grpc 1.40.0 → 1.41.0.pre2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +27 -36
- data/include/grpc/byte_buffer.h +1 -1
- data/include/grpc/byte_buffer_reader.h +1 -1
- data/include/grpc/event_engine/endpoint_config.h +6 -11
- data/include/grpc/event_engine/event_engine.h +63 -58
- data/include/grpc/event_engine/port.h +1 -3
- data/include/grpc/event_engine/slice_allocator.h +6 -1
- data/include/grpc/fork.h +1 -1
- data/include/grpc/grpc.h +10 -4
- data/include/grpc/grpc_posix.h +5 -2
- data/include/grpc/impl/codegen/atm.h +5 -3
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +2 -0
- data/include/grpc/impl/codegen/atm_gcc_sync.h +2 -0
- data/include/grpc/impl/codegen/atm_windows.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer.h +2 -0
- data/include/grpc/impl/codegen/byte_buffer_reader.h +2 -0
- data/include/grpc/impl/codegen/compression_types.h +2 -0
- data/include/grpc/impl/codegen/connectivity_state.h +2 -0
- data/include/grpc/impl/codegen/fork.h +2 -0
- data/include/grpc/impl/codegen/gpr_slice.h +2 -0
- data/include/grpc/impl/codegen/gpr_types.h +2 -0
- data/include/grpc/impl/codegen/grpc_types.h +4 -5
- data/include/grpc/impl/codegen/log.h +2 -0
- data/include/grpc/impl/codegen/port_platform.h +26 -22
- data/include/grpc/impl/codegen/propagation_bits.h +2 -0
- data/include/grpc/impl/codegen/slice.h +2 -0
- data/include/grpc/impl/codegen/status.h +2 -0
- data/include/grpc/impl/codegen/sync.h +8 -5
- data/include/grpc/impl/codegen/sync_abseil.h +2 -0
- data/include/grpc/impl/codegen/sync_custom.h +2 -0
- data/include/grpc/impl/codegen/sync_generic.h +3 -0
- data/include/grpc/impl/codegen/sync_posix.h +4 -2
- data/include/grpc/impl/codegen/sync_windows.h +2 -0
- data/include/grpc/slice.h +1 -1
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/atm.h +1 -1
- data/include/grpc/support/atm_gcc_atomic.h +1 -1
- data/include/grpc/support/atm_gcc_sync.h +1 -1
- data/include/grpc/support/atm_windows.h +1 -1
- data/include/grpc/support/log.h +1 -1
- data/include/grpc/support/port_platform.h +1 -1
- data/include/grpc/support/sync.h +1 -1
- data/include/grpc/support/sync_abseil.h +1 -1
- data/include/grpc/support/sync_custom.h +1 -1
- data/include/grpc/support/sync_generic.h +1 -1
- data/include/grpc/support/sync_posix.h +1 -1
- data/include/grpc/support/sync_windows.h +1 -1
- data/include/grpc/support/time.h +2 -2
- data/src/core/ext/filters/census/grpc_context.cc +1 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +0 -1
- data/src/core/ext/filters/client_channel/backup_poller.h +1 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +1 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +24 -52
- data/src/core/ext/filters/client_channel/client_channel.h +3 -3
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +6 -5
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +1 -1
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +1 -0
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +8 -1
- data/src/core/ext/filters/client_channel/config_selector.cc +1 -0
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +7 -6
- data/src/core/ext/filters/client_channel/health/health_check_client.h +4 -3
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +8 -7
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +10 -2
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +2 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +14 -23
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +1 -0
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +15 -18
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +10 -7
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -8
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +2 -3
- data/src/core/ext/filters/client_channel/lb_policy.h +11 -44
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +4 -7
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +2 -10
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +1 -0
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +6 -5
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +14 -19
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +1 -0
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +5 -8
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +2 -3
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +36 -30
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -6
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +6 -13
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -2
- data/src/core/ext/filters/http/client_authority_filter.cc +2 -1
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +2 -1
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +7 -8
- data/src/core/ext/filters/http/server/http_server_filter.cc +5 -3
- data/src/core/ext/filters/message_size/message_size_filter.cc +9 -13
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +2 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +29 -12
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -0
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +2 -3
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +10 -6
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +2 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +60 -37
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +0 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +12 -6
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +5 -9
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +3 -1
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -1
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +1 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/chttp2_slice_allocator.h +2 -2
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +24 -30
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +4 -1
- data/src/core/ext/transport/chttp2/transport/context_list.h +1 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +39 -23
- data/src/core/ext/transport/chttp2/transport/flow_control.h +9 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -5
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +36 -5
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -0
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +12 -7
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -0
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +41 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +272 -666
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +236 -70
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_index.h +107 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +86 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +69 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +776 -1037
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +48 -169
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +159 -0
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +130 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.cc +46 -0
- data/src/core/ext/transport/chttp2/transport/hpack_utils.h +30 -0
- data/src/core/ext/transport/chttp2/transport/incoming_metadata.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +2 -2
- data/src/core/ext/transport/chttp2/transport/parsing.cc +20 -30
- data/src/core/ext/transport/chttp2/transport/popularity_count.h +60 -0
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.cc +7 -3
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -28
- data/src/core/ext/transport/chttp2/transport/writing.cc +32 -28
- data/src/core/ext/transport/inproc/inproc_transport.cc +6 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +96 -96
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +221 -89
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +48 -48
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +151 -61
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +99 -99
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +171 -69
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +126 -127
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +229 -101
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +82 -82
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +201 -81
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +24 -24
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +62 -62
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +131 -53
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +51 -51
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +81 -33
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +62 -62
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +141 -57
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +16 -16
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +57 -22
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +174 -17
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +32 -32
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +37 -37
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +40 -40
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +30 -30
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +81 -33
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +41 -29
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +141 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +46 -43
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +88 -29
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +18 -18
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +281 -277
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +569 -248
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +13 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +23 -23
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +115 -116
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +191 -77
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +46 -32
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +118 -34
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +12 -12
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +44 -42
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +108 -55
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +42 -42
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +61 -25
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +28 -28
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +41 -17
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +9 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +25 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +11 -5
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +9 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +11 -11
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +15 -15
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +71 -29
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +19 -19
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +51 -21
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/http.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +21 -9
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +10 -10
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +31 -13
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +11 -5
- data/src/core/ext/upb-generated/google/api/annotations.upb.c +1 -1
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +58 -58
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +111 -45
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +68 -68
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +121 -49
- data/src/core/ext/upb-generated/google/api/http.upb.c +18 -18
- data/src/core/ext/upb-generated/google/api/http.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +153 -153
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +271 -109
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +2 -2
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +15 -15
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +31 -13
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +4 -4
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +11 -5
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +19 -19
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +91 -37
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +5 -5
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +12 -12
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +11 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +60 -60
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +101 -41
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +7 -7
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +21 -9
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +31 -31
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +91 -37
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +8 -8
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +31 -13
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +13 -13
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +11 -5
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +4 -4
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +11 -5
- data/src/core/ext/upb-generated/validate/validate.upb.c +220 -220
- data/src/core/ext/upb-generated/validate/validate.upb.h +231 -93
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +3 -3
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +8 -8
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +11 -5
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +11 -11
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +21 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +11 -5
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +384 -382
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +94 -63
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +30 -19
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +791 -780
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +96 -100
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +133 -115
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +178 -173
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +14 -13
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +103 -103
- data/src/core/ext/xds/certificate_provider_registry.cc +2 -2
- data/src/core/ext/xds/xds_api.cc +788 -910
- data/src/core/ext/xds/xds_api.h +16 -33
- data/src/core/ext/xds/xds_bootstrap.cc +27 -52
- data/src/core/ext/xds/xds_client.cc +69 -30
- data/src/core/ext/xds/xds_client_stats.cc +16 -15
- data/src/core/ext/xds/xds_client_stats.h +6 -6
- data/src/core/ext/xds/xds_http_fault_filter.cc +4 -3
- data/src/core/ext/xds/xds_http_fault_filter.h +3 -2
- data/src/core/ext/xds/xds_http_filters.cc +1 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +10 -10
- data/src/core/lib/address_utils/parse_address.cc +4 -8
- data/src/core/lib/address_utils/sockaddr_utils.cc +2 -2
- data/src/core/lib/channel/channel_args.cc +2 -1
- data/src/core/lib/channel/channel_stack.cc +5 -3
- data/src/core/lib/channel/channel_stack_builder.cc +1 -11
- data/src/core/lib/channel/channel_stack_builder.h +0 -8
- data/src/core/lib/channel/channel_trace.cc +4 -3
- data/src/core/lib/channel/channel_trace.h +1 -0
- data/src/core/lib/channel/channelz.cc +40 -36
- data/src/core/lib/channel/channelz.h +27 -27
- data/src/core/lib/channel/channelz_registry.cc +7 -6
- data/src/core/lib/channel/connected_channel.cc +1 -0
- data/src/core/lib/channel/handshaker.cc +2 -1
- data/src/core/lib/channel/handshaker.h +1 -2
- data/src/core/lib/channel/handshaker_factory.h +10 -2
- data/src/core/lib/channel/handshaker_registry.cc +15 -70
- data/src/core/lib/channel/handshaker_registry.h +29 -12
- data/src/core/lib/channel/status_util.h +2 -2
- data/src/core/lib/compression/algorithm_metadata.h +1 -0
- data/src/core/lib/compression/compression_args.cc +2 -1
- data/src/core/lib/compression/compression_internal.cc +2 -4
- data/src/core/lib/compression/message_compress.cc +2 -2
- data/src/core/lib/compression/stream_compression.cc +2 -1
- data/src/core/lib/compression/stream_compression.h +2 -1
- data/src/core/lib/compression/stream_compression_gzip.cc +2 -1
- data/src/core/lib/compression/stream_compression_identity.cc +2 -1
- data/src/core/lib/config/core_configuration.cc +54 -0
- data/src/core/lib/config/core_configuration.h +108 -0
- data/src/core/lib/debug/stats.h +1 -0
- data/src/core/lib/debug/stats_data.cc +2 -1
- data/src/core/lib/debug/stats_data.h +1 -0
- data/src/core/lib/debug/trace.cc +1 -0
- data/src/core/lib/debug/trace.h +2 -1
- data/src/core/lib/event_engine/endpoint_config.cc +0 -1
- data/src/core/lib/event_engine/event_engine.cc +3 -3
- data/src/core/lib/event_engine/sockaddr.cc +3 -3
- data/src/core/lib/gpr/alloc.cc +4 -3
- data/src/core/lib/gpr/env_linux.cc +1 -2
- data/src/core/lib/gpr/env_posix.cc +2 -3
- data/src/core/lib/gpr/log.cc +3 -3
- data/src/core/lib/gpr/log_android.cc +3 -2
- data/src/core/lib/gpr/log_linux.cc +7 -4
- data/src/core/lib/gpr/log_posix.cc +6 -3
- data/src/core/lib/gpr/string.h +2 -2
- data/src/core/lib/gpr/sync.cc +2 -2
- data/src/core/lib/gpr/sync_abseil.cc +7 -6
- data/src/core/lib/gpr/sync_posix.cc +3 -3
- data/src/core/lib/gpr/time.cc +3 -2
- data/src/core/lib/gpr/time_windows.cc +3 -2
- data/src/core/lib/gpr/tls.h +120 -41
- data/src/core/lib/gpr/tmpfile_posix.cc +1 -2
- data/src/core/lib/gprpp/arena.cc +2 -1
- data/src/core/lib/gprpp/arena.h +5 -5
- data/src/core/lib/gprpp/atomic_utils.h +47 -0
- data/src/core/lib/gprpp/bitset.h +166 -0
- data/src/core/lib/gprpp/construct_destruct.h +39 -0
- data/src/core/lib/gprpp/dual_ref_counted.h +25 -26
- data/src/core/lib/gprpp/fork.cc +14 -12
- data/src/core/lib/gprpp/fork.h +4 -4
- data/src/core/lib/gprpp/global_config.h +1 -2
- data/src/core/lib/gprpp/global_config_env.cc +7 -7
- data/src/core/lib/gprpp/global_config_generic.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +8 -5
- data/src/core/lib/gprpp/match.h +73 -0
- data/src/core/lib/gprpp/memory.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +7 -7
- data/src/core/lib/gprpp/mpscq.h +6 -5
- data/src/core/lib/gprpp/orphanable.h +3 -3
- data/src/core/lib/gprpp/overload.h +59 -0
- data/src/core/lib/gprpp/ref_counted.h +18 -18
- data/src/core/lib/gprpp/status_helper.cc +4 -4
- data/src/core/lib/gprpp/sync.h +3 -1
- data/src/core/lib/gprpp/thd_posix.cc +5 -5
- data/src/core/lib/gprpp/thd_windows.cc +4 -11
- data/src/core/lib/gprpp/time_util.cc +2 -2
- data/src/core/lib/gprpp/time_util.h +2 -2
- data/src/core/lib/http/format_request.cc +1 -0
- data/src/core/lib/http/format_request.h +1 -0
- data/src/core/lib/http/httpcli.cc +9 -9
- data/src/core/lib/http/httpcli.h +3 -0
- data/src/core/lib/http/httpcli_security_connector.cc +5 -8
- data/src/core/lib/http/parser.h +1 -0
- data/src/core/lib/iomgr/buffer_list.cc +2 -1
- data/src/core/lib/iomgr/buffer_list.h +1 -2
- data/src/core/lib/iomgr/call_combiner.cc +1 -0
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/combiner.h +1 -0
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +1 -0
- data/src/core/lib/iomgr/endpoint.cc +0 -4
- data/src/core/lib/iomgr/endpoint.h +1 -3
- data/src/core/lib/iomgr/endpoint_cfstream.cc +9 -20
- data/src/core/lib/iomgr/endpoint_cfstream.h +1 -1
- data/src/core/lib/iomgr/endpoint_pair.h +1 -0
- data/src/core/lib/iomgr/endpoint_pair_event_engine.cc +1 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +15 -11
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +17 -9
- data/src/core/lib/iomgr/error.h +23 -9
- data/src/core/lib/iomgr/error_cfstream.cc +2 -2
- data/src/core/lib/iomgr/error_internal.h +1 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +14 -22
- data/src/core/lib/iomgr/ev_epollex_linux.cc +15 -22
- data/src/core/lib/iomgr/ev_poll_posix.cc +13 -25
- data/src/core/lib/iomgr/ev_posix.cc +1 -2
- data/src/core/lib/iomgr/event_engine/endpoint.cc +3 -22
- data/src/core/lib/iomgr/event_engine/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine/iomgr.cc +17 -18
- data/src/core/lib/iomgr/event_engine/iomgr.h +20 -2
- data/src/core/lib/iomgr/event_engine/resolver.cc +2 -1
- data/src/core/lib/iomgr/event_engine/tcp.cc +53 -24
- data/src/core/lib/iomgr/exec_ctx.cc +3 -4
- data/src/core/lib/iomgr/exec_ctx.h +11 -19
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +10 -9
- data/src/core/lib/iomgr/executor/mpmcqueue.h +4 -3
- data/src/core/lib/iomgr/executor/threadpool.cc +2 -2
- data/src/core/lib/iomgr/executor/threadpool.h +2 -1
- data/src/core/lib/iomgr/executor.cc +5 -6
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -2
- data/src/core/lib/iomgr/iocp_windows.cc +1 -0
- data/src/core/lib/iomgr/iomgr.h +2 -2
- data/src/core/lib/iomgr/iomgr_custom.cc +2 -2
- data/src/core/lib/iomgr/iomgr_custom.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +2 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +1 -2
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +4 -4
- data/src/core/lib/iomgr/polling_entity.cc +2 -2
- data/src/core/lib/iomgr/pollset_custom.cc +3 -4
- data/src/core/lib/iomgr/pollset_custom.h +2 -2
- data/src/core/lib/iomgr/pollset_set_custom.cc +1 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -0
- data/src/core/lib/iomgr/port.h +0 -5
- data/src/core/lib/iomgr/python_util.h +1 -0
- data/src/core/lib/iomgr/resolve_address.cc +2 -1
- data/src/core/lib/iomgr/resolve_address.h +0 -4
- data/src/core/lib/iomgr/resolve_address_custom.cc +4 -4
- data/src/core/lib/iomgr/resolve_address_custom.h +0 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +2 -4
- data/src/core/lib/iomgr/resolve_address_windows.cc +6 -8
- data/src/core/lib/iomgr/resource_quota.cc +127 -42
- data/src/core/lib/iomgr/resource_quota.h +66 -17
- data/src/core/lib/iomgr/sockaddr.h +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -3
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -0
- data/src/core/lib/iomgr/socket_mutator.h +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +3 -3
- data/src/core/lib/iomgr/socket_utils_linux.cc +4 -4
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.cc +4 -2
- data/src/core/lib/iomgr/tcp_client.h +4 -0
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +9 -19
- data/src/core/lib/iomgr/tcp_client_custom.cc +9 -17
- data/src/core/lib/iomgr/tcp_client_posix.cc +24 -9
- data/src/core/lib/iomgr/tcp_client_posix.h +5 -2
- data/src/core/lib/iomgr/tcp_client_windows.cc +14 -6
- data/src/core/lib/iomgr/tcp_custom.cc +11 -23
- data/src/core/lib/iomgr/tcp_custom.h +2 -1
- data/src/core/lib/iomgr/tcp_posix.cc +29 -59
- data/src/core/lib/iomgr/tcp_posix.h +11 -12
- data/src/core/lib/iomgr/tcp_server.cc +6 -4
- data/src/core/lib/iomgr/tcp_server.h +12 -9
- data/src/core/lib/iomgr/tcp_server_custom.cc +15 -33
- data/src/core/lib/iomgr/tcp_server_posix.cc +20 -13
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -0
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +1 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +4 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +13 -9
- data/src/core/lib/iomgr/tcp_windows.cc +6 -25
- data/src/core/lib/iomgr/tcp_windows.h +2 -1
- data/src/core/lib/iomgr/timer.cc +1 -0
- data/src/core/lib/iomgr/timer.h +1 -2
- data/src/core/lib/iomgr/timer_custom.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +8 -38
- data/src/core/lib/iomgr/timer_generic.h +1 -0
- data/src/core/lib/iomgr/timer_heap.cc +1 -2
- data/src/core/lib/iomgr/udp_server.cc +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -5
- data/src/core/lib/iomgr/unix_sockets_posix.h +2 -3
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -0
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -3
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +1 -0
- data/src/core/lib/iomgr/work_serializer.cc +4 -4
- data/src/core/lib/iomgr/work_serializer.h +1 -1
- data/src/core/lib/json/json_reader.cc +9 -17
- data/src/core/lib/json/json_util.h +18 -26
- data/src/core/lib/matchers/matchers.h +0 -1
- data/src/core/lib/profiling/basic_timers.cc +8 -6
- data/src/core/lib/profiling/stap_timers.cc +2 -2
- data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -4
- data/src/core/lib/security/authorization/evaluate_args.cc +2 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.cc +159 -0
- data/src/core/lib/security/authorization/sdk_server_authz_filter.h +67 -0
- data/src/core/lib/security/context/security_context.cc +7 -6
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +2 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +4 -3
- data/src/core/lib/security/credentials/credentials.cc +6 -6
- data/src/core/lib/security/credentials/credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials_metadata.cc +2 -3
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +13 -26
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +3 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +13 -22
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +2 -4
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +55 -3
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +2 -1
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -1
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -1
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +31 -14
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +3 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +3 -7
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -0
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +2 -4
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +4 -4
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +3 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +10 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +2 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +7 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +4 -6
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +1 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -3
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +4 -7
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +1 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +2 -3
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -14
- data/src/core/lib/security/transport/auth_filters.h +1 -0
- data/src/core/lib/security/transport/client_auth_filter.cc +4 -6
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -14
- data/src/core/lib/security/transport/secure_endpoint.h +1 -0
- data/src/core/lib/security/transport/security_handshaker.cc +5 -4
- data/src/core/lib/security/transport/security_handshaker.h +2 -1
- data/src/core/lib/security/util/json_util.cc +6 -8
- data/src/core/lib/slice/percent_encoding.cc +73 -30
- data/src/core/lib/slice/percent_encoding.h +29 -28
- data/src/core/lib/slice/slice.cc +2 -3
- data/src/core/lib/slice/slice_buffer.cc +1 -2
- data/src/core/lib/slice/slice_intern.cc +2 -3
- data/src/core/lib/slice/slice_internal.h +2 -2
- data/src/core/lib/surface/api_trace.cc +2 -1
- data/src/core/lib/surface/api_trace.h +1 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +1 -1
- data/src/core/lib/surface/call.cc +9 -8
- data/src/core/lib/surface/call.h +3 -3
- data/src/core/lib/surface/call_details.cc +2 -2
- data/src/core/lib/surface/call_log_batch.cc +2 -2
- data/src/core/lib/surface/channel.cc +22 -9
- data/src/core/lib/surface/channel.h +14 -2
- data/src/core/lib/surface/channel_ping.cc +1 -2
- data/src/core/lib/surface/channel_stack_type.cc +2 -1
- data/src/core/lib/surface/completion_queue.cc +54 -64
- data/src/core/lib/surface/completion_queue_factory.cc +2 -1
- data/src/core/lib/surface/completion_queue_factory.h +1 -0
- data/src/core/lib/surface/event_string.cc +1 -0
- data/src/core/lib/surface/init.cc +4 -9
- data/src/core/lib/surface/init.h +0 -1
- data/src/core/lib/surface/init_secure.cc +23 -4
- data/src/core/lib/surface/lame_client.cc +6 -5
- data/src/core/lib/surface/metadata_array.cc +2 -2
- data/src/core/lib/surface/server.cc +17 -33
- data/src/core/lib/surface/server.h +11 -13
- data/src/core/lib/surface/validate_metadata.cc +44 -16
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/byte_stream.h +1 -0
- data/src/core/lib/transport/connectivity_state.cc +8 -5
- data/src/core/lib/transport/connectivity_state.h +2 -2
- data/src/core/lib/transport/error_utils.cc +1 -0
- data/src/core/lib/transport/metadata.cc +10 -10
- data/src/core/lib/transport/metadata.h +13 -11
- data/src/core/lib/transport/metadata_batch.h +8 -0
- data/src/core/lib/transport/transport_op_string.cc +2 -2
- data/src/core/plugin_registry/grpc_plugin_registry.cc +14 -0
- data/src/core/tsi/alts/crypt/aes_gcm.cc +3 -2
- data/src/core/tsi/alts/crypt/gsec.h +2 -3
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +2 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +2 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -2
- data/src/core/tsi/ssl_transport_security.cc +11 -9
- data/src/core/tsi/ssl_transport_security.h +3 -1
- data/src/core/tsi/transport_security.cc +3 -3
- data/src/core/tsi/transport_security_grpc.h +1 -0
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/ext/grpc/rb_byte_buffer.c +2 -1
- data/src/ruby/ext/grpc/rb_call.c +5 -5
- data/src/ruby/ext/grpc/rb_call_credentials.c +5 -5
- data/src/ruby/ext/grpc/rb_channel.c +10 -8
- data/src/ruby/ext/grpc/rb_channel_args.c +2 -2
- data/src/ruby/ext/grpc/rb_channel_credentials.c +4 -4
- data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -2
- data/src/ruby/ext/grpc/rb_compression_options.c +5 -4
- data/src/ruby/ext/grpc/rb_event_thread.c +4 -4
- data/src/ruby/ext/grpc/rb_grpc.c +5 -4
- data/src/ruby/ext/grpc/rb_grpc.h +1 -0
- data/src/ruby/ext/grpc/rb_server.c +6 -5
- data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +8 -5
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +3 -1
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +6 -5
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +3 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/err_data.c +294 -292
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_locl.h → internal.h} +20 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +14 -3
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +5 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +4 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +219 -121
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +9 -2
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +23 -2
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +253 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +28 -23
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fuchsia.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +15 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +45 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +10 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +6 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +25 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +9 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +5 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +160 -74
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +0 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +8 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +25 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +14 -12
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +4 -205
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +5 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +58 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +184 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +0 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +9 -16
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +44 -2
- data/third_party/boringssl-with-bazel/src/ssl/{t1_lib.cc → extensions.cc} +24 -11
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +9 -0
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +75 -68
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +17 -9
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +25 -6
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +1 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +11 -5
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +0 -49
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +121 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +14 -6
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +9 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +2 -2
- data/third_party/upb/upb/decode.c +129 -60
- data/third_party/upb/upb/decode.h +32 -4
- data/third_party/upb/upb/decode_fast.c +513 -500
- data/third_party/upb/upb/decode_fast.h +27 -0
- data/third_party/upb/upb/{decode.int.h → decode_internal.h} +38 -8
- data/third_party/upb/upb/def.c +171 -181
- data/third_party/upb/upb/def.h +41 -19
- data/third_party/upb/upb/def.hpp +29 -0
- data/third_party/upb/upb/encode.c +49 -16
- data/third_party/upb/upb/encode.h +29 -2
- data/third_party/upb/upb/msg.c +169 -28
- data/third_party/upb/upb/msg.h +75 -580
- data/third_party/upb/upb/msg_internal.h +687 -0
- data/third_party/upb/upb/port_def.inc +85 -24
- data/third_party/upb/upb/port_undef.inc +38 -1
- data/third_party/upb/upb/reflection.c +29 -37
- data/third_party/upb/upb/reflection.h +36 -8
- data/third_party/upb/upb/reflection.hpp +37 -0
- data/third_party/upb/upb/table.c +211 -86
- data/third_party/upb/upb/{table.int.h → table_internal.h} +56 -180
- data/third_party/upb/upb/text_encode.c +32 -4
- data/third_party/upb/upb/text_encode.h +26 -0
- data/third_party/upb/upb/upb.c +59 -8
- data/third_party/upb/upb/upb.h +36 -6
- data/third_party/upb/upb/upb.hpp +24 -0
- data/third_party/upb/upb/upb_internal.h +58 -0
- metadata +64 -62
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +0 -179
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +0 -38
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +0 -243
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +0 -148
- data/src/core/lib/gpr/tls_gcc.h +0 -52
- data/src/core/lib/gpr/tls_msvc.h +0 -54
- data/src/core/lib/gpr/tls_pthread.cc +0 -30
- data/src/core/lib/gpr/tls_pthread.h +0 -56
- data/src/core/lib/gpr/tls_stdcpp.h +0 -48
- data/src/core/lib/gprpp/atomic.h +0 -104
- data/src/core/lib/iomgr/endpoint_pair_uv.cc +0 -40
- data/src/core/lib/iomgr/iomgr_uv.cc +0 -43
- data/src/core/lib/iomgr/pollset_uv.cc +0 -95
- data/src/core/lib/iomgr/pollset_uv.h +0 -36
- data/src/core/lib/iomgr/sockaddr_custom.h +0 -54
- data/src/core/lib/iomgr/socket_utils_uv.cc +0 -49
- data/src/core/lib/iomgr/tcp_uv.cc +0 -421
- data/src/core/lib/iomgr/timer_uv.cc +0 -66
- data/third_party/upb/third_party/wyhash/wyhash.h +0 -145
- data/third_party/upb/upb/upb.int.h +0 -29
@@ -111,7 +111,6 @@ extern "C" {
|
|
111
111
|
#define X509v3_KU_UNDEF 0xffff
|
112
112
|
|
113
113
|
DEFINE_STACK_OF(X509_ALGOR)
|
114
|
-
DECLARE_ASN1_SET_OF(X509_ALGOR)
|
115
114
|
|
116
115
|
typedef STACK_OF(X509_ALGOR) X509_ALGORS;
|
117
116
|
|
@@ -119,11 +118,9 @@ struct X509_name_entry_st {
|
|
119
118
|
ASN1_OBJECT *object;
|
120
119
|
ASN1_STRING *value;
|
121
120
|
int set;
|
122
|
-
int size; // temp variable
|
123
121
|
} /* X509_NAME_ENTRY */;
|
124
122
|
|
125
123
|
DEFINE_STACK_OF(X509_NAME_ENTRY)
|
126
|
-
DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
|
127
124
|
|
128
125
|
// we always keep X509_NAMEs in 2 forms.
|
129
126
|
struct X509_name_st {
|
@@ -137,19 +134,11 @@ struct X509_name_st {
|
|
137
134
|
|
138
135
|
DEFINE_STACK_OF(X509_NAME)
|
139
136
|
|
140
|
-
struct X509_extension_st {
|
141
|
-
ASN1_OBJECT *object;
|
142
|
-
ASN1_BOOLEAN critical;
|
143
|
-
ASN1_OCTET_STRING *value;
|
144
|
-
} /* X509_EXTENSION */;
|
145
|
-
|
146
137
|
typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
|
147
138
|
|
148
139
|
DEFINE_STACK_OF(X509_EXTENSION)
|
149
|
-
DECLARE_ASN1_SET_OF(X509_EXTENSION)
|
150
140
|
|
151
141
|
DEFINE_STACK_OF(X509_ATTRIBUTE)
|
152
|
-
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
|
153
142
|
|
154
143
|
struct x509_cinf_st {
|
155
144
|
ASN1_INTEGER *version; // [ 0 ] default of v1
|
@@ -199,7 +188,6 @@ struct x509_st {
|
|
199
188
|
} /* X509 */;
|
200
189
|
|
201
190
|
DEFINE_STACK_OF(X509)
|
202
|
-
DECLARE_ASN1_SET_OF(X509)
|
203
191
|
|
204
192
|
// This is used for a table of trust checking functions
|
205
193
|
|
@@ -321,45 +309,10 @@ struct x509_revoked_st {
|
|
321
309
|
};
|
322
310
|
|
323
311
|
DEFINE_STACK_OF(X509_REVOKED)
|
324
|
-
DECLARE_ASN1_SET_OF(X509_REVOKED)
|
325
|
-
|
326
|
-
struct X509_crl_info_st {
|
327
|
-
ASN1_INTEGER *version;
|
328
|
-
X509_ALGOR *sig_alg;
|
329
|
-
X509_NAME *issuer;
|
330
|
-
ASN1_TIME *lastUpdate;
|
331
|
-
ASN1_TIME *nextUpdate;
|
332
|
-
STACK_OF(X509_REVOKED) *revoked;
|
333
|
-
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
|
334
|
-
ASN1_ENCODING enc;
|
335
|
-
} /* X509_CRL_INFO */;
|
336
312
|
|
337
313
|
DECLARE_STACK_OF(GENERAL_NAMES)
|
338
314
|
|
339
|
-
struct X509_crl_st {
|
340
|
-
// actual signature
|
341
|
-
X509_CRL_INFO *crl;
|
342
|
-
X509_ALGOR *sig_alg;
|
343
|
-
ASN1_BIT_STRING *signature;
|
344
|
-
CRYPTO_refcount_t references;
|
345
|
-
int flags;
|
346
|
-
// Copies of various extensions
|
347
|
-
AUTHORITY_KEYID *akid;
|
348
|
-
ISSUING_DIST_POINT *idp;
|
349
|
-
// Convenient breakdown of IDP
|
350
|
-
int idp_flags;
|
351
|
-
int idp_reasons;
|
352
|
-
// CRL and base CRL numbers for delta processing
|
353
|
-
ASN1_INTEGER *crl_number;
|
354
|
-
ASN1_INTEGER *base_crl_number;
|
355
|
-
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
356
|
-
STACK_OF(GENERAL_NAMES) *issuers;
|
357
|
-
const X509_CRL_METHOD *meth;
|
358
|
-
void *meth_data;
|
359
|
-
} /* X509_CRL */;
|
360
|
-
|
361
315
|
DEFINE_STACK_OF(X509_CRL)
|
362
|
-
DECLARE_ASN1_SET_OF(X509_CRL)
|
363
316
|
|
364
317
|
struct private_key_st {
|
365
318
|
int version;
|
@@ -1048,7 +1001,6 @@ OPENSSL_EXPORT void X509_trust_clear(X509 *x);
|
|
1048
1001
|
OPENSSL_EXPORT void X509_reject_clear(X509 *x);
|
1049
1002
|
|
1050
1003
|
DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
|
1051
|
-
DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
|
1052
1004
|
DECLARE_ASN1_FUNCTIONS(X509_CRL)
|
1053
1005
|
|
1054
1006
|
OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
|
@@ -1074,9 +1026,10 @@ OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
|
|
1074
1026
|
void *data, unsigned char *md,
|
1075
1027
|
unsigned int *len);
|
1076
1028
|
|
1077
|
-
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
|
1078
|
-
|
1079
|
-
|
1029
|
+
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
|
1030
|
+
const X509_ALGOR *algor1,
|
1031
|
+
const ASN1_BIT_STRING *signature,
|
1032
|
+
void *data, EVP_PKEY *pkey);
|
1080
1033
|
|
1081
1034
|
OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
1082
1035
|
X509_ALGOR *algor2,
|
@@ -1486,28 +1439,90 @@ OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
|
|
1486
1439
|
const X509_NAME_ENTRY *ne);
|
1487
1440
|
OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
|
1488
1441
|
|
1442
|
+
// X509v3_get_ext_count returns the number of extensions in |x|.
|
1489
1443
|
OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
|
1444
|
+
|
1445
|
+
// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
|
1446
|
+
// type |nid|, or a negative number if not found. If found, callers can use
|
1447
|
+
// |X509v3_get_ext| to look up the extension by index.
|
1448
|
+
//
|
1449
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
1450
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
1451
|
+
// passing the previously-returned value until no match is returned.
|
1490
1452
|
OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
|
1491
1453
|
int nid, int lastpos);
|
1454
|
+
|
1455
|
+
// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
|
1456
|
+
// extensions matching |obj|.
|
1492
1457
|
OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
|
1493
1458
|
const ASN1_OBJECT *obj, int lastpos);
|
1459
|
+
|
1460
|
+
// X509v3_get_ext_by_critical returns the index of the first extension in |x|
|
1461
|
+
// whose critical bit matches |crit|, or a negative number if no such extension
|
1462
|
+
// was found.
|
1463
|
+
//
|
1464
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
1465
|
+
// can thus loop over all matching extensions by first passing -1 and then
|
1466
|
+
// passing the previously-returned value until no match is returned.
|
1494
1467
|
OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
|
1495
1468
|
int crit, int lastpos);
|
1469
|
+
|
1470
|
+
// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
|
1471
|
+
// is out of bounds.
|
1496
1472
|
OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
|
1497
1473
|
int loc);
|
1474
|
+
|
1475
|
+
// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
|
1476
|
+
// removed extension, or NULL if |loc| was out of bounds. If an extension was
|
1477
|
+
// returned, the caller must release it with |X509_EXTENSION_free|.
|
1498
1478
|
OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
|
1499
1479
|
int loc);
|
1480
|
+
|
1481
|
+
// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
|
1482
|
+
// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
|
1483
|
+
// |*x| to the new list. It returns |*x| on success and NULL on error. The
|
1484
|
+
// caller retains ownership of |ex| and can release it independently of |*x|.
|
1485
|
+
//
|
1486
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
1487
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
1488
|
+
// list.
|
1500
1489
|
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
|
1501
1490
|
STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
|
1502
1491
|
|
1492
|
+
// X509_get_ext_count returns the number of extensions in |x|.
|
1503
1493
|
OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
|
1494
|
+
|
1495
|
+
// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
1496
|
+
// extensions in |x|.
|
1504
1497
|
OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
|
1498
|
+
|
1499
|
+
// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
1500
|
+
// extensions in |x|.
|
1505
1501
|
OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
|
1506
1502
|
int lastpos);
|
1503
|
+
|
1504
|
+
// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
1505
|
+
// searches for extensions in |x|.
|
1507
1506
|
OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
|
1508
1507
|
int lastpos);
|
1508
|
+
|
1509
|
+
// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
|
1510
|
+
// out of bounds.
|
1509
1511
|
OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
|
1512
|
+
|
1513
|
+
// X509_delete_ext removes the extension in |x| at index |loc| and returns the
|
1514
|
+
// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
1515
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
1516
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
1510
1517
|
OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
|
1518
|
+
|
1519
|
+
// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
|
1520
|
+
// on failure. The caller retains ownership of |ex| and can release it
|
1521
|
+
// independently of |x|.
|
1522
|
+
//
|
1523
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
1524
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
1525
|
+
// list.
|
1511
1526
|
OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
|
1512
1527
|
|
1513
1528
|
// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
|
@@ -1527,15 +1542,41 @@ OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
|
|
1527
1542
|
OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
|
1528
1543
|
unsigned long flags);
|
1529
1544
|
|
1545
|
+
// X509_CRL_get_ext_count returns the number of extensions in |x|.
|
1530
1546
|
OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
|
1547
|
+
|
1548
|
+
// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
|
1549
|
+
// extensions in |x|.
|
1531
1550
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
|
1532
1551
|
int lastpos);
|
1552
|
+
|
1553
|
+
// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
|
1554
|
+
// extensions in |x|.
|
1533
1555
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
|
1534
1556
|
const ASN1_OBJECT *obj, int lastpos);
|
1557
|
+
|
1558
|
+
// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
|
1559
|
+
// searches for extensions in |x|.
|
1535
1560
|
OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
|
1536
1561
|
int lastpos);
|
1562
|
+
|
1563
|
+
// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
|
1564
|
+
// |loc| is out of bounds.
|
1537
1565
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
|
1566
|
+
|
1567
|
+
// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
|
1568
|
+
// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
|
1569
|
+
// caller must release the result with |X509_EXTENSION_free|. It is also safe,
|
1570
|
+
// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
|
1538
1571
|
OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
|
1572
|
+
|
1573
|
+
// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
|
1574
|
+
// zero on failure. The caller retains ownership of |ex| and can release it
|
1575
|
+
// independently of |x|.
|
1576
|
+
//
|
1577
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
1578
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
1579
|
+
// list.
|
1539
1580
|
OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
|
1540
1581
|
|
1541
1582
|
// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
|
@@ -1555,18 +1596,45 @@ OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
|
|
1555
1596
|
OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
|
1556
1597
|
int crit, unsigned long flags);
|
1557
1598
|
|
1599
|
+
// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
|
1558
1600
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
|
1601
|
+
|
1602
|
+
// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
|
1603
|
+
// for extensions in |x|.
|
1559
1604
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
|
1560
1605
|
int lastpos);
|
1606
|
+
|
1607
|
+
// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
|
1608
|
+
// for extensions in |x|.
|
1561
1609
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
|
1562
1610
|
const ASN1_OBJECT *obj,
|
1563
1611
|
int lastpos);
|
1612
|
+
|
1613
|
+
// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
|
1614
|
+
// but searches for extensions in |x|.
|
1564
1615
|
OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
|
1565
1616
|
int crit, int lastpos);
|
1617
|
+
|
1618
|
+
// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
|
1619
|
+
// |loc| is out of bounds.
|
1566
1620
|
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
|
1567
1621
|
int loc);
|
1622
|
+
|
1623
|
+
// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
|
1624
|
+
// returns the removed extension, or NULL if |loc| was out of bounds. If
|
1625
|
+
// non-NULL, the caller must release the result with |X509_EXTENSION_free|. It
|
1626
|
+
// is also safe, but not necessary, to call |X509_EXTENSION_free| if the result
|
1627
|
+
// is NULL.
|
1568
1628
|
OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
|
1569
1629
|
int loc);
|
1630
|
+
|
1631
|
+
// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
|
1632
|
+
// and zero on failure. The caller retains ownership of |ex| and can release it
|
1633
|
+
// independently of |x|.
|
1634
|
+
//
|
1635
|
+
// The new extension is inserted at index |loc|, shifting extensions to the
|
1636
|
+
// right. If |loc| is -1 or out of bounds, the new extension is appended to the
|
1637
|
+
// list.
|
1570
1638
|
OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
|
1571
1639
|
int loc);
|
1572
1640
|
|
@@ -1589,43 +1657,103 @@ OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
|
|
1589
1657
|
void *value, int crit,
|
1590
1658
|
unsigned long flags);
|
1591
1659
|
|
1660
|
+
// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
|
1661
|
+
// value |data|, and critical bit |crit|. It returns the newly-allocated
|
1662
|
+
// |X509_EXTENSION| on success, and false on error. |nid| should be a |NID_*|
|
1663
|
+
// constant.
|
1664
|
+
//
|
1665
|
+
// If |ex| and |*ex| are both non-NULL, it modifies and returns |*ex| instead of
|
1666
|
+
// creating a new object. If |ex| is non-NULL, but |*ex| is NULL, it sets |*ex|
|
1667
|
+
// to the new |X509_EXTENSION|, in addition to returning the result.
|
1592
1668
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
|
1593
1669
|
X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
|
1670
|
+
|
1671
|
+
// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
|
1672
|
+
// the extension type is determined by an |ASN1_OBJECT|.
|
1594
1673
|
OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
|
1595
1674
|
X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
|
1596
1675
|
const ASN1_OCTET_STRING *data);
|
1676
|
+
|
1677
|
+
// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
|
1678
|
+
// on success and zero on error.
|
1597
1679
|
OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
|
1598
1680
|
const ASN1_OBJECT *obj);
|
1681
|
+
|
1682
|
+
// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
|
1683
|
+
// to non-critical if |crit| is zero.
|
1599
1684
|
OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
|
1685
|
+
|
1686
|
+
// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
|
1687
|
+
// returns one on success and zero on error.
|
1600
1688
|
OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
|
1601
1689
|
const ASN1_OCTET_STRING *data);
|
1690
|
+
|
1691
|
+
// X509_EXTENSION_get_object returns |ex|'s extension type.
|
1602
1692
|
OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
|
1693
|
+
|
1694
|
+
// X509_EXTENSION_get_data returns |ne|'s extension value.
|
1603
1695
|
OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
|
1604
|
-
OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
|
1605
1696
|
|
1697
|
+
// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
|
1698
|
+
// otherwise.
|
1699
|
+
OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
|
1700
|
+
|
1701
|
+
// X509at_get_attr_count returns the number of attributes in |x|.
|
1606
1702
|
OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
|
1703
|
+
|
1704
|
+
// X509at_get_attr_by_NID returns the index of the attribute in |x| of type
|
1705
|
+
// |nid|, or a negative number if not found. If found, callers can use
|
1706
|
+
// |X509at_get_attr| to look up the attribute by index.
|
1707
|
+
//
|
1708
|
+
// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
|
1709
|
+
// can thus loop over all matching attributes by first passing -1 and then
|
1710
|
+
// passing the previously-returned value until no match is returned.
|
1607
1711
|
OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
|
1608
1712
|
int nid, int lastpos);
|
1713
|
+
|
1714
|
+
// X509at_get_attr_by_OBJ behaves like |X509at_get_attr_by_NID| but looks for
|
1715
|
+
// attributes of type |obj|.
|
1609
1716
|
OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
|
1610
1717
|
const ASN1_OBJECT *obj, int lastpos);
|
1718
|
+
|
1719
|
+
// X509at_get_attr returns the attribute at index |loc| in |x|, or NULL if
|
1720
|
+
// out of bounds.
|
1611
1721
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
|
1612
1722
|
const STACK_OF(X509_ATTRIBUTE) *x, int loc);
|
1723
|
+
|
1724
|
+
// X509at_delete_attr removes the attribute at index |loc| in |x|. It returns
|
1725
|
+
// the removed attribute to the caller, or NULL if |loc| was out of bounds. If
|
1726
|
+
// non-NULL, the caller must release the result with |X509_ATTRIBUTE_free| when
|
1727
|
+
// done. It is also safe, but not necessary, to call |X509_ATTRIBUTE_free| if
|
1728
|
+
// the result is NULL.
|
1613
1729
|
OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
|
1614
1730
|
int loc);
|
1731
|
+
|
1732
|
+
// X509at_add1_attr appends a copy of |attr| to the attribute list in |*x|. If
|
1733
|
+
// |*x| is NULL, it allocates a new |STACK_OF(X509_ATTRIBUTE)| to hold the copy
|
1734
|
+
// and sets |*x| to the new list. It returns |*x| on success and NULL on error.
|
1735
|
+
// The caller retains ownership of |attr| and can release it independently of
|
1736
|
+
// |*x|.
|
1615
1737
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
|
1616
1738
|
STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
|
1739
|
+
|
1740
|
+
// X509at_add1_attr_by_OBJ behaves like |X509at_add1_attr|, but adds an
|
1741
|
+
// attribute created by |X509_ATTRIBUTE_create_by_OBJ|.
|
1617
1742
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
|
1618
1743
|
STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
|
1619
1744
|
const unsigned char *bytes, int len);
|
1745
|
+
|
1746
|
+
// X509at_add1_attr_by_NID behaves like |X509at_add1_attr|, but adds an
|
1747
|
+
// attribute created by |X509_ATTRIBUTE_create_by_NID|.
|
1620
1748
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
|
1621
1749
|
STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
|
1622
1750
|
int len);
|
1751
|
+
|
1752
|
+
// X509at_add1_attr_by_txt behaves like |X509at_add1_attr|, but adds an
|
1753
|
+
// attribute created by |X509_ATTRIBUTE_create_by_txt|.
|
1623
1754
|
OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
|
1624
1755
|
STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
|
1625
1756
|
const unsigned char *bytes, int len);
|
1626
|
-
OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
|
1627
|
-
ASN1_OBJECT *obj, int lastpos,
|
1628
|
-
int type);
|
1629
1757
|
|
1630
1758
|
// X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of
|
1631
1759
|
// type |nid|, or NULL on error. The value is determined as in
|
@@ -1826,6 +1954,7 @@ BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free)
|
|
1826
1954
|
BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free)
|
1827
1955
|
BORINGSSL_MAKE_DELETER(X509_SIG, X509_SIG_free)
|
1828
1956
|
BORINGSSL_MAKE_DELETER(X509_STORE, X509_STORE_free)
|
1957
|
+
BORINGSSL_MAKE_UP_REF(X509_STORE, X509_STORE_up_ref)
|
1829
1958
|
BORINGSSL_MAKE_DELETER(X509_STORE_CTX, X509_STORE_CTX_free)
|
1830
1959
|
BORINGSSL_MAKE_DELETER(X509_VERIFY_PARAM, X509_VERIFY_PARAM_free)
|
1831
1960
|
|
@@ -206,7 +206,6 @@ typedef struct GENERAL_NAME_st {
|
|
206
206
|
} GENERAL_NAME;
|
207
207
|
|
208
208
|
DEFINE_STACK_OF(GENERAL_NAME)
|
209
|
-
DECLARE_ASN1_SET_OF(GENERAL_NAME)
|
210
209
|
|
211
210
|
typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
|
212
211
|
|
@@ -218,7 +217,6 @@ typedef struct ACCESS_DESCRIPTION_st {
|
|
218
217
|
} ACCESS_DESCRIPTION;
|
219
218
|
|
220
219
|
DEFINE_STACK_OF(ACCESS_DESCRIPTION)
|
221
|
-
DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
|
222
220
|
|
223
221
|
typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
224
222
|
|
@@ -258,7 +256,6 @@ struct DIST_POINT_st {
|
|
258
256
|
typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
|
259
257
|
|
260
258
|
DEFINE_STACK_OF(DIST_POINT)
|
261
|
-
DECLARE_ASN1_SET_OF(DIST_POINT)
|
262
259
|
|
263
260
|
struct AUTHORITY_KEYID_st {
|
264
261
|
ASN1_OCTET_STRING *keyid;
|
@@ -286,7 +283,6 @@ typedef struct POLICYQUALINFO_st {
|
|
286
283
|
} POLICYQUALINFO;
|
287
284
|
|
288
285
|
DEFINE_STACK_OF(POLICYQUALINFO)
|
289
|
-
DECLARE_ASN1_SET_OF(POLICYQUALINFO)
|
290
286
|
|
291
287
|
typedef struct POLICYINFO_st {
|
292
288
|
ASN1_OBJECT *policyid;
|
@@ -296,7 +292,6 @@ typedef struct POLICYINFO_st {
|
|
296
292
|
typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
|
297
293
|
|
298
294
|
DEFINE_STACK_OF(POLICYINFO)
|
299
|
-
DECLARE_ASN1_SET_OF(POLICYINFO)
|
300
295
|
|
301
296
|
typedef struct POLICY_MAPPING_st {
|
302
297
|
ASN1_OBJECT *issuerDomainPolicy;
|
@@ -778,11 +778,9 @@ static int send_flight(SSL *ssl) {
|
|
778
778
|
|
779
779
|
dtls1_update_mtu(ssl);
|
780
780
|
|
781
|
-
|
782
|
-
|
783
|
-
|
784
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
785
|
-
goto err;
|
781
|
+
Array<uint8_t> packet;
|
782
|
+
if (!packet.Init(ssl->d1->mtu)) {
|
783
|
+
return -1;
|
786
784
|
}
|
787
785
|
|
788
786
|
while (ssl->d1->outgoing_written < ssl->d1->outgoing_messages_len) {
|
@@ -790,31 +788,26 @@ static int send_flight(SSL *ssl) {
|
|
790
788
|
uint32_t old_offset = ssl->d1->outgoing_offset;
|
791
789
|
|
792
790
|
size_t packet_len;
|
793
|
-
if (!seal_next_packet(ssl, packet, &packet_len,
|
794
|
-
|
791
|
+
if (!seal_next_packet(ssl, packet.data(), &packet_len, packet.size())) {
|
792
|
+
return -1;
|
795
793
|
}
|
796
794
|
|
797
|
-
int bio_ret = BIO_write(ssl->wbio.get(), packet, packet_len);
|
795
|
+
int bio_ret = BIO_write(ssl->wbio.get(), packet.data(), packet_len);
|
798
796
|
if (bio_ret <= 0) {
|
799
797
|
// Retry this packet the next time around.
|
800
798
|
ssl->d1->outgoing_written = old_written;
|
801
799
|
ssl->d1->outgoing_offset = old_offset;
|
802
800
|
ssl->s3->rwstate = SSL_ERROR_WANT_WRITE;
|
803
|
-
|
804
|
-
goto err;
|
801
|
+
return bio_ret;
|
805
802
|
}
|
806
803
|
}
|
807
804
|
|
808
805
|
if (BIO_flush(ssl->wbio.get()) <= 0) {
|
809
806
|
ssl->s3->rwstate = SSL_ERROR_WANT_WRITE;
|
810
|
-
|
807
|
+
return -1;
|
811
808
|
}
|
812
809
|
|
813
|
-
|
814
|
-
|
815
|
-
err:
|
816
|
-
OPENSSL_free(packet);
|
817
|
-
return ret;
|
810
|
+
return 1;
|
818
811
|
}
|
819
812
|
|
820
813
|
int dtls1_flush_flight(SSL *ssl) {
|
@@ -40,7 +40,8 @@
|
|
40
40
|
BSSL_NAMESPACE_BEGIN
|
41
41
|
|
42
42
|
// ECH reuses the extension code point for the version number.
|
43
|
-
static
|
43
|
+
static constexpr uint16_t kECHConfigVersion =
|
44
|
+
TLSEXT_TYPE_encrypted_client_hello;
|
44
45
|
|
45
46
|
static const decltype(&EVP_hpke_aes_128_gcm) kSupportedAEADs[] = {
|
46
47
|
&EVP_hpke_aes_128_gcm,
|
@@ -993,6 +994,47 @@ int SSL_set1_ech_config_list(SSL *ssl, const uint8_t *ech_config_list,
|
|
993
994
|
return ssl->config->client_ech_config_list.CopyFrom(span);
|
994
995
|
}
|
995
996
|
|
997
|
+
void SSL_get0_ech_name_override(const SSL *ssl, const char **out_name,
|
998
|
+
size_t *out_name_len) {
|
999
|
+
// When ECH is rejected, we use the public name. Note that, if
|
1000
|
+
// |SSL_CTX_set_reverify_on_resume| is enabled, we reverify the certificate
|
1001
|
+
// before the 0-RTT point. If also offering ECH, we verify as if
|
1002
|
+
// ClientHelloInner was accepted and do not override. This works because, at
|
1003
|
+
// this point, |ech_status| will be |ssl_ech_none|. See the
|
1004
|
+
// ECH-Client-Reject-EarlyDataReject-OverrideNameOnRetry tests in runner.go.
|
1005
|
+
const SSL_HANDSHAKE *hs = ssl->s3->hs.get();
|
1006
|
+
if (!ssl->server && hs && ssl->s3->ech_status == ssl_ech_rejected) {
|
1007
|
+
*out_name = reinterpret_cast<const char *>(
|
1008
|
+
hs->selected_ech_config->public_name.data());
|
1009
|
+
*out_name_len = hs->selected_ech_config->public_name.size();
|
1010
|
+
} else {
|
1011
|
+
*out_name = nullptr;
|
1012
|
+
*out_name_len = 0;
|
1013
|
+
}
|
1014
|
+
}
|
1015
|
+
|
1016
|
+
void SSL_get0_ech_retry_configs(
|
1017
|
+
const SSL *ssl, const uint8_t **out_retry_configs,
|
1018
|
+
size_t *out_retry_configs_len) {
|
1019
|
+
const SSL_HANDSHAKE *hs = ssl->s3->hs.get();
|
1020
|
+
if (!hs || !hs->ech_authenticated_reject) {
|
1021
|
+
// It is an error to call this function except in response to
|
1022
|
+
// |SSL_R_ECH_REJECTED|. Returning an empty string risks the caller
|
1023
|
+
// mistakenly believing the server has disabled ECH. Instead, return a
|
1024
|
+
// non-empty ECHConfigList with a syntax error, so the subsequent
|
1025
|
+
// |SSL_set1_ech_config_list| call will fail.
|
1026
|
+
assert(0);
|
1027
|
+
static const uint8_t kPlaceholder[] = {
|
1028
|
+
kECHConfigVersion >> 8, kECHConfigVersion & 0xff, 0xff, 0xff, 0xff};
|
1029
|
+
*out_retry_configs = kPlaceholder;
|
1030
|
+
*out_retry_configs_len = sizeof(kPlaceholder);
|
1031
|
+
return;
|
1032
|
+
}
|
1033
|
+
|
1034
|
+
*out_retry_configs = hs->ech_retry_configs.data();
|
1035
|
+
*out_retry_configs_len = hs->ech_retry_configs.size();
|
1036
|
+
}
|
1037
|
+
|
996
1038
|
int SSL_marshal_ech_config(uint8_t **out, size_t *out_len, uint8_t config_id,
|
997
1039
|
const EVP_HPKE_KEY *key, const char *public_name,
|
998
1040
|
size_t max_name_len) {
|
@@ -1129,5 +1171,5 @@ int SSL_ech_accepted(const SSL *ssl) {
|
|
1129
1171
|
return ssl->s3->hs->selected_ech_config != nullptr;
|
1130
1172
|
}
|
1131
1173
|
|
1132
|
-
return ssl->s3->
|
1174
|
+
return ssl->s3->ech_status == ssl_ech_accepted;
|
1133
1175
|
}
|
@@ -654,6 +654,11 @@ static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
654
654
|
return false;
|
655
655
|
}
|
656
656
|
|
657
|
+
if (!ssl_is_valid_ech_config_list(*contents)) {
|
658
|
+
*out_alert = SSL_AD_DECODE_ERROR;
|
659
|
+
return false;
|
660
|
+
}
|
661
|
+
|
657
662
|
// The server may only send retry configs in response to ClientHelloOuter (or
|
658
663
|
// ECH GREASE), not ClientHelloInner. The unsolicited extension rule checks
|
659
664
|
// this implicitly because the ClientHelloInner has no encrypted_client_hello
|
@@ -663,14 +668,13 @@ static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
663
668
|
// https://github.com/tlswg/draft-ietf-tls-esni/pull/422 is merged, a later
|
664
669
|
// draft will fold encrypted_client_hello and ech_is_inner together. Then this
|
665
670
|
// assert should become a runtime check.
|
666
|
-
assert(
|
667
|
-
|
668
|
-
|
669
|
-
|
670
|
-
if (!ssl_is_valid_ech_config_list(*contents)) {
|
671
|
-
*out_alert = SSL_AD_DECODE_ERROR;
|
671
|
+
assert(ssl->s3->ech_status != ssl_ech_accepted);
|
672
|
+
if (hs->selected_ech_config &&
|
673
|
+
!hs->ech_retry_configs.CopyFrom(*contents)) {
|
674
|
+
*out_alert = SSL_AD_INTERNAL_ERROR;
|
672
675
|
return false;
|
673
676
|
}
|
677
|
+
|
674
678
|
return true;
|
675
679
|
}
|
676
680
|
|
@@ -685,8 +689,8 @@ static bool ext_ech_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
685
689
|
|
686
690
|
static bool ext_ech_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
|
687
691
|
SSL *const ssl = hs->ssl;
|
688
|
-
if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
689
|
-
ssl->s3->
|
692
|
+
if (ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
693
|
+
ssl->s3->ech_status == ssl_ech_accepted || //
|
690
694
|
hs->ech_keys == nullptr) {
|
691
695
|
return true;
|
692
696
|
}
|
@@ -1634,12 +1638,21 @@ static bool ext_channel_id_add_clienthello(const SSL_HANDSHAKE *hs, CBB *out,
|
|
1634
1638
|
CBB *out_compressible,
|
1635
1639
|
ssl_client_hello_type_t type) {
|
1636
1640
|
const SSL *const ssl = hs->ssl;
|
1637
|
-
if (!hs->config->channel_id_private || SSL_is_dtls(ssl)
|
1641
|
+
if (!hs->config->channel_id_private || SSL_is_dtls(ssl) ||
|
1642
|
+
// Don't offer Channel ID in ClientHelloOuter. ClientHelloOuter handshakes
|
1643
|
+
// are not authenticated for the name that can learn the Channel ID.
|
1644
|
+
//
|
1645
|
+
// We could alternatively offer the extension but sign with a random key.
|
1646
|
+
// For other extensions, we try to align |ssl_client_hello_outer| and
|
1647
|
+
// |ssl_client_hello_unencrypted|, to improve the effectiveness of ECH
|
1648
|
+
// GREASE. However, Channel ID is deprecated and unlikely to be used with
|
1649
|
+
// ECH, so do the simplest thing.
|
1650
|
+
type == ssl_client_hello_outer) {
|
1638
1651
|
return true;
|
1639
1652
|
}
|
1640
1653
|
|
1641
|
-
if (!CBB_add_u16(
|
1642
|
-
!CBB_add_u16(
|
1654
|
+
if (!CBB_add_u16(out, TLSEXT_TYPE_channel_id) ||
|
1655
|
+
!CBB_add_u16(out, 0 /* length */)) {
|
1643
1656
|
return false;
|
1644
1657
|
}
|
1645
1658
|
|
@@ -128,6 +128,7 @@ SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
|
|
128
128
|
: ssl(ssl_arg),
|
129
129
|
ech_present(false),
|
130
130
|
ech_is_inner_present(false),
|
131
|
+
ech_authenticated_reject(false),
|
131
132
|
scts_requested(false),
|
132
133
|
handshake_finalized(false),
|
133
134
|
accept_psk_mode(false),
|
@@ -715,6 +716,10 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
715
716
|
return -1;
|
716
717
|
|
717
718
|
case ssl_hs_early_return:
|
719
|
+
if (!ssl->server) {
|
720
|
+
// On ECH reject, the handshake should never complete.
|
721
|
+
assert(ssl->s3->ech_status != ssl_ech_rejected);
|
722
|
+
}
|
718
723
|
*out_early_return = true;
|
719
724
|
hs->wait = ssl_hs_ok;
|
720
725
|
return 1;
|
@@ -734,6 +739,10 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
734
739
|
return -1;
|
735
740
|
}
|
736
741
|
if (hs->wait == ssl_hs_ok) {
|
742
|
+
if (!ssl->server) {
|
743
|
+
// On ECH reject, the handshake should never complete.
|
744
|
+
assert(ssl->s3->ech_status != ssl_ech_rejected);
|
745
|
+
}
|
737
746
|
// The handshake has completed.
|
738
747
|
*out_early_return = false;
|
739
748
|
return 1;
|