grpc 1.50.0.pre1 → 1.51.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (459) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +131 -42
  3. data/include/grpc/event_engine/event_engine.h +10 -3
  4. data/include/grpc/event_engine/slice_buffer.h +17 -0
  5. data/include/grpc/grpc.h +0 -10
  6. data/include/grpc/impl/codegen/grpc_types.h +1 -5
  7. data/include/grpc/impl/codegen/port_platform.h +0 -3
  8. data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +19 -13
  9. data/src/core/ext/filters/channel_idle/channel_idle_filter.h +1 -0
  10. data/src/core/ext/filters/client_channel/backup_poller.cc +3 -3
  11. data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -5
  12. data/src/core/ext/filters/client_channel/client_channel.cc +120 -140
  13. data/src/core/ext/filters/client_channel/client_channel.h +3 -4
  14. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +0 -2
  15. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  16. data/src/core/ext/filters/client_channel/client_channel_service_config.cc +153 -0
  17. data/src/core/ext/filters/client_channel/{resolver_result_parsing.h → client_channel_service_config.h} +26 -23
  18. data/src/core/ext/filters/client_channel/connector.h +1 -1
  19. data/src/core/ext/filters/client_channel/dynamic_filters.cc +20 -47
  20. data/src/core/ext/filters/client_channel/dynamic_filters.h +7 -8
  21. data/src/core/ext/filters/client_channel/health/health_check_client.cc +3 -4
  22. data/src/core/ext/filters/client_channel/http_proxy.cc +0 -1
  23. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +3 -4
  24. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +5 -0
  25. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +8 -7
  26. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +35 -44
  27. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -1
  28. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +1 -3
  29. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +3 -4
  30. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +1 -1
  31. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +41 -29
  32. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -2
  33. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +9 -11
  34. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +15 -12
  35. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +8 -10
  36. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +26 -27
  37. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +7 -9
  38. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +44 -26
  39. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +17 -27
  40. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +42 -0
  41. data/src/core/ext/filters/client_channel/lb_policy/xds/{xds.h → xds_attributes.h} +15 -17
  42. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +13 -7
  43. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +48 -47
  44. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -126
  45. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +364 -0
  46. data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +9 -9
  47. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +23 -32
  48. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -2
  49. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +22 -23
  50. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +50 -52
  51. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
  52. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -4
  53. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -3
  54. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +34 -26
  55. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +3 -4
  56. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -7
  57. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +63 -46
  58. data/src/core/ext/filters/client_channel/retry_filter.cc +80 -102
  59. data/src/core/ext/filters/client_channel/retry_service_config.cc +192 -234
  60. data/src/core/ext/filters/client_channel/retry_service_config.h +20 -23
  61. data/src/core/ext/filters/client_channel/retry_throttle.cc +8 -8
  62. data/src/core/ext/filters/client_channel/retry_throttle.h +8 -7
  63. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
  64. data/src/core/ext/filters/client_channel/subchannel.cc +21 -25
  65. data/src/core/ext/filters/client_channel/subchannel.h +2 -2
  66. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +11 -12
  67. data/src/core/ext/filters/deadline/deadline_filter.cc +13 -14
  68. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +1 -1
  69. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +0 -4
  70. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +118 -0
  71. data/src/core/ext/filters/fault_injection/{service_config_parser.h → fault_injection_service_config_parser.h} +20 -12
  72. data/src/core/ext/filters/http/client/http_client_filter.cc +16 -16
  73. data/src/core/ext/filters/http/client_authority_filter.cc +1 -1
  74. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +13 -13
  75. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +34 -34
  76. data/src/core/ext/filters/http/server/http_server_filter.cc +26 -25
  77. data/src/core/ext/filters/message_size/message_size_filter.cc +86 -117
  78. data/src/core/ext/filters/message_size/message_size_filter.h +22 -15
  79. data/src/core/ext/filters/rbac/rbac_filter.cc +12 -12
  80. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +728 -530
  81. data/src/core/ext/filters/rbac/rbac_service_config_parser.h +4 -3
  82. data/src/core/ext/filters/server_config_selector/server_config_selector.h +1 -1
  83. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -7
  84. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +17 -21
  85. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +57 -72
  86. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +5 -5
  87. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -1
  88. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +212 -253
  89. data/src/core/ext/transport/chttp2/transport/flow_control.cc +42 -11
  90. data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -3
  91. data/src/core/ext/transport/chttp2/transport/frame_data.cc +16 -15
  92. data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -1
  93. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +13 -13
  94. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -3
  95. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +10 -7
  96. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +15 -17
  97. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +5 -4
  98. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +5 -6
  99. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +1 -1
  100. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -1
  101. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +31 -39
  102. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +7 -6
  103. data/src/core/ext/transport/chttp2/transport/internal.h +24 -8
  104. data/src/core/ext/transport/chttp2/transport/parsing.cc +51 -52
  105. data/src/core/ext/transport/chttp2/transport/varint.cc +2 -3
  106. data/src/core/ext/transport/chttp2/transport/varint.h +11 -8
  107. data/src/core/ext/transport/chttp2/transport/writing.cc +16 -16
  108. data/src/core/ext/transport/inproc/inproc_transport.cc +97 -115
  109. data/src/core/ext/xds/certificate_provider_store.cc +4 -4
  110. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +4 -7
  111. data/src/core/ext/xds/xds_api.cc +15 -68
  112. data/src/core/ext/xds/xds_api.h +3 -7
  113. data/src/core/ext/xds/xds_bootstrap.h +0 -1
  114. data/src/core/ext/xds/xds_bootstrap_grpc.cc +3 -12
  115. data/src/core/ext/xds/xds_bootstrap_grpc.h +16 -1
  116. data/src/core/ext/xds/xds_certificate_provider.cc +22 -25
  117. data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -1
  118. data/src/core/ext/xds/xds_client.cc +122 -90
  119. data/src/core/ext/xds/xds_client.h +7 -2
  120. data/src/core/ext/xds/xds_client_grpc.cc +5 -24
  121. data/src/core/ext/xds/xds_cluster.cc +291 -183
  122. data/src/core/ext/xds/xds_cluster.h +11 -15
  123. data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +32 -29
  124. data/src/core/ext/xds/xds_cluster_specifier_plugin.h +35 -16
  125. data/src/core/ext/xds/xds_common_types.cc +208 -141
  126. data/src/core/ext/xds/xds_common_types.h +19 -13
  127. data/src/core/ext/xds/xds_endpoint.cc +214 -129
  128. data/src/core/ext/xds/xds_endpoint.h +4 -7
  129. data/src/core/ext/xds/xds_http_fault_filter.cc +56 -43
  130. data/src/core/ext/xds/xds_http_fault_filter.h +13 -21
  131. data/src/core/ext/xds/xds_http_filters.cc +60 -73
  132. data/src/core/ext/xds/xds_http_filters.h +67 -19
  133. data/src/core/ext/xds/xds_http_rbac_filter.cc +152 -207
  134. data/src/core/ext/xds/xds_http_rbac_filter.h +12 -15
  135. data/src/core/ext/xds/xds_lb_policy_registry.cc +122 -169
  136. data/src/core/ext/xds/xds_lb_policy_registry.h +10 -11
  137. data/src/core/ext/xds/xds_listener.cc +459 -417
  138. data/src/core/ext/xds/xds_listener.h +43 -47
  139. data/src/core/ext/xds/xds_resource_type.h +3 -11
  140. data/src/core/ext/xds/xds_resource_type_impl.h +8 -13
  141. data/src/core/ext/xds/xds_route_config.cc +94 -80
  142. data/src/core/ext/xds/xds_route_config.h +10 -10
  143. data/src/core/ext/xds/xds_routing.cc +2 -1
  144. data/src/core/ext/xds/xds_routing.h +2 -0
  145. data/src/core/ext/xds/xds_server_config_fetcher.cc +109 -94
  146. data/src/core/ext/xds/xds_transport_grpc.cc +4 -5
  147. data/src/core/lib/address_utils/parse_address.cc +11 -10
  148. data/src/core/lib/channel/channel_args.h +16 -1
  149. data/src/core/lib/channel/channel_stack.cc +23 -20
  150. data/src/core/lib/channel/channel_stack.h +17 -4
  151. data/src/core/lib/channel/channel_stack_builder.cc +4 -7
  152. data/src/core/lib/channel/channel_stack_builder.h +14 -6
  153. data/src/core/lib/channel/channel_stack_builder_impl.cc +25 -7
  154. data/src/core/lib/channel/channel_stack_builder_impl.h +2 -0
  155. data/src/core/lib/channel/channel_trace.cc +4 -5
  156. data/src/core/lib/channel/channelz.cc +1 -1
  157. data/src/core/lib/channel/connected_channel.cc +695 -35
  158. data/src/core/lib/channel/connected_channel.h +0 -4
  159. data/src/core/lib/channel/promise_based_filter.cc +1004 -140
  160. data/src/core/lib/channel/promise_based_filter.h +364 -87
  161. data/src/core/lib/compression/message_compress.cc +5 -5
  162. data/src/core/lib/debug/event_log.cc +88 -0
  163. data/src/core/lib/debug/event_log.h +81 -0
  164. data/src/core/lib/debug/histogram_view.cc +69 -0
  165. data/src/core/lib/{slice/slice_refcount.cc → debug/histogram_view.h} +15 -13
  166. data/src/core/lib/debug/stats.cc +22 -119
  167. data/src/core/lib/debug/stats.h +29 -35
  168. data/src/core/lib/debug/stats_data.cc +224 -73
  169. data/src/core/lib/debug/stats_data.h +263 -122
  170. data/src/core/lib/event_engine/common_closures.h +71 -0
  171. data/src/core/lib/event_engine/default_event_engine.cc +38 -15
  172. data/src/core/lib/event_engine/default_event_engine.h +15 -3
  173. data/src/core/lib/event_engine/default_event_engine_factory.cc +2 -4
  174. data/src/core/lib/event_engine/memory_allocator.cc +1 -1
  175. data/src/core/lib/event_engine/poller.h +10 -4
  176. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +618 -0
  177. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +129 -0
  178. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +901 -0
  179. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +97 -0
  180. data/src/core/lib/event_engine/posix_engine/event_poller.h +111 -0
  181. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +74 -0
  182. data/src/core/lib/event_engine/{executor/threaded_executor.cc → posix_engine/event_poller_posix_default.h} +13 -16
  183. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +77 -0
  184. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +179 -0
  185. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +267 -0
  186. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +73 -0
  187. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +1270 -0
  188. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +682 -0
  189. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +453 -18
  190. data/src/core/lib/event_engine/posix_engine/posix_engine.h +148 -24
  191. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +80 -0
  192. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +1081 -0
  193. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +361 -0
  194. data/src/core/lib/event_engine/posix_engine/timer.h +9 -8
  195. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +57 -194
  196. data/src/core/lib/event_engine/posix_engine/timer_manager.h +21 -49
  197. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +301 -0
  198. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +179 -0
  199. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +126 -0
  200. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +45 -0
  201. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +151 -0
  202. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +45 -0
  203. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +76 -0
  204. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +67 -0
  205. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +37 -0
  206. data/src/core/lib/event_engine/slice.cc +7 -6
  207. data/src/core/lib/event_engine/slice_buffer.cc +2 -2
  208. data/src/core/lib/event_engine/thread_pool.cc +106 -25
  209. data/src/core/lib/event_engine/thread_pool.h +32 -9
  210. data/src/core/lib/event_engine/windows/win_socket.cc +7 -7
  211. data/src/core/lib/event_engine/windows/windows_engine.cc +18 -12
  212. data/src/core/lib/event_engine/windows/windows_engine.h +8 -4
  213. data/src/core/lib/experiments/config.cc +1 -1
  214. data/src/core/lib/experiments/experiments.cc +13 -2
  215. data/src/core/lib/experiments/experiments.h +8 -1
  216. data/src/core/lib/gpr/cpu_linux.cc +6 -2
  217. data/src/core/lib/gpr/log_linux.cc +3 -4
  218. data/src/core/lib/gpr/string.h +1 -1
  219. data/src/core/lib/gpr/tmpfile_posix.cc +3 -2
  220. data/src/core/lib/gprpp/load_file.cc +75 -0
  221. data/src/core/lib/gprpp/load_file.h +33 -0
  222. data/src/core/lib/gprpp/per_cpu.h +46 -0
  223. data/src/core/lib/gprpp/stat_posix.cc +5 -4
  224. data/src/core/lib/gprpp/stat_windows.cc +3 -2
  225. data/src/core/lib/gprpp/status_helper.h +1 -3
  226. data/src/core/lib/gprpp/strerror.cc +41 -0
  227. data/src/core/{ext/xds/xds_resource_type.cc → lib/gprpp/strerror.h} +9 -13
  228. data/src/core/lib/gprpp/thd_windows.cc +1 -2
  229. data/src/core/lib/gprpp/time.cc +3 -4
  230. data/src/core/lib/gprpp/time.h +13 -2
  231. data/src/core/lib/gprpp/validation_errors.h +18 -1
  232. data/src/core/lib/http/httpcli.cc +40 -44
  233. data/src/core/lib/http/httpcli.h +6 -5
  234. data/src/core/lib/http/httpcli_security_connector.cc +4 -6
  235. data/src/core/lib/http/parser.cc +54 -65
  236. data/src/core/lib/iomgr/buffer_list.cc +105 -116
  237. data/src/core/lib/iomgr/buffer_list.h +60 -44
  238. data/src/core/lib/iomgr/call_combiner.cc +11 -10
  239. data/src/core/lib/iomgr/call_combiner.h +3 -4
  240. data/src/core/lib/iomgr/cfstream_handle.cc +13 -16
  241. data/src/core/lib/iomgr/closure.h +49 -5
  242. data/src/core/lib/iomgr/combiner.cc +2 -2
  243. data/src/core/lib/iomgr/endpoint.h +1 -1
  244. data/src/core/lib/iomgr/endpoint_cfstream.cc +26 -25
  245. data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -2
  246. data/src/core/lib/iomgr/error.cc +27 -42
  247. data/src/core/lib/iomgr/error.h +22 -152
  248. data/src/core/lib/iomgr/ev_apple.cc +4 -4
  249. data/src/core/lib/iomgr/ev_epoll1_linux.cc +26 -25
  250. data/src/core/lib/iomgr/ev_poll_posix.cc +27 -31
  251. data/src/core/lib/iomgr/exec_ctx.cc +3 -4
  252. data/src/core/lib/iomgr/exec_ctx.h +2 -3
  253. data/src/core/lib/iomgr/executor.cc +1 -2
  254. data/src/core/lib/iomgr/internal_errqueue.cc +3 -1
  255. data/src/core/lib/iomgr/iocp_windows.cc +1 -0
  256. data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
  257. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +2 -1
  258. data/src/core/lib/iomgr/iomgr_windows.cc +2 -1
  259. data/src/core/lib/iomgr/load_file.cc +5 -9
  260. data/src/core/lib/iomgr/lockfree_event.cc +10 -10
  261. data/src/core/lib/iomgr/pollset_windows.cc +4 -4
  262. data/src/core/lib/iomgr/python_util.h +2 -2
  263. data/src/core/lib/iomgr/resolve_address.cc +8 -3
  264. data/src/core/lib/iomgr/resolve_address.h +3 -4
  265. data/src/core/lib/iomgr/resolve_address_impl.h +1 -1
  266. data/src/core/lib/iomgr/resolve_address_posix.cc +14 -25
  267. data/src/core/lib/iomgr/resolve_address_posix.h +1 -2
  268. data/src/core/lib/iomgr/resolve_address_windows.cc +14 -17
  269. data/src/core/lib/iomgr/resolve_address_windows.h +1 -2
  270. data/src/core/lib/iomgr/socket_utils_common_posix.cc +30 -29
  271. data/src/core/lib/iomgr/socket_utils_posix.cc +1 -0
  272. data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
  273. data/src/core/lib/iomgr/socket_windows.cc +2 -2
  274. data/src/core/lib/iomgr/tcp_client_cfstream.cc +6 -10
  275. data/src/core/lib/iomgr/tcp_client_posix.cc +31 -35
  276. data/src/core/lib/iomgr/tcp_client_windows.cc +8 -12
  277. data/src/core/lib/iomgr/tcp_posix.cc +92 -108
  278. data/src/core/lib/iomgr/tcp_server_posix.cc +34 -34
  279. data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
  280. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +18 -21
  281. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +12 -13
  282. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +1 -1
  283. data/src/core/lib/iomgr/tcp_server_windows.cc +26 -29
  284. data/src/core/lib/iomgr/tcp_windows.cc +27 -34
  285. data/src/core/lib/iomgr/timer.h +8 -8
  286. data/src/core/lib/iomgr/timer_generic.cc +9 -15
  287. data/src/core/lib/iomgr/unix_sockets_posix.cc +2 -4
  288. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +4 -3
  289. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +10 -8
  290. data/src/core/lib/json/json_channel_args.h +42 -0
  291. data/src/core/lib/json/json_object_loader.cc +7 -2
  292. data/src/core/lib/json/json_object_loader.h +22 -0
  293. data/src/core/lib/json/json_util.cc +5 -5
  294. data/src/core/lib/json/json_util.h +4 -4
  295. data/src/core/lib/load_balancing/lb_policy.cc +1 -1
  296. data/src/core/lib/load_balancing/lb_policy.h +4 -0
  297. data/src/core/lib/load_balancing/subchannel_interface.h +0 -7
  298. data/src/core/lib/matchers/matchers.cc +3 -4
  299. data/src/core/lib/promise/activity.cc +16 -2
  300. data/src/core/lib/promise/activity.h +38 -15
  301. data/src/core/lib/promise/arena_promise.h +80 -51
  302. data/src/core/lib/promise/context.h +13 -6
  303. data/src/core/lib/promise/detail/basic_seq.h +9 -28
  304. data/src/core/lib/promise/detail/promise_factory.h +58 -10
  305. data/src/core/lib/promise/detail/status.h +28 -0
  306. data/src/core/lib/promise/detail/switch.h +1455 -0
  307. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +3 -1
  308. data/src/core/lib/promise/for_each.h +129 -0
  309. data/src/core/lib/promise/loop.h +7 -5
  310. data/src/core/lib/promise/map_pipe.h +87 -0
  311. data/src/core/lib/promise/pipe.cc +19 -0
  312. data/src/core/lib/promise/pipe.h +505 -0
  313. data/src/core/lib/promise/poll.h +13 -0
  314. data/src/core/lib/promise/seq.h +3 -5
  315. data/src/core/lib/promise/sleep.cc +5 -4
  316. data/src/core/lib/promise/sleep.h +1 -2
  317. data/src/core/lib/promise/try_concurrently.h +341 -0
  318. data/src/core/lib/promise/try_seq.h +10 -13
  319. data/src/core/lib/resolver/server_address.cc +1 -0
  320. data/src/core/lib/resolver/server_address.h +1 -3
  321. data/src/core/lib/resource_quota/api.cc +0 -1
  322. data/src/core/lib/resource_quota/arena.cc +19 -0
  323. data/src/core/lib/resource_quota/arena.h +89 -0
  324. data/src/core/lib/resource_quota/memory_quota.cc +1 -0
  325. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +1 -3
  326. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -2
  327. data/src/core/lib/security/authorization/matchers.cc +25 -22
  328. data/src/core/lib/security/authorization/rbac_policy.cc +2 -3
  329. data/src/core/lib/security/context/security_context.h +10 -0
  330. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +3 -4
  331. data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
  332. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +77 -55
  333. data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -3
  334. data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -51
  335. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +17 -21
  336. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +21 -25
  337. data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -0
  338. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +27 -24
  339. data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -0
  340. data/src/core/lib/security/credentials/jwt/json_token.cc +1 -2
  341. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -1
  342. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -5
  343. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +24 -30
  344. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -5
  345. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +3 -3
  346. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +19 -27
  347. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +4 -11
  348. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +29 -41
  349. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +1 -1
  350. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +6 -11
  351. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +8 -15
  352. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +2 -2
  353. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +2 -6
  354. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +1 -4
  355. data/src/core/lib/security/security_connector/local/local_security_connector.cc +7 -11
  356. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +9 -14
  357. data/src/core/lib/security/security_connector/ssl_utils.cc +5 -7
  358. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +21 -27
  359. data/src/core/lib/security/transport/client_auth_filter.cc +1 -1
  360. data/src/core/lib/security/transport/secure_endpoint.cc +26 -28
  361. data/src/core/lib/security/transport/security_handshaker.cc +53 -53
  362. data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
  363. data/src/core/lib/security/transport/tsi_error.cc +6 -3
  364. data/src/core/lib/security/util/json_util.cc +4 -5
  365. data/src/core/lib/service_config/service_config.h +1 -1
  366. data/src/core/lib/service_config/service_config_impl.cc +111 -158
  367. data/src/core/lib/service_config/service_config_impl.h +14 -17
  368. data/src/core/lib/service_config/service_config_parser.cc +14 -31
  369. data/src/core/lib/service_config/service_config_parser.h +14 -10
  370. data/src/core/lib/slice/b64.cc +2 -2
  371. data/src/core/lib/slice/slice.cc +7 -1
  372. data/src/core/lib/slice/slice.h +19 -6
  373. data/src/core/lib/slice/slice_buffer.cc +13 -14
  374. data/src/core/lib/slice/slice_internal.h +13 -21
  375. data/src/core/lib/slice/slice_refcount.h +34 -19
  376. data/src/core/lib/surface/byte_buffer.cc +3 -4
  377. data/src/core/lib/surface/byte_buffer_reader.cc +4 -4
  378. data/src/core/lib/surface/call.cc +1366 -239
  379. data/src/core/lib/surface/call.h +44 -0
  380. data/src/core/lib/surface/call_details.cc +3 -3
  381. data/src/core/lib/surface/call_trace.cc +113 -0
  382. data/src/core/lib/surface/call_trace.h +30 -0
  383. data/src/core/lib/surface/channel.cc +44 -49
  384. data/src/core/lib/surface/channel.h +9 -1
  385. data/src/core/lib/surface/channel_ping.cc +1 -1
  386. data/src/core/lib/surface/channel_stack_type.cc +4 -0
  387. data/src/core/lib/surface/channel_stack_type.h +2 -0
  388. data/src/core/lib/surface/completion_queue.cc +38 -52
  389. data/src/core/lib/surface/init.cc +8 -39
  390. data/src/core/lib/surface/init_internally.h +8 -0
  391. data/src/core/lib/surface/lame_client.cc +10 -8
  392. data/src/core/lib/surface/server.cc +48 -70
  393. data/src/core/lib/surface/server.h +3 -4
  394. data/src/core/lib/surface/validate_metadata.cc +11 -12
  395. data/src/core/lib/surface/version.cc +2 -2
  396. data/src/core/lib/transport/connectivity_state.cc +2 -2
  397. data/src/core/lib/transport/error_utils.cc +34 -28
  398. data/src/core/lib/transport/error_utils.h +3 -3
  399. data/src/core/lib/transport/handshaker.cc +14 -14
  400. data/src/core/lib/transport/handshaker.h +1 -1
  401. data/src/core/lib/transport/handshaker_factory.h +26 -0
  402. data/src/core/lib/transport/handshaker_registry.cc +8 -2
  403. data/src/core/lib/transport/handshaker_registry.h +3 -4
  404. data/src/core/lib/transport/http_connect_handshaker.cc +23 -24
  405. data/src/core/lib/transport/metadata_batch.h +17 -1
  406. data/src/core/lib/transport/parsed_metadata.cc +2 -6
  407. data/src/core/lib/transport/tcp_connect_handshaker.cc +15 -20
  408. data/src/core/lib/transport/transport.cc +63 -17
  409. data/src/core/lib/transport/transport.h +64 -68
  410. data/src/core/lib/transport/transport_impl.h +1 -1
  411. data/src/core/lib/transport/transport_op_string.cc +7 -6
  412. data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -10
  413. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -14
  414. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +10 -10
  415. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +8 -8
  416. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -1
  417. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +7 -7
  418. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +7 -6
  419. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
  420. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +5 -5
  421. data/src/core/tsi/fake_transport_security.cc +3 -3
  422. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +7 -3
  423. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  424. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +6 -2
  425. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +0 -2
  426. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +0 -3
  427. data/src/ruby/lib/grpc/version.rb +1 -1
  428. data/src/ruby/spec/channel_spec.rb +0 -43
  429. data/src/ruby/spec/generic/active_call_spec.rb +12 -3
  430. data/third_party/abseil-cpp/absl/cleanup/cleanup.h +140 -0
  431. data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +100 -0
  432. data/third_party/zlib/compress.c +3 -3
  433. data/third_party/zlib/crc32.c +21 -12
  434. data/third_party/zlib/deflate.c +112 -106
  435. data/third_party/zlib/deflate.h +2 -2
  436. data/third_party/zlib/gzlib.c +1 -1
  437. data/third_party/zlib/gzread.c +3 -5
  438. data/third_party/zlib/gzwrite.c +1 -1
  439. data/third_party/zlib/infback.c +10 -7
  440. data/third_party/zlib/inflate.c +5 -2
  441. data/third_party/zlib/inftrees.c +2 -2
  442. data/third_party/zlib/inftrees.h +1 -1
  443. data/third_party/zlib/trees.c +61 -62
  444. data/third_party/zlib/uncompr.c +2 -2
  445. data/third_party/zlib/zconf.h +16 -3
  446. data/third_party/zlib/zlib.h +10 -10
  447. data/third_party/zlib/zutil.c +9 -7
  448. data/third_party/zlib/zutil.h +1 -0
  449. metadata +57 -20
  450. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +0 -188
  451. data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -187
  452. data/src/core/lib/event_engine/executor/threaded_executor.h +0 -44
  453. data/src/core/lib/gpr/murmur_hash.cc +0 -82
  454. data/src/core/lib/gpr/murmur_hash.h +0 -29
  455. data/src/core/lib/gpr/tls.h +0 -156
  456. data/src/core/lib/promise/call_push_pull.h +0 -148
  457. data/src/core/lib/slice/slice_api.cc +0 -39
  458. data/src/core/lib/slice/slice_buffer_api.cc +0 -35
  459. data/src/core/lib/slice/slice_refcount_base.h +0 -60
@@ -19,6 +19,7 @@
19
19
  #include "src/core/ext/xds/xds_common_types.h"
20
20
 
21
21
  #include <stddef.h>
22
+ #include <stdint.h>
22
23
 
23
24
  #include <algorithm>
24
25
  #include <map>
@@ -34,23 +35,47 @@
34
35
  #include "envoy/type/matcher/v3/regex.upb.h"
35
36
  #include "envoy/type/matcher/v3/string.upb.h"
36
37
  #include "google/protobuf/any.upb.h"
38
+ #include "google/protobuf/struct.upb.h"
39
+ #include "google/protobuf/struct.upbdefs.h"
37
40
  #include "google/protobuf/wrappers.upb.h"
38
- #include "upb/upb.h"
41
+ #include "upb/arena.h"
42
+ #include "upb/json_encode.h"
43
+ #include "upb/status.h"
44
+ #include "upb/upb.hpp"
39
45
  #include "xds/type/v3/typed_struct.upb.h"
40
46
 
41
- #include "src/core/ext/xds/certificate_provider_store.h"
42
47
  #include "src/core/ext/xds/upb_utils.h"
43
48
  #include "src/core/ext/xds/xds_bootstrap_grpc.h"
44
49
  #include "src/core/ext/xds/xds_client.h"
45
50
 
46
51
  namespace grpc_core {
47
52
 
53
+ //
54
+ // ParseDuration()
55
+ //
56
+
57
+ Duration ParseDuration(const google_protobuf_Duration* proto_duration,
58
+ ValidationErrors* errors) {
59
+ int64_t seconds = google_protobuf_Duration_seconds(proto_duration);
60
+ if (seconds < 0 || seconds > 315576000000) {
61
+ ValidationErrors::ScopedField field(errors, ".seconds");
62
+ errors->AddError("value must be in the range [0, 315576000000]");
63
+ }
64
+ int32_t nanos = google_protobuf_Duration_nanos(proto_duration);
65
+ if (nanos < 0 || nanos > 999999999) {
66
+ ValidationErrors::ScopedField field(errors, ".nanos");
67
+ errors->AddError("value must be in the range [0, 999999999]");
68
+ }
69
+ return Duration::FromSecondsAndNanoseconds(seconds, nanos);
70
+ }
71
+
48
72
  //
49
73
  // CommonTlsContext::CertificateValidationContext
50
74
  //
51
75
 
52
76
  std::string CommonTlsContext::CertificateValidationContext::ToString() const {
53
77
  std::vector<std::string> contents;
78
+ contents.reserve(match_subject_alt_names.size());
54
79
  for (const auto& match : match_subject_alt_names) {
55
80
  contents.push_back(match.ToString());
56
81
  }
@@ -114,68 +139,70 @@ namespace {
114
139
  // same CertificateProviderPluginInstance struct since the fields are the same.
115
140
  // TODO(yashykt): Remove this once we stop supporting the old way of fetching
116
141
  // certificate provider instances.
117
- absl::StatusOr<CommonTlsContext::CertificateProviderPluginInstance>
142
+ CommonTlsContext::CertificateProviderPluginInstance
118
143
  CertificateProviderInstanceParse(
119
144
  const XdsResourceType::DecodeContext& context,
120
145
  const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance*
121
- certificate_provider_instance_proto) {
122
- CommonTlsContext::CertificateProviderPluginInstance
123
- certificate_provider_plugin_instance = {
124
- UpbStringToStdString(
125
- envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_instance_name(
126
- certificate_provider_instance_proto)),
127
- UpbStringToStdString(
128
- envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_certificate_name(
129
- certificate_provider_instance_proto))};
146
+ certificate_provider_instance_proto,
147
+ ValidationErrors* errors) {
148
+ CommonTlsContext::CertificateProviderPluginInstance cert_provider;
149
+ cert_provider.instance_name = UpbStringToStdString(
150
+ envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_instance_name(
151
+ certificate_provider_instance_proto));
130
152
  const auto& bootstrap =
131
153
  static_cast<const GrpcXdsBootstrap&>(context.client->bootstrap());
132
- if (bootstrap.certificate_providers().find(
133
- certificate_provider_plugin_instance.instance_name) ==
154
+ if (bootstrap.certificate_providers().find(cert_provider.instance_name) ==
134
155
  bootstrap.certificate_providers().end()) {
135
- return absl::InvalidArgumentError(
136
- absl::StrCat("Unrecognized certificate provider instance name: ",
137
- certificate_provider_plugin_instance.instance_name));
156
+ ValidationErrors::ScopedField field(errors, ".instance_name");
157
+ errors->AddError(
158
+ absl::StrCat("unrecognized certificate provider instance name: ",
159
+ cert_provider.instance_name));
138
160
  }
139
- return certificate_provider_plugin_instance;
161
+ cert_provider.certificate_name = UpbStringToStdString(
162
+ envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CertificateProviderInstance_certificate_name(
163
+ certificate_provider_instance_proto));
164
+ return cert_provider;
140
165
  }
141
166
 
142
- absl::StatusOr<CommonTlsContext::CertificateProviderPluginInstance>
167
+ CommonTlsContext::CertificateProviderPluginInstance
143
168
  CertificateProviderPluginInstanceParse(
144
169
  const XdsResourceType::DecodeContext& context,
145
170
  const envoy_extensions_transport_sockets_tls_v3_CertificateProviderPluginInstance*
146
- certificate_provider_plugin_instance_proto) {
147
- CommonTlsContext::CertificateProviderPluginInstance
148
- certificate_provider_plugin_instance = {
149
- UpbStringToStdString(
150
- envoy_extensions_transport_sockets_tls_v3_CertificateProviderPluginInstance_instance_name(
151
- certificate_provider_plugin_instance_proto)),
152
- UpbStringToStdString(
153
- envoy_extensions_transport_sockets_tls_v3_CertificateProviderPluginInstance_certificate_name(
154
- certificate_provider_plugin_instance_proto))};
171
+ certificate_provider_plugin_instance_proto,
172
+ ValidationErrors* errors) {
173
+ CommonTlsContext::CertificateProviderPluginInstance cert_provider;
174
+ cert_provider.instance_name = UpbStringToStdString(
175
+ envoy_extensions_transport_sockets_tls_v3_CertificateProviderPluginInstance_instance_name(
176
+ certificate_provider_plugin_instance_proto));
155
177
  const auto& bootstrap =
156
178
  static_cast<const GrpcXdsBootstrap&>(context.client->bootstrap());
157
- if (bootstrap.certificate_providers().find(
158
- certificate_provider_plugin_instance.instance_name) ==
179
+ if (bootstrap.certificate_providers().find(cert_provider.instance_name) ==
159
180
  bootstrap.certificate_providers().end()) {
160
- return absl::InvalidArgumentError(
161
- absl::StrCat("Unrecognized certificate provider instance name: ",
162
- certificate_provider_plugin_instance.instance_name));
181
+ ValidationErrors::ScopedField field(errors, ".instance_name");
182
+ errors->AddError(
183
+ absl::StrCat("unrecognized certificate provider instance name: ",
184
+ cert_provider.instance_name));
163
185
  }
164
- return certificate_provider_plugin_instance;
186
+ cert_provider.certificate_name = UpbStringToStdString(
187
+ envoy_extensions_transport_sockets_tls_v3_CertificateProviderPluginInstance_certificate_name(
188
+ certificate_provider_plugin_instance_proto));
189
+ return cert_provider;
165
190
  }
166
191
 
167
- absl::StatusOr<CommonTlsContext::CertificateValidationContext>
192
+ CommonTlsContext::CertificateValidationContext
168
193
  CertificateValidationContextParse(
169
194
  const XdsResourceType::DecodeContext& context,
170
195
  const envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext*
171
- certificate_validation_context_proto) {
172
- std::vector<std::string> errors;
196
+ certificate_validation_context_proto,
197
+ ValidationErrors* errors) {
173
198
  CommonTlsContext::CertificateValidationContext certificate_validation_context;
174
199
  size_t len = 0;
175
200
  auto* subject_alt_names_matchers =
176
201
  envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_match_subject_alt_names(
177
202
  certificate_validation_context_proto, &len);
178
203
  for (size_t i = 0; i < len; ++i) {
204
+ ValidationErrors::ScopedField field(
205
+ errors, absl::StrCat(".match_subject_alt_names[", i, "]"));
179
206
  StringMatcher::Type type;
180
207
  std::string matcher;
181
208
  if (envoy_type_matcher_v3_StringMatcher_has_exact(
@@ -207,7 +234,7 @@ CertificateValidationContextParse(
207
234
  matcher = UpbStringToStdString(
208
235
  envoy_type_matcher_v3_RegexMatcher_regex(regex_matcher));
209
236
  } else {
210
- errors.push_back("Invalid StringMatcher specified");
237
+ errors->AddError("invalid StringMatcher specified");
211
238
  continue;
212
239
  }
213
240
  bool ignore_case = envoy_type_matcher_v3_StringMatcher_ignore_case(
@@ -216,13 +243,12 @@ CertificateValidationContextParse(
216
243
  StringMatcher::Create(type, matcher,
217
244
  /*case_sensitive=*/!ignore_case);
218
245
  if (!string_matcher.ok()) {
219
- errors.push_back(
220
- absl::StrCat("string matcher: ", string_matcher.status().message()));
246
+ errors->AddError(string_matcher.status().message());
221
247
  continue;
222
248
  }
223
249
  if (type == StringMatcher::Type::kSafeRegex && ignore_case) {
224
- errors.push_back(
225
- "StringMatcher: ignore_case has no effect for SAFE_REGEX.");
250
+ ValidationErrors::ScopedField field(errors, ".ignore_case");
251
+ errors->AddError("not supported for regex matcher");
226
252
  continue;
227
253
  }
228
254
  certificate_validation_context.match_subject_alt_names.push_back(
@@ -232,58 +258,51 @@ CertificateValidationContextParse(
232
258
  envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_ca_certificate_provider_instance(
233
259
  certificate_validation_context_proto);
234
260
  if (ca_certificate_provider_instance != nullptr) {
235
- auto certificate_provider_instance = CertificateProviderPluginInstanceParse(
236
- context, ca_certificate_provider_instance);
237
- if (!certificate_provider_instance.ok()) {
238
- errors.emplace_back(certificate_provider_instance.status().message());
239
- } else {
240
- certificate_validation_context.ca_certificate_provider_instance =
241
- std::move(*certificate_provider_instance);
242
- }
261
+ ValidationErrors::ScopedField field(errors,
262
+ ".ca_certificate_provider_instance");
263
+ certificate_validation_context.ca_certificate_provider_instance =
264
+ CertificateProviderPluginInstanceParse(
265
+ context, ca_certificate_provider_instance, errors);
243
266
  }
244
267
  if (envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_verify_certificate_spki(
245
268
  certificate_validation_context_proto, nullptr) != nullptr) {
246
- errors.push_back(
247
- "CertificateValidationContext: verify_certificate_spki unsupported");
269
+ ValidationErrors::ScopedField field(errors, ".verify_certificate_spki");
270
+ errors->AddError("feature unsupported");
248
271
  }
249
272
  if (envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_verify_certificate_hash(
250
273
  certificate_validation_context_proto, nullptr) != nullptr) {
251
- errors.push_back(
252
- "CertificateValidationContext: verify_certificate_hash unsupported");
274
+ ValidationErrors::ScopedField field(errors, ".verify_certificate_hash");
275
+ errors->AddError("feature unsupported");
253
276
  }
254
277
  auto* require_signed_certificate_timestamp =
255
278
  envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_require_signed_certificate_timestamp(
256
279
  certificate_validation_context_proto);
257
280
  if (require_signed_certificate_timestamp != nullptr &&
258
281
  google_protobuf_BoolValue_value(require_signed_certificate_timestamp)) {
259
- errors.push_back(
260
- "CertificateValidationContext: "
261
- "require_signed_certificate_timestamp unsupported");
282
+ ValidationErrors::ScopedField field(
283
+ errors, ".require_signed_certificate_timestamp");
284
+ errors->AddError("feature unsupported");
262
285
  }
263
286
  if (envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_has_crl(
264
287
  certificate_validation_context_proto)) {
265
- errors.push_back("CertificateValidationContext: crl unsupported");
288
+ ValidationErrors::ScopedField field(errors, ".crl");
289
+ errors->AddError("feature unsupported");
266
290
  }
267
291
  if (envoy_extensions_transport_sockets_tls_v3_CertificateValidationContext_has_custom_validator_config(
268
292
  certificate_validation_context_proto)) {
269
- errors.push_back(
270
- "CertificateValidationContext: custom_validator_config unsupported");
271
- }
272
- if (!errors.empty()) {
273
- return absl::InvalidArgumentError(
274
- absl::StrCat("Errors parsing CertificateValidationContext: ",
275
- absl::StrJoin(errors, "; ")));
293
+ ValidationErrors::ScopedField field(errors, ".custom_validator_config");
294
+ errors->AddError("feature unsupported");
276
295
  }
277
296
  return certificate_validation_context;
278
297
  }
279
298
 
280
299
  } // namespace
281
300
 
282
- absl::StatusOr<CommonTlsContext> CommonTlsContext::Parse(
301
+ CommonTlsContext CommonTlsContext::Parse(
283
302
  const XdsResourceType::DecodeContext& context,
284
303
  const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext*
285
- common_tls_context_proto) {
286
- std::vector<std::string> errors;
304
+ common_tls_context_proto,
305
+ ValidationErrors* errors) {
287
306
  CommonTlsContext common_tls_context;
288
307
  // The validation context is derived from the oneof in
289
308
  // 'validation_context_type'. 'validation_context_sds_secret_config' is not
@@ -292,18 +311,16 @@ absl::StatusOr<CommonTlsContext> CommonTlsContext::Parse(
292
311
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_combined_validation_context(
293
312
  common_tls_context_proto);
294
313
  if (combined_validation_context != nullptr) {
314
+ ValidationErrors::ScopedField field(errors, ".combined_validation_context");
295
315
  auto* default_validation_context =
296
316
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CombinedCertificateValidationContext_default_validation_context(
297
317
  combined_validation_context);
298
318
  if (default_validation_context != nullptr) {
299
- auto certificate_validation_context = CertificateValidationContextParse(
300
- context, default_validation_context);
301
- if (!certificate_validation_context.ok()) {
302
- errors.emplace_back(certificate_validation_context.status().message());
303
- } else {
304
- common_tls_context.certificate_validation_context =
305
- std::move(*certificate_validation_context);
306
- }
319
+ ValidationErrors::ScopedField field(errors,
320
+ ".default_validation_context");
321
+ common_tls_context.certificate_validation_context =
322
+ CertificateValidationContextParse(context, default_validation_context,
323
+ errors);
307
324
  }
308
325
  // If after parsing default_validation_context,
309
326
  // common_tls_context->certificate_validation_context.ca_certificate_provider_instance
@@ -312,55 +329,44 @@ absl::StatusOr<CommonTlsContext> CommonTlsContext::Parse(
312
329
  // 'combined_validation_context'. Note that this way of fetching root
313
330
  // certificates is deprecated and will be removed in the future.
314
331
  // TODO(yashykt): Remove this once it's no longer needed.
315
- auto* validation_context_certificate_provider_instance =
332
+ const auto* validation_context_certificate_provider_instance =
316
333
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_CombinedCertificateValidationContext_validation_context_certificate_provider_instance(
317
334
  combined_validation_context);
318
335
  if (common_tls_context.certificate_validation_context
319
336
  .ca_certificate_provider_instance.Empty() &&
320
337
  validation_context_certificate_provider_instance != nullptr) {
321
- auto certificate_provider_instance = CertificateProviderInstanceParse(
322
- context, validation_context_certificate_provider_instance);
323
- if (!certificate_provider_instance.ok()) {
324
- errors.emplace_back(certificate_provider_instance.status().message());
325
- } else {
326
- common_tls_context.certificate_validation_context
327
- .ca_certificate_provider_instance =
328
- std::move(*certificate_provider_instance);
329
- }
338
+ ValidationErrors::ScopedField field(
339
+ errors, ".validation_context_certificate_provider_instance");
340
+ common_tls_context.certificate_validation_context
341
+ .ca_certificate_provider_instance = CertificateProviderInstanceParse(
342
+ context, validation_context_certificate_provider_instance, errors);
330
343
  }
331
344
  } else {
332
345
  auto* validation_context =
333
346
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_validation_context(
334
347
  common_tls_context_proto);
335
348
  if (validation_context != nullptr) {
336
- auto certificate_validation_context =
337
- CertificateValidationContextParse(context, validation_context);
338
- if (!certificate_validation_context.ok()) {
339
- errors.emplace_back(certificate_validation_context.status().message());
340
- } else {
341
- common_tls_context.certificate_validation_context =
342
- std::move(*certificate_validation_context);
343
- }
349
+ ValidationErrors::ScopedField field(errors, ".validation_context");
350
+ common_tls_context.certificate_validation_context =
351
+ CertificateValidationContextParse(context, validation_context,
352
+ errors);
344
353
  } else if (
345
354
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_has_validation_context_sds_secret_config(
346
355
  common_tls_context_proto)) {
347
- errors.push_back("validation_context_sds_secret_config unsupported");
356
+ ValidationErrors::ScopedField field(
357
+ errors, ".validation_context_sds_secret_config");
358
+ errors->AddError("feature unsupported");
348
359
  }
349
360
  }
350
361
  auto* tls_certificate_provider_instance =
351
362
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_tls_certificate_provider_instance(
352
363
  common_tls_context_proto);
353
364
  if (tls_certificate_provider_instance != nullptr) {
354
- auto certificate_provider_plugin_instance =
365
+ ValidationErrors::ScopedField field(errors,
366
+ ".tls_certificate_provider_instance");
367
+ common_tls_context.tls_certificate_provider_instance =
355
368
  CertificateProviderPluginInstanceParse(
356
- context, tls_certificate_provider_instance);
357
- if (!certificate_provider_plugin_instance.ok()) {
358
- errors.emplace_back(
359
- certificate_provider_plugin_instance.status().message());
360
- } else {
361
- common_tls_context.tls_certificate_provider_instance =
362
- std::move(*certificate_provider_plugin_instance);
363
- }
369
+ context, tls_certificate_provider_instance, errors);
364
370
  } else {
365
371
  // Fall back onto 'tls_certificate_certificate_provider_instance'. Note that
366
372
  // this way of fetching identity certificates is deprecated and will be
@@ -370,65 +376,126 @@ absl::StatusOr<CommonTlsContext> CommonTlsContext::Parse(
370
376
  envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_tls_certificate_certificate_provider_instance(
371
377
  common_tls_context_proto);
372
378
  if (tls_certificate_certificate_provider_instance != nullptr) {
373
- auto certificate_provider_instance = CertificateProviderInstanceParse(
374
- context, tls_certificate_certificate_provider_instance);
375
- if (!certificate_provider_instance.ok()) {
376
- errors.emplace_back(certificate_provider_instance.status().message());
377
- } else {
378
- common_tls_context.tls_certificate_provider_instance =
379
- std::move(*certificate_provider_instance);
380
- }
379
+ ValidationErrors::ScopedField field(
380
+ errors, ".tls_certificate_certificate_provider_instance");
381
+ common_tls_context.tls_certificate_provider_instance =
382
+ CertificateProviderInstanceParse(
383
+ context, tls_certificate_certificate_provider_instance, errors);
381
384
  } else {
382
385
  if (envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_has_tls_certificates(
383
386
  common_tls_context_proto)) {
384
- errors.push_back("tls_certificates unsupported");
387
+ ValidationErrors::ScopedField field(errors, ".tls_certificates");
388
+ errors->AddError("feature unsupported");
385
389
  }
386
390
  if (envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_has_tls_certificate_sds_secret_configs(
387
391
  common_tls_context_proto)) {
388
- errors.push_back("tls_certificate_sds_secret_configs unsupported");
392
+ ValidationErrors::ScopedField field(
393
+ errors, ".tls_certificate_sds_secret_configs");
394
+ errors->AddError("feature unsupported");
389
395
  }
390
396
  }
391
397
  }
392
398
  if (envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_has_tls_params(
393
399
  common_tls_context_proto)) {
394
- errors.push_back("tls_params unsupported");
400
+ ValidationErrors::ScopedField field(errors, ".tls_params");
401
+ errors->AddError("feature unsupported");
395
402
  }
396
403
  if (envoy_extensions_transport_sockets_tls_v3_CommonTlsContext_has_custom_handshaker(
397
404
  common_tls_context_proto)) {
398
- errors.push_back("custom_handshaker unsupported");
405
+ ValidationErrors::ScopedField field(errors, ".custom_handshaker");
406
+ errors->AddError("feature unsupported");
399
407
  }
400
- if (!errors.empty()) {
408
+ return common_tls_context;
409
+ }
410
+
411
+ //
412
+ // ExtractXdsExtension
413
+ //
414
+
415
+ namespace {
416
+
417
+ absl::StatusOr<Json> ParseProtobufStructToJson(
418
+ const XdsResourceType::DecodeContext& context,
419
+ const google_protobuf_Struct* resource) {
420
+ upb::Status status;
421
+ const auto* msg_def = google_protobuf_Struct_getmsgdef(context.symtab);
422
+ size_t json_size = upb_JsonEncode(resource, msg_def, context.symtab, 0,
423
+ nullptr, 0, status.ptr());
424
+ if (json_size == static_cast<size_t>(-1)) {
401
425
  return absl::InvalidArgumentError(
402
- absl::StrCat("Errors parsing CommonTlsContext: [",
403
- absl::StrJoin(errors, "; "), "]"));
426
+ absl::StrCat("error encoding google::Protobuf::Struct as JSON: ",
427
+ upb_Status_ErrorMessage(status.ptr())));
404
428
  }
405
- return common_tls_context;
429
+ void* buf = upb_Arena_Malloc(context.arena, json_size + 1);
430
+ upb_JsonEncode(resource, msg_def, context.symtab, 0,
431
+ reinterpret_cast<char*>(buf), json_size + 1, status.ptr());
432
+ auto json = Json::Parse(reinterpret_cast<char*>(buf));
433
+ if (!json.ok()) {
434
+ // This should never happen.
435
+ return absl::InternalError(
436
+ absl::StrCat("error parsing JSON form of google::Protobuf::Struct "
437
+ "produced by upb library: ",
438
+ json.status().ToString()));
439
+ }
440
+ return std::move(*json);
406
441
  }
407
442
 
408
- absl::StatusOr<ExtractExtensionTypeNameResult> ExtractExtensionTypeName(
443
+ } // namespace
444
+
445
+ absl::optional<XdsExtension> ExtractXdsExtension(
409
446
  const XdsResourceType::DecodeContext& context,
410
- const google_protobuf_Any* any) {
411
- ExtractExtensionTypeNameResult result;
412
- result.type = UpbStringToAbsl(google_protobuf_Any_type_url(any));
413
- if (result.type == "type.googleapis.com/xds.type.v3.TypedStruct" ||
414
- result.type == "type.googleapis.com/udpa.type.v1.TypedStruct") {
415
- upb_StringView any_value = google_protobuf_Any_value(any);
416
- result.typed_struct = xds_type_v3_TypedStruct_parse(
417
- any_value.data, any_value.size, context.arena);
418
- if (result.typed_struct == nullptr) {
419
- return absl::InvalidArgumentError(
420
- "could not parse TypedStruct from extension");
421
- }
422
- result.type =
423
- UpbStringToAbsl(xds_type_v3_TypedStruct_type_url(result.typed_struct));
447
+ const google_protobuf_Any* any, ValidationErrors* errors) {
448
+ if (any == nullptr) {
449
+ errors->AddError("field not present");
450
+ return absl::nullopt;
424
451
  }
425
- size_t pos = result.type.rfind('/');
426
- if (pos == absl::string_view::npos || pos == result.type.size() - 1) {
427
- return absl::InvalidArgumentError(
428
- absl::StrCat("Invalid type_url ", result.type));
452
+ XdsExtension extension;
453
+ auto strip_type_prefix = [&]() {
454
+ ValidationErrors::ScopedField field(errors, ".type_url");
455
+ if (extension.type.empty()) {
456
+ errors->AddError("field not present");
457
+ return;
458
+ }
459
+ size_t pos = extension.type.rfind('/');
460
+ if (pos == absl::string_view::npos || pos == extension.type.size() - 1) {
461
+ errors->AddError(absl::StrCat("invalid value \"", extension.type, "\""));
462
+ } else {
463
+ extension.type = extension.type.substr(pos + 1);
464
+ }
465
+ };
466
+ extension.type = UpbStringToAbsl(google_protobuf_Any_type_url(any));
467
+ strip_type_prefix();
468
+ extension.validation_fields.emplace_back(
469
+ errors, absl::StrCat(".value[", extension.type, "]"));
470
+ absl::string_view any_value = UpbStringToAbsl(google_protobuf_Any_value(any));
471
+ if (extension.type == "xds.type.v3.TypedStruct" ||
472
+ extension.type == "udpa.type.v1.TypedStruct") {
473
+ const auto* typed_struct = xds_type_v3_TypedStruct_parse(
474
+ any_value.data(), any_value.size(), context.arena);
475
+ if (typed_struct == nullptr) {
476
+ errors->AddError("could not parse");
477
+ return absl::nullopt;
478
+ }
479
+ extension.type =
480
+ UpbStringToAbsl(xds_type_v3_TypedStruct_type_url(typed_struct));
481
+ strip_type_prefix();
482
+ extension.validation_fields.emplace_back(
483
+ errors, absl::StrCat(".value[", extension.type, "]"));
484
+ auto* protobuf_struct = xds_type_v3_TypedStruct_value(typed_struct);
485
+ if (protobuf_struct == nullptr) {
486
+ extension.value = Json::Object(); // Default to empty object.
487
+ } else {
488
+ auto json = ParseProtobufStructToJson(context, protobuf_struct);
489
+ if (!json.ok()) {
490
+ errors->AddError(json.status().message());
491
+ return absl::nullopt;
492
+ }
493
+ extension.value = std::move(*json);
494
+ }
495
+ } else {
496
+ extension.value = any_value;
429
497
  }
430
- result.type = result.type.substr(pos + 1);
431
- return result;
498
+ return std::move(extension);
432
499
  }
433
500
 
434
501
  } // namespace grpc_core
@@ -22,24 +22,23 @@
22
22
  #include <string>
23
23
  #include <vector>
24
24
 
25
- #include "absl/status/statusor.h"
26
25
  #include "absl/strings/string_view.h"
26
+ #include "absl/types/optional.h"
27
+ #include "absl/types/variant.h"
27
28
  #include "envoy/extensions/transport_sockets/tls/v3/tls.upb.h"
28
29
  #include "google/protobuf/any.upb.h"
29
30
  #include "google/protobuf/duration.upb.h"
30
- #include "xds/type/v3/typed_struct.upb.h"
31
31
 
32
32
  #include "src/core/ext/xds/xds_resource_type.h"
33
33
  #include "src/core/lib/gprpp/time.h"
34
+ #include "src/core/lib/gprpp/validation_errors.h"
35
+ #include "src/core/lib/json/json.h"
34
36
  #include "src/core/lib/matchers/matchers.h"
35
37
 
36
38
  namespace grpc_core {
37
39
 
38
- inline Duration ParseDuration(const google_protobuf_Duration* proto_duration) {
39
- return Duration::FromSecondsAndNanoseconds(
40
- google_protobuf_Duration_seconds(proto_duration),
41
- google_protobuf_Duration_nanos(proto_duration));
42
- }
40
+ Duration ParseDuration(const google_protobuf_Duration* proto_duration,
41
+ ValidationErrors* errors);
43
42
 
44
43
  struct CommonTlsContext {
45
44
  struct CertificateProviderPluginInstance {
@@ -82,20 +81,27 @@ struct CommonTlsContext {
82
81
  std::string ToString() const;
83
82
  bool Empty() const;
84
83
 
85
- static absl::StatusOr<CommonTlsContext> Parse(
84
+ static CommonTlsContext Parse(
86
85
  const XdsResourceType::DecodeContext& context,
87
86
  const envoy_extensions_transport_sockets_tls_v3_CommonTlsContext*
88
- common_tls_context_proto);
87
+ common_tls_context_proto,
88
+ ValidationErrors* errors);
89
89
  };
90
90
 
91
- struct ExtractExtensionTypeNameResult {
91
+ struct XdsExtension {
92
+ // The type, either from the top level or from inside the TypedStruct.
92
93
  absl::string_view type;
93
- xds_type_v3_TypedStruct* typed_struct = nullptr;
94
+ // A Json object for a TypedStruct, or the serialized config otherwise.
95
+ absl::variant<absl::string_view /*serialized_value*/, Json /*typed_struct*/>
96
+ value;
97
+ // Validation fields that need to stay in scope until we're done
98
+ // processing the extension.
99
+ std::vector<ValidationErrors::ScopedField> validation_fields;
94
100
  };
95
101
 
96
- absl::StatusOr<ExtractExtensionTypeNameResult> ExtractExtensionTypeName(
102
+ absl::optional<XdsExtension> ExtractXdsExtension(
97
103
  const XdsResourceType::DecodeContext& context,
98
- const google_protobuf_Any* any);
104
+ const google_protobuf_Any* any, ValidationErrors* errors);
99
105
 
100
106
  } // namespace grpc_core
101
107