grpc 1.50.0.pre1 → 1.51.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +131 -42
- data/include/grpc/event_engine/event_engine.h +10 -3
- data/include/grpc/event_engine/slice_buffer.h +17 -0
- data/include/grpc/grpc.h +0 -10
- data/include/grpc/impl/codegen/grpc_types.h +1 -5
- data/include/grpc/impl/codegen/port_platform.h +0 -3
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +19 -13
- data/src/core/ext/filters/channel_idle/channel_idle_filter.h +1 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +3 -3
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +7 -5
- data/src/core/ext/filters/client_channel/client_channel.cc +120 -140
- data/src/core/ext/filters/client_channel/client_channel.h +3 -4
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +0 -2
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +1 -1
- data/src/core/ext/filters/client_channel/client_channel_service_config.cc +153 -0
- data/src/core/ext/filters/client_channel/{resolver_result_parsing.h → client_channel_service_config.h} +26 -23
- data/src/core/ext/filters/client_channel/connector.h +1 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +20 -47
- data/src/core/ext/filters/client_channel/dynamic_filters.h +7 -8
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +3 -4
- data/src/core/ext/filters/client_channel/http_proxy.cc +0 -1
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +3 -4
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +8 -7
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +35 -44
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +1 -3
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +3 -4
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +41 -29
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +9 -11
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +15 -12
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +8 -10
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +26 -27
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +7 -9
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +44 -26
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +17 -27
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +42 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/{xds.h → xds_attributes.h} +15 -17
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +13 -7
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +48 -47
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -126
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +364 -0
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +9 -9
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +23 -32
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +22 -23
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +50 -52
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +2 -4
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -3
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +34 -26
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +3 -4
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -7
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +63 -46
- data/src/core/ext/filters/client_channel/retry_filter.cc +80 -102
- data/src/core/ext/filters/client_channel/retry_service_config.cc +192 -234
- data/src/core/ext/filters/client_channel/retry_service_config.h +20 -23
- data/src/core/ext/filters/client_channel/retry_throttle.cc +8 -8
- data/src/core/ext/filters/client_channel/retry_throttle.h +8 -7
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +2 -2
- data/src/core/ext/filters/client_channel/subchannel.cc +21 -25
- data/src/core/ext/filters/client_channel/subchannel.h +2 -2
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +11 -12
- data/src/core/ext/filters/deadline/deadline_filter.cc +13 -14
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +0 -4
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +118 -0
- data/src/core/ext/filters/fault_injection/{service_config_parser.h → fault_injection_service_config_parser.h} +20 -12
- data/src/core/ext/filters/http/client/http_client_filter.cc +16 -16
- data/src/core/ext/filters/http/client_authority_filter.cc +1 -1
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +13 -13
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +34 -34
- data/src/core/ext/filters/http/server/http_server_filter.cc +26 -25
- data/src/core/ext/filters/message_size/message_size_filter.cc +86 -117
- data/src/core/ext/filters/message_size/message_size_filter.h +22 -15
- data/src/core/ext/filters/rbac/rbac_filter.cc +12 -12
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +728 -530
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +4 -3
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +1 -1
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -7
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +17 -21
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +57 -72
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +212 -253
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +42 -11
- data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +16 -15
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -1
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +13 -13
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +15 -17
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +5 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +31 -39
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +7 -6
- data/src/core/ext/transport/chttp2/transport/internal.h +24 -8
- data/src/core/ext/transport/chttp2/transport/parsing.cc +51 -52
- data/src/core/ext/transport/chttp2/transport/varint.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/varint.h +11 -8
- data/src/core/ext/transport/chttp2/transport/writing.cc +16 -16
- data/src/core/ext/transport/inproc/inproc_transport.cc +97 -115
- data/src/core/ext/xds/certificate_provider_store.cc +4 -4
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +4 -7
- data/src/core/ext/xds/xds_api.cc +15 -68
- data/src/core/ext/xds/xds_api.h +3 -7
- data/src/core/ext/xds/xds_bootstrap.h +0 -1
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +3 -12
- data/src/core/ext/xds/xds_bootstrap_grpc.h +16 -1
- data/src/core/ext/xds/xds_certificate_provider.cc +22 -25
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -1
- data/src/core/ext/xds/xds_client.cc +122 -90
- data/src/core/ext/xds/xds_client.h +7 -2
- data/src/core/ext/xds/xds_client_grpc.cc +5 -24
- data/src/core/ext/xds/xds_cluster.cc +291 -183
- data/src/core/ext/xds/xds_cluster.h +11 -15
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +32 -29
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +35 -16
- data/src/core/ext/xds/xds_common_types.cc +208 -141
- data/src/core/ext/xds/xds_common_types.h +19 -13
- data/src/core/ext/xds/xds_endpoint.cc +214 -129
- data/src/core/ext/xds/xds_endpoint.h +4 -7
- data/src/core/ext/xds/xds_http_fault_filter.cc +56 -43
- data/src/core/ext/xds/xds_http_fault_filter.h +13 -21
- data/src/core/ext/xds/xds_http_filters.cc +60 -73
- data/src/core/ext/xds/xds_http_filters.h +67 -19
- data/src/core/ext/xds/xds_http_rbac_filter.cc +152 -207
- data/src/core/ext/xds/xds_http_rbac_filter.h +12 -15
- data/src/core/ext/xds/xds_lb_policy_registry.cc +122 -169
- data/src/core/ext/xds/xds_lb_policy_registry.h +10 -11
- data/src/core/ext/xds/xds_listener.cc +459 -417
- data/src/core/ext/xds/xds_listener.h +43 -47
- data/src/core/ext/xds/xds_resource_type.h +3 -11
- data/src/core/ext/xds/xds_resource_type_impl.h +8 -13
- data/src/core/ext/xds/xds_route_config.cc +94 -80
- data/src/core/ext/xds/xds_route_config.h +10 -10
- data/src/core/ext/xds/xds_routing.cc +2 -1
- data/src/core/ext/xds/xds_routing.h +2 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +109 -94
- data/src/core/ext/xds/xds_transport_grpc.cc +4 -5
- data/src/core/lib/address_utils/parse_address.cc +11 -10
- data/src/core/lib/channel/channel_args.h +16 -1
- data/src/core/lib/channel/channel_stack.cc +23 -20
- data/src/core/lib/channel/channel_stack.h +17 -4
- data/src/core/lib/channel/channel_stack_builder.cc +4 -7
- data/src/core/lib/channel/channel_stack_builder.h +14 -6
- data/src/core/lib/channel/channel_stack_builder_impl.cc +25 -7
- data/src/core/lib/channel/channel_stack_builder_impl.h +2 -0
- data/src/core/lib/channel/channel_trace.cc +4 -5
- data/src/core/lib/channel/channelz.cc +1 -1
- data/src/core/lib/channel/connected_channel.cc +695 -35
- data/src/core/lib/channel/connected_channel.h +0 -4
- data/src/core/lib/channel/promise_based_filter.cc +1004 -140
- data/src/core/lib/channel/promise_based_filter.h +364 -87
- data/src/core/lib/compression/message_compress.cc +5 -5
- data/src/core/lib/debug/event_log.cc +88 -0
- data/src/core/lib/debug/event_log.h +81 -0
- data/src/core/lib/debug/histogram_view.cc +69 -0
- data/src/core/lib/{slice/slice_refcount.cc → debug/histogram_view.h} +15 -13
- data/src/core/lib/debug/stats.cc +22 -119
- data/src/core/lib/debug/stats.h +29 -35
- data/src/core/lib/debug/stats_data.cc +224 -73
- data/src/core/lib/debug/stats_data.h +263 -122
- data/src/core/lib/event_engine/common_closures.h +71 -0
- data/src/core/lib/event_engine/default_event_engine.cc +38 -15
- data/src/core/lib/event_engine/default_event_engine.h +15 -3
- data/src/core/lib/event_engine/default_event_engine_factory.cc +2 -4
- data/src/core/lib/event_engine/memory_allocator.cc +1 -1
- data/src/core/lib/event_engine/poller.h +10 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +618 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +129 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +901 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +97 -0
- data/src/core/lib/event_engine/posix_engine/event_poller.h +111 -0
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +74 -0
- data/src/core/lib/event_engine/{executor/threaded_executor.cc → posix_engine/event_poller_posix_default.h} +13 -16
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +77 -0
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +179 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +267 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +73 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +1270 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +682 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +453 -18
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +148 -24
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +80 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +1081 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +361 -0
- data/src/core/lib/event_engine/posix_engine/timer.h +9 -8
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +57 -194
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +21 -49
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +301 -0
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +179 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +126 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +45 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +151 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +45 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +76 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +67 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +37 -0
- data/src/core/lib/event_engine/slice.cc +7 -6
- data/src/core/lib/event_engine/slice_buffer.cc +2 -2
- data/src/core/lib/event_engine/thread_pool.cc +106 -25
- data/src/core/lib/event_engine/thread_pool.h +32 -9
- data/src/core/lib/event_engine/windows/win_socket.cc +7 -7
- data/src/core/lib/event_engine/windows/windows_engine.cc +18 -12
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -4
- data/src/core/lib/experiments/config.cc +1 -1
- data/src/core/lib/experiments/experiments.cc +13 -2
- data/src/core/lib/experiments/experiments.h +8 -1
- data/src/core/lib/gpr/cpu_linux.cc +6 -2
- data/src/core/lib/gpr/log_linux.cc +3 -4
- data/src/core/lib/gpr/string.h +1 -1
- data/src/core/lib/gpr/tmpfile_posix.cc +3 -2
- data/src/core/lib/gprpp/load_file.cc +75 -0
- data/src/core/lib/gprpp/load_file.h +33 -0
- data/src/core/lib/gprpp/per_cpu.h +46 -0
- data/src/core/lib/gprpp/stat_posix.cc +5 -4
- data/src/core/lib/gprpp/stat_windows.cc +3 -2
- data/src/core/lib/gprpp/status_helper.h +1 -3
- data/src/core/lib/gprpp/strerror.cc +41 -0
- data/src/core/{ext/xds/xds_resource_type.cc → lib/gprpp/strerror.h} +9 -13
- data/src/core/lib/gprpp/thd_windows.cc +1 -2
- data/src/core/lib/gprpp/time.cc +3 -4
- data/src/core/lib/gprpp/time.h +13 -2
- data/src/core/lib/gprpp/validation_errors.h +18 -1
- data/src/core/lib/http/httpcli.cc +40 -44
- data/src/core/lib/http/httpcli.h +6 -5
- data/src/core/lib/http/httpcli_security_connector.cc +4 -6
- data/src/core/lib/http/parser.cc +54 -65
- data/src/core/lib/iomgr/buffer_list.cc +105 -116
- data/src/core/lib/iomgr/buffer_list.h +60 -44
- data/src/core/lib/iomgr/call_combiner.cc +11 -10
- data/src/core/lib/iomgr/call_combiner.h +3 -4
- data/src/core/lib/iomgr/cfstream_handle.cc +13 -16
- data/src/core/lib/iomgr/closure.h +49 -5
- data/src/core/lib/iomgr/combiner.cc +2 -2
- data/src/core/lib/iomgr/endpoint.h +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +26 -25
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -2
- data/src/core/lib/iomgr/error.cc +27 -42
- data/src/core/lib/iomgr/error.h +22 -152
- data/src/core/lib/iomgr/ev_apple.cc +4 -4
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +26 -25
- data/src/core/lib/iomgr/ev_poll_posix.cc +27 -31
- data/src/core/lib/iomgr/exec_ctx.cc +3 -4
- data/src/core/lib/iomgr/exec_ctx.h +2 -3
- data/src/core/lib/iomgr/executor.cc +1 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +3 -1
- data/src/core/lib/iomgr/iocp_windows.cc +1 -0
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -2
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +2 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +2 -1
- data/src/core/lib/iomgr/load_file.cc +5 -9
- data/src/core/lib/iomgr/lockfree_event.cc +10 -10
- data/src/core/lib/iomgr/pollset_windows.cc +4 -4
- data/src/core/lib/iomgr/python_util.h +2 -2
- data/src/core/lib/iomgr/resolve_address.cc +8 -3
- data/src/core/lib/iomgr/resolve_address.h +3 -4
- data/src/core/lib/iomgr/resolve_address_impl.h +1 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +14 -25
- data/src/core/lib/iomgr/resolve_address_posix.h +1 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +14 -17
- data/src/core/lib/iomgr/resolve_address_windows.h +1 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +30 -29
- data/src/core/lib/iomgr/socket_utils_posix.cc +1 -0
- data/src/core/lib/iomgr/socket_utils_posix.h +2 -2
- data/src/core/lib/iomgr/socket_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +6 -10
- data/src/core/lib/iomgr/tcp_client_posix.cc +31 -35
- data/src/core/lib/iomgr/tcp_client_windows.cc +8 -12
- data/src/core/lib/iomgr/tcp_posix.cc +92 -108
- data/src/core/lib/iomgr/tcp_server_posix.cc +34 -34
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +18 -21
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +12 -13
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +1 -1
- data/src/core/lib/iomgr/tcp_server_windows.cc +26 -29
- data/src/core/lib/iomgr/tcp_windows.cc +27 -34
- data/src/core/lib/iomgr/timer.h +8 -8
- data/src/core/lib/iomgr/timer_generic.cc +9 -15
- data/src/core/lib/iomgr/unix_sockets_posix.cc +2 -4
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +4 -3
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +10 -8
- data/src/core/lib/json/json_channel_args.h +42 -0
- data/src/core/lib/json/json_object_loader.cc +7 -2
- data/src/core/lib/json/json_object_loader.h +22 -0
- data/src/core/lib/json/json_util.cc +5 -5
- data/src/core/lib/json/json_util.h +4 -4
- data/src/core/lib/load_balancing/lb_policy.cc +1 -1
- data/src/core/lib/load_balancing/lb_policy.h +4 -0
- data/src/core/lib/load_balancing/subchannel_interface.h +0 -7
- data/src/core/lib/matchers/matchers.cc +3 -4
- data/src/core/lib/promise/activity.cc +16 -2
- data/src/core/lib/promise/activity.h +38 -15
- data/src/core/lib/promise/arena_promise.h +80 -51
- data/src/core/lib/promise/context.h +13 -6
- data/src/core/lib/promise/detail/basic_seq.h +9 -28
- data/src/core/lib/promise/detail/promise_factory.h +58 -10
- data/src/core/lib/promise/detail/status.h +28 -0
- data/src/core/lib/promise/detail/switch.h +1455 -0
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +3 -1
- data/src/core/lib/promise/for_each.h +129 -0
- data/src/core/lib/promise/loop.h +7 -5
- data/src/core/lib/promise/map_pipe.h +87 -0
- data/src/core/lib/promise/pipe.cc +19 -0
- data/src/core/lib/promise/pipe.h +505 -0
- data/src/core/lib/promise/poll.h +13 -0
- data/src/core/lib/promise/seq.h +3 -5
- data/src/core/lib/promise/sleep.cc +5 -4
- data/src/core/lib/promise/sleep.h +1 -2
- data/src/core/lib/promise/try_concurrently.h +341 -0
- data/src/core/lib/promise/try_seq.h +10 -13
- data/src/core/lib/resolver/server_address.cc +1 -0
- data/src/core/lib/resolver/server_address.h +1 -3
- data/src/core/lib/resource_quota/api.cc +0 -1
- data/src/core/lib/resource_quota/arena.cc +19 -0
- data/src/core/lib/resource_quota/arena.h +89 -0
- data/src/core/lib/resource_quota/memory_quota.cc +1 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +1 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -2
- data/src/core/lib/security/authorization/matchers.cc +25 -22
- data/src/core/lib/security/authorization/rbac_policy.cc +2 -3
- data/src/core/lib/security/context/security_context.h +10 -0
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +3 -4
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +77 -55
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -51
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +17 -21
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +21 -25
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +27 -24
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +1 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -1
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +5 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +24 -30
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +6 -5
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +19 -27
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +4 -11
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +29 -41
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +1 -1
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +6 -11
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +8 -15
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +2 -6
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +1 -4
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +7 -11
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +9 -14
- data/src/core/lib/security/security_connector/ssl_utils.cc +5 -7
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +21 -27
- data/src/core/lib/security/transport/client_auth_filter.cc +1 -1
- data/src/core/lib/security/transport/secure_endpoint.cc +26 -28
- data/src/core/lib/security/transport/security_handshaker.cc +53 -53
- data/src/core/lib/security/transport/server_auth_filter.cc +21 -21
- data/src/core/lib/security/transport/tsi_error.cc +6 -3
- data/src/core/lib/security/util/json_util.cc +4 -5
- data/src/core/lib/service_config/service_config.h +1 -1
- data/src/core/lib/service_config/service_config_impl.cc +111 -158
- data/src/core/lib/service_config/service_config_impl.h +14 -17
- data/src/core/lib/service_config/service_config_parser.cc +14 -31
- data/src/core/lib/service_config/service_config_parser.h +14 -10
- data/src/core/lib/slice/b64.cc +2 -2
- data/src/core/lib/slice/slice.cc +7 -1
- data/src/core/lib/slice/slice.h +19 -6
- data/src/core/lib/slice/slice_buffer.cc +13 -14
- data/src/core/lib/slice/slice_internal.h +13 -21
- data/src/core/lib/slice/slice_refcount.h +34 -19
- data/src/core/lib/surface/byte_buffer.cc +3 -4
- data/src/core/lib/surface/byte_buffer_reader.cc +4 -4
- data/src/core/lib/surface/call.cc +1366 -239
- data/src/core/lib/surface/call.h +44 -0
- data/src/core/lib/surface/call_details.cc +3 -3
- data/src/core/lib/surface/call_trace.cc +113 -0
- data/src/core/lib/surface/call_trace.h +30 -0
- data/src/core/lib/surface/channel.cc +44 -49
- data/src/core/lib/surface/channel.h +9 -1
- data/src/core/lib/surface/channel_ping.cc +1 -1
- data/src/core/lib/surface/channel_stack_type.cc +4 -0
- data/src/core/lib/surface/channel_stack_type.h +2 -0
- data/src/core/lib/surface/completion_queue.cc +38 -52
- data/src/core/lib/surface/init.cc +8 -39
- data/src/core/lib/surface/init_internally.h +8 -0
- data/src/core/lib/surface/lame_client.cc +10 -8
- data/src/core/lib/surface/server.cc +48 -70
- data/src/core/lib/surface/server.h +3 -4
- data/src/core/lib/surface/validate_metadata.cc +11 -12
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/connectivity_state.cc +2 -2
- data/src/core/lib/transport/error_utils.cc +34 -28
- data/src/core/lib/transport/error_utils.h +3 -3
- data/src/core/lib/transport/handshaker.cc +14 -14
- data/src/core/lib/transport/handshaker.h +1 -1
- data/src/core/lib/transport/handshaker_factory.h +26 -0
- data/src/core/lib/transport/handshaker_registry.cc +8 -2
- data/src/core/lib/transport/handshaker_registry.h +3 -4
- data/src/core/lib/transport/http_connect_handshaker.cc +23 -24
- data/src/core/lib/transport/metadata_batch.h +17 -1
- data/src/core/lib/transport/parsed_metadata.cc +2 -6
- data/src/core/lib/transport/tcp_connect_handshaker.cc +15 -20
- data/src/core/lib/transport/transport.cc +63 -17
- data/src/core/lib/transport/transport.h +64 -68
- data/src/core/lib/transport/transport_impl.h +1 -1
- data/src/core/lib/transport/transport_op_string.cc +7 -6
- data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -10
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -14
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +10 -10
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +8 -8
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +7 -7
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +7 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +1 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +5 -5
- data/src/core/tsi/fake_transport_security.cc +3 -3
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +7 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +6 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +0 -2
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +0 -3
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/channel_spec.rb +0 -43
- data/src/ruby/spec/generic/active_call_spec.rb +12 -3
- data/third_party/abseil-cpp/absl/cleanup/cleanup.h +140 -0
- data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +100 -0
- data/third_party/zlib/compress.c +3 -3
- data/third_party/zlib/crc32.c +21 -12
- data/third_party/zlib/deflate.c +112 -106
- data/third_party/zlib/deflate.h +2 -2
- data/third_party/zlib/gzlib.c +1 -1
- data/third_party/zlib/gzread.c +3 -5
- data/third_party/zlib/gzwrite.c +1 -1
- data/third_party/zlib/infback.c +10 -7
- data/third_party/zlib/inflate.c +5 -2
- data/third_party/zlib/inftrees.c +2 -2
- data/third_party/zlib/inftrees.h +1 -1
- data/third_party/zlib/trees.c +61 -62
- data/third_party/zlib/uncompr.c +2 -2
- data/third_party/zlib/zconf.h +16 -3
- data/third_party/zlib/zlib.h +10 -10
- data/third_party/zlib/zutil.c +9 -7
- data/third_party/zlib/zutil.h +1 -0
- metadata +57 -20
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +0 -188
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -187
- data/src/core/lib/event_engine/executor/threaded_executor.h +0 -44
- data/src/core/lib/gpr/murmur_hash.cc +0 -82
- data/src/core/lib/gpr/murmur_hash.h +0 -29
- data/src/core/lib/gpr/tls.h +0 -156
- data/src/core/lib/promise/call_push_pull.h +0 -148
- data/src/core/lib/slice/slice_api.cc +0 -39
- data/src/core/lib/slice/slice_buffer_api.cc +0 -35
- data/src/core/lib/slice/slice_refcount_base.h +0 -60
@@ -40,11 +40,12 @@
|
|
40
40
|
|
41
41
|
#include "src/core/lib/debug/trace.h"
|
42
42
|
#include "src/core/lib/gprpp/stat.h"
|
43
|
+
#include "src/core/lib/gprpp/status_helper.h"
|
43
44
|
#include "src/core/lib/iomgr/error.h"
|
44
45
|
#include "src/core/lib/iomgr/exec_ctx.h"
|
45
46
|
#include "src/core/lib/iomgr/load_file.h"
|
47
|
+
#include "src/core/lib/slice/slice.h"
|
46
48
|
#include "src/core/lib/slice/slice_internal.h"
|
47
|
-
#include "src/core/lib/slice/slice_refcount.h"
|
48
49
|
#include "src/core/lib/surface/api_trace.h"
|
49
50
|
|
50
51
|
namespace grpc_core {
|
@@ -80,18 +81,17 @@ StaticDataCertificateProvider::StaticDataCertificateProvider(
|
|
80
81
|
distributor_->SetKeyMaterials(cert_name, std::move(root_certificate),
|
81
82
|
std::move(pem_key_cert_pairs));
|
82
83
|
}
|
83
|
-
grpc_error_handle root_cert_error
|
84
|
-
grpc_error_handle identity_cert_error
|
84
|
+
grpc_error_handle root_cert_error;
|
85
|
+
grpc_error_handle identity_cert_error;
|
85
86
|
if (root_being_watched && !root_has_update) {
|
86
|
-
root_cert_error =
|
87
|
-
"Unable to get latest root certificates.");
|
87
|
+
root_cert_error =
|
88
|
+
GRPC_ERROR_CREATE("Unable to get latest root certificates.");
|
88
89
|
}
|
89
90
|
if (identity_being_watched && !identity_has_update) {
|
90
|
-
identity_cert_error =
|
91
|
-
"Unable to get latest identity certificates.");
|
91
|
+
identity_cert_error =
|
92
|
+
GRPC_ERROR_CREATE("Unable to get latest identity certificates.");
|
92
93
|
}
|
93
|
-
if (!
|
94
|
-
!GRPC_ERROR_IS_NONE(identity_cert_error)) {
|
94
|
+
if (!root_cert_error.ok() || !identity_cert_error.ok()) {
|
95
95
|
distributor_->SetErrorForCert(cert_name, root_cert_error,
|
96
96
|
identity_cert_error);
|
97
97
|
}
|
@@ -175,18 +175,17 @@ FileWatcherCertificateProvider::FileWatcherCertificateProvider(
|
|
175
175
|
distributor_->SetKeyMaterials(cert_name, root_certificate,
|
176
176
|
pem_key_cert_pairs);
|
177
177
|
}
|
178
|
-
grpc_error_handle root_cert_error
|
179
|
-
grpc_error_handle identity_cert_error
|
178
|
+
grpc_error_handle root_cert_error;
|
179
|
+
grpc_error_handle identity_cert_error;
|
180
180
|
if (root_being_watched && !root_certificate.has_value()) {
|
181
|
-
root_cert_error =
|
182
|
-
"Unable to get latest root certificates.");
|
181
|
+
root_cert_error =
|
182
|
+
GRPC_ERROR_CREATE("Unable to get latest root certificates.");
|
183
183
|
}
|
184
184
|
if (identity_being_watched && !pem_key_cert_pairs.has_value()) {
|
185
|
-
identity_cert_error =
|
186
|
-
"Unable to get latest identity certificates.");
|
185
|
+
identity_cert_error =
|
186
|
+
GRPC_ERROR_CREATE("Unable to get latest identity certificates.");
|
187
187
|
}
|
188
|
-
if (!
|
189
|
-
!GRPC_ERROR_IS_NONE(identity_cert_error)) {
|
188
|
+
if (!root_cert_error.ok() || !identity_cert_error.ok()) {
|
190
189
|
distributor_->SetErrorForCert(cert_name, root_cert_error,
|
191
190
|
identity_cert_error);
|
192
191
|
}
|
@@ -240,11 +239,10 @@ void FileWatcherCertificateProvider::ForceUpdate() {
|
|
240
239
|
}
|
241
240
|
if (root_cert_changed || identity_cert_changed) {
|
242
241
|
ExecCtx exec_ctx;
|
243
|
-
grpc_error_handle root_cert_error =
|
244
|
-
"Unable to get latest root certificates.");
|
242
|
+
grpc_error_handle root_cert_error =
|
243
|
+
GRPC_ERROR_CREATE("Unable to get latest root certificates.");
|
245
244
|
grpc_error_handle identity_cert_error =
|
246
|
-
|
247
|
-
"Unable to get latest identity certificates.");
|
245
|
+
GRPC_ERROR_CREATE("Unable to get latest identity certificates.");
|
248
246
|
for (const auto& p : watcher_info_) {
|
249
247
|
const std::string& cert_name = p.first;
|
250
248
|
const WatcherInfo& info = p.second;
|
@@ -270,15 +268,10 @@ void FileWatcherCertificateProvider::ForceUpdate() {
|
|
270
268
|
info.identity_being_watched && pem_key_cert_pairs_.empty();
|
271
269
|
if (report_root_error || report_identity_error) {
|
272
270
|
distributor_->SetErrorForCert(
|
273
|
-
cert_name,
|
274
|
-
|
275
|
-
: GRPC_ERROR_NONE,
|
276
|
-
report_identity_error ? GRPC_ERROR_REF(identity_cert_error)
|
277
|
-
: GRPC_ERROR_NONE);
|
271
|
+
cert_name, report_root_error ? root_cert_error : absl::OkStatus(),
|
272
|
+
report_identity_error ? identity_cert_error : absl::OkStatus());
|
278
273
|
}
|
279
274
|
}
|
280
|
-
GRPC_ERROR_UNREF(root_cert_error);
|
281
|
-
GRPC_ERROR_UNREF(identity_cert_error);
|
282
275
|
}
|
283
276
|
}
|
284
277
|
|
@@ -289,15 +282,13 @@ FileWatcherCertificateProvider::ReadRootCertificatesFromFile(
|
|
289
282
|
grpc_slice root_slice = grpc_empty_slice();
|
290
283
|
grpc_error_handle root_error =
|
291
284
|
grpc_load_file(root_cert_full_path.c_str(), 0, &root_slice);
|
292
|
-
if (!
|
285
|
+
if (!root_error.ok()) {
|
293
286
|
gpr_log(GPR_ERROR, "Reading file %s failed: %s",
|
294
|
-
root_cert_full_path.c_str(),
|
295
|
-
grpc_error_std_string(root_error).c_str());
|
296
|
-
GRPC_ERROR_UNREF(root_error);
|
287
|
+
root_cert_full_path.c_str(), StatusToString(root_error).c_str());
|
297
288
|
return absl::nullopt;
|
298
289
|
}
|
299
290
|
std::string root_cert(StringViewFromSlice(root_slice));
|
300
|
-
|
291
|
+
CSliceUnref(root_slice);
|
301
292
|
return root_cert;
|
302
293
|
}
|
303
294
|
|
@@ -319,7 +310,7 @@ FileWatcherCertificateProvider::ReadIdentityKeyCertPairFromFiles(
|
|
319
310
|
const std::string& identity_certificate_path) {
|
320
311
|
struct SliceWrapper {
|
321
312
|
grpc_slice slice = grpc_empty_slice();
|
322
|
-
~SliceWrapper() {
|
313
|
+
~SliceWrapper() { CSliceUnref(slice); }
|
323
314
|
};
|
324
315
|
const int kNumRetryAttempts = 3;
|
325
316
|
for (int i = 0; i < kNumRetryAttempts; ++i) {
|
@@ -348,20 +339,17 @@ FileWatcherCertificateProvider::ReadIdentityKeyCertPairFromFiles(
|
|
348
339
|
SliceWrapper key_slice, cert_slice;
|
349
340
|
grpc_error_handle key_error =
|
350
341
|
grpc_load_file(private_key_path.c_str(), 0, &key_slice.slice);
|
351
|
-
if (!
|
342
|
+
if (!key_error.ok()) {
|
352
343
|
gpr_log(GPR_ERROR, "Reading file %s failed: %s. Start retrying...",
|
353
|
-
private_key_path.c_str(),
|
354
|
-
grpc_error_std_string(key_error).c_str());
|
355
|
-
GRPC_ERROR_UNREF(key_error);
|
344
|
+
private_key_path.c_str(), StatusToString(key_error).c_str());
|
356
345
|
continue;
|
357
346
|
}
|
358
347
|
grpc_error_handle cert_error =
|
359
348
|
grpc_load_file(identity_certificate_path.c_str(), 0, &cert_slice.slice);
|
360
|
-
if (!
|
349
|
+
if (!cert_error.ok()) {
|
361
350
|
gpr_log(GPR_ERROR, "Reading file %s failed: %s. Start retrying...",
|
362
351
|
identity_certificate_path.c_str(),
|
363
|
-
|
364
|
-
GRPC_ERROR_UNREF(cert_error);
|
352
|
+
StatusToString(cert_error).c_str());
|
365
353
|
continue;
|
366
354
|
}
|
367
355
|
std::string private_key(StringViewFromSlice(key_slice.slice));
|
@@ -87,7 +87,7 @@ void ExternalCertificateVerifier::OnVerifyDone(
|
|
87
87
|
}
|
88
88
|
}
|
89
89
|
if (callback != nullptr) {
|
90
|
-
absl::Status return_status
|
90
|
+
absl::Status return_status;
|
91
91
|
if (status != GRPC_STATUS_OK) {
|
92
92
|
return_status =
|
93
93
|
absl::Status(static_cast<absl::StatusCode>(status), error_details);
|
@@ -51,7 +51,7 @@
|
|
51
51
|
#include "src/core/lib/security/credentials/alts/alts_credentials.h"
|
52
52
|
#include "src/core/lib/security/credentials/credentials.h"
|
53
53
|
#include "src/core/lib/security/transport/security_handshaker.h"
|
54
|
-
#include "src/core/lib/slice/
|
54
|
+
#include "src/core/lib/slice/slice.h"
|
55
55
|
#include "src/core/lib/transport/handshaker.h"
|
56
56
|
#include "src/core/lib/transport/transport.h"
|
57
57
|
#include "src/core/tsi/alts/handshaker/alts_tsi_handshaker.h"
|
@@ -77,9 +77,8 @@ void alts_check_peer(tsi_peer peer,
|
|
77
77
|
tsi_peer_destruct(&peer);
|
78
78
|
grpc_error_handle error =
|
79
79
|
*auth_context != nullptr
|
80
|
-
?
|
81
|
-
:
|
82
|
-
"Could not get ALTS auth context from TSI peer");
|
80
|
+
? absl::OkStatus()
|
81
|
+
: GRPC_ERROR_CREATE("Could not get ALTS auth context from TSI peer");
|
83
82
|
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
84
83
|
}
|
85
84
|
|
@@ -121,9 +120,7 @@ class grpc_alts_channel_security_connector final
|
|
121
120
|
}
|
122
121
|
|
123
122
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
124
|
-
grpc_error_handle error) override {
|
125
|
-
GRPC_ERROR_UNREF(error);
|
126
|
-
}
|
123
|
+
grpc_error_handle /*error*/) override {}
|
127
124
|
|
128
125
|
int cmp(const grpc_security_connector* other_sc) const override {
|
129
126
|
auto* other =
|
@@ -180,9 +177,7 @@ class grpc_alts_server_security_connector final
|
|
180
177
|
}
|
181
178
|
|
182
179
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
183
|
-
grpc_error_handle error) override {
|
184
|
-
GRPC_ERROR_UNREF(error);
|
185
|
-
}
|
180
|
+
grpc_error_handle /*error*/) override {}
|
186
181
|
|
187
182
|
int cmp(const grpc_security_connector* other) const override {
|
188
183
|
return server_security_connector_cmp(
|
@@ -229,7 +224,7 @@ RefCountedPtr<grpc_auth_context> grpc_alts_auth_context_from_tsi_peer(
|
|
229
224
|
rpc_versions_prop->value.data, rpc_versions_prop->value.length);
|
230
225
|
bool decode_result =
|
231
226
|
grpc_gcp_rpc_protocol_versions_decode(slice, &peer_versions);
|
232
|
-
|
227
|
+
CSliceUnref(slice);
|
233
228
|
if (!decode_result) {
|
234
229
|
gpr_log(GPR_ERROR, "Invalid peer rpc protocol versions.");
|
235
230
|
return nullptr;
|
@@ -86,9 +86,7 @@ class grpc_fake_channel_security_connector final
|
|
86
86
|
grpc_closure* on_peer_checked) override;
|
87
87
|
|
88
88
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
89
|
-
grpc_error_handle error) override {
|
90
|
-
GRPC_ERROR_UNREF(error);
|
91
|
-
}
|
89
|
+
grpc_error_handle /*error*/) override {}
|
92
90
|
|
93
91
|
int cmp(const grpc_security_connector* other_sc) const override {
|
94
92
|
auto* other =
|
@@ -212,39 +210,36 @@ void fake_check_peer(grpc_security_connector* /*sc*/, tsi_peer peer,
|
|
212
210
|
grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
|
213
211
|
grpc_closure* on_peer_checked) {
|
214
212
|
const char* prop_name;
|
215
|
-
grpc_error_handle error
|
213
|
+
grpc_error_handle error;
|
216
214
|
*auth_context = nullptr;
|
217
215
|
if (peer.property_count != 2) {
|
218
|
-
error =
|
219
|
-
"Fake peers should only have 2 properties.");
|
216
|
+
error = GRPC_ERROR_CREATE("Fake peers should only have 2 properties.");
|
220
217
|
goto end;
|
221
218
|
}
|
222
219
|
prop_name = peer.properties[0].name;
|
223
220
|
if (prop_name == nullptr ||
|
224
221
|
strcmp(prop_name, TSI_CERTIFICATE_TYPE_PEER_PROPERTY) != 0) {
|
225
|
-
error =
|
222
|
+
error = GRPC_ERROR_CREATE(
|
226
223
|
absl::StrCat("Unexpected property in fake peer: ",
|
227
224
|
prop_name == nullptr ? "<EMPTY>" : prop_name));
|
228
225
|
goto end;
|
229
226
|
}
|
230
227
|
if (strncmp(peer.properties[0].value.data, TSI_FAKE_CERTIFICATE_TYPE,
|
231
228
|
peer.properties[0].value.length) != 0) {
|
232
|
-
error =
|
233
|
-
"Invalid value for cert type property.");
|
229
|
+
error = GRPC_ERROR_CREATE("Invalid value for cert type property.");
|
234
230
|
goto end;
|
235
231
|
}
|
236
232
|
prop_name = peer.properties[1].name;
|
237
233
|
if (prop_name == nullptr ||
|
238
234
|
strcmp(prop_name, TSI_SECURITY_LEVEL_PEER_PROPERTY) != 0) {
|
239
|
-
error =
|
235
|
+
error = GRPC_ERROR_CREATE(
|
240
236
|
absl::StrCat("Unexpected property in fake peer: ",
|
241
237
|
prop_name == nullptr ? "<EMPTY>" : prop_name));
|
242
238
|
goto end;
|
243
239
|
}
|
244
240
|
if (strncmp(peer.properties[1].value.data, TSI_FAKE_SECURITY_LEVEL,
|
245
241
|
peer.properties[1].value.length) != 0) {
|
246
|
-
error =
|
247
|
-
"Invalid value for security level property.");
|
242
|
+
error = GRPC_ERROR_CREATE("Invalid value for security level property.");
|
248
243
|
goto end;
|
249
244
|
}
|
250
245
|
|
@@ -286,9 +281,7 @@ class grpc_fake_server_security_connector
|
|
286
281
|
}
|
287
282
|
|
288
283
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
289
|
-
grpc_error_handle error) override {
|
290
|
-
GRPC_ERROR_UNREF(error);
|
291
|
-
}
|
284
|
+
grpc_error_handle /*error*/) override {}
|
292
285
|
|
293
286
|
void add_handshakers(const grpc_core::ChannelArgs& args,
|
294
287
|
grpc_pollset_set* /*interested_parties*/,
|
@@ -81,7 +81,7 @@ void InsecureChannelSecurityConnector::check_peer(
|
|
81
81
|
grpc_closure* on_peer_checked) {
|
82
82
|
*auth_context = MakeAuthContext();
|
83
83
|
tsi_peer_destruct(&peer);
|
84
|
-
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked,
|
84
|
+
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, absl::OkStatus());
|
85
85
|
}
|
86
86
|
|
87
87
|
int InsecureChannelSecurityConnector::cmp(
|
@@ -108,7 +108,7 @@ void InsecureServerSecurityConnector::check_peer(
|
|
108
108
|
grpc_closure* on_peer_checked) {
|
109
109
|
*auth_context = MakeAuthContext();
|
110
110
|
tsi_peer_destruct(&peer);
|
111
|
-
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked,
|
111
|
+
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, absl::OkStatus());
|
112
112
|
}
|
113
113
|
|
114
114
|
int InsecureServerSecurityConnector::cmp(
|
@@ -72,9 +72,7 @@ class InsecureChannelSecurityConnector
|
|
72
72
|
grpc_closure* on_peer_checked) override;
|
73
73
|
|
74
74
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
75
|
-
grpc_error_handle error) override {
|
76
|
-
GRPC_ERROR_UNREF(error);
|
77
|
-
}
|
75
|
+
grpc_error_handle /*error*/) override {}
|
78
76
|
|
79
77
|
int cmp(const grpc_security_connector* other_sc) const override;
|
80
78
|
};
|
@@ -95,9 +93,7 @@ class InsecureServerSecurityConnector : public grpc_server_security_connector {
|
|
95
93
|
grpc_closure* on_peer_checked) override;
|
96
94
|
|
97
95
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
98
|
-
grpc_error_handle error) override {
|
99
|
-
GRPC_ERROR_UNREF(error);
|
100
|
-
}
|
96
|
+
grpc_error_handle /*error*/) override {}
|
101
97
|
|
102
98
|
int cmp(const grpc_security_connector* other) const override;
|
103
99
|
};
|
@@ -19,7 +19,6 @@
|
|
19
19
|
#include <grpc/support/port_platform.h>
|
20
20
|
|
21
21
|
#include <algorithm>
|
22
|
-
#include <memory>
|
23
22
|
#include <vector>
|
24
23
|
|
25
24
|
#if defined(GPR_LINUX) || defined(GPR_ANDROID) || defined(GPR_FREEBSD) || \
|
@@ -73,10 +72,8 @@ grpc_slice GetSystemRootCerts() {
|
|
73
72
|
for (size_t i = 0; i < num_cert_files_; i++) {
|
74
73
|
grpc_error_handle error =
|
75
74
|
grpc_load_file(kCertFiles[i], 1, &valid_bundle_slice);
|
76
|
-
if (
|
75
|
+
if (error.ok()) {
|
77
76
|
return valid_bundle_slice;
|
78
|
-
} else {
|
79
|
-
GRPC_ERROR_UNREF(error);
|
80
77
|
}
|
81
78
|
}
|
82
79
|
return grpc_empty_slice();
|
@@ -130,8 +130,8 @@ void local_check_peer(tsi_peer peer, grpc_endpoint* ep,
|
|
130
130
|
}
|
131
131
|
grpc_error_handle error;
|
132
132
|
if (!is_endpoint_local) {
|
133
|
-
error =
|
134
|
-
"Endpoint is neither UDS or TCP loopback address.");
|
133
|
+
error =
|
134
|
+
GRPC_ERROR_CREATE("Endpoint is neither UDS or TCP loopback address.");
|
135
135
|
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
136
136
|
return;
|
137
137
|
}
|
@@ -159,9 +159,9 @@ void local_check_peer(tsi_peer peer, grpc_endpoint* ep,
|
|
159
159
|
*/
|
160
160
|
*auth_context = local_auth_context_create(&peer);
|
161
161
|
tsi_peer_destruct(&peer);
|
162
|
-
error = *auth_context != nullptr
|
163
|
-
|
164
|
-
|
162
|
+
error = *auth_context != nullptr
|
163
|
+
? absl::OkStatus()
|
164
|
+
: GRPC_ERROR_CREATE("Could not create local auth context");
|
165
165
|
grpc_core::ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
166
166
|
}
|
167
167
|
|
@@ -208,9 +208,7 @@ class grpc_local_channel_security_connector final
|
|
208
208
|
}
|
209
209
|
|
210
210
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
211
|
-
grpc_error_handle error) override {
|
212
|
-
GRPC_ERROR_UNREF(error);
|
213
|
-
}
|
211
|
+
grpc_error_handle /*error*/) override {}
|
214
212
|
|
215
213
|
grpc_core::ArenaPromise<absl::Status> CheckCallHost(
|
216
214
|
absl::string_view host, grpc_auth_context*) override {
|
@@ -256,9 +254,7 @@ class grpc_local_server_security_connector final
|
|
256
254
|
}
|
257
255
|
|
258
256
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
259
|
-
grpc_error_handle error) override {
|
260
|
-
GRPC_ERROR_UNREF(error);
|
261
|
-
}
|
257
|
+
grpc_error_handle /*error*/) override {}
|
262
258
|
|
263
259
|
int cmp(const grpc_security_connector* other) const override {
|
264
260
|
return server_security_connector_cmp(
|
@@ -61,17 +61,17 @@ grpc_error_handle ssl_check_peer(
|
|
61
61
|
const char* peer_name, const tsi_peer* peer,
|
62
62
|
grpc_core::RefCountedPtr<grpc_auth_context>* auth_context) {
|
63
63
|
grpc_error_handle error = grpc_ssl_check_alpn(peer);
|
64
|
-
if (!
|
64
|
+
if (!error.ok()) {
|
65
65
|
return error;
|
66
66
|
}
|
67
67
|
/* Check the peer name if specified. */
|
68
68
|
if (peer_name != nullptr && !grpc_ssl_host_matches_name(peer, peer_name)) {
|
69
|
-
return
|
69
|
+
return GRPC_ERROR_CREATE(
|
70
70
|
absl::StrCat("Peer name ", peer_name, " is not in peer certificate"));
|
71
71
|
}
|
72
72
|
*auth_context =
|
73
73
|
grpc_ssl_peer_to_auth_context(peer, GRPC_SSL_TRANSPORT_SECURITY_TYPE);
|
74
|
-
return
|
74
|
+
return absl::OkStatus();
|
75
75
|
}
|
76
76
|
|
77
77
|
class grpc_ssl_channel_security_connector final
|
@@ -159,13 +159,12 @@ class grpc_ssl_channel_security_connector final
|
|
159
159
|
? target_name_.c_str()
|
160
160
|
: overridden_target_name_.c_str();
|
161
161
|
grpc_error_handle error = ssl_check_peer(target_name, &peer, auth_context);
|
162
|
-
if (
|
163
|
-
verify_options_->verify_peer_callback != nullptr) {
|
162
|
+
if (error.ok() && verify_options_->verify_peer_callback != nullptr) {
|
164
163
|
const tsi_peer_property* p =
|
165
164
|
tsi_peer_get_property_by_name(&peer, TSI_X509_PEM_CERT_PROPERTY);
|
166
165
|
if (p == nullptr) {
|
167
|
-
error =
|
168
|
-
"Cannot check peer: missing pem cert property.");
|
166
|
+
error =
|
167
|
+
GRPC_ERROR_CREATE("Cannot check peer: missing pem cert property.");
|
169
168
|
} else {
|
170
169
|
char* peer_pem = static_cast<char*>(gpr_malloc(p->value.length + 1));
|
171
170
|
memcpy(peer_pem, p->value.data, p->value.length);
|
@@ -175,7 +174,7 @@ class grpc_ssl_channel_security_connector final
|
|
175
174
|
verify_options_->verify_peer_callback_userdata);
|
176
175
|
gpr_free(peer_pem);
|
177
176
|
if (callback_status) {
|
178
|
-
error =
|
177
|
+
error = GRPC_ERROR_CREATE(absl::StrFormat(
|
179
178
|
"Verify peer callback returned a failure (%d)", callback_status));
|
180
179
|
}
|
181
180
|
}
|
@@ -185,9 +184,7 @@ class grpc_ssl_channel_security_connector final
|
|
185
184
|
}
|
186
185
|
|
187
186
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
188
|
-
grpc_error_handle error) override {
|
189
|
-
GRPC_ERROR_UNREF(error);
|
190
|
-
}
|
187
|
+
grpc_error_handle /*error*/) override {}
|
191
188
|
|
192
189
|
int cmp(const grpc_security_connector* other_sc) const override {
|
193
190
|
auto* other =
|
@@ -306,9 +303,7 @@ class grpc_ssl_server_security_connector
|
|
306
303
|
}
|
307
304
|
|
308
305
|
void cancel_check_peer(grpc_closure* /*on_peer_checked*/,
|
309
|
-
grpc_error_handle error) override {
|
310
|
-
GRPC_ERROR_UNREF(error);
|
311
|
-
}
|
306
|
+
grpc_error_handle /*error*/) override {}
|
312
307
|
|
313
308
|
int cmp(const grpc_security_connector* other) const override {
|
314
309
|
return server_security_connector_cmp(
|
@@ -23,7 +23,6 @@
|
|
23
23
|
#include <stdint.h>
|
24
24
|
#include <string.h>
|
25
25
|
|
26
|
-
#include <memory>
|
27
26
|
#include <vector>
|
28
27
|
|
29
28
|
#include "absl/strings/match.h"
|
@@ -144,25 +143,24 @@ grpc_error_handle grpc_ssl_check_alpn(const tsi_peer* peer) {
|
|
144
143
|
const tsi_peer_property* p =
|
145
144
|
tsi_peer_get_property_by_name(peer, TSI_SSL_ALPN_SELECTED_PROTOCOL);
|
146
145
|
if (p == nullptr) {
|
147
|
-
return
|
146
|
+
return GRPC_ERROR_CREATE(
|
148
147
|
"Cannot check peer: missing selected ALPN property.");
|
149
148
|
}
|
150
149
|
if (!grpc_chttp2_is_alpn_version_supported(p->value.data, p->value.length)) {
|
151
|
-
return
|
152
|
-
"Cannot check peer: invalid ALPN value.");
|
150
|
+
return GRPC_ERROR_CREATE("Cannot check peer: invalid ALPN value.");
|
153
151
|
}
|
154
152
|
#endif /* TSI_OPENSSL_ALPN_SUPPORT */
|
155
|
-
return
|
153
|
+
return absl::OkStatus();
|
156
154
|
}
|
157
155
|
|
158
156
|
grpc_error_handle grpc_ssl_check_peer_name(absl::string_view peer_name,
|
159
157
|
const tsi_peer* peer) {
|
160
158
|
/* Check the peer name if specified. */
|
161
159
|
if (!peer_name.empty() && !grpc_ssl_host_matches_name(peer, peer_name)) {
|
162
|
-
return
|
160
|
+
return GRPC_ERROR_CREATE(
|
163
161
|
absl::StrCat("Peer name ", peer_name, " is not in peer certificate"));
|
164
162
|
}
|
165
|
-
return
|
163
|
+
return absl::OkStatus();
|
166
164
|
}
|
167
165
|
|
168
166
|
void grpc_tsi_ssl_pem_key_cert_pairs_destroy(tsi_ssl_pem_key_cert_pair* kp,
|
@@ -28,7 +28,6 @@
|
|
28
28
|
#include <vector>
|
29
29
|
|
30
30
|
#include "absl/functional/bind_front.h"
|
31
|
-
#include "absl/memory/memory.h"
|
32
31
|
#include "absl/strings/str_cat.h"
|
33
32
|
#include "absl/strings/string_view.h"
|
34
33
|
|
@@ -41,6 +40,7 @@
|
|
41
40
|
#include "src/core/lib/channel/channel_args.h"
|
42
41
|
#include "src/core/lib/gprpp/debug_location.h"
|
43
42
|
#include "src/core/lib/gprpp/host_port.h"
|
43
|
+
#include "src/core/lib/gprpp/status_helper.h"
|
44
44
|
#include "src/core/lib/iomgr/exec_ctx.h"
|
45
45
|
#include "src/core/lib/promise/promise.h"
|
46
46
|
#include "src/core/lib/security/context/security_context.h"
|
@@ -285,7 +285,7 @@ TlsChannelSecurityConnector::TlsChannelSecurityConnector(
|
|
285
285
|
SplitHostPort(target_name, &host, &port);
|
286
286
|
target_name_ = std::string(host);
|
287
287
|
// Create a watcher.
|
288
|
-
auto watcher_ptr =
|
288
|
+
auto watcher_ptr = std::make_unique<TlsChannelCertificateWatcher>(this);
|
289
289
|
certificate_watcher_ = watcher_ptr.get();
|
290
290
|
// Register the watcher with the distributor.
|
291
291
|
grpc_tls_certificate_distributor* distributor =
|
@@ -359,7 +359,7 @@ void TlsChannelSecurityConnector::check_peer(
|
|
359
359
|
? target_name_.c_str()
|
360
360
|
: overridden_target_name_.c_str();
|
361
361
|
grpc_error_handle error = grpc_ssl_check_alpn(&peer);
|
362
|
-
if (!
|
362
|
+
if (!error.ok()) {
|
363
363
|
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
364
364
|
tsi_peer_destruct(&peer);
|
365
365
|
return;
|
@@ -378,11 +378,10 @@ void TlsChannelSecurityConnector::check_peer(
|
|
378
378
|
|
379
379
|
void TlsChannelSecurityConnector::cancel_check_peer(
|
380
380
|
grpc_closure* on_peer_checked, grpc_error_handle error) {
|
381
|
-
if (!
|
381
|
+
if (!error.ok()) {
|
382
382
|
gpr_log(GPR_ERROR,
|
383
383
|
"TlsChannelSecurityConnector::cancel_check_peer error: %s",
|
384
|
-
|
385
|
-
GRPC_ERROR_UNREF(error);
|
384
|
+
StatusToString(error).c_str());
|
386
385
|
return;
|
387
386
|
}
|
388
387
|
auto* verifier = options_->certificate_verifier();
|
@@ -456,18 +455,16 @@ void TlsChannelSecurityConnector::TlsChannelCertificateWatcher::
|
|
456
455
|
// BlockOnInitialCredentialHandshaker is implemented.
|
457
456
|
void TlsChannelSecurityConnector::TlsChannelCertificateWatcher::OnError(
|
458
457
|
grpc_error_handle root_cert_error, grpc_error_handle identity_cert_error) {
|
459
|
-
if (!
|
458
|
+
if (!root_cert_error.ok()) {
|
460
459
|
gpr_log(GPR_ERROR,
|
461
460
|
"TlsChannelCertificateWatcher getting root_cert_error: %s",
|
462
|
-
|
461
|
+
StatusToString(root_cert_error).c_str());
|
463
462
|
}
|
464
|
-
if (!
|
463
|
+
if (!identity_cert_error.ok()) {
|
465
464
|
gpr_log(GPR_ERROR,
|
466
465
|
"TlsChannelCertificateWatcher getting identity_cert_error: %s",
|
467
|
-
|
466
|
+
StatusToString(identity_cert_error).c_str());
|
468
467
|
}
|
469
|
-
GRPC_ERROR_UNREF(root_cert_error);
|
470
|
-
GRPC_ERROR_UNREF(identity_cert_error);
|
471
468
|
}
|
472
469
|
|
473
470
|
TlsChannelSecurityConnector::ChannelPendingVerifierRequest::
|
@@ -505,9 +502,9 @@ void TlsChannelSecurityConnector::ChannelPendingVerifierRequest::OnVerifyDone(
|
|
505
502
|
MutexLock lock(&security_connector_->verifier_request_map_mu_);
|
506
503
|
security_connector_->pending_verifier_requests_.erase(on_peer_checked_);
|
507
504
|
}
|
508
|
-
grpc_error_handle error
|
505
|
+
grpc_error_handle error;
|
509
506
|
if (!status.ok()) {
|
510
|
-
error =
|
507
|
+
error = GRPC_ERROR_CREATE(
|
511
508
|
absl::StrCat("Custom verification check failed with error: ",
|
512
509
|
status.ToString())
|
513
510
|
.c_str());
|
@@ -590,7 +587,7 @@ TlsServerSecurityConnector::TlsServerSecurityConnector(
|
|
590
587
|
tsi::TlsSessionKeyLoggerCache::Get(tls_session_key_log_file_path);
|
591
588
|
}
|
592
589
|
// Create a watcher.
|
593
|
-
auto watcher_ptr =
|
590
|
+
auto watcher_ptr = std::make_unique<TlsServerCertificateWatcher>(this);
|
594
591
|
certificate_watcher_ = watcher_ptr.get();
|
595
592
|
// Register the watcher with the distributor.
|
596
593
|
grpc_tls_certificate_distributor* distributor =
|
@@ -643,7 +640,7 @@ void TlsServerSecurityConnector::check_peer(
|
|
643
640
|
RefCountedPtr<grpc_auth_context>* auth_context,
|
644
641
|
grpc_closure* on_peer_checked) {
|
645
642
|
grpc_error_handle error = grpc_ssl_check_alpn(&peer);
|
646
|
-
if (!
|
643
|
+
if (!error.ok()) {
|
647
644
|
ExecCtx::Run(DEBUG_LOCATION, on_peer_checked, error);
|
648
645
|
tsi_peer_destruct(&peer);
|
649
646
|
return;
|
@@ -666,11 +663,10 @@ void TlsServerSecurityConnector::check_peer(
|
|
666
663
|
|
667
664
|
void TlsServerSecurityConnector::cancel_check_peer(
|
668
665
|
grpc_closure* on_peer_checked, grpc_error_handle error) {
|
669
|
-
if (!
|
666
|
+
if (!error.ok()) {
|
670
667
|
gpr_log(GPR_ERROR,
|
671
668
|
"TlsServerSecurityConnector::cancel_check_peer error: %s",
|
672
|
-
|
673
|
-
GRPC_ERROR_UNREF(error);
|
669
|
+
StatusToString(error).c_str());
|
674
670
|
return;
|
675
671
|
}
|
676
672
|
auto* verifier = options_->certificate_verifier();
|
@@ -734,18 +730,16 @@ void TlsServerSecurityConnector::TlsServerCertificateWatcher::
|
|
734
730
|
// BlockOnInitialCredentialHandshaker is implemented.
|
735
731
|
void TlsServerSecurityConnector::TlsServerCertificateWatcher::OnError(
|
736
732
|
grpc_error_handle root_cert_error, grpc_error_handle identity_cert_error) {
|
737
|
-
if (!
|
733
|
+
if (!root_cert_error.ok()) {
|
738
734
|
gpr_log(GPR_ERROR,
|
739
735
|
"TlsServerCertificateWatcher getting root_cert_error: %s",
|
740
|
-
|
736
|
+
StatusToString(root_cert_error).c_str());
|
741
737
|
}
|
742
|
-
if (!
|
738
|
+
if (!identity_cert_error.ok()) {
|
743
739
|
gpr_log(GPR_ERROR,
|
744
740
|
"TlsServerCertificateWatcher getting identity_cert_error: %s",
|
745
|
-
|
741
|
+
StatusToString(identity_cert_error).c_str());
|
746
742
|
}
|
747
|
-
GRPC_ERROR_UNREF(root_cert_error);
|
748
|
-
GRPC_ERROR_UNREF(identity_cert_error);
|
749
743
|
}
|
750
744
|
|
751
745
|
TlsServerSecurityConnector::ServerPendingVerifierRequest::
|
@@ -782,9 +776,9 @@ void TlsServerSecurityConnector::ServerPendingVerifierRequest::OnVerifyDone(
|
|
782
776
|
MutexLock lock(&security_connector_->verifier_request_map_mu_);
|
783
777
|
security_connector_->pending_verifier_requests_.erase(on_peer_checked_);
|
784
778
|
}
|
785
|
-
grpc_error_handle error
|
779
|
+
grpc_error_handle error;
|
786
780
|
if (!status.ok()) {
|
787
|
-
error =
|
781
|
+
error = GRPC_ERROR_CREATE(
|
788
782
|
absl::StrCat("Custom verification check failed with error: ",
|
789
783
|
status.ToString())
|
790
784
|
.c_str());
|
@@ -21,6 +21,7 @@
|
|
21
21
|
#include <string.h>
|
22
22
|
|
23
23
|
#include <functional>
|
24
|
+
#include <memory>
|
24
25
|
#include <type_traits> // IWYU pragma: keep
|
25
26
|
#include <utility>
|
26
27
|
|
@@ -51,7 +52,6 @@
|
|
51
52
|
#include "src/core/lib/security/credentials/credentials.h"
|
52
53
|
#include "src/core/lib/security/security_connector/security_connector.h"
|
53
54
|
#include "src/core/lib/security/transport/auth_filters.h"
|
54
|
-
#include "src/core/lib/slice/slice.h"
|
55
55
|
#include "src/core/lib/transport/metadata_batch.h"
|
56
56
|
#include "src/core/lib/transport/transport.h"
|
57
57
|
|