grpc 1.50.0.pre1 → 1.51.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of grpc might be problematic. Click here for more details.

Files changed (459) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +131 -42
  3. data/include/grpc/event_engine/event_engine.h +10 -3
  4. data/include/grpc/event_engine/slice_buffer.h +17 -0
  5. data/include/grpc/grpc.h +0 -10
  6. data/include/grpc/impl/codegen/grpc_types.h +1 -5
  7. data/include/grpc/impl/codegen/port_platform.h +0 -3
  8. data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +19 -13
  9. data/src/core/ext/filters/channel_idle/channel_idle_filter.h +1 -0
  10. data/src/core/ext/filters/client_channel/backup_poller.cc +3 -3
  11. data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -5
  12. data/src/core/ext/filters/client_channel/client_channel.cc +120 -140
  13. data/src/core/ext/filters/client_channel/client_channel.h +3 -4
  14. data/src/core/ext/filters/client_channel/client_channel_channelz.cc +0 -2
  15. data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
  16. data/src/core/ext/filters/client_channel/client_channel_service_config.cc +153 -0
  17. data/src/core/ext/filters/client_channel/{resolver_result_parsing.h → client_channel_service_config.h} +26 -23
  18. data/src/core/ext/filters/client_channel/connector.h +1 -1
  19. data/src/core/ext/filters/client_channel/dynamic_filters.cc +20 -47
  20. data/src/core/ext/filters/client_channel/dynamic_filters.h +7 -8
  21. data/src/core/ext/filters/client_channel/health/health_check_client.cc +3 -4
  22. data/src/core/ext/filters/client_channel/http_proxy.cc +0 -1
  23. data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +3 -4
  24. data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +5 -0
  25. data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +8 -7
  26. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +35 -44
  27. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -1
  28. data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +1 -3
  29. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +3 -4
  30. data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +1 -1
  31. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +41 -29
  32. data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -2
  33. data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +9 -11
  34. data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +15 -12
  35. data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +8 -10
  36. data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +26 -27
  37. data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +7 -9
  38. data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +44 -26
  39. data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +17 -27
  40. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +42 -0
  41. data/src/core/ext/filters/client_channel/lb_policy/xds/{xds.h → xds_attributes.h} +15 -17
  42. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +13 -7
  43. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +48 -47
  44. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -126
  45. data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +364 -0
  46. data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +9 -9
  47. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +23 -32
  48. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -2
  49. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +22 -23
  50. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +50 -52
  51. data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
  52. data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -4
  53. data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -3
  54. data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +34 -26
  55. data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +3 -4
  56. data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -7
  57. data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +63 -46
  58. data/src/core/ext/filters/client_channel/retry_filter.cc +80 -102
  59. data/src/core/ext/filters/client_channel/retry_service_config.cc +192 -234
  60. data/src/core/ext/filters/client_channel/retry_service_config.h +20 -23
  61. data/src/core/ext/filters/client_channel/retry_throttle.cc +8 -8
  62. data/src/core/ext/filters/client_channel/retry_throttle.h +8 -7
  63. data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
  64. data/src/core/ext/filters/client_channel/subchannel.cc +21 -25
  65. data/src/core/ext/filters/client_channel/subchannel.h +2 -2
  66. data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +11 -12
  67. data/src/core/ext/filters/deadline/deadline_filter.cc +13 -14
  68. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +1 -1
  69. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +0 -4
  70. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +118 -0
  71. data/src/core/ext/filters/fault_injection/{service_config_parser.h → fault_injection_service_config_parser.h} +20 -12
  72. data/src/core/ext/filters/http/client/http_client_filter.cc +16 -16
  73. data/src/core/ext/filters/http/client_authority_filter.cc +1 -1
  74. data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +13 -13
  75. data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +34 -34
  76. data/src/core/ext/filters/http/server/http_server_filter.cc +26 -25
  77. data/src/core/ext/filters/message_size/message_size_filter.cc +86 -117
  78. data/src/core/ext/filters/message_size/message_size_filter.h +22 -15
  79. data/src/core/ext/filters/rbac/rbac_filter.cc +12 -12
  80. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +728 -530
  81. data/src/core/ext/filters/rbac/rbac_service_config_parser.h +4 -3
  82. data/src/core/ext/filters/server_config_selector/server_config_selector.h +1 -1
  83. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -7
  84. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +17 -21
  85. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +57 -72
  86. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +5 -5
  87. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -1
  88. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +212 -253
  89. data/src/core/ext/transport/chttp2/transport/flow_control.cc +42 -11
  90. data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -3
  91. data/src/core/ext/transport/chttp2/transport/frame_data.cc +16 -15
  92. data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -1
  93. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +13 -13
  94. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -3
  95. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +10 -7
  96. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +15 -17
  97. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +5 -4
  98. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +5 -6
  99. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +1 -1
  100. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -1
  101. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +31 -39
  102. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +7 -6
  103. data/src/core/ext/transport/chttp2/transport/internal.h +24 -8
  104. data/src/core/ext/transport/chttp2/transport/parsing.cc +51 -52
  105. data/src/core/ext/transport/chttp2/transport/varint.cc +2 -3
  106. data/src/core/ext/transport/chttp2/transport/varint.h +11 -8
  107. data/src/core/ext/transport/chttp2/transport/writing.cc +16 -16
  108. data/src/core/ext/transport/inproc/inproc_transport.cc +97 -115
  109. data/src/core/ext/xds/certificate_provider_store.cc +4 -4
  110. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +4 -7
  111. data/src/core/ext/xds/xds_api.cc +15 -68
  112. data/src/core/ext/xds/xds_api.h +3 -7
  113. data/src/core/ext/xds/xds_bootstrap.h +0 -1
  114. data/src/core/ext/xds/xds_bootstrap_grpc.cc +3 -12
  115. data/src/core/ext/xds/xds_bootstrap_grpc.h +16 -1
  116. data/src/core/ext/xds/xds_certificate_provider.cc +22 -25
  117. data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -1
  118. data/src/core/ext/xds/xds_client.cc +122 -90
  119. data/src/core/ext/xds/xds_client.h +7 -2
  120. data/src/core/ext/xds/xds_client_grpc.cc +5 -24
  121. data/src/core/ext/xds/xds_cluster.cc +291 -183
  122. data/src/core/ext/xds/xds_cluster.h +11 -15
  123. data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +32 -29
  124. data/src/core/ext/xds/xds_cluster_specifier_plugin.h +35 -16
  125. data/src/core/ext/xds/xds_common_types.cc +208 -141
  126. data/src/core/ext/xds/xds_common_types.h +19 -13
  127. data/src/core/ext/xds/xds_endpoint.cc +214 -129
  128. data/src/core/ext/xds/xds_endpoint.h +4 -7
  129. data/src/core/ext/xds/xds_http_fault_filter.cc +56 -43
  130. data/src/core/ext/xds/xds_http_fault_filter.h +13 -21
  131. data/src/core/ext/xds/xds_http_filters.cc +60 -73
  132. data/src/core/ext/xds/xds_http_filters.h +67 -19
  133. data/src/core/ext/xds/xds_http_rbac_filter.cc +152 -207
  134. data/src/core/ext/xds/xds_http_rbac_filter.h +12 -15
  135. data/src/core/ext/xds/xds_lb_policy_registry.cc +122 -169
  136. data/src/core/ext/xds/xds_lb_policy_registry.h +10 -11
  137. data/src/core/ext/xds/xds_listener.cc +459 -417
  138. data/src/core/ext/xds/xds_listener.h +43 -47
  139. data/src/core/ext/xds/xds_resource_type.h +3 -11
  140. data/src/core/ext/xds/xds_resource_type_impl.h +8 -13
  141. data/src/core/ext/xds/xds_route_config.cc +94 -80
  142. data/src/core/ext/xds/xds_route_config.h +10 -10
  143. data/src/core/ext/xds/xds_routing.cc +2 -1
  144. data/src/core/ext/xds/xds_routing.h +2 -0
  145. data/src/core/ext/xds/xds_server_config_fetcher.cc +109 -94
  146. data/src/core/ext/xds/xds_transport_grpc.cc +4 -5
  147. data/src/core/lib/address_utils/parse_address.cc +11 -10
  148. data/src/core/lib/channel/channel_args.h +16 -1
  149. data/src/core/lib/channel/channel_stack.cc +23 -20
  150. data/src/core/lib/channel/channel_stack.h +17 -4
  151. data/src/core/lib/channel/channel_stack_builder.cc +4 -7
  152. data/src/core/lib/channel/channel_stack_builder.h +14 -6
  153. data/src/core/lib/channel/channel_stack_builder_impl.cc +25 -7
  154. data/src/core/lib/channel/channel_stack_builder_impl.h +2 -0
  155. data/src/core/lib/channel/channel_trace.cc +4 -5
  156. data/src/core/lib/channel/channelz.cc +1 -1
  157. data/src/core/lib/channel/connected_channel.cc +695 -35
  158. data/src/core/lib/channel/connected_channel.h +0 -4
  159. data/src/core/lib/channel/promise_based_filter.cc +1004 -140
  160. data/src/core/lib/channel/promise_based_filter.h +364 -87
  161. data/src/core/lib/compression/message_compress.cc +5 -5
  162. data/src/core/lib/debug/event_log.cc +88 -0
  163. data/src/core/lib/debug/event_log.h +81 -0
  164. data/src/core/lib/debug/histogram_view.cc +69 -0
  165. data/src/core/lib/{slice/slice_refcount.cc → debug/histogram_view.h} +15 -13
  166. data/src/core/lib/debug/stats.cc +22 -119
  167. data/src/core/lib/debug/stats.h +29 -35
  168. data/src/core/lib/debug/stats_data.cc +224 -73
  169. data/src/core/lib/debug/stats_data.h +263 -122
  170. data/src/core/lib/event_engine/common_closures.h +71 -0
  171. data/src/core/lib/event_engine/default_event_engine.cc +38 -15
  172. data/src/core/lib/event_engine/default_event_engine.h +15 -3
  173. data/src/core/lib/event_engine/default_event_engine_factory.cc +2 -4
  174. data/src/core/lib/event_engine/memory_allocator.cc +1 -1
  175. data/src/core/lib/event_engine/poller.h +10 -4
  176. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +618 -0
  177. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +129 -0
  178. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +901 -0
  179. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +97 -0
  180. data/src/core/lib/event_engine/posix_engine/event_poller.h +111 -0
  181. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +74 -0
  182. data/src/core/lib/event_engine/{executor/threaded_executor.cc → posix_engine/event_poller_posix_default.h} +13 -16
  183. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +77 -0
  184. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +179 -0
  185. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +267 -0
  186. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +73 -0
  187. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +1270 -0
  188. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +682 -0
  189. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +453 -18
  190. data/src/core/lib/event_engine/posix_engine/posix_engine.h +148 -24
  191. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +80 -0
  192. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +1081 -0
  193. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +361 -0
  194. data/src/core/lib/event_engine/posix_engine/timer.h +9 -8
  195. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +57 -194
  196. data/src/core/lib/event_engine/posix_engine/timer_manager.h +21 -49
  197. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +301 -0
  198. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +179 -0
  199. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +126 -0
  200. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +45 -0
  201. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +151 -0
  202. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +45 -0
  203. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +76 -0
  204. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +67 -0
  205. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +37 -0
  206. data/src/core/lib/event_engine/slice.cc +7 -6
  207. data/src/core/lib/event_engine/slice_buffer.cc +2 -2
  208. data/src/core/lib/event_engine/thread_pool.cc +106 -25
  209. data/src/core/lib/event_engine/thread_pool.h +32 -9
  210. data/src/core/lib/event_engine/windows/win_socket.cc +7 -7
  211. data/src/core/lib/event_engine/windows/windows_engine.cc +18 -12
  212. data/src/core/lib/event_engine/windows/windows_engine.h +8 -4
  213. data/src/core/lib/experiments/config.cc +1 -1
  214. data/src/core/lib/experiments/experiments.cc +13 -2
  215. data/src/core/lib/experiments/experiments.h +8 -1
  216. data/src/core/lib/gpr/cpu_linux.cc +6 -2
  217. data/src/core/lib/gpr/log_linux.cc +3 -4
  218. data/src/core/lib/gpr/string.h +1 -1
  219. data/src/core/lib/gpr/tmpfile_posix.cc +3 -2
  220. data/src/core/lib/gprpp/load_file.cc +75 -0
  221. data/src/core/lib/gprpp/load_file.h +33 -0
  222. data/src/core/lib/gprpp/per_cpu.h +46 -0
  223. data/src/core/lib/gprpp/stat_posix.cc +5 -4
  224. data/src/core/lib/gprpp/stat_windows.cc +3 -2
  225. data/src/core/lib/gprpp/status_helper.h +1 -3
  226. data/src/core/lib/gprpp/strerror.cc +41 -0
  227. data/src/core/{ext/xds/xds_resource_type.cc → lib/gprpp/strerror.h} +9 -13
  228. data/src/core/lib/gprpp/thd_windows.cc +1 -2
  229. data/src/core/lib/gprpp/time.cc +3 -4
  230. data/src/core/lib/gprpp/time.h +13 -2
  231. data/src/core/lib/gprpp/validation_errors.h +18 -1
  232. data/src/core/lib/http/httpcli.cc +40 -44
  233. data/src/core/lib/http/httpcli.h +6 -5
  234. data/src/core/lib/http/httpcli_security_connector.cc +4 -6
  235. data/src/core/lib/http/parser.cc +54 -65
  236. data/src/core/lib/iomgr/buffer_list.cc +105 -116
  237. data/src/core/lib/iomgr/buffer_list.h +60 -44
  238. data/src/core/lib/iomgr/call_combiner.cc +11 -10
  239. data/src/core/lib/iomgr/call_combiner.h +3 -4
  240. data/src/core/lib/iomgr/cfstream_handle.cc +13 -16
  241. data/src/core/lib/iomgr/closure.h +49 -5
  242. data/src/core/lib/iomgr/combiner.cc +2 -2
  243. data/src/core/lib/iomgr/endpoint.h +1 -1
  244. data/src/core/lib/iomgr/endpoint_cfstream.cc +26 -25
  245. data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -2
  246. data/src/core/lib/iomgr/error.cc +27 -42
  247. data/src/core/lib/iomgr/error.h +22 -152
  248. data/src/core/lib/iomgr/ev_apple.cc +4 -4
  249. data/src/core/lib/iomgr/ev_epoll1_linux.cc +26 -25
  250. data/src/core/lib/iomgr/ev_poll_posix.cc +27 -31
  251. data/src/core/lib/iomgr/exec_ctx.cc +3 -4
  252. data/src/core/lib/iomgr/exec_ctx.h +2 -3
  253. data/src/core/lib/iomgr/executor.cc +1 -2
  254. data/src/core/lib/iomgr/internal_errqueue.cc +3 -1
  255. data/src/core/lib/iomgr/iocp_windows.cc +1 -0
  256. data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
  257. data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +2 -1
  258. data/src/core/lib/iomgr/iomgr_windows.cc +2 -1
  259. data/src/core/lib/iomgr/load_file.cc +5 -9
  260. data/src/core/lib/iomgr/lockfree_event.cc +10 -10
  261. data/src/core/lib/iomgr/pollset_windows.cc +4 -4
  262. data/src/core/lib/iomgr/python_util.h +2 -2
  263. data/src/core/lib/iomgr/resolve_address.cc +8 -3
  264. data/src/core/lib/iomgr/resolve_address.h +3 -4
  265. data/src/core/lib/iomgr/resolve_address_impl.h +1 -1
  266. data/src/core/lib/iomgr/resolve_address_posix.cc +14 -25
  267. data/src/core/lib/iomgr/resolve_address_posix.h +1 -2
  268. data/src/core/lib/iomgr/resolve_address_windows.cc +14 -17
  269. data/src/core/lib/iomgr/resolve_address_windows.h +1 -2
  270. data/src/core/lib/iomgr/socket_utils_common_posix.cc +30 -29
  271. data/src/core/lib/iomgr/socket_utils_posix.cc +1 -0
  272. data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
  273. data/src/core/lib/iomgr/socket_windows.cc +2 -2
  274. data/src/core/lib/iomgr/tcp_client_cfstream.cc +6 -10
  275. data/src/core/lib/iomgr/tcp_client_posix.cc +31 -35
  276. data/src/core/lib/iomgr/tcp_client_windows.cc +8 -12
  277. data/src/core/lib/iomgr/tcp_posix.cc +92 -108
  278. data/src/core/lib/iomgr/tcp_server_posix.cc +34 -34
  279. data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
  280. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +18 -21
  281. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +12 -13
  282. data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +1 -1
  283. data/src/core/lib/iomgr/tcp_server_windows.cc +26 -29
  284. data/src/core/lib/iomgr/tcp_windows.cc +27 -34
  285. data/src/core/lib/iomgr/timer.h +8 -8
  286. data/src/core/lib/iomgr/timer_generic.cc +9 -15
  287. data/src/core/lib/iomgr/unix_sockets_posix.cc +2 -4
  288. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +4 -3
  289. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +10 -8
  290. data/src/core/lib/json/json_channel_args.h +42 -0
  291. data/src/core/lib/json/json_object_loader.cc +7 -2
  292. data/src/core/lib/json/json_object_loader.h +22 -0
  293. data/src/core/lib/json/json_util.cc +5 -5
  294. data/src/core/lib/json/json_util.h +4 -4
  295. data/src/core/lib/load_balancing/lb_policy.cc +1 -1
  296. data/src/core/lib/load_balancing/lb_policy.h +4 -0
  297. data/src/core/lib/load_balancing/subchannel_interface.h +0 -7
  298. data/src/core/lib/matchers/matchers.cc +3 -4
  299. data/src/core/lib/promise/activity.cc +16 -2
  300. data/src/core/lib/promise/activity.h +38 -15
  301. data/src/core/lib/promise/arena_promise.h +80 -51
  302. data/src/core/lib/promise/context.h +13 -6
  303. data/src/core/lib/promise/detail/basic_seq.h +9 -28
  304. data/src/core/lib/promise/detail/promise_factory.h +58 -10
  305. data/src/core/lib/promise/detail/status.h +28 -0
  306. data/src/core/lib/promise/detail/switch.h +1455 -0
  307. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +3 -1
  308. data/src/core/lib/promise/for_each.h +129 -0
  309. data/src/core/lib/promise/loop.h +7 -5
  310. data/src/core/lib/promise/map_pipe.h +87 -0
  311. data/src/core/lib/promise/pipe.cc +19 -0
  312. data/src/core/lib/promise/pipe.h +505 -0
  313. data/src/core/lib/promise/poll.h +13 -0
  314. data/src/core/lib/promise/seq.h +3 -5
  315. data/src/core/lib/promise/sleep.cc +5 -4
  316. data/src/core/lib/promise/sleep.h +1 -2
  317. data/src/core/lib/promise/try_concurrently.h +341 -0
  318. data/src/core/lib/promise/try_seq.h +10 -13
  319. data/src/core/lib/resolver/server_address.cc +1 -0
  320. data/src/core/lib/resolver/server_address.h +1 -3
  321. data/src/core/lib/resource_quota/api.cc +0 -1
  322. data/src/core/lib/resource_quota/arena.cc +19 -0
  323. data/src/core/lib/resource_quota/arena.h +89 -0
  324. data/src/core/lib/resource_quota/memory_quota.cc +1 -0
  325. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +1 -3
  326. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -2
  327. data/src/core/lib/security/authorization/matchers.cc +25 -22
  328. data/src/core/lib/security/authorization/rbac_policy.cc +2 -3
  329. data/src/core/lib/security/context/security_context.h +10 -0
  330. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +3 -4
  331. data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
  332. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +77 -55
  333. data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -3
  334. data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -51
  335. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +17 -21
  336. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +21 -25
  337. data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -0
  338. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +27 -24
  339. data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -0
  340. data/src/core/lib/security/credentials/jwt/json_token.cc +1 -2
  341. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -1
  342. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -5
  343. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +24 -30
  344. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -5
  345. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +3 -3
  346. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +19 -27
  347. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +4 -11
  348. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +29 -41
  349. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +1 -1
  350. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +6 -11
  351. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +8 -15
  352. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +2 -2
  353. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +2 -6
  354. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +1 -4
  355. data/src/core/lib/security/security_connector/local/local_security_connector.cc +7 -11
  356. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +9 -14
  357. data/src/core/lib/security/security_connector/ssl_utils.cc +5 -7
  358. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +21 -27
  359. data/src/core/lib/security/transport/client_auth_filter.cc +1 -1
  360. data/src/core/lib/security/transport/secure_endpoint.cc +26 -28
  361. data/src/core/lib/security/transport/security_handshaker.cc +53 -53
  362. data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
  363. data/src/core/lib/security/transport/tsi_error.cc +6 -3
  364. data/src/core/lib/security/util/json_util.cc +4 -5
  365. data/src/core/lib/service_config/service_config.h +1 -1
  366. data/src/core/lib/service_config/service_config_impl.cc +111 -158
  367. data/src/core/lib/service_config/service_config_impl.h +14 -17
  368. data/src/core/lib/service_config/service_config_parser.cc +14 -31
  369. data/src/core/lib/service_config/service_config_parser.h +14 -10
  370. data/src/core/lib/slice/b64.cc +2 -2
  371. data/src/core/lib/slice/slice.cc +7 -1
  372. data/src/core/lib/slice/slice.h +19 -6
  373. data/src/core/lib/slice/slice_buffer.cc +13 -14
  374. data/src/core/lib/slice/slice_internal.h +13 -21
  375. data/src/core/lib/slice/slice_refcount.h +34 -19
  376. data/src/core/lib/surface/byte_buffer.cc +3 -4
  377. data/src/core/lib/surface/byte_buffer_reader.cc +4 -4
  378. data/src/core/lib/surface/call.cc +1366 -239
  379. data/src/core/lib/surface/call.h +44 -0
  380. data/src/core/lib/surface/call_details.cc +3 -3
  381. data/src/core/lib/surface/call_trace.cc +113 -0
  382. data/src/core/lib/surface/call_trace.h +30 -0
  383. data/src/core/lib/surface/channel.cc +44 -49
  384. data/src/core/lib/surface/channel.h +9 -1
  385. data/src/core/lib/surface/channel_ping.cc +1 -1
  386. data/src/core/lib/surface/channel_stack_type.cc +4 -0
  387. data/src/core/lib/surface/channel_stack_type.h +2 -0
  388. data/src/core/lib/surface/completion_queue.cc +38 -52
  389. data/src/core/lib/surface/init.cc +8 -39
  390. data/src/core/lib/surface/init_internally.h +8 -0
  391. data/src/core/lib/surface/lame_client.cc +10 -8
  392. data/src/core/lib/surface/server.cc +48 -70
  393. data/src/core/lib/surface/server.h +3 -4
  394. data/src/core/lib/surface/validate_metadata.cc +11 -12
  395. data/src/core/lib/surface/version.cc +2 -2
  396. data/src/core/lib/transport/connectivity_state.cc +2 -2
  397. data/src/core/lib/transport/error_utils.cc +34 -28
  398. data/src/core/lib/transport/error_utils.h +3 -3
  399. data/src/core/lib/transport/handshaker.cc +14 -14
  400. data/src/core/lib/transport/handshaker.h +1 -1
  401. data/src/core/lib/transport/handshaker_factory.h +26 -0
  402. data/src/core/lib/transport/handshaker_registry.cc +8 -2
  403. data/src/core/lib/transport/handshaker_registry.h +3 -4
  404. data/src/core/lib/transport/http_connect_handshaker.cc +23 -24
  405. data/src/core/lib/transport/metadata_batch.h +17 -1
  406. data/src/core/lib/transport/parsed_metadata.cc +2 -6
  407. data/src/core/lib/transport/tcp_connect_handshaker.cc +15 -20
  408. data/src/core/lib/transport/transport.cc +63 -17
  409. data/src/core/lib/transport/transport.h +64 -68
  410. data/src/core/lib/transport/transport_impl.h +1 -1
  411. data/src/core/lib/transport/transport_op_string.cc +7 -6
  412. data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -10
  413. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -14
  414. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +10 -10
  415. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +8 -8
  416. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -1
  417. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +7 -7
  418. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +7 -6
  419. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
  420. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +5 -5
  421. data/src/core/tsi/fake_transport_security.cc +3 -3
  422. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +7 -3
  423. data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
  424. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +6 -2
  425. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +0 -2
  426. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +0 -3
  427. data/src/ruby/lib/grpc/version.rb +1 -1
  428. data/src/ruby/spec/channel_spec.rb +0 -43
  429. data/src/ruby/spec/generic/active_call_spec.rb +12 -3
  430. data/third_party/abseil-cpp/absl/cleanup/cleanup.h +140 -0
  431. data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +100 -0
  432. data/third_party/zlib/compress.c +3 -3
  433. data/third_party/zlib/crc32.c +21 -12
  434. data/third_party/zlib/deflate.c +112 -106
  435. data/third_party/zlib/deflate.h +2 -2
  436. data/third_party/zlib/gzlib.c +1 -1
  437. data/third_party/zlib/gzread.c +3 -5
  438. data/third_party/zlib/gzwrite.c +1 -1
  439. data/third_party/zlib/infback.c +10 -7
  440. data/third_party/zlib/inflate.c +5 -2
  441. data/third_party/zlib/inftrees.c +2 -2
  442. data/third_party/zlib/inftrees.h +1 -1
  443. data/third_party/zlib/trees.c +61 -62
  444. data/third_party/zlib/uncompr.c +2 -2
  445. data/third_party/zlib/zconf.h +16 -3
  446. data/third_party/zlib/zlib.h +10 -10
  447. data/third_party/zlib/zutil.c +9 -7
  448. data/third_party/zlib/zutil.h +1 -0
  449. metadata +57 -20
  450. data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +0 -188
  451. data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -187
  452. data/src/core/lib/event_engine/executor/threaded_executor.h +0 -44
  453. data/src/core/lib/gpr/murmur_hash.cc +0 -82
  454. data/src/core/lib/gpr/murmur_hash.h +0 -29
  455. data/src/core/lib/gpr/tls.h +0 -156
  456. data/src/core/lib/promise/call_push_pull.h +0 -148
  457. data/src/core/lib/slice/slice_api.cc +0 -39
  458. data/src/core/lib/slice/slice_buffer_api.cc +0 -35
  459. data/src/core/lib/slice/slice_refcount_base.h +0 -60
@@ -21,7 +21,6 @@
21
21
  #include <algorithm>
22
22
  #include <string>
23
23
 
24
- #include "absl/memory/memory.h"
25
24
  #include "absl/status/status.h"
26
25
  #include "absl/status/statusor.h"
27
26
  #include "absl/strings/string_view.h"
@@ -39,38 +38,40 @@ std::unique_ptr<AuthorizationMatcher> AuthorizationMatcher::Create(
39
38
  switch (permission.type) {
40
39
  case Rbac::Permission::RuleType::kAnd: {
41
40
  std::vector<std::unique_ptr<AuthorizationMatcher>> matchers;
41
+ matchers.reserve(permission.permissions.size());
42
42
  for (const auto& rule : permission.permissions) {
43
43
  matchers.push_back(AuthorizationMatcher::Create(std::move(*rule)));
44
44
  }
45
- return absl::make_unique<AndAuthorizationMatcher>(std::move(matchers));
45
+ return std::make_unique<AndAuthorizationMatcher>(std::move(matchers));
46
46
  }
47
47
  case Rbac::Permission::RuleType::kOr: {
48
48
  std::vector<std::unique_ptr<AuthorizationMatcher>> matchers;
49
+ matchers.reserve(permission.permissions.size());
49
50
  for (const auto& rule : permission.permissions) {
50
51
  matchers.push_back(AuthorizationMatcher::Create(std::move(*rule)));
51
52
  }
52
- return absl::make_unique<OrAuthorizationMatcher>(std::move(matchers));
53
+ return std::make_unique<OrAuthorizationMatcher>(std::move(matchers));
53
54
  }
54
55
  case Rbac::Permission::RuleType::kNot:
55
- return absl::make_unique<NotAuthorizationMatcher>(
56
+ return std::make_unique<NotAuthorizationMatcher>(
56
57
  AuthorizationMatcher::Create(std::move(*permission.permissions[0])));
57
58
  case Rbac::Permission::RuleType::kAny:
58
- return absl::make_unique<AlwaysAuthorizationMatcher>();
59
+ return std::make_unique<AlwaysAuthorizationMatcher>();
59
60
  case Rbac::Permission::RuleType::kHeader:
60
- return absl::make_unique<HeaderAuthorizationMatcher>(
61
+ return std::make_unique<HeaderAuthorizationMatcher>(
61
62
  std::move(permission.header_matcher));
62
63
  case Rbac::Permission::RuleType::kPath:
63
- return absl::make_unique<PathAuthorizationMatcher>(
64
+ return std::make_unique<PathAuthorizationMatcher>(
64
65
  std::move(permission.string_matcher));
65
66
  case Rbac::Permission::RuleType::kDestIp:
66
- return absl::make_unique<IpAuthorizationMatcher>(
67
+ return std::make_unique<IpAuthorizationMatcher>(
67
68
  IpAuthorizationMatcher::Type::kDestIp, std::move(permission.ip));
68
69
  case Rbac::Permission::RuleType::kDestPort:
69
- return absl::make_unique<PortAuthorizationMatcher>(permission.port);
70
+ return std::make_unique<PortAuthorizationMatcher>(permission.port);
70
71
  case Rbac::Permission::RuleType::kMetadata:
71
- return absl::make_unique<MetadataAuthorizationMatcher>(permission.invert);
72
+ return std::make_unique<MetadataAuthorizationMatcher>(permission.invert);
72
73
  case Rbac::Permission::RuleType::kReqServerName:
73
- return absl::make_unique<ReqServerNameAuthorizationMatcher>(
74
+ return std::make_unique<ReqServerNameAuthorizationMatcher>(
74
75
  std::move(permission.string_matcher));
75
76
  }
76
77
  return nullptr;
@@ -81,44 +82,46 @@ std::unique_ptr<AuthorizationMatcher> AuthorizationMatcher::Create(
81
82
  switch (principal.type) {
82
83
  case Rbac::Principal::RuleType::kAnd: {
83
84
  std::vector<std::unique_ptr<AuthorizationMatcher>> matchers;
85
+ matchers.reserve(principal.principals.size());
84
86
  for (const auto& id : principal.principals) {
85
87
  matchers.push_back(AuthorizationMatcher::Create(std::move(*id)));
86
88
  }
87
- return absl::make_unique<AndAuthorizationMatcher>(std::move(matchers));
89
+ return std::make_unique<AndAuthorizationMatcher>(std::move(matchers));
88
90
  }
89
91
  case Rbac::Principal::RuleType::kOr: {
90
92
  std::vector<std::unique_ptr<AuthorizationMatcher>> matchers;
93
+ matchers.reserve(principal.principals.size());
91
94
  for (const auto& id : principal.principals) {
92
95
  matchers.push_back(AuthorizationMatcher::Create(std::move(*id)));
93
96
  }
94
- return absl::make_unique<OrAuthorizationMatcher>(std::move(matchers));
97
+ return std::make_unique<OrAuthorizationMatcher>(std::move(matchers));
95
98
  }
96
99
  case Rbac::Principal::RuleType::kNot:
97
- return absl::make_unique<NotAuthorizationMatcher>(
100
+ return std::make_unique<NotAuthorizationMatcher>(
98
101
  AuthorizationMatcher::Create(std::move(*principal.principals[0])));
99
102
  case Rbac::Principal::RuleType::kAny:
100
- return absl::make_unique<AlwaysAuthorizationMatcher>();
103
+ return std::make_unique<AlwaysAuthorizationMatcher>();
101
104
  case Rbac::Principal::RuleType::kPrincipalName:
102
- return absl::make_unique<AuthenticatedAuthorizationMatcher>(
105
+ return std::make_unique<AuthenticatedAuthorizationMatcher>(
103
106
  std::move(principal.string_matcher));
104
107
  case Rbac::Principal::RuleType::kSourceIp:
105
- return absl::make_unique<IpAuthorizationMatcher>(
108
+ return std::make_unique<IpAuthorizationMatcher>(
106
109
  IpAuthorizationMatcher::Type::kSourceIp, std::move(principal.ip));
107
110
  case Rbac::Principal::RuleType::kDirectRemoteIp:
108
- return absl::make_unique<IpAuthorizationMatcher>(
111
+ return std::make_unique<IpAuthorizationMatcher>(
109
112
  IpAuthorizationMatcher::Type::kDirectRemoteIp,
110
113
  std::move(principal.ip));
111
114
  case Rbac::Principal::RuleType::kRemoteIp:
112
- return absl::make_unique<IpAuthorizationMatcher>(
115
+ return std::make_unique<IpAuthorizationMatcher>(
113
116
  IpAuthorizationMatcher::Type::kRemoteIp, std::move(principal.ip));
114
117
  case Rbac::Principal::RuleType::kHeader:
115
- return absl::make_unique<HeaderAuthorizationMatcher>(
118
+ return std::make_unique<HeaderAuthorizationMatcher>(
116
119
  std::move(principal.header_matcher));
117
120
  case Rbac::Principal::RuleType::kPath:
118
- return absl::make_unique<PathAuthorizationMatcher>(
121
+ return std::make_unique<PathAuthorizationMatcher>(
119
122
  std::move(principal.string_matcher.value()));
120
123
  case Rbac::Principal::RuleType::kMetadata:
121
- return absl::make_unique<MetadataAuthorizationMatcher>(principal.invert);
124
+ return std::make_unique<MetadataAuthorizationMatcher>(principal.invert);
122
125
  }
123
126
  return nullptr;
124
127
  }
@@ -19,7 +19,6 @@
19
19
  #include <algorithm>
20
20
  #include <utility>
21
21
 
22
- #include "absl/memory/memory.h"
23
22
  #include "absl/strings/str_format.h"
24
23
  #include "absl/strings/str_join.h"
25
24
 
@@ -99,7 +98,7 @@ Rbac::Permission Rbac::Permission::MakeNotPermission(Permission permission) {
99
98
  Permission not_permission;
100
99
  not_permission.type = Permission::RuleType::kNot;
101
100
  not_permission.permissions.push_back(
102
- absl::make_unique<Rbac::Permission>(std::move(permission)));
101
+ std::make_unique<Rbac::Permission>(std::move(permission)));
103
102
  return not_permission;
104
103
  }
105
104
 
@@ -271,7 +270,7 @@ Rbac::Principal Rbac::Principal::MakeNotPrincipal(Principal principal) {
271
270
  Principal not_principal;
272
271
  not_principal.type = Principal::RuleType::kNot;
273
272
  not_principal.principals.push_back(
274
- absl::make_unique<Rbac::Principal>(std::move(principal)));
273
+ std::make_unique<Rbac::Principal>(std::move(principal)));
275
274
  return not_principal;
276
275
  }
277
276
 
@@ -23,6 +23,7 @@
23
23
 
24
24
  #include <stddef.h>
25
25
 
26
+ #include <memory>
26
27
  #include <utility>
27
28
 
28
29
  #include "absl/strings/string_view.h"
@@ -64,6 +65,11 @@ struct grpc_auth_context
64
65
  : public grpc_core::RefCounted<grpc_auth_context,
65
66
  grpc_core::NonPolymorphicRefCount> {
66
67
  public:
68
+ // Base class for all extensions to inherit from.
69
+ class Extension {
70
+ public:
71
+ virtual ~Extension() = default;
72
+ };
67
73
  explicit grpc_auth_context(
68
74
  grpc_core::RefCountedPtr<grpc_auth_context> chained)
69
75
  : grpc_core::RefCounted<grpc_auth_context,
@@ -105,6 +111,9 @@ struct grpc_auth_context
105
111
  void set_peer_identity_property_name(const char* name) {
106
112
  peer_identity_property_name_ = name;
107
113
  }
114
+ void set_extension(std::unique_ptr<Extension> extension) {
115
+ extension_ = std::move(extension);
116
+ }
108
117
 
109
118
  void ensure_capacity();
110
119
  void add_property(const char* name, const char* value, size_t value_length);
@@ -114,6 +123,7 @@ struct grpc_auth_context
114
123
  grpc_core::RefCountedPtr<grpc_auth_context> chained_;
115
124
  grpc_auth_property_array properties_;
116
125
  const char* peer_identity_property_name_ = nullptr;
126
+ std::unique_ptr<Extension> extension_;
117
127
  };
118
128
 
119
129
  /* --- grpc_security_context_extension ---
@@ -20,7 +20,6 @@
20
20
 
21
21
  #include <memory>
22
22
 
23
- #include "absl/memory/memory.h"
24
23
  #include "absl/strings/string_view.h"
25
24
 
26
25
  #include <grpc/grpc.h>
@@ -71,11 +70,11 @@ class FakeChannelCredsFactory : public ChannelCredsFactory<> {
71
70
 
72
71
  void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder) {
73
72
  builder->channel_creds_registry()->RegisterChannelCredsFactory(
74
- absl::make_unique<GoogleDefaultChannelCredsFactory>());
73
+ std::make_unique<GoogleDefaultChannelCredsFactory>());
75
74
  builder->channel_creds_registry()->RegisterChannelCredsFactory(
76
- absl::make_unique<InsecureChannelCredsFactory>());
75
+ std::make_unique<InsecureChannelCredsFactory>());
77
76
  builder->channel_creds_registry()->RegisterChannelCredsFactory(
78
- absl::make_unique<FakeChannelCredsFactory>());
77
+ std::make_unique<FakeChannelCredsFactory>());
79
78
  }
80
79
 
81
80
  } // namespace grpc_core
@@ -21,6 +21,7 @@
21
21
  #include "src/core/lib/security/credentials/composite/composite_credentials.h"
22
22
 
23
23
  #include <cstring>
24
+ #include <memory>
24
25
  #include <vector>
25
26
 
26
27
  #include "absl/strings/str_cat.h"
@@ -33,7 +34,6 @@
33
34
  #include "src/core/lib/gprpp/ref_counted_ptr.h"
34
35
  #include "src/core/lib/promise/try_seq.h"
35
36
  #include "src/core/lib/surface/api_trace.h"
36
- #include "src/core/lib/transport/transport.h"
37
37
 
38
38
  //
39
39
  // grpc_composite_channel_credentials
@@ -22,7 +22,6 @@
22
22
  #include <map>
23
23
  #include <utility>
24
24
 
25
- #include "absl/memory/memory.h"
26
25
  #include "absl/status/status.h"
27
26
  #include "absl/status/statusor.h"
28
27
  #include "absl/strings/str_cat.h"
@@ -38,6 +37,7 @@
38
37
  #include <grpc/support/string_util.h>
39
38
 
40
39
  #include "src/core/lib/gprpp/env.h"
40
+ #include "src/core/lib/gprpp/host_port.h"
41
41
  #include "src/core/lib/http/httpcli_ssl_credentials.h"
42
42
  #include "src/core/lib/iomgr/closure.h"
43
43
  #include "src/core/lib/json/json.h"
@@ -48,6 +48,9 @@ namespace grpc_core {
48
48
 
49
49
  namespace {
50
50
 
51
+ const char* awsEc2MetadataIpv4Address = "169.254.169.254";
52
+ const char* awsEc2MetadataIpv6Address = "fd00:ec2::254";
53
+
51
54
  const char* kExpectedEnvironmentId = "aws1";
52
55
 
53
56
  const char* kRegionEnvVar = "AWS_REGION";
@@ -74,6 +77,15 @@ std::string UrlEncode(const absl::string_view& s) {
74
77
  return result;
75
78
  }
76
79
 
80
+ bool ValidateAwsUrl(const std::string& urlString) {
81
+ absl::StatusOr<URI> url = URI::Parse(urlString);
82
+ if (!url.ok()) return false;
83
+ absl::string_view host;
84
+ absl::string_view port;
85
+ SplitHostPort(url->authority(), &host, &port);
86
+ return host == awsEc2MetadataIpv4Address || host == awsEc2MetadataIpv6Address;
87
+ }
88
+
77
89
  } // namespace
78
90
 
79
91
  RefCountedPtr<AwsExternalAccountCredentials>
@@ -82,7 +94,7 @@ AwsExternalAccountCredentials::Create(Options options,
82
94
  grpc_error_handle* error) {
83
95
  auto creds = MakeRefCounted<AwsExternalAccountCredentials>(
84
96
  std::move(options), std::move(scopes), error);
85
- if (GRPC_ERROR_IS_NONE(*error)) {
97
+ if (error->ok()) {
86
98
  return creds;
87
99
  } else {
88
100
  return nullptr;
@@ -95,46 +107,53 @@ AwsExternalAccountCredentials::AwsExternalAccountCredentials(
95
107
  audience_ = options.audience;
96
108
  auto it = options.credential_source.object_value().find("environment_id");
97
109
  if (it == options.credential_source.object_value().end()) {
98
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
99
- "environment_id field not present.");
110
+ *error = GRPC_ERROR_CREATE("environment_id field not present.");
100
111
  return;
101
112
  }
102
113
  if (it->second.type() != Json::Type::STRING) {
103
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
104
- "environment_id field must be a string.");
114
+ *error = GRPC_ERROR_CREATE("environment_id field must be a string.");
105
115
  return;
106
116
  }
107
117
  if (it->second.string_value() != kExpectedEnvironmentId) {
108
- *error =
109
- GRPC_ERROR_CREATE_FROM_STATIC_STRING("environment_id does not match.");
118
+ *error = GRPC_ERROR_CREATE("environment_id does not match.");
110
119
  return;
111
120
  }
112
121
  it = options.credential_source.object_value().find("region_url");
113
122
  if (it == options.credential_source.object_value().end()) {
114
- *error =
115
- GRPC_ERROR_CREATE_FROM_STATIC_STRING("region_url field not present.");
123
+ *error = GRPC_ERROR_CREATE("region_url field not present.");
116
124
  return;
117
125
  }
118
126
  if (it->second.type() != Json::Type::STRING) {
119
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
120
- "region_url field must be a string.");
127
+ *error = GRPC_ERROR_CREATE("region_url field must be a string.");
121
128
  return;
122
129
  }
123
130
  region_url_ = it->second.string_value();
131
+ if (!ValidateAwsUrl(region_url_)) {
132
+ *error = GRPC_ERROR_CREATE(absl::StrFormat(
133
+ "Invalid host for region_url field, expecting %s or %s.",
134
+ awsEc2MetadataIpv4Address, awsEc2MetadataIpv6Address));
135
+ return;
136
+ }
124
137
  it = options.credential_source.object_value().find("url");
125
138
  if (it != options.credential_source.object_value().end() &&
126
139
  it->second.type() == Json::Type::STRING) {
127
140
  url_ = it->second.string_value();
141
+ if (!ValidateAwsUrl(url_)) {
142
+ *error = GRPC_ERROR_CREATE(absl::StrFormat(
143
+ "Invalid host for url field, expecting %s or %s.",
144
+ awsEc2MetadataIpv4Address, awsEc2MetadataIpv6Address));
145
+ return;
146
+ }
128
147
  }
129
148
  it = options.credential_source.object_value().find(
130
149
  "regional_cred_verification_url");
131
150
  if (it == options.credential_source.object_value().end()) {
132
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
133
- "regional_cred_verification_url field not present.");
151
+ *error =
152
+ GRPC_ERROR_CREATE("regional_cred_verification_url field not present.");
134
153
  return;
135
154
  }
136
155
  if (it->second.type() != Json::Type::STRING) {
137
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
156
+ *error = GRPC_ERROR_CREATE(
138
157
  "regional_cred_verification_url field must be a string.");
139
158
  return;
140
159
  }
@@ -144,6 +163,13 @@ AwsExternalAccountCredentials::AwsExternalAccountCredentials(
144
163
  if (it != options.credential_source.object_value().end() &&
145
164
  it->second.type() == Json::Type::STRING) {
146
165
  imdsv2_session_token_url_ = it->second.string_value();
166
+ if (!ValidateAwsUrl(imdsv2_session_token_url_)) {
167
+ *error = GRPC_ERROR_CREATE(absl::StrFormat(
168
+ "Invalid host for imdsv2_session_token_url field, expecting %s or "
169
+ "%s.",
170
+ awsEc2MetadataIpv4Address, awsEc2MetadataIpv6Address));
171
+ return;
172
+ }
147
173
  }
148
174
  }
149
175
 
@@ -153,7 +179,7 @@ void AwsExternalAccountCredentials::RetrieveSubjectToken(
153
179
  if (ctx == nullptr) {
154
180
  FinishRetrieveSubjectToken(
155
181
  "",
156
- GRPC_ERROR_CREATE_FROM_STATIC_STRING(
182
+ GRPC_ERROR_CREATE(
157
183
  "Missing HTTPRequestContext to start subject token retrieval."));
158
184
  return;
159
185
  }
@@ -204,12 +230,12 @@ void AwsExternalAccountCredentials::OnRetrieveImdsV2SessionToken(
204
230
  void* arg, grpc_error_handle error) {
205
231
  AwsExternalAccountCredentials* self =
206
232
  static_cast<AwsExternalAccountCredentials*>(arg);
207
- self->OnRetrieveImdsV2SessionTokenInternal(GRPC_ERROR_REF(error));
233
+ self->OnRetrieveImdsV2SessionTokenInternal(error);
208
234
  }
209
235
 
210
236
  void AwsExternalAccountCredentials::OnRetrieveImdsV2SessionTokenInternal(
211
237
  grpc_error_handle error) {
212
- if (!GRPC_ERROR_IS_NONE(error)) {
238
+ if (!error.ok()) {
213
239
  FinishRetrieveSubjectToken("", error);
214
240
  return;
215
241
  }
@@ -253,8 +279,8 @@ void AwsExternalAccountCredentials::RetrieveRegion() {
253
279
  absl::StatusOr<URI> uri = URI::Parse(region_url_);
254
280
  if (!uri.ok()) {
255
281
  FinishRetrieveSubjectToken(
256
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrFormat(
257
- "Invalid region url. %s", uri.status().ToString())));
282
+ "", GRPC_ERROR_CREATE(absl::StrFormat("Invalid region url. %s",
283
+ uri.status().ToString())));
258
284
  return;
259
285
  }
260
286
  grpc_http_request request;
@@ -282,12 +308,12 @@ void AwsExternalAccountCredentials::OnRetrieveRegion(void* arg,
282
308
  grpc_error_handle error) {
283
309
  AwsExternalAccountCredentials* self =
284
310
  static_cast<AwsExternalAccountCredentials*>(arg);
285
- self->OnRetrieveRegionInternal(GRPC_ERROR_REF(error));
311
+ self->OnRetrieveRegionInternal(error);
286
312
  }
287
313
 
288
314
  void AwsExternalAccountCredentials::OnRetrieveRegionInternal(
289
315
  grpc_error_handle error) {
290
- if (!GRPC_ERROR_IS_NONE(error)) {
316
+ if (!error.ok()) {
291
317
  FinishRetrieveSubjectToken("", error);
292
318
  return;
293
319
  }
@@ -306,7 +332,7 @@ void AwsExternalAccountCredentials::RetrieveRoleName() {
306
332
  absl::StatusOr<URI> uri = URI::Parse(url_);
307
333
  if (!uri.ok()) {
308
334
  FinishRetrieveSubjectToken(
309
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(
335
+ "", GRPC_ERROR_CREATE(
310
336
  absl::StrFormat("Invalid url: %s.", uri.status().ToString())));
311
337
  return;
312
338
  }
@@ -336,12 +362,12 @@ void AwsExternalAccountCredentials::OnRetrieveRoleName(
336
362
  void* arg, grpc_error_handle error) {
337
363
  AwsExternalAccountCredentials* self =
338
364
  static_cast<AwsExternalAccountCredentials*>(arg);
339
- self->OnRetrieveRoleNameInternal(GRPC_ERROR_REF(error));
365
+ self->OnRetrieveRoleNameInternal(error);
340
366
  }
341
367
 
342
368
  void AwsExternalAccountCredentials::OnRetrieveRoleNameInternal(
343
369
  grpc_error_handle error) {
344
- if (!GRPC_ERROR_IS_NONE(error)) {
370
+ if (!error.ok()) {
345
371
  FinishRetrieveSubjectToken("", error);
346
372
  return;
347
373
  }
@@ -363,16 +389,16 @@ void AwsExternalAccountCredentials::RetrieveSigningKeys() {
363
389
  }
364
390
  if (role_name_.empty()) {
365
391
  FinishRetrieveSubjectToken(
366
- "", GRPC_ERROR_CREATE_FROM_STATIC_STRING(
367
- "Missing role name when retrieving signing keys."));
392
+ "",
393
+ GRPC_ERROR_CREATE("Missing role name when retrieving signing keys."));
368
394
  return;
369
395
  }
370
396
  std::string url_with_role_name = absl::StrCat(url_, "/", role_name_);
371
397
  absl::StatusOr<URI> uri = URI::Parse(url_with_role_name);
372
398
  if (!uri.ok()) {
373
399
  FinishRetrieveSubjectToken(
374
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrFormat(
375
- "Invalid url with role name: %s.", uri.status().ToString())));
400
+ "", GRPC_ERROR_CREATE(absl::StrFormat("Invalid url with role name: %s.",
401
+ uri.status().ToString())));
376
402
  return;
377
403
  }
378
404
  grpc_http_request request;
@@ -401,12 +427,12 @@ void AwsExternalAccountCredentials::OnRetrieveSigningKeys(
401
427
  void* arg, grpc_error_handle error) {
402
428
  AwsExternalAccountCredentials* self =
403
429
  static_cast<AwsExternalAccountCredentials*>(arg);
404
- self->OnRetrieveSigningKeysInternal(GRPC_ERROR_REF(error));
430
+ self->OnRetrieveSigningKeysInternal(error);
405
431
  }
406
432
 
407
433
  void AwsExternalAccountCredentials::OnRetrieveSigningKeysInternal(
408
434
  grpc_error_handle error) {
409
- if (!GRPC_ERROR_IS_NONE(error)) {
435
+ if (!error.ok()) {
410
436
  FinishRetrieveSubjectToken("", error);
411
437
  return;
412
438
  }
@@ -415,16 +441,15 @@ void AwsExternalAccountCredentials::OnRetrieveSigningKeysInternal(
415
441
  auto json = Json::Parse(response_body);
416
442
  if (!json.ok()) {
417
443
  FinishRetrieveSubjectToken(
418
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(
444
+ "", GRPC_ERROR_CREATE(
419
445
  absl::StrCat("Invalid retrieve signing keys response: ",
420
446
  json.status().ToString())));
421
447
  return;
422
448
  }
423
449
  if (json->type() != Json::Type::OBJECT) {
424
- FinishRetrieveSubjectToken("",
425
- GRPC_ERROR_CREATE_FROM_STATIC_STRING(
426
- "Invalid retrieve signing keys response: "
427
- "JSON type is not object"));
450
+ FinishRetrieveSubjectToken(
451
+ "", GRPC_ERROR_CREATE("Invalid retrieve signing keys response: "
452
+ "JSON type is not object"));
428
453
  return;
429
454
  }
430
455
  auto it = json->object_value().find("AccessKeyId");
@@ -433,7 +458,7 @@ void AwsExternalAccountCredentials::OnRetrieveSigningKeysInternal(
433
458
  access_key_id_ = it->second.string_value();
434
459
  } else {
435
460
  FinishRetrieveSubjectToken(
436
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrFormat(
461
+ "", GRPC_ERROR_CREATE(absl::StrFormat(
437
462
  "Missing or invalid AccessKeyId in %s.", response_body)));
438
463
  return;
439
464
  }
@@ -443,7 +468,7 @@ void AwsExternalAccountCredentials::OnRetrieveSigningKeysInternal(
443
468
  secret_access_key_ = it->second.string_value();
444
469
  } else {
445
470
  FinishRetrieveSubjectToken(
446
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrFormat(
471
+ "", GRPC_ERROR_CREATE(absl::StrFormat(
447
472
  "Missing or invalid SecretAccessKey in %s.", response_body)));
448
473
  return;
449
474
  }
@@ -453,38 +478,35 @@ void AwsExternalAccountCredentials::OnRetrieveSigningKeysInternal(
453
478
  token_ = it->second.string_value();
454
479
  } else {
455
480
  FinishRetrieveSubjectToken(
456
- "", GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrFormat(
457
- "Missing or invalid Token in %s.", response_body)));
481
+ "", GRPC_ERROR_CREATE(absl::StrFormat("Missing or invalid Token in %s.",
482
+ response_body)));
458
483
  return;
459
484
  }
460
485
  BuildSubjectToken();
461
486
  }
462
487
 
463
488
  void AwsExternalAccountCredentials::BuildSubjectToken() {
464
- grpc_error_handle error = GRPC_ERROR_NONE;
489
+ grpc_error_handle error;
465
490
  if (signer_ == nullptr) {
466
491
  cred_verification_url_ = absl::StrReplaceAll(
467
492
  regional_cred_verification_url_, {{"{region}", region_}});
468
- signer_ = absl::make_unique<AwsRequestSigner>(
493
+ signer_ = std::make_unique<AwsRequestSigner>(
469
494
  access_key_id_, secret_access_key_, token_, "POST",
470
495
  cred_verification_url_, region_, "",
471
496
  std::map<std::string, std::string>(), &error);
472
- if (!GRPC_ERROR_IS_NONE(error)) {
497
+ if (!error.ok()) {
473
498
  FinishRetrieveSubjectToken(
474
- "", GRPC_ERROR_CREATE_REFERENCING_FROM_STATIC_STRING(
499
+ "", GRPC_ERROR_CREATE_REFERENCING(
475
500
  "Creating aws request signer failed.", &error, 1));
476
- GRPC_ERROR_UNREF(error);
477
501
  return;
478
502
  }
479
503
  }
480
504
  auto signed_headers = signer_->GetSignedRequestHeaders();
481
- if (!GRPC_ERROR_IS_NONE(error)) {
482
- FinishRetrieveSubjectToken("",
483
- GRPC_ERROR_CREATE_REFERENCING_FROM_STATIC_STRING(
484
- "Invalid getting signed request"
485
- "headers.",
486
- &error, 1));
487
- GRPC_ERROR_UNREF(error);
505
+ if (!error.ok()) {
506
+ FinishRetrieveSubjectToken(
507
+ "", GRPC_ERROR_CREATE_REFERENCING("Invalid getting signed request"
508
+ "headers.",
509
+ &error, 1));
488
510
  return;
489
511
  }
490
512
  // Construct subject token
@@ -503,7 +525,7 @@ void AwsExternalAccountCredentials::BuildSubjectToken() {
503
525
  {"headers", Json(headers)}};
504
526
  Json subject_token_json(object);
505
527
  std::string subject_token = UrlEncode(subject_token_json.Dump());
506
- FinishRetrieveSubjectToken(subject_token, GRPC_ERROR_NONE);
528
+ FinishRetrieveSubjectToken(subject_token, absl::OkStatus());
507
529
  }
508
530
 
509
531
  void AwsExternalAccountCredentials::FinishRetrieveSubjectToken(
@@ -514,10 +536,10 @@ void AwsExternalAccountCredentials::FinishRetrieveSubjectToken(
514
536
  auto cb = cb_;
515
537
  cb_ = nullptr;
516
538
  // Invoke the callback.
517
- if (!GRPC_ERROR_IS_NONE(error)) {
539
+ if (!error.ok()) {
518
540
  cb("", error);
519
541
  } else {
520
- cb(subject_token, GRPC_ERROR_NONE);
542
+ cb(subject_token, absl::OkStatus());
521
543
  }
522
544
  }
523
545
 
@@ -88,7 +88,7 @@ AwsRequestSigner::AwsRequestSigner(
88
88
  auto date_it = additional_headers_.find("date");
89
89
  if (amz_date_it != additional_headers_.end() &&
90
90
  date_it != additional_headers_.end()) {
91
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
91
+ *error = GRPC_ERROR_CREATE(
92
92
  "Only one of {date, x-amz-date} can be specified, not both.");
93
93
  return;
94
94
  }
@@ -99,7 +99,7 @@ AwsRequestSigner::AwsRequestSigner(
99
99
  std::string err_str;
100
100
  if (!absl::ParseTime(kDateFormat, date_it->second, &request_date,
101
101
  &err_str)) {
102
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(err_str.c_str());
102
+ *error = GRPC_ERROR_CREATE(err_str.c_str());
103
103
  return;
104
104
  }
105
105
  static_request_date_ =
@@ -107,7 +107,7 @@ AwsRequestSigner::AwsRequestSigner(
107
107
  }
108
108
  absl::StatusOr<URI> tmp_url = URI::Parse(url);
109
109
  if (!tmp_url.ok()) {
110
- *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("Invalid Aws request url.");
110
+ *error = GRPC_ERROR_CREATE("Invalid Aws request url.");
111
111
  return;
112
112
  }
113
113
  url_ = tmp_url.value();
@@ -170,6 +170,7 @@ std::map<std::string, std::string> AwsRequestSigner::GetSignedRequestHeaders() {
170
170
  canonical_request_vector.emplace_back("\n");
171
171
  // 5. SignedHeaders
172
172
  std::vector<absl::string_view> signed_headers_vector;
173
+ signed_headers_vector.reserve(request_headers_.size());
173
174
  for (const auto& header : request_headers_) {
174
175
  signed_headers_vector.emplace_back(header.first);
175
176
  }