grpc 1.33.0.pre1 → 1.37.0.pre1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (1106) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +1075 -2814
  3. data/etc/roots.pem +257 -573
  4. data/include/grpc/compression.h +1 -1
  5. data/include/grpc/grpc.h +29 -2
  6. data/include/grpc/grpc_security.h +215 -175
  7. data/include/grpc/impl/codegen/atm_windows.h +4 -0
  8. data/include/grpc/impl/codegen/byte_buffer.h +1 -1
  9. data/include/grpc/impl/codegen/grpc_types.h +10 -3
  10. data/include/grpc/impl/codegen/log.h +0 -2
  11. data/include/grpc/impl/codegen/port_platform.h +24 -55
  12. data/include/grpc/impl/codegen/sync_windows.h +4 -0
  13. data/include/grpc/slice_buffer.h +3 -3
  14. data/include/grpc/support/sync.h +3 -3
  15. data/include/grpc/support/time.h +7 -7
  16. data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
  17. data/src/core/ext/filters/client_channel/client_channel.cc +2829 -1588
  18. data/src/core/ext/filters/client_channel/client_channel.h +0 -6
  19. data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
  20. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  21. data/src/core/ext/filters/client_channel/config_selector.h +15 -4
  22. data/src/core/ext/filters/client_channel/dynamic_filters.cc +191 -0
  23. data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
  24. data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
  25. data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
  26. data/src/core/ext/filters/client_channel/health/health_check_client.cc +10 -7
  27. data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -4
  28. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +7 -8
  29. data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
  30. data/src/core/ext/filters/client_channel/lb_policy.cc +9 -2
  31. data/src/core/ext/filters/client_channel/lb_policy.h +5 -6
  32. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +1 -1
  33. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
  34. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +115 -106
  35. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
  36. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
  37. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
  38. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
  39. data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
  40. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +3 -3
  41. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +55 -23
  42. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
  43. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
  44. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +2 -2
  45. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +8 -5
  46. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -3
  47. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +370 -109
  48. data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +52 -24
  49. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
  50. data/src/core/ext/filters/client_channel/lb_policy/xds/{eds_drop.cc → xds_cluster_impl.cc} +332 -108
  51. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +22 -27
  52. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
  53. data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
  54. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
  55. data/src/core/ext/filters/client_channel/resolver.cc +7 -5
  56. data/src/core/ext/filters/client_channel/resolver.h +5 -13
  57. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +42 -58
  58. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
  59. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +5 -5
  60. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
  61. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +444 -22
  62. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
  63. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +22 -23
  64. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +21 -18
  65. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
  66. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
  67. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +37 -30
  68. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +342 -133
  69. data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
  70. data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
  71. data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
  72. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +24 -38
  73. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +8 -8
  74. data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
  75. data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
  76. data/src/core/ext/filters/client_channel/server_address.cc +9 -0
  77. data/src/core/ext/filters/client_channel/server_address.h +31 -4
  78. data/src/core/ext/filters/client_channel/service_config.cc +3 -1
  79. data/src/core/ext/filters/client_channel/service_config.h +1 -1
  80. data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
  81. data/src/core/ext/filters/client_channel/subchannel.cc +117 -207
  82. data/src/core/ext/filters/client_channel/subchannel.h +75 -113
  83. data/src/core/ext/filters/client_channel/subchannel_interface.h +7 -15
  84. data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
  85. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +16 -10
  86. data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
  87. data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
  88. data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
  89. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +495 -0
  90. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
  91. data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
  92. data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
  93. data/src/core/ext/filters/http/client/http_client_filter.cc +1 -1
  94. data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
  95. data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
  96. data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
  97. data/src/core/ext/filters/max_age/max_age_filter.cc +36 -33
  98. data/src/core/ext/filters/message_size/message_size_filter.cc +1 -1
  99. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
  100. data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
  101. data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
  102. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
  103. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +1 -1
  104. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +23 -10
  105. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
  106. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +29 -16
  107. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +629 -211
  108. data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
  109. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
  110. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
  111. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
  112. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
  113. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +50 -39
  114. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
  115. data/src/core/ext/transport/chttp2/transport/flow_control.h +3 -3
  116. data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
  117. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +2 -1
  118. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
  119. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
  120. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
  121. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +12 -8
  122. data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
  123. data/src/core/ext/transport/chttp2/transport/parsing.cc +2 -1
  124. data/src/core/ext/transport/chttp2/transport/writing.cc +2 -3
  125. data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
  126. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
  127. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
  128. data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
  129. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
  130. data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
  131. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -28
  132. data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +139 -40
  133. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
  134. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
  135. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
  136. data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
  137. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +119 -124
  138. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +450 -284
  139. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
  140. data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
  141. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +24 -23
  142. data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +62 -21
  143. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +21 -21
  144. data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +88 -39
  145. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
  146. data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
  147. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +69 -45
  148. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +275 -78
  149. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +19 -19
  150. data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +80 -43
  151. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
  152. data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
  153. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +7 -7
  154. data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +27 -11
  155. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +30 -30
  156. data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +136 -49
  157. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +41 -41
  158. data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +172 -89
  159. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
  160. data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
  161. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +53 -47
  162. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +188 -78
  163. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -2
  164. data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
  165. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
  166. data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
  167. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
  168. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +48 -7
  169. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -14
  170. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
  171. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
  172. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
  173. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
  174. data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
  175. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
  176. data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
  177. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +34 -32
  178. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +151 -61
  179. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +33 -29
  180. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +138 -54
  181. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -3
  182. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
  183. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
  184. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
  185. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
  186. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
  187. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +16 -16
  188. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +81 -35
  189. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +15 -13
  190. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +70 -37
  191. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +257 -216
  192. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +995 -495
  193. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +5 -5
  194. data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +26 -6
  195. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -4
  196. data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
  197. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
  198. data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
  199. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
  200. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
  201. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
  202. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
  203. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
  204. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
  205. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +96 -98
  206. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +378 -226
  207. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
  208. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
  209. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +28 -25
  210. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +124 -53
  211. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +9 -12
  212. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +29 -24
  213. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +32 -33
  214. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +118 -67
  215. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
  216. data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
  217. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
  218. data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
  219. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +51 -44
  220. data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +179 -129
  221. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -4
  222. data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
  223. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -4
  224. data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
  225. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -8
  226. data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
  227. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -3
  228. data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
  229. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
  230. data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
  231. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
  232. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
  233. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
  234. data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
  235. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
  236. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
  237. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
  238. data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
  239. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
  240. data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
  241. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
  242. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
  243. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +2 -3
  244. data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +16 -3
  245. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
  246. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
  247. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
  248. data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
  249. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
  250. data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
  251. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
  252. data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
  253. data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
  254. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
  255. data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
  256. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
  257. data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
  258. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
  259. data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
  260. data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
  261. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +34 -34
  262. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +149 -72
  263. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +54 -37
  264. data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +171 -59
  265. data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
  266. data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
  267. data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
  268. data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
  269. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
  270. data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
  271. data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
  272. data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
  273. data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
  274. data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
  275. data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
  276. data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
  277. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
  278. data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
  279. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
  280. data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
  281. data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
  282. data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
  283. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
  284. data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
  285. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
  286. data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
  287. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
  288. data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
  289. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
  290. data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
  291. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
  292. data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
  293. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
  294. data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
  295. data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +1 -1
  296. data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +7 -0
  297. data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
  298. data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
  299. data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
  300. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
  301. data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
  302. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
  303. data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
  304. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
  305. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
  306. data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
  307. data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
  308. data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +6 -6
  309. data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
  310. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
  311. data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
  312. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
  313. data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
  314. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
  315. data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
  316. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
  317. data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
  318. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
  319. data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
  320. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
  321. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
  322. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
  323. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
  324. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
  325. data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
  326. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
  327. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
  328. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
  329. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
  330. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
  331. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
  332. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
  333. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
  334. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
  335. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
  336. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
  337. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
  338. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
  339. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
  340. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
  341. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
  342. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
  343. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
  344. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
  345. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
  346. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
  347. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
  348. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
  349. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
  350. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
  351. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
  352. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
  353. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
  354. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
  355. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
  356. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +231 -0
  357. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +85 -0
  358. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
  359. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
  360. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
  361. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
  362. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
  363. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
  364. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
  365. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
  366. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
  367. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
  368. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
  369. data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
  370. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
  371. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
  372. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
  373. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
  374. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
  375. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
  376. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
  377. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
  378. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
  379. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
  380. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
  381. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
  382. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
  383. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
  384. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +944 -0
  385. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +290 -0
  386. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
  387. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
  388. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
  389. data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
  390. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
  391. data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
  392. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
  393. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
  394. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
  395. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
  396. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
  397. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
  398. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +505 -0
  399. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
  400. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
  401. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
  402. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
  403. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
  404. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
  405. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
  406. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
  407. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
  408. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
  409. data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
  410. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
  411. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
  412. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
  413. data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
  414. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
  415. data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
  416. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
  417. data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
  418. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
  419. data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
  420. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
  421. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
  422. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
  423. data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
  424. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
  425. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
  426. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
  427. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
  428. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
  429. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
  430. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
  431. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
  432. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
  433. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
  434. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
  435. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
  436. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
  437. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
  438. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
  439. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
  440. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
  441. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
  442. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
  443. data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
  444. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
  445. data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
  446. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
  447. data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.h +30 -0
  448. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
  449. data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
  450. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
  451. data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
  452. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
  453. data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
  454. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
  455. data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
  456. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
  457. data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
  458. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
  459. data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
  460. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
  461. data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
  462. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
  463. data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
  464. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
  465. data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
  466. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
  467. data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
  468. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
  469. data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
  470. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
  471. data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
  472. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
  473. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
  474. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
  475. data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
  476. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
  477. data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
  478. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
  479. data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
  480. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
  481. data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
  482. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
  483. data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
  484. data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
  485. data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
  486. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
  487. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
  488. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
  489. data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
  490. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
  491. data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
  492. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
  493. data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
  494. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
  495. data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
  496. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
  497. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
  498. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
  499. data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
  500. data/src/core/ext/xds/certificate_provider_factory.h +7 -5
  501. data/src/core/ext/xds/certificate_provider_store.cc +87 -0
  502. data/src/core/ext/xds/certificate_provider_store.h +70 -8
  503. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
  504. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
  505. data/src/core/ext/xds/xds_api.cc +2378 -1183
  506. data/src/core/ext/xds/xds_api.h +373 -99
  507. data/src/core/ext/xds/xds_bootstrap.cc +250 -68
  508. data/src/core/ext/xds/xds_bootstrap.h +40 -13
  509. data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
  510. data/src/core/ext/xds/xds_certificate_provider.h +151 -0
  511. data/src/core/ext/xds/xds_client.cc +364 -182
  512. data/src/core/ext/xds/xds_client.h +47 -12
  513. data/src/core/ext/xds/xds_client_stats.cc +43 -5
  514. data/src/core/ext/xds/xds_client_stats.h +4 -4
  515. data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
  516. data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
  517. data/src/core/ext/xds/xds_http_filters.cc +114 -0
  518. data/src/core/ext/xds/xds_http_filters.h +130 -0
  519. data/src/core/ext/xds/xds_server_config_fetcher.cc +532 -0
  520. data/src/core/lib/channel/channel_args.cc +9 -8
  521. data/src/core/lib/channel/channel_stack.cc +12 -0
  522. data/src/core/lib/channel/channel_stack.h +7 -0
  523. data/src/core/lib/channel/channel_trace.cc +4 -2
  524. data/src/core/lib/channel/channel_trace.h +1 -1
  525. data/src/core/lib/channel/channelz.cc +105 -18
  526. data/src/core/lib/channel/channelz.h +32 -4
  527. data/src/core/lib/channel/channelz_registry.cc +14 -0
  528. data/src/core/lib/channel/channelz_registry.h +0 -1
  529. data/src/core/lib/channel/handshaker.cc +4 -46
  530. data/src/core/lib/channel/handshaker.h +3 -20
  531. data/src/core/lib/channel/status_util.cc +12 -2
  532. data/src/core/lib/channel/status_util.h +5 -0
  533. data/src/core/lib/compression/compression.cc +8 -4
  534. data/src/core/lib/compression/compression_args.cc +3 -2
  535. data/src/core/lib/compression/compression_internal.cc +10 -5
  536. data/src/core/lib/compression/compression_internal.h +2 -1
  537. data/src/core/lib/compression/stream_compression_identity.cc +1 -3
  538. data/src/core/lib/debug/stats.h +2 -2
  539. data/src/core/lib/debug/stats_data.cc +1 -0
  540. data/src/core/lib/debug/stats_data.h +13 -13
  541. data/src/core/lib/gpr/alloc.cc +3 -2
  542. data/src/core/lib/gpr/cpu_iphone.cc +10 -2
  543. data/src/core/lib/gpr/log.cc +59 -17
  544. data/src/core/lib/gpr/log_linux.cc +19 -3
  545. data/src/core/lib/gpr/log_posix.cc +15 -1
  546. data/src/core/lib/gpr/log_windows.cc +18 -4
  547. data/src/core/lib/gpr/murmur_hash.cc +1 -1
  548. data/src/core/lib/gpr/spinlock.h +10 -2
  549. data/src/core/lib/gpr/string.cc +23 -22
  550. data/src/core/lib/gpr/string.h +5 -6
  551. data/src/core/lib/gpr/sync.cc +4 -4
  552. data/src/core/lib/gpr/sync_abseil.cc +3 -6
  553. data/src/core/lib/gpr/sync_windows.cc +2 -2
  554. data/src/core/lib/gpr/time.cc +12 -12
  555. data/src/core/lib/gpr/time_precise.cc +3 -2
  556. data/src/core/lib/gpr/tls.h +4 -0
  557. data/src/core/lib/gpr/tls_msvc.h +2 -0
  558. data/src/core/lib/gpr/tls_stdcpp.h +48 -0
  559. data/src/core/lib/gpr/useful.h +5 -4
  560. data/src/core/lib/gprpp/arena.h +3 -2
  561. data/src/core/lib/gprpp/atomic.h +3 -3
  562. data/src/core/lib/gprpp/dual_ref_counted.h +46 -51
  563. data/src/core/lib/gprpp/examine_stack.cc +43 -0
  564. data/src/core/lib/gprpp/examine_stack.h +46 -0
  565. data/src/core/lib/gprpp/fork.cc +2 -2
  566. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  567. data/src/core/lib/gprpp/mpscq.cc +2 -2
  568. data/src/core/lib/gprpp/orphanable.h +4 -8
  569. data/src/core/lib/gprpp/ref_counted.h +42 -48
  570. data/src/core/lib/gprpp/ref_counted_ptr.h +20 -12
  571. data/src/core/lib/{security/authorization/mock_cel/statusor.h → gprpp/stat.h} +13 -25
  572. data/src/core/lib/gprpp/stat_posix.cc +49 -0
  573. data/src/core/lib/gprpp/stat_windows.cc +48 -0
  574. data/src/core/lib/gprpp/sync.h +129 -40
  575. data/src/core/lib/gprpp/thd.h +3 -3
  576. data/src/core/lib/gprpp/thd_posix.cc +42 -37
  577. data/src/core/lib/gprpp/thd_windows.cc +3 -1
  578. data/src/core/lib/gprpp/time_util.cc +77 -0
  579. data/src/core/lib/gprpp/time_util.h +42 -0
  580. data/src/core/lib/http/httpcli.cc +1 -1
  581. data/src/core/lib/http/httpcli.h +2 -3
  582. data/src/core/lib/http/httpcli_security_connector.cc +3 -3
  583. data/src/core/lib/http/parser.cc +47 -27
  584. data/src/core/lib/iomgr/buffer_list.h +1 -1
  585. data/src/core/lib/iomgr/call_combiner.cc +8 -5
  586. data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
  587. data/src/core/lib/iomgr/combiner.cc +2 -1
  588. data/src/core/lib/iomgr/endpoint.h +1 -1
  589. data/src/core/lib/iomgr/error.cc +17 -12
  590. data/src/core/lib/iomgr/error.h +1 -1
  591. data/src/core/lib/iomgr/error_internal.h +1 -1
  592. data/src/core/lib/iomgr/ev_apple.cc +11 -8
  593. data/src/core/lib/iomgr/ev_epoll1_linux.cc +23 -16
  594. data/src/core/lib/iomgr/ev_epollex_linux.cc +29 -21
  595. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
  596. data/src/core/lib/iomgr/ev_posix.cc +3 -3
  597. data/src/core/lib/iomgr/exec_ctx.cc +7 -3
  598. data/src/core/lib/iomgr/exec_ctx.h +6 -4
  599. data/src/core/lib/iomgr/executor.cc +2 -1
  600. data/src/core/lib/iomgr/executor.h +1 -1
  601. data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
  602. data/src/core/lib/iomgr/executor/threadpool.h +4 -4
  603. data/src/core/lib/iomgr/iomgr.cc +1 -1
  604. data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
  605. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
  606. data/src/core/lib/iomgr/load_file.h +1 -1
  607. data/src/core/lib/iomgr/lockfree_event.cc +19 -14
  608. data/src/core/lib/iomgr/lockfree_event.h +2 -2
  609. data/src/core/lib/iomgr/parse_address.cc +127 -43
  610. data/src/core/lib/iomgr/parse_address.h +32 -8
  611. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
  612. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
  613. data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
  614. data/src/core/lib/iomgr/python_util.h +4 -4
  615. data/src/core/lib/iomgr/resolve_address.cc +4 -4
  616. data/src/core/lib/iomgr/resolve_address_posix.cc +1 -5
  617. data/src/core/lib/iomgr/resource_quota.cc +5 -5
  618. data/src/core/lib/iomgr/sockaddr_utils.cc +131 -11
  619. data/src/core/lib/iomgr/sockaddr_utils.h +26 -1
  620. data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
  621. data/src/core/lib/iomgr/socket_mutator.cc +3 -2
  622. data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
  623. data/src/core/lib/iomgr/tcp_client.cc +3 -3
  624. data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
  625. data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
  626. data/src/core/lib/iomgr/tcp_custom.cc +22 -17
  627. data/src/core/lib/iomgr/tcp_posix.cc +17 -16
  628. data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
  629. data/src/core/lib/iomgr/tcp_uv.cc +2 -2
  630. data/src/core/lib/iomgr/timer_custom.cc +5 -5
  631. data/src/core/lib/iomgr/timer_generic.cc +5 -5
  632. data/src/core/lib/iomgr/timer_manager.cc +3 -3
  633. data/src/core/lib/iomgr/udp_server.cc +1 -2
  634. data/src/core/lib/iomgr/udp_server.h +1 -2
  635. data/src/core/lib/iomgr/unix_sockets_posix.cc +32 -21
  636. data/src/core/lib/iomgr/unix_sockets_posix.h +5 -0
  637. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +7 -0
  638. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
  639. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
  640. data/src/core/lib/json/json.h +12 -2
  641. data/src/core/lib/json/json_reader.cc +8 -4
  642. data/src/core/lib/json/json_util.h +167 -0
  643. data/src/core/lib/json/json_writer.cc +2 -1
  644. data/src/core/lib/matchers/matchers.cc +339 -0
  645. data/src/core/lib/matchers/matchers.h +160 -0
  646. data/src/core/lib/security/context/security_context.cc +4 -3
  647. data/src/core/lib/security/context/security_context.h +3 -1
  648. data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
  649. data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
  650. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
  651. data/src/core/lib/security/credentials/credentials.cc +7 -7
  652. data/src/core/lib/security/credentials/credentials.h +5 -4
  653. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
  654. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
  655. data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
  656. data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
  657. data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
  658. data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
  659. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
  660. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
  661. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
  662. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
  663. data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
  664. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +25 -18
  665. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
  666. data/src/core/lib/security/credentials/jwt/json_token.cc +3 -3
  667. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +4 -3
  668. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -4
  669. data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
  670. data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
  671. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +39 -46
  672. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
  673. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
  674. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +7 -6
  675. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -2
  676. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +30 -5
  677. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +13 -14
  678. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
  679. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
  680. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -150
  681. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +57 -187
  682. data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
  683. data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
  684. data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
  685. data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
  686. data/src/core/lib/security/credentials/xds/xds_credentials.cc +209 -10
  687. data/src/core/lib/security/credentials/xds/xds_credentials.h +27 -9
  688. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
  689. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +3 -3
  690. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
  691. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
  692. data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
  693. data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
  694. data/src/core/lib/security/security_connector/local/local_security_connector.cc +3 -3
  695. data/src/core/lib/security/security_connector/security_connector.cc +4 -3
  696. data/src/core/lib/security/security_connector/security_connector.h +4 -2
  697. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
  698. data/src/core/lib/security/security_connector/ssl_utils.cc +11 -6
  699. data/src/core/lib/security/security_connector/ssl_utils.h +16 -21
  700. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +360 -279
  701. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +105 -61
  702. data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
  703. data/src/core/lib/security/transport/security_handshaker.cc +36 -8
  704. data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
  705. data/src/core/lib/security/util/json_util.h +1 -0
  706. data/src/core/lib/slice/slice.cc +7 -4
  707. data/src/core/lib/slice/slice_buffer.cc +2 -1
  708. data/src/core/lib/slice/slice_intern.cc +11 -13
  709. data/src/core/lib/slice/slice_internal.h +2 -2
  710. data/src/core/lib/surface/call.cc +41 -32
  711. data/src/core/lib/surface/call_details.cc +8 -8
  712. data/src/core/lib/surface/channel.cc +16 -10
  713. data/src/core/lib/surface/channel.h +6 -5
  714. data/src/core/lib/surface/channel_init.cc +1 -1
  715. data/src/core/lib/surface/completion_queue.cc +31 -25
  716. data/src/core/lib/surface/completion_queue.h +16 -16
  717. data/src/core/lib/surface/init.cc +19 -20
  718. data/src/core/lib/surface/lame_client.cc +47 -54
  719. data/src/core/lib/surface/lame_client.h +5 -0
  720. data/src/core/lib/surface/server.cc +106 -53
  721. data/src/core/lib/surface/server.h +114 -20
  722. data/src/core/lib/surface/validate_metadata.h +3 -0
  723. data/src/core/lib/surface/version.cc +2 -2
  724. data/src/core/lib/transport/authority_override.cc +6 -4
  725. data/src/core/lib/transport/authority_override.h +7 -2
  726. data/src/core/lib/transport/bdp_estimator.cc +1 -1
  727. data/src/core/lib/transport/byte_stream.h +3 -3
  728. data/src/core/lib/transport/connectivity_state.h +9 -7
  729. data/src/core/lib/transport/error_utils.h +1 -1
  730. data/src/core/lib/transport/metadata.cc +6 -2
  731. data/src/core/lib/transport/metadata.h +2 -2
  732. data/src/core/lib/transport/metadata_batch.cc +27 -0
  733. data/src/core/lib/transport/metadata_batch.h +18 -4
  734. data/src/core/lib/transport/static_metadata.cc +1 -1
  735. data/src/core/lib/transport/status_metadata.cc +4 -3
  736. data/src/core/lib/transport/timeout_encoding.cc +4 -4
  737. data/src/core/lib/transport/transport.cc +5 -3
  738. data/src/core/lib/transport/transport.h +8 -8
  739. data/src/core/lib/uri/uri_parser.cc +131 -249
  740. data/src/core/lib/uri/uri_parser.h +57 -21
  741. data/src/core/plugin_registry/grpc_plugin_registry.cc +26 -8
  742. data/src/core/tsi/alts/crypt/gsec.cc +5 -4
  743. data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
  744. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -25
  745. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +43 -47
  746. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
  747. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
  748. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
  749. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
  750. data/src/core/tsi/fake_transport_security.cc +17 -5
  751. data/src/core/tsi/local_transport_security.cc +5 -1
  752. data/src/core/tsi/local_transport_security.h +6 -7
  753. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  754. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
  755. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -2
  756. data/src/core/tsi/ssl_transport_security.cc +73 -56
  757. data/src/core/tsi/ssl_transport_security.h +6 -6
  758. data/src/core/tsi/transport_security.cc +10 -8
  759. data/src/core/tsi/transport_security_interface.h +1 -1
  760. data/src/ruby/ext/grpc/extconf.rb +10 -2
  761. data/src/ruby/ext/grpc/rb_channel.c +10 -1
  762. data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
  763. data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
  764. data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
  765. data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
  766. data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
  767. data/src/ruby/ext/grpc/rb_grpc.c +4 -0
  768. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +36 -14
  769. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +70 -37
  770. data/src/ruby/ext/grpc/rb_server.c +13 -1
  771. data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
  772. data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
  773. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
  774. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
  775. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
  776. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
  777. data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
  778. data/src/ruby/lib/grpc/version.rb +1 -1
  779. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +35 -0
  780. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
  781. data/src/ruby/spec/call_spec.rb +1 -1
  782. data/src/ruby/spec/channel_credentials_spec.rb +32 -0
  783. data/src/ruby/spec/channel_spec.rb +17 -6
  784. data/src/ruby/spec/client_auth_spec.rb +27 -1
  785. data/src/ruby/spec/errors_spec.rb +1 -1
  786. data/src/ruby/spec/generic/active_call_spec.rb +2 -2
  787. data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
  788. data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
  789. data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
  790. data/src/ruby/spec/server_credentials_spec.rb +25 -0
  791. data/src/ruby/spec/server_spec.rb +22 -0
  792. data/third_party/abseil-cpp/absl/algorithm/container.h +59 -22
  793. data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
  794. data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
  795. data/third_party/abseil-cpp/absl/base/casts.h +9 -6
  796. data/third_party/abseil-cpp/absl/base/config.h +60 -17
  797. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
  798. data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
  799. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -0
  800. data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
  801. data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
  802. data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +1 -1
  803. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
  804. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
  805. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
  806. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
  807. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
  808. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
  809. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
  810. data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
  811. data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
  812. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
  813. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
  814. data/third_party/abseil-cpp/absl/base/macros.h +36 -109
  815. data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
  816. data/third_party/abseil-cpp/absl/base/options.h +31 -4
  817. data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
  818. data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
  819. data/third_party/abseil-cpp/absl/container/fixed_array.h +42 -25
  820. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
  821. data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
  822. data/third_party/abseil-cpp/absl/container/internal/common.h +6 -2
  823. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
  824. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +49 -29
  825. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +15 -0
  826. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +24 -7
  827. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +2 -1
  828. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +35 -11
  829. data/third_party/abseil-cpp/absl/container/internal/have_sse.h +10 -9
  830. data/third_party/abseil-cpp/absl/container/internal/layout.h +7 -5
  831. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
  832. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +55 -34
  833. data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +5 -4
  834. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +66 -16
  835. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +4 -0
  836. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +13 -4
  837. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +43 -24
  838. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +12 -3
  839. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +10 -2
  840. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +22 -1
  841. data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +0 -21
  842. data/third_party/abseil-cpp/absl/debugging/symbolize.cc +12 -1
  843. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
  844. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +100 -20
  845. data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
  846. data/third_party/abseil-cpp/absl/functional/function_ref.h +1 -1
  847. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
  848. data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +2 -2
  849. data/third_party/abseil-cpp/absl/hash/hash.h +6 -5
  850. data/third_party/abseil-cpp/absl/hash/internal/hash.h +73 -65
  851. data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
  852. data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
  853. data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
  854. data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
  855. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
  856. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
  857. data/third_party/abseil-cpp/absl/status/status.cc +4 -6
  858. data/third_party/abseil-cpp/absl/status/status.h +502 -113
  859. data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +5 -10
  860. data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
  861. data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
  862. data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
  863. data/third_party/abseil-cpp/absl/strings/cord.cc +91 -112
  864. data/third_party/abseil-cpp/absl/strings/cord.h +360 -205
  865. data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
  866. data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
  867. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
  868. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
  869. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
  870. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +45 -23
  871. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
  872. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
  873. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
  874. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
  875. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
  876. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
  877. data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
  878. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
  879. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
  880. data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
  881. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
  882. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
  883. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
  884. data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
  885. data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
  886. data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
  887. data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
  888. data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
  889. data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
  890. data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
  891. data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
  892. data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +3 -3
  893. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +4 -3
  894. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +28 -28
  895. data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +4 -16
  896. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -1
  897. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +8 -0
  898. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -2
  899. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +75 -64
  900. data/third_party/abseil-cpp/absl/synchronization/mutex.h +15 -6
  901. data/third_party/abseil-cpp/absl/time/civil_time.cc +9 -9
  902. data/third_party/abseil-cpp/absl/time/clock.cc +3 -3
  903. data/third_party/abseil-cpp/absl/time/duration.cc +90 -59
  904. data/third_party/abseil-cpp/absl/time/format.cc +43 -36
  905. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +26 -16
  906. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +4 -2
  907. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +1 -1
  908. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +136 -29
  909. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +13 -21
  910. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +1 -1
  911. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +136 -129
  912. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +4 -5
  913. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +8 -7
  914. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -6
  915. data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +2 -1
  916. data/third_party/abseil-cpp/absl/time/time.h +15 -16
  917. data/third_party/abseil-cpp/absl/types/internal/variant.h +4 -4
  918. data/third_party/abseil-cpp/absl/types/optional.h +9 -9
  919. data/third_party/abseil-cpp/absl/types/span.h +49 -36
  920. data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
  921. data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
  922. data/third_party/boringssl-with-bazel/err_data.c +728 -722
  923. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
  924. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
  925. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
  926. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
  927. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
  928. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
  929. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
  930. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
  931. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
  932. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
  933. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
  934. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
  935. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
  936. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
  937. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
  938. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
  939. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
  940. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
  941. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
  942. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
  943. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
  944. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
  945. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
  946. data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
  947. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
  948. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
  949. data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
  950. data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
  951. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
  952. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
  953. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
  954. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
  955. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
  956. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
  957. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
  958. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
  959. data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
  960. data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
  961. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
  962. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
  963. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
  964. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
  965. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
  966. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +97 -39
  967. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +155 -2
  968. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
  969. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
  970. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
  971. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
  972. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
  973. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
  974. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
  975. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
  976. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +90 -63
  977. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +60 -60
  978. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +179 -47
  979. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
  980. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
  981. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
  982. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
  983. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
  984. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
  985. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
  986. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
  987. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
  988. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
  989. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
  990. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
  991. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
  992. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
  993. data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
  994. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
  995. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
  996. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
  997. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
  998. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
  999. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
  1000. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
  1001. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
  1002. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
  1003. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
  1004. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
  1005. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
  1006. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
  1007. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +10 -8
  1008. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
  1009. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
  1010. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +14 -6
  1011. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
  1012. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
  1013. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
  1014. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
  1015. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
  1016. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
  1017. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
  1018. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
  1019. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
  1020. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
  1021. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
  1022. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
  1023. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
  1024. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
  1025. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +122 -34
  1026. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -8
  1027. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +31 -23
  1028. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
  1029. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +546 -402
  1030. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
  1031. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +35 -0
  1032. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
  1033. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
  1034. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
  1035. data/third_party/boringssl-with-bazel/src/ssl/internal.h +73 -17
  1036. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
  1037. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +49 -9
  1038. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +87 -14
  1039. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +18 -22
  1040. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
  1041. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
  1042. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +570 -53
  1043. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +55 -13
  1044. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
  1045. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +192 -56
  1046. data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
  1047. data/third_party/upb/upb/decode.c +248 -167
  1048. data/third_party/upb/upb/decode.h +20 -1
  1049. data/third_party/upb/upb/decode.int.h +163 -0
  1050. data/third_party/upb/upb/decode_fast.c +1040 -0
  1051. data/third_party/upb/upb/decode_fast.h +126 -0
  1052. data/third_party/upb/upb/def.c +2178 -0
  1053. data/third_party/upb/upb/def.h +315 -0
  1054. data/third_party/upb/upb/def.hpp +439 -0
  1055. data/third_party/upb/upb/encode.c +227 -169
  1056. data/third_party/upb/upb/encode.h +27 -2
  1057. data/third_party/upb/upb/msg.c +167 -88
  1058. data/third_party/upb/upb/msg.h +174 -34
  1059. data/third_party/upb/upb/port_def.inc +74 -61
  1060. data/third_party/upb/upb/port_undef.inc +3 -7
  1061. data/third_party/upb/upb/reflection.c +408 -0
  1062. data/third_party/upb/upb/reflection.h +168 -0
  1063. data/third_party/upb/upb/table.c +34 -197
  1064. data/third_party/upb/upb/table.int.h +14 -5
  1065. data/third_party/upb/upb/text_encode.c +421 -0
  1066. data/third_party/upb/upb/text_encode.h +38 -0
  1067. data/third_party/upb/upb/upb.c +18 -41
  1068. data/third_party/upb/upb/upb.h +36 -7
  1069. data/third_party/upb/upb/upb.hpp +4 -4
  1070. data/third_party/upb/upb/upb.int.h +29 -0
  1071. data/third_party/xxhash/xxhash.h +5443 -0
  1072. metadata +335 -75
  1073. data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -1136
  1074. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
  1075. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
  1076. data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -355
  1077. data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -138
  1078. data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -53
  1079. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
  1080. data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -129
  1081. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
  1082. data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -77
  1083. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +0 -36
  1084. data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -85
  1085. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
  1086. data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -160
  1087. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
  1088. data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -84
  1089. data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +0 -377
  1090. data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +0 -102
  1091. data/src/core/lib/gprpp/map.h +0 -53
  1092. data/src/core/lib/iomgr/iomgr_posix.h +0 -26
  1093. data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
  1094. data/src/core/lib/security/authorization/authorization_engine.h +0 -84
  1095. data/src/core/lib/security/authorization/evaluate_args.cc +0 -153
  1096. data/src/core/lib/security/authorization/evaluate_args.h +0 -59
  1097. data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
  1098. data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -42
  1099. data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -68
  1100. data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -93
  1101. data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
  1102. data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -56
  1103. data/src/core/lib/security/certificate_provider.h +0 -60
  1104. data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
  1105. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -503
  1106. data/third_party/upb/upb/port.c +0 -26
@@ -37,12 +37,12 @@ static int ssl_read(BIO *bio, char *out, int outl) {
37
37
 
38
38
  case SSL_ERROR_WANT_ACCEPT:
39
39
  BIO_set_retry_special(bio);
40
- bio->retry_reason = BIO_RR_ACCEPT;
40
+ BIO_set_retry_reason(bio, BIO_RR_ACCEPT);
41
41
  break;
42
42
 
43
43
  case SSL_ERROR_WANT_CONNECT:
44
44
  BIO_set_retry_special(bio);
45
- bio->retry_reason = BIO_RR_CONNECT;
45
+ BIO_set_retry_reason(bio, BIO_RR_CONNECT);
46
46
  break;
47
47
 
48
48
  case SSL_ERROR_NONE:
@@ -77,7 +77,7 @@ static int ssl_write(BIO *bio, const char *out, int outl) {
77
77
 
78
78
  case SSL_ERROR_WANT_CONNECT:
79
79
  BIO_set_retry_special(bio);
80
- bio->retry_reason = BIO_RR_CONNECT;
80
+ BIO_set_retry_reason(bio, BIO_RR_CONNECT);
81
81
  break;
82
82
 
83
83
  case SSL_ERROR_NONE:
@@ -98,6 +98,17 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
98
98
 
99
99
  switch (cmd) {
100
100
  case BIO_C_SET_SSL:
101
+ if (ssl != NULL) {
102
+ // OpenSSL allows reusing an SSL BIO with a different SSL object. We do
103
+ // not support this.
104
+ OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
105
+ return 0;
106
+ }
107
+
108
+ // Note this differs from upstream OpenSSL, which synchronizes
109
+ // |bio->next_bio| with |ssl|'s rbio here, and on |BIO_CTRL_PUSH|. We call
110
+ // into the corresponding |BIO| directly. (We can implement the upstream
111
+ // behavior if it ends up necessary.)
101
112
  bio->shutdown = num;
102
113
  bio->ptr = ptr;
103
114
  bio->init = 1;
@@ -117,9 +128,11 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
117
128
  return SSL_pending(ssl);
118
129
 
119
130
  case BIO_CTRL_FLUSH: {
131
+ BIO *wbio = SSL_get_wbio(ssl);
120
132
  BIO_clear_retry_flags(bio);
121
- long ret = BIO_ctrl(SSL_get_wbio(ssl), cmd, num, ptr);
122
- BIO_copy_next_retry(bio);
133
+ long ret = BIO_ctrl(wbio, cmd, num, ptr);
134
+ BIO_set_flags(bio, BIO_get_retry_flags(wbio));
135
+ BIO_set_retry_reason(bio, BIO_get_retry_reason(wbio));
123
136
  return ret;
124
137
  }
125
138
 
@@ -24,6 +24,8 @@ BSSL_NAMESPACE_BEGIN
24
24
  constexpr int kHandoffVersion = 0;
25
25
  constexpr int kHandbackVersion = 0;
26
26
 
27
+ static const unsigned kHandoffTagALPS = CBS_ASN1_CONTEXT_SPECIFIC | 0;
28
+
27
29
  // early_data_t represents the state of early data in a more compact way than
28
30
  // the 3 bits used by the implementation.
29
31
  enum early_data_t {
@@ -57,6 +59,16 @@ static bool serialize_features(CBB *out) {
57
59
  return false;
58
60
  }
59
61
  }
62
+ // ALPS is a draft protocol and may change over time. The handoff structure
63
+ // contains a [0] IMPLICIT OCTET STRING OPTIONAL, containing a list of u16
64
+ // ALPS versions that the binary supports. For now we name them by codepoint.
65
+ // Once ALPS is finalized and past the support horizon, this field can be
66
+ // removed.
67
+ CBB alps;
68
+ if (!CBB_add_asn1(out, &alps, kHandoffTagALPS) ||
69
+ !CBB_add_u16(&alps, TLSEXT_TYPE_application_settings)) {
70
+ return false;
71
+ }
60
72
  return CBB_flush(out);
61
73
  }
62
74
 
@@ -189,6 +201,29 @@ static bool apply_remote_features(SSL *ssl, CBS *in) {
189
201
  new_configured_curves.Shrink(idx);
190
202
  ssl->config->supported_group_list = std::move(new_configured_curves);
191
203
 
204
+ CBS alps;
205
+ CBS_init(&alps, nullptr, 0);
206
+ if (!CBS_get_optional_asn1(in, &alps, /*out_present=*/nullptr,
207
+ kHandoffTagALPS)) {
208
+ return false;
209
+ }
210
+ bool supports_alps = false;
211
+ while (CBS_len(&alps) != 0) {
212
+ uint16_t id;
213
+ if (!CBS_get_u16(&alps, &id)) {
214
+ return false;
215
+ }
216
+ // For now, we only support one ALPS code point, so we only need to extract
217
+ // a boolean signal from the feature list.
218
+ if (id == TLSEXT_TYPE_application_settings) {
219
+ supports_alps = true;
220
+ break;
221
+ }
222
+ }
223
+ if (!supports_alps) {
224
+ ssl->config->alps_configs.clear();
225
+ }
226
+
192
227
  return true;
193
228
  }
194
229
 
@@ -126,6 +126,8 @@ BSSL_NAMESPACE_BEGIN
126
126
 
127
127
  SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
128
128
  : ssl(ssl_arg),
129
+ ech_present(false),
130
+ ech_is_inner_present(false),
129
131
  scts_requested(false),
130
132
  needs_psk_binder(false),
131
133
  handshake_finalized(false),
@@ -494,9 +496,8 @@ bool ssl_send_finished(SSL_HANDSHAKE *hs) {
494
496
  }
495
497
 
496
498
  // Log the master secret, if logging is enabled.
497
- if (!ssl_log_secret(
498
- ssl, "CLIENT_RANDOM",
499
- MakeConstSpan(session->master_key, session->master_key_length))) {
499
+ if (!ssl_log_secret(ssl, "CLIENT_RANDOM",
500
+ MakeConstSpan(session->secret, session->secret_length))) {
500
501
  return 0;
501
502
  }
502
503
 
@@ -459,8 +459,8 @@ static enum ssl_hs_wait_t do_enter_early_data(SSL_HANDSHAKE *hs) {
459
459
  }
460
460
 
461
461
  if (!tls13_init_early_key_schedule(
462
- hs, MakeConstSpan(ssl->session->master_key,
463
- ssl->session->master_key_length)) ||
462
+ hs,
463
+ MakeConstSpan(ssl->session->secret, ssl->session->secret_length)) ||
464
464
  !tls13_derive_early_secret(hs)) {
465
465
  return ssl_hs_error;
466
466
  }
@@ -636,12 +636,9 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
636
636
  .subspan(SSL3_RANDOM_SIZE - sizeof(kTLS13DowngradeRandom));
637
637
  if (suffix == kTLS12DowngradeRandom || suffix == kTLS13DowngradeRandom ||
638
638
  suffix == kJDK11DowngradeRandom) {
639
- ssl->s3->tls13_downgrade = true;
640
- if (!hs->config->ignore_tls13_downgrade) {
641
- OPENSSL_PUT_ERROR(SSL, SSL_R_TLS13_DOWNGRADE);
642
- ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
643
- return ssl_hs_error;
644
- }
639
+ OPENSSL_PUT_ERROR(SSL, SSL_R_TLS13_DOWNGRADE);
640
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
641
+ return ssl_hs_error;
645
642
  }
646
643
  }
647
644
 
@@ -1410,9 +1407,9 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
1410
1407
  return ssl_hs_error;
1411
1408
  }
1412
1409
 
1413
- hs->new_session->master_key_length =
1414
- tls1_generate_master_secret(hs, hs->new_session->master_key, pms);
1415
- if (hs->new_session->master_key_length == 0) {
1410
+ hs->new_session->secret_length =
1411
+ tls1_generate_master_secret(hs, hs->new_session->secret, pms);
1412
+ if (hs->new_session->secret_length == 0) {
1416
1413
  return ssl_hs_error;
1417
1414
  }
1418
1415
  hs->new_session->extended_master_secret = hs->extended_master_secret;
@@ -1550,18 +1547,12 @@ static bool can_false_start(const SSL_HANDSHAKE *hs) {
1550
1547
  //
1551
1548
  // Now that TLS 1.3 exists, we would like to avoid similar attacks between
1552
1549
  // TLS 1.2 and TLS 1.3, but there are too many TLS 1.2 deployments to
1553
- // sacrifice False Start on them. TLS 1.3's downgrade signal fixes this, but
1554
- // |SSL_CTX_set_ignore_tls13_downgrade| can disable it due to compatibility
1555
- // issues.
1556
- //
1557
- // |SSL_CTX_set_ignore_tls13_downgrade| normally still retains Finished-based
1558
- // downgrade protection, but False Start bypasses that. Thus, we disable False
1559
- // Start based on the TLS 1.3 downgrade signal, even if otherwise unenforced.
1550
+ // sacrifice False Start on them. Instead, we rely on the ServerHello.random
1551
+ // downgrade signal, which we unconditionally enforce.
1560
1552
  if (SSL_is_dtls(ssl) ||
1561
1553
  SSL_version(ssl) != TLS1_2_VERSION ||
1562
1554
  hs->new_cipher->algorithm_mkey != SSL_kECDHE ||
1563
- hs->new_cipher->algorithm_mac != SSL_AEAD ||
1564
- ssl->s3->tls13_downgrade) {
1555
+ hs->new_cipher->algorithm_mac != SSL_AEAD) {
1565
1556
  return false;
1566
1557
  }
1567
1558
 
@@ -644,6 +644,12 @@ static enum ssl_hs_wait_t do_read_client_hello(SSL_HANDSHAKE *hs) {
644
644
  return ssl_hs_error;
645
645
  }
646
646
 
647
+ if (hs->ech_present && hs->ech_is_inner_present) {
648
+ OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
649
+ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
650
+ return ssl_hs_error;
651
+ }
652
+
647
653
  hs->state = state12_select_certificate;
648
654
  return ssl_hs_ok;
649
655
  }
@@ -1402,14 +1408,13 @@ static enum ssl_hs_wait_t do_read_client_key_exchange(SSL_HANDSHAKE *hs) {
1402
1408
  }
1403
1409
 
1404
1410
  // Compute the master secret.
1405
- hs->new_session->master_key_length = tls1_generate_master_secret(
1406
- hs, hs->new_session->master_key, premaster_secret);
1407
- if (hs->new_session->master_key_length == 0) {
1411
+ hs->new_session->secret_length = tls1_generate_master_secret(
1412
+ hs, hs->new_session->secret, premaster_secret);
1413
+ if (hs->new_session->secret_length == 0) {
1408
1414
  return ssl_hs_error;
1409
1415
  }
1410
1416
  hs->new_session->extended_master_secret = hs->extended_master_secret;
1411
- CONSTTIME_DECLASSIFY(hs->new_session->master_key,
1412
- hs->new_session->master_key_length);
1417
+ CONSTTIME_DECLASSIFY(hs->new_session->secret, hs->new_session->secret_length);
1413
1418
 
1414
1419
  ssl->method->next_message(ssl);
1415
1420
  hs->state = state12_read_client_certificate_verify;
@@ -389,6 +389,11 @@ class GrowableArray {
389
389
  T *end() { return array_.data() + size_; }
390
390
  const T *cend() const { return array_.data() + size_; }
391
391
 
392
+ void clear() {
393
+ size_ = 0;
394
+ array_.Reset();
395
+ }
396
+
392
397
  // Push adds |elem| at the end of the internal array, growing if necessary. It
393
398
  // returns false when allocation fails.
394
399
  bool Push(T elem) {
@@ -1414,6 +1419,15 @@ bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
1414
1419
  const SSLMessage &msg, CBS *binders);
1415
1420
 
1416
1421
 
1422
+ // Encrypted Client Hello.
1423
+
1424
+ // tls13_ech_accept_confirmation computes the server's ECH acceptance signal,
1425
+ // writing it to |out|. It returns true on success, and false on failure.
1426
+ bool tls13_ech_accept_confirmation(
1427
+ SSL_HANDSHAKE *hs, bssl::Span<uint8_t> out,
1428
+ bssl::Span<const uint8_t> server_hello_ech_conf);
1429
+
1430
+
1417
1431
  // Handshake functions.
1418
1432
 
1419
1433
  enum ssl_hs_wait_t {
@@ -1482,6 +1496,7 @@ enum tls13_server_hs_state_t {
1482
1496
  state13_send_half_rtt_ticket,
1483
1497
  state13_read_second_client_flight,
1484
1498
  state13_process_end_of_early_data,
1499
+ state13_read_client_encrypted_extensions,
1485
1500
  state13_read_client_certificate,
1486
1501
  state13_read_client_certificate_verify,
1487
1502
  state13_read_channel_id,
@@ -1632,6 +1647,10 @@ struct SSL_HANDSHAKE {
1632
1647
  // cookie is the value of the cookie received from the server, if any.
1633
1648
  Array<uint8_t> cookie;
1634
1649
 
1650
+ // ech_grease contains the bytes of the GREASE ECH extension that was sent in
1651
+ // the first ClientHello.
1652
+ Array<uint8_t> ech_grease;
1653
+
1635
1654
  // key_share_bytes is the value of the previously sent KeyShare extension by
1636
1655
  // the client in TLS 1.3.
1637
1656
  Array<uint8_t> key_share_bytes;
@@ -1710,6 +1729,14 @@ struct SSL_HANDSHAKE {
1710
1729
  // key_block is the record-layer key block for TLS 1.2 and earlier.
1711
1730
  Array<uint8_t> key_block;
1712
1731
 
1732
+ // ech_present, on the server, indicates whether the ClientHello contained an
1733
+ // encrypted_client_hello extension.
1734
+ bool ech_present : 1;
1735
+
1736
+ // ech_is_inner_present, on the server, indicates whether the ClientHello
1737
+ // contained an ech_is_inner extension.
1738
+ bool ech_is_inner_present : 1;
1739
+
1713
1740
  // scts_requested is true if the SCT extension is in the ClientHello.
1714
1741
  bool scts_requested : 1;
1715
1742
 
@@ -1876,7 +1903,8 @@ bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
1876
1903
  bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
1877
1904
  Array<uint8_t> *out_secret,
1878
1905
  uint8_t *out_alert, CBS *contents);
1879
- bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
1906
+ bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out,
1907
+ bool dry_run);
1880
1908
 
1881
1909
  bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
1882
1910
  uint8_t *out_alert,
@@ -1918,6 +1946,12 @@ bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
1918
1946
  bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1919
1947
  const SSL_CLIENT_HELLO *client_hello);
1920
1948
 
1949
+ // ssl_negotiate_alps negotiates the ALPS extension, if applicable. It returns
1950
+ // true on successful negotiation or if nothing was negotiated. It returns false
1951
+ // and sets |*out_alert| to an alert on error.
1952
+ bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
1953
+ const SSL_CLIENT_HELLO *client_hello);
1954
+
1921
1955
  struct SSL_EXTENSION_TYPE {
1922
1956
  uint16_t type;
1923
1957
  bool *out_present;
@@ -2401,9 +2435,6 @@ struct SSL3_STATE {
2401
2435
  // early_data_accepted is true if early data was accepted by the server.
2402
2436
  bool early_data_accepted : 1;
2403
2437
 
2404
- // tls13_downgrade is whether the TLS 1.3 anti-downgrade logic fired.
2405
- bool tls13_downgrade : 1;
2406
-
2407
2438
  // token_binding_negotiated is set if Token Binding was negotiated.
2408
2439
  bool token_binding_negotiated : 1;
2409
2440
 
@@ -2624,6 +2655,12 @@ struct DTLS1_STATE {
2624
2655
  unsigned timeout_duration_ms = 0;
2625
2656
  };
2626
2657
 
2658
+ // An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
2659
+ struct ALPSConfig {
2660
+ Array<uint8_t> protocol;
2661
+ Array<uint8_t> settings;
2662
+ };
2663
+
2627
2664
  // SSL_CONFIG contains configuration bits that can be shed after the handshake
2628
2665
  // completes. Objects of this type are not shared; they are unique to a
2629
2666
  // particular |SSL|.
@@ -2690,6 +2727,10 @@ struct SSL_CONFIG {
2690
2727
  // format.
2691
2728
  Array<uint8_t> alpn_client_proto_list;
2692
2729
 
2730
+ // alps_configs contains the list of supported protocols to use with ALPS,
2731
+ // along with their corresponding ALPS values.
2732
+ GrowableArray<ALPSConfig> alps_configs;
2733
+
2693
2734
  // Contains a list of supported Token Binding key parameters.
2694
2735
  Array<uint8_t> token_binding_params;
2695
2736
 
@@ -2710,6 +2751,10 @@ struct SSL_CONFIG {
2710
2751
  // verify_mode is a bitmask of |SSL_VERIFY_*| values.
2711
2752
  uint8_t verify_mode = SSL_VERIFY_NONE;
2712
2753
 
2754
+ // ech_grease_enabled controls whether ECH GREASE may be sent in the
2755
+ // ClientHello.
2756
+ bool ech_grease_enabled : 1;
2757
+
2713
2758
  // Enable signed certificate time stamps. Currently client only.
2714
2759
  bool signed_cert_timestamps_enabled : 1;
2715
2760
 
@@ -2742,13 +2787,13 @@ struct SSL_CONFIG {
2742
2787
  // should be freed after the handshake completes.
2743
2788
  bool shed_handshake_config : 1;
2744
2789
 
2745
- // ignore_tls13_downgrade is whether the connection should continue when the
2746
- // server random signals a downgrade.
2747
- bool ignore_tls13_downgrade : 1;
2748
-
2749
2790
  // jdk11_workaround is whether to disable TLS 1.3 for JDK 11 clients, as a
2750
2791
  // workaround for https://bugs.openjdk.java.net/browse/JDK-8211806.
2751
2792
  bool jdk11_workaround : 1;
2793
+
2794
+ // QUIC drafts up to and including 32 used a different TLS extension
2795
+ // codepoint to convey QUIC's transport parameters.
2796
+ bool quic_use_legacy_codepoint : 1;
2752
2797
  };
2753
2798
 
2754
2799
  // From RFC 8446, used in determining PSK modes.
@@ -3331,10 +3376,6 @@ struct ssl_ctx_st {
3331
3376
  // |SSL_MODE_ENABLE_FALSE_START| is enabled) is allowed without ALPN.
3332
3377
  bool false_start_allowed_without_alpn : 1;
3333
3378
 
3334
- // ignore_tls13_downgrade is whether a connection should continue when the
3335
- // server random signals a downgrade.
3336
- bool ignore_tls13_downgrade:1;
3337
-
3338
3379
  // handoff indicates that a server should stop after receiving the
3339
3380
  // ClientHello and pause the handshake in such a way that |SSL_get_error|
3340
3381
  // returns |SSL_ERROR_HANDOFF|.
@@ -3455,10 +3496,12 @@ struct ssl_session_st {
3455
3496
  // the peer, or zero if not applicable or unknown.
3456
3497
  uint16_t peer_signature_algorithm = 0;
3457
3498
 
3458
- // master_key, in TLS 1.2 and below, is the master secret associated with the
3459
- // session. In TLS 1.3 and up, it is the resumption secret.
3460
- int master_key_length = 0;
3461
- uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH] = {0};
3499
+ // secret, in TLS 1.2 and below, is the master secret associated with the
3500
+ // session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
3501
+ // the caller, but it stores the resumption secret when stored on |SSL|
3502
+ // objects.
3503
+ int secret_length = 0;
3504
+ uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
3462
3505
 
3463
3506
  // session_id - valid?
3464
3507
  unsigned session_id_length = 0;
@@ -3543,9 +3586,18 @@ struct ssl_session_st {
3543
3586
 
3544
3587
  // early_alpn is the ALPN protocol from the initial handshake. This is only
3545
3588
  // stored for TLS 1.3 and above in order to enforce ALPN matching for 0-RTT
3546
- // resumptions.
3589
+ // resumptions. For the current connection's ALPN protocol, see
3590
+ // |alpn_selected| on |SSL3_STATE|.
3547
3591
  bssl::Array<uint8_t> early_alpn;
3548
3592
 
3593
+ // local_application_settings, if |has_application_settings| is true, is the
3594
+ // local ALPS value for this connection.
3595
+ bssl::Array<uint8_t> local_application_settings;
3596
+
3597
+ // peer_application_settings, if |has_application_settings| is true, is the
3598
+ // peer ALPS value for this connection.
3599
+ bssl::Array<uint8_t> peer_application_settings;
3600
+
3549
3601
  // extended_master_secret is whether the master secret in this session was
3550
3602
  // generated using EMS and thus isn't vulnerable to the Triple Handshake
3551
3603
  // attack.
@@ -3566,6 +3618,10 @@ struct ssl_session_st {
3566
3618
  // is_quic indicates whether this session was created using QUIC.
3567
3619
  bool is_quic : 1;
3568
3620
 
3621
+ // has_application_settings indicates whether ALPS was negotiated in this
3622
+ // session.
3623
+ bool has_application_settings : 1;
3624
+
3569
3625
  // quic_early_data_context is used to determine whether early data must be
3570
3626
  // rejected when performing a QUIC handshake.
3571
3627
  bssl::Array<uint8_t> quic_early_data_context;
@@ -177,7 +177,6 @@ SSL3_STATE::SSL3_STATE()
177
177
  key_update_pending(false),
178
178
  wpend_pending(false),
179
179
  early_data_accepted(false),
180
- tls13_downgrade(false),
181
180
  token_binding_negotiated(false),
182
181
  alert_dispatch(false),
183
182
  renegotiate_pending(false),
@@ -105,7 +105,7 @@ BSSL_NAMESPACE_BEGIN
105
105
  // sslVersion INTEGER, -- protocol version number
106
106
  // cipher OCTET STRING, -- two bytes long
107
107
  // sessionID OCTET STRING,
108
- // masterKey OCTET STRING,
108
+ // secret OCTET STRING,
109
109
  // time [1] INTEGER, -- seconds since UNIX epoch
110
110
  // timeout [2] INTEGER, -- in seconds
111
111
  // peer [3] Certificate OPTIONAL,
@@ -131,6 +131,10 @@ BSSL_NAMESPACE_BEGIN
131
131
  // earlyALPN [26] OCTET STRING OPTIONAL,
132
132
  // isQuic [27] BOOLEAN OPTIONAL,
133
133
  // quicEarlyDataHash [28] OCTET STRING OPTIONAL,
134
+ // localALPS [29] OCTET STRING OPTIONAL,
135
+ // peerALPS [30] OCTET STRING OPTIONAL,
136
+ // -- Either both or none of localALPS and peerALPS must be present. If both
137
+ // -- are present, earlyALPN must be present and non-empty.
134
138
  // }
135
139
  //
136
140
  // Note: historically this serialization has included other optional
@@ -194,6 +198,10 @@ static const unsigned kIsQuicTag =
194
198
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 27;
195
199
  static const unsigned kQuicEarlyDataContextTag =
196
200
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 28;
201
+ static const unsigned kLocalALPSTag =
202
+ CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 29;
203
+ static const unsigned kPeerALPSTag =
204
+ CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 30;
197
205
 
198
206
  static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
199
207
  int for_ticket) {
@@ -210,8 +218,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
210
218
  // The session ID is irrelevant for a session ticket.
211
219
  !CBB_add_asn1_octet_string(&session, in->session_id,
212
220
  for_ticket ? 0 : in->session_id_length) ||
213
- !CBB_add_asn1_octet_string(&session, in->master_key,
214
- in->master_key_length) ||
221
+ !CBB_add_asn1_octet_string(&session, in->secret, in->secret_length) ||
215
222
  !CBB_add_asn1(&session, &child, kTimeTag) ||
216
223
  !CBB_add_asn1_uint64(&child, in->time) ||
217
224
  !CBB_add_asn1(&session, &child, kTimeoutTag) ||
@@ -411,6 +418,19 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb,
411
418
  }
412
419
  }
413
420
 
421
+ if (in->has_application_settings) {
422
+ if (!CBB_add_asn1(&session, &child, kLocalALPSTag) ||
423
+ !CBB_add_asn1_octet_string(&child,
424
+ in->local_application_settings.data(),
425
+ in->local_application_settings.size()) ||
426
+ !CBB_add_asn1(&session, &child, kPeerALPSTag) ||
427
+ !CBB_add_asn1_octet_string(&child, in->peer_application_settings.data(),
428
+ in->peer_application_settings.size())) {
429
+ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
430
+ return 0;
431
+ }
432
+ }
433
+
414
434
  return CBB_flush(cbb);
415
435
  }
416
436
 
@@ -572,18 +592,18 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
572
592
  return nullptr;
573
593
  }
574
594
 
575
- CBS session_id, master_key;
595
+ CBS session_id, secret;
576
596
  if (!CBS_get_asn1(&session, &session_id, CBS_ASN1_OCTETSTRING) ||
577
597
  CBS_len(&session_id) > SSL3_MAX_SSL_SESSION_ID_LENGTH ||
578
- !CBS_get_asn1(&session, &master_key, CBS_ASN1_OCTETSTRING) ||
579
- CBS_len(&master_key) > SSL_MAX_MASTER_KEY_LENGTH) {
598
+ !CBS_get_asn1(&session, &secret, CBS_ASN1_OCTETSTRING) ||
599
+ CBS_len(&secret) > SSL_MAX_MASTER_KEY_LENGTH) {
580
600
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
581
601
  return nullptr;
582
602
  }
583
603
  OPENSSL_memcpy(ret->session_id, CBS_data(&session_id), CBS_len(&session_id));
584
604
  ret->session_id_length = CBS_len(&session_id);
585
- OPENSSL_memcpy(ret->master_key, CBS_data(&master_key), CBS_len(&master_key));
586
- ret->master_key_length = CBS_len(&master_key);
605
+ OPENSSL_memcpy(ret->secret, CBS_data(&secret), CBS_len(&secret));
606
+ ret->secret_length = CBS_len(&secret);
587
607
 
588
608
  CBS child;
589
609
  uint64_t timeout;
@@ -753,13 +773,33 @@ UniquePtr<SSL_SESSION> SSL_SESSION_parse(CBS *cbs,
753
773
  !CBS_get_optional_asn1_bool(&session, &is_quic, kIsQuicTag,
754
774
  /*default_value=*/false) ||
755
775
  !SSL_SESSION_parse_octet_string(&session, &ret->quic_early_data_context,
756
- kQuicEarlyDataContextTag) ||
776
+ kQuicEarlyDataContextTag)) {
777
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
778
+ return nullptr;
779
+ }
780
+
781
+ CBS settings;
782
+ int has_local_alps, has_peer_alps;
783
+ if (!CBS_get_optional_asn1_octet_string(&session, &settings, &has_local_alps,
784
+ kLocalALPSTag) ||
785
+ !ret->local_application_settings.CopyFrom(settings) ||
786
+ !CBS_get_optional_asn1_octet_string(&session, &settings, &has_peer_alps,
787
+ kPeerALPSTag) ||
788
+ !ret->peer_application_settings.CopyFrom(settings) ||
757
789
  CBS_len(&session) != 0) {
758
790
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
759
791
  return nullptr;
760
792
  }
761
793
  ret->is_quic = is_quic;
762
794
 
795
+ // The two ALPS values and ALPN must be consistent.
796
+ if (has_local_alps != has_peer_alps ||
797
+ (has_local_alps && ret->early_alpn.empty())) {
798
+ OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
799
+ return nullptr;
800
+ }
801
+ ret->has_application_settings = has_local_alps;
802
+
763
803
  if (!x509_method->session_cache_objects(ret.get())) {
764
804
  OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION);
765
805
  return nullptr;