grpc 1.63.0 → 1.64.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Makefile +54 -51
- data/include/grpc/credentials.h +1222 -0
- data/include/grpc/grpc.h +7 -0
- data/include/grpc/grpc_crl_provider.h +1 -0
- data/include/grpc/grpc_security.h +0 -1171
- data/include/grpc/impl/channel_arg_names.h +0 -3
- data/include/grpc/module.modulemap +1 -0
- data/include/grpc/support/log.h +1 -1
- data/src/core/{lib/channel → channelz}/channel_trace.cc +56 -62
- data/src/core/{lib/channel → channelz}/channel_trace.h +21 -19
- data/src/core/{lib/channel → channelz}/channelz.cc +68 -6
- data/src/core/{lib/channel → channelz}/channelz.h +45 -6
- data/src/core/{lib/channel → channelz}/channelz_registry.cc +7 -6
- data/src/core/{lib/channel → channelz}/channelz_registry.h +6 -6
- data/src/core/client_channel/client_channel_filter.cc +58 -62
- data/src/core/client_channel/client_channel_filter.h +2 -4
- data/src/core/client_channel/client_channel_internal.h +3 -2
- data/src/core/client_channel/client_channel_service_config.h +1 -1
- data/src/core/client_channel/config_selector.h +4 -3
- data/src/core/client_channel/connector.h +1 -1
- data/src/core/client_channel/dynamic_filters.cc +3 -2
- data/src/core/client_channel/local_subchannel_pool.cc +5 -3
- data/src/core/client_channel/retry_filter.cc +1 -1
- data/src/core/client_channel/retry_filter.h +3 -2
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +5 -4
- data/src/core/client_channel/subchannel.cc +13 -12
- data/src/core/client_channel/subchannel.h +0 -1
- data/src/core/client_channel/subchannel_stream_client.cc +5 -3
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +4 -3
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +2 -2
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +24 -16
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +10 -11
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -9
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +4 -4
- data/src/core/ext/filters/http/client/http_client_filter.cc +5 -4
- data/src/core/ext/filters/http/client/http_client_filter.h +5 -5
- data/src/core/ext/filters/http/client_authority_filter.cc +4 -3
- data/src/core/ext/filters/http/client_authority_filter.h +5 -4
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +9 -8
- data/src/core/ext/filters/http/message_compress/compression_filter.h +8 -8
- data/src/core/ext/filters/http/server/http_server_filter.cc +2 -2
- data/src/core/ext/filters/http/server/http_server_filter.h +5 -5
- data/src/core/ext/filters/message_size/message_size_filter.cc +10 -19
- data/src/core/ext/filters/message_size/message_size_filter.h +8 -6
- data/src/core/ext/filters/rbac/rbac_filter.cc +11 -6
- data/src/core/ext/filters/rbac/rbac_filter.h +5 -5
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +12 -12
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +3 -2
- data/src/core/ext/gcp/metadata_query.cc +4 -3
- data/src/core/ext/gcp/metadata_query.h +2 -2
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +4 -3
- data/src/core/ext/transport/chttp2/alpn/alpn.h +2 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +13 -13
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +2 -3
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +10 -10
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +3 -3
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +8 -7
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +53 -52
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +2 -3
- data/src/core/ext/transport/chttp2/transport/context_list_entry.h +2 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/flow_control.h +4 -4
- data/src/core/ext/transport/chttp2/transport/frame.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame.h +2 -2
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_data.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -2
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +3 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +24 -24
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +5 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http_trace.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +3 -5
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -14
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -2
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +3 -3
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +1 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +1 -2
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +7 -6
- data/src/core/ext/transport/chttp2/transport/varint.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/varint.h +4 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +4 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.h +2 -2
- data/src/core/ext/transport/chttp2/transport/writing.cc +35 -22
- data/src/core/ext/transport/inproc/inproc_transport.cc +12 -12
- data/src/core/ext/transport/inproc/inproc_transport.h +1 -2
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +7 -8
- data/src/core/ext/transport/inproc/legacy_inproc_transport.h +1 -2
- data/src/core/{lib/transport → handshaker/endpoint_info}/endpoint_info_handshaker.cc +6 -6
- data/src/core/{lib/transport → handshaker/endpoint_info}/endpoint_info_handshaker.h +3 -3
- data/src/core/{lib/transport → handshaker}/handshaker.cc +8 -6
- data/src/core/{lib/transport → handshaker}/handshaker.h +4 -5
- data/src/core/{lib/transport → handshaker}/handshaker_factory.h +19 -3
- data/src/core/{lib/transport → handshaker}/handshaker_registry.cc +3 -3
- data/src/core/{lib/transport → handshaker}/handshaker_registry.h +6 -6
- data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.cc +5 -6
- data/src/core/{lib/transport → handshaker/http_connect}/http_connect_handshaker.h +3 -3
- data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.cc +6 -6
- data/src/core/{client_channel → handshaker/http_connect}/http_proxy_mapper.h +6 -6
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper.h +5 -5
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.cc +3 -3
- data/src/core/{lib/handshaker → handshaker}/proxy_mapper_registry.h +6 -6
- data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.cc +5 -5
- data/src/core/{lib/security/transport → handshaker/security}/secure_endpoint.h +4 -5
- data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.cc +11 -11
- data/src/core/{lib/security/transport → handshaker/security}/security_handshaker.h +5 -6
- data/src/core/{lib/security/transport → handshaker/security}/tsi_error.cc +2 -2
- data/src/core/{lib/security/transport → handshaker/security}/tsi_error.h +3 -3
- data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.cc +8 -8
- data/src/core/{lib/transport → handshaker/tcp_connect}/tcp_connect_handshaker.h +3 -3
- data/src/core/lib/address_utils/parse_address.cc +5 -3
- data/src/core/lib/address_utils/parse_address.h +2 -2
- data/src/core/lib/address_utils/sockaddr_utils.cc +15 -9
- data/src/core/lib/address_utils/sockaddr_utils.h +2 -2
- data/src/core/lib/avl/avl.h +2 -2
- data/src/core/lib/backoff/backoff.cc +2 -2
- data/src/core/lib/backoff/backoff.h +2 -2
- data/src/core/lib/backoff/random_early_detection.cc +2 -2
- data/src/core/lib/backoff/random_early_detection.h +2 -2
- data/src/core/lib/channel/call_finalization.h +2 -2
- data/src/core/lib/channel/call_tracer.cc +7 -7
- data/src/core/lib/channel/call_tracer.h +1 -2
- data/src/core/lib/channel/channel_args.cc +4 -4
- data/src/core/lib/channel/channel_args.h +1 -2
- data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
- data/src/core/lib/channel/channel_args_preconditioning.h +1 -2
- data/src/core/lib/channel/channel_stack.cc +8 -7
- data/src/core/lib/channel/channel_stack.h +1 -2
- data/src/core/lib/channel/channel_stack_builder.cc +2 -2
- data/src/core/lib/channel/channel_stack_builder.h +2 -2
- data/src/core/lib/channel/channel_stack_builder_impl.cc +6 -13
- data/src/core/lib/channel/channel_stack_builder_impl.h +2 -2
- data/src/core/lib/channel/channel_stack_trace.cc +2 -2
- data/src/core/lib/channel/connected_channel.cc +25 -40
- data/src/core/lib/channel/context.h +29 -1
- data/src/core/lib/channel/metrics.cc +10 -72
- data/src/core/lib/channel/metrics.h +1 -42
- data/src/core/lib/channel/promise_based_filter.cc +70 -75
- data/src/core/lib/channel/promise_based_filter.h +189 -148
- data/src/core/lib/channel/status_util.cc +2 -2
- data/src/core/lib/channel/status_util.h +1 -2
- data/src/core/lib/channel/tcp_tracer.h +2 -2
- data/src/core/lib/compression/compression.cc +1 -2
- data/src/core/lib/compression/compression_internal.cc +3 -3
- data/src/core/lib/compression/compression_internal.h +1 -2
- data/src/core/lib/compression/message_compress.cc +9 -8
- data/src/core/lib/compression/message_compress.h +1 -2
- data/src/core/lib/config/config_vars.cc +2 -2
- data/src/core/lib/config/config_vars.h +2 -2
- data/src/core/lib/config/config_vars_non_generated.cc +2 -2
- data/src/core/lib/config/core_configuration.cc +9 -8
- data/src/core/lib/config/core_configuration.h +8 -8
- data/src/core/lib/config/load_config.cc +4 -4
- data/src/core/lib/config/load_config.h +2 -2
- data/src/core/lib/debug/event_log.cc +3 -3
- data/src/core/lib/debug/event_log.h +2 -2
- data/src/core/lib/debug/histogram_view.cc +2 -2
- data/src/core/lib/debug/histogram_view.h +2 -2
- data/src/core/lib/debug/stats.cc +2 -2
- data/src/core/lib/debug/stats.h +2 -2
- data/src/core/lib/debug/stats_data.cc +2 -2
- data/src/core/lib/debug/stats_data.h +2 -2
- data/src/core/lib/debug/trace.cc +1 -2
- data/src/core/lib/debug/trace.h +2 -2
- data/src/core/lib/event_engine/ares_resolver.cc +18 -19
- data/src/core/lib/event_engine/ares_resolver.h +2 -2
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +3 -1
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +3 -3
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +2 -1
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -1
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +1 -2
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +1 -2
- data/src/core/lib/event_engine/common_closures.h +1 -2
- data/src/core/lib/event_engine/default_event_engine.cc +1 -2
- data/src/core/lib/event_engine/default_event_engine.h +1 -2
- data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -2
- data/src/core/lib/event_engine/default_event_engine_factory.h +1 -2
- data/src/core/lib/event_engine/event_engine.cc +1 -2
- data/src/core/lib/event_engine/event_engine_context.h +1 -2
- data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -2
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -2
- data/src/core/lib/event_engine/extensions/supports_fd.h +1 -2
- data/src/core/lib/event_engine/forkable.cc +7 -6
- data/src/core/lib/event_engine/forkable.h +1 -2
- data/src/core/lib/event_engine/grpc_polled_fd.h +1 -2
- data/src/core/lib/event_engine/handle_containers.h +1 -2
- data/src/core/lib/event_engine/memory_allocator_factory.h +1 -2
- data/src/core/lib/event_engine/poller.h +1 -2
- data/src/core/lib/event_engine/posix.h +1 -2
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +8 -8
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +1 -2
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +11 -11
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +1 -2
- data/src/core/lib/event_engine/posix_engine/event_poller.h +1 -2
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -2
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +1 -2
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +1 -2
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -2
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +3 -3
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -2
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +24 -25
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +11 -11
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +10 -10
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +3 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +1 -2
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +6 -6
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +1 -2
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +3 -3
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +3 -3
- data/src/core/lib/event_engine/posix_engine/timer.cc +1 -2
- data/src/core/lib/event_engine/posix_engine/timer.h +1 -2
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -2
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +5 -5
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +1 -2
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +1 -2
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +1 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -2
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -2
- data/src/core/lib/event_engine/query_extensions.h +3 -2
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +1 -2
- data/src/core/lib/event_engine/resolved_address.cc +5 -4
- data/src/core/lib/event_engine/resolved_address_internal.h +1 -2
- data/src/core/lib/event_engine/shim.cc +2 -2
- data/src/core/lib/event_engine/slice.cc +4 -3
- data/src/core/lib/event_engine/slice_buffer.cc +1 -2
- data/src/core/lib/event_engine/tcp_socket_utils.cc +12 -8
- data/src/core/lib/event_engine/tcp_socket_utils.h +1 -2
- data/src/core/lib/event_engine/thread_local.cc +2 -2
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +1 -2
- data/src/core/lib/event_engine/thread_pool/thread_count.h +1 -2
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +1 -2
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -2
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +8 -8
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +1 -2
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +2 -2
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +1 -2
- data/src/core/lib/event_engine/time_util.cc +1 -2
- data/src/core/lib/event_engine/time_util.h +1 -2
- data/src/core/lib/event_engine/trace.cc +2 -2
- data/src/core/lib/event_engine/trace.h +1 -2
- data/src/core/lib/event_engine/utils.cc +1 -2
- data/src/core/lib/event_engine/utils.h +1 -2
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +31 -30
- data/src/core/lib/event_engine/windows/iocp.cc +10 -8
- data/src/core/lib/event_engine/windows/win_socket.cc +7 -5
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +13 -12
- data/src/core/lib/event_engine/windows/windows_engine.cc +7 -6
- data/src/core/lib/event_engine/windows/windows_listener.cc +7 -6
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -2
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +1 -2
- data/src/core/lib/event_engine/work_queue/work_queue.h +1 -2
- data/src/core/lib/experiments/config.cc +5 -5
- data/src/core/lib/experiments/config.h +2 -2
- data/src/core/lib/experiments/experiments.cc +23 -8
- data/src/core/lib/experiments/experiments.h +23 -6
- data/src/core/lib/gpr/alloc.cc +3 -1
- data/src/core/lib/gpr/posix/sync.cc +25 -23
- data/src/core/lib/gpr/posix/time.cc +9 -6
- data/src/core/lib/gpr/posix/tmpfile.cc +3 -1
- data/src/core/lib/gpr/sync.cc +5 -3
- data/src/core/lib/gpr/time.cc +10 -8
- data/src/core/lib/gpr/windows/sync.cc +3 -1
- data/src/core/lib/gpr/windows/time.cc +4 -1
- data/src/core/lib/gprpp/atomic_utils.h +2 -2
- data/src/core/lib/gprpp/bitset.h +2 -2
- data/src/core/lib/gprpp/chunked_vector.h +6 -5
- data/src/core/lib/gprpp/construct_destruct.h +2 -2
- data/src/core/lib/gprpp/crash.cc +1 -2
- data/src/core/lib/gprpp/crash.h +2 -2
- data/src/core/lib/gprpp/debug_location.h +2 -2
- data/src/core/lib/gprpp/directory_reader.h +2 -2
- data/src/core/lib/gprpp/down_cast.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +9 -8
- data/src/core/lib/gprpp/env.h +2 -2
- data/src/core/lib/gprpp/examine_stack.cc +2 -2
- data/src/core/lib/gprpp/examine_stack.h +2 -2
- data/src/core/lib/gprpp/fork.cc +1 -2
- data/src/core/lib/gprpp/fork.h +2 -2
- data/src/core/lib/gprpp/host_port.cc +6 -4
- data/src/core/lib/gprpp/host_port.h +2 -2
- data/src/core/lib/gprpp/linux/env.cc +2 -2
- data/src/core/lib/gprpp/load_file.cc +1 -2
- data/src/core/lib/gprpp/load_file.h +2 -2
- data/src/core/lib/gprpp/manual_constructor.h +2 -2
- data/src/core/lib/gprpp/match.h +2 -2
- data/src/core/lib/gprpp/memory.h +1 -2
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/mpscq.h +5 -4
- data/src/core/lib/gprpp/no_destruct.h +2 -2
- data/src/core/lib/gprpp/notification.h +2 -2
- data/src/core/lib/gprpp/orphanable.h +2 -2
- data/src/core/lib/gprpp/overload.h +2 -2
- data/src/core/lib/gprpp/per_cpu.cc +1 -2
- data/src/core/lib/gprpp/per_cpu.h +1 -2
- data/src/core/lib/gprpp/posix/directory_reader.cc +2 -2
- data/src/core/lib/gprpp/posix/stat.cc +6 -4
- data/src/core/lib/gprpp/posix/thd.cc +10 -10
- data/src/core/lib/gprpp/ref_counted.h +5 -4
- data/src/core/lib/gprpp/ref_counted_ptr.h +2 -2
- data/src/core/lib/gprpp/ref_counted_string.cc +1 -2
- data/src/core/lib/gprpp/ref_counted_string.h +2 -2
- data/src/core/lib/gprpp/single_set_ptr.h +4 -3
- data/src/core/lib/gprpp/sorted_pack.h +2 -2
- data/src/core/lib/gprpp/stat.h +2 -2
- data/src/core/lib/gprpp/status_helper.cc +3 -3
- data/src/core/lib/gprpp/status_helper.h +2 -2
- data/src/core/lib/gprpp/strerror.cc +2 -2
- data/src/core/lib/gprpp/strerror.h +2 -2
- data/src/core/lib/gprpp/sync.h +5 -5
- data/src/core/lib/gprpp/table.h +2 -2
- data/src/core/lib/gprpp/tchar.cc +2 -2
- data/src/core/lib/gprpp/thd.h +7 -7
- data/src/core/lib/gprpp/time.cc +6 -6
- data/src/core/lib/gprpp/time.h +1 -2
- data/src/core/lib/gprpp/time_averaged_stats.cc +2 -2
- data/src/core/lib/gprpp/time_util.cc +5 -4
- data/src/core/lib/gprpp/time_util.h +1 -2
- data/src/core/lib/gprpp/unique_type_name.h +2 -2
- data/src/core/lib/gprpp/uuid_v4.cc +2 -2
- data/src/core/lib/gprpp/uuid_v4.h +2 -2
- data/src/core/lib/gprpp/validation_errors.cc +2 -2
- data/src/core/lib/gprpp/validation_errors.h +2 -2
- data/src/core/lib/gprpp/windows/stat.cc +4 -2
- data/src/core/lib/gprpp/windows/thd.cc +4 -2
- data/src/core/lib/gprpp/work_serializer.cc +5 -5
- data/src/core/lib/gprpp/work_serializer.h +1 -2
- data/src/core/lib/http/format_request.cc +1 -2
- data/src/core/lib/http/format_request.h +1 -2
- data/src/core/lib/http/httpcli.cc +6 -6
- data/src/core/lib/http/httpcli.h +2 -3
- data/src/core/lib/http/httpcli_security_connector.cc +4 -4
- data/src/core/lib/http/httpcli_ssl_credentials.h +1 -2
- data/src/core/lib/http/parser.cc +5 -5
- data/src/core/lib/http/parser.h +1 -2
- data/src/core/lib/iomgr/buffer_list.cc +1 -2
- data/src/core/lib/iomgr/buffer_list.h +1 -2
- data/src/core/lib/iomgr/call_combiner.cc +5 -4
- data/src/core/lib/iomgr/call_combiner.h +1 -2
- data/src/core/lib/iomgr/closure.cc +2 -2
- data/src/core/lib/iomgr/closure.h +4 -3
- data/src/core/lib/iomgr/combiner.cc +7 -6
- data/src/core/lib/iomgr/combiner.h +1 -2
- data/src/core/lib/iomgr/endpoint.cc +2 -2
- data/src/core/lib/iomgr/endpoint.h +1 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +7 -5
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +5 -4
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +11 -10
- data/src/core/lib/iomgr/error.cc +3 -3
- data/src/core/lib/iomgr/error.h +3 -3
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +14 -13
- data/src/core/lib/iomgr/ev_poll_posix.cc +9 -9
- data/src/core/lib/iomgr/ev_posix.cc +1 -2
- data/src/core/lib/iomgr/ev_posix.h +2 -2
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +1 -2
- data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +3 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +1 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +1 -2
- data/src/core/lib/iomgr/exec_ctx.cc +5 -5
- data/src/core/lib/iomgr/exec_ctx.h +6 -4
- data/src/core/lib/iomgr/executor.cc +7 -8
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +2 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +1 -2
- data/src/core/lib/iomgr/iocp_windows.cc +9 -6
- data/src/core/lib/iomgr/iocp_windows.h +0 -1
- data/src/core/lib/iomgr/iomgr.cc +1 -2
- data/src/core/lib/iomgr/iomgr.h +2 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +2 -2
- data/src/core/lib/iomgr/iomgr_internal.h +2 -2
- data/src/core/lib/iomgr/iomgr_windows.cc +4 -2
- data/src/core/lib/iomgr/lockfree_event.cc +4 -3
- data/src/core/lib/iomgr/lockfree_event.h +1 -2
- data/src/core/lib/iomgr/polling_entity.cc +5 -5
- data/src/core/lib/iomgr/pollset.cc +2 -2
- data/src/core/lib/iomgr/pollset.h +0 -1
- data/src/core/lib/iomgr/pollset_set.cc +2 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +2 -2
- data/src/core/lib/iomgr/pollset_windows.h +0 -1
- data/src/core/lib/iomgr/python_util.h +1 -2
- data/src/core/lib/iomgr/resolve_address.cc +1 -2
- data/src/core/lib/iomgr/resolve_address.h +1 -2
- data/src/core/lib/iomgr/resolve_address_impl.h +2 -2
- data/src/core/lib/iomgr/resolve_address_posix.h +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.h +2 -2
- data/src/core/lib/iomgr/resolved_address.h +2 -2
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +3 -1
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -2
- data/src/core/lib/iomgr/socket_mutator.cc +1 -2
- data/src/core/lib/iomgr/socket_mutator.h +1 -2
- data/src/core/lib/iomgr/socket_utils.h +2 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +3 -1
- data/src/core/lib/iomgr/socket_utils_posix.cc +2 -2
- data/src/core/lib/iomgr/socket_utils_posix.h +1 -2
- data/src/core/lib/iomgr/socket_windows.cc +4 -3
- data/src/core/lib/iomgr/tcp_client.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.h +1 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +5 -4
- data/src/core/lib/iomgr/tcp_client_windows.cc +7 -5
- data/src/core/lib/iomgr/tcp_posix.cc +42 -41
- data/src/core/lib/iomgr/tcp_server.cc +2 -2
- data/src/core/lib/iomgr/tcp_server.h +1 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +23 -23
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -2
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +6 -6
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +2 -1
- data/src/core/lib/iomgr/tcp_server_windows.cc +15 -14
- data/src/core/lib/iomgr/tcp_windows.cc +8 -6
- data/src/core/lib/iomgr/timer.cc +2 -2
- data/src/core/lib/iomgr/timer.h +1 -2
- data/src/core/lib/iomgr/timer_generic.cc +3 -3
- data/src/core/lib/iomgr/timer_generic.h +0 -1
- data/src/core/lib/iomgr/timer_heap.cc +1 -2
- data/src/core/lib/iomgr/timer_manager.cc +4 -3
- data/src/core/lib/iomgr/timer_manager.h +2 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +2 -1
- data/src/core/lib/iomgr/unix_sockets_posix.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +3 -1
- data/src/core/lib/iomgr/vsock.cc +2 -2
- data/src/core/lib/iomgr/vsock.h +1 -2
- data/src/core/lib/json/json.h +1 -2
- data/src/core/lib/json/json_args.h +2 -2
- data/src/core/lib/json/json_channel_args.h +2 -2
- data/src/core/lib/json/json_object_loader.cc +1 -2
- data/src/core/lib/json/json_object_loader.h +2 -2
- data/src/core/lib/json/json_reader.cc +4 -4
- data/src/core/lib/json/json_reader.h +2 -2
- data/src/core/lib/json/json_util.cc +2 -2
- data/src/core/lib/json/json_util.h +2 -2
- data/src/core/lib/json/json_writer.cc +2 -2
- data/src/core/lib/json/json_writer.h +2 -2
- data/src/core/lib/matchers/matchers.cc +2 -2
- data/src/core/lib/matchers/matchers.h +2 -2
- data/src/core/lib/promise/activity.cc +4 -3
- data/src/core/lib/promise/activity.h +7 -7
- data/src/core/lib/promise/all_ok.h +2 -2
- data/src/core/lib/promise/arena_promise.h +2 -2
- data/src/core/lib/promise/context.h +3 -3
- data/src/core/lib/promise/detail/join_state.h +11 -10
- data/src/core/lib/promise/detail/promise_factory.h +2 -2
- data/src/core/lib/promise/detail/promise_like.h +2 -2
- data/src/core/lib/promise/detail/seq_state.h +194 -194
- data/src/core/lib/promise/detail/status.h +4 -3
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +2 -2
- data/src/core/lib/promise/for_each.h +88 -27
- data/src/core/lib/promise/if.h +2 -2
- data/src/core/lib/promise/interceptor_list.h +3 -3
- data/src/core/lib/promise/latch.h +8 -8
- data/src/core/lib/promise/loop.h +2 -2
- data/src/core/lib/promise/map.h +2 -2
- data/src/core/lib/promise/party.cc +14 -14
- data/src/core/lib/promise/party.h +9 -9
- data/src/core/lib/promise/pipe.h +15 -15
- data/src/core/lib/promise/poll.h +6 -5
- data/src/core/lib/promise/prioritized_race.h +2 -2
- data/src/core/lib/promise/promise.h +2 -2
- data/src/core/lib/promise/race.h +2 -2
- data/src/core/lib/promise/seq.h +2 -2
- data/src/core/lib/promise/sleep.cc +1 -2
- data/src/core/lib/promise/sleep.h +1 -2
- data/src/core/lib/promise/status_flag.h +8 -8
- data/src/core/lib/promise/trace.cc +2 -2
- data/src/core/lib/promise/try_join.h +4 -3
- data/src/core/lib/promise/try_seq.h +4 -3
- data/src/core/lib/resource_quota/api.cc +1 -2
- data/src/core/lib/resource_quota/api.h +1 -2
- data/src/core/lib/resource_quota/arena.cc +1 -2
- data/src/core/lib/resource_quota/arena.h +1 -2
- data/src/core/lib/resource_quota/connection_quota.cc +8 -9
- data/src/core/lib/resource_quota/connection_quota.h +2 -2
- data/src/core/lib/resource_quota/memory_quota.cc +11 -11
- data/src/core/lib/resource_quota/memory_quota.h +4 -4
- data/src/core/lib/resource_quota/periodic_update.cc +2 -2
- data/src/core/lib/resource_quota/periodic_update.h +2 -2
- data/src/core/lib/resource_quota/resource_quota.cc +2 -2
- data/src/core/lib/resource_quota/resource_quota.h +1 -2
- data/src/core/lib/resource_quota/thread_quota.cc +4 -3
- data/src/core/lib/resource_quota/thread_quota.h +2 -2
- data/src/core/lib/resource_quota/trace.cc +2 -2
- data/src/core/lib/security/authorization/audit_logging.cc +6 -6
- data/src/core/lib/security/authorization/audit_logging.h +1 -2
- data/src/core/lib/security/authorization/authorization_engine.h +2 -2
- data/src/core/lib/security/authorization/authorization_policy_provider.h +1 -2
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -2
- data/src/core/lib/security/authorization/evaluate_args.cc +2 -3
- data/src/core/lib/security/authorization/evaluate_args.h +1 -2
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +4 -3
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +1 -2
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +4 -5
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +7 -8
- data/src/core/lib/security/authorization/matchers.cc +1 -2
- data/src/core/lib/security/authorization/matchers.h +2 -2
- data/src/core/lib/security/authorization/rbac_policy.cc +2 -2
- data/src/core/lib/security/authorization/rbac_policy.h +1 -2
- data/src/core/lib/security/authorization/stdout_logger.cc +4 -3
- data/src/core/lib/security/authorization/stdout_logger.h +1 -2
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +2 -2
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +4 -3
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +2 -2
- data/src/core/lib/security/context/security_context.cc +5 -3
- data/src/core/lib/security/context/security_context.h +2 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +1 -2
- data/src/core/lib/security/credentials/alts/alts_credentials.h +2 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +1 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +1 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -2
- data/src/core/lib/security/credentials/call_creds_util.cc +1 -2
- data/src/core/lib/security/credentials/call_creds_util.h +2 -2
- data/src/core/lib/security/credentials/channel_creds_registry.h +2 -2
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +2 -2
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +9 -8
- data/src/core/lib/security/credentials/composite/composite_credentials.h +2 -2
- data/src/core/lib/security/credentials/credentials.cc +4 -3
- data/src/core/lib/security/credentials/credentials.h +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +5 -4
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +2 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +2 -2
- data/src/core/lib/security/credentials/external/aws_request_signer.h +2 -2
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +7 -6
- data/src/core/lib/security/credentials/external/external_account_credentials.h +2 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +2 -2
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +4 -3
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.h +2 -2
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -2
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +8 -7
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +2 -2
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +5 -5
- data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +5 -4
- data/src/core/lib/security/credentials/jwt/json_token.h +1 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +4 -3
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +15 -15
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +1 -2
- data/src/core/lib/security/credentials/local/local_credentials.cc +1 -2
- data/src/core/lib/security/credentials/local/local_credentials.h +2 -2
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +9 -8
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +2 -2
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +3 -3
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -2
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +13 -13
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +5 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +26 -25
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +7 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +3 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +4 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +19 -18
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +1 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +2 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +1 -2
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +1 -2
- data/src/core/lib/security/credentials/tls/tls_credentials.h +2 -2
- data/src/core/lib/security/credentials/tls/tls_utils.cc +1 -2
- data/src/core/lib/security/credentials/tls/tls_utils.h +1 -2
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +7 -7
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +14 -14
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +5 -5
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +6 -5
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/load_system_roots.h +1 -2
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +2 -2
- data/src/core/lib/security/security_connector/load_system_roots_supported.h +1 -2
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +11 -11
- data/src/core/lib/security/security_connector/local/local_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/security_connector.cc +7 -6
- data/src/core/lib/security/security_connector/security_connector.h +3 -3
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +6 -6
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +2 -2
- data/src/core/lib/security/security_connector/ssl_utils.cc +10 -9
- data/src/core/lib/security/security_connector/ssl_utils.h +1 -2
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +13 -13
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +3 -3
- data/src/core/lib/security/transport/auth_filters.h +13 -13
- data/src/core/lib/security/transport/client_auth_filter.cc +6 -5
- data/src/core/lib/security/transport/server_auth_filter.cc +7 -5
- data/src/core/lib/security/util/json_util.cc +1 -2
- data/src/core/lib/slice/percent_encoding.cc +4 -3
- data/src/core/lib/slice/slice.cc +11 -10
- data/src/core/lib/slice/slice.h +4 -4
- data/src/core/lib/slice/slice_buffer.cc +15 -14
- data/src/core/lib/slice/slice_buffer.h +1 -2
- data/src/core/lib/slice/slice_internal.h +3 -3
- data/src/core/lib/slice/slice_refcount.cc +2 -2
- data/src/core/lib/slice/slice_refcount.h +1 -2
- data/src/core/lib/slice/slice_string_helpers.cc +2 -2
- data/src/core/lib/slice/slice_string_helpers.h +1 -2
- data/src/core/lib/surface/api_trace.cc +2 -2
- data/src/core/lib/surface/api_trace.h +1 -2
- data/src/core/lib/surface/byte_buffer.cc +1 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +4 -3
- data/src/core/lib/surface/call.cc +168 -290
- data/src/core/lib/surface/call.h +180 -10
- data/src/core/lib/surface/call_details.cc +1 -2
- data/src/core/lib/surface/call_log_batch.cc +1 -2
- data/src/core/lib/surface/call_test_only.h +1 -2
- data/src/core/lib/surface/channel.cc +9 -8
- data/src/core/lib/surface/channel.h +2 -3
- data/src/core/lib/surface/channel_create.cc +4 -3
- data/src/core/lib/surface/channel_create.h +2 -2
- data/src/core/lib/surface/channel_init.cc +6 -6
- data/src/core/lib/surface/channel_init.h +13 -8
- data/src/core/lib/surface/channel_stack_type.cc +2 -2
- data/src/core/lib/surface/completion_queue.cc +17 -18
- data/src/core/lib/surface/completion_queue.h +1 -2
- data/src/core/lib/surface/completion_queue_factory.cc +9 -8
- data/src/core/lib/surface/completion_queue_factory.h +1 -2
- data/src/core/lib/surface/event_string.cc +2 -2
- data/src/core/lib/surface/event_string.h +1 -2
- data/src/core/lib/surface/init.cc +1 -2
- data/src/core/lib/surface/init_internally.cc +2 -2
- data/src/core/lib/surface/lame_client.cc +9 -12
- data/src/core/lib/surface/lame_client.h +6 -11
- data/src/core/lib/surface/legacy_channel.cc +9 -9
- data/src/core/lib/surface/legacy_channel.h +2 -3
- data/src/core/lib/surface/metadata_array.cc +1 -2
- data/src/core/lib/surface/validate_metadata.cc +1 -2
- data/src/core/lib/surface/validate_metadata.h +3 -3
- data/src/core/lib/surface/version.cc +3 -4
- data/src/core/lib/surface/wait_for_cq_end_op.cc +2 -2
- data/src/core/lib/transport/batch_builder.cc +7 -5
- data/src/core/lib/transport/batch_builder.h +4 -6
- data/src/core/lib/transport/bdp_estimator.cc +5 -3
- data/src/core/lib/transport/bdp_estimator.h +4 -4
- data/src/core/lib/transport/{call_size_estimator.cc → call_arena_allocator.cc} +3 -3
- data/src/core/lib/transport/{call_size_estimator.h → call_arena_allocator.h} +26 -5
- data/src/core/lib/transport/call_filters.cc +28 -13
- data/src/core/lib/transport/call_filters.h +123 -73
- data/src/core/lib/transport/call_final_info.cc +2 -2
- data/src/core/lib/transport/call_final_info.h +1 -2
- data/src/core/lib/transport/call_spine.cc +18 -19
- data/src/core/lib/transport/call_spine.h +387 -189
- data/src/core/lib/transport/connectivity_state.cc +1 -2
- data/src/core/lib/transport/connectivity_state.h +1 -2
- data/src/core/lib/transport/error_utils.cc +1 -2
- data/src/core/lib/transport/error_utils.h +1 -2
- data/src/core/lib/transport/message.cc +1 -2
- data/src/core/lib/transport/metadata.cc +2 -2
- data/src/core/lib/transport/metadata_batch.cc +2 -2
- data/src/core/lib/transport/metadata_batch.h +33 -4
- data/src/core/lib/transport/metadata_compression_traits.h +2 -2
- data/src/core/lib/transport/metadata_info.cc +2 -2
- data/src/core/lib/transport/parsed_metadata.cc +2 -2
- data/src/core/lib/transport/parsed_metadata.h +1 -2
- data/src/core/lib/transport/simple_slice_based_metadata.h +2 -2
- data/src/core/lib/transport/status_conversion.cc +2 -2
- data/src/core/lib/transport/status_conversion.h +1 -2
- data/src/core/lib/transport/timeout_encoding.cc +5 -5
- data/src/core/lib/transport/timeout_encoding.h +2 -2
- data/src/core/lib/transport/transport.cc +1 -2
- data/src/core/lib/transport/transport.h +41 -38
- data/src/core/lib/transport/transport_op_string.cc +1 -2
- data/src/core/lib/uri/uri_parser.cc +3 -3
- data/src/core/lib/uri/uri_parser.h +2 -2
- data/src/core/load_balancing/address_filtering.cc +2 -2
- data/src/core/load_balancing/address_filtering.h +2 -2
- data/src/core/load_balancing/backend_metric_data.h +2 -2
- data/src/core/load_balancing/backend_metric_parser.cc +2 -2
- data/src/core/load_balancing/backend_metric_parser.h +2 -2
- data/src/core/load_balancing/child_policy_handler.cc +6 -6
- data/src/core/load_balancing/child_policy_handler.h +2 -2
- data/src/core/load_balancing/delegating_helper.h +2 -3
- data/src/core/load_balancing/endpoint_list.cc +6 -8
- data/src/core/load_balancing/endpoint_list.h +15 -9
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +28 -30
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +19 -8
- data/src/core/load_balancing/grpclb/grpclb.cc +26 -26
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +2 -2
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.h +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.h +1 -2
- data/src/core/load_balancing/grpclb/load_balancer_api.cc +1 -2
- data/src/core/load_balancing/grpclb/load_balancer_api.h +2 -3
- data/src/core/load_balancing/health_check_client.cc +4 -5
- data/src/core/load_balancing/health_check_client.h +2 -2
- data/src/core/load_balancing/health_check_client_internal.h +1 -2
- data/src/core/load_balancing/lb_policy.cc +2 -2
- data/src/core/load_balancing/lb_policy.h +1 -2
- data/src/core/load_balancing/lb_policy_factory.h +2 -2
- data/src/core/load_balancing/lb_policy_registry.cc +3 -3
- data/src/core/load_balancing/lb_policy_registry.h +2 -2
- data/src/core/load_balancing/oob_backend_metric.cc +4 -5
- data/src/core/load_balancing/oob_backend_metric.h +2 -2
- data/src/core/load_balancing/oob_backend_metric_internal.h +1 -2
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +3 -3
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +2 -2
- data/src/core/load_balancing/pick_first/pick_first.cc +1107 -122
- data/src/core/load_balancing/priority/priority.cc +15 -10
- data/src/core/load_balancing/ring_hash/ring_hash.cc +34 -17
- data/src/core/load_balancing/ring_hash/ring_hash.h +2 -2
- data/src/core/load_balancing/rls/rls.cc +24 -17
- data/src/core/load_balancing/round_robin/round_robin.cc +26 -15
- data/src/core/load_balancing/subchannel_interface.h +1 -2
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +2 -2
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +25 -15
- data/src/core/load_balancing/weighted_target/weighted_target.cc +8 -8
- data/src/core/load_balancing/weighted_target/weighted_target.h +1 -1
- data/src/core/load_balancing/xds/cds.cc +11 -12
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +12 -10
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +2 -3
- data/src/core/load_balancing/xds/xds_override_host.cc +6 -6
- data/src/core/load_balancing/xds/xds_override_host.h +2 -2
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +2 -3
- data/src/core/plugin_registry/grpc_plugin_registry.cc +6 -9
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +1 -2
- data/src/core/resolver/binder/binder_resolver.cc +4 -4
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +5 -6
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +2 -2
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +3 -3
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +4 -3
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +35 -34
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +13 -13
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +1 -2
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
- data/src/core/resolver/dns/dns_resolver_plugin.cc +4 -5
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +5 -5
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +3 -3
- data/src/core/resolver/dns/event_engine/service_config_helper.cc +2 -2
- data/src/core/resolver/dns/event_engine/service_config_helper.h +2 -2
- data/src/core/resolver/dns/native/dns_resolver.cc +3 -4
- data/src/core/resolver/endpoint_addresses.cc +4 -4
- data/src/core/resolver/endpoint_addresses.h +2 -2
- data/src/core/resolver/fake/fake_resolver.cc +4 -4
- data/src/core/resolver/fake/fake_resolver.h +1 -2
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +9 -9
- data/src/core/resolver/polling_resolver.cc +5 -5
- data/src/core/resolver/polling_resolver.h +1 -2
- data/src/core/resolver/resolver.cc +2 -2
- data/src/core/resolver/resolver.h +2 -2
- data/src/core/resolver/resolver_factory.h +3 -3
- data/src/core/resolver/resolver_registry.cc +5 -5
- data/src/core/resolver/resolver_registry.h +3 -3
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -3
- data/src/core/resolver/xds/xds_dependency_manager.cc +5 -4
- data/src/core/resolver/xds/xds_dependency_manager.h +7 -7
- data/src/core/resolver/xds/xds_resolver.cc +19 -24
- data/src/core/resolver/xds/xds_resolver_attributes.h +2 -2
- data/src/core/resolver/xds/xds_resolver_trace.cc +2 -2
- data/src/core/{lib/surface → server}/server.cc +61 -59
- data/src/core/{lib/surface → server}/server.h +7 -8
- data/src/core/{lib/channel → server}/server_call_tracer_filter.cc +10 -7
- data/src/core/{lib/channel → server}/server_call_tracer_filter.h +3 -3
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector.h +5 -5
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.cc +36 -37
- data/src/core/{ext/filters/server_config_selector → server}/server_config_selector_filter.h +3 -3
- data/src/core/{lib/surface → server}/server_interface.h +4 -4
- data/src/core/{ext/xds → server}/xds_channel_stack_modifier.cc +3 -3
- data/src/core/{ext/xds → server}/xds_channel_stack_modifier.h +4 -5
- data/src/core/{ext/xds → server}/xds_server_config_fetcher.cc +23 -22
- data/src/core/service_config/service_config.h +1 -2
- data/src/core/service_config/service_config_call_data.h +2 -2
- data/src/core/service_config/service_config_channel_arg_filter.cc +6 -7
- data/src/core/service_config/service_config_impl.cc +2 -2
- data/src/core/service_config/service_config_impl.h +3 -3
- data/src/core/service_config/service_config_parser.cc +1 -2
- data/src/core/service_config/service_config_parser.h +2 -2
- data/src/core/tsi/alts/crypt/aes_gcm.cc +1 -2
- data/src/core/tsi/alts/crypt/gsec.cc +1 -2
- data/src/core/tsi/alts/crypt/gsec.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_counter.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +2 -2
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +1 -2
- data/src/core/tsi/alts/frame_protector/frame_handler.h +2 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +38 -37
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +5 -4
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +22 -20
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +5 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -2
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -2
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +5 -4
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +9 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +2 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +5 -4
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +2 -2
- data/src/core/tsi/fake_transport_security.cc +6 -4
- data/src/core/tsi/local_transport_security.cc +1 -2
- data/src/core/tsi/local_transport_security.h +1 -2
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +6 -5
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +11 -10
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +1 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +3 -4
- data/src/core/tsi/ssl_transport_security.cc +20 -19
- data/src/core/tsi/ssl_transport_security.h +1 -2
- data/src/core/tsi/ssl_transport_security_utils.cc +11 -10
- data/src/core/tsi/ssl_transport_security_utils.h +1 -2
- data/src/core/tsi/ssl_types.h +2 -2
- data/src/core/tsi/transport_security.cc +1 -2
- data/src/core/tsi/transport_security.h +2 -2
- data/src/core/tsi/transport_security_grpc.cc +2 -2
- data/src/core/tsi/transport_security_grpc.h +1 -2
- data/src/core/tsi/transport_security_interface.h +2 -2
- data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.cc +2 -3
- data/src/core/{ext/xds → xds/grpc}/certificate_provider_store.h +4 -5
- data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.cc +2 -3
- data/src/core/{ext/xds → xds/grpc}/file_watcher_certificate_provider_factory.h +4 -5
- data/src/core/{ext/xds → xds/grpc}/upb_utils.h +5 -5
- data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.cc +4 -4
- data/src/core/{ext/xds → xds/grpc}/xds_audit_logger_registry.h +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.cc +2 -3
- data/src/core/{ext/xds → xds/grpc}/xds_bootstrap_grpc.h +11 -11
- data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.cc +5 -5
- data/src/core/{ext/xds → xds/grpc}/xds_certificate_provider.h +4 -5
- data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.cc +25 -12
- data/src/core/{ext/xds → xds/grpc}/xds_client_grpc.h +8 -9
- data/src/core/{ext/xds → xds/grpc}/xds_cluster.cc +18 -9
- data/src/core/{ext/xds → xds/grpc}/xds_cluster.h +11 -12
- data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.cc +4 -4
- data/src/core/{ext/xds → xds/grpc}/xds_cluster_specifier_plugin.h +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_common_types.cc +5 -6
- data/src/core/{ext/xds → xds/grpc}/xds_common_types.h +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_endpoint.cc +7 -7
- data/src/core/{ext/xds → xds/grpc}/xds_endpoint.h +9 -9
- data/src/core/{ext/xds → xds/grpc}/xds_health_status.cc +3 -3
- data/src/core/{ext/xds → xds/grpc}/xds_health_status.h +5 -5
- data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.cc +4 -5
- data/src/core/{ext/xds → xds/grpc}/xds_http_fault_filter.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_http_filters.cc +8 -9
- data/src/core/{ext/xds → xds/grpc}/xds_http_filters.h +7 -7
- data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.cc +6 -7
- data/src/core/{ext/xds → xds/grpc}/xds_http_rbac_filter.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.cc +5 -6
- data/src/core/{ext/xds → xds/grpc}/xds_http_stateful_session_filter.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.cc +3 -4
- data/src/core/{ext/xds → xds/grpc}/xds_lb_policy_registry.h +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_listener.cc +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_listener.h +12 -12
- data/src/core/{ext/xds → xds/grpc}/xds_route_config.cc +16 -16
- data/src/core/{ext/xds → xds/grpc}/xds_route_config.h +11 -11
- data/src/core/{ext/xds → xds/grpc}/xds_routing.cc +6 -6
- data/src/core/{ext/xds → xds/grpc}/xds_routing.h +8 -8
- data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.cc +14 -14
- data/src/core/{ext/xds → xds/grpc}/xds_transport_grpc.h +6 -7
- data/src/core/{ext/xds → xds/xds_client}/xds_api.cc +4 -5
- data/src/core/{ext/xds → xds/xds_client}/xds_api.h +7 -7
- data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.cc +3 -3
- data/src/core/{ext/xds → xds/xds_client}/xds_bootstrap.h +5 -5
- data/src/core/{ext/xds → xds/xds_client}/xds_channel_args.h +3 -3
- data/src/core/{ext/xds → xds/xds_client}/xds_client.cc +21 -17
- data/src/core/{ext/xds → xds/xds_client}/xds_client.h +10 -11
- data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.cc +3 -4
- data/src/core/{ext/xds → xds/xds_client}/xds_client_stats.h +6 -6
- data/src/core/{ext/xds → xds/xds_client}/xds_metrics.h +7 -5
- data/src/core/{ext/xds → xds/xds_client}/xds_resource_type.h +6 -6
- data/src/core/{ext/xds → xds/xds_client}/xds_resource_type_impl.h +7 -7
- data/src/core/{ext/xds → xds/xds_client}/xds_transport.h +6 -6
- data/src/ruby/ext/grpc/rb_call_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_call_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_channel.c +1 -0
- data/src/ruby/ext/grpc/rb_channel_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +130 -130
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +196 -195
- data/src/ruby/ext/grpc/rb_server.c +1 -0
- data/src/ruby/ext/grpc/rb_server_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +1 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +1 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/third_party/abseil-cpp/absl/log/check.h +209 -0
- data/third_party/abseil-cpp/absl/log/internal/check_impl.h +150 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +118 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +420 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +1 -6
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +25 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +19 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +48 -66
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +7 -3
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +20 -28
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +26 -17
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +3 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +81 -60
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +41 -120
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.c +120 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +6 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +8 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +14 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +11 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +11 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +3 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +73 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +33 -17
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +18 -9
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +18 -17
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +44 -41
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +13 -12
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +7 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +26 -33
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +4 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +9 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +21 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +1 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +1 -6
- data/third_party/boringssl-with-bazel/{err_data.c → src/gen/crypto/err_data.c} +487 -485
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +77 -36
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +12 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +10 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +25 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +15 -3
- data/third_party/boringssl-with-bazel/src/{crypto/spx/internal.h → include/openssl/experimental/spx.h} +24 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +63 -53
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +19 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +275 -69
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +10 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +13 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2957 -2456
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +3 -9
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +43 -43
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +17 -7
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +67 -15
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +143 -113
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +227 -167
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +59 -385
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +21 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +423 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +70 -54
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +59 -75
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +6 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +48 -116
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +19 -26
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +36 -3
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +53 -18
- metadata +109 -108
- data/src/core/client_channel/client_channel_channelz.cc +0 -93
- data/src/core/client_channel/client_channel_channelz.h +0 -85
- data/src/core/ext/filters/deadline/deadline_filter.cc +0 -407
- data/src/core/ext/filters/deadline/deadline_filter.h +0 -85
- data/src/core/lib/gpr/log_internal.h +0 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/pki/certificate.h +0 -83
- data/third_party/boringssl-with-bazel/src/include/openssl/pki/signature_verify_cache.h +0 -41
- /data/third_party/boringssl-with-bazel/src/include/openssl/{kyber.h → experimental/kyber.h} +0 -0
@@ -550,8 +550,8 @@ OPENSSL_EXPORT int SSL_get_error(const SSL *ssl, int ret_code);
|
|
550
550
|
// a private key operation was unfinished. The caller may retry the operation
|
551
551
|
// when the private key operation is complete.
|
552
552
|
//
|
553
|
-
// See also |SSL_set_private_key_method| and
|
554
|
-
// |
|
553
|
+
// See also |SSL_set_private_key_method|, |SSL_CTX_set_private_key_method|, and
|
554
|
+
// |SSL_CREDENTIAL_set_private_key_method|.
|
555
555
|
#define SSL_ERROR_WANT_PRIVATE_KEY_OPERATION 13
|
556
556
|
|
557
557
|
// SSL_ERROR_PENDING_TICKET indicates that a ticket decryption is pending. The
|
@@ -841,6 +841,142 @@ OPENSSL_EXPORT void SSL_CTX_set0_buffer_pool(SSL_CTX *ctx,
|
|
841
841
|
CRYPTO_BUFFER_POOL *pool);
|
842
842
|
|
843
843
|
|
844
|
+
// Credentials.
|
845
|
+
//
|
846
|
+
// TLS endpoints may present authentication during the handshake, usually using
|
847
|
+
// X.509 certificates. This is typically required for servers and optional for
|
848
|
+
// clients. BoringSSL uses the |SSL_CREDENTIAL| object to abstract between
|
849
|
+
// different kinds of credentials, as well as configure automatic selection
|
850
|
+
// between multiple credentials. This may be used to select between ECDSA and
|
851
|
+
// RSA certificates.
|
852
|
+
//
|
853
|
+
// |SSL_CTX| and |SSL| objects maintain lists of credentials in preference
|
854
|
+
// order. During the handshake, BoringSSL will select the first usable
|
855
|
+
// credential from the list. Non-credential APIs, such as
|
856
|
+
// |SSL_CTX_use_certificate|, configure a "default credential", which is
|
857
|
+
// appended to this list if configured.
|
858
|
+
//
|
859
|
+
// When selecting credentials, BoringSSL considers the credential's type, its
|
860
|
+
// cryptographic capabilities, and capabilities advertised by the peer. This
|
861
|
+
// varies between TLS versions but includes:
|
862
|
+
//
|
863
|
+
// - Whether the peer supports the leaf certificate key
|
864
|
+
// - Whether there is a common signature algorithm that is compatible with the
|
865
|
+
// credential
|
866
|
+
// - Whether there is a common cipher suite that is compatible with the
|
867
|
+
// credential
|
868
|
+
//
|
869
|
+
// WARNING: In TLS 1.2 and below, there is no mechanism for servers to advertise
|
870
|
+
// supported ECDSA curves to the client. BoringSSL clients will assume the
|
871
|
+
// server accepts all ECDSA curves in client certificates.
|
872
|
+
//
|
873
|
+
// By default, BoringSSL does not check the following, though we may add APIs
|
874
|
+
// in the future to enable them on a per-credential basis.
|
875
|
+
//
|
876
|
+
// - Whether the peer supports the signature algorithms in the certificate chain
|
877
|
+
// - Whether the a server certificate is compatible with the server_name
|
878
|
+
// extension (SNI)
|
879
|
+
// - Whether the peer supports the certificate authority that issued the
|
880
|
+
// certificate
|
881
|
+
//
|
882
|
+
// Credentials may be configured before the handshake or dynamically in the
|
883
|
+
// early callback (see |SSL_CTX_set_select_certificate_cb|) and certificate
|
884
|
+
// callback (see |SSL_CTX_set_cert_cb|). These callbacks allow applications to
|
885
|
+
// use BoringSSL's built-in selection logic in tandem with custom logic. For
|
886
|
+
// example, a callback could evaluate application-specific SNI rules to filter
|
887
|
+
// down to an ECDSA and RSA credential, then configure both for BoringSSL to
|
888
|
+
// select between the two.
|
889
|
+
|
890
|
+
// SSL_CREDENTIAL_new_x509 returns a new, empty X.509 credential, or NULL on
|
891
|
+
// error. Callers should release the result with |SSL_CREDENTIAL_free| when
|
892
|
+
// done.
|
893
|
+
//
|
894
|
+
// Callers should configure a certificate chain and private key on the
|
895
|
+
// credential, along with other properties, then add it with
|
896
|
+
// |SSL_CTX_add1_credential|.
|
897
|
+
OPENSSL_EXPORT SSL_CREDENTIAL *SSL_CREDENTIAL_new_x509(void);
|
898
|
+
|
899
|
+
// SSL_CREDENTIAL_up_ref increments the reference count of |cred|.
|
900
|
+
OPENSSL_EXPORT void SSL_CREDENTIAL_up_ref(SSL_CREDENTIAL *cred);
|
901
|
+
|
902
|
+
// SSL_CREDENTIAL_free decrements the reference count of |cred|. If it reaches
|
903
|
+
// zero, all data referenced by |cred| and |cred| itself are released.
|
904
|
+
OPENSSL_EXPORT void SSL_CREDENTIAL_free(SSL_CREDENTIAL *cred);
|
905
|
+
|
906
|
+
// SSL_CREDENTIAL_set1_private_key sets |cred|'s private key to |cred|. It
|
907
|
+
// returns one on success and zero on failure.
|
908
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_private_key(SSL_CREDENTIAL *cred,
|
909
|
+
EVP_PKEY *key);
|
910
|
+
|
911
|
+
// SSL_CREDENTIAL_set1_signing_algorithm_prefs configures |cred| to use |prefs|
|
912
|
+
// as the preference list when signing with |cred|'s private key. It returns one
|
913
|
+
// on success and zero on error. |prefs| should not include the internal-only
|
914
|
+
// value |SSL_SIGN_RSA_PKCS1_MD5_SHA1|.
|
915
|
+
//
|
916
|
+
// It is an error to call this function with delegated credentials (see
|
917
|
+
// |SSL_CREDENTIAL_new_delegated|) because delegated credentials already
|
918
|
+
// constrain the key to a single algorithm.
|
919
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_signing_algorithm_prefs(
|
920
|
+
SSL_CREDENTIAL *cred, const uint16_t *prefs, size_t num_prefs);
|
921
|
+
|
922
|
+
// SSL_CREDENTIAL_set1_cert_chain sets |cred|'s certificate chain, starting from
|
923
|
+
// the leaf, to |num_cert|s certificates from |certs|. It returns one on success
|
924
|
+
// and zero on error.
|
925
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_cert_chain(SSL_CREDENTIAL *cred,
|
926
|
+
CRYPTO_BUFFER *const *certs,
|
927
|
+
size_t num_certs);
|
928
|
+
|
929
|
+
// SSL_CREDENTIAL_set1_ocsp_response sets |cred|'s stapled OCSP response to
|
930
|
+
// |ocsp|. It returns one on success and zero on error.
|
931
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_ocsp_response(SSL_CREDENTIAL *cred,
|
932
|
+
CRYPTO_BUFFER *ocsp);
|
933
|
+
|
934
|
+
// SSL_CREDENTIAL_set1_signed_cert_timestamp_list sets |cred|'s list of signed
|
935
|
+
// certificate timestamps |sct_list|. |sct_list| must contain one or more SCT
|
936
|
+
// structures serialised as a SignedCertificateTimestampList (see
|
937
|
+
// https://tools.ietf.org/html/rfc6962#section-3.3) – i.e. each SCT is prefixed
|
938
|
+
// by a big-endian, uint16 length and the concatenation of one or more such
|
939
|
+
// prefixed SCTs are themselves also prefixed by a uint16 length. It returns one
|
940
|
+
// on success and zero on error.
|
941
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_signed_cert_timestamp_list(
|
942
|
+
SSL_CREDENTIAL *cred, CRYPTO_BUFFER *sct_list);
|
943
|
+
|
944
|
+
// SSL_CTX_add1_credential appends |cred| to |ctx|'s credential list. It returns
|
945
|
+
// one on success and zero on error. The credential list is maintained in order
|
946
|
+
// of decreasing preference, so earlier calls are preferred over later calls.
|
947
|
+
//
|
948
|
+
// After calling this function, it is an error to modify |cred|. Doing so may
|
949
|
+
// result in inconsistent handshake behavior or race conditions.
|
950
|
+
OPENSSL_EXPORT int SSL_CTX_add1_credential(SSL_CTX *ctx, SSL_CREDENTIAL *cred);
|
951
|
+
|
952
|
+
// SSL_add1_credential appends |cred| to |ssl|'s credential list. It returns one
|
953
|
+
// on success and zero on error. The credential list is maintained in order of
|
954
|
+
// decreasing preference, so earlier calls are preferred over later calls.
|
955
|
+
//
|
956
|
+
// After calling this function, it is an error to modify |cred|. Doing so may
|
957
|
+
// result in inconsistent handshake behavior or race conditions.
|
958
|
+
OPENSSL_EXPORT int SSL_add1_credential(SSL *ssl, SSL_CREDENTIAL *cred);
|
959
|
+
|
960
|
+
// SSL_certs_clear removes all credentials configured on |ssl|. It also removes
|
961
|
+
// the certificate chain and private key on the default credential.
|
962
|
+
OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl);
|
963
|
+
|
964
|
+
// SSL_get0_selected_credential returns the credential in use in the current
|
965
|
+
// handshake on |ssl|. If there is current handshake on |ssl| or if the
|
966
|
+
// handshake has not progressed to this point, it returns NULL.
|
967
|
+
//
|
968
|
+
// This function is intended for use with |SSL_CREDENTIAL_get_ex_data|. It may
|
969
|
+
// be called from handshake callbacks, such as those in
|
970
|
+
// |SSL_PRIVATE_KEY_METHOD|, to trigger credential-specific behavior.
|
971
|
+
//
|
972
|
+
// In applications that use the older APIs, such as |SSL_use_certificate|, this
|
973
|
+
// function may return an internal |SSL_CREDENTIAL| object. This internal object
|
974
|
+
// will have no ex_data installed. To avoid this, it is recommended that callers
|
975
|
+
// moving to |SSL_CREDENTIAL| use the new APIs consistently.
|
976
|
+
OPENSSL_EXPORT const SSL_CREDENTIAL *SSL_get0_selected_credential(
|
977
|
+
const SSL *ssl);
|
978
|
+
|
979
|
+
|
844
980
|
// Configuring certificates and private keys.
|
845
981
|
//
|
846
982
|
// These functions configure the connection's leaf certificate, private key, and
|
@@ -848,23 +984,32 @@ OPENSSL_EXPORT void SSL_CTX_set0_buffer_pool(SSL_CTX *ctx,
|
|
848
984
|
// the wire) but does not include the leaf. Both client and server certificates
|
849
985
|
// use these functions.
|
850
986
|
//
|
851
|
-
//
|
852
|
-
//
|
987
|
+
// Prefer to configure the certificate before the private key. If configured in
|
988
|
+
// the other order, inconsistent private keys will be silently dropped, rather
|
989
|
+
// than return an error. Additionally, overwriting a previously-configured
|
990
|
+
// certificate and key pair only works if the certificate is configured first.
|
991
|
+
//
|
992
|
+
// Each of these functions configures the default credential. To select between
|
993
|
+
// multiple certificates, see |SSL_CREDENTIAL_new_x509| and related APIs.
|
853
994
|
|
854
995
|
// SSL_CTX_use_certificate sets |ctx|'s leaf certificate to |x509|. It returns
|
855
|
-
// one on success and zero on failure.
|
996
|
+
// one on success and zero on failure. If |ctx| has a private key which is
|
997
|
+
// inconsistent with |x509|, the private key is silently dropped.
|
856
998
|
OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x509);
|
857
999
|
|
858
1000
|
// SSL_use_certificate sets |ssl|'s leaf certificate to |x509|. It returns one
|
859
|
-
// on success and zero on failure.
|
1001
|
+
// on success and zero on failure. If |ssl| has a private key which is
|
1002
|
+
// inconsistent with |x509|, the private key is silently dropped.
|
860
1003
|
OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x509);
|
861
1004
|
|
862
1005
|
// SSL_CTX_use_PrivateKey sets |ctx|'s private key to |pkey|. It returns one on
|
863
|
-
// success and zero on failure.
|
1006
|
+
// success and zero on failure. If |ctx| had a private key or
|
1007
|
+
// |SSL_PRIVATE_KEY_METHOD| previously configured, it is replaced.
|
864
1008
|
OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
|
865
1009
|
|
866
1010
|
// SSL_use_PrivateKey sets |ssl|'s private key to |pkey|. It returns one on
|
867
|
-
// success and zero on failure.
|
1011
|
+
// success and zero on failure. If |ssl| had a private key or
|
1012
|
+
// |SSL_PRIVATE_KEY_METHOD| previously configured, it is replaced.
|
868
1013
|
OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
|
869
1014
|
|
870
1015
|
// SSL_CTX_set0_chain sets |ctx|'s certificate chain, excluding the leaf, to
|
@@ -986,18 +1131,6 @@ OPENSSL_EXPORT size_t
|
|
986
1131
|
SSL_get0_peer_delegation_algorithms(const SSL *ssl,
|
987
1132
|
const uint16_t **out_sigalgs);
|
988
1133
|
|
989
|
-
// SSL_certs_clear resets the private key, leaf certificate, and certificate
|
990
|
-
// chain of |ssl|.
|
991
|
-
OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl);
|
992
|
-
|
993
|
-
// SSL_CTX_check_private_key returns one if the certificate and private key
|
994
|
-
// configured in |ctx| are consistent and zero otherwise.
|
995
|
-
OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx);
|
996
|
-
|
997
|
-
// SSL_check_private_key returns one if the certificate and private key
|
998
|
-
// configured in |ssl| are consistent and zero otherwise.
|
999
|
-
OPENSSL_EXPORT int SSL_check_private_key(const SSL *ssl);
|
1000
|
-
|
1001
1134
|
// SSL_CTX_get0_certificate returns |ctx|'s leaf certificate.
|
1002
1135
|
OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
|
1003
1136
|
|
@@ -1229,6 +1362,11 @@ OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file,
|
|
1229
1362
|
// reads the contents of |file| as a PEM-encoded leaf certificate followed
|
1230
1363
|
// optionally by the certificate chain to send to the peer. It returns one on
|
1231
1364
|
// success and zero on failure.
|
1365
|
+
//
|
1366
|
+
// WARNING: If the input contains "TRUSTED CERTIFICATE" PEM blocks, this
|
1367
|
+
// function parses auxiliary properties as in |d2i_X509_AUX|. Passing untrusted
|
1368
|
+
// input to this function allows an attacker to influence those properties. See
|
1369
|
+
// |d2i_X509_AUX| for details.
|
1232
1370
|
OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx,
|
1233
1371
|
const char *file);
|
1234
1372
|
|
@@ -1264,11 +1402,6 @@ enum ssl_private_key_result_t BORINGSSL_ENUM_INT {
|
|
1264
1402
|
// key hooks. This is used to off-load signing operations to a custom,
|
1265
1403
|
// potentially asynchronous, backend. Metadata about the key such as the type
|
1266
1404
|
// and size are parsed out of the certificate.
|
1267
|
-
//
|
1268
|
-
// Callers that use this structure should additionally call
|
1269
|
-
// |SSL_set_signing_algorithm_prefs| or |SSL_CTX_set_signing_algorithm_prefs|
|
1270
|
-
// with the private key's capabilities. This ensures BoringSSL will select a
|
1271
|
-
// suitable signature algorithm for the private key.
|
1272
1405
|
struct ssl_private_key_method_st {
|
1273
1406
|
// sign signs the message |in| in using the specified signature algorithm. On
|
1274
1407
|
// success, it returns |ssl_private_key_success| and writes at most |max_out|
|
@@ -1321,14 +1454,39 @@ struct ssl_private_key_method_st {
|
|
1321
1454
|
|
1322
1455
|
// SSL_set_private_key_method configures a custom private key on |ssl|.
|
1323
1456
|
// |key_method| must remain valid for the lifetime of |ssl|.
|
1457
|
+
//
|
1458
|
+
// If using an RSA or ECDSA key, callers should configure signing capabilities
|
1459
|
+
// with |SSL_set_signing_algorithm_prefs|. Otherwise, BoringSSL may select a
|
1460
|
+
// signature algorithm that |key_method| does not support.
|
1324
1461
|
OPENSSL_EXPORT void SSL_set_private_key_method(
|
1325
1462
|
SSL *ssl, const SSL_PRIVATE_KEY_METHOD *key_method);
|
1326
1463
|
|
1327
1464
|
// SSL_CTX_set_private_key_method configures a custom private key on |ctx|.
|
1328
1465
|
// |key_method| must remain valid for the lifetime of |ctx|.
|
1466
|
+
//
|
1467
|
+
// If using an RSA or ECDSA key, callers should configure signing capabilities
|
1468
|
+
// with |SSL_CTX_set_signing_algorithm_prefs|. Otherwise, BoringSSL may select a
|
1469
|
+
// signature algorithm that |key_method| does not support.
|
1329
1470
|
OPENSSL_EXPORT void SSL_CTX_set_private_key_method(
|
1330
1471
|
SSL_CTX *ctx, const SSL_PRIVATE_KEY_METHOD *key_method);
|
1331
1472
|
|
1473
|
+
// SSL_CREDENTIAL_set_private_key_method configures a custom private key on
|
1474
|
+
// |cred|. |key_method| must remain valid for the lifetime of |cred|. It returns
|
1475
|
+
// one on success and zero if |cred| does not use private keys.
|
1476
|
+
//
|
1477
|
+
// If using an RSA or ECDSA key, callers should configure signing capabilities
|
1478
|
+
// with |SSL_CREDENTIAL_set1_signing_algorithm_prefs|. Otherwise, BoringSSL may
|
1479
|
+
// select a signature algorithm that |key_method| does not support. This is not
|
1480
|
+
// necessary for delegated credentials (see |SSL_CREDENTIAL_new_delegated|)
|
1481
|
+
// because delegated credentials only support a single signature algorithm.
|
1482
|
+
//
|
1483
|
+
// Functions in |key_method| will be passed an |SSL| object, but not |cred|
|
1484
|
+
// directly. Use |SSL_get0_selected_credential| to determine the selected
|
1485
|
+
// credential. From there, |SSL_CREDENTIAL_get_ex_data| can be used to look up
|
1486
|
+
// credential-specific state, such as a handle to the private key.
|
1487
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set_private_key_method(
|
1488
|
+
SSL_CREDENTIAL *cred, const SSL_PRIVATE_KEY_METHOD *key_method);
|
1489
|
+
|
1332
1490
|
// SSL_can_release_private_key returns one if |ssl| will no longer call into the
|
1333
1491
|
// private key and zero otherwise. If the function returns one, the caller can
|
1334
1492
|
// release state associated with the private key.
|
@@ -2674,19 +2832,17 @@ OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
|
|
2674
2832
|
// SSL_CTX_get_cert_store returns |ctx|'s certificate store.
|
2675
2833
|
OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
|
2676
2834
|
|
2677
|
-
// SSL_CTX_set_default_verify_paths
|
2678
|
-
//
|
2835
|
+
// SSL_CTX_set_default_verify_paths calls |X509_STORE_set_default_paths| on
|
2836
|
+
// |ctx|'s store. See that function for details.
|
2837
|
+
//
|
2838
|
+
// Using this function is not recommended. In OpenSSL, these defaults are
|
2839
|
+
// determined by OpenSSL's install prefix. There is no corresponding concept for
|
2840
|
+
// BoringSSL. Future versions of BoringSSL may change or remove this
|
2841
|
+
// functionality.
|
2679
2842
|
OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
|
2680
2843
|
|
2681
|
-
// SSL_CTX_load_verify_locations
|
2682
|
-
//
|
2683
|
-
// it is opened and PEM-encoded CA certificates are read. If |ca_dir| is passed,
|
2684
|
-
// it is treated as a directory in OpenSSL's hashed directory format. It returns
|
2685
|
-
// one on success and zero on failure.
|
2686
|
-
//
|
2687
|
-
// See
|
2688
|
-
// https://www.openssl.org/docs/man1.1.0/man3/SSL_CTX_load_verify_locations.html
|
2689
|
-
// for documentation on the directory format.
|
2844
|
+
// SSL_CTX_load_verify_locations calls |X509_STORE_load_locations| on |ctx|'s
|
2845
|
+
// store. See that function for details.
|
2690
2846
|
OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx,
|
2691
2847
|
const char *ca_file,
|
2692
2848
|
const char *ca_dir);
|
@@ -3335,41 +3491,34 @@ OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl);
|
|
3335
3491
|
|
3336
3492
|
// Delegated credentials.
|
3337
3493
|
//
|
3338
|
-
//
|
3339
|
-
//
|
3340
|
-
// draft-ietf-tls-subcerts is a proposed extension for TLS 1.3 and above that
|
3341
|
-
// allows an end point to use its certificate to delegate credentials for
|
3342
|
-
// authentication. If the peer indicates support for this extension, then this
|
3343
|
-
// host may use a delegated credential to sign the handshake. Once issued,
|
3494
|
+
// Delegated credentials (RFC 9345) allow a TLS 1.3 endpoint to use its
|
3495
|
+
// certificate to issue new credentials for authentication. Once issued,
|
3344
3496
|
// credentials can't be revoked. In order to mitigate the damage in case the
|
3345
3497
|
// credential secret key is compromised, the credential is only valid for a
|
3346
|
-
// short time (days, hours, or even minutes).
|
3347
|
-
// of the protocol spec.
|
3348
|
-
//
|
3349
|
-
// The extension ID has not been assigned; we're using 0xff02 for the time
|
3350
|
-
// being. Currently only the server side is implemented.
|
3498
|
+
// short time (days, hours, or even minutes).
|
3351
3499
|
//
|
3352
|
-
//
|
3353
|
-
//
|
3354
|
-
//
|
3500
|
+
// Currently only the authenticating side, as a server, is implemented. To
|
3501
|
+
// authenticate with delegated credentials, construct an |SSL_CREDENTIAL| with
|
3502
|
+
// |SSL_CREDENTIAL_new_delegated| and add it to the credential list. See also
|
3503
|
+
// |SSL_CTX_add1_credential|. Callers may configure a mix of delegated
|
3504
|
+
// credentials and X.509 credentials on the same |SSL| or |SSL_CTX| to support a
|
3505
|
+
// range of clients.
|
3355
3506
|
|
3356
|
-
//
|
3357
|
-
//
|
3358
|
-
//
|
3359
|
-
// Currently (as of draft-03), only servers may configure a DC to use in the
|
3360
|
-
// handshake.
|
3507
|
+
// SSL_CREDENTIAL_new_delegated returns a new, empty delegated credential, or
|
3508
|
+
// NULL on error. Callers should release the result with |SSL_CREDENTIAL_free|
|
3509
|
+
// when done.
|
3361
3510
|
//
|
3362
|
-
//
|
3363
|
-
//
|
3364
|
-
//
|
3365
|
-
|
3366
|
-
OPENSSL_EXPORT int SSL_set1_delegated_credential(
|
3367
|
-
SSL *ssl, CRYPTO_BUFFER *dc, EVP_PKEY *pkey,
|
3368
|
-
const SSL_PRIVATE_KEY_METHOD *key_method);
|
3511
|
+
// Callers should configure a delegated credential, certificate chain and
|
3512
|
+
// private key on the credential, along with other properties, then add it with
|
3513
|
+
// |SSL_CTX_add1_credential|.
|
3514
|
+
OPENSSL_EXPORT SSL_CREDENTIAL *SSL_CREDENTIAL_new_delegated(void);
|
3369
3515
|
|
3370
|
-
//
|
3371
|
-
// and zero
|
3372
|
-
|
3516
|
+
// SSL_CREDENTIAL_set1_delegated_credential sets |cred|'s delegated credentials
|
3517
|
+
// structure to |dc|. It returns one on success and zero on error, including if
|
3518
|
+
// |dc| is malformed. This should be a DelegatedCredential structure, signed by
|
3519
|
+
// the end-entity certificate, as described in RFC 9345.
|
3520
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set1_delegated_credential(
|
3521
|
+
SSL_CREDENTIAL *cred, CRYPTO_BUFFER *dc);
|
3373
3522
|
|
3374
3523
|
|
3375
3524
|
// QUIC integration.
|
@@ -3838,7 +3987,7 @@ OPENSSL_EXPORT void SSL_get0_ech_retry_configs(
|
|
3838
3987
|
// to the size of the buffer. The caller must call |OPENSSL_free| on |*out| to
|
3839
3988
|
// release the memory. On failure, it returns zero.
|
3840
3989
|
//
|
3841
|
-
// The |config_id| field is a single byte
|
3990
|
+
// The |config_id| field is a single byte identifier for the ECHConfig. Reusing
|
3842
3991
|
// config IDs is allowed, but if multiple ECHConfigs with the same config ID are
|
3843
3992
|
// active at a time, server load may increase. See
|
3844
3993
|
// |SSL_ECH_KEYS_has_duplicate_config_id|.
|
@@ -4034,6 +4183,15 @@ OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp,
|
|
4034
4183
|
CRYPTO_EX_dup *dup_unused,
|
4035
4184
|
CRYPTO_EX_free *free_func);
|
4036
4185
|
|
4186
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_set_ex_data(SSL_CREDENTIAL *cred, int idx,
|
4187
|
+
void *data);
|
4188
|
+
OPENSSL_EXPORT void *SSL_CREDENTIAL_get_ex_data(const SSL_CREDENTIAL *cred,
|
4189
|
+
int idx);
|
4190
|
+
OPENSSL_EXPORT int SSL_CREDENTIAL_get_ex_new_index(long argl, void *argp,
|
4191
|
+
CRYPTO_EX_unused *unused,
|
4192
|
+
CRYPTO_EX_dup *dup_unused,
|
4193
|
+
CRYPTO_EX_free *free_func);
|
4194
|
+
|
4037
4195
|
|
4038
4196
|
// Low-level record-layer state.
|
4039
4197
|
|
@@ -4217,9 +4375,18 @@ OPENSSL_EXPORT void SSL_set_msg_callback_arg(SSL *ssl, void *arg);
|
|
4217
4375
|
// access to the log.
|
4218
4376
|
//
|
4219
4377
|
// The format is described in
|
4220
|
-
// https://
|
4221
|
-
|
4222
|
-
|
4378
|
+
// https://www.ietf.org/archive/id/draft-ietf-tls-keylogfile-01.html
|
4379
|
+
//
|
4380
|
+
// WARNING: The data in |line| allows an attacker to break security properties
|
4381
|
+
// of the TLS protocol, including confidentiality, integrity, and forward
|
4382
|
+
// secrecy. This impacts both the current connection, and, in TLS 1.2, future
|
4383
|
+
// connections that resume a session from it. Both direct access to the data and
|
4384
|
+
// side channel leaks from application code are possible attack vectors. This
|
4385
|
+
// callback is intended for debugging and should not be used in production
|
4386
|
+
// connections.
|
4387
|
+
OPENSSL_EXPORT void SSL_CTX_set_keylog_callback(SSL_CTX *ctx,
|
4388
|
+
void (*cb)(const SSL *ssl,
|
4389
|
+
const char *line));
|
4223
4390
|
|
4224
4391
|
// SSL_CTX_get_keylog_callback returns the callback configured by
|
4225
4392
|
// |SSL_CTX_set_keylog_callback|.
|
@@ -4626,6 +4793,24 @@ OPENSSL_EXPORT int SSL_used_hello_retry_request(const SSL *ssl);
|
|
4626
4793
|
// https://bugs.openjdk.java.net/browse/JDK-8213202
|
4627
4794
|
OPENSSL_EXPORT void SSL_set_jdk11_workaround(SSL *ssl, int enable);
|
4628
4795
|
|
4796
|
+
// SSL_set_check_client_certificate_type configures whether the client, in
|
4797
|
+
// TLS 1.2 and below, will check its certificate against the server's requested
|
4798
|
+
// certificate types.
|
4799
|
+
//
|
4800
|
+
// By default, this option is enabled. If disabled, certificate selection within
|
4801
|
+
// the library may not function correctly. This flag is provided temporarily in
|
4802
|
+
// case of compatibility issues. It will be removed sometime after June 2024.
|
4803
|
+
OPENSSL_EXPORT void SSL_set_check_client_certificate_type(SSL *ssl, int enable);
|
4804
|
+
|
4805
|
+
// SSL_set_check_ecdsa_curve configures whether the server, in TLS 1.2 and
|
4806
|
+
// below, will check its certificate against the client's supported ECDSA
|
4807
|
+
// curves.
|
4808
|
+
//
|
4809
|
+
// By default, this option is enabled. If disabled, certificate selection within
|
4810
|
+
// the library may not function correctly. This flag is provided temporarily in
|
4811
|
+
// case of compatibility issues. It will be removed sometime after June 2024.
|
4812
|
+
OPENSSL_EXPORT void SSL_set_check_ecdsa_curve(SSL *ssl, int enable);
|
4813
|
+
|
4629
4814
|
|
4630
4815
|
// Deprecated functions.
|
4631
4816
|
|
@@ -5315,6 +5500,25 @@ OPENSSL_EXPORT int SSL_set1_curves_list(SSL *ssl, const char *curves);
|
|
5315
5500
|
// returns this value, but we define this constant for compatibility.
|
5316
5501
|
#define TLSEXT_nid_unknown 0x1000000
|
5317
5502
|
|
5503
|
+
// SSL_CTX_check_private_key returns one if |ctx| has both a certificate and
|
5504
|
+
// private key, and zero otherwise.
|
5505
|
+
//
|
5506
|
+
// This function does not check consistency because the library checks when the
|
5507
|
+
// certificate and key are individually configured. However, if the private key
|
5508
|
+
// is configured before the certificate, inconsistent private keys are silently
|
5509
|
+
// dropped. Some callers are inadvertently relying on this function to detect
|
5510
|
+
// when this happens.
|
5511
|
+
//
|
5512
|
+
// Instead, callers should configure the certificate first, then the private
|
5513
|
+
// key, checking for errors in each. This function is then unnecessary.
|
5514
|
+
OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx);
|
5515
|
+
|
5516
|
+
// SSL_check_private_key returns one if |ssl| has both a certificate and private
|
5517
|
+
// key, and zero otherwise.
|
5518
|
+
//
|
5519
|
+
// See discussion in |SSL_CTX_check_private_key|.
|
5520
|
+
OPENSSL_EXPORT int SSL_check_private_key(const SSL *ssl);
|
5521
|
+
|
5318
5522
|
|
5319
5523
|
// Compliance policy configurations
|
5320
5524
|
//
|
@@ -5543,6 +5747,8 @@ extern "C++" {
|
|
5543
5747
|
BSSL_NAMESPACE_BEGIN
|
5544
5748
|
|
5545
5749
|
BORINGSSL_MAKE_DELETER(SSL, SSL_free)
|
5750
|
+
BORINGSSL_MAKE_DELETER(SSL_CREDENTIAL, SSL_CREDENTIAL_free)
|
5751
|
+
BORINGSSL_MAKE_UP_REF(SSL_CREDENTIAL, SSL_CREDENTIAL_up_ref)
|
5546
5752
|
BORINGSSL_MAKE_DELETER(SSL_CTX, SSL_CTX_free)
|
5547
5753
|
BORINGSSL_MAKE_UP_REF(SSL_CTX, SSL_CTX_up_ref)
|
5548
5754
|
BORINGSSL_MAKE_DELETER(SSL_ECH_KEYS, SSL_ECH_KEYS_free)
|
@@ -139,7 +139,8 @@ STACK_OF(SAMPLE) *sk_SAMPLE_new(sk_SAMPLE_cmp_func comp);
|
|
139
139
|
STACK_OF(SAMPLE) *sk_SAMPLE_new_null(void);
|
140
140
|
|
141
141
|
// sk_SAMPLE_num returns the number of elements in |sk|. It is safe to cast this
|
142
|
-
// value to |int|. |sk| is guaranteed to have at most |INT_MAX| elements.
|
142
|
+
// value to |int|. |sk| is guaranteed to have at most |INT_MAX| elements. If
|
143
|
+
// |sk| is NULL, it is treated as the empty list and this function returns zero.
|
143
144
|
size_t sk_SAMPLE_num(const STACK_OF(SAMPLE) *sk);
|
144
145
|
|
145
146
|
// sk_SAMPLE_zero resets |sk| to the empty state but does nothing to free the
|
@@ -147,7 +148,8 @@ size_t sk_SAMPLE_num(const STACK_OF(SAMPLE) *sk);
|
|
147
148
|
void sk_SAMPLE_zero(STACK_OF(SAMPLE) *sk);
|
148
149
|
|
149
150
|
// sk_SAMPLE_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
|
150
|
-
// range.
|
151
|
+
// range. If |sk| is NULL, it is treated as an empty list and the function
|
152
|
+
// returns NULL.
|
151
153
|
SAMPLE *sk_SAMPLE_value(const STACK_OF(SAMPLE) *sk, size_t i);
|
152
154
|
|
153
155
|
// sk_SAMPLE_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i|
|
@@ -195,7 +197,8 @@ void sk_SAMPLE_delete_if(STACK_OF(SAMPLE) *sk, sk_SAMPLE_delete_if_func func,
|
|
195
197
|
// If the stack is sorted (see |sk_SAMPLE_sort|), this function uses a binary
|
196
198
|
// search. Otherwise it performs a linear search. If it finds a matching
|
197
199
|
// element, it writes the index to |*out_index| (if |out_index| is not NULL) and
|
198
|
-
// returns one. Otherwise, it returns zero.
|
200
|
+
// returns one. Otherwise, it returns zero. If |sk| is NULL, it is treated as
|
201
|
+
// the empty list and the function returns zero.
|
199
202
|
//
|
200
203
|
// Note this differs from OpenSSL. The type signature is slightly different, and
|
201
204
|
// OpenSSL's version will implicitly sort |sk| if it has a comparison function
|
@@ -399,6 +402,9 @@ BSSL_NAMESPACE_END
|
|
399
402
|
* positive warning. */ \
|
400
403
|
OPENSSL_MSVC_PRAGMA(warning(push)) \
|
401
404
|
OPENSSL_MSVC_PRAGMA(warning(disable : 4191)) \
|
405
|
+
OPENSSL_CLANG_PRAGMA("clang diagnostic push") \
|
406
|
+
OPENSSL_CLANG_PRAGMA("clang diagnostic ignored \"-Wunknown-warning-option\"") \
|
407
|
+
OPENSSL_CLANG_PRAGMA("clang diagnostic ignored \"-Wcast-function-type-strict\"") \
|
402
408
|
\
|
403
409
|
DECLARE_STACK_OF(name) \
|
404
410
|
\
|
@@ -534,6 +540,7 @@ BSSL_NAMESPACE_END
|
|
534
540
|
(OPENSSL_sk_free_func)free_func); \
|
535
541
|
} \
|
536
542
|
\
|
543
|
+
OPENSSL_CLANG_PRAGMA("clang diagnostic pop") \
|
537
544
|
OPENSSL_MSVC_PRAGMA(warning(pop))
|
538
545
|
|
539
546
|
|
@@ -84,18 +84,18 @@
|
|
84
84
|
|
85
85
|
// Trusty and Android baremetal aren't Linux but currently define __linux__.
|
86
86
|
// As a workaround, we exclude them here.
|
87
|
-
// We also exclude nanolibc/CrOS EC
|
88
|
-
//
|
89
|
-
//
|
90
|
-
//
|
91
|
-
//
|
87
|
+
// We also exclude nanolibc/CrOS EC. nanolibc/CrOS EC sometimes build for a
|
88
|
+
// non-Linux target (which should not define __linux__), but also sometimes
|
89
|
+
// build for Linux. Although technically running in Linux userspace, this lacks
|
90
|
+
// all the libc APIs we'd normally expect on Linux, so we treat it as a
|
91
|
+
// non-Linux target.
|
92
92
|
//
|
93
93
|
// TODO(b/169780122): Remove this workaround once Trusty no longer defines it.
|
94
94
|
// TODO(b/291101350): Remove this workaround once Android baremetal no longer
|
95
95
|
// defines it.
|
96
96
|
#if defined(__linux__) && !defined(__TRUSTY__) && \
|
97
97
|
!defined(ANDROID_BAREMETAL) && !defined(OPENSSL_NANOLIBC) && \
|
98
|
-
!defined(CROS_EC)
|
98
|
+
!defined(CROS_EC)
|
99
99
|
#define OPENSSL_LINUX
|
100
100
|
#endif
|
101
101
|
|
@@ -148,16 +148,19 @@
|
|
148
148
|
#define OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED
|
149
149
|
#endif
|
150
150
|
|
151
|
-
//
|
151
|
+
// Zephyr is an open source RTOS, optimized for embedded devices.
|
152
152
|
// Defining this on any other platform is not supported. Other embedded
|
153
153
|
// platforms must introduce their own defines.
|
154
154
|
//
|
155
|
-
//
|
156
|
-
|
155
|
+
// Zephyr supports multithreading with cooperative and preemptive scheduling.
|
156
|
+
// It also implements POSIX Threads (pthread) API, so it's not necessary to
|
157
|
+
// implement BoringSSL internal threading API using some custom API.
|
158
|
+
//
|
159
|
+
// https://www.zephyrproject.org/
|
160
|
+
#if defined(__ZEPHYR__)
|
157
161
|
#define OPENSSL_NO_FILESYSTEM
|
158
162
|
#define OPENSSL_NO_POSIX_IO
|
159
163
|
#define OPENSSL_NO_SOCK
|
160
|
-
#define OPENSSL_NO_THREADS_CORRUPT_MEMORY_AND_LEAK_SECRETS_IF_THREADED
|
161
164
|
#endif
|
162
165
|
|
163
166
|
#if defined(__ANDROID_API__)
|
@@ -239,8 +239,8 @@ extern "C" {
|
|
239
239
|
// ExtensionType value from RFC 5746
|
240
240
|
#define TLSEXT_TYPE_renegotiate 0xff01
|
241
241
|
|
242
|
-
// ExtensionType value from
|
243
|
-
#define TLSEXT_TYPE_delegated_credential
|
242
|
+
// ExtensionType value from RFC 9345
|
243
|
+
#define TLSEXT_TYPE_delegated_credential 34
|
244
244
|
|
245
245
|
// ExtensionType value from draft-vvv-tls-alps. This is not an IANA defined
|
246
246
|
// extension number.
|