grpc 1.39.0.pre1 → 1.40.0.pre1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (168) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +34 -18
  3. data/include/grpc/event_engine/event_engine.h +10 -14
  4. data/include/grpc/event_engine/slice_allocator.h +8 -33
  5. data/include/grpc/impl/codegen/grpc_types.h +18 -8
  6. data/include/grpc/impl/codegen/port_platform.h +24 -0
  7. data/src/core/ext/filters/client_channel/client_channel.cc +413 -247
  8. data/src/core/ext/filters/client_channel/client_channel.h +42 -18
  9. data/src/core/ext/filters/client_channel/config_selector.h +19 -6
  10. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +7 -8
  11. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +12 -21
  12. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +3 -5
  13. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +17 -38
  14. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +8 -15
  15. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +3 -6
  16. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +8 -12
  17. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +14 -22
  18. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -9
  19. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +5 -8
  20. data/src/core/ext/filters/client_channel/lb_policy.cc +1 -15
  21. data/src/core/ext/filters/client_channel/lb_policy.h +70 -46
  22. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +101 -73
  23. data/src/core/ext/filters/client_channel/retry_filter.cc +392 -243
  24. data/src/core/ext/filters/client_channel/retry_service_config.cc +36 -26
  25. data/src/core/ext/filters/client_channel/retry_service_config.h +1 -1
  26. data/src/core/ext/filters/client_channel/service_config_call_data.h +45 -5
  27. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +0 -6
  28. data/src/core/ext/filters/http/client/http_client_filter.cc +5 -2
  29. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +5 -1
  30. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +1 -1
  31. data/src/core/{lib/event_engine/slice_allocator.cc → ext/transport/chttp2/transport/chttp2_slice_allocator.cc} +15 -38
  32. data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +74 -0
  33. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +2 -6
  34. data/src/core/ext/transport/chttp2/transport/flow_control.h +1 -1
  35. data/src/core/ext/transport/chttp2/transport/frame_data.cc +4 -4
  36. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +8 -8
  37. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -5
  38. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +639 -752
  39. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +190 -69
  40. data/src/core/ext/transport/chttp2/transport/internal.h +1 -1
  41. data/src/core/ext/transport/chttp2/transport/parsing.cc +70 -54
  42. data/src/core/ext/transport/chttp2/transport/varint.cc +6 -4
  43. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +56 -35
  44. data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +180 -76
  45. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +35 -27
  46. data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +97 -48
  47. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +45 -9
  48. data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +67 -7
  49. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +66 -9
  50. data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +227 -0
  51. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +46 -0
  52. data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +121 -0
  53. data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +1 -0
  54. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +35 -0
  55. data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +90 -0
  56. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +32 -24
  57. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -73
  58. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +4 -2
  59. data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +15 -0
  60. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +48 -0
  61. data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +171 -0
  62. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +8 -6
  63. data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +27 -19
  64. data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +1 -0
  65. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +24 -7
  66. data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +57 -0
  67. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +29 -17
  68. data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +72 -0
  69. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +3 -2
  70. data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +4 -0
  71. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +6 -5
  72. data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +15 -11
  73. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +85 -43
  74. data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +274 -91
  75. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +11 -8
  76. data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +30 -13
  77. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +33 -5
  78. data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +115 -0
  79. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +60 -0
  80. data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +181 -0
  81. data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +1 -0
  82. data/src/core/ext/upb-generated/validate/validate.upb.c +82 -66
  83. data/src/core/ext/upb-generated/validate/validate.upb.h +220 -124
  84. data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +15 -7
  85. data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +53 -52
  86. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +318 -277
  87. data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -0
  88. data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +437 -410
  89. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +198 -170
  90. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
  91. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +9 -8
  92. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +219 -163
  93. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +15 -0
  94. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.c +59 -0
  95. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/resolver.upbdefs.h +40 -0
  96. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +29 -25
  97. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.c +52 -0
  98. data/src/core/ext/upbdefs-generated/envoy/config/core/v3/udp_socket_config.upbdefs.h +35 -0
  99. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +135 -125
  100. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +5 -0
  101. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +131 -123
  102. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +90 -0
  103. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.h +35 -0
  104. data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +32 -24
  105. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +69 -55
  106. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +5 -0
  107. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +684 -664
  108. data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +5 -0
  109. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +13 -10
  110. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +13 -10
  111. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +441 -375
  112. data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +10 -0
  113. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +122 -114
  114. data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +1 -1
  115. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +112 -79
  116. data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +5 -0
  117. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.c +64 -0
  118. data/src/core/ext/upbdefs-generated/envoy/type/http/v3/path_transformation.upbdefs.h +50 -0
  119. data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +35 -32
  120. data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +4 -4
  121. data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +182 -160
  122. data/src/core/ext/xds/certificate_provider_store.h +1 -1
  123. data/src/core/ext/xds/xds_api.cc +320 -121
  124. data/src/core/ext/xds/xds_api.h +31 -2
  125. data/src/core/ext/xds/xds_bootstrap.cc +4 -1
  126. data/src/core/ext/xds/xds_client.cc +66 -43
  127. data/src/core/ext/xds/xds_client.h +0 -4
  128. data/src/core/ext/xds/xds_http_filters.cc +3 -2
  129. data/src/core/ext/xds/xds_http_filters.h +3 -0
  130. data/src/core/lib/channel/call_tracer.h +85 -0
  131. data/src/core/lib/channel/channel_stack.h +1 -1
  132. data/src/core/lib/channel/context.h +3 -0
  133. data/src/core/lib/channel/status_util.h +4 -0
  134. data/src/core/lib/compression/stream_compression.h +1 -1
  135. data/src/core/lib/compression/stream_compression_gzip.h +1 -1
  136. data/src/core/lib/compression/stream_compression_identity.h +1 -1
  137. data/src/core/lib/debug/stats.h +1 -1
  138. data/src/core/lib/gpr/murmur_hash.cc +4 -2
  139. data/src/core/lib/gprpp/manual_constructor.h +1 -1
  140. data/src/core/lib/gprpp/orphanable.h +3 -3
  141. data/src/core/lib/gprpp/sync.h +2 -30
  142. data/src/core/lib/iomgr/buffer_list.cc +1 -1
  143. data/src/core/lib/iomgr/ev_apple.h +1 -1
  144. data/src/core/lib/iomgr/event_engine/endpoint.cc +6 -8
  145. data/src/core/lib/iomgr/event_engine/tcp.cc +30 -10
  146. data/src/core/lib/iomgr/python_util.h +1 -1
  147. data/src/core/lib/iomgr/resource_quota.cc +2 -0
  148. data/src/core/lib/iomgr/tcp_client_windows.cc +2 -0
  149. data/src/core/lib/iomgr/tcp_server_posix.cc +1 -0
  150. data/src/core/lib/iomgr/timer_manager.cc +1 -1
  151. data/src/core/lib/json/json_reader.cc +1 -2
  152. data/src/core/lib/matchers/matchers.cc +8 -20
  153. data/src/core/lib/matchers/matchers.h +2 -1
  154. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +49 -0
  155. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -0
  156. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +6 -18
  157. data/src/core/lib/security/transport/security_handshaker.cc +12 -4
  158. data/src/core/lib/security/transport/server_auth_filter.cc +0 -7
  159. data/src/core/lib/slice/slice_internal.h +1 -0
  160. data/src/core/lib/surface/call.cc +5 -6
  161. data/src/core/lib/surface/server.cc +3 -1
  162. data/src/core/lib/surface/server.h +3 -3
  163. data/src/core/lib/surface/version.cc +2 -4
  164. data/src/ruby/ext/grpc/extconf.rb +1 -1
  165. data/src/ruby/lib/grpc/version.rb +1 -1
  166. data/third_party/xxhash/xxhash.h +77 -195
  167. metadata +57 -40
  168. data/src/core/lib/gpr/arena.h +0 -47
@@ -101,7 +101,7 @@ class CertificateProviderStore
101
101
 
102
102
  Mutex mu_;
103
103
  // Map of plugin configurations
104
- PluginDefinitionMap plugin_config_map_ ABSL_GUARDED_BY(mu_);
104
+ const PluginDefinitionMap plugin_config_map_;
105
105
  // Underlying map for the providers.
106
106
  std::map<absl::string_view, CertificateProviderWrapper*>
107
107
  certificate_providers_map_ ABSL_GUARDED_BY(mu_);
@@ -214,6 +214,25 @@ std::string XdsApi::Route::HashPolicy::ToString() const {
214
214
  return absl::StrCat("{", absl::StrJoin(contents, ", "), "}");
215
215
  }
216
216
 
217
+ //
218
+ // XdsApi::Route::RetryPolicy
219
+ //
220
+ std::string XdsApi::Route::RetryPolicy::RetryBackOff::ToString() const {
221
+ std::vector<std::string> contents;
222
+ contents.push_back(
223
+ absl::StrCat("RetryBackOff Base: ", base_interval.ToString()));
224
+ contents.push_back(
225
+ absl::StrCat("RetryBackOff max: ", max_interval.ToString()));
226
+ return absl::StrJoin(contents, ",");
227
+ }
228
+
229
+ std::string XdsApi::Route::RetryPolicy::ToString() const {
230
+ std::vector<std::string> contents;
231
+ contents.push_back(absl::StrFormat("num_retries=%d", num_retries));
232
+ contents.push_back(retry_back_off.ToString());
233
+ return absl::StrJoin(contents, ",");
234
+ }
235
+
217
236
  //
218
237
  // XdsApi::Route
219
238
  //
@@ -255,6 +274,10 @@ std::string XdsApi::Route::ToString() const {
255
274
  for (const HashPolicy& hash_policy : hash_policies) {
256
275
  contents.push_back(absl::StrCat("hash_policy=", hash_policy.ToString()));
257
276
  }
277
+ if (retry_policy.has_value()) {
278
+ contents.push_back(
279
+ absl::StrCat("retry_policy={", retry_policy->ToString(), "}"));
280
+ }
258
281
  if (!cluster_name.empty()) {
259
282
  contents.push_back(absl::StrFormat("Cluster name: %s", cluster_name));
260
283
  }
@@ -868,10 +891,13 @@ bool IsEds(absl::string_view type_url) {
868
891
  #endif
869
892
 
870
893
  XdsApi::XdsApi(XdsClient* client, TraceFlag* tracer,
871
- const XdsBootstrap::Node* node)
894
+ const XdsBootstrap::Node* node,
895
+ const CertificateProviderStore::PluginDefinitionMap*
896
+ certificate_provider_definition_map)
872
897
  : client_(client),
873
898
  tracer_(tracer),
874
899
  node_(node),
900
+ certificate_provider_definition_map_(certificate_provider_definition_map),
875
901
  build_version_(absl::StrCat("gRPC C-core ", GPR_PLATFORM_STRING, " ",
876
902
  grpc_version_string(),
877
903
  GRPC_XDS_USER_AGENT_NAME_SUFFIX_STRING,
@@ -903,11 +929,13 @@ XdsApi::XdsApi(XdsClient* client, TraceFlag* tracer,
903
929
  namespace {
904
930
 
905
931
  struct EncodingContext {
906
- XdsClient* client;
932
+ XdsClient* client; // Used only for logging. Unsafe for dereferencing.
907
933
  TraceFlag* tracer;
908
934
  upb_symtab* symtab;
909
935
  upb_arena* arena;
910
936
  bool use_v3;
937
+ const CertificateProviderStore::PluginDefinitionMap*
938
+ certificate_provider_definition_map;
911
939
  };
912
940
 
913
941
  // Works for both std::string and absl::string_view.
@@ -1116,8 +1144,12 @@ grpc_slice XdsApi::CreateAdsRequest(
1116
1144
  const std::string& version, const std::string& nonce,
1117
1145
  grpc_error_handle error, bool populate_node) {
1118
1146
  upb::Arena arena;
1119
- const EncodingContext context = {client_, tracer_, symtab_.ptr(), arena.ptr(),
1120
- server.ShouldUseV3()};
1147
+ const EncodingContext context = {client_,
1148
+ tracer_,
1149
+ symtab_.ptr(),
1150
+ arena.ptr(),
1151
+ server.ShouldUseV3(),
1152
+ certificate_provider_definition_map_};
1121
1153
  // Create a request.
1122
1154
  envoy_service_discovery_v3_DiscoveryRequest* request =
1123
1155
  envoy_service_discovery_v3_DiscoveryRequest_new(arena.ptr());
@@ -1527,6 +1559,100 @@ grpc_error_handle ParseTypedPerFilterConfig(
1527
1559
  return GRPC_ERROR_NONE;
1528
1560
  }
1529
1561
 
1562
+ XdsApi::Duration DurationParse(const google_protobuf_Duration* proto_duration) {
1563
+ XdsApi::Duration duration;
1564
+ duration.seconds = google_protobuf_Duration_seconds(proto_duration);
1565
+ duration.nanos = google_protobuf_Duration_nanos(proto_duration);
1566
+ return duration;
1567
+ }
1568
+
1569
+ grpc_error_handle RetryPolicyParse(
1570
+ const EncodingContext& context,
1571
+ const envoy_config_route_v3_RetryPolicy* retry_policy,
1572
+ absl::optional<XdsApi::Route::RetryPolicy>* retry) {
1573
+ std::vector<grpc_error_handle> errors;
1574
+ XdsApi::Route::RetryPolicy retry_to_return;
1575
+ auto retry_on = UpbStringToStdString(
1576
+ envoy_config_route_v3_RetryPolicy_retry_on(retry_policy));
1577
+ std::vector<absl::string_view> codes = absl::StrSplit(retry_on, ',');
1578
+ for (const auto& code : codes) {
1579
+ if (code == "cancelled") {
1580
+ retry_to_return.retry_on.Add(GRPC_STATUS_CANCELLED);
1581
+ } else if (code == "deadline-exceeded") {
1582
+ retry_to_return.retry_on.Add(GRPC_STATUS_DEADLINE_EXCEEDED);
1583
+ } else if (code == "internal") {
1584
+ retry_to_return.retry_on.Add(GRPC_STATUS_INTERNAL);
1585
+ } else if (code == "resource-exhausted") {
1586
+ retry_to_return.retry_on.Add(GRPC_STATUS_RESOURCE_EXHAUSTED);
1587
+ } else if (code == "unavailable") {
1588
+ retry_to_return.retry_on.Add(GRPC_STATUS_UNAVAILABLE);
1589
+ } else {
1590
+ if (GRPC_TRACE_FLAG_ENABLED(*context.tracer)) {
1591
+ gpr_log(GPR_INFO, "Unsupported retry_on policy %s.",
1592
+ std::string(code).c_str());
1593
+ }
1594
+ }
1595
+ }
1596
+ // TODO(donnadionne): when we add support for per_try_timeout, we will need to
1597
+ // return a policy if per_try_timeout is set even if retry_on specified no
1598
+ // supported policies.
1599
+ if (retry_to_return.retry_on.Empty()) return GRPC_ERROR_NONE;
1600
+ const google_protobuf_UInt32Value* num_retries =
1601
+ envoy_config_route_v3_RetryPolicy_num_retries(retry_policy);
1602
+ if (num_retries != nullptr) {
1603
+ uint32_t num_retries_value = google_protobuf_UInt32Value_value(num_retries);
1604
+ if (num_retries_value == 0) {
1605
+ errors.push_back(GRPC_ERROR_CREATE_FROM_COPIED_STRING(
1606
+ "RouteAction RetryPolicy num_retries set to invalid value 0."));
1607
+ } else {
1608
+ retry_to_return.num_retries = num_retries_value;
1609
+ }
1610
+ } else {
1611
+ retry_to_return.num_retries = 1;
1612
+ }
1613
+ const envoy_config_route_v3_RetryPolicy_RetryBackOff* backoff =
1614
+ envoy_config_route_v3_RetryPolicy_retry_back_off(retry_policy);
1615
+ if (backoff != nullptr) {
1616
+ const google_protobuf_Duration* base_interval =
1617
+ envoy_config_route_v3_RetryPolicy_RetryBackOff_base_interval(backoff);
1618
+ if (base_interval == nullptr) {
1619
+ errors.push_back(GRPC_ERROR_CREATE_FROM_COPIED_STRING(
1620
+ "RouteAction RetryPolicy RetryBackoff missing base interval."));
1621
+ } else {
1622
+ retry_to_return.retry_back_off.base_interval =
1623
+ DurationParse(base_interval);
1624
+ }
1625
+ const google_protobuf_Duration* max_interval =
1626
+ envoy_config_route_v3_RetryPolicy_RetryBackOff_max_interval(backoff);
1627
+ XdsApi::Duration max;
1628
+ if (max_interval != nullptr) {
1629
+ max = DurationParse(max_interval);
1630
+ } else {
1631
+ // if max interval is not set, it is 10x the base, if the value in nanos
1632
+ // can yield another second, adjust the value in seconds accordingly.
1633
+ max.seconds = retry_to_return.retry_back_off.base_interval.seconds * 10;
1634
+ max.nanos = retry_to_return.retry_back_off.base_interval.nanos * 10;
1635
+ if (max.nanos > 1000000000) {
1636
+ max.seconds += max.nanos / 1000000000;
1637
+ max.nanos = max.nanos % 1000000000;
1638
+ }
1639
+ }
1640
+ retry_to_return.retry_back_off.max_interval = max;
1641
+ } else {
1642
+ retry_to_return.retry_back_off.base_interval.seconds = 0;
1643
+ retry_to_return.retry_back_off.base_interval.nanos = 25000000;
1644
+ retry_to_return.retry_back_off.max_interval.seconds = 0;
1645
+ retry_to_return.retry_back_off.max_interval.nanos = 250000000;
1646
+ }
1647
+ if (errors.empty()) {
1648
+ *retry = retry_to_return;
1649
+ return GRPC_ERROR_NONE;
1650
+ } else {
1651
+ return GRPC_ERROR_CREATE_FROM_VECTOR("errors parsing retry policy",
1652
+ &errors);
1653
+ }
1654
+ }
1655
+
1530
1656
  grpc_error_handle RouteActionParse(const EncodingContext& context,
1531
1657
  const envoy_config_route_v3_Route* route_msg,
1532
1658
  XdsApi::Route* route, bool* ignore_route) {
@@ -1620,10 +1746,7 @@ grpc_error_handle RouteActionParse(const EncodingContext& context,
1620
1746
  max_stream_duration);
1621
1747
  }
1622
1748
  if (duration != nullptr) {
1623
- XdsApi::Duration duration_in_route;
1624
- duration_in_route.seconds = google_protobuf_Duration_seconds(duration);
1625
- duration_in_route.nanos = google_protobuf_Duration_nanos(duration);
1626
- route->max_stream_duration = duration_in_route;
1749
+ route->max_stream_duration = DurationParse(duration);
1627
1750
  }
1628
1751
  }
1629
1752
  }
@@ -1704,6 +1827,15 @@ grpc_error_handle RouteActionParse(const EncodingContext& context,
1704
1827
  route->hash_policies.emplace_back(std::move(policy));
1705
1828
  }
1706
1829
  }
1830
+ // Get retry policy
1831
+ const envoy_config_route_v3_RetryPolicy* retry_policy =
1832
+ envoy_config_route_v3_RouteAction_retry_policy(route_action);
1833
+ if (retry_policy != nullptr) {
1834
+ absl::optional<XdsApi::Route::RetryPolicy> retry;
1835
+ grpc_error_handle error = RetryPolicyParse(context, retry_policy, &retry);
1836
+ if (error != GRPC_ERROR_NONE) return error;
1837
+ route->retry_policy = retry;
1838
+ }
1707
1839
  return GRPC_ERROR_NONE;
1708
1840
  }
1709
1841
 
@@ -1749,6 +1881,15 @@ grpc_error_handle RouteConfigParse(
1749
1881
  &vhost.typed_per_filter_config);
1750
1882
  if (error != GRPC_ERROR_NONE) return error;
1751
1883
  }
1884
+ // Parse retry policy.
1885
+ absl::optional<XdsApi::Route::RetryPolicy> virtual_host_retry_policy;
1886
+ const envoy_config_route_v3_RetryPolicy* retry_policy =
1887
+ envoy_config_route_v3_VirtualHost_retry_policy(virtual_hosts[i]);
1888
+ if (retry_policy != nullptr) {
1889
+ grpc_error_handle error =
1890
+ RetryPolicyParse(context, retry_policy, &virtual_host_retry_policy);
1891
+ if (error != GRPC_ERROR_NONE) return error;
1892
+ }
1752
1893
  // Parse routes.
1753
1894
  size_t num_routes;
1754
1895
  const envoy_config_route_v3_Route* const* routes =
@@ -1783,6 +1924,9 @@ grpc_error_handle RouteConfigParse(
1783
1924
  error = RouteActionParse(context, routes[j], &route, &ignore_route);
1784
1925
  if (error != GRPC_ERROR_NONE) return error;
1785
1926
  if (ignore_route) continue;
1927
+ if (route.retry_policy == absl::nullopt && retry_policy != nullptr) {
1928
+ route.retry_policy = virtual_host_retry_policy;
1929
+ }
1786
1930
  if (context.use_v3) {
1787
1931
  grpc_error_handle error = ParseTypedPerFilterConfig<
1788
1932
  envoy_config_route_v3_Route,
@@ -1803,24 +1947,32 @@ grpc_error_handle RouteConfigParse(
1803
1947
  return GRPC_ERROR_NONE;
1804
1948
  }
1805
1949
 
1806
- XdsApi::CommonTlsContext::CertificateProviderInstance
1807
- CertificateProviderInstanceParse(
1950
+ grpc_error_handle CertificateProviderInstanceParse(
1951
+ const EncodingContext& context,
1808
1952
  const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance*
1809
- certificate_provider_instance_proto) {
1810
- return {
1953
+ certificate_provider_instance_proto,
1954
+ XdsApi::CommonTlsContext::CertificateProviderInstance*
1955
+ certificate_provider_instance) {
1956
+ *certificate_provider_instance = {
1811
1957
  UpbStringToStdString(
1812
1958
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_instance_name(
1813
1959
  certificate_provider_instance_proto)),
1814
1960
  UpbStringToStdString(
1815
1961
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_certificate_name(
1816
1962
  certificate_provider_instance_proto))};
1963
+ if (context.certificate_provider_definition_map->find(
1964
+ certificate_provider_instance->instance_name) ==
1965
+ context.certificate_provider_definition_map->end()) {
1966
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
1967
+ absl::StrCat("Unrecognized certificate provider instance name: ",
1968
+ certificate_provider_instance->instance_name)
1969
+ .c_str());
1970
+ }
1971
+ return GRPC_ERROR_NONE;
1817
1972
  }
1818
1973
 
1819
1974
  grpc_error_handle CommonTlsContextParse(
1820
- const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext*
1821
- common_tls_context_proto,
1822
- XdsApi::CommonTlsContext* common_tls_context) GRPC_MUST_USE_RESULT;
1823
- grpc_error_handle CommonTlsContextParse(
1975
+ const EncodingContext& context,
1824
1976
  const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext*
1825
1977
  common_tls_context_proto,
1826
1978
  XdsApi::CommonTlsContext* common_tls_context) {
@@ -1898,19 +2050,21 @@ grpc_error_handle CommonTlsContextParse(
1898
2050
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CombinedCertificateValidationContext_validation_context_certificate_provider_instance(
1899
2051
  combined_validation_context);
1900
2052
  if (validation_context_certificate_provider_instance != nullptr) {
1901
- common_tls_context->combined_validation_context
1902
- .validation_context_certificate_provider_instance =
1903
- CertificateProviderInstanceParse(
1904
- validation_context_certificate_provider_instance);
2053
+ grpc_error_handle error = CertificateProviderInstanceParse(
2054
+ context, validation_context_certificate_provider_instance,
2055
+ &common_tls_context->combined_validation_context
2056
+ .validation_context_certificate_provider_instance);
2057
+ if (error != GRPC_ERROR_NONE) return error;
1905
2058
  }
1906
2059
  }
1907
2060
  auto* tls_certificate_certificate_provider_instance =
1908
2061
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_tls_certificate_certificate_provider_instance(
1909
2062
  common_tls_context_proto);
1910
2063
  if (tls_certificate_certificate_provider_instance != nullptr) {
1911
- common_tls_context->tls_certificate_certificate_provider_instance =
1912
- CertificateProviderInstanceParse(
1913
- tls_certificate_certificate_provider_instance);
2064
+ grpc_error_handle error = CertificateProviderInstanceParse(
2065
+ context, tls_certificate_certificate_provider_instance,
2066
+ &common_tls_context->tls_certificate_certificate_provider_instance);
2067
+ if (error != GRPC_ERROR_NONE) return error;
1914
2068
  }
1915
2069
  return GRPC_ERROR_NONE;
1916
2070
  }
@@ -1930,10 +2084,8 @@ grpc_error_handle HttpConnectionManagerParse(
1930
2084
  const google_protobuf_Duration* duration =
1931
2085
  envoy_config_core_v3_HttpProtocolOptions_max_stream_duration(options);
1932
2086
  if (duration != nullptr) {
1933
- http_connection_manager->http_max_stream_duration.seconds =
1934
- google_protobuf_Duration_seconds(duration);
1935
- http_connection_manager->http_max_stream_duration.nanos =
1936
- google_protobuf_Duration_nanos(duration);
2087
+ http_connection_manager->http_max_stream_duration =
2088
+ DurationParse(duration);
1937
2089
  }
1938
2090
  }
1939
2091
  // Parse filters.
@@ -1989,6 +2141,23 @@ grpc_error_handle HttpConnectionManagerParse(
1989
2141
  is_client ? "clients" : "servers")
1990
2142
  .c_str());
1991
2143
  }
2144
+ if (i < num_filters - 1) {
2145
+ // Filters before the last filter must not be terminal.
2146
+ if (filter_impl->IsTerminalFilter()) {
2147
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
2148
+ absl::StrCat("terminal filter for config type ", filter_type,
2149
+ " must be the last filter in the chain")
2150
+ .c_str());
2151
+ }
2152
+ } else {
2153
+ // The last filter must be terminal.
2154
+ if (!filter_impl->IsTerminalFilter()) {
2155
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
2156
+ absl::StrCat("non-terminal filter for config type ", filter_type,
2157
+ " is the last filter in the chain")
2158
+ .c_str());
2159
+ }
2160
+ }
1992
2161
  absl::StatusOr<XdsHttpFilterImpl::FilterConfig> filter_config =
1993
2162
  filter_impl->GenerateFilterConfig(google_protobuf_Any_value(any),
1994
2163
  context.arena);
@@ -2079,43 +2248,54 @@ grpc_error_handle DownstreamTlsContextParse(
2079
2248
  XdsApi::DownstreamTlsContext* downstream_tls_context) {
2080
2249
  absl::string_view name = UpbStringToAbsl(
2081
2250
  envoy_config_core_v3_TransportSocket_name(transport_socket));
2082
- if (name == "envoy.transport_sockets.tls") {
2083
- auto* typed_config =
2084
- envoy_config_core_v3_TransportSocket_typed_config(transport_socket);
2085
- if (typed_config != nullptr) {
2086
- const upb_strview encoded_downstream_tls_context =
2087
- google_protobuf_Any_value(typed_config);
2088
- auto* downstream_tls_context_proto =
2089
- envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_parse(
2090
- encoded_downstream_tls_context.data,
2091
- encoded_downstream_tls_context.size, context.arena);
2092
- if (downstream_tls_context_proto == nullptr) {
2093
- return GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2094
- "Can't decode downstream tls context.");
2095
- }
2096
- auto* common_tls_context =
2097
- envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_common_tls_context(
2098
- downstream_tls_context_proto);
2099
- if (common_tls_context != nullptr) {
2100
- grpc_error_handle error = CommonTlsContextParse(
2101
- common_tls_context, &downstream_tls_context->common_tls_context);
2102
- if (error != GRPC_ERROR_NONE) return error;
2103
- }
2104
- auto* require_client_certificate =
2105
- envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_require_client_certificate(
2106
- downstream_tls_context_proto);
2107
- if (require_client_certificate != nullptr) {
2108
- downstream_tls_context->require_client_certificate =
2109
- google_protobuf_BoolValue_value(require_client_certificate);
2110
- }
2111
- }
2112
- if (downstream_tls_context->common_tls_context
2113
- .tls_certificate_certificate_provider_instance.instance_name
2114
- .empty()) {
2251
+ if (name != "envoy.transport_sockets.tls") {
2252
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
2253
+ absl::StrCat("Unrecognized transport socket: ", name).c_str());
2254
+ }
2255
+ auto* typed_config =
2256
+ envoy_config_core_v3_TransportSocket_typed_config(transport_socket);
2257
+ if (typed_config != nullptr) {
2258
+ const upb_strview encoded_downstream_tls_context =
2259
+ google_protobuf_Any_value(typed_config);
2260
+ auto* downstream_tls_context_proto =
2261
+ envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_parse(
2262
+ encoded_downstream_tls_context.data,
2263
+ encoded_downstream_tls_context.size, context.arena);
2264
+ if (downstream_tls_context_proto == nullptr) {
2115
2265
  return GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2116
- "TLS configuration provided but no "
2117
- "tls_certificate_certificate_provider_instance found.");
2266
+ "Can't decode downstream tls context.");
2118
2267
  }
2268
+ auto* common_tls_context =
2269
+ envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_common_tls_context(
2270
+ downstream_tls_context_proto);
2271
+ if (common_tls_context != nullptr) {
2272
+ grpc_error_handle error =
2273
+ CommonTlsContextParse(context, common_tls_context,
2274
+ &downstream_tls_context->common_tls_context);
2275
+ if (error != GRPC_ERROR_NONE) return error;
2276
+ }
2277
+ auto* require_client_certificate =
2278
+ envoy_extensions_transport_sockets_tls_v3_DownstreamTlsContext_require_client_certificate(
2279
+ downstream_tls_context_proto);
2280
+ if (require_client_certificate != nullptr) {
2281
+ downstream_tls_context->require_client_certificate =
2282
+ google_protobuf_BoolValue_value(require_client_certificate);
2283
+ }
2284
+ }
2285
+ if (downstream_tls_context->common_tls_context
2286
+ .tls_certificate_certificate_provider_instance.instance_name
2287
+ .empty()) {
2288
+ return GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2289
+ "TLS configuration provided but no "
2290
+ "tls_certificate_certificate_provider_instance found.");
2291
+ }
2292
+ if (downstream_tls_context->require_client_certificate &&
2293
+ downstream_tls_context->common_tls_context.combined_validation_context
2294
+ .validation_context_certificate_provider_instance.instance_name
2295
+ .empty()) {
2296
+ return GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2297
+ "TLS configuration requires client certificates but no certificate "
2298
+ "provider instance specified for validation.");
2119
2299
  }
2120
2300
  return GRPC_ERROR_NONE;
2121
2301
  }
@@ -2699,6 +2879,54 @@ grpc_error_handle RdsResponseParse(
2699
2879
  return GRPC_ERROR_CREATE_FROM_VECTOR("errors parsing RDS response", &errors);
2700
2880
  }
2701
2881
 
2882
+ grpc_error_handle UpstreamTlsContextParse(
2883
+ const EncodingContext& context,
2884
+ const envoy_config_core_v3_TransportSocket* transport_socket,
2885
+ XdsApi::CommonTlsContext* common_tls_context) {
2886
+ // Record Upstream tls context
2887
+ absl::string_view name = UpbStringToAbsl(
2888
+ envoy_config_core_v3_TransportSocket_name(transport_socket));
2889
+ if (name != "envoy.transport_sockets.tls") {
2890
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
2891
+ absl::StrCat("Unrecognized transport socket: ", name).c_str());
2892
+ }
2893
+ auto* typed_config =
2894
+ envoy_config_core_v3_TransportSocket_typed_config(transport_socket);
2895
+ if (typed_config != nullptr) {
2896
+ const upb_strview encoded_upstream_tls_context =
2897
+ google_protobuf_Any_value(typed_config);
2898
+ auto* upstream_tls_context =
2899
+ envoy_extensions_transport_sockets_tls_v3_UpstreamTlsContext_parse(
2900
+ encoded_upstream_tls_context.data,
2901
+ encoded_upstream_tls_context.size, context.arena);
2902
+ if (upstream_tls_context == nullptr) {
2903
+ return GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2904
+ "Can't decode upstream tls context.");
2905
+ }
2906
+ auto* common_tls_context_proto =
2907
+ envoy_extensions_transport_sockets_tls_v3_UpstreamTlsContext_common_tls_context(
2908
+ upstream_tls_context);
2909
+ if (common_tls_context_proto != nullptr) {
2910
+ grpc_error_handle error = CommonTlsContextParse(
2911
+ context, common_tls_context_proto, common_tls_context);
2912
+ if (error != GRPC_ERROR_NONE) {
2913
+ return grpc_error_add_child(GRPC_ERROR_CREATE_FROM_STATIC_STRING(
2914
+ "Error parsing UpstreamTlsContext"),
2915
+ error);
2916
+ }
2917
+ }
2918
+ }
2919
+ if (common_tls_context->combined_validation_context
2920
+ .validation_context_certificate_provider_instance.instance_name
2921
+ .empty()) {
2922
+ return GRPC_ERROR_CREATE_FROM_COPIED_STRING(
2923
+ "UpstreamTlsContext: TLS configuration provided but no "
2924
+ "validation_context_certificate_provider_instance "
2925
+ "found.");
2926
+ }
2927
+ return GRPC_ERROR_NONE;
2928
+ }
2929
+
2702
2930
  grpc_error_handle CdsResponseParse(
2703
2931
  const EncodingContext& context,
2704
2932
  const envoy_service_discovery_v3_DiscoveryResponse* response,
@@ -3015,60 +3243,21 @@ grpc_error_handle CdsResponseParse(
3015
3243
  continue;
3016
3244
  }
3017
3245
  if (XdsSecurityEnabled()) {
3018
- // Record Upstream tls context
3019
3246
  auto* transport_socket =
3020
3247
  envoy_config_cluster_v3_Cluster_transport_socket(cluster);
3021
3248
  if (transport_socket != nullptr) {
3022
- absl::string_view name = UpbStringToAbsl(
3023
- envoy_config_core_v3_TransportSocket_name(transport_socket));
3024
- if (name == "envoy.transport_sockets.tls") {
3025
- auto* typed_config =
3026
- envoy_config_core_v3_TransportSocket_typed_config(
3027
- transport_socket);
3028
- if (typed_config != nullptr) {
3029
- const upb_strview encoded_upstream_tls_context =
3030
- google_protobuf_Any_value(typed_config);
3031
- auto* upstream_tls_context =
3032
- envoy_extensions_transport_sockets_tls_v3_UpstreamTlsContext_parse(
3033
- encoded_upstream_tls_context.data,
3034
- encoded_upstream_tls_context.size, context.arena);
3035
- if (upstream_tls_context == nullptr) {
3036
- errors.push_back(GRPC_ERROR_CREATE_FROM_COPIED_STRING(
3037
- absl::StrCat(cluster_name,
3038
- ": Can't decode upstream tls context.")
3039
- .c_str()));
3040
- resource_names_failed->insert(cluster_name);
3041
- continue;
3042
- }
3043
- auto* common_tls_context =
3044
- envoy_extensions_transport_sockets_tls_v3_UpstreamTlsContext_common_tls_context(
3045
- upstream_tls_context);
3046
- if (common_tls_context != nullptr) {
3047
- grpc_error_handle error = CommonTlsContextParse(
3048
- common_tls_context, &cds_update.common_tls_context);
3049
- if (error != GRPC_ERROR_NONE) {
3050
- errors.push_back(grpc_error_add_child(
3051
- GRPC_ERROR_CREATE_FROM_COPIED_STRING(
3052
- absl::StrCat(cluster_name, ": error in TLS context")
3053
- .c_str()),
3054
- error));
3055
- resource_names_failed->insert(cluster_name);
3056
- continue;
3057
- }
3058
- }
3059
- }
3060
- if (cds_update.common_tls_context.combined_validation_context
3061
- .validation_context_certificate_provider_instance
3062
- .instance_name.empty()) {
3063
- errors.push_back(GRPC_ERROR_CREATE_FROM_COPIED_STRING(
3064
- absl::StrCat(cluster_name,
3065
- "TLS configuration provided but no "
3066
- "validation_context_certificate_provider_instance "
3067
- "found.")
3068
- .c_str()));
3069
- resource_names_failed->insert(cluster_name);
3070
- continue;
3071
- }
3249
+ grpc_error_handle error = UpstreamTlsContextParse(
3250
+ context, transport_socket, &cds_update.common_tls_context);
3251
+ if (error != GRPC_ERROR_NONE) {
3252
+ errors.push_back(grpc_error_add_child(
3253
+ GRPC_ERROR_CREATE_FROM_COPIED_STRING(
3254
+ absl::StrCat(
3255
+ "Error parsing security configuration for cluster: ",
3256
+ cluster_name)
3257
+ .c_str()),
3258
+ error));
3259
+ resource_names_failed->insert(cluster_name);
3260
+ continue;
3072
3261
  }
3073
3262
  }
3074
3263
  }
@@ -3404,8 +3593,12 @@ XdsApi::AdsParseResult XdsApi::ParseAdsResponse(
3404
3593
  const std::set<absl::string_view>& expected_eds_service_names) {
3405
3594
  AdsParseResult result;
3406
3595
  upb::Arena arena;
3407
- const EncodingContext context = {client_, tracer_, symtab_.ptr(), arena.ptr(),
3408
- server.ShouldUseV3()};
3596
+ const EncodingContext context = {client_,
3597
+ tracer_,
3598
+ symtab_.ptr(),
3599
+ arena.ptr(),
3600
+ server.ShouldUseV3(),
3601
+ certificate_provider_definition_map_};
3409
3602
  // Decode the response.
3410
3603
  const envoy_service_discovery_v3_DiscoveryResponse* response =
3411
3604
  envoy_service_discovery_v3_DiscoveryResponse_parse(
@@ -3492,8 +3685,12 @@ grpc_slice SerializeLrsRequest(
3492
3685
  grpc_slice XdsApi::CreateLrsInitialRequest(
3493
3686
  const XdsBootstrap::XdsServer& server) {
3494
3687
  upb::Arena arena;
3495
- const EncodingContext context = {client_, tracer_, symtab_.ptr(), arena.ptr(),
3496
- server.ShouldUseV3()};
3688
+ const EncodingContext context = {client_,
3689
+ tracer_,
3690
+ symtab_.ptr(),
3691
+ arena.ptr(),
3692
+ server.ShouldUseV3(),
3693
+ certificate_provider_definition_map_};
3497
3694
  // Create a request.
3498
3695
  envoy_service_load_stats_v3_LoadStatsRequest* request =
3499
3696
  envoy_service_load_stats_v3_LoadStatsRequest_new(arena.ptr());
@@ -3563,8 +3760,9 @@ void LocalityStatsPopulate(
3563
3760
  grpc_slice XdsApi::CreateLrsRequest(
3564
3761
  ClusterLoadReportMap cluster_load_report_map) {
3565
3762
  upb::Arena arena;
3566
- const EncodingContext context = {client_, tracer_, symtab_.ptr(), arena.ptr(),
3567
- false};
3763
+ const EncodingContext context = {
3764
+ client_, tracer_, symtab_.ptr(),
3765
+ arena.ptr(), false, certificate_provider_definition_map_};
3568
3766
  // Create a request.
3569
3767
  envoy_service_load_stats_v3_LoadStatsRequest* request =
3570
3768
  envoy_service_load_stats_v3_LoadStatsRequest_new(arena.ptr());
@@ -3897,8 +4095,9 @@ std::string XdsApi::AssembleClientConfig(
3897
4095
  // Fill-in the node information
3898
4096
  auto* node = envoy_service_status_v3_ClientConfig_mutable_node(client_config,
3899
4097
  arena.ptr());
3900
- const EncodingContext context = {client_, tracer_, symtab_.ptr(), arena.ptr(),
3901
- true};
4098
+ const EncodingContext context = {
4099
+ client_, tracer_, symtab_.ptr(),
4100
+ arena.ptr(), true, certificate_provider_definition_map_};
3902
4101
  PopulateNode(context, node_, build_version_, user_agent_name_,
3903
4102
  user_agent_version_, node);
3904
4103
  // Dump each xDS-type config into PerXdsConfig