grpc 1.50.0 → 1.52.0.pre2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +206 -49
- data/include/grpc/byte_buffer.h +76 -1
- data/include/grpc/byte_buffer_reader.h +19 -1
- data/include/grpc/compression.h +2 -2
- data/include/grpc/event_engine/event_engine.h +27 -6
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +1 -1
- data/include/grpc/event_engine/internal/slice_cast.h +67 -0
- data/include/grpc/event_engine/memory_allocator.h +1 -1
- data/include/grpc/event_engine/slice.h +24 -4
- data/include/grpc/event_engine/slice_buffer.h +31 -2
- data/include/grpc/fork.h +25 -1
- data/include/grpc/grpc.h +3 -13
- data/include/grpc/grpc_posix.h +1 -1
- data/include/grpc/impl/codegen/atm.h +3 -71
- data/include/grpc/impl/codegen/atm_gcc_atomic.h +3 -58
- data/include/grpc/impl/codegen/atm_gcc_sync.h +3 -59
- data/include/grpc/impl/codegen/atm_windows.h +3 -106
- data/include/grpc/impl/codegen/byte_buffer.h +4 -78
- data/include/grpc/impl/codegen/byte_buffer_reader.h +4 -19
- data/include/grpc/impl/codegen/compression_types.h +3 -82
- data/include/grpc/impl/codegen/connectivity_state.h +3 -20
- data/include/grpc/impl/codegen/fork.h +4 -25
- data/include/grpc/impl/codegen/gpr_types.h +2 -34
- data/include/grpc/impl/codegen/grpc_types.h +3 -791
- data/include/grpc/impl/codegen/log.h +3 -86
- data/include/grpc/impl/codegen/port_platform.h +3 -758
- data/include/grpc/impl/codegen/propagation_bits.h +3 -28
- data/include/grpc/impl/codegen/slice.h +3 -106
- data/include/grpc/impl/codegen/status.h +4 -131
- data/include/grpc/impl/codegen/sync.h +3 -42
- data/include/grpc/impl/codegen/sync_abseil.h +3 -12
- data/include/grpc/impl/codegen/sync_custom.h +3 -14
- data/include/grpc/impl/codegen/sync_generic.h +3 -25
- data/include/grpc/impl/codegen/sync_posix.h +3 -28
- data/include/grpc/impl/codegen/sync_windows.h +3 -16
- data/include/grpc/impl/compression_types.h +109 -0
- data/include/grpc/impl/connectivity_state.h +47 -0
- data/include/grpc/impl/grpc_types.h +824 -0
- data/include/grpc/impl/propagation_bits.h +54 -0
- data/include/grpc/impl/slice_type.h +112 -0
- data/include/grpc/load_reporting.h +1 -1
- data/include/grpc/module.modulemap +5 -1
- data/include/grpc/slice.h +1 -1
- data/include/grpc/status.h +131 -1
- data/include/grpc/support/atm.h +70 -1
- data/include/grpc/support/atm_gcc_atomic.h +59 -1
- data/include/grpc/support/atm_gcc_sync.h +58 -1
- data/include/grpc/support/atm_windows.h +105 -1
- data/include/grpc/support/log.h +87 -1
- data/include/grpc/support/log_windows.h +1 -1
- data/include/grpc/support/port_platform.h +767 -1
- data/include/grpc/support/string_util.h +1 -1
- data/include/grpc/support/sync.h +35 -2
- data/include/grpc/support/sync_abseil.h +11 -1
- data/include/grpc/support/sync_custom.h +13 -1
- data/include/grpc/support/sync_generic.h +24 -1
- data/include/grpc/support/sync_posix.h +27 -1
- data/include/grpc/support/sync_windows.h +15 -1
- data/include/grpc/support/time.h +25 -2
- data/src/core/ext/filters/census/grpc_context.cc +17 -18
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +28 -22
- data/src/core/ext/filters/channel_idle/channel_idle_filter.h +2 -1
- data/src/core/ext/filters/channel_idle/idle_filter_state.h +1 -1
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +24 -24
- data/src/core/ext/filters/client_channel/backup_poller.h +21 -21
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +51 -28
- data/src/core/ext/filters/client_channel/client_channel.cc +157 -168
- data/src/core/ext/filters/client_channel/client_channel.h +10 -10
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +17 -19
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +19 -19
- data/src/core/ext/filters/client_channel/client_channel_factory.cc +17 -17
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +18 -18
- data/src/core/ext/filters/client_channel/client_channel_service_config.cc +153 -0
- data/src/core/ext/filters/client_channel/{resolver_result_parsing.h → client_channel_service_config.h} +26 -23
- data/src/core/ext/filters/client_channel/config_selector.h +16 -20
- data/src/core/ext/filters/client_channel/connector.h +1 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +28 -55
- data/src/core/ext/filters/client_channel/dynamic_filters.h +7 -8
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +18 -18
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +4 -5
- data/src/core/ext/filters/client_channel/http_proxy.cc +39 -40
- data/src/core/ext/filters/client_channel/http_proxy.h +18 -18
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +39 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +3 -4
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +17 -17
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +7 -2
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.cc +59 -130
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +37 -21
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +131 -154
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h +24 -25
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +0 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +2 -4
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +18 -20
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +18 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +18 -19
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +18 -19
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +8 -9
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +212 -223
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +2 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +11 -22
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +73 -101
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +20 -21
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +119 -106
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +12 -12
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +30 -16
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +60 -56
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +60 -64
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_attributes.cc +42 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/{xds.h → xds_attributes.h} +15 -17
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +22 -28
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +62 -94
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +70 -146
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +651 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.h +60 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +364 -0
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +18 -18
- data/src/core/ext/filters/client_channel/resolver/binder/binder_resolver.cc +9 -10
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +26 -35
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +40 -41
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +22 -23
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +82 -82
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +117 -118
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +51 -52
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +18 -18
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +18 -18
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +18 -19
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +3 -5
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +1 -3
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +34 -27
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +44 -34
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +8 -10
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -7
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +122 -119
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +1 -1
- data/src/core/ext/filters/client_channel/retry_filter.cc +81 -103
- data/src/core/ext/filters/client_channel/retry_service_config.cc +193 -235
- data/src/core/ext/filters/client_channel/retry_service_config.h +20 -23
- data/src/core/ext/filters/client_channel/retry_throttle.cc +27 -29
- data/src/core/ext/filters/client_channel/retry_throttle.h +26 -25
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +3 -3
- data/src/core/ext/filters/client_channel/subchannel.cc +158 -178
- data/src/core/ext/filters/client_channel/subchannel.h +17 -40
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +18 -18
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +11 -12
- data/src/core/ext/filters/deadline/deadline_filter.cc +34 -17
- data/src/core/ext/filters/deadline/deadline_filter.h +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +3 -2
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +0 -4
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +118 -0
- data/src/core/ext/filters/fault_injection/{service_config_parser.h → fault_injection_service_config_parser.h} +20 -12
- data/src/core/ext/filters/http/client/http_client_filter.cc +36 -37
- data/src/core/ext/filters/http/client/http_client_filter.h +17 -17
- data/src/core/ext/filters/http/client_authority_filter.cc +19 -19
- data/src/core/ext/filters/http/client_authority_filter.h +18 -18
- data/src/core/ext/filters/http/http_filters_plugin.cc +35 -51
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +315 -0
- data/src/core/ext/filters/http/message_compress/compression_filter.h +132 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +44 -43
- data/src/core/ext/filters/http/server/http_server_filter.h +18 -18
- data/src/core/ext/filters/message_size/message_size_filter.cc +92 -123
- data/src/core/ext/filters/message_size/message_size_filter.h +23 -16
- data/src/core/ext/filters/rbac/rbac_filter.cc +12 -12
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +728 -530
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +4 -3
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +6 -8
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +7 -9
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +229 -0
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +66 -0
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +82 -0
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +93 -0
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +18 -18
- data/src/core/ext/transport/chttp2/alpn/alpn.h +22 -22
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +69 -63
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +28 -22
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +81 -97
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +18 -18
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +22 -22
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +30 -30
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +29 -29
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +27 -27
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +273 -283
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +18 -19
- data/src/core/ext/transport/chttp2/transport/context_list.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/context_list.h +25 -25
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +0 -36
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +35 -82
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +112 -44
- data/src/core/ext/transport/chttp2/transport/flow_control.h +60 -34
- data/src/core/ext/transport/chttp2/transport/frame.h +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +33 -32
- data/src/core/ext/transport/chttp2/transport/frame_data.h +23 -23
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +36 -36
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +18 -18
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +25 -24
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +19 -19
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +28 -25
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +18 -18
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +34 -36
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +20 -20
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +22 -21
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +18 -18
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +133 -181
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +40 -59
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +93 -143
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +20 -20
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +26 -26
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +18 -18
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +21 -19
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +36 -34
- data/src/core/ext/transport/chttp2/transport/http_trace.cc +19 -0
- data/src/core/ext/transport/chttp2/transport/http_trace.h +24 -0
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +20 -20
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +19 -19
- data/src/core/ext/transport/chttp2/transport/internal.h +193 -170
- data/src/core/ext/transport/chttp2/transport/parsing.cc +147 -80
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +19 -19
- data/src/core/ext/transport/chttp2/transport/stream_map.cc +23 -23
- data/src/core/ext/transport/chttp2/transport/stream_map.h +31 -31
- data/src/core/ext/transport/chttp2/transport/varint.cc +19 -20
- data/src/core/ext/transport/chttp2/transport/varint.h +35 -32
- data/src/core/ext/transport/chttp2/transport/writing.cc +60 -56
- data/src/core/ext/transport/inproc/inproc_plugin.cc +17 -17
- data/src/core/ext/transport/inproc/inproc_transport.cc +122 -140
- data/src/core/ext/transport/inproc/inproc_transport.h +19 -19
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.c +62 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +179 -0
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +98 -0
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.c +47 -0
- data/src/core/ext/upb-generated/xds/core/v3/cidr.upb.h +107 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +3 -2
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +9 -0
- data/src/core/ext/upb-generated/xds/service/orca/v3/orca.upb.c +0 -1
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.c +46 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/cel.upb.h +98 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.c +62 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/domain.upb.h +174 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/http_inputs.upb.h +74 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.c +65 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/ip.upb.h +191 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.c +127 -0
- data/src/core/ext/upb-generated/xds/type/matcher/v3/range.upb.h +474 -0
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.c +67 -0
- data/src/core/ext/upb-generated/xds/type/v3/cel.upb.h +214 -0
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.c +64 -0
- data/src/core/ext/upb-generated/xds/type/v3/range.upb.h +208 -0
- data/src/core/ext/upb-generated/xds/type/v3/typed_struct.upb.c +0 -1
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/cidr.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/cel.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/domain.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.c +36 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/http_inputs.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.c +55 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/ip.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/matcher.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/xds/type/matcher/v3/range.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/cel.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.c +36 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/xds/type/v3/typed_struct.upbdefs.c +4 -7
- data/src/core/ext/xds/certificate_provider_store.cc +4 -4
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +4 -7
- data/src/core/ext/xds/xds_api.cc +20 -95
- data/src/core/ext/xds/xds_api.h +5 -8
- data/src/core/ext/xds/xds_bootstrap.h +0 -1
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +3 -12
- data/src/core/ext/xds/xds_bootstrap_grpc.h +16 -1
- data/src/core/ext/xds/xds_certificate_provider.cc +22 -25
- data/src/core/ext/xds/xds_certificate_provider.h +1 -1
- data/src/core/ext/xds/xds_channel_args.h +1 -1
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -1
- data/src/core/ext/xds/xds_channel_stack_modifier.h +2 -2
- data/src/core/ext/xds/xds_client.cc +134 -94
- data/src/core/ext/xds/xds_client.h +13 -5
- data/src/core/ext/xds/xds_client_grpc.cc +31 -24
- data/src/core/ext/xds/xds_client_grpc.h +1 -1
- data/src/core/ext/xds/xds_client_stats.cc +17 -17
- data/src/core/ext/xds/xds_client_stats.h +18 -18
- data/src/core/ext/xds/xds_cluster.cc +359 -203
- data/src/core/ext/xds/xds_cluster.h +52 -35
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +54 -71
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +45 -21
- data/src/core/ext/xds/xds_common_types.cc +209 -141
- data/src/core/ext/xds/xds_common_types.h +19 -13
- data/src/core/ext/xds/xds_endpoint.cc +221 -130
- data/src/core/ext/xds/xds_endpoint.h +4 -7
- data/src/core/ext/xds/xds_health_status.cc +80 -0
- data/src/core/ext/xds/xds_health_status.h +82 -0
- data/src/core/ext/xds/xds_http_fault_filter.cc +57 -43
- data/src/core/ext/xds/xds_http_fault_filter.h +14 -22
- data/src/core/ext/xds/xds_http_filters.cc +65 -73
- data/src/core/ext/xds/xds_http_filters.h +68 -20
- data/src/core/ext/xds/xds_http_rbac_filter.cc +153 -207
- data/src/core/ext/xds/xds_http_rbac_filter.h +13 -16
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +218 -0
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +58 -0
- data/src/core/ext/xds/xds_lb_policy_registry.cc +120 -171
- data/src/core/ext/xds/xds_lb_policy_registry.h +10 -11
- data/src/core/ext/xds/xds_listener.cc +447 -419
- data/src/core/ext/xds/xds_listener.h +45 -47
- data/src/core/ext/xds/xds_resource_type.h +3 -11
- data/src/core/ext/xds/xds_resource_type_impl.h +10 -13
- data/src/core/ext/xds/xds_route_config.cc +514 -528
- data/src/core/ext/xds/xds_route_config.h +39 -28
- data/src/core/ext/xds/xds_routing.cc +2 -1
- data/src/core/ext/xds/xds_routing.h +2 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +109 -106
- data/src/core/ext/xds/xds_transport_grpc.cc +6 -7
- data/src/core/ext/xds/xds_transport_grpc.h +1 -1
- data/src/core/lib/address_utils/parse_address.cc +30 -29
- data/src/core/lib/address_utils/parse_address.h +32 -32
- data/src/core/lib/address_utils/sockaddr_utils.cc +29 -28
- data/src/core/lib/address_utils/sockaddr_utils.h +33 -33
- data/src/core/lib/avl/avl.h +4 -4
- data/src/core/lib/backoff/backoff.cc +17 -17
- data/src/core/lib/backoff/backoff.h +18 -18
- data/src/core/lib/channel/call_tracer.h +10 -1
- data/src/core/lib/channel/channel_args.cc +19 -20
- data/src/core/lib/channel/channel_args.h +59 -43
- data/src/core/lib/channel/channel_args_preconditioning.h +1 -1
- data/src/core/lib/channel/channel_stack.cc +62 -58
- data/src/core/lib/channel/channel_stack.h +144 -131
- data/src/core/lib/channel/channel_stack_builder.cc +21 -24
- data/src/core/lib/channel/channel_stack_builder.h +14 -6
- data/src/core/lib/channel/channel_stack_builder_impl.cc +43 -25
- data/src/core/lib/channel/channel_stack_builder_impl.h +2 -0
- data/src/core/lib/channel/channel_trace.cc +21 -22
- data/src/core/lib/channel/channel_trace.h +19 -19
- data/src/core/lib/channel/channelz.cc +18 -19
- data/src/core/lib/channel/channelz.h +26 -26
- data/src/core/lib/channel/channelz_registry.cc +17 -17
- data/src/core/lib/channel/channelz_registry.h +18 -18
- data/src/core/lib/channel/connected_channel.cc +732 -63
- data/src/core/lib/channel/connected_channel.h +18 -22
- data/src/core/lib/channel/context.h +18 -18
- data/src/core/lib/channel/promise_based_filter.cc +1137 -150
- data/src/core/lib/channel/promise_based_filter.h +374 -88
- data/src/core/lib/channel/status_util.cc +35 -17
- data/src/core/lib/channel/status_util.h +26 -19
- data/src/core/lib/compression/compression.cc +19 -19
- data/src/core/lib/compression/compression_internal.cc +41 -48
- data/src/core/lib/compression/compression_internal.h +22 -22
- data/src/core/lib/compression/message_compress.cc +26 -26
- data/src/core/lib/compression/message_compress.h +25 -25
- data/src/core/lib/config/core_configuration.h +1 -1
- data/src/core/lib/debug/event_log.cc +88 -0
- data/src/core/lib/debug/event_log.h +81 -0
- data/src/core/lib/debug/histogram_view.cc +69 -0
- data/src/core/lib/{slice/slice_refcount.cc → debug/histogram_view.h} +15 -13
- data/src/core/lib/debug/stats.cc +39 -136
- data/src/core/lib/debug/stats.h +46 -52
- data/src/core/lib/debug/stats_data.cc +224 -73
- data/src/core/lib/debug/stats_data.h +263 -122
- data/src/core/lib/debug/trace.cc +18 -18
- data/src/core/lib/debug/trace.h +19 -19
- data/src/core/lib/event_engine/common_closures.h +71 -0
- data/src/core/lib/event_engine/default_event_engine.cc +38 -15
- data/src/core/lib/event_engine/default_event_engine.h +15 -3
- data/src/core/lib/event_engine/default_event_engine_factory.cc +2 -4
- data/src/core/lib/event_engine/executor/executor.h +1 -1
- data/src/core/lib/event_engine/forkable.h +1 -1
- data/src/core/lib/event_engine/memory_allocator.cc +1 -1
- data/src/core/lib/event_engine/poller.h +10 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +614 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +129 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +900 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +97 -0
- data/src/core/lib/event_engine/posix_engine/event_poller.h +111 -0
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +74 -0
- data/src/core/lib/event_engine/{executor/threaded_executor.cc → posix_engine/event_poller_posix_default.h} +11 -14
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +77 -0
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +179 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +265 -0
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +73 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +1308 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +684 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +456 -28
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +148 -24
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +80 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +236 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +228 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +380 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +91 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +853 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +316 -0
- data/src/core/lib/event_engine/posix_engine/timer.cc +49 -49
- data/src/core/lib/event_engine/posix_engine/timer.h +87 -86
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +27 -27
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +21 -21
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +76 -214
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +41 -69
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +332 -0
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +185 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +127 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +45 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +150 -0
- data/src/core/lib/event_engine/{executor/threaded_executor.h → posix_engine/wakeup_fd_pipe.h} +16 -15
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +76 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +67 -0
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +37 -0
- data/src/core/lib/event_engine/slice.cc +7 -6
- data/src/core/lib/event_engine/slice_buffer.cc +2 -2
- data/src/core/lib/event_engine/socket_notifier.h +1 -1
- data/src/core/lib/event_engine/tcp_socket_utils.cc +373 -0
- data/src/core/lib/event_engine/tcp_socket_utils.h +85 -0
- data/src/core/lib/event_engine/thread_pool.cc +125 -43
- data/src/core/lib/event_engine/thread_pool.h +49 -26
- data/src/core/lib/event_engine/time_util.h +1 -1
- data/src/core/lib/event_engine/windows/iocp.cc +13 -12
- data/src/core/lib/event_engine/windows/iocp.h +1 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +9 -9
- data/src/core/lib/event_engine/windows/windows_engine.cc +26 -20
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -4
- data/src/core/lib/experiments/config.cc +1 -1
- data/src/core/lib/experiments/experiments.cc +13 -13
- data/src/core/lib/experiments/experiments.h +8 -6
- data/src/core/lib/gpr/alloc.cc +19 -17
- data/src/core/lib/gpr/alloc.h +18 -18
- data/src/core/lib/gpr/atm.cc +17 -17
- data/src/core/lib/gpr/cpu_iphone.cc +24 -24
- data/src/core/lib/gpr/cpu_linux.cc +28 -23
- data/src/core/lib/gpr/cpu_posix.cc +23 -22
- data/src/core/lib/gpr/cpu_windows.cc +20 -18
- data/src/core/lib/gpr/log.cc +27 -19
- data/src/core/lib/gpr/log_android.cc +22 -20
- data/src/core/lib/gpr/log_linux.cc +24 -24
- data/src/core/lib/gpr/log_posix.cc +20 -19
- data/src/core/lib/gpr/log_windows.cc +25 -24
- data/src/core/lib/gpr/spinlock.h +18 -18
- data/src/core/lib/gpr/string.cc +25 -24
- data/src/core/lib/gpr/string.h +58 -58
- data/src/core/lib/gpr/string_posix.cc +24 -24
- data/src/core/lib/gpr/string_util_windows.cc +22 -22
- data/src/core/lib/gpr/string_windows.cc +24 -24
- data/src/core/lib/gpr/sync.cc +25 -25
- data/src/core/lib/gpr/sync_abseil.cc +22 -20
- data/src/core/lib/gpr/sync_posix.cc +23 -21
- data/src/core/lib/gpr/sync_windows.cc +29 -27
- data/src/core/lib/gpr/time.cc +23 -21
- data/src/core/lib/gpr/time_posix.cc +35 -30
- data/src/core/lib/gpr/time_precise.cc +22 -22
- data/src/core/lib/gpr/time_precise.h +18 -19
- data/src/core/lib/gpr/time_windows.cc +25 -22
- data/src/core/lib/gpr/tmpfile.h +22 -22
- data/src/core/lib/gpr/tmpfile_msys.cc +21 -20
- data/src/core/lib/gpr/tmpfile_posix.cc +22 -20
- data/src/core/lib/gpr/tmpfile_windows.cc +23 -22
- data/src/core/lib/gpr/useful.h +40 -27
- data/src/core/lib/gpr/wrap_memcpy.cc +23 -23
- data/src/core/lib/gprpp/atomic_utils.h +18 -18
- data/src/core/lib/gprpp/bitset.h +24 -0
- data/src/core/{ext/xds/xds_resource_type.cc → lib/gprpp/crash.cc} +12 -12
- data/src/core/lib/gprpp/crash.h +34 -0
- data/src/core/lib/gprpp/debug_location.h +18 -18
- data/src/core/lib/gprpp/dual_ref_counted.h +1 -1
- data/src/core/lib/gprpp/env.h +20 -20
- data/src/core/lib/gprpp/env_linux.cc +21 -21
- data/src/core/lib/gprpp/env_posix.cc +18 -18
- data/src/core/lib/gprpp/env_windows.cc +18 -18
- data/src/core/lib/gprpp/examine_stack.cc +17 -17
- data/src/core/lib/gprpp/examine_stack.h +18 -18
- data/src/core/lib/gprpp/fork.cc +21 -22
- data/src/core/lib/gprpp/fork.h +22 -22
- data/src/core/lib/gprpp/global_config.h +18 -18
- data/src/core/lib/gprpp/global_config_custom.h +18 -18
- data/src/core/lib/gprpp/global_config_env.cc +17 -17
- data/src/core/lib/gprpp/global_config_env.h +23 -23
- data/src/core/lib/gprpp/global_config_generic.h +18 -18
- data/src/core/lib/gprpp/host_port.cc +26 -26
- data/src/core/lib/gprpp/host_port.h +29 -28
- data/src/core/lib/gprpp/load_file.cc +75 -0
- data/src/core/lib/gprpp/load_file.h +33 -0
- data/src/core/lib/gprpp/manual_constructor.h +18 -17
- data/src/core/lib/gprpp/memory.h +18 -18
- data/src/core/lib/gprpp/mpscq.cc +17 -17
- data/src/core/lib/gprpp/mpscq.h +18 -18
- data/src/core/lib/gprpp/no_destruct.h +1 -0
- data/src/core/lib/gprpp/orphanable.h +18 -18
- data/src/core/lib/gprpp/per_cpu.h +46 -0
- data/src/core/lib/gprpp/ref_counted.h +18 -18
- data/src/core/lib/gprpp/ref_counted_ptr.h +19 -18
- data/src/core/lib/gprpp/stat_posix.cc +5 -4
- data/src/core/lib/gprpp/stat_windows.cc +4 -2
- data/src/core/lib/gprpp/status_helper.cc +4 -3
- data/src/core/lib/gprpp/status_helper.h +1 -3
- data/src/core/lib/gprpp/strerror.cc +41 -0
- data/src/core/lib/gprpp/strerror.h +29 -0
- data/src/core/lib/gprpp/sync.h +20 -20
- data/src/core/lib/gprpp/table.h +1 -0
- data/src/core/lib/gprpp/thd.h +19 -19
- data/src/core/lib/gprpp/thd_posix.cc +30 -31
- data/src/core/lib/gprpp/thd_windows.cc +26 -26
- data/src/core/lib/gprpp/time.cc +16 -11
- data/src/core/lib/gprpp/time.h +13 -3
- data/src/core/lib/gprpp/time_averaged_stats.cc +20 -20
- data/src/core/lib/gprpp/time_averaged_stats.h +48 -48
- data/src/core/lib/gprpp/time_util.h +1 -1
- data/src/core/lib/gprpp/unique_type_name.h +18 -18
- data/src/core/lib/gprpp/validation_errors.h +18 -1
- data/src/core/lib/handshaker/proxy_mapper.h +18 -18
- data/src/core/lib/handshaker/proxy_mapper_registry.cc +17 -17
- data/src/core/lib/handshaker/proxy_mapper_registry.h +18 -18
- data/src/core/lib/http/format_request.cc +18 -18
- data/src/core/lib/http/format_request.h +18 -18
- data/src/core/lib/http/httpcli.cc +57 -61
- data/src/core/lib/http/httpcli.h +26 -26
- data/src/core/lib/http/httpcli_security_connector.cc +22 -25
- data/src/core/lib/http/parser.cc +76 -87
- data/src/core/lib/http/parser.h +32 -32
- data/src/core/lib/iomgr/block_annotate.h +21 -21
- data/src/core/lib/iomgr/buffer_list.cc +156 -136
- data/src/core/lib/iomgr/buffer_list.h +120 -98
- data/src/core/lib/iomgr/call_combiner.cc +29 -27
- data/src/core/lib/iomgr/call_combiner.h +21 -22
- data/src/core/lib/iomgr/cfstream_handle.cc +33 -36
- data/src/core/lib/iomgr/cfstream_handle.h +22 -22
- data/src/core/lib/iomgr/closure.h +90 -45
- data/src/core/lib/iomgr/combiner.cc +20 -19
- data/src/core/lib/iomgr/combiner.h +18 -18
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +21 -21
- data/src/core/lib/iomgr/dynamic_annotations.h +20 -20
- data/src/core/lib/iomgr/endpoint.cc +17 -17
- data/src/core/lib/iomgr/endpoint.h +46 -46
- data/src/core/lib/iomgr/endpoint_cfstream.cc +44 -43
- data/src/core/lib/iomgr/endpoint_cfstream.h +27 -27
- data/src/core/lib/iomgr/endpoint_pair.h +18 -18
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +20 -19
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +18 -17
- data/src/core/lib/iomgr/error.cc +49 -61
- data/src/core/lib/iomgr/error.h +42 -173
- data/src/core/lib/iomgr/error_cfstream.cc +18 -18
- data/src/core/lib/iomgr/error_cfstream.h +19 -19
- data/src/core/lib/iomgr/ev_apple.cc +21 -21
- data/src/core/lib/iomgr/ev_apple.h +17 -17
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +208 -195
- data/src/core/lib/iomgr/ev_epoll1_linux.h +18 -18
- data/src/core/lib/iomgr/ev_poll_posix.cc +212 -205
- data/src/core/lib/iomgr/ev_poll_posix.h +18 -18
- data/src/core/lib/iomgr/ev_posix.cc +36 -28
- data/src/core/lib/iomgr/ev_posix.h +85 -81
- data/src/core/lib/iomgr/ev_windows.cc +18 -18
- data/src/core/lib/iomgr/exec_ctx.cc +34 -34
- data/src/core/lib/iomgr/exec_ctx.h +141 -141
- data/src/core/lib/iomgr/executor.cc +21 -21
- data/src/core/lib/iomgr/executor.h +24 -24
- data/src/core/lib/iomgr/fork_posix.cc +24 -22
- data/src/core/lib/iomgr/fork_windows.cc +21 -21
- data/src/core/lib/iomgr/gethostname.h +18 -18
- data/src/core/lib/iomgr/gethostname_fallback.cc +17 -17
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +17 -17
- data/src/core/lib/iomgr/gethostname_sysconf.cc +17 -17
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +20 -20
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +20 -19
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +20 -19
- data/src/core/lib/iomgr/internal_errqueue.cc +4 -2
- data/src/core/lib/iomgr/internal_errqueue.h +80 -80
- data/src/core/lib/iomgr/iocp_windows.cc +22 -21
- data/src/core/lib/iomgr/iocp_windows.h +18 -18
- data/src/core/lib/iomgr/iomgr.cc +19 -18
- data/src/core/lib/iomgr/iomgr.h +32 -32
- data/src/core/lib/iomgr/iomgr_internal.cc +17 -17
- data/src/core/lib/iomgr/iomgr_internal.h +25 -25
- data/src/core/lib/iomgr/iomgr_posix.cc +20 -20
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +20 -19
- data/src/core/lib/iomgr/iomgr_windows.cc +24 -22
- data/src/core/lib/iomgr/load_file.cc +24 -27
- data/src/core/lib/iomgr/load_file.h +20 -20
- data/src/core/lib/iomgr/lockfree_event.cc +114 -114
- data/src/core/lib/iomgr/lockfree_event.h +19 -19
- data/src/core/lib/iomgr/nameser.h +84 -84
- data/src/core/lib/iomgr/polling_entity.cc +25 -21
- data/src/core/lib/iomgr/polling_entity.h +27 -27
- data/src/core/lib/iomgr/pollset.cc +17 -17
- data/src/core/lib/iomgr/pollset.h +51 -51
- data/src/core/lib/iomgr/pollset_set.cc +17 -17
- data/src/core/lib/iomgr/pollset_set.h +22 -22
- data/src/core/lib/iomgr/pollset_set_windows.cc +18 -18
- data/src/core/lib/iomgr/pollset_set_windows.h +18 -18
- data/src/core/lib/iomgr/pollset_windows.cc +30 -29
- data/src/core/lib/iomgr/pollset_windows.h +22 -22
- data/src/core/lib/iomgr/port.h +29 -29
- data/src/core/lib/iomgr/python_util.h +20 -20
- data/src/core/lib/iomgr/resolve_address.cc +26 -20
- data/src/core/lib/iomgr/resolve_address.h +21 -22
- data/src/core/lib/iomgr/resolve_address_impl.h +2 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +35 -45
- data/src/core/lib/iomgr/resolve_address_posix.h +1 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +18 -20
- data/src/core/lib/iomgr/resolve_address_windows.h +1 -2
- data/src/core/lib/iomgr/resolved_address.h +1 -1
- data/src/core/lib/iomgr/sockaddr.h +21 -21
- data/src/core/lib/iomgr/sockaddr_posix.h +18 -18
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +18 -17
- data/src/core/lib/iomgr/sockaddr_windows.h +18 -18
- data/src/core/lib/iomgr/socket_factory_posix.cc +18 -18
- data/src/core/lib/iomgr/socket_factory_posix.h +30 -30
- data/src/core/lib/iomgr/socket_mutator.cc +19 -18
- data/src/core/lib/iomgr/socket_mutator.h +37 -37
- data/src/core/lib/iomgr/socket_utils.h +24 -24
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +68 -66
- data/src/core/lib/iomgr/socket_utils_linux.cc +18 -17
- data/src/core/lib/iomgr/socket_utils_posix.cc +22 -20
- data/src/core/lib/iomgr/socket_utils_posix.h +78 -78
- data/src/core/lib/iomgr/socket_utils_windows.cc +20 -19
- data/src/core/lib/iomgr/socket_windows.cc +37 -36
- data/src/core/lib/iomgr/socket_windows.h +56 -56
- data/src/core/lib/iomgr/systemd_utils.cc +116 -0
- data/src/core/lib/{slice/slice_buffer_api.cc → iomgr/systemd_utils.h} +12 -14
- data/src/core/lib/iomgr/tcp_client.cc +17 -17
- data/src/core/lib/iomgr/tcp_client.h +26 -26
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +25 -28
- data/src/core/lib/iomgr/tcp_client_posix.cc +70 -73
- data/src/core/lib/iomgr/tcp_client_posix.h +43 -43
- data/src/core/lib/iomgr/tcp_client_windows.cc +36 -39
- data/src/core/lib/iomgr/tcp_posix.cc +223 -237
- data/src/core/lib/iomgr/tcp_posix.h +27 -27
- data/src/core/lib/iomgr/tcp_server.cc +30 -22
- data/src/core/lib/iomgr/tcp_server.h +68 -62
- data/src/core/lib/iomgr/tcp_server_posix.cc +124 -94
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +54 -51
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +90 -55
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +40 -40
- data/src/core/lib/iomgr/tcp_server_utils_posix_noifaddrs.cc +19 -19
- data/src/core/lib/iomgr/tcp_server_windows.cc +97 -104
- data/src/core/lib/iomgr/tcp_windows.cc +109 -93
- data/src/core/lib/iomgr/tcp_windows.h +29 -29
- data/src/core/lib/iomgr/timer.cc +17 -17
- data/src/core/lib/iomgr/timer.h +65 -65
- data/src/core/lib/iomgr/timer_generic.cc +115 -122
- data/src/core/lib/iomgr/timer_generic.h +19 -19
- data/src/core/lib/iomgr/timer_heap.cc +25 -25
- data/src/core/lib/iomgr/timer_heap.h +19 -19
- data/src/core/lib/iomgr/timer_manager.cc +30 -29
- data/src/core/lib/iomgr/timer_manager.h +25 -25
- data/src/core/lib/iomgr/unix_sockets_posix.cc +20 -21
- data/src/core/lib/iomgr/unix_sockets_posix.h +18 -18
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +19 -17
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +23 -21
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +23 -23
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +29 -26
- data/src/core/lib/iomgr/wakeup_fd_pipe.h +18 -18
- data/src/core/lib/iomgr/wakeup_fd_posix.cc +18 -18
- data/src/core/lib/iomgr/wakeup_fd_posix.h +50 -50
- data/src/core/lib/json/json_channel_args.h +42 -0
- data/src/core/lib/json/json_object_loader.cc +17 -2
- data/src/core/lib/json/json_object_loader.h +37 -1
- data/src/core/lib/json/json_reader.cc +28 -28
- data/src/core/lib/json/json_util.cc +5 -5
- data/src/core/lib/json/json_util.h +4 -4
- data/src/core/lib/json/json_writer.cc +56 -56
- data/src/core/lib/load_balancing/lb_policy.cc +18 -18
- data/src/core/lib/load_balancing/lb_policy.h +7 -4
- data/src/core/lib/load_balancing/subchannel_interface.h +1 -8
- data/src/core/lib/matchers/matchers.cc +6 -5
- data/src/core/lib/matchers/matchers.h +1 -1
- data/src/core/lib/promise/activity.cc +16 -2
- data/src/core/lib/promise/activity.h +58 -27
- data/src/core/lib/promise/arena_promise.h +82 -52
- data/src/core/lib/promise/context.h +14 -6
- data/src/core/lib/promise/detail/basic_seq.h +9 -28
- data/src/core/lib/promise/detail/promise_factory.h +59 -10
- data/src/core/lib/promise/detail/status.h +28 -0
- data/src/core/lib/promise/detail/switch.h +1455 -0
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +20 -12
- data/src/core/lib/promise/for_each.h +155 -0
- data/src/core/lib/promise/latch.h +13 -19
- data/src/core/lib/promise/loop.h +7 -5
- data/src/core/lib/promise/map.h +1 -0
- data/src/core/lib/promise/map_pipe.h +88 -0
- data/src/core/lib/promise/pipe.cc +19 -0
- data/src/core/lib/promise/pipe.h +505 -0
- data/src/core/lib/promise/poll.h +19 -0
- data/src/core/lib/promise/seq.h +4 -5
- data/src/core/lib/promise/sleep.cc +5 -4
- data/src/core/lib/promise/sleep.h +1 -2
- data/src/core/lib/promise/try_concurrently.h +342 -0
- data/src/core/lib/promise/try_seq.h +11 -13
- data/src/core/lib/resolver/resolver.cc +17 -17
- data/src/core/lib/resolver/server_address.cc +18 -17
- data/src/core/lib/resolver/server_address.h +19 -21
- data/src/core/lib/resource_quota/api.cc +0 -1
- data/src/core/lib/resource_quota/api.h +1 -1
- data/src/core/lib/resource_quota/arena.cc +36 -17
- data/src/core/lib/resource_quota/arena.h +107 -18
- data/src/core/lib/resource_quota/memory_quota.cc +140 -43
- data/src/core/lib/resource_quota/memory_quota.h +85 -23
- data/src/core/lib/resource_quota/resource_quota.h +1 -1
- data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -1
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +0 -1
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +1 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -2
- data/src/core/lib/security/authorization/matchers.cc +25 -22
- data/src/core/lib/security/authorization/rbac_policy.cc +2 -3
- data/src/core/lib/security/authorization/rbac_policy.h +1 -1
- data/src/core/lib/security/context/security_context.cc +22 -23
- data/src/core/lib/security/context/security_context.h +40 -30
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +17 -17
- data/src/core/lib/security/credentials/alts/alts_credentials.h +50 -50
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +19 -19
- data/src/core/lib/security/credentials/alts/check_gcp_environment.h +41 -41
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +17 -17
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +18 -17
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +18 -17
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +19 -19
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +18 -18
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +36 -37
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +18 -18
- data/src/core/lib/security/credentials/call_creds_util.h +1 -1
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +3 -4
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +22 -22
- data/src/core/lib/security/credentials/composite/composite_credentials.h +20 -21
- data/src/core/lib/security/credentials/credentials.cc +19 -18
- data/src/core/lib/security/credentials/credentials.h +34 -33
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +77 -55
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +40 -51
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +17 -21
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +21 -25
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +20 -19
- data/src/core/lib/security/credentials/fake/fake_credentials.h +34 -35
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +17 -17
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +75 -73
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +18 -19
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +18 -17
- data/src/core/lib/security/credentials/iam/iam_credentials.h +18 -18
- data/src/core/lib/security/credentials/jwt/json_token.cc +24 -25
- data/src/core/lib/security/credentials/jwt/json_token.h +32 -32
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +18 -18
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +18 -19
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +75 -75
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +43 -43
- data/src/core/lib/security/credentials/local/local_credentials.cc +17 -17
- data/src/core/lib/security/credentials/local/local_credentials.h +20 -20
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +52 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +19 -19
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +24 -23
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +22 -22
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +19 -20
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +18 -18
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +20 -28
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +4 -11
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +30 -43
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +18 -18
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -19
- data/src/core/lib/security/credentials/tls/tls_credentials.h +18 -18
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +1 -2
- data/src/core/lib/security/credentials/xds/xds_credentials.h +1 -1
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +32 -38
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +41 -42
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +32 -41
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +20 -21
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +3 -8
- data/src/core/lib/security/security_connector/load_system_roots.h +18 -18
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +18 -18
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +19 -22
- data/src/core/lib/security/security_connector/load_system_roots_supported.h +19 -20
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +30 -34
- data/src/core/lib/security/security_connector/local/local_security_connector.h +40 -41
- data/src/core/lib/security/security_connector/security_connector.cc +17 -17
- data/src/core/lib/security/security_connector/security_connector.h +32 -33
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +34 -39
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +38 -39
- data/src/core/lib/security/security_connector/ssl_utils.cc +37 -39
- data/src/core/lib/security/security_connector/ssl_utils.h +31 -31
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +22 -22
- data/src/core/lib/security/security_connector/ssl_utils_config.h +18 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +42 -48
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +17 -17
- data/src/core/lib/security/transport/auth_filters.h +18 -18
- data/src/core/lib/security/transport/client_auth_filter.cc +21 -21
- data/src/core/lib/security/transport/secure_endpoint.cc +54 -56
- data/src/core/lib/security/transport/secure_endpoint.h +22 -22
- data/src/core/lib/security/transport/security_handshaker.cc +70 -70
- data/src/core/lib/security/transport/security_handshaker.h +19 -19
- data/src/core/lib/security/transport/server_auth_filter.cc +43 -44
- data/src/core/lib/security/transport/tsi_error.cc +23 -20
- data/src/core/lib/security/transport/tsi_error.h +18 -18
- data/src/core/lib/security/util/json_util.cc +21 -22
- data/src/core/lib/security/util/json_util.h +18 -18
- data/src/core/lib/service_config/service_config.h +2 -2
- data/src/core/lib/service_config/service_config_call_data.h +7 -1
- data/src/core/lib/service_config/service_config_impl.cc +111 -158
- data/src/core/lib/service_config/service_config_impl.h +14 -17
- data/src/core/lib/service_config/service_config_parser.cc +14 -31
- data/src/core/lib/service_config/service_config_parser.h +14 -10
- data/src/core/lib/slice/b64.cc +26 -26
- data/src/core/lib/slice/b64.h +29 -29
- data/src/core/lib/slice/percent_encoding.cc +17 -17
- data/src/core/lib/slice/percent_encoding.h +24 -24
- data/src/core/lib/slice/slice.cc +44 -38
- data/src/core/lib/slice/slice.h +57 -11
- data/src/core/lib/slice/slice_buffer.cc +63 -59
- data/src/core/lib/slice/slice_buffer.h +27 -2
- data/src/core/lib/slice/slice_internal.h +31 -39
- data/src/core/lib/slice/slice_refcount.h +34 -19
- data/src/core/lib/slice/slice_string_helpers.cc +17 -17
- data/src/core/lib/slice/slice_string_helpers.h +19 -19
- data/src/core/lib/surface/api_trace.cc +17 -17
- data/src/core/lib/surface/api_trace.h +22 -22
- data/src/core/lib/surface/byte_buffer.cc +22 -23
- data/src/core/lib/surface/byte_buffer_reader.cc +23 -23
- data/src/core/lib/surface/call.cc +1521 -335
- data/src/core/lib/surface/call.h +86 -39
- data/src/core/lib/surface/call_details.cc +20 -21
- data/src/core/lib/surface/call_log_batch.cc +18 -18
- data/src/core/lib/surface/call_test_only.h +30 -30
- data/src/core/lib/surface/call_trace.cc +113 -0
- data/src/core/{ext/filters/http/message_compress/message_decompress_filter.h → lib/surface/call_trace.h} +10 -12
- data/src/core/lib/surface/channel.cc +62 -67
- data/src/core/lib/surface/channel.h +40 -32
- data/src/core/lib/surface/channel_init.cc +17 -17
- data/src/core/lib/surface/channel_init.h +18 -18
- data/src/core/lib/surface/channel_ping.cc +19 -19
- data/src/core/lib/surface/channel_stack_type.cc +21 -17
- data/src/core/lib/surface/channel_stack_type.h +20 -18
- data/src/core/lib/surface/completion_queue.cc +173 -191
- data/src/core/lib/surface/completion_queue.h +32 -32
- data/src/core/lib/surface/completion_queue_factory.cc +28 -28
- data/src/core/lib/surface/completion_queue_factory.h +20 -20
- data/src/core/lib/surface/event_string.cc +17 -17
- data/src/core/lib/surface/event_string.h +20 -20
- data/src/core/lib/surface/init.cc +29 -58
- data/src/core/lib/surface/init.h +18 -18
- data/src/core/lib/surface/init_internally.cc +1 -0
- data/src/core/lib/surface/init_internally.h +9 -0
- data/src/core/lib/surface/lame_client.cc +28 -26
- data/src/core/lib/surface/lame_client.h +19 -19
- data/src/core/lib/surface/metadata_array.cc +17 -18
- data/src/core/lib/surface/server.cc +61 -83
- data/src/core/lib/surface/server.h +5 -7
- data/src/core/lib/surface/validate_metadata.cc +28 -29
- data/src/core/lib/surface/validate_metadata.h +18 -18
- data/src/core/lib/surface/version.cc +21 -21
- data/src/core/lib/transport/bdp_estimator.cc +17 -17
- data/src/core/lib/transport/bdp_estimator.h +18 -19
- data/src/core/lib/transport/connectivity_state.cc +19 -19
- data/src/core/lib/transport/connectivity_state.h +19 -19
- data/src/core/lib/transport/error_utils.cc +51 -45
- data/src/core/lib/transport/error_utils.h +21 -21
- data/src/core/lib/transport/handshaker.cc +49 -46
- data/src/core/lib/transport/handshaker.h +43 -38
- data/src/core/lib/transport/handshaker_factory.h +44 -18
- data/src/core/lib/transport/handshaker_registry.cc +25 -19
- data/src/core/lib/transport/handshaker_registry.h +21 -22
- data/src/core/lib/transport/http2_errors.h +20 -20
- data/src/core/lib/transport/http_connect_handshaker.cc +40 -41
- data/src/core/lib/transport/http_connect_handshaker.h +18 -18
- data/src/core/lib/transport/metadata_batch.cc +4 -1
- data/src/core/lib/transport/metadata_batch.h +46 -20
- data/src/core/lib/transport/parsed_metadata.cc +2 -6
- data/src/core/lib/transport/parsed_metadata.h +1 -0
- data/src/core/lib/transport/pid_controller.cc +20 -20
- data/src/core/lib/transport/pid_controller.h +24 -24
- data/src/core/lib/transport/status_conversion.cc +22 -22
- data/src/core/lib/transport/status_conversion.h +20 -20
- data/src/core/lib/transport/tcp_connect_handshaker.cc +15 -20
- data/src/core/lib/transport/tcp_connect_handshaker.h +1 -1
- data/src/core/lib/transport/timeout_encoding.cc +22 -22
- data/src/core/lib/transport/timeout_encoding.h +18 -18
- data/src/core/lib/transport/transport.cc +88 -41
- data/src/core/lib/transport/transport.h +193 -195
- data/src/core/lib/transport/transport_impl.h +42 -42
- data/src/core/lib/transport/transport_op_string.cc +26 -25
- data/src/core/plugin_registry/grpc_plugin_registry.cc +25 -27
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +7 -14
- data/src/core/tsi/alts/crypt/aes_gcm.cc +20 -20
- data/src/core/tsi/alts/crypt/gsec.cc +26 -26
- data/src/core/tsi/alts/crypt/gsec.h +334 -334
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +23 -23
- data/src/core/tsi/alts/frame_protector/alts_counter.h +66 -66
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +19 -19
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +206 -206
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +72 -71
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +38 -38
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +18 -18
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +80 -81
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +22 -22
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +22 -22
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +26 -25
- data/src/core/tsi/alts/frame_protector/frame_handler.h +166 -166
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +78 -77
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +99 -99
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +18 -17
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +41 -42
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +37 -36
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +58 -58
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker_private.h +20 -20
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +21 -20
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +36 -36
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +19 -19
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +102 -101
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +45 -44
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +38 -39
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +38 -36
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +33 -34
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +65 -66
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +32 -31
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +53 -54
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +54 -53
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +138 -139
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +58 -57
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +41 -42
- data/src/core/tsi/fake_transport_security.cc +80 -79
- data/src/core/tsi/fake_transport_security.h +30 -30
- data/src/core/tsi/local_transport_security.cc +34 -33
- data/src/core/tsi/local_transport_security.h +31 -31
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +8 -3
- data/src/core/tsi/ssl/session_cache/ssl_session.h +18 -18
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +19 -19
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +18 -17
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +19 -19
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +25 -20
- data/src/core/tsi/ssl_transport_security.cc +139 -323
- data/src/core/tsi/ssl_transport_security.h +201 -200
- data/src/core/tsi/ssl_transport_security_utils.cc +250 -0
- data/src/core/tsi/ssl_transport_security_utils.h +147 -0
- data/src/core/tsi/ssl_types.h +25 -25
- data/src/core/tsi/transport_security.cc +26 -26
- data/src/core/tsi/transport_security.h +45 -45
- data/src/core/tsi/transport_security_grpc.cc +20 -20
- data/src/core/tsi/transport_security_grpc.h +39 -39
- data/src/core/tsi/transport_security_interface.h +330 -330
- data/src/ruby/ext/grpc/{ext-export-truffleruby.clang → ext-export-truffleruby-with-ruby-abi-version.clang} +0 -0
- data/src/ruby/ext/grpc/{ext-export-truffleruby.gcc → ext-export-truffleruby-with-ruby-abi-version.gcc} +0 -0
- data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.clang +2 -0
- data/src/ruby/ext/grpc/ext-export-with-ruby-abi-version.gcc +7 -0
- data/src/ruby/ext/grpc/ext-export.clang +0 -1
- data/src/ruby/ext/grpc/ext-export.gcc +1 -2
- data/src/ruby/ext/grpc/extconf.rb +47 -2
- data/src/ruby/ext/grpc/rb_call.c +1 -0
- data/src/ruby/ext/grpc/rb_channel.c +1 -0
- data/src/ruby/ext/grpc/rb_channel_args.c +1 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_grpc.c +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +38 -38
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +59 -59
- data/src/ruby/lib/grpc/generic/bidi_call.rb +2 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/channel_spec.rb +0 -43
- data/src/ruby/spec/client_server_spec.rb +20 -8
- data/src/ruby/spec/generic/active_call_spec.rb +12 -3
- data/third_party/abseil-cpp/absl/cleanup/cleanup.h +140 -0
- data/third_party/abseil-cpp/absl/cleanup/internal/cleanup.h +100 -0
- data/third_party/re2/re2/bitstate.cc +3 -3
- data/third_party/re2/re2/dfa.cc +13 -13
- data/third_party/re2/re2/nfa.cc +4 -4
- data/third_party/re2/re2/onepass.cc +2 -2
- data/third_party/re2/re2/prefilter_tree.cc +27 -59
- data/third_party/re2/re2/prefilter_tree.h +3 -2
- data/third_party/re2/re2/prog.cc +11 -2
- data/third_party/re2/re2/prog.h +17 -5
- data/third_party/re2/re2/re2.cc +6 -11
- data/third_party/re2/re2/re2.h +1 -1
- data/third_party/re2/re2/regexp.cc +1 -2
- data/third_party/re2/re2/stringpiece.h +10 -7
- data/third_party/re2/re2/unicode_casefold.cc +25 -11
- data/third_party/re2/re2/unicode_groups.cc +319 -151
- data/third_party/re2/re2/walker-inl.h +3 -2
- data/third_party/re2/util/mutex.h +4 -4
- data/third_party/zlib/compress.c +3 -3
- data/third_party/zlib/crc32.c +21 -12
- data/third_party/zlib/deflate.c +112 -106
- data/third_party/zlib/deflate.h +2 -2
- data/third_party/zlib/gzlib.c +1 -1
- data/third_party/zlib/gzread.c +3 -5
- data/third_party/zlib/gzwrite.c +1 -1
- data/third_party/zlib/infback.c +10 -7
- data/third_party/zlib/inflate.c +5 -2
- data/third_party/zlib/inftrees.c +2 -2
- data/third_party/zlib/inftrees.h +1 -1
- data/third_party/zlib/trees.c +61 -62
- data/third_party/zlib/uncompr.c +2 -2
- data/third_party/zlib/zconf.h +16 -3
- data/third_party/zlib/zlib.h +10 -10
- data/third_party/zlib/zutil.c +9 -7
- data/third_party/zlib/zutil.h +1 -0
- metadata +148 -42
- data/include/grpc/impl/codegen/gpr_slice.h +0 -71
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +0 -188
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +0 -187
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +0 -332
- data/src/core/ext/filters/http/message_compress/message_compress_filter.h +0 -52
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +0 -322
- data/src/core/ext/filters/server_config_selector/server_config_selector.cc +0 -62
- data/src/core/lib/gpr/murmur_hash.cc +0 -82
- data/src/core/lib/gpr/murmur_hash.h +0 -29
- data/src/core/lib/gpr/tls.h +0 -156
- data/src/core/lib/promise/call_push_pull.h +0 -148
- data/src/core/lib/slice/slice_api.cc +0 -39
- data/src/core/lib/slice/slice_refcount_base.h +0 -60
@@ -1,20 +1,20 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
1
|
+
//
|
2
|
+
//
|
3
|
+
// Copyright 2015 gRPC authors.
|
4
|
+
//
|
5
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
// you may not use this file except in compliance with the License.
|
7
|
+
// You may obtain a copy of the License at
|
8
|
+
//
|
9
|
+
// http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
//
|
11
|
+
// Unless required by applicable law or agreed to in writing, software
|
12
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
// See the License for the specific language governing permissions and
|
15
|
+
// limitations under the License.
|
16
|
+
//
|
17
|
+
//
|
18
18
|
|
19
19
|
#include <grpc/support/port_platform.h>
|
20
20
|
|
@@ -23,9 +23,9 @@
|
|
23
23
|
#include <limits.h>
|
24
24
|
#include <string.h>
|
25
25
|
|
26
|
-
|
27
|
-
|
28
|
-
|
26
|
+
// TODO(jboeuf): refactor inet_ntop into a portability header.
|
27
|
+
// Note: for whomever reads this and tries to refactor this, this
|
28
|
+
// can't be in grpc, it has to be in gpr.
|
29
29
|
#ifdef GPR_WINDOWS
|
30
30
|
#include <ws2tcpip.h>
|
31
31
|
#else
|
@@ -36,7 +36,7 @@
|
|
36
36
|
#include <string>
|
37
37
|
|
38
38
|
#include <openssl/bio.h>
|
39
|
-
#include <openssl/crypto.h>
|
39
|
+
#include <openssl/crypto.h> // For OPENSSL_free
|
40
40
|
#include <openssl/engine.h>
|
41
41
|
#include <openssl/err.h>
|
42
42
|
#include <openssl/ssl.h>
|
@@ -56,31 +56,33 @@
|
|
56
56
|
#include <grpc/support/thd_id.h>
|
57
57
|
|
58
58
|
#include "src/core/lib/gpr/useful.h"
|
59
|
+
#include "src/core/lib/gprpp/crash.h"
|
59
60
|
#include "src/core/tsi/ssl/key_logging/ssl_key_logging.h"
|
60
61
|
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
|
62
|
+
#include "src/core/tsi/ssl_transport_security_utils.h"
|
61
63
|
#include "src/core/tsi/ssl_types.h"
|
62
64
|
#include "src/core/tsi/transport_security.h"
|
63
65
|
|
64
|
-
|
66
|
+
// --- Constants. ---
|
65
67
|
|
66
68
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND 16384
|
67
69
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND 1024
|
68
70
|
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE 1024
|
69
71
|
|
70
|
-
|
71
|
-
|
72
|
-
|
72
|
+
// Putting a macro like this and littering the source file with #if is really
|
73
|
+
// bad practice.
|
74
|
+
// TODO(jboeuf): refactor all the #if / #endif in a separate module.
|
73
75
|
#ifndef TSI_OPENSSL_ALPN_SUPPORT
|
74
76
|
#define TSI_OPENSSL_ALPN_SUPPORT 1
|
75
77
|
#endif
|
76
78
|
|
77
|
-
|
78
|
-
|
79
|
+
// TODO(jboeuf): I have not found a way to get this number dynamically from the
|
80
|
+
// SSL structure. This is what we would ultimately want though...
|
79
81
|
#define TSI_SSL_MAX_PROTECTION_OVERHEAD 100
|
80
82
|
|
81
83
|
using TlsSessionKeyLogger = tsi::TlsSessionKeyLoggerCache::TlsSessionKeyLogger;
|
82
84
|
|
83
|
-
|
85
|
+
// --- Structure definitions. ---
|
84
86
|
|
85
87
|
struct tsi_ssl_root_certs_store {
|
86
88
|
X509_STORE* store;
|
@@ -101,9 +103,9 @@ struct tsi_ssl_client_handshaker_factory {
|
|
101
103
|
};
|
102
104
|
|
103
105
|
struct tsi_ssl_server_handshaker_factory {
|
104
|
-
|
105
|
-
|
106
|
-
|
106
|
+
// Several contexts to support SNI.
|
107
|
+
// The tsi_peer array contains the subject names of the server certificates
|
108
|
+
// associated with the contexts at the same index.
|
107
109
|
tsi_ssl_handshaker_factory base;
|
108
110
|
SSL_CTX** ssl_contexts;
|
109
111
|
tsi_peer* ssl_context_x509_subject_names;
|
@@ -137,7 +139,7 @@ struct tsi_ssl_frame_protector {
|
|
137
139
|
size_t buffer_size;
|
138
140
|
size_t buffer_offset;
|
139
141
|
};
|
140
|
-
|
142
|
+
// --- Library Initialization. ---
|
141
143
|
|
142
144
|
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
143
145
|
static int g_ssl_ctx_ex_factory_index = -1;
|
@@ -193,34 +195,9 @@ static void init_openssl(void) {
|
|
193
195
|
GPR_ASSERT(g_ssl_ctx_ex_factory_index != -1);
|
194
196
|
}
|
195
197
|
|
196
|
-
|
197
|
-
|
198
|
-
static const char* ssl_error_string(int error) {
|
199
|
-
switch (error) {
|
200
|
-
case SSL_ERROR_NONE:
|
201
|
-
return "SSL_ERROR_NONE";
|
202
|
-
case SSL_ERROR_ZERO_RETURN:
|
203
|
-
return "SSL_ERROR_ZERO_RETURN";
|
204
|
-
case SSL_ERROR_WANT_READ:
|
205
|
-
return "SSL_ERROR_WANT_READ";
|
206
|
-
case SSL_ERROR_WANT_WRITE:
|
207
|
-
return "SSL_ERROR_WANT_WRITE";
|
208
|
-
case SSL_ERROR_WANT_CONNECT:
|
209
|
-
return "SSL_ERROR_WANT_CONNECT";
|
210
|
-
case SSL_ERROR_WANT_ACCEPT:
|
211
|
-
return "SSL_ERROR_WANT_ACCEPT";
|
212
|
-
case SSL_ERROR_WANT_X509_LOOKUP:
|
213
|
-
return "SSL_ERROR_WANT_X509_LOOKUP";
|
214
|
-
case SSL_ERROR_SYSCALL:
|
215
|
-
return "SSL_ERROR_SYSCALL";
|
216
|
-
case SSL_ERROR_SSL:
|
217
|
-
return "SSL_ERROR_SSL";
|
218
|
-
default:
|
219
|
-
return "Unknown error";
|
220
|
-
}
|
221
|
-
}
|
198
|
+
// --- Ssl utils. ---
|
222
199
|
|
223
|
-
|
200
|
+
// TODO(jboeuf): Remove when we are past the debugging phase with this code.
|
224
201
|
static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
225
202
|
const char* msg) {
|
226
203
|
if ((where & flag) && GRPC_TRACE_FLAG_ENABLED(tsi_tracing_enabled)) {
|
@@ -229,7 +206,7 @@ static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
|
229
206
|
}
|
230
207
|
}
|
231
208
|
|
232
|
-
|
209
|
+
// Used for debugging. TODO(jboeuf): Remove when code is mature enough.
|
233
210
|
static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
234
211
|
if (ret == 0) {
|
235
212
|
gpr_log(GPR_ERROR, "ssl_info_callback: error occurred.\n");
|
@@ -241,14 +218,14 @@ static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
|
241
218
|
ssl_log_where_info(ssl, where, SSL_CB_HANDSHAKE_DONE, "HANDSHAKE DONE");
|
242
219
|
}
|
243
220
|
|
244
|
-
|
245
|
-
|
221
|
+
// Returns 1 if name looks like an IP address, 0 otherwise.
|
222
|
+
// This is a very rough heuristic, and only handles IPv6 in hexadecimal form.
|
246
223
|
static int looks_like_ip_address(absl::string_view name) {
|
247
224
|
size_t dot_count = 0;
|
248
225
|
size_t num_size = 0;
|
249
226
|
for (size_t i = 0; i < name.size(); ++i) {
|
250
227
|
if (name[i] == ':') {
|
251
|
-
|
228
|
+
// IPv6 Address in hexadecimal form, : is not allowed in DNS names.
|
252
229
|
return 1;
|
253
230
|
}
|
254
231
|
if (name[i] >= '0' && name[i] <= '9') {
|
@@ -266,7 +243,7 @@ static int looks_like_ip_address(absl::string_view name) {
|
|
266
243
|
return 1;
|
267
244
|
}
|
268
245
|
|
269
|
-
|
246
|
+
// Gets the subject CN from an X509 cert.
|
270
247
|
static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
|
271
248
|
size_t* utf8_size) {
|
272
249
|
int common_name_index = -1;
|
@@ -304,7 +281,7 @@ static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
|
|
304
281
|
return TSI_OK;
|
305
282
|
}
|
306
283
|
|
307
|
-
|
284
|
+
// Gets the subject CN of an X509 cert as a tsi_peer_property.
|
308
285
|
static tsi_result peer_property_from_x509_common_name(
|
309
286
|
X509* cert, tsi_peer_property* property) {
|
310
287
|
unsigned char* common_name;
|
@@ -327,7 +304,7 @@ static tsi_result peer_property_from_x509_common_name(
|
|
327
304
|
return result;
|
328
305
|
}
|
329
306
|
|
330
|
-
|
307
|
+
// Gets the subject of an X509 cert as a tsi_peer_property.
|
331
308
|
static tsi_result peer_property_from_x509_subject(X509* cert,
|
332
309
|
tsi_peer_property* property) {
|
333
310
|
X509_NAME* subject_name = X509_get_subject_name(cert);
|
@@ -351,7 +328,7 @@ static tsi_result peer_property_from_x509_subject(X509* cert,
|
|
351
328
|
return result;
|
352
329
|
}
|
353
330
|
|
354
|
-
|
331
|
+
// Gets the X509 cert in PEM format as a tsi_peer_property.
|
355
332
|
static tsi_result add_pem_certificate(X509* cert, tsi_peer_property* property) {
|
356
333
|
BIO* bio = BIO_new(BIO_s_mem());
|
357
334
|
if (!PEM_write_bio_X509(bio, cert)) {
|
@@ -370,7 +347,7 @@ static tsi_result add_pem_certificate(X509* cert, tsi_peer_property* property) {
|
|
370
347
|
return result;
|
371
348
|
}
|
372
349
|
|
373
|
-
|
350
|
+
// Gets the subject SANs from an X509 cert as a tsi_peer_property.
|
374
351
|
static tsi_result add_subject_alt_names_properties_to_peer(
|
375
352
|
tsi_peer* peer, GENERAL_NAMES* subject_alt_names,
|
376
353
|
size_t subject_alt_name_count, int* current_insert_index) {
|
@@ -453,10 +430,10 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
453
430
|
return result;
|
454
431
|
}
|
455
432
|
|
456
|
-
|
433
|
+
// Gets information about the peer's X509 cert as a tsi_peer object.
|
457
434
|
static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
458
435
|
tsi_peer* peer) {
|
459
|
-
|
436
|
+
// TODO(jboeuf): Maybe add more properties.
|
460
437
|
GENERAL_NAMES* subject_alt_names = static_cast<GENERAL_NAMES*>(
|
461
438
|
X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr));
|
462
439
|
int subject_alt_name_count =
|
@@ -466,7 +443,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
466
443
|
size_t property_count;
|
467
444
|
tsi_result result;
|
468
445
|
GPR_ASSERT(subject_alt_name_count >= 0);
|
469
|
-
property_count = (include_certificate_type ?
|
446
|
+
property_count = (include_certificate_type ? size_t{1} : 0) +
|
470
447
|
3 /* subject, common name, certificate */ +
|
471
448
|
static_cast<size_t>(subject_alt_name_count);
|
472
449
|
for (int i = 0; i < subject_alt_name_count; i++) {
|
@@ -523,72 +500,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
523
500
|
return result;
|
524
501
|
}
|
525
502
|
|
526
|
-
|
527
|
-
static void log_ssl_error_stack(void) {
|
528
|
-
unsigned long err;
|
529
|
-
while ((err = ERR_get_error()) != 0) {
|
530
|
-
char details[256];
|
531
|
-
ERR_error_string_n(static_cast<uint32_t>(err), details, sizeof(details));
|
532
|
-
gpr_log(GPR_ERROR, "%s", details);
|
533
|
-
}
|
534
|
-
}
|
535
|
-
|
536
|
-
/* Performs an SSL_read and handle errors. */
|
537
|
-
static tsi_result do_ssl_read(SSL* ssl, unsigned char* unprotected_bytes,
|
538
|
-
size_t* unprotected_bytes_size) {
|
539
|
-
GPR_ASSERT(*unprotected_bytes_size <= INT_MAX);
|
540
|
-
ERR_clear_error();
|
541
|
-
int read_from_ssl = SSL_read(ssl, unprotected_bytes,
|
542
|
-
static_cast<int>(*unprotected_bytes_size));
|
543
|
-
if (read_from_ssl <= 0) {
|
544
|
-
read_from_ssl = SSL_get_error(ssl, read_from_ssl);
|
545
|
-
switch (read_from_ssl) {
|
546
|
-
case SSL_ERROR_ZERO_RETURN: /* Received a close_notify alert. */
|
547
|
-
case SSL_ERROR_WANT_READ: /* We need more data to finish the frame. */
|
548
|
-
*unprotected_bytes_size = 0;
|
549
|
-
return TSI_OK;
|
550
|
-
case SSL_ERROR_WANT_WRITE:
|
551
|
-
gpr_log(
|
552
|
-
GPR_ERROR,
|
553
|
-
"Peer tried to renegotiate SSL connection. This is unsupported.");
|
554
|
-
return TSI_UNIMPLEMENTED;
|
555
|
-
case SSL_ERROR_SSL:
|
556
|
-
gpr_log(GPR_ERROR, "Corruption detected.");
|
557
|
-
log_ssl_error_stack();
|
558
|
-
return TSI_DATA_CORRUPTED;
|
559
|
-
default:
|
560
|
-
gpr_log(GPR_ERROR, "SSL_read failed with error %s.",
|
561
|
-
ssl_error_string(read_from_ssl));
|
562
|
-
return TSI_PROTOCOL_FAILURE;
|
563
|
-
}
|
564
|
-
}
|
565
|
-
*unprotected_bytes_size = static_cast<size_t>(read_from_ssl);
|
566
|
-
return TSI_OK;
|
567
|
-
}
|
568
|
-
|
569
|
-
/* Performs an SSL_write and handle errors. */
|
570
|
-
static tsi_result do_ssl_write(SSL* ssl, unsigned char* unprotected_bytes,
|
571
|
-
size_t unprotected_bytes_size) {
|
572
|
-
GPR_ASSERT(unprotected_bytes_size <= INT_MAX);
|
573
|
-
ERR_clear_error();
|
574
|
-
int ssl_write_result = SSL_write(ssl, unprotected_bytes,
|
575
|
-
static_cast<int>(unprotected_bytes_size));
|
576
|
-
if (ssl_write_result < 0) {
|
577
|
-
ssl_write_result = SSL_get_error(ssl, ssl_write_result);
|
578
|
-
if (ssl_write_result == SSL_ERROR_WANT_READ) {
|
579
|
-
gpr_log(GPR_ERROR,
|
580
|
-
"Peer tried to renegotiate SSL connection. This is unsupported.");
|
581
|
-
return TSI_UNIMPLEMENTED;
|
582
|
-
} else {
|
583
|
-
gpr_log(GPR_ERROR, "SSL_write failed with error %s.",
|
584
|
-
ssl_error_string(ssl_write_result));
|
585
|
-
return TSI_INTERNAL_ERROR;
|
586
|
-
}
|
587
|
-
}
|
588
|
-
return TSI_OK;
|
589
|
-
}
|
590
|
-
|
591
|
-
/* Loads an in-memory PEM certificate chain into the SSL context. */
|
503
|
+
// Loads an in-memory PEM certificate chain into the SSL context.
|
592
504
|
static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
593
505
|
const char* pem_cert_chain,
|
594
506
|
size_t pem_cert_chain_size) {
|
@@ -615,17 +527,17 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
615
527
|
PEM_read_bio_X509(pem, nullptr, nullptr, const_cast<char*>(""));
|
616
528
|
if (certificate_authority == nullptr) {
|
617
529
|
ERR_clear_error();
|
618
|
-
break;
|
530
|
+
break; // Done reading.
|
619
531
|
}
|
620
532
|
if (!SSL_CTX_add_extra_chain_cert(context, certificate_authority)) {
|
621
533
|
X509_free(certificate_authority);
|
622
534
|
result = TSI_INVALID_ARGUMENT;
|
623
535
|
break;
|
624
536
|
}
|
625
|
-
|
626
|
-
|
627
|
-
|
628
|
-
|
537
|
+
// We don't need to free certificate_authority as its ownership has been
|
538
|
+
// transferred to the context. That is not the case for certificate
|
539
|
+
// though.
|
540
|
+
//
|
629
541
|
}
|
630
542
|
} while (false);
|
631
543
|
|
@@ -707,7 +619,7 @@ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
|
707
619
|
if (engine_name != nullptr) gpr_free(engine_name);
|
708
620
|
return result;
|
709
621
|
}
|
710
|
-
#endif
|
622
|
+
#endif // !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ENGINE)
|
711
623
|
|
712
624
|
static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
713
625
|
const char* pem_key,
|
@@ -735,7 +647,7 @@ static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
|
735
647
|
return result;
|
736
648
|
}
|
737
649
|
|
738
|
-
|
650
|
+
// Loads an in-memory PEM private key into the SSL context.
|
739
651
|
static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
740
652
|
size_t pem_key_size) {
|
741
653
|
// BoringSSL does not have ENGINE support
|
@@ -743,14 +655,14 @@ static tsi_result ssl_ctx_use_private_key(SSL_CTX* context, const char* pem_key,
|
|
743
655
|
if (strncmp(pem_key, kSslEnginePrefix, strlen(kSslEnginePrefix)) == 0) {
|
744
656
|
return ssl_ctx_use_engine_private_key(context, pem_key, pem_key_size);
|
745
657
|
} else
|
746
|
-
#endif
|
658
|
+
#endif // !defined(OPENSSL_IS_BORINGSSL) && !defined(OPENSSL_NO_ENGINE)
|
747
659
|
{
|
748
660
|
return ssl_ctx_use_pem_private_key(context, pem_key, pem_key_size);
|
749
661
|
}
|
750
662
|
}
|
751
663
|
|
752
|
-
|
753
|
-
|
664
|
+
// Loads in-memory PEM verification certs into the SSL context and optionally
|
665
|
+
// returns the verification cert names (root_names can be NULL).
|
754
666
|
static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
755
667
|
const char* pem_roots,
|
756
668
|
size_t pem_roots_size,
|
@@ -773,7 +685,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
773
685
|
root = PEM_read_bio_X509_AUX(pem, nullptr, nullptr, const_cast<char*>(""));
|
774
686
|
if (root == nullptr) {
|
775
687
|
ERR_clear_error();
|
776
|
-
break;
|
688
|
+
break; // We're at the end of stream.
|
777
689
|
}
|
778
690
|
if (root_names != nullptr) {
|
779
691
|
root_name = X509_get_subject_name(root);
|
@@ -832,8 +744,8 @@ static tsi_result ssl_ctx_load_verification_certs(SSL_CTX* context,
|
|
832
744
|
root_name);
|
833
745
|
}
|
834
746
|
|
835
|
-
|
836
|
-
|
747
|
+
// Populates the SSL context with a private key and a cert chain, and sets the
|
748
|
+
// cipher list and the ephemeral ECDH key.
|
837
749
|
static tsi_result populate_ssl_context(
|
838
750
|
SSL_CTX* context, const tsi_ssl_pem_key_cert_pair* key_cert_pair,
|
839
751
|
const char* cipher_list) {
|
@@ -874,7 +786,7 @@ static tsi_result populate_ssl_context(
|
|
874
786
|
return TSI_OK;
|
875
787
|
}
|
876
788
|
|
877
|
-
|
789
|
+
// Extracts the CN and the SANs from an X509 cert as a peer object.
|
878
790
|
tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
879
791
|
const char* pem_cert, tsi_peer* peer) {
|
880
792
|
tsi_result result = TSI_OK;
|
@@ -895,7 +807,7 @@ tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
|
895
807
|
return result;
|
896
808
|
}
|
897
809
|
|
898
|
-
|
810
|
+
// Builds the alpn protocol name list according to rfc 7301.
|
899
811
|
static tsi_result build_alpn_protocol_name_list(
|
900
812
|
const char** alpn_protocols, uint16_t num_alpn_protocols,
|
901
813
|
unsigned char** protocol_name_list, size_t* protocol_name_list_length) {
|
@@ -920,11 +832,11 @@ static tsi_result build_alpn_protocol_name_list(
|
|
920
832
|
current = *protocol_name_list;
|
921
833
|
for (i = 0; i < num_alpn_protocols; i++) {
|
922
834
|
size_t length = strlen(alpn_protocols[i]);
|
923
|
-
*(current++) = static_cast<uint8_t>(length);
|
835
|
+
*(current++) = static_cast<uint8_t>(length); // max checked above.
|
924
836
|
memcpy(current, alpn_protocols[i], length);
|
925
837
|
current += length;
|
926
838
|
}
|
927
|
-
|
839
|
+
// Safety check.
|
928
840
|
if ((current < *protocol_name_list) ||
|
929
841
|
(static_cast<uintptr_t>(current - *protocol_name_list) !=
|
930
842
|
*protocol_name_list_length)) {
|
@@ -996,7 +908,7 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
996
908
|
return TSI_OK;
|
997
909
|
}
|
998
910
|
|
999
|
-
|
911
|
+
// --- tsi_ssl_root_certs_store methods implementation. ---
|
1000
912
|
|
1001
913
|
tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create(
|
1002
914
|
const char* pem_roots) {
|
@@ -1033,15 +945,15 @@ void tsi_ssl_root_certs_store_destroy(tsi_ssl_root_certs_store* self) {
|
|
1033
945
|
gpr_free(self);
|
1034
946
|
}
|
1035
947
|
|
1036
|
-
|
948
|
+
// --- tsi_ssl_session_cache methods implementation. ---
|
1037
949
|
|
1038
950
|
tsi_ssl_session_cache* tsi_ssl_session_cache_create_lru(size_t capacity) {
|
1039
|
-
|
951
|
+
// Pointer will be dereferenced by unref call.
|
1040
952
|
return tsi::SslSessionLRUCache::Create(capacity).release()->c_ptr();
|
1041
953
|
}
|
1042
954
|
|
1043
955
|
void tsi_ssl_session_cache_ref(tsi_ssl_session_cache* cache) {
|
1044
|
-
|
956
|
+
// Pointer will be dereferenced by unref call.
|
1045
957
|
tsi::SslSessionLRUCache::FromC(cache)->Ref().release();
|
1046
958
|
}
|
1047
959
|
|
@@ -1049,7 +961,7 @@ void tsi_ssl_session_cache_unref(tsi_ssl_session_cache* cache) {
|
|
1049
961
|
tsi::SslSessionLRUCache::FromC(cache)->Unref();
|
1050
962
|
}
|
1051
963
|
|
1052
|
-
|
964
|
+
// --- tsi_frame_protector methods implementation. ---
|
1053
965
|
|
1054
966
|
static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
1055
967
|
const unsigned char* unprotected_bytes,
|
@@ -1058,130 +970,33 @@ static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
|
1058
970
|
size_t* protected_output_frames_size) {
|
1059
971
|
tsi_ssl_frame_protector* impl =
|
1060
972
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
1061
|
-
int read_from_ssl;
|
1062
|
-
size_t available;
|
1063
|
-
tsi_result result = TSI_OK;
|
1064
|
-
|
1065
|
-
/* First see if we have some pending data in the SSL BIO. */
|
1066
|
-
int pending_in_ssl = static_cast<int>(BIO_pending(impl->network_io));
|
1067
|
-
if (pending_in_ssl > 0) {
|
1068
|
-
*unprotected_bytes_size = 0;
|
1069
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
1070
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
1071
|
-
static_cast<int>(*protected_output_frames_size));
|
1072
|
-
if (read_from_ssl < 0) {
|
1073
|
-
gpr_log(GPR_ERROR,
|
1074
|
-
"Could not read from BIO even though some data is pending");
|
1075
|
-
return TSI_INTERNAL_ERROR;
|
1076
|
-
}
|
1077
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
1078
|
-
return TSI_OK;
|
1079
|
-
}
|
1080
973
|
|
1081
|
-
|
1082
|
-
|
1083
|
-
|
1084
|
-
|
1085
|
-
memcpy(impl->buffer + impl->buffer_offset, unprotected_bytes,
|
1086
|
-
*unprotected_bytes_size);
|
1087
|
-
impl->buffer_offset += *unprotected_bytes_size;
|
1088
|
-
*protected_output_frames_size = 0;
|
1089
|
-
return TSI_OK;
|
1090
|
-
}
|
1091
|
-
|
1092
|
-
/* If we can, prepare the buffer, send it to SSL_write and read. */
|
1093
|
-
memcpy(impl->buffer + impl->buffer_offset, unprotected_bytes, available);
|
1094
|
-
result = do_ssl_write(impl->ssl, impl->buffer, impl->buffer_size);
|
1095
|
-
if (result != TSI_OK) return result;
|
1096
|
-
|
1097
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
1098
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
1099
|
-
static_cast<int>(*protected_output_frames_size));
|
1100
|
-
if (read_from_ssl < 0) {
|
1101
|
-
gpr_log(GPR_ERROR, "Could not read from BIO after SSL_write.");
|
1102
|
-
return TSI_INTERNAL_ERROR;
|
1103
|
-
}
|
1104
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
1105
|
-
*unprotected_bytes_size = available;
|
1106
|
-
impl->buffer_offset = 0;
|
1107
|
-
return TSI_OK;
|
974
|
+
return grpc_core::SslProtectorProtect(
|
975
|
+
unprotected_bytes, impl->buffer_size, impl->buffer_offset, impl->buffer,
|
976
|
+
impl->ssl, impl->network_io, unprotected_bytes_size,
|
977
|
+
protected_output_frames, protected_output_frames_size);
|
1108
978
|
}
|
1109
979
|
|
1110
980
|
static tsi_result ssl_protector_protect_flush(
|
1111
981
|
tsi_frame_protector* self, unsigned char* protected_output_frames,
|
1112
982
|
size_t* protected_output_frames_size, size_t* still_pending_size) {
|
1113
|
-
tsi_result result = TSI_OK;
|
1114
983
|
tsi_ssl_frame_protector* impl =
|
1115
984
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
1116
|
-
|
1117
|
-
|
1118
|
-
|
1119
|
-
|
1120
|
-
result = do_ssl_write(impl->ssl, impl->buffer, impl->buffer_offset);
|
1121
|
-
if (result != TSI_OK) return result;
|
1122
|
-
impl->buffer_offset = 0;
|
1123
|
-
}
|
1124
|
-
|
1125
|
-
pending = static_cast<int>(BIO_pending(impl->network_io));
|
1126
|
-
GPR_ASSERT(pending >= 0);
|
1127
|
-
*still_pending_size = static_cast<size_t>(pending);
|
1128
|
-
if (*still_pending_size == 0) return TSI_OK;
|
1129
|
-
|
1130
|
-
GPR_ASSERT(*protected_output_frames_size <= INT_MAX);
|
1131
|
-
read_from_ssl = BIO_read(impl->network_io, protected_output_frames,
|
1132
|
-
static_cast<int>(*protected_output_frames_size));
|
1133
|
-
if (read_from_ssl <= 0) {
|
1134
|
-
gpr_log(GPR_ERROR, "Could not read from BIO after SSL_write.");
|
1135
|
-
return TSI_INTERNAL_ERROR;
|
1136
|
-
}
|
1137
|
-
*protected_output_frames_size = static_cast<size_t>(read_from_ssl);
|
1138
|
-
pending = static_cast<int>(BIO_pending(impl->network_io));
|
1139
|
-
GPR_ASSERT(pending >= 0);
|
1140
|
-
*still_pending_size = static_cast<size_t>(pending);
|
1141
|
-
return TSI_OK;
|
985
|
+
return grpc_core::SslProtectorProtectFlush(
|
986
|
+
impl->buffer_offset, impl->buffer, impl->ssl, impl->network_io,
|
987
|
+
protected_output_frames, protected_output_frames_size,
|
988
|
+
still_pending_size);
|
1142
989
|
}
|
1143
990
|
|
1144
991
|
static tsi_result ssl_protector_unprotect(
|
1145
992
|
tsi_frame_protector* self, const unsigned char* protected_frames_bytes,
|
1146
993
|
size_t* protected_frames_bytes_size, unsigned char* unprotected_bytes,
|
1147
994
|
size_t* unprotected_bytes_size) {
|
1148
|
-
tsi_result result = TSI_OK;
|
1149
|
-
int written_into_ssl = 0;
|
1150
|
-
size_t output_bytes_size = *unprotected_bytes_size;
|
1151
|
-
size_t output_bytes_offset = 0;
|
1152
995
|
tsi_ssl_frame_protector* impl =
|
1153
996
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
1154
|
-
|
1155
|
-
|
1156
|
-
|
1157
|
-
if (result != TSI_OK) return result;
|
1158
|
-
if (*unprotected_bytes_size == output_bytes_size) {
|
1159
|
-
/* We have read everything we could and cannot process any more input. */
|
1160
|
-
*protected_frames_bytes_size = 0;
|
1161
|
-
return TSI_OK;
|
1162
|
-
}
|
1163
|
-
output_bytes_offset = *unprotected_bytes_size;
|
1164
|
-
unprotected_bytes += output_bytes_offset;
|
1165
|
-
*unprotected_bytes_size = output_bytes_size - output_bytes_offset;
|
1166
|
-
|
1167
|
-
/* Then, try to write some data to ssl. */
|
1168
|
-
GPR_ASSERT(*protected_frames_bytes_size <= INT_MAX);
|
1169
|
-
written_into_ssl = BIO_write(impl->network_io, protected_frames_bytes,
|
1170
|
-
static_cast<int>(*protected_frames_bytes_size));
|
1171
|
-
if (written_into_ssl < 0) {
|
1172
|
-
gpr_log(GPR_ERROR, "Sending protected frame to ssl failed with %d",
|
1173
|
-
written_into_ssl);
|
1174
|
-
return TSI_INTERNAL_ERROR;
|
1175
|
-
}
|
1176
|
-
*protected_frames_bytes_size = static_cast<size_t>(written_into_ssl);
|
1177
|
-
|
1178
|
-
/* Now try to read some data again. */
|
1179
|
-
result = do_ssl_read(impl->ssl, unprotected_bytes, unprotected_bytes_size);
|
1180
|
-
if (result == TSI_OK) {
|
1181
|
-
/* Don't forget to output the total number of bytes read. */
|
1182
|
-
*unprotected_bytes_size += output_bytes_offset;
|
1183
|
-
}
|
1184
|
-
return result;
|
997
|
+
return grpc_core::SslProtectorUnprotect(
|
998
|
+
protected_frames_bytes, impl->ssl, impl->network_io,
|
999
|
+
protected_frames_bytes_size, unprotected_bytes, unprotected_bytes_size);
|
1185
1000
|
}
|
1186
1001
|
|
1187
1002
|
static void ssl_protector_destroy(tsi_frame_protector* self) {
|
@@ -1200,7 +1015,7 @@ static const tsi_frame_protector_vtable frame_protector_vtable = {
|
|
1200
1015
|
ssl_protector_destroy,
|
1201
1016
|
};
|
1202
1017
|
|
1203
|
-
|
1018
|
+
// --- tsi_server_handshaker_factory methods implementation. ---
|
1204
1019
|
|
1205
1020
|
static void tsi_ssl_handshaker_factory_destroy(
|
1206
1021
|
tsi_ssl_handshaker_factory* factory) {
|
@@ -1209,9 +1024,9 @@ static void tsi_ssl_handshaker_factory_destroy(
|
|
1209
1024
|
if (factory->vtable != nullptr && factory->vtable->destroy != nullptr) {
|
1210
1025
|
factory->vtable->destroy(factory);
|
1211
1026
|
}
|
1212
|
-
|
1213
|
-
|
1214
|
-
|
1027
|
+
// Note, we don't free(self) here because this object is always directly
|
1028
|
+
// embedded in another object. If tsi_ssl_handshaker_factory_init allocates
|
1029
|
+
// any memory, it should be free'd here.
|
1215
1030
|
}
|
1216
1031
|
|
1217
1032
|
static tsi_ssl_handshaker_factory* tsi_ssl_handshaker_factory_ref(
|
@@ -1232,8 +1047,8 @@ static void tsi_ssl_handshaker_factory_unref(
|
|
1232
1047
|
|
1233
1048
|
static tsi_ssl_handshaker_factory_vtable handshaker_factory_vtable = {nullptr};
|
1234
1049
|
|
1235
|
-
|
1236
|
-
|
1050
|
+
// Initializes a tsi_ssl_handshaker_factory object. Caller is responsible for
|
1051
|
+
// allocating memory for the factory.
|
1237
1052
|
static void tsi_ssl_handshaker_factory_init(
|
1238
1053
|
tsi_ssl_handshaker_factory* factory) {
|
1239
1054
|
GPR_ASSERT(factory != nullptr);
|
@@ -1242,7 +1057,7 @@ static void tsi_ssl_handshaker_factory_init(
|
|
1242
1057
|
gpr_ref_init(&factory->refcount, 1);
|
1243
1058
|
}
|
1244
1059
|
|
1245
|
-
|
1060
|
+
// Gets the X509 cert chain in PEM format as a tsi_peer_property.
|
1246
1061
|
tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
|
1247
1062
|
tsi_peer_property* property) {
|
1248
1063
|
BIO* bio = BIO_new(BIO_s_mem());
|
@@ -1266,7 +1081,7 @@ tsi_result tsi_ssl_get_cert_chain_contents(STACK_OF(X509) * peer_chain,
|
|
1266
1081
|
return result;
|
1267
1082
|
}
|
1268
1083
|
|
1269
|
-
|
1084
|
+
// --- tsi_handshaker_result methods implementation. ---
|
1270
1085
|
static tsi_result ssl_handshaker_result_extract_peer(
|
1271
1086
|
const tsi_handshaker_result* self, tsi_peer* peer) {
|
1272
1087
|
tsi_result result = TSI_OK;
|
@@ -1282,9 +1097,9 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1282
1097
|
}
|
1283
1098
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
1284
1099
|
SSL_get0_alpn_selected(impl->ssl, &alpn_selected, &alpn_selected_len);
|
1285
|
-
#endif
|
1100
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
1286
1101
|
if (alpn_selected == nullptr) {
|
1287
|
-
|
1102
|
+
// Try npn.
|
1288
1103
|
SSL_get0_next_proto_negotiated(impl->ssl, &alpn_selected,
|
1289
1104
|
&alpn_selected_len);
|
1290
1105
|
}
|
@@ -1376,7 +1191,7 @@ static tsi_result ssl_handshaker_result_create_frame_protector(
|
|
1376
1191
|
return TSI_INTERNAL_ERROR;
|
1377
1192
|
}
|
1378
1193
|
|
1379
|
-
|
1194
|
+
// Transfer ownership of ssl and network_io to the frame protector.
|
1380
1195
|
protector_impl->ssl = impl->ssl;
|
1381
1196
|
impl->ssl = nullptr;
|
1382
1197
|
protector_impl->network_io = impl->network_io;
|
@@ -1408,7 +1223,7 @@ static void ssl_handshaker_result_destroy(tsi_handshaker_result* self) {
|
|
1408
1223
|
static const tsi_handshaker_result_vtable handshaker_result_vtable = {
|
1409
1224
|
ssl_handshaker_result_extract_peer,
|
1410
1225
|
ssl_handshaker_result_get_frame_protector_type,
|
1411
|
-
nullptr,
|
1226
|
+
nullptr, // create_zero_copy_grpc_protector
|
1412
1227
|
ssl_handshaker_result_create_frame_protector,
|
1413
1228
|
ssl_handshaker_result_get_unused_bytes,
|
1414
1229
|
ssl_handshaker_result_destroy,
|
@@ -1426,19 +1241,19 @@ static tsi_result ssl_handshaker_result_create(
|
|
1426
1241
|
tsi_ssl_handshaker_result* result =
|
1427
1242
|
grpc_core::Zalloc<tsi_ssl_handshaker_result>();
|
1428
1243
|
result->base.vtable = &handshaker_result_vtable;
|
1429
|
-
|
1244
|
+
// Transfer ownership of ssl and network_io to the handshaker result.
|
1430
1245
|
result->ssl = handshaker->ssl;
|
1431
1246
|
handshaker->ssl = nullptr;
|
1432
1247
|
result->network_io = handshaker->network_io;
|
1433
1248
|
handshaker->network_io = nullptr;
|
1434
|
-
|
1249
|
+
// Transfer ownership of |unused_bytes| to the handshaker result.
|
1435
1250
|
result->unused_bytes = unused_bytes;
|
1436
1251
|
result->unused_bytes_size = unused_bytes_size;
|
1437
1252
|
*handshaker_result = &result->base;
|
1438
1253
|
return TSI_OK;
|
1439
1254
|
}
|
1440
1255
|
|
1441
|
-
|
1256
|
+
// --- tsi_handshaker methods implementation. ---
|
1442
1257
|
|
1443
1258
|
static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(
|
1444
1259
|
tsi_ssl_handshaker* impl, unsigned char* bytes, size_t* bytes_size,
|
@@ -1480,13 +1295,13 @@ static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl,
|
|
1480
1295
|
return impl->result;
|
1481
1296
|
} else {
|
1482
1297
|
ERR_clear_error();
|
1483
|
-
|
1298
|
+
// Get ready to get some bytes from SSL.
|
1484
1299
|
int ssl_result = SSL_do_handshake(impl->ssl);
|
1485
1300
|
ssl_result = SSL_get_error(impl->ssl, ssl_result);
|
1486
1301
|
switch (ssl_result) {
|
1487
1302
|
case SSL_ERROR_WANT_READ:
|
1488
1303
|
if (BIO_pending(impl->network_io) == 0) {
|
1489
|
-
|
1304
|
+
// We need more data.
|
1490
1305
|
return TSI_INCOMPLETE_DATA;
|
1491
1306
|
} else {
|
1492
1307
|
return TSI_OK;
|
@@ -1499,9 +1314,10 @@ static tsi_result ssl_handshaker_do_handshake(tsi_ssl_handshaker* impl,
|
|
1499
1314
|
char err_str[256];
|
1500
1315
|
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
1501
1316
|
gpr_log(GPR_ERROR, "Handshake failed with fatal error %s: %s.",
|
1502
|
-
|
1317
|
+
grpc_core::SslErrorString(ssl_result), err_str);
|
1503
1318
|
if (error != nullptr) {
|
1504
|
-
*error = absl::StrCat(
|
1319
|
+
*error = absl::StrCat(grpc_core::SslErrorString(ssl_result), ": ",
|
1320
|
+
err_str);
|
1505
1321
|
}
|
1506
1322
|
impl->result = TSI_PROTOCOL_FAILURE;
|
1507
1323
|
return impl->result;
|
@@ -1608,14 +1424,14 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1608
1424
|
tsi_handshaker_result** handshaker_result,
|
1609
1425
|
tsi_handshaker_on_next_done_cb /*cb*/,
|
1610
1426
|
void* /*user_data*/, std::string* error) {
|
1611
|
-
|
1427
|
+
// Input sanity check.
|
1612
1428
|
if ((received_bytes_size > 0 && received_bytes == nullptr) ||
|
1613
1429
|
bytes_to_send == nullptr || bytes_to_send_size == nullptr ||
|
1614
1430
|
handshaker_result == nullptr) {
|
1615
1431
|
if (error != nullptr) *error = "invalid argument";
|
1616
1432
|
return TSI_INVALID_ARGUMENT;
|
1617
1433
|
}
|
1618
|
-
|
1434
|
+
// If there are received bytes, process them first.
|
1619
1435
|
tsi_ssl_handshaker* impl = reinterpret_cast<tsi_ssl_handshaker*>(self);
|
1620
1436
|
tsi_result status = TSI_OK;
|
1621
1437
|
size_t bytes_consumed = received_bytes_size;
|
@@ -1630,12 +1446,12 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1630
1446
|
}
|
1631
1447
|
}
|
1632
1448
|
if (status != TSI_OK) return status;
|
1633
|
-
|
1449
|
+
// Get bytes to send to the peer, if available.
|
1634
1450
|
status = ssl_handshaker_write_output_buffer(self, &bytes_written, error);
|
1635
1451
|
if (status != TSI_OK) return status;
|
1636
1452
|
*bytes_to_send = impl->outgoing_bytes_buffer;
|
1637
1453
|
*bytes_to_send_size = bytes_written;
|
1638
|
-
|
1454
|
+
// If handshake completes, create tsi_handshaker_result.
|
1639
1455
|
if (ssl_handshaker_get_result(impl) == TSI_HANDSHAKE_IN_PROGRESS) {
|
1640
1456
|
*handshaker_result = nullptr;
|
1641
1457
|
} else {
|
@@ -1657,8 +1473,8 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1657
1473
|
status = ssl_handshaker_result_create(impl, unused_bytes, unused_bytes_size,
|
1658
1474
|
handshaker_result, error);
|
1659
1475
|
if (status == TSI_OK) {
|
1660
|
-
|
1661
|
-
|
1476
|
+
// Indicates that the handshake has completed and that a handshaker_result
|
1477
|
+
// has been created.
|
1662
1478
|
self->handshaker_result_created = true;
|
1663
1479
|
}
|
1664
1480
|
}
|
@@ -1666,17 +1482,17 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1666
1482
|
}
|
1667
1483
|
|
1668
1484
|
static const tsi_handshaker_vtable handshaker_vtable = {
|
1669
|
-
nullptr,
|
1670
|
-
nullptr,
|
1671
|
-
nullptr,
|
1672
|
-
nullptr,
|
1673
|
-
nullptr,
|
1485
|
+
nullptr, // get_bytes_to_send_to_peer -- deprecated
|
1486
|
+
nullptr, // process_bytes_from_peer -- deprecated
|
1487
|
+
nullptr, // get_result -- deprecated
|
1488
|
+
nullptr, // extract_peer -- deprecated
|
1489
|
+
nullptr, // create_frame_protector -- deprecated
|
1674
1490
|
ssl_handshaker_destroy,
|
1675
1491
|
ssl_handshaker_next,
|
1676
|
-
nullptr,
|
1492
|
+
nullptr, // shutdown
|
1677
1493
|
};
|
1678
1494
|
|
1679
|
-
|
1495
|
+
// --- tsi_ssl_handshaker_factory common methods. ---
|
1680
1496
|
|
1681
1497
|
static void tsi_ssl_handshaker_resume_session(
|
1682
1498
|
SSL* ssl, tsi::SslSessionLRUCache* session_cache) {
|
@@ -1742,7 +1558,7 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1742
1558
|
if (ssl_result != SSL_ERROR_WANT_READ) {
|
1743
1559
|
gpr_log(GPR_ERROR,
|
1744
1560
|
"Unexpected error received from first SSL_do_handshake call: %s",
|
1745
|
-
|
1561
|
+
grpc_core::SslErrorString(ssl_result));
|
1746
1562
|
SSL_free(ssl);
|
1747
1563
|
BIO_free(network_io);
|
1748
1564
|
return TSI_INTERNAL_ERROR;
|
@@ -1793,7 +1609,7 @@ static int select_protocol_list(const unsigned char** out,
|
|
1793
1609
|
return SSL_TLSEXT_ERR_NOACK;
|
1794
1610
|
}
|
1795
1611
|
|
1796
|
-
|
1612
|
+
// --- tsi_ssl_client_handshaker_factory methods implementation. ---
|
1797
1613
|
|
1798
1614
|
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker(
|
1799
1615
|
tsi_ssl_client_handshaker_factory* factory,
|
@@ -1832,14 +1648,14 @@ static int client_handshaker_factory_npn_callback(
|
|
1832
1648
|
factory->alpn_protocol_list_length, in, inlen);
|
1833
1649
|
}
|
1834
1650
|
|
1835
|
-
|
1651
|
+
// --- tsi_ssl_server_handshaker_factory methods implementation. ---
|
1836
1652
|
|
1837
1653
|
tsi_result tsi_ssl_server_handshaker_factory_create_handshaker(
|
1838
1654
|
tsi_ssl_server_handshaker_factory* factory, size_t network_bio_buf_size,
|
1839
1655
|
size_t ssl_bio_buf_size, tsi_handshaker** handshaker) {
|
1840
1656
|
if (factory->ssl_context_count == 0) return TSI_INVALID_ARGUMENT;
|
1841
|
-
|
1842
|
-
|
1657
|
+
// Create the handshaker with the first context. We will switch if needed
|
1658
|
+
// because of SNI in ssl_server_handshaker_factory_servername_callback.
|
1843
1659
|
return create_tsi_ssl_handshaker(factory->ssl_contexts[0], 0, nullptr,
|
1844
1660
|
network_bio_buf_size, ssl_bio_buf_size,
|
1845
1661
|
&factory->base, handshaker);
|
@@ -1876,7 +1692,7 @@ static int does_entry_match_name(absl::string_view entry,
|
|
1876
1692
|
absl::string_view name) {
|
1877
1693
|
if (entry.empty()) return 0;
|
1878
1694
|
|
1879
|
-
|
1695
|
+
// Take care of '.' terminations.
|
1880
1696
|
if (name.back() == '.') {
|
1881
1697
|
name.remove_suffix(1);
|
1882
1698
|
}
|
@@ -1886,12 +1702,12 @@ static int does_entry_match_name(absl::string_view entry,
|
|
1886
1702
|
}
|
1887
1703
|
|
1888
1704
|
if (absl::EqualsIgnoreCase(name, entry)) {
|
1889
|
-
return 1;
|
1705
|
+
return 1; // Perfect match.
|
1890
1706
|
}
|
1891
1707
|
if (entry.front() != '*') return 0;
|
1892
1708
|
|
1893
|
-
|
1894
|
-
if (entry.size() < 3 || entry[1] != '.') {
|
1709
|
+
// Wildchar subdomain matching.
|
1710
|
+
if (entry.size() < 3 || entry[1] != '.') { // At least *.x
|
1895
1711
|
gpr_log(GPR_ERROR, "Invalid wildchar entry.");
|
1896
1712
|
return 0;
|
1897
1713
|
}
|
@@ -1899,8 +1715,8 @@ static int does_entry_match_name(absl::string_view entry,
|
|
1899
1715
|
if (name_subdomain_pos == absl::string_view::npos) return 0;
|
1900
1716
|
if (name_subdomain_pos >= name.size() - 2) return 0;
|
1901
1717
|
absl::string_view name_subdomain =
|
1902
|
-
name.substr(name_subdomain_pos + 1);
|
1903
|
-
entry.remove_prefix(2);
|
1718
|
+
name.substr(name_subdomain_pos + 1); // Starts after the dot.
|
1719
|
+
entry.remove_prefix(2); // Remove *.
|
1904
1720
|
size_t dot = name_subdomain.find('.');
|
1905
1721
|
if (dot == absl::string_view::npos || dot == name_subdomain.size() - 1) {
|
1906
1722
|
gpr_log(GPR_ERROR, "Invalid toplevel subdomain: %s",
|
@@ -1945,7 +1761,7 @@ static int server_handshaker_factory_alpn_callback(
|
|
1945
1761
|
factory->alpn_protocol_list,
|
1946
1762
|
factory->alpn_protocol_list_length);
|
1947
1763
|
}
|
1948
|
-
#endif
|
1764
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
1949
1765
|
|
1950
1766
|
static int server_handshaker_factory_npn_advertised_callback(
|
1951
1767
|
SSL* /*ssl*/, const unsigned char** out, unsigned int* outlen, void* arg) {
|
@@ -2008,7 +1824,7 @@ static int verify_cb(int ok, X509_STORE_CTX* ctx) {
|
|
2008
1824
|
return ok;
|
2009
1825
|
}
|
2010
1826
|
|
2011
|
-
|
1827
|
+
// --- tsi_ssl_handshaker_factory constructors. ---
|
2012
1828
|
|
2013
1829
|
static tsi_ssl_handshaker_factory_vtable client_handshaker_factory_vtable = {
|
2014
1830
|
tsi_ssl_client_handshaker_factory_destroy};
|
@@ -2049,7 +1865,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2049
1865
|
ssl_context = SSL_CTX_new(TLSv1_2_method());
|
2050
1866
|
#endif
|
2051
1867
|
if (ssl_context == nullptr) {
|
2052
|
-
|
1868
|
+
grpc_core::LogSslErrorStack();
|
2053
1869
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
2054
1870
|
return TSI_INVALID_ARGUMENT;
|
2055
1871
|
}
|
@@ -2129,7 +1945,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2129
1945
|
result = TSI_INVALID_ARGUMENT;
|
2130
1946
|
break;
|
2131
1947
|
}
|
2132
|
-
#endif
|
1948
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
2133
1949
|
SSL_CTX_set_next_proto_select_cb(
|
2134
1950
|
ssl_context, client_handshaker_factory_npn_callback, impl);
|
2135
1951
|
}
|
@@ -2254,7 +2070,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2254
2070
|
impl->ssl_contexts[i] = SSL_CTX_new(TLSv1_2_method());
|
2255
2071
|
#endif
|
2256
2072
|
if (impl->ssl_contexts[i] == nullptr) {
|
2257
|
-
|
2073
|
+
grpc_core::LogSslErrorStack();
|
2258
2074
|
gpr_log(GPR_ERROR, "Could not create ssl context.");
|
2259
2075
|
result = TSI_OUT_OF_RESOURCES;
|
2260
2076
|
break;
|
@@ -2357,13 +2173,13 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2357
2173
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
2358
2174
|
SSL_CTX_set_alpn_select_cb(impl->ssl_contexts[i],
|
2359
2175
|
server_handshaker_factory_alpn_callback, impl);
|
2360
|
-
#endif
|
2176
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
2361
2177
|
SSL_CTX_set_next_protos_advertised_cb(
|
2362
2178
|
impl->ssl_contexts[i],
|
2363
2179
|
server_handshaker_factory_npn_advertised_callback, impl);
|
2364
2180
|
|
2365
2181
|
#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(LIBRESSL_VERSION_NUMBER)
|
2366
|
-
|
2182
|
+
// Register factory at index
|
2367
2183
|
if (options->key_logger != nullptr) {
|
2368
2184
|
// Need to set factory at g_ssl_ctx_ex_factory_index
|
2369
2185
|
SSL_CTX_set_ex_data(impl->ssl_contexts[i], g_ssl_ctx_ex_factory_index,
|
@@ -2387,7 +2203,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2387
2203
|
return TSI_OK;
|
2388
2204
|
}
|
2389
2205
|
|
2390
|
-
|
2206
|
+
// --- tsi_ssl utils. ---
|
2391
2207
|
|
2392
2208
|
int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
2393
2209
|
size_t i = 0;
|
@@ -2395,7 +2211,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2395
2211
|
const tsi_peer_property* cn_property = nullptr;
|
2396
2212
|
int like_ip = looks_like_ip_address(name);
|
2397
2213
|
|
2398
|
-
|
2214
|
+
// Check the SAN first.
|
2399
2215
|
for (i = 0; i < peer->property_count; i++) {
|
2400
2216
|
const tsi_peer_property* property = &peer->properties[i];
|
2401
2217
|
if (property->name == nullptr) continue;
|
@@ -2407,7 +2223,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2407
2223
|
if (!like_ip && does_entry_match_name(entry, name)) {
|
2408
2224
|
return 1;
|
2409
2225
|
} else if (like_ip && name == entry) {
|
2410
|
-
|
2226
|
+
// IP Addresses are exact matches only.
|
2411
2227
|
return 1;
|
2412
2228
|
}
|
2413
2229
|
} else if (strcmp(property->name,
|
@@ -2416,7 +2232,7 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2416
2232
|
}
|
2417
2233
|
}
|
2418
2234
|
|
2419
|
-
|
2235
|
+
// If there's no SAN, try the CN, but only if its not like an IP Address
|
2420
2236
|
if (san_count == 0 && cn_property != nullptr && !like_ip) {
|
2421
2237
|
if (does_entry_match_name(absl::string_view(cn_property->value.data,
|
2422
2238
|
cn_property->value.length),
|
@@ -2425,10 +2241,10 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2425
2241
|
}
|
2426
2242
|
}
|
2427
2243
|
|
2428
|
-
return 0;
|
2244
|
+
return 0; // Not found.
|
2429
2245
|
}
|
2430
2246
|
|
2431
|
-
|
2247
|
+
// --- Testing support. ---
|
2432
2248
|
const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable(
|
2433
2249
|
tsi_ssl_handshaker_factory* factory,
|
2434
2250
|
tsi_ssl_handshaker_factory_vtable* new_vtable) {
|