grpc 1.63.0 → 1.64.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1055) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +54 -51
  3. data/include/grpc/credentials.h +1222 -0
  4. data/include/grpc/grpc.h +7 -0
  5. data/include/grpc/grpc_crl_provider.h +1 -0
  6. data/include/grpc/grpc_security.h +0 -1171
  7. data/include/grpc/impl/channel_arg_names.h +0 -3
  8. data/include/grpc/module.modulemap +1 -0
  9. data/include/grpc/support/log.h +1 -1
  10. data/src/core/{lib/channel → channelz}/channel_trace.cc +56 -62
  11. data/src/core/{lib/channel → channelz}/channel_trace.h +21 -19
  12. data/src/core/{lib/channel → channelz}/channelz.cc +68 -6
  13. data/src/core/{lib/channel → channelz}/channelz.h +45 -6
  14. data/src/core/{lib/channel → channelz}/channelz_registry.cc +7 -6
  15. data/src/core/{lib/channel → channelz}/channelz_registry.h +6 -6
  16. data/src/core/client_channel/client_channel_filter.cc +58 -62
  17. data/src/core/client_channel/client_channel_filter.h +2 -4
  18. data/src/core/client_channel/client_channel_internal.h +3 -2
  19. data/src/core/client_channel/client_channel_service_config.h +1 -1
  20. data/src/core/client_channel/config_selector.h +4 -3
  21. data/src/core/client_channel/connector.h +1 -1
  22. data/src/core/client_channel/dynamic_filters.cc +3 -2
  23. data/src/core/client_channel/local_subchannel_pool.cc +5 -3
  24. data/src/core/client_channel/retry_filter.cc +1 -1
  25. data/src/core/client_channel/retry_filter.h +3 -2
  26. data/src/core/client_channel/retry_filter_legacy_call_data.cc +5 -4
  27. data/src/core/client_channel/subchannel.cc +13 -12
  28. data/src/core/client_channel/subchannel.h +0 -1
  29. data/src/core/client_channel/subchannel_stream_client.cc +5 -3
  30. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +4 -3
  31. data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +2 -2
  32. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +24 -16
  33. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +10 -11
  34. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -9
  35. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +4 -4
  36. data/src/core/ext/filters/http/client/http_client_filter.cc +5 -4
  37. data/src/core/ext/filters/http/client/http_client_filter.h +5 -5
  38. data/src/core/ext/filters/http/client_authority_filter.cc +4 -3
  39. data/src/core/ext/filters/http/client_authority_filter.h +5 -4
  40. data/src/core/ext/filters/http/message_compress/compression_filter.cc +9 -8
  41. data/src/core/ext/filters/http/message_compress/compression_filter.h +8 -8
  42. data/src/core/ext/filters/http/server/http_server_filter.cc +2 -2
  43. data/src/core/ext/filters/http/server/http_server_filter.h +5 -5
  44. data/src/core/ext/filters/message_size/message_size_filter.cc +10 -19
  45. data/src/core/ext/filters/message_size/message_size_filter.h +8 -6
  46. data/src/core/ext/filters/rbac/rbac_filter.cc +11 -6
  47. data/src/core/ext/filters/rbac/rbac_filter.h +5 -5
  48. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +12 -12
  49. data/src/core/ext/filters/stateful_session/stateful_session_filter.h +3 -2
  50. data/src/core/ext/gcp/metadata_query.cc +4 -3
  51. data/src/core/ext/gcp/metadata_query.h +2 -2
  52. data/src/core/ext/transport/chttp2/alpn/alpn.cc +4 -3
  53. data/src/core/ext/transport/chttp2/alpn/alpn.h +2 -2
  54. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +13 -13
  55. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -3
  56. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +10 -10
  57. data/src/core/ext/transport/chttp2/server/chttp2_server.h +3 -3
  58. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +6 -6
  59. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +1 -2
  60. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -7
  61. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -2
  62. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +53 -52
  63. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +2 -3
  64. data/src/core/ext/transport/chttp2/transport/context_list_entry.h +2 -2
  65. data/src/core/ext/transport/chttp2/transport/decode_huff.cc +2 -2
  66. data/src/core/ext/transport/chttp2/transport/decode_huff.h +2 -2
  67. data/src/core/ext/transport/chttp2/transport/flow_control.cc +4 -4
  68. data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -4
  69. data/src/core/ext/transport/chttp2/transport/frame.cc +4 -4
  70. data/src/core/ext/transport/chttp2/transport/frame.h +2 -2
  71. data/src/core/ext/transport/chttp2/transport/frame_data.cc +3 -3
  72. data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -2
  73. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +5 -5
  74. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -2
  75. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +3 -3
  76. data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -2
  77. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -3
  78. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -2
  79. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +1 -2
  80. data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -2
  81. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -4
  82. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -2
  83. data/src/core/ext/transport/chttp2/transport/hpack_constants.h +2 -2
  84. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +4 -3
  85. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +1 -2
  86. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +10 -9
  87. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +2 -2
  88. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +4 -3
  89. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +3 -3
  90. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +24 -24
  91. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -2
  92. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +5 -5
  93. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +2 -2
  94. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
  95. data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -2
  96. data/src/core/ext/transport/chttp2/transport/http_trace.cc +2 -2
  97. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -2
  98. data/src/core/ext/transport/chttp2/transport/internal.h +3 -5
  99. data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +4 -3
  100. data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +2 -2
  101. data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -14
  102. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -2
  103. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +2 -2
  104. data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +3 -3
  105. data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +1 -2
  106. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +1 -2
  107. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +2 -2
  108. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +7 -6
  109. data/src/core/ext/transport/chttp2/transport/varint.cc +2 -2
  110. data/src/core/ext/transport/chttp2/transport/varint.h +4 -3
  111. data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +4 -3
  112. data/src/core/ext/transport/chttp2/transport/write_size_policy.h +2 -2
  113. data/src/core/ext/transport/chttp2/transport/writing.cc +35 -22
  114. data/src/core/ext/transport/inproc/inproc_transport.cc +12 -12
  115. data/src/core/ext/transport/inproc/inproc_transport.h +1 -2
  116. data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +7 -8
  117. data/src/core/ext/transport/inproc/legacy_inproc_transport.h +1 -2
  118. data/src/core/{lib/transport → handshaker/endpoint_info}/endpoint_info_handshaker.cc +6 -6
  119. data/src/core/{lib/transport → handshaker/endpoint_info}/endpoint_info_handshaker.h +3 -3
  120. data/src/core/{lib/transport → handshaker}/handshaker.cc +8 -6
  121. data/src/core/{lib/transport → handshaker}/handshaker.h +4 -5
  122. data/src/core/{lib/transport → handshaker}/handshaker_factory.h +19 -3
  123. data/src/core/{lib/transport → handshaker}/handshaker_registry.cc +3 -3
  124. data/src/core/{lib/transport → handshaker}/handshaker_registry.h +6 -6
  125. data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.cc +5 -6
  126. data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.h +3 -3
  127. data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.cc +6 -6
  128. data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.h +6 -6
  129. data/src/core/{lib/handshaker → handshaker}/proxy_mapper.h +5 -5
  130. data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.cc +3 -3
  131. data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.h +6 -6
  132. data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.cc +5 -5
  133. data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.h +4 -5
  134. data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.cc +11 -11
  135. data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.h +5 -6
  136. data/src/core/{lib/security/transport → handshaker/security}/tsi_error.cc +2 -2
  137. data/src/core/{lib/security/transport → handshaker/security}/tsi_error.h +3 -3
  138. data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.cc +8 -8
  139. data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.h +3 -3
  140. data/src/core/lib/address_utils/parse_address.cc +5 -3
  141. data/src/core/lib/address_utils/parse_address.h +2 -2
  142. data/src/core/lib/address_utils/sockaddr_utils.cc +15 -9
  143. data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
  144. data/src/core/lib/avl/avl.h +2 -2
  145. data/src/core/lib/backoff/backoff.cc +2 -2
  146. data/src/core/lib/backoff/backoff.h +2 -2
  147. data/src/core/lib/backoff/random_early_detection.cc +2 -2
  148. data/src/core/lib/backoff/random_early_detection.h +2 -2
  149. data/src/core/lib/channel/call_finalization.h +2 -2
  150. data/src/core/lib/channel/call_tracer.cc +7 -7
  151. data/src/core/lib/channel/call_tracer.h +1 -2
  152. data/src/core/lib/channel/channel_args.cc +4 -4
  153. data/src/core/lib/channel/channel_args.h +1 -2
  154. data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
  155. data/src/core/lib/channel/channel_args_preconditioning.h +1 -2
  156. data/src/core/lib/channel/channel_stack.cc +8 -7
  157. data/src/core/lib/channel/channel_stack.h +1 -2
  158. data/src/core/lib/channel/channel_stack_builder.cc +2 -2
  159. data/src/core/lib/channel/channel_stack_builder.h +2 -2
  160. data/src/core/lib/channel/channel_stack_builder_impl.cc +6 -13
  161. data/src/core/lib/channel/channel_stack_builder_impl.h +2 -2
  162. data/src/core/lib/channel/channel_stack_trace.cc +2 -2
  163. data/src/core/lib/channel/connected_channel.cc +25 -40
  164. data/src/core/lib/channel/context.h +29 -1
  165. data/src/core/lib/channel/metrics.cc +10 -72
  166. data/src/core/lib/channel/metrics.h +1 -42
  167. data/src/core/lib/channel/promise_based_filter.cc +70 -75
  168. data/src/core/lib/channel/promise_based_filter.h +189 -148
  169. data/src/core/lib/channel/status_util.cc +2 -2
  170. data/src/core/lib/channel/status_util.h +1 -2
  171. data/src/core/lib/channel/tcp_tracer.h +2 -2
  172. data/src/core/lib/compression/compression.cc +1 -2
  173. data/src/core/lib/compression/compression_internal.cc +3 -3
  174. data/src/core/lib/compression/compression_internal.h +1 -2
  175. data/src/core/lib/compression/message_compress.cc +9 -8
  176. data/src/core/lib/compression/message_compress.h +1 -2
  177. data/src/core/lib/config/config_vars.cc +2 -2
  178. data/src/core/lib/config/config_vars.h +2 -2
  179. data/src/core/lib/config/config_vars_non_generated.cc +2 -2
  180. data/src/core/lib/config/core_configuration.cc +9 -8
  181. data/src/core/lib/config/core_configuration.h +8 -8
  182. data/src/core/lib/config/load_config.cc +4 -4
  183. data/src/core/lib/config/load_config.h +2 -2
  184. data/src/core/lib/debug/event_log.cc +3 -3
  185. data/src/core/lib/debug/event_log.h +2 -2
  186. data/src/core/lib/debug/histogram_view.cc +2 -2
  187. data/src/core/lib/debug/histogram_view.h +2 -2
  188. data/src/core/lib/debug/stats.cc +2 -2
  189. data/src/core/lib/debug/stats.h +2 -2
  190. data/src/core/lib/debug/stats_data.cc +2 -2
  191. data/src/core/lib/debug/stats_data.h +2 -2
  192. data/src/core/lib/debug/trace.cc +1 -2
  193. data/src/core/lib/debug/trace.h +2 -2
  194. data/src/core/lib/event_engine/ares_resolver.cc +18 -19
  195. data/src/core/lib/event_engine/ares_resolver.h +2 -2
  196. data/src/core/lib/event_engine/cf_engine/cf_engine.cc +3 -1
  197. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +3 -3
  198. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +2 -1
  199. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -1
  200. data/src/core/lib/event_engine/channel_args_endpoint_config.cc +1 -2
  201. data/src/core/lib/event_engine/channel_args_endpoint_config.h +1 -2
  202. data/src/core/lib/event_engine/common_closures.h +1 -2
  203. data/src/core/lib/event_engine/default_event_engine.cc +1 -2
  204. data/src/core/lib/event_engine/default_event_engine.h +1 -2
  205. data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -2
  206. data/src/core/lib/event_engine/default_event_engine_factory.h +1 -2
  207. data/src/core/lib/event_engine/event_engine.cc +1 -2
  208. data/src/core/lib/event_engine/event_engine_context.h +1 -2
  209. data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -2
  210. data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -2
  211. data/src/core/lib/event_engine/extensions/supports_fd.h +1 -2
  212. data/src/core/lib/event_engine/forkable.cc +7 -6
  213. data/src/core/lib/event_engine/forkable.h +1 -2
  214. data/src/core/lib/event_engine/grpc_polled_fd.h +1 -2
  215. data/src/core/lib/event_engine/handle_containers.h +1 -2
  216. data/src/core/lib/event_engine/memory_allocator_factory.h +1 -2
  217. data/src/core/lib/event_engine/poller.h +1 -2
  218. data/src/core/lib/event_engine/posix.h +1 -2
  219. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +8 -8
  220. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +1 -2
  221. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +11 -11
  222. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +1 -2
  223. data/src/core/lib/event_engine/posix_engine/event_poller.h +1 -2
  224. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -2
  225. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -2
  226. data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +1 -2
  227. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +1 -2
  228. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -2
  229. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +3 -3
  230. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -2
  231. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -2
  232. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +24 -25
  233. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +11 -11
  234. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +10 -10
  235. data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -2
  236. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +1 -2
  237. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +3 -2
  238. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +1 -2
  239. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +6 -6
  240. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +1 -2
  241. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +3 -3
  242. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +3 -3
  243. data/src/core/lib/event_engine/posix_engine/timer.cc +1 -2
  244. data/src/core/lib/event_engine/posix_engine/timer.h +1 -2
  245. data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -2
  246. data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -2
  247. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +5 -5
  248. data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -2
  249. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +1 -2
  250. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +1 -2
  251. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -2
  252. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -2
  253. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -2
  254. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -2
  255. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -2
  256. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -2
  257. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -2
  258. data/src/core/lib/event_engine/query_extensions.h +3 -2
  259. data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +1 -2
  260. data/src/core/lib/event_engine/resolved_address.cc +5 -4
  261. data/src/core/lib/event_engine/resolved_address_internal.h +1 -2
  262. data/src/core/lib/event_engine/shim.cc +2 -2
  263. data/src/core/lib/event_engine/slice.cc +4 -3
  264. data/src/core/lib/event_engine/slice_buffer.cc +1 -2
  265. data/src/core/lib/event_engine/tcp_socket_utils.cc +12 -8
  266. data/src/core/lib/event_engine/tcp_socket_utils.h +1 -2
  267. data/src/core/lib/event_engine/thread_local.cc +2 -2
  268. data/src/core/lib/event_engine/thread_pool/thread_count.cc +1 -2
  269. data/src/core/lib/event_engine/thread_pool/thread_count.h +1 -2
  270. data/src/core/lib/event_engine/thread_pool/thread_pool.h +1 -2
  271. data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -2
  272. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +8 -8
  273. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +1 -2
  274. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +2 -2
  275. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +1 -2
  276. data/src/core/lib/event_engine/time_util.cc +1 -2
  277. data/src/core/lib/event_engine/time_util.h +1 -2
  278. data/src/core/lib/event_engine/trace.cc +2 -2
  279. data/src/core/lib/event_engine/trace.h +1 -2
  280. data/src/core/lib/event_engine/utils.cc +1 -2
  281. data/src/core/lib/event_engine/utils.h +1 -2
  282. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +31 -30
  283. data/src/core/lib/event_engine/windows/iocp.cc +10 -8
  284. data/src/core/lib/event_engine/windows/win_socket.cc +7 -5
  285. data/src/core/lib/event_engine/windows/windows_endpoint.cc +13 -12
  286. data/src/core/lib/event_engine/windows/windows_engine.cc +7 -6
  287. data/src/core/lib/event_engine/windows/windows_listener.cc +7 -6
  288. data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -2
  289. data/src/core/lib/event_engine/work_queue/basic_work_queue.h +1 -2
  290. data/src/core/lib/event_engine/work_queue/work_queue.h +1 -2
  291. data/src/core/lib/experiments/config.cc +5 -5
  292. data/src/core/lib/experiments/config.h +2 -2
  293. data/src/core/lib/experiments/experiments.cc +23 -8
  294. data/src/core/lib/experiments/experiments.h +23 -6
  295. data/src/core/lib/gpr/alloc.cc +3 -1
  296. data/src/core/lib/gpr/posix/sync.cc +25 -23
  297. data/src/core/lib/gpr/posix/time.cc +9 -6
  298. data/src/core/lib/gpr/posix/tmpfile.cc +3 -1
  299. data/src/core/lib/gpr/sync.cc +5 -3
  300. data/src/core/lib/gpr/time.cc +10 -8
  301. data/src/core/lib/gpr/windows/sync.cc +3 -1
  302. data/src/core/lib/gpr/windows/time.cc +4 -1
  303. data/src/core/lib/gprpp/atomic_utils.h +2 -2
  304. data/src/core/lib/gprpp/bitset.h +2 -2
  305. data/src/core/lib/gprpp/chunked_vector.h +6 -5
  306. data/src/core/lib/gprpp/construct_destruct.h +2 -2
  307. data/src/core/lib/gprpp/crash.cc +1 -2
  308. data/src/core/lib/gprpp/crash.h +2 -2
  309. data/src/core/lib/gprpp/debug_location.h +2 -2
  310. data/src/core/lib/gprpp/directory_reader.h +2 -2
  311. data/src/core/lib/gprpp/down_cast.h +3 -3
  312. data/src/core/lib/gprpp/dual_ref_counted.h +9 -8
  313. data/src/core/lib/gprpp/env.h +2 -2
  314. data/src/core/lib/gprpp/examine_stack.cc +2 -2
  315. data/src/core/lib/gprpp/examine_stack.h +2 -2
  316. data/src/core/lib/gprpp/fork.cc +1 -2
  317. data/src/core/lib/gprpp/fork.h +2 -2
  318. data/src/core/lib/gprpp/host_port.cc +6 -4
  319. data/src/core/lib/gprpp/host_port.h +2 -2
  320. data/src/core/lib/gprpp/linux/env.cc +2 -2
  321. data/src/core/lib/gprpp/load_file.cc +1 -2
  322. data/src/core/lib/gprpp/load_file.h +2 -2
  323. data/src/core/lib/gprpp/manual_constructor.h +2 -2
  324. data/src/core/lib/gprpp/match.h +2 -2
  325. data/src/core/lib/gprpp/memory.h +1 -2
  326. data/src/core/lib/gprpp/mpscq.cc +2 -2
  327. data/src/core/lib/gprpp/mpscq.h +5 -4
  328. data/src/core/lib/gprpp/no_destruct.h +2 -2
  329. data/src/core/lib/gprpp/notification.h +2 -2
  330. data/src/core/lib/gprpp/orphanable.h +2 -2
  331. data/src/core/lib/gprpp/overload.h +2 -2
  332. data/src/core/lib/gprpp/per_cpu.cc +1 -2
  333. data/src/core/lib/gprpp/per_cpu.h +1 -2
  334. data/src/core/lib/gprpp/posix/directory_reader.cc +2 -2
  335. data/src/core/lib/gprpp/posix/stat.cc +6 -4
  336. data/src/core/lib/gprpp/posix/thd.cc +10 -10
  337. data/src/core/lib/gprpp/ref_counted.h +5 -4
  338. data/src/core/lib/gprpp/ref_counted_ptr.h +2 -2
  339. data/src/core/lib/gprpp/ref_counted_string.cc +1 -2
  340. data/src/core/lib/gprpp/ref_counted_string.h +2 -2
  341. data/src/core/lib/gprpp/single_set_ptr.h +4 -3
  342. data/src/core/lib/gprpp/sorted_pack.h +2 -2
  343. data/src/core/lib/gprpp/stat.h +2 -2
  344. data/src/core/lib/gprpp/status_helper.cc +3 -3
  345. data/src/core/lib/gprpp/status_helper.h +2 -2
  346. data/src/core/lib/gprpp/strerror.cc +2 -2
  347. data/src/core/lib/gprpp/strerror.h +2 -2
  348. data/src/core/lib/gprpp/sync.h +5 -5
  349. data/src/core/lib/gprpp/table.h +2 -2
  350. data/src/core/lib/gprpp/tchar.cc +2 -2
  351. data/src/core/lib/gprpp/thd.h +7 -7
  352. data/src/core/lib/gprpp/time.cc +6 -6
  353. data/src/core/lib/gprpp/time.h +1 -2
  354. data/src/core/lib/gprpp/time_averaged_stats.cc +2 -2
  355. data/src/core/lib/gprpp/time_util.cc +5 -4
  356. data/src/core/lib/gprpp/time_util.h +1 -2
  357. data/src/core/lib/gprpp/unique_type_name.h +2 -2
  358. data/src/core/lib/gprpp/uuid_v4.cc +2 -2
  359. data/src/core/lib/gprpp/uuid_v4.h +2 -2
  360. data/src/core/lib/gprpp/validation_errors.cc +2 -2
  361. data/src/core/lib/gprpp/validation_errors.h +2 -2
  362. data/src/core/lib/gprpp/windows/stat.cc +4 -2
  363. data/src/core/lib/gprpp/windows/thd.cc +4 -2
  364. data/src/core/lib/gprpp/work_serializer.cc +5 -5
  365. data/src/core/lib/gprpp/work_serializer.h +1 -2
  366. data/src/core/lib/http/format_request.cc +1 -2
  367. data/src/core/lib/http/format_request.h +1 -2
  368. data/src/core/lib/http/httpcli.cc +6 -6
  369. data/src/core/lib/http/httpcli.h +2 -3
  370. data/src/core/lib/http/httpcli_security_connector.cc +4 -4
  371. data/src/core/lib/http/httpcli_ssl_credentials.h +1 -2
  372. data/src/core/lib/http/parser.cc +5 -5
  373. data/src/core/lib/http/parser.h +1 -2
  374. data/src/core/lib/iomgr/buffer_list.cc +1 -2
  375. data/src/core/lib/iomgr/buffer_list.h +1 -2
  376. data/src/core/lib/iomgr/call_combiner.cc +5 -4
  377. data/src/core/lib/iomgr/call_combiner.h +1 -2
  378. data/src/core/lib/iomgr/closure.cc +2 -2
  379. data/src/core/lib/iomgr/closure.h +4 -3
  380. data/src/core/lib/iomgr/combiner.cc +7 -6
  381. data/src/core/lib/iomgr/combiner.h +1 -2
  382. data/src/core/lib/iomgr/endpoint.cc +2 -2
  383. data/src/core/lib/iomgr/endpoint.h +1 -2
  384. data/src/core/lib/iomgr/endpoint_cfstream.cc +7 -5
  385. data/src/core/lib/iomgr/endpoint_pair_posix.cc +5 -4
  386. data/src/core/lib/iomgr/endpoint_pair_windows.cc +11 -10
  387. data/src/core/lib/iomgr/error.cc +3 -3
  388. data/src/core/lib/iomgr/error.h +3 -3
  389. data/src/core/lib/iomgr/ev_epoll1_linux.cc +14 -13
  390. data/src/core/lib/iomgr/ev_poll_posix.cc +9 -9
  391. data/src/core/lib/iomgr/ev_posix.cc +1 -2
  392. data/src/core/lib/iomgr/ev_posix.h +2 -2
  393. data/src/core/lib/iomgr/event_engine_shims/closure.cc +1 -2
  394. data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -2
  395. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +3 -3
  396. data/src/core/lib/iomgr/event_engine_shims/endpoint.h +1 -2
  397. data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +1 -2
  398. data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +1 -2
  399. data/src/core/lib/iomgr/exec_ctx.cc +5 -5
  400. data/src/core/lib/iomgr/exec_ctx.h +6 -4
  401. data/src/core/lib/iomgr/executor.cc +7 -8
  402. data/src/core/lib/iomgr/grpc_if_nametoindex.h +2 -2
  403. data/src/core/lib/iomgr/internal_errqueue.cc +1 -2
  404. data/src/core/lib/iomgr/iocp_windows.cc +9 -6
  405. data/src/core/lib/iomgr/iocp_windows.h +0 -1
  406. data/src/core/lib/iomgr/iomgr.cc +1 -2
  407. data/src/core/lib/iomgr/iomgr.h +2 -2
  408. data/src/core/lib/iomgr/iomgr_internal.cc +2 -2
  409. data/src/core/lib/iomgr/iomgr_internal.h +2 -2
  410. data/src/core/lib/iomgr/iomgr_windows.cc +4 -2
  411. data/src/core/lib/iomgr/lockfree_event.cc +4 -3
  412. data/src/core/lib/iomgr/lockfree_event.h +1 -2
  413. data/src/core/lib/iomgr/polling_entity.cc +5 -5
  414. data/src/core/lib/iomgr/pollset.cc +2 -2
  415. data/src/core/lib/iomgr/pollset.h +0 -1
  416. data/src/core/lib/iomgr/pollset_set.cc +2 -2
  417. data/src/core/lib/iomgr/pollset_set_windows.cc +2 -2
  418. data/src/core/lib/iomgr/pollset_windows.h +0 -1
  419. data/src/core/lib/iomgr/python_util.h +1 -2
  420. data/src/core/lib/iomgr/resolve_address.cc +1 -2
  421. data/src/core/lib/iomgr/resolve_address.h +1 -2
  422. data/src/core/lib/iomgr/resolve_address_impl.h +2 -2
  423. data/src/core/lib/iomgr/resolve_address_posix.h +2 -2
  424. data/src/core/lib/iomgr/resolve_address_windows.h +2 -2
  425. data/src/core/lib/iomgr/resolved_address.h +2 -2
  426. data/src/core/lib/iomgr/sockaddr_utils_posix.cc +3 -1
  427. data/src/core/lib/iomgr/socket_factory_posix.h +1 -2
  428. data/src/core/lib/iomgr/socket_mutator.cc +1 -2
  429. data/src/core/lib/iomgr/socket_mutator.h +1 -2
  430. data/src/core/lib/iomgr/socket_utils.h +2 -2
  431. data/src/core/lib/iomgr/socket_utils_common_posix.cc +3 -1
  432. data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
  433. data/src/core/lib/iomgr/socket_utils_posix.h +1 -2
  434. data/src/core/lib/iomgr/socket_windows.cc +4 -3
  435. data/src/core/lib/iomgr/tcp_client.cc +2 -2
  436. data/src/core/lib/iomgr/tcp_client.h +1 -2
  437. data/src/core/lib/iomgr/tcp_client_posix.cc +5 -4
  438. data/src/core/lib/iomgr/tcp_client_windows.cc +7 -5
  439. data/src/core/lib/iomgr/tcp_posix.cc +42 -41
  440. data/src/core/lib/iomgr/tcp_server.cc +2 -2
  441. data/src/core/lib/iomgr/tcp_server.h +1 -2
  442. data/src/core/lib/iomgr/tcp_server_posix.cc +23 -23
  443. data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -2
  444. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +6 -6
  445. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +2 -1
  446. data/src/core/lib/iomgr/tcp_server_windows.cc +15 -14
  447. data/src/core/lib/iomgr/tcp_windows.cc +8 -6
  448. data/src/core/lib/iomgr/timer.cc +2 -2
  449. data/src/core/lib/iomgr/timer.h +1 -2
  450. data/src/core/lib/iomgr/timer_generic.cc +3 -3
  451. data/src/core/lib/iomgr/timer_generic.h +0 -1
  452. data/src/core/lib/iomgr/timer_heap.cc +1 -2
  453. data/src/core/lib/iomgr/timer_manager.cc +4 -3
  454. data/src/core/lib/iomgr/timer_manager.h +2 -2
  455. data/src/core/lib/iomgr/unix_sockets_posix.cc +2 -1
  456. data/src/core/lib/iomgr/unix_sockets_posix.h +1 -2
  457. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +3 -1
  458. data/src/core/lib/iomgr/vsock.cc +2 -2
  459. data/src/core/lib/iomgr/vsock.h +1 -2
  460. data/src/core/lib/json/json.h +1 -2
  461. data/src/core/lib/json/json_args.h +2 -2
  462. data/src/core/lib/json/json_channel_args.h +2 -2
  463. data/src/core/lib/json/json_object_loader.cc +1 -2
  464. data/src/core/lib/json/json_object_loader.h +2 -2
  465. data/src/core/lib/json/json_reader.cc +4 -4
  466. data/src/core/lib/json/json_reader.h +2 -2
  467. data/src/core/lib/json/json_util.cc +2 -2
  468. data/src/core/lib/json/json_util.h +2 -2
  469. data/src/core/lib/json/json_writer.cc +2 -2
  470. data/src/core/lib/json/json_writer.h +2 -2
  471. data/src/core/lib/matchers/matchers.cc +2 -2
  472. data/src/core/lib/matchers/matchers.h +2 -2
  473. data/src/core/lib/promise/activity.cc +4 -3
  474. data/src/core/lib/promise/activity.h +7 -7
  475. data/src/core/lib/promise/all_ok.h +2 -2
  476. data/src/core/lib/promise/arena_promise.h +2 -2
  477. data/src/core/lib/promise/context.h +3 -3
  478. data/src/core/lib/promise/detail/join_state.h +11 -10
  479. data/src/core/lib/promise/detail/promise_factory.h +2 -2
  480. data/src/core/lib/promise/detail/promise_like.h +2 -2
  481. data/src/core/lib/promise/detail/seq_state.h +194 -194
  482. data/src/core/lib/promise/detail/status.h +4 -3
  483. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +2 -2
  484. data/src/core/lib/promise/for_each.h +88 -27
  485. data/src/core/lib/promise/if.h +2 -2
  486. data/src/core/lib/promise/interceptor_list.h +3 -3
  487. data/src/core/lib/promise/latch.h +8 -8
  488. data/src/core/lib/promise/loop.h +2 -2
  489. data/src/core/lib/promise/map.h +2 -2
  490. data/src/core/lib/promise/party.cc +14 -14
  491. data/src/core/lib/promise/party.h +9 -9
  492. data/src/core/lib/promise/pipe.h +15 -15
  493. data/src/core/lib/promise/poll.h +6 -5
  494. data/src/core/lib/promise/prioritized_race.h +2 -2
  495. data/src/core/lib/promise/promise.h +2 -2
  496. data/src/core/lib/promise/race.h +2 -2
  497. data/src/core/lib/promise/seq.h +2 -2
  498. data/src/core/lib/promise/sleep.cc +1 -2
  499. data/src/core/lib/promise/sleep.h +1 -2
  500. data/src/core/lib/promise/status_flag.h +8 -8
  501. data/src/core/lib/promise/trace.cc +2 -2
  502. data/src/core/lib/promise/try_join.h +4 -3
  503. data/src/core/lib/promise/try_seq.h +4 -3
  504. data/src/core/lib/resource_quota/api.cc +1 -2
  505. data/src/core/lib/resource_quota/api.h +1 -2
  506. data/src/core/lib/resource_quota/arena.cc +1 -2
  507. data/src/core/lib/resource_quota/arena.h +1 -2
  508. data/src/core/lib/resource_quota/connection_quota.cc +8 -9
  509. data/src/core/lib/resource_quota/connection_quota.h +2 -2
  510. data/src/core/lib/resource_quota/memory_quota.cc +11 -11
  511. data/src/core/lib/resource_quota/memory_quota.h +4 -4
  512. data/src/core/lib/resource_quota/periodic_update.cc +2 -2
  513. data/src/core/lib/resource_quota/periodic_update.h +2 -2
  514. data/src/core/lib/resource_quota/resource_quota.cc +2 -2
  515. data/src/core/lib/resource_quota/resource_quota.h +1 -2
  516. data/src/core/lib/resource_quota/thread_quota.cc +4 -3
  517. data/src/core/lib/resource_quota/thread_quota.h +2 -2
  518. data/src/core/lib/resource_quota/trace.cc +2 -2
  519. data/src/core/lib/security/authorization/audit_logging.cc +6 -6
  520. data/src/core/lib/security/authorization/audit_logging.h +1 -2
  521. data/src/core/lib/security/authorization/authorization_engine.h +2 -2
  522. data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -2
  523. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -2
  524. data/src/core/lib/security/authorization/evaluate_args.cc +2 -3
  525. data/src/core/lib/security/authorization/evaluate_args.h +1 -2
  526. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +4 -3
  527. data/src/core/lib/security/authorization/grpc_authorization_engine.h +1 -2
  528. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -5
  529. data/src/core/lib/security/authorization/grpc_server_authz_filter.h +7 -8
  530. data/src/core/lib/security/authorization/matchers.cc +1 -2
  531. data/src/core/lib/security/authorization/matchers.h +2 -2
  532. data/src/core/lib/security/authorization/rbac_policy.cc +2 -2
  533. data/src/core/lib/security/authorization/rbac_policy.h +1 -2
  534. data/src/core/lib/security/authorization/stdout_logger.cc +4 -3
  535. data/src/core/lib/security/authorization/stdout_logger.h +1 -2
  536. data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +2 -2
  537. data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +4 -3
  538. data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +2 -2
  539. data/src/core/lib/security/context/security_context.cc +5 -3
  540. data/src/core/lib/security/context/security_context.h +2 -2
  541. data/src/core/lib/security/credentials/alts/alts_credentials.cc +1 -2
  542. data/src/core/lib/security/credentials/alts/alts_credentials.h +2 -2
  543. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -2
  544. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +1 -2
  545. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +1 -2
  546. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +2 -2
  547. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -2
  548. data/src/core/lib/security/credentials/call_creds_util.cc +1 -2
  549. data/src/core/lib/security/credentials/call_creds_util.h +2 -2
  550. data/src/core/lib/security/credentials/channel_creds_registry.h +2 -2
  551. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +2 -2
  552. data/src/core/lib/security/credentials/composite/composite_credentials.cc +9 -8
  553. data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -2
  554. data/src/core/lib/security/credentials/credentials.cc +4 -3
  555. data/src/core/lib/security/credentials/credentials.h +5 -4
  556. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +5 -4
  557. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +2 -2
  558. data/src/core/lib/security/credentials/external/aws_request_signer.cc +2 -2
  559. data/src/core/lib/security/credentials/external/aws_request_signer.h +2 -2
  560. data/src/core/lib/security/credentials/external/external_account_credentials.cc +7 -6
  561. data/src/core/lib/security/credentials/external/external_account_credentials.h +2 -2
  562. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -2
  563. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +2 -2
  564. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +4 -3
  565. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +2 -2
  566. data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -2
  567. data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -2
  568. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
  569. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +8 -7
  570. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +2 -2
  571. data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -5
  572. data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
  573. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
  574. data/src/core/lib/security/credentials/insecure/insecure_credentials.h +2 -2
  575. data/src/core/lib/security/credentials/jwt/json_token.cc +5 -4
  576. data/src/core/lib/security/credentials/jwt/json_token.h +1 -2
  577. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -3
  578. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
  579. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +15 -15
  580. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +1 -2
  581. data/src/core/lib/security/credentials/local/local_credentials.cc +1 -2
  582. data/src/core/lib/security/credentials/local/local_credentials.h +2 -2
  583. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +9 -8
  584. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +2 -2
  585. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +3 -3
  586. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -2
  587. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +13 -13
  588. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +5 -3
  589. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +26 -25
  590. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +2 -2
  591. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +2 -2
  592. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +7 -6
  593. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +3 -3
  594. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +3 -3
  595. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +4 -3
  596. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +19 -18
  597. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +1 -0
  598. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +2 -2
  599. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +1 -2
  600. data/src/core/lib/security/credentials/tls/tls_credentials.cc +1 -2
  601. data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
  602. data/src/core/lib/security/credentials/tls/tls_utils.cc +1 -2
  603. data/src/core/lib/security/credentials/tls/tls_utils.h +1 -2
  604. data/src/core/lib/security/credentials/xds/xds_credentials.cc +7 -7
  605. data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
  606. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +14 -14
  607. data/src/core/lib/security/security_connector/alts/alts_security_connector.h +2 -2
  608. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +5 -5
  609. data/src/core/lib/security/security_connector/fake/fake_security_connector.h +2 -2
  610. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +6 -5
  611. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +3 -3
  612. data/src/core/lib/security/security_connector/load_system_roots.h +1 -2
  613. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +2 -2
  614. data/src/core/lib/security/security_connector/load_system_roots_supported.h +1 -2
  615. data/src/core/lib/security/security_connector/local/local_security_connector.cc +11 -11
  616. data/src/core/lib/security/security_connector/local/local_security_connector.h +2 -2
  617. data/src/core/lib/security/security_connector/security_connector.cc +7 -6
  618. data/src/core/lib/security/security_connector/security_connector.h +3 -3
  619. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +6 -6
  620. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +2 -2
  621. data/src/core/lib/security/security_connector/ssl_utils.cc +10 -9
  622. data/src/core/lib/security/security_connector/ssl_utils.h +1 -2
  623. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +13 -13
  624. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +3 -3
  625. data/src/core/lib/security/transport/auth_filters.h +13 -13
  626. data/src/core/lib/security/transport/client_auth_filter.cc +6 -5
  627. data/src/core/lib/security/transport/server_auth_filter.cc +7 -5
  628. data/src/core/lib/security/util/json_util.cc +1 -2
  629. data/src/core/lib/slice/percent_encoding.cc +4 -3
  630. data/src/core/lib/slice/slice.cc +11 -10
  631. data/src/core/lib/slice/slice.h +4 -4
  632. data/src/core/lib/slice/slice_buffer.cc +15 -14
  633. data/src/core/lib/slice/slice_buffer.h +1 -2
  634. data/src/core/lib/slice/slice_internal.h +3 -3
  635. data/src/core/lib/slice/slice_refcount.cc +2 -2
  636. data/src/core/lib/slice/slice_refcount.h +1 -2
  637. data/src/core/lib/slice/slice_string_helpers.cc +2 -2
  638. data/src/core/lib/slice/slice_string_helpers.h +1 -2
  639. data/src/core/lib/surface/api_trace.cc +2 -2
  640. data/src/core/lib/surface/api_trace.h +1 -2
  641. data/src/core/lib/surface/byte_buffer.cc +1 -2
  642. data/src/core/lib/surface/byte_buffer_reader.cc +4 -3
  643. data/src/core/lib/surface/call.cc +168 -290
  644. data/src/core/lib/surface/call.h +180 -10
  645. data/src/core/lib/surface/call_details.cc +1 -2
  646. data/src/core/lib/surface/call_log_batch.cc +1 -2
  647. data/src/core/lib/surface/call_test_only.h +1 -2
  648. data/src/core/lib/surface/channel.cc +9 -8
  649. data/src/core/lib/surface/channel.h +2 -3
  650. data/src/core/lib/surface/channel_create.cc +4 -3
  651. data/src/core/lib/surface/channel_create.h +2 -2
  652. data/src/core/lib/surface/channel_init.cc +6 -6
  653. data/src/core/lib/surface/channel_init.h +13 -8
  654. data/src/core/lib/surface/channel_stack_type.cc +2 -2
  655. data/src/core/lib/surface/completion_queue.cc +17 -18
  656. data/src/core/lib/surface/completion_queue.h +1 -2
  657. data/src/core/lib/surface/completion_queue_factory.cc +9 -8
  658. data/src/core/lib/surface/completion_queue_factory.h +1 -2
  659. data/src/core/lib/surface/event_string.cc +2 -2
  660. data/src/core/lib/surface/event_string.h +1 -2
  661. data/src/core/lib/surface/init.cc +1 -2
  662. data/src/core/lib/surface/init_internally.cc +2 -2
  663. data/src/core/lib/surface/lame_client.cc +9 -12
  664. data/src/core/lib/surface/lame_client.h +6 -11
  665. data/src/core/lib/surface/legacy_channel.cc +9 -9
  666. data/src/core/lib/surface/legacy_channel.h +2 -3
  667. data/src/core/lib/surface/metadata_array.cc +1 -2
  668. data/src/core/lib/surface/validate_metadata.cc +1 -2
  669. data/src/core/lib/surface/validate_metadata.h +3 -3
  670. data/src/core/lib/surface/version.cc +3 -4
  671. data/src/core/lib/surface/wait_for_cq_end_op.cc +2 -2
  672. data/src/core/lib/transport/batch_builder.cc +7 -5
  673. data/src/core/lib/transport/batch_builder.h +4 -6
  674. data/src/core/lib/transport/bdp_estimator.cc +5 -3
  675. data/src/core/lib/transport/bdp_estimator.h +4 -4
  676. data/src/core/lib/transport/{call_size_estimator.cc → call_arena_allocator.cc} +3 -3
  677. data/src/core/lib/transport/{call_size_estimator.h → call_arena_allocator.h} +26 -5
  678. data/src/core/lib/transport/call_filters.cc +28 -13
  679. data/src/core/lib/transport/call_filters.h +123 -73
  680. data/src/core/lib/transport/call_final_info.cc +2 -2
  681. data/src/core/lib/transport/call_final_info.h +1 -2
  682. data/src/core/lib/transport/call_spine.cc +18 -19
  683. data/src/core/lib/transport/call_spine.h +387 -189
  684. data/src/core/lib/transport/connectivity_state.cc +1 -2
  685. data/src/core/lib/transport/connectivity_state.h +1 -2
  686. data/src/core/lib/transport/error_utils.cc +1 -2
  687. data/src/core/lib/transport/error_utils.h +1 -2
  688. data/src/core/lib/transport/message.cc +1 -2
  689. data/src/core/lib/transport/metadata.cc +2 -2
  690. data/src/core/lib/transport/metadata_batch.cc +2 -2
  691. data/src/core/lib/transport/metadata_batch.h +33 -4
  692. data/src/core/lib/transport/metadata_compression_traits.h +2 -2
  693. data/src/core/lib/transport/metadata_info.cc +2 -2
  694. data/src/core/lib/transport/parsed_metadata.cc +2 -2
  695. data/src/core/lib/transport/parsed_metadata.h +1 -2
  696. data/src/core/lib/transport/simple_slice_based_metadata.h +2 -2
  697. data/src/core/lib/transport/status_conversion.cc +2 -2
  698. data/src/core/lib/transport/status_conversion.h +1 -2
  699. data/src/core/lib/transport/timeout_encoding.cc +5 -5
  700. data/src/core/lib/transport/timeout_encoding.h +2 -2
  701. data/src/core/lib/transport/transport.cc +1 -2
  702. data/src/core/lib/transport/transport.h +41 -38
  703. data/src/core/lib/transport/transport_op_string.cc +1 -2
  704. data/src/core/lib/uri/uri_parser.cc +3 -3
  705. data/src/core/lib/uri/uri_parser.h +2 -2
  706. data/src/core/load_balancing/address_filtering.cc +2 -2
  707. data/src/core/load_balancing/address_filtering.h +2 -2
  708. data/src/core/load_balancing/backend_metric_data.h +2 -2
  709. data/src/core/load_balancing/backend_metric_parser.cc +2 -2
  710. data/src/core/load_balancing/backend_metric_parser.h +2 -2
  711. data/src/core/load_balancing/child_policy_handler.cc +6 -6
  712. data/src/core/load_balancing/child_policy_handler.h +2 -2
  713. data/src/core/load_balancing/delegating_helper.h +2 -3
  714. data/src/core/load_balancing/endpoint_list.cc +6 -8
  715. data/src/core/load_balancing/endpoint_list.h +15 -9
  716. data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +28 -30
  717. data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +19 -8
  718. data/src/core/load_balancing/grpclb/grpclb.cc +26 -26
  719. data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +2 -2
  720. data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.h +1 -2
  721. data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +1 -2
  722. data/src/core/load_balancing/grpclb/grpclb_client_stats.h +1 -2
  723. data/src/core/load_balancing/grpclb/load_balancer_api.cc +1 -2
  724. data/src/core/load_balancing/grpclb/load_balancer_api.h +2 -3
  725. data/src/core/load_balancing/health_check_client.cc +4 -5
  726. data/src/core/load_balancing/health_check_client.h +2 -2
  727. data/src/core/load_balancing/health_check_client_internal.h +1 -2
  728. data/src/core/load_balancing/lb_policy.cc +2 -2
  729. data/src/core/load_balancing/lb_policy.h +1 -2
  730. data/src/core/load_balancing/lb_policy_factory.h +2 -2
  731. data/src/core/load_balancing/lb_policy_registry.cc +3 -3
  732. data/src/core/load_balancing/lb_policy_registry.h +2 -2
  733. data/src/core/load_balancing/oob_backend_metric.cc +4 -5
  734. data/src/core/load_balancing/oob_backend_metric.h +2 -2
  735. data/src/core/load_balancing/oob_backend_metric_internal.h +1 -2
  736. data/src/core/load_balancing/outlier_detection/outlier_detection.cc +3 -3
  737. data/src/core/load_balancing/outlier_detection/outlier_detection.h +2 -2
  738. data/src/core/load_balancing/pick_first/pick_first.cc +1107 -122
  739. data/src/core/load_balancing/priority/priority.cc +15 -10
  740. data/src/core/load_balancing/ring_hash/ring_hash.cc +34 -17
  741. data/src/core/load_balancing/ring_hash/ring_hash.h +2 -2
  742. data/src/core/load_balancing/rls/rls.cc +24 -17
  743. data/src/core/load_balancing/round_robin/round_robin.cc +26 -15
  744. data/src/core/load_balancing/subchannel_interface.h +1 -2
  745. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
  746. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +2 -2
  747. data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +25 -15
  748. data/src/core/load_balancing/weighted_target/weighted_target.cc +8 -8
  749. data/src/core/load_balancing/weighted_target/weighted_target.h +1 -1
  750. data/src/core/load_balancing/xds/cds.cc +11 -12
  751. data/src/core/load_balancing/xds/xds_cluster_impl.cc +12 -10
  752. data/src/core/load_balancing/xds/xds_cluster_manager.cc +2 -3
  753. data/src/core/load_balancing/xds/xds_override_host.cc +6 -6
  754. data/src/core/load_balancing/xds/xds_override_host.h +2 -2
  755. data/src/core/load_balancing/xds/xds_wrr_locality.cc +2 -3
  756. data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -9
  757. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +1 -2
  758. data/src/core/resolver/binder/binder_resolver.cc +4 -4
  759. data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +5 -6
  760. data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +2 -2
  761. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +3 -3
  762. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
  763. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +35 -34
  764. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +13 -13
  765. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -2
  766. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
  767. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
  768. data/src/core/resolver/dns/dns_resolver_plugin.cc +4 -5
  769. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +5 -5
  770. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +3 -3
  771. data/src/core/resolver/dns/event_engine/service_config_helper.cc +2 -2
  772. data/src/core/resolver/dns/event_engine/service_config_helper.h +2 -2
  773. data/src/core/resolver/dns/native/dns_resolver.cc +3 -4
  774. data/src/core/resolver/endpoint_addresses.cc +4 -4
  775. data/src/core/resolver/endpoint_addresses.h +2 -2
  776. data/src/core/resolver/fake/fake_resolver.cc +4 -4
  777. data/src/core/resolver/fake/fake_resolver.h +1 -2
  778. data/src/core/resolver/google_c2p/google_c2p_resolver.cc +9 -9
  779. data/src/core/resolver/polling_resolver.cc +5 -5
  780. data/src/core/resolver/polling_resolver.h +1 -2
  781. data/src/core/resolver/resolver.cc +2 -2
  782. data/src/core/resolver/resolver.h +2 -2
  783. data/src/core/resolver/resolver_factory.h +3 -3
  784. data/src/core/resolver/resolver_registry.cc +5 -5
  785. data/src/core/resolver/resolver_registry.h +3 -3
  786. data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -3
  787. data/src/core/resolver/xds/xds_dependency_manager.cc +5 -4
  788. data/src/core/resolver/xds/xds_dependency_manager.h +7 -7
  789. data/src/core/resolver/xds/xds_resolver.cc +19 -24
  790. data/src/core/resolver/xds/xds_resolver_attributes.h +2 -2
  791. data/src/core/resolver/xds/xds_resolver_trace.cc +2 -2
  792. data/src/core/{lib/surface → server}/server.cc +61 -59
  793. data/src/core/{lib/surface → server}/server.h +7 -8
  794. data/src/core/{lib/channel → server}/server_call_tracer_filter.cc +10 -7
  795. data/src/core/{lib/channel → server}/server_call_tracer_filter.h +3 -3
  796. data/src/core/{ext/filters/server_config_selector → server}/server_config_selector.h +5 -5
  797. data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.cc +36 -37
  798. data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.h +3 -3
  799. data/src/core/{lib/surface → server}/server_interface.h +4 -4
  800. data/src/core/{ext/xds → server}/xds_channel_stack_modifier.cc +3 -3
  801. data/src/core/{ext/xds → server}/xds_channel_stack_modifier.h +4 -5
  802. data/src/core/{ext/xds → server}/xds_server_config_fetcher.cc +23 -22
  803. data/src/core/service_config/service_config.h +1 -2
  804. data/src/core/service_config/service_config_call_data.h +2 -2
  805. data/src/core/service_config/service_config_channel_arg_filter.cc +6 -7
  806. data/src/core/service_config/service_config_impl.cc +2 -2
  807. data/src/core/service_config/service_config_impl.h +3 -3
  808. data/src/core/service_config/service_config_parser.cc +1 -2
  809. data/src/core/service_config/service_config_parser.h +2 -2
  810. data/src/core/tsi/alts/crypt/aes_gcm.cc +1 -2
  811. data/src/core/tsi/alts/crypt/gsec.cc +1 -2
  812. data/src/core/tsi/alts/crypt/gsec.h +1 -2
  813. data/src/core/tsi/alts/frame_protector/alts_counter.cc +1 -2
  814. data/src/core/tsi/alts/frame_protector/alts_counter.h +1 -2
  815. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +1 -2
  816. data/src/core/tsi/alts/frame_protector/alts_crypter.h +1 -2
  817. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -2
  818. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +2 -2
  819. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +1 -2
  820. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +1 -2
  821. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +1 -2
  822. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -2
  823. data/src/core/tsi/alts/frame_protector/frame_handler.cc +1 -2
  824. data/src/core/tsi/alts/frame_protector/frame_handler.h +2 -2
  825. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +38 -37
  826. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +1 -2
  827. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +5 -4
  828. data/src/core/tsi/alts/handshaker/alts_shared_resource.h +1 -2
  829. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +22 -20
  830. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -2
  831. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +5 -4
  832. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -2
  833. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -2
  834. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +1 -2
  835. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +5 -4
  836. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +2 -2
  837. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +1 -2
  838. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +2 -2
  839. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +1 -2
  840. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +9 -5
  841. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +1 -2
  842. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +2 -2
  843. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +5 -4
  844. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +2 -2
  845. data/src/core/tsi/fake_transport_security.cc +6 -4
  846. data/src/core/tsi/local_transport_security.cc +1 -2
  847. data/src/core/tsi/local_transport_security.h +1 -2
  848. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +6 -5
  849. data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +1 -2
  850. data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -2
  851. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +11 -10
  852. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +1 -2
  853. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +3 -4
  854. data/src/core/tsi/ssl_transport_security.cc +20 -19
  855. data/src/core/tsi/ssl_transport_security.h +1 -2
  856. data/src/core/tsi/ssl_transport_security_utils.cc +11 -10
  857. data/src/core/tsi/ssl_transport_security_utils.h +1 -2
  858. data/src/core/tsi/ssl_types.h +2 -2
  859. data/src/core/tsi/transport_security.cc +1 -2
  860. data/src/core/tsi/transport_security.h +2 -2
  861. data/src/core/tsi/transport_security_grpc.cc +2 -2
  862. data/src/core/tsi/transport_security_grpc.h +1 -2
  863. data/src/core/tsi/transport_security_interface.h +2 -2
  864. data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.cc +2 -3
  865. data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.h +4 -5
  866. data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.cc +2 -3
  867. data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.h +4 -5
  868. data/src/core/{ext/xds → xds/grpc}/upb_utils.h +5 -5
  869. data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.cc +4 -4
  870. data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.h +6 -6
  871. data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.cc +2 -3
  872. data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.h +11 -11
  873. data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.cc +5 -5
  874. data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.h +4 -5
  875. data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.cc +25 -12
  876. data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.h +8 -9
  877. data/src/core/{ext/xds → xds/grpc}/xds_cluster.cc +18 -9
  878. data/src/core/{ext/xds → xds/grpc}/xds_cluster.h +11 -12
  879. data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.cc +4 -4
  880. data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.h +6 -6
  881. data/src/core/{ext/xds → xds/grpc}/xds_common_types.cc +5 -6
  882. data/src/core/{ext/xds → xds/grpc}/xds_common_types.h +6 -6
  883. data/src/core/{ext/xds → xds/grpc}/xds_endpoint.cc +7 -7
  884. data/src/core/{ext/xds → xds/grpc}/xds_endpoint.h +9 -9
  885. data/src/core/{ext/xds → xds/grpc}/xds_health_status.cc +3 -3
  886. data/src/core/{ext/xds → xds/grpc}/xds_health_status.h +5 -5
  887. data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.cc +4 -5
  888. data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.h +8 -8
  889. data/src/core/{ext/xds → xds/grpc}/xds_http_filters.cc +8 -9
  890. data/src/core/{ext/xds → xds/grpc}/xds_http_filters.h +7 -7
  891. data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.cc +6 -7
  892. data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.h +8 -8
  893. data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.cc +5 -6
  894. data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.h +8 -8
  895. data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.cc +3 -4
  896. data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.h +6 -6
  897. data/src/core/{ext/xds → xds/grpc}/xds_listener.cc +8 -8
  898. data/src/core/{ext/xds → xds/grpc}/xds_listener.h +12 -12
  899. data/src/core/{ext/xds → xds/grpc}/xds_route_config.cc +16 -16
  900. data/src/core/{ext/xds → xds/grpc}/xds_route_config.h +11 -11
  901. data/src/core/{ext/xds → xds/grpc}/xds_routing.cc +6 -6
  902. data/src/core/{ext/xds → xds/grpc}/xds_routing.h +8 -8
  903. data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.cc +14 -14
  904. data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.h +6 -7
  905. data/src/core/{ext/xds → xds/xds_client}/xds_api.cc +4 -5
  906. data/src/core/{ext/xds → xds/xds_client}/xds_api.h +7 -7
  907. data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.cc +3 -3
  908. data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.h +5 -5
  909. data/src/core/{ext/xds → xds/xds_client}/xds_channel_args.h +3 -3
  910. data/src/core/{ext/xds → xds/xds_client}/xds_client.cc +21 -17
  911. data/src/core/{ext/xds → xds/xds_client}/xds_client.h +10 -11
  912. data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.cc +3 -4
  913. data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.h +6 -6
  914. data/src/core/{ext/xds → xds/xds_client}/xds_metrics.h +7 -5
  915. data/src/core/{ext/xds → xds/xds_client}/xds_resource_type.h +6 -6
  916. data/src/core/{ext/xds → xds/xds_client}/xds_resource_type_impl.h +7 -7
  917. data/src/core/{ext/xds → xds/xds_client}/xds_transport.h +6 -6
  918. data/src/ruby/ext/grpc/rb_call_credentials.c +1 -0
  919. data/src/ruby/ext/grpc/rb_call_credentials.h +1 -0
  920. data/src/ruby/ext/grpc/rb_channel.c +1 -0
  921. data/src/ruby/ext/grpc/rb_channel_credentials.c +1 -0
  922. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +130 -130
  923. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +196 -195
  924. data/src/ruby/ext/grpc/rb_server.c +1 -0
  925. data/src/ruby/ext/grpc/rb_server_credentials.c +1 -0
  926. data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
  927. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +1 -0
  928. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +1 -0
  929. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +1 -0
  930. data/src/ruby/lib/grpc/version.rb +1 -1
  931. data/third_party/abseil-cpp/absl/log/check.h +209 -0
  932. data/third_party/abseil-cpp/absl/log/internal/check_impl.h +150 -0
  933. data/third_party/abseil-cpp/absl/log/internal/check_op.cc +118 -0
  934. data/third_party/abseil-cpp/absl/log/internal/check_op.h +420 -0
  935. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +1 -6
  936. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +25 -10
  937. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -13
  938. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +3 -2
  939. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +1 -1
  940. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +19 -15
  941. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +48 -66
  942. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +7 -3
  943. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +20 -28
  944. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +9 -4
  945. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +2 -2
  946. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +7 -7
  947. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +1 -0
  948. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +26 -17
  949. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +3 -2
  950. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +81 -60
  951. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +41 -120
  952. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +13 -13
  953. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +7 -0
  954. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.c +137 -0
  955. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.c +120 -0
  956. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +30 -0
  957. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +3 -4
  958. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +30 -0
  959. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +1 -4
  960. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +30 -0
  961. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +1 -4
  962. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +6 -7
  963. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +1 -1
  964. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +3 -3
  965. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
  966. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +1 -1
  967. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +8 -5
  968. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +1 -1
  969. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +2 -2
  970. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +14 -7
  971. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +2 -1
  972. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +0 -3
  973. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +11 -7
  974. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +5 -1
  975. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +2 -1
  976. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +11 -11
  977. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +22 -8
  978. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +3 -6
  979. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +73 -29
  980. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +4 -4
  981. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +3 -3
  982. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +4 -4
  983. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +7 -0
  984. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +2 -0
  985. data/third_party/boringssl-with-bazel/src/crypto/internal.h +33 -17
  986. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
  987. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +1 -1
  988. data/third_party/boringssl-with-bazel/src/crypto/mem.c +18 -9
  989. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -17
  990. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +44 -41
  991. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +13 -12
  992. data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +7 -6
  993. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +26 -33
  994. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +1 -1
  995. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +4 -1
  996. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
  997. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +9 -4
  998. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +2 -2
  999. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +1 -1
  1000. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +2 -0
  1001. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +21 -25
  1002. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1 -8
  1003. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +2 -2
  1004. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -6
  1005. data/third_party/boringssl-with-bazel/{err_data.c → src/gen/crypto/err_data.c} +487 -485
  1006. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +9 -1
  1007. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +77 -36
  1008. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +12 -4
  1009. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -0
  1010. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -1
  1011. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +10 -3
  1012. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -0
  1013. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +25 -14
  1014. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +1 -0
  1015. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +15 -3
  1016. data/third_party/boringssl-with-bazel/src/{crypto/spx/internal.h → include/openssl/experimental/spx.h} +24 -13
  1017. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +2 -2
  1018. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +63 -53
  1019. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +19 -10
  1020. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +275 -69
  1021. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +10 -3
  1022. data/third_party/boringssl-with-bazel/src/include/openssl/target.h +13 -10
  1023. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +2 -2
  1024. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2957 -2456
  1025. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +5 -5
  1026. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +3 -9
  1027. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +43 -43
  1028. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +1 -1
  1029. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +17 -7
  1030. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +67 -15
  1031. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +143 -113
  1032. data/third_party/boringssl-with-bazel/src/ssl/internal.h +227 -167
  1033. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +1 -1
  1034. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
  1035. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +59 -385
  1036. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +21 -19
  1037. data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +423 -0
  1038. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +2 -2
  1039. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
  1040. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +70 -54
  1041. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +59 -75
  1042. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +6 -14
  1043. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +48 -116
  1044. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +19 -26
  1045. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +36 -3
  1046. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +53 -18
  1047. metadata +109 -108
  1048. data/src/core/client_channel/client_channel_channelz.cc +0 -93
  1049. data/src/core/client_channel/client_channel_channelz.h +0 -85
  1050. data/src/core/ext/filters/deadline/deadline_filter.cc +0 -407
  1051. data/src/core/ext/filters/deadline/deadline_filter.h +0 -85
  1052. data/src/core/lib/gpr/log_internal.h +0 -55
  1053. data/third_party/boringssl-with-bazel/src/include/openssl/pki/certificate.h +0 -83
  1054. data/third_party/boringssl-with-bazel/src/include/openssl/pki/signature_verify_cache.h +0 -41
  1055. /data/third_party/boringssl-with-bazel/src/include/openssl/{kyber.h → experimental/kyber.h} +0 -0
@@ -101,1157 +101,6 @@ GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx,
101
101
  GRPCAPI int grpc_auth_context_set_peer_identity_property_name(
102
102
  grpc_auth_context* ctx, const char* name);
103
103
 
104
- /** --- SSL Session Cache. ---
105
-
106
- A SSL session cache object represents a way to cache client sessions
107
- between connections. Only ticket-based resumption is supported. */
108
-
109
- typedef struct grpc_ssl_session_cache grpc_ssl_session_cache;
110
-
111
- /** Create LRU cache for client-side SSL sessions with the given capacity.
112
- If capacity is < 1, a default capacity is used instead. */
113
- GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru(
114
- size_t capacity);
115
-
116
- /** Destroy SSL session cache. */
117
- GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache);
118
-
119
- /** Create a channel arg with the given cache object. */
120
- GRPCAPI grpc_arg
121
- grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache);
122
-
123
- /** --- grpc_call_credentials object.
124
-
125
- A call credentials object represents a way to authenticate on a particular
126
- call. These credentials can be composed with a channel credentials object
127
- so that they are sent with every call on this channel. */
128
-
129
- typedef struct grpc_call_credentials grpc_call_credentials;
130
-
131
- /** Releases a call credentials object.
132
- The creator of the credentials object is responsible for its release. */
133
- GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds);
134
-
135
- /** Creates default credentials to connect to a google gRPC service.
136
- WARNING: Do NOT use this credentials to connect to a non-google service as
137
- this could result in an oauth2 token leak. The security level of the
138
- resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
139
-
140
- If specified, the supplied call credentials object will be attached to the
141
- returned channel credentials object. The call_credentials object must remain
142
- valid throughout the lifetime of the returned grpc_channel_credentials
143
- object. It is expected that the call credentials object was generated
144
- according to the Application Default Credentials mechanism and asserts the
145
- identity of the default service account of the machine. Supplying any other
146
- sort of call credential will result in undefined behavior, up to and
147
- including the sudden and unexpected failure of RPCs.
148
-
149
- If nullptr is supplied, the returned channel credentials object will use a
150
- call credentials object based on the Application Default Credentials
151
- mechanism.
152
- */
153
- GRPCAPI grpc_channel_credentials* grpc_google_default_credentials_create(
154
- grpc_call_credentials* call_credentials);
155
-
156
- /** Callback for getting the SSL roots override from the application.
157
- In case of success, *pem_roots_certs must be set to a NULL terminated string
158
- containing the list of PEM encoded root certificates. The ownership is passed
159
- to the core and freed (laster by the core) with gpr_free.
160
- If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is
161
- set to a valid path, it will override the roots specified this func */
162
- typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)(
163
- char** pem_root_certs);
164
-
165
- /** Setup a callback to override the default TLS/SSL roots.
166
- This function is not thread-safe and must be called at initialization time
167
- before any ssl credentials are created to have the desired side effect.
168
- If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the
169
- callback will not be called. */
170
- GRPCAPI void grpc_set_ssl_roots_override_callback(
171
- grpc_ssl_roots_override_callback cb);
172
-
173
- /** Object that holds a private key / certificate chain pair in PEM format. */
174
- typedef struct {
175
- /** private_key is the NULL-terminated string containing the PEM encoding of
176
- the client's private key. */
177
- const char* private_key;
178
-
179
- /** cert_chain is the NULL-terminated string containing the PEM encoding of
180
- the client's certificate chain. */
181
- const char* cert_chain;
182
- } grpc_ssl_pem_key_cert_pair;
183
-
184
- /** Deprecated in favor of grpc_ssl_verify_peer_options. It will be removed
185
- after all of its call sites are migrated to grpc_ssl_verify_peer_options.
186
- Object that holds additional peer-verification options on a secure
187
- channel. */
188
- typedef struct {
189
- /** If non-NULL this callback will be invoked with the expected
190
- target_name, the peer's certificate (in PEM format), and whatever
191
- userdata pointer is set below. If a non-zero value is returned by this
192
- callback then it is treated as a verification failure. Invocation of
193
- the callback is blocking, so any implementation should be light-weight.
194
- */
195
- int (*verify_peer_callback)(const char* target_name, const char* peer_pem,
196
- void* userdata);
197
- /** Arbitrary userdata that will be passed as the last argument to
198
- verify_peer_callback. */
199
- void* verify_peer_callback_userdata;
200
- /** A destruct callback that will be invoked when the channel is being
201
- cleaned up. The userdata argument will be passed to it. The intent is
202
- to perform any cleanup associated with that userdata. */
203
- void (*verify_peer_destruct)(void* userdata);
204
- } verify_peer_options;
205
-
206
- /** Object that holds additional peer-verification options on a secure
207
- channel. */
208
- typedef struct {
209
- /** If non-NULL this callback will be invoked with the expected
210
- target_name, the peer's certificate (in PEM format), and whatever
211
- userdata pointer is set below. If a non-zero value is returned by this
212
- callback then it is treated as a verification failure. Invocation of
213
- the callback is blocking, so any implementation should be light-weight.
214
- */
215
- int (*verify_peer_callback)(const char* target_name, const char* peer_pem,
216
- void* userdata);
217
- /** Arbitrary userdata that will be passed as the last argument to
218
- verify_peer_callback. */
219
- void* verify_peer_callback_userdata;
220
- /** A destruct callback that will be invoked when the channel is being
221
- cleaned up. The userdata argument will be passed to it. The intent is
222
- to perform any cleanup associated with that userdata. */
223
- void (*verify_peer_destruct)(void* userdata);
224
- } grpc_ssl_verify_peer_options;
225
-
226
- /** Deprecated in favor of grpc_ssl_server_credentials_create_ex. It will be
227
- removed after all of its call sites are migrated to
228
- grpc_ssl_server_credentials_create_ex. Creates an SSL credentials object.
229
- The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
230
- - pem_root_certs is the NULL-terminated string containing the PEM encoding
231
- of the server root certificates. If this parameter is NULL, the
232
- implementation will first try to dereference the file pointed by the
233
- GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails,
234
- try to get the roots set by grpc_override_ssl_default_roots. Eventually,
235
- if all these fail, it will try to get the roots from a well-known place on
236
- disk (in the grpc install directory).
237
-
238
- gRPC has implemented root cache if the underlying OpenSSL library supports
239
- it. The gRPC root certificates cache is only applicable on the default
240
- root certificates, which is used when this parameter is nullptr. If user
241
- provides their own pem_root_certs, when creating an SSL credential object,
242
- gRPC would not be able to cache it, and each subchannel will generate a
243
- copy of the root store. So it is recommended to avoid providing large room
244
- pem with pem_root_certs parameter to avoid excessive memory consumption,
245
- particularly on mobile platforms such as iOS.
246
- - pem_key_cert_pair is a pointer on the object containing client's private
247
- key and certificate chain. This parameter can be NULL if the client does
248
- not have such a key/cert pair.
249
- - verify_options is an optional verify_peer_options object which holds
250
- additional options controlling how peer certificates are verified. For
251
- example, you can supply a callback which receives the peer's certificate
252
- with which you can do additional verification. Can be NULL, in which
253
- case verification will retain default behavior. Any settings in
254
- verify_options are copied during this call, so the verify_options
255
- object can be released afterwards. */
256
- GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create(
257
- const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
258
- const verify_peer_options* verify_options, void* reserved);
259
-
260
- /* Creates an SSL credentials object.
261
- The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
262
- - pem_root_certs is the NULL-terminated string containing the PEM encoding
263
- of the server root certificates. If this parameter is NULL, the
264
- implementation will first try to dereference the file pointed by the
265
- GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails,
266
- try to get the roots set by grpc_override_ssl_default_roots. Eventually,
267
- if all these fail, it will try to get the roots from a well-known place on
268
- disk (in the grpc install directory).
269
-
270
- gRPC has implemented root cache if the underlying OpenSSL library supports
271
- it. The gRPC root certificates cache is only applicable on the default
272
- root certificates, which is used when this parameter is nullptr. If user
273
- provides their own pem_root_certs, when creating an SSL credential object,
274
- gRPC would not be able to cache it, and each subchannel will generate a
275
- copy of the root store. So it is recommended to avoid providing large room
276
- pem with pem_root_certs parameter to avoid excessive memory consumption,
277
- particularly on mobile platforms such as iOS.
278
- - pem_key_cert_pair is a pointer on the object containing client's private
279
- key and certificate chain. This parameter can be NULL if the client does
280
- not have such a key/cert pair.
281
- - verify_options is an optional verify_peer_options object which holds
282
- additional options controlling how peer certificates are verified. For
283
- example, you can supply a callback which receives the peer's certificate
284
- with which you can do additional verification. Can be NULL, in which
285
- case verification will retain default behavior. Any settings in
286
- verify_options are copied during this call, so the verify_options
287
- object can be released afterwards. */
288
- GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create_ex(
289
- const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair,
290
- const grpc_ssl_verify_peer_options* verify_options, void* reserved);
291
-
292
- /** Creates a composite channel credentials object. The security level of
293
- * resulting connection is determined by channel_creds. */
294
- GRPCAPI grpc_channel_credentials* grpc_composite_channel_credentials_create(
295
- grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds,
296
- void* reserved);
297
-
298
- /** --- composite credentials. */
299
-
300
- /** Creates a composite call credentials object. */
301
- GRPCAPI grpc_call_credentials* grpc_composite_call_credentials_create(
302
- grpc_call_credentials* creds1, grpc_call_credentials* creds2,
303
- void* reserved);
304
-
305
- /** Creates a compute engine credentials object for connecting to Google.
306
- WARNING: Do NOT use this credentials to connect to a non-google service as
307
- this could result in an oauth2 token leak. */
308
- GRPCAPI grpc_call_credentials* grpc_google_compute_engine_credentials_create(
309
- void* reserved);
310
-
311
- GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void);
312
-
313
- /** Creates a JWT credentials object. May return NULL if the input is invalid.
314
- - json_key is the JSON key string containing the client's private key.
315
- - token_lifetime is the lifetime of each Json Web Token (JWT) created with
316
- this credentials. It should not exceed grpc_max_auth_token_lifetime or
317
- will be cropped to this value. */
318
- GRPCAPI grpc_call_credentials*
319
- grpc_service_account_jwt_access_credentials_create(const char* json_key,
320
- gpr_timespec token_lifetime,
321
- void* reserved);
322
-
323
- /** Builds External Account credentials.
324
- - json_string is the JSON string containing the credentials options.
325
- - scopes_string contains the scopes to be binded with the credentials.
326
- This API is used for experimental purposes for now and may change in the
327
- future. */
328
- GRPCAPI grpc_call_credentials* grpc_external_account_credentials_create(
329
- const char* json_string, const char* scopes_string);
330
-
331
- /** Creates an Oauth2 Refresh Token credentials object for connecting to Google.
332
- May return NULL if the input is invalid.
333
- WARNING: Do NOT use this credentials to connect to a non-google service as
334
- this could result in an oauth2 token leak.
335
- - json_refresh_token is the JSON string containing the refresh token itself
336
- along with a client_id and client_secret. */
337
- GRPCAPI grpc_call_credentials* grpc_google_refresh_token_credentials_create(
338
- const char* json_refresh_token, void* reserved);
339
-
340
- /** Creates an Oauth2 Access Token credentials with an access token that was
341
- acquired by an out of band mechanism. */
342
- GRPCAPI grpc_call_credentials* grpc_access_token_credentials_create(
343
- const char* access_token, void* reserved);
344
-
345
- /** Creates an IAM credentials object for connecting to Google. */
346
- GRPCAPI grpc_call_credentials* grpc_google_iam_credentials_create(
347
- const char* authorization_token, const char* authority_selector,
348
- void* reserved);
349
-
350
- /** Options for creating STS Oauth Token Exchange credentials following the IETF
351
- draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16.
352
- Optional fields may be set to NULL or empty string. It is the responsibility
353
- of the caller to ensure that the subject and actor tokens are refreshed on
354
- disk at the specified paths. This API is used for experimental purposes for
355
- now and may change in the future. */
356
- typedef struct {
357
- const char* token_exchange_service_uri; /* Required. */
358
- const char* resource; /* Optional. */
359
- const char* audience; /* Optional. */
360
- const char* scope; /* Optional. */
361
- const char* requested_token_type; /* Optional. */
362
- const char* subject_token_path; /* Required. */
363
- const char* subject_token_type; /* Required. */
364
- const char* actor_token_path; /* Optional. */
365
- const char* actor_token_type; /* Optional. */
366
- } grpc_sts_credentials_options;
367
-
368
- /** Creates an STS credentials following the STS Token Exchanged specifed in the
369
- IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16.
370
- This API is used for experimental purposes for now and may change in the
371
- future. */
372
- GRPCAPI grpc_call_credentials* grpc_sts_credentials_create(
373
- const grpc_sts_credentials_options* options, void* reserved);
374
-
375
- /** Callback function to be called by the metadata credentials plugin
376
- implementation when the metadata is ready.
377
- - user_data is the opaque pointer that was passed in the get_metadata method
378
- of the grpc_metadata_credentials_plugin (see below).
379
- - creds_md is an array of credentials metadata produced by the plugin. It
380
- may be set to NULL in case of an error.
381
- - num_creds_md is the number of items in the creds_md array.
382
- - status must be GRPC_STATUS_OK in case of success or another specific error
383
- code otherwise.
384
- - error_details contains details about the error if any. In case of success
385
- it should be NULL and will be otherwise ignored. */
386
- typedef void (*grpc_credentials_plugin_metadata_cb)(
387
- void* user_data, const grpc_metadata* creds_md, size_t num_creds_md,
388
- grpc_status_code status, const char* error_details);
389
-
390
- /** Context that can be used by metadata credentials plugin in order to create
391
- auth related metadata. */
392
- typedef struct {
393
- /** The fully qualifed service url. */
394
- const char* service_url;
395
-
396
- /** The method name of the RPC being called (not fully qualified).
397
- The fully qualified method name can be built from the service_url:
398
- full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */
399
- const char* method_name;
400
-
401
- /** The auth_context of the channel which gives the server's identity. */
402
- const grpc_auth_context* channel_auth_context;
403
-
404
- /** Reserved for future use. */
405
- void* reserved;
406
- } grpc_auth_metadata_context;
407
-
408
- /** Performs a deep copy from \a from to \a to. **/
409
- GRPCAPI void grpc_auth_metadata_context_copy(grpc_auth_metadata_context* from,
410
- grpc_auth_metadata_context* to);
411
-
412
- /** Releases internal resources held by \a context. **/
413
- GRPCAPI void grpc_auth_metadata_context_reset(
414
- grpc_auth_metadata_context* context);
415
-
416
- /** Maximum number of metadata entries returnable by a credentials plugin via
417
- a synchronous return. */
418
- #define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4
419
-
420
- /** grpc_metadata_credentials plugin is an API user provided structure used to
421
- create grpc_credentials objects that can be set on a channel (composed) or
422
- a call. See grpc_credentials_metadata_create_from_plugin below.
423
- The grpc client stack will call the get_metadata method of the plugin for
424
- every call in scope for the credentials created from it. */
425
- typedef struct {
426
- /** The implementation of this method has to be non-blocking, but can
427
- be performed synchronously or asynchronously.
428
-
429
- If processing occurs synchronously, returns non-zero and populates
430
- creds_md, num_creds_md, status, and error_details. In this case,
431
- the caller takes ownership of the entries in creds_md and of
432
- error_details. Note that if the plugin needs to return more than
433
- GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX entries in creds_md, it must
434
- return asynchronously.
435
-
436
- If processing occurs asynchronously, returns zero and invokes \a cb
437
- when processing is completed. \a user_data will be passed as the
438
- first parameter of the callback. NOTE: \a cb MUST be invoked in a
439
- different thread, not from the thread in which \a get_metadata() is
440
- invoked.
441
-
442
- \a context is the information that can be used by the plugin to create
443
- auth metadata. */
444
- int (*get_metadata)(
445
- void* state, grpc_auth_metadata_context context,
446
- grpc_credentials_plugin_metadata_cb cb, void* user_data,
447
- grpc_metadata creds_md[GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX],
448
- size_t* num_creds_md, grpc_status_code* status,
449
- const char** error_details);
450
-
451
- /** Implements debug string of the given plugin. This method returns an
452
- * allocated string that the caller needs to free using gpr_free() */
453
- char* (*debug_string)(void* state);
454
-
455
- /** Destroys the plugin state. */
456
- void (*destroy)(void* state);
457
-
458
- /** State that will be set as the first parameter of the methods above. */
459
- void* state;
460
-
461
- /** Type of credentials that this plugin is implementing. */
462
- const char* type;
463
- } grpc_metadata_credentials_plugin;
464
-
465
- /** Creates a credentials object from a plugin with a specified minimum security
466
- * level. */
467
- GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin(
468
- grpc_metadata_credentials_plugin plugin,
469
- grpc_security_level min_security_level, void* reserved);
470
-
471
- /** Server certificate config object holds the server's public certificates and
472
- associated private keys, as well as any CA certificates needed for client
473
- certificate validation (if applicable). Create using
474
- grpc_ssl_server_certificate_config_create(). */
475
- typedef struct grpc_ssl_server_certificate_config
476
- grpc_ssl_server_certificate_config;
477
-
478
- /** Creates a grpc_ssl_server_certificate_config object.
479
- - pem_roots_cert is the NULL-terminated string containing the PEM encoding of
480
- the client root certificates. This parameter may be NULL if the server does
481
- not want the client to be authenticated with SSL.
482
- - pem_key_cert_pairs is an array private key / certificate chains of the
483
- server. This parameter cannot be NULL.
484
- - num_key_cert_pairs indicates the number of items in the private_key_files
485
- and cert_chain_files parameters. It must be at least 1.
486
- - It is the caller's responsibility to free this object via
487
- grpc_ssl_server_certificate_config_destroy(). */
488
- GRPCAPI grpc_ssl_server_certificate_config*
489
- grpc_ssl_server_certificate_config_create(
490
- const char* pem_root_certs,
491
- const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
492
- size_t num_key_cert_pairs);
493
-
494
- /** Destroys a grpc_ssl_server_certificate_config object. */
495
- GRPCAPI void grpc_ssl_server_certificate_config_destroy(
496
- grpc_ssl_server_certificate_config* config);
497
-
498
- /** Callback to retrieve updated SSL server certificates, private keys, and
499
- trusted CAs (for client authentication).
500
- - user_data parameter, if not NULL, contains opaque data to be used by the
501
- callback.
502
- - Use grpc_ssl_server_certificate_config_create to create the config.
503
- - The caller assumes ownership of the config. */
504
- typedef grpc_ssl_certificate_config_reload_status (
505
- *grpc_ssl_server_certificate_config_callback)(
506
- void* user_data, grpc_ssl_server_certificate_config** config);
507
-
508
- /** Deprecated in favor of grpc_ssl_server_credentials_create_ex.
509
- Creates an SSL server_credentials object.
510
- - pem_roots_cert is the NULL-terminated string containing the PEM encoding of
511
- the client root certificates. This parameter may be NULL if the server does
512
- not want the client to be authenticated with SSL.
513
- - pem_key_cert_pairs is an array private key / certificate chains of the
514
- server. This parameter cannot be NULL.
515
- - num_key_cert_pairs indicates the number of items in the private_key_files
516
- and cert_chain_files parameters. It should be at least 1.
517
- - force_client_auth, if set to non-zero will force the client to authenticate
518
- with an SSL cert. Note that this option is ignored if pem_root_certs is
519
- NULL. */
520
- GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create(
521
- const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
522
- size_t num_key_cert_pairs, int force_client_auth, void* reserved);
523
-
524
- /** Deprecated in favor of grpc_ssl_server_credentials_create_with_options.
525
- Same as grpc_ssl_server_credentials_create method except uses
526
- grpc_ssl_client_certificate_request_type enum to support more ways to
527
- authenticate client certificates.*/
528
- GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_ex(
529
- const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs,
530
- size_t num_key_cert_pairs,
531
- grpc_ssl_client_certificate_request_type client_certificate_request,
532
- void* reserved);
533
-
534
- typedef struct grpc_ssl_server_credentials_options
535
- grpc_ssl_server_credentials_options;
536
-
537
- /** Creates an options object using a certificate config. Use this method when
538
- the certificates and keys of the SSL server will not change during the
539
- server's lifetime.
540
- - Takes ownership of the certificate_config parameter. */
541
- GRPCAPI grpc_ssl_server_credentials_options*
542
- grpc_ssl_server_credentials_create_options_using_config(
543
- grpc_ssl_client_certificate_request_type client_certificate_request,
544
- grpc_ssl_server_certificate_config* certificate_config);
545
-
546
- /** Creates an options object using a certificate config fetcher. Use this
547
- method to reload the certificates and keys of the SSL server without
548
- interrupting the operation of the server. Initial certificate config will be
549
- fetched during server initialization.
550
- - user_data parameter, if not NULL, contains opaque data which will be passed
551
- to the fetcher (see definition of
552
- grpc_ssl_server_certificate_config_callback). */
553
- GRPCAPI grpc_ssl_server_credentials_options*
554
- grpc_ssl_server_credentials_create_options_using_config_fetcher(
555
- grpc_ssl_client_certificate_request_type client_certificate_request,
556
- grpc_ssl_server_certificate_config_callback cb, void* user_data);
557
-
558
- /** Destroys a grpc_ssl_server_credentials_options object. */
559
- GRPCAPI void grpc_ssl_server_credentials_options_destroy(
560
- grpc_ssl_server_credentials_options* options);
561
-
562
- /** Creates an SSL server_credentials object using the provided options struct.
563
- - Takes ownership of the options parameter. */
564
- GRPCAPI grpc_server_credentials*
565
- grpc_ssl_server_credentials_create_with_options(
566
- grpc_ssl_server_credentials_options* options);
567
-
568
- /** --- Call specific credentials. --- */
569
-
570
- /** Sets a credentials to a call. Can only be called on the client side before
571
- grpc_call_start_batch. */
572
- GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call* call,
573
- grpc_call_credentials* creds);
574
-
575
- /** --- Auth Metadata Processing --- */
576
-
577
- /** Callback function that is called when the metadata processing is done.
578
- - Consumed metadata will be removed from the set of metadata available on the
579
- call. consumed_md may be NULL if no metadata has been consumed.
580
- - Response metadata will be set on the response. response_md may be NULL.
581
- - status is GRPC_STATUS_OK for success or a specific status for an error.
582
- Common error status for auth metadata processing is either
583
- GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or
584
- GRPC_STATUS PERMISSION_DENIED in case of an authorization failure.
585
- - error_details gives details about the error. May be NULL. */
586
- typedef void (*grpc_process_auth_metadata_done_cb)(
587
- void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md,
588
- const grpc_metadata* response_md, size_t num_response_md,
589
- grpc_status_code status, const char* error_details);
590
-
591
- /** Pluggable server-side metadata processor object. */
592
- typedef struct {
593
- /** The context object is read/write: it contains the properties of the
594
- channel peer and it is the job of the process function to augment it with
595
- properties derived from the passed-in metadata.
596
- The lifetime of these objects is guaranteed until cb is invoked. */
597
- void (*process)(void* state, grpc_auth_context* context,
598
- const grpc_metadata* md, size_t num_md,
599
- grpc_process_auth_metadata_done_cb cb, void* user_data);
600
- void (*destroy)(void* state);
601
- void* state;
602
- } grpc_auth_metadata_processor;
603
-
604
- GRPCAPI void grpc_server_credentials_set_auth_metadata_processor(
605
- grpc_server_credentials* creds, grpc_auth_metadata_processor processor);
606
-
607
- /** --- ALTS channel/server credentials --- **/
608
-
609
- /**
610
- * Main interface for ALTS credentials options. The options will contain
611
- * information that will be passed from grpc to TSI layer such as RPC protocol
612
- * versions. ALTS client (channel) and server credentials will have their own
613
- * implementation of this interface. The APIs listed in this header are
614
- * thread-compatible. It is used for experimental purpose for now and subject
615
- * to change.
616
- */
617
- typedef struct grpc_alts_credentials_options grpc_alts_credentials_options;
618
-
619
- /**
620
- * This method creates a grpc ALTS credentials client options instance.
621
- * It is used for experimental purpose for now and subject to change.
622
- */
623
- GRPCAPI grpc_alts_credentials_options*
624
- grpc_alts_credentials_client_options_create(void);
625
-
626
- /**
627
- * This method creates a grpc ALTS credentials server options instance.
628
- * It is used for experimental purpose for now and subject to change.
629
- */
630
- GRPCAPI grpc_alts_credentials_options*
631
- grpc_alts_credentials_server_options_create(void);
632
-
633
- /**
634
- * This method adds a target service account to grpc client's ALTS credentials
635
- * options instance. It is used for experimental purpose for now and subject
636
- * to change.
637
- *
638
- * - options: grpc ALTS credentials options instance.
639
- * - service_account: service account of target endpoint.
640
- */
641
- GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account(
642
- grpc_alts_credentials_options* options, const char* service_account);
643
-
644
- /**
645
- * This method destroys a grpc_alts_credentials_options instance by
646
- * de-allocating all of its occupied memory. It is used for experimental purpose
647
- * for now and subject to change.
648
- *
649
- * - options: a grpc_alts_credentials_options instance that needs to be
650
- * destroyed.
651
- */
652
- GRPCAPI void grpc_alts_credentials_options_destroy(
653
- grpc_alts_credentials_options* options);
654
-
655
- /**
656
- * This method creates an ALTS channel credential object. The security
657
- * level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
658
- * It is used for experimental purpose for now and subject to change.
659
- *
660
- * - options: grpc ALTS credentials options instance for client.
661
- *
662
- * It returns the created ALTS channel credential object.
663
- */
664
- GRPCAPI grpc_channel_credentials* grpc_alts_credentials_create(
665
- const grpc_alts_credentials_options* options);
666
-
667
- /**
668
- * This method creates an ALTS server credential object. It is used for
669
- * experimental purpose for now and subject to change.
670
- *
671
- * - options: grpc ALTS credentials options instance for server.
672
- *
673
- * It returns the created ALTS server credential object.
674
- */
675
- GRPCAPI grpc_server_credentials* grpc_alts_server_credentials_create(
676
- const grpc_alts_credentials_options* options);
677
-
678
- /** --- Local channel/server credentials --- **/
679
-
680
- /**
681
- * This method creates a local channel credential object. The security level
682
- * of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY for UDS and
683
- * GRPC_SECURITY_NONE for LOCAL_TCP. It is used for experimental purpose
684
- * for now and subject to change.
685
- *
686
- * - type: local connection type
687
- *
688
- * It returns the created local channel credential object.
689
- */
690
- GRPCAPI grpc_channel_credentials* grpc_local_credentials_create(
691
- grpc_local_connect_type type);
692
-
693
- /**
694
- * This method creates a local server credential object. It is used for
695
- * experimental purpose for now and subject to change.
696
- *
697
- * - type: local connection type
698
- *
699
- * It returns the created local server credential object.
700
- */
701
- GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create(
702
- grpc_local_connect_type type);
703
-
704
- /** --- TLS channel/server credentials ---
705
- * It is used for experimental purpose for now and subject to change. */
706
-
707
- /**
708
- * EXPERIMENTAL API - Subject to change
709
- *
710
- * A struct that can be specified by callers to configure underlying TLS
711
- * behaviors.
712
- */
713
- typedef struct grpc_tls_credentials_options grpc_tls_credentials_options;
714
-
715
- /**
716
- * EXPERIMENTAL API - Subject to change
717
- *
718
- * A struct provides ways to gain credential data that will be used in the TLS
719
- * handshake.
720
- */
721
- typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider;
722
-
723
- /**
724
- * EXPERIMENTAL API - Subject to change
725
- *
726
- * A struct that stores the credential data presented to the peer in handshake
727
- * to show local identity.
728
- */
729
- typedef struct grpc_tls_identity_pairs grpc_tls_identity_pairs;
730
-
731
- /**
732
- * EXPERIMENTAL API - Subject to change
733
- *
734
- * Creates a grpc_tls_identity_pairs that stores a list of identity credential
735
- * data, including identity private key and identity certificate chain.
736
- */
737
- GRPCAPI grpc_tls_identity_pairs* grpc_tls_identity_pairs_create();
738
-
739
- /**
740
- * EXPERIMENTAL API - Subject to change
741
- *
742
- * Adds a identity private key and a identity certificate chain to
743
- * grpc_tls_identity_pairs. This function will make an internal copy of
744
- * |private_key| and |cert_chain|.
745
- */
746
- GRPCAPI void grpc_tls_identity_pairs_add_pair(grpc_tls_identity_pairs* pairs,
747
- const char* private_key,
748
- const char* cert_chain);
749
-
750
- /**
751
- * EXPERIMENTAL API - Subject to change
752
- *
753
- * Destroys a grpc_tls_identity_pairs object. If this object is passed to a
754
- * provider initiation function, the ownership is transferred so this function
755
- * doesn't need to be called. Otherwise the creator of the
756
- * grpc_tls_identity_pairs object is responsible for its destruction.
757
- */
758
- GRPCAPI void grpc_tls_identity_pairs_destroy(grpc_tls_identity_pairs* pairs);
759
-
760
- /**
761
- * EXPERIMENTAL API - Subject to change
762
- *
763
- * Creates a grpc_tls_certificate_provider that will load credential data from
764
- * static string during initialization. This provider will always return the
765
- * same cert data for all cert names.
766
- * root_certificate and pem_key_cert_pairs can be nullptr, indicating the
767
- * corresponding credential data is not needed.
768
- * This function will make a copy of |root_certificate|.
769
- * The ownership of |pem_key_cert_pairs| is transferred.
770
- */
771
- GRPCAPI grpc_tls_certificate_provider*
772
- grpc_tls_certificate_provider_static_data_create(
773
- const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs);
774
-
775
- /**
776
- * EXPERIMENTAL API - Subject to change
777
- *
778
- * Creates a grpc_tls_certificate_provider that will watch the credential
779
- * changes on the file system. This provider will always return the up-to-date
780
- * cert data for all the cert names callers set through
781
- * |grpc_tls_credentials_options|. Note that this API only supports one key-cert
782
- * file and hence one set of identity key-cert pair, so SNI(Server Name
783
- * Indication) is not supported.
784
- * - private_key_path is the file path of the private key. This must be set if
785
- * |identity_certificate_path| is set. Otherwise, it could be null if no
786
- * identity credentials are needed.
787
- * - identity_certificate_path is the file path of the identity certificate
788
- * chain. This must be set if |private_key_path| is set. Otherwise, it could
789
- * be null if no identity credentials are needed.
790
- * - root_cert_path is the file path to the root certificate bundle. This
791
- * may be null if no root certs are needed.
792
- * - refresh_interval_sec is the refreshing interval that we will check the
793
- * files for updates.
794
- * It does not take ownership of parameters.
795
- */
796
- GRPCAPI grpc_tls_certificate_provider*
797
- grpc_tls_certificate_provider_file_watcher_create(
798
- const char* private_key_path, const char* identity_certificate_path,
799
- const char* root_cert_path, unsigned int refresh_interval_sec);
800
-
801
- /**
802
- * EXPERIMENTAL API - Subject to change
803
- *
804
- * Releases a grpc_tls_certificate_provider object. The creator of the
805
- * grpc_tls_certificate_provider object is responsible for its release.
806
- */
807
- GRPCAPI void grpc_tls_certificate_provider_release(
808
- grpc_tls_certificate_provider* provider);
809
-
810
- /**
811
- * EXPERIMENTAL API - Subject to change
812
- *
813
- * Creates an grpc_tls_credentials_options.
814
- */
815
- GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_create(void);
816
-
817
- /**
818
- * EXPERIMENTAL API - Subject to change
819
- *
820
- * Sets the minimum TLS version that will be negotiated during the TLS
821
- * handshake. If not set, the underlying SSL library will set it to TLS v1.2.
822
- */
823
- GRPCAPI void grpc_tls_credentials_options_set_min_tls_version(
824
- grpc_tls_credentials_options* options, grpc_tls_version min_tls_version);
825
-
826
- /**
827
- * EXPERIMENTAL API - Subject to change
828
- *
829
- * Sets the maximum TLS version that will be negotiated during the TLS
830
- * handshake. If not set, the underlying SSL library will set it to TLS v1.3.
831
- */
832
- GRPCAPI void grpc_tls_credentials_options_set_max_tls_version(
833
- grpc_tls_credentials_options* options, grpc_tls_version max_tls_version);
834
-
835
- /**
836
- * EXPERIMENTAL API - Subject to change
837
- *
838
- * Copies a grpc_tls_credentials_options.
839
- */
840
- GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_copy(
841
- grpc_tls_credentials_options* options);
842
-
843
- /**
844
- * EXPERIMENTAL API - Subject to change
845
- *
846
- * Destroys a grpc_tls_credentials_options.
847
- */
848
- GRPCAPI void grpc_tls_credentials_options_destroy(
849
- grpc_tls_credentials_options* options);
850
-
851
- /**
852
- * EXPERIMENTAL API - Subject to change
853
- *
854
- * Sets the credential provider in the options.
855
- * The |options| will implicitly take a new ref to the |provider|.
856
- */
857
- GRPCAPI void grpc_tls_credentials_options_set_certificate_provider(
858
- grpc_tls_credentials_options* options,
859
- grpc_tls_certificate_provider* provider);
860
-
861
- /**
862
- * EXPERIMENTAL API - Subject to change
863
- *
864
- * If set, gRPC stack will keep watching the root certificates with
865
- * name |root_cert_name|.
866
- * If this is not set on the client side, we will use the root certificates
867
- * stored in the default system location, since client side must provide root
868
- * certificates in TLS.
869
- * If this is not set on the server side, we will not watch any root certificate
870
- * updates, and assume no root certificates needed for the server(single-side
871
- * TLS). Default root certs on the server side is not supported.
872
- */
873
- GRPCAPI void grpc_tls_credentials_options_watch_root_certs(
874
- grpc_tls_credentials_options* options);
875
-
876
- /**
877
- * EXPERIMENTAL API - Subject to change
878
- *
879
- * Sets the name of the root certificates being watched.
880
- * If not set, We will use a default empty string as the root certificate name.
881
- */
882
- GRPCAPI void grpc_tls_credentials_options_set_root_cert_name(
883
- grpc_tls_credentials_options* options, const char* root_cert_name);
884
-
885
- /**
886
- * EXPERIMENTAL API - Subject to change
887
- *
888
- * If set, gRPC stack will keep watching the identity key-cert pairs
889
- * with name |identity_cert_name|.
890
- * This is required on the server side, and optional on the client side.
891
- */
892
- GRPCAPI void grpc_tls_credentials_options_watch_identity_key_cert_pairs(
893
- grpc_tls_credentials_options* options);
894
-
895
- /**
896
- * EXPERIMENTAL API - Subject to change
897
- *
898
- * Sets the name of the identity certificates being watched.
899
- * If not set, We will use a default empty string as the identity certificate
900
- * name.
901
- */
902
- GRPCAPI void grpc_tls_credentials_options_set_identity_cert_name(
903
- grpc_tls_credentials_options* options, const char* identity_cert_name);
904
-
905
- /**
906
- * EXPERIMENTAL API - Subject to change
907
- *
908
- * Sets the options of whether to request and/or verify client certs. This shall
909
- * only be called on the server side.
910
- */
911
- GRPCAPI void grpc_tls_credentials_options_set_cert_request_type(
912
- grpc_tls_credentials_options* options,
913
- grpc_ssl_client_certificate_request_type type);
914
-
915
- /** Deprecated in favor of grpc_tls_credentials_options_set_crl_provider. The
916
- * crl provider interface provides a significantly more flexible approach to
917
- * using CRLs. See gRFC A69 for details.
918
- * EXPERIMENTAL API - Subject to change
919
- *
920
- * If set, gRPC will read all hashed x.509 CRL files in the directory and
921
- * enforce the CRL files on all TLS handshakes. Only supported for OpenSSL
922
- * version > 1.1.
923
- * It is used for experimental purpose for now and subject to change.
924
- */
925
- GRPCAPI void grpc_tls_credentials_options_set_crl_directory(
926
- grpc_tls_credentials_options* options, const char* crl_directory);
927
-
928
- /**
929
- * EXPERIMENTAL API - Subject to change
930
- *
931
- * Sets the options of whether to verify server certs on the client side.
932
- * Passing in a non-zero value indicates verifying the certs.
933
- */
934
- GRPCAPI void grpc_tls_credentials_options_set_verify_server_cert(
935
- grpc_tls_credentials_options* options, int verify_server_cert);
936
-
937
- /**
938
- * EXPERIMENTAL API - Subject to change
939
- *
940
- * Sets whether or not a TLS server should send a list of CA names in the
941
- * ServerHello. This list of CA names is read from the server's trust bundle, so
942
- * that the client can use this list as a hint to know which certificate it
943
- * should send to the server.
944
- *
945
- * WARNING: This API is extremely dangerous and should not be used. If the
946
- * server's trust bundle is too large, then the TLS server will be unable to
947
- * form a ServerHello, and hence will be unusable. The definition of "too large"
948
- * depends on the underlying SSL library being used and on the size of the CN
949
- * fields of the certificates in the trust bundle.
950
- */
951
- GRPCAPI void grpc_tls_credentials_options_set_send_client_ca_list(
952
- grpc_tls_credentials_options* options, bool send_client_ca_list);
953
-
954
- /**
955
- * EXPERIMENTAL API - Subject to change
956
- *
957
- * The read-only request information exposed in a verification call.
958
- * Callers should not directly manage the ownership of it. We will make sure it
959
- * is always available inside verify() or cancel() call, and will destroy the
960
- * object at the end of custom verification.
961
- */
962
- typedef struct grpc_tls_custom_verification_check_request {
963
- /* The target name of the server when the client initiates the connection. */
964
- /* This field will be nullptr if on the server side. */
965
- const char* target_name;
966
- /* The information contained in the certificate chain sent from the peer. */
967
- struct peer_info {
968
- /* The Common Name field on the peer leaf certificate. */
969
- const char* common_name;
970
- /* The list of Subject Alternative Names on the peer leaf certificate. */
971
- struct san_names {
972
- char** uri_names;
973
- size_t uri_names_size;
974
- char** dns_names;
975
- size_t dns_names_size;
976
- char** email_names;
977
- size_t email_names_size;
978
- char** ip_names;
979
- size_t ip_names_size;
980
- } san_names;
981
- /* The raw peer leaf certificate. */
982
- const char* peer_cert;
983
- /* The raw peer certificate chain. Note that it is not always guaranteed to
984
- * get the peer full chain. For more, please refer to
985
- * GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME defined in file
986
- * grpc_security_constants.h.
987
- * TODO(ZhenLian): Consider fixing this in the future. */
988
- const char* peer_cert_full_chain;
989
- /* The verified root cert subject.
990
- * This value will only be filled if the cryptographic peer certificate
991
- * verification was successful */
992
- const char* verified_root_cert_subject;
993
- } peer_info;
994
- } grpc_tls_custom_verification_check_request;
995
-
996
- /**
997
- * EXPERIMENTAL API - Subject to change
998
- *
999
- * A callback function provided by gRPC as a parameter of the |verify| function
1000
- * in grpc_tls_certificate_verifier_external. If |verify| is expected to be run
1001
- * asynchronously, the implementer of |verify| will need to invoke this callback
1002
- * with |callback_arg| and proper verification status at the end to bring the
1003
- * control back to gRPC C core.
1004
- */
1005
- typedef void (*grpc_tls_on_custom_verification_check_done_cb)(
1006
- grpc_tls_custom_verification_check_request* request, void* callback_arg,
1007
- grpc_status_code status, const char* error_details);
1008
-
1009
- /**
1010
- * EXPERIMENTAL API - Subject to change
1011
- *
1012
- * The internal verifier type that will be used inside core.
1013
- */
1014
- typedef struct grpc_tls_certificate_verifier grpc_tls_certificate_verifier;
1015
-
1016
- /**
1017
- * EXPERIMENTAL API - Subject to change
1018
- *
1019
- * A struct containing all the necessary functions a custom external verifier
1020
- * needs to implement to be able to be converted to an internal verifier.
1021
- */
1022
- typedef struct grpc_tls_certificate_verifier_external {
1023
- void* user_data;
1024
- /**
1025
- * A function pointer containing the verification logic that will be
1026
- * performed after the TLS handshake is done. It could be processed
1027
- * synchronously or asynchronously.
1028
- * - If expected to be processed synchronously, the implementer should
1029
- * populate the verification result through |sync_status| and
1030
- * |sync_error_details|, and then return true.
1031
- * - If expected to be processed asynchronously, the implementer should return
1032
- * false immediately, and then in the asynchronous thread invoke |callback|
1033
- * with the verification result. The implementer MUST NOT invoke the async
1034
- * |callback| in the same thread before |verify| returns, otherwise it can
1035
- * lead to deadlocks.
1036
- *
1037
- * user_data: any argument that is passed in the user_data of
1038
- * grpc_tls_certificate_verifier_external during construction time
1039
- * can be retrieved later here.
1040
- * request: request information exposed to the function implementer.
1041
- * callback: the callback that the function implementer needs to invoke, if
1042
- * return a non-zero value. It is usually invoked when the
1043
- * asynchronous verification is done, and serves to bring the
1044
- * control back to gRPC.
1045
- * callback_arg: A pointer to the internal ExternalVerifier instance. This is
1046
- * mainly used as an argument in |callback|, if want to invoke
1047
- * |callback| in async mode.
1048
- * sync_status: indicates if a connection should be allowed. This should only
1049
- * be used if the verification check is done synchronously.
1050
- * sync_error_details: the error generated while verifying a connection. This
1051
- * should only be used if the verification check is done
1052
- * synchronously. the implementation must allocate the
1053
- * error string via gpr_malloc() or gpr_strdup().
1054
- * return: return 0 if |verify| is expected to be executed asynchronously,
1055
- * otherwise return a non-zero value.
1056
- */
1057
- int (*verify)(void* user_data,
1058
- grpc_tls_custom_verification_check_request* request,
1059
- grpc_tls_on_custom_verification_check_done_cb callback,
1060
- void* callback_arg, grpc_status_code* sync_status,
1061
- char** sync_error_details);
1062
- /**
1063
- * A function pointer that cleans up the caller-specified resources when the
1064
- * verifier is still running but the whole connection got cancelled. This
1065
- * could happen when the verifier is doing some async operations, and the
1066
- * whole handshaker object got destroyed because of connection time limit is
1067
- * reached, or any other reasons. In such cases, function implementers might
1068
- * want to be notified, and properly clean up some resources.
1069
- *
1070
- * user_data: any argument that is passed in the user_data of
1071
- * grpc_tls_certificate_verifier_external during construction time
1072
- * can be retrieved later here.
1073
- * request: request information exposed to the function implementer. It will
1074
- * be the same request object that was passed to verify(), and it
1075
- * tells the cancel() which request to cancel.
1076
- */
1077
- void (*cancel)(void* user_data,
1078
- grpc_tls_custom_verification_check_request* request);
1079
- /**
1080
- * A function pointer that does some additional destruction work when the
1081
- * verifier is destroyed. This is used when the caller wants to associate some
1082
- * objects to the lifetime of external_verifier, and destroy them when
1083
- * external_verifier got destructed. For example, in C++, the class containing
1084
- * user-specified callback functions should not be destroyed before
1085
- * external_verifier, since external_verifier will invoke them while being
1086
- * used.
1087
- * Note that the caller MUST delete the grpc_tls_certificate_verifier_external
1088
- * object itself in this function, otherwise it will cause memory leaks. That
1089
- * also means the user_data has to carries at least a self pointer, for the
1090
- * callers to later delete it in destruct().
1091
- *
1092
- * user_data: any argument that is passed in the user_data of
1093
- * grpc_tls_certificate_verifier_external during construction time
1094
- * can be retrieved later here.
1095
- */
1096
- void (*destruct)(void* user_data);
1097
- } grpc_tls_certificate_verifier_external;
1098
-
1099
- /**
1100
- * EXPERIMENTAL API - Subject to change
1101
- *
1102
- * Converts an external verifier to an internal verifier.
1103
- * Note that we will not take the ownership of the external_verifier. Callers
1104
- * will need to delete external_verifier in its own destruct function.
1105
- */
1106
- grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_external_create(
1107
- grpc_tls_certificate_verifier_external* external_verifier);
1108
-
1109
- /**
1110
- * EXPERIMENTAL API - Subject to change
1111
- *
1112
- * Factory function for an internal verifier that won't perform any
1113
- * post-handshake verification. Note: using this solely without any other
1114
- * authentication mechanisms on the peer identity will leave your applications
1115
- * to the MITM(Man-In-The-Middle) attacks. Users should avoid doing so in
1116
- * production environments.
1117
- */
1118
- grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_no_op_create();
1119
-
1120
- /**
1121
- * EXPERIMENTAL API - Subject to change
1122
- *
1123
- * Factory function for an internal verifier that will do the default hostname
1124
- * check.
1125
- */
1126
- grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_host_name_create();
1127
-
1128
- /**
1129
- * EXPERIMENTAL API - Subject to change
1130
- *
1131
- * Releases a grpc_tls_certificate_verifier object. The creator of the
1132
- * grpc_tls_certificate_verifier object is responsible for its release.
1133
- */
1134
- void grpc_tls_certificate_verifier_release(
1135
- grpc_tls_certificate_verifier* verifier);
1136
-
1137
- /**
1138
- * EXPERIMENTAL API - Subject to change
1139
- *
1140
- * Sets the verifier in options. The |options| will implicitly take a new ref to
1141
- * the |verifier|. If not set on the client side, we will verify server's
1142
- * certificates, and check the default hostname. If not set on the server side,
1143
- * we will verify client's certificates.
1144
- */
1145
- void grpc_tls_credentials_options_set_certificate_verifier(
1146
- grpc_tls_credentials_options* options,
1147
- grpc_tls_certificate_verifier* verifier);
1148
-
1149
- /**
1150
- * EXPERIMENTAL API - Subject to change
1151
- *
1152
- * Sets the options of whether to check the hostname of the peer on a per-call
1153
- * basis. This is usually used in a combination with virtual hosting at the
1154
- * client side, where each individual call on a channel can have a different
1155
- * host associated with it.
1156
- * This check is intended to verify that the host specified for the individual
1157
- * call is covered by the cert that the peer presented.
1158
- * The default is a non-zero value, which indicates performing such checks.
1159
- */
1160
- GRPCAPI void grpc_tls_credentials_options_set_check_call_host(
1161
- grpc_tls_credentials_options* options, int check_call_host);
1162
-
1163
- /**
1164
- * EXPERIMENTAL API - Subject to change
1165
- *
1166
- * Performs the verification logic of an internal verifier.
1167
- * This is typically used when composing the internal verifiers as part of the
1168
- * custom verification.
1169
- * If |grpc_tls_certificate_verifier_verify| returns true, inspect the
1170
- * verification result through request->status and request->error_details.
1171
- * Otherwise, inspect through the parameter of |callback|.
1172
- */
1173
- int grpc_tls_certificate_verifier_verify(
1174
- grpc_tls_certificate_verifier* verifier,
1175
- grpc_tls_custom_verification_check_request* request,
1176
- grpc_tls_on_custom_verification_check_done_cb callback, void* callback_arg,
1177
- grpc_status_code* sync_status, char** sync_error_details);
1178
-
1179
- /**
1180
- * EXPERIMENTAL API - Subject to change
1181
- *
1182
- * Performs the cancellation logic of an internal verifier.
1183
- * This is typically used when composing the internal verifiers as part of the
1184
- * custom verification.
1185
- */
1186
- void grpc_tls_certificate_verifier_cancel(
1187
- grpc_tls_certificate_verifier* verifier,
1188
- grpc_tls_custom_verification_check_request* request);
1189
-
1190
- /**
1191
- * EXPERIMENTAL API - Subject to change
1192
- *
1193
- * Creates a TLS channel credential object based on the
1194
- * grpc_tls_credentials_options specified by callers. The
1195
- * grpc_channel_credentials will take the ownership of the |options|. The
1196
- * security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
1197
- */
1198
- grpc_channel_credentials* grpc_tls_credentials_create(
1199
- grpc_tls_credentials_options* options);
1200
-
1201
- /**
1202
- * EXPERIMENTAL API - Subject to change
1203
- *
1204
- * Creates a TLS server credential object based on the
1205
- * grpc_tls_credentials_options specified by callers. The
1206
- * grpc_server_credentials will take the ownership of the |options|.
1207
- */
1208
- grpc_server_credentials* grpc_tls_server_credentials_create(
1209
- grpc_tls_credentials_options* options);
1210
-
1211
- /**
1212
- * EXPERIMENTAL API - Subject to change
1213
- *
1214
- * This method creates an insecure channel credentials object.
1215
- */
1216
- GRPCAPI grpc_channel_credentials* grpc_insecure_credentials_create();
1217
-
1218
- /**
1219
- * EXPERIMENTAL API - Subject to change
1220
- *
1221
- * This method creates an insecure server credentials object.
1222
- */
1223
- GRPCAPI grpc_server_credentials* grpc_insecure_server_credentials_create();
1224
-
1225
- /**
1226
- * EXPERIMENTAL API - Subject to change
1227
- *
1228
- * This method creates an xDS channel credentials object.
1229
- *
1230
- * Creating a channel with credentials of this type indicates that the channel
1231
- * should get credentials configuration from the xDS control plane.
1232
- *
1233
- * \a fallback_credentials are used if the channel target does not have the
1234
- * 'xds:///' scheme or if the xDS control plane does not provide information on
1235
- * how to fetch credentials dynamically. Does NOT take ownership of the \a
1236
- * fallback_credentials. (Internally takes a ref to the object.)
1237
- */
1238
- GRPCAPI grpc_channel_credentials* grpc_xds_credentials_create(
1239
- grpc_channel_credentials* fallback_credentials);
1240
-
1241
- /**
1242
- * EXPERIMENTAL API - Subject to change
1243
- *
1244
- * This method creates an xDS server credentials object.
1245
- *
1246
- * \a fallback_credentials are used if the xDS control plane does not provide
1247
- * information on how to fetch credentials dynamically.
1248
- *
1249
- * Does NOT take ownership of the \a fallback_credentials. (Internally takes
1250
- * a ref to the object.)
1251
- */
1252
- GRPCAPI grpc_server_credentials* grpc_xds_server_credentials_create(
1253
- grpc_server_credentials* fallback_credentials);
1254
-
1255
104
  /**
1256
105
  * EXPERIMENTAL - Subject to change.
1257
106
  * An opaque type that is responsible for providing authorization policies to
@@ -1302,26 +151,6 @@ grpc_authorization_policy_provider_file_watcher_create(
1302
151
  GRPCAPI void grpc_authorization_policy_provider_release(
1303
152
  grpc_authorization_policy_provider* provider);
1304
153
 
1305
- /** --- TLS session key logging. ---
1306
- * Experimental API to control tls session key logging. Tls session key logging
1307
- * is expected to be used only for debugging purposes and never in production.
1308
- * Tls session key logging is only enabled when:
1309
- * At least one grpc_tls_credentials_options object is assigned a tls session
1310
- * key logging file path using the API specified below.
1311
- */
1312
-
1313
- /**
1314
- * EXPERIMENTAL API - Subject to change.
1315
- * Configures a grpc_tls_credentials_options object with tls session key
1316
- * logging capability. TLS channels using these credentials have tls session
1317
- * key logging enabled.
1318
- * - options is the grpc_tls_credentials_options object
1319
- * - path is a string pointing to the location where TLS session keys would be
1320
- * stored.
1321
- */
1322
- GRPCAPI void grpc_tls_credentials_options_set_tls_session_key_log_file_path(
1323
- grpc_tls_credentials_options* options, const char* path);
1324
-
1325
154
  #ifdef __cplusplus
1326
155
  }
1327
156
  #endif