grpc 1.35.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +60 -57
- data/include/grpc/grpc_security.h +16 -11
- data/src/core/ext/filters/client_channel/client_channel.cc +32 -26
- data/src/core/ext/filters/client_channel/client_channel.h +0 -2
- data/src/core/ext/filters/client_channel/config_selector.h +1 -1
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +289 -170
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +1 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +231 -109
- data/src/core/ext/filters/client_channel/resolver.cc +2 -5
- data/src/core/ext/filters/client_channel/resolver.h +1 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +36 -45
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +29 -41
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +16 -14
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +18 -15
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +362 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +22 -74
- data/src/core/ext/filters/client_channel/server_address.cc +6 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -2
- data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -1
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +47 -22
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +11 -16
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +42 -59
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +15 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +75 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +41 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +122 -77
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +13 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +37 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +11 -9
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +44 -27
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +42 -16
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +106 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +13 -16
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +51 -42
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +16 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +50 -18
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +4 -7
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -17
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +30 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +85 -73
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +0 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +21 -4
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +29 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/resource.upb.c +9 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +747 -724
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +369 -376
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/xds_api.cc +738 -567
- data/src/core/ext/xds/xds_api.h +46 -84
- data/src/core/ext/xds/xds_bootstrap.cc +59 -40
- data/src/core/ext/xds/xds_bootstrap.h +12 -4
- data/src/core/ext/xds/xds_certificate_provider.cc +180 -74
- data/src/core/ext/xds/xds_certificate_provider.h +83 -44
- data/src/core/ext/xds/xds_client.cc +13 -11
- data/src/core/ext/xds/xds_client.h +3 -0
- data/src/core/ext/xds/xds_client_stats.cc +2 -1
- data/src/core/ext/xds/xds_server_config_fetcher.cc +147 -11
- data/src/core/lib/channel/handshaker.cc +2 -5
- data/src/core/lib/channel/handshaker.h +1 -1
- data/src/core/lib/gpr/log.cc +6 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/ref_counted.h +1 -1
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli_security_connector.cc +2 -2
- data/src/core/lib/iomgr/ev_apple.cc +10 -7
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -4
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/sockaddr_utils.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +4 -4
- data/src/core/lib/security/authorization/matchers.cc +339 -0
- data/src/core/lib/security/authorization/matchers.h +158 -0
- data/src/core/lib/security/authorization/mock_cel/activation.h +1 -1
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +9 -7
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials.h +2 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +2 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -6
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +0 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +128 -59
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +5 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +3 -0
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +26 -14
- data/src/core/lib/security/transport/security_handshaker.cc +1 -3
- data/src/core/lib/slice/slice_intern.cc +1 -1
- data/src/core/lib/surface/init.cc +13 -15
- data/src/core/lib/surface/server.cc +3 -3
- data/src/core/lib/surface/server.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +17 -20
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +16 -21
- data/src/core/tsi/fake_transport_security.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
- data/src/core/tsi/ssl_transport_security.cc +0 -3
- data/src/core/tsi/ssl_transport_security.h +0 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +7 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +725 -723
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +128 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +42 -24
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -98
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +329 -31
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
- metadata +77 -65
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -60
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -143
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -84
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -94
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -173
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -92
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
|
@@ -0,0 +1,362 @@
|
|
|
1
|
+
//
|
|
2
|
+
// Copyright 2021 gRPC authors.
|
|
3
|
+
//
|
|
4
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
+
// you may not use this file except in compliance with the License.
|
|
6
|
+
// You may obtain a copy of the License at
|
|
7
|
+
//
|
|
8
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
+
//
|
|
10
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
11
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
+
// See the License for the specific language governing permissions and
|
|
14
|
+
// limitations under the License.
|
|
15
|
+
//
|
|
16
|
+
|
|
17
|
+
#include <grpc/support/port_platform.h>
|
|
18
|
+
|
|
19
|
+
#include "src/core/ext/filters/client_channel/resolver_registry.h"
|
|
20
|
+
#include "src/core/ext/xds/xds_client.h"
|
|
21
|
+
#include "src/core/lib/gpr/env.h"
|
|
22
|
+
#include "src/core/lib/http/httpcli.h"
|
|
23
|
+
#include "src/core/lib/iomgr/polling_entity.h"
|
|
24
|
+
#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"
|
|
25
|
+
|
|
26
|
+
namespace grpc_core {
|
|
27
|
+
|
|
28
|
+
namespace {
|
|
29
|
+
|
|
30
|
+
class GoogleCloud2ProdResolver : public Resolver {
|
|
31
|
+
public:
|
|
32
|
+
explicit GoogleCloud2ProdResolver(ResolverArgs args);
|
|
33
|
+
|
|
34
|
+
void StartLocked() override;
|
|
35
|
+
void RequestReresolutionLocked() override;
|
|
36
|
+
void ResetBackoffLocked() override;
|
|
37
|
+
void ShutdownLocked() override;
|
|
38
|
+
|
|
39
|
+
private:
|
|
40
|
+
// Represents an HTTP request to the metadata server.
|
|
41
|
+
class MetadataQuery : public InternallyRefCounted<MetadataQuery> {
|
|
42
|
+
public:
|
|
43
|
+
MetadataQuery(RefCountedPtr<GoogleCloud2ProdResolver> resolver,
|
|
44
|
+
const char* path, grpc_polling_entity* pollent);
|
|
45
|
+
~MetadataQuery() override;
|
|
46
|
+
|
|
47
|
+
void Orphan() override;
|
|
48
|
+
|
|
49
|
+
private:
|
|
50
|
+
static void OnHttpRequestDone(void* arg, grpc_error* error);
|
|
51
|
+
|
|
52
|
+
// Calls OnDone() if not already called. Releases a ref.
|
|
53
|
+
void MaybeCallOnDone(grpc_error* error);
|
|
54
|
+
|
|
55
|
+
// If error is not GRPC_ERROR_NONE, then it's not safe to look at response.
|
|
56
|
+
virtual void OnDone(GoogleCloud2ProdResolver* resolver,
|
|
57
|
+
const grpc_http_response* response,
|
|
58
|
+
grpc_error* error) = 0;
|
|
59
|
+
|
|
60
|
+
RefCountedPtr<GoogleCloud2ProdResolver> resolver_;
|
|
61
|
+
grpc_httpcli_context context_;
|
|
62
|
+
grpc_httpcli_response response_;
|
|
63
|
+
grpc_closure on_done_;
|
|
64
|
+
Atomic<bool> on_done_called_{false};
|
|
65
|
+
};
|
|
66
|
+
|
|
67
|
+
// A metadata server query to get the zone.
|
|
68
|
+
class ZoneQuery : public MetadataQuery {
|
|
69
|
+
public:
|
|
70
|
+
ZoneQuery(RefCountedPtr<GoogleCloud2ProdResolver> resolver,
|
|
71
|
+
grpc_polling_entity* pollent);
|
|
72
|
+
|
|
73
|
+
private:
|
|
74
|
+
void OnDone(GoogleCloud2ProdResolver* resolver,
|
|
75
|
+
const grpc_http_response* response, grpc_error* error) override;
|
|
76
|
+
};
|
|
77
|
+
|
|
78
|
+
// A metadata server query to get the IPv6 address.
|
|
79
|
+
class IPv6Query : public MetadataQuery {
|
|
80
|
+
public:
|
|
81
|
+
IPv6Query(RefCountedPtr<GoogleCloud2ProdResolver> resolver,
|
|
82
|
+
grpc_polling_entity* pollent);
|
|
83
|
+
|
|
84
|
+
private:
|
|
85
|
+
void OnDone(GoogleCloud2ProdResolver* resolver,
|
|
86
|
+
const grpc_http_response* response, grpc_error* error) override;
|
|
87
|
+
};
|
|
88
|
+
|
|
89
|
+
void ZoneQueryDone(std::string zone);
|
|
90
|
+
void IPv6QueryDone(bool ipv6_supported);
|
|
91
|
+
void StartXdsResolver();
|
|
92
|
+
|
|
93
|
+
std::shared_ptr<WorkSerializer> work_serializer_;
|
|
94
|
+
grpc_polling_entity pollent_;
|
|
95
|
+
bool using_dns_ = false;
|
|
96
|
+
OrphanablePtr<Resolver> child_resolver_;
|
|
97
|
+
|
|
98
|
+
OrphanablePtr<ZoneQuery> zone_query_;
|
|
99
|
+
absl::optional<std::string> zone_;
|
|
100
|
+
|
|
101
|
+
OrphanablePtr<IPv6Query> ipv6_query_;
|
|
102
|
+
absl::optional<bool> supports_ipv6_;
|
|
103
|
+
};
|
|
104
|
+
|
|
105
|
+
//
|
|
106
|
+
// GoogleCloud2ProdResolver::MetadataQuery
|
|
107
|
+
//
|
|
108
|
+
|
|
109
|
+
GoogleCloud2ProdResolver::MetadataQuery::MetadataQuery(
|
|
110
|
+
RefCountedPtr<GoogleCloud2ProdResolver> resolver, const char* path,
|
|
111
|
+
grpc_polling_entity* pollent)
|
|
112
|
+
: resolver_(std::move(resolver)) {
|
|
113
|
+
grpc_httpcli_context_init(&context_);
|
|
114
|
+
// Start HTTP request.
|
|
115
|
+
GRPC_CLOSURE_INIT(&on_done_, OnHttpRequestDone, this, nullptr);
|
|
116
|
+
Ref().release(); // Ref held by callback.
|
|
117
|
+
grpc_httpcli_request request;
|
|
118
|
+
memset(&request, 0, sizeof(grpc_httpcli_request));
|
|
119
|
+
grpc_http_header header = {const_cast<char*>("Metadata-Flavor"),
|
|
120
|
+
const_cast<char*>("Google")};
|
|
121
|
+
request.host = const_cast<char*>("metadata.google.internal");
|
|
122
|
+
request.http.path = const_cast<char*>(path);
|
|
123
|
+
request.http.hdr_count = 1;
|
|
124
|
+
request.http.hdrs = &header;
|
|
125
|
+
grpc_resource_quota* resource_quota =
|
|
126
|
+
grpc_resource_quota_create("c2p_resolver");
|
|
127
|
+
grpc_httpcli_get(&context_, pollent, resource_quota, &request,
|
|
128
|
+
ExecCtx::Get()->Now() + 10000, // 10s timeout
|
|
129
|
+
&on_done_, &response_);
|
|
130
|
+
grpc_resource_quota_unref_internal(resource_quota);
|
|
131
|
+
}
|
|
132
|
+
|
|
133
|
+
GoogleCloud2ProdResolver::MetadataQuery::~MetadataQuery() {
|
|
134
|
+
grpc_httpcli_context_destroy(&context_);
|
|
135
|
+
grpc_http_response_destroy(&response_);
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
void GoogleCloud2ProdResolver::MetadataQuery::Orphan() {
|
|
139
|
+
// TODO(roth): Once the HTTP client library supports cancellation,
|
|
140
|
+
// use that here.
|
|
141
|
+
MaybeCallOnDone(GRPC_ERROR_CANCELLED);
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
void GoogleCloud2ProdResolver::MetadataQuery::OnHttpRequestDone(
|
|
145
|
+
void* arg, grpc_error* error) {
|
|
146
|
+
auto* self = static_cast<MetadataQuery*>(arg);
|
|
147
|
+
self->MaybeCallOnDone(GRPC_ERROR_REF(error));
|
|
148
|
+
}
|
|
149
|
+
|
|
150
|
+
void GoogleCloud2ProdResolver::MetadataQuery::MaybeCallOnDone(
|
|
151
|
+
grpc_error* error) {
|
|
152
|
+
bool expected = false;
|
|
153
|
+
if (!on_done_called_.CompareExchangeStrong(
|
|
154
|
+
&expected, true, MemoryOrder::RELAXED, MemoryOrder::RELAXED)) {
|
|
155
|
+
// We've already called OnDone(), so just clean up.
|
|
156
|
+
GRPC_ERROR_UNREF(error);
|
|
157
|
+
Unref();
|
|
158
|
+
return;
|
|
159
|
+
}
|
|
160
|
+
// Hop back into WorkSerializer to call OnDone().
|
|
161
|
+
// Note: We implicitly pass our ref to the callback here.
|
|
162
|
+
resolver_->work_serializer_->Run(
|
|
163
|
+
[this, error]() {
|
|
164
|
+
OnDone(resolver_.get(), &response_, error);
|
|
165
|
+
Unref();
|
|
166
|
+
},
|
|
167
|
+
DEBUG_LOCATION);
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
//
|
|
171
|
+
// GoogleCloud2ProdResolver::ZoneQuery
|
|
172
|
+
//
|
|
173
|
+
|
|
174
|
+
GoogleCloud2ProdResolver::ZoneQuery::ZoneQuery(
|
|
175
|
+
RefCountedPtr<GoogleCloud2ProdResolver> resolver,
|
|
176
|
+
grpc_polling_entity* pollent)
|
|
177
|
+
: MetadataQuery(std::move(resolver), "/computeMetadata/v1/instance/zone",
|
|
178
|
+
pollent) {}
|
|
179
|
+
|
|
180
|
+
void GoogleCloud2ProdResolver::ZoneQuery::OnDone(
|
|
181
|
+
GoogleCloud2ProdResolver* resolver, const grpc_http_response* response,
|
|
182
|
+
grpc_error* error) {
|
|
183
|
+
if (error != GRPC_ERROR_NONE) {
|
|
184
|
+
gpr_log(GPR_ERROR, "error fetching zone from metadata server: %s",
|
|
185
|
+
grpc_error_string(error));
|
|
186
|
+
}
|
|
187
|
+
std::string zone;
|
|
188
|
+
if (error == GRPC_ERROR_NONE && response->status == 200) {
|
|
189
|
+
absl::string_view body(response->body, response->body_length);
|
|
190
|
+
size_t i = body.find_last_of('/');
|
|
191
|
+
if (i == body.npos) {
|
|
192
|
+
gpr_log(GPR_ERROR, "could not parse zone from metadata server: %s",
|
|
193
|
+
std::string(body).c_str());
|
|
194
|
+
} else {
|
|
195
|
+
zone = std::string(body.substr(i));
|
|
196
|
+
}
|
|
197
|
+
}
|
|
198
|
+
resolver->ZoneQueryDone(std::move(zone));
|
|
199
|
+
GRPC_ERROR_UNREF(error);
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
//
|
|
203
|
+
// GoogleCloud2ProdResolver::IPv6Query
|
|
204
|
+
//
|
|
205
|
+
|
|
206
|
+
GoogleCloud2ProdResolver::IPv6Query::IPv6Query(
|
|
207
|
+
RefCountedPtr<GoogleCloud2ProdResolver> resolver,
|
|
208
|
+
grpc_polling_entity* pollent)
|
|
209
|
+
: MetadataQuery(std::move(resolver),
|
|
210
|
+
"/computeMetadata/v1/instance/network-interfaces/0/ipv6s",
|
|
211
|
+
pollent) {}
|
|
212
|
+
|
|
213
|
+
void GoogleCloud2ProdResolver::IPv6Query::OnDone(
|
|
214
|
+
GoogleCloud2ProdResolver* resolver, const grpc_http_response* response,
|
|
215
|
+
grpc_error* error) {
|
|
216
|
+
if (error != GRPC_ERROR_NONE) {
|
|
217
|
+
gpr_log(GPR_ERROR, "error fetching IPv6 address from metadata server: %s",
|
|
218
|
+
grpc_error_string(error));
|
|
219
|
+
}
|
|
220
|
+
resolver->IPv6QueryDone(error == GRPC_ERROR_NONE && response->status == 200);
|
|
221
|
+
GRPC_ERROR_UNREF(error);
|
|
222
|
+
}
|
|
223
|
+
|
|
224
|
+
//
|
|
225
|
+
// GoogleCloud2ProdResolver
|
|
226
|
+
//
|
|
227
|
+
|
|
228
|
+
GoogleCloud2ProdResolver::GoogleCloud2ProdResolver(ResolverArgs args)
|
|
229
|
+
: work_serializer_(std::move(args.work_serializer)),
|
|
230
|
+
pollent_(grpc_polling_entity_create_from_pollset_set(args.pollset_set)) {
|
|
231
|
+
absl::string_view name_to_resolve = absl::StripPrefix(args.uri.path(), "/");
|
|
232
|
+
// If we're not running on GCP, we can't use DirectPath, so delegate
|
|
233
|
+
// to the DNS resolver.
|
|
234
|
+
if (!grpc_alts_is_running_on_gcp() ||
|
|
235
|
+
// If the client is already using xDS, we can't use it here, because
|
|
236
|
+
// they may be talking to a completely different xDS server than we
|
|
237
|
+
// want to.
|
|
238
|
+
// TODO(roth): When we implement xDS federation, remove this constraint.
|
|
239
|
+
UniquePtr<char>(gpr_getenv("GRPC_XDS_BOOTSTRAP")) != nullptr ||
|
|
240
|
+
UniquePtr<char>(gpr_getenv("GRPC_XDS_BOOTSTRAP_CONFIG")) != nullptr) {
|
|
241
|
+
using_dns_ = true;
|
|
242
|
+
child_resolver_ = ResolverRegistry::CreateResolver(
|
|
243
|
+
absl::StrCat("dns:", name_to_resolve).c_str(), args.args,
|
|
244
|
+
args.pollset_set, work_serializer_, std::move(args.result_handler));
|
|
245
|
+
GPR_ASSERT(child_resolver_ != nullptr);
|
|
246
|
+
return;
|
|
247
|
+
}
|
|
248
|
+
// Create xds resolver.
|
|
249
|
+
child_resolver_ = ResolverRegistry::CreateResolver(
|
|
250
|
+
absl::StrCat("xds:", name_to_resolve).c_str(), args.args,
|
|
251
|
+
args.pollset_set, work_serializer_, std::move(args.result_handler));
|
|
252
|
+
GPR_ASSERT(child_resolver_ != nullptr);
|
|
253
|
+
}
|
|
254
|
+
|
|
255
|
+
void GoogleCloud2ProdResolver::StartLocked() {
|
|
256
|
+
if (using_dns_) {
|
|
257
|
+
child_resolver_->StartLocked();
|
|
258
|
+
return;
|
|
259
|
+
}
|
|
260
|
+
// Using xDS. Start metadata server queries.
|
|
261
|
+
zone_query_ = MakeOrphanable<ZoneQuery>(Ref(), &pollent_);
|
|
262
|
+
ipv6_query_ = MakeOrphanable<IPv6Query>(Ref(), &pollent_);
|
|
263
|
+
}
|
|
264
|
+
|
|
265
|
+
void GoogleCloud2ProdResolver::RequestReresolutionLocked() {
|
|
266
|
+
if (child_resolver_ != nullptr) {
|
|
267
|
+
child_resolver_->RequestReresolutionLocked();
|
|
268
|
+
}
|
|
269
|
+
}
|
|
270
|
+
|
|
271
|
+
void GoogleCloud2ProdResolver::ResetBackoffLocked() {
|
|
272
|
+
if (child_resolver_ != nullptr) {
|
|
273
|
+
child_resolver_->ResetBackoffLocked();
|
|
274
|
+
}
|
|
275
|
+
}
|
|
276
|
+
|
|
277
|
+
void GoogleCloud2ProdResolver::ShutdownLocked() {
|
|
278
|
+
zone_query_.reset();
|
|
279
|
+
ipv6_query_.reset();
|
|
280
|
+
child_resolver_.reset();
|
|
281
|
+
}
|
|
282
|
+
|
|
283
|
+
void GoogleCloud2ProdResolver::ZoneQueryDone(std::string zone) {
|
|
284
|
+
zone_query_.reset();
|
|
285
|
+
zone_ = std::move(zone);
|
|
286
|
+
if (supports_ipv6_.has_value()) StartXdsResolver();
|
|
287
|
+
}
|
|
288
|
+
|
|
289
|
+
void GoogleCloud2ProdResolver::IPv6QueryDone(bool ipv6_supported) {
|
|
290
|
+
ipv6_query_.reset();
|
|
291
|
+
supports_ipv6_ = ipv6_supported;
|
|
292
|
+
if (zone_.has_value()) StartXdsResolver();
|
|
293
|
+
}
|
|
294
|
+
|
|
295
|
+
void GoogleCloud2ProdResolver::StartXdsResolver() {
|
|
296
|
+
// Construct bootstrap JSON.
|
|
297
|
+
Json::Object node = {
|
|
298
|
+
{"id", "C2P"},
|
|
299
|
+
};
|
|
300
|
+
if (!zone_->empty()) {
|
|
301
|
+
node["locality"] = Json::Object{
|
|
302
|
+
{"zone", *zone_},
|
|
303
|
+
};
|
|
304
|
+
};
|
|
305
|
+
if (*supports_ipv6_) {
|
|
306
|
+
node["metadata"] = Json::Object{
|
|
307
|
+
{"TRAFFICDIRECTOR_DIRECTPATH_C2P_IPV6_CAPABLE", true},
|
|
308
|
+
};
|
|
309
|
+
}
|
|
310
|
+
Json bootstrap = Json::Object{
|
|
311
|
+
{"xds_servers",
|
|
312
|
+
Json::Array{
|
|
313
|
+
Json::Object{
|
|
314
|
+
{"server_uri", "directpath-trafficdirector.googleapis.com"},
|
|
315
|
+
{"channel_creds",
|
|
316
|
+
Json::Array{
|
|
317
|
+
Json::Object{
|
|
318
|
+
{"type", "google_default"},
|
|
319
|
+
},
|
|
320
|
+
}},
|
|
321
|
+
},
|
|
322
|
+
}},
|
|
323
|
+
{"node", std::move(node)},
|
|
324
|
+
};
|
|
325
|
+
// Inject bootstrap JSON as fallback config.
|
|
326
|
+
internal::SetXdsFallbackBootstrapConfig(bootstrap.Dump().c_str());
|
|
327
|
+
// Now start xDS resolver.
|
|
328
|
+
child_resolver_->StartLocked();
|
|
329
|
+
}
|
|
330
|
+
|
|
331
|
+
//
|
|
332
|
+
// Factory
|
|
333
|
+
//
|
|
334
|
+
|
|
335
|
+
class GoogleCloud2ProdResolverFactory : public ResolverFactory {
|
|
336
|
+
public:
|
|
337
|
+
bool IsValidUri(const URI& uri) const override {
|
|
338
|
+
if (GPR_UNLIKELY(!uri.authority().empty())) {
|
|
339
|
+
gpr_log(GPR_ERROR, "google-c2p URI scheme does not support authorities");
|
|
340
|
+
return false;
|
|
341
|
+
}
|
|
342
|
+
return true;
|
|
343
|
+
}
|
|
344
|
+
|
|
345
|
+
OrphanablePtr<Resolver> CreateResolver(ResolverArgs args) const override {
|
|
346
|
+
if (!IsValidUri(args.uri)) return nullptr;
|
|
347
|
+
return MakeOrphanable<GoogleCloud2ProdResolver>(std::move(args));
|
|
348
|
+
}
|
|
349
|
+
|
|
350
|
+
const char* scheme() const override { return "google-c2p"; }
|
|
351
|
+
};
|
|
352
|
+
|
|
353
|
+
} // namespace
|
|
354
|
+
|
|
355
|
+
void GoogleCloud2ProdResolverInit() {
|
|
356
|
+
ResolverRegistry::Builder::RegisterResolverFactory(
|
|
357
|
+
absl::make_unique<GoogleCloud2ProdResolverFactory>());
|
|
358
|
+
}
|
|
359
|
+
|
|
360
|
+
void GoogleCloud2ProdResolverShutdown() {}
|
|
361
|
+
|
|
362
|
+
} // namespace grpc_core
|
|
@@ -35,7 +35,6 @@
|
|
|
35
35
|
#include "src/core/lib/iomgr/parse_address.h"
|
|
36
36
|
#include "src/core/lib/iomgr/resolve_address.h"
|
|
37
37
|
#include "src/core/lib/iomgr/unix_sockets_posix.h"
|
|
38
|
-
#include "src/core/lib/iomgr/work_serializer.h"
|
|
39
38
|
#include "src/core/lib/slice/slice_internal.h"
|
|
40
39
|
#include "src/core/lib/slice/slice_string_helpers.h"
|
|
41
40
|
|
|
@@ -53,13 +52,14 @@ class SockaddrResolver : public Resolver {
|
|
|
53
52
|
void ShutdownLocked() override {}
|
|
54
53
|
|
|
55
54
|
private:
|
|
55
|
+
std::unique_ptr<ResultHandler> result_handler_;
|
|
56
56
|
ServerAddressList addresses_;
|
|
57
57
|
const grpc_channel_args* channel_args_ = nullptr;
|
|
58
58
|
};
|
|
59
59
|
|
|
60
60
|
SockaddrResolver::SockaddrResolver(ServerAddressList addresses,
|
|
61
61
|
ResolverArgs args)
|
|
62
|
-
:
|
|
62
|
+
: result_handler_(std::move(args.result_handler)),
|
|
63
63
|
addresses_(std::move(addresses)),
|
|
64
64
|
channel_args_(grpc_channel_args_copy(args.args)) {}
|
|
65
65
|
|
|
@@ -73,7 +73,7 @@ void SockaddrResolver::StartLocked() {
|
|
|
73
73
|
// TODO(roth): Use std::move() once channel args is converted to C++.
|
|
74
74
|
result.args = channel_args_;
|
|
75
75
|
channel_args_ = nullptr;
|
|
76
|
-
|
|
76
|
+
result_handler_->ReturnResult(std::move(result));
|
|
77
77
|
}
|
|
78
78
|
|
|
79
79
|
//
|
|
@@ -150,7 +150,7 @@ class UnixResolverFactory : public ResolverFactory {
|
|
|
150
150
|
return CreateSockaddrResolver(std::move(args), grpc_parse_unix);
|
|
151
151
|
}
|
|
152
152
|
|
|
153
|
-
std::string GetDefaultAuthority(const URI& uri) const override {
|
|
153
|
+
std::string GetDefaultAuthority(const URI& /*uri*/) const override {
|
|
154
154
|
return "localhost";
|
|
155
155
|
}
|
|
156
156
|
|
|
@@ -46,8 +46,8 @@ namespace {
|
|
|
46
46
|
class XdsResolver : public Resolver {
|
|
47
47
|
public:
|
|
48
48
|
explicit XdsResolver(ResolverArgs args)
|
|
49
|
-
:
|
|
50
|
-
|
|
49
|
+
: work_serializer_(std::move(args.work_serializer)),
|
|
50
|
+
result_handler_(std::move(args.result_handler)),
|
|
51
51
|
server_name_(absl::StripPrefix(args.uri.path(), "/")),
|
|
52
52
|
args_(grpc_channel_args_copy(args.args)),
|
|
53
53
|
interested_parties_(args.pollset_set) {
|
|
@@ -182,6 +182,8 @@ class XdsResolver : public Resolver {
|
|
|
182
182
|
void GenerateResult();
|
|
183
183
|
void MaybeRemoveUnusedClusters();
|
|
184
184
|
|
|
185
|
+
std::shared_ptr<WorkSerializer> work_serializer_;
|
|
186
|
+
std::unique_ptr<ResultHandler> result_handler_;
|
|
185
187
|
std::string server_name_;
|
|
186
188
|
const grpc_channel_args* args_;
|
|
187
189
|
grpc_pollset_set* interested_parties_;
|
|
@@ -231,7 +233,7 @@ XdsResolver::Notifier::Notifier(RefCountedPtr<XdsResolver> resolver)
|
|
|
231
233
|
void XdsResolver::Notifier::RunInExecCtx(void* arg, grpc_error* error) {
|
|
232
234
|
Notifier* self = static_cast<Notifier*>(arg);
|
|
233
235
|
GRPC_ERROR_REF(error);
|
|
234
|
-
self->resolver_->
|
|
236
|
+
self->resolver_->work_serializer_->Run(
|
|
235
237
|
[self, error]() { self->RunInWorkSerializer(error); }, DEBUG_LOCATION);
|
|
236
238
|
}
|
|
237
239
|
|
|
@@ -359,28 +361,6 @@ void XdsResolver::XdsConfigSelector::MaybeAddCluster(const std::string& name) {
|
|
|
359
361
|
}
|
|
360
362
|
}
|
|
361
363
|
|
|
362
|
-
bool PathMatch(const absl::string_view& path,
|
|
363
|
-
const XdsApi::Route::Matchers::PathMatcher& path_matcher) {
|
|
364
|
-
switch (path_matcher.type) {
|
|
365
|
-
case XdsApi::Route::Matchers::PathMatcher::PathMatcherType::PREFIX:
|
|
366
|
-
return path_matcher.case_sensitive
|
|
367
|
-
? absl::StartsWith(path, path_matcher.string_matcher)
|
|
368
|
-
: absl::StartsWithIgnoreCase(path,
|
|
369
|
-
path_matcher.string_matcher);
|
|
370
|
-
case XdsApi::Route::Matchers::PathMatcher::PathMatcherType::PATH:
|
|
371
|
-
return path_matcher.case_sensitive
|
|
372
|
-
? path == path_matcher.string_matcher
|
|
373
|
-
: absl::EqualsIgnoreCase(path, path_matcher.string_matcher);
|
|
374
|
-
case XdsApi::Route::Matchers::PathMatcher::PathMatcherType::REGEX:
|
|
375
|
-
// Note: Case-sensitive option will already have been set appropriately
|
|
376
|
-
// in path_matcher.regex_matcher when it was constructed, so no
|
|
377
|
-
// need to check it here.
|
|
378
|
-
return RE2::FullMatch(path.data(), *path_matcher.regex_matcher);
|
|
379
|
-
default:
|
|
380
|
-
return false;
|
|
381
|
-
}
|
|
382
|
-
}
|
|
383
|
-
|
|
384
364
|
absl::optional<absl::string_view> GetMetadataValue(
|
|
385
365
|
const std::string& target_key, grpc_metadata_batch* initial_metadata,
|
|
386
366
|
std::string* concatenated_value) {
|
|
@@ -404,61 +384,29 @@ absl::optional<absl::string_view> GetMetadataValue(
|
|
|
404
384
|
return *concatenated_value;
|
|
405
385
|
}
|
|
406
386
|
|
|
407
|
-
bool HeaderMatchHelper(
|
|
408
|
-
|
|
409
|
-
grpc_metadata_batch* initial_metadata) {
|
|
387
|
+
bool HeaderMatchHelper(const HeaderMatcher& header_matcher,
|
|
388
|
+
grpc_metadata_batch* initial_metadata) {
|
|
410
389
|
std::string concatenated_value;
|
|
411
390
|
absl::optional<absl::string_view> value;
|
|
412
391
|
// Note: If we ever allow binary headers here, we still need to
|
|
413
392
|
// special-case ignore "grpc-tags-bin" and "grpc-trace-bin", since
|
|
414
393
|
// they are not visible to the LB policy in grpc-go.
|
|
415
|
-
if (absl::EndsWith(header_matcher.name, "-bin") ||
|
|
416
|
-
header_matcher.name == "grpc-previous-rpc-attempts") {
|
|
394
|
+
if (absl::EndsWith(header_matcher.name(), "-bin") ||
|
|
395
|
+
header_matcher.name() == "grpc-previous-rpc-attempts") {
|
|
417
396
|
value = absl::nullopt;
|
|
418
|
-
} else if (header_matcher.name == "content-type") {
|
|
397
|
+
} else if (header_matcher.name() == "content-type") {
|
|
419
398
|
value = "application/grpc";
|
|
420
399
|
} else {
|
|
421
|
-
value = GetMetadataValue(header_matcher.name, initial_metadata,
|
|
400
|
+
value = GetMetadataValue(header_matcher.name(), initial_metadata,
|
|
422
401
|
&concatenated_value);
|
|
423
402
|
}
|
|
424
|
-
|
|
425
|
-
if (header_matcher.type ==
|
|
426
|
-
XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::PRESENT) {
|
|
427
|
-
return !header_matcher.present_match;
|
|
428
|
-
} else {
|
|
429
|
-
// For all other header matcher types, we need the header value to
|
|
430
|
-
// exist to consider matches.
|
|
431
|
-
return false;
|
|
432
|
-
}
|
|
433
|
-
}
|
|
434
|
-
switch (header_matcher.type) {
|
|
435
|
-
case XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::EXACT:
|
|
436
|
-
return value.value() == header_matcher.string_matcher;
|
|
437
|
-
case XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::REGEX:
|
|
438
|
-
return RE2::FullMatch(value.value().data(), *header_matcher.regex_match);
|
|
439
|
-
case XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::RANGE:
|
|
440
|
-
int64_t int_value;
|
|
441
|
-
if (!absl::SimpleAtoi(value.value(), &int_value)) {
|
|
442
|
-
return false;
|
|
443
|
-
}
|
|
444
|
-
return int_value >= header_matcher.range_start &&
|
|
445
|
-
int_value < header_matcher.range_end;
|
|
446
|
-
case XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::PREFIX:
|
|
447
|
-
return absl::StartsWith(value.value(), header_matcher.string_matcher);
|
|
448
|
-
case XdsApi::Route::Matchers::HeaderMatcher::HeaderMatcherType::SUFFIX:
|
|
449
|
-
return absl::EndsWith(value.value(), header_matcher.string_matcher);
|
|
450
|
-
default:
|
|
451
|
-
return false;
|
|
452
|
-
}
|
|
403
|
+
return header_matcher.Match(value);
|
|
453
404
|
}
|
|
454
405
|
|
|
455
|
-
bool HeadersMatch(
|
|
456
|
-
|
|
457
|
-
grpc_metadata_batch* initial_metadata) {
|
|
406
|
+
bool HeadersMatch(const std::vector<HeaderMatcher>& header_matchers,
|
|
407
|
+
grpc_metadata_batch* initial_metadata) {
|
|
458
408
|
for (const auto& header_matcher : header_matchers) {
|
|
459
|
-
|
|
460
|
-
if (header_matcher.invert_match) match = !match;
|
|
461
|
-
if (!match) return false;
|
|
409
|
+
if (!HeaderMatchHelper(header_matcher, initial_metadata)) return false;
|
|
462
410
|
}
|
|
463
411
|
return true;
|
|
464
412
|
}
|
|
@@ -473,8 +421,8 @@ ConfigSelector::CallConfig XdsResolver::XdsConfigSelector::GetCallConfig(
|
|
|
473
421
|
GetCallConfigArgs args) {
|
|
474
422
|
for (const auto& entry : route_table_) {
|
|
475
423
|
// Path matching.
|
|
476
|
-
if (!
|
|
477
|
-
|
|
424
|
+
if (!entry.route.matchers.path_matcher.Match(
|
|
425
|
+
StringViewFromSlice(*args.path))) {
|
|
478
426
|
continue;
|
|
479
427
|
}
|
|
480
428
|
// Header Matching.
|
|
@@ -543,7 +491,7 @@ ConfigSelector::CallConfig XdsResolver::XdsConfigSelector::GetCallConfig(
|
|
|
543
491
|
GRPC_CLOSURE_CREATE(
|
|
544
492
|
[](void* arg, grpc_error* /*error*/) {
|
|
545
493
|
auto* resolver = static_cast<XdsResolver*>(arg);
|
|
546
|
-
resolver->
|
|
494
|
+
resolver->work_serializer_->Run(
|
|
547
495
|
[resolver]() {
|
|
548
496
|
resolver->MaybeRemoveUnusedClusters();
|
|
549
497
|
resolver->Unref();
|
|
@@ -570,7 +518,7 @@ void XdsResolver::StartLocked() {
|
|
|
570
518
|
"Failed to create xds client -- channel will remain in "
|
|
571
519
|
"TRANSIENT_FAILURE: %s",
|
|
572
520
|
grpc_error_string(error));
|
|
573
|
-
|
|
521
|
+
result_handler_->ReturnError(error);
|
|
574
522
|
return;
|
|
575
523
|
}
|
|
576
524
|
grpc_pollset_set_add_pollset_set(xds_client_->interested_parties(),
|
|
@@ -662,7 +610,7 @@ void XdsResolver::OnError(grpc_error* error) {
|
|
|
662
610
|
Result result;
|
|
663
611
|
result.args = grpc_channel_args_copy(args_);
|
|
664
612
|
result.service_config_error = error;
|
|
665
|
-
|
|
613
|
+
result_handler_->ReturnResult(std::move(result));
|
|
666
614
|
}
|
|
667
615
|
|
|
668
616
|
void XdsResolver::OnResourceDoesNotExist() {
|
|
@@ -676,7 +624,7 @@ void XdsResolver::OnResourceDoesNotExist() {
|
|
|
676
624
|
ServiceConfig::Create(args_, "{}", &result.service_config_error);
|
|
677
625
|
GPR_ASSERT(result.service_config != nullptr);
|
|
678
626
|
result.args = grpc_channel_args_copy(args_);
|
|
679
|
-
|
|
627
|
+
result_handler_->ReturnResult(std::move(result));
|
|
680
628
|
}
|
|
681
629
|
|
|
682
630
|
grpc_error* XdsResolver::CreateServiceConfig(
|
|
@@ -734,7 +682,7 @@ void XdsResolver::GenerateResult() {
|
|
|
734
682
|
}
|
|
735
683
|
grpc_arg new_arg = config_selector->MakeChannelArg();
|
|
736
684
|
result.args = grpc_channel_args_copy_and_add(args_, &new_arg, 1);
|
|
737
|
-
|
|
685
|
+
result_handler_->ReturnResult(std::move(result));
|
|
738
686
|
}
|
|
739
687
|
|
|
740
688
|
void XdsResolver::MaybeRemoveUnusedClusters() {
|