grpc 1.46.3 → 1.53.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +419 -241
- data/include/grpc/byte_buffer.h +76 -1
- data/include/grpc/byte_buffer_reader.h +19 -1
- data/include/grpc/compression.h +2 -2
- data/include/grpc/event_engine/endpoint_config.h +11 -5
- data/include/grpc/event_engine/event_engine.h +129 -39
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +1 -1
- data/include/grpc/event_engine/internal/slice_cast.h +67 -0
- data/include/grpc/event_engine/memory_allocator.h +1 -16
- data/include/grpc/event_engine/port.h +1 -1
- data/include/grpc/event_engine/slice.h +306 -0
- data/include/grpc/event_engine/slice_buffer.h +159 -0
- data/include/grpc/fork.h +25 -1
- data/include/grpc/grpc.h +4 -14
- data/include/grpc/grpc_posix.h +1 -1
- data/include/grpc/grpc_security.h +11 -0
- data/include/grpc/impl/codegen/atm.h +3 -71
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +3 -67
- data/include/grpc/impl/codegen/atm_gcc_sync.h +3 -61
- data/include/grpc/impl/codegen/atm_windows.h +3 -108
- data/include/grpc/impl/codegen/byte_buffer.h +4 -78
- data/include/grpc/impl/codegen/byte_buffer_reader.h +4 -19
- data/include/grpc/impl/codegen/compression_types.h +5 -83
- data/include/grpc/impl/codegen/connectivity_state.h +5 -21
- data/include/grpc/impl/codegen/fork.h +4 -25
- data/include/grpc/impl/codegen/gpr_types.h +4 -35
- data/include/grpc/impl/codegen/grpc_types.h +5 -791
- data/include/grpc/impl/codegen/log.h +3 -86
- data/include/grpc/impl/codegen/port_platform.h +3 -699
- data/include/grpc/impl/codegen/propagation_bits.h +3 -28
- data/include/grpc/impl/codegen/slice.h +4 -107
- data/include/grpc/impl/codegen/status.h +4 -131
- data/include/grpc/impl/codegen/sync.h +3 -42
- data/include/grpc/impl/codegen/sync_abseil.h +3 -12
- data/include/grpc/impl/codegen/sync_custom.h +3 -14
- data/include/grpc/impl/codegen/sync_generic.h +3 -25
- data/include/grpc/impl/codegen/sync_posix.h +3 -28
- data/include/grpc/impl/codegen/sync_windows.h +3 -16
- data/include/grpc/impl/compression_types.h +109 -0
- data/include/grpc/impl/connectivity_state.h +47 -0
- data/include/grpc/impl/grpc_types.h +836 -0
- data/include/grpc/impl/propagation_bits.h +54 -0
- data/include/grpc/impl/slice_type.h +112 -0
- data/include/grpc/load_reporting.h +1 -1
- data/include/grpc/module.modulemap +5 -1
- data/include/grpc/slice.h +1 -1
- data/include/grpc/status.h +131 -1
- data/include/grpc/support/atm.h +70 -1
- data/include/grpc/support/atm_gcc_atomic.h +59 -1
- data/include/grpc/support/atm_gcc_sync.h +58 -1
- data/include/grpc/support/atm_windows.h +105 -1
- data/include/grpc/support/log.h +87 -1
- data/include/grpc/support/log_windows.h +1 -1
- data/include/grpc/support/port_platform.h +767 -1
- data/include/grpc/support/string_util.h +1 -1
- data/include/grpc/support/sync.h +35 -2
- data/include/grpc/support/sync_abseil.h +11 -1
- data/include/grpc/support/sync_custom.h +13 -1
- data/include/grpc/support/sync_generic.h +24 -1
- data/include/grpc/support/sync_posix.h +27 -1
- data/include/grpc/support/sync_windows.h +15 -1
- data/include/grpc/support/time.h +31 -6
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +148 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +52 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_provider.h +29 -0
- data/src/core/ext/filters/census/grpc_context.cc +19 -17
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +67 -61
- data/src/core/ext/filters/channel_idle/channel_idle_filter.h +26 -6
- data/src/core/ext/filters/channel_idle/idle_filter_state.h +6 -4
- data/src/core/ext/filters/client_channel/backend_metric.cc +19 -12
- data/src/core/ext/filters/client_channel/backend_metric.h +21 -11
- data/src/core/ext/filters/client_channel/backup_poller.cc +34 -34
- data/src/core/ext/filters/client_channel/backup_poller.h +26 -28
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +89 -44
- data/src/core/ext/filters/client_channel/client_channel.cc +401 -451
- data/src/core/ext/filters/client_channel/client_channel.h +68 -26
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +19 -23
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +33 -23
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +19 -43
- data/src/core/ext/filters/client_channel/client_channel_factory.h +11 -11
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +22 -47
- data/src/core/ext/filters/client_channel/client_channel_service_config.cc +153 -0
- data/src/core/ext/filters/client_channel/{resolver_result_parsing.h → client_channel_service_config.h} +33 -27
- data/src/core/ext/filters/client_channel/config_selector.cc +1 -0
- data/src/core/ext/filters/client_channel/config_selector.h +29 -23
- data/src/core/ext/filters/client_channel/connector.h +19 -10
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +40 -54
- data/src/core/ext/filters/client_channel/dynamic_filters.h +20 -11
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +2 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +24 -21
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +16 -4
- data/src/core/ext/filters/client_channel/health/health_check_client.h +5 -3
- data/src/core/ext/filters/client_channel/http_proxy.cc +100 -112
- data/src/core/ext/filters/client_channel/http_proxy.h +38 -31
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +39 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +8 -5
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +49 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +37 -16
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +18 -13
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +71 -131
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +41 -24
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +410 -375
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +26 -27
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +15 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +9 -7
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +18 -20
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +27 -22
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +28 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +26 -25
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +338 -0
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +57 -0
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric_internal.h +117 -0
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +1129 -0
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +94 -0
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +174 -180
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +366 -407
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +491 -405
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +19 -9
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +619 -634
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +261 -234
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +165 -143
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.cc +128 -0
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.h +71 -0
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +972 -0
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +223 -220
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +214 -153
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +42 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/{xds.h → xds_attributes.h} +19 -15
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +178 -256
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +199 -210
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +382 -368
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +819 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.h +67 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +369 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +4 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +22 -21
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +34 -19
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +531 -163
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +50 -44
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +31 -30
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +89 -84
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +300 -209
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +82 -61
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +18 -18
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +20 -19
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +2 -0
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +22 -22
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +54 -22
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +21 -34
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +19 -5
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +135 -63
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +136 -68
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +29 -14
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +21 -27
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +368 -305
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +6 -4
- data/src/core/ext/filters/client_channel/retry_filter.cc +166 -163
- data/src/core/ext/filters/client_channel/retry_filter.h +4 -3
- data/src/core/ext/filters/client_channel/retry_service_config.cc +197 -229
- data/src/core/ext/filters/client_channel/retry_service_config.h +29 -26
- data/src/core/ext/filters/client_channel/retry_throttle.cc +28 -37
- data/src/core/ext/filters/client_channel/retry_throttle.h +36 -29
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +34 -17
- data/src/core/ext/filters/client_channel/subchannel.cc +332 -384
- data/src/core/ext/filters/client_channel/subchannel.h +112 -82
- data/src/core/ext/filters/client_channel/subchannel_interface_internal.h +38 -0
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +17 -77
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +41 -47
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +34 -108
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +20 -12
- data/src/core/ext/filters/deadline/deadline_filter.cc +94 -76
- data/src/core/ext/filters/deadline/deadline_filter.h +14 -12
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +44 -22
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +20 -11
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +118 -0
- data/src/core/ext/filters/fault_injection/{service_config_parser.h → fault_injection_service_config_parser.h} +34 -13
- data/src/core/ext/filters/http/client/http_client_filter.cc +76 -54
- data/src/core/ext/filters/http/client/http_client_filter.h +36 -23
- data/src/core/ext/filters/http/client_authority_filter.cc +33 -38
- data/src/core/ext/filters/http/client_authority_filter.h +27 -24
- data/src/core/ext/filters/http/http_filters_plugin.cc +46 -55
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +307 -0
- data/src/core/ext/filters/http/message_compress/compression_filter.h +139 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +111 -271
- data/src/core/ext/filters/http/server/http_server_filter.h +58 -24
- data/src/core/ext/filters/message_size/message_size_filter.cc +117 -137
- data/src/core/ext/filters/message_size/message_size_filter.h +34 -17
- data/src/core/ext/filters/rbac/rbac_filter.cc +29 -16
- data/src/core/ext/filters/rbac/rbac_filter.h +11 -3
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +736 -523
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +18 -7
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +20 -8
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +28 -12
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.h +4 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +219 -0
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +66 -0
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +82 -0
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +93 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +18 -18
- data/src/core/ext/transport/chttp2/alpn/alpn.h +24 -24
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +185 -241
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +38 -30
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +204 -211
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +26 -26
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +24 -24
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +35 -34
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +43 -38
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +35 -31
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +801 -1067
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +28 -23
- data/src/core/ext/transport/chttp2/transport/context_list.cc +23 -19
- data/src/core/ext/transport/chttp2/transport/context_list.h +32 -29
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +251 -0
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +971 -0
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +350 -300
- data/src/core/ext/transport/chttp2/transport/flow_control.h +248 -325
- data/src/core/ext/transport/chttp2/transport/frame.h +22 -26
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +85 -234
- data/src/core/ext/transport/chttp2/transport/frame_data.h +38 -61
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +41 -36
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +24 -22
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +31 -25
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +25 -22
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +35 -26
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +24 -21
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +44 -77
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +27 -23
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +34 -33
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +24 -21
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +10 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +221 -372
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +338 -158
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +6 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +16 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +516 -751
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +38 -27
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +86 -76
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +79 -49
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +21 -19
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +39 -38
- data/src/core/ext/transport/chttp2/transport/http_trace.cc +19 -0
- data/src/core/ext/transport/chttp2/transport/http_trace.h +24 -0
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +20 -20
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +21 -21
- data/src/core/ext/transport/chttp2/transport/internal.h +248 -296
- data/src/core/ext/transport/chttp2/transport/parsing.cc +363 -132
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +30 -30
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +24 -24
- data/src/core/ext/transport/chttp2/transport/stream_map.h +34 -33
- data/src/core/ext/transport/chttp2/transport/varint.cc +19 -20
- data/src/core/ext/transport/chttp2/transport/varint.h +39 -34
- data/src/core/ext/transport/chttp2/transport/writing.cc +121 -94
- data/src/core/ext/transport/inproc/inproc_plugin.cc +17 -18
- data/src/core/ext/transport/inproc/inproc_transport.cc +227 -274
- data/src/core/ext/transport/inproc/inproc_transport.h +23 -21
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/admin/v3/certs.upb.h +30 -10
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.c +6 -5
- data/src/core/ext/upb-generated/envoy/admin/v3/clusters.upb.h +33 -8
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +8 -327
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +83 -1723
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.c +388 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump_shared.upb.h +1953 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/admin/v3/init_dump.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.c +6 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/listeners.upb.h +33 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/admin/v3/memory.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/admin/v3/metrics.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/admin/v3/mutex_stats.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/admin/v3/server_info.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/admin/v3/tap.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +7 -3
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +14 -14
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +90 -30
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +25 -19
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +168 -34
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +35 -43
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +195 -116
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.c +11 -11
- data/src/core/ext/upb-generated/envoy/config/common/matcher/v3/matcher.upb.h +84 -28
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +35 -12
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +179 -14
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -23
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +156 -48
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +42 -14
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_method_list.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +12 -12
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +78 -26
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +23 -20
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +137 -69
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +23 -21
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +132 -44
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/resolver.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +17 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +67 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/udp_socket_config.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +15 -9
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +73 -18
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +30 -10
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +39 -13
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +194 -15
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +42 -14
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +28 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +7 -4
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +36 -4
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/metrics_service.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +6 -6
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +48 -16
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +8 -8
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +54 -18
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +26 -11
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +124 -14
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +19 -15
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +78 -69
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +168 -82
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +887 -166
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.c +34 -15
- data/src/core/ext/upb-generated/envoy/config/tap/v3/common.upb.h +161 -22
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/datadog.upb.h +15 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/trace/v3/dynamic_ot.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/trace/v3/lightstep.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opencensus.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.h +107 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/config/trace/v3/service.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/skywalking.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.c +1 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/trace.upb.h +1 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/trace/v3/xray.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.c +7 -6
- data/src/core/ext/upb-generated/envoy/config/trace/v3/zipkin.upb.h +27 -14
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +30 -10
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.c +11 -4
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +58 -4
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +29 -2
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.c +62 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +179 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +38 -27
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +207 -52
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +98 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +188 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/common/v3/common.upb.c +111 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +444 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +192 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +98 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +10 -8
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +66 -14
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +13 -11
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +73 -23
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +133 -16
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +656 -12
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +30 -10
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/http/v3/cookie.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/http/v3/path_transformation.upb.h +24 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/filter_state.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/filter_state.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +4 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +24 -8
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/status_code_input.upb.c +43 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/status_code_input.upb.h +114 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +42 -14
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +5 -5
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +30 -10
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.c +3 -3
- data/src/core/ext/upb-generated/envoy/type/v3/hash_policy.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/http_status.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +12 -4
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +18 -6
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_strategy.upb.h +202 -0
- data/src/core/ext/upb-generated/envoy/type/v3/ratelimit_unit.upb.h +3 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +6 -2
- data/src/core/ext/upb-generated/envoy/type/v3/token_bucket.upb.h +6 -2
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +11 -11
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +66 -22
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +9 -9
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +72 -24
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +18 -6
- data/src/core/ext/upb-generated/google/api/httpbody.upb.c +1 -1
- data/src/core/ext/upb-generated/google/api/httpbody.upb.h +6 -2
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +6 -2
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +44 -43
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +177 -55
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +6 -2
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +6 -2
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +2 -2
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +18 -6
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +6 -2
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +6 -6
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +54 -18
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +6 -2
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.c +2 -2
- data/src/core/ext/upb-generated/opencensus/proto/trace/v1/trace_config.upb.h +24 -8
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +6 -2
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +7 -7
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +60 -20
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +1 -1
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +12 -4
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +12 -4
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +6 -6
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +54 -18
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls.upb.h +12 -4
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.c +7 -7
- data/src/core/ext/upb-generated/src/proto/grpc/lookup/v1/rls_config.upb.h +42 -14
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +23 -11
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +7 -3
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +7 -3
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +7 -3
- data/src/core/ext/upb-generated/validate/validate.upb.c +22 -22
- data/src/core/ext/upb-generated/validate/validate.upb.h +139 -47
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/xds/annotations/v3/migrate.upb.h +23 -11
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/annotations/v3/security.upb.h +7 -3
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.c +3 -3
- data/src/core/ext/upb-generated/xds/annotations/v3/status.upb.h +27 -11
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/annotations/v3/versioning.upb.h +7 -3
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +6 -2
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.c +47 -0
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.h +107 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +2 -2
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +12 -4
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +6 -2
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/extension.upb.h +6 -2
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +6 -2
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +12 -4
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +6 -2
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +3 -2
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +15 -2
- data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.c +46 -0
- data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.h +113 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.c +46 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.h +98 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.c +62 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.h +174 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.h +74 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.c +65 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.h +191 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.c +6 -6
- data/src/core/ext/upb-generated/xds/type/matcher/v3/matcher.upb.h +54 -18
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.c +127 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.h +474 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.c +2 -2
- data/src/core/ext/upb-generated/xds/type/matcher/v3/regex.upb.h +12 -4
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.c +1 -1
- data/src/core/ext/upb-generated/xds/type/matcher/v3/string.upb.h +12 -4
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.c +67 -0
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.h +214 -0
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.c +64 -0
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.h +208 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +1 -2
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.h +6 -2
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/clusters.upbdefs.c +54 -53
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +67 -274
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +0 -85
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.c +277 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump_shared.upbdefs.h +125 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/listeners.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +107 -107
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +199 -187
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +232 -222
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +0 -5
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +95 -75
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +187 -183
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +81 -75
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +190 -186
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +7 -3
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +16 -16
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +71 -66
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +164 -137
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +16 -12
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +39 -31
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +140 -129
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +82 -74
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +740 -667
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +20 -0
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.c +150 -139
- data/src/core/ext/upbdefs-generated/envoy/config/tap/v3/common.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/datadog.upbdefs.c +16 -14
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/trace.upbdefs.c +16 -12
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/zipkin.upbdefs.c +20 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +46 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +53 -42
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +485 -467
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +21 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +149 -145
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +156 -84
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +113 -113
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/filter_state.upbdefs.c +48 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/filter_state.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +29 -28
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/status_code_input.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/status_code_input.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_strategy.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/ratelimit_unit.upbdefs.c +10 -9
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +92 -90
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.c +36 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.c +36 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +4 -7
- data/src/core/ext/xds/certificate_provider_store.cc +69 -5
- data/src/core/ext/xds/certificate_provider_store.h +22 -5
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +17 -10
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +12 -4
- data/src/core/ext/xds/upb_utils.h +3 -25
- data/src/core/ext/xds/xds_api.cc +90 -196
- data/src/core/ext/xds/xds_api.h +41 -39
- data/src/core/ext/xds/xds_bootstrap.cc +5 -537
- data/src/core/ext/xds/xds_bootstrap.h +41 -96
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +362 -0
- data/src/core/ext/xds/xds_bootstrap_grpc.h +184 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +35 -26
- data/src/core/ext/xds/xds_certificate_provider.h +29 -5
- data/src/core/ext/xds/xds_channel_args.h +3 -3
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +17 -7
- data/src/core/ext/xds/xds_channel_stack_modifier.h +16 -4
- data/src/core/ext/xds/xds_client.cc +849 -1316
- data/src/core/ext/xds/xds_client.h +57 -61
- data/src/core/ext/xds/xds_client_grpc.cc +235 -0
- data/src/core/ext/xds/xds_client_grpc.h +79 -0
- data/src/core/ext/xds/xds_client_stats.cc +24 -25
- data/src/core/ext/xds/xds_client_stats.h +26 -24
- data/src/core/ext/xds/xds_cluster.cc +505 -247
- data/src/core/ext/xds/xds_cluster.h +69 -40
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +67 -77
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +47 -29
- data/src/core/ext/xds/xds_common_types.cc +238 -123
- data/src/core/ext/xds/xds_common_types.h +29 -16
- data/src/core/ext/xds/xds_endpoint.cc +265 -162
- data/src/core/ext/xds/xds_endpoint.h +19 -15
- data/src/core/ext/xds/xds_health_status.cc +80 -0
- data/src/core/ext/xds/xds_health_status.h +109 -0
- data/src/core/ext/xds/xds_http_fault_filter.cc +67 -58
- data/src/core/ext/xds/xds_http_fault_filter.h +19 -25
- data/src/core/ext/xds/xds_http_filters.cc +70 -71
- data/src/core/ext/xds/xds_http_filters.h +73 -25
- data/src/core/ext/xds/xds_http_rbac_filter.cc +168 -225
- data/src/core/ext/xds/xds_http_rbac_filter.h +22 -18
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +218 -0
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +58 -0
- data/src/core/ext/xds/xds_lb_policy_registry.cc +334 -0
- data/src/core/ext/xds/xds_lb_policy_registry.h +71 -0
- data/src/core/ext/xds/xds_listener.cc +573 -481
- data/src/core/ext/xds/xds_listener.h +57 -51
- data/src/core/ext/xds/xds_resource_type.h +28 -22
- data/src/core/ext/xds/xds_resource_type_impl.h +18 -17
- data/src/core/ext/xds/xds_route_config.cc +592 -570
- data/src/core/ext/xds/xds_route_config.h +74 -40
- data/src/core/ext/xds/xds_routing.cc +21 -7
- data/src/core/ext/xds/xds_routing.h +17 -12
- data/src/core/ext/xds/xds_server_config_fetcher.cc +227 -178
- data/src/core/ext/xds/xds_transport.h +86 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +356 -0
- data/src/core/ext/xds/xds_transport_grpc.h +135 -0
- data/src/core/lib/address_utils/parse_address.cc +52 -52
- data/src/core/lib/address_utils/parse_address.h +46 -42
- data/src/core/lib/address_utils/sockaddr_utils.cc +90 -54
- data/src/core/lib/address_utils/sockaddr_utils.h +45 -40
- data/src/core/lib/avl/avl.h +57 -33
- data/src/core/lib/backoff/backoff.cc +19 -21
- data/src/core/lib/backoff/backoff.h +21 -21
- data/src/core/lib/backoff/random_early_detection.cc +31 -0
- data/src/core/lib/backoff/random_early_detection.h +59 -0
- data/src/core/lib/channel/call_finalization.h +6 -4
- data/src/core/lib/channel/call_tracer.h +23 -8
- data/src/core/lib/channel/channel_args.cc +149 -61
- data/src/core/lib/channel/channel_args.h +308 -104
- data/src/core/lib/channel/channel_args_preconditioning.cc +4 -3
- data/src/core/lib/channel/channel_args_preconditioning.h +6 -5
- data/src/core/lib/channel/channel_fwd.h +26 -0
- data/src/core/lib/channel/channel_stack.cc +92 -52
- data/src/core/lib/channel/channel_stack.h +184 -135
- data/src/core/lib/channel/channel_stack_builder.cc +26 -39
- data/src/core/lib/channel/channel_stack_builder.h +33 -40
- data/src/core/lib/channel/channel_stack_builder_impl.cc +84 -60
- data/src/core/lib/channel/channel_stack_builder_impl.h +9 -9
- data/src/core/lib/channel/channel_trace.cc +29 -36
- data/src/core/lib/channel/channel_trace.h +27 -24
- data/src/core/lib/channel/channelz.cc +50 -65
- data/src/core/lib/channel/channelz.h +50 -33
- data/src/core/lib/channel/channelz_registry.cc +28 -36
- data/src/core/lib/channel/channelz_registry.h +31 -30
- data/src/core/lib/channel/connected_channel.cc +1267 -78
- data/src/core/lib/channel/connected_channel.h +21 -23
- data/src/core/lib/channel/context.h +25 -21
- data/src/core/lib/channel/promise_based_filter.cc +1896 -377
- data/src/core/lib/channel/promise_based_filter.h +592 -92
- data/src/core/lib/channel/status_util.cc +64 -17
- data/src/core/lib/channel/status_util.h +38 -24
- data/src/core/lib/compression/compression.cc +24 -19
- data/src/core/lib/compression/compression_internal.cc +88 -63
- data/src/core/lib/compression/compression_internal.h +28 -27
- data/src/core/lib/compression/message_compress.cc +28 -26
- data/src/core/lib/compression/message_compress.h +28 -29
- data/src/core/lib/config/core_configuration.cc +8 -1
- data/src/core/lib/config/core_configuration.h +86 -39
- data/src/core/lib/debug/event_log.cc +88 -0
- data/src/core/lib/debug/event_log.h +81 -0
- data/src/core/lib/debug/histogram_view.cc +69 -0
- data/src/core/lib/debug/histogram_view.h +37 -0
- data/src/core/lib/debug/stats.cc +48 -152
- data/src/core/lib/debug/stats.h +50 -57
- data/src/core/lib/debug/stats_data.cc +302 -645
- data/src/core/lib/debug/stats_data.h +293 -545
- data/src/core/lib/debug/trace.cc +18 -20
- data/src/core/lib/debug/trace.h +27 -48
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +16 -17
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +16 -9
- data/src/core/lib/event_engine/common_closures.h +71 -0
- data/src/core/lib/event_engine/default_event_engine.cc +99 -0
- data/src/core/lib/event_engine/default_event_engine.h +73 -0
- data/src/core/lib/event_engine/default_event_engine_factory.cc +24 -3
- data/src/core/lib/event_engine/{event_engine_factory.h → default_event_engine_factory.h} +6 -9
- data/src/core/lib/event_engine/event_engine.cc +3 -30
- data/src/core/lib/event_engine/executor/executor.h +38 -0
- data/src/core/lib/event_engine/forkable.cc +106 -0
- data/src/core/lib/event_engine/forkable.h +61 -0
- data/src/core/lib/event_engine/handle_containers.h +74 -0
- data/src/core/lib/event_engine/memory_allocator.cc +11 -3
- data/src/core/lib/event_engine/poller.h +62 -0
- data/src/core/lib/event_engine/posix.h +158 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +642 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +139 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +899 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +97 -0
- data/src/core/lib/event_engine/posix_engine/event_poller.h +111 -0
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +74 -0
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +33 -0
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +77 -0
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +179 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +265 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +73 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +1305 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +717 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +640 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +259 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +80 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +289 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +279 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +379 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +91 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +853 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +316 -0
- data/src/core/lib/event_engine/posix_engine/timer.cc +311 -0
- data/src/core/lib/event_engine/posix_engine/timer.h +194 -0
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +107 -0
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +56 -0
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +173 -0
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +114 -0
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +332 -0
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +185 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +127 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +45 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +150 -0
- data/src/core/lib/{iomgr/event_engine/promise.h → event_engine/posix_engine/wakeup_fd_pipe.h} +19 -25
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +76 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +67 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +37 -0
- data/src/core/lib/event_engine/resolved_address.cc +23 -2
- data/src/core/lib/{iomgr/event_engine → event_engine}/resolved_address_internal.h +5 -8
- data/src/core/lib/event_engine/shim.cc +56 -0
- data/src/core/lib/event_engine/shim.h +33 -0
- data/src/core/lib/event_engine/slice.cc +103 -0
- data/src/core/lib/event_engine/slice_buffer.cc +50 -0
- data/src/core/lib/event_engine/tcp_socket_utils.cc +389 -0
- data/src/core/lib/event_engine/tcp_socket_utils.h +90 -0
- data/src/core/lib/event_engine/thread_local.cc +29 -0
- data/src/core/lib/event_engine/thread_local.h +32 -0
- data/src/core/lib/event_engine/thread_pool.cc +253 -0
- data/src/core/lib/event_engine/thread_pool.h +141 -0
- data/src/core/lib/event_engine/time_util.cc +30 -0
- data/src/core/lib/event_engine/time_util.h +32 -0
- data/src/core/lib/{iomgr/endpoint_pair_event_engine.cc → event_engine/trace.cc} +9 -17
- data/src/core/lib/event_engine/trace.h +43 -0
- data/src/core/lib/event_engine/utils.cc +44 -0
- data/src/core/lib/event_engine/utils.h +44 -0
- data/src/core/lib/event_engine/windows/iocp.cc +140 -0
- data/src/core/lib/event_engine/windows/iocp.h +69 -0
- data/src/core/lib/event_engine/windows/win_socket.cc +219 -0
- data/src/core/lib/event_engine/windows/win_socket.h +129 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +331 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.h +103 -0
- data/src/core/lib/event_engine/windows/windows_engine.cc +388 -0
- data/src/core/lib/event_engine/windows/windows_engine.h +163 -0
- data/src/core/lib/experiments/config.cc +161 -0
- data/src/core/lib/experiments/config.h +53 -0
- data/src/core/lib/experiments/experiments.cc +81 -0
- data/src/core/lib/experiments/experiments.h +117 -0
- data/src/core/lib/gpr/alloc.cc +19 -25
- data/src/core/lib/gpr/alloc.h +20 -20
- data/src/core/lib/gpr/atm.cc +17 -17
- data/src/core/lib/gpr/cpu_iphone.cc +24 -24
- data/src/core/lib/gpr/cpu_linux.cc +28 -23
- data/src/core/lib/gpr/cpu_posix.cc +23 -22
- data/src/core/lib/gpr/cpu_windows.cc +20 -18
- data/src/core/lib/gpr/log.cc +30 -17
- data/src/core/lib/gpr/log_android.cc +22 -20
- data/src/core/lib/gpr/log_linux.cc +24 -24
- data/src/core/lib/gpr/log_posix.cc +20 -19
- data/src/core/lib/gpr/log_windows.cc +25 -25
- data/src/core/lib/gpr/spinlock.h +20 -20
- data/src/core/lib/gpr/string.cc +25 -24
- data/src/core/lib/gpr/string.h +61 -61
- data/src/core/lib/gpr/string_posix.cc +24 -24
- data/src/core/lib/gpr/string_util_windows.cc +25 -52
- data/src/core/lib/gpr/string_windows.cc +24 -24
- data/src/core/lib/gpr/sync.cc +25 -25
- data/src/core/lib/gpr/sync_abseil.cc +36 -40
- data/src/core/lib/gpr/sync_posix.cc +22 -34
- data/src/core/lib/gpr/sync_windows.cc +29 -27
- data/src/core/lib/gpr/time.cc +34 -30
- data/src/core/lib/gpr/time_posix.cc +41 -45
- data/src/core/lib/gpr/time_precise.cc +22 -22
- data/src/core/lib/gpr/time_precise.h +21 -22
- data/src/core/lib/gpr/time_windows.cc +35 -29
- data/src/core/lib/gpr/tmpfile.h +24 -24
- data/src/core/lib/gpr/tmpfile_msys.cc +21 -20
- data/src/core/lib/gpr/tmpfile_posix.cc +22 -20
- data/src/core/lib/gpr/tmpfile_windows.cc +28 -29
- data/src/core/lib/gpr/useful.h +83 -30
- data/src/core/lib/gpr/wrap_memcpy.cc +23 -23
- data/src/core/lib/gprpp/atomic_utils.h +20 -20
- data/src/core/lib/gprpp/bitset.h +35 -17
- data/src/core/lib/gprpp/chunked_vector.h +7 -3
- data/src/core/lib/gprpp/construct_destruct.h +4 -3
- data/src/core/lib/gprpp/cpp_impl_of.h +3 -3
- data/src/core/{ext/xds/xds_resource_type.cc → lib/gprpp/crash.cc} +12 -12
- data/src/core/lib/gprpp/crash.h +34 -0
- data/src/core/lib/gprpp/debug_location.h +60 -31
- data/src/core/lib/gprpp/dual_ref_counted.h +4 -7
- data/src/core/lib/gprpp/env.h +53 -0
- data/src/core/lib/gprpp/env_linux.cc +80 -0
- data/src/core/{ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_event_engine.cc → lib/gprpp/env_posix.cc} +25 -9
- data/src/core/lib/gprpp/env_windows.cc +56 -0
- data/src/core/lib/gprpp/examine_stack.cc +17 -17
- data/src/core/lib/gprpp/examine_stack.h +21 -22
- data/src/core/lib/gprpp/fork.cc +58 -53
- data/src/core/lib/gprpp/fork.h +29 -35
- data/src/core/lib/gprpp/global_config.h +22 -24
- data/src/core/lib/gprpp/global_config_custom.h +20 -20
- data/src/core/lib/gprpp/global_config_env.cc +28 -25
- data/src/core/lib/gprpp/global_config_env.h +29 -27
- data/src/core/lib/gprpp/global_config_generic.h +21 -25
- data/src/core/lib/gprpp/host_port.cc +30 -26
- data/src/core/lib/gprpp/host_port.h +32 -31
- data/src/core/lib/gprpp/load_file.cc +75 -0
- data/src/core/lib/gprpp/load_file.h +33 -0
- data/src/core/lib/gprpp/manual_constructor.h +21 -89
- data/src/core/lib/gprpp/match.h +5 -3
- data/src/core/lib/gprpp/memory.h +22 -26
- data/src/core/lib/gprpp/mpscq.cc +17 -17
- data/src/core/lib/gprpp/mpscq.h +21 -21
- data/src/core/lib/gprpp/no_destruct.h +95 -0
- data/src/core/lib/gprpp/notification.h +67 -0
- data/src/core/lib/gprpp/orphanable.h +22 -25
- data/src/core/lib/gprpp/overload.h +3 -3
- data/src/core/lib/gprpp/packed_table.h +40 -0
- data/src/core/lib/gprpp/per_cpu.h +46 -0
- data/src/core/lib/gprpp/ref_counted.h +22 -24
- data/src/core/lib/gprpp/ref_counted_ptr.h +42 -55
- data/src/core/lib/gprpp/single_set_ptr.h +3 -3
- data/src/core/lib/gprpp/sorted_pack.h +98 -0
- data/src/core/lib/gprpp/stat.h +3 -5
- data/src/core/lib/gprpp/stat_posix.cc +10 -4
- data/src/core/lib/gprpp/stat_windows.cc +4 -2
- data/src/core/lib/gprpp/status_helper.cc +55 -35
- data/src/core/lib/gprpp/status_helper.h +13 -5
- data/src/core/lib/gprpp/strerror.cc +43 -0
- data/src/core/lib/gprpp/strerror.h +29 -0
- data/src/core/lib/gprpp/sync.h +26 -24
- data/src/core/lib/gprpp/table.h +22 -4
- data/src/core/lib/gprpp/tchar.cc +49 -0
- data/src/core/lib/gprpp/tchar.h +33 -0
- data/src/core/lib/gprpp/thd.h +25 -28
- data/src/core/lib/gprpp/thd_posix.cc +33 -32
- data/src/core/lib/gprpp/thd_windows.cc +28 -26
- data/src/core/lib/gprpp/time.cc +52 -9
- data/src/core/lib/gprpp/time.h +78 -4
- data/src/core/lib/gprpp/time_averaged_stats.cc +60 -0
- data/src/core/lib/gprpp/time_averaged_stats.h +79 -0
- data/src/core/lib/gprpp/time_util.cc +4 -0
- data/src/core/lib/gprpp/time_util.h +3 -3
- data/src/core/lib/gprpp/unique_type_name.h +104 -0
- data/src/core/lib/gprpp/validation_errors.cc +61 -0
- data/src/core/lib/gprpp/validation_errors.h +127 -0
- data/src/core/lib/{iomgr → gprpp}/work_serializer.cc +34 -18
- data/src/core/lib/{iomgr → gprpp}/work_serializer.h +21 -28
- data/src/core/lib/handshaker/proxy_mapper.h +53 -0
- data/src/core/lib/handshaker/proxy_mapper_registry.cc +71 -0
- data/src/core/lib/handshaker/proxy_mapper_registry.h +75 -0
- data/src/core/lib/http/format_request.cc +53 -22
- data/src/core/lib/http/format_request.h +23 -21
- data/src/core/lib/http/httpcli.cc +139 -141
- data/src/core/lib/http/httpcli.h +86 -38
- data/src/core/lib/http/httpcli_security_connector.cc +50 -42
- data/src/core/lib/http/httpcli_ssl_credentials.h +6 -4
- data/src/core/lib/http/parser.cc +78 -90
- data/src/core/lib/http/parser.h +38 -35
- data/src/core/lib/iomgr/block_annotate.h +23 -23
- data/src/core/lib/iomgr/buffer_list.cc +156 -136
- data/src/core/lib/iomgr/buffer_list.h +123 -101
- data/src/core/lib/iomgr/call_combiner.cc +32 -64
- data/src/core/lib/iomgr/call_combiner.h +24 -25
- data/src/core/lib/iomgr/cfstream_handle.cc +33 -36
- data/src/core/lib/iomgr/cfstream_handle.h +25 -25
- data/src/core/lib/iomgr/{event_engine/pollset.h → closure.cc} +9 -7
- data/src/core/lib/iomgr/closure.h +95 -58
- data/src/core/lib/iomgr/combiner.cc +20 -39
- data/src/core/lib/iomgr/combiner.h +20 -20
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +21 -21
- data/src/core/lib/iomgr/dynamic_annotations.h +22 -22
- data/src/core/lib/iomgr/endpoint.cc +21 -21
- data/src/core/lib/iomgr/endpoint.h +53 -51
- data/src/core/lib/iomgr/endpoint_cfstream.cc +51 -47
- data/src/core/lib/iomgr/endpoint_cfstream.h +32 -32
- data/src/core/lib/iomgr/endpoint_pair.h +22 -22
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +36 -29
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +31 -22
- data/src/core/lib/iomgr/error.cc +51 -834
- data/src/core/lib/iomgr/error.h +45 -317
- data/src/core/lib/iomgr/error_cfstream.cc +18 -23
- data/src/core/lib/iomgr/error_cfstream.h +21 -21
- data/src/core/lib/iomgr/ev_apple.cc +21 -21
- data/src/core/lib/iomgr/ev_apple.h +21 -21
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +263 -248
- data/src/core/lib/iomgr/ev_epoll1_linux.h +21 -21
- data/src/core/lib/iomgr/ev_poll_posix.cc +296 -271
- data/src/core/lib/iomgr/ev_poll_posix.h +22 -22
- data/src/core/lib/iomgr/ev_posix.cc +88 -121
- data/src/core/lib/iomgr/ev_posix.h +93 -87
- data/src/core/lib/iomgr/ev_windows.cc +18 -18
- data/src/core/lib/iomgr/{event_engine → event_engine_shims}/closure.cc +15 -30
- data/src/core/lib/iomgr/{event_engine → event_engine_shims}/closure.h +10 -13
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +430 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.h +43 -0
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +91 -0
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +44 -0
- data/src/core/lib/iomgr/exec_ctx.cc +34 -56
- data/src/core/lib/iomgr/exec_ctx.h +152 -177
- data/src/core/lib/iomgr/executor.cc +21 -31
- data/src/core/lib/iomgr/executor.h +27 -30
- data/src/core/lib/iomgr/fork_posix.cc +30 -27
- data/src/core/lib/iomgr/fork_windows.cc +21 -21
- data/src/core/lib/iomgr/gethostname.h +20 -20
- data/src/core/lib/iomgr/gethostname_fallback.cc +17 -17
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +17 -17
- data/src/core/lib/iomgr/gethostname_sysconf.cc +17 -17
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +22 -22
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +20 -19
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +20 -19
- data/src/core/lib/iomgr/internal_errqueue.cc +41 -48
- data/src/core/lib/iomgr/internal_errqueue.h +84 -89
- data/src/core/lib/iomgr/iocp_windows.cc +23 -23
- data/src/core/lib/iomgr/iocp_windows.h +21 -21
- data/src/core/lib/iomgr/iomgr.cc +25 -20
- data/src/core/lib/iomgr/iomgr.h +35 -35
- data/src/core/lib/iomgr/iomgr_fwd.h +26 -0
- data/src/core/lib/iomgr/iomgr_internal.cc +17 -17
- data/src/core/lib/iomgr/iomgr_internal.h +28 -28
- data/src/core/lib/iomgr/iomgr_posix.cc +21 -20
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +21 -19
- data/src/core/lib/iomgr/iomgr_windows.cc +24 -22
- data/src/core/lib/iomgr/load_file.cc +24 -27
- data/src/core/lib/iomgr/load_file.h +22 -22
- data/src/core/lib/iomgr/lockfree_event.cc +114 -131
- data/src/core/lib/iomgr/lockfree_event.h +23 -23
- data/src/core/lib/iomgr/nameser.h +86 -86
- data/src/core/lib/iomgr/polling_entity.cc +25 -21
- data/src/core/lib/iomgr/polling_entity.h +29 -29
- data/src/core/lib/iomgr/pollset.cc +17 -17
- data/src/core/lib/iomgr/pollset.h +55 -55
- data/src/core/lib/iomgr/pollset_set.cc +17 -17
- data/src/core/lib/iomgr/pollset_set.h +26 -28
- data/src/core/lib/iomgr/pollset_set_windows.cc +18 -18
- data/src/core/lib/iomgr/pollset_set_windows.h +20 -20
- data/src/core/lib/iomgr/pollset_windows.cc +32 -31
- data/src/core/lib/iomgr/pollset_windows.h +24 -24
- data/src/core/lib/iomgr/port.h +59 -37
- data/src/core/lib/iomgr/python_util.h +24 -24
- data/src/core/lib/iomgr/resolve_address.cc +34 -20
- data/src/core/lib/iomgr/resolve_address.h +73 -43
- data/src/core/lib/iomgr/resolve_address_impl.h +7 -7
- data/src/core/lib/iomgr/resolve_address_posix.cc +81 -62
- data/src/core/lib/iomgr/resolve_address_posix.h +26 -10
- data/src/core/lib/iomgr/resolve_address_windows.cc +64 -38
- data/src/core/lib/iomgr/resolve_address_windows.h +26 -10
- data/src/core/lib/iomgr/resolved_address.h +3 -3
- data/src/core/lib/iomgr/sockaddr.h +25 -26
- data/src/core/lib/iomgr/sockaddr_posix.h +23 -21
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +20 -18
- data/src/core/lib/iomgr/sockaddr_windows.h +23 -21
- data/src/core/lib/iomgr/socket_factory_posix.cc +18 -18
- data/src/core/lib/iomgr/socket_factory_posix.h +32 -32
- data/src/core/lib/iomgr/socket_mutator.cc +19 -18
- data/src/core/lib/iomgr/socket_mutator.h +39 -39
- data/src/core/lib/iomgr/socket_utils.h +27 -27
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +82 -101
- data/src/core/lib/iomgr/socket_utils_linux.cc +18 -17
- data/src/core/lib/iomgr/socket_utils_posix.cc +103 -19
- data/src/core/lib/iomgr/socket_utils_posix.h +176 -84
- data/src/core/lib/iomgr/socket_utils_windows.cc +20 -19
- data/src/core/lib/iomgr/socket_windows.cc +37 -36
- data/src/core/lib/iomgr/socket_windows.h +59 -61
- data/src/core/lib/iomgr/systemd_utils.cc +116 -0
- data/src/core/lib/iomgr/systemd_utils.h +33 -0
- data/src/core/lib/iomgr/tcp_client.cc +28 -24
- data/src/core/lib/iomgr/tcp_client.h +49 -38
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +46 -35
- data/src/core/lib/iomgr/tcp_client_posix.cc +243 -105
- data/src/core/lib/iomgr/tcp_client_posix.h +55 -52
- data/src/core/lib/iomgr/tcp_client_windows.cc +73 -53
- data/src/core/lib/iomgr/tcp_posix.cc +505 -362
- data/src/core/lib/iomgr/tcp_posix.h +32 -30
- data/src/core/lib/iomgr/tcp_server.cc +33 -24
- data/src/core/lib/iomgr/tcp_server.h +78 -69
- data/src/core/lib/iomgr/tcp_server_posix.cc +381 -133
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +68 -55
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +120 -82
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +46 -43
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +19 -19
- data/src/core/lib/iomgr/tcp_server_windows.cc +116 -118
- data/src/core/lib/iomgr/tcp_windows.cc +116 -98
- data/src/core/lib/iomgr/tcp_windows.h +34 -35
- data/src/core/lib/iomgr/timer.cc +17 -17
- data/src/core/lib/iomgr/timer.h +68 -68
- data/src/core/lib/iomgr/timer_generic.cc +125 -134
- data/src/core/lib/iomgr/timer_generic.h +21 -21
- data/src/core/lib/iomgr/timer_heap.cc +25 -25
- data/src/core/lib/iomgr/timer_heap.h +22 -22
- data/src/core/lib/iomgr/timer_manager.cc +31 -31
- data/src/core/lib/iomgr/timer_manager.h +27 -27
- data/src/core/lib/iomgr/unix_sockets_posix.cc +20 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +21 -21
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +19 -17
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +23 -23
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +23 -23
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +29 -26
- data/src/core/lib/iomgr/wakeup_fd_pipe.h +20 -20
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +33 -30
- data/src/core/lib/iomgr/wakeup_fd_posix.h +52 -54
- data/src/core/lib/json/json.h +23 -27
- data/src/core/{ext/filters/http/message_compress/message_decompress_filter.h → lib/json/json_args.h} +13 -10
- data/src/core/lib/json/json_channel_args.h +42 -0
- data/src/core/lib/json/json_object_loader.cc +217 -0
- data/src/core/lib/json/json_object_loader.h +634 -0
- data/src/core/lib/json/json_reader.cc +123 -90
- data/src/core/lib/json/json_util.cc +14 -34
- data/src/core/lib/json/json_util.h +17 -8
- data/src/core/lib/json/json_writer.cc +62 -57
- data/src/core/{ext/filters/client_channel → lib/load_balancing}/lb_policy.cc +30 -60
- data/src/core/{ext/filters/client_channel → lib/load_balancing}/lb_policy.h +47 -62
- data/src/core/lib/load_balancing/lb_policy_factory.h +49 -0
- data/src/core/lib/load_balancing/lb_policy_registry.cc +142 -0
- data/src/core/lib/load_balancing/lb_policy_registry.h +82 -0
- data/src/core/{ext/filters/client_channel → lib/load_balancing}/subchannel_interface.h +57 -52
- data/src/core/lib/matchers/matchers.cc +12 -7
- data/src/core/lib/matchers/matchers.h +5 -3
- data/src/core/lib/promise/activity.cc +23 -8
- data/src/core/lib/promise/activity.h +116 -58
- data/src/core/lib/promise/arena_promise.h +115 -72
- data/src/core/lib/promise/context.h +18 -11
- data/src/core/lib/promise/detail/basic_join.h +197 -0
- data/src/core/lib/promise/detail/basic_seq.h +28 -33
- data/src/core/lib/promise/detail/promise_factory.h +61 -14
- data/src/core/lib/promise/detail/promise_like.h +3 -3
- data/src/core/lib/promise/detail/status.h +31 -3
- data/src/core/lib/promise/detail/switch.h +21 -21
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +23 -15
- data/src/core/lib/promise/if.h +195 -0
- data/src/core/lib/promise/interceptor_list.h +308 -0
- data/src/core/lib/promise/intra_activity_waiter.h +9 -3
- data/src/core/lib/promise/latch.h +109 -22
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +4 -6
- data/src/core/lib/promise/pipe.h +608 -0
- data/src/core/lib/promise/poll.h +129 -11
- data/src/core/lib/promise/promise.h +5 -5
- data/src/core/lib/promise/race.h +6 -10
- data/src/core/lib/promise/seq.h +32 -14
- data/src/core/lib/promise/sleep.cc +58 -42
- data/src/core/lib/promise/sleep.h +44 -26
- data/src/core/lib/promise/trace.cc +20 -0
- data/src/core/lib/promise/trace.h +24 -0
- data/src/core/lib/promise/try_join.h +82 -0
- data/src/core/lib/promise/try_seq.h +41 -23
- data/src/core/lib/resolver/resolver.cc +17 -59
- data/src/core/lib/resolver/resolver.h +21 -18
- data/src/core/lib/resolver/resolver_factory.h +11 -10
- data/src/core/lib/resolver/resolver_registry.cc +17 -9
- data/src/core/lib/resolver/resolver_registry.h +15 -5
- data/src/core/lib/resolver/server_address.cc +46 -34
- data/src/core/lib/resolver/server_address.h +36 -35
- data/src/core/lib/resource_quota/api.cc +23 -2
- data/src/core/lib/resource_quota/api.h +13 -4
- data/src/core/lib/resource_quota/arena.cc +85 -27
- data/src/core/lib/resource_quota/arena.h +197 -25
- data/src/core/lib/resource_quota/memory_quota.cc +322 -101
- data/src/core/lib/resource_quota/memory_quota.h +191 -56
- data/src/core/lib/resource_quota/periodic_update.cc +78 -0
- data/src/core/lib/resource_quota/periodic_update.h +71 -0
- data/src/core/lib/resource_quota/resource_quota.h +12 -4
- data/src/core/lib/resource_quota/thread_quota.cc +2 -0
- data/src/core/lib/resource_quota/thread_quota.h +7 -3
- data/src/core/lib/resource_quota/trace.h +3 -3
- data/src/core/lib/security/authorization/authorization_engine.h +3 -3
- data/src/core/lib/security/authorization/authorization_policy_provider.h +10 -3
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +3 -0
- data/src/core/lib/security/authorization/evaluate_args.cc +17 -8
- data/src/core/lib/security/authorization/evaluate_args.h +9 -6
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +5 -1
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +10 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +19 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +16 -5
- data/src/core/lib/security/authorization/matchers.cc +44 -30
- data/src/core/lib/security/authorization/matchers.h +10 -3
- data/src/core/lib/security/authorization/rbac_policy.cc +6 -2
- data/src/core/lib/security/authorization/rbac_policy.h +10 -3
- data/src/core/{ext/xds → lib/security/certificate_provider}/certificate_provider_factory.h +9 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +60 -0
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +70 -0
- data/src/core/lib/security/context/security_context.cc +27 -25
- data/src/core/lib/security/context/security_context.h +56 -34
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +31 -24
- data/src/core/lib/security/credentials/alts/alts_credentials.h +63 -59
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +19 -19
- data/src/core/lib/security/credentials/alts/check_gcp_environment.h +43 -43
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +17 -17
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +18 -17
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +18 -17
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +20 -22
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +18 -18
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +38 -39
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +19 -22
- data/src/core/lib/security/credentials/call_creds_util.cc +10 -0
- data/src/core/lib/security/credentials/call_creds_util.h +4 -3
- data/src/core/lib/security/credentials/channel_creds_registry.h +10 -4
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +13 -3
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +34 -34
- data/src/core/lib/security/credentials/composite/composite_credentials.h +45 -33
- data/src/core/lib/security/credentials/credentials.cc +23 -26
- data/src/core/lib/security/credentials/credentials.h +79 -65
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +202 -74
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +21 -3
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +14 -3
- data/src/core/lib/security/credentials/external/aws_request_signer.h +3 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +86 -68
- data/src/core/lib/security/credentials/external/external_account_credentials.h +14 -3
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +29 -26
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +9 -3
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +44 -31
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +13 -3
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +43 -39
- data/src/core/lib/security/credentials/fake/fake_credentials.h +51 -44
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +23 -25
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +146 -114
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +33 -27
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +31 -21
- data/src/core/lib/security/credentials/iam/iam_credentials.h +33 -23
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +15 -5
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +14 -10
- data/src/core/lib/security/credentials/jwt/json_token.cc +40 -29
- data/src/core/lib/security/credentials/jwt/json_token.h +36 -36
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +32 -29
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +37 -23
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +113 -89
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +49 -47
- data/src/core/lib/security/credentials/local/local_credentials.cc +32 -26
- data/src/core/lib/security/credentials/local/local_credentials.h +34 -28
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +95 -87
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +46 -25
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +35 -31
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +48 -24
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +44 -42
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +39 -27
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +22 -30
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +16 -17
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +65 -48
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +27 -16
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +36 -4
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +37 -14
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +22 -23
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +46 -44
- data/src/core/lib/security/credentials/tls/tls_credentials.h +30 -27
- data/src/core/lib/security/credentials/tls/tls_utils.cc +5 -1
- data/src/core/lib/security/credentials/tls/tls_utils.h +4 -4
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +33 -35
- data/src/core/lib/security/credentials/xds/xds_credentials.h +24 -10
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +60 -54
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +49 -47
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +75 -79
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +25 -26
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +15 -6
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +26 -15
- data/src/core/lib/security/security_connector/load_system_roots.h +20 -20
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +22 -20
- data/src/core/lib/security/security_connector/{load_system_roots_linux.cc → load_system_roots_supported.cc} +43 -38
- data/src/core/lib/security/security_connector/load_system_roots_supported.h +45 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +64 -47
- data/src/core/lib/security/security_connector/local/local_security_connector.h +49 -46
- data/src/core/lib/security/security_connector/security_connector.cc +37 -35
- data/src/core/lib/security/security_connector/security_connector.h +58 -45
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +55 -46
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +44 -43
- data/src/core/lib/security/security_connector/ssl_utils.cc +47 -39
- data/src/core/lib/security/security_connector/ssl_utils.h +45 -42
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +22 -22
- data/src/core/lib/security/security_connector/ssl_utils_config.h +21 -22
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +58 -56
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +48 -28
- data/src/core/lib/security/transport/auth_filters.h +53 -24
- data/src/core/lib/security/transport/client_auth_filter.cc +57 -40
- data/src/core/lib/security/transport/secure_endpoint.cc +130 -75
- data/src/core/lib/security/transport/secure_endpoint.h +28 -27
- data/src/core/lib/security/transport/security_handshaker.cc +144 -114
- data/src/core/lib/security/transport/security_handshaker.h +28 -23
- data/src/core/lib/security/transport/server_auth_filter.cc +157 -266
- data/src/core/lib/security/transport/tsi_error.cc +23 -20
- data/src/core/lib/security/transport/tsi_error.h +20 -20
- data/src/core/lib/security/util/json_util.cc +24 -24
- data/src/core/lib/security/util/json_util.h +21 -23
- data/src/core/lib/service_config/service_config.h +19 -12
- data/src/core/lib/service_config/service_config_call_data.h +15 -5
- data/src/core/lib/service_config/service_config_impl.cc +111 -150
- data/src/core/lib/service_config/service_config_impl.h +27 -27
- data/src/core/lib/service_config/service_config_parser.cc +16 -28
- data/src/core/lib/service_config/service_config_parser.h +18 -19
- data/src/core/lib/slice/b64.cc +26 -26
- data/src/core/lib/slice/b64.h +34 -32
- data/src/core/lib/slice/percent_encoding.cc +24 -30
- data/src/core/lib/slice/percent_encoding.h +28 -34
- data/src/core/lib/slice/slice.cc +59 -46
- data/src/core/lib/slice/slice.h +64 -20
- data/src/core/lib/slice/slice_buffer.cc +136 -76
- data/src/core/lib/slice/slice_buffer.h +168 -0
- data/src/core/lib/slice/slice_internal.h +38 -45
- data/src/core/lib/slice/slice_refcount.cc +3 -18
- data/src/core/lib/slice/slice_refcount.h +53 -19
- data/src/core/lib/slice/slice_string_helpers.cc +17 -33
- data/src/core/lib/slice/slice_string_helpers.h +23 -30
- data/src/core/lib/surface/api_trace.cc +17 -17
- data/src/core/lib/surface/api_trace.h +25 -25
- data/src/core/lib/surface/builtins.cc +7 -2
- data/src/core/lib/surface/builtins.h +3 -3
- data/src/core/lib/surface/byte_buffer.cc +26 -21
- data/src/core/lib/surface/byte_buffer_reader.cc +24 -24
- data/src/core/lib/surface/call.cc +2232 -483
- data/src/core/lib/surface/call.h +135 -42
- data/src/core/lib/surface/call_details.cc +22 -23
- data/src/core/lib/surface/call_log_batch.cc +25 -18
- data/src/core/lib/surface/call_test_only.h +34 -31
- data/src/core/lib/surface/call_trace.cc +123 -0
- data/src/core/{ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_event_engine.cc → lib/surface/call_trace.h} +12 -10
- data/src/core/lib/surface/channel.cc +217 -284
- data/src/core/lib/surface/channel.h +137 -90
- data/src/core/lib/surface/channel_init.cc +17 -17
- data/src/core/lib/surface/channel_init.h +22 -20
- data/src/core/lib/surface/channel_ping.cc +26 -20
- data/src/core/lib/surface/channel_stack_type.cc +21 -19
- data/src/core/lib/surface/channel_stack_type.h +22 -22
- data/src/core/lib/surface/completion_queue.cc +200 -222
- data/src/core/lib/surface/completion_queue.h +42 -40
- data/src/core/lib/surface/completion_queue_factory.cc +34 -28
- data/src/core/lib/surface/completion_queue_factory.h +21 -23
- data/src/core/lib/surface/event_string.cc +19 -24
- data/src/core/lib/surface/event_string.h +21 -21
- data/src/core/lib/surface/init.cc +57 -114
- data/src/core/lib/surface/init.h +20 -28
- data/src/core/lib/surface/init_internally.cc +25 -0
- data/src/core/lib/surface/init_internally.h +37 -0
- data/src/core/lib/surface/lame_client.cc +87 -130
- data/src/core/lib/surface/lame_client.h +62 -24
- data/src/core/lib/surface/metadata_array.cc +18 -17
- data/src/core/lib/surface/server.cc +406 -174
- data/src/core/lib/surface/server.h +56 -24
- data/src/core/lib/surface/validate_metadata.cc +64 -77
- data/src/core/lib/surface/validate_metadata.h +33 -21
- data/src/core/lib/surface/version.cc +21 -21
- data/src/core/lib/transport/bdp_estimator.cc +19 -19
- data/src/core/lib/transport/bdp_estimator.h +22 -24
- data/src/core/lib/transport/connectivity_state.cc +24 -23
- data/src/core/lib/transport/connectivity_state.h +24 -25
- data/src/core/lib/transport/error_utils.cc +57 -79
- data/src/core/lib/transport/error_utils.h +29 -25
- data/src/core/lib/{channel → transport}/handshaker.cc +75 -58
- data/src/core/lib/{channel → transport}/handshaker.h +59 -48
- data/src/core/lib/transport/handshaker_factory.h +74 -0
- data/src/core/lib/transport/handshaker_registry.cc +61 -0
- data/src/core/lib/transport/handshaker_registry.h +69 -0
- data/src/core/lib/transport/http2_errors.h +22 -22
- data/src/core/{ext/filters/client_channel → lib/transport}/http_connect_handshaker.cc +78 -65
- data/src/core/lib/transport/http_connect_handshaker.h +42 -0
- data/src/core/lib/transport/metadata_batch.cc +305 -0
- data/src/core/lib/transport/metadata_batch.h +405 -304
- data/src/core/lib/transport/parsed_metadata.cc +2 -4
- data/src/core/lib/transport/parsed_metadata.h +33 -14
- data/src/core/lib/transport/pid_controller.cc +20 -20
- data/src/core/lib/transport/pid_controller.h +27 -27
- data/src/core/lib/transport/status_conversion.cc +23 -23
- data/src/core/lib/transport/status_conversion.h +24 -24
- data/src/core/lib/transport/tcp_connect_handshaker.cc +245 -0
- data/src/core/lib/transport/tcp_connect_handshaker.h +39 -0
- data/src/core/lib/transport/timeout_encoding.cc +24 -28
- data/src/core/lib/transport/timeout_encoding.h +25 -21
- data/src/core/lib/transport/transport.cc +97 -57
- data/src/core/lib/transport/transport.h +243 -213
- data/src/core/lib/transport/transport_fwd.h +20 -0
- data/src/core/lib/transport/transport_impl.h +55 -45
- data/src/core/lib/transport/transport_op_string.cc +40 -39
- data/src/core/lib/uri/uri_parser.cc +12 -4
- data/src/core/lib/uri/uri_parser.h +3 -5
- data/src/core/plugin_registry/grpc_plugin_registry.cc +60 -69
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +20 -39
- data/src/core/tsi/alts/crypt/aes_gcm.cc +20 -20
- data/src/core/tsi/alts/crypt/gsec.cc +26 -26
- data/src/core/tsi/alts/crypt/gsec.h +336 -336
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +23 -23
- data/src/core/tsi/alts/frame_protector/alts_counter.h +68 -68
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +19 -19
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +209 -209
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +72 -71
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +40 -40
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +18 -18
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +82 -83
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +22 -22
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +22 -22
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +26 -25
- data/src/core/tsi/alts/frame_protector/frame_handler.h +169 -169
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +117 -97
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +104 -104
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +18 -17
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +43 -44
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +51 -43
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +60 -60
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +24 -24
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +21 -20
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +38 -38
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +19 -19
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +105 -104
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +45 -44
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +40 -41
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +38 -36
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +35 -36
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +67 -68
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +32 -31
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +55 -56
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +54 -53
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +141 -142
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +67 -58
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +43 -44
- data/src/core/tsi/fake_transport_security.cc +146 -110
- data/src/core/tsi/fake_transport_security.h +36 -30
- data/src/core/tsi/local_transport_security.cc +43 -38
- data/src/core/tsi/local_transport_security.h +33 -33
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +9 -4
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +3 -3
- data/src/core/tsi/ssl/session_cache/ssl_session.h +23 -21
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +21 -19
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +18 -17
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +31 -22
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +27 -20
- data/src/core/tsi/ssl_transport_security.cc +299 -370
- data/src/core/tsi/ssl_transport_security.h +206 -203
- data/src/core/tsi/ssl_transport_security_utils.cc +250 -0
- data/src/core/tsi/ssl_transport_security_utils.h +147 -0
- data/src/core/tsi/ssl_types.h +27 -27
- data/src/core/tsi/transport_security.cc +44 -32
- data/src/core/tsi/transport_security.h +49 -48
- data/src/core/tsi/transport_security_grpc.cc +23 -22
- data/src/core/tsi/transport_security_grpc.h +44 -41
- data/src/core/tsi/transport_security_interface.h +344 -332
- data/src/ruby/ext/grpc/ext-export-truffleruby-with-ruby-abi-version.clang +2 -0
- data/src/ruby/ext/grpc/ext-export-truffleruby-with-ruby-abi-version.gcc +7 -0
- data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.clang +2 -0
- data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.gcc +7 -0
- data/src/ruby/ext/grpc/ext-export.gcc +1 -1
- data/src/ruby/ext/grpc/extconf.rb +98 -20
- data/src/ruby/ext/grpc/rb_call.c +1 -0
- data/src/ruby/ext/grpc/rb_channel.c +1 -0
- data/src/ruby/ext/grpc/rb_channel_args.c +1 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_grpc.c +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +38 -38
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +60 -60
- data/src/ruby/ext/grpc/rb_loader.c +6 -2
- data/src/ruby/lib/grpc/errors.rb +1 -1
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +0 -6
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +4 -0
- data/src/ruby/spec/channel_spec.rb +5 -43
- data/src/ruby/spec/client_server_spec.rb +20 -8
- data/src/ruby/spec/generic/active_call_spec.rb +12 -3
- data/src/ruby/spec/generic/client_stub_spec.rb +23 -23
- data/src/ruby/spec/generic/server_interceptors_spec.rb +1 -1
- data/src/ruby/spec/user_agent_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/container.h +57 -58
- data/third_party/abseil-cpp/absl/base/attributes.h +88 -41
- data/third_party/abseil-cpp/absl/base/casts.h +61 -68
- data/third_party/abseil-cpp/absl/base/config.h +221 -39
- data/third_party/abseil-cpp/absl/base/internal/cycleclock.cc +12 -42
- data/third_party/abseil-cpp/absl/base/internal/cycleclock.h +52 -2
- data/third_party/abseil-cpp/absl/base/internal/cycleclock_config.h +55 -0
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +5 -4
- data/third_party/abseil-cpp/absl/base/internal/endian.h +17 -62
- data/third_party/abseil-cpp/absl/base/internal/fast_type_id.h +2 -0
- data/third_party/abseil-cpp/absl/base/internal/inline_variable.h +3 -3
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +54 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +1 -1
- data/third_party/abseil-cpp/absl/base/internal/prefetch.h +138 -0
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +39 -28
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +36 -36
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +6 -3
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +10 -6
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +2 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock_win32.inc +4 -1
- data/third_party/abseil-cpp/absl/base/internal/strerror.cc +88 -0
- data/third_party/abseil-cpp/absl/base/internal/strerror.h +39 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +14 -11
- data/third_party/abseil-cpp/absl/base/internal/thread_annotations.h +9 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.cc +2 -1
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +4 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +6 -7
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +12 -40
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +62 -0
- data/third_party/abseil-cpp/absl/base/log_severity.cc +28 -0
- data/third_party/abseil-cpp/absl/base/log_severity.h +51 -0
- data/third_party/abseil-cpp/absl/base/macros.h +4 -21
- data/third_party/abseil-cpp/absl/base/optimization.h +76 -16
- data/third_party/abseil-cpp/absl/base/options.h +1 -7
- data/third_party/abseil-cpp/absl/base/policy_checks.h +15 -13
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +2 -2
- data/third_party/abseil-cpp/absl/cleanup/cleanup.h +140 -0
- data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +100 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +9 -5
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +11 -4
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +503 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +84 -25
- data/third_party/abseil-cpp/absl/container/internal/common.h +9 -8
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +132 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +23 -29
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +4 -55
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +116 -23
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +40 -54
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +165 -66
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +159 -4
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1121 -470
- data/third_party/abseil-cpp/absl/crc/crc32c.cc +99 -0
- data/third_party/abseil-cpp/absl/crc/crc32c.h +183 -0
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +256 -0
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.h +57 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc.cc +468 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc.h +91 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +269 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc32c.h +39 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc32c_inline.h +72 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +130 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.h +159 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_internal.h +179 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy.h +119 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +75 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_64.cc +434 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_non_temporal_memcpy.cc +93 -0
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +725 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_arm_intrinsics.h +79 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +180 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +45 -88
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +67 -38
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +16 -13
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +3 -2
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +19 -12
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +8 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +2 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +8 -3
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +59 -102
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +5 -4
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +41 -11
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +18 -4
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +6 -1
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +3 -2
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +164 -101
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +7 -6
- data/third_party/abseil-cpp/absl/functional/any_invocable.h +316 -0
- data/third_party/abseil-cpp/absl/functional/bind_front.h +10 -1
- data/third_party/abseil-cpp/absl/functional/function_ref.h +2 -1
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +878 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +82 -8
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +10 -10
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +235 -26
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +3 -14
- data/third_party/abseil-cpp/absl/memory/memory.h +26 -447
- data/third_party/abseil-cpp/absl/meta/type_traits.h +104 -12
- data/third_party/abseil-cpp/absl/numeric/bits.h +1 -1
- data/third_party/abseil-cpp/absl/numeric/int128.cc +14 -10
- data/third_party/abseil-cpp/absl/numeric/int128.h +2 -2
- data/third_party/abseil-cpp/absl/profiling/internal/sample_recorder.h +33 -10
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +4 -4
- data/third_party/abseil-cpp/absl/random/distributions.h +3 -3
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +3 -0
- data/third_party/abseil-cpp/absl/random/internal/fast_uniform_bits.h +4 -2
- data/third_party/abseil-cpp/absl/random/internal/generate_real.h +2 -2
- data/third_party/abseil-cpp/absl/random/internal/nonsecure_base.h +59 -48
- data/third_party/abseil-cpp/absl/random/internal/pcg_engine.h +3 -24
- data/third_party/abseil-cpp/absl/random/internal/pool_urbg.cc +9 -9
- data/third_party/abseil-cpp/absl/random/internal/randen.h +5 -11
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +6 -2
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +48 -23
- data/third_party/abseil-cpp/absl/random/internal/salted_seed_seq.h +24 -26
- data/third_party/abseil-cpp/absl/random/internal/seed_material.cc +2 -2
- data/third_party/abseil-cpp/absl/random/internal/traits.h +53 -5
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +5 -5
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +33 -48
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +9 -10
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +7 -4
- data/third_party/abseil-cpp/absl/random/random.h +6 -6
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +1 -0
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +2 -2
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +1 -1
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +4 -3
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +18 -0
- data/third_party/abseil-cpp/absl/status/status.cc +193 -14
- data/third_party/abseil-cpp/absl/status/status.h +24 -14
- data/third_party/abseil-cpp/absl/status/statusor.h +9 -3
- data/third_party/abseil-cpp/absl/strings/ascii.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/ascii.h +4 -4
- data/third_party/abseil-cpp/absl/strings/charconv.cc +534 -96
- data/third_party/abseil-cpp/absl/strings/cord.cc +257 -924
- data/third_party/abseil-cpp/absl/strings/cord.h +268 -156
- data/third_party/abseil-cpp/absl/strings/cord_analysis.cc +188 -0
- data/third_party/abseil-cpp/absl/strings/cord_analysis.h +44 -0
- data/third_party/abseil-cpp/absl/strings/cord_buffer.cc +30 -0
- data/third_party/abseil-cpp/absl/strings/cord_buffer.h +575 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +73 -62
- data/third_party/abseil-cpp/absl/strings/escaping.h +24 -19
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +14 -12
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_data_edge.h +63 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.cc +20 -32
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +441 -150
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.cc +157 -53
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +70 -73
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_navigator.h +4 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree_reader.h +5 -4
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_consume.cc +7 -74
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_crc.cc +56 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_crc.h +103 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_flat.h +58 -17
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_ring.cc +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +7 -15
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +19 -43
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +7 -7
- data/third_party/abseil-cpp/absl/strings/internal/cordz_statistics.h +5 -4
- data/third_party/abseil-cpp/absl/strings/internal/cordz_update_tracker.h +4 -2
- data/third_party/abseil-cpp/absl/strings/internal/damerau_levenshtein_distance.cc +93 -0
- data/third_party/abseil-cpp/absl/strings/internal/damerau_levenshtein_distance.h +34 -0
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +18 -15
- data/third_party/abseil-cpp/absl/strings/internal/escaping.h +7 -9
- data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +55 -0
- data/third_party/abseil-cpp/absl/strings/internal/memutil.cc +9 -6
- data/third_party/abseil-cpp/absl/strings/internal/ostringstream.cc +14 -7
- data/third_party/abseil-cpp/absl/strings/internal/ostringstream.h +35 -10
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +113 -46
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +127 -30
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +42 -10
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +56 -289
- data/third_party/abseil-cpp/absl/strings/internal/str_format/constexpr_parser.h +351 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +6 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +9 -4
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +215 -181
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +2 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +10 -209
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +14 -103
- data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +9 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -1
- data/third_party/abseil-cpp/absl/strings/internal/string_constant.h +10 -2
- data/third_party/abseil-cpp/absl/strings/internal/stringify_sink.cc +28 -0
- data/third_party/abseil-cpp/absl/strings/internal/stringify_sink.h +57 -0
- data/third_party/abseil-cpp/absl/strings/internal/utf8.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/numbers.cc +42 -39
- data/third_party/abseil-cpp/absl/strings/numbers.h +26 -23
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +9 -6
- data/third_party/abseil-cpp/absl/strings/str_cat.h +70 -16
- data/third_party/abseil-cpp/absl/strings/str_format.h +71 -9
- data/third_party/abseil-cpp/absl/strings/str_join.h +9 -15
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -2
- data/third_party/abseil-cpp/absl/strings/string_view.cc +8 -19
- data/third_party/abseil-cpp/absl/strings/string_view.h +6 -12
- data/third_party/abseil-cpp/absl/strings/strip.h +8 -6
- data/third_party/abseil-cpp/absl/strings/substitute.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/substitute.h +55 -21
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +9 -6
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +0 -4
- data/third_party/abseil-cpp/absl/synchronization/internal/futex.h +20 -17
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +37 -31
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +22 -8
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +0 -4
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +1 -6
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +0 -25
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +10 -4
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +172 -88
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +102 -55
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +0 -1
- data/third_party/abseil-cpp/absl/synchronization/notification.h +3 -3
- data/third_party/abseil-cpp/absl/time/civil_time.cc +26 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +25 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +17 -11
- data/third_party/abseil-cpp/absl/time/duration.cc +12 -11
- data/third_party/abseil-cpp/absl/time/format.cc +2 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +11 -7
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +26 -5
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +7 -6
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +36 -35
- data/third_party/abseil-cpp/absl/time/time.cc +2 -2
- data/third_party/abseil-cpp/absl/time/time.h +268 -169
- data/third_party/abseil-cpp/absl/types/internal/optional.h +8 -0
- data/third_party/abseil-cpp/absl/types/internal/span.h +30 -19
- data/third_party/abseil-cpp/absl/types/internal/variant.h +28 -40
- data/third_party/abseil-cpp/absl/types/optional.h +17 -14
- data/third_party/abseil-cpp/absl/types/span.h +31 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +1 -2
- data/third_party/re2/re2/bitstate.cc +3 -3
- data/third_party/re2/re2/dfa.cc +13 -13
- data/third_party/re2/re2/nfa.cc +4 -4
- data/third_party/re2/re2/onepass.cc +2 -2
- data/third_party/re2/re2/prefilter_tree.cc +27 -59
- data/third_party/re2/re2/prefilter_tree.h +3 -2
- data/third_party/re2/re2/prog.cc +11 -2
- data/third_party/re2/re2/prog.h +17 -5
- data/third_party/re2/re2/re2.cc +6 -11
- data/third_party/re2/re2/re2.h +1 -1
- data/third_party/re2/re2/regexp.cc +1 -2
- data/third_party/re2/re2/stringpiece.h +10 -7
- data/third_party/re2/re2/unicode_casefold.cc +25 -11
- data/third_party/re2/re2/unicode_groups.cc +319 -151
- data/third_party/re2/re2/walker-inl.h +3 -2
- data/third_party/re2/util/mutex.h +4 -4
- data/third_party/upb/third_party/utf8_range/utf8_range.h +1 -1
- data/third_party/upb/upb/arena.c +277 -0
- data/third_party/upb/upb/arena.h +225 -0
- data/third_party/upb/upb/array.c +114 -0
- data/third_party/upb/upb/array.h +83 -0
- data/third_party/upb/upb/collections.h +36 -0
- data/third_party/upb/upb/decode.c +161 -65
- data/third_party/upb/upb/decode.h +1 -0
- data/third_party/upb/upb/decode_fast.c +1 -1
- data/third_party/upb/upb/def.c +10 -2
- data/third_party/upb/upb/def.h +8 -1
- data/third_party/upb/upb/def.hpp +7 -4
- data/third_party/upb/upb/encode.c +29 -20
- data/third_party/upb/upb/encode.h +16 -6
- data/third_party/upb/upb/extension_registry.c +93 -0
- data/third_party/upb/upb/extension_registry.h +84 -0
- data/third_party/upb/upb/{decode_internal.h → internal/decode.h} +5 -5
- data/third_party/upb/upb/internal/table.h +385 -0
- data/third_party/upb/upb/{upb_internal.h → internal/upb.h} +3 -3
- data/third_party/upb/upb/internal/vsnprintf_compat.h +52 -0
- data/third_party/upb/upb/json_decode.c +1512 -0
- data/third_party/upb/upb/json_decode.h +47 -0
- data/third_party/upb/upb/json_encode.c +7 -3
- data/third_party/upb/upb/json_encode.h +6 -3
- data/third_party/upb/upb/map.c +108 -0
- data/third_party/upb/upb/map.h +117 -0
- data/third_party/upb/upb/message_value.h +66 -0
- data/third_party/upb/upb/mini_table.c +1147 -0
- data/third_party/upb/upb/mini_table.h +189 -0
- data/third_party/upb/upb/mini_table.hpp +112 -0
- data/third_party/upb/upb/msg.c +2 -62
- data/third_party/upb/upb/msg.h +2 -45
- data/third_party/upb/upb/msg_internal.h +28 -22
- data/third_party/upb/upb/port_def.inc +2 -1
- data/third_party/upb/upb/port_undef.inc +1 -0
- data/third_party/upb/upb/reflection.c +2 -159
- data/third_party/upb/upb/reflection.h +2 -112
- data/third_party/upb/upb/status.c +86 -0
- data/third_party/upb/upb/status.h +66 -0
- data/third_party/upb/upb/table.c +2 -2
- data/third_party/upb/upb/table_internal.h +3 -352
- data/third_party/upb/upb/text_encode.c +3 -2
- data/third_party/upb/upb/upb.c +4 -290
- data/third_party/upb/upb/upb.h +7 -196
- data/third_party/zlib/compress.c +3 -3
- data/third_party/zlib/crc32.c +21 -12
- data/third_party/zlib/deflate.c +112 -106
- data/third_party/zlib/deflate.h +2 -2
- data/third_party/zlib/gzlib.c +1 -1
- data/third_party/zlib/gzread.c +3 -5
- data/third_party/zlib/gzwrite.c +1 -1
- data/third_party/zlib/infback.c +10 -7
- data/third_party/zlib/inflate.c +5 -2
- data/third_party/zlib/inftrees.c +2 -2
- data/third_party/zlib/inftrees.h +1 -1
- data/third_party/zlib/trees.c +61 -62
- data/third_party/zlib/uncompr.c +2 -2
- data/third_party/zlib/zconf.h +16 -3
- data/third_party/zlib/zlib.h +10 -10
- data/third_party/zlib/zutil.c +9 -7
- data/third_party/zlib/zutil.h +1 -0
- metadata +372 -102
- data/include/grpc/impl/codegen/gpr_slice.h +0 -71
- data/src/core/ext/filters/client_channel/http_connect_handshaker.h +0 -42
- data/src/core/ext/filters/client_channel/lb_policy_factory.h +0 -48
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +0 -185
- data/src/core/ext/filters/client_channel/lb_policy_registry.h +0 -65
- data/src/core/ext/filters/client_channel/proxy_mapper.h +0 -54
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.cc +0 -89
- data/src/core/ext/filters/client_channel/proxy_mapper_registry.h +0 -50
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +0 -186
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -179
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +0 -456
- data/src/core/ext/filters/http/message_compress/message_compress_filter.h +0 -53
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +0 -386
- data/src/core/ext/filters/server_config_selector/server_config_selector.cc +0 -61
- data/src/core/ext/xds/certificate_provider_registry.cc +0 -103
- data/src/core/ext/xds/certificate_provider_registry.h +0 -57
- data/src/core/lib/channel/handshaker_factory.h +0 -50
- data/src/core/lib/channel/handshaker_registry.cc +0 -50
- data/src/core/lib/channel/handshaker_registry.h +0 -71
- data/src/core/lib/event_engine/sockaddr.cc +0 -40
- data/src/core/lib/event_engine/sockaddr.h +0 -44
- data/src/core/lib/gpr/env.h +0 -40
- data/src/core/lib/gpr/env_linux.cc +0 -75
- data/src/core/lib/gpr/env_posix.cc +0 -46
- data/src/core/lib/gpr/env_windows.cc +0 -74
- data/src/core/lib/gpr/murmur_hash.cc +0 -82
- data/src/core/lib/gpr/murmur_hash.h +0 -29
- data/src/core/lib/gpr/string_windows.h +0 -32
- data/src/core/lib/gpr/tls.h +0 -158
- data/src/core/lib/gprpp/capture.h +0 -76
- data/src/core/lib/iomgr/error_internal.h +0 -66
- data/src/core/lib/iomgr/event_engine/endpoint.cc +0 -172
- data/src/core/lib/iomgr/event_engine/endpoint.h +0 -52
- data/src/core/lib/iomgr/event_engine/iomgr.cc +0 -85
- data/src/core/lib/iomgr/event_engine/pollset.cc +0 -87
- data/src/core/lib/iomgr/event_engine/resolved_address_internal.cc +0 -47
- data/src/core/lib/iomgr/event_engine/resolver.cc +0 -133
- data/src/core/lib/iomgr/event_engine/resolver.h +0 -56
- data/src/core/lib/iomgr/event_engine/tcp.cc +0 -296
- data/src/core/lib/iomgr/event_engine/timer.cc +0 -62
- data/src/core/lib/iomgr/executor/mpmcqueue.cc +0 -182
- data/src/core/lib/iomgr/executor/mpmcqueue.h +0 -171
- data/src/core/lib/iomgr/executor/threadpool.cc +0 -136
- data/src/core/lib/iomgr/executor/threadpool.h +0 -150
- data/src/core/lib/iomgr/time_averaged_stats.cc +0 -64
- data/src/core/lib/iomgr/time_averaged_stats.h +0 -72
- data/src/core/lib/profiling/basic_timers.cc +0 -295
- data/src/core/lib/profiling/stap_timers.cc +0 -50
- data/src/core/lib/profiling/timers.h +0 -94
- data/src/core/lib/promise/call_push_pull.h +0 -144
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +0 -46
- data/src/core/lib/slice/slice_api.cc +0 -39
- data/src/core/lib/slice/slice_refcount_base.h +0 -61
- data/src/core/lib/slice/slice_split.cc +0 -100
- data/src/core/lib/slice/slice_split.h +0 -40
- data/src/core/lib/transport/byte_stream.cc +0 -164
- data/src/core/lib/transport/byte_stream.h +0 -166
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +0 -50
|
@@ -1,20 +1,20 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
1
|
+
//
|
|
2
|
+
//
|
|
3
|
+
// Copyright 2015 gRPC authors.
|
|
4
|
+
//
|
|
5
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
// you may not use this file except in compliance with the License.
|
|
7
|
+
// You may obtain a copy of the License at
|
|
8
|
+
//
|
|
9
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
//
|
|
11
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
// See the License for the specific language governing permissions and
|
|
15
|
+
// limitations under the License.
|
|
16
|
+
//
|
|
17
|
+
//
|
|
18
18
|
|
|
19
19
|
#include <grpc/support/port_platform.h>
|
|
20
20
|
|
|
@@ -23,9 +23,9 @@
|
|
|
23
23
|
#include <limits.h>
|
|
24
24
|
#include <string.h>
|
|
25
25
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
// TODO(jboeuf): refactor inet_ntop into a portability header.
|
|
27
|
+
// Note: for whomever reads this and tries to refactor this, this
|
|
28
|
+
// can't be in grpc, it has to be in gpr.
|
|
29
29
|
#ifdef GPR_WINDOWS
|
|
30
30
|
#include <ws2tcpip.h>
|
|
31
31
|
#else
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
#include <string>
|
|
37
37
|
|
|
38
38
|
#include <openssl/bio.h>
|
|
39
|
-
#include <openssl/crypto.h>
|
|
39
|
+
#include <openssl/crypto.h> // For OPENSSL_free
|
|
40
40
|
#include <openssl/engine.h>
|
|
41
41
|
#include <openssl/err.h>
|
|
42
42
|
#include <openssl/ssl.h>
|
|
@@ -45,6 +45,7 @@
|
|
|
45
45
|
#include <openssl/x509v3.h>
|
|
46
46
|
|
|
47
47
|
#include "absl/strings/match.h"
|
|
48
|
+
#include "absl/strings/str_cat.h"
|
|
48
49
|
#include "absl/strings/string_view.h"
|
|
49
50
|
|
|
50
51
|
#include <grpc/grpc_security.h>
|
|
@@ -55,31 +56,33 @@
|
|
|
55
56
|
#include <grpc/support/thd_id.h>
|
|
56
57
|
|
|
57
58
|
#include "src/core/lib/gpr/useful.h"
|
|
59
|
+
#include "src/core/lib/gprpp/crash.h"
|
|
58
60
|
#include "src/core/tsi/ssl/key_logging/ssl_key_logging.h"
|
|
59
61
|
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
|
|
62
|
+
#include "src/core/tsi/ssl_transport_security_utils.h"
|
|
60
63
|
#include "src/core/tsi/ssl_types.h"
|
|
61
64
|
#include "src/core/tsi/transport_security.h"
|
|
62
65
|
|
|
63
|
-
|
|
66
|
+
// --- Constants. ---
|
|
64
67
|
|
|
65
68
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND 16384
|
|
66
69
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND 1024
|
|
67
70
|
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE 1024
|
|
68
71
|
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
+
// Putting a macro like this and littering the source file with #if is really
|
|
73
|
+
// bad practice.
|
|
74
|
+
// TODO(jboeuf): refactor all the #if / #endif in a separate module.
|
|
72
75
|
#ifndef TSI_OPENSSL_ALPN_SUPPORT
|
|
73
76
|
#define TSI_OPENSSL_ALPN_SUPPORT 1
|
|
74
77
|
#endif
|
|
75
78
|
|
|
76
|
-
|
|
77
|
-
|
|
79
|
+
// TODO(jboeuf): I have not found a way to get this number dynamically from the
|
|
80
|
+
// SSL structure. This is what we would ultimately want though...
|
|
78
81
|
#define TSI_SSL_MAX_PROTECTION_OVERHEAD 100
|
|
79
82
|
|
|
80
83
|
using TlsSessionKeyLogger = tsi::TlsSessionKeyLoggerCache::TlsSessionKeyLogger;
|
|
81
84
|
|
|
82
|
-
|
|
85
|
+
// --- Structure definitions. ---
|
|
83
86
|
|
|
84
87
|
struct tsi_ssl_root_certs_store {
|
|
85
88
|
X509_STORE* store;
|
|
@@ -100,9 +103,9 @@ struct tsi_ssl_client_handshaker_factory {
|
|
|
100
103
|
};
|
|
101
104
|
|
|
102
105
|
struct tsi_ssl_server_handshaker_factory {
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
+
// Several contexts to support SNI.
|
|
107
|
+
// The tsi_peer array contains the subject names of the server certificates
|
|
108
|
+
// associated with the contexts at the same index.
|
|
106
109
|
tsi_ssl_handshaker_factory base;
|
|
107
110
|
SSL_CTX** ssl_contexts;
|
|
108
111
|
tsi_peer* ssl_context_x509_subject_names;
|
|
@@ -136,11 +139,12 @@ struct tsi_ssl_frame_protector {
|
|
|
136
139
|
size_t buffer_size;
|
|
137
140
|
size_t buffer_offset;
|
|
138
141
|
};
|
|
139
|
-
|
|
142
|
+
// --- Library Initialization. ---
|
|
140
143
|
|
|
141
144
|
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
|
142
145
|
static int g_ssl_ctx_ex_factory_index = -1;
|
|
143
146
|
static const unsigned char kSslSessionIdContext[] = {'g', 'r', 'p', 'c'};
|
|
147
|
+
static int g_ssl_ex_verified_root_cert_index = -1;
|
|
144
148
|
#if !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ENGINE)
|
|
145
149
|
static const char kSslEnginePrefix[] = "engine:";
|
|
146
150
|
#endif
|
|
@@ -190,36 +194,15 @@ static void init_openssl(void) {
|
|
|
190
194
|
g_ssl_ctx_ex_factory_index =
|
|
191
195
|
SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
|
192
196
|
GPR_ASSERT(g_ssl_ctx_ex_factory_index != -1);
|
|
193
|
-
}
|
|
194
197
|
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
switch (error) {
|
|
199
|
-
case SSL_ERROR_NONE:
|
|
200
|
-
return "SSL_ERROR_NONE";
|
|
201
|
-
case SSL_ERROR_ZERO_RETURN:
|
|
202
|
-
return "SSL_ERROR_ZERO_RETURN";
|
|
203
|
-
case SSL_ERROR_WANT_READ:
|
|
204
|
-
return "SSL_ERROR_WANT_READ";
|
|
205
|
-
case SSL_ERROR_WANT_WRITE:
|
|
206
|
-
return "SSL_ERROR_WANT_WRITE";
|
|
207
|
-
case SSL_ERROR_WANT_CONNECT:
|
|
208
|
-
return "SSL_ERROR_WANT_CONNECT";
|
|
209
|
-
case SSL_ERROR_WANT_ACCEPT:
|
|
210
|
-
return "SSL_ERROR_WANT_ACCEPT";
|
|
211
|
-
case SSL_ERROR_WANT_X509_LOOKUP:
|
|
212
|
-
return "SSL_ERROR_WANT_X509_LOOKUP";
|
|
213
|
-
case SSL_ERROR_SYSCALL:
|
|
214
|
-
return "SSL_ERROR_SYSCALL";
|
|
215
|
-
case SSL_ERROR_SSL:
|
|
216
|
-
return "SSL_ERROR_SSL";
|
|
217
|
-
default:
|
|
218
|
-
return "Unknown error";
|
|
219
|
-
}
|
|
198
|
+
g_ssl_ex_verified_root_cert_index =
|
|
199
|
+
SSL_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
|
200
|
+
GPR_ASSERT(g_ssl_ex_verified_root_cert_index != -1);
|
|
220
201
|
}
|
|
221
202
|
|
|
222
|
-
|
|
203
|
+
// --- Ssl utils. ---
|
|
204
|
+
|
|
205
|
+
// TODO(jboeuf): Remove when we are past the debugging phase with this code.
|
|
223
206
|
static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
|
224
207
|
const char* msg) {
|
|
225
208
|
if ((where & flag) && GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
|
@@ -228,7 +211,7 @@ static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
|
|
228
211
|
}
|
|
229
212
|
}
|
|
230
213
|
|
|
231
|
-
|
|
214
|
+
// Used for debugging. TODO(jboeuf): Remove when code is mature enough.
|
|
232
215
|
static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
|
233
216
|
if (ret == 0) {
|
|
234
217
|
gpr_log(GPR_ERROR, "ssl_info_callback: error occurred.\n");
|
|
@@ -240,14 +223,14 @@ static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
|
|
240
223
|
ssl_log_where_info(ssl, where, SSL_CB_HANDSHAKE_DONE, "HANDSHAKE DONE");
|
|
241
224
|
}
|
|
242
225
|
|
|
243
|
-
|
|
244
|
-
|
|
226
|
+
// Returns 1 if name looks like an IP address, 0 otherwise.
|
|
227
|
+
// This is a very rough heuristic, and only handles IPv6 in hexadecimal form.
|
|
245
228
|
static int looks_like_ip_address(absl::string_view name) {
|
|
246
229
|
size_t dot_count = 0;
|
|
247
230
|
size_t num_size = 0;
|
|
248
231
|
for (size_t i = 0; i < name.size(); ++i) {
|
|
249
232
|
if (name[i] == ':') {
|
|
250
|
-
|
|
233
|
+
// IPv6 Address in hexadecimal form, : is not allowed in DNS names.
|
|
251
234
|
return 1;
|
|
252
235
|
}
|
|
253
236
|
if (name[i] >= '0' && name[i] <= '9') {
|
|
@@ -265,7 +248,7 @@ static int looks_like_ip_address(absl::string_view name) {
|
|
|
265
248
|
return 1;
|
|
266
249
|
}
|
|
267
250
|
|
|
268
|
-
|
|
251
|
+
// Gets the subject CN from an X509 cert.
|
|
269
252
|
static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
|
|
270
253
|
size_t* utf8_size) {
|
|
271
254
|
int common_name_index = -1;
|
|
@@ -303,7 +286,7 @@ static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
|
|
|
303
286
|
return TSI_OK;
|
|
304
287
|
}
|
|
305
288
|
|
|
306
|
-
|
|
289
|
+
// Gets the subject CN of an X509 cert as a tsi_peer_property.
|
|
307
290
|
static tsi_result peer_property_from_x509_common_name(
|
|
308
291
|
X509* cert, tsi_peer_property* property) {
|
|
309
292
|
unsigned char* common_name;
|
|
@@ -326,9 +309,10 @@ static tsi_result peer_property_from_x509_common_name(
|
|
|
326
309
|
return result;
|
|
327
310
|
}
|
|
328
311
|
|
|
329
|
-
|
|
312
|
+
// Gets the subject of an X509 cert as a tsi_peer_property.
|
|
330
313
|
static tsi_result peer_property_from_x509_subject(X509* cert,
|
|
331
|
-
tsi_peer_property* property
|
|
314
|
+
tsi_peer_property* property,
|
|
315
|
+
bool is_verified_root_cert) {
|
|
332
316
|
X509_NAME* subject_name = X509_get_subject_name(cert);
|
|
333
317
|
if (subject_name == nullptr) {
|
|
334
318
|
gpr_log(GPR_INFO, "Could not get subject name from certificate.");
|
|
@@ -343,14 +327,21 @@ static tsi_result peer_property_from_x509_subject(X509* cert,
|
|
|
343
327
|
BIO_free(bio);
|
|
344
328
|
return TSI_INTERNAL_ERROR;
|
|
345
329
|
}
|
|
346
|
-
tsi_result result
|
|
347
|
-
|
|
348
|
-
|
|
330
|
+
tsi_result result;
|
|
331
|
+
if (!is_verified_root_cert) {
|
|
332
|
+
result = tsi_construct_string_peer_property(
|
|
333
|
+
TSI_X509_SUBJECT_PEER_PROPERTY, contents, static_cast<size_t>(len),
|
|
334
|
+
property);
|
|
335
|
+
} else {
|
|
336
|
+
result = tsi_construct_string_peer_property(
|
|
337
|
+
TSI_X509_VERIFIED_ROOT_CERT_SUBECT_PEER_PROPERTY, contents,
|
|
338
|
+
static_cast<size_t>(len), property);
|
|
339
|
+
}
|
|
349
340
|
BIO_free(bio);
|
|
350
341
|
return result;
|
|
351
342
|
}
|
|
352
343
|
|
|
353
|
-
|
|
344
|
+
// Gets the X509 cert in PEM format as a tsi_peer_property.
|
|
354
345
|
static tsi_result add_pem_certificate(X509* cert, tsi_peer_property* property) {
|
|
355
346
|
BIO* bio = BIO_new(BIO_s_mem());
|
|
356
347
|
if (!PEM_write_bio_X509(bio, cert)) {
|
|
@@ -369,7 +360,7 @@ static tsi_result add_pem_certificate(X509* cert, tsi_peer_property* property) {
|
|
|
369
360
|
return result;
|
|
370
361
|
}
|
|
371
362
|
|
|
372
|
-
|
|
363
|
+
// Gets the subject SANs from an X509 cert as a tsi_peer_property.
|
|
373
364
|
static tsi_result add_subject_alt_names_properties_to_peer(
|
|
374
365
|
tsi_peer* peer, GENERAL_NAMES* subject_alt_names,
|
|
375
366
|
size_t subject_alt_name_count, int* current_insert_index) {
|
|
@@ -452,10 +443,10 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
|
452
443
|
return result;
|
|
453
444
|
}
|
|
454
445
|
|
|
455
|
-
|
|
446
|
+
// Gets information about the peer's X509 cert as a tsi_peer object.
|
|
456
447
|
static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
457
448
|
tsi_peer* peer) {
|
|
458
|
-
|
|
449
|
+
// TODO(jboeuf): Maybe add more properties.
|
|
459
450
|
GENERAL_NAMES* subject_alt_names = static_cast<GENERAL_NAMES*>(
|
|
460
451
|
X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr));
|
|
461
452
|
int subject_alt_name_count =
|
|
@@ -465,7 +456,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
|
465
456
|
size_t property_count;
|
|
466
457
|
tsi_result result;
|
|
467
458
|
GPR_ASSERT(subject_alt_name_count >= 0);
|
|
468
|
-
property_count = (include_certificate_type ?
|
|
459
|
+
property_count = (include_certificate_type ? size_t{1} : 0) +
|
|
469
460
|
3 /* subject, common name, certificate */ +
|
|
470
461
|
static_cast<size_t>(subject_alt_name_count);
|
|
471
462
|
for (int i = 0; i < subject_alt_name_count; i++) {
|
|
@@ -494,7 +485,8 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
|
494
485
|
}
|
|
495
486
|
|
|
496
487
|
result = peer_property_from_x509_subject(
|
|
497
|
-
cert, &peer->properties[current_insert_index++]
|
|
488
|
+
cert, &peer->properties[current_insert_index++],
|
|
489
|
+
/*is_verified_root_cert=*/false);
|
|
498
490
|
if (result != TSI_OK) break;
|
|
499
491
|
|
|
500
492
|
result = peer_property_from_x509_common_name(
|
|
@@ -522,72 +514,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
|
522
514
|
return result;
|
|
523
515
|
}
|
|
524
516
|
|
|
525
|
-
|
|
526
|
-
static void log_ssl_error_stack(void) {
|
|
527
|
-
unsigned long err;
|
|
528
|
-
while ((err = ERR_get_error()) != 0) {
|
|
529
|
-
char details[256];
|
|
530
|
-
ERR_error_string_n(static_cast<uint32_t>(err), details, sizeof(details));
|
|
531
|
-
gpr_log(GPR_ERROR, "%s", details);
|
|
532
|
-
}
|
|
533
|
-
}
|
|
534
|
-
|
|
535
|
-
/* Performs an SSL_read and handle errors. */
|
|
536
|
-
static tsi_result do_ssl_read(SSL* ssl, unsigned char* unprotected_bytes,
|
|
537
|
-
size_t* unprotected_bytes_size) {
|
|
538
|
-
GPR_ASSERT(*unprotected_bytes_size <= INT_MAX);
|
|
539
|
-
ERR_clear_error();
|
|
540
|
-
int read_from_ssl = SSL_read(ssl, unprotected_bytes,
|
|
541
|
-
static_cast<int>(*unprotected_bytes_size));
|
|
542
|
-
if (read_from_ssl <= 0) {
|
|
543
|
-
read_from_ssl = SSL_get_error(ssl, read_from_ssl);
|
|
544
|
-
switch (read_from_ssl) {
|
|
545
|
-
case SSL_ERROR_ZERO_RETURN: /* Received a close_notify alert. */
|
|
546
|
-
case SSL_ERROR_WANT_READ: /* We need more data to finish the frame. */
|
|
547
|
-
*unprotected_bytes_size = 0;
|
|
548
|
-
return TSI_OK;
|
|
549
|
-
case SSL_ERROR_WANT_WRITE:
|
|
550
|
-
gpr_log(
|
|
551
|
-
GPR_ERROR,
|
|
552
|
-
"Peer tried to renegotiate SSL connection. This is unsupported.");
|
|
553
|
-
return TSI_UNIMPLEMENTED;
|
|
554
|
-
case SSL_ERROR_SSL:
|
|
555
|
-
gpr_log(GPR_ERROR, "Corruption detected.");
|
|
556
|
-
log_ssl_error_stack();
|
|
557
|
-
return TSI_DATA_CORRUPTED;
|
|
558
|
-
default:
|
|
559
|
-
gpr_log(GPR_ERROR, "SSL_read failed with error %s.",
|
|
560
|
-
ssl_error_string(read_from_ssl));
|
|
561
|
-
return TSI_PROTOCOL_FAILURE;
|
|
562
|
-
}
|
|
563
|
-
}
|
|
564
|
-
*unprotected_bytes_size = static_cast<size_t>(read_from_ssl);
|
|
565
|
-
return TSI_OK;
|
|
566
|
-
}
|
|
567
|
-
|
|
568
|
-
/* Performs an SSL_write and handle errors. */
|
|
569
|
-
static tsi_result do_ssl_write(SSL* ssl, unsigned char* unprotected_bytes,
|
|
570
|
-
size_t unprotected_bytes_size) {
|
|
571
|
-
GPR_ASSERT(unprotected_bytes_size <= INT_MAX);
|
|
572
|
-
ERR_clear_error();
|
|
573
|
-
int ssl_write_result = SSL_write(ssl, unprotected_bytes,
|
|
574
|
-
static_cast<int>(unprotected_bytes_size));
|
|
575
|
-
if (ssl_write_result < 0) {
|
|
576
|
-
ssl_write_result = SSL_get_error(ssl, ssl_write_result);
|
|
577
|
-
if (ssl_write_result == SSL_ERROR_WANT_READ) {
|
|
578
|
-
gpr_log(GPR_ERROR,
|
|
579
|
-
"Peer tried to renegotiate SSL connection. This is unsupported.");
|
|
580
|
-
return TSI_UNIMPLEMENTED;
|
|
581
|
-
} else {
|
|
582
|
-
gpr_log(GPR_ERROR, "SSL_write failed with error %s.",
|
|
583
|
-
ssl_error_string(ssl_write_result));
|
|
584
|
-
return TSI_INTERNAL_ERROR;
|
|
585
|
-
}
|
|
586
|
-
}
|
|
587
|
-
return TSI_OK;
|
|
588
|
-
}
|
|
589
|
-
|
|
590
|
-
/* Loads an in-memory PEM certificate chain into the SSL context. */
|
|
517
|
+
// Loads an in-memory PEM certificate chain into the SSL context.
|
|
591
518
|
static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
592
519
|
const char* pem_cert_chain,
|
|
593
520
|
size_t pem_cert_chain_size) {
|
|
@@ -614,17 +541,17 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
|
614
541
|
PEM_read_bio_X509(pem, nullptr, nullptr, const_cast<char*>(""));
|
|
615
542
|
if (certificate_authority == nullptr) {
|
|
616
543
|
ERR_clear_error();
|
|
617
|
-
break;
|
|
544
|
+
break; // Done reading.
|
|
618
545
|
}
|
|
619
546
|
if (!SSL_CTX_add_extra_chain_cert(context, certificate_authority)) {
|
|
620
547
|
X509_free(certificate_authority);
|
|
621
548
|
result = TSI_INVALID_ARGUMENT;
|
|
622
549
|
break;
|
|
623
550
|
}
|
|
624
|
-
|
|
625
|
-
|
|
626
|
-
|
|
627
|
-
|
|
551
|
+
// We don't need to free certificate_authority as its ownership has been
|
|
552
|
+
// transferred to the context. That is not the case for certificate
|
|
553
|
+
// though.
|
|
554
|
+
//
|
|
628
555
|
}
|
|
629
556
|
} while (false);
|
|
630
557
|
|
|
@@ -706,7 +633,7 @@ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
|
|
706
633
|
if (engine_name != nullptr) gpr_free(engine_name);
|
|
707
634
|
return result;
|
|
708
635
|
}
|
|
709
|
-
#endif
|
|
636
|
+
#endif // !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ENGINE)
|
|
710
637
|
|
|
711
638
|
static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
|
712
639
|
const char* pem_key,
|
|
@@ -734,7 +661,7 @@ static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
|
|
734
661
|
return result;
|
|
735
662
|
}
|
|
736
663
|
|
|
737
|
-
|
|
664
|
+
// Loads an in-memory PEM private key into the SSL context.
|
|
738
665
|
static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
|
739
666
|
size_t pem_key_size) {
|
|
740
667
|
// BoringSSL does not have ENGINE support
|
|
@@ -742,14 +669,14 @@ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
|
|
742
669
|
if (strncmp(pem_key, kSslEnginePrefix, strlen(kSslEnginePrefix)) == 0) {
|
|
743
670
|
return ssl_ctx_use_engine_private_key(context, pem_key, pem_key_size);
|
|
744
671
|
} else
|
|
745
|
-
#endif
|
|
672
|
+
#endif // !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ENGINE)
|
|
746
673
|
{
|
|
747
674
|
return ssl_ctx_use_pem_private_key(context, pem_key, pem_key_size);
|
|
748
675
|
}
|
|
749
676
|
}
|
|
750
677
|
|
|
751
|
-
|
|
752
|
-
|
|
678
|
+
// Loads in-memory PEM verification certs into the SSL context and optionally
|
|
679
|
+
// returns the verification cert names (root_names can be NULL).
|
|
753
680
|
static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
754
681
|
const char* pem_roots,
|
|
755
682
|
size_t pem_roots_size,
|
|
@@ -772,7 +699,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
|
772
699
|
root = PEM_read_bio_X509_AUX(pem, nullptr, nullptr, const_cast<char*>(""));
|
|
773
700
|
if (root == nullptr) {
|
|
774
701
|
ERR_clear_error();
|
|
775
|
-
break;
|
|
702
|
+
break; // We're at the end of stream.
|
|
776
703
|
}
|
|
777
704
|
if (root_names != nullptr) {
|
|
778
705
|
root_name = X509_get_subject_name(root);
|
|
@@ -831,8 +758,8 @@ static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
|
|
831
758
|
root_name);
|
|
832
759
|
}
|
|
833
760
|
|
|
834
|
-
|
|
835
|
-
|
|
761
|
+
// Populates the SSL context with a private key and a cert chain, and sets the
|
|
762
|
+
// cipher list and the ephemeral ECDH key.
|
|
836
763
|
static tsi_result populate_ssl_context(
|
|
837
764
|
SSL_CTX* context, const tsi_ssl_pem_key_cert_pair* key_cert_pair,
|
|
838
765
|
const char* cipher_list) {
|
|
@@ -873,7 +800,7 @@ static tsi_result populate_ssl_context(
|
|
|
873
800
|
return TSI_OK;
|
|
874
801
|
}
|
|
875
802
|
|
|
876
|
-
|
|
803
|
+
// Extracts the CN and the SANs from an X509 cert as a peer object.
|
|
877
804
|
tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
|
878
805
|
const char* pem_cert, tsi_peer* peer) {
|
|
879
806
|
tsi_result result = TSI_OK;
|
|
@@ -894,7 +821,7 @@ tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
|
|
894
821
|
return result;
|
|
895
822
|
}
|
|
896
823
|
|
|
897
|
-
|
|
824
|
+
// Builds the alpn protocol name list according to rfc 7301.
|
|
898
825
|
static tsi_result build_alpn_protocol_name_list(
|
|
899
826
|
const char** alpn_protocols, uint16_t num_alpn_protocols,
|
|
900
827
|
unsigned char** protocol_name_list, size_t* protocol_name_list_length) {
|
|
@@ -919,11 +846,11 @@ static tsi_result build_alpn_protocol_name_list(
|
|
|
919
846
|
current = *protocol_name_list;
|
|
920
847
|
for (i = 0; i < num_alpn_protocols; i++) {
|
|
921
848
|
size_t length = strlen(alpn_protocols[i]);
|
|
922
|
-
*(current++) = static_cast<uint8_t>(length);
|
|
849
|
+
*(current++) = static_cast<uint8_t>(length); // max checked above.
|
|
923
850
|
memcpy(current, alpn_protocols[i], length);
|
|
924
851
|
current += length;
|
|
925
852
|
}
|
|
926
|
-
|
|
853
|
+
// Safety check.
|
|
927
854
|
if ((current < *protocol_name_list) ||
|
|
928
855
|
(static_cast<uintptr_t>(current - *protocol_name_list) !=
|
|
929
856
|
*protocol_name_list_length)) {
|
|
@@ -932,6 +859,22 @@ static tsi_result build_alpn_protocol_name_list(
|
|
|
932
859
|
return TSI_OK;
|
|
933
860
|
}
|
|
934
861
|
|
|
862
|
+
// This callback is invoked when the CRL has been verified and will soft-fail
|
|
863
|
+
// errors in verification depending on certain error types.
|
|
864
|
+
static int verify_cb(int ok, X509_STORE_CTX* ctx) {
|
|
865
|
+
int cert_error = X509_STORE_CTX_get_error(ctx);
|
|
866
|
+
if (cert_error == X509_V_ERR_UNABLE_TO_GET_CRL) {
|
|
867
|
+
gpr_log(
|
|
868
|
+
GPR_INFO,
|
|
869
|
+
"Certificate verification failed to get CRL files. Ignoring error.");
|
|
870
|
+
return 1;
|
|
871
|
+
}
|
|
872
|
+
if (cert_error != 0) {
|
|
873
|
+
gpr_log(GPR_ERROR, "Certificate verify failed with code %d", cert_error);
|
|
874
|
+
}
|
|
875
|
+
return ok;
|
|
876
|
+
}
|
|
877
|
+
|
|
935
878
|
// The verification callback is used for clients that don't really care about
|
|
936
879
|
// the server's certificate, but we need to pull it anyway, in case a higher
|
|
937
880
|
// layer wants to look at it. In this case the verification may fail, but
|
|
@@ -940,6 +883,64 @@ static int NullVerifyCallback(int /*preverify_ok*/, X509_STORE_CTX* /*ctx*/) {
|
|
|
940
883
|
return 1;
|
|
941
884
|
}
|
|
942
885
|
|
|
886
|
+
static int RootCertExtractCallback(int preverify_ok, X509_STORE_CTX* ctx) {
|
|
887
|
+
if (ctx == nullptr) {
|
|
888
|
+
return preverify_ok;
|
|
889
|
+
}
|
|
890
|
+
|
|
891
|
+
// There's a case where this function is set in SSL_CTX_set_verify and a CRL
|
|
892
|
+
// related callback is set with X509_STORE_set_verify_cb. They overlap and
|
|
893
|
+
// this will take precedence, thus we need to ensure the CRL related callback
|
|
894
|
+
// is still called
|
|
895
|
+
X509_VERIFY_PARAM* param = X509_STORE_CTX_get0_param(ctx);
|
|
896
|
+
auto flags = X509_VERIFY_PARAM_get_flags(param);
|
|
897
|
+
if (flags & X509_V_FLAG_CRL_CHECK) {
|
|
898
|
+
preverify_ok = verify_cb(preverify_ok, ctx);
|
|
899
|
+
}
|
|
900
|
+
|
|
901
|
+
// If preverify_ok == 0, verification failed. We shouldn't expect to have a
|
|
902
|
+
// verified chain, so there is no need to attempt to extract the root cert
|
|
903
|
+
// from it
|
|
904
|
+
if (preverify_ok == 0) {
|
|
905
|
+
return preverify_ok;
|
|
906
|
+
}
|
|
907
|
+
|
|
908
|
+
// If we're here, verification was successful
|
|
909
|
+
// Get the verified chain from the X509_STORE_CTX and put it on the SSL object
|
|
910
|
+
// so that we have access to it when populating the tsi_peer
|
|
911
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
|
912
|
+
STACK_OF(X509)* chain = X509_STORE_CTX_get0_chain(ctx);
|
|
913
|
+
#else
|
|
914
|
+
STACK_OF(X509)* chain = X509_STORE_CTX_get_chain(ctx);
|
|
915
|
+
#endif
|
|
916
|
+
|
|
917
|
+
if (chain == nullptr) {
|
|
918
|
+
return preverify_ok;
|
|
919
|
+
}
|
|
920
|
+
|
|
921
|
+
// The root cert is the last in the chain
|
|
922
|
+
size_t chain_length = sk_X509_num(chain);
|
|
923
|
+
if (chain_length == 0) {
|
|
924
|
+
return preverify_ok;
|
|
925
|
+
}
|
|
926
|
+
X509* root_cert = sk_X509_value(chain, chain_length - 1);
|
|
927
|
+
if (root_cert == nullptr) {
|
|
928
|
+
return preverify_ok;
|
|
929
|
+
}
|
|
930
|
+
|
|
931
|
+
SSL* ssl = static_cast<SSL*>(
|
|
932
|
+
X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
|
|
933
|
+
if (ssl == nullptr) {
|
|
934
|
+
return preverify_ok;
|
|
935
|
+
}
|
|
936
|
+
int success =
|
|
937
|
+
SSL_set_ex_data(ssl, g_ssl_ex_verified_root_cert_index, root_cert);
|
|
938
|
+
if (success == 0) {
|
|
939
|
+
gpr_log(GPR_INFO, "Could not set verified root cert in SSL's ex_data");
|
|
940
|
+
}
|
|
941
|
+
return preverify_ok;
|
|
942
|
+
}
|
|
943
|
+
|
|
943
944
|
// Sets the min and max TLS version of |ssl_context| to |min_tls_version| and
|
|
944
945
|
// |max_tls_version|, respectively. Calling this method is a no-op when using
|
|
945
946
|
// OpenSSL versions < 1.1.
|
|
@@ -995,7 +996,7 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
|
995
996
|
return TSI_OK;
|
|
996
997
|
}
|
|
997
998
|
|
|
998
|
-
|
|
999
|
+
// --- tsi_ssl_root_certs_store methods implementation. ---
|
|
999
1000
|
|
|
1000
1001
|
tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create(
|
|
1001
1002
|
const char* pem_roots) {
|
|
@@ -1032,24 +1033,23 @@ void tsi_ssl_root_certs_store_destroy(tsi_ssl_root_certs_store* self) {
|
|
|
1032
1033
|
gpr_free(self);
|
|
1033
1034
|
}
|
|
1034
1035
|
|
|
1035
|
-
|
|
1036
|
+
// --- tsi_ssl_session_cache methods implementation. ---
|
|
1036
1037
|
|
|
1037
1038
|
tsi_ssl_session_cache* tsi_ssl_session_cache_create_lru(size_t capacity) {
|
|
1038
|
-
|
|
1039
|
-
return
|
|
1040
|
-
tsi::SslSessionLRUCache::Create(capacity).release());
|
|
1039
|
+
// Pointer will be dereferenced by unref call.
|
|
1040
|
+
return tsi::SslSessionLRUCache::Create(capacity).release()->c_ptr();
|
|
1041
1041
|
}
|
|
1042
1042
|
|
|
1043
1043
|
void tsi_ssl_session_cache_ref(tsi_ssl_session_cache* cache) {
|
|
1044
|
-
|
|
1045
|
-
|
|
1044
|
+
// Pointer will be dereferenced by unref call.
|
|
1045
|
+
tsi::SslSessionLRUCache::FromC(cache)->Ref().release();
|
|
1046
1046
|
}
|
|
1047
1047
|
|
|
1048
1048
|
void tsi_ssl_session_cache_unref(tsi_ssl_session_cache* cache) {
|
|
1049
|
-
|
|
1049
|
+
tsi::SslSessionLRUCache::FromC(cache)->Unref();
|
|
1050
1050
|
}
|
|
1051
1051
|
|
|
1052
|
-
|
|
1052
|
+
// --- tsi_frame_protector methods implementation. ---
|
|
1053
1053
|
|
|
1054
1054
|
static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
|
1055
1055
|
const unsigned char* unprotected_bytes,
|
|
@@ -1058,130 +1058,33 @@ static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
|
|
1058
1058
|
size_t* protected_output_frames_size) {
|
|
1059
1059
|
tsi_ssl_frame_protector* impl =
|
|
1060
1060
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1061
|
-
int read_from_ssl;
|
|
1062
|
-
size_t available;
|
|
1063
|
-
tsi_result result = TSI_OK;
|
|
1064
1061
|
|
|
1065
|
-
|
|
1066
|
-
|
|
1067
|
-
|
|
1068
|
-
|
|
1069
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
|
1070
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
|
1071
|
-
static_cast<int>(*protected_output_frames_size));
|
|
1072
|
-
if (read_from_ssl < 0) {
|
|
1073
|
-
gpr_log(GPR_ERROR,
|
|
1074
|
-
"Could not read from BIO even though some data is pending");
|
|
1075
|
-
return TSI_INTERNAL_ERROR;
|
|
1076
|
-
}
|
|
1077
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
|
1078
|
-
return TSI_OK;
|
|
1079
|
-
}
|
|
1080
|
-
|
|
1081
|
-
/* Now see if we can send a complete frame. */
|
|
1082
|
-
available = impl->buffer_size - impl->buffer_offset;
|
|
1083
|
-
if (available > *unprotected_bytes_size) {
|
|
1084
|
-
/* If we cannot, just copy the data in our internal buffer. */
|
|
1085
|
-
memcpy(impl->buffer + impl->buffer_offset, unprotected_bytes,
|
|
1086
|
-
*unprotected_bytes_size);
|
|
1087
|
-
impl->buffer_offset += *unprotected_bytes_size;
|
|
1088
|
-
*protected_output_frames_size = 0;
|
|
1089
|
-
return TSI_OK;
|
|
1090
|
-
}
|
|
1091
|
-
|
|
1092
|
-
/* If we can, prepare the buffer, send it to SSL_write and read. */
|
|
1093
|
-
memcpy(impl->buffer + impl->buffer_offset, unprotected_bytes, available);
|
|
1094
|
-
result = do_ssl_write(impl->ssl, impl->buffer, impl->buffer_size);
|
|
1095
|
-
if (result != TSI_OK) return result;
|
|
1096
|
-
|
|
1097
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
|
1098
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
|
1099
|
-
static_cast<int>(*protected_output_frames_size));
|
|
1100
|
-
if (read_from_ssl < 0) {
|
|
1101
|
-
gpr_log(GPR_ERROR, "Could not read from BIO after SSL_write.");
|
|
1102
|
-
return TSI_INTERNAL_ERROR;
|
|
1103
|
-
}
|
|
1104
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
|
1105
|
-
*unprotected_bytes_size = available;
|
|
1106
|
-
impl->buffer_offset = 0;
|
|
1107
|
-
return TSI_OK;
|
|
1062
|
+
return grpc_core::SslProtectorProtect(
|
|
1063
|
+
unprotected_bytes, impl->buffer_size, impl->buffer_offset, impl->buffer,
|
|
1064
|
+
impl->ssl, impl->network_io, unprotected_bytes_size,
|
|
1065
|
+
protected_output_frames, protected_output_frames_size);
|
|
1108
1066
|
}
|
|
1109
1067
|
|
|
1110
1068
|
static tsi_result ssl_protector_protect_flush(
|
|
1111
1069
|
tsi_frame_protector* self, unsigned char* protected_output_frames,
|
|
1112
1070
|
size_t* protected_output_frames_size, size_t* still_pending_size) {
|
|
1113
|
-
tsi_result result = TSI_OK;
|
|
1114
1071
|
tsi_ssl_frame_protector* impl =
|
|
1115
1072
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1116
|
-
|
|
1117
|
-
|
|
1118
|
-
|
|
1119
|
-
|
|
1120
|
-
result = do_ssl_write(impl->ssl, impl->buffer, impl->buffer_offset);
|
|
1121
|
-
if (result != TSI_OK) return result;
|
|
1122
|
-
impl->buffer_offset = 0;
|
|
1123
|
-
}
|
|
1124
|
-
|
|
1125
|
-
pending = static_cast<int>(BIO_pending(impl->network_io));
|
|
1126
|
-
GPR_ASSERT(pending >= 0);
|
|
1127
|
-
*still_pending_size = static_cast<size_t>(pending);
|
|
1128
|
-
if (*still_pending_size == 0) return TSI_OK;
|
|
1129
|
-
|
|
1130
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
|
1131
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
|
1132
|
-
static_cast<int>(*protected_output_frames_size));
|
|
1133
|
-
if (read_from_ssl <= 0) {
|
|
1134
|
-
gpr_log(GPR_ERROR, "Could not read from BIO after SSL_write.");
|
|
1135
|
-
return TSI_INTERNAL_ERROR;
|
|
1136
|
-
}
|
|
1137
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
|
1138
|
-
pending = static_cast<int>(BIO_pending(impl->network_io));
|
|
1139
|
-
GPR_ASSERT(pending >= 0);
|
|
1140
|
-
*still_pending_size = static_cast<size_t>(pending);
|
|
1141
|
-
return TSI_OK;
|
|
1073
|
+
return grpc_core::SslProtectorProtectFlush(
|
|
1074
|
+
impl->buffer_offset, impl->buffer, impl->ssl, impl->network_io,
|
|
1075
|
+
protected_output_frames, protected_output_frames_size,
|
|
1076
|
+
still_pending_size);
|
|
1142
1077
|
}
|
|
1143
1078
|
|
|
1144
1079
|
static tsi_result ssl_protector_unprotect(
|
|
1145
1080
|
tsi_frame_protector* self, const unsigned char* protected_frames_bytes,
|
|
1146
1081
|
size_t* protected_frames_bytes_size, unsigned char* unprotected_bytes,
|
|
1147
1082
|
size_t* unprotected_bytes_size) {
|
|
1148
|
-
tsi_result result = TSI_OK;
|
|
1149
|
-
int written_into_ssl = 0;
|
|
1150
|
-
size_t output_bytes_size = *unprotected_bytes_size;
|
|
1151
|
-
size_t output_bytes_offset = 0;
|
|
1152
1083
|
tsi_ssl_frame_protector* impl =
|
|
1153
1084
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1154
|
-
|
|
1155
|
-
|
|
1156
|
-
|
|
1157
|
-
if (result != TSI_OK) return result;
|
|
1158
|
-
if (*unprotected_bytes_size == output_bytes_size) {
|
|
1159
|
-
/* We have read everything we could and cannot process any more input. */
|
|
1160
|
-
*protected_frames_bytes_size = 0;
|
|
1161
|
-
return TSI_OK;
|
|
1162
|
-
}
|
|
1163
|
-
output_bytes_offset = *unprotected_bytes_size;
|
|
1164
|
-
unprotected_bytes += output_bytes_offset;
|
|
1165
|
-
*unprotected_bytes_size = output_bytes_size - output_bytes_offset;
|
|
1166
|
-
|
|
1167
|
-
/* Then, try to write some data to ssl. */
|
|
1168
|
-
GPR_ASSERT(*protected_frames_bytes_size <= INT_MAX);
|
|
1169
|
-
written_into_ssl = BIO_write(impl->network_io, protected_frames_bytes,
|
|
1170
|
-
static_cast<int>(*protected_frames_bytes_size));
|
|
1171
|
-
if (written_into_ssl < 0) {
|
|
1172
|
-
gpr_log(GPR_ERROR, "Sending protected frame to ssl failed with %d",
|
|
1173
|
-
written_into_ssl);
|
|
1174
|
-
return TSI_INTERNAL_ERROR;
|
|
1175
|
-
}
|
|
1176
|
-
*protected_frames_bytes_size = static_cast<size_t>(written_into_ssl);
|
|
1177
|
-
|
|
1178
|
-
/* Now try to read some data again. */
|
|
1179
|
-
result = do_ssl_read(impl->ssl, unprotected_bytes, unprotected_bytes_size);
|
|
1180
|
-
if (result == TSI_OK) {
|
|
1181
|
-
/* Don't forget to output the total number of bytes read. */
|
|
1182
|
-
*unprotected_bytes_size += output_bytes_offset;
|
|
1183
|
-
}
|
|
1184
|
-
return result;
|
|
1085
|
+
return grpc_core::SslProtectorUnprotect(
|
|
1086
|
+
protected_frames_bytes, impl->ssl, impl->network_io,
|
|
1087
|
+
protected_frames_bytes_size, unprotected_bytes, unprotected_bytes_size);
|
|
1185
1088
|
}
|
|
1186
1089
|
|
|
1187
1090
|
static void ssl_protector_destroy(tsi_frame_protector* self) {
|
|
@@ -1200,7 +1103,7 @@ static const tsi_frame_protector_vtable frame_protector_vtable = {
|
|
|
1200
1103
|
ssl_protector_destroy,
|
|
1201
1104
|
};
|
|
1202
1105
|
|
|
1203
|
-
|
|
1106
|
+
// --- tsi_server_handshaker_factory methods implementation. ---
|
|
1204
1107
|
|
|
1205
1108
|
static void tsi_ssl_handshaker_factory_destroy(
|
|
1206
1109
|
tsi_ssl_handshaker_factory* factory) {
|
|
@@ -1209,9 +1112,9 @@ static void tsi_ssl_handshaker_factory_destroy(
|
|
|
1209
1112
|
if (factory->vtable != nullptr && factory->vtable->destroy != nullptr) {
|
|
1210
1113
|
factory->vtable->destroy(factory);
|
|
1211
1114
|
}
|
|
1212
|
-
|
|
1213
|
-
|
|
1214
|
-
|
|
1115
|
+
// Note, we don't free(self) here because this object is always directly
|
|
1116
|
+
// embedded in another object. If tsi_ssl_handshaker_factory_init allocates
|
|
1117
|
+
// any memory, it should be free'd here.
|
|
1215
1118
|
}
|
|
1216
1119
|
|
|
1217
1120
|
static tsi_ssl_handshaker_factory* tsi_ssl_handshaker_factory_ref(
|
|
@@ -1232,8 +1135,8 @@ static void tsi_ssl_handshaker_factory_unref(
|
|
|
1232
1135
|
|
|
1233
1136
|
static tsi_ssl_handshaker_factory_vtable handshaker_factory_vtable = {nullptr};
|
|
1234
1137
|
|
|
1235
|
-
|
|
1236
|
-
|
|
1138
|
+
// Initializes a tsi_ssl_handshaker_factory object. Caller is responsible for
|
|
1139
|
+
// allocating memory for the factory.
|
|
1237
1140
|
static void tsi_ssl_handshaker_factory_init(
|
|
1238
1141
|
tsi_ssl_handshaker_factory* factory) {
|
|
1239
1142
|
GPR_ASSERT(factory != nullptr);
|
|
@@ -1242,7 +1145,7 @@ static void tsi_ssl_handshaker_factory_init(
|
|
|
1242
1145
|
gpr_ref_init(&factory->refcount, 1);
|
|
1243
1146
|
}
|
|
1244
1147
|
|
|
1245
|
-
|
|
1148
|
+
// Gets the X509 cert chain in PEM format as a tsi_peer_property.
|
|
1246
1149
|
tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
|
|
1247
1150
|
tsi_peer_property* property) {
|
|
1248
1151
|
BIO* bio = BIO_new(BIO_s_mem());
|
|
@@ -1266,7 +1169,7 @@ tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
|
|
|
1266
1169
|
return result;
|
|
1267
1170
|
}
|
|
1268
1171
|
|
|
1269
|
-
|
|
1172
|
+
// --- tsi_handshaker_result methods implementation. ---
|
|
1270
1173
|
static tsi_result ssl_handshaker_result_extract_peer(
|
|
1271
1174
|
const tsi_handshaker_result* self, tsi_peer* peer) {
|
|
1272
1175
|
tsi_result result = TSI_OK;
|
|
@@ -1282,9 +1185,9 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
|
1282
1185
|
}
|
|
1283
1186
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
1284
1187
|
SSL_get0_alpn_selected(impl->ssl, &alpn_selected, &alpn_selected_len);
|
|
1285
|
-
#endif
|
|
1188
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
1286
1189
|
if (alpn_selected == nullptr) {
|
|
1287
|
-
|
|
1190
|
+
// Try npn.
|
|
1288
1191
|
SSL_get0_next_proto_negotiated(impl->ssl, &alpn_selected,
|
|
1289
1192
|
&alpn_selected_len);
|
|
1290
1193
|
}
|
|
@@ -1292,10 +1195,14 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
|
1292
1195
|
// peer's certificate; When called on the server side,
|
|
1293
1196
|
// the peer's certificate is not present in the stack
|
|
1294
1197
|
STACK_OF(X509)* peer_chain = SSL_get_peer_cert_chain(impl->ssl);
|
|
1198
|
+
|
|
1199
|
+
X509* verified_root_cert = static_cast<X509*>(
|
|
1200
|
+
SSL_get_ex_data(impl->ssl, g_ssl_ex_verified_root_cert_index));
|
|
1295
1201
|
// 1 is for session reused property.
|
|
1296
1202
|
size_t new_property_count = peer->property_count + 3;
|
|
1297
1203
|
if (alpn_selected != nullptr) new_property_count++;
|
|
1298
1204
|
if (peer_chain != nullptr) new_property_count++;
|
|
1205
|
+
if (verified_root_cert != nullptr) new_property_count++;
|
|
1299
1206
|
tsi_peer_property* new_properties = static_cast<tsi_peer_property*>(
|
|
1300
1207
|
gpr_zalloc(sizeof(*new_properties) * new_property_count));
|
|
1301
1208
|
for (size_t i = 0; i < peer->property_count; i++) {
|
|
@@ -1331,6 +1238,18 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
|
1331
1238
|
&peer->properties[peer->property_count]);
|
|
1332
1239
|
if (result != TSI_OK) return result;
|
|
1333
1240
|
peer->property_count++;
|
|
1241
|
+
|
|
1242
|
+
if (verified_root_cert != nullptr) {
|
|
1243
|
+
result = peer_property_from_x509_subject(
|
|
1244
|
+
verified_root_cert, &peer->properties[peer->property_count], true);
|
|
1245
|
+
if (result != TSI_OK) {
|
|
1246
|
+
gpr_log(GPR_DEBUG,
|
|
1247
|
+
"Problem extracting subject from verified_root_cert. result: %d",
|
|
1248
|
+
static_cast<int>(result));
|
|
1249
|
+
}
|
|
1250
|
+
peer->property_count++;
|
|
1251
|
+
}
|
|
1252
|
+
|
|
1334
1253
|
return result;
|
|
1335
1254
|
}
|
|
1336
1255
|
|
|
@@ -1376,7 +1295,7 @@ static tsi_result ssl_handshaker_result_create_frame_protector(
|
|
|
1376
1295
|
return TSI_INTERNAL_ERROR;
|
|
1377
1296
|
}
|
|
1378
1297
|
|
|
1379
|
-
|
|
1298
|
+
// Transfer ownership of ssl and network_io to the frame protector.
|
|
1380
1299
|
protector_impl->ssl = impl->ssl;
|
|
1381
1300
|
impl->ssl = nullptr;
|
|
1382
1301
|
protector_impl->network_io = impl->network_io;
|
|
@@ -1408,7 +1327,7 @@ static void ssl_handshaker_result_destroy(tsi_handshaker_result* self) {
|
|
|
1408
1327
|
static const tsi_handshaker_result_vtable handshaker_result_vtable = {
|
|
1409
1328
|
ssl_handshaker_result_extract_peer,
|
|
1410
1329
|
ssl_handshaker_result_get_frame_protector_type,
|
|
1411
|
-
nullptr,
|
|
1330
|
+
nullptr, // create_zero_copy_grpc_protector
|
|
1412
1331
|
ssl_handshaker_result_create_frame_protector,
|
|
1413
1332
|
ssl_handshaker_result_get_unused_bytes,
|
|
1414
1333
|
ssl_handshaker_result_destroy,
|
|
@@ -1416,32 +1335,36 @@ static const tsi_handshaker_result_vtable handshaker_result_vtable = {
|
|
|
1416
1335
|
|
|
1417
1336
|
static tsi_result ssl_handshaker_result_create(
|
|
1418
1337
|
tsi_ssl_handshaker* handshaker, unsigned char* unused_bytes,
|
|
1419
|
-
size_t unused_bytes_size, tsi_handshaker_result** handshaker_result
|
|
1338
|
+
size_t unused_bytes_size, tsi_handshaker_result** handshaker_result,
|
|
1339
|
+
std::string* error) {
|
|
1420
1340
|
if (handshaker == nullptr || handshaker_result == nullptr ||
|
|
1421
1341
|
(unused_bytes_size > 0 && unused_bytes == nullptr)) {
|
|
1342
|
+
if (error != nullptr) *error = "invalid argument";
|
|
1422
1343
|
return TSI_INVALID_ARGUMENT;
|
|
1423
1344
|
}
|
|
1424
1345
|
tsi_ssl_handshaker_result* result =
|
|
1425
1346
|
grpc_core::Zalloc<tsi_ssl_handshaker_result>();
|
|
1426
1347
|
result->base.vtable = &handshaker_result_vtable;
|
|
1427
|
-
|
|
1348
|
+
// Transfer ownership of ssl and network_io to the handshaker result.
|
|
1428
1349
|
result->ssl = handshaker->ssl;
|
|
1429
1350
|
handshaker->ssl = nullptr;
|
|
1430
1351
|
result->network_io = handshaker->network_io;
|
|
1431
1352
|
handshaker->network_io = nullptr;
|
|
1432
|
-
|
|
1353
|
+
// Transfer ownership of |unused_bytes| to the handshaker result.
|
|
1433
1354
|
result->unused_bytes = unused_bytes;
|
|
1434
1355
|
result->unused_bytes_size = unused_bytes_size;
|
|
1435
1356
|
*handshaker_result = &result->base;
|
|
1436
1357
|
return TSI_OK;
|
|
1437
1358
|
}
|
|
1438
1359
|
|
|
1439
|
-
|
|
1360
|
+
// --- tsi_handshaker methods implementation. ---
|
|
1440
1361
|
|
|
1441
1362
|
static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(
|
|
1442
|
-
tsi_ssl_handshaker* impl, unsigned char* bytes, size_t* bytes_size
|
|
1363
|
+
tsi_ssl_handshaker* impl, unsigned char* bytes, size_t* bytes_size,
|
|
1364
|
+
std::string* error) {
|
|
1443
1365
|
int bytes_read_from_ssl = 0;
|
|
1444
1366
|
if (bytes == nullptr || bytes_size == nullptr || *bytes_size > INT_MAX) {
|
|
1367
|
+
if (error != nullptr) *error = "invalid argument";
|
|
1445
1368
|
return TSI_INVALID_ARGUMENT;
|
|
1446
1369
|
}
|
|
1447
1370
|
GPR_ASSERT(*bytes_size <= INT_MAX);
|
|
@@ -1450,6 +1373,7 @@ static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(
|
|
|
1450
1373
|
if (bytes_read_from_ssl < 0) {
|
|
1451
1374
|
*bytes_size = 0;
|
|
1452
1375
|
if (!BIO_should_retry(impl->network_io)) {
|
|
1376
|
+
if (error != nullptr) *error = "error reading from BIO";
|
|
1453
1377
|
impl->result = TSI_INTERNAL_ERROR;
|
|
1454
1378
|
return impl->result;
|
|
1455
1379
|
} else {
|
|
@@ -1468,19 +1392,20 @@ static tsi_result ssl_handshaker_get_result(tsi_ssl_handshaker* impl) {
|
|
|
1468
1392
|
return impl->result;
|
|
1469
1393
|
}
|
|
1470
1394
|
|
|
1471
|
-
static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl
|
|
1395
|
+
static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl,
|
|
1396
|
+
std::string* error) {
|
|
1472
1397
|
if (ssl_handshaker_get_result(impl) != TSI_HANDSHAKE_IN_PROGRESS) {
|
|
1473
1398
|
impl->result = TSI_OK;
|
|
1474
1399
|
return impl->result;
|
|
1475
1400
|
} else {
|
|
1476
1401
|
ERR_clear_error();
|
|
1477
|
-
|
|
1402
|
+
// Get ready to get some bytes from SSL.
|
|
1478
1403
|
int ssl_result = SSL_do_handshake(impl->ssl);
|
|
1479
1404
|
ssl_result = SSL_get_error(impl->ssl, ssl_result);
|
|
1480
1405
|
switch (ssl_result) {
|
|
1481
1406
|
case SSL_ERROR_WANT_READ:
|
|
1482
1407
|
if (BIO_pending(impl->network_io) == 0) {
|
|
1483
|
-
|
|
1408
|
+
// We need more data.
|
|
1484
1409
|
return TSI_INCOMPLETE_DATA;
|
|
1485
1410
|
} else {
|
|
1486
1411
|
return TSI_OK;
|
|
@@ -1493,7 +1418,11 @@ static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl) {
|
|
|
1493
1418
|
char err_str[256];
|
|
1494
1419
|
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
|
1495
1420
|
gpr_log(GPR_ERROR, "Handshake failed with fatal error %s: %s.",
|
|
1496
|
-
|
|
1421
|
+
grpc_core::SslErrorString(ssl_result), err_str);
|
|
1422
|
+
if (error != nullptr) {
|
|
1423
|
+
*error = absl::StrCat(grpc_core::SslErrorString(ssl_result), ": ",
|
|
1424
|
+
err_str);
|
|
1425
|
+
}
|
|
1497
1426
|
impl->result = TSI_PROTOCOL_FAILURE;
|
|
1498
1427
|
return impl->result;
|
|
1499
1428
|
}
|
|
@@ -1502,9 +1431,11 @@ static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl) {
|
|
|
1502
1431
|
}
|
|
1503
1432
|
|
|
1504
1433
|
static tsi_result ssl_handshaker_process_bytes_from_peer(
|
|
1505
|
-
tsi_ssl_handshaker* impl, const unsigned char* bytes, size_t* bytes_size
|
|
1434
|
+
tsi_ssl_handshaker* impl, const unsigned char* bytes, size_t* bytes_size,
|
|
1435
|
+
std::string* error) {
|
|
1506
1436
|
int bytes_written_into_ssl_size = 0;
|
|
1507
1437
|
if (bytes == nullptr || bytes_size == nullptr || *bytes_size > INT_MAX) {
|
|
1438
|
+
if (error != nullptr) *error = "invalid argument";
|
|
1508
1439
|
return TSI_INVALID_ARGUMENT;
|
|
1509
1440
|
}
|
|
1510
1441
|
GPR_ASSERT(*bytes_size <= INT_MAX);
|
|
@@ -1512,11 +1443,12 @@ static tsi_result ssl_handshaker_process_bytes_from_peer(
|
|
|
1512
1443
|
BIO_write(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
|
1513
1444
|
if (bytes_written_into_ssl_size < 0) {
|
|
1514
1445
|
gpr_log(GPR_ERROR, "Could not write to memory BIO.");
|
|
1446
|
+
if (error != nullptr) *error = "could not write to memory BIO";
|
|
1515
1447
|
impl->result = TSI_INTERNAL_ERROR;
|
|
1516
1448
|
return impl->result;
|
|
1517
1449
|
}
|
|
1518
1450
|
*bytes_size = static_cast<size_t>(bytes_written_into_ssl_size);
|
|
1519
|
-
return ssl_handshaker_do_handshake(impl);
|
|
1451
|
+
return ssl_handshaker_do_handshake(impl, error);
|
|
1520
1452
|
}
|
|
1521
1453
|
|
|
1522
1454
|
static void ssl_handshaker_destroy(tsi_handshaker* self) {
|
|
@@ -1532,9 +1464,11 @@ static void ssl_handshaker_destroy(tsi_handshaker* self) {
|
|
|
1532
1464
|
// |bytes_remaining|.
|
|
1533
1465
|
static tsi_result ssl_bytes_remaining(tsi_ssl_handshaker* impl,
|
|
1534
1466
|
unsigned char** bytes_remaining,
|
|
1535
|
-
size_t* bytes_remaining_size
|
|
1467
|
+
size_t* bytes_remaining_size,
|
|
1468
|
+
std::string* error) {
|
|
1536
1469
|
if (impl == nullptr || bytes_remaining == nullptr ||
|
|
1537
1470
|
bytes_remaining_size == nullptr) {
|
|
1471
|
+
if (error != nullptr) *error = "invalid argument";
|
|
1538
1472
|
return TSI_INVALID_ARGUMENT;
|
|
1539
1473
|
}
|
|
1540
1474
|
// Atempt to read all of the bytes in SSL's read BIO. These bytes should
|
|
@@ -1552,6 +1486,9 @@ static tsi_result ssl_bytes_remaining(tsi_ssl_handshaker* impl,
|
|
|
1552
1486
|
"Failed to read the expected number of bytes from SSL object.");
|
|
1553
1487
|
gpr_free(*bytes_remaining);
|
|
1554
1488
|
*bytes_remaining = nullptr;
|
|
1489
|
+
if (error != nullptr) {
|
|
1490
|
+
*error = "Failed to read the expected number of bytes from SSL object.";
|
|
1491
|
+
}
|
|
1555
1492
|
return TSI_INTERNAL_ERROR;
|
|
1556
1493
|
}
|
|
1557
1494
|
*bytes_remaining_size = static_cast<size_t>(bytes_read);
|
|
@@ -1563,14 +1500,15 @@ static tsi_result ssl_bytes_remaining(tsi_ssl_handshaker* impl,
|
|
|
1563
1500
|
// This API needs to be repeatedly called until all handshake data are
|
|
1564
1501
|
// received from SSL.
|
|
1565
1502
|
static tsi_result ssl_handshaker_write_output_buffer(tsi_handshaker* self,
|
|
1566
|
-
size_t* bytes_written
|
|
1503
|
+
size_t* bytes_written,
|
|
1504
|
+
std::string* error) {
|
|
1567
1505
|
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
|
1568
1506
|
tsi_result status = TSI_OK;
|
|
1569
|
-
|
|
1507
|
+
size_t offset = *bytes_written;
|
|
1570
1508
|
do {
|
|
1571
1509
|
size_t to_send_size = impl->outgoing_bytes_buffer_size - offset;
|
|
1572
1510
|
status = ssl_handshaker_get_bytes_to_send_to_peer(
|
|
1573
|
-
impl, impl->outgoing_bytes_buffer + offset, &to_send_size);
|
|
1511
|
+
impl, impl->outgoing_bytes_buffer + offset, &to_send_size, error);
|
|
1574
1512
|
offset += to_send_size;
|
|
1575
1513
|
if (status == TSI_INCOMPLETE_DATA) {
|
|
1576
1514
|
impl->outgoing_bytes_buffer_size *= 2;
|
|
@@ -1582,38 +1520,42 @@ static tsi_result ssl_handshaker_write_output_buffer(tsi_handshaker* self,
|
|
|
1582
1520
|
return status;
|
|
1583
1521
|
}
|
|
1584
1522
|
|
|
1585
|
-
static tsi_result ssl_handshaker_next(
|
|
1586
|
-
|
|
1587
|
-
|
|
1588
|
-
|
|
1589
|
-
|
|
1590
|
-
|
|
1523
|
+
static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1524
|
+
const unsigned char* received_bytes,
|
|
1525
|
+
size_t received_bytes_size,
|
|
1526
|
+
const unsigned char** bytes_to_send,
|
|
1527
|
+
size_t* bytes_to_send_size,
|
|
1528
|
+
tsi_handshaker_result** handshaker_result,
|
|
1529
|
+
tsi_handshaker_on_next_done_cb /*cb*/,
|
|
1530
|
+
void* /*user_data*/, std::string* error) {
|
|
1531
|
+
// Input sanity check.
|
|
1591
1532
|
if ((received_bytes_size > 0 && received_bytes == nullptr) ||
|
|
1592
1533
|
bytes_to_send == nullptr || bytes_to_send_size == nullptr ||
|
|
1593
1534
|
handshaker_result == nullptr) {
|
|
1535
|
+
if (error != nullptr) *error = "invalid argument";
|
|
1594
1536
|
return TSI_INVALID_ARGUMENT;
|
|
1595
1537
|
}
|
|
1596
|
-
|
|
1538
|
+
// If there are received bytes, process them first.
|
|
1597
1539
|
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
|
1598
1540
|
tsi_result status = TSI_OK;
|
|
1599
1541
|
size_t bytes_consumed = received_bytes_size;
|
|
1600
1542
|
size_t bytes_written = 0;
|
|
1601
1543
|
if (received_bytes_size > 0) {
|
|
1602
1544
|
status = ssl_handshaker_process_bytes_from_peer(impl, received_bytes,
|
|
1603
|
-
&bytes_consumed);
|
|
1545
|
+
&bytes_consumed, error);
|
|
1604
1546
|
while (status == TSI_DRAIN_BUFFER) {
|
|
1605
|
-
status = ssl_handshaker_write_output_buffer(self, &bytes_written);
|
|
1547
|
+
status = ssl_handshaker_write_output_buffer(self, &bytes_written, error);
|
|
1606
1548
|
if (status != TSI_OK) return status;
|
|
1607
|
-
status = ssl_handshaker_do_handshake(impl);
|
|
1549
|
+
status = ssl_handshaker_do_handshake(impl, error);
|
|
1608
1550
|
}
|
|
1609
1551
|
}
|
|
1610
1552
|
if (status != TSI_OK) return status;
|
|
1611
|
-
|
|
1612
|
-
status = ssl_handshaker_write_output_buffer(self, &bytes_written);
|
|
1553
|
+
// Get bytes to send to the peer, if available.
|
|
1554
|
+
status = ssl_handshaker_write_output_buffer(self, &bytes_written, error);
|
|
1613
1555
|
if (status != TSI_OK) return status;
|
|
1614
1556
|
*bytes_to_send = impl->outgoing_bytes_buffer;
|
|
1615
1557
|
*bytes_to_send_size = bytes_written;
|
|
1616
|
-
|
|
1558
|
+
// If handshake completes, create tsi_handshaker_result.
|
|
1617
1559
|
if (ssl_handshaker_get_result(impl) == TSI_HANDSHAKE_IN_PROGRESS) {
|
|
1618
1560
|
*handshaker_result = nullptr;
|
|
1619
1561
|
} else {
|
|
@@ -1623,18 +1565,20 @@ static tsi_result ssl_handshaker_next(
|
|
|
1623
1565
|
// peer that must be processed.
|
|
1624
1566
|
unsigned char* unused_bytes = nullptr;
|
|
1625
1567
|
size_t unused_bytes_size = 0;
|
|
1626
|
-
status =
|
|
1568
|
+
status =
|
|
1569
|
+
ssl_bytes_remaining(impl, &unused_bytes, &unused_bytes_size, error);
|
|
1627
1570
|
if (status != TSI_OK) return status;
|
|
1628
1571
|
if (unused_bytes_size > received_bytes_size) {
|
|
1629
1572
|
gpr_log(GPR_ERROR, "More unused bytes than received bytes.");
|
|
1630
1573
|
gpr_free(unused_bytes);
|
|
1574
|
+
if (error != nullptr) *error = "More unused bytes than received bytes.";
|
|
1631
1575
|
return TSI_INTERNAL_ERROR;
|
|
1632
1576
|
}
|
|
1633
1577
|
status = ssl_handshaker_result_create(impl, unused_bytes, unused_bytes_size,
|
|
1634
|
-
handshaker_result);
|
|
1578
|
+
handshaker_result, error);
|
|
1635
1579
|
if (status == TSI_OK) {
|
|
1636
|
-
|
|
1637
|
-
|
|
1580
|
+
// Indicates that the handshake has completed and that a handshaker_result
|
|
1581
|
+
// has been created.
|
|
1638
1582
|
self->handshaker_result_created = true;
|
|
1639
1583
|
}
|
|
1640
1584
|
}
|
|
@@ -1642,17 +1586,17 @@ static tsi_result ssl_handshaker_next(
|
|
|
1642
1586
|
}
|
|
1643
1587
|
|
|
1644
1588
|
static const tsi_handshaker_vtable handshaker_vtable = {
|
|
1645
|
-
nullptr,
|
|
1646
|
-
nullptr,
|
|
1647
|
-
nullptr,
|
|
1648
|
-
nullptr,
|
|
1649
|
-
nullptr,
|
|
1589
|
+
nullptr, // get_bytes_to_send_to_peer -- deprecated
|
|
1590
|
+
nullptr, // process_bytes_from_peer -- deprecated
|
|
1591
|
+
nullptr, // get_result -- deprecated
|
|
1592
|
+
nullptr, // extract_peer -- deprecated
|
|
1593
|
+
nullptr, // create_frame_protector -- deprecated
|
|
1650
1594
|
ssl_handshaker_destroy,
|
|
1651
1595
|
ssl_handshaker_next,
|
|
1652
|
-
nullptr,
|
|
1596
|
+
nullptr, // shutdown
|
|
1653
1597
|
};
|
|
1654
1598
|
|
|
1655
|
-
|
|
1599
|
+
// --- tsi_ssl_handshaker_factory common methods. ---
|
|
1656
1600
|
|
|
1657
1601
|
static void tsi_ssl_handshaker_resume_session(
|
|
1658
1602
|
SSL* ssl, tsi::SslSessionLRUCache* session_cache) {
|
|
@@ -1718,7 +1662,7 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
|
1718
1662
|
if (ssl_result != SSL_ERROR_WANT_READ) {
|
|
1719
1663
|
gpr_log(GPR_ERROR,
|
|
1720
1664
|
"Unexpected error received from first SSL_do_handshake call: %s",
|
|
1721
|
-
|
|
1665
|
+
grpc_core::SslErrorString(ssl_result));
|
|
1722
1666
|
SSL_free(ssl);
|
|
1723
1667
|
BIO_free(network_io);
|
|
1724
1668
|
return TSI_INTERNAL_ERROR;
|
|
@@ -1769,7 +1713,7 @@ static int select_protocol_list(const unsigned char** out,
|
|
|
1769
1713
|
return SSL_TLSEXT_ERR_NOACK;
|
|
1770
1714
|
}
|
|
1771
1715
|
|
|
1772
|
-
|
|
1716
|
+
// --- tsi_ssl_client_handshaker_factory methods implementation. ---
|
|
1773
1717
|
|
|
1774
1718
|
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker(
|
|
1775
1719
|
tsi_ssl_client_handshaker_factory* factory,
|
|
@@ -1808,14 +1752,14 @@ static int client_handshaker_factory_npn_callback(
|
|
|
1808
1752
|
factory->alpn_protocol_list_length, in, inlen);
|
|
1809
1753
|
}
|
|
1810
1754
|
|
|
1811
|
-
|
|
1755
|
+
// --- tsi_ssl_server_handshaker_factory methods implementation. ---
|
|
1812
1756
|
|
|
1813
1757
|
tsi_result tsi_ssl_server_handshaker_factory_create_handshaker(
|
|
1814
1758
|
tsi_ssl_server_handshaker_factory* factory, size_t network_bio_buf_size,
|
|
1815
1759
|
size_t ssl_bio_buf_size, tsi_handshaker** handshaker) {
|
|
1816
1760
|
if (factory->ssl_context_count == 0) return TSI_INVALID_ARGUMENT;
|
|
1817
|
-
|
|
1818
|
-
|
|
1761
|
+
// Create the handshaker with the first context. We will switch if needed
|
|
1762
|
+
// because of SNI in ssl_server_handshaker_factory_servername_callback.
|
|
1819
1763
|
return create_tsi_ssl_handshaker(factory->ssl_contexts[0], 0, nullptr,
|
|
1820
1764
|
network_bio_buf_size, ssl_bio_buf_size,
|
|
1821
1765
|
&factory->base, handshaker);
|
|
@@ -1852,7 +1796,7 @@ static int does_entry_match_name(absl::string_view entry,
|
|
|
1852
1796
|
absl::string_view name) {
|
|
1853
1797
|
if (entry.empty()) return 0;
|
|
1854
1798
|
|
|
1855
|
-
|
|
1799
|
+
// Take care of '.' terminations.
|
|
1856
1800
|
if (name.back() == '.') {
|
|
1857
1801
|
name.remove_suffix(1);
|
|
1858
1802
|
}
|
|
@@ -1862,12 +1806,12 @@ static int does_entry_match_name(absl::string_view entry,
|
|
|
1862
1806
|
}
|
|
1863
1807
|
|
|
1864
1808
|
if (absl::EqualsIgnoreCase(name, entry)) {
|
|
1865
|
-
return 1;
|
|
1809
|
+
return 1; // Perfect match.
|
|
1866
1810
|
}
|
|
1867
1811
|
if (entry.front() != '*') return 0;
|
|
1868
1812
|
|
|
1869
|
-
|
|
1870
|
-
if (entry.size() < 3 || entry[1] != '.') {
|
|
1813
|
+
// Wildchar subdomain matching.
|
|
1814
|
+
if (entry.size() < 3 || entry[1] != '.') { // At least *.x
|
|
1871
1815
|
gpr_log(GPR_ERROR, "Invalid wildchar entry.");
|
|
1872
1816
|
return 0;
|
|
1873
1817
|
}
|
|
@@ -1875,8 +1819,8 @@ static int does_entry_match_name(absl::string_view entry,
|
|
|
1875
1819
|
if (name_subdomain_pos == absl::string_view::npos) return 0;
|
|
1876
1820
|
if (name_subdomain_pos >= name.size() - 2) return 0;
|
|
1877
1821
|
absl::string_view name_subdomain =
|
|
1878
|
-
name.substr(name_subdomain_pos + 1);
|
|
1879
|
-
entry.remove_prefix(2);
|
|
1822
|
+
name.substr(name_subdomain_pos + 1); // Starts after the dot.
|
|
1823
|
+
entry.remove_prefix(2); // Remove *.
|
|
1880
1824
|
size_t dot = name_subdomain.find('.');
|
|
1881
1825
|
if (dot == absl::string_view::npos || dot == name_subdomain.size() - 1) {
|
|
1882
1826
|
gpr_log(GPR_ERROR, "Invalid toplevel subdomain: %s",
|
|
@@ -1921,7 +1865,7 @@ static int server_handshaker_factory_alpn_callback(
|
|
|
1921
1865
|
factory->alpn_protocol_list,
|
|
1922
1866
|
factory->alpn_protocol_list_length);
|
|
1923
1867
|
}
|
|
1924
|
-
#endif
|
|
1868
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
1925
1869
|
|
|
1926
1870
|
static int server_handshaker_factory_npn_advertised_callback(
|
|
1927
1871
|
SSL* /*ssl*/, const unsigned char** out, unsigned int* outlen, void* arg) {
|
|
@@ -1968,23 +1912,7 @@ static void ssl_keylogging_callback(const SSL* ssl, const char* info) {
|
|
|
1968
1912
|
factory->key_logger->LogSessionKeys(ssl_context, info);
|
|
1969
1913
|
}
|
|
1970
1914
|
|
|
1971
|
-
//
|
|
1972
|
-
// errors in verification depending on certain error types.
|
|
1973
|
-
static int verify_cb(int ok, X509_STORE_CTX* ctx) {
|
|
1974
|
-
int cert_error = X509_STORE_CTX_get_error(ctx);
|
|
1975
|
-
if (cert_error == X509_V_ERR_UNABLE_TO_GET_CRL) {
|
|
1976
|
-
gpr_log(
|
|
1977
|
-
GPR_INFO,
|
|
1978
|
-
"Certificate verification failed to get CRL files. Ignoring error.");
|
|
1979
|
-
return 1;
|
|
1980
|
-
}
|
|
1981
|
-
if (cert_error != 0) {
|
|
1982
|
-
gpr_log(GPR_ERROR, "Certificate verify failed with code %d", cert_error);
|
|
1983
|
-
}
|
|
1984
|
-
return ok;
|
|
1985
|
-
}
|
|
1986
|
-
|
|
1987
|
-
/* --- tsi_ssl_handshaker_factory constructors. --- */
|
|
1915
|
+
// --- tsi_ssl_handshaker_factory constructors. ---
|
|
1988
1916
|
|
|
1989
1917
|
static tsi_ssl_handshaker_factory_vtable client_handshaker_factory_vtable = {
|
|
1990
1918
|
tsi_ssl_client_handshaker_factory_destroy};
|
|
@@ -2025,7 +1953,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
2025
1953
|
ssl_context = SSL_CTX_new(TLSv1_2_method());
|
|
2026
1954
|
#endif
|
|
2027
1955
|
if (ssl_context == nullptr) {
|
|
2028
|
-
|
|
1956
|
+
grpc_core::LogSslErrorStack();
|
|
2029
1957
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
|
2030
1958
|
return TSI_INVALID_ARGUMENT;
|
|
2031
1959
|
}
|
|
@@ -2105,7 +2033,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
2105
2033
|
result = TSI_INVALID_ARGUMENT;
|
|
2106
2034
|
break;
|
|
2107
2035
|
}
|
|
2108
|
-
#endif
|
|
2036
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
2109
2037
|
SSL_CTX_set_next_proto_select_cb(
|
|
2110
2038
|
ssl_context, client_handshaker_factory_npn_callback, impl);
|
|
2111
2039
|
}
|
|
@@ -2117,7 +2045,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
2117
2045
|
if (options->skip_server_certificate_verification) {
|
|
2118
2046
|
SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, NullVerifyCallback);
|
|
2119
2047
|
} else {
|
|
2120
|
-
SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER,
|
|
2048
|
+
SSL_CTX_set_verify(ssl_context, SSL_VERIFY_PEER, RootCertExtractCallback);
|
|
2121
2049
|
}
|
|
2122
2050
|
|
|
2123
2051
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
|
@@ -2230,7 +2158,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2230
2158
|
impl->ssl_contexts[i] = SSL_CTX_new(TLSv1_2_method());
|
|
2231
2159
|
#endif
|
|
2232
2160
|
if (impl->ssl_contexts[i] == nullptr) {
|
|
2233
|
-
|
|
2161
|
+
grpc_core::LogSslErrorStack();
|
|
2234
2162
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
|
2235
2163
|
result = TSI_OUT_OF_RESOURCES;
|
|
2236
2164
|
break;
|
|
@@ -2289,7 +2217,8 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2289
2217
|
NullVerifyCallback);
|
|
2290
2218
|
break;
|
|
2291
2219
|
case TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
|
|
2292
|
-
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER,
|
|
2220
|
+
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER,
|
|
2221
|
+
RootCertExtractCallback);
|
|
2293
2222
|
break;
|
|
2294
2223
|
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
|
2295
2224
|
SSL_CTX_set_verify(impl->ssl_contexts[i],
|
|
@@ -2299,7 +2228,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2299
2228
|
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY:
|
|
2300
2229
|
SSL_CTX_set_verify(impl->ssl_contexts[i],
|
|
2301
2230
|
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
|
|
2302
|
-
|
|
2231
|
+
RootCertExtractCallback);
|
|
2303
2232
|
break;
|
|
2304
2233
|
}
|
|
2305
2234
|
|
|
@@ -2333,13 +2262,13 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2333
2262
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
2334
2263
|
SSL_CTX_set_alpn_select_cb(impl->ssl_contexts[i],
|
|
2335
2264
|
server_handshaker_factory_alpn_callback, impl);
|
|
2336
|
-
#endif
|
|
2265
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
2337
2266
|
SSL_CTX_set_next_protos_advertised_cb(
|
|
2338
2267
|
impl->ssl_contexts[i],
|
|
2339
2268
|
server_handshaker_factory_npn_advertised_callback, impl);
|
|
2340
2269
|
|
|
2341
2270
|
#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(LIBRESSL_VERSION_NUMBER)
|
|
2342
|
-
|
|
2271
|
+
// Register factory at index
|
|
2343
2272
|
if (options->key_logger != nullptr) {
|
|
2344
2273
|
// Need to set factory at g_ssl_ctx_ex_factory_index
|
|
2345
2274
|
SSL_CTX_set_ex_data(impl->ssl_contexts[i], g_ssl_ctx_ex_factory_index,
|
|
@@ -2363,7 +2292,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2363
2292
|
return TSI_OK;
|
|
2364
2293
|
}
|
|
2365
2294
|
|
|
2366
|
-
|
|
2295
|
+
// --- tsi_ssl utils. ---
|
|
2367
2296
|
|
|
2368
2297
|
int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2369
2298
|
size_t i = 0;
|
|
@@ -2371,7 +2300,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
|
2371
2300
|
const tsi_peer_property* cn_property = nullptr;
|
|
2372
2301
|
int like_ip = looks_like_ip_address(name);
|
|
2373
2302
|
|
|
2374
|
-
|
|
2303
|
+
// Check the SAN first.
|
|
2375
2304
|
for (i = 0; i < peer->property_count; i++) {
|
|
2376
2305
|
const tsi_peer_property* property = &peer->properties[i];
|
|
2377
2306
|
if (property->name == nullptr) continue;
|
|
@@ -2383,7 +2312,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
|
2383
2312
|
if (!like_ip && does_entry_match_name(entry, name)) {
|
|
2384
2313
|
return 1;
|
|
2385
2314
|
} else if (like_ip && name == entry) {
|
|
2386
|
-
|
|
2315
|
+
// IP Addresses are exact matches only.
|
|
2387
2316
|
return 1;
|
|
2388
2317
|
}
|
|
2389
2318
|
} else if (strcmp(property->name,
|
|
@@ -2392,7 +2321,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
|
2392
2321
|
}
|
|
2393
2322
|
}
|
|
2394
2323
|
|
|
2395
|
-
|
|
2324
|
+
// If there's no SAN, try the CN, but only if its not like an IP Address
|
|
2396
2325
|
if (san_count == 0 && cn_property != nullptr && !like_ip) {
|
|
2397
2326
|
if (does_entry_match_name(absl::string_view(cn_property->value.data,
|
|
2398
2327
|
cn_property->value.length),
|
|
@@ -2401,10 +2330,10 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
|
2401
2330
|
}
|
|
2402
2331
|
}
|
|
2403
2332
|
|
|
2404
|
-
return 0;
|
|
2333
|
+
return 0; // Not found.
|
|
2405
2334
|
}
|
|
2406
2335
|
|
|
2407
|
-
|
|
2336
|
+
// --- Testing support. ---
|
|
2408
2337
|
const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable(
|
|
2409
2338
|
tsi_ssl_handshaker_factory* factory,
|
|
2410
2339
|
tsi_ssl_handshaker_factory_vtable* new_vtable) {
|