grpc 1.37.1 → 1.39.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (636) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +96 -59
  3. data/include/grpc/event_engine/README.md +38 -0
  4. data/include/grpc/event_engine/endpoint_config.h +48 -0
  5. data/include/grpc/event_engine/event_engine.h +334 -0
  6. data/include/grpc/event_engine/port.h +41 -0
  7. data/include/grpc/event_engine/slice_allocator.h +91 -0
  8. data/include/grpc/grpc.h +11 -4
  9. data/include/grpc/grpc_security.h +32 -0
  10. data/include/grpc/grpc_security_constants.h +15 -0
  11. data/include/grpc/impl/codegen/grpc_types.h +28 -13
  12. data/include/grpc/impl/codegen/port_platform.h +22 -0
  13. data/include/grpc/module.modulemap +14 -14
  14. data/src/core/ext/filters/client_channel/backup_poller.cc +3 -3
  15. data/src/core/ext/filters/client_channel/channel_connectivity.cc +177 -202
  16. data/src/core/ext/filters/client_channel/client_channel.cc +630 -3103
  17. data/src/core/ext/filters/client_channel/client_channel.h +489 -55
  18. data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -1
  19. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +4 -1
  20. data/src/core/ext/filters/client_channel/config_selector.h +1 -1
  21. data/src/core/ext/filters/client_channel/connector.h +1 -1
  22. data/src/core/ext/filters/client_channel/dynamic_filters.cc +9 -10
  23. data/src/core/ext/filters/client_channel/dynamic_filters.h +3 -3
  24. data/src/core/ext/filters/client_channel/health/health_check_client.cc +28 -27
  25. data/src/core/ext/filters/client_channel/health/health_check_client.h +30 -29
  26. data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +24 -21
  27. data/src/core/ext/filters/client_channel/http_proxy.cc +16 -1
  28. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +6 -6
  29. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +46 -43
  30. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -1
  31. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -1
  32. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +5 -5
  33. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +14 -12
  34. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +755 -0
  35. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +10 -0
  36. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +4 -4
  37. data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +1 -1
  38. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +15 -15
  39. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +46 -54
  40. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +23 -23
  41. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +31 -46
  42. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +146 -155
  43. data/src/core/ext/filters/client_channel/lb_policy.cc +1 -1
  44. data/src/core/ext/filters/client_channel/lb_policy.h +4 -4
  45. data/src/core/ext/filters/client_channel/lb_policy_factory.h +1 -1
  46. data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -4
  47. data/src/core/ext/filters/client_channel/lb_policy_registry.h +1 -1
  48. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +24 -18
  49. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -1
  50. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc +31 -0
  51. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +3 -3
  52. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
  53. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +14 -14
  54. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +33 -24
  55. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
  56. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc +28 -0
  57. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +1 -1
  58. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
  59. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +18 -12
  60. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +20 -28
  61. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +7 -5
  62. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +20 -13
  63. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +1 -1
  64. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +60 -32
  65. data/src/core/ext/filters/client_channel/resolver.h +2 -2
  66. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +32 -239
  67. data/src/core/ext/filters/client_channel/resolver_result_parsing.h +20 -49
  68. data/src/core/ext/filters/client_channel/retry_filter.cc +2449 -0
  69. data/src/core/ext/filters/client_channel/retry_filter.h +30 -0
  70. data/src/core/ext/filters/client_channel/retry_service_config.cc +306 -0
  71. data/src/core/ext/filters/client_channel/retry_service_config.h +96 -0
  72. data/src/core/ext/filters/client_channel/server_address.cc +1 -1
  73. data/src/core/ext/filters/client_channel/service_config.cc +15 -14
  74. data/src/core/ext/filters/client_channel/service_config.h +7 -6
  75. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +5 -4
  76. data/src/core/ext/filters/client_channel/service_config_parser.cc +6 -6
  77. data/src/core/ext/filters/client_channel/service_config_parser.h +7 -4
  78. data/src/core/ext/filters/client_channel/subchannel.cc +17 -16
  79. data/src/core/ext/filters/client_channel/subchannel.h +7 -6
  80. data/src/core/ext/filters/client_idle/client_idle_filter.cc +17 -16
  81. data/src/core/ext/filters/deadline/deadline_filter.cc +10 -10
  82. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +25 -18
  83. data/src/core/ext/filters/fault_injection/service_config_parser.cc +5 -5
  84. data/src/core/ext/filters/fault_injection/service_config_parser.h +1 -1
  85. data/src/core/ext/filters/http/client/http_client_filter.cc +28 -21
  86. data/src/core/ext/filters/http/client_authority_filter.cc +3 -3
  87. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +23 -22
  88. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +21 -21
  89. data/src/core/ext/filters/http/server/http_server_filter.cc +27 -23
  90. data/src/core/ext/filters/max_age/max_age_filter.cc +12 -10
  91. data/src/core/ext/filters/message_size/message_size_filter.cc +14 -11
  92. data/src/core/ext/filters/message_size/message_size_filter.h +1 -1
  93. data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +4 -3
  94. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +7 -7
  95. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +7 -7
  96. data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +2 -2
  97. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +3 -2
  98. data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +3 -3
  99. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +44 -45
  100. data/src/core/ext/transport/chttp2/server/chttp2_server.h +2 -2
  101. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +3 -4
  102. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +5 -4
  103. data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +3 -4
  104. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +139 -120
  105. data/src/core/ext/transport/chttp2/transport/context_list.cc +4 -5
  106. data/src/core/ext/transport/chttp2/transport/context_list.h +4 -4
  107. data/src/core/ext/transport/chttp2/transport/flow_control.cc +3 -3
  108. data/src/core/ext/transport/chttp2/transport/flow_control.h +8 -8
  109. data/src/core/ext/transport/chttp2/transport/frame_data.cc +8 -8
  110. data/src/core/ext/transport/chttp2/transport/frame_data.h +10 -10
  111. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +7 -8
  112. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +6 -6
  113. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +7 -8
  114. data/src/core/ext/transport/chttp2/transport/frame_ping.h +7 -6
  115. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +7 -7
  116. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +6 -6
  117. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +6 -5
  118. data/src/core/ext/transport/chttp2/transport/frame_settings.h +6 -6
  119. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -6
  120. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +4 -6
  121. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +237 -208
  122. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +10 -10
  123. data/src/core/ext/transport/chttp2/transport/hpack_table.cc +4 -3
  124. data/src/core/ext/transport/chttp2/transport/hpack_table.h +4 -4
  125. data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
  126. data/src/core/ext/transport/chttp2/transport/incoming_metadata.h +2 -2
  127. data/src/core/ext/transport/chttp2/transport/internal.h +32 -27
  128. data/src/core/ext/transport/chttp2/transport/parsing.cc +65 -58
  129. data/src/core/ext/transport/chttp2/transport/writing.cc +7 -3
  130. data/src/core/ext/transport/inproc/inproc_transport.cc +72 -60
  131. data/src/core/ext/xds/certificate_provider_factory.h +1 -1
  132. data/src/core/ext/xds/certificate_provider_store.h +3 -3
  133. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +3 -3
  134. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +2 -2
  135. data/src/core/ext/xds/xds_api.cc +348 -199
  136. data/src/core/ext/xds/xds_api.h +21 -12
  137. data/src/core/ext/xds/xds_bootstrap.cc +97 -159
  138. data/src/core/ext/xds/xds_bootstrap.h +19 -24
  139. data/src/core/ext/xds/xds_certificate_provider.cc +4 -4
  140. data/src/core/ext/xds/xds_certificate_provider.h +4 -4
  141. data/src/core/ext/xds/xds_channel_args.h +5 -2
  142. data/src/core/ext/xds/xds_client.cc +310 -178
  143. data/src/core/ext/xds/xds_client.h +41 -27
  144. data/src/core/ext/xds/xds_client_stats.h +3 -2
  145. data/src/core/ext/xds/xds_server_config_fetcher.cc +34 -20
  146. data/src/core/lib/{iomgr → address_utils}/parse_address.cc +17 -17
  147. data/src/core/lib/{iomgr → address_utils}/parse_address.h +7 -7
  148. data/src/core/lib/{iomgr → address_utils}/sockaddr_utils.cc +16 -20
  149. data/src/core/lib/{iomgr → address_utils}/sockaddr_utils.h +16 -11
  150. data/src/core/lib/channel/channel_stack.cc +10 -9
  151. data/src/core/lib/channel/channel_stack.h +10 -9
  152. data/src/core/lib/channel/channel_stack_builder.cc +2 -2
  153. data/src/core/lib/channel/channel_stack_builder.h +1 -1
  154. data/src/core/lib/channel/channelz.cc +21 -13
  155. data/src/core/lib/channel/channelz.h +3 -0
  156. data/src/core/lib/channel/connected_channel.cc +4 -4
  157. data/src/core/lib/channel/handshaker.cc +7 -6
  158. data/src/core/lib/channel/handshaker.h +5 -5
  159. data/src/core/lib/event_engine/endpoint_config.cc +46 -0
  160. data/src/core/lib/event_engine/endpoint_config_internal.h +42 -0
  161. data/src/core/lib/event_engine/event_engine.cc +50 -0
  162. data/src/core/lib/event_engine/slice_allocator.cc +89 -0
  163. data/src/core/lib/event_engine/sockaddr.cc +40 -0
  164. data/src/core/lib/event_engine/sockaddr.h +44 -0
  165. data/src/core/lib/gpr/wrap_memcpy.cc +2 -1
  166. data/src/core/lib/gprpp/ref_counted.h +28 -14
  167. data/src/core/lib/gprpp/status_helper.cc +407 -0
  168. data/src/core/lib/gprpp/status_helper.h +183 -0
  169. data/src/core/lib/http/httpcli.cc +11 -11
  170. data/src/core/lib/http/httpcli_security_connector.cc +11 -7
  171. data/src/core/lib/http/parser.cc +16 -16
  172. data/src/core/lib/http/parser.h +4 -4
  173. data/src/core/lib/iomgr/buffer_list.cc +7 -9
  174. data/src/core/lib/iomgr/buffer_list.h +4 -5
  175. data/src/core/lib/iomgr/call_combiner.cc +15 -12
  176. data/src/core/lib/iomgr/call_combiner.h +12 -14
  177. data/src/core/lib/iomgr/cfstream_handle.cc +3 -3
  178. data/src/core/lib/iomgr/cfstream_handle.h +1 -1
  179. data/src/core/lib/iomgr/closure.h +7 -6
  180. data/src/core/lib/iomgr/combiner.cc +14 -12
  181. data/src/core/lib/iomgr/combiner.h +2 -2
  182. data/src/core/lib/iomgr/endpoint.cc +1 -1
  183. data/src/core/lib/iomgr/endpoint.h +2 -2
  184. data/src/core/lib/iomgr/endpoint_cfstream.cc +11 -13
  185. data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +33 -0
  186. data/src/core/lib/iomgr/endpoint_pair_windows.cc +1 -1
  187. data/src/core/lib/iomgr/error.cc +168 -61
  188. data/src/core/lib/iomgr/error.h +217 -106
  189. data/src/core/lib/iomgr/error_cfstream.cc +3 -2
  190. data/src/core/lib/iomgr/error_cfstream.h +2 -2
  191. data/src/core/lib/iomgr/error_internal.h +5 -1
  192. data/src/core/lib/iomgr/ev_apple.cc +5 -5
  193. data/src/core/lib/iomgr/ev_epoll1_linux.cc +19 -19
  194. data/src/core/lib/iomgr/ev_epollex_linux.cc +48 -45
  195. data/src/core/lib/iomgr/ev_poll_posix.cc +26 -23
  196. data/src/core/lib/iomgr/ev_posix.cc +9 -8
  197. data/src/core/lib/iomgr/ev_posix.h +9 -9
  198. data/src/core/lib/iomgr/event_engine/closure.cc +54 -0
  199. data/src/core/lib/iomgr/event_engine/closure.h +33 -0
  200. data/src/core/lib/iomgr/event_engine/endpoint.cc +194 -0
  201. data/src/core/lib/iomgr/event_engine/endpoint.h +53 -0
  202. data/src/core/lib/iomgr/event_engine/iomgr.cc +105 -0
  203. data/src/core/lib/iomgr/event_engine/iomgr.h +24 -0
  204. data/src/core/lib/iomgr/event_engine/pollset.cc +87 -0
  205. data/src/core/lib/iomgr/event_engine/pollset.h +25 -0
  206. data/src/core/lib/iomgr/event_engine/promise.h +51 -0
  207. data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +41 -0
  208. data/src/core/lib/iomgr/event_engine/resolved_address_internal.h +35 -0
  209. data/src/core/lib/iomgr/event_engine/resolver.cc +110 -0
  210. data/src/core/lib/iomgr/event_engine/tcp.cc +243 -0
  211. data/src/core/lib/iomgr/event_engine/timer.cc +57 -0
  212. data/src/core/lib/iomgr/exec_ctx.cc +12 -4
  213. data/src/core/lib/iomgr/exec_ctx.h +4 -5
  214. data/src/core/lib/iomgr/executor/threadpool.cc +2 -3
  215. data/src/core/lib/iomgr/executor/threadpool.h +2 -2
  216. data/src/core/lib/iomgr/executor.cc +8 -8
  217. data/src/core/lib/iomgr/executor.h +2 -2
  218. data/src/core/lib/iomgr/iomgr.cc +2 -2
  219. data/src/core/lib/iomgr/iomgr.h +1 -1
  220. data/src/core/lib/iomgr/iomgr_custom.cc +1 -1
  221. data/src/core/lib/iomgr/iomgr_internal.cc +2 -2
  222. data/src/core/lib/iomgr/iomgr_internal.h +3 -3
  223. data/src/core/lib/iomgr/iomgr_posix.cc +3 -1
  224. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +42 -12
  225. data/src/core/lib/iomgr/iomgr_windows.cc +1 -1
  226. data/src/core/lib/iomgr/load_file.cc +4 -4
  227. data/src/core/lib/iomgr/load_file.h +2 -2
  228. data/src/core/lib/iomgr/lockfree_event.cc +5 -5
  229. data/src/core/lib/iomgr/lockfree_event.h +1 -1
  230. data/src/core/lib/iomgr/pollset.cc +5 -5
  231. data/src/core/lib/iomgr/pollset.h +9 -9
  232. data/src/core/lib/iomgr/pollset_custom.cc +7 -7
  233. data/src/core/lib/iomgr/pollset_custom.h +3 -1
  234. data/src/core/lib/iomgr/pollset_uv.cc +3 -1
  235. data/src/core/lib/iomgr/pollset_uv.h +5 -1
  236. data/src/core/lib/iomgr/pollset_windows.cc +5 -5
  237. data/src/core/lib/iomgr/port.h +7 -5
  238. data/src/core/lib/iomgr/python_util.h +1 -1
  239. data/src/core/lib/iomgr/resolve_address.cc +8 -4
  240. data/src/core/lib/iomgr/resolve_address.h +12 -6
  241. data/src/core/lib/iomgr/resolve_address_custom.cc +10 -9
  242. data/src/core/lib/iomgr/resolve_address_custom.h +3 -3
  243. data/src/core/lib/iomgr/resolve_address_posix.cc +3 -3
  244. data/src/core/lib/iomgr/resolve_address_windows.cc +4 -4
  245. data/src/core/lib/iomgr/resource_quota.cc +11 -10
  246. data/src/core/lib/iomgr/sockaddr.h +1 -0
  247. data/src/core/lib/iomgr/socket_mutator.cc +15 -2
  248. data/src/core/lib/iomgr/socket_mutator.h +26 -2
  249. data/src/core/lib/iomgr/socket_utils_common_posix.cc +24 -22
  250. data/src/core/lib/iomgr/socket_utils_posix.h +20 -20
  251. data/src/core/lib/iomgr/tcp_client_cfstream.cc +4 -4
  252. data/src/core/lib/iomgr/tcp_client_custom.cc +5 -6
  253. data/src/core/lib/iomgr/tcp_client_posix.cc +22 -19
  254. data/src/core/lib/iomgr/tcp_client_posix.h +3 -4
  255. data/src/core/lib/iomgr/tcp_client_windows.cc +5 -5
  256. data/src/core/lib/iomgr/tcp_custom.cc +14 -16
  257. data/src/core/lib/iomgr/tcp_custom.h +13 -12
  258. data/src/core/lib/iomgr/tcp_posix.cc +78 -73
  259. data/src/core/lib/iomgr/tcp_posix.h +8 -0
  260. data/src/core/lib/iomgr/tcp_server.cc +6 -6
  261. data/src/core/lib/iomgr/tcp_server.h +12 -11
  262. data/src/core/lib/iomgr/tcp_server_custom.cc +26 -25
  263. data/src/core/lib/iomgr/tcp_server_posix.cc +28 -21
  264. data/src/core/lib/iomgr/tcp_server_utils_posix.h +13 -12
  265. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +21 -18
  266. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +9 -9
  267. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
  268. data/src/core/lib/iomgr/tcp_server_windows.cc +26 -25
  269. data/src/core/lib/iomgr/tcp_uv.cc +25 -23
  270. data/src/core/lib/iomgr/tcp_windows.cc +13 -13
  271. data/src/core/lib/iomgr/tcp_windows.h +2 -2
  272. data/src/core/lib/iomgr/timer.h +6 -1
  273. data/src/core/lib/iomgr/timer_custom.cc +2 -1
  274. data/src/core/lib/iomgr/timer_custom.h +1 -1
  275. data/src/core/lib/iomgr/timer_generic.cc +6 -6
  276. data/src/core/lib/iomgr/udp_server.cc +21 -20
  277. data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -3
  278. data/src/core/lib/iomgr/unix_sockets_posix.h +2 -2
  279. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +10 -7
  280. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +3 -3
  281. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +4 -4
  282. data/src/core/lib/iomgr/wakeup_fd_posix.cc +3 -3
  283. data/src/core/lib/iomgr/wakeup_fd_posix.h +8 -6
  284. data/src/core/lib/iomgr/work_serializer.h +17 -1
  285. data/src/core/lib/json/json.h +1 -1
  286. data/src/core/lib/json/json_reader.cc +4 -4
  287. data/src/core/lib/matchers/matchers.cc +39 -39
  288. data/src/core/lib/matchers/matchers.h +28 -28
  289. data/src/core/lib/security/authorization/authorization_engine.h +44 -0
  290. data/src/core/lib/security/authorization/authorization_policy_provider.h +32 -0
  291. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +46 -0
  292. data/src/core/lib/security/authorization/evaluate_args.cc +209 -0
  293. data/src/core/lib/security/authorization/evaluate_args.h +91 -0
  294. data/src/core/lib/security/credentials/composite/composite_credentials.cc +4 -4
  295. data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -2
  296. data/src/core/lib/security/credentials/credentials.h +2 -2
  297. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +17 -13
  298. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +13 -11
  299. data/src/core/lib/security/credentials/external/aws_request_signer.cc +2 -1
  300. data/src/core/lib/security/credentials/external/aws_request_signer.h +1 -1
  301. data/src/core/lib/security/credentials/external/external_account_credentials.cc +15 -12
  302. data/src/core/lib/security/credentials/external/external_account_credentials.h +9 -8
  303. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +5 -4
  304. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +4 -3
  305. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +8 -8
  306. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +9 -7
  307. data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -2
  308. data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -2
  309. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +12 -10
  310. data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -2
  311. data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
  312. data/src/core/lib/security/credentials/jwt/json_token.cc +2 -2
  313. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +3 -3
  314. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
  315. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +7 -5
  316. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +21 -19
  317. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +5 -5
  318. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +5 -5
  319. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -2
  320. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +8 -7
  321. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +9 -9
  322. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +19 -13
  323. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +4 -0
  324. data/src/core/lib/security/credentials/tls/tls_utils.cc +32 -0
  325. data/src/core/lib/security/credentials/tls/tls_utils.h +13 -0
  326. data/src/core/lib/security/credentials/xds/xds_credentials.cc +3 -3
  327. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +13 -3
  328. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +13 -3
  329. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +2 -2
  330. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +12 -2
  331. data/src/core/lib/security/security_connector/load_system_roots_linux.cc +1 -1
  332. data/src/core/lib/security/security_connector/local/local_security_connector.cc +22 -9
  333. data/src/core/lib/security/security_connector/security_connector.h +9 -4
  334. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +16 -6
  335. data/src/core/lib/security/security_connector/ssl_utils.cc +27 -4
  336. data/src/core/lib/security/security_connector/ssl_utils.h +4 -4
  337. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +56 -60
  338. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +66 -48
  339. data/src/core/lib/security/transport/client_auth_filter.cc +18 -10
  340. data/src/core/lib/security/transport/secure_endpoint.cc +4 -4
  341. data/src/core/lib/security/transport/security_handshaker.cc +33 -32
  342. data/src/core/lib/security/transport/server_auth_filter.cc +19 -13
  343. data/src/core/lib/security/transport/tsi_error.cc +2 -1
  344. data/src/core/lib/security/transport/tsi_error.h +2 -1
  345. data/src/core/lib/security/util/json_util.cc +2 -2
  346. data/src/core/lib/security/util/json_util.h +1 -1
  347. data/src/core/lib/surface/call.cc +67 -46
  348. data/src/core/lib/surface/call.h +13 -2
  349. data/src/core/lib/surface/channel.cc +6 -6
  350. data/src/core/lib/surface/channel.h +3 -2
  351. data/src/core/lib/surface/channel_ping.cc +1 -1
  352. data/src/core/lib/surface/completion_queue.cc +68 -69
  353. data/src/core/lib/surface/completion_queue.h +3 -2
  354. data/src/core/lib/surface/completion_queue_factory.cc +1 -2
  355. data/src/core/lib/surface/init.cc +1 -3
  356. data/src/core/lib/surface/init.h +10 -1
  357. data/src/core/lib/surface/lame_client.cc +11 -11
  358. data/src/core/lib/surface/lame_client.h +1 -1
  359. data/src/core/lib/surface/server.cc +28 -22
  360. data/src/core/lib/surface/server.h +16 -15
  361. data/src/core/lib/surface/validate_metadata.cc +7 -7
  362. data/src/core/lib/surface/validate_metadata.h +3 -2
  363. data/src/core/lib/surface/version.cc +4 -2
  364. data/src/core/lib/transport/byte_stream.cc +5 -5
  365. data/src/core/lib/transport/byte_stream.h +8 -8
  366. data/src/core/lib/transport/connectivity_state.cc +1 -1
  367. data/src/core/lib/transport/error_utils.cc +21 -10
  368. data/src/core/lib/transport/error_utils.h +11 -5
  369. data/src/core/lib/transport/metadata_batch.cc +37 -37
  370. data/src/core/lib/transport/metadata_batch.h +19 -18
  371. data/src/core/lib/transport/transport.cc +4 -3
  372. data/src/core/lib/transport/transport.h +6 -4
  373. data/src/core/lib/transport/transport_op_string.cc +6 -6
  374. data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -0
  375. data/src/core/tsi/alts/crypt/gsec.h +6 -0
  376. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +5 -4
  377. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +7 -6
  378. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +2 -1
  379. data/src/core/tsi/ssl_transport_security.cc +32 -14
  380. data/src/core/tsi/ssl_transport_security.h +3 -4
  381. data/src/ruby/bin/math_services_pb.rb +1 -1
  382. data/src/ruby/ext/grpc/extconf.rb +2 -0
  383. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +6 -0
  384. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +11 -2
  385. data/src/ruby/lib/grpc/version.rb +1 -1
  386. data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +1 -1
  387. data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +6 -6
  388. data/third_party/abseil-cpp/absl/algorithm/container.h +3 -3
  389. data/third_party/abseil-cpp/absl/base/attributes.h +24 -4
  390. data/third_party/abseil-cpp/absl/base/call_once.h +2 -9
  391. data/third_party/abseil-cpp/absl/base/config.h +37 -9
  392. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +24 -10
  393. data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +4 -1
  394. data/third_party/abseil-cpp/absl/base/internal/endian.h +61 -0
  395. data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +2 -3
  396. data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +34 -32
  397. data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +16 -6
  398. data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +11 -2
  399. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +14 -5
  400. data/third_party/abseil-cpp/absl/base/internal/spinlock_akaros.inc +2 -2
  401. data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +3 -3
  402. data/third_party/abseil-cpp/absl/base/internal/spinlock_posix.inc +2 -2
  403. data/third_party/abseil-cpp/absl/base/internal/spinlock_wait.h +11 -11
  404. data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +5 -5
  405. data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +1 -1
  406. data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +5 -2
  407. data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +43 -42
  408. data/third_party/abseil-cpp/absl/base/internal/throw_delegate.cc +111 -7
  409. data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +0 -76
  410. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +1 -3
  411. data/third_party/abseil-cpp/absl/base/log_severity.h +4 -4
  412. data/third_party/abseil-cpp/absl/base/macros.h +11 -0
  413. data/third_party/abseil-cpp/absl/base/optimization.h +10 -7
  414. data/third_party/abseil-cpp/absl/base/options.h +1 -1
  415. data/third_party/abseil-cpp/absl/base/port.h +0 -1
  416. data/third_party/abseil-cpp/absl/base/thread_annotations.h +1 -1
  417. data/third_party/abseil-cpp/absl/container/fixed_array.h +2 -2
  418. data/third_party/abseil-cpp/absl/container/inlined_vector.h +5 -3
  419. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +1 -1
  420. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +5 -1
  421. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +2 -1
  422. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +2 -1
  423. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +141 -66
  424. data/third_party/abseil-cpp/absl/container/internal/layout.h +4 -4
  425. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +14 -1
  426. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +136 -136
  427. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +16 -12
  428. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +5 -2
  429. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +3 -12
  430. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +6 -1
  431. data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +3 -5
  432. data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +2 -2
  433. data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +2 -2
  434. data/third_party/abseil-cpp/absl/hash/internal/city.cc +15 -12
  435. data/third_party/abseil-cpp/absl/hash/internal/city.h +1 -19
  436. data/third_party/abseil-cpp/absl/hash/internal/hash.cc +25 -10
  437. data/third_party/abseil-cpp/absl/hash/internal/hash.h +86 -37
  438. data/third_party/abseil-cpp/absl/hash/internal/wyhash.cc +111 -0
  439. data/third_party/abseil-cpp/absl/hash/internal/wyhash.h +48 -0
  440. data/third_party/abseil-cpp/absl/meta/type_traits.h +16 -2
  441. data/third_party/abseil-cpp/absl/numeric/bits.h +177 -0
  442. data/third_party/abseil-cpp/absl/numeric/int128.cc +3 -3
  443. data/third_party/abseil-cpp/absl/numeric/internal/bits.h +358 -0
  444. data/third_party/abseil-cpp/absl/numeric/internal/representation.h +55 -0
  445. data/third_party/abseil-cpp/absl/status/internal/status_internal.h +18 -0
  446. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +4 -7
  447. data/third_party/abseil-cpp/absl/status/status.cc +29 -22
  448. data/third_party/abseil-cpp/absl/status/status.h +81 -20
  449. data/third_party/abseil-cpp/absl/status/statusor.h +3 -3
  450. data/third_party/abseil-cpp/absl/strings/charconv.cc +5 -5
  451. data/third_party/abseil-cpp/absl/strings/cord.cc +326 -371
  452. data/third_party/abseil-cpp/absl/strings/cord.h +182 -64
  453. data/third_party/abseil-cpp/absl/strings/escaping.cc +4 -4
  454. data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +6 -6
  455. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +83 -0
  456. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +387 -17
  457. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +146 -0
  458. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +897 -0
  459. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.h +589 -0
  460. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring_reader.h +114 -0
  461. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +14 -0
  462. data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +14 -0
  463. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +15 -1
  464. data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +19 -4
  465. data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +14 -0
  466. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +36 -18
  467. data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +14 -0
  468. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +14 -0
  469. data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +14 -0
  470. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +15 -40
  471. data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +64 -0
  472. data/third_party/abseil-cpp/absl/strings/match.cc +6 -3
  473. data/third_party/abseil-cpp/absl/strings/match.h +16 -6
  474. data/third_party/abseil-cpp/absl/strings/numbers.cc +132 -4
  475. data/third_party/abseil-cpp/absl/strings/numbers.h +10 -10
  476. data/third_party/abseil-cpp/absl/strings/str_join.h +1 -1
  477. data/third_party/abseil-cpp/absl/strings/str_split.h +38 -4
  478. data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +154 -0
  479. data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +2 -1
  480. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +2 -2
  481. data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +4 -4
  482. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +1 -65
  483. data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +2 -6
  484. data/third_party/abseil-cpp/absl/synchronization/mutex.cc +71 -59
  485. data/third_party/abseil-cpp/absl/synchronization/mutex.h +79 -62
  486. data/third_party/abseil-cpp/absl/time/clock.cc +146 -130
  487. data/third_party/abseil-cpp/absl/time/clock.h +2 -2
  488. data/third_party/abseil-cpp/absl/time/duration.cc +3 -2
  489. data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +7 -11
  490. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +7 -1
  491. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +4 -4
  492. data/third_party/abseil-cpp/absl/time/time.cc +4 -3
  493. data/third_party/abseil-cpp/absl/time/time.h +26 -24
  494. data/third_party/abseil-cpp/absl/types/internal/variant.h +1 -1
  495. data/third_party/abseil-cpp/absl/types/variant.h +9 -4
  496. data/third_party/boringssl-with-bazel/err_data.c +483 -461
  497. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +1 -1
  498. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +9 -7
  499. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +18 -8
  500. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +1 -2
  501. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +5 -0
  502. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +1 -1
  503. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +1 -1
  504. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +4 -0
  505. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +1 -88
  506. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -3
  507. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +119 -273
  508. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +1 -1
  509. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
  510. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +87 -80
  511. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +9 -0
  512. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -0
  513. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +1 -1
  514. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -4
  515. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +11 -3
  516. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +25 -2
  517. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +7 -0
  518. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +10 -2
  519. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +87 -160
  520. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +4 -0
  521. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +0 -1
  522. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +0 -4
  523. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +104 -93
  524. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +39 -0
  525. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +52 -65
  526. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +52 -66
  527. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +33 -22
  528. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +9 -8
  529. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +9 -8
  530. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +17 -13
  531. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +1 -22
  532. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +2 -1
  533. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -4
  534. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -13
  535. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +26 -7
  536. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +26 -24
  537. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +10 -7
  538. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +79 -0
  539. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +14 -9
  540. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +61 -75
  541. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +80 -103
  542. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +40 -49
  543. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +367 -315
  544. data/third_party/boringssl-with-bazel/src/crypto/internal.h +65 -0
  545. data/third_party/boringssl-with-bazel/src/crypto/mem.c +14 -0
  546. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +3 -3
  547. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +5 -3
  548. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +95 -48
  549. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +2 -2
  550. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +1 -1
  551. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +1 -2
  552. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -28
  553. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +120 -11
  554. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +2 -0
  555. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +3 -0
  556. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +19 -25
  557. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +3 -2
  558. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +42 -89
  559. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +9 -16
  560. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +2 -0
  561. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +14 -15
  562. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +53 -73
  563. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +31 -0
  564. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +3 -0
  565. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +21 -17
  566. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +3 -0
  567. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +7 -25
  568. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +5 -0
  569. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +25 -22
  570. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +5 -8
  571. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +5 -0
  572. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +2 -0
  573. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +3 -0
  574. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +7 -0
  575. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -4
  576. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -1
  577. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +1 -0
  578. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +5 -8
  579. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -4
  580. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +66 -1
  581. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +120 -41
  582. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +47 -7
  583. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -0
  584. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
  585. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +0 -8
  586. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +24 -4
  587. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -2
  588. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +5 -2
  589. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +33 -0
  590. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +3 -2
  591. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +20 -49
  592. data/third_party/boringssl-with-bazel/src/{crypto/x509/x509_r2x.c → include/openssl/evp_errors.h} +41 -58
  593. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +325 -0
  594. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +24 -5
  595. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +25 -7
  596. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +9 -1
  597. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +2 -2
  598. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +99 -63
  599. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +283 -85
  600. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +13 -19
  601. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +445 -152
  602. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +451 -435
  603. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +2 -1
  604. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +7 -2
  605. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +1 -1
  606. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +1133 -0
  607. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +298 -22
  608. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +66 -30
  609. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +189 -86
  610. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +154 -24
  611. data/third_party/boringssl-with-bazel/src/ssl/internal.h +414 -135
  612. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +9 -3
  613. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  614. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +14 -19
  615. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +4 -6
  616. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +23 -26
  617. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +51 -60
  618. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +2 -0
  619. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +8 -31
  620. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -0
  621. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +4 -3
  622. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +7 -3
  623. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +664 -702
  624. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +65 -7
  625. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -39
  626. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +141 -94
  627. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +213 -118
  628. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +4 -2
  629. metadata +94 -46
  630. data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +0 -88
  631. data/src/core/lib/iomgr/poller/eventmanager_libuv.h +0 -88
  632. data/third_party/abseil-cpp/absl/base/internal/bits.h +0 -219
  633. data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +0 -249
  634. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/is_fips.c +0 -29
  635. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +0 -246
  636. data/third_party/boringssl-with-bazel/src/crypto/x509/vpm_int.h +0 -71
@@ -436,6 +436,11 @@ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
436
436
 
437
437
  static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
438
438
  {
439
+ if (X509_ALGOR_cmp(crl->sig_alg, crl->crl->sig_alg) != 0) {
440
+ OPENSSL_PUT_ERROR(X509, X509_R_SIGNATURE_ALGORITHM_MISMATCH);
441
+ return 0;
442
+ }
443
+
439
444
  return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
440
445
  crl->sig_alg, crl->signature, crl->crl, r));
441
446
  }
@@ -68,6 +68,7 @@
68
68
  #include <openssl/thread.h>
69
69
 
70
70
  #include "../internal.h"
71
+ #include "internal.h"
71
72
 
72
73
  /* Minor tweak to operation: free up EVP_PKEY */
73
74
  static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -180,35 +181,37 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
180
181
  return NULL;
181
182
  }
182
183
 
183
- int X509_PUBKEY_set0_param(X509_PUBKEY *pub, const ASN1_OBJECT *aobj,
184
- int ptype, void *pval,
185
- unsigned char *penc, int penclen)
184
+ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *obj, int param_type,
185
+ void *param_value, uint8_t *key, int key_len)
186
186
  {
187
- if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
187
+ if (!X509_ALGOR_set0(pub->algor, obj, param_type, param_value)) {
188
188
  return 0;
189
- if (penc) {
190
- if (pub->public_key->data)
191
- OPENSSL_free(pub->public_key->data);
192
- pub->public_key->data = penc;
193
- pub->public_key->length = penclen;
194
- /* Set number of unused bits to zero */
195
- pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
196
- pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
197
189
  }
190
+
191
+ ASN1_STRING_set0(pub->public_key, key, key_len);
192
+ /* Set the number of unused bits to zero. */
193
+ pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
194
+ pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
198
195
  return 1;
199
196
  }
200
197
 
201
- int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
202
- const unsigned char **pk, int *ppklen,
203
- X509_ALGOR **pa, X509_PUBKEY *pub)
198
+ int X509_PUBKEY_get0_param(ASN1_OBJECT **out_obj, const uint8_t **out_key,
199
+ int *out_key_len, X509_ALGOR **out_alg,
200
+ X509_PUBKEY *pub)
204
201
  {
205
- if (ppkalg)
206
- *ppkalg = pub->algor->algorithm;
207
- if (pk) {
208
- *pk = pub->public_key->data;
209
- *ppklen = pub->public_key->length;
202
+ if (out_obj != NULL) {
203
+ *out_obj = pub->algor->algorithm;
204
+ }
205
+ if (out_key != NULL) {
206
+ *out_key = pub->public_key->data;
207
+ *out_key_len = pub->public_key->length;
208
+ }
209
+ if (out_alg != NULL) {
210
+ *out_alg = pub->algor;
210
211
  }
211
- if (pa)
212
- *pa = pub->algor;
213
212
  return 1;
214
213
  }
214
+
215
+ const ASN1_BIT_STRING *X509_PUBKEY_get0_public_key(const X509_PUBKEY *pub) {
216
+ return pub->public_key;
217
+ }
@@ -60,17 +60,16 @@
60
60
  #include <openssl/thread.h>
61
61
  #include <openssl/x509.h>
62
62
 
63
+ #include "internal.h"
64
+
65
+
63
66
  /*
64
67
  * X509_REQ_INFO is handled in an unusual way to get round invalid encodings.
65
68
  * Some broken certificate requests don't encode the attributes field if it
66
69
  * is empty. This is in violation of PKCS#10 but we need to tolerate it. We
67
70
  * do this by making the attributes field OPTIONAL then using the callback to
68
71
  * initialise it to an empty STACK. This means that the field will be
69
- * correctly encoded unless we NULL out the field. As a result we no longer
70
- * need the req_kludge field because the information is now contained in the
71
- * attributes field: 1. If it is NULL then it's the invalid omission. 2. If
72
- * it is empty it is the correct encoding. 3. If it is not empty then some
73
- * attributes are present.
72
+ * correctly encoded unless we NULL out the field.
74
73
  */
75
74
 
76
75
  static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -90,9 +89,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
90
89
  ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
91
90
  ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
92
91
  ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
93
- /* This isn't really OPTIONAL but it gets round invalid
94
- * encodings
95
- */
92
+ /* This isn't really OPTIONAL but it gets around invalid encodings. */
96
93
  ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
97
94
  } ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
98
95
 
@@ -61,6 +61,11 @@
61
61
  #include <openssl/x509.h>
62
62
 
63
63
 
64
+ struct X509_sig_st {
65
+ X509_ALGOR *algor;
66
+ ASN1_OCTET_STRING *digest;
67
+ } /* X509_SIG */;
68
+
64
69
  ASN1_SEQUENCE(X509_SIG) = {
65
70
  ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
66
71
  ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
@@ -60,6 +60,8 @@
60
60
  #include <openssl/asn1t.h>
61
61
  #include <openssl/x509.h>
62
62
 
63
+ #include "internal.h"
64
+
63
65
 
64
66
  ASN1_SEQUENCE(X509_VAL) = {
65
67
  ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
@@ -61,6 +61,9 @@
61
61
  #include <openssl/obj.h>
62
62
  #include <openssl/x509.h>
63
63
 
64
+ #include "internal.h"
65
+
66
+
64
67
  /*
65
68
  * X509_CERT_AUX routines. These are used to encode additional user
66
69
  * modifiable data about a certificate. This data is appended to the X509
@@ -53,6 +53,13 @@ OPENSSL_EXPORT int x509v3_looks_like_dns_name(const unsigned char *in,
53
53
  // invalid.
54
54
  int x509v3_cache_extensions(X509 *x);
55
55
 
56
+ // x509v3_a2i_ipadd decodes |ipasc| as an IPv4 or IPv6 address. IPv6 addresses
57
+ // use colon-separated syntax while IPv4 addresses use dotted decimal syntax. If
58
+ // it decodes an IPv4 address, it writes the result to the first four bytes of
59
+ // |ipout| and returns four. If it decodes an IPv6 address, it writes the result
60
+ // to all 16 bytes of |ipout| and returns 16. Otherwise, it returns zero.
61
+ int x509v3_a2i_ipadd(unsigned char ipout[16], const char *ipasc);
62
+
56
63
 
57
64
  #if defined(__cplusplus)
58
65
  } /* extern C */
@@ -239,8 +239,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
239
239
  goto merr;
240
240
  if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
241
241
  goto merr;
242
- /* TODO(fork): const correctness */
243
- qual->pqualid = (ASN1_OBJECT *)OBJ_nid2obj(NID_id_qt_cps);
242
+ qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
244
243
  if (qual->pqualid == NULL) {
245
244
  OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR);
246
245
  goto err;
@@ -307,8 +306,7 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
307
306
  POLICYQUALINFO *qual;
308
307
  if (!(qual = POLICYQUALINFO_new()))
309
308
  goto merr;
310
- /* TODO(fork): const correctness */
311
- qual->pqualid = (ASN1_OBJECT *)OBJ_nid2obj(NID_id_qt_unotice);
309
+ qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
312
310
  if (qual->pqualid == NULL) {
313
311
  OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR);
314
312
  goto err;
@@ -440,7 +440,7 @@ int x509v3_cache_extensions(X509 *x)
440
440
  if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL))
441
441
  x->ex_flags |= EXFLAG_INVALID;
442
442
  /* V1 should mean no extensions ... */
443
- if (!X509_get_version(x))
443
+ if (X509_get_version(x) == X509_VERSION_1)
444
444
  x->ex_flags |= EXFLAG_V1;
445
445
  /* Handle basic constraints */
446
446
  if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &j, NULL))) {
@@ -63,6 +63,7 @@
63
63
  #include <openssl/obj.h>
64
64
  #include <openssl/x509v3.h>
65
65
 
66
+ #include "../x509/internal.h"
66
67
  #include "internal.h"
67
68
 
68
69
 
@@ -1112,7 +1112,7 @@ int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
1112
1112
 
1113
1113
  if (ipasc == NULL)
1114
1114
  return -2;
1115
- iplen = (size_t)a2i_ipadd(ipout, ipasc);
1115
+ iplen = (size_t)x509v3_a2i_ipadd(ipout, ipasc);
1116
1116
  if (iplen == 0)
1117
1117
  return -2;
1118
1118
  return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
@@ -1129,10 +1129,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
1129
1129
  ASN1_OCTET_STRING *ret;
1130
1130
  int iplen;
1131
1131
 
1132
- /* If string contains a ':' assume IPv6 */
1133
-
1134
- iplen = a2i_ipadd(ipout, ipasc);
1135
-
1132
+ iplen = x509v3_a2i_ipadd(ipout, ipasc);
1136
1133
  if (!iplen)
1137
1134
  return NULL;
1138
1135
 
@@ -1161,12 +1158,12 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
1161
1158
  p = iptmp + (p - ipasc);
1162
1159
  *p++ = 0;
1163
1160
 
1164
- iplen1 = a2i_ipadd(ipout, iptmp);
1161
+ iplen1 = x509v3_a2i_ipadd(ipout, iptmp);
1165
1162
 
1166
1163
  if (!iplen1)
1167
1164
  goto err;
1168
1165
 
1169
- iplen2 = a2i_ipadd(ipout + iplen1, p);
1166
+ iplen2 = x509v3_a2i_ipadd(ipout + iplen1, p);
1170
1167
 
1171
1168
  OPENSSL_free(iptmp);
1172
1169
  iptmp = NULL;
@@ -1190,7 +1187,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
1190
1187
  return NULL;
1191
1188
  }
1192
1189
 
1193
- int a2i_ipadd(unsigned char *ipout, const char *ipasc)
1190
+ int x509v3_a2i_ipadd(unsigned char *ipout, const char *ipasc)
1194
1191
  {
1195
1192
  /* If string contains a ':' assume IPv6 */
1196
1193
 
@@ -122,7 +122,7 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_192_gcm(void);
122
122
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm(void);
123
123
 
124
124
  // EVP_aead_chacha20_poly1305 is the AEAD built from ChaCha20 and
125
- // Poly1305 as described in RFC 7539.
125
+ // Poly1305 as described in RFC 8439.
126
126
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_chacha20_poly1305(void);
127
127
 
128
128
  // EVP_aead_xchacha20_poly1305 is ChaCha20-Poly1305 with an extended nonce that
@@ -397,12 +397,9 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_AEAD_CTX_aead(const EVP_AEAD_CTX *ctx);
397
397
 
398
398
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls(void);
399
399
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls_implicit_iv(void);
400
- OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha256_tls(void);
401
400
 
402
401
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_tls(void);
403
402
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_tls_implicit_iv(void);
404
- OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha256_tls(void);
405
- OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha384_tls(void);
406
403
 
407
404
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void);
408
405
  OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void);
@@ -124,7 +124,72 @@
124
124
  // - Armv8.5-A Branch Target Identification
125
125
  // features which require emitting a .note.gnu.property section with the
126
126
  // appropriate architecture-dependent feature bits set.
127
- // Read more: "ELF for the Arm® 64-bit Architecture"
127
+ //
128
+ // |AARCH64_SIGN_LINK_REGISTER| and |AARCH64_VALIDATE_LINK_REGISTER| expand to
129
+ // PACIxSP and AUTIxSP, respectively. |AARCH64_SIGN_LINK_REGISTER| should be
130
+ // used immediately before saving the LR register (x30) to the stack.
131
+ // |AARCH64_VALIDATE_LINK_REGISTER| should be used immediately after restoring
132
+ // it. Note |AARCH64_SIGN_LINK_REGISTER|'s modifications to LR must be undone
133
+ // with |AARCH64_VALIDATE_LINK_REGISTER| before RET. The SP register must also
134
+ // have the same value at the two points. For example:
135
+ //
136
+ // .global f
137
+ // f:
138
+ // AARCH64_SIGN_LINK_REGISTER
139
+ // stp x29, x30, [sp, #-96]!
140
+ // mov x29, sp
141
+ // ...
142
+ // ldp x29, x30, [sp], #96
143
+ // AARCH64_VALIDATE_LINK_REGISTER
144
+ // ret
145
+ //
146
+ // |AARCH64_VALID_CALL_TARGET| expands to BTI 'c'. Either it, or
147
+ // |AARCH64_SIGN_LINK_REGISTER|, must be used at every point that may be an
148
+ // indirect call target. In particular, all symbols exported from a file must
149
+ // begin with one of these macros. For example, a leaf function that does not
150
+ // save LR can instead use |AARCH64_VALID_CALL_TARGET|:
151
+ //
152
+ // .globl return_zero
153
+ // return_zero:
154
+ // AARCH64_VALID_CALL_TARGET
155
+ // mov x0, #0
156
+ // ret
157
+ //
158
+ // A non-leaf function which does not immediately save LR may need both macros
159
+ // because |AARCH64_SIGN_LINK_REGISTER| appears late. For example, the function
160
+ // may jump to an alternate implementation before setting up the stack:
161
+ //
162
+ // .globl with_early_jump
163
+ // with_early_jump:
164
+ // AARCH64_VALID_CALL_TARGET
165
+ // cmp x0, #128
166
+ // b.lt .Lwith_early_jump_128
167
+ // AARCH64_SIGN_LINK_REGISTER
168
+ // stp x29, x30, [sp, #-96]!
169
+ // mov x29, sp
170
+ // ...
171
+ // ldp x29, x30, [sp], #96
172
+ // AARCH64_VALIDATE_LINK_REGISTER
173
+ // ret
174
+ //
175
+ // .Lwith_early_jump_128:
176
+ // ...
177
+ // ret
178
+ //
179
+ // These annotations are only required with indirect calls. Private symbols that
180
+ // are only the target of direct calls do not require annotations. Also note
181
+ // that |AARCH64_VALID_CALL_TARGET| is only valid for indirect calls (BLR), not
182
+ // indirect jumps (BR). Indirect jumps in assembly are currently not supported
183
+ // and would require a macro for BTI 'j'.
184
+ //
185
+ // Although not necessary, it is safe to use these macros in 32-bit ARM
186
+ // assembly. This may be used to simplify dual 32-bit and 64-bit files.
187
+ //
188
+ // References:
189
+ // - "ELF for the Arm® 64-bit Architecture"
190
+ // https://github.com/ARM-software/abi-aa/blob/master/aaelf64/aaelf64.rst
191
+ // - "Providing protection for complex software"
192
+ // https://developer.arm.com/architectures/learn-the-architecture/providing-protection-for-complex-software
128
193
 
129
194
  #if defined(__ARM_FEATURE_BTI_DEFAULT) && __ARM_FEATURE_BTI_DEFAULT == 1
130
195
  #define GNU_PROPERTY_AARCH64_BTI (1 << 0) // Has Branch Target Identification
@@ -103,7 +103,7 @@ extern "C" {
103
103
  #define V_ASN1_PRIMITIVE_TAG 0x1f
104
104
 
105
105
  // V_ASN1_MAX_UNIVERSAL is the highest supported universal tag number. It is
106
- // necessary to avoid ambiguity with |V_ASN1_NEG|.
106
+ // necessary to avoid ambiguity with |V_ASN1_NEG| and |MBSTRING_FLAG|.
107
107
  //
108
108
  // TODO(davidben): Make this private.
109
109
  #define V_ASN1_MAX_UNIVERSAL 0xff
@@ -197,9 +197,8 @@ extern "C" {
197
197
  // the DER encoding of the value. For example, the UNIX epoch would be
198
198
  // "19700101000000Z" for a GeneralizedTime and "700101000000Z" for a UTCTime.
199
199
  //
200
- // TODO(davidben): |ASN1_TYPE| additionally uses |ASN1_STRING| to represent
201
- // various other odd cases. It also likes to assume unknown universal tags are
202
- // string types. Make a note here when documenting |ASN1_TYPE|.
200
+ // |ASN1_STRING|, when stored in an |ASN1_TYPE|, may also represent an element
201
+ // with tag not directly supported by this library. See |ASN1_TYPE| for details.
203
202
  //
204
203
  // |ASN1_STRING| additionally has the following typedefs: |ASN1_BIT_STRING|,
205
204
  // |ASN1_BMPSTRING|, |ASN1_ENUMERATED|, |ASN1_GENERALIZEDTIME|,
@@ -313,6 +312,111 @@ OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
313
312
  // types.
314
313
 
315
314
 
315
+ // Arbitrary elements.
316
+
317
+ // ASN1_VALUE_st (aka |ASN1_VALUE|) is an opaque type used internally in the
318
+ // library.
319
+ typedef struct ASN1_VALUE_st ASN1_VALUE;
320
+
321
+ // An asn1_type_st (aka |ASN1_TYPE|) represents an arbitrary ASN.1 element,
322
+ // typically used used for ANY types. It contains a |type| field and a |value|
323
+ // union dependent on |type|.
324
+ //
325
+ // WARNING: This struct has a complex representation. Callers must not construct
326
+ // |ASN1_TYPE| values manually. Use |ASN1_TYPE_set| and |ASN1_TYPE_set1|
327
+ // instead. Additionally, callers performing non-trivial operations on this type
328
+ // are encouraged to use |CBS| and |CBB| from <openssl/bytestring.h>, and
329
+ // convert to or from |ASN1_TYPE| with |d2i_ASN1_TYPE| or |i2d_ASN1_TYPE|.
330
+ //
331
+ // The |type| field corresponds to the tag of the ASN.1 element being
332
+ // represented:
333
+ //
334
+ // If |type| is a |V_ASN1_*| constant for an ASN.1 string-like type, as defined
335
+ // by |ASN1_STRING|, the tag matches the constant. |value| contains an
336
+ // |ASN1_STRING| pointer (equivalently, one of the more specific typedefs). See
337
+ // |ASN1_STRING| for details on the representation. Unlike |ASN1_STRING|,
338
+ // |ASN1_TYPE| does not use the |V_ASN1_NEG| flag for negative INTEGER and
339
+ // ENUMERATE values. For a negative value, the |ASN1_TYPE|'s |type| will be
340
+ // |V_ASN1_INTEGER| or |V_ASN1_ENUMERATED|, but |value| will an |ASN1_STRING|
341
+ // whose |type| is |V_ASN1_NEG_INTEGER| or |V_ASN1_NEG_ENUMERATED|.
342
+ //
343
+ // If |type| is |V_ASN1_OBJECT|, the tag is OBJECT IDENTIFIER and |value|
344
+ // contains an |ASN1_OBJECT| pointer.
345
+ //
346
+ // If |type| is |V_ASN1_NULL|, the tag is NULL. |value| contains a NULL pointer.
347
+ //
348
+ // If |type| is |V_ASN1_BOOLEAN|, the tag is BOOLEAN. |value| contains an
349
+ // |ASN1_BOOLEAN|.
350
+ //
351
+ // If |type| is |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or |V_ASN1_OTHER|, the tag is
352
+ // SEQUENCE, SET, or some non-universal tag, respectively. |value| is an
353
+ // |ASN1_STRING| containing the entire element, including the tag and length.
354
+ // The |ASN1_STRING|'s |type| field matches the containing |ASN1_TYPE|'s |type|.
355
+ //
356
+ // Other positive values of |type|, up to |V_ASN1_MAX_UNIVERSAL|, correspond to
357
+ // universal primitive tags not directly supported by this library. |value| is
358
+ // an |ASN1_STRING| containing the body of the element, excluding the tag
359
+ // and length. The |ASN1_STRING|'s |type| field matches the containing
360
+ // |ASN1_TYPE|'s |type|.
361
+ struct asn1_type_st {
362
+ int type;
363
+ union {
364
+ char *ptr;
365
+ ASN1_BOOLEAN boolean;
366
+ ASN1_STRING *asn1_string;
367
+ ASN1_OBJECT *object;
368
+ ASN1_INTEGER *integer;
369
+ ASN1_ENUMERATED *enumerated;
370
+ ASN1_BIT_STRING *bit_string;
371
+ ASN1_OCTET_STRING *octet_string;
372
+ ASN1_PRINTABLESTRING *printablestring;
373
+ ASN1_T61STRING *t61string;
374
+ ASN1_IA5STRING *ia5string;
375
+ ASN1_GENERALSTRING *generalstring;
376
+ ASN1_BMPSTRING *bmpstring;
377
+ ASN1_UNIVERSALSTRING *universalstring;
378
+ ASN1_UTCTIME *utctime;
379
+ ASN1_GENERALIZEDTIME *generalizedtime;
380
+ ASN1_VISIBLESTRING *visiblestring;
381
+ ASN1_UTF8STRING *utf8string;
382
+ // set and sequence are left complete and still contain the entire element.
383
+ ASN1_STRING *set;
384
+ ASN1_STRING *sequence;
385
+ ASN1_VALUE *asn1_value;
386
+ } value;
387
+ };
388
+
389
+ // ASN1_TYPE_get returns the type of |a|, which will be one of the |V_ASN1_*|
390
+ // constants, or zero if |a| is not fully initialized.
391
+ OPENSSL_EXPORT int ASN1_TYPE_get(const ASN1_TYPE *a);
392
+
393
+ // ASN1_TYPE_set sets |a| to an |ASN1_TYPE| of type |type| and value |value|,
394
+ // releasing the previous contents of |a|.
395
+ //
396
+ // If |type| is |V_ASN1_BOOLEAN|, |a| is set to FALSE if |value| is NULL and
397
+ // TRUE otherwise. If setting |a| to TRUE, |value| may be an invalid pointer,
398
+ // such as (void*)1.
399
+ //
400
+ // If |type| is |V_ASN1_NULL|, |value| must be NULL.
401
+ //
402
+ // For other values of |type|, this function takes ownership of |value|, which
403
+ // must point to an object of the corresponding type. See |ASN1_TYPE| for
404
+ // details.
405
+ OPENSSL_EXPORT void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
406
+
407
+ // ASN1_TYPE_set1 behaves like |ASN1_TYPE_set| except it does not take ownership
408
+ // of |value|. It returns one on success and zero on error.
409
+ OPENSSL_EXPORT int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
410
+
411
+ // ASN1_TYPE_cmp returns zero if |a| and |b| are equal and some non-zero value
412
+ // otherwise. Note this function can only be used for equality checks, not an
413
+ // ordering.
414
+ OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
415
+
416
+ // TODO(davidben): Most of |ASN1_TYPE|'s APIs are hidden behind macros. Expand
417
+ // the macros, document them, and move them to this section.
418
+
419
+
316
420
  // Underdocumented functions.
317
421
  //
318
422
  // The following functions are not yet documented and organized.
@@ -356,6 +460,16 @@ OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
356
460
  #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 // internal use
357
461
  #define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 // internal use
358
462
  #define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 // internal use
463
+
464
+ // An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER.
465
+ //
466
+ // Note: Although the struct is exposed, mutating an |ASN1_OBJECT| is only
467
+ // permitted when initializing it. The library maintains a table of static
468
+ // |ASN1_OBJECT|s, which may be referenced by non-const |ASN1_OBJECT| pointers.
469
+ // Code which receives an |ASN1_OBJECT| pointer externally must assume it is
470
+ // immutable, even if the pointer is not const.
471
+ //
472
+ // TODO(davidben): Document this more completely in its own section.
359
473
  struct asn1_object_st {
360
474
  const char *sn, *ln;
361
475
  int nid;
@@ -414,8 +528,6 @@ typedef struct asn1_string_table_st {
414
528
  // see asn1t.h
415
529
  typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
416
530
  typedef struct ASN1_TLC_st ASN1_TLC;
417
- // This is just an opaque pointer
418
- typedef struct ASN1_VALUE_st ASN1_VALUE;
419
531
 
420
532
  // Declare ASN1 functions: the implement macro in in asn1t.h
421
533
 
@@ -581,35 +693,6 @@ typedef const ASN1_ITEM ASN1_ITEM_EXP;
581
693
  DEFINE_STACK_OF(ASN1_INTEGER)
582
694
  DECLARE_ASN1_SET_OF(ASN1_INTEGER)
583
695
 
584
- struct asn1_type_st {
585
- int type;
586
- union {
587
- char *ptr;
588
- ASN1_BOOLEAN boolean;
589
- ASN1_STRING *asn1_string;
590
- ASN1_OBJECT *object;
591
- ASN1_INTEGER *integer;
592
- ASN1_ENUMERATED *enumerated;
593
- ASN1_BIT_STRING *bit_string;
594
- ASN1_OCTET_STRING *octet_string;
595
- ASN1_PRINTABLESTRING *printablestring;
596
- ASN1_T61STRING *t61string;
597
- ASN1_IA5STRING *ia5string;
598
- ASN1_GENERALSTRING *generalstring;
599
- ASN1_BMPSTRING *bmpstring;
600
- ASN1_UNIVERSALSTRING *universalstring;
601
- ASN1_UTCTIME *utctime;
602
- ASN1_GENERALIZEDTIME *generalizedtime;
603
- ASN1_VISIBLESTRING *visiblestring;
604
- ASN1_UTF8STRING *utf8string;
605
- // set and sequence are left complete and still
606
- // contain the set or sequence bytes
607
- ASN1_STRING *set;
608
- ASN1_STRING *sequence;
609
- ASN1_VALUE *asn1_value;
610
- } value;
611
- };
612
-
613
696
  DEFINE_STACK_OF(ASN1_TYPE)
614
697
  DECLARE_ASN1_SET_OF(ASN1_TYPE)
615
698
 
@@ -696,11 +779,6 @@ typedef struct BIT_STRING_BITNAME_st {
696
779
 
697
780
  DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
698
781
 
699
- OPENSSL_EXPORT int ASN1_TYPE_get(const ASN1_TYPE *a);
700
- OPENSSL_EXPORT void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
701
- OPENSSL_EXPORT int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
702
- OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
703
-
704
782
  OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_new(void);
705
783
  OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a);
706
784
  OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp);
@@ -805,7 +883,8 @@ OPENSSL_EXPORT int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type);
805
883
  OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf, int buf_len,
806
884
  const ASN1_OBJECT *a);
807
885
 
808
- OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,
886
+ OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid,
887
+ const unsigned char *data,
809
888
  int len, const char *sn,
810
889
  const char *ln);
811
890