and the signatureAlgorithm field of the
|
|
1003
|
+
// Certificate.
|
|
1004
|
+
OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
|
|
1005
|
+
|
|
1006
|
+
// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
|
|
1007
|
+
// bytes pointed by |sig|. It returns one on success and zero on error.
|
|
1008
|
+
//
|
|
1009
|
+
// Due to a specification error, X.509 certificates store signatures in ASN.1
|
|
1010
|
+
// BIT STRINGs, but signature algorithms return byte strings rather than bit
|
|
1011
|
+
// strings. This function creates a BIT STRING containing a whole number of
|
|
1012
|
+
// bytes, with the bit order matching the DER encoding. This matches the
|
|
1013
|
+
// encoding used by all X.509 signature algorithms.
|
|
1014
|
+
OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
|
|
1015
|
+
size_t sig_len);
|
|
903
1016
|
|
|
904
1017
|
OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **psig,
|
|
905
1018
|
const X509_ALGOR **palg, const X509 *x);
|
|
906
1019
|
OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x);
|
|
907
1020
|
|
|
908
|
-
OPENSSL_EXPORT int X509_alias_set1(X509 *x, unsigned char *name, int len);
|
|
909
|
-
OPENSSL_EXPORT int X509_keyid_set1(X509 *x, unsigned char *id, int len);
|
|
1021
|
+
OPENSSL_EXPORT int X509_alias_set1(X509 *x, const unsigned char *name, int len);
|
|
1022
|
+
OPENSSL_EXPORT int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
|
|
910
1023
|
OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x, int *len);
|
|
911
1024
|
OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x, int *len);
|
|
912
1025
|
OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int, X509 *,
|
|
@@ -968,8 +1081,8 @@ OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *a);
|
|
|
968
1081
|
OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
|
969
1082
|
OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x);
|
|
970
1083
|
OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
|
|
971
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
972
|
-
|
|
1084
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
|
|
1085
|
+
const X509 *x);
|
|
973
1086
|
OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
|
|
974
1087
|
|
|
975
1088
|
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x, long version);
|
|
@@ -984,13 +1097,12 @@ OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
|
|
|
984
1097
|
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
|
985
1098
|
OPENSSL_EXPORT const int *X509_REQ_get_extension_nids(void);
|
|
986
1099
|
OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids);
|
|
987
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
|
988
|
-
X509_REQ_get_extensions(X509_REQ *req);
|
|
1100
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
|
989
1101
|
OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req,
|
|
990
|
-
STACK_OF(X509_EXTENSION) *
|
|
1102
|
+
STACK_OF(X509_EXTENSION) *exts,
|
|
991
1103
|
int nid);
|
|
992
1104
|
OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req,
|
|
993
|
-
STACK_OF(X509_EXTENSION) *
|
|
1105
|
+
STACK_OF(X509_EXTENSION) *exts);
|
|
994
1106
|
OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
|
|
995
1107
|
OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
|
|
996
1108
|
int lastpos);
|
|
@@ -1020,20 +1132,59 @@ OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
|
|
|
1020
1132
|
const ASN1_BIT_STRING **psig,
|
|
1021
1133
|
const X509_ALGOR **palg);
|
|
1022
1134
|
OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
|
|
1023
|
-
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
|
|
1024
1135
|
|
|
1136
|
+
// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|. If |outp| is
|
|
1137
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
|
1138
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
|
1139
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
|
1140
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
|
1141
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
|
1142
|
+
// function returns the number of bytes in the result, whether written or not,
|
|
1143
|
+
// or a negative value on error.
|
|
1144
|
+
//
|
|
1145
|
+
// This function re-encodes the TBSCertList and may not reflect |crl|'s original
|
|
1146
|
+
// encoding. It may be used to manually generate a signature for a new CRL. To
|
|
1147
|
+
// verify CRLs, use |i2d_X509_CRL_tbs| instead.
|
|
1148
|
+
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
|
1149
|
+
|
|
1150
|
+
// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|. If |outp| is
|
|
1151
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
|
1152
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
|
1153
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
|
1154
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
|
1155
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
|
1156
|
+
// function returns the number of bytes in the result, whether written or not,
|
|
1157
|
+
// or a negative value on error.
|
|
1158
|
+
//
|
|
1159
|
+
// This function preserves the original encoding of the TBSCertList and may not
|
|
1160
|
+
// reflect modifications made to |crl|. It may be used to manually verify the
|
|
1161
|
+
// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
|
|
1162
|
+
// instead.
|
|
1163
|
+
OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
|
1164
|
+
|
|
1165
|
+
// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
|
|
1166
|
+
// revoked by |revoked|.
|
|
1025
1167
|
OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
|
|
1026
|
-
const X509_REVOKED *
|
|
1027
|
-
|
|
1028
|
-
|
|
1168
|
+
const X509_REVOKED *revoked);
|
|
1169
|
+
|
|
1170
|
+
// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
|
|
1171
|
+
// returns one on success or zero on error.
|
|
1172
|
+
OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
|
|
1173
|
+
const ASN1_INTEGER *serial);
|
|
1174
|
+
|
|
1175
|
+
// X509_REVOKED_get0_revocationDate returns the revocation time of the
|
|
1176
|
+
// certificate revoked by |revoked|.
|
|
1029
1177
|
OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
|
|
1030
|
-
const X509_REVOKED *
|
|
1031
|
-
|
|
1032
|
-
|
|
1178
|
+
const X509_REVOKED *revoked);
|
|
1179
|
+
|
|
1180
|
+
// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
|
|
1181
|
+
// returns one on success or zero on error.
|
|
1182
|
+
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
|
|
1183
|
+
const ASN1_TIME *tm);
|
|
1033
1184
|
|
|
1034
1185
|
// X509_REVOKED_get0_extensions returns |r|'s extensions.
|
|
1035
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
|
1036
|
-
|
|
1186
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
|
|
1187
|
+
const X509_REVOKED *r);
|
|
1037
1188
|
|
|
1038
1189
|
OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
|
|
1039
1190
|
EVP_PKEY *skey, const EVP_MD *md,
|
|
@@ -1043,14 +1194,13 @@ OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
|
|
|
1043
1194
|
|
|
1044
1195
|
OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
|
|
1045
1196
|
OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x,
|
|
1046
|
-
STACK_OF(X509) *
|
|
1197
|
+
STACK_OF(X509) *chain,
|
|
1047
1198
|
unsigned long flags);
|
|
1048
1199
|
OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
|
|
1049
1200
|
unsigned long flags);
|
|
1050
|
-
OPENSSL_EXPORT STACK_OF(X509) *
|
|
1201
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
|
|
1051
1202
|
|
|
1052
1203
|
OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
|
|
1053
|
-
OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a);
|
|
1054
1204
|
|
|
1055
1205
|
OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
|
|
1056
1206
|
OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
|
|
@@ -1141,21 +1291,19 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
|
1141
1291
|
const X509_NAME_ENTRY *ne);
|
|
1142
1292
|
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
|
1143
1293
|
|
|
1144
|
-
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *
|
|
1145
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *
|
|
1294
|
+
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
|
1295
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
|
1146
1296
|
int nid, int lastpos);
|
|
1147
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *
|
|
1297
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
|
1148
1298
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1149
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *
|
|
1150
|
-
x,
|
|
1299
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
|
1151
1300
|
int crit, int lastpos);
|
|
1152
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *
|
|
1153
|
-
x,
|
|
1301
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
|
|
1154
1302
|
int loc);
|
|
1155
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *
|
|
1303
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
|
|
1156
1304
|
int loc);
|
|
1157
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
|
1158
|
-
|
|
1305
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
|
|
1306
|
+
STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
|
|
1159
1307
|
|
|
1160
1308
|
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
|
1161
1309
|
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
|
@@ -1166,12 +1314,27 @@ OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
|
|
1166
1314
|
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
|
1167
1315
|
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
|
1168
1316
|
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
|
1169
|
-
|
|
1317
|
+
|
|
1318
|
+
// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
|
|
1319
|
+
// |x509|'s extension list.
|
|
1320
|
+
//
|
|
1321
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1322
|
+
// for |X509V3_get_d2i| for details.
|
|
1323
|
+
OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
|
|
1324
|
+
int *out_critical, int *out_idx);
|
|
1325
|
+
|
|
1326
|
+
// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
|
|
1327
|
+
// |x|'s extension list.
|
|
1328
|
+
//
|
|
1329
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1330
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1331
|
+
// |X509V3_add1_i2d| for details.
|
|
1170
1332
|
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
|
1171
1333
|
unsigned long flags);
|
|
1172
1334
|
|
|
1173
1335
|
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
|
1174
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
|
1336
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
|
1337
|
+
int lastpos);
|
|
1175
1338
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
|
1176
1339
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1177
1340
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
@@ -1179,8 +1342,21 @@ OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
|
1179
1342
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
|
1180
1343
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
|
1181
1344
|
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
|
1182
|
-
|
|
1183
|
-
|
|
1345
|
+
|
|
1346
|
+
// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
|
1347
|
+
// extension in |crl|'s extension list.
|
|
1348
|
+
//
|
|
1349
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1350
|
+
// for |X509V3_get_d2i| for details.
|
|
1351
|
+
OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
|
|
1352
|
+
int *out_critical, int *out_idx);
|
|
1353
|
+
|
|
1354
|
+
// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
|
|
1355
|
+
// to |x|'s extension list.
|
|
1356
|
+
//
|
|
1357
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1358
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1359
|
+
// |X509V3_add1_i2d| for details.
|
|
1184
1360
|
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
|
1185
1361
|
int crit, unsigned long flags);
|
|
1186
1362
|
|
|
@@ -1198,8 +1374,22 @@ OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
|
|
1198
1374
|
int loc);
|
|
1199
1375
|
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
|
1200
1376
|
int loc);
|
|
1201
|
-
|
|
1202
|
-
|
|
1377
|
+
|
|
1378
|
+
// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
|
1379
|
+
// extension in |revoked|'s extension list.
|
|
1380
|
+
//
|
|
1381
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
|
1382
|
+
// for |X509V3_get_d2i| for details.
|
|
1383
|
+
OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
|
|
1384
|
+
int nid, int *out_critical,
|
|
1385
|
+
int *out_idx);
|
|
1386
|
+
|
|
1387
|
+
// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
|
|
1388
|
+
// extension to |x|'s extension list.
|
|
1389
|
+
//
|
|
1390
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
|
1391
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
|
1392
|
+
// |X509V3_add1_i2d| for details.
|
|
1203
1393
|
OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
|
1204
1394
|
void *value, int crit,
|
|
1205
1395
|
unsigned long flags);
|
|
@@ -1218,29 +1408,27 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
|
1218
1408
|
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
|
1219
1409
|
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
|
1220
1410
|
|
|
1221
|
-
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *
|
|
1222
|
-
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *
|
|
1411
|
+
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
|
|
1412
|
+
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
|
|
1223
1413
|
int nid, int lastpos);
|
|
1224
|
-
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *
|
|
1414
|
+
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
|
|
1225
1415
|
const ASN1_OBJECT *obj, int lastpos);
|
|
1226
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
|
1227
|
-
|
|
1228
|
-
|
|
1229
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) * x,
|
|
1416
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
|
1417
|
+
const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
|
1418
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1230
1419
|
int loc);
|
|
1231
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *
|
|
1232
|
-
|
|
1233
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *
|
|
1234
|
-
|
|
1235
|
-
|
|
1236
|
-
|
|
1237
|
-
|
|
1238
|
-
|
|
1239
|
-
|
|
1240
|
-
|
|
1241
|
-
|
|
1242
|
-
|
|
1243
|
-
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) * x,
|
|
1420
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
|
|
1421
|
+
STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
|
|
1422
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
|
|
1423
|
+
STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
|
|
1424
|
+
const unsigned char *bytes, int len);
|
|
1425
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
|
|
1426
|
+
STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
|
|
1427
|
+
int len);
|
|
1428
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
|
|
1429
|
+
STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
|
|
1430
|
+
const unsigned char *bytes, int len);
|
|
1431
|
+
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
|
|
1244
1432
|
ASN1_OBJECT *obj, int lastpos,
|
|
1245
1433
|
int type);
|
|
1246
1434
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(
|
|
@@ -1265,10 +1453,10 @@ OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr,
|
|
|
1265
1453
|
OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
|
|
1266
1454
|
|
|
1267
1455
|
// lookup a cert from a X509 STACK
|
|
1268
|
-
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *
|
|
1456
|
+
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
|
|
1269
1457
|
X509_NAME *name,
|
|
1270
1458
|
ASN1_INTEGER *serial);
|
|
1271
|
-
OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *
|
|
1459
|
+
OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
|
|
1272
1460
|
|
|
1273
1461
|
// PKCS#8 utilities
|
|
1274
1462
|
|