grpc 1.62.0 → 1.65.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +497 -2042
- data/include/grpc/byte_buffer.h +1 -2
- data/include/grpc/census.h +1 -2
- data/include/grpc/compression.h +1 -2
- data/include/grpc/credentials.h +1222 -0
- data/include/grpc/event_engine/endpoint_config.h +2 -2
- data/include/grpc/event_engine/event_engine.h +17 -8
- data/include/grpc/event_engine/extensible.h +2 -2
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +1 -2
- data/include/grpc/event_engine/memory_allocator.h +1 -2
- data/include/grpc/event_engine/memory_request.h +2 -2
- data/include/grpc/event_engine/slice.h +1 -2
- data/include/grpc/event_engine/slice_buffer.h +1 -2
- data/include/grpc/grpc.h +8 -8
- data/include/grpc/grpc_audit_logging.h +1 -2
- data/include/grpc/grpc_crl_provider.h +3 -2
- data/include/grpc/grpc_cronet.h +1 -2
- data/include/grpc/grpc_posix.h +1 -2
- data/include/grpc/grpc_security.h +1 -1173
- data/include/grpc/impl/call.h +1 -2
- data/include/grpc/impl/channel_arg_names.h +11 -6
- data/include/grpc/impl/grpc_types.h +1 -2
- data/include/grpc/impl/slice_type.h +2 -2
- data/include/grpc/module.modulemap +3 -0
- data/include/grpc/passive_listener.h +62 -0
- data/include/grpc/slice.h +1 -2
- data/include/grpc/slice_buffer.h +1 -2
- data/include/grpc/support/alloc.h +2 -2
- data/include/grpc/support/json.h +2 -2
- data/include/grpc/support/log.h +9 -19
- data/include/grpc/support/metrics.h +51 -0
- data/include/grpc/support/port_platform.h +3 -0
- data/include/grpc/support/string_util.h +0 -1
- data/include/grpc/support/sync.h +0 -1
- data/include/grpc/support/sync_abseil.h +0 -1
- data/include/grpc/support/sync_custom.h +0 -1
- data/include/grpc/support/sync_generic.h +1 -2
- data/include/grpc/support/sync_posix.h +1 -2
- data/include/grpc/support/time.h +2 -2
- data/src/core/{lib/channel → channelz}/channel_trace.cc +57 -63
- data/src/core/{lib/channel → channelz}/channel_trace.h +22 -20
- data/src/core/{lib/channel → channelz}/channelz.cc +71 -9
- data/src/core/{lib/channel → channelz}/channelz.h +61 -19
- data/src/core/{lib/channel → channelz}/channelz_registry.cc +11 -9
- data/src/core/{lib/channel → channelz}/channelz_registry.h +7 -7
- data/src/core/client_channel/backup_poller.cc +4 -5
- data/src/core/client_channel/client_channel.cc +1324 -0
- data/src/core/client_channel/client_channel.h +243 -0
- data/src/core/client_channel/client_channel_filter.cc +354 -791
- data/src/core/client_channel/client_channel_filter.h +18 -81
- data/src/core/client_channel/client_channel_internal.h +20 -8
- data/src/core/client_channel/client_channel_plugin.cc +1 -14
- data/src/core/client_channel/client_channel_service_config.h +8 -7
- data/src/core/client_channel/config_selector.cc +1 -1
- data/src/core/client_channel/config_selector.h +6 -5
- data/src/core/client_channel/connector.h +1 -1
- data/src/core/client_channel/dynamic_filters.cc +6 -5
- data/src/core/client_channel/dynamic_filters.h +2 -4
- data/src/core/client_channel/load_balanced_call_destination.cc +336 -0
- data/src/core/client_channel/load_balanced_call_destination.h +49 -0
- data/src/core/client_channel/local_subchannel_pool.cc +5 -3
- data/src/core/client_channel/retry_filter.cc +3 -10
- data/src/core/client_channel/retry_filter.h +6 -10
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +71 -77
- data/src/core/client_channel/retry_filter_legacy_call_data.h +9 -11
- data/src/core/client_channel/retry_service_config.cc +4 -5
- data/src/core/client_channel/retry_service_config.h +6 -6
- data/src/core/client_channel/retry_throttle.h +3 -2
- data/src/core/client_channel/subchannel.cc +233 -124
- data/src/core/client_channel/subchannel.h +36 -24
- data/src/core/client_channel/subchannel_pool_interface.cc +0 -2
- data/src/core/client_channel/subchannel_pool_interface.h +3 -5
- data/src/core/client_channel/subchannel_stream_client.cc +41 -56
- data/src/core/client_channel/subchannel_stream_client.h +4 -6
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +14 -62
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +3 -14
- data/src/core/ext/filters/backend_metrics/backend_metric_provider.h +7 -0
- data/src/core/ext/filters/census/grpc_context.cc +2 -4
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +20 -25
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +12 -11
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +11 -16
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +5 -4
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +3 -3
- data/src/core/ext/filters/http/client/http_client_filter.cc +6 -4
- data/src/core/ext/filters/http/client/http_client_filter.h +6 -5
- data/src/core/ext/filters/http/client_authority_filter.cc +5 -3
- data/src/core/ext/filters/http/client_authority_filter.h +6 -4
- data/src/core/ext/filters/http/http_filters_plugin.cc +15 -35
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +27 -30
- data/src/core/ext/filters/http/message_compress/compression_filter.h +12 -9
- data/src/core/ext/filters/http/server/http_server_filter.cc +5 -5
- data/src/core/ext/filters/http/server/http_server_filter.h +6 -5
- data/src/core/ext/filters/message_size/message_size_filter.cc +30 -37
- data/src/core/ext/filters/message_size/message_size_filter.h +14 -12
- data/src/core/ext/filters/rbac/rbac_filter.cc +7 -12
- data/src/core/ext/filters/rbac/rbac_filter.h +6 -5
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +4 -4
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +1 -1
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +14 -18
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +4 -2
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +3 -3
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +5 -4
- data/src/core/ext/transport/chttp2/alpn/alpn.h +2 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +22 -44
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -8
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +266 -154
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +36 -3
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +204 -228
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +33 -15
- data/src/core/ext/transport/chttp2/transport/context_list_entry.h +16 -13
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +6 -8
- data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -6
- data/src/core/ext/transport/chttp2/transport/frame.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +7 -9
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +4 -5
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +10 -7
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -2
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +9 -7
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +10 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +3 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +30 -80
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +8 -13
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +3 -3
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +33 -23
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/parsing.cc +34 -49
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -2
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +3 -5
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +1 -4
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +30 -15
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +7 -6
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +10 -11
- data/src/core/ext/transport/chttp2/transport/varint.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.h +4 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +91 -76
- data/src/core/ext/transport/inproc/inproc_transport.cc +65 -39
- data/src/core/ext/transport/inproc/inproc_transport.h +2 -5
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +29 -31
- data/src/core/ext/transport/inproc/legacy_inproc_transport.h +1 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +243 -230
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.c +42 -48
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +289 -265
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +62 -70
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb.h +238 -226
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.c +42 -50
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +937 -882
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +182 -208
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb.h +77 -76
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb.h +86 -84
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.c +13 -13
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb.h +49 -42
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.c +13 -13
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +28 -24
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb.h +28 -24
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +357 -318
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +86 -86
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb.h +23 -20
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.c +5 -7
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb.h +40 -32
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb.h +24 -20
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +517 -473
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +105 -125
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +1207 -1108
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +261 -289
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +163 -152
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +29 -43
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +1265 -1137
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +276 -346
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +32 -28
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +7 -9
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +212 -188
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +53 -69
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +564 -508
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +123 -131
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +340 -309
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +69 -83
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb.h +25 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.c +5 -11
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +786 -688
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +171 -189
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +367 -343
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +72 -80
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +19 -16
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb.h +23 -20
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.c +5 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb.h +77 -76
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +539 -471
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +125 -141
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +672 -632
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +137 -137
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +44 -43
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +35 -30
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +713 -637
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +166 -208
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb.h +65 -61
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.c +10 -12
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb.h +65 -61
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.c +11 -13
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +91 -83
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +17 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +102 -93
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +22 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb.h +25 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.c +5 -11
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +162 -145
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +32 -40
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +314 -287
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +70 -74
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +330 -309
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +66 -66
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb.h +16 -14
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.c +3 -7
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +516 -478
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +110 -120
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +495 -468
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +89 -101
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +88 -78
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +19 -37
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb.h +41 -36
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.c +8 -26
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +46 -40
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +13 -13
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +307 -279
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +60 -64
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +382 -358
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.c +70 -70
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +540 -490
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +122 -136
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +339 -327
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +48 -70
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +3407 -3145
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +700 -752
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +100 -91
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +20 -20
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +472 -430
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +102 -116
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb.h +28 -24
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +23 -20
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +5 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +42 -36
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.c +9 -13
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb.h +58 -55
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.c +9 -13
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +146 -136
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +30 -30
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +69 -65
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +15 -15
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb.h +16 -14
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.c +3 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +67 -58
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +14 -24
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +64 -56
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +14 -20
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +58 -50
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +16 -16
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +986 -832
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +269 -281
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +35 -35
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +102 -88
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.c +25 -25
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +224 -204
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +46 -62
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +66 -58
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +14 -24
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +160 -153
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +28 -30
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +51 -44
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +12 -12
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1349 -1230
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +293 -309
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +16 -14
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.c +3 -7
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +61 -54
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -23
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +124 -108
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +29 -37
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +14 -12
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +66 -58
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +20 -20
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +16 -14
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.c +3 -7
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +518 -493
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +82 -108
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +92 -80
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.c +23 -29
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +497 -457
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +110 -124
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +58 -55
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +9 -11
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +206 -185
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +48 -64
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb.h +7 -6
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +766 -710
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +140 -150
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +102 -98
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +17 -17
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +310 -288
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +67 -67
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +30 -26
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +77 -71
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.c +13 -13
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +26 -22
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb.h +70 -60
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.c +15 -15
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +77 -71
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +14 -14
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb.h +44 -43
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +28 -24
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +19 -16
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +65 -56
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +15 -19
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb.h +14 -12
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +97 -89
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.c +18 -18
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +63 -59
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.c +10 -10
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +134 -121
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +29 -29
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +135 -121
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.c +26 -26
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +141 -122
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +37 -37
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +49 -42
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.c +11 -11
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb.h +14 -12
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb.h +35 -30
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb.h +63 -54
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.c +15 -15
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +58 -50
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.c +14 -14
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb.h +28 -24
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb.h +32 -28
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.c +7 -9
- data/src/core/ext/upb-gen/google/api/annotations.upb.h +10 -8
- data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +581 -524
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +118 -146
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +616 -544
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +136 -152
- data/src/core/ext/upb-gen/google/api/http.upb.h +176 -162
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +34 -34
- data/src/core/ext/upb-gen/google/api/httpbody.upb.h +49 -47
- data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/google/protobuf/any.upb.h +21 -18
- data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.c +5 -5
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +2456 -2358
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +367 -486
- data/src/core/ext/upb-gen/google/protobuf/duration.upb.h +21 -18
- data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.c +5 -5
- data/src/core/ext/upb-gen/google/protobuf/empty.upb.h +7 -6
- data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +134 -116
- data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.c +27 -29
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb.h +21 -18
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.c +5 -5
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb.h +126 -108
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.c +27 -27
- data/src/core/ext/upb-gen/google/rpc/status.upb.h +49 -47
- data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +107 -92
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +27 -27
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +77 -61
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.c +21 -21
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +577 -518
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +121 -127
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +46 -40
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +10 -16
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb.h +28 -24
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +265 -238
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +57 -63
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +96 -82
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +19 -19
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +496 -466
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +81 -85
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb.h +99 -82
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.c +16 -16
- data/src/core/ext/upb-gen/udpa/annotations/security.upb.h +31 -26
- data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb.h +10 -8
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/udpa/annotations/status.upb.h +31 -26
- data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb.h +24 -20
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/validate/validate.upb.h +2620 -2458
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +363 -507
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb.h +99 -82
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.c +16 -16
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb.h +31 -26
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb.h +10 -8
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb.h +93 -78
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.c +17 -17
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb.h +24 -20
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb.h +14 -12
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb.h +23 -20
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.c +5 -7
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +58 -50
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.c +15 -15
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +33 -23
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb.h +23 -20
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.c +5 -7
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +32 -28
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +103 -93
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +21 -21
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb.h +37 -32
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.c +9 -13
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +127 -93
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.c +34 -34
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb.h +44 -43
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +23 -20
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb.h +79 -78
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.c +9 -11
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb.h +7 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +86 -84
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +13 -13
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +324 -285
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +74 -82
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb.h +237 -234
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.c +30 -36
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +33 -28
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +97 -89
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.c +18 -18
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +53 -46
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.c +12 -18
- data/src/core/ext/upb-gen/xds/type/v3/range.upb.h +63 -54
- data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.c +15 -15
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb.h +23 -20
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.c +5 -7
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +385 -384
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +2 -5
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +2 -5
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.cc +80 -0
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.h +37 -0
- data/src/core/{lib/transport → handshaker}/handshaker.cc +14 -20
- data/src/core/{lib/transport → handshaker}/handshaker.h +4 -5
- data/src/core/{lib/transport → handshaker}/handshaker_factory.h +20 -5
- data/src/core/{lib/transport → handshaker}/handshaker_registry.cc +3 -3
- data/src/core/{lib/transport → handshaker}/handshaker_registry.h +6 -6
- data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.cc +16 -25
- data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.h +3 -3
- data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.cc +12 -12
- data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.h +7 -7
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper.h +5 -5
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.cc +3 -3
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.h +6 -6
- data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.cc +42 -36
- data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.h +4 -7
- data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.cc +52 -55
- data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.h +8 -7
- data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.cc +10 -9
- data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.h +3 -3
- data/src/core/lib/address_utils/parse_address.cc +38 -41
- data/src/core/lib/address_utils/parse_address.h +2 -2
- data/src/core/lib/address_utils/sockaddr_utils.cc +28 -16
- data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
- data/src/core/lib/avl/avl.h +3 -3
- data/src/core/lib/backoff/backoff.cc +2 -2
- data/src/core/lib/backoff/backoff.h +2 -2
- data/src/core/lib/backoff/random_early_detection.cc +2 -2
- data/src/core/lib/backoff/random_early_detection.h +2 -2
- data/src/core/lib/channel/call_finalization.h +3 -3
- data/src/core/lib/channel/channel_args.cc +17 -21
- data/src/core/lib/channel/channel_args.h +20 -10
- data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
- data/src/core/lib/channel/channel_args_preconditioning.h +1 -2
- data/src/core/lib/channel/channel_stack.cc +20 -68
- data/src/core/lib/channel/channel_stack.h +18 -38
- data/src/core/lib/channel/channel_stack_builder.cc +2 -2
- data/src/core/lib/channel/channel_stack_builder.h +2 -7
- data/src/core/lib/channel/channel_stack_builder_impl.cc +17 -26
- data/src/core/lib/channel/channel_stack_builder_impl.h +2 -4
- data/src/core/lib/channel/connected_channel.cc +40 -697
- data/src/core/lib/channel/promise_based_filter.cc +111 -122
- data/src/core/lib/channel/promise_based_filter.h +224 -480
- data/src/core/lib/channel/status_util.cc +3 -3
- data/src/core/lib/channel/status_util.h +1 -2
- data/src/core/lib/compression/compression.cc +2 -3
- data/src/core/lib/compression/compression_internal.cc +36 -3
- data/src/core/lib/compression/compression_internal.h +4 -2
- data/src/core/lib/compression/message_compress.cc +15 -14
- data/src/core/lib/compression/message_compress.h +1 -2
- data/src/core/lib/config/config_vars.cc +4 -7
- data/src/core/lib/config/config_vars.h +3 -3
- data/src/core/lib/config/config_vars_non_generated.cc +2 -2
- data/src/core/lib/config/core_configuration.cc +9 -8
- data/src/core/lib/config/core_configuration.h +8 -8
- data/src/core/lib/config/load_config.cc +4 -4
- data/src/core/lib/config/load_config.h +2 -2
- data/src/core/lib/debug/event_log.cc +3 -3
- data/src/core/lib/debug/event_log.h +3 -3
- data/src/core/lib/debug/trace.cc +44 -61
- data/src/core/lib/debug/trace.h +2 -97
- data/src/core/lib/debug/trace_flags.cc +255 -0
- data/src/core/lib/debug/trace_flags.h +133 -0
- data/src/core/lib/debug/trace_impl.h +115 -0
- data/src/core/lib/event_engine/ares_resolver.cc +23 -26
- data/src/core/lib/event_engine/ares_resolver.h +3 -5
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +4 -2
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +3 -3
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +19 -23
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -1
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +1 -2
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +1 -2
- data/src/core/lib/event_engine/common_closures.h +1 -2
- data/src/core/lib/event_engine/default_event_engine.cc +1 -2
- data/src/core/lib/event_engine/default_event_engine.h +1 -8
- data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -2
- data/src/core/lib/event_engine/default_event_engine_factory.h +1 -2
- data/src/core/lib/event_engine/event_engine.cc +29 -5
- data/src/core/lib/event_engine/event_engine_context.h +30 -0
- data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -2
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +65 -0
- data/src/core/lib/event_engine/extensions/supports_fd.h +8 -2
- data/src/core/lib/event_engine/extensions/tcp_trace.h +43 -0
- data/src/core/lib/event_engine/forkable.cc +11 -11
- data/src/core/lib/event_engine/forkable.h +1 -13
- data/src/core/lib/event_engine/grpc_polled_fd.h +1 -2
- data/src/core/lib/event_engine/handle_containers.h +1 -2
- data/src/core/lib/event_engine/memory_allocator_factory.h +1 -2
- data/src/core/lib/event_engine/poller.h +1 -2
- data/src/core/lib/event_engine/posix.h +9 -2
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +19 -19
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +1 -2
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +11 -11
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +1 -2
- data/src/core/lib/event_engine/posix_engine/event_poller.h +1 -2
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -2
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +1 -2
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +5 -5
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -2
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +3 -3
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +1 -1
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -2
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +43 -58
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +14 -13
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +34 -17
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +3 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +18 -19
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +25 -28
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +1 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +26 -20
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +3 -3
- data/src/core/lib/event_engine/posix_engine/timer.cc +2 -3
- data/src/core/lib/event_engine/posix_engine/timer.h +1 -2
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -2
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +9 -11
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -2
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +3 -3
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +1 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -2
- data/src/core/lib/event_engine/query_extensions.h +3 -2
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +1 -2
- data/src/core/lib/event_engine/resolved_address.cc +5 -4
- data/src/core/lib/event_engine/resolved_address_internal.h +1 -2
- data/src/core/lib/event_engine/shim.cc +3 -3
- data/src/core/lib/event_engine/slice.cc +4 -3
- data/src/core/lib/event_engine/slice_buffer.cc +1 -2
- data/src/core/lib/event_engine/tcp_socket_utils.cc +26 -17
- data/src/core/lib/event_engine/tcp_socket_utils.h +3 -4
- data/src/core/lib/event_engine/thread_local.cc +2 -2
- data/src/core/lib/event_engine/thread_local.h +1 -1
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +1 -2
- data/src/core/lib/event_engine/thread_pool/thread_count.h +2 -3
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +1 -2
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -2
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +25 -28
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +4 -8
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +16 -15
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +5 -5
- data/src/core/lib/event_engine/time_util.cc +1 -2
- data/src/core/lib/event_engine/time_util.h +1 -2
- data/src/core/lib/event_engine/trace.h +7 -19
- data/src/core/lib/event_engine/utils.cc +1 -2
- data/src/core/lib/event_engine/utils.h +1 -2
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +31 -30
- data/src/core/lib/event_engine/windows/iocp.cc +10 -8
- data/src/core/lib/event_engine/windows/iocp.h +1 -1
- data/src/core/lib/event_engine/windows/win_socket.cc +34 -22
- data/src/core/lib/event_engine/windows/win_socket.h +7 -5
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +19 -21
- data/src/core/lib/event_engine/windows/windows_engine.cc +225 -77
- data/src/core/lib/event_engine/windows/windows_engine.h +136 -25
- data/src/core/lib/event_engine/windows/windows_listener.cc +73 -35
- data/src/core/lib/event_engine/windows/windows_listener.h +14 -0
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -2
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +1 -2
- data/src/core/lib/event_engine/work_queue/work_queue.h +1 -2
- data/src/core/lib/experiments/config.cc +66 -48
- data/src/core/lib/experiments/config.h +2 -2
- data/src/core/lib/experiments/experiments.cc +55 -375
- data/src/core/lib/experiments/experiments.h +36 -168
- data/src/core/lib/gprpp/atomic_utils.h +2 -2
- data/src/core/lib/gprpp/bitset.h +3 -3
- data/src/core/lib/gprpp/chunked_vector.h +6 -5
- data/src/core/lib/gprpp/construct_destruct.h +2 -2
- data/src/core/lib/gprpp/crash.cc +3 -5
- data/src/core/lib/gprpp/crash.h +2 -2
- data/src/core/lib/gprpp/debug_location.h +2 -2
- data/src/core/lib/gprpp/directory_reader.h +2 -2
- data/src/core/lib/gprpp/down_cast.h +7 -7
- data/src/core/lib/gprpp/dual_ref_counted.h +69 -48
- data/src/core/lib/gprpp/dump_args.cc +54 -0
- data/src/core/lib/gprpp/dump_args.h +69 -0
- data/src/core/lib/gprpp/env.h +2 -2
- data/src/core/lib/gprpp/examine_stack.cc +2 -2
- data/src/core/lib/gprpp/examine_stack.h +2 -2
- data/src/core/lib/gprpp/fork.cc +1 -2
- data/src/core/lib/gprpp/fork.h +2 -2
- data/src/core/lib/gprpp/glob.cc +70 -0
- data/src/core/lib/gprpp/glob.h +29 -0
- data/src/core/lib/gprpp/host_port.cc +6 -4
- data/src/core/lib/gprpp/host_port.h +2 -2
- data/src/core/lib/gprpp/linux/env.cc +2 -2
- data/src/core/lib/gprpp/load_file.cc +4 -3
- data/src/core/lib/gprpp/load_file.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +2 -2
- data/src/core/lib/gprpp/match.h +2 -2
- data/src/core/lib/gprpp/memory.h +1 -2
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/mpscq.h +5 -4
- data/src/core/lib/gprpp/no_destruct.h +2 -2
- data/src/core/lib/gprpp/notification.h +2 -2
- data/src/core/lib/gprpp/orphanable.h +7 -4
- data/src/core/lib/gprpp/overload.h +2 -2
- data/src/core/lib/gprpp/per_cpu.cc +2 -3
- data/src/core/lib/gprpp/per_cpu.h +1 -2
- data/src/core/lib/gprpp/posix/directory_reader.cc +2 -2
- data/src/core/lib/gprpp/posix/stat.cc +8 -7
- data/src/core/lib/gprpp/posix/thd.cc +18 -19
- data/src/core/lib/gprpp/ref_counted.h +40 -28
- data/src/core/lib/gprpp/ref_counted_ptr.h +4 -3
- data/src/core/lib/gprpp/ref_counted_string.cc +1 -2
- data/src/core/lib/gprpp/ref_counted_string.h +2 -2
- data/src/core/lib/gprpp/single_set_ptr.h +9 -6
- data/src/core/lib/gprpp/sorted_pack.h +2 -2
- data/src/core/lib/gprpp/stat.h +2 -2
- data/src/core/lib/gprpp/status_helper.cc +14 -33
- data/src/core/lib/gprpp/status_helper.h +5 -33
- data/src/core/lib/gprpp/strerror.cc +2 -2
- data/src/core/lib/gprpp/strerror.h +2 -2
- data/src/core/lib/gprpp/sync.h +5 -5
- data/src/core/lib/gprpp/table.h +2 -2
- data/src/core/lib/gprpp/tchar.cc +2 -2
- data/src/core/lib/gprpp/thd.h +7 -7
- data/src/core/lib/gprpp/time.cc +9 -10
- data/src/core/lib/gprpp/time.h +10 -4
- data/src/core/lib/gprpp/time_averaged_stats.cc +2 -2
- data/src/core/lib/gprpp/time_util.cc +5 -4
- data/src/core/lib/gprpp/time_util.h +1 -2
- data/src/core/lib/gprpp/unique_type_name.h +3 -3
- data/src/core/lib/gprpp/uuid_v4.cc +37 -0
- data/src/core/{resolver/xds/xds_resolver_trace.h → lib/gprpp/uuid_v4.h} +13 -7
- data/src/core/lib/gprpp/validation_errors.cc +12 -3
- data/src/core/lib/gprpp/validation_errors.h +13 -2
- data/src/core/lib/gprpp/windows/stat.cc +6 -5
- data/src/core/lib/gprpp/windows/thd.cc +7 -4
- data/src/core/lib/gprpp/work_serializer.cc +53 -62
- data/src/core/lib/gprpp/work_serializer.h +1 -2
- data/src/core/lib/iomgr/buffer_list.cc +5 -4
- data/src/core/lib/iomgr/buffer_list.h +1 -2
- data/src/core/lib/iomgr/call_combiner.cc +23 -31
- data/src/core/lib/iomgr/call_combiner.h +2 -5
- data/src/core/lib/iomgr/cfstream_handle.cc +4 -6
- data/src/core/lib/iomgr/closure.cc +2 -2
- data/src/core/lib/iomgr/closure.h +6 -7
- data/src/core/lib/iomgr/combiner.cc +13 -14
- data/src/core/lib/iomgr/combiner.h +1 -4
- data/src/core/lib/iomgr/endpoint.cc +1 -7
- data/src/core/lib/iomgr/endpoint.h +1 -4
- data/src/core/lib/iomgr/endpoint_cfstream.cc +26 -46
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +6 -5
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +15 -15
- data/src/core/lib/iomgr/error.cc +16 -24
- data/src/core/lib/iomgr/error.h +4 -4
- data/src/core/lib/iomgr/ev_apple.cc +3 -5
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +58 -56
- data/src/core/lib/iomgr/ev_poll_posix.cc +47 -38
- data/src/core/lib/iomgr/ev_posix.cc +9 -11
- data/src/core/lib/iomgr/ev_posix.h +11 -8
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +3 -4
- data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +17 -31
- data/src/core/lib/iomgr/event_engine_shims/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +1 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +1 -2
- data/src/core/lib/iomgr/exec_ctx.cc +7 -7
- data/src/core/lib/iomgr/exec_ctx.h +7 -5
- data/src/core/lib/iomgr/executor.cc +13 -23
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/fork_posix.cc +8 -10
- data/src/core/lib/iomgr/fork_windows.cc +3 -1
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +2 -2
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +2 -3
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +3 -5
- data/src/core/lib/iomgr/internal_errqueue.cc +5 -4
- data/src/core/lib/iomgr/iocp_windows.cc +13 -9
- data/src/core/lib/iomgr/iocp_windows.h +0 -1
- data/src/core/lib/iomgr/iomgr.cc +14 -19
- data/src/core/lib/iomgr/iomgr.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +2 -2
- data/src/core/lib/iomgr/iomgr_internal.h +2 -2
- data/src/core/lib/iomgr/iomgr_windows.cc +4 -2
- data/src/core/lib/iomgr/lockfree_event.cc +7 -8
- data/src/core/lib/iomgr/lockfree_event.h +1 -2
- data/src/core/lib/iomgr/polling_entity.cc +5 -5
- data/src/core/lib/iomgr/pollset.cc +2 -2
- data/src/core/lib/iomgr/pollset.h +0 -3
- data/src/core/lib/iomgr/pollset_set.cc +2 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +2 -2
- data/src/core/lib/iomgr/pollset_windows.cc +0 -2
- data/src/core/lib/iomgr/pollset_windows.h +0 -1
- data/src/core/lib/iomgr/port.h +3 -0
- data/src/core/lib/iomgr/python_util.h +1 -2
- data/src/core/lib/iomgr/resolve_address.cc +1 -2
- data/src/core/lib/iomgr/resolve_address.h +1 -2
- data/src/core/lib/iomgr/resolve_address_impl.h +2 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +7 -14
- data/src/core/lib/iomgr/resolve_address_posix.h +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +1 -1
- data/src/core/lib/iomgr/resolve_address_windows.h +2 -2
- data/src/core/lib/iomgr/resolved_address.h +2 -2
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +3 -1
- data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -2
- data/src/core/lib/iomgr/socket_mutator.cc +2 -3
- data/src/core/lib/iomgr/socket_mutator.h +1 -2
- data/src/core/lib/iomgr/socket_utils.h +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +28 -33
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +1 -2
- data/src/core/lib/iomgr/socket_windows.cc +8 -9
- data/src/core/lib/iomgr/tcp_client.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.h +1 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +3 -5
- data/src/core/lib/iomgr/tcp_client_posix.cc +14 -19
- data/src/core/lib/iomgr/tcp_client_windows.cc +33 -14
- data/src/core/lib/iomgr/tcp_posix.cc +145 -125
- data/src/core/lib/iomgr/tcp_posix.h +0 -2
- data/src/core/lib/iomgr/tcp_server.cc +2 -2
- data/src/core/lib/iomgr/tcp_server.h +1 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +125 -111
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +10 -12
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +9 -8
- data/src/core/lib/iomgr/tcp_server_windows.cc +85 -39
- data/src/core/lib/iomgr/tcp_windows.cc +33 -47
- data/src/core/lib/iomgr/timer.cc +2 -2
- data/src/core/lib/iomgr/timer.h +1 -2
- data/src/core/lib/iomgr/timer_generic.cc +20 -23
- data/src/core/lib/iomgr/timer_generic.h +0 -1
- data/src/core/lib/iomgr/timer_heap.cc +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +21 -33
- data/src/core/lib/iomgr/timer_manager.h +2 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +16 -2
- data/src/core/lib/iomgr/unix_sockets_posix.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +3 -1
- data/src/core/lib/iomgr/vsock.cc +3 -3
- data/src/core/lib/iomgr/vsock.h +1 -2
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +3 -3
- data/src/core/lib/matchers/matchers.cc +2 -2
- data/src/core/lib/matchers/matchers.h +2 -2
- data/src/core/lib/promise/activity.cc +4 -3
- data/src/core/lib/promise/activity.h +35 -11
- data/src/core/lib/promise/all_ok.h +2 -2
- data/src/core/lib/promise/arena_promise.h +2 -2
- data/src/core/lib/promise/cancel_callback.h +24 -0
- data/src/core/lib/promise/context.h +16 -5
- data/src/core/lib/promise/detail/basic_seq.h +1 -2
- data/src/core/lib/promise/detail/join_state.h +365 -408
- data/src/core/lib/promise/detail/promise_factory.h +2 -2
- data/src/core/lib/promise/detail/promise_like.h +15 -8
- data/src/core/lib/promise/detail/seq_state.h +1192 -1192
- data/src/core/lib/promise/detail/status.h +4 -3
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +2 -2
- data/src/core/lib/promise/for_each.h +91 -30
- data/src/core/lib/promise/if.h +2 -2
- data/src/core/lib/promise/interceptor_list.h +9 -10
- data/src/core/lib/promise/latch.h +17 -17
- data/src/core/lib/promise/loop.h +2 -2
- data/src/core/lib/promise/map.h +19 -2
- data/src/core/lib/promise/observable.h +182 -0
- data/src/core/lib/promise/party.cc +52 -23
- data/src/core/lib/promise/party.h +31 -31
- data/src/core/lib/promise/pipe.h +31 -50
- data/src/core/lib/promise/poll.h +6 -5
- data/src/core/lib/promise/prioritized_race.h +2 -2
- data/src/core/lib/promise/promise.h +3 -2
- data/src/core/lib/promise/race.h +2 -2
- data/src/core/lib/promise/seq.h +2 -2
- data/src/core/lib/promise/sleep.cc +2 -3
- data/src/core/lib/promise/sleep.h +1 -2
- data/src/core/lib/promise/status_flag.h +18 -8
- data/src/core/lib/promise/try_join.h +4 -3
- data/src/core/lib/promise/try_seq.h +4 -3
- data/src/core/lib/resource_quota/api.cc +1 -2
- data/src/core/lib/resource_quota/api.h +1 -2
- data/src/core/lib/resource_quota/arena.cc +57 -81
- data/src/core/lib/resource_quota/arena.h +122 -211
- data/src/core/lib/resource_quota/connection_quota.cc +70 -0
- data/src/core/lib/resource_quota/connection_quota.h +61 -0
- data/src/core/lib/resource_quota/memory_quota.cc +20 -21
- data/src/core/lib/resource_quota/memory_quota.h +6 -7
- data/src/core/lib/resource_quota/periodic_update.cc +3 -3
- data/src/core/lib/resource_quota/periodic_update.h +2 -2
- data/src/core/lib/resource_quota/resource_quota.cc +2 -2
- data/src/core/lib/resource_quota/resource_quota.h +2 -3
- data/src/core/lib/resource_quota/thread_quota.cc +4 -3
- data/src/core/lib/resource_quota/thread_quota.h +2 -2
- data/src/core/lib/security/authorization/audit_logging.cc +6 -6
- data/src/core/lib/security/authorization/audit_logging.h +1 -2
- data/src/core/lib/security/authorization/authorization_engine.h +2 -2
- data/src/core/lib/security/authorization/authorization_policy_provider.h +2 -3
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +2 -3
- data/src/core/lib/security/authorization/evaluate_args.cc +13 -15
- data/src/core/lib/security/authorization/evaluate_args.h +4 -5
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +4 -3
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +1 -2
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +13 -18
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +8 -9
- data/src/core/lib/security/authorization/matchers.cc +4 -5
- data/src/core/lib/security/authorization/matchers.h +2 -2
- data/src/core/lib/security/authorization/rbac_policy.cc +2 -2
- data/src/core/lib/security/authorization/rbac_policy.h +1 -2
- data/src/core/lib/security/authorization/stdout_logger.cc +4 -3
- data/src/core/lib/security/authorization/stdout_logger.h +1 -2
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +4 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +6 -6
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +2 -2
- data/src/core/lib/security/context/security_context.cc +17 -16
- data/src/core/lib/security/context/security_context.h +33 -10
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +1 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.h +3 -3
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +4 -3
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +2 -3
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +5 -6
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +4 -5
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -2
- data/src/core/lib/security/credentials/call_creds_util.cc +3 -3
- data/src/core/lib/security/credentials/call_creds_util.h +2 -2
- data/src/core/lib/security/credentials/channel_creds_registry.h +4 -4
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +7 -5
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +9 -8
- data/src/core/lib/security/credentials/composite/composite_credentials.h +3 -3
- data/src/core/lib/security/credentials/credentials.cc +10 -9
- data/src/core/lib/security/credentials/credentials.h +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +9 -8
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +4 -4
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +2 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.h +2 -2
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +16 -17
- data/src/core/lib/security/credentials/external/external_account_credentials.h +5 -5
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +3 -4
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +2 -2
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +8 -7
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +3 -3
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.h +3 -3
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +4 -5
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +19 -18
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +3 -3
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -5
- data/src/core/lib/security/credentials/iam/iam_credentials.h +3 -3
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +27 -23
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +10 -8
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +3 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +76 -85
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +1 -2
- data/src/core/lib/security/credentials/local/local_credentials.h +3 -3
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +21 -19
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +6 -6
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +9 -10
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +3 -5
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +28 -34
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +6 -4
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +26 -25
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +28 -36
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +4 -4
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +5 -4
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +23 -22
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +1 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +22 -17
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +8 -5
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +15 -18
- data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/tls_utils.cc +5 -6
- data/src/core/lib/security/credentials/tls/tls_utils.h +1 -2
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +8 -8
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +27 -30
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +20 -17
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +6 -5
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -2
- data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +3 -2
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +8 -8
- data/src/core/lib/security/security_connector/load_system_roots_supported.h +1 -2
- data/src/core/lib/security/security_connector/load_system_roots_windows.cc +87 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +19 -23
- data/src/core/lib/security/security_connector/local/local_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/security_connector.cc +8 -10
- data/src/core/lib/security/security_connector/security_connector.h +4 -6
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +23 -25
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +29 -30
- data/src/core/lib/security/security_connector/ssl_utils.h +1 -2
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +42 -53
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +3 -3
- data/src/core/lib/security/transport/auth_filters.h +12 -36
- data/src/core/lib/security/transport/client_auth_filter.cc +13 -18
- data/src/core/lib/security/transport/server_auth_filter.cc +10 -13
- data/src/core/lib/security/util/json_util.cc +1 -2
- data/src/core/lib/security/util/json_util.h +1 -1
- data/src/core/lib/slice/percent_encoding.cc +4 -3
- data/src/core/lib/slice/slice.cc +42 -15
- data/src/core/lib/slice/slice.h +5 -5
- data/src/core/lib/slice/slice_buffer.cc +64 -25
- data/src/core/lib/slice/slice_buffer.h +15 -3
- data/src/core/lib/slice/slice_internal.h +10 -3
- data/src/core/lib/slice/slice_refcount.h +3 -6
- data/src/core/lib/slice/slice_string_helpers.cc +3 -3
- data/src/core/lib/slice/slice_string_helpers.h +1 -2
- data/src/core/lib/surface/api_trace.h +2 -5
- data/src/core/lib/surface/byte_buffer.cc +1 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +4 -3
- data/src/core/lib/surface/call.cc +102 -3904
- data/src/core/lib/surface/call.h +159 -91
- data/src/core/lib/surface/call_details.cc +1 -2
- data/src/core/lib/surface/call_log_batch.cc +2 -3
- data/src/core/lib/surface/call_test_only.h +1 -2
- data/src/core/lib/surface/call_utils.cc +276 -0
- data/src/core/lib/surface/call_utils.h +449 -0
- data/src/core/lib/surface/channel.cc +118 -323
- data/src/core/lib/surface/channel.h +92 -109
- data/src/core/lib/surface/channel_create.cc +118 -0
- data/src/core/lib/surface/{builtins.cc → channel_create.h} +22 -16
- data/src/core/lib/surface/channel_init.cc +29 -84
- data/src/core/lib/surface/channel_init.h +45 -102
- data/src/core/lib/surface/channel_stack_type.cc +2 -2
- data/src/core/lib/surface/client_call.cc +419 -0
- data/src/core/lib/surface/client_call.h +180 -0
- data/src/core/lib/surface/completion_queue.cc +45 -51
- data/src/core/lib/surface/completion_queue.h +1 -10
- data/src/core/lib/surface/completion_queue_factory.cc +9 -8
- data/src/core/lib/surface/completion_queue_factory.h +1 -2
- data/src/core/lib/surface/event_string.cc +2 -2
- data/src/core/lib/surface/event_string.h +1 -2
- data/src/core/lib/surface/filter_stack_call.cc +1157 -0
- data/src/core/lib/surface/filter_stack_call.h +369 -0
- data/src/core/lib/surface/init.cc +15 -20
- data/src/core/lib/surface/init_internally.cc +2 -2
- data/src/core/lib/surface/lame_client.cc +13 -41
- data/src/core/lib/surface/lame_client.h +13 -13
- data/src/core/lib/surface/legacy_channel.cc +427 -0
- data/src/core/lib/surface/legacy_channel.h +114 -0
- data/src/core/lib/surface/metadata_array.cc +1 -2
- data/src/core/lib/surface/server_call.cc +222 -0
- data/src/core/lib/surface/server_call.h +167 -0
- data/src/core/lib/surface/validate_metadata.cc +1 -2
- data/src/core/lib/surface/validate_metadata.h +3 -3
- data/src/core/lib/surface/version.cc +3 -4
- data/src/core/lib/transport/bdp_estimator.cc +7 -7
- data/src/core/lib/transport/bdp_estimator.h +6 -8
- data/src/core/lib/transport/{call_size_estimator.cc → call_arena_allocator.cc} +3 -3
- data/src/core/lib/transport/{call_size_estimator.h → call_arena_allocator.h} +29 -6
- data/src/core/lib/transport/call_destination.h +76 -0
- data/src/core/lib/transport/call_filters.cc +166 -33
- data/src/core/lib/transport/call_filters.h +517 -62
- data/src/core/lib/transport/call_final_info.cc +2 -2
- data/src/core/lib/transport/call_final_info.h +1 -2
- data/src/core/lib/transport/call_spine.cc +17 -19
- data/src/core/lib/transport/call_spine.h +242 -214
- data/src/core/lib/transport/connectivity_state.cc +9 -12
- data/src/core/lib/transport/connectivity_state.h +1 -4
- data/src/core/lib/transport/error_utils.cc +1 -2
- data/src/core/lib/transport/error_utils.h +1 -2
- data/src/core/lib/transport/interception_chain.cc +155 -0
- data/src/core/lib/transport/interception_chain.h +236 -0
- data/src/core/lib/transport/message.cc +1 -2
- data/src/core/lib/transport/metadata.cc +3 -3
- data/src/core/lib/transport/metadata_batch.cc +68 -7
- data/src/core/lib/transport/metadata_batch.h +55 -21
- data/src/core/lib/transport/metadata_compression_traits.h +2 -2
- data/src/core/lib/transport/metadata_info.cc +55 -0
- data/src/core/lib/transport/metadata_info.h +85 -0
- data/src/core/lib/transport/parsed_metadata.cc +2 -2
- data/src/core/lib/transport/parsed_metadata.h +1 -2
- data/src/core/lib/transport/simple_slice_based_metadata.h +2 -2
- data/src/core/lib/transport/status_conversion.cc +2 -2
- data/src/core/lib/transport/status_conversion.h +1 -2
- data/src/core/lib/transport/timeout_encoding.cc +5 -5
- data/src/core/lib/transport/timeout_encoding.h +2 -2
- data/src/core/lib/transport/transport.cc +4 -8
- data/src/core/lib/transport/transport.h +80 -74
- data/src/core/lib/transport/transport_op_string.cc +1 -10
- data/src/core/lib/uri/uri_parser.cc +3 -3
- data/src/core/lib/uri/uri_parser.h +2 -2
- data/src/core/load_balancing/address_filtering.cc +3 -3
- data/src/core/load_balancing/address_filtering.h +3 -3
- data/src/core/load_balancing/backend_metric_data.h +2 -2
- data/src/core/{client_channel/backend_metric.cc → load_balancing/backend_metric_parser.cc} +3 -3
- data/src/core/{client_channel/backend_metric.h → load_balancing/backend_metric_parser.h} +5 -5
- data/src/core/load_balancing/child_policy_handler.cc +15 -15
- data/src/core/load_balancing/child_policy_handler.h +2 -2
- data/src/core/load_balancing/delegating_helper.h +10 -3
- data/src/core/load_balancing/endpoint_list.cc +12 -14
- data/src/core/load_balancing/endpoint_list.h +16 -10
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +29 -30
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +22 -8
- data/src/core/load_balancing/grpclb/grpclb.cc +89 -98
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +3 -3
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.h +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.h +2 -3
- data/src/core/load_balancing/grpclb/load_balancer_api.cc +4 -6
- data/src/core/load_balancing/grpclb/load_balancer_api.h +2 -3
- data/src/core/load_balancing/health_check_client.cc +20 -24
- data/src/core/load_balancing/health_check_client.h +2 -2
- data/src/core/load_balancing/health_check_client_internal.h +5 -7
- data/src/core/load_balancing/lb_policy.cc +7 -10
- data/src/core/load_balancing/lb_policy.h +32 -8
- data/src/core/load_balancing/lb_policy_factory.h +3 -3
- data/src/core/load_balancing/lb_policy_registry.cc +5 -6
- data/src/core/load_balancing/lb_policy_registry.h +5 -5
- data/src/core/load_balancing/oob_backend_metric.cc +12 -15
- data/src/core/load_balancing/oob_backend_metric.h +3 -3
- data/src/core/load_balancing/oob_backend_metric_internal.h +7 -8
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +65 -67
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +5 -5
- data/src/core/load_balancing/pick_first/pick_first.cc +1186 -279
- data/src/core/load_balancing/priority/priority.cc +49 -45
- data/src/core/load_balancing/ring_hash/ring_hash.cc +53 -38
- data/src/core/load_balancing/ring_hash/ring_hash.h +6 -6
- data/src/core/load_balancing/rls/rls.cc +280 -150
- data/src/core/{lib/iomgr/ev_windows.cc → load_balancing/rls/rls.h} +8 -12
- data/src/core/load_balancing/round_robin/round_robin.cc +50 -497
- data/src/core/load_balancing/subchannel_interface.h +4 -4
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +3 -3
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +162 -936
- data/src/core/load_balancing/weighted_target/weighted_target.cc +41 -41
- data/src/core/load_balancing/weighted_target/weighted_target.h +28 -0
- data/src/core/load_balancing/xds/cds.cc +33 -36
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +128 -84
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +23 -26
- data/src/core/load_balancing/xds/xds_override_host.cc +61 -62
- data/src/core/load_balancing/xds/xds_override_host.h +6 -6
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +21 -23
- data/src/core/plugin_registry/grpc_plugin_registry.cc +27 -9
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +1 -3
- data/src/core/resolver/binder/binder_resolver.cc +15 -7
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +16 -15
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +2 -2
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +3 -3
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +6 -5
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +39 -38
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +21 -28
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +2 -7
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +2 -2
- data/src/core/resolver/dns/dns_resolver_plugin.cc +10 -10
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +11 -16
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +6 -4
- data/src/core/resolver/dns/event_engine/service_config_helper.cc +7 -7
- data/src/core/resolver/dns/event_engine/service_config_helper.h +2 -2
- data/src/core/resolver/dns/native/dns_resolver.cc +14 -16
- data/src/core/resolver/endpoint_addresses.cc +5 -5
- data/src/core/resolver/endpoint_addresses.h +6 -6
- data/src/core/resolver/fake/fake_resolver.cc +7 -7
- data/src/core/resolver/fake/fake_resolver.h +3 -4
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +31 -27
- data/src/core/resolver/polling_resolver.cc +35 -40
- data/src/core/resolver/polling_resolver.h +1 -2
- data/src/core/resolver/resolver.cc +3 -7
- data/src/core/resolver/resolver.h +2 -4
- data/src/core/resolver/resolver_factory.h +3 -3
- data/src/core/resolver/resolver_registry.cc +11 -13
- data/src/core/resolver/resolver_registry.h +5 -5
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +11 -12
- data/src/core/resolver/xds/xds_dependency_manager.cc +41 -36
- data/src/core/resolver/xds/xds_dependency_manager.h +12 -12
- data/src/core/resolver/xds/xds_resolver.cc +49 -55
- data/src/core/resolver/xds/xds_resolver_attributes.h +3 -3
- data/src/core/{lib/surface → server}/server.cc +313 -446
- data/src/core/{lib/surface → server}/server.h +48 -27
- data/src/core/{lib/channel → server}/server_call_tracer_filter.cc +16 -18
- data/src/core/{lib/surface/builtins.h → server/server_call_tracer_filter.h} +7 -5
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector.h +6 -6
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.cc +40 -40
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.h +3 -3
- data/src/core/server/server_interface.h +45 -0
- data/src/core/{ext/xds → server}/xds_channel_stack_modifier.cc +4 -4
- data/src/core/{ext/xds → server}/xds_channel_stack_modifier.h +7 -7
- data/src/core/{ext/xds → server}/xds_server_config_fetcher.cc +44 -45
- data/src/core/service_config/service_config.h +2 -3
- data/src/core/service_config/service_config_call_data.h +15 -13
- data/src/core/{client_channel → service_config}/service_config_channel_arg_filter.cc +13 -12
- data/src/core/service_config/service_config_impl.cc +7 -7
- data/src/core/service_config/service_config_impl.h +4 -4
- data/src/core/service_config/service_config_parser.cc +4 -8
- data/src/core/service_config/service_config_parser.h +4 -4
- data/src/core/{lib/channel → telemetry}/call_tracer.cc +28 -39
- data/src/core/{lib/channel → telemetry}/call_tracer.h +47 -23
- data/src/core/{lib/debug → telemetry}/histogram_view.cc +2 -2
- data/src/core/{lib/debug → telemetry}/histogram_view.h +5 -5
- data/src/core/telemetry/metrics.cc +178 -0
- data/src/core/telemetry/metrics.h +562 -0
- data/src/core/{lib/debug → telemetry}/stats.cc +3 -3
- data/src/core/{lib/debug → telemetry}/stats.h +7 -7
- data/src/core/{lib/debug → telemetry}/stats_data.cc +272 -29
- data/src/core/{lib/debug → telemetry}/stats_data.h +182 -6
- data/src/core/{lib/channel → telemetry}/tcp_tracer.h +9 -5
- data/src/core/tsi/alts/crypt/aes_gcm.cc +1 -2
- data/src/core/tsi/alts/crypt/gsec.cc +1 -2
- data/src/core/tsi/alts/crypt/gsec.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_counter.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +13 -15
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +2 -2
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +1 -2
- data/src/core/tsi/alts/frame_protector/frame_handler.h +2 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +69 -68
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +5 -4
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +55 -53
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +7 -5
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -2
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +4 -3
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +10 -8
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +6 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +10 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +9 -7
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +2 -2
- data/src/core/tsi/fake_transport_security.cc +20 -21
- data/src/core/tsi/local_transport_security.cc +7 -7
- data/src/core/tsi/local_transport_security.h +1 -2
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +7 -6
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +15 -14
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +3 -4
- data/src/core/tsi/ssl_transport_security.cc +286 -162
- data/src/core/tsi/ssl_transport_security.h +1 -2
- data/src/core/tsi/ssl_transport_security_utils.cc +208 -24
- data/src/core/tsi/ssl_transport_security_utils.h +39 -2
- data/src/core/tsi/ssl_types.h +2 -2
- data/src/core/tsi/transport_security.cc +1 -6
- data/src/core/tsi/transport_security.h +2 -4
- data/src/core/tsi/transport_security_grpc.cc +2 -2
- data/src/core/tsi/transport_security_grpc.h +1 -2
- data/src/core/tsi/transport_security_interface.h +2 -6
- data/src/core/{lib/gpr → util}/alloc.cc +3 -1
- data/src/core/{lib/gpr → util}/alloc.h +3 -3
- data/src/core/{lib/gpr → util}/android/log.cc +0 -19
- data/src/core/{lib/gpr → util}/atm.cc +1 -1
- data/src/core/{ext/gcp/metadata_query.cc → util/gcp_metadata_query.cc} +26 -26
- data/src/core/{ext/gcp/metadata_query.h → util/gcp_metadata_query.h} +9 -9
- data/src/core/{lib/http → util/http_client}/format_request.cc +2 -2
- data/src/core/{lib/http → util/http_client}/format_request.h +4 -4
- data/src/core/{lib/http → util/http_client}/httpcli.cc +12 -13
- data/src/core/{lib/http → util/http_client}/httpcli.h +5 -5
- data/src/core/{lib/http → util/http_client}/httpcli_security_connector.cc +10 -10
- data/src/core/{lib/http → util/http_client}/httpcli_ssl_credentials.h +3 -3
- data/src/core/{lib/http → util/http_client}/parser.cc +6 -7
- data/src/core/{lib/http → util/http_client}/parser.h +3 -5
- data/src/core/{lib → util}/json/json.h +3 -3
- data/src/core/{lib → util}/json/json_args.h +3 -3
- data/src/core/{lib → util}/json/json_channel_args.h +4 -4
- data/src/core/{lib → util}/json/json_object_loader.cc +1 -1
- data/src/core/{lib → util}/json/json_object_loader.h +5 -5
- data/src/core/{lib → util}/json/json_reader.cc +4 -3
- data/src/core/{lib → util}/json/json_reader.h +4 -4
- data/src/core/{lib → util}/json/json_util.cc +3 -3
- data/src/core/{lib → util}/json/json_util.h +4 -4
- data/src/core/{lib → util}/json/json_writer.cc +1 -1
- data/src/core/{lib → util}/json/json_writer.h +4 -4
- data/src/core/{lib/gpr → util}/linux/log.cc +0 -45
- data/src/core/util/log.cc +167 -0
- data/src/core/{lib/gpr → util}/msys/tmpfile.cc +2 -2
- data/src/core/{lib/gpr → util}/posix/cpu.cc +1 -1
- data/src/core/{lib/gpr → util}/posix/log.cc +0 -42
- data/src/core/{lib/gpr → util}/posix/sync.cc +25 -23
- data/src/core/{lib/gpr → util}/posix/time.cc +10 -67
- data/src/core/{lib/gpr → util}/posix/tmpfile.cc +5 -3
- data/src/core/{lib/gpr → util}/spinlock.h +3 -3
- data/src/core/{lib/gpr → util}/string.cc +2 -2
- data/src/core/{lib/gpr → util}/string.h +3 -3
- data/src/core/{lib/gpr → util}/sync.cc +5 -3
- data/src/core/{lib/gpr → util}/time.cc +10 -8
- data/src/core/{lib/gpr → util}/time_precise.cc +1 -1
- data/src/core/{lib/gpr → util}/time_precise.h +3 -3
- data/src/core/{lib/gpr → util}/tmpfile.h +3 -3
- data/src/core/{lib/gpr → util}/useful.h +3 -3
- data/src/core/{lib/gpr → util}/windows/log.cc +1 -44
- data/src/core/{lib/gpr → util}/windows/string.cc +1 -1
- data/src/core/{lib/gpr → util}/windows/string_util.cc +1 -1
- data/src/core/{lib/gpr → util}/windows/sync.cc +3 -1
- data/src/core/{lib/gpr → util}/windows/time.cc +5 -2
- data/src/core/{lib/gpr → util}/windows/tmpfile.cc +1 -1
- data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.cc +5 -6
- data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.h +11 -11
- data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.cc +5 -6
- data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.h +9 -10
- data/src/core/{ext/xds → xds/grpc}/upb_utils.h +5 -5
- data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.cc +6 -5
- data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.cc +44 -13
- data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.h +36 -21
- data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.cc +7 -7
- data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.h +6 -7
- data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.cc +218 -72
- data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.h +31 -18
- data/src/core/{ext/xds → xds/grpc}/xds_cluster.cc +31 -23
- data/src/core/{ext/xds → xds/grpc}/xds_cluster.h +17 -15
- data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.cc +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_common_types.cc +6 -7
- data/src/core/{ext/xds → xds/grpc}/xds_common_types.h +7 -7
- data/src/core/{ext/xds → xds/grpc}/xds_endpoint.cc +14 -14
- data/src/core/{ext/xds → xds/grpc}/xds_endpoint.h +11 -11
- data/src/core/{ext/xds → xds/grpc}/xds_health_status.cc +3 -3
- data/src/core/{ext/xds → xds/grpc}/xds_health_status.h +7 -7
- data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.cc +6 -7
- data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_http_filters.cc +8 -9
- data/src/core/{ext/xds → xds/grpc}/xds_http_filters.h +11 -11
- data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.cc +9 -10
- data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.cc +7 -8
- data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.cc +8 -9
- data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_listener.cc +12 -14
- data/src/core/{ext/xds → xds/grpc}/xds_listener.h +13 -13
- data/src/core/{ext/xds → xds/grpc}/xds_route_config.cc +23 -24
- data/src/core/{ext/xds → xds/grpc}/xds_route_config.h +12 -12
- data/src/core/{ext/xds → xds/grpc}/xds_routing.cc +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_routing.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.cc +31 -46
- data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.h +12 -13
- data/src/core/{ext/xds → xds/xds_client}/xds_api.cc +9 -14
- data/src/core/{ext/xds → xds/xds_client}/xds_api.h +8 -8
- data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.cc +4 -4
- data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.h +8 -10
- data/src/core/{ext/xds → xds/xds_client}/xds_channel_args.h +3 -3
- data/src/core/{ext/xds → xds/xds_client}/xds_client.cc +337 -159
- data/src/core/{ext/xds → xds/xds_client}/xds_client.h +50 -21
- data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.cc +23 -22
- data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.h +21 -14
- data/src/core/xds/xds_client/xds_metrics.h +41 -0
- data/src/core/{ext/xds → xds/xds_client}/xds_resource_type.h +6 -6
- data/src/core/{ext/xds → xds/xds_client}/xds_resource_type_impl.h +7 -7
- data/src/core/{ext/xds → xds/xds_client}/xds_transport.h +6 -6
- data/src/ruby/bin/math_pb.rb +1 -22
- data/src/ruby/ext/grpc/extconf.rb +0 -3
- data/src/ruby/ext/grpc/rb_call.c +8 -1
- data/src/ruby/ext/grpc/rb_call_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_call_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_channel.c +1 -0
- data/src/ruby/ext/grpc/rb_channel_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_completion_queue.c +15 -32
- data/src/ruby/ext/grpc/rb_completion_queue.h +7 -1
- data/src/ruby/ext/grpc/rb_grpc.c +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +130 -132
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +198 -200
- data/src/ruby/ext/grpc/rb_server.c +40 -22
- data/src/ruby/ext/grpc/rb_server_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +1 -0
- data/src/ruby/lib/grpc/generic/active_call.rb +8 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +1 -22
- data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +5 -5
- data/src/ruby/pb/grpc/testing/metrics_pb.rb +10 -19
- data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +5 -5
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +1 -22
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +1 -22
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +1 -22
- data/src/ruby/spec/generic/rpc_server_spec.rb +25 -0
- data/third_party/abseil-cpp/absl/debugging/internal/examine_stack.cc +320 -0
- data/third_party/abseil-cpp/absl/debugging/internal/examine_stack.h +64 -0
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +93 -0
- data/third_party/abseil-cpp/absl/log/check.h +209 -0
- data/third_party/abseil-cpp/absl/log/globals.cc +178 -0
- data/third_party/abseil-cpp/absl/log/globals.h +218 -0
- data/third_party/abseil-cpp/absl/log/internal/append_truncated.h +47 -0
- data/third_party/abseil-cpp/absl/log/internal/check_impl.h +150 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +118 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +420 -0
- data/third_party/abseil-cpp/absl/log/internal/conditions.cc +83 -0
- data/third_party/abseil-cpp/absl/log/internal/conditions.h +239 -0
- data/third_party/abseil-cpp/absl/log/internal/config.h +45 -0
- data/third_party/abseil-cpp/absl/log/internal/fnmatch.cc +73 -0
- data/third_party/abseil-cpp/absl/log/internal/fnmatch.h +35 -0
- data/third_party/abseil-cpp/absl/log/internal/globals.cc +145 -0
- data/third_party/abseil-cpp/absl/log/internal/globals.h +101 -0
- data/third_party/abseil-cpp/absl/log/internal/log_format.cc +205 -0
- data/third_party/abseil-cpp/absl/log/internal/log_format.h +78 -0
- data/third_party/abseil-cpp/absl/log/internal/log_impl.h +282 -0
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +633 -0
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +375 -0
- data/third_party/abseil-cpp/absl/log/internal/log_sink_set.cc +296 -0
- data/third_party/abseil-cpp/absl/log/internal/log_sink_set.h +54 -0
- data/third_party/abseil-cpp/absl/log/internal/nullguard.cc +35 -0
- data/third_party/abseil-cpp/absl/log/internal/nullguard.h +88 -0
- data/third_party/abseil-cpp/absl/log/internal/nullstream.h +136 -0
- data/third_party/abseil-cpp/absl/log/internal/proto.cc +220 -0
- data/third_party/abseil-cpp/absl/log/internal/proto.h +288 -0
- data/third_party/abseil-cpp/absl/log/internal/strip.h +72 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.cc +340 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.h +163 -0
- data/third_party/abseil-cpp/absl/log/internal/voidify.h +44 -0
- data/third_party/abseil-cpp/absl/log/log.h +361 -0
- data/third_party/abseil-cpp/absl/log/log_entry.cc +41 -0
- data/third_party/abseil-cpp/absl/log/log_entry.h +221 -0
- data/{src/core/lib/channel/channel_stack_trace.cc → third_party/abseil-cpp/absl/log/log_sink.cc} +9 -5
- data/third_party/abseil-cpp/absl/log/log_sink.h +64 -0
- data/third_party/abseil-cpp/absl/log/log_sink_registry.h +61 -0
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +72 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +1 -7
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +50 -39
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +15 -20
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +25 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +63 -94
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +20 -28
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +66 -41
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/des/des.c +45 -32
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +24 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +1497 -0
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +36 -20
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +81 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +41 -120
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.c +120 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +6 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +46 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +33 -23
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +14 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +11 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +78 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +10 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +52 -21
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +18 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +44 -41
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +13 -12
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +26 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.c +40 -61
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.c +49 -16
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +24 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +51 -78
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +12 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +13 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -6
- data/third_party/boringssl-with-bazel/{err_data.c → src/gen/crypto/err_data.c} +487 -485
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +10 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +88 -45
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +12 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +10 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +25 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +15 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +125 -0
- data/third_party/boringssl-with-bazel/src/{crypto/spx/internal.h → include/openssl/experimental/spx.h} +24 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +63 -53
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +19 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +19 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +14 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +291 -73
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +10 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +13 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2927 -2394
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +3 -9
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +43 -43
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +17 -7
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +67 -15
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +143 -113
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +229 -175
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +66 -385
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +21 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +423 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +70 -54
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +59 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +6 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +48 -116
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +19 -26
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +36 -3
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +53 -18
- data/third_party/upb/upb/base/descriptor_constants.h +29 -2
- data/third_party/upb/upb/{wire/internal/swap.h → base/internal/endian.h} +12 -11
- data/third_party/upb/upb/base/status.h +1 -1
- data/third_party/upb/upb/base/status.hpp +5 -1
- data/third_party/upb/upb/base/string_view.h +7 -5
- data/third_party/upb/upb/base/upcast.h +29 -0
- data/third_party/upb/upb/generated_code_support.h +2 -1
- data/third_party/upb/upb/json/decode.c +103 -53
- data/third_party/upb/upb/json/decode.h +3 -26
- data/third_party/upb/upb/json/encode.c +3 -26
- data/third_party/upb/upb/json/encode.h +3 -26
- data/third_party/upb/upb/mem/arena.c +233 -106
- data/third_party/upb/upb/mem/arena.h +14 -66
- data/third_party/upb/upb/mem/arena.hpp +8 -4
- data/third_party/upb/upb/mem/internal/arena.h +76 -58
- data/third_party/upb/upb/message/accessors.c +19 -46
- data/third_party/upb/upb/message/accessors.h +208 -123
- data/third_party/upb/upb/message/array.c +55 -83
- data/third_party/upb/upb/message/array.h +18 -30
- data/third_party/upb/upb/message/compat.c +39 -0
- data/third_party/upb/upb/message/compat.h +41 -0
- data/third_party/upb/upb/message/copy.c +322 -0
- data/third_party/upb/upb/message/copy.h +56 -0
- data/third_party/upb/upb/message/internal/accessors.h +178 -178
- data/third_party/upb/upb/message/internal/array.h +80 -81
- data/third_party/upb/upb/message/internal/extension.c +63 -0
- data/third_party/upb/upb/message/internal/extension.h +12 -12
- data/third_party/upb/upb/message/internal/map.h +28 -41
- data/third_party/upb/upb/message/internal/map_entry.h +14 -39
- data/third_party/upb/upb/message/internal/map_sorter.h +18 -37
- data/third_party/upb/upb/message/internal/message.c +59 -0
- data/third_party/upb/upb/message/internal/message.h +26 -42
- data/third_party/upb/upb/message/internal/tagged_ptr.h +56 -0
- data/third_party/upb/upb/message/internal/types.h +7 -12
- data/third_party/upb/upb/message/map.c +3 -26
- data/third_party/upb/upb/message/map.h +5 -33
- data/third_party/upb/upb/message/map_gencode_util.h +3 -26
- data/third_party/upb/upb/message/map_sorter.c +22 -34
- data/third_party/upb/upb/message/message.c +28 -104
- data/third_party/upb/upb/message/message.h +4 -8
- data/third_party/upb/upb/message/tagged_ptr.h +14 -31
- data/third_party/upb/upb/message/value.h +3 -5
- data/third_party/upb/upb/mini_descriptor/build_enum.c +20 -11
- data/third_party/upb/upb/mini_descriptor/decode.c +127 -107
- data/third_party/upb/upb/mini_descriptor/decode.h +3 -8
- data/third_party/upb/upb/mini_descriptor/link.c +34 -22
- data/third_party/upb/upb/mini_descriptor/link.h +1 -1
- data/third_party/upb/upb/mini_table/enum.h +4 -6
- data/third_party/upb/upb/mini_table/extension.h +37 -0
- data/third_party/upb/upb/mini_table/extension_registry.c +9 -2
- data/third_party/upb/upb/mini_table/field.h +46 -60
- data/third_party/upb/upb/mini_table/file.h +44 -0
- data/third_party/upb/upb/mini_table/internal/enum.h +19 -20
- data/third_party/upb/upb/mini_table/internal/extension.h +34 -3
- data/third_party/upb/upb/mini_table/internal/field.h +136 -27
- data/third_party/upb/upb/mini_table/internal/file.h +47 -10
- data/third_party/upb/upb/mini_table/internal/message.c +17 -9
- data/third_party/upb/upb/mini_table/internal/message.h +94 -23
- data/third_party/upb/upb/mini_table/internal/size_log2.h +77 -0
- data/third_party/upb/upb/mini_table/internal/sub.h +39 -4
- data/third_party/upb/upb/mini_table/message.c +18 -19
- data/third_party/upb/upb/mini_table/message.h +29 -20
- data/third_party/upb/upb/mini_table/sub.h +40 -1
- data/third_party/upb/upb/port/def.inc +18 -0
- data/third_party/upb/upb/port/undef.inc +3 -0
- data/third_party/upb/upb/reflection/def.hpp +8 -4
- data/third_party/upb/upb/reflection/def_pool.c +81 -2
- data/third_party/upb/upb/reflection/def_pool.h +8 -0
- data/third_party/upb/upb/reflection/enum_def.c +42 -19
- data/third_party/upb/upb/reflection/enum_def.h +1 -0
- data/third_party/upb/upb/reflection/enum_value_def.c +43 -14
- data/third_party/upb/upb/reflection/enum_value_def.h +2 -0
- data/third_party/upb/upb/reflection/extension_range.c +13 -5
- data/third_party/upb/upb/reflection/extension_range.h +2 -0
- data/third_party/upb/upb/reflection/field_def.c +177 -130
- data/third_party/upb/upb/reflection/field_def.h +10 -1
- data/third_party/upb/upb/reflection/file_def.c +98 -9
- data/third_party/upb/upb/reflection/file_def.h +3 -0
- data/third_party/upb/upb/reflection/internal/def_builder.c +85 -7
- data/third_party/upb/upb/reflection/internal/def_builder.h +23 -0
- data/third_party/upb/upb/reflection/internal/enum_def.h +5 -4
- data/third_party/upb/upb/reflection/internal/enum_reserved_range.h +1 -1
- data/third_party/upb/upb/reflection/internal/enum_value_def.h +2 -1
- data/third_party/upb/upb/reflection/internal/extension_range.h +2 -2
- data/third_party/upb/upb/reflection/internal/field_def.h +11 -10
- data/third_party/upb/upb/reflection/internal/message_def.h +6 -3
- data/third_party/upb/upb/reflection/internal/method_def.h +5 -3
- data/third_party/upb/upb/reflection/internal/oneof_def.h +5 -3
- data/third_party/upb/upb/reflection/internal/service_def.h +5 -3
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +20 -0
- data/third_party/upb/upb/reflection/message.c +27 -12
- data/third_party/upb/upb/reflection/message.h +5 -5
- data/third_party/upb/upb/reflection/message_def.c +56 -27
- data/third_party/upb/upb/reflection/message_def.h +2 -0
- data/third_party/upb/upb/reflection/method_def.c +20 -9
- data/third_party/upb/upb/reflection/method_def.h +2 -0
- data/third_party/upb/upb/reflection/oneof_def.c +20 -11
- data/third_party/upb/upb/reflection/oneof_def.h +3 -1
- data/third_party/upb/upb/reflection/service_def.c +25 -13
- data/third_party/upb/upb/reflection/service_def.h +2 -0
- data/third_party/upb/upb/text/encode.c +126 -36
- data/third_party/upb/upb/wire/decode.c +214 -196
- data/third_party/upb/upb/wire/decode.h +10 -0
- data/third_party/upb/upb/wire/encode.c +105 -91
- data/third_party/upb/upb/wire/encode.h +4 -3
- data/third_party/upb/upb/wire/{decode_fast.c → internal/decode_fast.c} +53 -48
- data/third_party/upb/upb/wire/{decode_fast.h → internal/decode_fast.h} +6 -5
- data/third_party/upb/upb/wire/internal/{decode.h → decoder.h} +15 -31
- data/third_party/upb/upb/wire/internal/reader.h +61 -0
- data/third_party/upb/upb/wire/reader.c +9 -6
- data/third_party/upb/upb/wire/reader.h +18 -47
- data/third_party/utf8_range/utf8_range.c +467 -0
- data/third_party/utf8_range/utf8_range.h +9 -8
- metadata +278 -214
- data/src/core/client_channel/channel_connectivity.cc +0 -265
- data/src/core/client_channel/client_channel_channelz.cc +0 -93
- data/src/core/client_channel/client_channel_channelz.h +0 -85
- data/src/core/ext/filters/channel_idle/channel_idle_filter.cc +0 -318
- data/src/core/ext/filters/channel_idle/channel_idle_filter.h +0 -150
- data/src/core/ext/filters/deadline/deadline_filter.cc +0 -407
- data/src/core/ext/filters/deadline/deadline_filter.h +0 -85
- data/src/core/ext/filters/http/message_compress/legacy_compression_filter.cc +0 -325
- data/src/core/ext/filters/http/message_compress/legacy_compression_filter.h +0 -139
- data/src/core/ext/transport/chttp2/transport/http_trace.cc +0 -19
- data/src/core/ext/transport/chttp2/transport/http_trace.h +0 -24
- data/src/core/ext/transport/inproc/inproc_plugin.cc +0 -23
- data/src/core/lib/channel/channel_stack_trace.h +0 -24
- data/src/core/lib/channel/context.h +0 -77
- data/src/core/lib/event_engine/trace.cc +0 -25
- data/src/core/lib/gpr/log.cc +0 -140
- data/src/core/lib/gpr/log_internal.h +0 -55
- data/src/core/lib/gpr/wrap_memcpy.cc +0 -43
- data/src/core/lib/promise/trace.cc +0 -20
- data/src/core/lib/promise/trace.h +0 -24
- data/src/core/lib/resource_quota/trace.cc +0 -19
- data/src/core/lib/resource_quota/trace.h +0 -24
- data/src/core/lib/security/transport/legacy_server_auth_filter.cc +0 -244
- data/src/core/lib/security/transport/tsi_error.cc +0 -31
- data/src/core/lib/security/transport/tsi_error.h +0 -30
- data/src/core/lib/slice/b64.cc +0 -239
- data/src/core/lib/slice/b64.h +0 -52
- data/src/core/lib/slice/slice_refcount.cc +0 -20
- data/src/core/lib/surface/api_trace.cc +0 -25
- data/src/core/lib/surface/call_trace.cc +0 -163
- data/src/core/lib/surface/call_trace.h +0 -30
- data/src/core/lib/surface/channel_ping.cc +0 -69
- data/src/core/lib/surface/wait_for_cq_end_op.cc +0 -75
- data/src/core/lib/surface/wait_for_cq_end_op.h +0 -72
- data/src/core/lib/transport/batch_builder.cc +0 -179
- data/src/core/lib/transport/batch_builder.h +0 -478
- data/src/core/lib/transport/call_factory.cc +0 -41
- data/src/core/lib/transport/call_factory.h +0 -56
- data/src/core/load_balancing/subchannel_list.h +0 -455
- data/src/core/resolver/xds/xds_resolver_trace.cc +0 -25
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -122
- data/third_party/upb/upb/message/types.h +0 -15
- data/third_party/utf8_range/naive.c +0 -92
- data/third_party/utf8_range/range2-neon.c +0 -157
- data/third_party/utf8_range/range2-sse.c +0 -170
- /data/src/core/{lib/gpr → util}/iphone/cpu.cc +0 -0
- /data/src/core/{lib/gpr → util}/linux/cpu.cc +0 -0
- /data/src/core/{lib/gpr → util}/posix/string.cc +0 -0
- /data/src/core/{lib/gpr → util}/sync_abseil.cc +0 -0
- /data/src/core/{lib/gpr → util}/windows/cpu.cc +0 -0
- /data/third_party/boringssl-with-bazel/src/include/openssl/{kyber.h → experimental/kyber.h} +0 -0
@@ -16,13 +16,15 @@
|
|
16
16
|
//
|
17
17
|
//
|
18
18
|
|
19
|
-
#include <grpc/support/port_platform.h>
|
20
|
-
|
21
19
|
#include "src/core/tsi/ssl_transport_security.h"
|
22
20
|
|
23
21
|
#include <limits.h>
|
24
22
|
#include <string.h>
|
25
23
|
|
24
|
+
#include <grpc/support/port_platform.h>
|
25
|
+
|
26
|
+
#include "src/core/tsi/transport_security_interface.h"
|
27
|
+
|
26
28
|
// TODO(jboeuf): refactor inet_ntop into a portability header.
|
27
29
|
// Note: for whomever reads this and tries to refactor this, this
|
28
30
|
// can't be in grpc, it has to be in gpr.
|
@@ -45,6 +47,8 @@
|
|
45
47
|
#include <openssl/x509.h>
|
46
48
|
#include <openssl/x509v3.h>
|
47
49
|
|
50
|
+
#include "absl/log/check.h"
|
51
|
+
#include "absl/log/log.h"
|
48
52
|
#include "absl/strings/match.h"
|
49
53
|
#include "absl/strings/str_cat.h"
|
50
54
|
#include "absl/strings/string_view.h"
|
@@ -52,12 +56,10 @@
|
|
52
56
|
#include <grpc/grpc_crl_provider.h>
|
53
57
|
#include <grpc/grpc_security.h>
|
54
58
|
#include <grpc/support/alloc.h>
|
55
|
-
#include <grpc/support/log.h>
|
56
59
|
#include <grpc/support/string_util.h>
|
57
60
|
#include <grpc/support/sync.h>
|
58
61
|
#include <grpc/support/thd_id.h>
|
59
62
|
|
60
|
-
#include "src/core/lib/gpr/useful.h"
|
61
63
|
#include "src/core/lib/gprpp/crash.h"
|
62
64
|
#include "src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h"
|
63
65
|
#include "src/core/tsi/ssl/key_logging/ssl_key_logging.h"
|
@@ -65,6 +67,7 @@
|
|
65
67
|
#include "src/core/tsi/ssl_transport_security_utils.h"
|
66
68
|
#include "src/core/tsi/ssl_types.h"
|
67
69
|
#include "src/core/tsi/transport_security.h"
|
70
|
+
#include "src/core/util/useful.h"
|
68
71
|
|
69
72
|
// --- Constants. ---
|
70
73
|
|
@@ -72,6 +75,7 @@
|
|
72
75
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND 16384
|
73
76
|
#define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND 1024
|
74
77
|
#define TSI_SSL_HANDSHAKER_OUTGOING_BUFFER_INITIAL_SIZE 1024
|
78
|
+
const size_t kMaxChainLength = 100;
|
75
79
|
|
76
80
|
// Putting a macro like this and littering the source file with #if is really
|
77
81
|
// bad practice.
|
@@ -193,7 +197,7 @@ static void init_openssl(void) {
|
|
193
197
|
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
194
198
|
if (!CRYPTO_get_locking_callback()) {
|
195
199
|
int num_locks = CRYPTO_num_locks();
|
196
|
-
|
200
|
+
CHECK_GT(num_locks, 0);
|
197
201
|
g_openssl_mutexes = static_cast<gpr_mu*>(
|
198
202
|
gpr_malloc(static_cast<size_t>(num_locks) * sizeof(gpr_mu)));
|
199
203
|
for (int i = 0; i < num_locks; i++) {
|
@@ -202,20 +206,20 @@ static void init_openssl(void) {
|
|
202
206
|
CRYPTO_set_locking_callback(openssl_locking_cb);
|
203
207
|
CRYPTO_set_id_callback(openssl_thread_id_cb);
|
204
208
|
} else {
|
205
|
-
|
209
|
+
LOG(INFO) << "OpenSSL callback has already been set.";
|
206
210
|
}
|
207
211
|
#endif
|
208
212
|
g_ssl_ctx_ex_factory_index =
|
209
213
|
SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
210
|
-
|
214
|
+
CHECK_NE(g_ssl_ctx_ex_factory_index, -1);
|
211
215
|
|
212
216
|
g_ssl_ctx_ex_crl_provider_index =
|
213
217
|
SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
|
214
|
-
|
218
|
+
CHECK_NE(g_ssl_ctx_ex_crl_provider_index, -1);
|
215
219
|
|
216
220
|
g_ssl_ex_verified_root_cert_index = SSL_get_ex_new_index(
|
217
221
|
0, nullptr, nullptr, nullptr, verified_root_cert_free);
|
218
|
-
|
222
|
+
CHECK_NE(g_ssl_ex_verified_root_cert_index, -1);
|
219
223
|
}
|
220
224
|
|
221
225
|
// --- Ssl utils. ---
|
@@ -223,7 +227,7 @@ static void init_openssl(void) {
|
|
223
227
|
// TODO(jboeuf): Remove when we are past the debugging phase with this code.
|
224
228
|
static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
225
229
|
const char* msg) {
|
226
|
-
if ((where & flag) && GRPC_TRACE_FLAG_ENABLED(
|
230
|
+
if ((where & flag) && GRPC_TRACE_FLAG_ENABLED(tsi)) {
|
227
231
|
gpr_log(GPR_INFO, "%20.20s - %30.30s - %5.10s", msg,
|
228
232
|
SSL_state_string_long(ssl), SSL_state_string(ssl));
|
229
233
|
}
|
@@ -232,7 +236,7 @@ static void ssl_log_where_info(const SSL* ssl, int where, int flag,
|
|
232
236
|
// Used for debugging. TODO(jboeuf): Remove when code is mature enough.
|
233
237
|
static void ssl_info_callback(const SSL* ssl, int where, int ret) {
|
234
238
|
if (ret == 0) {
|
235
|
-
|
239
|
+
LOG(ERROR) << "ssl_info_callback: error occurred.\n";
|
236
240
|
return;
|
237
241
|
}
|
238
242
|
|
@@ -275,30 +279,28 @@ static tsi_result ssl_get_x509_common_name(X509* cert, unsigned char** utf8,
|
|
275
279
|
X509_NAME* subject_name = X509_get_subject_name(cert);
|
276
280
|
int utf8_returned_size = 0;
|
277
281
|
if (subject_name == nullptr) {
|
278
|
-
|
282
|
+
VLOG(2) << "Could not get subject name from certificate.";
|
279
283
|
return TSI_NOT_FOUND;
|
280
284
|
}
|
281
285
|
common_name_index =
|
282
286
|
X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1);
|
283
287
|
if (common_name_index == -1) {
|
284
|
-
|
285
|
-
"Could not get common name of subject from certificate.");
|
288
|
+
VLOG(2) << "Could not get common name of subject from certificate.";
|
286
289
|
return TSI_NOT_FOUND;
|
287
290
|
}
|
288
291
|
common_name_entry = X509_NAME_get_entry(subject_name, common_name_index);
|
289
292
|
if (common_name_entry == nullptr) {
|
290
|
-
|
293
|
+
LOG(ERROR) << "Could not get common name entry from certificate.";
|
291
294
|
return TSI_INTERNAL_ERROR;
|
292
295
|
}
|
293
296
|
common_name_asn1 = X509_NAME_ENTRY_get_data(common_name_entry);
|
294
297
|
if (common_name_asn1 == nullptr) {
|
295
|
-
|
296
|
-
"Could not get common name entry asn1 from certificate.");
|
298
|
+
LOG(ERROR) << "Could not get common name entry asn1 from certificate.";
|
297
299
|
return TSI_INTERNAL_ERROR;
|
298
300
|
}
|
299
301
|
utf8_returned_size = ASN1_STRING_to_UTF8(utf8, common_name_asn1);
|
300
302
|
if (utf8_returned_size < 0) {
|
301
|
-
|
303
|
+
LOG(ERROR) << "Could not extract utf8 from asn1 string.";
|
302
304
|
return TSI_OUT_OF_RESOURCES;
|
303
305
|
}
|
304
306
|
*utf8_size = static_cast<size_t>(utf8_returned_size);
|
@@ -334,7 +336,7 @@ static tsi_result peer_property_from_x509_subject(X509* cert,
|
|
334
336
|
bool is_verified_root_cert) {
|
335
337
|
X509_NAME* subject_name = X509_get_subject_name(cert);
|
336
338
|
if (subject_name == nullptr) {
|
337
|
-
|
339
|
+
LOG(INFO) << "Could not get subject name from certificate.";
|
338
340
|
return TSI_NOT_FOUND;
|
339
341
|
}
|
340
342
|
BIO* bio = BIO_new(BIO_s_mem());
|
@@ -342,7 +344,7 @@ static tsi_result peer_property_from_x509_subject(X509* cert,
|
|
342
344
|
char* contents;
|
343
345
|
long len = BIO_get_mem_data(bio, &contents);
|
344
346
|
if (len < 0) {
|
345
|
-
|
347
|
+
LOG(ERROR) << "Could not get subject entry from certificate.";
|
346
348
|
BIO_free(bio);
|
347
349
|
return TSI_INTERNAL_ERROR;
|
348
350
|
}
|
@@ -407,7 +409,7 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
407
409
|
property_name = TSI_X509_URI_PEER_PROPERTY;
|
408
410
|
}
|
409
411
|
if (name_size < 0) {
|
410
|
-
|
412
|
+
LOG(ERROR) << "Could not get utf8 from asn1 string.";
|
411
413
|
result = TSI_INTERNAL_ERROR;
|
412
414
|
break;
|
413
415
|
}
|
@@ -433,14 +435,14 @@ static tsi_result add_subject_alt_names_properties_to_peer(
|
|
433
435
|
} else if (subject_alt_name->d.iPAddress->length == 16) {
|
434
436
|
af = AF_INET6;
|
435
437
|
} else {
|
436
|
-
|
438
|
+
LOG(ERROR) << "SAN IP Address contained invalid IP";
|
437
439
|
result = TSI_INTERNAL_ERROR;
|
438
440
|
break;
|
439
441
|
}
|
440
442
|
const char* name = inet_ntop(af, subject_alt_name->d.iPAddress->data,
|
441
443
|
ntop_buf, INET6_ADDRSTRLEN);
|
442
444
|
if (name == nullptr) {
|
443
|
-
|
445
|
+
LOG(ERROR) << "Could not get IP string from asn1 octet.";
|
444
446
|
result = TSI_INTERNAL_ERROR;
|
445
447
|
break;
|
446
448
|
}
|
@@ -474,7 +476,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
474
476
|
: 0;
|
475
477
|
size_t property_count;
|
476
478
|
tsi_result result;
|
477
|
-
|
479
|
+
CHECK_GE(subject_alt_name_count, 0);
|
478
480
|
property_count = (include_certificate_type ? size_t{1} : 0) +
|
479
481
|
3 /* subject, common name, certificate */ +
|
480
482
|
static_cast<size_t>(subject_alt_name_count);
|
@@ -529,7 +531,7 @@ static tsi_result peer_from_x509(X509* cert, int include_certificate_type,
|
|
529
531
|
}
|
530
532
|
if (result != TSI_OK) tsi_peer_destruct(peer);
|
531
533
|
|
532
|
-
|
534
|
+
CHECK((int)peer->property_count == current_insert_index);
|
533
535
|
return result;
|
534
536
|
}
|
535
537
|
|
@@ -540,7 +542,7 @@ static tsi_result ssl_ctx_use_certificate_chain(SSL_CTX* context,
|
|
540
542
|
tsi_result result = TSI_OK;
|
541
543
|
X509* certificate = nullptr;
|
542
544
|
BIO* pem;
|
543
|
-
|
545
|
+
CHECK_LE(pem_cert_chain_size, static_cast<size_t>(INT_MAX));
|
544
546
|
pem = BIO_new_mem_buf(pem_cert_chain, static_cast<int>(pem_cert_chain_size));
|
545
547
|
if (pem == nullptr) return TSI_OUT_OF_RESOURCES;
|
546
548
|
|
@@ -603,7 +605,7 @@ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
|
603
605
|
}
|
604
606
|
engine_name = static_cast<char*>(gpr_zalloc(engine_name_length + 1));
|
605
607
|
memcpy(engine_name, engine_start, engine_name_length);
|
606
|
-
|
608
|
+
VLOG(2) << "ENGINE key: " << engine_name;
|
607
609
|
ENGINE_load_dynamic();
|
608
610
|
engine = ENGINE_by_id(engine_name);
|
609
611
|
if (engine == nullptr) {
|
@@ -611,7 +613,7 @@ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
|
611
613
|
// current working directory.
|
612
614
|
engine = ENGINE_by_id("dynamic");
|
613
615
|
if (engine == nullptr) {
|
614
|
-
|
616
|
+
LOG(ERROR) << "Cannot load dynamic engine";
|
615
617
|
result = TSI_INVALID_ARGUMENT;
|
616
618
|
break;
|
617
619
|
}
|
@@ -620,29 +622,29 @@ static tsi_result ssl_ctx_use_engine_private_key(SSL_CTX* context,
|
|
620
622
|
!ENGINE_ctrl_cmd_string(engine, "DIR_ADD", ".", 0) ||
|
621
623
|
!ENGINE_ctrl_cmd_string(engine, "LIST_ADD", "1", 0) ||
|
622
624
|
!ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0)) {
|
623
|
-
|
625
|
+
LOG(ERROR) << "Cannot find engine";
|
624
626
|
result = TSI_INVALID_ARGUMENT;
|
625
627
|
break;
|
626
628
|
}
|
627
629
|
}
|
628
630
|
if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL)) {
|
629
|
-
|
631
|
+
LOG(ERROR) << "ENGINE_set_default with ENGINE_METHOD_ALL failed";
|
630
632
|
result = TSI_INVALID_ARGUMENT;
|
631
633
|
break;
|
632
634
|
}
|
633
635
|
if (!ENGINE_init(engine)) {
|
634
|
-
|
636
|
+
LOG(ERROR) << "ENGINE_init failed";
|
635
637
|
result = TSI_INVALID_ARGUMENT;
|
636
638
|
break;
|
637
639
|
}
|
638
640
|
private_key = ENGINE_load_private_key(engine, key_id, 0, 0);
|
639
641
|
if (private_key == nullptr) {
|
640
|
-
|
642
|
+
LOG(ERROR) << "ENGINE_load_private_key failed";
|
641
643
|
result = TSI_INVALID_ARGUMENT;
|
642
644
|
break;
|
643
645
|
}
|
644
646
|
if (!SSL_CTX_use_PrivateKey(context, private_key)) {
|
645
|
-
|
647
|
+
LOG(ERROR) << "SSL_CTX_use_PrivateKey failed";
|
646
648
|
result = TSI_INVALID_ARGUMENT;
|
647
649
|
break;
|
648
650
|
}
|
@@ -660,7 +662,7 @@ static tsi_result ssl_ctx_use_pem_private_key(SSL_CTX* context,
|
|
660
662
|
tsi_result result = TSI_OK;
|
661
663
|
EVP_PKEY* private_key = nullptr;
|
662
664
|
BIO* pem;
|
663
|
-
|
665
|
+
CHECK_LE(pem_key_size, static_cast<size_t>(INT_MAX));
|
664
666
|
pem = BIO_new_mem_buf(pem_key, static_cast<int>(pem_key_size));
|
665
667
|
if (pem == nullptr) return TSI_OUT_OF_RESOURCES;
|
666
668
|
do {
|
@@ -705,7 +707,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
705
707
|
X509* root = nullptr;
|
706
708
|
X509_NAME* root_name = nullptr;
|
707
709
|
BIO* pem;
|
708
|
-
|
710
|
+
CHECK_LE(pem_roots_size, static_cast<size_t>(INT_MAX));
|
709
711
|
pem = BIO_new_mem_buf(pem_roots, static_cast<int>(pem_roots_size));
|
710
712
|
if (cert_store == nullptr) return TSI_INVALID_ARGUMENT;
|
711
713
|
if (pem == nullptr) return TSI_OUT_OF_RESOURCES;
|
@@ -723,7 +725,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
723
725
|
if (root_names != nullptr) {
|
724
726
|
root_name = X509_get_subject_name(root);
|
725
727
|
if (root_name == nullptr) {
|
726
|
-
|
728
|
+
LOG(ERROR) << "Could not get name from root certificate.";
|
727
729
|
result = TSI_INVALID_ARGUMENT;
|
728
730
|
break;
|
729
731
|
}
|
@@ -740,7 +742,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
740
742
|
unsigned long error = ERR_get_error();
|
741
743
|
if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
|
742
744
|
ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
|
743
|
-
|
745
|
+
LOG(ERROR) << "Could not add root certificate to ssl context.";
|
744
746
|
result = TSI_INTERNAL_ERROR;
|
745
747
|
break;
|
746
748
|
}
|
@@ -749,7 +751,7 @@ static tsi_result x509_store_load_certs(X509_STORE* cert_store,
|
|
749
751
|
num_roots++;
|
750
752
|
}
|
751
753
|
if (num_roots == 0) {
|
752
|
-
|
754
|
+
LOG(ERROR) << "Could not load any root certificate.";
|
753
755
|
result = TSI_INVALID_ARGUMENT;
|
754
756
|
}
|
755
757
|
|
@@ -788,7 +790,7 @@ static tsi_result populate_ssl_context(
|
|
788
790
|
result = ssl_ctx_use_certificate_chain(context, key_cert_pair->cert_chain,
|
789
791
|
strlen(key_cert_pair->cert_chain));
|
790
792
|
if (result != TSI_OK) {
|
791
|
-
|
793
|
+
LOG(ERROR) << "Invalid cert chain file.";
|
792
794
|
return result;
|
793
795
|
}
|
794
796
|
}
|
@@ -796,21 +798,21 @@ static tsi_result populate_ssl_context(
|
|
796
798
|
result = ssl_ctx_use_private_key(context, key_cert_pair->private_key,
|
797
799
|
strlen(key_cert_pair->private_key));
|
798
800
|
if (result != TSI_OK || !SSL_CTX_check_private_key(context)) {
|
799
|
-
|
801
|
+
LOG(ERROR) << "Invalid private key.";
|
800
802
|
return result != TSI_OK ? result : TSI_INVALID_ARGUMENT;
|
801
803
|
}
|
802
804
|
}
|
803
805
|
}
|
804
806
|
if ((cipher_list != nullptr) &&
|
805
807
|
!SSL_CTX_set_cipher_list(context, cipher_list)) {
|
806
|
-
|
808
|
+
LOG(ERROR) << "Invalid cipher list: " << cipher_list;
|
807
809
|
return TSI_INVALID_ARGUMENT;
|
808
810
|
}
|
809
811
|
{
|
810
812
|
#if OPENSSL_VERSION_NUMBER < 0x30000000L
|
811
813
|
EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
|
812
814
|
if (!SSL_CTX_set_tmp_ecdh(context, ecdh)) {
|
813
|
-
|
815
|
+
LOG(ERROR) << "Could not set ephemeral ECDH key.";
|
814
816
|
EC_KEY_free(ecdh);
|
815
817
|
return TSI_INTERNAL_ERROR;
|
816
818
|
}
|
@@ -818,7 +820,7 @@ static tsi_result populate_ssl_context(
|
|
818
820
|
EC_KEY_free(ecdh);
|
819
821
|
#else
|
820
822
|
if (!SSL_CTX_set1_groups(context, kSslEcCurveNames, 1)) {
|
821
|
-
|
823
|
+
LOG(ERROR) << "Could not set ephemeral ECDH key.";
|
822
824
|
return TSI_INTERNAL_ERROR;
|
823
825
|
}
|
824
826
|
SSL_CTX_set_options(context, SSL_OP_SINGLE_ECDH_USE);
|
@@ -838,7 +840,7 @@ tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
|
838
840
|
|
839
841
|
cert = PEM_read_bio_X509(pem, nullptr, nullptr, const_cast<char*>(""));
|
840
842
|
if (cert == nullptr) {
|
841
|
-
|
843
|
+
LOG(ERROR) << "Invalid certificate";
|
842
844
|
result = TSI_INVALID_ARGUMENT;
|
843
845
|
} else {
|
844
846
|
result = peer_from_x509(cert, 0, peer);
|
@@ -861,8 +863,7 @@ static tsi_result build_alpn_protocol_name_list(
|
|
861
863
|
size_t length =
|
862
864
|
alpn_protocols[i] == nullptr ? 0 : strlen(alpn_protocols[i]);
|
863
865
|
if (length == 0 || length > 255) {
|
864
|
-
|
865
|
-
static_cast<int>(length));
|
866
|
+
LOG(ERROR) << "Invalid protocol name length: " << length;
|
866
867
|
return TSI_INVALID_ARGUMENT;
|
867
868
|
}
|
868
869
|
*protocol_name_list_length += length + 1;
|
@@ -891,13 +892,12 @@ static tsi_result build_alpn_protocol_name_list(
|
|
891
892
|
static int verify_cb(int ok, X509_STORE_CTX* ctx) {
|
892
893
|
int cert_error = X509_STORE_CTX_get_error(ctx);
|
893
894
|
if (cert_error == X509_V_ERR_UNABLE_TO_GET_CRL) {
|
894
|
-
|
895
|
-
|
896
|
-
"Ignoring error.");
|
895
|
+
LOG(INFO) << "Certificate verification failed to find relevant CRL file. "
|
896
|
+
"Ignoring error.";
|
897
897
|
return 1;
|
898
898
|
}
|
899
899
|
if (cert_error != 0) {
|
900
|
-
|
900
|
+
LOG(ERROR) << "Certificate verify failed with code " << cert_error;
|
901
901
|
}
|
902
902
|
return ok;
|
903
903
|
}
|
@@ -911,13 +911,7 @@ static int NullVerifyCallback(X509_STORE_CTX* /*ctx*/, void* /*arg*/) {
|
|
911
911
|
}
|
912
912
|
|
913
913
|
static int RootCertExtractCallback(X509_STORE_CTX* ctx, void* /*arg*/) {
|
914
|
-
int ret =
|
915
|
-
if (ret <= 0) {
|
916
|
-
// Verification failed. We shouldn't expect to have a verified chain, so
|
917
|
-
// there is no need to attempt to extract the root cert from it.
|
918
|
-
return ret;
|
919
|
-
}
|
920
|
-
|
914
|
+
int ret = 1;
|
921
915
|
// Verification was successful. Get the verified chain from the X509_STORE_CTX
|
922
916
|
// and put the root on the SSL object so that we have access to it when
|
923
917
|
// populating the tsi_peer. On error extracting the root, we return success
|
@@ -947,8 +941,8 @@ static int RootCertExtractCallback(X509_STORE_CTX* ctx, void* /*arg*/) {
|
|
947
941
|
if (ssl_index < 0) {
|
948
942
|
char err_str[256];
|
949
943
|
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
950
|
-
|
951
|
-
|
944
|
+
LOG(ERROR) << "error getting the SSL index from the X509_STORE_CTX: "
|
945
|
+
<< err_str;
|
952
946
|
return ret;
|
953
947
|
}
|
954
948
|
SSL* ssl = static_cast<SSL*>(X509_STORE_CTX_get_ex_data(ctx, ssl_index));
|
@@ -966,7 +960,7 @@ static int RootCertExtractCallback(X509_STORE_CTX* ctx, void* /*arg*/) {
|
|
966
960
|
int success =
|
967
961
|
SSL_set_ex_data(ssl, g_ssl_ex_verified_root_cert_index, root_cert);
|
968
962
|
if (success == 0) {
|
969
|
-
|
963
|
+
LOG(INFO) << "Could not set verified root cert in SSL's ex_data";
|
970
964
|
} else {
|
971
965
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
972
966
|
X509_up_ref(root_cert);
|
@@ -977,69 +971,201 @@ static int RootCertExtractCallback(X509_STORE_CTX* ctx, void* /*arg*/) {
|
|
977
971
|
return ret;
|
978
972
|
}
|
979
973
|
|
980
|
-
|
981
|
-
|
982
|
-
// must return 0 on failure and 1 on success. If no function to get the issuer
|
983
|
-
// is provided, the internal default function will be used instead.
|
984
|
-
static int GetCrlFromProvider(X509_STORE_CTX* ctx, X509_CRL** crl_out,
|
985
|
-
X509* cert) {
|
974
|
+
static grpc_core::experimental::CrlProvider* GetCrlProvider(
|
975
|
+
X509_STORE_CTX* ctx) {
|
986
976
|
ERR_clear_error();
|
987
977
|
int ssl_index = SSL_get_ex_data_X509_STORE_CTX_idx();
|
988
978
|
if (ssl_index < 0) {
|
989
979
|
char err_str[256];
|
990
980
|
ERR_error_string_n(ERR_get_error(), err_str, sizeof(err_str));
|
991
|
-
gpr_log(
|
981
|
+
gpr_log(GPR_INFO,
|
992
982
|
"error getting the SSL index from the X509_STORE_CTX while looking "
|
993
983
|
"up Crl: %s",
|
994
984
|
err_str);
|
995
|
-
return
|
985
|
+
return nullptr;
|
996
986
|
}
|
997
987
|
SSL* ssl = static_cast<SSL*>(X509_STORE_CTX_get_ex_data(ctx, ssl_index));
|
998
988
|
if (ssl == nullptr) {
|
999
|
-
|
1000
|
-
|
1001
|
-
return 0;
|
989
|
+
LOG(INFO) << "error while fetching from CrlProvider. SSL object is null";
|
990
|
+
return nullptr;
|
1002
991
|
}
|
1003
992
|
SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(ssl);
|
1004
993
|
auto* provider = static_cast<grpc_core::experimental::CrlProvider*>(
|
1005
994
|
SSL_CTX_get_ex_data(ssl_ctx, g_ssl_ctx_ex_crl_provider_index));
|
995
|
+
return provider;
|
996
|
+
}
|
1006
997
|
|
1007
|
-
|
1008
|
-
|
1009
|
-
|
1010
|
-
|
998
|
+
// If a CRL is returned, the caller is the owner of the CRL and must make sure
|
999
|
+
// it is freed.
|
1000
|
+
static absl::StatusOr<X509_CRL*> GetCrlFromProvider(
|
1001
|
+
grpc_core::experimental::CrlProvider* provider, X509* cert) {
|
1002
|
+
if (provider == nullptr) {
|
1003
|
+
return absl::InvalidArgumentError("CrlProvider is null.");
|
1004
|
+
}
|
1005
|
+
absl::StatusOr<std::string> issuer_name = grpc_core::IssuerFromCert(cert);
|
1006
|
+
if (!issuer_name.ok()) {
|
1007
|
+
LOG(INFO) << "Could not get certificate issuer name";
|
1008
|
+
return absl::InvalidArgumentError(issuer_name.status().message());
|
1011
1009
|
}
|
1012
|
-
|
1010
|
+
absl::StatusOr<std::string> akid = grpc_core::AkidFromCertificate(cert);
|
1011
|
+
std::string akid_to_use;
|
1012
|
+
if (!akid.ok()) {
|
1013
|
+
LOG(INFO) << "Could not get certificate authority key identifier.";
|
1014
|
+
} else {
|
1015
|
+
akid_to_use = *akid;
|
1016
|
+
}
|
1017
|
+
|
1018
|
+
grpc_core::experimental::CertificateInfoImpl cert_impl(*issuer_name,
|
1019
|
+
akid_to_use);
|
1013
1020
|
std::shared_ptr<grpc_core::experimental::Crl> internal_crl =
|
1014
1021
|
provider->GetCrl(cert_impl);
|
1015
|
-
OPENSSL_free(buf);
|
1016
1022
|
// There wasn't a CRL found in the provider. Returning 0 will end up causing
|
1017
1023
|
// OpenSSL to return X509_V_ERR_UNABLE_TO_GET_CRL. We then catch that error
|
1018
1024
|
// and behave how we want for a missing CRL.
|
1019
1025
|
// It is important to treat missing CRLs and empty CRLs differently.
|
1020
1026
|
if (internal_crl == nullptr) {
|
1021
|
-
return
|
1027
|
+
return absl::NotFoundError("Could not find Crl related to certificate.");
|
1022
1028
|
}
|
1023
1029
|
X509_CRL* crl =
|
1024
1030
|
std::static_pointer_cast<grpc_core::experimental::CrlImpl>(internal_crl)
|
1025
1031
|
->crl();
|
1026
1032
|
|
1027
|
-
|
1028
|
-
|
1033
|
+
return X509_CRL_dup(crl);
|
1034
|
+
}
|
1035
|
+
|
1036
|
+
// Perform the validation checks in RFC5280 6.3.3 to ensure the given CRL is
|
1037
|
+
// valid
|
1038
|
+
// returns true if the Crl is valid, false otherwise
|
1039
|
+
static bool ValidateCrl(X509* cert, X509* issuer, X509_CRL* crl) {
|
1040
|
+
bool valid = true;
|
1041
|
+
// RFC5280 6.3.3
|
1042
|
+
// 6.3.3a we do not support distribution points
|
1043
|
+
// 6.3.3b verify issuer and scope
|
1044
|
+
valid = grpc_core::VerifyCrlCertIssuerNamesMatch(crl, cert);
|
1045
|
+
if (!valid) {
|
1046
|
+
VLOG(2) << "CRL and cert issuer names mismatched.";
|
1047
|
+
return valid;
|
1048
|
+
}
|
1049
|
+
valid = grpc_core::HasCrlSignBit(issuer);
|
1050
|
+
if (!valid) {
|
1051
|
+
VLOG(2) << "CRL issuer not allowed to sign CRLs.";
|
1052
|
+
return valid;
|
1053
|
+
}
|
1054
|
+
// 6.3.3c Not supporting deltas
|
1055
|
+
// 6.3.3d Not supporting reasons masks
|
1056
|
+
// 6.3.3e Not supporting reasons masks
|
1057
|
+
// 6.3.3f We only support direct CRLs so these paths are by definition the
|
1058
|
+
// same.
|
1059
|
+
// 6.3.3g Verify CRL Signature
|
1060
|
+
valid = grpc_core::VerifyCrlSignature(crl, issuer);
|
1061
|
+
if (!valid) {
|
1062
|
+
VLOG(2) << "Crl signature check failed.";
|
1063
|
+
}
|
1064
|
+
return valid;
|
1065
|
+
}
|
1066
|
+
|
1067
|
+
// Check if a given certificate is revoked
|
1068
|
+
// Returns 1 if the certificate is not revoked, 0 if the certificate is revoked
|
1069
|
+
static int CheckCertRevocation(grpc_core::experimental::CrlProvider* provider,
|
1070
|
+
X509* cert, X509* issuer) {
|
1071
|
+
auto crl = GetCrlFromProvider(provider, cert);
|
1072
|
+
// Not finding a CRL is a specific behavior. Per RFC5280, not having a CRL to
|
1073
|
+
// check for a given certificate means that we cannot know for certain if the
|
1074
|
+
// status is Revoked or Unrevoked and instead is Undetermined. How a user
|
1075
|
+
// handles an Undetermined CRL is up to them. We use absl::IsNotFound as an
|
1076
|
+
// analogue for not finding the Crl from the provider, thus the certificate in
|
1077
|
+
// question is Undetermined.
|
1078
|
+
if (absl::IsNotFound(crl.status())) {
|
1079
|
+
// TODO(gtcooke94) knob for undetermined being revoked or unrevoked. By
|
1080
|
+
// default, unrevoked.
|
1081
|
+
return 1;
|
1082
|
+
} else if (!crl.ok()) {
|
1083
|
+
// This is an unexpected error, return false
|
1084
|
+
return 0;
|
1085
|
+
}
|
1086
|
+
// Validate the crl
|
1087
|
+
// RFC5280 6.3.3(a-i)
|
1088
|
+
if (!ValidateCrl(cert, issuer, *crl)) {
|
1089
|
+
X509_CRL_free(*crl);
|
1090
|
+
return 0;
|
1091
|
+
}
|
1092
|
+
|
1093
|
+
// RFC5280 6.3.3j Actually check revocation
|
1094
|
+
// Look for serial number of certificate in CRL X509_REVOKED* rev =
|
1095
|
+
// nullptr;
|
1096
|
+
X509_REVOKED* rev;
|
1097
|
+
if (X509_CRL_get0_by_cert(*crl, &rev, cert)) {
|
1098
|
+
// cert is revoked
|
1099
|
+
X509_CRL_free(*crl);
|
1100
|
+
return 0;
|
1101
|
+
}
|
1102
|
+
// The certificate is not revoked
|
1103
|
+
// RFC5280k - Not supported
|
1104
|
+
// RFC5280l - Not supported
|
1105
|
+
X509_CRL_free(*crl);
|
1029
1106
|
return 1;
|
1030
1107
|
}
|
1031
1108
|
|
1032
|
-
//
|
1033
|
-
//
|
1034
|
-
|
1035
|
-
|
1036
|
-
|
1037
|
-
|
1038
|
-
|
1039
|
-
|
1109
|
+
// Checks each certificate in the chain for revocation
|
1110
|
+
// returns 0 if any cert in the chain is revoked, 1 otherwise.
|
1111
|
+
static int CheckChainRevocation(
|
1112
|
+
X509_STORE_CTX* ctx, grpc_core::experimental::CrlProvider* provider) {
|
1113
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
1114
|
+
STACK_OF(X509)* chain = X509_STORE_CTX_get0_chain(ctx);
|
1115
|
+
#else
|
1116
|
+
STACK_OF(X509)* chain = X509_STORE_CTX_get_chain(ctx);
|
1117
|
+
#endif
|
1118
|
+
if (chain == nullptr) {
|
1119
|
+
return 0;
|
1120
|
+
}
|
1121
|
+
// BoringSSL returns a size_t (unsigned), while OpenSSL returns an int
|
1122
|
+
// (signed). In OpenSSL, a -1 can indicate a problem. By forcing it into a
|
1123
|
+
// size_t, a -1 return will result in the chain_length being a very large
|
1124
|
+
// number, so it will still fail this check because that very large number
|
1125
|
+
// will be >= kMaxChainLength
|
1126
|
+
size_t chain_length = sk_X509_num(chain);
|
1127
|
+
if (chain_length > kMaxChainLength || chain_length == 0) {
|
1128
|
+
return 0;
|
1129
|
+
}
|
1130
|
+
// Loop to < chain_length - 1 because the last cert is the trust anchor/root
|
1131
|
+
// which cannot be revoked
|
1132
|
+
for (size_t i = 0; i < chain_length - 1; i++) {
|
1133
|
+
X509* cert = sk_X509_value(chain, i);
|
1134
|
+
X509* issuer = sk_X509_value(chain, i + 1);
|
1135
|
+
int ret = CheckCertRevocation(provider, cert, issuer);
|
1136
|
+
if (ret != 1) {
|
1137
|
+
return ret;
|
1138
|
+
}
|
1139
|
+
}
|
1040
1140
|
return 1;
|
1041
1141
|
}
|
1042
1142
|
|
1143
|
+
// The custom verification function to set in OpenSSL using
|
1144
|
+
// X509_set_cert_verify_callback. This calls the standard OpenSSL procedure
|
1145
|
+
// (X509_verify_cert), then also extracts the root certificate in the built
|
1146
|
+
// chain and does revocation checks when a user has configured CrlProviders.
|
1147
|
+
// returns 1 on success, indicating a trusted chain to a root of trust was
|
1148
|
+
// found, 0 if a trusted chain could not be built.
|
1149
|
+
static int CustomVerificationFunction(X509_STORE_CTX* ctx, void* arg) {
|
1150
|
+
int ret = X509_verify_cert(ctx);
|
1151
|
+
if (ret <= 0) {
|
1152
|
+
VLOG(2) << "Failed to verify cert chain.";
|
1153
|
+
// Verification failed. We shouldn't expect to have a verified chain, so
|
1154
|
+
// there is no need to attempt to extract the root cert from it, check for
|
1155
|
+
// revocation, or check anything else.
|
1156
|
+
return ret;
|
1157
|
+
}
|
1158
|
+
grpc_core::experimental::CrlProvider* provider = GetCrlProvider(ctx);
|
1159
|
+
if (provider != nullptr) {
|
1160
|
+
ret = CheckChainRevocation(ctx, provider);
|
1161
|
+
if (ret <= 0) {
|
1162
|
+
VLOG(2) << "The chain failed revocation checks.";
|
1163
|
+
return ret;
|
1164
|
+
}
|
1165
|
+
}
|
1166
|
+
return RootCertExtractCallback(ctx, arg);
|
1167
|
+
}
|
1168
|
+
|
1043
1169
|
// Sets the min and max TLS version of |ssl_context| to |min_tls_version| and
|
1044
1170
|
// |max_tls_version|, respectively. Calling this method is a no-op when using
|
1045
1171
|
// OpenSSL versions < 1.1.
|
@@ -1047,8 +1173,8 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
1047
1173
|
SSL_CTX* ssl_context, tsi_tls_version min_tls_version,
|
1048
1174
|
tsi_tls_version max_tls_version) {
|
1049
1175
|
if (ssl_context == nullptr) {
|
1050
|
-
|
1051
|
-
|
1176
|
+
LOG(INFO) << "Invalid nullptr argument to "
|
1177
|
+
"|tsi_set_min_and_max_tls_versions|.";
|
1052
1178
|
return TSI_INVALID_ARGUMENT;
|
1053
1179
|
}
|
1054
1180
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
@@ -1061,15 +1187,15 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
1061
1187
|
SSL_CTX_set_min_proto_version(ssl_context, TLS1_2_VERSION);
|
1062
1188
|
break;
|
1063
1189
|
#if defined(TLS1_3_VERSION)
|
1064
|
-
// If the library does not support TLS 1.3 and the caller requests a
|
1065
|
-
// of TLS 1.3, then return an error because the caller's request
|
1066
|
-
// satisfied.
|
1190
|
+
// If the library does not support TLS 1.3 and the caller requests a
|
1191
|
+
// minimum of TLS 1.3, then return an error because the caller's request
|
1192
|
+
// cannot be satisfied.
|
1067
1193
|
case tsi_tls_version::TSI_TLS1_3:
|
1068
1194
|
SSL_CTX_set_min_proto_version(ssl_context, TLS1_3_VERSION);
|
1069
1195
|
break;
|
1070
1196
|
#endif
|
1071
1197
|
default:
|
1072
|
-
|
1198
|
+
LOG(INFO) << "TLS version is not supported.";
|
1073
1199
|
return TSI_FAILED_PRECONDITION;
|
1074
1200
|
}
|
1075
1201
|
|
@@ -1088,7 +1214,7 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
1088
1214
|
#endif
|
1089
1215
|
break;
|
1090
1216
|
default:
|
1091
|
-
|
1217
|
+
LOG(INFO) << "TLS version is not supported.";
|
1092
1218
|
return TSI_FAILED_PRECONDITION;
|
1093
1219
|
}
|
1094
1220
|
#endif
|
@@ -1100,29 +1226,35 @@ static tsi_result tsi_set_min_and_max_tls_versions(
|
|
1100
1226
|
tsi_ssl_root_certs_store* tsi_ssl_root_certs_store_create(
|
1101
1227
|
const char* pem_roots) {
|
1102
1228
|
if (pem_roots == nullptr) {
|
1103
|
-
|
1229
|
+
LOG(ERROR) << "The root certificates are empty.";
|
1104
1230
|
return nullptr;
|
1105
1231
|
}
|
1106
1232
|
tsi_ssl_root_certs_store* root_store = static_cast<tsi_ssl_root_certs_store*>(
|
1107
1233
|
gpr_zalloc(sizeof(tsi_ssl_root_certs_store)));
|
1108
1234
|
if (root_store == nullptr) {
|
1109
|
-
|
1235
|
+
LOG(ERROR) << "Could not allocate buffer for ssl_root_certs_store.";
|
1110
1236
|
return nullptr;
|
1111
1237
|
}
|
1112
1238
|
root_store->store = X509_STORE_new();
|
1113
1239
|
if (root_store->store == nullptr) {
|
1114
|
-
|
1240
|
+
LOG(ERROR) << "Could not allocate buffer for X509_STORE.";
|
1115
1241
|
gpr_free(root_store);
|
1116
1242
|
return nullptr;
|
1117
1243
|
}
|
1118
1244
|
tsi_result result = x509_store_load_certs(root_store->store, pem_roots,
|
1119
1245
|
strlen(pem_roots), nullptr);
|
1120
1246
|
if (result != TSI_OK) {
|
1121
|
-
|
1247
|
+
LOG(ERROR) << "Could not load root certificates.";
|
1122
1248
|
X509_STORE_free(root_store->store);
|
1123
1249
|
gpr_free(root_store);
|
1124
1250
|
return nullptr;
|
1125
1251
|
}
|
1252
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
1253
|
+
X509_VERIFY_PARAM* param = X509_STORE_get0_param(root_store->store);
|
1254
|
+
#else
|
1255
|
+
X509_VERIFY_PARAM* param = root_store->store->param;
|
1256
|
+
#endif
|
1257
|
+
X509_VERIFY_PARAM_set_depth(param, kMaxChainLength);
|
1126
1258
|
return root_store;
|
1127
1259
|
}
|
1128
1260
|
|
@@ -1238,7 +1370,7 @@ static tsi_ssl_handshaker_factory_vtable handshaker_factory_vtable = {nullptr};
|
|
1238
1370
|
// allocating memory for the factory.
|
1239
1371
|
static void tsi_ssl_handshaker_factory_init(
|
1240
1372
|
tsi_ssl_handshaker_factory* factory) {
|
1241
|
-
|
1373
|
+
CHECK_NE(factory, nullptr);
|
1242
1374
|
|
1243
1375
|
factory->vtable = &handshaker_factory_vtable;
|
1244
1376
|
gpr_ref_init(&factory->refcount, 1);
|
@@ -1342,9 +1474,8 @@ static tsi_result ssl_handshaker_result_extract_peer(
|
|
1342
1474
|
result = peer_property_from_x509_subject(
|
1343
1475
|
verified_root_cert, &peer->properties[peer->property_count], true);
|
1344
1476
|
if (result != TSI_OK) {
|
1345
|
-
|
1346
|
-
|
1347
|
-
static_cast<int>(result));
|
1477
|
+
VLOG(2) << "Problem extracting subject from verified_root_cert. result: "
|
1478
|
+
<< result;
|
1348
1479
|
}
|
1349
1480
|
peer->property_count++;
|
1350
1481
|
}
|
@@ -1466,7 +1597,7 @@ static tsi_result ssl_handshaker_get_bytes_to_send_to_peer(
|
|
1466
1597
|
if (error != nullptr) *error = "invalid argument";
|
1467
1598
|
return TSI_INVALID_ARGUMENT;
|
1468
1599
|
}
|
1469
|
-
|
1600
|
+
CHECK_LE(*bytes_size, static_cast<size_t>(INT_MAX));
|
1470
1601
|
bytes_read_from_ssl =
|
1471
1602
|
BIO_read(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1472
1603
|
if (bytes_read_from_ssl < 0) {
|
@@ -1537,11 +1668,11 @@ static tsi_result ssl_handshaker_process_bytes_from_peer(
|
|
1537
1668
|
if (error != nullptr) *error = "invalid argument";
|
1538
1669
|
return TSI_INVALID_ARGUMENT;
|
1539
1670
|
}
|
1540
|
-
|
1671
|
+
CHECK_LE(*bytes_size, static_cast<size_t>(INT_MAX));
|
1541
1672
|
bytes_written_into_ssl_size =
|
1542
1673
|
BIO_write(impl->network_io, bytes, static_cast<int>(*bytes_size));
|
1543
1674
|
if (bytes_written_into_ssl_size < 0) {
|
1544
|
-
|
1675
|
+
LOG(ERROR) << "Could not write to memory BIO.";
|
1545
1676
|
if (error != nullptr) *error = "could not write to memory BIO";
|
1546
1677
|
impl->result = TSI_INTERNAL_ERROR;
|
1547
1678
|
return impl->result;
|
@@ -1578,8 +1709,8 @@ static tsi_result ssl_bytes_remaining(tsi_ssl_handshaker* impl,
|
|
1578
1709
|
*bytes_remaining = static_cast<uint8_t*>(gpr_malloc(bytes_in_ssl));
|
1579
1710
|
int bytes_read = BIO_read(SSL_get_rbio(impl->ssl), *bytes_remaining,
|
1580
1711
|
static_cast<int>(bytes_in_ssl));
|
1581
|
-
// If an unexpected number of bytes were read, return an error status and
|
1582
|
-
// all of the bytes that were read.
|
1712
|
+
// If an unexpected number of bytes were read, return an error status and
|
1713
|
+
// free all of the bytes that were read.
|
1583
1714
|
if (bytes_read < 0 || static_cast<size_t>(bytes_read) != bytes_in_ssl) {
|
1584
1715
|
gpr_log(GPR_ERROR,
|
1585
1716
|
"Failed to read the expected number of bytes from SSL object.");
|
@@ -1654,16 +1785,16 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1654
1785
|
impl, remaining_bytes_to_write_to_openssl, &bytes_written_to_openssl,
|
1655
1786
|
error);
|
1656
1787
|
// As long as the BIO is full, drive the SSL handshake to consume bytes
|
1657
|
-
// from the BIO. If the SSL handshake returns any bytes, write them to
|
1658
|
-
// peer.
|
1788
|
+
// from the BIO. If the SSL handshake returns any bytes, write them to
|
1789
|
+
// the peer.
|
1659
1790
|
while (status == TSI_DRAIN_BUFFER) {
|
1660
1791
|
status =
|
1661
1792
|
ssl_handshaker_write_output_buffer(self, &bytes_written, error);
|
1662
1793
|
if (status != TSI_OK) return status;
|
1663
1794
|
status = ssl_handshaker_do_handshake(impl, error);
|
1664
1795
|
}
|
1665
|
-
// Move the pointer to the first byte not yet successfully written to
|
1666
|
-
// BIO.
|
1796
|
+
// Move the pointer to the first byte not yet successfully written to
|
1797
|
+
// the BIO.
|
1667
1798
|
remaining_bytes_to_write_to_openssl_size -= bytes_written_to_openssl;
|
1668
1799
|
remaining_bytes_to_write_to_openssl += bytes_written_to_openssl;
|
1669
1800
|
}
|
@@ -1679,16 +1810,16 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1679
1810
|
*handshaker_result = nullptr;
|
1680
1811
|
} else {
|
1681
1812
|
// Any bytes that remain in |impl->ssl|'s read BIO after the handshake is
|
1682
|
-
// complete must be extracted and set to the unused bytes of the
|
1683
|
-
// result. This indicates to the gRPC stack that there are
|
1684
|
-
// peer that must be processed.
|
1813
|
+
// complete must be extracted and set to the unused bytes of the
|
1814
|
+
// handshaker result. This indicates to the gRPC stack that there are
|
1815
|
+
// bytes from the peer that must be processed.
|
1685
1816
|
unsigned char* unused_bytes = nullptr;
|
1686
1817
|
size_t unused_bytes_size = 0;
|
1687
1818
|
status =
|
1688
1819
|
ssl_bytes_remaining(impl, &unused_bytes, &unused_bytes_size, error);
|
1689
1820
|
if (status != TSI_OK) return status;
|
1690
1821
|
if (unused_bytes_size > received_bytes_size) {
|
1691
|
-
|
1822
|
+
LOG(ERROR) << "More unused bytes than received bytes.";
|
1692
1823
|
gpr_free(unused_bytes);
|
1693
1824
|
if (error != nullptr) *error = "More unused bytes than received bytes.";
|
1694
1825
|
return TSI_INTERNAL_ERROR;
|
@@ -1696,8 +1827,8 @@ static tsi_result ssl_handshaker_next(tsi_handshaker* self,
|
|
1696
1827
|
status = ssl_handshaker_result_create(impl, unused_bytes, unused_bytes_size,
|
1697
1828
|
handshaker_result, error);
|
1698
1829
|
if (status == TSI_OK) {
|
1699
|
-
// Indicates that the handshake has completed and that a
|
1700
|
-
// has been created.
|
1830
|
+
// Indicates that the handshake has completed and that a
|
1831
|
+
// handshaker_result has been created.
|
1701
1832
|
self->handshaker_result_created = true;
|
1702
1833
|
}
|
1703
1834
|
}
|
@@ -1742,7 +1873,7 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1742
1873
|
tsi_ssl_handshaker* impl = nullptr;
|
1743
1874
|
*handshaker = nullptr;
|
1744
1875
|
if (ctx == nullptr) {
|
1745
|
-
|
1876
|
+
LOG(ERROR) << "SSL Context is null. Should never happen.";
|
1746
1877
|
return TSI_INTERNAL_ERROR;
|
1747
1878
|
}
|
1748
1879
|
if (ssl == nullptr) {
|
@@ -1752,7 +1883,7 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
1752
1883
|
|
1753
1884
|
if (!BIO_new_bio_pair(&network_io, network_bio_buf_size, &ssl_io,
|
1754
1885
|
ssl_bio_buf_size)) {
|
1755
|
-
|
1886
|
+
LOG(ERROR) << "BIO_new_bio_pair failed.";
|
1756
1887
|
SSL_free(ssl);
|
1757
1888
|
return TSI_OUT_OF_RESOURCES;
|
1758
1889
|
}
|
@@ -1941,7 +2072,7 @@ static int does_entry_match_name(absl::string_view entry,
|
|
1941
2072
|
|
1942
2073
|
// Wildchar subdomain matching.
|
1943
2074
|
if (entry.size() < 3 || entry[1] != '.') { // At least *.x
|
1944
|
-
|
2075
|
+
LOG(ERROR) << "Invalid wildchar entry.";
|
1945
2076
|
return 0;
|
1946
2077
|
}
|
1947
2078
|
size_t name_subdomain_pos = name.find('.');
|
@@ -1952,8 +2083,7 @@ static int does_entry_match_name(absl::string_view entry,
|
|
1952
2083
|
entry.remove_prefix(2); // Remove *.
|
1953
2084
|
size_t dot = name_subdomain.find('.');
|
1954
2085
|
if (dot == absl::string_view::npos || dot == name_subdomain.size() - 1) {
|
1955
|
-
|
1956
|
-
std::string(name_subdomain).c_str());
|
2086
|
+
LOG(ERROR) << "Invalid toplevel subdomain: " << name_subdomain;
|
1957
2087
|
return 0;
|
1958
2088
|
}
|
1959
2089
|
if (name_subdomain.back() == '.') {
|
@@ -1980,7 +2110,7 @@ static int ssl_server_handshaker_factory_servername_callback(SSL* ssl,
|
|
1980
2110
|
return SSL_TLSEXT_ERR_OK;
|
1981
2111
|
}
|
1982
2112
|
}
|
1983
|
-
|
2113
|
+
LOG(ERROR) << "No match found for server name: " << servername;
|
1984
2114
|
return SSL_TLSEXT_ERR_NOACK;
|
1985
2115
|
}
|
1986
2116
|
|
@@ -2001,7 +2131,7 @@ static int server_handshaker_factory_npn_advertised_callback(
|
|
2001
2131
|
tsi_ssl_server_handshaker_factory* factory =
|
2002
2132
|
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
2003
2133
|
*out = factory->alpn_protocol_list;
|
2004
|
-
|
2134
|
+
CHECK(factory->alpn_protocol_list_length <= UINT_MAX);
|
2005
2135
|
*outlen = static_cast<unsigned int>(factory->alpn_protocol_list_length);
|
2006
2136
|
return SSL_TLSEXT_ERR_OK;
|
2007
2137
|
}
|
@@ -2035,7 +2165,7 @@ static int server_handshaker_factory_new_session_callback(
|
|
2035
2165
|
template <typename T>
|
2036
2166
|
static void ssl_keylogging_callback(const SSL* ssl, const char* info) {
|
2037
2167
|
SSL_CTX* ssl_context = SSL_get_SSL_CTX(ssl);
|
2038
|
-
|
2168
|
+
CHECK_NE(ssl_context, nullptr);
|
2039
2169
|
void* arg = SSL_CTX_get_ex_data(ssl_context, g_ssl_ctx_ex_factory_index);
|
2040
2170
|
T* factory = static_cast<T*>(arg);
|
2041
2171
|
factory->key_logger->LogSessionKeys(ssl_context, info);
|
@@ -2082,12 +2212,12 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2082
2212
|
#else
|
2083
2213
|
ssl_context = SSL_CTX_new(TLSv1_2_method());
|
2084
2214
|
#endif
|
2085
|
-
#if OPENSSL_VERSION_NUMBER >= 0x10101000
|
2215
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(LIBRESSL_VERSION_NUMBER)
|
2086
2216
|
SSL_CTX_set_options(ssl_context, SSL_OP_NO_RENEGOTIATION);
|
2087
2217
|
#endif
|
2088
2218
|
if (ssl_context == nullptr) {
|
2089
2219
|
grpc_core::LogSslErrorStack();
|
2090
|
-
|
2220
|
+
LOG(ERROR) << "Could not create ssl context.";
|
2091
2221
|
return TSI_INVALID_ARGUMENT;
|
2092
2222
|
}
|
2093
2223
|
|
@@ -2144,8 +2274,17 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2144
2274
|
result = ssl_ctx_load_verification_certs(
|
2145
2275
|
ssl_context, options->pem_root_certs, strlen(options->pem_root_certs),
|
2146
2276
|
nullptr);
|
2277
|
+
X509_STORE* cert_store = SSL_CTX_get_cert_store(ssl_context);
|
2278
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
2279
|
+
X509_VERIFY_PARAM* param = X509_STORE_get0_param(cert_store);
|
2280
|
+
|
2281
|
+
#else
|
2282
|
+
X509_VERIFY_PARAM* param = cert_store->param;
|
2283
|
+
#endif
|
2284
|
+
|
2285
|
+
X509_VERIFY_PARAM_set_depth(param, kMaxChainLength);
|
2147
2286
|
if (result != TSI_OK) {
|
2148
|
-
|
2287
|
+
LOG(ERROR) << "Cannot load server root certificates.";
|
2149
2288
|
break;
|
2150
2289
|
}
|
2151
2290
|
}
|
@@ -2155,16 +2294,16 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2155
2294
|
options->alpn_protocols, options->num_alpn_protocols,
|
2156
2295
|
&impl->alpn_protocol_list, &impl->alpn_protocol_list_length);
|
2157
2296
|
if (result != TSI_OK) {
|
2158
|
-
|
2159
|
-
|
2297
|
+
LOG(ERROR) << "Building alpn list failed with error "
|
2298
|
+
<< tsi_result_to_string(result);
|
2160
2299
|
break;
|
2161
2300
|
}
|
2162
2301
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
2163
|
-
|
2302
|
+
CHECK(impl->alpn_protocol_list_length < UINT_MAX);
|
2164
2303
|
if (SSL_CTX_set_alpn_protos(
|
2165
2304
|
ssl_context, impl->alpn_protocol_list,
|
2166
2305
|
static_cast<unsigned int>(impl->alpn_protocol_list_length))) {
|
2167
|
-
|
2306
|
+
LOG(ERROR) << "Could not set alpn protocol list to context.";
|
2168
2307
|
result = TSI_INVALID_ARGUMENT;
|
2169
2308
|
break;
|
2170
2309
|
}
|
@@ -2181,28 +2320,20 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
2181
2320
|
if (options->skip_server_certificate_verification) {
|
2182
2321
|
SSL_CTX_set_cert_verify_callback(ssl_context, NullVerifyCallback, nullptr);
|
2183
2322
|
} else {
|
2184
|
-
SSL_CTX_set_cert_verify_callback(ssl_context,
|
2323
|
+
SSL_CTX_set_cert_verify_callback(ssl_context, CustomVerificationFunction,
|
2185
2324
|
nullptr);
|
2186
2325
|
}
|
2187
|
-
|
2188
|
-
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
2326
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
2189
2327
|
if (options->crl_provider != nullptr) {
|
2190
2328
|
SSL_CTX_set_ex_data(impl->ssl_context, g_ssl_ctx_ex_crl_provider_index,
|
2191
2329
|
options->crl_provider.get());
|
2192
|
-
X509_STORE* cert_store = SSL_CTX_get_cert_store(impl->ssl_context);
|
2193
|
-
X509_STORE_set_get_crl(cert_store, GetCrlFromProvider);
|
2194
|
-
X509_STORE_set_check_crl(cert_store, CheckCrlPassthrough);
|
2195
|
-
X509_STORE_set_verify_cb(cert_store, verify_cb);
|
2196
|
-
X509_VERIFY_PARAM* param = X509_STORE_get0_param(cert_store);
|
2197
|
-
X509_VERIFY_PARAM_set_flags(
|
2198
|
-
param, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
|
2199
2330
|
} else if (options->crl_directory != nullptr &&
|
2200
2331
|
strcmp(options->crl_directory, "") != 0) {
|
2201
2332
|
X509_STORE* cert_store = SSL_CTX_get_cert_store(ssl_context);
|
2202
2333
|
X509_STORE_set_verify_cb(cert_store, verify_cb);
|
2203
2334
|
if (!X509_STORE_load_locations(cert_store, nullptr,
|
2204
2335
|
options->crl_directory)) {
|
2205
|
-
|
2336
|
+
LOG(ERROR) << "Failed to load CRL File from directory.";
|
2206
2337
|
} else {
|
2207
2338
|
X509_VERIFY_PARAM* param = X509_STORE_get0_param(cert_store);
|
2208
2339
|
X509_VERIFY_PARAM_set_flags(
|
@@ -2302,12 +2433,12 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2302
2433
|
#else
|
2303
2434
|
impl->ssl_contexts[i] = SSL_CTX_new(TLSv1_2_method());
|
2304
2435
|
#endif
|
2305
|
-
#if OPENSSL_VERSION_NUMBER >= 0x10101000
|
2436
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(LIBRESSL_VERSION_NUMBER)
|
2306
2437
|
SSL_CTX_set_options(impl->ssl_contexts[i], SSL_OP_NO_RENEGOTIATION);
|
2307
2438
|
#endif
|
2308
2439
|
if (impl->ssl_contexts[i] == nullptr) {
|
2309
2440
|
grpc_core::LogSslErrorStack();
|
2310
|
-
|
2441
|
+
LOG(ERROR) << "Could not create ssl context.";
|
2311
2442
|
result = TSI_OUT_OF_RESOURCES;
|
2312
2443
|
break;
|
2313
2444
|
}
|
@@ -2329,7 +2460,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2329
2460
|
impl->ssl_contexts[i], kSslSessionIdContext,
|
2330
2461
|
GPR_ARRAY_SIZE(kSslSessionIdContext));
|
2331
2462
|
if (set_sid_ctx_result == 0) {
|
2332
|
-
|
2463
|
+
LOG(ERROR) << "Failed to set session id context.";
|
2333
2464
|
result = TSI_INTERNAL_ERROR;
|
2334
2465
|
break;
|
2335
2466
|
}
|
@@ -2339,7 +2470,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2339
2470
|
impl->ssl_contexts[i],
|
2340
2471
|
const_cast<char*>(options->session_ticket_key),
|
2341
2472
|
options->session_ticket_key_size) == 0) {
|
2342
|
-
|
2473
|
+
LOG(ERROR) << "Invalid STEK size.";
|
2343
2474
|
result = TSI_INVALID_ARGUMENT;
|
2344
2475
|
break;
|
2345
2476
|
}
|
@@ -2352,7 +2483,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2352
2483
|
strlen(options->pem_client_root_certs),
|
2353
2484
|
options->send_client_ca_list ? &root_names : nullptr);
|
2354
2485
|
if (result != TSI_OK) {
|
2355
|
-
|
2486
|
+
LOG(ERROR) << "Invalid verification certs.";
|
2356
2487
|
break;
|
2357
2488
|
}
|
2358
2489
|
if (options->send_client_ca_list) {
|
@@ -2371,7 +2502,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2371
2502
|
case TSI_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY:
|
2372
2503
|
SSL_CTX_set_verify(impl->ssl_contexts[i], SSL_VERIFY_PEER, nullptr);
|
2373
2504
|
SSL_CTX_set_cert_verify_callback(impl->ssl_contexts[i],
|
2374
|
-
|
2505
|
+
CustomVerificationFunction, nullptr);
|
2375
2506
|
break;
|
2376
2507
|
case TSI_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY:
|
2377
2508
|
SSL_CTX_set_verify(impl->ssl_contexts[i],
|
@@ -2385,29 +2516,22 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
2385
2516
|
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
|
2386
2517
|
nullptr);
|
2387
2518
|
SSL_CTX_set_cert_verify_callback(impl->ssl_contexts[i],
|
2388
|
-
|
2519
|
+
CustomVerificationFunction, nullptr);
|
2389
2520
|
break;
|
2390
2521
|
}
|
2391
2522
|
|
2392
|
-
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
2523
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
|
2393
2524
|
if (options->crl_provider != nullptr) {
|
2394
2525
|
SSL_CTX_set_ex_data(impl->ssl_contexts[i],
|
2395
2526
|
g_ssl_ctx_ex_crl_provider_index,
|
2396
2527
|
options->crl_provider.get());
|
2397
|
-
X509_STORE* cert_store = SSL_CTX_get_cert_store(impl->ssl_contexts[i]);
|
2398
|
-
X509_STORE_set_get_crl(cert_store, GetCrlFromProvider);
|
2399
|
-
X509_STORE_set_check_crl(cert_store, CheckCrlPassthrough);
|
2400
|
-
X509_STORE_set_verify_cb(cert_store, verify_cb);
|
2401
|
-
X509_VERIFY_PARAM* param = X509_STORE_get0_param(cert_store);
|
2402
|
-
X509_VERIFY_PARAM_set_flags(
|
2403
|
-
param, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
|
2404
2528
|
} else if (options->crl_directory != nullptr &&
|
2405
2529
|
strcmp(options->crl_directory, "") != 0) {
|
2406
2530
|
X509_STORE* cert_store = SSL_CTX_get_cert_store(impl->ssl_contexts[i]);
|
2407
2531
|
X509_STORE_set_verify_cb(cert_store, verify_cb);
|
2408
2532
|
if (!X509_STORE_load_locations(cert_store, nullptr,
|
2409
2533
|
options->crl_directory)) {
|
2410
|
-
|
2534
|
+
LOG(ERROR) << "Failed to load CRL File from directory.";
|
2411
2535
|
} else {
|
2412
2536
|
X509_VERIFY_PARAM* param = X509_STORE_get0_param(cert_store);
|
2413
2537
|
X509_VERIFY_PARAM_set_flags(
|
@@ -2503,8 +2627,8 @@ int tsi_ssl_peer_matches_name(const tsi_peer* peer, absl::string_view name) {
|
|
2503
2627
|
const tsi_ssl_handshaker_factory_vtable* tsi_ssl_handshaker_factory_swap_vtable(
|
2504
2628
|
tsi_ssl_handshaker_factory* factory,
|
2505
2629
|
tsi_ssl_handshaker_factory_vtable* new_vtable) {
|
2506
|
-
|
2507
|
-
|
2630
|
+
CHECK_NE(factory, nullptr);
|
2631
|
+
CHECK_NE(factory->vtable, nullptr);
|
2508
2632
|
|
2509
2633
|
const tsi_ssl_handshaker_factory_vtable* orig_vtable = factory->vtable;
|
2510
2634
|
factory->vtable = new_vtable;
|