grpc 1.55.3 → 1.56.0.pre3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +100 -70
- data/include/grpc/event_engine/event_engine.h +4 -3
- data/include/grpc/grpc_audit_logging.h +96 -0
- data/include/grpc/module.modulemap +2 -0
- data/include/grpc/support/json.h +218 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +5 -0
- data/src/core/ext/filters/client_channel/backend_metric.cc +2 -0
- data/src/core/ext/filters/client_channel/channel_connectivity.cc +4 -4
- data/src/core/ext/filters/client_channel/client_channel.cc +82 -98
- data/src/core/ext/filters/client_channel/client_channel.h +4 -0
- data/src/core/ext/filters/client_channel/client_channel_channelz.cc +19 -18
- data/src/core/ext/filters/client_channel/client_channel_internal.h +16 -21
- data/src/core/ext/filters/client_channel/config_selector.h +9 -24
- data/src/core/ext/filters/client_channel/lb_policy/backend_metric_data.h +3 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +5 -4
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.cc +455 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client.h +54 -0
- data/src/core/ext/filters/client_channel/lb_policy/health_check_client_internal.h +186 -0
- data/src/core/ext/filters/client_channel/lb_policy/oob_backend_metric.cc +2 -7
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.cc +52 -20
- data/src/core/ext/filters/client_channel/lb_policy/outlier_detection/outlier_detection.h +23 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +19 -6
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +1 -9
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +16 -7
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +18 -1
- data/src/core/ext/filters/client_channel/lb_policy/rls/rls.cc +12 -9
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +6 -4
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +36 -13
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/static_stride_scheduler.cc +76 -6
- data/src/core/ext/filters/client_channel/lb_policy/weighted_round_robin/weighted_round_robin.cc +32 -39
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +4 -10
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +52 -47
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +1 -9
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +14 -16
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +40 -43
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_override_host.cc +7 -12
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_wrr_locality.cc +12 -19
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +35 -33
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +29 -4
- data/src/core/ext/filters/client_channel/resolver/dns/event_engine/service_config_helper.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +28 -27
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +163 -46
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +16 -1
- data/src/core/ext/filters/client_channel/retry_service_config.cc +1 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +10 -40
- data/src/core/ext/filters/client_channel/subchannel.cc +10 -196
- data/src/core/ext/filters/client_channel/subchannel.h +3 -43
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +5 -5
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +100 -6
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +6 -8
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +3 -3
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +16 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +46 -95
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +543 -567
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +9 -150
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +32 -46
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +5 -18
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -15
- data/src/core/ext/transport/chttp2/transport/parsing.cc +12 -12
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.c +11 -2
- data/src/core/ext/upb-generated/xds/data/orca/v3/orca_load_report.upb.h +15 -0
- data/src/core/ext/xds/certificate_provider_store.cc +4 -9
- data/src/core/ext/xds/certificate_provider_store.h +1 -1
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +30 -42
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +14 -9
- data/src/core/ext/xds/xds_api.cc +9 -6
- data/src/core/ext/xds/xds_api.h +3 -2
- data/src/core/ext/xds/xds_audit_logger_registry.cc +122 -0
- data/src/core/ext/xds/xds_audit_logger_registry.h +68 -0
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +21 -9
- data/src/core/ext/xds/xds_bootstrap_grpc.h +5 -0
- data/src/core/ext/xds/xds_client.cc +5 -4
- data/src/core/ext/xds/xds_client_stats.h +1 -1
- data/src/core/ext/xds/xds_cluster.cc +20 -19
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +11 -8
- data/src/core/ext/xds/xds_common_types.cc +3 -1
- data/src/core/ext/xds/xds_http_fault_filter.cc +16 -13
- data/src/core/ext/xds/xds_http_fault_filter.h +2 -1
- data/src/core/ext/xds/xds_http_filters.h +4 -2
- data/src/core/ext/xds/xds_http_rbac_filter.cc +154 -67
- data/src/core/ext/xds/xds_http_rbac_filter.h +2 -1
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +15 -11
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +2 -1
- data/src/core/ext/xds/xds_lb_policy_registry.cc +22 -16
- data/src/core/ext/xds/xds_listener.cc +1 -0
- data/src/core/ext/xds/xds_route_config.cc +40 -3
- data/src/core/ext/xds/xds_routing.cc +2 -2
- data/src/core/ext/xds/xds_transport_grpc.cc +3 -1
- data/src/core/lib/avl/avl.h +5 -0
- data/src/core/lib/backoff/random_early_detection.h +0 -5
- data/src/core/lib/channel/channel_args.cc +80 -22
- data/src/core/lib/channel/channel_args.h +34 -1
- data/src/core/lib/channel/channel_trace.cc +16 -12
- data/src/core/lib/channel/channelz.cc +159 -132
- data/src/core/lib/channel/channelz.h +42 -35
- data/src/core/lib/channel/channelz_registry.cc +23 -20
- data/src/core/lib/channel/connected_channel.cc +17 -6
- data/src/core/lib/channel/promise_based_filter.cc +0 -4
- data/src/core/lib/channel/promise_based_filter.h +2 -0
- data/src/core/lib/compression/compression_internal.cc +2 -5
- data/src/core/lib/config/config_vars.cc +20 -18
- data/src/core/lib/config/config_vars.h +4 -4
- data/src/core/lib/config/load_config.cc +13 -0
- data/src/core/lib/config/load_config.h +6 -0
- data/src/core/lib/debug/event_log.h +1 -1
- data/src/core/lib/debug/stats_data.h +1 -1
- data/src/core/lib/debug/trace.cc +24 -55
- data/src/core/lib/debug/trace.h +3 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +211 -0
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +86 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +354 -0
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +146 -0
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +79 -0
- data/src/core/lib/event_engine/default_event_engine.cc +13 -1
- data/src/core/lib/event_engine/default_event_engine_factory.cc +14 -2
- data/src/core/lib/event_engine/poller.h +2 -2
- data/src/core/lib/event_engine/posix.h +4 -0
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +1 -1
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -18
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +9 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +3 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +4 -33
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +7 -11
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -1
- data/src/core/lib/event_engine/shim.cc +7 -1
- data/src/core/lib/event_engine/{thread_pool.cc → thread_pool/original_thread_pool.cc} +28 -25
- data/src/core/lib/event_engine/{thread_pool.h → thread_pool/original_thread_pool.h} +11 -15
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +50 -0
- data/src/core/lib/event_engine/{executor/executor.h → thread_pool/thread_pool_factory.cc} +17 -15
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +489 -0
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +249 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +166 -0
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +108 -0
- data/src/core/lib/event_engine/windows/iocp.cc +4 -3
- data/src/core/lib/event_engine/windows/iocp.h +3 -3
- data/src/core/lib/event_engine/windows/win_socket.cc +6 -6
- data/src/core/lib/event_engine/windows/win_socket.h +4 -4
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +11 -10
- data/src/core/lib/event_engine/windows/windows_endpoint.h +3 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +19 -17
- data/src/core/lib/event_engine/windows/windows_engine.h +6 -6
- data/src/core/lib/event_engine/windows/windows_listener.cc +3 -3
- data/src/core/lib/event_engine/windows/windows_listener.h +3 -2
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +63 -0
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +71 -0
- data/src/core/lib/event_engine/work_queue/work_queue.h +62 -0
- data/src/core/lib/experiments/config.cc +38 -7
- data/src/core/lib/experiments/config.h +16 -0
- data/src/core/lib/experiments/experiments.cc +67 -20
- data/src/core/lib/experiments/experiments.h +27 -21
- data/src/core/lib/gpr/log_internal.h +55 -0
- data/src/core/lib/gprpp/crash.cc +10 -0
- data/src/core/lib/gprpp/crash.h +3 -0
- data/src/core/lib/gprpp/per_cpu.cc +33 -0
- data/src/core/lib/gprpp/per_cpu.h +29 -6
- data/src/core/lib/gprpp/time.cc +1 -0
- data/src/core/lib/iomgr/cfstream_handle.cc +1 -1
- data/src/core/lib/iomgr/endpoint_cfstream.cc +10 -8
- data/src/core/lib/iomgr/ev_apple.cc +12 -12
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +10 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +15 -1
- data/src/core/lib/iomgr/iocp_windows.cc +24 -3
- data/src/core/lib/iomgr/iocp_windows.h +11 -0
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +1 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +4 -2
- data/src/core/lib/iomgr/socket_windows.cc +61 -7
- data/src/core/lib/iomgr/socket_windows.h +9 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -3
- data/src/core/lib/iomgr/tcp_server_posix.cc +156 -140
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +1 -13
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +0 -21
- data/src/core/lib/iomgr/tcp_server_windows.cc +1 -1
- data/src/core/lib/json/json.h +2 -166
- data/src/core/lib/json/json_object_loader.cc +8 -9
- data/src/core/lib/json/json_object_loader.h +25 -18
- data/src/core/lib/json/json_reader.cc +13 -6
- data/src/core/lib/json/json_util.cc +6 -11
- data/src/core/lib/json/json_writer.cc +7 -8
- data/src/core/lib/load_balancing/lb_policy.h +13 -0
- data/src/core/lib/load_balancing/lb_policy_registry.cc +2 -1
- data/src/core/lib/matchers/matchers.cc +3 -4
- data/src/core/lib/matchers/matchers.h +2 -1
- data/src/core/lib/promise/activity.cc +5 -0
- data/src/core/lib/promise/activity.h +10 -0
- data/src/core/lib/promise/detail/promise_factory.h +1 -1
- data/src/core/lib/promise/party.cc +31 -13
- data/src/core/lib/promise/party.h +11 -2
- data/src/core/lib/promise/pipe.h +9 -2
- data/src/core/lib/promise/prioritized_race.h +95 -0
- data/src/core/lib/promise/sleep.cc +2 -1
- data/src/core/lib/resolver/server_address.cc +0 -8
- data/src/core/lib/resolver/server_address.h +0 -6
- data/src/core/lib/resource_quota/memory_quota.cc +7 -7
- data/src/core/lib/resource_quota/memory_quota.h +1 -2
- data/src/core/lib/security/authorization/audit_logging.cc +98 -0
- data/src/core/lib/security/authorization/audit_logging.h +73 -0
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +47 -2
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +18 -1
- data/src/core/lib/security/authorization/rbac_policy.cc +36 -4
- data/src/core/lib/security/authorization/rbac_policy.h +19 -2
- data/src/core/lib/security/authorization/stdout_logger.cc +75 -0
- data/src/core/lib/security/authorization/stdout_logger.h +61 -0
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +8 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +8 -18
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +14 -8
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +19 -12
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +4 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -0
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +1 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +15 -14
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +1 -0
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +1 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -5
- data/src/core/lib/security/util/json_util.cc +1 -0
- data/src/core/lib/service_config/service_config_call_data.h +49 -20
- data/src/core/lib/service_config/service_config_impl.cc +2 -1
- data/src/core/lib/surface/call.cc +38 -23
- data/src/core/lib/surface/completion_queue.cc +6 -2
- data/src/core/lib/surface/validate_metadata.cc +22 -37
- data/src/core/lib/surface/validate_metadata.h +3 -13
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +15 -12
- data/src/core/lib/transport/batch_builder.h +39 -35
- data/src/core/plugin_registry/grpc_plugin_registry.cc +0 -2
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +2 -0
- data/src/ruby/ext/grpc/extconf.rb +8 -9
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +9 -8
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +10 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +5 -9
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +31 -22
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +29 -26
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +189 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_openbsd.c +31 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +6 -4
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +795 -795
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +18 -6
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +15 -7
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +3 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +24 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +74 -74
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +11 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +12 -12
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +14 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +23 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/{hkdf → fipsmodule/hkdf}/hkdf.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +2 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +115 -133
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +12 -14
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +57 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +27 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +11 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +21 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +5 -288
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +143 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +95 -183
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +71 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +8 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +33 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +162 -6
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +18 -11
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +6 -13
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -14
- data/third_party/boringssl-with-bazel/src/crypto/{refcount_lock.c → refcount_no_threads.c} +3 -13
- data/third_party/boringssl-with-bazel/src/crypto/refcount_win.c +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +77 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +568 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +218 -44
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +35 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +588 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +27 -18
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +17 -39
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +39 -48
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +72 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +11 -14
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +33 -46
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +14 -46
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +14 -26
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +17 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +5 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +32 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +0 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +28 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +2 -11
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +0 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +91 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +149 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +8 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +774 -615
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +42 -10
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +11 -6
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +2 -4
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +24 -16
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +65 -18
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +37 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +187 -193
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +13 -129
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +85 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +17 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +27 -19
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +5 -21
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +5 -2
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_msvc.h +1281 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64_msvc.h +2002 -0
- data/third_party/cares/cares/include/ares.h +23 -1
- data/third_party/cares/cares/{src/lib → include}/ares_nameser.h +9 -7
- data/third_party/cares/cares/include/ares_rules.h +2 -2
- data/third_party/cares/cares/include/ares_version.h +3 -3
- data/third_party/cares/cares/src/lib/ares__addrinfo2hostent.c +266 -0
- data/third_party/cares/cares/src/lib/ares__addrinfo_localhost.c +240 -0
- data/third_party/cares/cares/src/lib/ares__parse_into_addrinfo.c +49 -80
- data/third_party/cares/cares/src/lib/ares__readaddrinfo.c +37 -43
- data/third_party/cares/cares/src/lib/ares__sortaddrinfo.c +12 -4
- data/third_party/cares/cares/src/lib/ares_data.c +16 -0
- data/third_party/cares/cares/src/lib/ares_data.h +7 -0
- data/third_party/cares/cares/src/lib/ares_destroy.c +8 -0
- data/third_party/cares/cares/src/lib/ares_expand_name.c +17 -6
- data/third_party/cares/cares/src/lib/ares_freeaddrinfo.c +1 -0
- data/third_party/cares/cares/src/lib/ares_getaddrinfo.c +156 -78
- data/third_party/cares/cares/src/lib/ares_gethostbyname.c +130 -326
- data/third_party/cares/cares/src/lib/ares_init.c +97 -485
- data/third_party/cares/cares/src/lib/ares_library_init.c +2 -89
- data/third_party/cares/cares/src/lib/ares_parse_a_reply.c +23 -142
- data/third_party/cares/cares/src/lib/ares_parse_aaaa_reply.c +22 -142
- data/third_party/cares/cares/src/lib/ares_parse_uri_reply.c +184 -0
- data/third_party/cares/cares/src/lib/ares_private.h +30 -16
- data/third_party/cares/cares/src/lib/ares_process.c +55 -16
- data/third_party/cares/cares/src/lib/ares_query.c +1 -35
- data/third_party/cares/cares/src/lib/ares_rand.c +279 -0
- data/third_party/cares/cares/src/lib/ares_send.c +5 -7
- data/third_party/cares/cares/src/lib/ares_strdup.c +12 -19
- data/third_party/cares/cares/src/lib/ares_strsplit.c +44 -128
- data/third_party/cares/cares/src/lib/ares_strsplit.h +9 -10
- data/third_party/cares/cares/src/lib/inet_net_pton.c +78 -116
- data/third_party/cares/cares/src/tools/ares_getopt.h +53 -0
- metadata +50 -16
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +0 -175
- data/src/core/ext/filters/client_channel/health/health_check_client.h +0 -43
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +0 -176
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +0 -325
- data/third_party/cares/cares/src/lib/ares_library_init.h +0 -43
@@ -24,21 +24,21 @@
|
|
24
24
|
#include <algorithm>
|
25
25
|
#include <memory>
|
26
26
|
#include <new>
|
27
|
+
#include <string>
|
27
28
|
#include <utility>
|
28
29
|
|
29
30
|
#include "absl/status/statusor.h"
|
30
31
|
#include "absl/strings/cord.h"
|
31
32
|
#include "absl/strings/str_cat.h"
|
32
33
|
#include "absl/strings/string_view.h"
|
34
|
+
#include "absl/types/optional.h"
|
33
35
|
|
34
36
|
#include <grpc/grpc.h>
|
35
37
|
#include <grpc/slice.h>
|
36
38
|
#include <grpc/status.h>
|
37
39
|
#include <grpc/support/log.h>
|
38
40
|
|
39
|
-
#include "src/core/ext/filters/client_channel/health/health_check_client.h"
|
40
41
|
#include "src/core/ext/filters/client_channel/subchannel_pool_interface.h"
|
41
|
-
#include "src/core/ext/filters/client_channel/subchannel_stream_client.h"
|
42
42
|
#include "src/core/lib/address_utils/sockaddr_utils.h"
|
43
43
|
#include "src/core/lib/backoff/backoff.h"
|
44
44
|
#include "src/core/lib/channel/channel_args.h"
|
@@ -374,176 +374,6 @@ void Subchannel::ConnectivityStateWatcherList::NotifyLocked(
|
|
374
374
|
}
|
375
375
|
}
|
376
376
|
|
377
|
-
//
|
378
|
-
// Subchannel::HealthWatcherMap::HealthWatcher
|
379
|
-
//
|
380
|
-
|
381
|
-
// State needed for tracking the connectivity state with a particular
|
382
|
-
// health check service name.
|
383
|
-
class Subchannel::HealthWatcherMap::HealthWatcher
|
384
|
-
: public AsyncConnectivityStateWatcherInterface {
|
385
|
-
public:
|
386
|
-
HealthWatcher(WeakRefCountedPtr<Subchannel> c,
|
387
|
-
std::string health_check_service_name)
|
388
|
-
: subchannel_(std::move(c)),
|
389
|
-
health_check_service_name_(std::move(health_check_service_name)),
|
390
|
-
state_(subchannel_->state_ == GRPC_CHANNEL_READY
|
391
|
-
? GRPC_CHANNEL_CONNECTING
|
392
|
-
: subchannel_->state_),
|
393
|
-
watcher_list_(subchannel_.get()) {
|
394
|
-
// If the subchannel is already connected, start health checking.
|
395
|
-
if (subchannel_->state_ == GRPC_CHANNEL_READY) StartHealthCheckingLocked();
|
396
|
-
}
|
397
|
-
|
398
|
-
~HealthWatcher() override {
|
399
|
-
subchannel_.reset(DEBUG_LOCATION, "health_watcher");
|
400
|
-
}
|
401
|
-
|
402
|
-
const std::string& health_check_service_name() const {
|
403
|
-
return health_check_service_name_;
|
404
|
-
}
|
405
|
-
|
406
|
-
grpc_connectivity_state state() const { return state_; }
|
407
|
-
|
408
|
-
void AddWatcherLocked(
|
409
|
-
RefCountedPtr<Subchannel::ConnectivityStateWatcherInterface> watcher) {
|
410
|
-
subchannel_->work_serializer_.Schedule(
|
411
|
-
[watcher = watcher->Ref(), state = state_, status = status_]() {
|
412
|
-
watcher->OnConnectivityStateChange(state, status);
|
413
|
-
},
|
414
|
-
DEBUG_LOCATION);
|
415
|
-
watcher_list_.AddWatcherLocked(std::move(watcher));
|
416
|
-
}
|
417
|
-
|
418
|
-
void RemoveWatcherLocked(
|
419
|
-
Subchannel::ConnectivityStateWatcherInterface* watcher) {
|
420
|
-
watcher_list_.RemoveWatcherLocked(watcher);
|
421
|
-
}
|
422
|
-
|
423
|
-
bool HasWatchers() const { return !watcher_list_.empty(); }
|
424
|
-
|
425
|
-
void NotifyLocked(grpc_connectivity_state state, const absl::Status& status)
|
426
|
-
ABSL_EXCLUSIVE_LOCKS_REQUIRED(subchannel_->mu_) {
|
427
|
-
if (state == GRPC_CHANNEL_READY) {
|
428
|
-
// If we had not already notified for CONNECTING state, do so now.
|
429
|
-
// (We may have missed this earlier, because if the transition
|
430
|
-
// from IDLE to CONNECTING to READY was too quick, the connected
|
431
|
-
// subchannel may not have sent us a notification for CONNECTING.)
|
432
|
-
if (state_ != GRPC_CHANNEL_CONNECTING) {
|
433
|
-
state_ = GRPC_CHANNEL_CONNECTING;
|
434
|
-
status_ = status;
|
435
|
-
watcher_list_.NotifyLocked(state_, status);
|
436
|
-
}
|
437
|
-
// If we've become connected, start health checking.
|
438
|
-
StartHealthCheckingLocked();
|
439
|
-
} else {
|
440
|
-
state_ = state;
|
441
|
-
status_ = status;
|
442
|
-
watcher_list_.NotifyLocked(state_, status);
|
443
|
-
// We're not connected, so stop health checking.
|
444
|
-
health_check_client_.reset();
|
445
|
-
}
|
446
|
-
}
|
447
|
-
|
448
|
-
void Orphan() override {
|
449
|
-
watcher_list_.Clear();
|
450
|
-
health_check_client_.reset();
|
451
|
-
Unref();
|
452
|
-
}
|
453
|
-
|
454
|
-
private:
|
455
|
-
void OnConnectivityStateChange(grpc_connectivity_state new_state,
|
456
|
-
const absl::Status& status) override {
|
457
|
-
{
|
458
|
-
MutexLock lock(&subchannel_->mu_);
|
459
|
-
if (new_state != GRPC_CHANNEL_SHUTDOWN &&
|
460
|
-
health_check_client_ != nullptr) {
|
461
|
-
state_ = new_state;
|
462
|
-
status_ = status;
|
463
|
-
watcher_list_.NotifyLocked(new_state, status);
|
464
|
-
}
|
465
|
-
}
|
466
|
-
// Drain any connectivity state notifications after releasing the mutex.
|
467
|
-
subchannel_->work_serializer_.DrainQueue();
|
468
|
-
}
|
469
|
-
|
470
|
-
void StartHealthCheckingLocked()
|
471
|
-
ABSL_EXCLUSIVE_LOCKS_REQUIRED(subchannel_->mu_) {
|
472
|
-
GPR_ASSERT(health_check_client_ == nullptr);
|
473
|
-
health_check_client_ = MakeHealthCheckClient(
|
474
|
-
health_check_service_name_, subchannel_->connected_subchannel_,
|
475
|
-
subchannel_->pollset_set_, subchannel_->channelz_node_, Ref());
|
476
|
-
}
|
477
|
-
|
478
|
-
WeakRefCountedPtr<Subchannel> subchannel_;
|
479
|
-
std::string health_check_service_name_;
|
480
|
-
OrphanablePtr<SubchannelStreamClient> health_check_client_;
|
481
|
-
grpc_connectivity_state state_;
|
482
|
-
absl::Status status_;
|
483
|
-
ConnectivityStateWatcherList watcher_list_;
|
484
|
-
};
|
485
|
-
|
486
|
-
//
|
487
|
-
// Subchannel::HealthWatcherMap
|
488
|
-
//
|
489
|
-
|
490
|
-
void Subchannel::HealthWatcherMap::AddWatcherLocked(
|
491
|
-
WeakRefCountedPtr<Subchannel> subchannel,
|
492
|
-
const std::string& health_check_service_name,
|
493
|
-
RefCountedPtr<ConnectivityStateWatcherInterface> watcher) {
|
494
|
-
// If the health check service name is not already present in the map,
|
495
|
-
// add it.
|
496
|
-
auto it = map_.find(health_check_service_name);
|
497
|
-
HealthWatcher* health_watcher;
|
498
|
-
if (it == map_.end()) {
|
499
|
-
auto w = MakeOrphanable<HealthWatcher>(std::move(subchannel),
|
500
|
-
health_check_service_name);
|
501
|
-
health_watcher = w.get();
|
502
|
-
map_.emplace(health_check_service_name, std::move(w));
|
503
|
-
} else {
|
504
|
-
health_watcher = it->second.get();
|
505
|
-
}
|
506
|
-
// Add the watcher to the entry.
|
507
|
-
health_watcher->AddWatcherLocked(std::move(watcher));
|
508
|
-
}
|
509
|
-
|
510
|
-
void Subchannel::HealthWatcherMap::RemoveWatcherLocked(
|
511
|
-
const std::string& health_check_service_name,
|
512
|
-
ConnectivityStateWatcherInterface* watcher) {
|
513
|
-
auto it = map_.find(health_check_service_name);
|
514
|
-
GPR_ASSERT(it != map_.end());
|
515
|
-
it->second->RemoveWatcherLocked(watcher);
|
516
|
-
// If we just removed the last watcher for this service name, remove
|
517
|
-
// the map entry.
|
518
|
-
if (!it->second->HasWatchers()) map_.erase(it);
|
519
|
-
}
|
520
|
-
|
521
|
-
void Subchannel::HealthWatcherMap::NotifyLocked(grpc_connectivity_state state,
|
522
|
-
const absl::Status& status) {
|
523
|
-
for (const auto& p : map_) {
|
524
|
-
p.second->NotifyLocked(state, status);
|
525
|
-
}
|
526
|
-
}
|
527
|
-
|
528
|
-
grpc_connectivity_state
|
529
|
-
Subchannel::HealthWatcherMap::CheckConnectivityStateLocked(
|
530
|
-
Subchannel* subchannel, const std::string& health_check_service_name) {
|
531
|
-
auto it = map_.find(health_check_service_name);
|
532
|
-
if (it == map_.end()) {
|
533
|
-
// If the health check service name is not found in the map, we're
|
534
|
-
// not currently doing a health check for that service name. If the
|
535
|
-
// subchannel's state without health checking is READY, report
|
536
|
-
// CONNECTING, since that's what we'd be in as soon as we do start a
|
537
|
-
// watch. Otherwise, report the channel's state without health checking.
|
538
|
-
return subchannel->state_ == GRPC_CHANNEL_READY ? GRPC_CHANNEL_CONNECTING
|
539
|
-
: subchannel->state_;
|
540
|
-
}
|
541
|
-
HealthWatcher* health_watcher = it->second.get();
|
542
|
-
return health_watcher->state();
|
543
|
-
}
|
544
|
-
|
545
|
-
void Subchannel::HealthWatcherMap::ShutdownLocked() { map_.clear(); }
|
546
|
-
|
547
377
|
//
|
548
378
|
// Subchannel
|
549
379
|
//
|
@@ -689,7 +519,6 @@ channelz::SubchannelNode* Subchannel::channelz_node() {
|
|
689
519
|
}
|
690
520
|
|
691
521
|
void Subchannel::WatchConnectivityState(
|
692
|
-
const absl::optional<std::string>& health_check_service_name,
|
693
522
|
RefCountedPtr<ConnectivityStateWatcherInterface> watcher) {
|
694
523
|
{
|
695
524
|
MutexLock lock(&mu_);
|
@@ -697,25 +526,18 @@ void Subchannel::WatchConnectivityState(
|
|
697
526
|
if (interested_parties != nullptr) {
|
698
527
|
grpc_pollset_set_add_pollset_set(pollset_set_, interested_parties);
|
699
528
|
}
|
700
|
-
|
701
|
-
|
702
|
-
|
703
|
-
|
704
|
-
|
705
|
-
|
706
|
-
watcher_list_.AddWatcherLocked(std::move(watcher));
|
707
|
-
} else {
|
708
|
-
health_watcher_map_.AddWatcherLocked(
|
709
|
-
WeakRef(DEBUG_LOCATION, "health_watcher"), *health_check_service_name,
|
710
|
-
std::move(watcher));
|
711
|
-
}
|
529
|
+
work_serializer_.Schedule(
|
530
|
+
[watcher = watcher->Ref(), state = state_, status = status_]() {
|
531
|
+
watcher->OnConnectivityStateChange(state, status);
|
532
|
+
},
|
533
|
+
DEBUG_LOCATION);
|
534
|
+
watcher_list_.AddWatcherLocked(std::move(watcher));
|
712
535
|
}
|
713
536
|
// Drain any connectivity state notifications after releasing the mutex.
|
714
537
|
work_serializer_.DrainQueue();
|
715
538
|
}
|
716
539
|
|
717
540
|
void Subchannel::CancelConnectivityStateWatch(
|
718
|
-
const absl::optional<std::string>& health_check_service_name,
|
719
541
|
ConnectivityStateWatcherInterface* watcher) {
|
720
542
|
{
|
721
543
|
MutexLock lock(&mu_);
|
@@ -723,12 +545,7 @@ void Subchannel::CancelConnectivityStateWatch(
|
|
723
545
|
if (interested_parties != nullptr) {
|
724
546
|
grpc_pollset_set_del_pollset_set(pollset_set_, interested_parties);
|
725
547
|
}
|
726
|
-
|
727
|
-
watcher_list_.RemoveWatcherLocked(watcher);
|
728
|
-
} else {
|
729
|
-
health_watcher_map_.RemoveWatcherLocked(*health_check_service_name,
|
730
|
-
watcher);
|
731
|
-
}
|
548
|
+
watcher_list_.RemoveWatcherLocked(watcher);
|
732
549
|
}
|
733
550
|
// Drain any connectivity state notifications after releasing the mutex.
|
734
551
|
// (Shouldn't actually be necessary in this case, but better safe than sorry.)
|
@@ -778,7 +595,6 @@ void Subchannel::Orphan() {
|
|
778
595
|
shutdown_ = true;
|
779
596
|
connector_.reset();
|
780
597
|
connected_subchannel_.reset();
|
781
|
-
health_watcher_map_.ShutdownLocked();
|
782
598
|
}
|
783
599
|
// Drain any connectivity state notifications after releasing the mutex.
|
784
600
|
work_serializer_.DrainQueue();
|
@@ -828,10 +644,8 @@ void Subchannel::SetConnectivityStateLocked(grpc_connectivity_state state,
|
|
828
644
|
ConnectivityStateName(state),
|
829
645
|
status.ok() ? "" : absl::StrCat(": ", status_.ToString()))));
|
830
646
|
}
|
831
|
-
// Notify
|
647
|
+
// Notify watchers.
|
832
648
|
watcher_list_.NotifyLocked(state, status_);
|
833
|
-
// Notify health watchers.
|
834
|
-
health_watcher_map_.NotifyLocked(state, status_);
|
835
649
|
}
|
836
650
|
|
837
651
|
void Subchannel::OnRetryTimer() {
|
@@ -24,11 +24,9 @@
|
|
24
24
|
#include <functional>
|
25
25
|
#include <map>
|
26
26
|
#include <memory>
|
27
|
-
#include <string>
|
28
27
|
|
29
28
|
#include "absl/base/thread_annotations.h"
|
30
29
|
#include "absl/status/status.h"
|
31
|
-
#include "absl/types/optional.h"
|
32
30
|
|
33
31
|
#include <grpc/event_engine/event_engine.h>
|
34
32
|
#include <grpc/impl/connectivity_state.h>
|
@@ -221,15 +219,13 @@ class Subchannel : public DualRefCounted<Subchannel> {
|
|
221
219
|
// The watcher will be destroyed either when the subchannel is
|
222
220
|
// destroyed or when CancelConnectivityStateWatch() is called.
|
223
221
|
void WatchConnectivityState(
|
224
|
-
const absl::optional<std::string>& health_check_service_name,
|
225
222
|
RefCountedPtr<ConnectivityStateWatcherInterface> watcher)
|
226
223
|
ABSL_LOCKS_EXCLUDED(mu_);
|
227
224
|
|
228
225
|
// Cancels a connectivity state watch.
|
229
226
|
// If the watcher has already been destroyed, this is a no-op.
|
230
|
-
void CancelConnectivityStateWatch(
|
231
|
-
|
232
|
-
ConnectivityStateWatcherInterface* watcher) ABSL_LOCKS_EXCLUDED(mu_);
|
227
|
+
void CancelConnectivityStateWatch(ConnectivityStateWatcherInterface* watcher)
|
228
|
+
ABSL_LOCKS_EXCLUDED(mu_);
|
233
229
|
|
234
230
|
RefCountedPtr<ConnectedSubchannel> connected_subchannel()
|
235
231
|
ABSL_LOCKS_EXCLUDED(mu_) {
|
@@ -296,40 +292,6 @@ class Subchannel : public DualRefCounted<Subchannel> {
|
|
296
292
|
watchers_;
|
297
293
|
};
|
298
294
|
|
299
|
-
// A map that tracks ConnectivityStateWatcherInterfaces using a particular
|
300
|
-
// health check service name.
|
301
|
-
//
|
302
|
-
// There is one entry in the map for each health check service name.
|
303
|
-
// Entries exist only as long as there are watchers using the
|
304
|
-
// corresponding service name.
|
305
|
-
//
|
306
|
-
// A health check client is maintained only while the subchannel is in
|
307
|
-
// state READY.
|
308
|
-
class HealthWatcherMap {
|
309
|
-
public:
|
310
|
-
void AddWatcherLocked(
|
311
|
-
WeakRefCountedPtr<Subchannel> subchannel,
|
312
|
-
const std::string& health_check_service_name,
|
313
|
-
RefCountedPtr<ConnectivityStateWatcherInterface> watcher);
|
314
|
-
void RemoveWatcherLocked(const std::string& health_check_service_name,
|
315
|
-
ConnectivityStateWatcherInterface* watcher);
|
316
|
-
|
317
|
-
// Notifies the watcher when the subchannel's state changes.
|
318
|
-
void NotifyLocked(grpc_connectivity_state state, const absl::Status& status)
|
319
|
-
ABSL_EXCLUSIVE_LOCKS_REQUIRED(&Subchannel::mu_);
|
320
|
-
|
321
|
-
grpc_connectivity_state CheckConnectivityStateLocked(
|
322
|
-
Subchannel* subchannel, const std::string& health_check_service_name)
|
323
|
-
ABSL_EXCLUSIVE_LOCKS_REQUIRED(&Subchannel::mu_);
|
324
|
-
|
325
|
-
void ShutdownLocked();
|
326
|
-
|
327
|
-
private:
|
328
|
-
class HealthWatcher;
|
329
|
-
|
330
|
-
std::map<std::string, OrphanablePtr<HealthWatcher>> map_;
|
331
|
-
};
|
332
|
-
|
333
295
|
class ConnectedSubchannelStateWatcher;
|
334
296
|
|
335
297
|
// Sets the subchannel's connectivity state to \a state.
|
@@ -382,10 +344,8 @@ class Subchannel : public DualRefCounted<Subchannel> {
|
|
382
344
|
// - TRANSIENT_FAILURE: connection attempt failed, retry timer pending
|
383
345
|
grpc_connectivity_state state_ ABSL_GUARDED_BY(mu_) = GRPC_CHANNEL_IDLE;
|
384
346
|
absl::Status status_ ABSL_GUARDED_BY(mu_);
|
385
|
-
// The list of
|
347
|
+
// The list of connectivity state watchers.
|
386
348
|
ConnectivityStateWatcherList watcher_list_ ABSL_GUARDED_BY(mu_);
|
387
|
-
// The map of watchers with health check service names.
|
388
|
-
HealthWatcherMap health_watcher_map_ ABSL_GUARDED_BY(mu_);
|
389
349
|
// Used for sending connectivity state notifications.
|
390
350
|
WorkSerializer work_serializer_;
|
391
351
|
|
@@ -49,7 +49,7 @@
|
|
49
49
|
#include "src/core/lib/promise/latch.h"
|
50
50
|
#include "src/core/lib/promise/pipe.h"
|
51
51
|
#include "src/core/lib/promise/poll.h"
|
52
|
-
#include "src/core/lib/promise/
|
52
|
+
#include "src/core/lib/promise/prioritized_race.h"
|
53
53
|
#include "src/core/lib/resource_quota/arena.h"
|
54
54
|
#include "src/core/lib/slice/slice_buffer.h"
|
55
55
|
#include "src/core/lib/surface/call.h"
|
@@ -273,8 +273,8 @@ ArenaPromise<ServerMetadataHandle> ClientCompressionFilter::MakeCallPromise(
|
|
273
273
|
return std::move(*r);
|
274
274
|
});
|
275
275
|
// Run the next filter, and race it with getting an error from decompression.
|
276
|
-
return
|
277
|
-
|
276
|
+
return PrioritizedRace(decompress_err->Wait(),
|
277
|
+
next_promise_factory(std::move(call_args)));
|
278
278
|
}
|
279
279
|
|
280
280
|
ArenaPromise<ServerMetadataHandle> ServerCompressionFilter::MakeCallPromise(
|
@@ -316,8 +316,8 @@ ArenaPromise<ServerMetadataHandle> ServerCompressionFilter::MakeCallPromise(
|
|
316
316
|
return CompressMessage(std::move(message), *compression_algorithm);
|
317
317
|
});
|
318
318
|
// Run the next filter, and race it with getting an error from decompression.
|
319
|
-
return
|
320
|
-
|
319
|
+
return PrioritizedRace(decompress_err->Wait(),
|
320
|
+
next_promise_factory(std::move(call_args)));
|
321
321
|
}
|
322
322
|
|
323
323
|
} // namespace grpc_core
|
@@ -20,21 +20,29 @@
|
|
20
20
|
|
21
21
|
#include <cstdint>
|
22
22
|
#include <map>
|
23
|
+
#include <memory>
|
23
24
|
#include <string>
|
24
25
|
|
25
26
|
#include "absl/status/status.h"
|
26
27
|
#include "absl/status/statusor.h"
|
28
|
+
#include "absl/strings/str_cat.h"
|
27
29
|
#include "absl/types/optional.h"
|
28
30
|
|
31
|
+
#include <grpc/grpc_audit_logging.h>
|
32
|
+
|
29
33
|
#include "src/core/lib/channel/channel_args.h"
|
30
34
|
#include "src/core/lib/json/json_args.h"
|
31
35
|
#include "src/core/lib/json/json_object_loader.h"
|
32
36
|
#include "src/core/lib/matchers/matchers.h"
|
37
|
+
#include "src/core/lib/security/authorization/audit_logging.h"
|
33
38
|
|
34
39
|
namespace grpc_core {
|
35
40
|
|
36
41
|
namespace {
|
37
42
|
|
43
|
+
using experimental::AuditLoggerFactory;
|
44
|
+
using experimental::AuditLoggerRegistry;
|
45
|
+
|
38
46
|
// RbacConfig: one or more RbacPolicy structs
|
39
47
|
struct RbacConfig {
|
40
48
|
// RbacPolicy: optional Rules
|
@@ -179,20 +187,40 @@ struct RbacConfig {
|
|
179
187
|
static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
|
180
188
|
};
|
181
189
|
|
190
|
+
// AuditLogger: the name of logger and its config in json
|
191
|
+
struct AuditLogger {
|
192
|
+
std::string name;
|
193
|
+
Json::Object config;
|
194
|
+
|
195
|
+
AuditLogger() = default;
|
196
|
+
AuditLogger(const AuditLogger&) = delete;
|
197
|
+
AuditLogger& operator=(const AuditLogger&) = delete;
|
198
|
+
AuditLogger(AuditLogger&&) = default;
|
199
|
+
AuditLogger& operator=(AuditLogger&&) = default;
|
200
|
+
|
201
|
+
static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
|
202
|
+
void JsonPostLoad(const Json&, const JsonArgs&,
|
203
|
+
ValidationErrors* errors);
|
204
|
+
};
|
205
|
+
|
182
206
|
int action;
|
183
207
|
std::map<std::string, Policy> policies;
|
208
|
+
// Defaults to kNone since its json field is optional.
|
209
|
+
Rbac::AuditCondition audit_condition = Rbac::AuditCondition::kNone;
|
210
|
+
std::vector<std::unique_ptr<AuditLoggerFactory::Config>> logger_configs;
|
184
211
|
|
185
|
-
Rules()
|
212
|
+
Rules() {}
|
186
213
|
Rules(const Rules&) = delete;
|
187
214
|
Rules& operator=(const Rules&) = delete;
|
188
215
|
Rules(Rules&&) = default;
|
189
216
|
Rules& operator=(Rules&&) = default;
|
190
217
|
|
191
|
-
Rbac TakeAsRbac();
|
218
|
+
Rbac TakeAsRbac(std::string name);
|
192
219
|
static const JsonLoaderInterface* JsonLoader(const JsonArgs&);
|
193
220
|
void JsonPostLoad(const Json&, const JsonArgs&, ValidationErrors* errors);
|
194
221
|
};
|
195
222
|
|
223
|
+
std::string name;
|
196
224
|
absl::optional<Rules> rules;
|
197
225
|
|
198
226
|
Rbac TakeAsRbac();
|
@@ -715,21 +743,51 @@ const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::Policy::JsonLoader(
|
|
715
743
|
return loader;
|
716
744
|
}
|
717
745
|
|
746
|
+
//
|
747
|
+
// RbacConfig::RbacPolicy::Rules::AuditLogger
|
748
|
+
//
|
749
|
+
|
750
|
+
const JsonLoaderInterface*
|
751
|
+
RbacConfig::RbacPolicy::Rules::AuditLogger::JsonLoader(const JsonArgs&) {
|
752
|
+
// All fields handled in JsonPostLoad().
|
753
|
+
static const auto* loader = JsonObjectLoader<AuditLogger>().Finish();
|
754
|
+
return loader;
|
755
|
+
}
|
756
|
+
|
757
|
+
void RbacConfig::RbacPolicy::Rules::AuditLogger::JsonPostLoad(
|
758
|
+
const Json& json, const JsonArgs& args, ValidationErrors* errors) {
|
759
|
+
// Should have exactly one field as the logger name.
|
760
|
+
if (json.object().size() != 1) {
|
761
|
+
errors->AddError("audit logger should have exactly one field");
|
762
|
+
return;
|
763
|
+
}
|
764
|
+
name = json.object().begin()->first;
|
765
|
+
auto config_or =
|
766
|
+
LoadJsonObjectField<Json::Object>(json.object(), args, name, errors);
|
767
|
+
if (config_or.has_value()) {
|
768
|
+
config = std::move(*config_or);
|
769
|
+
}
|
770
|
+
}
|
771
|
+
|
718
772
|
//
|
719
773
|
// RbacConfig::RbacPolicy::Rules
|
720
774
|
//
|
721
775
|
|
722
|
-
Rbac RbacConfig::RbacPolicy::Rules::TakeAsRbac() {
|
776
|
+
Rbac RbacConfig::RbacPolicy::Rules::TakeAsRbac(std::string name) {
|
723
777
|
Rbac rbac;
|
778
|
+
rbac.name = std::move(name);
|
724
779
|
rbac.action = static_cast<Rbac::Action>(action);
|
780
|
+
rbac.audit_condition = audit_condition;
|
725
781
|
for (auto& p : policies) {
|
726
782
|
rbac.policies.emplace(p.first, p.second.TakeAsRbacPolicy());
|
727
783
|
}
|
784
|
+
rbac.logger_configs = std::move(logger_configs);
|
728
785
|
return rbac;
|
729
786
|
}
|
730
787
|
|
731
788
|
const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::JsonLoader(
|
732
789
|
const JsonArgs&) {
|
790
|
+
// Audit logger configs handled in post load.
|
733
791
|
static const auto* loader = JsonObjectLoader<Rules>()
|
734
792
|
.Field("action", &Rules::action)
|
735
793
|
.OptionalField("policies", &Rules::policies)
|
@@ -737,7 +795,8 @@ const JsonLoaderInterface* RbacConfig::RbacPolicy::Rules::JsonLoader(
|
|
737
795
|
return loader;
|
738
796
|
}
|
739
797
|
|
740
|
-
void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json
|
798
|
+
void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json& json,
|
799
|
+
const JsonArgs& args,
|
741
800
|
ValidationErrors* errors) {
|
742
801
|
// Validate action field.
|
743
802
|
auto rbac_action = static_cast<Rbac::Action>(action);
|
@@ -746,6 +805,40 @@ void RbacConfig::RbacPolicy::Rules::JsonPostLoad(const Json&, const JsonArgs&,
|
|
746
805
|
ValidationErrors::ScopedField field(errors, ".action");
|
747
806
|
errors->AddError("unknown action");
|
748
807
|
}
|
808
|
+
// Parse and validate audit_condition field.
|
809
|
+
auto condition = LoadJsonObjectField<int>(json.object(), args,
|
810
|
+
"audit_condition", errors, false);
|
811
|
+
if (condition.has_value()) {
|
812
|
+
switch (*condition) {
|
813
|
+
case static_cast<int>(Rbac::AuditCondition::kNone):
|
814
|
+
case static_cast<int>(Rbac::AuditCondition::kOnAllow):
|
815
|
+
case static_cast<int>(Rbac::AuditCondition::kOnDeny):
|
816
|
+
case static_cast<int>(Rbac::AuditCondition::kOnDenyAndAllow):
|
817
|
+
audit_condition = static_cast<Rbac::AuditCondition>(*condition);
|
818
|
+
break;
|
819
|
+
default: {
|
820
|
+
ValidationErrors::ScopedField field(errors, ".audit_condition");
|
821
|
+
errors->AddError("unknown audit condition");
|
822
|
+
}
|
823
|
+
}
|
824
|
+
}
|
825
|
+
// Parse and validate audit logger configs.
|
826
|
+
auto configs = LoadJsonObjectField<std::vector<AuditLogger>>(
|
827
|
+
json.object(), args, "audit_loggers", errors, false);
|
828
|
+
if (configs.has_value()) {
|
829
|
+
for (size_t i = 0; i < configs->size(); ++i) {
|
830
|
+
auto& logger = (*configs)[i];
|
831
|
+
auto config = AuditLoggerRegistry::ParseConfig(
|
832
|
+
logger.name, Json::FromObject(std::move(logger.config)));
|
833
|
+
if (!config.ok()) {
|
834
|
+
ValidationErrors::ScopedField field(
|
835
|
+
errors, absl::StrCat(".audit_loggers[", i, "]"));
|
836
|
+
errors->AddError(config.status().message());
|
837
|
+
continue;
|
838
|
+
}
|
839
|
+
logger_configs.push_back(std::move(*config));
|
840
|
+
}
|
841
|
+
}
|
749
842
|
}
|
750
843
|
|
751
844
|
//
|
@@ -756,14 +849,15 @@ Rbac RbacConfig::RbacPolicy::TakeAsRbac() {
|
|
756
849
|
if (!rules.has_value()) {
|
757
850
|
// No enforcing to be applied. An empty deny policy with an empty map
|
758
851
|
// is equivalent to no enforcing.
|
759
|
-
return Rbac(Rbac::Action::kDeny, {});
|
852
|
+
return Rbac(std::move(name), Rbac::Action::kDeny, {});
|
760
853
|
}
|
761
|
-
return rules->TakeAsRbac();
|
854
|
+
return rules->TakeAsRbac(std::move(name));
|
762
855
|
}
|
763
856
|
|
764
857
|
const JsonLoaderInterface* RbacConfig::RbacPolicy::JsonLoader(const JsonArgs&) {
|
765
858
|
static const auto* loader = JsonObjectLoader<RbacPolicy>()
|
766
859
|
.OptionalField("rules", &RbacPolicy::rules)
|
860
|
+
.Field("filter_name", &RbacPolicy::name)
|
767
861
|
.Finish();
|
768
862
|
return loader;
|
769
863
|
}
|
@@ -38,6 +38,7 @@
|
|
38
38
|
#include "src/core/lib/promise/context.h"
|
39
39
|
#include "src/core/lib/promise/promise.h"
|
40
40
|
#include "src/core/lib/resource_quota/arena.h"
|
41
|
+
#include "src/core/lib/service_config/service_config.h"
|
41
42
|
#include "src/core/lib/service_config/service_config_call_data.h"
|
42
43
|
#include "src/core/lib/transport/transport.h"
|
43
44
|
|
@@ -139,14 +140,11 @@ ArenaPromise<ServerMetadataHandle> ServerConfigSelectorFilter::MakeCallPromise(
|
|
139
140
|
absl::UnavailableError(StatusToString(call_config.status()))));
|
140
141
|
return std::move(r);
|
141
142
|
}
|
142
|
-
auto
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
ctx.destroy = [](void* p) {
|
148
|
-
static_cast<ServiceConfigCallData*>(p)->~ServiceConfigCallData();
|
149
|
-
};
|
143
|
+
auto* service_config_call_data =
|
144
|
+
GetContext<Arena>()->New<ServiceConfigCallData>(
|
145
|
+
GetContext<Arena>(), GetContext<grpc_call_context_element>());
|
146
|
+
service_config_call_data->SetServiceConfig(
|
147
|
+
std::move(call_config->service_config), call_config->method_configs);
|
150
148
|
return next_promise_factory(std::move(call_args));
|
151
149
|
}
|
152
150
|
|
@@ -59,7 +59,7 @@ namespace grpc_core {
|
|
59
59
|
|
60
60
|
TraceFlag grpc_stateful_session_filter_trace(false, "stateful_session_filter");
|
61
61
|
|
62
|
-
UniqueTypeName
|
62
|
+
UniqueTypeName XdsOverrideHostAttribute::TypeName() {
|
63
63
|
static UniqueTypeName::Factory kFactory("xds_override_host");
|
64
64
|
return kFactory.Create();
|
65
65
|
}
|
@@ -160,8 +160,8 @@ ArenaPromise<ServerMetadataHandle> StatefulSessionFilter::MakeCallPromise(
|
|
160
160
|
}
|
161
161
|
// We have a valid cookie, so add the call attribute to be used by the
|
162
162
|
// xds_override_host LB policy.
|
163
|
-
service_config_call_data->SetCallAttribute(
|
164
|
-
|
163
|
+
service_config_call_data->SetCallAttribute(
|
164
|
+
GetContext<Arena>()->New<XdsOverrideHostAttribute>(*cookie_value));
|
165
165
|
}
|
166
166
|
// Intercept server initial metadata.
|
167
167
|
call_args.server_initial_metadata->InterceptAndMap(
|
@@ -30,11 +30,26 @@
|
|
30
30
|
#include "src/core/lib/channel/promise_based_filter.h"
|
31
31
|
#include "src/core/lib/gprpp/unique_type_name.h"
|
32
32
|
#include "src/core/lib/promise/arena_promise.h"
|
33
|
+
#include "src/core/lib/service_config/service_config_call_data.h"
|
33
34
|
#include "src/core/lib/transport/transport.h"
|
34
35
|
|
35
36
|
namespace grpc_core {
|
36
37
|
|
37
|
-
|
38
|
+
class XdsOverrideHostAttribute
|
39
|
+
: public ServiceConfigCallData::CallAttributeInterface {
|
40
|
+
public:
|
41
|
+
static UniqueTypeName TypeName();
|
42
|
+
|
43
|
+
explicit XdsOverrideHostAttribute(absl::string_view host_name)
|
44
|
+
: host_name_(host_name) {}
|
45
|
+
|
46
|
+
absl::string_view host_name() const { return host_name_; }
|
47
|
+
|
48
|
+
private:
|
49
|
+
UniqueTypeName type() const override { return TypeName(); }
|
50
|
+
|
51
|
+
absl::string_view host_name_;
|
52
|
+
};
|
38
53
|
|
39
54
|
// A filter to provide cookie-based stateful session affinity.
|
40
55
|
class StatefulSessionFilter : public ChannelFilter {
|