RubyGems - grpc - Versions diffs - 1.46.3-x86_64-linux → 1.47.0-x86_64-linux - Mend

grpc 1.46.3-x86_64-linux → 1.47.0-x86_64-linux

Potentially problematic release.

This version of grpc might be problematic. Click here for more details.

Files changed (487) hide show

data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h CHANGED Viewed

@@ -30,6 +30,7 @@
 #include "src/core/lib/gprpp/ref_counted.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/gprpp/thd.h"
+#include "src/core/lib/gprpp/unique_type_name.h"
 #include "src/core/lib/iomgr/load_file.h"
 #include "src/core/lib/iomgr/pollset_set.h"
 #include "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h"
@@ -62,10 +63,7 @@ struct grpc_tls_certificate_provider
   // used but they compare as equal (assuming other channel args match).
   int Compare(const grpc_tls_certificate_provider* other) const {
     GPR_ASSERT(other != nullptr);
-    // Intentionally uses grpc_core::QsortCompare instead of strcmp as a safety
-    // against different grpc_tls_certificate_provider types using the same
-    // name.
-    int r = grpc_core::QsortCompare(type(), other->type());
+    int r = type().Compare(other->type());
     if (r != 0) return r;
     return CompareImpl(other);
   }
@@ -74,7 +72,7 @@ struct grpc_tls_certificate_provider
   // implementation for down-casting purposes. Every provider implementation
   // should use a unique string instance, which should be returned by all
   // instances of that provider implementation.
-  virtual const char* type() const = 0;
+  virtual grpc_core::UniqueTypeName type() const = 0;
  private:
   // Implementation for `Compare` method intended to be overridden by
@@ -99,7 +97,7 @@ class StaticDataCertificateProvider final
     return distributor_;
   }
-  const char* type() const override { return "StaticData"; }
+  UniqueTypeName type() const override;
  private:
   struct WatcherInfo {
@@ -138,7 +136,7 @@ class FileWatcherCertificateProvider final
     return distributor_;
   }
-  const char* type() const override { return "FileWatcher"; }
+  UniqueTypeName type() const override;
  private:
   struct WatcherInfo {

data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc CHANGED Viewed

@@ -60,6 +60,11 @@ bool ExternalCertificateVerifier::Verify(
   return is_done;
 }
+UniqueTypeName ExternalCertificateVerifier::type() const {
+  static UniqueTypeName::Factory kFactory("External");
+  return kFactory.Create();
+}
 void ExternalCertificateVerifier::OnVerifyDone(
     grpc_tls_custom_verification_check_request* request, void* callback_arg,
     grpc_status_code status, const char* error_details) {
@@ -84,6 +89,15 @@ void ExternalCertificateVerifier::OnVerifyDone(
   }
 }
+//
+// NoOpCertificateVerifier
+//
+UniqueTypeName NoOpCertificateVerifier::type() const {
+  static UniqueTypeName::Factory kFactory("NoOp");
+  return kFactory.Create();
+}
 //
 // HostNameCertificateVerifier
 //
@@ -142,7 +156,8 @@ bool HostNameCertificateVerifier::Verify(
     const char* common_name = request->peer_info.common_name;
     // We are using the target name sent from the client as a matcher to match
     // against identity name on the peer cert.
-    if (VerifySubjectAlternativeName(common_name, std::string(target_host))) {
+    if (common_name != nullptr &&
+        VerifySubjectAlternativeName(common_name, std::string(target_host))) {
       return true;  // synchronous check
     }
   }
@@ -151,6 +166,11 @@ bool HostNameCertificateVerifier::Verify(
   return true;  // synchronous check
 }
+UniqueTypeName HostNameCertificateVerifier::type() const {
+  static UniqueTypeName::Factory kFactory("Hostname");
+  return kFactory.Create();
+}
 }  // namespace grpc_core
 //
@@ -194,6 +214,11 @@ grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_external_create(
   return new grpc_core::ExternalCertificateVerifier(external_verifier);
 }
+grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_no_op_create() {
+  grpc_core::ExecCtx exec_ctx;
+  return new grpc_core::NoOpCertificateVerifier();
+}
 grpc_tls_certificate_verifier*
 grpc_tls_certificate_verifier_host_name_create() {
   grpc_core::ExecCtx exec_ctx;

data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h CHANGED Viewed

@@ -29,6 +29,7 @@
 #include "src/core/lib/gprpp/ref_counted.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/gprpp/thd.h"
+#include "src/core/lib/gprpp/unique_type_name.h"
 #include "src/core/lib/iomgr/load_file.h"
 #include "src/core/lib/iomgr/pollset_set.h"
 #include "src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h"
@@ -57,7 +58,7 @@ struct grpc_tls_certificate_verifier
   // verifiers as effectively the same.
   int Compare(const grpc_tls_certificate_verifier* other) const {
     GPR_ASSERT(other != nullptr);
-    int r = grpc_core::QsortCompare(type(), other->type());
+    int r = type().Compare(other->type());
     if (r != 0) return r;
     return CompareImpl(other);
   }
@@ -66,7 +67,7 @@ struct grpc_tls_certificate_verifier
   // implementation for down-casting purposes. Every verifier implementation
   // should use a unique string instance, which should be returned by all
   // instances of that verifier implementation.
-  virtual const char* type() const = 0;
+  virtual grpc_core::UniqueTypeName type() const = 0;
  private:
   // Implementation for `Compare` method intended to be overridden by
@@ -99,7 +100,7 @@ class ExternalCertificateVerifier : public grpc_tls_certificate_verifier {
     external_verifier_->cancel(external_verifier_->user_data, request);
   }
-  const char* type() const override { return "External"; }
+  UniqueTypeName type() const override;
  private:
   int CompareImpl(const grpc_tls_certificate_verifier* other) const override {
@@ -121,6 +122,29 @@ class ExternalCertificateVerifier : public grpc_tls_certificate_verifier {
       request_map_ ABSL_GUARDED_BY(mu_);
 };
+// An internal verifier that won't perform any post-handshake checks.
+// Note: using this solely without any other authentication mechanisms on the
+// peer identity will leave your applications to the MITM(Man-In-The-Middle)
+// attacks. Users should avoid doing so in production environments.
+class NoOpCertificateVerifier : public grpc_tls_certificate_verifier {
+ public:
+  bool Verify(grpc_tls_custom_verification_check_request*,
+              std::function<void(absl::Status)>, absl::Status*) override {
+    return true;  // synchronous check
+  };
+  void Cancel(grpc_tls_custom_verification_check_request*) override {}
+  UniqueTypeName type() const override;
+ private:
+  int CompareImpl(
+      const grpc_tls_certificate_verifier* /* other */) const override {
+    // No differentiating factor between different NoOpCertificateVerifier
+    // objects.
+    return 0;
+  }
+};
 // An internal verifier that will perform hostname verification check.
 class HostNameCertificateVerifier : public grpc_tls_certificate_verifier {
  public:
@@ -129,7 +153,7 @@ class HostNameCertificateVerifier : public grpc_tls_certificate_verifier {
               absl::Status* sync_status) override;
   void Cancel(grpc_tls_custom_verification_check_request*) override {}
-  const char* type() const override { return "Hostname"; }
+  UniqueTypeName type() const override;
  private:
   int CompareImpl(

data/src/core/lib/security/credentials/tls/tls_credentials.cc CHANGED Viewed

@@ -106,6 +106,11 @@ TlsCredentials::create_security_connector(
   return sc;
 }
+grpc_core::UniqueTypeName TlsCredentials::type() const {
+  static grpc_core::UniqueTypeName::Factory kFactory("Tls");
+  return kFactory.Create();
+}
 int TlsCredentials::cmp_impl(const grpc_channel_credentials* other) const {
   const TlsCredentials* o = static_cast<const TlsCredentials*>(other);
   if (*options_ == *o->options_) return 0;
@@ -126,6 +131,11 @@ TlsServerCredentials::create_security_connector(
       CreateTlsServerSecurityConnector(this->Ref(), options_);
 }
+grpc_core::UniqueTypeName TlsServerCredentials::type() const {
+  static grpc_core::UniqueTypeName::Factory kFactory("Tls");
+  return kFactory.Create();
+}
 /** -- Wrapper APIs declared in grpc_security.h -- **/
 grpc_channel_credentials* grpc_tls_credentials_create(

data/src/core/lib/security/credentials/tls/tls_credentials.h CHANGED Viewed

@@ -38,7 +38,7 @@ class TlsCredentials final : public grpc_channel_credentials {
       const char* target_name, const grpc_channel_args* args,
       grpc_channel_args** new_args) override;
-  const char* type() const override { return "Tls"; }
+  grpc_core::UniqueTypeName type() const override;
   grpc_tls_credentials_options* options() const { return options_.get(); }
@@ -57,7 +57,7 @@ class TlsServerCredentials final : public grpc_server_credentials {
   grpc_core::RefCountedPtr<grpc_server_security_connector>
   create_security_connector(const grpc_channel_args* /* args */) override;
-  const char* type() const override { return "Tls"; }
+  grpc_core::UniqueTypeName type() const override;
   grpc_tls_credentials_options* options() const { return options_.get(); }

data/src/core/lib/security/credentials/xds/xds_credentials.cc CHANGED Viewed

@@ -105,7 +105,10 @@ int XdsCertificateVerifier::CompareImpl(
   return cluster_name_.compare(o->cluster_name_);
 }
-const char* XdsCertificateVerifier::type() const { return "Xds"; }
+UniqueTypeName XdsCertificateVerifier::type() const {
+  static UniqueTypeName::Factory kFactory("Xds");
+  return kFactory.Create();
+}
 bool TestOnlyXdsVerifySubjectAlternativeNames(
     const char* const* subject_alternative_names,
@@ -182,7 +185,10 @@ XdsCredentials::create_security_connector(
       std::move(call_creds), target_name, temp_args.args, new_args);
 }
-const char* XdsCredentials::Type() { return "Xds"; }
+UniqueTypeName XdsCredentials::Type() {
+  static UniqueTypeName::Factory kFactory("Xds");
+  return kFactory.Create();
+}
 //
 // XdsServerCredentials
@@ -220,7 +226,10 @@ XdsServerCredentials::create_security_connector(const grpc_channel_args* args) {
   return fallback_credentials_->create_security_connector(args);
 }
-const char* XdsServerCredentials::Type() { return "Xds"; }
+UniqueTypeName XdsServerCredentials::Type() {
+  static UniqueTypeName::Factory kFactory("Xds");
+  return kFactory.Create();
+}
 }  // namespace grpc_core

data/src/core/lib/security/credentials/xds/xds_credentials.h CHANGED Viewed

@@ -41,7 +41,7 @@ class XdsCertificateVerifier : public grpc_tls_certificate_verifier {
               absl::Status* sync_status) override;
   void Cancel(grpc_tls_custom_verification_check_request*) override;
-  const char* type() const override;
+  UniqueTypeName type() const override;
  private:
   int CompareImpl(const grpc_tls_certificate_verifier* other) const override;
@@ -60,9 +60,9 @@ class XdsCredentials final : public grpc_channel_credentials {
       RefCountedPtr<grpc_call_credentials> call_creds, const char* target_name,
       const grpc_channel_args* args, grpc_channel_args** new_args) override;
-  static const char* Type();
+  static UniqueTypeName Type();
-  const char* type() const override { return Type(); }
+  UniqueTypeName type() const override { return Type(); }
  private:
   int cmp_impl(const grpc_channel_credentials* other) const override {
@@ -82,9 +82,9 @@ class XdsServerCredentials final : public grpc_server_credentials {
   RefCountedPtr<grpc_server_security_connector> create_security_connector(
       const grpc_channel_args* /* args */) override;
-  static const char* Type();
+  static UniqueTypeName Type();
-  const char* type() const override { return Type(); }
+  UniqueTypeName type() const override { return Type(); }
  private:
   RefCountedPtr<grpc_server_credentials> fallback_credentials_;

data/src/core/lib/security/security_connector/fake/fake_security_connector.cc CHANGED Viewed

@@ -30,7 +30,6 @@
 #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h"
 #include "src/core/lib/channel/channel_args.h"
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gpr/string.h"
 #include "src/core/lib/gprpp/host_port.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
@@ -39,6 +38,7 @@
 #include "src/core/lib/security/credentials/credentials.h"
 #include "src/core/lib/security/credentials/fake/fake_credentials.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
+#include "src/core/lib/transport/handshaker.h"
 #include "src/core/tsi/fake_transport_security.h"
 namespace {

data/src/core/lib/security/security_connector/fake/fake_security_connector.h CHANGED Viewed

@@ -23,9 +23,9 @@
 #include <grpc/grpc_security.h>
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/security/security_connector/security_connector.h"
+#include "src/core/lib/transport/handshaker.h"
 /* Creates a fake connector that emulates real channel security.  */
 grpc_core::RefCountedPtr<grpc_channel_security_connector>

data/src/core/lib/security/security_connector/security_connector.cc CHANGED Viewed

@@ -26,12 +26,12 @@
 #include <grpc/support/string_util.h>
 #include "src/core/lib/channel/channel_args.h"
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gpr/string.h"
 #include "src/core/lib/security/context/security_context.h"
 #include "src/core/lib/security/credentials/credentials.h"
 #include "src/core/lib/security/security_connector/security_connector.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
+#include "src/core/lib/transport/handshaker.h"
 grpc_core::DebugOnlyTraceFlag grpc_trace_security_connector_refcount(
     false, "security_connector_refcount");

data/src/core/lib/security/security_connector/security_connector.h CHANGED Viewed

@@ -25,12 +25,12 @@
 #include <grpc/grpc_security.h>
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gprpp/ref_counted.h"
 #include "src/core/lib/iomgr/endpoint.h"
 #include "src/core/lib/iomgr/pollset.h"
 #include "src/core/lib/iomgr/tcp_server.h"
 #include "src/core/lib/promise/arena_promise.h"
+#include "src/core/lib/transport/handshaker.h"
 #include "src/core/tsi/transport_security_interface.h"
 extern grpc_core::DebugOnlyTraceFlag grpc_trace_security_connector_refcount;

data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc CHANGED Viewed

@@ -30,7 +30,6 @@
 #include <grpc/support/log.h>
 #include "src/core/ext/transport/chttp2/alpn/alpn.h"
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/gpr/string.h"
 #include "src/core/lib/gprpp/host_port.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
@@ -42,6 +41,7 @@
 #include "src/core/lib/security/security_connector/load_system_roots.h"
 #include "src/core/lib/security/security_connector/ssl_utils.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
+#include "src/core/lib/transport/handshaker.h"
 #include "src/core/tsi/ssl_transport_security.h"
 #include "src/core/tsi/transport_security.h"

data/src/core/lib/security/transport/client_auth_filter.cc CHANGED Viewed

@@ -31,7 +31,6 @@
 #include "src/core/lib/channel/channel_stack.h"
 #include "src/core/lib/channel/promise_based_filter.h"
 #include "src/core/lib/gpr/string.h"
-#include "src/core/lib/gprpp/capture.h"
 #include "src/core/lib/iomgr/error.h"
 #include "src/core/lib/profiling/timers.h"
 #include "src/core/lib/promise/promise.h"
@@ -151,13 +150,12 @@ ArenaPromise<absl::StatusOr<CallArgs>> ClientAuthFilter::GetCallCredsMetadata(
   auto client_initial_metadata = std::move(call_args.client_initial_metadata);
   return TrySeq(
       creds->GetRequestMetadata(std::move(client_initial_metadata), &args_),
-      Capture(
-          [](CallArgs* rest_of_args, ClientMetadataHandle new_metadata) {
-            rest_of_args->client_initial_metadata = std::move(new_metadata);
-            return Immediate<absl::StatusOr<CallArgs>>(
-                absl::StatusOr<CallArgs>(std::move(*rest_of_args)));
-          },
-          std::move(call_args)));
+      [call_args =
+           std::move(call_args)](ClientMetadataHandle new_metadata) mutable {
+        call_args.client_initial_metadata = std::move(new_metadata);
+        return Immediate<absl::StatusOr<CallArgs>>(
+            absl::StatusOr<CallArgs>(std::move(call_args)));
+      });
 }
 ArenaPromise<ServerMetadataHandle> ClientAuthFilter::MakeCallPromise(

data/src/core/lib/security/transport/secure_endpoint.cc CHANGED Viewed

@@ -20,6 +20,8 @@
 #include "src/core/lib/security/transport/secure_endpoint.h"
+#include <limits.h>
 #include <new>
 #include <grpc/slice.h>
@@ -72,10 +74,15 @@ struct secure_endpoint {
             ->CreateMemoryOwner(absl::StrCat(grpc_endpoint_get_peer(transport),
                                              ":secure_endpoint"));
     self_reservation = memory_owner.MakeReservation(sizeof(*this));
-    read_staging_buffer =
-        memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
-    write_staging_buffer =
-        memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
+    if (zero_copy_protector) {
+      read_staging_buffer = grpc_empty_slice();
+      write_staging_buffer = grpc_empty_slice();
+    } else {
+      read_staging_buffer =
+          memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
+      write_staging_buffer =
+          memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
+    }
     has_posted_reclaimer.store(false, std::memory_order_relaxed);
     gpr_ref_init(&ref, 1);
   }
@@ -97,8 +104,8 @@ struct secure_endpoint {
   struct tsi_frame_protector* protector;
   struct tsi_zero_copy_grpc_protector* zero_copy_protector;
   gpr_mu protector_mu;
-  absl::Mutex read_mu;
-  absl::Mutex write_mu;
+  grpc_core::Mutex read_mu;
+  grpc_core::Mutex write_mu;
   /* saved upper level callbacks and user_data. */
   grpc_closure* read_cb = nullptr;
   grpc_closure* write_cb = nullptr;
@@ -229,7 +236,7 @@ static void on_read(void* user_data, grpc_error_handle error) {
   secure_endpoint* ep = static_cast<secure_endpoint*>(user_data);
   {
-    absl::MutexLock l(&ep->read_mu);
+    grpc_core::MutexLock l(&ep->read_mu);
     uint8_t* cur = GRPC_SLICE_START_PTR(ep->read_staging_buffer);
     uint8_t* end = GRPC_SLICE_END_PTR(ep->read_staging_buffer);
@@ -313,7 +320,8 @@ static void on_read(void* user_data, grpc_error_handle error) {
 }
 static void endpoint_read(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
-                          grpc_closure* cb, bool urgent) {
+                          grpc_closure* cb, bool urgent,
+                          int /*min_progress_size*/) {
   secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
   ep->read_cb = cb;
   ep->read_buffer = slices;
@@ -327,7 +335,8 @@ static void endpoint_read(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
     return;
   }
-  grpc_endpoint_read(ep->wrapped_ep, &ep->source_buffer, &ep->on_read, urgent);
+  grpc_endpoint_read(ep->wrapped_ep, &ep->source_buffer, &ep->on_read, urgent,
+                     /*min_progress_size=*/1);
 }
 static void flush_write_staging_buffer(secure_endpoint* ep, uint8_t** cur,
@@ -342,7 +351,8 @@ static void flush_write_staging_buffer(secure_endpoint* ep, uint8_t** cur,
 }
 static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
-                           grpc_closure* cb, void* arg) {
+                           grpc_closure* cb, void* arg,
+                           int /*max_frame_size*/) {
   GPR_TIMER_SCOPE("secure_endpoint.endpoint_write", 0);
   unsigned i;
@@ -350,7 +360,7 @@ static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
   secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
   {
-    absl::MutexLock l(&ep->write_mu);
+    grpc_core::MutexLock l(&ep->write_mu);
     uint8_t* cur = GRPC_SLICE_START_PTR(ep->write_staging_buffer);
     uint8_t* end = GRPC_SLICE_END_PTR(ep->write_staging_buffer);
@@ -435,7 +445,8 @@ static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
     return;
   }
-  grpc_endpoint_write(ep->wrapped_ep, &ep->output_buffer, cb, arg);
+  grpc_endpoint_write(ep->wrapped_ep, &ep->output_buffer, cb, arg,
+                      /*max_frame_size=*/INT_MAX);
 }
 static void endpoint_shutdown(grpc_endpoint* secure_ep, grpc_error_handle why) {

data/src/core/lib/security/transport/security_handshaker.cc CHANGED Viewed

@@ -31,13 +31,13 @@
 #include "src/core/lib/channel/channel_args.h"
 #include "src/core/lib/channel/channelz.h"
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/config/core_configuration.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/security/context/security_context.h"
 #include "src/core/lib/security/transport/secure_endpoint.h"
 #include "src/core/lib/security/transport/tsi_error.h"
 #include "src/core/lib/slice/slice_internal.h"
+#include "src/core/lib/transport/handshaker.h"
 #include "src/core/tsi/transport_security_grpc.h"
 #define GRPC_INITIAL_HANDSHAKE_BUFFER_SIZE 256
@@ -369,7 +369,7 @@ grpc_error_handle SecurityHandshaker::OnHandshakeNextDoneLocked(
             &on_handshake_data_received_from_peer_,
             &SecurityHandshaker::OnHandshakeDataReceivedFromPeerFnScheduler,
             this, grpc_schedule_on_exec_ctx),
-        /*urgent=*/true);
+        /*urgent=*/true, /*min_progress_size=*/1);
     return error;
   }
   if (result != TSI_OK) {
@@ -393,7 +393,7 @@ grpc_error_handle SecurityHandshaker::OnHandshakeNextDoneLocked(
             &on_handshake_data_sent_to_peer_,
             &SecurityHandshaker::OnHandshakeDataSentToPeerFnScheduler, this,
             grpc_schedule_on_exec_ctx),
-        nullptr);
+        nullptr, /*max_frame_size=*/INT_MAX);
   } else if (handshaker_result == nullptr) {
     // There is nothing to send, but need to read from peer.
     grpc_endpoint_read(
@@ -402,7 +402,7 @@ grpc_error_handle SecurityHandshaker::OnHandshakeNextDoneLocked(
             &on_handshake_data_received_from_peer_,
             &SecurityHandshaker::OnHandshakeDataReceivedFromPeerFnScheduler,
             this, grpc_schedule_on_exec_ctx),
-        /*urgent=*/true);
+        /*urgent=*/true, /*min_progress_size=*/1);
   } else {
     // Handshake has finished, check peer and so on.
     error = CheckPeerLocked();
@@ -508,7 +508,7 @@ void SecurityHandshaker::OnHandshakeDataSentToPeerFn(void* arg,
             &h->on_handshake_data_received_from_peer_,
             &SecurityHandshaker::OnHandshakeDataReceivedFromPeerFnScheduler,
             h.get(), grpc_schedule_on_exec_ctx),
-        /*urgent=*/true);
+        /*urgent=*/true, /*min_progress_size=*/1);
   } else {
     error = h->CheckPeerLocked();
     if (error != GRPC_ERROR_NONE) {

data/src/core/lib/security/transport/security_handshaker.h CHANGED Viewed

@@ -21,9 +21,9 @@
 #include <grpc/support/port_platform.h>
-#include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/config/core_configuration.h"
 #include "src/core/lib/security/security_connector/security_connector.h"
+#include "src/core/lib/transport/handshaker.h"
 namespace grpc_core {

data/src/core/lib/security/transport/server_auth_filter.cc CHANGED Viewed

@@ -143,9 +143,9 @@ static void on_md_processing_done_inner(grpc_call_element* elem,
                                         grpc_error_handle error) {
   call_data* calld = static_cast<call_data*>(elem->call_data);
   grpc_transport_stream_op_batch* batch = calld->recv_initial_metadata_batch;
-  /* TODO(jboeuf): Implement support for response_md. */
+  /* TODO(ZhenLian): Implement support for response_md. */
   if (response_md != nullptr && num_response_md > 0) {
-    gpr_log(GPR_INFO,
+    gpr_log(GPR_ERROR,
             "response_md in auth metadata processing not supported for now. "
             "Ignoring...");
   }
@@ -332,6 +332,7 @@ const grpc_channel_filter grpc_server_auth_filter = {
     server_auth_destroy_call_elem,
     sizeof(channel_data),
     server_auth_init_channel_elem,
+    grpc_channel_stack_no_post_init,
     server_auth_destroy_channel_elem,
     grpc_channel_next_get_info,
     "server-auth"};

data/src/core/lib/service_config/service_config.h CHANGED Viewed

@@ -19,18 +19,14 @@
 #include <grpc/support/port_platform.h>
-#include <unordered_map>
-#include <vector>
+#include <stddef.h>
-#include <grpc/impl/codegen/grpc_types.h>
-#include <grpc/support/string_util.h>
+#include "absl/strings/string_view.h"
+#include <grpc/slice.h>
 #include "src/core/lib/gprpp/ref_counted.h"
-#include "src/core/lib/gprpp/ref_counted_ptr.h"
-#include "src/core/lib/iomgr/error.h"
-#include "src/core/lib/json/json.h"
 #include "src/core/lib/service_config/service_config_parser.h"
-#include "src/core/lib/slice/slice_internal.h"
 // The main purpose of the code here is to parse the service config in
 // JSON form, which will look like this:

data/src/core/lib/service_config/service_config_call_data.h CHANGED Viewed

@@ -19,11 +19,14 @@
 #include <grpc/support/port_platform.h>
+#include <stddef.h>
 #include <map>
+#include <memory>
+#include <utility>
 #include "absl/strings/string_view.h"
-#include "src/core/lib/channel/context.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/service_config/service_config.h"
 #include "src/core/lib/service_config/service_config_parser.h"

data/src/core/lib/service_config/service_config_impl.cc CHANGED Viewed

@@ -18,16 +18,23 @@
 #include "src/core/lib/service_config/service_config_impl.h"
+#include <string.h>
+#include <map>
 #include <string>
+#include <utility>
+#include "absl/memory/memory.h"
 #include "absl/strings/str_cat.h"
 #include <grpc/support/log.h>
 #include "src/core/lib/config/core_configuration.h"
+#include "src/core/lib/gprpp/memory.h"
 #include "src/core/lib/json/json.h"
 #include "src/core/lib/service_config/service_config_parser.h"
 #include "src/core/lib/slice/slice_internal.h"
+#include "src/core/lib/slice/slice_refcount.h"
 namespace grpc_core {