grpc 1.53.2 → 1.54.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +78 -66
- data/include/grpc/event_engine/event_engine.h +30 -14
- data/include/grpc/grpc_security.h +4 -0
- data/include/grpc/support/port_platform.h +4 -4
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +11 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +6 -0
- data/src/core/ext/filters/client_channel/backup_poller.cc +2 -11
- data/src/core/ext/filters/client_channel/backup_poller.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel.cc +848 -813
- data/src/core/ext/filters/client_channel/client_channel.h +131 -173
- data/src/core/ext/filters/client_channel/client_channel_internal.h +114 -0
- data/src/core/ext/filters/client_channel/config_selector.h +4 -3
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +6 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +17 -18
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +134 -151
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +2 -16
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +14 -10
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +68 -30
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +11 -3
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +2 -5
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +30 -38
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +20 -26
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +31 -179
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.cc +1 -2
- data/src/core/ext/filters/client_channel/resolver/polling_resolver.h +1 -2
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +4 -2
- data/src/core/ext/filters/client_channel/retry_filter.cc +95 -102
- data/src/core/ext/filters/client_channel/subchannel.cc +2 -4
- data/src/core/ext/filters/client_channel/subchannel_stream_client.cc +26 -27
- data/src/core/ext/filters/client_channel/subchannel_stream_client.h +8 -5
- data/src/core/ext/filters/http/client/http_client_filter.cc +3 -3
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -12
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -11
- data/src/core/ext/filters/message_size/message_size_filter.cc +141 -224
- data/src/core/ext/filters/message_size/message_size_filter.h +48 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +7 -6
- data/src/core/ext/gcp/metadata_query.cc +142 -0
- data/src/core/ext/gcp/metadata_query.h +82 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +70 -55
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -5
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +116 -58
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +5 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.h +2 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +4 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +222 -118
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +113 -295
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +0 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +277 -451
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +1 -9
- data/src/core/ext/transport/chttp2/transport/internal.h +16 -3
- data/src/core/ext/transport/chttp2/transport/parsing.cc +3 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +10 -5
- data/src/core/ext/transport/inproc/inproc_transport.cc +20 -14
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +23 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +94 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -2
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +120 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.c +6 -3
- data/src/core/ext/upb-generated/envoy/config/listener/v3/quic_config.upb.h +22 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +24 -6
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +111 -12
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +9 -7
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +27 -9
- data/src/core/ext/upb-generated/envoy/config/trace/v3/opentelemetry.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +11 -7
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +56 -12
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.c +5 -3
- data/src/core/ext/upb-generated/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +24 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.c +13 -2
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/http_inputs.upb.h +49 -0
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +24 -9
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +66 -12
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +191 -187
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +139 -136
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +31 -15
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +15 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/quic_config.upbdefs.c +54 -45
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.c +135 -119
- data/src/core/ext/upbdefs-generated/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +100 -97
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/opentelemetry.upbdefs.c +15 -18
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +272 -264
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +117 -117
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +5 -5
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -0
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +1 -2
- data/src/core/ext/xds/xds_client_stats.cc +29 -15
- data/src/core/ext/xds/xds_client_stats.h +24 -20
- data/src/core/ext/xds/xds_endpoint.cc +5 -2
- data/src/core/ext/xds/xds_endpoint.h +9 -1
- data/src/core/ext/xds/xds_http_rbac_filter.cc +1 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +13 -0
- data/src/core/ext/xds/xds_transport_grpc.cc +1 -1
- data/src/core/lib/channel/call_finalization.h +1 -1
- data/src/core/lib/channel/call_tracer.cc +51 -0
- data/src/core/lib/channel/call_tracer.h +101 -38
- data/src/core/lib/channel/connected_channel.cc +483 -1050
- data/src/core/lib/channel/context.h +8 -1
- data/src/core/lib/channel/promise_based_filter.cc +106 -42
- data/src/core/lib/channel/promise_based_filter.h +27 -13
- data/src/core/lib/channel/server_call_tracer_filter.cc +110 -0
- data/src/core/lib/config/config_vars.cc +151 -0
- data/src/core/lib/config/config_vars.h +127 -0
- data/src/core/lib/config/config_vars_non_generated.cc +51 -0
- data/src/core/lib/config/load_config.cc +66 -0
- data/src/core/lib/config/load_config.h +49 -0
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace.h +0 -5
- data/src/core/lib/event_engine/event_engine.cc +37 -2
- data/src/core/lib/event_engine/handle_containers.h +7 -22
- data/src/core/lib/event_engine/memory_allocator_factory.h +47 -0
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +0 -4
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +3 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +48 -15
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +8 -8
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +6 -5
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +0 -1
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +6 -32
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +0 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +27 -18
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +0 -3
- data/src/core/lib/event_engine/resolved_address.cc +2 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +0 -1
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +129 -82
- data/src/core/lib/event_engine/windows/windows_endpoint.h +21 -5
- data/src/core/lib/event_engine/windows/windows_engine.cc +39 -18
- data/src/core/lib/event_engine/windows/windows_engine.h +2 -1
- data/src/core/lib/event_engine/windows/windows_listener.cc +370 -0
- data/src/core/lib/event_engine/windows/windows_listener.h +155 -0
- data/src/core/lib/experiments/config.cc +3 -10
- data/src/core/lib/experiments/experiments.cc +7 -0
- data/src/core/lib/experiments/experiments.h +9 -1
- data/src/core/lib/gpr/log.cc +15 -28
- data/src/core/lib/gprpp/fork.cc +8 -14
- data/src/core/lib/gprpp/orphanable.h +4 -3
- data/src/core/lib/gprpp/per_cpu.h +9 -3
- data/src/core/lib/gprpp/{thd_posix.cc → posix/thd.cc} +49 -37
- data/src/core/lib/gprpp/ref_counted.h +33 -34
- data/src/core/lib/gprpp/thd.h +16 -0
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/gprpp/time.h +4 -4
- data/src/core/lib/gprpp/{thd_windows.cc → windows/thd.cc} +2 -2
- data/src/core/lib/iomgr/call_combiner.h +2 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +4 -2
- data/src/core/lib/iomgr/ev_posix.cc +13 -53
- data/src/core/lib/iomgr/ev_posix.h +0 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +103 -76
- data/src/core/lib/iomgr/iomgr.cc +4 -8
- data/src/core/lib/iomgr/iomgr_windows.cc +8 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +9 -9
- data/src/core/lib/iomgr/pollset_windows.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +16 -3
- data/src/core/lib/iomgr/tcp_client_windows.cc +2 -2
- data/src/core/lib/iomgr/tcp_posix.cc +0 -1
- data/src/core/lib/iomgr/tcp_server_posix.cc +19 -55
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -12
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
- data/src/core/lib/iomgr/tcp_server_windows.cc +176 -9
- data/src/core/lib/iomgr/tcp_windows.cc +12 -8
- data/src/core/lib/load_balancing/lb_policy.cc +9 -13
- data/src/core/lib/load_balancing/lb_policy.h +4 -2
- data/src/core/lib/promise/activity.cc +22 -6
- data/src/core/lib/promise/activity.h +61 -24
- data/src/core/lib/promise/cancel_callback.h +77 -0
- data/src/core/lib/promise/detail/basic_seq.h +1 -1
- data/src/core/lib/promise/detail/promise_factory.h +4 -0
- data/src/core/lib/promise/for_each.h +176 -0
- data/src/core/lib/promise/if.h +9 -0
- data/src/core/lib/promise/interceptor_list.h +23 -2
- data/src/core/lib/promise/latch.h +89 -3
- data/src/core/lib/promise/loop.h +13 -9
- data/src/core/lib/promise/map.h +7 -0
- data/src/core/lib/promise/party.cc +286 -0
- data/src/core/lib/promise/party.h +499 -0
- data/src/core/lib/promise/pipe.h +197 -57
- data/src/core/lib/promise/poll.h +48 -0
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/resource_quota/arena.cc +19 -3
- data/src/core/lib/resource_quota/arena.h +119 -5
- data/src/core/lib/resource_quota/memory_quota.cc +1 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +12 -35
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -59
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +10 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +13 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +2 -0
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -9
- data/src/core/lib/security/security_connector/ssl_utils.cc +11 -25
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +12 -0
- data/src/core/lib/security/transport/secure_endpoint.cc +4 -2
- data/src/core/lib/security/transport/server_auth_filter.cc +20 -2
- data/src/core/lib/slice/slice.cc +1 -1
- data/src/core/lib/surface/builtins.cc +2 -0
- data/src/core/lib/surface/call.cc +926 -1024
- data/src/core/lib/surface/call.h +10 -0
- data/src/core/lib/surface/lame_client.cc +1 -0
- data/src/core/lib/surface/validate_metadata.cc +42 -43
- data/src/core/lib/surface/validate_metadata.h +0 -9
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +179 -0
- data/src/core/lib/transport/batch_builder.h +468 -0
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +10 -6
- data/src/core/lib/transport/custom_metadata.h +30 -0
- data/src/core/lib/transport/metadata_batch.cc +5 -2
- data/src/core/lib/transport/metadata_batch.h +17 -113
- data/src/core/lib/transport/parsed_metadata.h +6 -16
- data/src/core/lib/transport/timeout_encoding.cc +6 -1
- data/src/core/lib/transport/transport.cc +30 -2
- data/src/core/lib/transport/transport.h +70 -14
- data/src/core/lib/transport/transport_impl.h +7 -0
- data/src/core/lib/transport/transport_op_string.cc +52 -42
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +21 -4
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +5 -0
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +1 -1
- data/src/core/tsi/ssl_transport_security.cc +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/base/config.h +1 -1
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +34 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +200 -0
- data/third_party/abseil-cpp/absl/flags/config.h +68 -0
- data/third_party/abseil-cpp/absl/flags/declare.h +73 -0
- data/third_party/abseil-cpp/absl/flags/flag.cc +38 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +310 -0
- data/{src/core/lib/gprpp/global_config_custom.h → third_party/abseil-cpp/absl/flags/internal/commandlineflag.cc} +11 -14
- data/third_party/abseil-cpp/absl/flags/internal/commandlineflag.h +68 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +615 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +800 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag_msvc.inc +116 -0
- data/third_party/abseil-cpp/absl/flags/internal/path_util.h +62 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +65 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +61 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +60 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.h +50 -0
- data/third_party/abseil-cpp/absl/flags/internal/registry.h +97 -0
- data/third_party/abseil-cpp/absl/flags/internal/sequence_lock.h +187 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.cc +241 -0
- data/third_party/abseil-cpp/absl/flags/marshalling.h +356 -0
- data/third_party/abseil-cpp/absl/flags/reflection.cc +354 -0
- data/third_party/abseil-cpp/absl/flags/reflection.h +90 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +165 -0
- data/third_party/abseil-cpp/absl/flags/usage_config.h +135 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +12 -8
- data/third_party/boringssl-with-bazel/err_data.c +728 -712
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +177 -177
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +28 -55
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +21 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +20 -23
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +66 -185
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +356 -311
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +174 -194
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +146 -210
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +6 -9
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +346 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +110 -131
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +130 -116
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +93 -60
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +93 -181
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +242 -305
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +41 -18
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +30 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +36 -33
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +133 -88
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +791 -791
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +526 -526
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +114 -135
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +201 -207
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +21 -26
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +55 -68
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +15 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +9 -5
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +10 -23
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +2 -6
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +29 -28
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +161 -201
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +254 -39
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +37 -75
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +8 -10
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/cipher → cipher_extra}/e_des.c +100 -78
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +6 -12
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +14 -11
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_freebsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-fuchsia.c → cpu_aarch64_fuchsia.c} +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-linux.c → cpu_aarch64_linux.c} +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-aarch64-win.c → cpu_aarch64_win.c} +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm.c → cpu_arm.c} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.c → cpu_arm_linux.c} +11 -90
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-arm-linux.h → cpu_arm_linux.h} +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/{cpu-intel.c → cpu_intel.c} +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +25 -20
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +16 -27
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +17 -32
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/des.c +232 -232
- data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/des → des}/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +232 -29
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +39 -16
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +37 -7
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +11 -36
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +214 -99
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +21 -5
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +83 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +46 -12
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +25 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +43 -9
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +75 -44
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +19 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +96 -45
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +7 -8
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +26 -23
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +233 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +42 -25
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +35 -47
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +135 -244
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +29 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +13 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +9 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +35 -27
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +16 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +88 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +4 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +99 -113
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +112 -168
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +86 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +11 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +4 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +13 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +13 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +19 -108
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +15 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +22 -21
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +79 -19
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +102 -99
- data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → fipsmodule/cipher}/e_aesccm.c +52 -46
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +39 -0
- data/third_party/boringssl-with-bazel/src/crypto/{cmac → fipsmodule/cmac}/cmac.c +55 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +21 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/{evp → fipsmodule/digestsign}/digestsign.c +51 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +91 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +34 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +54 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +44 -60
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64-table.h → p256-nistz-table.h} +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.c → p256-nistz.c} +60 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-x86_64.h → p256-nistz.h} +5 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +48 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +2 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +42 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +6 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +52 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +9 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +2 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +71 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +14 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +31 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +9 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +73 -59
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +63 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +107 -62
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +58 -31
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +523 -422
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +334 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +3 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +12 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +14 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +19 -6
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +32 -14
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +65 -29
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +373 -18
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/keccak.c +205 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +220 -13
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +19 -7
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +13 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +81 -90
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +150 -245
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +629 -613
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +17 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +142 -149
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +99 -131
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -66
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +31 -38
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +18 -31
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +8 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +129 -5
- data/third_party/boringssl-with-bazel/src/crypto/refcount_c11.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/refcount_lock.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +8 -11
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +61 -27
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +66 -34
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +190 -77
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +81 -284
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +109 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +22 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +54 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +32 -34
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +32 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +465 -704
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +284 -331
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +183 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +67 -50
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +153 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +786 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +95 -102
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +72 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +12 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +227 -252
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +52 -47
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +230 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +161 -327
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +37 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +14 -31
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +55 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +534 -618
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +129 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +116 -182
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +132 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +181 -202
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +64 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +175 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1865 -2050
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +433 -462
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +156 -163
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +267 -263
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +40 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +59 -63
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +114 -144
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +25 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +326 -415
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +8 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_info.c +30 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +354 -370
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +37 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +116 -119
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +36 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +10 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +419 -261
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +113 -105
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +11 -15
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +78 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +126 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akeya.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +465 -469
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bcons.c +56 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +46 -49
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +309 -346
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +341 -365
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_crld.c +429 -393
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +29 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_extku.c +65 -59
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +125 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +43 -42
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +122 -125
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_int.c +50 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +247 -253
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ncons.c +386 -389
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ocsp.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcons.c +57 -54
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pmaps.c +63 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +143 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +664 -707
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +83 -75
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1062 -1146
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +28 -48
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +211 -187
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +26 -78
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +21 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +49 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +99 -29
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +49 -60
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +2 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +16 -200
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +34 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +32 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +48 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +37 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +33 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +22 -30
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +7 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +41 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +91 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +74 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +11 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +12 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +7 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +96 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +13 -21
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +139 -75
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +1 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +384 -286
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +5 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +41 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +18 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +49 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +0 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1592 -1074
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +202 -205
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +6 -13
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +17 -18
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +4 -5
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +34 -20
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +65 -34
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +198 -54
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +32 -28
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +76 -44
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +130 -98
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +27 -11
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +91 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +8 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +39 -65
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +1 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +5 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +30 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +77 -100
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +120 -107
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +164 -30
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +150 -60
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +22 -11
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +22 -6
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +15 -13
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +5 -43
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +22 -34
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +16 -98
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +1241 -657
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +751 -398
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +3551 -1938
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +1272 -487
- metadata +103 -70
- data/src/core/ext/filters/client_channel/lb_call_state_internal.h +0 -39
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.cc +0 -30
- data/src/core/ext/filters/client_channel/resolver/dns/dns_resolver_selection.h +0 -29
- data/src/core/lib/gprpp/global_config.h +0 -93
- data/src/core/lib/gprpp/global_config_env.cc +0 -140
- data/src/core/lib/gprpp/global_config_env.h +0 -133
- data/src/core/lib/gprpp/global_config_generic.h +0 -40
- data/src/core/lib/promise/intra_activity_waiter.h +0 -55
- data/src/core/lib/security/security_connector/ssl_utils_config.cc +0 -32
- data/src/core/lib/security/security_connector/ssl_utils_config.h +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +0 -195
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_print.c +0 -83
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utf8.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/asn1/charmap.h +0 -15
- data/third_party/boringssl-with-bazel/src/crypto/asn1/time_support.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/cpu-ppc64le.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1-altivec.c +0 -361
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_cache.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +0 -132
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_lib.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_map.c +0 -131
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_node.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_tree.c +0 -843
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pci.c +0 -289
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pcia.c +0 -57
- /data/src/core/lib/gpr/{log_android.cc → android/log.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_iphone.cc → iphone/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_linux.cc → linux/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_linux.cc → linux/log.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_msys.cc → msys/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_posix.cc → posix/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_posix.cc → posix/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_posix.cc → posix/string.cc} +0 -0
- /data/src/core/lib/gpr/{sync_posix.cc → posix/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_posix.cc → posix/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_posix.cc → posix/tmpfile.cc} +0 -0
- /data/src/core/lib/gpr/{cpu_windows.cc → windows/cpu.cc} +0 -0
- /data/src/core/lib/gpr/{log_windows.cc → windows/log.cc} +0 -0
- /data/src/core/lib/gpr/{string_windows.cc → windows/string.cc} +0 -0
- /data/src/core/lib/gpr/{string_util_windows.cc → windows/string_util.cc} +0 -0
- /data/src/core/lib/gpr/{sync_windows.cc → windows/sync.cc} +0 -0
- /data/src/core/lib/gpr/{time_windows.cc → windows/time.cc} +0 -0
- /data/src/core/lib/gpr/{tmpfile_windows.cc → windows/tmpfile.cc} +0 -0
- /data/src/core/lib/gprpp/{env_linux.cc → linux/env.cc} +0 -0
- /data/src/core/lib/gprpp/{env_posix.cc → posix/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_posix.cc → posix/stat.cc} +0 -0
- /data/src/core/lib/gprpp/{env_windows.cc → windows/env.cc} +0 -0
- /data/src/core/lib/gprpp/{stat_windows.cc → windows/stat.cc} +0 -0
|
@@ -38,6 +38,7 @@
|
|
|
38
38
|
#include "absl/types/span.h"
|
|
39
39
|
#include "absl/types/variant.h"
|
|
40
40
|
|
|
41
|
+
#include <grpc/status.h>
|
|
41
42
|
#include <grpc/support/log.h>
|
|
42
43
|
|
|
43
44
|
#include "src/core/ext/transport/chttp2/transport/decode_huff.h"
|
|
@@ -45,11 +46,9 @@
|
|
|
45
46
|
#include "src/core/lib/debug/stats.h"
|
|
46
47
|
#include "src/core/lib/debug/stats_data.h"
|
|
47
48
|
#include "src/core/lib/debug/trace.h"
|
|
48
|
-
#include "src/core/lib/gprpp/crash.h"
|
|
49
49
|
#include "src/core/lib/gprpp/status_helper.h"
|
|
50
50
|
#include "src/core/lib/slice/slice.h"
|
|
51
51
|
#include "src/core/lib/slice/slice_refcount.h"
|
|
52
|
-
#include "src/core/lib/surface/validate_metadata.h"
|
|
53
52
|
#include "src/core/lib/transport/parsed_metadata.h"
|
|
54
53
|
|
|
55
54
|
// IWYU pragma: no_include <type_traits>
|
|
@@ -81,40 +80,6 @@ struct Base64InverseTable {
|
|
|
81
80
|
};
|
|
82
81
|
|
|
83
82
|
constexpr Base64InverseTable kBase64InverseTable;
|
|
84
|
-
|
|
85
|
-
absl::Status EnsureStreamError(absl::Status error) {
|
|
86
|
-
if (error.ok()) return error;
|
|
87
|
-
return grpc_error_set_int(std::move(error), StatusIntProperty::kStreamId, 0);
|
|
88
|
-
}
|
|
89
|
-
|
|
90
|
-
bool IsStreamError(const absl::Status& status) {
|
|
91
|
-
intptr_t stream_id;
|
|
92
|
-
return grpc_error_get_int(status, StatusIntProperty::kStreamId, &stream_id);
|
|
93
|
-
}
|
|
94
|
-
|
|
95
|
-
class MetadataSizeLimitExceededEncoder {
|
|
96
|
-
public:
|
|
97
|
-
explicit MetadataSizeLimitExceededEncoder(std::string& summary)
|
|
98
|
-
: summary_(summary) {}
|
|
99
|
-
|
|
100
|
-
void Encode(const Slice& key, const Slice& value) {
|
|
101
|
-
AddToSummary(key.as_string_view(), value.size());
|
|
102
|
-
}
|
|
103
|
-
|
|
104
|
-
template <typename Key, typename Value>
|
|
105
|
-
void Encode(Key, const Value& value) {
|
|
106
|
-
AddToSummary(Key::key(), EncodedSizeOfKey(Key(), value));
|
|
107
|
-
}
|
|
108
|
-
|
|
109
|
-
private:
|
|
110
|
-
void AddToSummary(absl::string_view key,
|
|
111
|
-
size_t value_length) GPR_ATTRIBUTE_NOINLINE {
|
|
112
|
-
absl::StrAppend(&summary_, " ", key, ":",
|
|
113
|
-
hpack_constants::SizeForEntry(key.size(), value_length),
|
|
114
|
-
"B");
|
|
115
|
-
}
|
|
116
|
-
std::string& summary_;
|
|
117
|
-
};
|
|
118
83
|
} // namespace
|
|
119
84
|
|
|
120
85
|
// Input tracks the current byte through the input data and provides it
|
|
@@ -156,8 +121,7 @@ class HPackParser::Input {
|
|
|
156
121
|
// of stream
|
|
157
122
|
absl::optional<uint8_t> Next() {
|
|
158
123
|
if (end_of_stream()) {
|
|
159
|
-
UnexpectedEOF();
|
|
160
|
-
return absl::optional<uint8_t>();
|
|
124
|
+
return UnexpectedEOF(absl::optional<uint8_t>());
|
|
161
125
|
}
|
|
162
126
|
return *begin_++;
|
|
163
127
|
}
|
|
@@ -223,10 +187,7 @@ class HPackParser::Input {
|
|
|
223
187
|
// Parse a string prefix
|
|
224
188
|
absl::optional<StringPrefix> ParseStringPrefix() {
|
|
225
189
|
auto cur = Next();
|
|
226
|
-
if (!cur.has_value()) {
|
|
227
|
-
GPR_DEBUG_ASSERT(eof_error());
|
|
228
|
-
return {};
|
|
229
|
-
}
|
|
190
|
+
if (!cur.has_value()) return {};
|
|
230
191
|
// Huffman if the top bit is 1
|
|
231
192
|
const bool huff = (*cur & 0x80) != 0;
|
|
232
193
|
// String length
|
|
@@ -234,19 +195,14 @@ class HPackParser::Input {
|
|
|
234
195
|
if (strlen == 0x7f) {
|
|
235
196
|
// all ones ==> varint string length
|
|
236
197
|
auto v = ParseVarint(0x7f);
|
|
237
|
-
if (!v.has_value()) {
|
|
238
|
-
GPR_DEBUG_ASSERT(eof_error());
|
|
239
|
-
return {};
|
|
240
|
-
}
|
|
198
|
+
if (!v.has_value()) return {};
|
|
241
199
|
strlen = *v;
|
|
242
200
|
}
|
|
243
201
|
return StringPrefix{strlen, huff};
|
|
244
202
|
}
|
|
245
203
|
|
|
246
204
|
// Check if we saw an EOF.. must be verified before looking at TakeError
|
|
247
|
-
bool eof_error() const {
|
|
248
|
-
return eof_error_ || (!error_.ok() && !IsStreamError(error_));
|
|
249
|
-
}
|
|
205
|
+
bool eof_error() const { return eof_error_; }
|
|
250
206
|
|
|
251
207
|
// Extract the parse error, leaving the current error as NONE.
|
|
252
208
|
grpc_error_handle TakeError() {
|
|
@@ -255,33 +211,34 @@ class HPackParser::Input {
|
|
|
255
211
|
return out;
|
|
256
212
|
}
|
|
257
213
|
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
GPR_ASSERT(!error.ok());
|
|
267
|
-
// StreamId is used as a signal to skip this stream but keep the connection
|
|
268
|
-
// alive
|
|
269
|
-
SetError(EnsureStreamError(std::move(error)));
|
|
214
|
+
// Set the current error - allows the rest of the code not to need to pass
|
|
215
|
+
// around StatusOr<> which would be prohibitive here.
|
|
216
|
+
GPR_ATTRIBUTE_NOINLINE void SetError(grpc_error_handle error) {
|
|
217
|
+
if (!error_.ok() || eof_error_) {
|
|
218
|
+
return;
|
|
219
|
+
}
|
|
220
|
+
error_ = error;
|
|
221
|
+
begin_ = end_;
|
|
270
222
|
}
|
|
271
223
|
|
|
272
|
-
//
|
|
273
|
-
//
|
|
274
|
-
|
|
275
|
-
GPR_ATTRIBUTE_NOINLINE
|
|
276
|
-
|
|
277
|
-
|
|
224
|
+
// If no error is set, set it to the value produced by error_factory.
|
|
225
|
+
// Return return_value unchanged.
|
|
226
|
+
template <typename F, typename T>
|
|
227
|
+
GPR_ATTRIBUTE_NOINLINE T MaybeSetErrorAndReturn(F error_factory,
|
|
228
|
+
T return_value) {
|
|
229
|
+
if (!error_.ok() || eof_error_) return return_value;
|
|
230
|
+
error_ = error_factory();
|
|
278
231
|
begin_ = end_;
|
|
232
|
+
return return_value;
|
|
279
233
|
}
|
|
280
234
|
|
|
281
|
-
// Set the error to an unexpected eof
|
|
282
|
-
|
|
283
|
-
|
|
235
|
+
// Set the error to an unexpected eof, and return result (code golfed as this
|
|
236
|
+
// is a common case)
|
|
237
|
+
template <typename T>
|
|
238
|
+
T UnexpectedEOF(T return_value) {
|
|
239
|
+
if (!error_.ok()) return return_value;
|
|
284
240
|
eof_error_ = true;
|
|
241
|
+
return return_value;
|
|
285
242
|
}
|
|
286
243
|
|
|
287
244
|
// Update the frontier - signifies we've successfully parsed another element
|
|
@@ -294,24 +251,14 @@ class HPackParser::Input {
|
|
|
294
251
|
// Helper to set the error to out of range for ParseVarint
|
|
295
252
|
absl::optional<uint32_t> ParseVarintOutOfRange(uint32_t value,
|
|
296
253
|
uint8_t last_byte) {
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
// Do not use this directly, instead use SetErrorAndContinueParsing or
|
|
306
|
-
// SetErrorAndStopParsing.
|
|
307
|
-
void SetError(grpc_error_handle error) {
|
|
308
|
-
if (!error_.ok() || eof_error_) {
|
|
309
|
-
if (!IsStreamError(error) && IsStreamError(error_)) {
|
|
310
|
-
error_ = std::move(error); // connection errors dominate
|
|
311
|
-
}
|
|
312
|
-
return;
|
|
313
|
-
}
|
|
314
|
-
error_ = std::move(error);
|
|
254
|
+
return MaybeSetErrorAndReturn(
|
|
255
|
+
[value, last_byte] {
|
|
256
|
+
return GRPC_ERROR_CREATE(absl::StrFormat(
|
|
257
|
+
"integer overflow in hpack integer decoding: have 0x%08x, "
|
|
258
|
+
"got byte 0x%02x on byte 5",
|
|
259
|
+
value, last_byte));
|
|
260
|
+
},
|
|
261
|
+
absl::optional<uint32_t>());
|
|
315
262
|
}
|
|
316
263
|
|
|
317
264
|
// Refcount if we are backed by a slice
|
|
@@ -332,21 +279,6 @@ class HPackParser::Input {
|
|
|
332
279
|
// management characteristics
|
|
333
280
|
class HPackParser::String {
|
|
334
281
|
public:
|
|
335
|
-
// ParseResult carries both a ParseStatus and the parsed string
|
|
336
|
-
struct ParseResult;
|
|
337
|
-
// Result of parsing a string
|
|
338
|
-
enum class ParseStatus {
|
|
339
|
-
// Parsed OK
|
|
340
|
-
kOk,
|
|
341
|
-
// Parse reached end of the current frame
|
|
342
|
-
kEof,
|
|
343
|
-
// Parse failed due to a huffman decode error
|
|
344
|
-
kParseHuffFailed,
|
|
345
|
-
// Parse failed due to a base64 decode error
|
|
346
|
-
kUnbase64Failed,
|
|
347
|
-
};
|
|
348
|
-
|
|
349
|
-
String() : value_(absl::Span<const uint8_t>()) {}
|
|
350
282
|
String(const String&) = delete;
|
|
351
283
|
String& operator=(const String&) = delete;
|
|
352
284
|
String(String&& other) noexcept : value_(std::move(other.value_)) {
|
|
@@ -376,10 +308,72 @@ class HPackParser::String {
|
|
|
376
308
|
}
|
|
377
309
|
|
|
378
310
|
// Parse a non-binary string
|
|
379
|
-
static
|
|
311
|
+
static absl::optional<String> Parse(Input* input) {
|
|
312
|
+
auto pfx = input->ParseStringPrefix();
|
|
313
|
+
if (!pfx.has_value()) return {};
|
|
314
|
+
if (pfx->huff) {
|
|
315
|
+
// Huffman coded
|
|
316
|
+
std::vector<uint8_t> output;
|
|
317
|
+
auto v = ParseHuff(input, pfx->length,
|
|
318
|
+
[&output](uint8_t c) { output.push_back(c); });
|
|
319
|
+
if (!v) return {};
|
|
320
|
+
return String(std::move(output));
|
|
321
|
+
}
|
|
322
|
+
return ParseUncompressed(input, pfx->length);
|
|
323
|
+
}
|
|
380
324
|
|
|
381
325
|
// Parse a binary string
|
|
382
|
-
static
|
|
326
|
+
static absl::optional<String> ParseBinary(Input* input) {
|
|
327
|
+
auto pfx = input->ParseStringPrefix();
|
|
328
|
+
if (!pfx.has_value()) return {};
|
|
329
|
+
if (!pfx->huff) {
|
|
330
|
+
if (pfx->length > 0 && input->peek() == 0) {
|
|
331
|
+
// 'true-binary'
|
|
332
|
+
input->Advance(1);
|
|
333
|
+
return ParseUncompressed(input, pfx->length - 1);
|
|
334
|
+
}
|
|
335
|
+
// Base64 encoded... pull out the string, then unbase64 it
|
|
336
|
+
auto base64 = ParseUncompressed(input, pfx->length);
|
|
337
|
+
if (!base64.has_value()) return {};
|
|
338
|
+
return Unbase64(input, std::move(*base64));
|
|
339
|
+
} else {
|
|
340
|
+
// Huffman encoded...
|
|
341
|
+
std::vector<uint8_t> decompressed;
|
|
342
|
+
// State here says either we don't know if it's base64 or binary, or we do
|
|
343
|
+
// and what is it.
|
|
344
|
+
enum class State { kUnsure, kBinary, kBase64 };
|
|
345
|
+
State state = State::kUnsure;
|
|
346
|
+
auto decompressed_ok =
|
|
347
|
+
ParseHuff(input, pfx->length, [&state, &decompressed](uint8_t c) {
|
|
348
|
+
if (state == State::kUnsure) {
|
|
349
|
+
// First byte... if it's zero it's binary
|
|
350
|
+
if (c == 0) {
|
|
351
|
+
// Save the type, and skip the zero
|
|
352
|
+
state = State::kBinary;
|
|
353
|
+
return;
|
|
354
|
+
} else {
|
|
355
|
+
// Flag base64, store this value
|
|
356
|
+
state = State::kBase64;
|
|
357
|
+
}
|
|
358
|
+
}
|
|
359
|
+
// Non-first byte, or base64 first byte
|
|
360
|
+
decompressed.push_back(c);
|
|
361
|
+
});
|
|
362
|
+
if (!decompressed_ok) return {};
|
|
363
|
+
switch (state) {
|
|
364
|
+
case State::kUnsure:
|
|
365
|
+
// No bytes, empty span
|
|
366
|
+
return String(absl::Span<const uint8_t>());
|
|
367
|
+
case State::kBinary:
|
|
368
|
+
// Binary, we're done
|
|
369
|
+
return String(std::move(decompressed));
|
|
370
|
+
case State::kBase64:
|
|
371
|
+
// Base64 - unpack it
|
|
372
|
+
return Unbase64(input, String(std::move(decompressed)));
|
|
373
|
+
}
|
|
374
|
+
GPR_UNREACHABLE_CODE(abort(););
|
|
375
|
+
}
|
|
376
|
+
}
|
|
383
377
|
|
|
384
378
|
private:
|
|
385
379
|
void AppendBytes(const uint8_t* data, size_t length);
|
|
@@ -391,27 +385,54 @@ class HPackParser::String {
|
|
|
391
385
|
// Parse some huffman encoded bytes, using output(uint8_t b) to emit each
|
|
392
386
|
// decoded byte.
|
|
393
387
|
template <typename Out>
|
|
394
|
-
static
|
|
388
|
+
static bool ParseHuff(Input* input, uint32_t length, Out output) {
|
|
395
389
|
// If there's insufficient bytes remaining, return now.
|
|
396
390
|
if (input->remaining() < length) {
|
|
397
|
-
input->UnexpectedEOF();
|
|
398
|
-
GPR_DEBUG_ASSERT(input->eof_error());
|
|
399
|
-
return ParseStatus::kEof;
|
|
391
|
+
return input->UnexpectedEOF(false);
|
|
400
392
|
}
|
|
401
393
|
// Grab the byte range, and iterate through it.
|
|
402
394
|
const uint8_t* p = input->cur_ptr();
|
|
403
395
|
input->Advance(length);
|
|
404
|
-
return HuffDecoder<Out>(output, p, p + length).Run()
|
|
405
|
-
? ParseStatus::kOk
|
|
406
|
-
: ParseStatus::kParseHuffFailed;
|
|
396
|
+
return HuffDecoder<Out>(output, p, p + length).Run();
|
|
407
397
|
}
|
|
408
398
|
|
|
409
399
|
// Parse some uncompressed string bytes.
|
|
410
|
-
static
|
|
411
|
-
|
|
400
|
+
static absl::optional<String> ParseUncompressed(Input* input,
|
|
401
|
+
uint32_t length) {
|
|
402
|
+
// Check there's enough bytes
|
|
403
|
+
if (input->remaining() < length) {
|
|
404
|
+
return input->UnexpectedEOF(absl::optional<String>());
|
|
405
|
+
}
|
|
406
|
+
auto* refcount = input->slice_refcount();
|
|
407
|
+
auto* p = input->cur_ptr();
|
|
408
|
+
input->Advance(length);
|
|
409
|
+
if (refcount != nullptr) {
|
|
410
|
+
return String(refcount, p, p + length);
|
|
411
|
+
} else {
|
|
412
|
+
return String(absl::Span<const uint8_t>(p, length));
|
|
413
|
+
}
|
|
414
|
+
}
|
|
412
415
|
|
|
413
416
|
// Turn base64 encoded bytes into not base64 encoded bytes.
|
|
414
|
-
|
|
417
|
+
// Only takes input to set an error on failure.
|
|
418
|
+
static absl::optional<String> Unbase64(Input* input, String s) {
|
|
419
|
+
absl::optional<std::vector<uint8_t>> result;
|
|
420
|
+
if (auto* p = absl::get_if<Slice>(&s.value_)) {
|
|
421
|
+
result = Unbase64Loop(p->begin(), p->end());
|
|
422
|
+
}
|
|
423
|
+
if (auto* p = absl::get_if<absl::Span<const uint8_t>>(&s.value_)) {
|
|
424
|
+
result = Unbase64Loop(p->begin(), p->end());
|
|
425
|
+
}
|
|
426
|
+
if (auto* p = absl::get_if<std::vector<uint8_t>>(&s.value_)) {
|
|
427
|
+
result = Unbase64Loop(p->data(), p->data() + p->size());
|
|
428
|
+
}
|
|
429
|
+
if (!result.has_value()) {
|
|
430
|
+
return input->MaybeSetErrorAndReturn(
|
|
431
|
+
[] { return GRPC_ERROR_CREATE("illegal base64 encoding"); },
|
|
432
|
+
absl::optional<String>());
|
|
433
|
+
}
|
|
434
|
+
return String(std::move(*result));
|
|
435
|
+
}
|
|
415
436
|
|
|
416
437
|
// Main loop for Unbase64
|
|
417
438
|
static absl::optional<std::vector<uint8_t>> Unbase64Loop(const uint8_t* cur,
|
|
@@ -498,154 +519,25 @@ class HPackParser::String {
|
|
|
498
519
|
absl::variant<Slice, absl::Span<const uint8_t>, std::vector<uint8_t>> value_;
|
|
499
520
|
};
|
|
500
521
|
|
|
501
|
-
struct HPackParser::String::ParseResult {
|
|
502
|
-
ParseResult() = delete;
|
|
503
|
-
ParseResult(ParseStatus status, size_t wire_size, String value)
|
|
504
|
-
: status(status), wire_size(wire_size), value(std::move(value)) {}
|
|
505
|
-
ParseStatus status;
|
|
506
|
-
size_t wire_size;
|
|
507
|
-
String value;
|
|
508
|
-
};
|
|
509
|
-
|
|
510
|
-
HPackParser::String::ParseResult HPackParser::String::ParseUncompressed(
|
|
511
|
-
Input* input, uint32_t length, uint32_t wire_size) {
|
|
512
|
-
// Check there's enough bytes
|
|
513
|
-
if (input->remaining() < length) {
|
|
514
|
-
input->UnexpectedEOF();
|
|
515
|
-
GPR_DEBUG_ASSERT(input->eof_error());
|
|
516
|
-
return ParseResult{ParseStatus::kEof, wire_size, String{}};
|
|
517
|
-
}
|
|
518
|
-
auto* refcount = input->slice_refcount();
|
|
519
|
-
auto* p = input->cur_ptr();
|
|
520
|
-
input->Advance(length);
|
|
521
|
-
if (refcount != nullptr) {
|
|
522
|
-
return ParseResult{ParseStatus::kOk, wire_size,
|
|
523
|
-
String(refcount, p, p + length)};
|
|
524
|
-
} else {
|
|
525
|
-
return ParseResult{ParseStatus::kOk, wire_size,
|
|
526
|
-
String(absl::Span<const uint8_t>(p, length))};
|
|
527
|
-
}
|
|
528
|
-
}
|
|
529
|
-
|
|
530
|
-
HPackParser::String::ParseResult HPackParser::String::Unbase64(String s) {
|
|
531
|
-
absl::optional<std::vector<uint8_t>> result;
|
|
532
|
-
if (auto* p = absl::get_if<Slice>(&s.value_)) {
|
|
533
|
-
result = Unbase64Loop(p->begin(), p->end());
|
|
534
|
-
}
|
|
535
|
-
if (auto* p = absl::get_if<absl::Span<const uint8_t>>(&s.value_)) {
|
|
536
|
-
result = Unbase64Loop(p->begin(), p->end());
|
|
537
|
-
}
|
|
538
|
-
if (auto* p = absl::get_if<std::vector<uint8_t>>(&s.value_)) {
|
|
539
|
-
result = Unbase64Loop(p->data(), p->data() + p->size());
|
|
540
|
-
}
|
|
541
|
-
if (!result.has_value()) {
|
|
542
|
-
return ParseResult{ParseStatus::kUnbase64Failed, s.string_view().length(),
|
|
543
|
-
String{}};
|
|
544
|
-
}
|
|
545
|
-
return ParseResult{ParseStatus::kOk, s.string_view().length(),
|
|
546
|
-
String(std::move(*result))};
|
|
547
|
-
}
|
|
548
|
-
|
|
549
|
-
HPackParser::String::ParseResult HPackParser::String::Parse(Input* input) {
|
|
550
|
-
auto pfx = input->ParseStringPrefix();
|
|
551
|
-
if (!pfx.has_value()) {
|
|
552
|
-
GPR_DEBUG_ASSERT(input->eof_error());
|
|
553
|
-
return ParseResult{ParseStatus::kEof, 0, String{}};
|
|
554
|
-
}
|
|
555
|
-
if (pfx->huff) {
|
|
556
|
-
// Huffman coded
|
|
557
|
-
std::vector<uint8_t> output;
|
|
558
|
-
ParseStatus sts = ParseHuff(input, pfx->length,
|
|
559
|
-
[&output](uint8_t c) { output.push_back(c); });
|
|
560
|
-
size_t wire_len = output.size();
|
|
561
|
-
return ParseResult{sts, wire_len, String(std::move(output))};
|
|
562
|
-
}
|
|
563
|
-
return ParseUncompressed(input, pfx->length, pfx->length);
|
|
564
|
-
}
|
|
565
|
-
|
|
566
|
-
HPackParser::String::ParseResult HPackParser::String::ParseBinary(
|
|
567
|
-
Input* input) {
|
|
568
|
-
auto pfx = input->ParseStringPrefix();
|
|
569
|
-
if (!pfx.has_value()) {
|
|
570
|
-
GPR_DEBUG_ASSERT(input->eof_error());
|
|
571
|
-
return ParseResult{ParseStatus::kEof, 0, String{}};
|
|
572
|
-
}
|
|
573
|
-
if (!pfx->huff) {
|
|
574
|
-
if (pfx->length > 0 && input->peek() == 0) {
|
|
575
|
-
// 'true-binary'
|
|
576
|
-
input->Advance(1);
|
|
577
|
-
return ParseUncompressed(input, pfx->length - 1, pfx->length);
|
|
578
|
-
}
|
|
579
|
-
// Base64 encoded... pull out the string, then unbase64 it
|
|
580
|
-
auto base64 = ParseUncompressed(input, pfx->length, pfx->length);
|
|
581
|
-
if (base64.status != ParseStatus::kOk) return base64;
|
|
582
|
-
return Unbase64(std::move(base64.value));
|
|
583
|
-
} else {
|
|
584
|
-
// Huffman encoded...
|
|
585
|
-
std::vector<uint8_t> decompressed;
|
|
586
|
-
// State here says either we don't know if it's base64 or binary, or we do
|
|
587
|
-
// and what is it.
|
|
588
|
-
enum class State { kUnsure, kBinary, kBase64 };
|
|
589
|
-
State state = State::kUnsure;
|
|
590
|
-
auto sts =
|
|
591
|
-
ParseHuff(input, pfx->length, [&state, &decompressed](uint8_t c) {
|
|
592
|
-
if (state == State::kUnsure) {
|
|
593
|
-
// First byte... if it's zero it's binary
|
|
594
|
-
if (c == 0) {
|
|
595
|
-
// Save the type, and skip the zero
|
|
596
|
-
state = State::kBinary;
|
|
597
|
-
return;
|
|
598
|
-
} else {
|
|
599
|
-
// Flag base64, store this value
|
|
600
|
-
state = State::kBase64;
|
|
601
|
-
}
|
|
602
|
-
}
|
|
603
|
-
// Non-first byte, or base64 first byte
|
|
604
|
-
decompressed.push_back(c);
|
|
605
|
-
});
|
|
606
|
-
if (sts != ParseStatus::kOk) {
|
|
607
|
-
return ParseResult{sts, 0, String{}};
|
|
608
|
-
}
|
|
609
|
-
switch (state) {
|
|
610
|
-
case State::kUnsure:
|
|
611
|
-
// No bytes, empty span
|
|
612
|
-
return ParseResult{ParseStatus::kOk, 0,
|
|
613
|
-
String(absl::Span<const uint8_t>())};
|
|
614
|
-
case State::kBinary:
|
|
615
|
-
// Binary, we're done
|
|
616
|
-
{
|
|
617
|
-
size_t wire_len = decompressed.size();
|
|
618
|
-
return ParseResult{ParseStatus::kOk, wire_len,
|
|
619
|
-
String(std::move(decompressed))};
|
|
620
|
-
}
|
|
621
|
-
case State::kBase64:
|
|
622
|
-
// Base64 - unpack it
|
|
623
|
-
return Unbase64(String(std::move(decompressed)));
|
|
624
|
-
}
|
|
625
|
-
GPR_UNREACHABLE_CODE(abort(););
|
|
626
|
-
}
|
|
627
|
-
}
|
|
628
|
-
|
|
629
522
|
// Parser parses one key/value pair from a byte stream.
|
|
630
523
|
class HPackParser::Parser {
|
|
631
524
|
public:
|
|
632
525
|
Parser(Input* input, grpc_metadata_batch* metadata_buffer, HPackTable* table,
|
|
633
526
|
uint8_t* dynamic_table_updates_allowed, uint32_t* frame_length,
|
|
634
|
-
RandomEarlyDetection* metadata_early_detection,
|
|
527
|
+
RandomEarlyDetection* metadata_early_detection, bool is_last,
|
|
528
|
+
LogInfo log_info)
|
|
635
529
|
: input_(input),
|
|
636
530
|
metadata_buffer_(metadata_buffer),
|
|
637
531
|
table_(table),
|
|
638
532
|
dynamic_table_updates_allowed_(dynamic_table_updates_allowed),
|
|
639
533
|
frame_length_(frame_length),
|
|
640
534
|
metadata_early_detection_(metadata_early_detection),
|
|
535
|
+
is_last_(is_last),
|
|
641
536
|
log_info_(log_info) {}
|
|
642
537
|
|
|
643
538
|
// Skip any priority bits, or return false on failure
|
|
644
539
|
bool SkipPriority() {
|
|
645
|
-
if (input_->remaining() < 5)
|
|
646
|
-
input_->UnexpectedEOF();
|
|
647
|
-
return false;
|
|
648
|
-
}
|
|
540
|
+
if (input_->remaining() < 5) return input_->UnexpectedEOF(false);
|
|
649
541
|
input_->Advance(5);
|
|
650
542
|
return true;
|
|
651
543
|
}
|
|
@@ -718,9 +610,8 @@ class HPackParser::Parser {
|
|
|
718
610
|
case 8:
|
|
719
611
|
if (cur == 0x80) {
|
|
720
612
|
// illegal value.
|
|
721
|
-
input_->
|
|
722
|
-
|
|
723
|
-
return false;
|
|
613
|
+
return input_->MaybeSetErrorAndReturn(
|
|
614
|
+
[] { return GRPC_ERROR_CREATE("Illegal hpack op code"); }, false);
|
|
724
615
|
}
|
|
725
616
|
ABSL_FALLTHROUGH_INTENDED;
|
|
726
617
|
case 9:
|
|
@@ -757,31 +648,24 @@ class HPackParser::Parser {
|
|
|
757
648
|
type = "???";
|
|
758
649
|
break;
|
|
759
650
|
}
|
|
760
|
-
gpr_log(GPR_DEBUG, "HTTP:%d:%s:%s: %s
|
|
761
|
-
log_info_.is_client ? "CLI" : "SVR",
|
|
762
|
-
memento.md.DebugString().c_str(),
|
|
763
|
-
memento.parse_status.ok()
|
|
764
|
-
? ""
|
|
765
|
-
: absl::StrCat(
|
|
766
|
-
" (parse error: ", memento.parse_status.ToString(), ")")
|
|
767
|
-
.c_str());
|
|
651
|
+
gpr_log(GPR_DEBUG, "HTTP:%d:%s:%s: %s", log_info_.stream_id, type,
|
|
652
|
+
log_info_.is_client ? "CLI" : "SVR", memento.DebugString().c_str());
|
|
768
653
|
}
|
|
769
654
|
|
|
770
|
-
|
|
655
|
+
bool EmitHeader(const HPackTable::Memento& md) {
|
|
771
656
|
// Pass up to the transport
|
|
772
|
-
|
|
773
|
-
|
|
774
|
-
|
|
657
|
+
if (GPR_UNLIKELY(metadata_buffer_ == nullptr)) return true;
|
|
658
|
+
*frame_length_ += md.transport_size();
|
|
659
|
+
if (metadata_early_detection_->MustReject(*frame_length_)) {
|
|
775
660
|
// Reject any requests above hard metadata limit.
|
|
776
|
-
|
|
777
|
-
}
|
|
778
|
-
|
|
779
|
-
|
|
780
|
-
HandleMetadataParseError(md.parse_status);
|
|
781
|
-
}
|
|
782
|
-
if (GPR_LIKELY(metadata_buffer_ != nullptr)) {
|
|
783
|
-
metadata_buffer_->Set(md.md);
|
|
661
|
+
return HandleMetadataSizeLimitExceeded(md, /*exceeded_hard_limit=*/true);
|
|
662
|
+
} else if (is_last_ && metadata_early_detection_->Reject(*frame_length_)) {
|
|
663
|
+
// Reject some random sample of requests above soft metadata limit.
|
|
664
|
+
return HandleMetadataSizeLimitExceeded(md, /*exceeded_hard_limit=*/false);
|
|
784
665
|
}
|
|
666
|
+
|
|
667
|
+
metadata_buffer_->Set(md);
|
|
668
|
+
return true;
|
|
785
669
|
}
|
|
786
670
|
|
|
787
671
|
bool FinishHeaderAndAddToTable(absl::optional<HPackTable::Memento> md) {
|
|
@@ -792,149 +676,73 @@ class HPackParser::Parser {
|
|
|
792
676
|
LogHeader(*md);
|
|
793
677
|
}
|
|
794
678
|
// Emit whilst we own the metadata.
|
|
795
|
-
EmitHeader(*md);
|
|
679
|
+
auto r = EmitHeader(*md);
|
|
796
680
|
// Add to the hpack table
|
|
797
681
|
grpc_error_handle err = table_->Add(std::move(*md));
|
|
798
682
|
if (GPR_UNLIKELY(!err.ok())) {
|
|
799
|
-
input_->
|
|
683
|
+
input_->SetError(err);
|
|
800
684
|
return false;
|
|
801
685
|
};
|
|
802
|
-
return
|
|
686
|
+
return r;
|
|
803
687
|
}
|
|
804
688
|
|
|
805
689
|
bool FinishHeaderOmitFromTable(absl::optional<HPackTable::Memento> md) {
|
|
806
690
|
// Allow higher code to just pass in failures ... simplifies things a bit.
|
|
807
691
|
if (!md.has_value()) return false;
|
|
808
|
-
FinishHeaderOmitFromTable(*md);
|
|
809
|
-
return true;
|
|
692
|
+
return FinishHeaderOmitFromTable(*md);
|
|
810
693
|
}
|
|
811
694
|
|
|
812
|
-
|
|
695
|
+
bool FinishHeaderOmitFromTable(const HPackTable::Memento& md) {
|
|
813
696
|
// Log if desired
|
|
814
697
|
if (GRPC_TRACE_FLAG_ENABLED(grpc_trace_chttp2_hpack_parser)) {
|
|
815
698
|
LogHeader(md);
|
|
816
699
|
}
|
|
817
|
-
EmitHeader(md);
|
|
700
|
+
return EmitHeader(md);
|
|
818
701
|
}
|
|
819
702
|
|
|
820
|
-
// Helper type to build a memento from a key & value, and to consolidate some
|
|
821
|
-
// tricky error path code.
|
|
822
|
-
class MementoBuilder {
|
|
823
|
-
public:
|
|
824
|
-
explicit MementoBuilder(Input* input, absl::string_view key_string,
|
|
825
|
-
absl::Status status = absl::OkStatus())
|
|
826
|
-
: input_(input), key_string_(key_string), status_(std::move(status)) {}
|
|
827
|
-
|
|
828
|
-
auto ErrorHandler() {
|
|
829
|
-
return [this](absl::string_view error, const Slice&) {
|
|
830
|
-
auto message =
|
|
831
|
-
absl::StrCat("Error parsing '", key_string_,
|
|
832
|
-
"' metadata: error=", error, " key=", key_string_);
|
|
833
|
-
gpr_log(GPR_ERROR, "%s", message.c_str());
|
|
834
|
-
if (status_.ok()) {
|
|
835
|
-
status_ = absl::InternalError(message);
|
|
836
|
-
}
|
|
837
|
-
};
|
|
838
|
-
}
|
|
839
|
-
|
|
840
|
-
HPackTable::Memento Build(ParsedMetadata<grpc_metadata_batch> memento) {
|
|
841
|
-
return HPackTable::Memento{std::move(memento), std::move(status_)};
|
|
842
|
-
}
|
|
843
|
-
|
|
844
|
-
// Handle the result of parsing a value.
|
|
845
|
-
// Returns true if parsing should continue, false if it should stop.
|
|
846
|
-
// Stores an error on the input if necessary.
|
|
847
|
-
bool HandleParseResult(String::ParseStatus status) {
|
|
848
|
-
auto continuable = [this](absl::string_view error) {
|
|
849
|
-
auto this_error = absl::InternalError(absl::StrCat(
|
|
850
|
-
"Error parsing '", key_string_, "' metadata: error=", error));
|
|
851
|
-
if (status_.ok()) status_ = this_error;
|
|
852
|
-
input_->SetErrorAndContinueParsing(std::move(this_error));
|
|
853
|
-
};
|
|
854
|
-
switch (status) {
|
|
855
|
-
case String::ParseStatus::kOk:
|
|
856
|
-
return true;
|
|
857
|
-
case String::ParseStatus::kParseHuffFailed:
|
|
858
|
-
input_->SetErrorAndStopParsing(
|
|
859
|
-
absl::InternalError("Huffman decoding failed"));
|
|
860
|
-
return false;
|
|
861
|
-
case String::ParseStatus::kUnbase64Failed:
|
|
862
|
-
continuable("illegal base64 encoding");
|
|
863
|
-
return true;
|
|
864
|
-
case String::ParseStatus::kEof:
|
|
865
|
-
GPR_DEBUG_ASSERT(input_->eof_error());
|
|
866
|
-
return false;
|
|
867
|
-
}
|
|
868
|
-
GPR_UNREACHABLE_CODE(return false);
|
|
869
|
-
}
|
|
870
|
-
|
|
871
|
-
private:
|
|
872
|
-
Input* input_;
|
|
873
|
-
absl::string_view key_string_;
|
|
874
|
-
absl::Status status_;
|
|
875
|
-
};
|
|
876
|
-
|
|
877
703
|
// Parse a string encoded key and a string encoded value
|
|
878
704
|
absl::optional<HPackTable::Memento> ParseLiteralKey() {
|
|
879
705
|
auto key = String::Parse(input_);
|
|
880
|
-
|
|
881
|
-
|
|
882
|
-
|
|
883
|
-
|
|
884
|
-
input_->SetErrorAndStopParsing(
|
|
885
|
-
absl::InternalError("Huffman decoding failed"));
|
|
886
|
-
return absl::nullopt;
|
|
887
|
-
case String::ParseStatus::kUnbase64Failed:
|
|
888
|
-
Crash("unreachable");
|
|
889
|
-
case String::ParseStatus::kEof:
|
|
890
|
-
GPR_DEBUG_ASSERT(input_->eof_error());
|
|
891
|
-
return absl::nullopt;
|
|
892
|
-
}
|
|
893
|
-
auto key_string = key.value.string_view();
|
|
894
|
-
auto value = ParseValueString(absl::EndsWith(key_string, "-bin"));
|
|
895
|
-
MementoBuilder builder(input_, key_string,
|
|
896
|
-
EnsureStreamError(ValidateKey(key_string)));
|
|
897
|
-
if (!builder.HandleParseResult(value.status)) return absl::nullopt;
|
|
898
|
-
auto value_slice = value.value.Take();
|
|
899
|
-
const auto transport_size =
|
|
900
|
-
key_string.size() + value.wire_size + hpack_constants::kEntryOverhead;
|
|
901
|
-
return builder.Build(
|
|
902
|
-
grpc_metadata_batch::Parse(key_string, std::move(value_slice),
|
|
903
|
-
transport_size, builder.ErrorHandler()));
|
|
904
|
-
}
|
|
905
|
-
|
|
906
|
-
absl::Status ValidateKey(absl::string_view key) {
|
|
907
|
-
if (key == HttpSchemeMetadata::key() || key == HttpMethodMetadata::key() ||
|
|
908
|
-
key == HttpAuthorityMetadata::key() || key == HttpPathMetadata::key() ||
|
|
909
|
-
key == HttpStatusMetadata::key()) {
|
|
910
|
-
return absl::OkStatus();
|
|
706
|
+
if (!key.has_value()) return {};
|
|
707
|
+
auto value = ParseValueString(absl::EndsWith(key->string_view(), "-bin"));
|
|
708
|
+
if (GPR_UNLIKELY(!value.has_value())) {
|
|
709
|
+
return {};
|
|
911
710
|
}
|
|
912
|
-
|
|
711
|
+
auto key_string = key->string_view();
|
|
712
|
+
auto value_slice = value->Take();
|
|
713
|
+
const auto transport_size = key_string.size() + value_slice.size() +
|
|
714
|
+
hpack_constants::kEntryOverhead;
|
|
715
|
+
return grpc_metadata_batch::Parse(
|
|
716
|
+
key->string_view(), std::move(value_slice), transport_size,
|
|
717
|
+
[key_string](absl::string_view error, const Slice& value) {
|
|
718
|
+
ReportMetadataParseError(key_string, error, value.as_string_view());
|
|
719
|
+
});
|
|
913
720
|
}
|
|
914
721
|
|
|
915
722
|
// Parse an index encoded key and a string encoded value
|
|
916
723
|
absl::optional<HPackTable::Memento> ParseIdxKey(uint32_t index) {
|
|
917
724
|
const auto* elem = table_->Lookup(index);
|
|
918
725
|
if (GPR_UNLIKELY(elem == nullptr)) {
|
|
919
|
-
InvalidHPackIndexError(index
|
|
920
|
-
|
|
921
|
-
}
|
|
922
|
-
|
|
923
|
-
|
|
924
|
-
|
|
925
|
-
|
|
926
|
-
|
|
927
|
-
|
|
726
|
+
return InvalidHPackIndexError(index,
|
|
727
|
+
absl::optional<HPackTable::Memento>());
|
|
728
|
+
}
|
|
729
|
+
auto value = ParseValueString(elem->is_binary_header());
|
|
730
|
+
if (GPR_UNLIKELY(!value.has_value())) return {};
|
|
731
|
+
return elem->WithNewValue(
|
|
732
|
+
value->Take(), [=](absl::string_view error, const Slice& value) {
|
|
733
|
+
ReportMetadataParseError(elem->key(), error, value.as_string_view());
|
|
734
|
+
});
|
|
735
|
+
}
|
|
928
736
|
|
|
929
737
|
// Parse a varint index encoded key and a string encoded value
|
|
930
738
|
absl::optional<HPackTable::Memento> ParseVarIdxKey(uint32_t offset) {
|
|
931
739
|
auto index = input_->ParseVarint(offset);
|
|
932
|
-
if (GPR_UNLIKELY(!index.has_value())) return
|
|
740
|
+
if (GPR_UNLIKELY(!index.has_value())) return {};
|
|
933
741
|
return ParseIdxKey(*index);
|
|
934
742
|
}
|
|
935
743
|
|
|
936
744
|
// Parse a string, figuring out if it's binary or not by the key name.
|
|
937
|
-
String
|
|
745
|
+
absl::optional<String> ParseValueString(bool is_binary) {
|
|
938
746
|
if (is_binary) {
|
|
939
747
|
return String::ParseBinary(input_);
|
|
940
748
|
} else {
|
|
@@ -948,25 +756,26 @@ class HPackParser::Parser {
|
|
|
948
756
|
if (!index.has_value()) return false;
|
|
949
757
|
const auto* elem = table_->Lookup(*index);
|
|
950
758
|
if (GPR_UNLIKELY(elem == nullptr)) {
|
|
951
|
-
InvalidHPackIndexError(*index);
|
|
952
|
-
return false;
|
|
759
|
+
return InvalidHPackIndexError(*index, false);
|
|
953
760
|
}
|
|
954
|
-
FinishHeaderOmitFromTable(*elem);
|
|
955
|
-
return true;
|
|
761
|
+
return FinishHeaderOmitFromTable(*elem);
|
|
956
762
|
}
|
|
957
763
|
|
|
958
764
|
// finish parsing a max table size change
|
|
959
765
|
bool FinishMaxTableSize(absl::optional<uint32_t> size) {
|
|
960
766
|
if (!size.has_value()) return false;
|
|
961
767
|
if (*dynamic_table_updates_allowed_ == 0) {
|
|
962
|
-
input_->
|
|
963
|
-
|
|
964
|
-
|
|
768
|
+
return input_->MaybeSetErrorAndReturn(
|
|
769
|
+
[] {
|
|
770
|
+
return GRPC_ERROR_CREATE(
|
|
771
|
+
"More than two max table size changes in a single frame");
|
|
772
|
+
},
|
|
773
|
+
false);
|
|
965
774
|
}
|
|
966
775
|
(*dynamic_table_updates_allowed_)--;
|
|
967
776
|
grpc_error_handle err = table_->SetCurrentTableSize(*size);
|
|
968
777
|
if (!err.ok()) {
|
|
969
|
-
input_->
|
|
778
|
+
input_->SetError(err);
|
|
970
779
|
return false;
|
|
971
780
|
}
|
|
972
781
|
return true;
|
|
@@ -974,28 +783,47 @@ class HPackParser::Parser {
|
|
|
974
783
|
|
|
975
784
|
// Set an invalid hpack index error if no error has been set. Returns result
|
|
976
785
|
// unmodified.
|
|
977
|
-
|
|
978
|
-
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
|
|
982
|
-
|
|
983
|
-
|
|
984
|
-
|
|
786
|
+
template <typename R>
|
|
787
|
+
R InvalidHPackIndexError(uint32_t index, R result) {
|
|
788
|
+
return input_->MaybeSetErrorAndReturn(
|
|
789
|
+
[this, index] {
|
|
790
|
+
return grpc_error_set_int(
|
|
791
|
+
grpc_error_set_int(
|
|
792
|
+
GRPC_ERROR_CREATE("Invalid HPACK index received"),
|
|
793
|
+
StatusIntProperty::kIndex, static_cast<intptr_t>(index)),
|
|
794
|
+
StatusIntProperty::kSize,
|
|
795
|
+
static_cast<intptr_t>(this->table_->num_entries()));
|
|
796
|
+
},
|
|
797
|
+
std::move(result));
|
|
798
|
+
}
|
|
799
|
+
|
|
800
|
+
class MetadataSizeLimitExceededEncoder {
|
|
801
|
+
public:
|
|
802
|
+
explicit MetadataSizeLimitExceededEncoder(std::string& summary)
|
|
803
|
+
: summary_(summary) {}
|
|
985
804
|
|
|
986
|
-
|
|
987
|
-
|
|
988
|
-
if (metadata_buffer_ != nullptr) {
|
|
989
|
-
metadata_buffer_->Clear();
|
|
990
|
-
metadata_buffer_ = nullptr;
|
|
805
|
+
void Encode(const Slice& key, const Slice& value) {
|
|
806
|
+
AddToSummary(key.as_string_view(), value.size());
|
|
991
807
|
}
|
|
992
|
-
|
|
993
|
-
|
|
994
|
-
|
|
995
|
-
|
|
808
|
+
|
|
809
|
+
template <typename Key, typename Value>
|
|
810
|
+
void Encode(Key, const Value& value) {
|
|
811
|
+
AddToSummary(Key::key(), EncodedSizeOfKey(Key(), value));
|
|
812
|
+
}
|
|
813
|
+
|
|
814
|
+
private:
|
|
815
|
+
void AddToSummary(absl::string_view key,
|
|
816
|
+
size_t value_length) GPR_ATTRIBUTE_NOINLINE {
|
|
817
|
+
absl::StrAppend(&summary_, " ", key, ":",
|
|
818
|
+
hpack_constants::SizeForEntry(key.size(), value_length),
|
|
819
|
+
"B");
|
|
820
|
+
}
|
|
821
|
+
std::string& summary_;
|
|
822
|
+
};
|
|
996
823
|
|
|
997
824
|
GPR_ATTRIBUTE_NOINLINE
|
|
998
|
-
|
|
825
|
+
bool HandleMetadataSizeLimitExceeded(const HPackTable::Memento& md,
|
|
826
|
+
bool exceeded_hard_limit) {
|
|
999
827
|
// Collect a summary of sizes so far for debugging
|
|
1000
828
|
// Do not collect contents, for fear of exposing PII.
|
|
1001
829
|
std::string summary;
|
|
@@ -1004,22 +832,49 @@ class HPackParser::Parser {
|
|
|
1004
832
|
MetadataSizeLimitExceededEncoder encoder(summary);
|
|
1005
833
|
metadata_buffer_->Encode(&encoder);
|
|
1006
834
|
}
|
|
1007
|
-
summary =
|
|
1008
|
-
|
|
1009
|
-
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1013
|
-
|
|
835
|
+
summary =
|
|
836
|
+
absl::StrCat("; adding ", md.key(), " (length ", md.transport_size(),
|
|
837
|
+
"B)", summary.empty() ? "" : " to ", summary);
|
|
838
|
+
if (exceeded_hard_limit) {
|
|
839
|
+
error_message = absl::StrCat(
|
|
840
|
+
"received initial metadata size exceeds hard limit (", *frame_length_,
|
|
841
|
+
" vs. ", metadata_early_detection_->hard_limit(), ")", summary);
|
|
842
|
+
} else {
|
|
843
|
+
error_message = absl::StrCat(
|
|
844
|
+
"received initial metadata size exceeds soft limit (", *frame_length_,
|
|
845
|
+
" vs. ", metadata_early_detection_->soft_limit(),
|
|
846
|
+
"), rejecting requests with some random probability", summary);
|
|
847
|
+
}
|
|
848
|
+
if (metadata_buffer_ != nullptr) metadata_buffer_->Clear();
|
|
849
|
+
// StreamId is used as a signal to skip this stream but keep the connection
|
|
850
|
+
// alive
|
|
851
|
+
return input_->MaybeSetErrorAndReturn(
|
|
852
|
+
[error_message = std::move(error_message)] {
|
|
853
|
+
return grpc_error_set_int(
|
|
854
|
+
grpc_error_set_int(GRPC_ERROR_CREATE(error_message),
|
|
855
|
+
StatusIntProperty::kRpcStatus,
|
|
856
|
+
GRPC_STATUS_RESOURCE_EXHAUSTED),
|
|
857
|
+
StatusIntProperty::kStreamId, 0);
|
|
858
|
+
},
|
|
859
|
+
false);
|
|
860
|
+
}
|
|
861
|
+
|
|
862
|
+
static void ReportMetadataParseError(absl::string_view key,
|
|
863
|
+
absl::string_view error,
|
|
864
|
+
absl::string_view value) {
|
|
865
|
+
gpr_log(
|
|
866
|
+
GPR_ERROR, "Error parsing metadata: %s",
|
|
867
|
+
absl::StrCat("error=", error, " key=", key, " value=", value).c_str());
|
|
1014
868
|
}
|
|
1015
869
|
|
|
1016
870
|
Input* const input_;
|
|
1017
|
-
grpc_metadata_batch* metadata_buffer_;
|
|
871
|
+
grpc_metadata_batch* const metadata_buffer_;
|
|
1018
872
|
HPackTable* const table_;
|
|
1019
873
|
uint8_t* const dynamic_table_updates_allowed_;
|
|
1020
874
|
uint32_t* const frame_length_;
|
|
1021
875
|
// Random early detection of metadata size limits.
|
|
1022
876
|
RandomEarlyDetection* metadata_early_detection_;
|
|
877
|
+
bool is_last_; // Whether this is the last frame.
|
|
1023
878
|
const LogInfo log_info_;
|
|
1024
879
|
};
|
|
1025
880
|
|
|
@@ -1073,35 +928,26 @@ grpc_error_handle HPackParser::Parse(const grpc_slice& slice, bool is_last) {
|
|
|
1073
928
|
}
|
|
1074
929
|
|
|
1075
930
|
grpc_error_handle HPackParser::ParseInput(Input input, bool is_last) {
|
|
1076
|
-
ParseInputInner(&input);
|
|
1077
|
-
if (is_last)
|
|
1078
|
-
|
|
1079
|
-
HandleMetadataSoftSizeLimitExceeded(&input);
|
|
1080
|
-
}
|
|
1081
|
-
global_stats().IncrementHttp2MetadataSize(frame_length_);
|
|
1082
|
-
}
|
|
931
|
+
bool parsed_ok = ParseInputInner(&input, is_last);
|
|
932
|
+
if (is_last) global_stats().IncrementHttp2MetadataSize(frame_length_);
|
|
933
|
+
if (parsed_ok) return absl::OkStatus();
|
|
1083
934
|
if (input.eof_error()) {
|
|
1084
935
|
if (GPR_UNLIKELY(is_last && is_boundary())) {
|
|
1085
|
-
|
|
1086
|
-
if (!err.ok() && !IsStreamError(err)) return err;
|
|
1087
|
-
return absl::InternalError(
|
|
936
|
+
return GRPC_ERROR_CREATE(
|
|
1088
937
|
"Incomplete header at the end of a header/continuation sequence");
|
|
1089
938
|
}
|
|
1090
939
|
unparsed_bytes_ = std::vector<uint8_t>(input.frontier(), input.end_ptr());
|
|
1091
|
-
return
|
|
940
|
+
return absl::OkStatus();
|
|
1092
941
|
}
|
|
1093
942
|
return input.TakeError();
|
|
1094
943
|
}
|
|
1095
944
|
|
|
1096
|
-
|
|
945
|
+
bool HPackParser::ParseInputInner(Input* input, bool is_last) {
|
|
1097
946
|
switch (priority_) {
|
|
1098
947
|
case Priority::None:
|
|
1099
948
|
break;
|
|
1100
949
|
case Priority::Included: {
|
|
1101
|
-
if (input->remaining() < 5)
|
|
1102
|
-
input->UnexpectedEOF();
|
|
1103
|
-
return;
|
|
1104
|
-
}
|
|
950
|
+
if (input->remaining() < 5) return input->UnexpectedEOF(false);
|
|
1105
951
|
input->Advance(5);
|
|
1106
952
|
input->UpdateFrontier();
|
|
1107
953
|
priority_ = Priority::None;
|
|
@@ -1110,35 +956,15 @@ void HPackParser::ParseInputInner(Input* input) {
|
|
|
1110
956
|
while (!input->end_of_stream()) {
|
|
1111
957
|
if (GPR_UNLIKELY(!Parser(input, metadata_buffer_, &table_,
|
|
1112
958
|
&dynamic_table_updates_allowed_, &frame_length_,
|
|
1113
|
-
&metadata_early_detection_, log_info_)
|
|
959
|
+
&metadata_early_detection_, is_last, log_info_)
|
|
1114
960
|
.Parse())) {
|
|
1115
|
-
return;
|
|
961
|
+
return false;
|
|
1116
962
|
}
|
|
1117
963
|
input->UpdateFrontier();
|
|
1118
964
|
}
|
|
965
|
+
return true;
|
|
1119
966
|
}
|
|
1120
967
|
|
|
1121
968
|
void HPackParser::FinishFrame() { metadata_buffer_ = nullptr; }
|
|
1122
969
|
|
|
1123
|
-
void HPackParser::HandleMetadataSoftSizeLimitExceeded(Input* input) {
|
|
1124
|
-
// Collect a summary of sizes so far for debugging
|
|
1125
|
-
// Do not collect contents, for fear of exposing PII.
|
|
1126
|
-
std::string summary;
|
|
1127
|
-
std::string error_message;
|
|
1128
|
-
if (metadata_buffer_ != nullptr) {
|
|
1129
|
-
MetadataSizeLimitExceededEncoder encoder(summary);
|
|
1130
|
-
metadata_buffer_->Encode(&encoder);
|
|
1131
|
-
}
|
|
1132
|
-
error_message = absl::StrCat(
|
|
1133
|
-
"received metadata size exceeds soft limit (", frame_length_, " vs. ",
|
|
1134
|
-
metadata_early_detection_.soft_limit(),
|
|
1135
|
-
"), rejecting requests with some random probability", summary);
|
|
1136
|
-
if (metadata_buffer_ != nullptr) {
|
|
1137
|
-
metadata_buffer_->Clear();
|
|
1138
|
-
metadata_buffer_ = nullptr;
|
|
1139
|
-
}
|
|
1140
|
-
input->SetErrorAndContinueParsing(
|
|
1141
|
-
absl::ResourceExhaustedError(error_message));
|
|
1142
|
-
}
|
|
1143
|
-
|
|
1144
970
|
} // namespace grpc_core
|