grpc 1.34.0 → 1.37.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +893 -2840
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +28 -0
- data/include/grpc/grpc_security.h +77 -14
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +1 -1
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +2 -0
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +2823 -1559
- data/src/core/ext/filters/client_channel/client_channel.h +0 -6
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/config_selector.h +13 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +191 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +6 -6
- data/src/core/ext/filters/client_channel/health/health_check_client.h +2 -2
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +6 -7
- data/src/core/ext/filters/client_channel/http_proxy.cc +21 -20
- data/src/core/ext/filters/client_channel/lb_policy.cc +4 -1
- data/src/core/ext/filters/client_channel/lb_policy.h +2 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +35 -35
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +369 -108
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +0 -8
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +13 -27
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver.h +1 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +41 -57
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +444 -22
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +5 -0
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +21 -22
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +20 -17
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +21 -34
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +310 -160
- data/src/core/ext/filters/client_channel/resolver_factory.h +6 -6
- data/src/core/ext/filters/client_channel/resolver_registry.cc +40 -39
- data/src/core/ext/filters/client_channel/resolver_registry.h +2 -2
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +11 -13
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +8 -8
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +3 -1
- data/src/core/ext/filters/client_channel/server_address.cc +9 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -0
- data/src/core/ext/filters/client_channel/service_config_call_data.h +19 -1
- data/src/core/ext/filters/client_channel/subchannel.cc +100 -193
- data/src/core/ext/filters/client_channel/subchannel.h +73 -111
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +10 -8
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/deadline/deadline_filter.cc +4 -2
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +495 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/http/client_authority_filter.cc +6 -6
- data/src/core/ext/filters/http/http_filters_plugin.cc +6 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
- data/src/core/ext/filters/message_size/message_size_filter.cc +1 -1
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +23 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +29 -16
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +623 -219
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -5
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +46 -15
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.h +1 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +1 -1
- data/src/core/ext/transport/inproc/inproc_transport.cc +42 -8
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +27 -28
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +139 -40
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +44 -17
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +119 -124
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +450 -284
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +13 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +24 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +62 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +21 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +88 -39
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +15 -6
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +69 -45
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +275 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +19 -19
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +80 -43
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +27 -11
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +30 -30
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +136 -49
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +41 -41
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +172 -89
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +17 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +53 -47
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +188 -78
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +9 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +48 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +13 -14
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +59 -36
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +61 -29
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +26 -26
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +101 -66
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +34 -32
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +151 -61
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +33 -29
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +138 -54
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +13 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +81 -35
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +15 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +70 -37
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +257 -216
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +995 -495
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +26 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +3 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +17 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +96 -98
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +378 -226
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +28 -25
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +124 -53
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +9 -12
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +29 -24
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +32 -33
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +118 -67
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +51 -44
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +179 -129
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +1 -4
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +7 -8
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +31 -16
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +1 -3
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +7 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +29 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +2 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +16 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +46 -3
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +41 -8
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +19 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +7 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +34 -34
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +149 -72
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +54 -37
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +171 -59
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +25 -6
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +90 -90
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +455 -292
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +22 -3
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +7 -0
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +55 -0
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +10 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +4 -4
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -3
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +41 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +149 -76
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -6
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +13 -0
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +82 -25
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +19 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +2 -2
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +9 -2
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +7 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +64 -64
- data/src/core/ext/upb-generated/validate/validate.upb.h +296 -157
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +10 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +753 -724
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +371 -377
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +8 -7
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_store.cc +10 -7
- data/src/core/ext/xds/certificate_provider_store.h +12 -7
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +25 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +1 -4
- data/src/core/ext/xds/xds_api.cc +2265 -593
- data/src/core/ext/xds/xds_api.h +335 -102
- data/src/core/ext/xds/xds_bootstrap.cc +80 -45
- data/src/core/ext/xds/xds_bootstrap.h +17 -6
- data/src/core/ext/xds/xds_certificate_provider.cc +232 -67
- data/src/core/ext/xds/xds_certificate_provider.h +103 -26
- data/src/core/ext/xds/xds_client.cc +212 -63
- data/src/core/ext/xds/xds_client.h +35 -1
- data/src/core/ext/xds/xds_client_stats.cc +4 -3
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +532 -0
- data/src/core/lib/channel/channel_args.cc +8 -8
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +7 -0
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +105 -18
- data/src/core/lib/channel/channelz.h +30 -2
- data/src/core/lib/channel/channelz_registry.cc +14 -0
- data/src/core/lib/channel/channelz_registry.h +0 -1
- data/src/core/lib/channel/handshaker.cc +4 -46
- data/src/core/lib/channel/handshaker.h +1 -18
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +3 -1
- data/src/core/lib/gpr/log_posix.cc +3 -1
- data/src/core/lib/gpr/log_windows.cc +3 -1
- data/src/core/lib/gpr/spinlock.h +10 -2
- data/src/core/lib/gpr/string.cc +22 -21
- data/src/core/lib/gpr/string.h +5 -6
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/sync_abseil.cc +3 -6
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gpr/time.cc +12 -12
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/atomic.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/ref_counted.h +2 -2
- data/src/core/lib/gprpp/ref_counted_ptr.h +11 -1
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +1 -1
- data/src/core/lib/gprpp/thd_posix.cc +6 -1
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli.cc +1 -1
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +3 -3
- data/src/core/lib/http/parser.cc +1 -2
- data/src/core/lib/iomgr/buffer_list.h +1 -1
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/error.cc +15 -11
- data/src/core/lib/iomgr/error.h +1 -1
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +11 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +23 -16
- data/src/core/lib/iomgr/ev_epollex_linux.cc +21 -17
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -7
- data/src/core/lib/iomgr/ev_posix.cc +3 -3
- data/src/core/lib/iomgr/exec_ctx.cc +6 -2
- data/src/core/lib/iomgr/exec_ctx.h +6 -4
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/threadpool.h +1 -1
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +52 -46
- data/src/core/lib/iomgr/parse_address.h +13 -9
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -1
- data/src/core/lib/iomgr/python_util.h +1 -1
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resource_quota.cc +5 -5
- data/src/core/lib/iomgr/sockaddr_utils.cc +131 -11
- data/src/core/lib/iomgr/sockaddr_utils.h +26 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_custom.cc +7 -6
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_custom.cc +22 -17
- data/src/core/lib/iomgr/tcp_posix.cc +14 -14
- data/src/core/lib/iomgr/tcp_server_custom.cc +28 -22
- data/src/core/lib/iomgr/tcp_uv.cc +2 -2
- data/src/core/lib/iomgr/timer_custom.cc +3 -3
- data/src/core/lib/iomgr/timer_generic.cc +5 -5
- data/src/core/lib/iomgr/timer_manager.cc +3 -3
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/udp_server.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +17 -18
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/json/json.h +10 -0
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/credentials.cc +6 -6
- data/src/core/lib/security/credentials/credentials.h +2 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +15 -10
- data/src/core/lib/security/credentials/external/aws_request_signer.h +1 -2
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +217 -31
- data/src/core/lib/security/credentials/external/external_account_credentials.h +7 -5
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +5 -6
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +3 -4
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +20 -18
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +5 -6
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +25 -18
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +18 -5
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -4
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +3 -6
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +37 -44
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -4
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +7 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +1 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +1 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +326 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +64 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +0 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +3 -2
- data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +209 -10
- data/src/core/lib/security/credentials/xds/xds_credentials.h +27 -9
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +50 -17
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +23 -6
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
- data/src/core/lib/security/security_connector/security_connector.cc +3 -2
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -6
- data/src/core/lib/security/security_connector/ssl_utils.h +12 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +89 -26
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +2 -3
- data/src/core/lib/security/transport/secure_endpoint.cc +2 -2
- data/src/core/lib/security/transport/security_handshaker.cc +35 -7
- data/src/core/lib/slice/slice_intern.cc +9 -11
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/call.cc +32 -24
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/channel.cc +16 -10
- data/src/core/lib/surface/channel.h +6 -5
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/completion_queue.cc +24 -19
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/init.cc +19 -20
- data/src/core/lib/surface/lame_client.cc +47 -54
- data/src/core/lib/surface/lame_client.h +5 -0
- data/src/core/lib/surface/server.cc +102 -51
- data/src/core/lib/surface/server.h +112 -18
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +6 -4
- data/src/core/lib/transport/authority_override.h +5 -2
- data/src/core/lib/transport/connectivity_state.h +6 -4
- data/src/core/lib/transport/error_utils.h +1 -1
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +18 -4
- data/src/core/lib/transport/static_metadata.cc +1 -1
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/transport.h +7 -7
- data/src/core/lib/uri/uri_parser.cc +131 -249
- data/src/core/lib/uri/uri_parser.h +57 -21
- data/src/core/plugin_registry/grpc_plugin_registry.cc +22 -4
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +19 -25
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +39 -44
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +16 -5
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
- data/src/core/tsi/ssl_transport_security.cc +62 -52
- data/src/core/tsi/ssl_transport_security.h +6 -9
- data/src/core/tsi/transport_security.cc +6 -6
- data/src/core/tsi/transport_security_interface.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +9 -1
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +14 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +34 -13
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +35 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +18 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +32 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +2 -2
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +2 -6
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +715 -713
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +67 -33
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +362 -50
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +248 -167
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +525 -516
- data/third_party/upb/upb/def.h +16 -31
- data/third_party/upb/upb/def.hpp +37 -123
- data/third_party/upb/upb/encode.c +227 -169
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/msg.c +167 -88
- data/third_party/upb/upb/msg.h +174 -34
- data/third_party/upb/upb/port_def.inc +74 -61
- data/third_party/upb/upb/port_undef.inc +3 -7
- data/third_party/upb/upb/reflection.c +36 -19
- data/third_party/upb/upb/table.c +34 -197
- data/third_party/upb/upb/table.int.h +14 -5
- data/third_party/upb/upb/text_encode.c +45 -22
- data/third_party/upb/upb/text_encode.h +4 -1
- data/third_party/upb/upb/upb.c +18 -41
- data/third_party/upb/upb/upb.h +36 -7
- data/third_party/upb/upb/upb.hpp +4 -4
- data/third_party/upb/upb/upb.int.h +29 -0
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +152 -82
- data/src/core/ext/filters/client_channel/lb_policy/xds/eds.cc +0 -909
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -485
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -68
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -355
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -138
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -53
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -129
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -77
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -85
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -160
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -84
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.cc +0 -265
- data/src/core/ext/xds/google_mesh_ca_certificate_provider_factory.h +0 -104
- data/src/core/lib/gprpp/map.h +0 -53
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
- data/src/core/lib/security/authorization/authorization_engine.h +0 -84
- data/src/core/lib/security/authorization/evaluate_args.cc +0 -153
- data/src/core/lib/security/authorization/evaluate_args.h +0 -59
- data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -44
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -69
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -97
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -57
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -504
- data/third_party/upb/upb/port.c +0 -26
@@ -206,13 +206,27 @@ extern "C" {
|
|
206
206
|
// ExtensionType value from draft-ietf-tokbind-negotiation-10
|
207
207
|
#define TLSEXT_TYPE_token_binding 24
|
208
208
|
|
209
|
-
// ExtensionType value from draft-ietf-quic-tls.
|
210
|
-
//
|
211
|
-
//
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
209
|
+
// ExtensionType value from draft-ietf-quic-tls. Drafts 00 through 32 use
|
210
|
+
// 0xffa5 which is part of the Private Use section of the registry, and it
|
211
|
+
// collides with TLS-LTS and, based on scans, something else too (though this
|
212
|
+
// hasn't been a problem in practice since it's QUIC-only). Drafts 33 onward
|
213
|
+
// use the value 57 which was officially registered with IANA.
|
214
|
+
#define TLSEXT_TYPE_quic_transport_parameters_legacy 0xffa5
|
215
|
+
#define TLSEXT_TYPE_quic_transport_parameters_standard 57
|
216
|
+
|
217
|
+
// TLSEXT_TYPE_quic_transport_parameters is an alias for
|
218
|
+
// |TLSEXT_TYPE_quic_transport_parameters_legacy|. It will switch to
|
219
|
+
// |TLSEXT_TYPE_quic_transport_parameters_standard| at a later date.
|
220
|
+
//
|
221
|
+
// Callers using |SSL_set_quic_use_legacy_codepoint| should use
|
222
|
+
// |TLSEXT_TYPE_quic_transport_parameters_legacy| or
|
223
|
+
// |TLSEXT_TYPE_quic_transport_parameters_standard| rather than this constant.
|
224
|
+
// When the default code point is switched to the standard one, this value will
|
225
|
+
// be updated and we will transition callers back to the unsuffixed constant.
|
226
|
+
#define TLSEXT_TYPE_quic_transport_parameters \
|
227
|
+
TLSEXT_TYPE_quic_transport_parameters_legacy
|
228
|
+
|
229
|
+
// ExtensionType value from RFC8879
|
216
230
|
#define TLSEXT_TYPE_cert_compression 27
|
217
231
|
|
218
232
|
// ExtensionType value from RFC4507
|
@@ -239,6 +253,11 @@ extern "C" {
|
|
239
253
|
// extension number.
|
240
254
|
#define TLSEXT_TYPE_application_settings 17513
|
241
255
|
|
256
|
+
// ExtensionType values from draft-ietf-tls-esni-09. This is not an IANA defined
|
257
|
+
// extension number.
|
258
|
+
#define TLSEXT_TYPE_encrypted_client_hello 0xfe09
|
259
|
+
#define TLSEXT_TYPE_ech_is_inner 0xda09
|
260
|
+
|
242
261
|
// ExtensionType value from RFC6962
|
243
262
|
#define TLSEXT_TYPE_certificate_timestamp 18
|
244
263
|
|
@@ -271,7 +290,7 @@ extern "C" {
|
|
271
290
|
#define TLSEXT_hash_sha384 5
|
272
291
|
#define TLSEXT_hash_sha512 6
|
273
292
|
|
274
|
-
// From https://
|
293
|
+
// From https://www.rfc-editor.org/rfc/rfc8879.html#section-3
|
275
294
|
#define TLSEXT_cert_compression_zlib 1
|
276
295
|
#define TLSEXT_cert_compression_brotli 2
|
277
296
|
|
@@ -143,7 +143,7 @@ DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
|
|
143
143
|
|
144
144
|
// we always keep X509_NAMEs in 2 forms.
|
145
145
|
struct X509_name_st {
|
146
|
-
STACK_OF(X509_NAME_ENTRY) *
|
146
|
+
STACK_OF(X509_NAME_ENTRY) *entries;
|
147
147
|
int modified; // true if 'bytes' needs to be built
|
148
148
|
BUF_MEM *bytes;
|
149
149
|
// unsigned long hash; Keep the hash around for lookups
|
@@ -170,7 +170,7 @@ struct x509_attributes_st {
|
|
170
170
|
int single; // 0 for a set, 1 for a single item (which is wrong)
|
171
171
|
union {
|
172
172
|
char *ptr;
|
173
|
-
/* 0 */ STACK_OF(ASN1_TYPE) *
|
173
|
+
/* 0 */ STACK_OF(ASN1_TYPE) *set;
|
174
174
|
/* 1 */ ASN1_TYPE *single;
|
175
175
|
} value;
|
176
176
|
} /* X509_ATTRIBUTE */;
|
@@ -185,7 +185,7 @@ struct X509_req_info_st {
|
|
185
185
|
X509_NAME *subject;
|
186
186
|
X509_PUBKEY *pubkey;
|
187
187
|
// d=2 hl=2 l= 0 cons: cont: 00
|
188
|
-
STACK_OF(X509_ATTRIBUTE) *
|
188
|
+
STACK_OF(X509_ATTRIBUTE) *attributes; // [ 0 ]
|
189
189
|
} /* X509_REQ_INFO */;
|
190
190
|
|
191
191
|
struct X509_req_st {
|
@@ -203,9 +203,9 @@ struct x509_cinf_st {
|
|
203
203
|
X509_VAL *validity;
|
204
204
|
X509_NAME *subject;
|
205
205
|
X509_PUBKEY *key;
|
206
|
-
ASN1_BIT_STRING *issuerUID;
|
207
|
-
ASN1_BIT_STRING *subjectUID;
|
208
|
-
STACK_OF(X509_EXTENSION) *
|
206
|
+
ASN1_BIT_STRING *issuerUID; // [ 1 ] optional in v2
|
207
|
+
ASN1_BIT_STRING *subjectUID; // [ 2 ] optional in v2
|
208
|
+
STACK_OF(X509_EXTENSION) *extensions; // [ 3 ] optional in v3
|
209
209
|
ASN1_ENCODING enc;
|
210
210
|
} /* X509_CINF */;
|
211
211
|
|
@@ -215,11 +215,11 @@ struct x509_cinf_st {
|
|
215
215
|
// the end of the certificate itself
|
216
216
|
|
217
217
|
struct x509_cert_aux_st {
|
218
|
-
STACK_OF(ASN1_OBJECT) *
|
219
|
-
STACK_OF(ASN1_OBJECT) *
|
220
|
-
ASN1_UTF8STRING *alias;
|
221
|
-
ASN1_OCTET_STRING *keyid;
|
222
|
-
STACK_OF(X509_ALGOR) *
|
218
|
+
STACK_OF(ASN1_OBJECT) *trust; // trusted uses
|
219
|
+
STACK_OF(ASN1_OBJECT) *reject; // rejected uses
|
220
|
+
ASN1_UTF8STRING *alias; // "friendly name"
|
221
|
+
ASN1_OCTET_STRING *keyid; // key id of private key
|
222
|
+
STACK_OF(X509_ALGOR) *other; // other unspecified info
|
223
223
|
} /* X509_CERT_AUX */;
|
224
224
|
|
225
225
|
DECLARE_STACK_OF(DIST_POINT)
|
@@ -241,8 +241,8 @@ struct x509_st {
|
|
241
241
|
ASN1_OCTET_STRING *skid;
|
242
242
|
AUTHORITY_KEYID *akid;
|
243
243
|
X509_POLICY_CACHE *policy_cache;
|
244
|
-
STACK_OF(DIST_POINT) *
|
245
|
-
STACK_OF(GENERAL_NAME) *
|
244
|
+
STACK_OF(DIST_POINT) *crldp;
|
245
|
+
STACK_OF(GENERAL_NAME) *altname;
|
246
246
|
NAME_CONSTRAINTS *nc;
|
247
247
|
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
248
248
|
X509_CERT_AUX *aux;
|
@@ -364,9 +364,9 @@ DEFINE_STACK_OF(X509_TRUST)
|
|
364
364
|
struct x509_revoked_st {
|
365
365
|
ASN1_INTEGER *serialNumber;
|
366
366
|
ASN1_TIME *revocationDate;
|
367
|
-
STACK_OF(X509_EXTENSION) /* optional */ *
|
367
|
+
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
|
368
368
|
// Set up if indirect CRL
|
369
|
-
STACK_OF(GENERAL_NAME) *
|
369
|
+
STACK_OF(GENERAL_NAME) *issuer;
|
370
370
|
// Revocation reason
|
371
371
|
int reason;
|
372
372
|
int sequence; // load sequence
|
@@ -381,8 +381,8 @@ struct X509_crl_info_st {
|
|
381
381
|
X509_NAME *issuer;
|
382
382
|
ASN1_TIME *lastUpdate;
|
383
383
|
ASN1_TIME *nextUpdate;
|
384
|
-
STACK_OF(X509_REVOKED) *
|
385
|
-
STACK_OF(X509_EXTENSION) /* [0] */ *
|
384
|
+
STACK_OF(X509_REVOKED) *revoked;
|
385
|
+
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
|
386
386
|
ASN1_ENCODING enc;
|
387
387
|
} /* X509_CRL_INFO */;
|
388
388
|
|
@@ -405,7 +405,7 @@ struct X509_crl_st {
|
|
405
405
|
ASN1_INTEGER *crl_number;
|
406
406
|
ASN1_INTEGER *base_crl_number;
|
407
407
|
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
408
|
-
STACK_OF(GENERAL_NAMES) *
|
408
|
+
STACK_OF(GENERAL_NAMES) *issuers;
|
409
409
|
const X509_CRL_METHOD *meth;
|
410
410
|
void *meth_data;
|
411
411
|
} /* X509_CRL */;
|
@@ -610,8 +610,8 @@ OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
|
|
610
610
|
OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
|
611
611
|
|
612
612
|
// X509_CRL_get0_extensions returns |crl|'s extension list.
|
613
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
614
|
-
|
613
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(
|
614
|
+
const X509_CRL *crl);
|
615
615
|
|
616
616
|
// X509_CINF_set_modified marks |cinf| as modified so that changes will be
|
617
617
|
// reflected in serializing the structure.
|
@@ -697,9 +697,8 @@ OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
|
|
697
697
|
OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
|
698
698
|
|
699
699
|
// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
|
700
|
-
// |EVP_PKEY|, or NULL on error. The
|
701
|
-
//
|
702
|
-
// |EVP_PKEY_up_ref| to extend the lifetime.
|
700
|
+
// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
|
701
|
+
// pointer and must call |EVP_PKEY_free| when done.
|
703
702
|
OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
|
704
703
|
|
705
704
|
// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
|
@@ -718,25 +717,95 @@ OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
|
|
718
717
|
OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
|
719
718
|
const ASN1_STRING *sig);
|
720
719
|
|
721
|
-
|
722
|
-
|
723
|
-
|
724
|
-
|
725
|
-
OPENSSL_EXPORT int
|
726
|
-
|
727
|
-
|
720
|
+
// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
|
721
|
+
// signature fields. It returns one on success and zero on error. This function
|
722
|
+
// uses digest algorithm |md|, or |pkey|'s default if NULL. Other signing
|
723
|
+
// parameters use |pkey|'s defaults. To customize them, use |X509_sign_ctx|.
|
724
|
+
OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
|
725
|
+
|
726
|
+
// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
|
727
|
+
// and signature fields. It returns one on success and zero on error. The
|
728
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
729
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
730
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
731
|
+
OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
|
732
|
+
|
733
|
+
// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
|
734
|
+
// and signature fields. It returns one on success and zero on error. This
|
735
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
736
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
737
|
+
// |X509_REQ_sign_ctx|.
|
738
|
+
OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
|
739
|
+
const EVP_MD *md);
|
740
|
+
|
741
|
+
// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
|
742
|
+
// and signature fields. It returns one on success and zero on error. The
|
743
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
744
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
745
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
746
|
+
OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
|
747
|
+
|
748
|
+
// X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm
|
749
|
+
// and signature fields. It returns one on success and zero on error. This
|
750
|
+
// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
751
|
+
// signing parameters use |pkey|'s defaults. To customize them, use
|
752
|
+
// |X509_CRL_sign_ctx|.
|
753
|
+
OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey,
|
754
|
+
const EVP_MD *md);
|
755
|
+
|
756
|
+
// X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm
|
757
|
+
// and signature fields. It returns one on success and zero on error. The
|
758
|
+
// signature algorithm and parameters come from |ctx|, which must have been
|
759
|
+
// initialized with |EVP_DigestSignInit|. The caller should configure the
|
760
|
+
// corresponding |EVP_PKEY_CTX| before calling this function.
|
761
|
+
OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx);
|
762
|
+
|
763
|
+
// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
|
764
|
+
// algorithm and signature fields. It returns one on success and zero on error.
|
765
|
+
// This function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
|
766
|
+
// signing parameters use |pkey|'s defaults.
|
767
|
+
OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
|
728
768
|
const EVP_MD *md);
|
729
769
|
|
730
|
-
|
731
|
-
|
732
|
-
|
733
|
-
|
734
|
-
|
735
|
-
|
736
|
-
|
737
|
-
|
738
|
-
|
739
|
-
|
770
|
+
// X509_pubkey_digest hashes the DER encoding of |x509|'s subjectPublicKeyInfo
|
771
|
+
// field with |md| and writes the result to |out|. |EVP_MD_CTX_size| bytes are
|
772
|
+
// written, which is at most |EVP_MAX_MD_SIZE|. If |out_len| is not NULL,
|
773
|
+
// |*out_len| is set to the number of bytes written. This function returns one
|
774
|
+
// on success and zero on error.
|
775
|
+
OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
|
776
|
+
uint8_t *out, unsigned *out_len);
|
777
|
+
|
778
|
+
// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
|
779
|
+
// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
780
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
781
|
+
// of bytes written. This function returns one on success and zero on error.
|
782
|
+
// Note this digest covers the entire certificate, not just the signed portion.
|
783
|
+
OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
|
784
|
+
unsigned *out_len);
|
785
|
+
|
786
|
+
// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
|
787
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
788
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
789
|
+
// of bytes written. This function returns one on success and zero on error.
|
790
|
+
// Note this digest covers the entire CRL, not just the signed portion.
|
791
|
+
OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
|
792
|
+
uint8_t *out, unsigned *out_len);
|
793
|
+
|
794
|
+
// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
|
795
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
796
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
797
|
+
// of bytes written. This function returns one on success and zero on error.
|
798
|
+
// Note this digest covers the entire certificate request, not just the signed
|
799
|
+
// portion.
|
800
|
+
OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
|
801
|
+
uint8_t *out, unsigned *out_len);
|
802
|
+
|
803
|
+
// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
|
804
|
+
// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
|
805
|
+
// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
|
806
|
+
// of bytes written. This function returns one on success and zero on error.
|
807
|
+
OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
|
808
|
+
uint8_t *out, unsigned *out_len);
|
740
809
|
|
741
810
|
// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
|
742
811
|
// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
|
@@ -899,14 +968,58 @@ OPENSSL_EXPORT int i2d_X509_AUX(X509 *a, unsigned char **pp);
|
|
899
968
|
OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp,
|
900
969
|
long length);
|
901
970
|
|
902
|
-
|
971
|
+
// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|. If |outp| is
|
972
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
973
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
974
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
975
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
976
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
977
|
+
// function returns the number of bytes in the result, whether written or not,
|
978
|
+
// or a negative value on error.
|
979
|
+
//
|
980
|
+
// This function re-encodes the TBSCertificate and may not reflect |x509|'s
|
981
|
+
// original encoding. It may be used to manually generate a signature for a new
|
982
|
+
// certificate. To verify certificates, use |i2d_X509_tbs| instead.
|
983
|
+
OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
|
984
|
+
|
985
|
+
// i2d_X509_tbs serializes the TBSCertificate portion of |x509|. If |outp| is
|
986
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
987
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
988
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
989
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
990
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
991
|
+
// function returns the number of bytes in the result, whether written or not,
|
992
|
+
// or a negative value on error.
|
993
|
+
//
|
994
|
+
// This function preserves the original encoding of the TBSCertificate and may
|
995
|
+
// not reflect modifications made to |x509|. It may be used to manually verify
|
996
|
+
// the signature of an existing certificate. To generate certificates, use
|
997
|
+
// |i2d_re_X509_tbs| instead.
|
998
|
+
OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
|
999
|
+
|
1000
|
+
// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
|
1001
|
+
// returns one on success or zero on error. It updates both the signature field
|
1002
|
+
// of the TBSCertificate structure, and the signatureAlgorithm field of the
|
1003
|
+
// Certificate.
|
1004
|
+
OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
|
1005
|
+
|
1006
|
+
// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
|
1007
|
+
// bytes pointed by |sig|. It returns one on success and zero on error.
|
1008
|
+
//
|
1009
|
+
// Due to a specification error, X.509 certificates store signatures in ASN.1
|
1010
|
+
// BIT STRINGs, but signature algorithms return byte strings rather than bit
|
1011
|
+
// strings. This function creates a BIT STRING containing a whole number of
|
1012
|
+
// bytes, with the bit order matching the DER encoding. This matches the
|
1013
|
+
// encoding used by all X.509 signature algorithms.
|
1014
|
+
OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
|
1015
|
+
size_t sig_len);
|
903
1016
|
|
904
1017
|
OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **psig,
|
905
1018
|
const X509_ALGOR **palg, const X509 *x);
|
906
1019
|
OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x);
|
907
1020
|
|
908
|
-
OPENSSL_EXPORT int X509_alias_set1(X509 *x, unsigned char *name, int len);
|
909
|
-
OPENSSL_EXPORT int X509_keyid_set1(X509 *x, unsigned char *id, int len);
|
1021
|
+
OPENSSL_EXPORT int X509_alias_set1(X509 *x, const unsigned char *name, int len);
|
1022
|
+
OPENSSL_EXPORT int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
|
910
1023
|
OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x, int *len);
|
911
1024
|
OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x, int *len);
|
912
1025
|
OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int, X509 *,
|
@@ -968,8 +1081,8 @@ OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *a);
|
|
968
1081
|
OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
969
1082
|
OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x);
|
970
1083
|
OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
|
971
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
972
|
-
|
1084
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
|
1085
|
+
const X509 *x);
|
973
1086
|
OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
|
974
1087
|
|
975
1088
|
OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x, long version);
|
@@ -984,13 +1097,12 @@ OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
|
|
984
1097
|
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
|
985
1098
|
OPENSSL_EXPORT const int *X509_REQ_get_extension_nids(void);
|
986
1099
|
OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids);
|
987
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
988
|
-
X509_REQ_get_extensions(X509_REQ *req);
|
1100
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
|
989
1101
|
OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req,
|
990
|
-
STACK_OF(X509_EXTENSION) *
|
1102
|
+
STACK_OF(X509_EXTENSION) *exts,
|
991
1103
|
int nid);
|
992
1104
|
OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req,
|
993
|
-
STACK_OF(X509_EXTENSION) *
|
1105
|
+
STACK_OF(X509_EXTENSION) *exts);
|
994
1106
|
OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
|
995
1107
|
OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
|
996
1108
|
int lastpos);
|
@@ -1020,20 +1132,59 @@ OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
|
|
1020
1132
|
const ASN1_BIT_STRING **psig,
|
1021
1133
|
const X509_ALGOR **palg);
|
1022
1134
|
OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
|
1023
|
-
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
|
1024
1135
|
|
1136
|
+
// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|. If |outp| is
|
1137
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
1138
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
1139
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
1140
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
1141
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
1142
|
+
// function returns the number of bytes in the result, whether written or not,
|
1143
|
+
// or a negative value on error.
|
1144
|
+
//
|
1145
|
+
// This function re-encodes the TBSCertList and may not reflect |crl|'s original
|
1146
|
+
// encoding. It may be used to manually generate a signature for a new CRL. To
|
1147
|
+
// verify CRLs, use |i2d_X509_CRL_tbs| instead.
|
1148
|
+
OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
1149
|
+
|
1150
|
+
// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|. If |outp| is
|
1151
|
+
// NULL, nothing is written. Otherwise, if |*outp| is not NULL, the result is
|
1152
|
+
// written to |*outp|, which must have enough space available, and |*outp| is
|
1153
|
+
// advanced just past the output. If |outp| is non-NULL and |*outp| is NULL, it
|
1154
|
+
// sets |*outp| to a newly-allocated buffer containing the result. The caller is
|
1155
|
+
// responsible for releasing the buffer with |OPENSSL_free|. In all cases, this
|
1156
|
+
// function returns the number of bytes in the result, whether written or not,
|
1157
|
+
// or a negative value on error.
|
1158
|
+
//
|
1159
|
+
// This function preserves the original encoding of the TBSCertList and may not
|
1160
|
+
// reflect modifications made to |crl|. It may be used to manually verify the
|
1161
|
+
// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
|
1162
|
+
// instead.
|
1163
|
+
OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
|
1164
|
+
|
1165
|
+
// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
|
1166
|
+
// revoked by |revoked|.
|
1025
1167
|
OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
|
1026
|
-
const X509_REVOKED *
|
1027
|
-
|
1028
|
-
|
1168
|
+
const X509_REVOKED *revoked);
|
1169
|
+
|
1170
|
+
// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
|
1171
|
+
// returns one on success or zero on error.
|
1172
|
+
OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
|
1173
|
+
const ASN1_INTEGER *serial);
|
1174
|
+
|
1175
|
+
// X509_REVOKED_get0_revocationDate returns the revocation time of the
|
1176
|
+
// certificate revoked by |revoked|.
|
1029
1177
|
OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
|
1030
|
-
const X509_REVOKED *
|
1031
|
-
|
1032
|
-
|
1178
|
+
const X509_REVOKED *revoked);
|
1179
|
+
|
1180
|
+
// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
|
1181
|
+
// returns one on success or zero on error.
|
1182
|
+
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
|
1183
|
+
const ASN1_TIME *tm);
|
1033
1184
|
|
1034
1185
|
// X509_REVOKED_get0_extensions returns |r|'s extensions.
|
1035
|
-
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *
|
1036
|
-
|
1186
|
+
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
|
1187
|
+
const X509_REVOKED *r);
|
1037
1188
|
|
1038
1189
|
OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
|
1039
1190
|
EVP_PKEY *skey, const EVP_MD *md,
|
@@ -1043,14 +1194,13 @@ OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
|
|
1043
1194
|
|
1044
1195
|
OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
|
1045
1196
|
OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x,
|
1046
|
-
STACK_OF(X509) *
|
1197
|
+
STACK_OF(X509) *chain,
|
1047
1198
|
unsigned long flags);
|
1048
1199
|
OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
|
1049
1200
|
unsigned long flags);
|
1050
|
-
OPENSSL_EXPORT STACK_OF(X509) *
|
1201
|
+
OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
|
1051
1202
|
|
1052
1203
|
OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
|
1053
|
-
OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a);
|
1054
1204
|
|
1055
1205
|
OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
|
1056
1206
|
OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
|
@@ -1141,21 +1291,19 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
1141
1291
|
const X509_NAME_ENTRY *ne);
|
1142
1292
|
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
1143
1293
|
|
1144
|
-
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *
|
1145
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *
|
1294
|
+
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
1295
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
1146
1296
|
int nid, int lastpos);
|
1147
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *
|
1297
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
1148
1298
|
const ASN1_OBJECT *obj, int lastpos);
|
1149
|
-
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *
|
1150
|
-
x,
|
1299
|
+
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
1151
1300
|
int crit, int lastpos);
|
1152
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *
|
1153
|
-
x,
|
1301
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
|
1154
1302
|
int loc);
|
1155
|
-
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *
|
1303
|
+
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
|
1156
1304
|
int loc);
|
1157
|
-
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *
|
1158
|
-
|
1305
|
+
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
|
1306
|
+
STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
|
1159
1307
|
|
1160
1308
|
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
1161
1309
|
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
@@ -1166,12 +1314,27 @@ OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
|
1166
1314
|
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
1167
1315
|
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
1168
1316
|
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
1169
|
-
|
1317
|
+
|
1318
|
+
// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
|
1319
|
+
// |x509|'s extension list.
|
1320
|
+
//
|
1321
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
1322
|
+
// for |X509V3_get_d2i| for details.
|
1323
|
+
OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
|
1324
|
+
int *out_critical, int *out_idx);
|
1325
|
+
|
1326
|
+
// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
|
1327
|
+
// |x|'s extension list.
|
1328
|
+
//
|
1329
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
1330
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
1331
|
+
// |X509V3_add1_i2d| for details.
|
1170
1332
|
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
1171
1333
|
unsigned long flags);
|
1172
1334
|
|
1173
1335
|
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
1174
|
-
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
1336
|
+
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
1337
|
+
int lastpos);
|
1175
1338
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
1176
1339
|
const ASN1_OBJECT *obj, int lastpos);
|
1177
1340
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
@@ -1179,8 +1342,21 @@ OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
|
1179
1342
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
1180
1343
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
1181
1344
|
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
1182
|
-
|
1183
|
-
|
1345
|
+
|
1346
|
+
// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
1347
|
+
// extension in |crl|'s extension list.
|
1348
|
+
//
|
1349
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
1350
|
+
// for |X509V3_get_d2i| for details.
|
1351
|
+
OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
|
1352
|
+
int *out_critical, int *out_idx);
|
1353
|
+
|
1354
|
+
// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
|
1355
|
+
// to |x|'s extension list.
|
1356
|
+
//
|
1357
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
1358
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
1359
|
+
// |X509V3_add1_i2d| for details.
|
1184
1360
|
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
1185
1361
|
int crit, unsigned long flags);
|
1186
1362
|
|
@@ -1198,8 +1374,22 @@ OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
|
1198
1374
|
int loc);
|
1199
1375
|
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
1200
1376
|
int loc);
|
1201
|
-
|
1202
|
-
|
1377
|
+
|
1378
|
+
// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
1379
|
+
// extension in |revoked|'s extension list.
|
1380
|
+
//
|
1381
|
+
// WARNING: This function is difficult to use correctly. See the documentation
|
1382
|
+
// for |X509V3_get_d2i| for details.
|
1383
|
+
OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
|
1384
|
+
int nid, int *out_critical,
|
1385
|
+
int *out_idx);
|
1386
|
+
|
1387
|
+
// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
|
1388
|
+
// extension to |x|'s extension list.
|
1389
|
+
//
|
1390
|
+
// WARNING: This function may return zero or -1 on error. The caller must also
|
1391
|
+
// ensure |value|'s type matches |nid|. See the documentation for
|
1392
|
+
// |X509V3_add1_i2d| for details.
|
1203
1393
|
OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
1204
1394
|
void *value, int crit,
|
1205
1395
|
unsigned long flags);
|
@@ -1218,29 +1408,27 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
|
1218
1408
|
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
1219
1409
|
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
1220
1410
|
|
1221
|
-
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *
|
1222
|
-
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *
|
1411
|
+
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
|
1412
|
+
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
|
1223
1413
|
int nid, int lastpos);
|
1224
|
-
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *
|
1414
|
+
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
|
1225
1415
|
const ASN1_OBJECT *obj, int lastpos);
|
1226
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
1227
|
-
|
1228
|
-
|
1229
|
-
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) * x,
|
1416
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
1417
|
+
const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
1418
|
+
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
|
1230
1419
|
int loc);
|
1231
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *
|
1232
|
-
|
1233
|
-
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *
|
1234
|
-
|
1235
|
-
|
1236
|
-
|
1237
|
-
|
1238
|
-
|
1239
|
-
|
1240
|
-
|
1241
|
-
|
1242
|
-
|
1243
|
-
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) * x,
|
1420
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
|
1421
|
+
STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
|
1422
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
|
1423
|
+
STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
|
1424
|
+
const unsigned char *bytes, int len);
|
1425
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
|
1426
|
+
STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
|
1427
|
+
int len);
|
1428
|
+
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
|
1429
|
+
STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
|
1430
|
+
const unsigned char *bytes, int len);
|
1431
|
+
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
|
1244
1432
|
ASN1_OBJECT *obj, int lastpos,
|
1245
1433
|
int type);
|
1246
1434
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(
|
@@ -1265,10 +1453,10 @@ OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr,
|
|
1265
1453
|
OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
|
1266
1454
|
|
1267
1455
|
// lookup a cert from a X509 STACK
|
1268
|
-
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *
|
1456
|
+
OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
|
1269
1457
|
X509_NAME *name,
|
1270
1458
|
ASN1_INTEGER *serial);
|
1271
|
-
OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *
|
1459
|
+
OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
|
1272
1460
|
|
1273
1461
|
// PKCS#8 utilities
|
1274
1462
|
|