grpc 1.36.0 → 1.37.0.pre1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (221) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +65 -37
  3. data/include/grpc/grpc.h +15 -1
  4. data/include/grpc/impl/codegen/port_platform.h +2 -0
  5. data/src/core/ext/filters/client_channel/client_channel.cc +327 -305
  6. data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
  7. data/src/core/ext/filters/client_channel/config_selector.h +8 -0
  8. data/src/core/ext/filters/client_channel/dynamic_filters.cc +9 -4
  9. data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
  10. data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
  11. data/src/core/ext/filters/client_channel/lb_policy.cc +3 -0
  12. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
  13. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
  14. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +7 -22
  15. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +1 -1
  16. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +2 -2
  17. data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
  18. data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
  19. data/src/core/ext/filters/client_channel/resolver.cc +3 -0
  20. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
  21. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
  22. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +5 -9
  23. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +18 -3
  24. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +295 -91
  25. data/src/core/ext/filters/client_channel/server_address.cc +3 -0
  26. data/src/core/ext/filters/client_channel/subchannel.cc +69 -146
  27. data/src/core/ext/filters/client_channel/subchannel.h +63 -95
  28. data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
  29. data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +10 -8
  30. data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
  31. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +495 -0
  32. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
  33. data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
  34. data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
  35. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
  36. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -1
  37. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +3 -2
  38. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +1 -1
  39. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +3 -2
  40. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +457 -170
  41. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +1 -1
  42. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +39 -7
  43. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
  44. data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
  45. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
  46. data/src/core/ext/transport/chttp2/transport/internal.h +1 -0
  47. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
  48. data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
  49. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
  50. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
  51. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +6 -0
  52. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +25 -0
  53. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
  54. data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
  55. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
  56. data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
  57. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +15 -0
  58. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +44 -0
  59. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
  60. data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
  61. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
  62. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
  63. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
  64. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
  65. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +6 -5
  66. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +13 -9
  67. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
  68. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
  69. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
  70. data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
  71. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
  72. data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
  73. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
  74. data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
  75. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
  76. data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
  77. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
  78. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
  79. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +10 -7
  80. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +5 -0
  81. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
  82. data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
  83. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
  84. data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
  85. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +13 -7
  86. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +5 -0
  87. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
  88. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
  89. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
  90. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
  91. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
  92. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
  93. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +21 -20
  94. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
  95. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
  96. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
  97. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
  98. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
  99. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
  100. data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
  101. data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
  102. data/src/core/ext/xds/xds_api.cc +1591 -279
  103. data/src/core/ext/xds/xds_api.h +279 -39
  104. data/src/core/ext/xds/xds_bootstrap.cc +21 -5
  105. data/src/core/ext/xds/xds_bootstrap.h +5 -1
  106. data/src/core/ext/xds/xds_client.cc +168 -23
  107. data/src/core/ext/xds/xds_client.h +26 -0
  108. data/src/core/ext/xds/xds_client_stats.h +2 -2
  109. data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
  110. data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
  111. data/src/core/ext/xds/xds_http_filters.cc +114 -0
  112. data/src/core/ext/xds/xds_http_filters.h +130 -0
  113. data/src/core/ext/xds/xds_server_config_fetcher.cc +391 -126
  114. data/src/core/lib/channel/channel_stack.cc +12 -0
  115. data/src/core/lib/channel/channel_stack.h +7 -0
  116. data/src/core/lib/channel/channelz.cc +92 -4
  117. data/src/core/lib/channel/channelz.h +30 -1
  118. data/src/core/lib/channel/channelz_registry.cc +14 -0
  119. data/src/core/lib/channel/handshaker.cc +0 -39
  120. data/src/core/lib/channel/handshaker.h +0 -17
  121. data/src/core/lib/channel/status_util.cc +12 -2
  122. data/src/core/lib/channel/status_util.h +5 -0
  123. data/src/core/lib/gpr/sync_abseil.cc +3 -6
  124. data/src/core/lib/gpr/sync_windows.cc +2 -2
  125. data/src/core/lib/gprpp/atomic.h +3 -3
  126. data/src/core/lib/gprpp/dual_ref_counted.h +3 -3
  127. data/src/core/lib/gprpp/ref_counted_ptr.h +2 -0
  128. data/src/core/lib/gprpp/thd.h +1 -1
  129. data/src/core/lib/iomgr/buffer_list.h +1 -1
  130. data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
  131. data/src/core/lib/iomgr/error.h +1 -1
  132. data/src/core/lib/iomgr/ev_apple.cc +1 -1
  133. data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -3
  134. data/src/core/lib/iomgr/ev_posix.cc +3 -3
  135. data/src/core/lib/iomgr/exec_ctx.cc +6 -2
  136. data/src/core/lib/iomgr/resource_quota.cc +1 -1
  137. data/src/core/lib/iomgr/sockaddr_utils.cc +120 -0
  138. data/src/core/lib/iomgr/sockaddr_utils.h +25 -0
  139. data/src/core/lib/iomgr/tcp_posix.cc +1 -4
  140. data/src/core/lib/iomgr/tcp_uv.cc +2 -2
  141. data/src/core/lib/iomgr/timer_generic.cc +2 -2
  142. data/src/core/lib/iomgr/timer_manager.cc +1 -1
  143. data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
  144. data/src/core/lib/{security/authorization → matchers}/matchers.cc +8 -8
  145. data/src/core/lib/{security/authorization → matchers}/matchers.h +14 -12
  146. data/src/core/lib/security/security_connector/ssl_utils.cc +6 -4
  147. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +6 -0
  148. data/src/core/lib/security/transport/security_handshaker.cc +32 -2
  149. data/src/core/lib/slice/slice_intern.cc +6 -7
  150. data/src/core/lib/surface/channel.h +3 -3
  151. data/src/core/lib/surface/completion_queue.cc +1 -1
  152. data/src/core/lib/surface/lame_client.cc +38 -19
  153. data/src/core/lib/surface/lame_client.h +4 -3
  154. data/src/core/lib/surface/server.cc +40 -33
  155. data/src/core/lib/surface/server.h +74 -15
  156. data/src/core/lib/surface/version.cc +1 -1
  157. data/src/core/lib/transport/metadata_batch.cc +27 -0
  158. data/src/core/lib/transport/metadata_batch.h +14 -0
  159. data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -0
  160. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +1 -4
  161. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
  162. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
  163. data/src/core/tsi/fake_transport_security.cc +10 -1
  164. data/src/ruby/ext/grpc/extconf.rb +9 -1
  165. data/src/ruby/ext/grpc/rb_channel.c +10 -1
  166. data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
  167. data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
  168. data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
  169. data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
  170. data/src/ruby/ext/grpc/rb_grpc.c +4 -0
  171. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
  172. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
  173. data/src/ruby/ext/grpc/rb_server.c +13 -1
  174. data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
  175. data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
  176. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
  177. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
  178. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
  179. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
  180. data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
  181. data/src/ruby/lib/grpc/version.rb +1 -1
  182. data/src/ruby/spec/call_spec.rb +1 -1
  183. data/src/ruby/spec/channel_credentials_spec.rb +32 -0
  184. data/src/ruby/spec/channel_spec.rb +17 -6
  185. data/src/ruby/spec/client_auth_spec.rb +27 -1
  186. data/src/ruby/spec/errors_spec.rb +1 -1
  187. data/src/ruby/spec/generic/active_call_spec.rb +2 -2
  188. data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
  189. data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
  190. data/src/ruby/spec/server_credentials_spec.rb +25 -0
  191. data/src/ruby/spec/server_spec.rb +22 -0
  192. data/third_party/boringssl-with-bazel/err_data.c +255 -255
  193. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
  194. data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
  195. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
  196. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +7 -5
  197. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -28
  198. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
  199. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +3 -1
  200. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +4 -0
  201. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
  202. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +25 -9
  203. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +0 -1
  204. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +33 -19
  205. data/third_party/xxhash/xxhash.h +5443 -0
  206. metadata +93 -49
  207. data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
  208. data/src/core/lib/security/authorization/authorization_engine.h +0 -84
  209. data/src/core/lib/security/authorization/evaluate_args.cc +0 -148
  210. data/src/core/lib/security/authorization/evaluate_args.h +0 -59
  211. data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
  212. data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -44
  213. data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -69
  214. data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -99
  215. data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
  216. data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -57
  217. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -504
  218. data/third_party/upb/upb/json_decode.c +0 -1443
  219. data/third_party/upb/upb/json_decode.h +0 -23
  220. data/third_party/upb/upb/json_encode.c +0 -713
  221. data/third_party/upb/upb/json_encode.h +0 -36
@@ -1,84 +0,0 @@
1
-
2
- // Copyright 2020 gRPC authors.
3
- //
4
- // Licensed under the Apache License, Version 2.0 (the "License");
5
- // you may not use this file except in compliance with the License.
6
- // You may obtain a copy of the License at
7
- //
8
- // http://www.apache.org/licenses/LICENSE-2.0
9
- //
10
- // Unless required by applicable law or agreed to in writing, software
11
- // distributed under the License is distributed on an "AS IS" BASIS,
12
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
- // See the License for the specific language governing permissions and
14
- // limitations under the License.
15
-
16
- #ifndef GRPC_CORE_LIB_SECURITY_AUTHORIZATION_AUTHORIZATION_ENGINE_H
17
- #define GRPC_CORE_LIB_SECURITY_AUTHORIZATION_AUTHORIZATION_ENGINE_H
18
-
19
- #include <grpc/support/port_platform.h>
20
-
21
- #include <grpc/support/log.h>
22
- #include <map>
23
- #include <memory>
24
- #include <string>
25
- #include <vector>
26
-
27
- #include "absl/container/flat_hash_set.h"
28
- #include "envoy/config/rbac/v3/rbac.upb.h"
29
- #include "google/api/expr/v1alpha1/syntax.upb.h"
30
- #include "upb/upb.hpp"
31
-
32
- #include "src/core/lib/security/authorization/evaluate_args.h"
33
- #include "src/core/lib/security/authorization/mock_cel/activation.h"
34
-
35
- namespace grpc_core {
36
-
37
- // AuthorizationEngine makes an AuthorizationDecision to ALLOW or DENY the
38
- // current action based on the condition fields in provided RBAC policies.
39
- // The engine may be constructed with one or two policies. If two polcies,
40
- // the first policy is deny-if-matched and the second is allow-if-matched.
41
- // The engine returns UNDECIDED decision if it fails to find a match in any
42
- // policy. This engine ignores the principal and permission fields in RBAC
43
- // policies. It is the caller's responsibility to provide RBAC policies that
44
- // are compatible with this engine.
45
- //
46
- // Example:
47
- // AuthorizationEngine*
48
- // auth_engine = AuthorizationEngine::CreateAuthorizationEngine(rbac_policies);
49
- // auth_engine->Evaluate(evaluate_args); // returns authorization decision.
50
- class AuthorizationEngine {
51
- public:
52
- // rbac_policies must be a vector containing either a single policy of any
53
- // kind, or one deny policy and one allow policy, in that order.
54
- static std::unique_ptr<AuthorizationEngine> CreateAuthorizationEngine(
55
- const std::vector<envoy_config_rbac_v3_RBAC*>& rbac_policies);
56
-
57
- // Users should use the CreateAuthorizationEngine factory function
58
- // instead of calling the AuthorizationEngine constructor directly.
59
- explicit AuthorizationEngine(
60
- const std::vector<envoy_config_rbac_v3_RBAC*>& rbac_policies);
61
- // TODO(mywang@google.com): add an Evaluate member function.
62
-
63
- private:
64
- enum Action {
65
- kAllow,
66
- kDeny,
67
- };
68
-
69
- std::unique_ptr<mock_cel::Activation> CreateActivation(
70
- const EvaluateArgs& args);
71
-
72
- std::map<const std::string, const google_api_expr_v1alpha1_Expr*>
73
- deny_if_matched_;
74
- std::map<const std::string, const google_api_expr_v1alpha1_Expr*>
75
- allow_if_matched_;
76
- upb::Arena arena_;
77
- absl::flat_hash_set<std::string> envoy_attributes_;
78
- absl::flat_hash_set<std::string> header_keys_;
79
- std::unique_ptr<mock_cel::CelMap> headers_;
80
- };
81
-
82
- } // namespace grpc_core
83
-
84
- #endif /* GRPC_CORE_LIB_SECURITY_AUTHORIZATION_AUTHORIZATION_ENGINE_H */
@@ -1,148 +0,0 @@
1
- //
2
- //
3
- // Copyright 2020 gRPC authors.
4
- //
5
- // Licensed under the Apache License, Version 2.0 (the "License");
6
- // you may not use this file except in compliance with the License.
7
- // You may obtain a copy of the License at
8
- //
9
- // http://www.apache.org/licenses/LICENSE-2.0
10
- //
11
- // Unless required by applicable law or agreed to in writing, software
12
- // distributed under the License is distributed on an "AS IS" BASIS,
13
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- // See the License for the specific language governing permissions and
15
- // limitations under the License.
16
- //
17
- //
18
-
19
- #include <grpc/support/port_platform.h>
20
-
21
- #include "src/core/lib/security/authorization/evaluate_args.h"
22
-
23
- #include "src/core/lib/iomgr/parse_address.h"
24
- #include "src/core/lib/iomgr/resolve_address.h"
25
- #include "src/core/lib/iomgr/sockaddr_utils.h"
26
- #include "src/core/lib/slice/slice_utils.h"
27
-
28
- namespace grpc_core {
29
-
30
- absl::string_view EvaluateArgs::GetPath() const {
31
- absl::string_view path;
32
- if (metadata_ != nullptr && metadata_->idx.named.path != nullptr) {
33
- grpc_linked_mdelem* elem = metadata_->idx.named.path;
34
- const grpc_slice& val = GRPC_MDVALUE(elem->md);
35
- path = StringViewFromSlice(val);
36
- }
37
- return path;
38
- }
39
-
40
- absl::string_view EvaluateArgs::GetHost() const {
41
- absl::string_view host;
42
- if (metadata_ != nullptr && metadata_->idx.named.host != nullptr) {
43
- grpc_linked_mdelem* elem = metadata_->idx.named.host;
44
- const grpc_slice& val = GRPC_MDVALUE(elem->md);
45
- host = StringViewFromSlice(val);
46
- }
47
- return host;
48
- }
49
-
50
- absl::string_view EvaluateArgs::GetMethod() const {
51
- absl::string_view method;
52
- if (metadata_ != nullptr && metadata_->idx.named.method != nullptr) {
53
- grpc_linked_mdelem* elem = metadata_->idx.named.method;
54
- const grpc_slice& val = GRPC_MDVALUE(elem->md);
55
- method = StringViewFromSlice(val);
56
- }
57
- return method;
58
- }
59
-
60
- std::multimap<absl::string_view, absl::string_view> EvaluateArgs::GetHeaders()
61
- const {
62
- std::multimap<absl::string_view, absl::string_view> headers;
63
- if (metadata_ == nullptr) {
64
- return headers;
65
- }
66
- for (grpc_linked_mdelem* elem = metadata_->list.head; elem != nullptr;
67
- elem = elem->next) {
68
- const grpc_slice& key = GRPC_MDKEY(elem->md);
69
- const grpc_slice& val = GRPC_MDVALUE(elem->md);
70
- headers.emplace(StringViewFromSlice(key), StringViewFromSlice(val));
71
- }
72
- return headers;
73
- }
74
-
75
- absl::string_view EvaluateArgs::GetLocalAddress() const {
76
- absl::string_view addr = grpc_endpoint_get_local_address(endpoint_);
77
- size_t first_colon = addr.find(":");
78
- size_t last_colon = addr.rfind(":");
79
- if (first_colon == std::string::npos || last_colon == std::string::npos) {
80
- return "";
81
- } else {
82
- return addr.substr(first_colon + 1, last_colon - first_colon - 1);
83
- }
84
- }
85
-
86
- int EvaluateArgs::GetLocalPort() const {
87
- if (endpoint_ == nullptr) {
88
- return 0;
89
- }
90
- absl::StatusOr<URI> uri =
91
- URI::Parse(grpc_endpoint_get_local_address(endpoint_));
92
- grpc_resolved_address resolved_addr;
93
- if (!uri.ok() || !grpc_parse_uri(*uri, &resolved_addr)) {
94
- return 0;
95
- }
96
- return grpc_sockaddr_get_port(&resolved_addr);
97
- }
98
-
99
- absl::string_view EvaluateArgs::GetPeerAddress() const {
100
- absl::string_view addr = grpc_endpoint_get_peer(endpoint_);
101
- size_t first_colon = addr.find(":");
102
- size_t last_colon = addr.rfind(":");
103
- if (first_colon == std::string::npos || last_colon == std::string::npos) {
104
- return "";
105
- } else {
106
- return addr.substr(first_colon + 1, last_colon - first_colon - 1);
107
- }
108
- }
109
-
110
- int EvaluateArgs::GetPeerPort() const {
111
- if (endpoint_ == nullptr) {
112
- return 0;
113
- }
114
- absl::StatusOr<URI> uri = URI::Parse(grpc_endpoint_get_peer(endpoint_));
115
- grpc_resolved_address resolved_addr;
116
- if (!uri.ok() || !grpc_parse_uri(*uri, &resolved_addr)) {
117
- return 0;
118
- }
119
- return grpc_sockaddr_get_port(&resolved_addr);
120
- }
121
-
122
- absl::string_view EvaluateArgs::GetSpiffeId() const {
123
- if (auth_context_ == nullptr) {
124
- return "";
125
- }
126
- grpc_auth_property_iterator it = grpc_auth_context_find_properties_by_name(
127
- auth_context_, GRPC_PEER_SPIFFE_ID_PROPERTY_NAME);
128
- const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
129
- if (prop == nullptr || grpc_auth_property_iterator_next(&it) != nullptr) {
130
- return "";
131
- }
132
- return absl::string_view(prop->value, prop->value_length);
133
- }
134
-
135
- absl::string_view EvaluateArgs::GetCertServerName() const {
136
- if (auth_context_ == nullptr) {
137
- return "";
138
- }
139
- grpc_auth_property_iterator it = grpc_auth_context_find_properties_by_name(
140
- auth_context_, GRPC_X509_CN_PROPERTY_NAME);
141
- const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
142
- if (prop == nullptr || grpc_auth_property_iterator_next(&it) != nullptr) {
143
- return "";
144
- }
145
- return absl::string_view(prop->value, prop->value_length);
146
- }
147
-
148
- } // namespace grpc_core
@@ -1,59 +0,0 @@
1
- //
2
- //
3
- // Copyright 2020 gRPC authors.
4
- //
5
- // Licensed under the Apache License, Version 2.0 (the "License");
6
- // you may not use this file except in compliance with the License.
7
- // You may obtain a copy of the License at
8
- //
9
- // http://www.apache.org/licenses/LICENSE-2.0
10
- //
11
- // Unless required by applicable law or agreed to in writing, software
12
- // distributed under the License is distributed on an "AS IS" BASIS,
13
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- // See the License for the specific language governing permissions and
15
- // limitations under the License.
16
- //
17
- //
18
-
19
- #ifndef GRPC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H
20
- #define GRPC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H
21
-
22
- #include <grpc/support/port_platform.h>
23
-
24
- #include <map>
25
-
26
- #include "src/core/lib/iomgr/endpoint.h"
27
- #include "src/core/lib/security/context/security_context.h"
28
- #include "src/core/lib/transport/metadata_batch.h"
29
-
30
- namespace grpc_core {
31
-
32
- class EvaluateArgs {
33
- public:
34
- EvaluateArgs(grpc_metadata_batch* metadata, grpc_auth_context* auth_context,
35
- grpc_endpoint* endpoint)
36
- : metadata_(metadata), auth_context_(auth_context), endpoint_(endpoint) {}
37
-
38
- absl::string_view GetPath() const;
39
- absl::string_view GetHost() const;
40
- absl::string_view GetMethod() const;
41
- std::multimap<absl::string_view, absl::string_view> GetHeaders() const;
42
- absl::string_view GetLocalAddress() const;
43
- int GetLocalPort() const;
44
- absl::string_view GetPeerAddress() const;
45
- int GetPeerPort() const;
46
- absl::string_view GetSpiffeId() const;
47
- absl::string_view GetCertServerName() const;
48
-
49
- // TODO(unknown): Add a getter function for source.principal
50
-
51
- private:
52
- grpc_metadata_batch* metadata_;
53
- grpc_auth_context* auth_context_;
54
- grpc_endpoint* endpoint_;
55
- };
56
-
57
- } // namespace grpc_core
58
-
59
- #endif // GRPC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H
@@ -1,57 +0,0 @@
1
- // Copyright 2020 gRPC authors.
2
- //
3
- // Licensed under the Apache License, Version 2.0 (the "License");
4
- // you may not use this file except in compliance with the License.
5
- // You may obtain a copy of the License at
6
- //
7
- // http://www.apache.org/licenses/LICENSE-2.0
8
- //
9
- // Unless required by applicable law or agreed to in writing, software
10
- // distributed under the License is distributed on an "AS IS" BASIS,
11
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- // See the License for the specific language governing permissions and
13
- // limitations under the License.
14
-
15
- #ifndef GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_ACTIVATION_H
16
- #define GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_ACTIVATION_H
17
-
18
- #include <grpc/support/port_platform.h>
19
-
20
- #include "absl/strings/string_view.h"
21
-
22
- #include "src/core/lib/security/authorization/mock_cel/cel_value.h"
23
-
24
- namespace grpc_core {
25
- namespace mock_cel {
26
-
27
- // Base class for an activation. This is a temporary stub implementation of CEL
28
- // APIs. Once gRPC imports the CEL library, this class will be removed.
29
- class BaseActivation {
30
- public:
31
- BaseActivation() = default;
32
-
33
- // Non-copyable/non-assignable
34
- BaseActivation(const BaseActivation&) = delete;
35
- BaseActivation& operator=(const BaseActivation&) = delete;
36
- };
37
-
38
- // Instance of Activation class is used by evaluator.
39
- // It provides binding between references used in expressions
40
- // and actual values. This is a temporary stub implementation of CEL APIs.
41
- // Once gRPC imports the CEL library, this class will be removed.
42
- class Activation : public BaseActivation {
43
- public:
44
- Activation() = default;
45
-
46
- // Non-copyable/non-assignable
47
- Activation(const Activation&) = delete;
48
- Activation& operator=(const Activation&) = delete;
49
-
50
- // Insert value into Activation.
51
- void InsertValue(absl::string_view /*name*/, const CelValue& /*value*/) {}
52
- };
53
-
54
- } // namespace mock_cel
55
- } // namespace grpc_core
56
-
57
- #endif // GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_ACTIVATION_H
@@ -1,44 +0,0 @@
1
- // Copyright 2020 gRPC authors.
2
- //
3
- // Licensed under the Apache License, Version 2.0 (the "License");
4
- // you may not use this file except in compliance with the License.
5
- // You may obtain a copy of the License at
6
- //
7
- // http://www.apache.org/licenses/LICENSE-2.0
8
- //
9
- // Unless required by applicable law or agreed to in writing, software
10
- // distributed under the License is distributed on an "AS IS" BASIS,
11
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- // See the License for the specific language governing permissions and
13
- // limitations under the License.
14
-
15
- #ifndef GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPR_BUILDER_FACTORY_H
16
- #define GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPR_BUILDER_FACTORY_H
17
-
18
- #include <grpc/support/port_platform.h>
19
-
20
- #include <memory>
21
-
22
- #include "absl/memory/memory.h"
23
-
24
- #include "src/core/lib/security/authorization/mock_cel/flat_expr_builder.h"
25
-
26
- namespace grpc_core {
27
- namespace mock_cel {
28
-
29
- // This is a temporary stub implementation of CEL APIs.
30
- // Once gRPC imports the CEL library, this file will be removed.
31
-
32
- struct InterpreterOptions {
33
- bool short_circuiting = true;
34
- };
35
-
36
- inline std::unique_ptr<CelExpressionBuilder> CreateCelExpressionBuilder(
37
- const InterpreterOptions& options) {
38
- return absl::make_unique<FlatExprBuilder>();
39
- }
40
-
41
- } // namespace mock_cel
42
- } // namespace grpc_core
43
-
44
- #endif // GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPR_BUILDER_FACTORY_H
@@ -1,69 +0,0 @@
1
- // Copyright 2020 gRPC authors.
2
- //
3
- // Licensed under the Apache License, Version 2.0 (the "License");
4
- // you may not use this file except in compliance with the License.
5
- // You may obtain a copy of the License at
6
- //
7
- // http://www.apache.org/licenses/LICENSE-2.0
8
- //
9
- // Unless required by applicable law or agreed to in writing, software
10
- // distributed under the License is distributed on an "AS IS" BASIS,
11
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- // See the License for the specific language governing permissions and
13
- // limitations under the License.
14
-
15
- #ifndef GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPRESSION_H
16
- #define GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPRESSION_H
17
-
18
- #include <grpc/support/port_platform.h>
19
-
20
- #include <memory>
21
- #include <vector>
22
-
23
- #include "absl/status/statusor.h"
24
-
25
- #include "google/api/expr/v1alpha1/syntax.upb.h"
26
- #include "src/core/lib/security/authorization/mock_cel/activation.h"
27
- #include "src/core/lib/security/authorization/mock_cel/cel_value.h"
28
-
29
- namespace grpc_core {
30
- namespace mock_cel {
31
-
32
- // This is a temporary stub implementation of CEL APIs.
33
- // Once gRPC imports the CEL library, this file will be removed.
34
-
35
- // Base interface for expression evaluating objects.
36
- class CelExpression {
37
- public:
38
- virtual ~CelExpression() = default;
39
-
40
- // Evaluates expression and returns value.
41
- // activation contains bindings from parameter names to values
42
- virtual absl::StatusOr<CelValue> Evaluate(
43
- const BaseActivation& activation) const = 0;
44
- };
45
-
46
- // Base class for Expression Builder implementations
47
- // Provides user with factory to register extension functions.
48
- // ExpressionBuilder MUST NOT be destroyed before CelExpression objects
49
- // it built.
50
- class CelExpressionBuilder {
51
- public:
52
- virtual ~CelExpressionBuilder() = default;
53
-
54
- // Creates CelExpression object from AST tree.
55
- // expr specifies root of AST tree
56
- virtual absl::StatusOr<std::unique_ptr<CelExpression>> CreateExpression(
57
- const google_api_expr_v1alpha1_Expr* expr,
58
- const google_api_expr_v1alpha1_SourceInfo* source_info) const = 0;
59
-
60
- virtual absl::StatusOr<std::unique_ptr<CelExpression>> CreateExpression(
61
- const google_api_expr_v1alpha1_Expr* expr,
62
- const google_api_expr_v1alpha1_SourceInfo* source_info,
63
- std::vector<absl::Status>* warnings) const = 0;
64
- };
65
-
66
- } // namespace mock_cel
67
- } // namespace grpc_core
68
-
69
- #endif // GRPC_CORE_LIB_SECURITY_AUTHORIZATION_MOCK_CEL_CEL_EXPRESSION_H