grpc 1.38.0 → 1.40.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (340) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +68 -21
  3. data/include/grpc/event_engine/endpoint_config.h +48 -0
  4. data/include/grpc/event_engine/event_engine.h +23 -29
  5. data/include/grpc/event_engine/port.h +2 -0
  6. data/include/grpc/event_engine/slice_allocator.h +21 -36
  7. data/include/grpc/grpc.h +9 -2
  8. data/include/grpc/grpc_security.h +32 -0
  9. data/include/grpc/grpc_security_constants.h +1 -0
  10. data/include/grpc/impl/codegen/grpc_types.h +33 -19
  11. data/include/grpc/impl/codegen/port_platform.h +41 -0
  12. data/src/core/ext/filters/client_channel/client_channel.cc +415 -249
  13. data/src/core/ext/filters/client_channel/client_channel.h +42 -18
  14. data/src/core/ext/filters/client_channel/config_selector.h +19 -6
  15. data/src/core/ext/filters/client_channel/health/health_check_client.cc +2 -0
  16. data/src/core/ext/filters/client_channel/health/health_check_client.h +3 -3
  17. data/src/core/ext/filters/client_channel/http_proxy.cc +16 -1
  18. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +7 -8
  19. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +12 -21
  20. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +3 -5
  21. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +734 -0
  22. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +10 -0
  23. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +8 -15
  24. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -6
  25. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +18 -36
  26. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +14 -22
  27. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -9
  28. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +68 -103
  29. data/src/core/ext/filters/client_channel/lb_policy.cc +1 -15
  30. data/src/core/ext/filters/client_channel/lb_policy.h +70 -46
  31. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +1 -3
  32. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc +31 -0
  33. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc +28 -0
  34. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -3
  35. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +7 -2
  36. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +116 -76
  37. data/src/core/ext/filters/client_channel/retry_filter.cc +967 -544
  38. data/src/core/ext/filters/client_channel/retry_service_config.cc +57 -28
  39. data/src/core/ext/filters/client_channel/retry_service_config.h +9 -3
  40. data/src/core/ext/filters/client_channel/service_config_call_data.h +45 -5
  41. data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
  42. data/src/core/ext/filters/http/client/http_client_filter.cc +5 -2
  43. data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +2 -1
  44. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +5 -1
  45. data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +3 -2
  46. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +1 -1
  47. data/src/core/{lib/event_engine/slice_allocator.cc → ext/transport/chttp2/transport/chttp2_slice_allocator.cc} +23 -16
  48. data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +74 -0
  49. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +12 -10
  50. data/src/core/ext/transport/chttp2/transport/flow_control.h +1 -1
  51. data/src/core/ext/transport/chttp2/transport/frame_data.cc +4 -4
  52. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +8 -8
  53. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -5
  54. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +639 -752
  55. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +190 -69
  56. data/src/core/ext/transport/chttp2/transport/internal.h +2 -1
  57. data/src/core/ext/transport/chttp2/transport/parsing.cc +72 -56
  58. data/src/core/ext/transport/chttp2/transport/varint.cc +6 -4
  59. data/src/core/ext/transport/inproc/inproc_transport.cc +42 -31
  60. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +56 -35
  61. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +180 -76
  62. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +35 -27
  63. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +97 -48
  64. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -9
  65. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +67 -7
  66. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +66 -9
  67. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +227 -0
  68. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +46 -0
  69. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +121 -0
  70. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +1 -0
  71. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +35 -0
  72. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +90 -0
  73. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +32 -24
  74. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -73
  75. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +4 -2
  76. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +15 -0
  77. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +48 -0
  78. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +171 -0
  79. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +8 -6
  80. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +27 -19
  81. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +1 -0
  82. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +24 -7
  83. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +57 -0
  84. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +29 -17
  85. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +72 -0
  86. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +3 -2
  87. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +4 -0
  88. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +6 -5
  89. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +15 -11
  90. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +85 -43
  91. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +274 -91
  92. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +11 -8
  93. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +30 -13
  94. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +33 -5
  95. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +115 -0
  96. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +60 -0
  97. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +181 -0
  98. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +1 -0
  99. data/src/core/ext/upb-generated/validate/validate.upb.c +82 -66
  100. data/src/core/ext/upb-generated/validate/validate.upb.h +220 -124
  101. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +15 -7
  102. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +53 -52
  103. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +318 -277
  104. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -0
  105. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +437 -410
  106. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +198 -170
  107. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
  108. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +9 -8
  109. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +219 -163
  110. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +15 -0
  111. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +59 -0
  112. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +40 -0
  113. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +29 -25
  114. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +52 -0
  115. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +35 -0
  116. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +135 -125
  117. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +5 -0
  118. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +131 -123
  119. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +90 -0
  120. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +35 -0
  121. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +32 -24
  122. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +69 -55
  123. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +5 -0
  124. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +684 -664
  125. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +5 -0
  126. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +13 -10
  127. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +13 -10
  128. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +441 -375
  129. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +10 -0
  130. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +122 -114
  131. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +1 -1
  132. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +112 -79
  133. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +5 -0
  134. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +64 -0
  135. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +50 -0
  136. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +35 -32
  137. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +4 -4
  138. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +182 -160
  139. data/src/core/ext/xds/certificate_provider_store.h +1 -1
  140. data/src/core/ext/xds/xds_api.cc +582 -257
  141. data/src/core/ext/xds/xds_api.h +46 -8
  142. data/src/core/ext/xds/xds_bootstrap.cc +4 -1
  143. data/src/core/ext/xds/xds_client.cc +66 -43
  144. data/src/core/ext/xds/xds_client.h +0 -4
  145. data/src/core/ext/xds/xds_http_filters.cc +3 -2
  146. data/src/core/ext/xds/xds_http_filters.h +3 -0
  147. data/src/core/lib/address_utils/sockaddr_utils.cc +13 -0
  148. data/src/core/lib/address_utils/sockaddr_utils.h +10 -0
  149. data/src/core/lib/channel/call_tracer.h +85 -0
  150. data/src/core/lib/channel/channel_stack.h +1 -1
  151. data/src/core/lib/channel/channelz.h +3 -0
  152. data/src/core/lib/channel/context.h +3 -0
  153. data/src/core/lib/channel/status_util.h +4 -0
  154. data/src/core/lib/compression/stream_compression.h +1 -1
  155. data/src/core/lib/compression/stream_compression_gzip.h +1 -1
  156. data/src/core/lib/compression/stream_compression_identity.h +1 -1
  157. data/src/core/lib/debug/stats.h +1 -1
  158. data/src/core/lib/event_engine/endpoint_config.cc +46 -0
  159. data/src/core/lib/event_engine/endpoint_config_internal.h +42 -0
  160. data/src/core/lib/event_engine/event_engine.cc +50 -0
  161. data/src/core/lib/event_engine/sockaddr.cc +14 -12
  162. data/src/core/lib/event_engine/sockaddr.h +44 -0
  163. data/src/core/lib/gpr/murmur_hash.cc +4 -2
  164. data/src/core/lib/gpr/wrap_memcpy.cc +2 -1
  165. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  166. data/src/core/lib/gprpp/orphanable.h +3 -3
  167. data/src/core/lib/gprpp/status_helper.h +3 -0
  168. data/src/core/lib/gprpp/sync.h +2 -30
  169. data/src/core/lib/iomgr/buffer_list.cc +1 -1
  170. data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +33 -0
  171. data/src/core/lib/iomgr/error.cc +5 -4
  172. data/src/core/lib/iomgr/error.h +1 -1
  173. data/src/core/lib/iomgr/ev_apple.h +1 -1
  174. data/src/core/lib/iomgr/event_engine/closure.cc +54 -0
  175. data/src/core/lib/iomgr/event_engine/closure.h +33 -0
  176. data/src/core/lib/iomgr/event_engine/endpoint.cc +192 -0
  177. data/src/core/lib/iomgr/event_engine/endpoint.h +53 -0
  178. data/src/core/lib/iomgr/event_engine/iomgr.cc +105 -0
  179. data/src/core/lib/iomgr/event_engine/iomgr.h +24 -0
  180. data/src/core/lib/iomgr/event_engine/pollset.cc +87 -0
  181. data/{include/grpc/event_engine/channel_args.h → src/core/lib/iomgr/event_engine/pollset.h} +7 -10
  182. data/src/core/lib/iomgr/event_engine/promise.h +51 -0
  183. data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +41 -0
  184. data/src/core/lib/iomgr/event_engine/resolved_address_internal.h +35 -0
  185. data/src/core/lib/iomgr/event_engine/resolver.cc +110 -0
  186. data/src/core/lib/iomgr/event_engine/tcp.cc +263 -0
  187. data/src/core/lib/iomgr/event_engine/timer.cc +57 -0
  188. data/src/core/lib/iomgr/exec_ctx.cc +8 -0
  189. data/src/core/lib/iomgr/exec_ctx.h +3 -4
  190. data/src/core/lib/iomgr/executor/threadpool.cc +2 -3
  191. data/src/core/lib/iomgr/executor/threadpool.h +2 -2
  192. data/src/core/lib/iomgr/iomgr.cc +1 -1
  193. data/src/core/lib/iomgr/iomgr_posix.cc +2 -0
  194. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +40 -10
  195. data/src/core/lib/iomgr/pollset_custom.cc +2 -2
  196. data/src/core/lib/iomgr/pollset_custom.h +3 -1
  197. data/src/core/lib/iomgr/pollset_uv.cc +3 -1
  198. data/src/core/lib/iomgr/pollset_uv.h +5 -1
  199. data/src/core/lib/iomgr/port.h +7 -5
  200. data/src/core/lib/iomgr/python_util.h +1 -1
  201. data/src/core/lib/iomgr/resolve_address.cc +5 -1
  202. data/src/core/lib/iomgr/resolve_address.h +6 -0
  203. data/src/core/lib/iomgr/resource_quota.cc +2 -0
  204. data/src/core/lib/iomgr/sockaddr.h +1 -0
  205. data/src/core/lib/iomgr/socket_mutator.cc +15 -2
  206. data/src/core/lib/iomgr/socket_mutator.h +26 -2
  207. data/src/core/lib/iomgr/socket_utils_common_posix.cc +4 -4
  208. data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
  209. data/src/core/lib/iomgr/tcp_client_posix.cc +7 -2
  210. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -0
  211. data/src/core/lib/iomgr/tcp_posix.cc +42 -39
  212. data/src/core/lib/iomgr/tcp_posix.h +8 -0
  213. data/src/core/lib/iomgr/tcp_server_custom.cc +3 -4
  214. data/src/core/lib/iomgr/tcp_server_posix.cc +7 -0
  215. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +2 -1
  216. data/src/core/lib/iomgr/timer.h +6 -1
  217. data/src/core/lib/iomgr/timer_manager.cc +1 -1
  218. data/src/core/lib/json/json_reader.cc +1 -2
  219. data/src/core/lib/matchers/matchers.cc +8 -20
  220. data/src/core/lib/matchers/matchers.h +2 -1
  221. data/src/core/lib/security/authorization/authorization_engine.h +44 -0
  222. data/src/core/lib/security/authorization/authorization_policy_provider.h +32 -0
  223. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +46 -0
  224. data/src/core/lib/security/authorization/evaluate_args.cc +209 -0
  225. data/src/core/lib/security/authorization/evaluate_args.h +91 -0
  226. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +3 -1
  227. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +49 -0
  228. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -0
  229. data/src/core/lib/security/credentials/tls/tls_utils.cc +32 -0
  230. data/src/core/lib/security/credentials/tls/tls_utils.h +13 -0
  231. data/src/core/lib/security/security_connector/local/local_security_connector.cc +9 -6
  232. data/src/core/lib/security/security_connector/ssl_utils.cc +5 -0
  233. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +6 -18
  234. data/src/core/lib/security/transport/security_handshaker.cc +12 -4
  235. data/src/core/lib/security/transport/server_auth_filter.cc +0 -7
  236. data/src/core/lib/slice/slice.cc +12 -2
  237. data/src/core/lib/slice/slice_internal.h +1 -0
  238. data/src/core/lib/surface/call.cc +26 -7
  239. data/src/core/lib/surface/call.h +11 -0
  240. data/src/core/lib/surface/completion_queue.cc +22 -22
  241. data/src/core/lib/surface/completion_queue.h +1 -1
  242. data/src/core/lib/surface/completion_queue_factory.cc +1 -2
  243. data/src/core/lib/surface/init.cc +1 -3
  244. data/src/core/lib/surface/init.h +10 -1
  245. data/src/core/lib/surface/server.cc +3 -1
  246. data/src/core/lib/surface/server.h +3 -3
  247. data/src/core/lib/surface/version.cc +2 -4
  248. data/src/core/lib/transport/error_utils.cc +2 -2
  249. data/src/core/lib/transport/metadata_batch.cc +13 -2
  250. data/src/core/lib/transport/metadata_batch.h +7 -0
  251. data/src/core/lib/transport/transport.h +2 -0
  252. data/src/core/lib/transport/transport_op_string.cc +1 -1
  253. data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -0
  254. data/src/core/tsi/alts/crypt/gsec.h +2 -0
  255. data/src/ruby/ext/grpc/extconf.rb +2 -0
  256. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +6 -0
  257. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +10 -1
  258. data/src/ruby/lib/grpc/version.rb +1 -1
  259. data/third_party/boringssl-with-bazel/err_data.c +269 -263
  260. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +8 -6
  261. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +4 -0
  262. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +1 -1
  263. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
  264. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +9 -0
  265. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -4
  266. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +7 -0
  267. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +87 -121
  268. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +20 -30
  269. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +19 -30
  270. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +1 -4
  271. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -13
  272. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +26 -24
  273. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +10 -7
  274. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +28 -39
  275. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +48 -66
  276. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +4 -5
  277. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +362 -371
  278. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +4 -2
  279. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +2 -2
  280. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +1 -2
  281. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +101 -11
  282. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +3 -0
  283. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +2 -2
  284. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +3 -0
  285. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +1 -1
  286. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +2 -0
  287. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +14 -15
  288. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +53 -73
  289. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +31 -0
  290. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +3 -0
  291. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +3 -0
  292. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +5 -8
  293. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +5 -0
  294. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +3 -0
  295. data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +7 -0
  296. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -1
  297. data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +5 -8
  298. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +1 -1
  299. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +66 -1
  300. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +40 -9
  301. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +1 -0
  302. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
  303. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +6 -2
  304. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +14 -0
  305. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +19 -11
  306. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +325 -0
  307. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +23 -7
  308. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +99 -63
  309. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -109
  310. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +12 -19
  311. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +48 -50
  312. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +451 -435
  313. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +0 -1
  314. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +2 -2
  315. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +1 -1
  316. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +773 -84
  317. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +80 -47
  318. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +24 -19
  319. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +189 -86
  320. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +45 -56
  321. data/third_party/boringssl-with-bazel/src/ssl/internal.h +272 -167
  322. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +2 -2
  323. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
  324. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +14 -19
  325. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +34 -102
  326. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +2 -0
  327. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +8 -31
  328. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +3 -0
  329. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +4 -3
  330. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +7 -3
  331. data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +576 -648
  332. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +31 -3
  333. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +98 -39
  334. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +141 -94
  335. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +58 -68
  336. data/third_party/xxhash/xxhash.h +77 -195
  337. metadata +81 -39
  338. data/src/core/lib/gpr/arena.h +0 -47
  339. data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +0 -267
  340. data/third_party/boringssl-with-bazel/src/crypto/x509/vpm_int.h +0 -71
data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc CHANGED
@@ -21,6 +21,7 @@
21
21
  #include <grpc/support/alloc.h>
22
22
  #include <grpc/support/log.h>
23
23
  #include <grpc/support/string_util.h>
24
+ #include <openssl/ssl.h>
24
25
 
25
26
  #include "src/core/lib/gprpp/stat.h"
26
27
  #include "src/core/lib/slice/slice_internal.h"
@@ -364,6 +365,54 @@ FileWatcherCertificateProvider::ReadIdentityKeyCertPairFromFiles(
364
365
  return absl::nullopt;
365
366
  }
366
367
 
368
+ absl::StatusOr<bool> PrivateKeyAndCertificateMatch(
369
+ absl::string_view private_key, absl::string_view cert_chain) {
370
+ if (private_key.empty()) {
371
+ return absl::InvalidArgumentError("Private key string is empty.");
372
+ }
373
+ if (cert_chain.empty()) {
374
+ return absl::InvalidArgumentError("Certificate string is empty.");
375
+ }
376
+ BIO* cert_bio = BIO_new_mem_buf(cert_chain.data(), cert_chain.size());
377
+ if (cert_bio == nullptr) {
378
+ return absl::InvalidArgumentError(
379
+ "Conversion from certificate string to BIO failed.");
380
+ }
381
+ // Reads the first cert from the cert_chain which is expected to be the leaf
382
+ // cert
383
+ X509* x509 = PEM_read_bio_X509(cert_bio, nullptr, nullptr, nullptr);
384
+ BIO_free(cert_bio);
385
+ if (x509 == nullptr) {
386
+ return absl::InvalidArgumentError(
387
+ "Conversion from PEM string to X509 failed.");
388
+ }
389
+ EVP_PKEY* public_evp_pkey = X509_get_pubkey(x509);
390
+ X509_free(x509);
391
+ if (public_evp_pkey == nullptr) {
392
+ return absl::InvalidArgumentError(
393
+ "Extraction of public key from x.509 certificate failed.");
394
+ }
395
+ BIO* private_key_bio =
396
+ BIO_new_mem_buf(private_key.data(), private_key.size());
397
+ if (private_key_bio == nullptr) {
398
+ EVP_PKEY_free(public_evp_pkey);
399
+ return absl::InvalidArgumentError(
400
+ "Conversion from private key string to BIO failed.");
401
+ }
402
+ EVP_PKEY* private_evp_pkey =
403
+ PEM_read_bio_PrivateKey(private_key_bio, nullptr, nullptr, nullptr);
404
+ BIO_free(private_key_bio);
405
+ if (private_evp_pkey == nullptr) {
406
+ EVP_PKEY_free(public_evp_pkey);
407
+ return absl::InvalidArgumentError(
408
+ "Conversion from PEM string to EVP_PKEY failed.");
409
+ }
410
+ bool result = EVP_PKEY_cmp(private_evp_pkey, public_evp_pkey) == 1;
411
+ EVP_PKEY_free(private_evp_pkey);
412
+ EVP_PKEY_free(public_evp_pkey);
413
+ return result;
414
+ }
415
+
367
416
  } // namespace grpc_core
368
417
 
369
418
  /** -- Wrapper APIs declared in grpc_security.h -- **/
data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h CHANGED
@@ -23,6 +23,7 @@
23
23
  #include <string.h>
24
24
 
25
25
  #include "absl/container/inlined_vector.h"
26
+ #include "absl/status/statusor.h"
26
27
 
27
28
  #include "src/core/lib/gprpp/ref_counted.h"
28
29
  #include "src/core/lib/gprpp/ref_counted_ptr.h"
@@ -133,6 +134,12 @@ class FileWatcherCertificateProvider final
133
134
  std::map<std::string, WatcherInfo> watcher_info_;
134
135
  };
135
136
 
137
+ // Checks if the private key matches the certificate's public key.
138
+ // Returns a not-OK status on failure, or a bool indicating
139
+ // whether the key/cert pair matches.
140
+ absl::StatusOr<bool> PrivateKeyAndCertificateMatch(
141
+ absl::string_view private_key, absl::string_view cert_chain);
142
+
136
143
  } // namespace grpc_core
137
144
 
138
145
  #endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CERTIFICATE_PROVIDER_H
data/src/core/lib/security/credentials/tls/tls_utils.cc CHANGED
@@ -88,4 +88,36 @@ bool VerifySubjectAlternativeName(absl::string_view subject_alternative_name,
88
88
  std::string::npos;
89
89
  }
90
90
 
91
+ absl::string_view GetAuthPropertyValue(grpc_auth_context* context,
92
+ const char* property_name) {
93
+ grpc_auth_property_iterator it =
94
+ grpc_auth_context_find_properties_by_name(context, property_name);
95
+ const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
96
+ if (prop == nullptr) {
97
+ gpr_log(GPR_DEBUG, "No value found for %s property.", property_name);
98
+ return "";
99
+ }
100
+ if (grpc_auth_property_iterator_next(&it) != nullptr) {
101
+ gpr_log(GPR_DEBUG, "Multiple values found for %s property.", property_name);
102
+ return "";
103
+ }
104
+ return absl::string_view(prop->value, prop->value_length);
105
+ }
106
+
107
+ std::vector<absl::string_view> GetAuthPropertyArray(grpc_auth_context* context,
108
+ const char* property_name) {
109
+ std::vector<absl::string_view> values;
110
+ grpc_auth_property_iterator it =
111
+ grpc_auth_context_find_properties_by_name(context, property_name);
112
+ const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
113
+ while (prop != nullptr) {
114
+ values.emplace_back(prop->value, prop->value_length);
115
+ prop = grpc_auth_property_iterator_next(&it);
116
+ }
117
+ if (values.empty()) {
118
+ gpr_log(GPR_DEBUG, "No value found for %s property.", property_name);
119
+ }
120
+ return values;
121
+ }
122
+
91
123
  } // namespace grpc_core
data/src/core/lib/security/credentials/tls/tls_utils.h CHANGED
@@ -26,6 +26,8 @@
26
26
 
27
27
  #include "absl/strings/string_view.h"
28
28
 
29
+ #include "src/core/lib/security/context/security_context.h"
30
+
29
31
  namespace grpc_core {
30
32
 
31
33
  // Matches \a subject_alternative_name with \a matcher. Returns true if there
@@ -33,6 +35,17 @@ namespace grpc_core {
33
35
  bool VerifySubjectAlternativeName(absl::string_view subject_alternative_name,
34
36
  const std::string& matcher);
35
37
 
38
+ // Returns value for the specified property_name from auth context. Here the
39
+ // property is expected to have a single value. Returns empty if multiple values
40
+ // are found.
41
+ absl::string_view GetAuthPropertyValue(grpc_auth_context* context,
42
+ const char* property_name);
43
+
44
+ // Returns values for the specified property_name from auth context. Here the
45
+ // property can have any number of values.
46
+ std::vector<absl::string_view> GetAuthPropertyArray(grpc_auth_context* context,
47
+ const char* property_name);
48
+
36
49
  } // namespace grpc_core
37
50
 
38
51
  #endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_UTILS_H
data/src/core/lib/security/security_connector/local/local_security_connector.cc CHANGED
@@ -29,6 +29,7 @@
29
29
  #include <grpc/support/string_util.h>
30
30
 
31
31
  #include "src/core/ext/filters/client_channel/client_channel.h"
32
+ #include "src/core/lib/address_utils/parse_address.h"
32
33
  #include "src/core/lib/address_utils/sockaddr_utils.h"
33
34
  #include "src/core/lib/channel/channel_args.h"
34
35
  #include "src/core/lib/gprpp/ref_counted_ptr.h"
@@ -39,6 +40,7 @@
39
40
  #include "src/core/lib/iomgr/unix_sockets_posix.h"
40
41
  #include "src/core/lib/security/credentials/local/local_credentials.h"
41
42
  #include "src/core/lib/security/transport/security_handshaker.h"
43
+ #include "src/core/lib/uri/uri_parser.h"
42
44
  #include "src/core/tsi/local_transport_security.h"
43
45
 
44
46
  #define GRPC_UDS_URI_PATTERN "unix:"
@@ -70,13 +72,14 @@ void local_check_peer(tsi_peer peer, grpc_endpoint* ep,
70
72
  grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
71
73
  grpc_closure* on_peer_checked,
72
74
  grpc_local_connect_type type) {
73
- int fd = grpc_endpoint_get_fd(ep);
74
75
  grpc_resolved_address resolved_addr;
75
- memset(&resolved_addr, 0, sizeof(resolved_addr));
76
- resolved_addr.len = GRPC_MAX_SOCKADDR_SIZE;
77
76
  bool is_endpoint_local = false;
78
- if (getsockname(fd, reinterpret_cast<grpc_sockaddr*>(resolved_addr.addr),
79
- &resolved_addr.len) == 0) {
77
+ absl::string_view local_addr = grpc_endpoint_get_local_address(ep);
78
+ absl::StatusOr<grpc_core::URI> uri = grpc_core::URI::Parse(local_addr);
79
+ if (!uri.ok() || !grpc_parse_uri(*uri, &resolved_addr)) {
80
+ gpr_log(GPR_ERROR, "Could not parse endpoint address: %s",
81
+ std::string(local_addr.data(), local_addr.size()).c_str());
82
+ } else {
80
83
  grpc_resolved_address addr_normalized;
81
84
  grpc_resolved_address* addr =
82
85
  grpc_sockaddr_is_v4mapped(&resolved_addr, &addr_normalized)
@@ -103,7 +106,7 @@ void local_check_peer(tsi_peer peer, grpc_endpoint* ep,
103
106
  }
104
107
  }
105
108
  }
106
- grpc_error_handle error = GRPC_ERROR_NONE;
109
+ grpc_error_handle error;
107
110
  if (!is_endpoint_local) {
108
111
  error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
109
112
  "Endpoint is neither UDS or TCP loopback address.");
data/src/core/lib/security/security_connector/ssl_utils.cc CHANGED
@@ -309,6 +309,8 @@ grpc_core::RefCountedPtr<grpc_auth_context> grpc_ssl_peer_to_auth_context(
309
309
  grpc_auth_context_add_property(ctx.get(), GRPC_PEER_DNS_PROPERTY_NAME,
310
310
  prop->value.data, prop->value.length);
311
311
  } else if (strcmp(prop->name, TSI_X509_URI_PEER_PROPERTY) == 0) {
312
+ grpc_auth_context_add_property(ctx.get(), GRPC_PEER_URI_PROPERTY_NAME,
313
+ prop->value.data, prop->value.length);
312
314
  uri_count++;
313
315
  absl::string_view spiffe_id(prop->value.data, prop->value.length);
314
316
  if (IsSpiffeId(spiffe_id)) {
@@ -388,6 +390,9 @@ tsi_peer grpc_shallow_peer_from_ssl_auth_context(
388
390
  } else if (strcmp(prop->name, GRPC_PEER_DNS_PROPERTY_NAME) == 0) {
389
391
  add_shallow_auth_property_to_peer(&peer, prop,
390
392
  TSI_X509_DNS_PEER_PROPERTY);
393
+ } else if (strcmp(prop->name, GRPC_PEER_URI_PROPERTY_NAME) == 0) {
394
+ add_shallow_auth_property_to_peer(&peer, prop,
395
+ TSI_X509_URI_PEER_PROPERTY);
391
396
  } else if (strcmp(prop->name, GRPC_PEER_SPIFFE_ID_PROPERTY_NAME) == 0) {
392
397
  add_shallow_auth_property_to_peer(&peer, prop,
393
398
  TSI_X509_URI_PEER_PROPERTY);
data/src/core/lib/security/security_connector/tls/tls_security_connector.cc CHANGED
@@ -172,9 +172,9 @@ void TlsChannelSecurityConnector::add_handshakers(
172
172
  const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/,
173
173
  HandshakeManager* handshake_mgr) {
174
174
  MutexLock lock(&mu_);
175
+ tsi_handshaker* tsi_hs = nullptr;
175
176
  if (client_handshaker_factory_ != nullptr) {
176
177
  // Instantiate TSI handshaker.
177
- tsi_handshaker* tsi_hs = nullptr;
178
178
  tsi_result result = tsi_ssl_client_handshaker_factory_create_handshaker(
179
179
  client_handshaker_factory_,
180
180
  overridden_target_name_.empty() ? target_name_.c_str()
@@ -183,16 +183,10 @@ void TlsChannelSecurityConnector::add_handshakers(
183
183
  if (result != TSI_OK) {
184
184
  gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.",
185
185
  tsi_result_to_string(result));
186
- return;
187
186
  }
188
- // Create handshakers.
189
- handshake_mgr->Add(SecurityHandshakerCreate(tsi_hs, this, args));
190
- return;
191
187
  }
192
- // TODO(ZhenLian): Implement the logic(delegation to
193
- // BlockOnInitialCredentialHandshaker) when certificates are not ready.
194
- gpr_log(GPR_ERROR, "%s not supported yet.",
195
- "Client BlockOnInitialCredentialHandshaker");
188
+ // If tsi_hs is null, this will add a failing handshaker.
189
+ handshake_mgr->Add(SecurityHandshakerCreate(tsi_hs, this, args));
196
190
  }
197
191
 
198
192
  void TlsChannelSecurityConnector::check_peer(
@@ -549,24 +543,18 @@ void TlsServerSecurityConnector::add_handshakers(
549
543
  const grpc_channel_args* args, grpc_pollset_set* /*interested_parties*/,
550
544
  HandshakeManager* handshake_mgr) {
551
545
  MutexLock lock(&mu_);
546
+ tsi_handshaker* tsi_hs = nullptr;
552
547
  if (server_handshaker_factory_ != nullptr) {
553
548
  // Instantiate TSI handshaker.
554
- tsi_handshaker* tsi_hs = nullptr;
555
549
  tsi_result result = tsi_ssl_server_handshaker_factory_create_handshaker(
556
550
  server_handshaker_factory_, &tsi_hs);
557
551
  if (result != TSI_OK) {
558
552
  gpr_log(GPR_ERROR, "Handshaker creation failed with error %s.",
559
553
  tsi_result_to_string(result));
560
- return;
561
554
  }
562
- // Create handshakers.
563
- handshake_mgr->Add(SecurityHandshakerCreate(tsi_hs, this, args));
564
- return;
565
555
  }
566
- // TODO(ZhenLian): Implement the logic(delegation to
567
- // BlockOnInitialCredentialHandshaker) when certificates are not ready.
568
- gpr_log(GPR_ERROR, "%s not supported yet.",
569
- "Server BlockOnInitialCredentialHandshaker");
556
+ // If tsi_hs is null, this will add a failing handshaker.
557
+ handshake_mgr->Add(SecurityHandshakerCreate(tsi_hs, this, args));
570
558
  }
571
559
 
572
560
  void TlsServerSecurityConnector::check_peer(
data/src/core/lib/security/transport/security_handshaker.cc CHANGED
@@ -521,10 +521,18 @@ class FailHandshaker : public Handshaker {
521
521
  void Shutdown(grpc_error_handle why) override { GRPC_ERROR_UNREF(why); }
522
522
  void DoHandshake(grpc_tcp_server_acceptor* /*acceptor*/,
523
523
  grpc_closure* on_handshake_done,
524
- HandshakerArgs* /*args*/) override {
525
- ExecCtx::Run(DEBUG_LOCATION, on_handshake_done,
526
- GRPC_ERROR_CREATE_FROM_STATIC_STRING(
527
- "Failed to create security handshaker"));
524
+ HandshakerArgs* args) override {
525
+ grpc_error_handle error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
526
+ "Failed to create security handshaker");
527
+ grpc_endpoint_shutdown(args->endpoint, GRPC_ERROR_REF(error));
528
+ grpc_endpoint_destroy(args->endpoint);
529
+ args->endpoint = nullptr;
530
+ grpc_channel_args_destroy(args->args);
531
+ args->args = nullptr;
532
+ grpc_slice_buffer_destroy_internal(args->read_buffer);
533
+ gpr_free(args->read_buffer);
534
+ args->read_buffer = nullptr;
535
+ ExecCtx::Run(DEBUG_LOCATION, on_handshake_done, error);
528
536
  }
529
537
 
530
538
  private:
data/src/core/lib/security/transport/server_auth_filter.cc CHANGED
@@ -306,13 +306,6 @@ static grpc_error_handle server_auth_init_channel_elem(
306
306
  GPR_ASSERT(!args->is_last);
307
307
  grpc_auth_context* auth_context =
308
308
  grpc_find_auth_context_in_args(args->channel_args);
309
- if (auth_context == nullptr) {
310
- grpc_error_handle error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
311
- "No authorization context found. This might be a TRANSIENT failure due "
312
- "to certificates not having been loaded yet.");
313
- gpr_log(GPR_DEBUG, "%s", grpc_error_std_string(error).c_str());
314
- return error;
315
- }
316
309
  GPR_ASSERT(auth_context != nullptr);
317
310
  grpc_server_credentials* creds =
318
311
  grpc_find_server_credentials_in_args(args->channel_args);
data/src/core/lib/slice/slice.cc CHANGED
@@ -223,11 +223,21 @@ grpc_core::UnmanagedMemorySlice::UnmanagedMemorySlice(const char* source)
223
223
  strlen(source)) {}
224
224
 
225
225
  grpc_slice grpc_slice_from_copied_buffer(const char* source, size_t length) {
226
- return grpc_core::UnmanagedMemorySlice(source, length);
226
+ grpc_slice slice;
227
+ if (length <= sizeof(slice.data.inlined.bytes)) {
228
+ slice.refcount = nullptr;
229
+ slice.data.inlined.length = length;
230
+ } else {
231
+ // Create a ref-counted slice.
232
+ slice = grpc_core::UnmanagedMemorySlice(
233
+ length, grpc_core::UnmanagedMemorySlice::ForceHeapAllocation());
234
+ }
235
+ memcpy(GRPC_SLICE_START_PTR(slice), source, length);
236
+ return slice;
227
237
  }
228
238
 
229
239
  grpc_slice grpc_slice_from_copied_string(const char* source) {
230
- return grpc_core::UnmanagedMemorySlice(source, strlen(source));
240
+ return grpc_slice_from_copied_buffer(source, strlen(source));
231
241
  }
232
242
 
233
243
  grpc_slice grpc_slice_from_moved_buffer(grpc_core::UniquePtr<char> p,
data/src/core/lib/slice/slice_internal.h CHANGED
@@ -231,6 +231,7 @@ inline int grpc_slice_refcount::Eq(const grpc_slice& a, const grpc_slice& b) {
231
231
  GPR_DEBUG_ASSERT(
232
232
  (GRPC_STATIC_METADATA_INDEX(a) == GRPC_STATIC_METADATA_INDEX(b)) ==
233
233
  (a.refcount == b.refcount));
234
+ ABSL_FALLTHROUGH_INTENDED;
234
235
  case Type::INTERNED:
235
236
  return a.refcount == b.refcount;
236
237
  case Type::NOP:
data/src/core/lib/surface/call.cc CHANGED
@@ -151,6 +151,11 @@ struct grpc_call {
151
151
  }
152
152
 
153
153
  ~grpc_call() {
154
+ for (int i = 0; i < GRPC_CONTEXT_COUNT; ++i) {
155
+ if (context[i].destroy) {
156
+ context[i].destroy(context[i].value);
157
+ }
158
+ }
154
159
  gpr_free(static_cast<void*>(const_cast<char*>(final_info.error_string)));
155
160
  }
156
161
 
@@ -170,6 +175,8 @@ struct grpc_call {
170
175
  bool destroy_called = false;
171
176
  /** flag indicating that cancellation is inherited */
172
177
  bool cancellation_is_inherited = false;
178
+ // Trailers-only response status
179
+ bool is_trailers_only = false;
173
180
  /** which ops are in-flight */
174
181
  bool sent_initial_metadata = false;
175
182
  bool sending_message = false;
@@ -223,6 +230,7 @@ struct grpc_call {
223
230
  grpc_core::ManualConstructor<grpc_core::SliceBufferByteStream> sending_stream;
224
231
 
225
232
  grpc_core::OrphanablePtr<grpc_core::ByteStream> receiving_stream;
233
+ bool call_failed_before_recv_message = false;
226
234
  grpc_byte_buffer** receiving_buffer = nullptr;
227
235
  grpc_slice receiving_slice = grpc_empty_slice();
228
236
  grpc_closure receiving_slice_ready;
@@ -551,11 +559,6 @@ static void destroy_call(void* call, grpc_error_handle /*error*/) {
551
559
  for (ii = 0; ii < c->send_extra_metadata_count; ii++) {
552
560
  GRPC_MDELEM_UNREF(c->send_extra_metadata[ii].md);
553
561
  }
554
- for (i = 0; i < GRPC_CONTEXT_COUNT; i++) {
555
- if (c->context[i].destroy) {
556
- c->context[i].destroy(c->context[i].value);
557
- }
558
- }
559
562
  if (c->cq) {
560
563
  GRPC_CQ_INTERNAL_UNREF(c->cq, "bind");
561
564
  }
@@ -1622,7 +1625,6 @@ static grpc_call_error call_start_batch(grpc_call* call, const grpc_op* ops,
1622
1625
  grpc_metadata& compression_md = call->compression_md;
1623
1626
  compression_md.key = grpc_empty_slice();
1624
1627
  compression_md.value = grpc_empty_slice();
1625
- compression_md.flags = 0;
1626
1628
  size_t additional_metadata_count = 0;
1627
1629
  grpc_compression_level effective_compression_level =
1628
1630
  GRPC_COMPRESS_LEVEL_NONE;
@@ -1824,7 +1826,10 @@ static grpc_call_error call_start_batch(grpc_call* call, const grpc_op* ops,
1824
1826
  &call->metadata_batch[1 /* is_receiving */][0 /* is_trailing */];
1825
1827
  stream_op_payload->recv_initial_metadata.recv_initial_metadata_ready =
1826
1828
  &call->receiving_initial_metadata_ready;
1827
- if (!call->is_client) {
1829
+ if (call->is_client) {
1830
+ stream_op_payload->recv_initial_metadata.trailing_metadata_available =
1831
+ &call->is_trailers_only;
1832
+ } else {
1828
1833
  stream_op_payload->recv_initial_metadata.peer_string =
1829
1834
  &call->peer_string;
1830
1835
  }
@@ -1845,6 +1850,8 @@ static grpc_call_error call_start_batch(grpc_call* call, const grpc_op* ops,
1845
1850
  stream_op->recv_message = true;
1846
1851
  call->receiving_buffer = op->data.recv_message.recv_message;
1847
1852
  stream_op_payload->recv_message.recv_message = &call->receiving_stream;
1853
+ stream_op_payload->recv_message.call_failed_before_recv_message =
1854
+ &call->call_failed_before_recv_message;
1848
1855
  GRPC_CLOSURE_INIT(&call->receiving_stream_ready,
1849
1856
  receiving_stream_ready_in_call_combiner, bctl,
1850
1857
  grpc_schedule_on_exec_ctx);
@@ -2014,6 +2021,18 @@ grpc_compression_algorithm grpc_call_compression_for_level(
2014
2021
  return algo;
2015
2022
  }
2016
2023
 
2024
+ bool grpc_call_is_trailers_only(const grpc_call* call) {
2025
+ bool result = call->is_trailers_only;
2026
+ GPR_DEBUG_ASSERT(
2027
+ !result || call->metadata_batch[1 /* is_receiving */][0 /* is_trailing */]
2028
+ .list.count == 0);
2029
+ return result;
2030
+ }
2031
+
2032
+ bool grpc_call_failed_before_recv_message(const grpc_call* c) {
2033
+ return c->call_failed_before_recv_message;
2034
+ }
2035
+
2017
2036
  const char* grpc_call_error_to_string(grpc_call_error error) {
2018
2037
  switch (error) {
2019
2038
  case GRPC_CALL_ERROR:
data/src/core/lib/surface/call.h CHANGED
@@ -120,6 +120,17 @@ size_t grpc_call_get_initial_size_estimate();
120
120
  grpc_compression_algorithm grpc_call_compression_for_level(
121
121
  grpc_call* call, grpc_compression_level level);
122
122
 
123
+ /* Did this client call receive a trailers-only response */
124
+ /* TODO(markdroth): This is currently available only to the C++ API.
125
+ Move to surface API if requested by other languages. */
126
+ bool grpc_call_is_trailers_only(const grpc_call* call);
127
+
128
+ /* Returns whether or not the call's receive message operation failed because of
129
+ * an error (as opposed to a graceful end-of-stream) */
130
+ /* TODO(markdroth): This is currently available only to the C++ API.
131
+ Move to surface API if requested by other languages. */
132
+ bool grpc_call_failed_before_recv_message(const grpc_call* c);
133
+
123
134
  extern grpc_core::TraceFlag grpc_call_error_trace;
124
135
  extern grpc_core::TraceFlag grpc_compression_trace;
125
136