grpc 1.40.0.pre1 → 1.41.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +29 -37
- data/etc/roots.pem +335 -326
- data/include/grpc/byte_buffer.h +1 -1
- data/include/grpc/byte_buffer_reader.h +1 -1
- data/include/grpc/event_engine/endpoint_config.h +6 -11
- data/include/grpc/event_engine/event_engine.h +63 -58
- data/include/grpc/event_engine/port.h +1 -3
- data/include/grpc/event_engine/slice_allocator.h +6 -1
- data/include/grpc/fork.h +1 -1
- data/include/grpc/grpc.h +10 -4
- data/include/grpc/grpc_posix.h +5 -2
- data/include/grpc/impl/codegen/atm.h +5 -3
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -0
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/fork.h +2 -0
- data/include/grpc/impl/codegen/gpr_slice.h +2 -0
- data/include/grpc/impl/codegen/gpr_types.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +4 -5
- data/include/grpc/impl/codegen/log.h +2 -0
- data/include/grpc/impl/codegen/port_platform.h +26 -22
- data/include/grpc/impl/codegen/propagation_bits.h +2 -0
- data/include/grpc/impl/codegen/slice.h +2 -0
- data/include/grpc/impl/codegen/status.h +2 -0
- data/include/grpc/impl/codegen/sync.h +8 -5
- data/include/grpc/impl/codegen/sync_abseil.h +2 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +3 -0
- data/include/grpc/impl/codegen/sync_posix.h +4 -2
- data/include/grpc/impl/codegen/sync_windows.h +2 -0
- data/include/grpc/slice.h +1 -1
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/atm.h +1 -1
- data/include/grpc/support/atm_gcc_atomic.h +1 -1
- data/include/grpc/support/atm_gcc_sync.h +1 -1
- data/include/grpc/support/atm_windows.h +1 -1
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/port_platform.h +1 -1
- data/include/grpc/support/sync.h +1 -1
- data/include/grpc/support/sync_abseil.h +1 -1
- data/include/grpc/support/sync_custom.h +1 -1
- data/include/grpc/support/sync_generic.h +1 -1
- data/include/grpc/support/sync_posix.h +1 -1
- data/include/grpc/support/sync_windows.h +1 -1
- data/include/grpc/support/time.h +2 -2
- data/src/core/ext/filters/census/grpc_context.cc +1 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +0 -1
- data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +24 -52
- data/src/core/ext/filters/client_channel/client_channel.h +3 -3
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +1 -0
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +8 -1
- data/src/core/ext/filters/client_channel/config_selector.cc +1 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -6
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -3
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +8 -7
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +14 -23
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +1 -0
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +15 -18
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +10 -7
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +11 -44
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +2 -10
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +6 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +14 -19
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +2 -3
- data/src/core/ext/filters/client_channel/retry_filter.cc +16 -3
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +36 -30
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -6
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +6 -13
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -2
- data/src/core/ext/filters/http/client_authority_filter.cc +2 -1
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +2 -1
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +7 -8
- data/src/core/ext/filters/http/server/http_server_filter.cc +5 -3
- data/src/core/ext/filters/message_size/message_size_filter.cc +9 -13
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +29 -12
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +2 -3
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +10 -6
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +2 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +60 -37
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +0 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -6
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +5 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +2 -2
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +24 -30
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +4 -1
- data/src/core/ext/transport/chttp2/transport/context_list.h +1 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +39 -23
- data/src/core/ext/transport/chttp2/transport/flow_control.h +9 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -5
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +36 -5
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +12 -7
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -0
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +272 -666
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +236 -70
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +776 -1037
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +48 -169
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +159 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +130 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.h +30 -0
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +2 -2
- data/src/core/ext/transport/chttp2/transport/parsing.cc +20 -30
- data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.cc +7 -3
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
- data/src/core/ext/transport/chttp2/transport/writing.cc +32 -28
- data/src/core/ext/transport/inproc/inproc_transport.cc +6 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +96 -96
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +221 -89
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +48 -48
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +151 -61
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +99 -99
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +171 -69
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +126 -127
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +229 -101
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +82 -82
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +201 -81
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +24 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +62 -62
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +131 -53
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +51 -51
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +81 -33
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +62 -62
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +141 -57
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +57 -22
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +174 -17
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +32 -32
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +37 -37
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +40 -40
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +30 -30
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +81 -33
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +41 -29
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +141 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +46 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +88 -29
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +18 -18
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +281 -277
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +569 -248
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +115 -116
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +191 -77
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +46 -32
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +118 -34
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -12
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +44 -42
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +108 -55
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +42 -42
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +41 -17
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +9 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +11 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +19 -19
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +11 -5
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +1 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +58 -58
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +111 -45
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +68 -68
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +121 -49
- data/src/core/ext/upb-generated/google/api/http.upb.c +18 -18
- data/src/core/ext/upb-generated/google/api/http.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +153 -153
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +271 -109
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +2 -2
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +15 -15
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +19 -19
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +91 -37
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +5 -5
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +12 -12
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +60 -60
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +101 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +7 -7
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +31 -31
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +91 -37
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +8 -8
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +31 -13
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +13 -13
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +11 -5
- data/src/core/ext/upb-generated/validate/validate.upb.c +220 -220
- data/src/core/ext/upb-generated/validate/validate.upb.h +231 -93
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +3 -3
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +8 -8
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +11 -11
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +11 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +384 -382
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +94 -63
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +30 -19
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +791 -780
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +96 -100
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +133 -115
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +178 -173
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +14 -13
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +103 -103
- data/src/core/ext/xds/certificate_provider_registry.cc +2 -2
- data/src/core/ext/xds/xds_api.cc +853 -990
- data/src/core/ext/xds/xds_api.h +16 -33
- data/src/core/ext/xds/xds_bootstrap.cc +27 -52
- data/src/core/ext/xds/xds_client.cc +69 -30
- data/src/core/ext/xds/xds_client_stats.cc +16 -15
- data/src/core/ext/xds/xds_client_stats.h +6 -6
- data/src/core/ext/xds/xds_http_fault_filter.cc +4 -3
- data/src/core/ext/xds/xds_http_fault_filter.h +3 -2
- data/src/core/ext/xds/xds_http_filters.cc +1 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +10 -10
- data/src/core/lib/address_utils/parse_address.cc +4 -8
- data/src/core/lib/address_utils/sockaddr_utils.cc +2 -2
- data/src/core/lib/channel/channel_args.cc +2 -1
- data/src/core/lib/channel/channel_stack.cc +5 -3
- data/src/core/lib/channel/channel_stack_builder.cc +1 -11
- data/src/core/lib/channel/channel_stack_builder.h +0 -8
- data/src/core/lib/channel/channel_trace.cc +4 -3
- data/src/core/lib/channel/channel_trace.h +1 -0
- data/src/core/lib/channel/channelz.cc +40 -36
- data/src/core/lib/channel/channelz.h +27 -27
- data/src/core/lib/channel/channelz_registry.cc +7 -6
- data/src/core/lib/channel/connected_channel.cc +1 -0
- data/src/core/lib/channel/handshaker.cc +2 -1
- data/src/core/lib/channel/handshaker.h +1 -2
- data/src/core/lib/channel/handshaker_factory.h +10 -2
- data/src/core/lib/channel/handshaker_registry.cc +15 -70
- data/src/core/lib/channel/handshaker_registry.h +29 -12
- data/src/core/lib/channel/status_util.h +2 -2
- data/src/core/lib/compression/algorithm_metadata.h +1 -0
- data/src/core/lib/compression/compression_args.cc +2 -1
- data/src/core/lib/compression/compression_internal.cc +2 -4
- data/src/core/lib/compression/message_compress.cc +2 -2
- data/src/core/lib/compression/stream_compression.cc +2 -1
- data/src/core/lib/compression/stream_compression.h +2 -1
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +2 -1
- data/src/core/lib/config/core_configuration.cc +54 -0
- data/src/core/lib/config/core_configuration.h +108 -0
- data/src/core/lib/debug/stats.h +1 -0
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/stats_data.h +1 -0
- data/src/core/lib/debug/trace.cc +1 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/event_engine/endpoint_config.cc +0 -1
- data/src/core/lib/event_engine/event_engine.cc +3 -3
- data/src/core/lib/event_engine/sockaddr.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +4 -3
- data/src/core/lib/gpr/env_linux.cc +1 -2
- data/src/core/lib/gpr/env_posix.cc +2 -3
- data/src/core/lib/gpr/log.cc +3 -3
- data/src/core/lib/gpr/log_android.cc +3 -2
- data/src/core/lib/gpr/log_linux.cc +7 -4
- data/src/core/lib/gpr/log_posix.cc +6 -3
- data/src/core/lib/gpr/string.h +2 -2
- data/src/core/lib/gpr/sync.cc +2 -2
- data/src/core/lib/gpr/sync_abseil.cc +7 -6
- data/src/core/lib/gpr/sync_posix.cc +3 -3
- data/src/core/lib/gpr/time.cc +3 -2
- data/src/core/lib/gpr/time_windows.cc +3 -2
- data/src/core/lib/gpr/tls.h +120 -41
- data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
- data/src/core/lib/gprpp/arena.cc +2 -1
- data/src/core/lib/gprpp/arena.h +5 -5
- data/src/core/lib/gprpp/atomic_utils.h +47 -0
- data/src/core/lib/gprpp/bitset.h +166 -0
- data/src/core/lib/gprpp/construct_destruct.h +39 -0
- data/src/core/lib/gprpp/dual_ref_counted.h +25 -26
- data/src/core/lib/gprpp/fork.cc +14 -12
- data/src/core/lib/gprpp/fork.h +4 -4
- data/src/core/lib/gprpp/global_config.h +1 -2
- data/src/core/lib/gprpp/global_config_env.cc +7 -7
- data/src/core/lib/gprpp/global_config_generic.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +8 -5
- data/src/core/lib/gprpp/match.h +73 -0
- data/src/core/lib/gprpp/memory.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +7 -7
- data/src/core/lib/gprpp/mpscq.h +6 -5
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/overload.h +59 -0
- data/src/core/lib/gprpp/ref_counted.h +18 -18
- data/src/core/lib/gprpp/status_helper.cc +4 -4
- data/src/core/lib/gprpp/sync.h +3 -1
- data/src/core/lib/gprpp/thd_posix.cc +5 -5
- data/src/core/lib/gprpp/thd_windows.cc +4 -11
- data/src/core/lib/gprpp/time_util.cc +2 -2
- data/src/core/lib/gprpp/time_util.h +2 -2
- data/src/core/lib/http/format_request.cc +1 -0
- data/src/core/lib/http/format_request.h +1 -0
- data/src/core/lib/http/httpcli.cc +9 -9
- data/src/core/lib/http/httpcli.h +3 -0
- data/src/core/lib/http/httpcli_security_connector.cc +5 -8
- data/src/core/lib/http/parser.h +1 -0
- data/src/core/lib/iomgr/buffer_list.cc +2 -1
- data/src/core/lib/iomgr/buffer_list.h +1 -2
- data/src/core/lib/iomgr/call_combiner.cc +1 -0
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/combiner.h +1 -0
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +1 -0
- data/src/core/lib/iomgr/endpoint.cc +0 -4
- data/src/core/lib/iomgr/endpoint.h +1 -3
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -20
- data/src/core/lib/iomgr/endpoint_cfstream.h +1 -1
- data/src/core/lib/iomgr/endpoint_pair.h +1 -0
- data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +1 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +15 -11
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +17 -9
- data/src/core/lib/iomgr/error.h +23 -9
- data/src/core/lib/iomgr/error_cfstream.cc +2 -2
- data/src/core/lib/iomgr/error_internal.h +1 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +14 -22
- data/src/core/lib/iomgr/ev_epollex_linux.cc +15 -22
- data/src/core/lib/iomgr/ev_poll_posix.cc +13 -25
- data/src/core/lib/iomgr/ev_posix.cc +1 -2
- data/src/core/lib/iomgr/event_engine/endpoint.cc +3 -22
- data/src/core/lib/iomgr/event_engine/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine/iomgr.cc +17 -18
- data/src/core/lib/iomgr/event_engine/iomgr.h +20 -2
- data/src/core/lib/iomgr/event_engine/resolver.cc +2 -1
- data/src/core/lib/iomgr/event_engine/tcp.cc +53 -24
- data/src/core/lib/iomgr/exec_ctx.cc +3 -4
- data/src/core/lib/iomgr/exec_ctx.h +11 -19
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +10 -9
- data/src/core/lib/iomgr/executor/mpmcqueue.h +4 -3
- data/src/core/lib/iomgr/executor/threadpool.cc +2 -2
- data/src/core/lib/iomgr/executor/threadpool.h +2 -1
- data/src/core/lib/iomgr/executor.cc +5 -6
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
- data/src/core/lib/iomgr/iocp_windows.cc +1 -0
- data/src/core/lib/iomgr/iomgr.h +2 -2
- data/src/core/lib/iomgr/iomgr_custom.cc +2 -2
- data/src/core/lib/iomgr/iomgr_custom.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +2 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +1 -2
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +4 -4
- data/src/core/lib/iomgr/polling_entity.cc +2 -2
- data/src/core/lib/iomgr/pollset_custom.cc +3 -4
- data/src/core/lib/iomgr/pollset_custom.h +2 -2
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
- data/src/core/lib/iomgr/port.h +0 -5
- data/src/core/lib/iomgr/python_util.h +1 -0
- data/src/core/lib/iomgr/resolve_address.cc +2 -1
- data/src/core/lib/iomgr/resolve_address.h +0 -4
- data/src/core/lib/iomgr/resolve_address_custom.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_custom.h +0 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +2 -4
- data/src/core/lib/iomgr/resolve_address_windows.cc +6 -8
- data/src/core/lib/iomgr/resource_quota.cc +127 -42
- data/src/core/lib/iomgr/resource_quota.h +66 -17
- data/src/core/lib/iomgr/sockaddr.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -3
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -0
- data/src/core/lib/iomgr/socket_mutator.h +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +3 -3
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.cc +4 -2
- data/src/core/lib/iomgr/tcp_client.h +4 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +9 -19
- data/src/core/lib/iomgr/tcp_client_custom.cc +9 -17
- data/src/core/lib/iomgr/tcp_client_posix.cc +24 -9
- data/src/core/lib/iomgr/tcp_client_posix.h +5 -2
- data/src/core/lib/iomgr/tcp_client_windows.cc +14 -6
- data/src/core/lib/iomgr/tcp_custom.cc +11 -23
- data/src/core/lib/iomgr/tcp_custom.h +2 -1
- data/src/core/lib/iomgr/tcp_posix.cc +29 -59
- data/src/core/lib/iomgr/tcp_posix.h +11 -12
- data/src/core/lib/iomgr/tcp_server.cc +6 -4
- data/src/core/lib/iomgr/tcp_server.h +12 -9
- data/src/core/lib/iomgr/tcp_server_custom.cc +15 -33
- data/src/core/lib/iomgr/tcp_server_posix.cc +20 -13
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +1 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +13 -9
- data/src/core/lib/iomgr/tcp_windows.cc +6 -25
- data/src/core/lib/iomgr/tcp_windows.h +2 -1
- data/src/core/lib/iomgr/timer.cc +1 -0
- data/src/core/lib/iomgr/timer.h +1 -2
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +8 -38
- data/src/core/lib/iomgr/timer_generic.h +1 -0
- data/src/core/lib/iomgr/timer_heap.cc +1 -2
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -5
- data/src/core/lib/iomgr/unix_sockets_posix.h +2 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -3
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +1 -0
- data/src/core/lib/iomgr/work_serializer.cc +4 -4
- data/src/core/lib/iomgr/work_serializer.h +1 -1
- data/src/core/lib/json/json_reader.cc +9 -17
- data/src/core/lib/json/json_util.h +18 -26
- data/src/core/lib/matchers/matchers.h +0 -1
- data/src/core/lib/profiling/basic_timers.cc +8 -6
- data/src/core/lib/profiling/stap_timers.cc +2 -2
- data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -4
- data/src/core/lib/security/authorization/evaluate_args.cc +2 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +159 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
- data/src/core/lib/security/context/security_context.cc +7 -6
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +4 -3
- data/src/core/lib/security/credentials/credentials.cc +6 -6
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +13 -26
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +3 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +13 -22
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +2 -4
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +55 -3
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -1
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +31 -14
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +3 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +3 -7
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -4
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +4 -4
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +3 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +10 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +2 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +4 -6
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -3
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -7
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +1 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -3
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -14
- data/src/core/lib/security/transport/auth_filters.h +1 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +4 -6
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -14
- data/src/core/lib/security/transport/secure_endpoint.h +1 -0
- data/src/core/lib/security/transport/security_handshaker.cc +5 -4
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/util/json_util.cc +6 -8
- data/src/core/lib/slice/percent_encoding.cc +73 -30
- data/src/core/lib/slice/percent_encoding.h +29 -28
- data/src/core/lib/slice/slice.cc +14 -5
- data/src/core/lib/slice/slice_buffer.cc +1 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/api_trace.cc +2 -1
- data/src/core/lib/surface/api_trace.h +1 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +1 -1
- data/src/core/lib/surface/call.cc +9 -8
- data/src/core/lib/surface/call.h +3 -3
- data/src/core/lib/surface/call_details.cc +2 -2
- data/src/core/lib/surface/call_log_batch.cc +2 -2
- data/src/core/lib/surface/channel.cc +22 -9
- data/src/core/lib/surface/channel.h +14 -2
- data/src/core/lib/surface/channel_ping.cc +1 -2
- data/src/core/lib/surface/channel_stack_type.cc +2 -1
- data/src/core/lib/surface/completion_queue.cc +54 -64
- data/src/core/lib/surface/completion_queue_factory.cc +2 -1
- data/src/core/lib/surface/completion_queue_factory.h +1 -0
- data/src/core/lib/surface/event_string.cc +1 -0
- data/src/core/lib/surface/init.cc +4 -9
- data/src/core/lib/surface/init.h +0 -1
- data/src/core/lib/surface/init_secure.cc +23 -4
- data/src/core/lib/surface/lame_client.cc +6 -5
- data/src/core/lib/surface/metadata_array.cc +2 -2
- data/src/core/lib/surface/server.cc +17 -33
- data/src/core/lib/surface/server.h +11 -13
- data/src/core/lib/surface/validate_metadata.cc +44 -16
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +1 -0
- data/src/core/lib/transport/connectivity_state.cc +8 -5
- data/src/core/lib/transport/connectivity_state.h +2 -2
- data/src/core/lib/transport/error_utils.cc +1 -0
- data/src/core/lib/transport/metadata.cc +10 -10
- data/src/core/lib/transport/metadata.h +13 -11
- data/src/core/lib/transport/metadata_batch.cc +13 -2
- data/src/core/lib/transport/metadata_batch.h +15 -0
- data/src/core/lib/transport/transport_op_string.cc +2 -2
- data/src/core/plugin_registry/grpc_plugin_registry.cc +14 -0
- data/src/core/tsi/alts/crypt/aes_gcm.cc +3 -2
- data/src/core/tsi/alts/crypt/gsec.h +2 -3
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +2 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
- data/src/core/tsi/ssl_transport_security.cc +11 -9
- data/src/core/tsi/ssl_transport_security.h +3 -1
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_grpc.h +1 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
- data/src/ruby/ext/grpc/rb_call.c +5 -5
- data/src/ruby/ext/grpc/rb_call_credentials.c +5 -5
- data/src/ruby/ext/grpc/rb_channel.c +10 -8
- data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
- data/src/ruby/ext/grpc/rb_channel_credentials.c +4 -4
- data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
- data/src/ruby/ext/grpc/rb_compression_options.c +5 -4
- data/src/ruby/ext/grpc/rb_event_thread.c +4 -4
- data/src/ruby/ext/grpc/rb_grpc.c +5 -4
- data/src/ruby/ext/grpc/rb_grpc.h +1 -0
- data/src/ruby/ext/grpc/rb_server.c +6 -5
- data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +8 -5
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +3 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +6 -5
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +3 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/err_data.c +300 -292
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +6 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +16 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +14 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +19 -29
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/a_strex.c +269 -272
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +6 -43
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +1 -40
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{x509 → asn1}/charmap.h +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_locl.h → internal.h} +45 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +290 -199
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +9 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +11 -8
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -17
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +45 -65
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +6 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +26 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +24 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +23 -2
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +14 -9
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +16 -7
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +151 -12
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +225 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +15 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +10 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -179
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +6 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +25 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +11 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +23 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +12 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_int.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +24 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +17 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +112 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +76 -31
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +458 -260
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +2 -9
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +5 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +3 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +9 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +8 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +25 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +12 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +5 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +12 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +37 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +79 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +31 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +234 -131
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +0 -131
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +48 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +9 -16
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +310 -359
- data/third_party/boringssl-with-bazel/src/ssl/{t1_lib.cc → extensions.cc} +110 -159
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +24 -13
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +145 -142
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +106 -99
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +87 -48
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +11 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +2 -51
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +121 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +28 -22
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +14 -27
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +210 -212
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +30 -41
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +48 -34
- data/third_party/upb/upb/decode.c +129 -60
- data/third_party/upb/upb/decode.h +32 -4
- data/third_party/upb/upb/decode_fast.c +513 -500
- data/third_party/upb/upb/decode_fast.h +27 -0
- data/third_party/upb/upb/{decode.int.h → decode_internal.h} +38 -8
- data/third_party/upb/upb/def.c +171 -181
- data/third_party/upb/upb/def.h +41 -19
- data/third_party/upb/upb/def.hpp +29 -0
- data/third_party/upb/upb/encode.c +49 -16
- data/third_party/upb/upb/encode.h +29 -2
- data/third_party/upb/upb/msg.c +169 -28
- data/third_party/upb/upb/msg.h +75 -580
- data/third_party/upb/upb/msg_internal.h +687 -0
- data/third_party/upb/upb/port_def.inc +85 -24
- data/third_party/upb/upb/port_undef.inc +38 -1
- data/third_party/upb/upb/reflection.c +29 -37
- data/third_party/upb/upb/reflection.h +36 -8
- data/third_party/upb/upb/reflection.hpp +37 -0
- data/third_party/upb/upb/table.c +211 -86
- data/third_party/upb/upb/{table.int.h → table_internal.h} +56 -180
- data/third_party/upb/upb/text_encode.c +32 -4
- data/third_party/upb/upb/text_encode.h +26 -0
- data/third_party/upb/upb/upb.c +59 -8
- data/third_party/upb/upb/upb.h +36 -6
- data/third_party/upb/upb/upb.hpp +24 -0
- data/third_party/upb/upb/upb_internal.h +58 -0
- metadata +70 -67
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -179
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -243
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
- data/src/core/lib/gpr/tls_gcc.h +0 -52
- data/src/core/lib/gpr/tls_msvc.h +0 -54
- data/src/core/lib/gpr/tls_pthread.cc +0 -30
- data/src/core/lib/gpr/tls_pthread.h +0 -56
- data/src/core/lib/gpr/tls_stdcpp.h +0 -48
- data/src/core/lib/gprpp/atomic.h +0 -104
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
- data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
- data/src/core/lib/iomgr/pollset_uv.cc +0 -95
- data/src/core/lib/iomgr/pollset_uv.h +0 -36
- data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
- data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
- data/src/core/lib/iomgr/tcp_uv.cc +0 -421
- data/src/core/lib/iomgr/timer_uv.cc +0 -66
- data/third_party/upb/third_party/wyhash/wyhash.h +0 -145
- data/third_party/upb/upb/upb.int.h +0 -29
|
@@ -210,16 +210,24 @@ static bool is_post_quantum_group(uint16_t id) {
|
|
|
210
210
|
|
|
211
211
|
bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
212
212
|
Span<const uint8_t> body) {
|
|
213
|
+
CBS cbs = body;
|
|
214
|
+
if (!ssl_parse_client_hello_with_trailing_data(ssl, &cbs, out) ||
|
|
215
|
+
CBS_len(&cbs) != 0) {
|
|
216
|
+
return false;
|
|
217
|
+
}
|
|
218
|
+
return true;
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
|
|
222
|
+
SSL_CLIENT_HELLO *out) {
|
|
213
223
|
OPENSSL_memset(out, 0, sizeof(*out));
|
|
214
224
|
out->ssl = const_cast<SSL *>(ssl);
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
!CBS_get_bytes(&client_hello, &random, SSL3_RANDOM_SIZE) ||
|
|
222
|
-
!CBS_get_u8_length_prefixed(&client_hello, &session_id) ||
|
|
225
|
+
|
|
226
|
+
CBS copy = *cbs;
|
|
227
|
+
CBS random, session_id;
|
|
228
|
+
if (!CBS_get_u16(cbs, &out->version) ||
|
|
229
|
+
!CBS_get_bytes(cbs, &random, SSL3_RANDOM_SIZE) ||
|
|
230
|
+
!CBS_get_u8_length_prefixed(cbs, &session_id) ||
|
|
223
231
|
CBS_len(&session_id) > SSL_MAX_SSL_SESSION_ID_LENGTH) {
|
|
224
232
|
return false;
|
|
225
233
|
}
|
|
@@ -232,16 +240,16 @@ bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
|
232
240
|
// Skip past DTLS cookie
|
|
233
241
|
if (SSL_is_dtls(out->ssl)) {
|
|
234
242
|
CBS cookie;
|
|
235
|
-
if (!CBS_get_u8_length_prefixed(
|
|
243
|
+
if (!CBS_get_u8_length_prefixed(cbs, &cookie) ||
|
|
236
244
|
CBS_len(&cookie) > DTLS1_COOKIE_LENGTH) {
|
|
237
245
|
return false;
|
|
238
246
|
}
|
|
239
247
|
}
|
|
240
248
|
|
|
241
249
|
CBS cipher_suites, compression_methods;
|
|
242
|
-
if (!CBS_get_u16_length_prefixed(
|
|
250
|
+
if (!CBS_get_u16_length_prefixed(cbs, &cipher_suites) ||
|
|
243
251
|
CBS_len(&cipher_suites) < 2 || (CBS_len(&cipher_suites) & 1) != 0 ||
|
|
244
|
-
!CBS_get_u8_length_prefixed(
|
|
252
|
+
!CBS_get_u8_length_prefixed(cbs, &compression_methods) ||
|
|
245
253
|
CBS_len(&compression_methods) < 1) {
|
|
246
254
|
return false;
|
|
247
255
|
}
|
|
@@ -253,23 +261,22 @@ bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
|
253
261
|
|
|
254
262
|
// If the ClientHello ends here then it's valid, but doesn't have any
|
|
255
263
|
// extensions.
|
|
256
|
-
if (CBS_len(
|
|
257
|
-
out->extensions =
|
|
264
|
+
if (CBS_len(cbs) == 0) {
|
|
265
|
+
out->extensions = nullptr;
|
|
258
266
|
out->extensions_len = 0;
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
267
|
+
} else {
|
|
268
|
+
// Extract extensions and check it is valid.
|
|
269
|
+
CBS extensions;
|
|
270
|
+
if (!CBS_get_u16_length_prefixed(cbs, &extensions) ||
|
|
271
|
+
!tls1_check_duplicate_extensions(&extensions)) {
|
|
272
|
+
return false;
|
|
273
|
+
}
|
|
274
|
+
out->extensions = CBS_data(&extensions);
|
|
275
|
+
out->extensions_len = CBS_len(&extensions);
|
|
268
276
|
}
|
|
269
277
|
|
|
270
|
-
out->
|
|
271
|
-
out->
|
|
272
|
-
|
|
278
|
+
out->client_hello = CBS_data(©);
|
|
279
|
+
out->client_hello_len = CBS_len(©) - CBS_len(cbs);
|
|
273
280
|
return true;
|
|
274
281
|
}
|
|
275
282
|
|
|
@@ -619,20 +626,30 @@ static bool ext_sni_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
|
|
|
619
626
|
|
|
620
627
|
// Encrypted ClientHello (ECH)
|
|
621
628
|
//
|
|
622
|
-
// https://tools.ietf.org/html/draft-ietf-tls-esni-
|
|
629
|
+
// https://tools.ietf.org/html/draft-ietf-tls-esni-13
|
|
623
630
|
|
|
624
631
|
static bool ext_ech_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
|
|
625
632
|
CBB *out_compressible,
|
|
626
633
|
ssl_client_hello_type_t type) {
|
|
627
|
-
if (type == ssl_client_hello_inner
|
|
634
|
+
if (type == ssl_client_hello_inner) {
|
|
635
|
+
if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
|
|
636
|
+
!CBB_add_u16(out, /* length */ 1) ||
|
|
637
|
+
!CBB_add_u8(out, ECH_CLIENT_INNER)) {
|
|
638
|
+
return false;
|
|
639
|
+
}
|
|
640
|
+
return true;
|
|
641
|
+
}
|
|
642
|
+
|
|
643
|
+
if (hs->ech_client_outer.empty()) {
|
|
628
644
|
return true;
|
|
629
645
|
}
|
|
630
646
|
|
|
631
647
|
CBB ech_body;
|
|
632
648
|
if (!CBB_add_u16(out, TLSEXT_TYPE_encrypted_client_hello) ||
|
|
633
649
|
!CBB_add_u16_length_prefixed(out, &ech_body) ||
|
|
634
|
-
!
|
|
635
|
-
|
|
650
|
+
!CBB_add_u8(&ech_body, ECH_CLIENT_OUTER) ||
|
|
651
|
+
!CBB_add_bytes(&ech_body, hs->ech_client_outer.data(),
|
|
652
|
+
hs->ech_client_outer.size()) ||
|
|
636
653
|
!CBB_flush(out)) {
|
|
637
654
|
return false;
|
|
638
655
|
}
|
|
@@ -647,46 +664,55 @@ static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
|
647
664
|
}
|
|
648
665
|
|
|
649
666
|
// The ECH extension may not be sent in TLS 1.2 ServerHello, only TLS 1.3
|
|
650
|
-
//
|
|
651
|
-
|
|
667
|
+
// EncryptedExtensions. It also may not be sent in response to an inner ECH
|
|
668
|
+
// extension.
|
|
669
|
+
if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
|
670
|
+
ssl->s3->ech_status == ssl_ech_accepted) {
|
|
652
671
|
*out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
|
|
653
672
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
654
673
|
return false;
|
|
655
674
|
}
|
|
656
675
|
|
|
657
|
-
// The server may only send retry configs in response to ClientHelloOuter (or
|
|
658
|
-
// ECH GREASE), not ClientHelloInner. The unsolicited extension rule checks
|
|
659
|
-
// this implicitly because the ClientHelloInner has no encrypted_client_hello
|
|
660
|
-
// extension.
|
|
661
|
-
//
|
|
662
|
-
// TODO(https://crbug.com/boringssl/275): If
|
|
663
|
-
// https://github.com/tlswg/draft-ietf-tls-esni/pull/422 is merged, a later
|
|
664
|
-
// draft will fold encrypted_client_hello and ech_is_inner together. Then this
|
|
665
|
-
// assert should become a runtime check.
|
|
666
|
-
assert(!ssl->s3->ech_accept);
|
|
667
|
-
|
|
668
|
-
// TODO(https://crbug.com/boringssl/275): When the implementing the
|
|
669
|
-
// ClientHelloOuter flow, save the retry configs.
|
|
670
676
|
if (!ssl_is_valid_ech_config_list(*contents)) {
|
|
671
677
|
*out_alert = SSL_AD_DECODE_ERROR;
|
|
672
678
|
return false;
|
|
673
679
|
}
|
|
680
|
+
|
|
681
|
+
if (ssl->s3->ech_status == ssl_ech_rejected &&
|
|
682
|
+
!hs->ech_retry_configs.CopyFrom(*contents)) {
|
|
683
|
+
*out_alert = SSL_AD_INTERNAL_ERROR;
|
|
684
|
+
return false;
|
|
685
|
+
}
|
|
686
|
+
|
|
674
687
|
return true;
|
|
675
688
|
}
|
|
676
689
|
|
|
677
690
|
static bool ext_ech_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
678
691
|
CBS *contents) {
|
|
679
|
-
if (contents
|
|
680
|
-
|
|
692
|
+
if (contents == nullptr) {
|
|
693
|
+
return true;
|
|
694
|
+
}
|
|
695
|
+
|
|
696
|
+
uint8_t type;
|
|
697
|
+
if (!CBS_get_u8(contents, &type)) {
|
|
698
|
+
return false;
|
|
699
|
+
}
|
|
700
|
+
if (type == ECH_CLIENT_OUTER) {
|
|
701
|
+
// Outer ECH extensions are handled outside the callback.
|
|
681
702
|
return true;
|
|
682
703
|
}
|
|
704
|
+
if (type != ECH_CLIENT_INNER || CBS_len(contents) != 0) {
|
|
705
|
+
return false;
|
|
706
|
+
}
|
|
707
|
+
|
|
708
|
+
hs->ech_is_inner = true;
|
|
683
709
|
return true;
|
|
684
710
|
}
|
|
685
711
|
|
|
686
712
|
static bool ext_ech_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
|
|
687
713
|
SSL *const ssl = hs->ssl;
|
|
688
|
-
if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
|
689
|
-
ssl->s3->
|
|
714
|
+
if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
|
715
|
+
ssl->s3->ech_status == ssl_ech_accepted || //
|
|
690
716
|
hs->ech_keys == nullptr) {
|
|
691
717
|
return true;
|
|
692
718
|
}
|
|
@@ -711,32 +737,6 @@ static bool ext_ech_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
|
|
|
711
737
|
return CBB_flush(out);
|
|
712
738
|
}
|
|
713
739
|
|
|
714
|
-
static bool ext_ech_is_inner_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
|
|
715
|
-
CBB *out_compressible,
|
|
716
|
-
ssl_client_hello_type_t type) {
|
|
717
|
-
if (type == ssl_client_hello_inner) {
|
|
718
|
-
if (!CBB_add_u16(out, TLSEXT_TYPE_ech_is_inner) ||
|
|
719
|
-
!CBB_add_u16(out, 0 /* empty extension */)) {
|
|
720
|
-
return false;
|
|
721
|
-
}
|
|
722
|
-
}
|
|
723
|
-
return true;
|
|
724
|
-
}
|
|
725
|
-
|
|
726
|
-
static bool ext_ech_is_inner_parse_clienthello(SSL_HANDSHAKE *hs,
|
|
727
|
-
uint8_t *out_alert,
|
|
728
|
-
CBS *contents) {
|
|
729
|
-
if (contents == nullptr) {
|
|
730
|
-
return true;
|
|
731
|
-
}
|
|
732
|
-
if (CBS_len(contents) > 0) {
|
|
733
|
-
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
|
|
734
|
-
return false;
|
|
735
|
-
}
|
|
736
|
-
hs->ech_is_inner_present = true;
|
|
737
|
-
return true;
|
|
738
|
-
}
|
|
739
|
-
|
|
740
740
|
|
|
741
741
|
// Renegotiation indication.
|
|
742
742
|
//
|
|
@@ -1634,12 +1634,21 @@ static bool ext_channel_id_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
|
|
|
1634
1634
|
CBB *out_compressible,
|
|
1635
1635
|
ssl_client_hello_type_t type) {
|
|
1636
1636
|
const SSL *const ssl = hs->ssl;
|
|
1637
|
-
if (!hs->config->channel_id_private || SSL_is_dtls(ssl)
|
|
1637
|
+
if (!hs->config->channel_id_private || SSL_is_dtls(ssl) ||
|
|
1638
|
+
// Don't offer Channel ID in ClientHelloOuter. ClientHelloOuter handshakes
|
|
1639
|
+
// are not authenticated for the name that can learn the Channel ID.
|
|
1640
|
+
//
|
|
1641
|
+
// We could alternatively offer the extension but sign with a random key.
|
|
1642
|
+
// For other extensions, we try to align |ssl_client_hello_outer| and
|
|
1643
|
+
// |ssl_client_hello_unencrypted|, to improve the effectiveness of ECH
|
|
1644
|
+
// GREASE. However, Channel ID is deprecated and unlikely to be used with
|
|
1645
|
+
// ECH, so do the simplest thing.
|
|
1646
|
+
type == ssl_client_hello_outer) {
|
|
1638
1647
|
return true;
|
|
1639
1648
|
}
|
|
1640
1649
|
|
|
1641
|
-
if (!CBB_add_u16(
|
|
1642
|
-
!CBB_add_u16(
|
|
1650
|
+
if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
|
|
1651
|
+
!CBB_add_u16(out, 0 /* length */)) {
|
|
1643
1652
|
return false;
|
|
1644
1653
|
}
|
|
1645
1654
|
|
|
@@ -1929,13 +1938,10 @@ static bool should_offer_psk(const SSL_HANDSHAKE *hs,
|
|
|
1929
1938
|
const SSL *const ssl = hs->ssl;
|
|
1930
1939
|
if (hs->max_version < TLS1_3_VERSION || ssl->session == nullptr ||
|
|
1931
1940
|
ssl_session_protocol_version(ssl->session.get()) < TLS1_3_VERSION ||
|
|
1932
|
-
//
|
|
1933
|
-
//
|
|
1934
|
-
//
|
|
1935
|
-
//
|
|
1936
|
-
// Later drafts will recommend including a placeholder one, at which point
|
|
1937
|
-
// we will need to synthesize a ticket. See
|
|
1938
|
-
// https://github.com/tlswg/draft-ietf-tls-esni/issues/408
|
|
1941
|
+
// TODO(https://crbug.com/boringssl/275): Should we synthesize a
|
|
1942
|
+
// placeholder PSK, at least when we offer early data? Otherwise
|
|
1943
|
+
// ClientHelloOuter will contain an early_data extension without a
|
|
1944
|
+
// pre_shared_key extension and potentially break the recovery flow.
|
|
1939
1945
|
type == ssl_client_hello_outer) {
|
|
1940
1946
|
return false;
|
|
1941
1947
|
}
|
|
@@ -1978,7 +1984,6 @@ static bool ext_pre_shared_key_add_clienthello(const SSL_HANDSHAKE *hs,
|
|
|
1978
1984
|
|
|
1979
1985
|
// Fill in a placeholder zero binder of the appropriate length. It will be
|
|
1980
1986
|
// computed and filled in later after length prefixes are computed.
|
|
1981
|
-
uint8_t zero_binder[EVP_MAX_MD_SIZE] = {0};
|
|
1982
1987
|
size_t binder_len = EVP_MD_size(ssl_session_get_digest(ssl->session.get()));
|
|
1983
1988
|
|
|
1984
1989
|
CBB contents, identity, ticket, binders, binder;
|
|
@@ -1991,7 +1996,7 @@ static bool ext_pre_shared_key_add_clienthello(const SSL_HANDSHAKE *hs,
|
|
|
1991
1996
|
!CBB_add_u32(&identity, obfuscated_ticket_age) ||
|
|
1992
1997
|
!CBB_add_u16_length_prefixed(&contents, &binders) ||
|
|
1993
1998
|
!CBB_add_u8_length_prefixed(&binders, &binder) ||
|
|
1994
|
-
!
|
|
1999
|
+
!CBB_add_zeros(&binder, binder_len)) {
|
|
1995
2000
|
return false;
|
|
1996
2001
|
}
|
|
1997
2002
|
|
|
@@ -2171,10 +2176,7 @@ static bool ext_early_data_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
|
|
|
2171
2176
|
// If offering ECH, the extension only applies to ClientHelloInner, but we
|
|
2172
2177
|
// send the extension in both ClientHellos. This ensures that, if the server
|
|
2173
2178
|
// handshakes with ClientHelloOuter, it can skip past early data. See
|
|
2174
|
-
//
|
|
2175
|
-
//
|
|
2176
|
-
// TODO(https://crbug.com/boringssl/275): Replace this with a reference to the
|
|
2177
|
-
// right section in the next draft.
|
|
2179
|
+
// draft-ietf-tls-esni-13, section 6.1.
|
|
2178
2180
|
if (!CBB_add_u16(out_compressible, TLSEXT_TYPE_early_data) ||
|
|
2179
2181
|
!CBB_add_u16(out_compressible, 0) ||
|
|
2180
2182
|
!CBB_flush(out_compressible)) {
|
|
@@ -3097,13 +3099,6 @@ static const struct tls_extension kExtensions[] = {
|
|
|
3097
3099
|
ext_ech_parse_clienthello,
|
|
3098
3100
|
ext_ech_add_serverhello,
|
|
3099
3101
|
},
|
|
3100
|
-
{
|
|
3101
|
-
TLSEXT_TYPE_ech_is_inner,
|
|
3102
|
-
ext_ech_is_inner_add_clienthello,
|
|
3103
|
-
forbid_parse_serverhello,
|
|
3104
|
-
ext_ech_is_inner_parse_clienthello,
|
|
3105
|
-
dont_add_serverhello,
|
|
3106
|
-
},
|
|
3107
3102
|
{
|
|
3108
3103
|
TLSEXT_TYPE_extended_master_secret,
|
|
3109
3104
|
ext_ems_add_clienthello,
|
|
@@ -3311,14 +3306,12 @@ static const struct tls_extension *tls_extension_find(uint32_t *out_index,
|
|
|
3311
3306
|
|
|
3312
3307
|
static bool add_padding_extension(CBB *cbb, uint16_t ext, size_t len) {
|
|
3313
3308
|
CBB child;
|
|
3314
|
-
uint8_t *ptr;
|
|
3315
3309
|
if (!CBB_add_u16(cbb, ext) || //
|
|
3316
3310
|
!CBB_add_u16_length_prefixed(cbb, &child) ||
|
|
3317
|
-
!
|
|
3311
|
+
!CBB_add_zeros(&child, len)) {
|
|
3318
3312
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
3319
3313
|
return false;
|
|
3320
3314
|
}
|
|
3321
|
-
OPENSSL_memset(ptr, 0, len);
|
|
3322
3315
|
return CBB_flush(cbb);
|
|
3323
3316
|
}
|
|
3324
3317
|
|
|
@@ -3391,34 +3384,6 @@ static bool ssl_add_clienthello_tlsext_inner(SSL_HANDSHAKE *hs, CBB *out,
|
|
|
3391
3384
|
}
|
|
3392
3385
|
}
|
|
3393
3386
|
|
|
3394
|
-
// Pad the server name. See draft-ietf-tls-esni-10, section 6.1.2.
|
|
3395
|
-
// TODO(https://crbug.com/boringssl/275): Ideally we'd pad the whole thing to
|
|
3396
|
-
// reduce the output range. See
|
|
3397
|
-
// https://github.com/tlswg/draft-ietf-tls-esni/issues/433
|
|
3398
|
-
size_t padding_len = 0;
|
|
3399
|
-
size_t maximum_name_length = hs->selected_ech_config->maximum_name_length;
|
|
3400
|
-
if (ssl->hostname) {
|
|
3401
|
-
size_t hostname_len = strlen(ssl->hostname.get());
|
|
3402
|
-
if (hostname_len <= maximum_name_length) {
|
|
3403
|
-
padding_len = maximum_name_length - hostname_len;
|
|
3404
|
-
} else {
|
|
3405
|
-
// If the server underestimated the maximum size, pad to a multiple of 32.
|
|
3406
|
-
padding_len = 31 - (hostname_len - 1) % 32;
|
|
3407
|
-
// If the input is close to |maximum_name_length|, pad to the next
|
|
3408
|
-
// multiple for at least 32 bytes of length ambiguity.
|
|
3409
|
-
if (hostname_len + padding_len < maximum_name_length + 32) {
|
|
3410
|
-
padding_len += 32;
|
|
3411
|
-
}
|
|
3412
|
-
}
|
|
3413
|
-
} else {
|
|
3414
|
-
// No SNI. Pad up to |maximum_name_length|, including server_name extension
|
|
3415
|
-
// overhead.
|
|
3416
|
-
padding_len = 9 + maximum_name_length;
|
|
3417
|
-
}
|
|
3418
|
-
if (!add_padding_extension(&extensions, TLSEXT_TYPE_padding, padding_len)) {
|
|
3419
|
-
return false;
|
|
3420
|
-
}
|
|
3421
|
-
|
|
3422
3387
|
// Uncompressed extensions are encoded as-is.
|
|
3423
3388
|
if (!CBB_add_bytes(&extensions_encoded, CBB_data(&extensions),
|
|
3424
3389
|
CBB_len(&extensions))) {
|
|
@@ -3460,8 +3425,8 @@ static bool ssl_add_clienthello_tlsext_inner(SSL_HANDSHAKE *hs, CBB *out,
|
|
|
3460
3425
|
|
|
3461
3426
|
bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
|
|
3462
3427
|
bool *out_needs_psk_binder,
|
|
3463
|
-
ssl_client_hello_type_t type,
|
|
3464
|
-
size_t
|
|
3428
|
+
ssl_client_hello_type_t type,
|
|
3429
|
+
size_t header_len) {
|
|
3465
3430
|
*out_needs_psk_binder = false;
|
|
3466
3431
|
|
|
3467
3432
|
if (type == ssl_client_hello_inner) {
|
|
@@ -3494,20 +3459,14 @@ bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
|
|
|
3494
3459
|
size_t i = hs->extension_permutation.empty()
|
|
3495
3460
|
? unpermuted
|
|
3496
3461
|
: hs->extension_permutation[unpermuted];
|
|
3497
|
-
size_t
|
|
3498
|
-
if (
|
|
3499
|
-
|
|
3500
|
-
|
|
3501
|
-
|
|
3502
|
-
const size_t len_before = CBB_len(&extensions);
|
|
3503
|
-
if (!kExtensions[i].add_clienthello(hs, &extensions, &extensions, type)) {
|
|
3504
|
-
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
|
|
3505
|
-
ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
|
|
3506
|
-
return false;
|
|
3507
|
-
}
|
|
3508
|
-
|
|
3509
|
-
bytes_written = CBB_len(&extensions) - len_before;
|
|
3462
|
+
const size_t len_before = CBB_len(&extensions);
|
|
3463
|
+
if (!kExtensions[i].add_clienthello(hs, &extensions, &extensions, type)) {
|
|
3464
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
|
|
3465
|
+
ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value);
|
|
3466
|
+
return false;
|
|
3510
3467
|
}
|
|
3468
|
+
|
|
3469
|
+
const size_t bytes_written = CBB_len(&extensions) - len_before;
|
|
3511
3470
|
if (bytes_written != 0) {
|
|
3512
3471
|
hs->extensions.sent |= (1u << i);
|
|
3513
3472
|
}
|
|
@@ -3531,8 +3490,8 @@ bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out, CBB *out_encoded,
|
|
|
3531
3490
|
size_t psk_extension_len = ext_pre_shared_key_clienthello_length(hs, type);
|
|
3532
3491
|
if (!SSL_is_dtls(ssl) && !ssl->quic_method &&
|
|
3533
3492
|
!ssl->s3->used_hello_retry_request) {
|
|
3534
|
-
header_len +=
|
|
3535
|
-
|
|
3493
|
+
header_len +=
|
|
3494
|
+
SSL3_HM_HEADER_LENGTH + 2 + CBB_len(&extensions) + psk_extension_len;
|
|
3536
3495
|
size_t padding_len = 0;
|
|
3537
3496
|
|
|
3538
3497
|
// The final extension must be non-empty. WebSphere Application
|
|
@@ -3706,18 +3665,10 @@ bool ssl_parse_clienthello_tlsext(SSL_HANDSHAKE *hs,
|
|
|
3706
3665
|
return true;
|
|
3707
3666
|
}
|
|
3708
3667
|
|
|
3709
|
-
static bool ssl_scan_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs,
|
|
3668
|
+
static bool ssl_scan_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs,
|
|
3710
3669
|
int *out_alert) {
|
|
3711
|
-
|
|
3712
|
-
|
|
3713
|
-
if (CBS_len(cbs) == 0 && ssl_protocol_version(ssl) < TLS1_3_VERSION) {
|
|
3714
|
-
return true;
|
|
3715
|
-
}
|
|
3716
|
-
|
|
3717
|
-
// Decode the extensions block and check it is valid.
|
|
3718
|
-
CBS extensions;
|
|
3719
|
-
if (!CBS_get_u16_length_prefixed(cbs, &extensions) ||
|
|
3720
|
-
!tls1_check_duplicate_extensions(&extensions)) {
|
|
3670
|
+
CBS extensions = *cbs;
|
|
3671
|
+
if (!tls1_check_duplicate_extensions(&extensions)) {
|
|
3721
3672
|
*out_alert = SSL_AD_DECODE_ERROR;
|
|
3722
3673
|
return false;
|
|
3723
3674
|
}
|
|
@@ -3839,7 +3790,7 @@ static bool ssl_check_serverhello_tlsext(SSL_HANDSHAKE *hs) {
|
|
|
3839
3790
|
return true;
|
|
3840
3791
|
}
|
|
3841
3792
|
|
|
3842
|
-
bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, CBS *cbs) {
|
|
3793
|
+
bool ssl_parse_serverhello_tlsext(SSL_HANDSHAKE *hs, const CBS *cbs) {
|
|
3843
3794
|
SSL *const ssl = hs->ssl;
|
|
3844
3795
|
int alert = SSL_AD_DECODE_ERROR;
|
|
3845
3796
|
if (!ssl_scan_serverhello_tlsext(hs, cbs, &alert)) {
|
|
@@ -3867,8 +3818,8 @@ static enum ssl_ticket_aead_result_t decrypt_ticket_with_cipher_ctx(
|
|
|
3867
3818
|
return ssl_ticket_aead_ignore_ticket;
|
|
3868
3819
|
}
|
|
3869
3820
|
// Split the ticket into the ticket and the MAC.
|
|
3870
|
-
auto ticket_mac = ticket.
|
|
3871
|
-
ticket = ticket.
|
|
3821
|
+
auto ticket_mac = ticket.last(mac_len);
|
|
3822
|
+
ticket = ticket.first(ticket.size() - mac_len);
|
|
3872
3823
|
HMAC_Update(hmac_ctx, ticket.data(), ticket.size());
|
|
3873
3824
|
HMAC_Final(hmac_ctx, mac, NULL);
|
|
3874
3825
|
assert(mac_len == ticket_mac.size());
|
|
@@ -126,8 +126,8 @@ BSSL_NAMESPACE_BEGIN
|
|
|
126
126
|
|
|
127
127
|
SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
|
|
128
128
|
: ssl(ssl_arg),
|
|
129
|
-
|
|
130
|
-
|
|
129
|
+
ech_is_inner(false),
|
|
130
|
+
ech_authenticated_reject(false),
|
|
131
131
|
scts_requested(false),
|
|
132
132
|
handshake_finalized(false),
|
|
133
133
|
accept_psk_mode(false),
|
|
@@ -267,12 +267,15 @@ bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
|
|
267
267
|
}
|
|
268
268
|
|
|
269
269
|
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
270
|
-
|
|
270
|
+
std::initializer_list<SSLExtension *> extensions,
|
|
271
271
|
bool ignore_unknown) {
|
|
272
272
|
// Reset everything.
|
|
273
|
-
for (
|
|
274
|
-
|
|
275
|
-
CBS_init(
|
|
273
|
+
for (SSLExtension *ext : extensions) {
|
|
274
|
+
ext->present = false;
|
|
275
|
+
CBS_init(&ext->data, nullptr, 0);
|
|
276
|
+
if (!ext->allowed) {
|
|
277
|
+
assert(!ignore_unknown);
|
|
278
|
+
}
|
|
276
279
|
}
|
|
277
280
|
|
|
278
281
|
CBS copy = *cbs;
|
|
@@ -286,10 +289,10 @@ bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
|
286
289
|
return false;
|
|
287
290
|
}
|
|
288
291
|
|
|
289
|
-
|
|
290
|
-
for (
|
|
291
|
-
if (type ==
|
|
292
|
-
found =
|
|
292
|
+
SSLExtension *found = nullptr;
|
|
293
|
+
for (SSLExtension *ext : extensions) {
|
|
294
|
+
if (type == ext->type && ext->allowed) {
|
|
295
|
+
found = ext;
|
|
293
296
|
break;
|
|
294
297
|
}
|
|
295
298
|
}
|
|
@@ -304,14 +307,14 @@ bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
|
304
307
|
}
|
|
305
308
|
|
|
306
309
|
// Duplicate ext_types are forbidden.
|
|
307
|
-
if (
|
|
310
|
+
if (found->present) {
|
|
308
311
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_EXTENSION);
|
|
309
312
|
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
|
|
310
313
|
return false;
|
|
311
314
|
}
|
|
312
315
|
|
|
313
|
-
|
|
314
|
-
|
|
316
|
+
found->present = true;
|
|
317
|
+
found->data = data;
|
|
315
318
|
}
|
|
316
319
|
|
|
317
320
|
return true;
|
|
@@ -715,6 +718,10 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
|
715
718
|
return -1;
|
|
716
719
|
|
|
717
720
|
case ssl_hs_early_return:
|
|
721
|
+
if (!ssl->server) {
|
|
722
|
+
// On ECH reject, the handshake should never complete.
|
|
723
|
+
assert(ssl->s3->ech_status != ssl_ech_rejected);
|
|
724
|
+
}
|
|
718
725
|
*out_early_return = true;
|
|
719
726
|
hs->wait = ssl_hs_ok;
|
|
720
727
|
return 1;
|
|
@@ -734,6 +741,10 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
|
734
741
|
return -1;
|
|
735
742
|
}
|
|
736
743
|
if (hs->wait == ssl_hs_ok) {
|
|
744
|
+
if (!ssl->server) {
|
|
745
|
+
// On ECH reject, the handshake should never complete.
|
|
746
|
+
assert(ssl->s3->ech_status != ssl_ech_rejected);
|
|
747
|
+
}
|
|
737
748
|
// The handshake has completed.
|
|
738
749
|
*out_early_return = false;
|
|
739
750
|
return 1;
|