grpc 1.43.1 → 1.44.0.pre2

data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h

@@ -60,6 +60,7 @@ struct grpc_tls_credentials_options
   const std::string& root_cert_name() { return root_cert_name_; }
   bool watch_identity_pair() { return watch_identity_pair_; }
   const std::string& identity_cert_name() { return identity_cert_name_; }
+  const std::string& crl_directory() { return crl_directory_; }
 
   // Setters for member fields.
   void set_cert_request_type(
@@ -112,6 +113,11 @@ struct grpc_tls_credentials_options
     identity_cert_name_ = std::move(identity_cert_name);
   }
 
+  // gRPC will enforce CRLs on all handshakes from all hashed CRL files inside
+  // of the crl_directory. If not set, an empty string will be used, which will
+  // not enable CRL checking. Only supported for OpenSSL version > 1.1.
+  void set_crl_directory(std::string path) { crl_directory_ = std::move(path); }
+
  private:
   grpc_ssl_client_certificate_request_type cert_request_type_ =
       GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE;
@@ -125,6 +131,7 @@ struct grpc_tls_credentials_options
   std::string root_cert_name_;
   bool watch_identity_pair_ = false;
   std::string identity_cert_name_;
+  std::string crl_directory_;
 };
 
 #endif  // GRPC_CORE_LIB_SECURITY_CREDENTIALS_TLS_GRPC_TLS_CREDENTIALS_OPTIONS_H

data/src/core/lib/security/credentials/xds/xds_credentials.h

@@ -23,7 +23,7 @@
 
 #include <grpc/grpc_security.h>
 
-#include "src/core/ext/xds/xds_api.h"
+#include "src/core/lib/matchers/matchers.h"
 #include "src/core/lib/security/credentials/credentials.h"
 
 namespace grpc_core {

data/src/core/lib/security/security_connector/security_connector.cc

@@ -25,15 +25,11 @@
 #include <grpc/support/log.h>
 #include <grpc/support/string_util.h>
 
-#include "src/core/ext/transport/chttp2/alpn/alpn.h"
 #include "src/core/lib/channel/channel_args.h"
 #include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gpr/string.h"
-#include "src/core/lib/gprpp/host_port.h"
-#include "src/core/lib/iomgr/load_file.h"
 #include "src/core/lib/security/context/security_context.h"
 #include "src/core/lib/security/credentials/credentials.h"
-#include "src/core/lib/security/security_connector/load_system_roots.h"
 #include "src/core/lib/security/security_connector/security_connector.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
 

data/src/core/lib/security/security_connector/security_connector.h

@@ -30,11 +30,15 @@
 #include "src/core/lib/iomgr/endpoint.h"
 #include "src/core/lib/iomgr/pollset.h"
 #include "src/core/lib/iomgr/tcp_server.h"
-#include "src/core/tsi/ssl_transport_security.h"
 #include "src/core/tsi/transport_security_interface.h"
 
 extern grpc_core::DebugOnlyTraceFlag grpc_trace_security_connector_refcount;
 
+/* --- URL schemes. --- */
+
+#define GRPC_SSL_URL_SCHEME "https"
+#define GRPC_FAKE_SECURITY_URL_SCHEME "http+fake_security"
+
 typedef enum { GRPC_SECURITY_OK = 0, GRPC_SECURITY_ERROR } grpc_security_status;
 
 /* --- security_connector object. ---

data/src/core/lib/security/security_connector/ssl_utils.cc

@@ -92,30 +92,6 @@ const char* grpc_get_ssl_cipher_suites(void) {
   return cipher_suites;
 }
 
-grpc_security_level grpc_tsi_security_level_string_to_enum(
-    const char* security_level) {
-  if (strcmp(security_level, "TSI_INTEGRITY_ONLY") == 0) {
-    return GRPC_INTEGRITY_ONLY;
-  } else if (strcmp(security_level, "TSI_PRIVACY_AND_INTEGRITY") == 0) {
-    return GRPC_PRIVACY_AND_INTEGRITY;
-  }
-  return GRPC_SECURITY_NONE;
-}
-
-const char* grpc_security_level_to_string(grpc_security_level security_level) {
-  if (security_level == GRPC_PRIVACY_AND_INTEGRITY) {
-    return "GRPC_PRIVACY_AND_INTEGRITY";
-  } else if (security_level == GRPC_INTEGRITY_ONLY) {
-    return "GRPC_INTEGRITY_ONLY";
-  }
-  return "GRPC_SECURITY_NONE";
-}
-
-bool grpc_check_security_level(grpc_security_level channel_level,
-                               grpc_security_level call_cred_level) {
-  return static_cast<int>(channel_level) >= static_cast<int>(call_cred_level);
-}
-
 tsi_client_certificate_request_type
 grpc_get_tsi_client_certificate_request_type(
     grpc_ssl_client_certificate_request_type grpc_request_type) {
@@ -179,6 +155,16 @@ grpc_error_handle grpc_ssl_check_peer_name(absl::string_view peer_name,
   return GRPC_ERROR_NONE;
 }
 
+void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp,
+                                             size_t num_key_cert_pairs) {
+  if (kp == nullptr) return;
+  for (size_t i = 0; i < num_key_cert_pairs; i++) {
+    gpr_free(const_cast<char*>(kp[i].private_key));
+    gpr_free(const_cast<char*>(kp[i].cert_chain));
+  }
+  gpr_free(kp);
+}
+
 bool grpc_ssl_check_call_host(absl::string_view host,
                               absl::string_view target_name,
                               absl::string_view overridden_target_name,
@@ -423,6 +409,7 @@ grpc_security_status grpc_ssl_tsi_client_handshaker_factory_init(
     tsi_ssl_pem_key_cert_pair* pem_key_cert_pair, const char* pem_root_certs,
     bool skip_server_certificate_verification, tsi_tls_version min_tls_version,
     tsi_tls_version max_tls_version, tsi_ssl_session_cache* ssl_session_cache,
+    const char* crl_directory,
     tsi_ssl_client_handshaker_factory** handshaker_factory) {
   const char* root_certs;
   const tsi_ssl_root_certs_store* root_store;
@@ -459,6 +446,7 @@ grpc_security_status grpc_ssl_tsi_client_handshaker_factory_init(
       skip_server_certificate_verification;
   options.min_tls_version = min_tls_version;
   options.max_tls_version = max_tls_version;
+  options.crl_directory = crl_directory;
   const tsi_result result =
       tsi_create_ssl_client_handshaker_factory_with_options(&options,
                                                             handshaker_factory);
@@ -476,6 +464,7 @@ grpc_security_status grpc_ssl_tsi_server_handshaker_factory_init(
     const char* pem_root_certs,
     grpc_ssl_client_certificate_request_type client_certificate_request,
     tsi_tls_version min_tls_version, tsi_tls_version max_tls_version,
+    const char* crl_directory,
     tsi_ssl_server_handshaker_factory** handshaker_factory) {
   size_t num_alpn_protocols = 0;
   const char** alpn_protocol_strings =
@@ -491,6 +480,7 @@ grpc_security_status grpc_ssl_tsi_server_handshaker_factory_init(
   options.num_alpn_protocols = static_cast<uint16_t>(num_alpn_protocols);
   options.min_tls_version = min_tls_version;
   options.max_tls_version = max_tls_version;
+  options.crl_directory = crl_directory;
   const tsi_result result =
       tsi_create_ssl_server_handshaker_factory_with_options(&options,
                                                             handshaker_factory);

data/src/core/lib/security/security_connector/ssl_utils.h

@@ -40,9 +40,6 @@
 
 /* --- Util --- */
 
-/* --- URL schemes. --- */
-#define GRPC_SSL_URL_SCHEME "https"
-
 /* Check ALPN information returned from SSL handshakes. */
 grpc_error_handle grpc_ssl_check_alpn(const tsi_peer* peer);
 
@@ -69,20 +66,9 @@ tsi_client_certificate_request_type
 grpc_get_tsi_client_certificate_request_type(
     grpc_ssl_client_certificate_request_type grpc_request_type);
 
-/* Map tsi_security_level string to grpc_security_level enum. */
-grpc_security_level grpc_tsi_security_level_string_to_enum(
-    const char* security_level);
-
 /* Map grpc_tls_version to tsi_tls_version. */
 tsi_tls_version grpc_get_tsi_tls_version(grpc_tls_version tls_version);
 
-/* Map grpc_security_level enum to a string. */
-const char* grpc_security_level_to_string(grpc_security_level security_level);
-
-/* Check security level of channel and call credential.*/
-bool grpc_check_security_level(grpc_security_level channel_level,
-                               grpc_security_level call_cred_level);
-
 /* Return an array of strings containing alpn protocols. */
 const char** grpc_fill_alpn_protocol_strings(size_t* num_alpn_protocols);
 
@@ -91,6 +77,7 @@ grpc_security_status grpc_ssl_tsi_client_handshaker_factory_init(
     tsi_ssl_pem_key_cert_pair* key_cert_pair, const char* pem_root_certs,
     bool skip_server_certificate_verification, tsi_tls_version min_tls_version,
     tsi_tls_version max_tls_version, tsi_ssl_session_cache* ssl_session_cache,
+    const char* crl_directory,
     tsi_ssl_client_handshaker_factory** handshaker_factory);
 
 grpc_security_status grpc_ssl_tsi_server_handshaker_factory_init(
@@ -98,8 +85,12 @@ grpc_security_status grpc_ssl_tsi_server_handshaker_factory_init(
     const char* pem_root_certs,
     grpc_ssl_client_certificate_request_type client_certificate_request,
     tsi_tls_version min_tls_version, tsi_tls_version max_tls_version,
+    const char* crl_directory,
     tsi_ssl_server_handshaker_factory** handshaker_factory);
 
+/* Free the memory occupied by key cert pairs. */
+void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp,
+                                             size_t num_key_cert_pairs);
 /* Exposed for testing only. */
 grpc_core::RefCountedPtr<grpc_auth_context> grpc_ssl_peer_to_auth_context(
     const tsi_peer* peer, const char* transport_security_type);

data/src/core/lib/security/security_connector/tls/tls_security_connector.cc

@@ -34,7 +34,6 @@
 #include <grpc/support/string_util.h>
 
 #include "src/core/lib/gprpp/host_port.h"
-#include "src/core/lib/security/credentials/ssl/ssl_credentials.h"
 #include "src/core/lib/security/credentials/tls/tls_credentials.h"
 #include "src/core/lib/security/security_connector/ssl_utils.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
@@ -538,7 +537,7 @@ TlsChannelSecurityConnector::UpdateHandshakerFactoryLocked() {
       skip_server_certificate_verification,
       grpc_get_tsi_tls_version(options_->min_tls_version()),
       grpc_get_tsi_tls_version(options_->max_tls_version()), ssl_session_cache_,
-      &client_handshaker_factory_);
+      options_->crl_directory().c_str(), &client_handshaker_factory_);
   /* Free memory. */
   if (pem_key_cert_pair != nullptr) {
     grpc_tsi_ssl_pem_key_cert_pairs_destroy(pem_key_cert_pair, 1);
@@ -806,7 +805,7 @@ TlsServerSecurityConnector::UpdateHandshakerFactoryLocked() {
       options_->cert_request_type(),
       grpc_get_tsi_tls_version(options_->min_tls_version()),
       grpc_get_tsi_tls_version(options_->max_tls_version()),
-      &server_handshaker_factory_);
+      options_->crl_directory().c_str(), &server_handshaker_factory_);
   /* Free memory. */
   grpc_tsi_ssl_pem_key_cert_pairs_destroy(pem_key_cert_pairs,
                                           num_key_cert_pairs);

data/src/core/lib/security/transport/auth_filters.h

@@ -33,4 +33,11 @@ void grpc_auth_metadata_context_build(
     const grpc_slice& call_method, grpc_auth_context* auth_context,
     grpc_auth_metadata_context* auth_md_context);
 
+// Exposed for testing purposes only.
+// Check if the channel's security level is higher or equal to
+// that of call credentials to make a decision whether the transfer
+// of call credentials should be allowed or not.
+bool grpc_check_security_level(grpc_security_level channel_level,
+                               grpc_security_level call_cred_level);
+
 #endif /* GRPC_CORE_LIB_SECURITY_TRANSPORT_AUTH_FILTERS_H */

data/src/core/lib/security/transport/client_auth_filter.cc

@@ -30,16 +30,15 @@
 
 #include "src/core/lib/channel/channel_stack.h"
 #include "src/core/lib/gpr/string.h"
+#include "src/core/lib/iomgr/error.h"
 #include "src/core/lib/profiling/timers.h"
 #include "src/core/lib/security/context/security_context.h"
 #include "src/core/lib/security/credentials/credentials.h"
 #include "src/core/lib/security/security_connector/security_connector.h"
-#include "src/core/lib/security/security_connector/ssl_utils.h"
 #include "src/core/lib/security/transport/auth_filters.h"
 #include "src/core/lib/slice/slice_internal.h"
 #include "src/core/lib/slice/slice_string_helpers.h"
 #include "src/core/lib/surface/call.h"
-#include "src/core/lib/transport/static_metadata.h"
 
 #define MAX_CREDENTIALS_METADATA_COUNT 4
 
@@ -65,6 +64,9 @@ struct channel_data {
 struct call_data {
   call_data(grpc_call_element* elem, const grpc_call_element_args& args)
       : owning_call(args.call_stack), call_combiner(args.call_combiner) {
+    host.Init();
+    method.Init();
+    md_array.Init();
     channel_data* chand = static_cast<channel_data*>(elem->channel_data);
     GPR_ASSERT(args.context != nullptr);
     if (args.context[GRPC_CONTEXT_SECURITY].value == nullptr) {
@@ -87,25 +89,24 @@ struct call_data {
   // fields will be accessed after calling dtor, and msan correctly complains
   // that the memory is not initialized.
   void destroy() {
-    grpc_credentials_mdelem_array_destroy(&md_array);
+    md_array.Destroy();
     creds.reset();
-    grpc_slice_unref_internal(host);
-    grpc_slice_unref_internal(method);
     grpc_auth_metadata_context_reset(&auth_md_context);
+    host.Destroy();
+    method.Destroy();
   }
 
   grpc_call_stack* owning_call;
   grpc_core::CallCombiner* call_combiner;
   grpc_core::RefCountedPtr<grpc_call_credentials> creds;
-  grpc_slice host = grpc_empty_slice();
-  grpc_slice method = grpc_empty_slice();
+  grpc_core::ManualConstructor<grpc_core::Slice> host;
+  grpc_core::ManualConstructor<grpc_core::Slice> method;
   /* pollset{_set} bound to this call; if we need to make external
      network requests, they should be done under a pollset added to this
      pollset_set so that work can progress when this call wants work to progress
   */
   grpc_polling_entity* pollent = nullptr;
-  grpc_credentials_mdelem_array md_array;
-  grpc_linked_mdelem md_links[MAX_CREDENTIALS_METADATA_COUNT] = {};
+  grpc_core::ManualConstructor<grpc_core::CredentialsMetadataArray> md_array;
   grpc_auth_metadata_context auth_md_context =
       grpc_auth_metadata_context();  // Zero-initialize the C struct.
   grpc_closure async_result_closure;
@@ -163,17 +164,20 @@ static void on_credentials_metadata(void* arg, grpc_error_handle input_error) {
   grpc_auth_metadata_context_reset(&calld->auth_md_context);
   grpc_error_handle error = GRPC_ERROR_REF(input_error);
   if (error == GRPC_ERROR_NONE) {
-    GPR_ASSERT(calld->md_array.size <= MAX_CREDENTIALS_METADATA_COUNT);
+    GPR_ASSERT(calld->md_array->size() <= MAX_CREDENTIALS_METADATA_COUNT);
     GPR_ASSERT(batch->send_initial_metadata);
     grpc_metadata_batch* mdb =
         batch->payload->send_initial_metadata.send_initial_metadata;
-    for (size_t i = 0; i < calld->md_array.size; ++i) {
-      add_error(&error, grpc_metadata_batch_add_tail(
-                            mdb, &calld->md_links[i],
-                            GRPC_MDELEM_REF(calld->md_array.md[i])));
+    for (const auto& md : *calld->md_array) {
+      mdb->Append(
+          md.first.as_string_view(), md.second.Ref(),
+          [&](absl::string_view error_message, const grpc_core::Slice& value) {
+            add_error(&error, GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat(
+                                  "on_credentials_metadata: ", error_message,
+                                  ": ", md.first.as_string_view(), ": ",
+                                  value.as_string_view())));
+          });
     }
-  }
-  if (error == GRPC_ERROR_NONE) {
     grpc_call_next_op(elem, batch);
   } else {
     error = grpc_error_set_int(error, GRPC_ERROR_INT_GRPC_STATUS,
@@ -228,12 +232,27 @@ static void cancel_get_request_metadata(void* arg, grpc_error_handle error) {
   grpc_call_element* elem = static_cast<grpc_call_element*>(arg);
   call_data* calld = static_cast<call_data*>(elem->call_data);
   if (error != GRPC_ERROR_NONE) {
-    calld->creds->cancel_get_request_metadata(&calld->md_array,
+    calld->creds->cancel_get_request_metadata(&*calld->md_array,
                                               GRPC_ERROR_REF(error));
   }
   GRPC_CALL_STACK_UNREF(calld->owning_call, "cancel_get_request_metadata");
 }
 
+static grpc_security_level convert_security_level_string_to_enum(
+    const char* security_level) {
+  if (strcmp(security_level, "TSI_INTEGRITY_ONLY") == 0) {
+    return GRPC_INTEGRITY_ONLY;
+  } else if (strcmp(security_level, "TSI_PRIVACY_AND_INTEGRITY") == 0) {
+    return GRPC_PRIVACY_AND_INTEGRITY;
+  }
+  return GRPC_SECURITY_NONE;
+}
+
+bool grpc_check_security_level(grpc_security_level channel_level,
+                               grpc_security_level call_cred_level) {
+  return static_cast<int>(channel_level) >= static_cast<int>(call_cred_level);
+}
+
 static void send_security_metadata(grpc_call_element* elem,
                                    grpc_transport_stream_op_batch* batch) {
   call_data* calld = static_cast<call_data*>(elem->call_data);
@@ -289,7 +308,7 @@ static void send_security_metadata(grpc_call_element* elem,
   grpc_security_level call_cred_security_level =
       calld->creds->min_security_level();
   int is_security_level_ok = grpc_check_security_level(
-      grpc_tsi_security_level_string_to_enum(prop->value),
+      convert_security_level_string_to_enum(prop->value),
       call_cred_security_level);
   if (!is_security_level_ok) {
     grpc_transport_stream_op_batch_finish_with_failure(
@@ -304,8 +323,9 @@ static void send_security_metadata(grpc_call_element* elem,
   }
 
   grpc_auth_metadata_context_build(
-      chand->security_connector->url_scheme(), calld->host, calld->method,
-      chand->auth_context.get(), &calld->auth_md_context);
+      chand->security_connector->url_scheme(), calld->host->c_slice(),
+      calld->method->c_slice(), chand->auth_context.get(),
+      &calld->auth_md_context);
 
   GPR_ASSERT(calld->pollent != nullptr);
   GRPC_CALL_STACK_REF(calld->owning_call, "get_request_metadata");
@@ -313,7 +333,7 @@ static void send_security_metadata(grpc_call_element* elem,
                     batch, grpc_schedule_on_exec_ctx);
   grpc_error_handle error = GRPC_ERROR_NONE;
   if (calld->creds->get_request_metadata(
-          calld->pollent, calld->auth_md_context, &calld->md_array,
+          calld->pollent, calld->auth_md_context, &*calld->md_array,
           &calld->async_result_closure, &error)) {
     // Synchronous return; invoke on_credentials_metadata() directly.
     on_credentials_metadata(batch, error);
@@ -340,11 +360,11 @@ static void on_host_checked(void* arg, grpc_error_handle error) {
   } else {
     grpc_transport_stream_op_batch_finish_with_failure(
         batch,
-        grpc_error_set_int(
-            GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat(
-                "Invalid host ", grpc_core::StringViewFromSlice(calld->host),
-                " set in :authority metadata.")),
-            GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_UNAUTHENTICATED),
+        grpc_error_set_int(GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat(
+                               "Invalid host ", calld->host->as_string_view(),
+                               " set in :authority metadata.")),
+                           GRPC_ERROR_INT_GRPC_STATUS,
+                           GRPC_STATUS_UNAUTHENTICATED),
         calld->call_combiner);
   }
   GRPC_CALL_STACK_UNREF(calld->owning_call, "check_call_host");
@@ -372,18 +392,18 @@ static void client_auth_start_transport_stream_op_batch(
   if (batch->send_initial_metadata) {
     grpc_metadata_batch* metadata =
         batch->payload->send_initial_metadata.send_initial_metadata;
-    if (metadata->legacy_index()->named.path != nullptr) {
-      calld->method = grpc_slice_ref_internal(
-          GRPC_MDVALUE(metadata->legacy_index()->named.path->md));
+    if (metadata->get_pointer(grpc_core::HttpPathMetadata()) != nullptr) {
+      *calld->method =
+          metadata->get_pointer(grpc_core::HttpPathMetadata())->Ref();
     }
-    if (metadata->legacy_index()->named.authority != nullptr) {
-      calld->host = grpc_slice_ref_internal(
-          GRPC_MDVALUE(metadata->legacy_index()->named.authority->md));
+    if (metadata->get_pointer(grpc_core::HttpAuthorityMetadata()) != nullptr) {
+      *calld->host =
+          metadata->get_pointer(grpc_core::HttpAuthorityMetadata())->Ref();
       batch->handler_private.extra_arg = elem;
       GRPC_CALL_STACK_REF(calld->owning_call, "check_call_host");
       GRPC_CLOSURE_INIT(&calld->async_result_closure, on_host_checked, batch,
                         grpc_schedule_on_exec_ctx);
-      absl::string_view call_host(grpc_core::StringViewFromSlice(calld->host));
+      absl::string_view call_host = calld->host->as_string_view();
       grpc_error_handle error = GRPC_ERROR_NONE;
       if (chand->security_connector->check_call_host(
               call_host, chand->auth_context.get(),

data/src/core/lib/security/transport/server_auth_filter.cc

@@ -86,49 +86,55 @@ struct call_data {
   grpc_error_handle recv_trailing_metadata_error;
   bool seen_recv_trailing_metadata_ready = false;
   grpc_metadata_array md;
-  const grpc_metadata* consumed_md;
-  size_t num_consumed_md;
   grpc_closure cancel_closure;
   gpr_atm state = STATE_INIT;  // async_state
 };
 
+class ArrayEncoder {
+ public:
+  explicit ArrayEncoder(grpc_metadata_array* result) : result_(result) {}
+
+  void Encode(const grpc_core::Slice& key, const grpc_core::Slice& value) {
+    Append(key.Ref(), value.Ref());
+  }
+
+  template <typename Which>
+  void Encode(Which, const typename Which::ValueType& value) {
+    Append(grpc_core::Slice(
+               grpc_core::StaticSlice::FromStaticString(Which::key())),
+           grpc_core::Slice(Which::Encode(value)));
+  }
+
+  void Encode(grpc_core::HttpMethodMetadata,
+              const typename grpc_core::HttpMethodMetadata::ValueType&) {}
+
+ private:
+  void Append(grpc_core::Slice key, grpc_core::Slice value) {
+    if (result_->count == result_->capacity) {
+      result_->capacity =
+          std::max(result_->capacity + 8, result_->capacity * 2);
+      result_->metadata = static_cast<grpc_metadata*>(gpr_realloc(
+          result_->metadata, result_->capacity * sizeof(grpc_metadata)));
+    }
+    auto* usr_md = &result_->metadata[result_->count++];
+    usr_md->key = key.TakeCSlice();
+    usr_md->value = value.TakeCSlice();
+  }
+
+  grpc_metadata_array* result_;
+};
+
 }  // namespace
 
 static grpc_metadata_array metadata_batch_to_md_array(
     const grpc_metadata_batch* batch) {
   grpc_metadata_array result;
   grpc_metadata_array_init(&result);
-  batch->ForEach([&](grpc_mdelem md) {
-    grpc_metadata* usr_md = nullptr;
-    grpc_slice key = GRPC_MDKEY(md);
-    grpc_slice value = GRPC_MDVALUE(md);
-    if (result.count == result.capacity) {
-      result.capacity = std::max(result.capacity + 8, result.capacity * 2);
-      result.metadata = static_cast<grpc_metadata*>(gpr_realloc(
-          result.metadata, result.capacity * sizeof(grpc_metadata)));
-    }
-    usr_md = &result.metadata[result.count++];
-    usr_md->key = grpc_slice_ref_internal(key);
-    usr_md->value = grpc_slice_ref_internal(value);
-  });
+  ArrayEncoder encoder(&result);
+  batch->Encode(&encoder);
   return result;
 }
 
-static grpc_filtered_mdelem remove_consumed_md(void* user_data,
-                                               grpc_mdelem md) {
-  grpc_call_element* elem = static_cast<grpc_call_element*>(user_data);
-  call_data* calld = static_cast<call_data*>(elem->call_data);
-  size_t i;
-  for (i = 0; i < calld->num_consumed_md; i++) {
-    const grpc_metadata* consumed_md = &calld->consumed_md[i];
-    if (grpc_slice_eq(GRPC_MDKEY(md), consumed_md->key) &&
-        grpc_slice_eq(GRPC_MDVALUE(md), consumed_md->value)) {
-      return GRPC_FILTERED_REMOVE();
-    }
-  }
-  return GRPC_FILTERED_MDELEM(md);
-}
-
 static void on_md_processing_done_inner(grpc_call_element* elem,
                                         const grpc_metadata* consumed_md,
                                         size_t num_consumed_md,
@@ -144,11 +150,10 @@ static void on_md_processing_done_inner(grpc_call_element* elem,
             "Ignoring...");
   }
   if (error == GRPC_ERROR_NONE) {
-    calld->consumed_md = consumed_md;
-    calld->num_consumed_md = num_consumed_md;
-    error = grpc_metadata_batch_filter(
-        batch->payload->recv_initial_metadata.recv_initial_metadata,
-        remove_consumed_md, elem, "Response metadata filtering error");
+    for (size_t i = 0; i < num_consumed_md; i++) {
+      batch->payload->recv_initial_metadata.recv_initial_metadata->Remove(
+          grpc_core::StringViewFromSlice(consumed_md[i].key));
+    }
   }
   calld->recv_initial_metadata_error = GRPC_ERROR_REF(error);
   grpc_closure* closure = calld->original_recv_initial_metadata_ready;

data/src/core/{ext → lib}/service_config/service_config.cc

@@ -16,7 +16,7 @@
 
 #include <grpc/support/port_platform.h>
 
-#include "src/core/ext/service_config/service_config.h"
+#include "src/core/lib/service_config/service_config.h"
 
 #include <string>
 
@@ -24,8 +24,8 @@
 
 #include <grpc/support/log.h>
 
-#include "src/core/ext/service_config/service_config_parser.h"
 #include "src/core/lib/json/json.h"
+#include "src/core/lib/service_config/service_config_parser.h"
 #include "src/core/lib/slice/slice_internal.h"
 
 namespace grpc_core {

data/src/core/{ext → lib}/service_config/service_config.h

@@ -14,8 +14,8 @@
 // limitations under the License.
 //
 
-#ifndef GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_H
-#define GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_H
+#ifndef GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_H
+#define GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_H
 
 #include <grpc/support/port_platform.h>
 
@@ -26,11 +26,11 @@
 #include <grpc/impl/codegen/grpc_types.h>
 #include <grpc/support/string_util.h>
 
-#include "src/core/ext/service_config/service_config_parser.h"
 #include "src/core/lib/gprpp/ref_counted.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/iomgr/error.h"
 #include "src/core/lib/json/json.h"
+#include "src/core/lib/service_config/service_config_parser.h"
 #include "src/core/lib/slice/slice_internal.h"
 
 // The main purpose of the code here is to parse the service config in
@@ -124,4 +124,4 @@ class ServiceConfig : public RefCounted<ServiceConfig> {
 
 }  // namespace grpc_core
 
-#endif /* GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_H */
+#endif /* GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_H */

data/src/core/{ext → lib}/service_config/service_config_call_data.h

@@ -14,8 +14,8 @@
 // limitations under the License.
 //
 
-#ifndef GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H
-#define GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H
+#ifndef GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H
+#define GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H
 
 #include <grpc/support/port_platform.h>
 
@@ -23,10 +23,10 @@
 
 #include "absl/strings/string_view.h"
 
-#include "src/core/ext/service_config/service_config.h"
-#include "src/core/ext/service_config/service_config_parser.h"
 #include "src/core/lib/channel/context.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
+#include "src/core/lib/service_config/service_config.h"
+#include "src/core/lib/service_config/service_config_parser.h"
 
 namespace grpc_core {
 
@@ -69,4 +69,4 @@ class ServiceConfigCallData {
 
 }  // namespace grpc_core
 
-#endif /* GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H */
+#endif /* GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_CALL_DATA_H */

data/src/core/{ext → lib}/service_config/service_config_parser.cc

@@ -16,7 +16,7 @@
 
 #include <grpc/support/port_platform.h>
 
-#include "src/core/ext/service_config/service_config_parser.h"
+#include "src/core/lib/service_config/service_config_parser.h"
 
 #include <grpc/support/log.h>
 

data/src/core/{ext → lib}/service_config/service_config_parser.h

@@ -14,8 +14,8 @@
 // limitations under the License.
 //
 
-#ifndef GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H
-#define GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H
+#ifndef GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H
+#define GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H
 
 #include <grpc/support/port_platform.h>
 
@@ -94,4 +94,4 @@ class ServiceConfigParser {
 
 }  // namespace grpc_core
 
-#endif /* GRPC_CORE_EXT_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H */
+#endif /* GRPC_CORE_LIB_SERVICE_CONFIG_SERVICE_CONFIG_PARSER_H */

data/src/core/lib/slice/slice.cc

@@ -215,7 +215,9 @@ grpc_slice grpc_slice_from_copied_buffer(const char* source, size_t length) {
     slice = grpc_core::UnmanagedMemorySlice(
         length, grpc_core::UnmanagedMemorySlice::ForceHeapAllocation());
   }
-  memcpy(GRPC_SLICE_START_PTR(slice), source, length);
+  if (length > 0) {
+    memcpy(GRPC_SLICE_START_PTR(slice), source, length);
+  }
   return slice;
 }