grpc 1.35.0.pre1 → 1.37.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +121 -89
- data/include/grpc/grpc.h +15 -1
- data/include/grpc/grpc_security.h +16 -11
- data/include/grpc/impl/codegen/port_platform.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel.cc +359 -331
- data/src/core/ext/filters/client_channel/client_channel.h +0 -2
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/config_selector.h +9 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +9 -4
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy.cc +3 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +289 -170
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -25
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +232 -110
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver.h +1 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +36 -45
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +34 -50
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +16 -14
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +18 -15
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +307 -155
- data/src/core/ext/filters/client_channel/server_address.cc +9 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +69 -146
- data/src/core/ext/filters/client_channel/subchannel.h +63 -95
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +10 -8
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +500 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +490 -178
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +39 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +11 -16
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +42 -59
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +15 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +75 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +6 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +25 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +41 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +122 -77
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +13 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +37 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +11 -9
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +44 -27
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +57 -16
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +150 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +19 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +64 -51
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +16 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +50 -18
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +4 -7
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -17
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +30 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +85 -73
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +0 -2
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +21 -4
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +29 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/resource.upb.c +9 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +10 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +753 -724
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +371 -377
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +8 -7
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/xds_api.cc +2149 -666
- data/src/core/ext/xds/xds_api.h +321 -119
- data/src/core/ext/xds/xds_bootstrap.cc +80 -45
- data/src/core/ext/xds/xds_bootstrap.h +17 -5
- data/src/core/ext/xds/xds_certificate_provider.cc +180 -74
- data/src/core/ext/xds/xds_certificate_provider.h +83 -44
- data/src/core/ext/xds/xds_client.cc +181 -34
- data/src/core/ext/xds/xds_client.h +29 -0
- data/src/core/ext/xds/xds_client_stats.cc +2 -1
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +425 -24
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +7 -0
- data/src/core/lib/channel/channelz.cc +92 -4
- data/src/core/lib/channel/channelz.h +30 -1
- data/src/core/lib/channel/channelz_registry.cc +14 -0
- data/src/core/lib/channel/handshaker.cc +2 -44
- data/src/core/lib/channel/handshaker.h +1 -18
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/gpr/log.cc +6 -1
- data/src/core/lib/gpr/sync_abseil.cc +3 -6
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gprpp/atomic.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/ref_counted.h +1 -1
- data/src/core/lib/gprpp/ref_counted_ptr.h +2 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +1 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli_security_connector.cc +2 -2
- data/src/core/lib/iomgr/buffer_list.h +1 -1
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/error.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +11 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -3
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -4
- data/src/core/lib/iomgr/ev_posix.cc +3 -3
- data/src/core/lib/iomgr/exec_ctx.cc +6 -2
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_utils.cc +121 -1
- data/src/core/lib/iomgr/sockaddr_utils.h +25 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +5 -8
- data/src/core/lib/iomgr/tcp_uv.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +2 -2
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials.h +2 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +2 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -6
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +0 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +128 -59
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +5 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +9 -4
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +32 -14
- data/src/core/lib/security/transport/security_handshaker.cc +33 -5
- data/src/core/lib/security/transport/server_auth_filter.cc +7 -0
- data/src/core/lib/slice/slice_intern.cc +5 -6
- data/src/core/lib/surface/channel.h +3 -3
- data/src/core/lib/surface/completion_queue.cc +1 -1
- data/src/core/lib/surface/init.cc +13 -15
- data/src/core/lib/surface/lame_client.cc +38 -19
- data/src/core/lib/surface/lame_client.h +4 -3
- data/src/core/lib/surface/server.cc +43 -36
- data/src/core/lib/surface/server.h +76 -14
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +14 -0
- data/src/core/plugin_registry/grpc_plugin_registry.cc +12 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +18 -24
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +16 -21
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
- data/src/core/tsi/fake_transport_security.cc +11 -2
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
- data/src/core/tsi/ssl_transport_security.cc +0 -3
- data/src/core/tsi/ssl_transport_security.h +0 -3
- data/src/ruby/ext/grpc/extconf.rb +9 -1
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +7 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +32 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +2 -2
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +715 -713
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +67 -33
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +362 -50
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +140 -84
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -60
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -143
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -84
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -94
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -173
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -92
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
- data/src/core/lib/security/authorization/authorization_engine.h +0 -84
- data/src/core/lib/security/authorization/evaluate_args.cc +0 -148
- data/src/core/lib/security/authorization/evaluate_args.h +0 -59
- data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -44
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -69
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -97
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -57
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -504
- data/third_party/upb/upb/json_decode.c +0 -1443
- data/third_party/upb/upb/json_decode.h +0 -23
- data/third_party/upb/upb/json_encode.c +0 -713
- data/third_party/upb/upb/json_encode.h +0 -36
@@ -92,6 +92,10 @@ typedef struct poly1305_state_internal_t {
|
|
92
92
|
} poly1305_state_internal; /* 448 bytes total + 63 bytes for
|
93
93
|
alignment = 511 bytes raw */
|
94
94
|
|
95
|
+
OPENSSL_STATIC_ASSERT(
|
96
|
+
sizeof(struct poly1305_state_internal_t) + 63 <= sizeof(poly1305_state),
|
97
|
+
"poly1305_state isn't large enough to hold aligned poly1305_state_internal_t");
|
98
|
+
|
95
99
|
static inline poly1305_state_internal *poly1305_aligned_state(
|
96
100
|
poly1305_state *state) {
|
97
101
|
return (poly1305_state_internal *)(((uint64_t)state + 63) & ~63);
|
@@ -0,0 +1,34 @@
|
|
1
|
+
/* Copyright (c) 2020, Google Inc.
|
2
|
+
*
|
3
|
+
* Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
* purpose with or without fee is hereby granted, provided that the above
|
5
|
+
* copyright notice and this permission notice appear in all copies.
|
6
|
+
*
|
7
|
+
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
8
|
+
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
|
10
|
+
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
|
14
|
+
|
15
|
+
#include <openssl/base.h>
|
16
|
+
#include "../fipsmodule/rand/internal.h"
|
17
|
+
|
18
|
+
#if defined(BORINGSSL_FIPS_PASSIVE_ENTROPY)
|
19
|
+
|
20
|
+
// RAND_need_entropy is called by the FIPS module when it has blocked because of
|
21
|
+
// a lack of entropy. This signal is used as an indication to feed it more.
|
22
|
+
void RAND_need_entropy(size_t bytes_needed) {
|
23
|
+
uint8_t buf[CTR_DRBG_ENTROPY_LEN * BORINGSSL_FIPS_OVERREAD];
|
24
|
+
size_t todo = sizeof(buf);
|
25
|
+
if (todo > bytes_needed) {
|
26
|
+
todo = bytes_needed;
|
27
|
+
}
|
28
|
+
|
29
|
+
int used_cpu;
|
30
|
+
CRYPTO_get_seed_entropy(buf, todo, &used_cpu);
|
31
|
+
RAND_load_entropy(buf, todo, used_cpu);
|
32
|
+
}
|
33
|
+
|
34
|
+
#endif // BORINGSSL_FIPS_PASSIVE_ENTROPY
|
@@ -63,6 +63,10 @@ RAND_METHOD *RAND_SSLeay(void) {
|
|
63
63
|
return (RAND_METHOD*) &kSSLeayMethod;
|
64
64
|
}
|
65
65
|
|
66
|
+
RAND_METHOD *RAND_OpenSSL(void) {
|
67
|
+
return RAND_SSLeay();
|
68
|
+
}
|
69
|
+
|
66
70
|
const RAND_METHOD *RAND_get_rand_method(void) { return RAND_SSLeay(); }
|
67
71
|
|
68
72
|
void RAND_set_rand_method(const RAND_METHOD *method) {}
|
@@ -57,7 +57,6 @@
|
|
57
57
|
#include <openssl/stack.h>
|
58
58
|
|
59
59
|
#include <assert.h>
|
60
|
-
#include <string.h>
|
61
60
|
|
62
61
|
#include <openssl/mem.h>
|
63
62
|
|
@@ -69,11 +68,9 @@
|
|
69
68
|
static const size_t kMinSize = 4;
|
70
69
|
|
71
70
|
_STACK *sk_new(stack_cmp_func comp) {
|
72
|
-
_STACK *ret;
|
73
|
-
|
74
|
-
ret = OPENSSL_malloc(sizeof(_STACK));
|
71
|
+
_STACK *ret = OPENSSL_malloc(sizeof(_STACK));
|
75
72
|
if (ret == NULL) {
|
76
|
-
|
73
|
+
return NULL;
|
77
74
|
}
|
78
75
|
OPENSSL_memset(ret, 0, sizeof(_STACK));
|
79
76
|
|
@@ -331,23 +328,20 @@ void *sk_pop(_STACK *sk) {
|
|
331
328
|
}
|
332
329
|
|
333
330
|
_STACK *sk_dup(const _STACK *sk) {
|
334
|
-
_STACK *ret;
|
335
|
-
void **s;
|
336
|
-
|
337
331
|
if (sk == NULL) {
|
338
332
|
return NULL;
|
339
333
|
}
|
340
334
|
|
341
|
-
ret =
|
335
|
+
_STACK *ret = OPENSSL_malloc(sizeof(_STACK));
|
342
336
|
if (ret == NULL) {
|
343
|
-
|
337
|
+
return NULL;
|
344
338
|
}
|
339
|
+
OPENSSL_memset(ret, 0, sizeof(_STACK));
|
345
340
|
|
346
|
-
|
347
|
-
if (
|
341
|
+
ret->data = OPENSSL_malloc(sizeof(void *) * sk->num_alloc);
|
342
|
+
if (ret->data == NULL) {
|
348
343
|
goto err;
|
349
344
|
}
|
350
|
-
ret->data = s;
|
351
345
|
|
352
346
|
ret->num = sk->num;
|
353
347
|
OPENSSL_memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
|
@@ -199,11 +199,15 @@ int x509_rsa_ctx_to_pss(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
|
|
199
199
|
if (saltlen == -1) {
|
200
200
|
saltlen = EVP_MD_size(sigmd);
|
201
201
|
} else if (saltlen == -2) {
|
202
|
+
// TODO(davidben): Forbid this mode. The world has largely standardized on
|
203
|
+
// salt length matching hash length.
|
202
204
|
saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
|
203
205
|
if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0) {
|
204
206
|
saltlen--;
|
205
207
|
}
|
206
|
-
} else {
|
208
|
+
} else if (saltlen != (int)EVP_MD_size(sigmd)) {
|
209
|
+
// We only allow salt length matching hash length and, for now, the -2 case.
|
210
|
+
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PSS_PARAMETERS);
|
207
211
|
return 0;
|
208
212
|
}
|
209
213
|
|
@@ -77,40 +77,12 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
|
|
77
77
|
|
78
78
|
ai = a->cert_info;
|
79
79
|
bi = b->cert_info;
|
80
|
-
i =
|
80
|
+
i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
|
81
81
|
if (i)
|
82
82
|
return (i);
|
83
83
|
return (X509_NAME_cmp(ai->issuer, bi->issuer));
|
84
84
|
}
|
85
85
|
|
86
|
-
unsigned long X509_issuer_and_serial_hash(X509 *a)
|
87
|
-
{
|
88
|
-
unsigned long ret = 0;
|
89
|
-
EVP_MD_CTX ctx;
|
90
|
-
unsigned char md[16];
|
91
|
-
char *f;
|
92
|
-
|
93
|
-
EVP_MD_CTX_init(&ctx);
|
94
|
-
f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
|
95
|
-
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
|
96
|
-
goto err;
|
97
|
-
if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
|
98
|
-
goto err;
|
99
|
-
OPENSSL_free(f);
|
100
|
-
if (!EVP_DigestUpdate
|
101
|
-
(&ctx, (unsigned char *)a->cert_info->serialNumber->data,
|
102
|
-
(unsigned long)a->cert_info->serialNumber->length))
|
103
|
-
goto err;
|
104
|
-
if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
|
105
|
-
goto err;
|
106
|
-
ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
|
107
|
-
((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
|
108
|
-
) & 0xffffffffL;
|
109
|
-
err:
|
110
|
-
EVP_MD_CTX_cleanup(&ctx);
|
111
|
-
return (ret);
|
112
|
-
}
|
113
|
-
|
114
86
|
int X509_issuer_name_cmp(const X509 *a, const X509 *b)
|
115
87
|
{
|
116
88
|
return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));
|
@@ -93,9 +93,10 @@ X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
|
|
93
93
|
return (X509v3_delete_ext(x->crl->extensions, loc));
|
94
94
|
}
|
95
95
|
|
96
|
-
void *X509_CRL_get_ext_d2i(const X509_CRL *
|
96
|
+
void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid, int *out_critical,
|
97
|
+
int *out_idx)
|
97
98
|
{
|
98
|
-
return X509V3_get_d2i(
|
99
|
+
return X509V3_get_d2i(crl->crl->extensions, nid, out_critical, out_idx);
|
99
100
|
}
|
100
101
|
|
101
102
|
int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
|
@@ -145,9 +146,11 @@ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
|
|
145
146
|
return (X509v3_add_ext(&(x->cert_info->extensions), ex, loc) != NULL);
|
146
147
|
}
|
147
148
|
|
148
|
-
void *X509_get_ext_d2i(const X509 *
|
149
|
+
void *X509_get_ext_d2i(const X509 *x509, int nid, int *out_critical,
|
150
|
+
int *out_idx)
|
149
151
|
{
|
150
|
-
return X509V3_get_d2i(
|
152
|
+
return X509V3_get_d2i(x509->cert_info->extensions, nid, out_critical,
|
153
|
+
out_idx);
|
151
154
|
}
|
152
155
|
|
153
156
|
int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
@@ -194,10 +197,10 @@ int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
|
|
194
197
|
return (X509v3_add_ext(&(x->extensions), ex, loc) != NULL);
|
195
198
|
}
|
196
199
|
|
197
|
-
void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *
|
198
|
-
int *
|
200
|
+
void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked, int nid,
|
201
|
+
int *out_critical, int *out_idx)
|
199
202
|
{
|
200
|
-
return X509V3_get_d2i(
|
203
|
+
return X509V3_get_d2i(revoked->extensions, nid, out_critical, out_idx);
|
201
204
|
}
|
202
205
|
|
203
206
|
int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
|
@@ -79,7 +79,7 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
|
|
79
79
|
xi = ret->cert_info;
|
80
80
|
|
81
81
|
if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) {
|
82
|
-
if ((xi->version =
|
82
|
+
if ((xi->version = ASN1_INTEGER_new()) == NULL)
|
83
83
|
goto err;
|
84
84
|
if (!ASN1_INTEGER_set(xi->version, 2))
|
85
85
|
goto err;
|
@@ -75,12 +75,12 @@ int X509_set_version(X509 *x, long version)
|
|
75
75
|
if (x == NULL)
|
76
76
|
return (0);
|
77
77
|
if (version == 0) {
|
78
|
-
|
78
|
+
ASN1_INTEGER_free(x->cert_info->version);
|
79
79
|
x->cert_info->version = NULL;
|
80
80
|
return (1);
|
81
81
|
}
|
82
82
|
if (x->cert_info->version == NULL) {
|
83
|
-
if ((x->cert_info->version =
|
83
|
+
if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL)
|
84
84
|
return (0);
|
85
85
|
}
|
86
86
|
return (ASN1_INTEGER_set(x->cert_info->version, version));
|
@@ -94,9 +94,9 @@ int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
|
|
94
94
|
return (0);
|
95
95
|
in = x->cert_info->serialNumber;
|
96
96
|
if (in != serial) {
|
97
|
-
in =
|
97
|
+
in = ASN1_INTEGER_dup(serial);
|
98
98
|
if (in != NULL) {
|
99
|
-
|
99
|
+
ASN1_INTEGER_free(x->cert_info->serialNumber);
|
100
100
|
x->cert_info->serialNumber = in;
|
101
101
|
}
|
102
102
|
}
|
@@ -125,9 +125,9 @@ int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm)
|
|
125
125
|
return (0);
|
126
126
|
in = x->cert_info->validity->notBefore;
|
127
127
|
if (in != tm) {
|
128
|
-
in =
|
128
|
+
in = ASN1_STRING_dup(tm);
|
129
129
|
if (in != NULL) {
|
130
|
-
|
130
|
+
ASN1_TIME_free(x->cert_info->validity->notBefore);
|
131
131
|
x->cert_info->validity->notBefore = in;
|
132
132
|
}
|
133
133
|
}
|
@@ -168,9 +168,9 @@ int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm)
|
|
168
168
|
return (0);
|
169
169
|
in = x->cert_info->validity->notAfter;
|
170
170
|
if (in != tm) {
|
171
|
-
in =
|
171
|
+
in = ASN1_STRING_dup(tm);
|
172
172
|
if (in != NULL) {
|
173
|
-
|
173
|
+
ASN1_TIME_free(x->cert_info->validity->notAfter);
|
174
174
|
x->cert_info->validity->notAfter = in;
|
175
175
|
}
|
176
176
|
}
|
@@ -248,7 +248,7 @@ int X509_EXTENSION_set_data(X509_EXTENSION *ex, const ASN1_OCTET_STRING *data)
|
|
248
248
|
|
249
249
|
if (ex == NULL)
|
250
250
|
return (0);
|
251
|
-
i =
|
251
|
+
i = ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
|
252
252
|
if (!i)
|
253
253
|
return (0);
|
254
254
|
return (1);
|
@@ -66,7 +66,7 @@ int X509_CRL_set_version(X509_CRL *x, long version)
|
|
66
66
|
if (x == NULL)
|
67
67
|
return (0);
|
68
68
|
if (x->crl->version == NULL) {
|
69
|
-
if ((x->crl->version =
|
69
|
+
if ((x->crl->version = ASN1_INTEGER_new()) == NULL)
|
70
70
|
return (0);
|
71
71
|
}
|
72
72
|
return (ASN1_INTEGER_set(x->crl->version, version));
|
@@ -87,9 +87,9 @@ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
|
|
87
87
|
return (0);
|
88
88
|
in = x->crl->lastUpdate;
|
89
89
|
if (in != tm) {
|
90
|
-
in =
|
90
|
+
in = ASN1_STRING_dup(tm);
|
91
91
|
if (in != NULL) {
|
92
|
-
|
92
|
+
ASN1_TIME_free(x->crl->lastUpdate);
|
93
93
|
x->crl->lastUpdate = in;
|
94
94
|
}
|
95
95
|
}
|
@@ -104,9 +104,9 @@ int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
|
|
104
104
|
return (0);
|
105
105
|
in = x->crl->nextUpdate;
|
106
106
|
if (in != tm) {
|
107
|
-
in =
|
107
|
+
in = ASN1_STRING_dup(tm);
|
108
108
|
if (in != NULL) {
|
109
|
-
|
109
|
+
ASN1_TIME_free(x->crl->nextUpdate);
|
110
110
|
x->crl->nextUpdate = in;
|
111
111
|
}
|
112
112
|
}
|
@@ -189,45 +189,46 @@ int X509_CRL_get_signature_nid(const X509_CRL *crl)
|
|
189
189
|
return OBJ_obj2nid(crl->sig_alg->algorithm);
|
190
190
|
}
|
191
191
|
|
192
|
-
const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *
|
192
|
+
const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *revoked)
|
193
193
|
{
|
194
|
-
return
|
194
|
+
return revoked->revocationDate;
|
195
195
|
}
|
196
196
|
|
197
|
-
int X509_REVOKED_set_revocationDate(X509_REVOKED *
|
197
|
+
int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked, const ASN1_TIME *tm)
|
198
198
|
{
|
199
199
|
ASN1_TIME *in;
|
200
200
|
|
201
|
-
if (
|
201
|
+
if (revoked == NULL)
|
202
202
|
return (0);
|
203
|
-
in =
|
203
|
+
in = revoked->revocationDate;
|
204
204
|
if (in != tm) {
|
205
|
-
in =
|
205
|
+
in = ASN1_STRING_dup(tm);
|
206
206
|
if (in != NULL) {
|
207
|
-
|
208
|
-
|
207
|
+
ASN1_TIME_free(revoked->revocationDate);
|
208
|
+
revoked->revocationDate = in;
|
209
209
|
}
|
210
210
|
}
|
211
211
|
return (in != NULL);
|
212
212
|
}
|
213
213
|
|
214
|
-
const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *
|
214
|
+
const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *revoked)
|
215
215
|
{
|
216
|
-
return
|
216
|
+
return revoked->serialNumber;
|
217
217
|
}
|
218
218
|
|
219
|
-
int X509_REVOKED_set_serialNumber(X509_REVOKED *
|
219
|
+
int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
|
220
|
+
const ASN1_INTEGER *serial)
|
220
221
|
{
|
221
222
|
ASN1_INTEGER *in;
|
222
223
|
|
223
|
-
if (
|
224
|
+
if (revoked == NULL)
|
224
225
|
return (0);
|
225
|
-
in =
|
226
|
+
in = revoked->serialNumber;
|
226
227
|
if (in != serial) {
|
227
|
-
in =
|
228
|
+
in = ASN1_INTEGER_dup(serial);
|
228
229
|
if (in != NULL) {
|
229
|
-
|
230
|
-
|
230
|
+
ASN1_INTEGER_free(revoked->serialNumber);
|
231
|
+
revoked->serialNumber = in;
|
231
232
|
}
|
232
233
|
}
|
233
234
|
return (in != NULL);
|
@@ -239,8 +240,13 @@ const STACK_OF(X509_EXTENSION) *
|
|
239
240
|
return r->extensions;
|
240
241
|
}
|
241
242
|
|
242
|
-
int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **
|
243
|
+
int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp)
|
243
244
|
{
|
244
245
|
crl->crl->enc.modified = 1;
|
245
|
-
return i2d_X509_CRL_INFO(crl->crl,
|
246
|
+
return i2d_X509_CRL_INFO(crl->crl, outp);
|
247
|
+
}
|
248
|
+
|
249
|
+
int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp)
|
250
|
+
{
|
251
|
+
return i2d_X509_CRL_INFO(crl->crl, outp);
|
246
252
|
}
|
@@ -85,27 +85,32 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
|
|
85
85
|
|
86
86
|
X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
|
87
87
|
{
|
88
|
-
|
89
|
-
|
88
|
+
const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
|
89
|
+
if (obj == NULL) {
|
90
|
+
return NULL;
|
91
|
+
}
|
90
92
|
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
ret->object = (ASN1_OBJECT *)OBJ_nid2obj(nid);
|
95
|
-
ret->single = 0;
|
96
|
-
if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
|
97
|
-
goto err;
|
98
|
-
if ((val = ASN1_TYPE_new()) == NULL)
|
93
|
+
X509_ATTRIBUTE *ret = X509_ATTRIBUTE_new();
|
94
|
+
ASN1_TYPE *val = ASN1_TYPE_new();
|
95
|
+
if (ret == NULL || val == NULL) {
|
99
96
|
goto err;
|
100
|
-
|
97
|
+
}
|
98
|
+
|
99
|
+
/* TODO(fork): const correctness. |ASN1_OBJECT| is messy because static
|
100
|
+
* objects are const but freeable with a no-op |ASN1_OBJECT_free|. */
|
101
|
+
ret->object = (ASN1_OBJECT *)obj;
|
102
|
+
ret->single = 0;
|
103
|
+
ret->value.set = sk_ASN1_TYPE_new_null();
|
104
|
+
if (ret->value.set == NULL ||
|
105
|
+
!sk_ASN1_TYPE_push(ret->value.set, val)) {
|
101
106
|
goto err;
|
107
|
+
}
|
102
108
|
|
103
109
|
ASN1_TYPE_set(val, atrtype, value);
|
104
|
-
return
|
110
|
+
return ret;
|
111
|
+
|
105
112
|
err:
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
ASN1_TYPE_free(val);
|
110
|
-
return (NULL);
|
113
|
+
X509_ATTRIBUTE_free(ret);
|
114
|
+
ASN1_TYPE_free(val);
|
115
|
+
return NULL;
|
111
116
|
}
|
@@ -393,8 +393,7 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
|
|
393
393
|
|
394
394
|
static int X509_REVOKED_cmp(const X509_REVOKED **a, const X509_REVOKED **b)
|
395
395
|
{
|
396
|
-
return
|
397
|
-
(ASN1_STRING *)(*b)->serialNumber));
|
396
|
+
return ASN1_STRING_cmp((*a)->serialNumber, (*b)->serialNumber);
|
398
397
|
}
|
399
398
|
|
400
399
|
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
|