grpc 1.63.0 → 1.71.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +415 -416
- data/include/grpc/compression.h +1 -2
- data/include/grpc/credentials.h +1221 -0
- data/include/grpc/event_engine/README.md +1 -1
- data/include/grpc/event_engine/endpoint_config.h +7 -7
- data/include/grpc/event_engine/event_engine.h +83 -20
- data/include/grpc/event_engine/extensible.h +5 -2
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +4 -4
- data/include/grpc/event_engine/internal/slice_cast.h +1 -1
- data/include/grpc/event_engine/memory_allocator.h +3 -4
- data/include/grpc/event_engine/memory_request.h +19 -2
- data/include/grpc/event_engine/slice.h +3 -5
- data/include/grpc/event_engine/slice_buffer.h +6 -8
- data/include/grpc/grpc.h +8 -2
- data/include/grpc/grpc_audit_logging.h +3 -3
- data/include/grpc/grpc_crl_provider.h +5 -4
- data/include/grpc/grpc_posix.h +1 -2
- data/include/grpc/grpc_security.h +1 -1173
- data/include/grpc/impl/call.h +2 -2
- data/include/grpc/impl/channel_arg_names.h +10 -7
- data/include/grpc/impl/grpc_types.h +1 -2
- data/include/grpc/impl/slice_type.h +1 -2
- data/include/grpc/module.modulemap +2 -0
- data/include/grpc/passive_listener.h +62 -0
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/alloc.h +1 -2
- data/include/grpc/support/atm.h +0 -13
- data/include/grpc/support/json.h +17 -18
- data/include/grpc/support/log.h +37 -64
- data/include/grpc/support/metrics.h +21 -6
- data/include/grpc/support/port_platform.h +31 -1
- data/include/grpc/support/sync_generic.h +2 -4
- data/include/grpc/support/sync_posix.h +1 -2
- data/include/grpc/support/time.h +1 -2
- data/src/core/call/request_buffer.cc +224 -0
- data/src/core/call/request_buffer.h +192 -0
- data/src/core/channelz/channel_trace.cc +180 -0
- data/src/core/channelz/channel_trace.h +138 -0
- data/src/core/channelz/channelz.cc +670 -0
- data/src/core/channelz/channelz.h +402 -0
- data/src/core/channelz/channelz_registry.cc +274 -0
- data/src/core/channelz/channelz_registry.h +101 -0
- data/src/core/client_channel/backup_poller.cc +25 -16
- data/src/core/client_channel/client_channel.cc +1415 -0
- data/src/core/client_channel/client_channel.h +245 -0
- data/src/core/client_channel/client_channel_args.h +21 -0
- data/src/core/client_channel/client_channel_factory.cc +2 -2
- data/src/core/client_channel/client_channel_factory.h +1 -2
- data/src/core/client_channel/client_channel_filter.cc +436 -1030
- data/src/core/client_channel/client_channel_filter.h +34 -87
- data/src/core/client_channel/client_channel_internal.h +26 -11
- data/src/core/client_channel/client_channel_plugin.cc +4 -18
- data/src/core/client_channel/client_channel_service_config.cc +3 -4
- data/src/core/client_channel/client_channel_service_config.h +13 -15
- data/src/core/client_channel/config_selector.h +25 -25
- data/src/core/client_channel/connector.h +4 -4
- data/src/core/client_channel/direct_channel.cc +83 -0
- data/src/core/client_channel/direct_channel.h +101 -0
- data/src/core/client_channel/dynamic_filters.cc +19 -16
- data/src/core/client_channel/dynamic_filters.h +9 -10
- data/src/core/client_channel/global_subchannel_pool.cc +2 -2
- data/src/core/client_channel/global_subchannel_pool.h +2 -3
- data/src/core/client_channel/lb_metadata.cc +119 -0
- data/src/core/client_channel/lb_metadata.h +55 -0
- data/src/core/client_channel/load_balanced_call_destination.cc +273 -0
- data/src/core/client_channel/load_balanced_call_destination.h +48 -0
- data/src/core/client_channel/local_subchannel_pool.cc +6 -7
- data/src/core/client_channel/local_subchannel_pool.h +1 -1
- data/src/core/client_channel/retry_filter.cc +9 -18
- data/src/core/client_channel/retry_filter.h +10 -18
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +224 -335
- data/src/core/client_channel/retry_filter_legacy_call_data.h +18 -21
- data/src/core/client_channel/retry_interceptor.cc +408 -0
- data/src/core/client_channel/retry_interceptor.h +157 -0
- data/src/core/client_channel/retry_service_config.cc +11 -14
- data/src/core/client_channel/retry_service_config.h +22 -11
- data/src/core/client_channel/retry_throttle.cc +34 -20
- data/src/core/client_channel/retry_throttle.h +6 -9
- data/src/core/client_channel/subchannel.cc +333 -247
- data/src/core/client_channel/subchannel.h +52 -45
- data/src/core/client_channel/subchannel_interface_internal.h +1 -1
- data/src/core/client_channel/subchannel_pool_interface.cc +1 -5
- data/src/core/client_channel/subchannel_pool_interface.h +4 -7
- data/src/core/client_channel/subchannel_stream_client.cc +47 -62
- data/src/core/client_channel/subchannel_stream_client.h +13 -17
- data/src/core/config/config_vars.cc +152 -0
- data/src/core/config/config_vars.h +129 -0
- data/src/core/config/config_vars_non_generated.cc +49 -0
- data/src/core/config/core_configuration.cc +111 -0
- data/src/core/config/core_configuration.h +242 -0
- data/src/core/config/load_config.cc +78 -0
- data/src/core/config/load_config.h +54 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +29 -40
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +11 -9
- data/src/core/ext/filters/backend_metrics/backend_metric_provider.h +7 -0
- data/src/core/ext/filters/census/grpc_context.cc +7 -10
- data/src/core/ext/filters/channel_idle/idle_filter_state.cc +1 -2
- data/src/core/ext/filters/channel_idle/idle_filter_state.h +0 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +45 -48
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +22 -19
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +31 -42
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +13 -12
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +3 -4
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +7 -10
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +198 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +97 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +80 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +86 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +19 -17
- data/src/core/ext/filters/http/client/http_client_filter.h +11 -9
- data/src/core/ext/filters/http/client_authority_filter.cc +18 -21
- data/src/core/ext/filters/http/client_authority_filter.h +13 -10
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -2
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +73 -72
- data/src/core/ext/filters/http/message_compress/compression_filter.h +32 -23
- data/src/core/ext/filters/http/server/http_server_filter.cc +20 -22
- data/src/core/ext/filters/http/server/http_server_filter.h +11 -9
- data/src/core/ext/filters/message_size/message_size_filter.cc +52 -73
- data/src/core/ext/filters/message_size/message_size_filter.h +38 -35
- data/src/core/ext/filters/rbac/rbac_filter.cc +19 -24
- data/src/core/ext/filters/rbac/rbac_filter.h +13 -12
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +19 -13
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +3 -5
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +26 -33
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +11 -9
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +3 -4
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +8 -10
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +4 -5
- data/src/core/ext/transport/chttp2/alpn/alpn.h +0 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +85 -118
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +9 -15
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1008 -384
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +221 -12
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +27 -39
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +1 -3
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +10 -12
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -3
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +53 -0
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +72 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +750 -598
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +21 -23
- data/src/core/ext/transport/chttp2/transport/context_list_entry.h +1 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +2 -2
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +12 -17
- data/src/core/ext/transport/chttp2/transport/flow_control.h +7 -12
- data/src/core/ext/transport/chttp2/transport/frame.cc +27 -10
- data/src/core/ext/transport/chttp2/transport/frame.h +14 -5
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +21 -22
- data/src/core/ext/transport/chttp2/transport/frame_data.h +3 -5
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -18
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +16 -21
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +19 -20
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +6 -6
- data/src/core/ext/transport/chttp2/transport/frame_security.cc +80 -0
- data/src/core/ext/transport/chttp2/transport/frame_security.h +44 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +41 -26
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +31 -10
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +4 -4
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +21 -22
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +18 -15
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +10 -10
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +3 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +4 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +7 -10
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +111 -105
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +11 -13
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +45 -20
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +28 -9
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +15 -7
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +12 -6
- data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/internal.h +86 -85
- data/src/core/ext/transport/chttp2/transport/legacy_frame.h +1 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +147 -133
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +4 -5
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +1 -1
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +6 -9
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +4 -9
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +35 -21
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +8 -9
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +20 -21
- data/src/core/ext/transport/chttp2/transport/stream_lists.h +65 -0
- data/src/core/ext/transport/chttp2/transport/varint.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/varint.h +2 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/write_size_policy.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +182 -150
- data/src/core/ext/transport/inproc/inproc_transport.cc +156 -76
- data/src/core/ext/transport/inproc/inproc_transport.h +2 -5
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +139 -136
- data/src/core/ext/transport/inproc/legacy_inproc_transport.h +1 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +46 -15
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.c +40 -18
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +59 -27
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +36 -18
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb.h +50 -15
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.c +44 -22
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +190 -55
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +162 -84
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.h +24 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb.h +11 -5
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.c +14 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb.h +19 -6
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb.h +11 -10
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +8 -7
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb.h +8 -7
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +145 -82
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +40 -27
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb.h +9 -6
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb.h +9 -8
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb.h +18 -8
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +91 -34
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +114 -48
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +544 -254
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +265 -149
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.h +29 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +41 -14
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +31 -17
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +529 -141
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +270 -143
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.h +31 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +12 -7
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +171 -27
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +54 -27
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +127 -35
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +125 -63
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.h +20 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +67 -27
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +60 -26
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb.h +11 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +871 -72
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +346 -75
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +41 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +67 -25
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +57 -27
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb.h +9 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb.h +11 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.c +14 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +201 -62
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +120 -53
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.h +19 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +196 -62
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +95 -53
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +13 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +10 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +322 -76
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +162 -84
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb.h +10 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.c +14 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb.h +15 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +244 -31
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +79 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +23 -11
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +17 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb.h +11 -6
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +42 -11
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +35 -17
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +106 -34
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +69 -37
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +281 -37
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +81 -27
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +142 -47
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +90 -47
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +92 -129
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +66 -57
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +11 -5
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +178 -13
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +46 -14
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb.h +14 -7
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.c +16 -6
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +14 -9
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +51 -22
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +58 -24
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +70 -22
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.c +71 -29
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +311 -38
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +141 -63
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +18 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +61 -13
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +33 -19
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +961 -237
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +567 -273
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +67 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +20 -10
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +22 -8
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +100 -35
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +95 -45
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.h +17 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb.h +118 -16
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.c +43 -12
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +9 -6
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +12 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.c +17 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb.h +10 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +20 -8
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +13 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +17 -10
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +5 -6
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +5 -5
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +19 -10
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +19 -9
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +14 -11
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +216 -102
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +124 -57
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +24 -11
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.c +33 -11
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +42 -22
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +27 -13
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +444 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +135 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.h +38 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +56 -13
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +29 -13
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +29 -12
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +20 -10
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +13 -8
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +17 -7
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +343 -134
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +209 -121
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.h +26 -4
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +83 -10
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +28 -11
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +31 -14
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +39 -17
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +6 -5
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +22 -11
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +14 -8
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +105 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +51 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +170 -31
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +83 -37
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +25 -12
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.c +27 -13
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +214 -63
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +100 -61
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +51 -13
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +23 -11
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +58 -20
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +44 -26
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +373 -58
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +144 -61
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +18 -8
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +67 -25
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +47 -25
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +10 -7
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +16 -6
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.c +26 -8
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +42 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +16 -7
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb.h +10 -9
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.c +23 -1
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +16 -8
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb.h +13 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +9 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +8 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +16 -9
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +24 -10
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.c +11 -1
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +51 -10
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.c +30 -9
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +14 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +30 -12
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +32 -14
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +24 -10
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.c +40 -10
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +30 -17
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +33 -11
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +12 -7
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.c +19 -5
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb.h +6 -5
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb.h +8 -7
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.c +11 -1
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb.h +11 -10
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.c +15 -1
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +14 -9
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb.h +8 -7
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb.h +12 -7
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/api/annotations.upb.h +17 -7
- data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.c +5 -2
- data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +135 -36
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +121 -56
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.h +18 -4
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +525 -69
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +202 -68
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.h +23 -4
- data/src/core/ext/upb-gen/google/api/http.upb.h +30 -16
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +22 -8
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/google/api/httpbody.upb.h +12 -6
- data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/any.upb.h +8 -6
- data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +583 -181
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +376 -215
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +56 -21
- data/src/core/ext/upb-gen/google/protobuf/duration.upb.h +8 -6
- data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/empty.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +33 -10
- data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.c +32 -14
- data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb.h +8 -6
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb.h +15 -13
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.c +39 -1
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/google/rpc/status.upb.h +12 -6
- data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +19 -10
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +98 -39
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +87 -37
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.h +17 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +14 -8
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +15 -5
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb.h +8 -6
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.c +11 -1
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +47 -22
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +58 -20
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +16 -8
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +18 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +72 -19
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +60 -22
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb.h +69 -23
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.c +31 -12
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/udpa/annotations/security.upb.h +19 -9
- data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb.h +6 -5
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/udpa/annotations/status.upb.h +19 -9
- data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb.h +18 -8
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/validate/validate.upb.h +264 -172
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +185 -87
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.h +29 -5
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb.h +69 -23
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.c +31 -12
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb.h +19 -9
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb.h +6 -5
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb.h +46 -18
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.c +32 -11
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb.h +18 -8
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.c +13 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb.h +6 -5
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb.h +9 -6
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +16 -9
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +11 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.c +14 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb.h +9 -6
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +12 -7
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +11 -5
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +21 -11
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb.h +11 -8
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +29 -10
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.c +24 -6
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb.h +8 -5
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +9 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb.h +13 -5
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.c +17 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb.h +5 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +19 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +18 -8
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +81 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +85 -43
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb.h +44 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.c +48 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.h +11 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +9 -6
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.c +14 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +18 -10
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.c +17 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +17 -8
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.c +19 -9
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/range.upb.h +12 -10
- data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.c +15 -1
- data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb.h +9 -6
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.c +10 -4
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.h +6 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +13 -11
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +90 -82
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +63 -61
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +223 -211
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +419 -393
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +116 -106
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +201 -147
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +35 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +12 -12
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +175 -165
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +199 -188
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +272 -255
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +31 -20
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +20 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +41 -37
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +124 -94
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +43 -40
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +60 -66
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -9
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +75 -56
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +51 -49
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +119 -97
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +922 -895
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +15 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +32 -21
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +20 -18
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +17 -19
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +23 -21
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +147 -143
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +87 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +48 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +38 -34
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +465 -459
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +96 -88
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +204 -192
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +21 -18
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +150 -136
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +25 -23
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +28 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +41 -34
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +110 -108
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +103 -79
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +15 -4
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +485 -458
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -4
- data/src/core/filter/blackboard.cc +33 -0
- data/src/core/filter/blackboard.h +70 -0
- data/src/core/filter/filter_args.h +112 -0
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.cc +81 -0
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.h +37 -0
- data/src/core/handshaker/handshaker.cc +196 -0
- data/src/core/handshaker/handshaker.h +170 -0
- data/src/core/handshaker/handshaker_factory.h +89 -0
- data/src/core/handshaker/handshaker_registry.cc +60 -0
- data/src/core/handshaker/handshaker_registry.h +69 -0
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +357 -0
- data/src/core/handshaker/http_connect/http_connect_handshaker.h +42 -0
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +296 -0
- data/src/core/handshaker/http_connect/http_proxy_mapper.h +52 -0
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +57 -0
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +46 -0
- data/src/core/handshaker/proxy_mapper.h +52 -0
- data/src/core/handshaker/proxy_mapper_registry.cc +70 -0
- data/src/core/handshaker/proxy_mapper_registry.h +74 -0
- data/src/core/handshaker/security/secure_endpoint.cc +578 -0
- data/src/core/handshaker/security/secure_endpoint.h +41 -0
- data/src/core/handshaker/security/security_handshaker.cc +626 -0
- data/src/core/handshaker/security/security_handshaker.h +45 -0
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +232 -0
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.h +39 -0
- data/src/core/lib/address_utils/parse_address.cc +33 -44
- data/src/core/lib/address_utils/parse_address.h +1 -3
- data/src/core/lib/address_utils/sockaddr_utils.cc +22 -19
- data/src/core/lib/address_utils/sockaddr_utils.h +0 -2
- data/src/core/lib/channel/channel_args.cc +33 -39
- data/src/core/lib/channel/channel_args.h +42 -29
- data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
- data/src/core/lib/channel/channel_args_preconditioning.h +2 -3
- data/src/core/lib/channel/channel_stack.cc +19 -81
- data/src/core/lib/channel/channel_stack.h +27 -63
- data/src/core/lib/channel/channel_stack_builder.cc +2 -2
- data/src/core/lib/channel/channel_stack_builder.h +1 -7
- data/src/core/lib/channel/channel_stack_builder_impl.cc +5 -157
- data/src/core/lib/channel/channel_stack_builder_impl.h +13 -3
- data/src/core/lib/channel/connected_channel.cc +50 -707
- data/src/core/lib/channel/promise_based_filter.cc +258 -333
- data/src/core/lib/channel/promise_based_filter.h +265 -635
- data/src/core/lib/channel/status_util.cc +2 -4
- data/src/core/lib/channel/status_util.h +1 -2
- data/src/core/lib/compression/compression.cc +9 -11
- data/src/core/lib/compression/compression_internal.cc +16 -19
- data/src/core/lib/compression/compression_internal.h +5 -8
- data/src/core/lib/compression/message_compress.cc +16 -18
- data/src/core/lib/compression/message_compress.h +1 -2
- data/src/core/lib/debug/trace.cc +48 -67
- data/src/core/lib/debug/trace.h +2 -97
- data/src/core/lib/debug/trace_flags.cc +245 -0
- data/src/core/lib/debug/trace_flags.h +132 -0
- data/src/core/lib/debug/trace_impl.h +125 -0
- data/src/core/lib/event_engine/ares_resolver.cc +171 -100
- data/src/core/lib/event_engine/ares_resolver.h +17 -28
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +16 -19
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +3 -5
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +53 -41
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +6 -10
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +3 -5
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +29 -36
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +7 -10
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +8 -12
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +7 -10
- data/src/core/lib/event_engine/common_closures.h +3 -6
- data/src/core/lib/event_engine/default_event_engine.cc +69 -43
- data/src/core/lib/event_engine/default_event_engine.h +27 -37
- data/src/core/lib/event_engine/default_event_engine_factory.cc +9 -16
- data/src/core/lib/event_engine/default_event_engine_factory.h +3 -6
- data/src/core/lib/event_engine/event_engine.cc +37 -9
- data/src/core/lib/event_engine/event_engine_context.h +5 -4
- data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -4
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -5
- data/src/core/lib/event_engine/extensions/supports_fd.h +27 -6
- data/src/core/lib/event_engine/extensions/tcp_trace.h +40 -0
- data/src/core/lib/event_engine/forkable.cc +14 -17
- data/src/core/lib/event_engine/forkable.h +2 -17
- data/src/core/lib/event_engine/grpc_polled_fd.h +4 -8
- data/src/core/lib/event_engine/handle_containers.h +3 -7
- data/src/core/lib/event_engine/memory_allocator_factory.h +3 -7
- data/src/core/lib/event_engine/nameser.h +1 -1
- data/src/core/lib/event_engine/poller.h +3 -6
- data/src/core/lib/event_engine/posix.h +3 -6
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +32 -80
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +8 -12
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +31 -82
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +4 -8
- data/src/core/lib/event_engine/posix_engine/event_poller.h +3 -7
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -4
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +5 -10
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +7 -10
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -5
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +9 -13
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -5
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +5 -8
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -5
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +116 -113
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +24 -27
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +93 -71
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +18 -19
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +3 -6
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +30 -35
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +15 -17
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +29 -37
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +3 -7
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +51 -46
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +12 -14
- data/src/core/lib/event_engine/posix_engine/timer.cc +9 -12
- data/src/core/lib/event_engine/posix_engine/timer.h +8 -13
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -4
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +21 -32
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +8 -13
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +11 -18
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +26 -30
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +5 -8
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -5
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -5
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -5
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -4
- data/src/core/lib/event_engine/query_extensions.h +5 -6
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +4 -9
- data/src/core/lib/event_engine/resolved_address.cc +10 -11
- data/src/core/lib/event_engine/resolved_address_internal.h +3 -6
- data/src/core/lib/event_engine/shim.cc +5 -7
- data/src/core/lib/event_engine/shim.h +2 -4
- data/src/core/lib/event_engine/slice.cc +7 -11
- data/src/core/lib/event_engine/slice_buffer.cc +4 -8
- data/src/core/lib/event_engine/tcp_socket_utils.cc +27 -34
- data/src/core/lib/event_engine/tcp_socket_utils.h +6 -9
- data/src/core/lib/event_engine/thread_local.cc +4 -6
- data/src/core/lib/event_engine/thread_local.h +3 -5
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +7 -12
- data/src/core/lib/event_engine/thread_pool/thread_count.h +8 -24
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +3 -8
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +3 -6
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +49 -58
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +11 -19
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +52 -27
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +9 -11
- data/src/core/lib/event_engine/time_util.cc +5 -8
- data/src/core/lib/event_engine/time_util.h +3 -7
- data/src/core/lib/event_engine/utils.cc +21 -10
- data/src/core/lib/event_engine/utils.h +11 -8
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +160 -136
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +6 -10
- data/src/core/lib/event_engine/windows/iocp.cc +26 -26
- data/src/core/lib/event_engine/windows/iocp.h +4 -7
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +6 -10
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/windows/win_socket.cc +49 -40
- data/src/core/lib/event_engine/windows/win_socket.h +10 -14
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +60 -48
- data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
- data/src/core/lib/event_engine/windows/windows_engine.cc +248 -140
- data/src/core/lib/event_engine/windows/windows_engine.h +145 -37
- data/src/core/lib/event_engine/windows/windows_listener.cc +31 -47
- data/src/core/lib/event_engine/windows/windows_listener.h +6 -9
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +5 -7
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +4 -9
- data/src/core/lib/event_engine/work_queue/work_queue.h +3 -7
- data/src/core/lib/experiments/config.cc +59 -32
- data/src/core/lib/experiments/config.h +55 -2
- data/src/core/lib/experiments/experiments.cc +323 -366
- data/src/core/lib/experiments/experiments.h +153 -147
- data/src/core/lib/iomgr/buffer_list.cc +7 -8
- data/src/core/lib/iomgr/buffer_list.h +23 -24
- data/src/core/lib/iomgr/call_combiner.cc +42 -68
- data/src/core/lib/iomgr/call_combiner.h +12 -17
- data/src/core/lib/iomgr/cfstream_handle.cc +14 -22
- data/src/core/lib/iomgr/cfstream_handle.h +1 -1
- data/src/core/lib/iomgr/closure.cc +2 -2
- data/src/core/lib/iomgr/closure.h +15 -22
- data/src/core/lib/iomgr/combiner.cc +38 -53
- data/src/core/lib/iomgr/combiner.h +2 -6
- data/src/core/lib/iomgr/endpoint.cc +1 -7
- data/src/core/lib/iomgr/endpoint.h +4 -6
- data/src/core/lib/iomgr/endpoint_cfstream.cc +45 -76
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +8 -10
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +16 -17
- data/src/core/lib/iomgr/error.cc +26 -36
- data/src/core/lib/iomgr/error.h +8 -11
- data/src/core/lib/iomgr/error_cfstream.cc +1 -3
- data/src/core/lib/iomgr/ev_apple.cc +16 -24
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +81 -126
- data/src/core/lib/iomgr/ev_poll_posix.cc +62 -62
- data/src/core/lib/iomgr/ev_posix.cc +68 -60
- data/src/core/lib/iomgr/ev_posix.h +9 -12
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +11 -16
- data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -3
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +36 -56
- data/src/core/lib/iomgr/event_engine_shims/endpoint.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +10 -16
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +1 -2
- data/src/core/lib/iomgr/exec_ctx.cc +15 -25
- data/src/core/lib/iomgr/exec_ctx.h +21 -142
- data/src/core/lib/iomgr/executor.cc +60 -70
- data/src/core/lib/iomgr/executor.h +2 -2
- data/src/core/lib/iomgr/fork_posix.cc +11 -15
- data/src/core/lib/iomgr/fork_windows.cc +3 -2
- data/src/core/lib/iomgr/internal_errqueue.cc +5 -6
- data/src/core/lib/iomgr/iocp_windows.cc +16 -15
- data/src/core/lib/iomgr/iocp_windows.h +0 -1
- data/src/core/lib/iomgr/iomgr.cc +19 -26
- data/src/core/lib/iomgr/iomgr.h +0 -1
- data/src/core/lib/iomgr/iomgr_internal.cc +1 -2
- data/src/core/lib/iomgr/iomgr_internal.h +0 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +7 -6
- data/src/core/lib/iomgr/lockfree_event.cc +12 -21
- data/src/core/lib/iomgr/lockfree_event.h +1 -2
- data/src/core/lib/iomgr/nameser.h +1 -1
- data/src/core/lib/iomgr/polling_entity.cc +17 -11
- data/src/core/lib/iomgr/pollset.cc +2 -2
- data/src/core/lib/iomgr/pollset.h +0 -3
- data/src/core/lib/iomgr/pollset_set.cc +2 -2
- data/src/core/lib/iomgr/pollset_set_windows.cc +0 -1
- data/src/core/lib/iomgr/pollset_windows.cc +2 -6
- data/src/core/lib/iomgr/pollset_windows.h +0 -1
- data/src/core/lib/iomgr/port.h +2 -2
- data/src/core/lib/iomgr/python_util.h +1 -2
- data/src/core/lib/iomgr/resolve_address.cc +4 -7
- data/src/core/lib/iomgr/resolve_address.h +3 -6
- data/src/core/lib/iomgr/resolve_address_impl.h +0 -1
- data/src/core/lib/iomgr/resolve_address_posix.cc +12 -23
- data/src/core/lib/iomgr/resolve_address_windows.cc +9 -14
- data/src/core/lib/iomgr/resolved_address.h +0 -1
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +5 -6
- data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
- data/src/core/lib/iomgr/socket_factory_posix.h +1 -2
- data/src/core/lib/iomgr/socket_mutator.cc +3 -5
- data/src/core/lib/iomgr/socket_mutator.h +2 -4
- data/src/core/lib/iomgr/socket_utils.h +0 -1
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +45 -52
- data/src/core/lib/iomgr/socket_utils_linux.cc +1 -3
- data/src/core/lib/iomgr/socket_utils_posix.cc +5 -7
- data/src/core/lib/iomgr/socket_utils_posix.h +1 -2
- data/src/core/lib/iomgr/socket_utils_windows.cc +1 -3
- data/src/core/lib/iomgr/socket_windows.cc +11 -14
- data/src/core/lib/iomgr/socket_windows.h +1 -2
- data/src/core/lib/iomgr/tcp_client.cc +2 -2
- data/src/core/lib/iomgr/tcp_client.h +1 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +12 -20
- data/src/core/lib/iomgr/tcp_client_posix.cc +24 -36
- data/src/core/lib/iomgr/tcp_client_windows.cc +9 -12
- data/src/core/lib/iomgr/tcp_posix.cc +127 -195
- data/src/core/lib/iomgr/tcp_posix.h +1 -3
- data/src/core/lib/iomgr/tcp_server.cc +2 -2
- data/src/core/lib/iomgr/tcp_server.h +3 -4
- data/src/core/lib/iomgr/tcp_server_posix.cc +62 -82
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +13 -17
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +13 -14
- data/src/core/lib/iomgr/tcp_server_windows.cc +34 -42
- data/src/core/lib/iomgr/tcp_windows.cc +38 -66
- data/src/core/lib/iomgr/timer.cc +2 -2
- data/src/core/lib/iomgr/timer.h +2 -3
- data/src/core/lib/iomgr/timer_generic.cc +73 -106
- data/src/core/lib/iomgr/timer_generic.h +0 -1
- data/src/core/lib/iomgr/timer_heap.cc +4 -6
- data/src/core/lib/iomgr/timer_manager.cc +28 -53
- data/src/core/lib/iomgr/timer_manager.h +0 -1
- data/src/core/lib/iomgr/unix_sockets_posix.cc +5 -6
- data/src/core/lib/iomgr/unix_sockets_posix.h +1 -3
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +2 -4
- data/src/core/lib/iomgr/vsock.cc +5 -8
- data/src/core/lib/iomgr/vsock.h +1 -3
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -4
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +6 -7
- data/src/core/lib/promise/activity.cc +6 -5
- data/src/core/lib/promise/activity.h +86 -34
- data/src/core/lib/promise/all_ok.h +52 -9
- data/src/core/lib/promise/arena_promise.h +1 -3
- data/src/core/lib/promise/cancel_callback.h +34 -6
- data/src/core/lib/promise/context.h +18 -9
- data/src/core/lib/promise/detail/basic_seq.h +33 -20
- data/src/core/lib/promise/detail/join_state.h +555 -812
- data/src/core/lib/promise/detail/promise_factory.h +122 -46
- data/src/core/lib/promise/detail/promise_like.h +48 -13
- data/src/core/lib/promise/detail/seq_state.h +1378 -2254
- data/src/core/lib/promise/detail/status.h +36 -14
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +1 -2
- data/src/core/lib/promise/for_each.h +108 -41
- data/src/core/lib/promise/if.h +67 -35
- data/src/core/lib/promise/interceptor_list.h +31 -45
- data/src/core/lib/promise/latch.h +39 -46
- data/src/core/lib/promise/loop.h +80 -27
- data/src/core/lib/promise/map.h +185 -21
- data/src/core/lib/promise/observable.h +181 -0
- data/src/core/lib/promise/party.cc +331 -154
- data/src/core/lib/promise/party.h +391 -396
- data/src/core/lib/promise/pipe.h +45 -68
- data/src/core/lib/promise/poll.h +122 -41
- data/src/core/lib/promise/prioritized_race.h +16 -22
- data/src/core/lib/promise/promise.h +13 -8
- data/src/core/lib/promise/race.h +12 -15
- data/src/core/lib/promise/seq.h +98 -70
- data/src/core/lib/promise/sleep.cc +7 -8
- data/src/core/lib/promise/sleep.h +17 -5
- data/src/core/lib/promise/status_flag.h +178 -56
- data/src/core/lib/promise/try_join.h +156 -25
- data/src/core/lib/promise/try_seq.h +152 -89
- data/src/core/lib/resource_quota/api.cc +4 -7
- data/src/core/lib/resource_quota/api.h +3 -5
- data/src/core/lib/resource_quota/arena.cc +64 -87
- data/src/core/lib/resource_quota/arena.h +224 -210
- data/src/core/lib/resource_quota/connection_quota.cc +8 -10
- data/src/core/lib/resource_quota/connection_quota.h +7 -4
- data/src/core/lib/resource_quota/memory_quota.cc +100 -97
- data/src/core/lib/resource_quota/memory_quota.h +31 -25
- data/src/core/lib/resource_quota/periodic_update.cc +5 -5
- data/src/core/lib/resource_quota/periodic_update.h +1 -3
- data/src/core/lib/resource_quota/resource_quota.cc +2 -2
- data/src/core/lib/resource_quota/resource_quota.h +6 -8
- data/src/core/lib/resource_quota/thread_quota.cc +4 -4
- data/src/core/lib/resource_quota/thread_quota.h +3 -4
- data/src/core/lib/security/authorization/audit_logging.cc +10 -12
- data/src/core/lib/security/authorization/audit_logging.h +3 -5
- data/src/core/lib/security/authorization/authorization_engine.h +1 -1
- data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -7
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +3 -4
- data/src/core/lib/security/authorization/evaluate_args.cc +14 -19
- data/src/core/lib/security/authorization/evaluate_args.h +4 -6
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +4 -5
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +1 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +24 -40
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +16 -15
- data/src/core/lib/security/authorization/matchers.cc +5 -8
- data/src/core/lib/security/authorization/matchers.h +4 -6
- data/src/core/lib/security/authorization/rbac_policy.cc +3 -3
- data/src/core/lib/security/authorization/rbac_policy.h +5 -8
- data/src/core/lib/security/authorization/stdout_logger.cc +7 -7
- data/src/core/lib/security/authorization/stdout_logger.h +2 -3
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +7 -8
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +6 -6
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +0 -1
- data/src/core/lib/security/context/security_context.cc +51 -49
- data/src/core/lib/security/context/security_context.h +46 -17
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +6 -7
- data/src/core/lib/security/credentials/alts/alts_credentials.h +11 -7
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +4 -5
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +1 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +3 -5
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +3 -5
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +5 -7
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +4 -5
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +2 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +1 -2
- data/src/core/lib/security/credentials/call_creds_util.cc +8 -8
- data/src/core/lib/security/credentials/call_creds_util.h +2 -2
- data/src/core/lib/security/credentials/channel_creds_registry.h +5 -6
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +14 -13
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +18 -21
- data/src/core/lib/security/credentials/composite/composite_credentials.h +9 -8
- data/src/core/lib/security/credentials/credentials.cc +20 -20
- data/src/core/lib/security/credentials/credentials.h +13 -14
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +336 -340
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +58 -46
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -5
- data/src/core/lib/security/credentials/external/aws_request_signer.h +1 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +408 -374
- data/src/core/lib/security/credentials/external/external_account_credentials.h +127 -59
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +89 -53
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +30 -9
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +103 -129
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +20 -22
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -4
- data/src/core/lib/security/credentials/fake/fake_credentials.h +10 -9
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +195 -0
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.h +90 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +5 -7
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +62 -79
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +9 -7
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +10 -15
- data/src/core/lib/security/credentials/iam/iam_credentials.h +8 -7
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +4 -4
- data/src/core/lib/security/credentials/jwt/json_token.cc +28 -31
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -4
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +25 -32
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -11
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +80 -88
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +3 -5
- data/src/core/lib/security/credentials/local/local_credentials.cc +3 -4
- data/src/core/lib/security/credentials/local/local_credentials.h +5 -5
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +203 -303
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +50 -73
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +22 -36
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +11 -13
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +49 -61
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +8 -9
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +40 -41
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +16 -17
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +0 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +127 -58
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +18 -17
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +8 -12
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +9 -10
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +27 -29
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +2 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +6 -11
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +7 -11
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +22 -26
- data/src/core/lib/security/credentials/tls/tls_credentials.h +7 -5
- data/src/core/lib/security/credentials/tls/tls_utils.cc +5 -7
- data/src/core/lib/security/credentials/tls/tls_utils.h +1 -2
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +304 -0
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +181 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +22 -19
- data/src/core/lib/security/credentials/xds/xds_credentials.h +7 -9
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +36 -41
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +31 -31
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +8 -10
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +5 -6
- data/src/core/lib/security/security_connector/load_system_roots.h +1 -2
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +8 -10
- data/src/core/lib/security/security_connector/load_system_roots_supported.h +1 -2
- data/src/core/lib/security/security_connector/load_system_roots_windows.cc +4 -6
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +36 -36
- data/src/core/lib/security/security_connector/local/local_security_connector.h +3 -3
- data/src/core/lib/security/security_connector/security_connector.cc +11 -15
- data/src/core/lib/security/security_connector/security_connector.h +8 -11
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +28 -32
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +4 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +42 -42
- data/src/core/lib/security/security_connector/ssl_utils.h +6 -9
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +58 -71
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +19 -20
- data/src/core/lib/security/transport/auth_filters.h +114 -22
- data/src/core/lib/security/transport/client_auth_filter.cc +115 -33
- data/src/core/lib/security/transport/server_auth_filter.cc +22 -39
- data/src/core/lib/security/util/json_util.cc +4 -6
- data/src/core/lib/security/util/json_util.h +1 -1
- data/src/core/lib/slice/percent_encoding.cc +4 -6
- data/src/core/lib/slice/slice.cc +13 -15
- data/src/core/lib/slice/slice.h +8 -11
- data/src/core/lib/slice/slice_buffer.cc +20 -21
- data/src/core/lib/slice/slice_buffer.h +4 -6
- data/src/core/lib/slice/slice_internal.h +4 -7
- data/src/core/lib/slice/slice_refcount.h +7 -15
- data/src/core/lib/slice/slice_string_helpers.cc +3 -3
- data/src/core/lib/slice/slice_string_helpers.h +1 -3
- data/src/core/lib/surface/byte_buffer.cc +2 -4
- data/src/core/lib/surface/byte_buffer_reader.cc +5 -7
- data/src/core/lib/surface/call.cc +201 -3992
- data/src/core/lib/surface/call.h +180 -103
- data/src/core/lib/surface/call_details.cc +5 -5
- data/src/core/lib/surface/call_log_batch.cc +7 -11
- data/src/core/lib/surface/call_test_only.h +2 -4
- data/src/core/lib/surface/call_utils.cc +231 -0
- data/src/core/lib/surface/call_utils.h +492 -0
- data/src/core/lib/surface/channel.cc +53 -59
- data/src/core/lib/surface/channel.h +23 -22
- data/src/core/lib/surface/channel_create.cc +31 -15
- data/src/core/lib/surface/channel_create.h +3 -3
- data/src/core/lib/surface/channel_init.cc +274 -271
- data/src/core/lib/surface/channel_init.h +179 -120
- data/src/core/lib/surface/channel_stack_type.cc +2 -2
- data/src/core/lib/surface/client_call.cc +456 -0
- data/src/core/lib/surface/client_call.h +192 -0
- data/src/core/lib/surface/completion_queue.cc +119 -155
- data/src/core/lib/surface/completion_queue.h +4 -14
- data/src/core/lib/surface/completion_queue_factory.cc +8 -9
- data/src/core/lib/surface/completion_queue_factory.h +1 -2
- data/src/core/lib/surface/connection_context.cc +77 -0
- data/src/core/lib/surface/connection_context.h +156 -0
- data/src/core/lib/surface/event_string.cc +9 -3
- data/src/core/lib/surface/event_string.h +1 -2
- data/src/core/lib/surface/filter_stack_call.cc +1154 -0
- data/src/core/lib/surface/filter_stack_call.h +366 -0
- data/src/core/lib/surface/init.cc +74 -30
- data/src/core/lib/surface/init.h +5 -0
- data/src/core/lib/surface/init_internally.cc +2 -2
- data/src/core/lib/surface/init_internally.h +13 -2
- data/src/core/lib/surface/lame_client.cc +20 -26
- data/src/core/lib/surface/lame_client.h +9 -13
- data/src/core/lib/surface/legacy_channel.cc +78 -62
- data/src/core/lib/surface/legacy_channel.h +16 -27
- data/src/core/lib/surface/metadata_array.cc +6 -7
- data/src/core/lib/surface/server_call.cc +259 -0
- data/src/core/lib/surface/server_call.h +169 -0
- data/src/core/lib/surface/validate_metadata.cc +4 -6
- data/src/core/lib/surface/validate_metadata.h +3 -6
- data/src/core/lib/surface/version.cc +3 -4
- data/src/core/lib/transport/bdp_estimator.cc +14 -20
- data/src/core/lib/transport/bdp_estimator.h +12 -18
- data/src/core/lib/transport/call_arena_allocator.cc +27 -0
- data/src/core/lib/transport/call_arena_allocator.h +91 -0
- data/src/core/lib/transport/call_destination.h +76 -0
- data/src/core/lib/transport/call_filters.cc +70 -393
- data/src/core/lib/transport/call_filters.h +885 -736
- data/src/core/lib/transport/call_final_info.cc +2 -2
- data/src/core/lib/transport/call_final_info.h +3 -4
- data/src/core/lib/transport/call_spine.cc +63 -80
- data/src/core/lib/transport/call_spine.h +412 -244
- data/src/core/lib/transport/call_state.cc +39 -0
- data/src/core/lib/transport/call_state.h +1154 -0
- data/src/core/lib/transport/connectivity_state.cc +44 -54
- data/src/core/lib/transport/connectivity_state.h +5 -11
- data/src/core/lib/transport/error_utils.cc +3 -5
- data/src/core/lib/transport/error_utils.h +2 -4
- data/src/core/lib/transport/http2_errors.h +5 -3
- data/src/core/lib/transport/interception_chain.cc +155 -0
- data/src/core/lib/transport/interception_chain.h +282 -0
- data/src/core/lib/transport/message.cc +3 -4
- data/src/core/lib/transport/message.h +5 -0
- data/src/core/lib/transport/metadata.cc +29 -5
- data/src/core/lib/transport/metadata.h +125 -2
- data/src/core/lib/transport/metadata_batch.cc +14 -7
- data/src/core/lib/transport/metadata_batch.h +183 -33
- data/src/core/lib/transport/metadata_compression_traits.h +2 -3
- data/src/core/lib/transport/metadata_info.cc +2 -2
- data/src/core/lib/transport/metadata_info.h +1 -1
- data/src/core/lib/transport/parsed_metadata.cc +2 -2
- data/src/core/lib/transport/parsed_metadata.h +2 -5
- data/src/core/lib/transport/simple_slice_based_metadata.h +0 -1
- data/src/core/lib/transport/status_conversion.cc +2 -2
- data/src/core/lib/transport/status_conversion.h +2 -3
- data/src/core/lib/transport/timeout_encoding.cc +26 -27
- data/src/core/lib/transport/timeout_encoding.h +3 -4
- data/src/core/lib/transport/transport.cc +7 -14
- data/src/core/lib/transport/transport.h +106 -95
- data/src/core/lib/transport/transport_framing_endpoint_extension.h +47 -0
- data/src/core/lib/transport/transport_op_string.cc +2 -5
- data/src/core/load_balancing/address_filtering.cc +2 -4
- data/src/core/load_balancing/address_filtering.h +2 -3
- data/src/core/load_balancing/backend_metric_parser.cc +22 -30
- data/src/core/load_balancing/backend_metric_parser.h +0 -2
- data/src/core/load_balancing/child_policy_handler.cc +42 -46
- data/src/core/load_balancing/child_policy_handler.h +2 -3
- data/src/core/load_balancing/delegating_helper.h +6 -8
- data/src/core/load_balancing/endpoint_list.cc +28 -22
- data/src/core/load_balancing/endpoint_list.h +39 -28
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +34 -35
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +21 -7
- data/src/core/load_balancing/grpclb/grpclb.cc +201 -252
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +2 -3
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.h +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +3 -5
- data/src/core/load_balancing/grpclb/grpclb_client_stats.h +4 -7
- data/src/core/load_balancing/grpclb/load_balancer_api.cc +7 -11
- data/src/core/load_balancing/grpclb/load_balancer_api.h +3 -6
- data/src/core/load_balancing/health_check_client.cc +78 -131
- data/src/core/load_balancing/health_check_client.h +1 -1
- data/src/core/load_balancing/health_check_client_internal.h +13 -15
- data/src/core/load_balancing/lb_policy.cc +11 -16
- data/src/core/load_balancing/lb_policy.h +76 -51
- data/src/core/load_balancing/lb_policy_factory.h +3 -4
- data/src/core/load_balancing/lb_policy_registry.cc +17 -17
- data/src/core/load_balancing/lb_policy_registry.h +3 -4
- data/src/core/load_balancing/oob_backend_metric.cc +22 -29
- data/src/core/load_balancing/oob_backend_metric.h +1 -1
- data/src/core/load_balancing/oob_backend_metric_internal.h +6 -8
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +193 -249
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +8 -9
- data/src/core/load_balancing/pick_first/pick_first.cc +1255 -318
- data/src/core/load_balancing/priority/priority.cc +115 -159
- data/src/core/load_balancing/ring_hash/ring_hash.cc +285 -240
- data/src/core/load_balancing/ring_hash/ring_hash.h +9 -17
- data/src/core/load_balancing/rls/rls.cc +457 -544
- data/src/core/load_balancing/rls/rls.h +97 -1
- data/src/core/load_balancing/round_robin/round_robin.cc +93 -114
- data/src/core/load_balancing/subchannel_interface.h +15 -5
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +11 -12
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +3 -4
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +180 -196
- data/src/core/load_balancing/weighted_target/weighted_target.cc +86 -130
- data/src/core/load_balancing/weighted_target/weighted_target.h +1 -1
- data/src/core/load_balancing/xds/cds.cc +72 -93
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +201 -179
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +63 -104
- data/src/core/load_balancing/xds/xds_override_host.cc +168 -277
- data/src/core/load_balancing/xds/xds_override_host.h +5 -6
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +46 -59
- data/src/core/plugin_registry/grpc_plugin_registry.cc +12 -17
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +7 -3
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +100 -76
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +1 -2
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +3 -5
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +6 -9
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +153 -134
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +176 -161
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +3 -18
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +2 -2
- data/src/core/resolver/dns/dns_resolver_plugin.cc +11 -13
- data/src/core/resolver/dns/dns_resolver_plugin.h +1 -1
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +66 -78
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +2 -3
- data/src/core/resolver/dns/event_engine/service_config_helper.cc +8 -10
- data/src/core/resolver/dns/native/dns_resolver.cc +22 -32
- data/src/core/resolver/dns/native/dns_resolver.h +1 -1
- data/src/core/resolver/endpoint_addresses.cc +5 -8
- data/src/core/resolver/endpoint_addresses.h +3 -1
- data/src/core/resolver/fake/fake_resolver.cc +20 -23
- data/src/core/resolver/fake/fake_resolver.h +8 -10
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +38 -43
- data/src/core/resolver/polling_resolver.cc +44 -63
- data/src/core/resolver/polling_resolver.h +9 -11
- data/src/core/resolver/resolver.cc +3 -7
- data/src/core/resolver/resolver.h +2 -8
- data/src/core/resolver/resolver_factory.h +2 -3
- data/src/core/resolver/resolver_registry.cc +14 -15
- data/src/core/resolver/resolver_registry.h +2 -3
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +6 -8
- data/src/core/resolver/xds/xds_config.cc +95 -0
- data/src/core/resolver/xds/xds_config.h +108 -0
- data/src/core/resolver/xds/xds_dependency_manager.cc +263 -344
- data/src/core/resolver/xds/xds_dependency_manager.h +39 -94
- data/src/core/resolver/xds/xds_resolver.cc +203 -230
- data/src/core/resolver/xds/xds_resolver_attributes.h +6 -3
- data/src/core/server/server.cc +2189 -0
- data/src/core/server/server.h +718 -0
- data/src/core/server/server_call_tracer_filter.cc +113 -0
- data/src/core/server/server_call_tracer_filter.h +28 -0
- data/src/core/server/server_config_selector.h +82 -0
- data/src/core/server/server_config_selector_filter.cc +168 -0
- data/src/core/server/server_config_selector_filter.h +33 -0
- data/src/core/server/server_interface.h +45 -0
- data/src/core/server/xds_channel_stack_modifier.cc +107 -0
- data/src/core/server/xds_channel_stack_modifier.h +62 -0
- data/src/core/server/xds_server_config_fetcher.cc +1318 -0
- data/src/core/service_config/service_config.h +3 -6
- data/src/core/service_config/service_config_call_data.h +20 -19
- data/src/core/service_config/service_config_channel_arg_filter.cc +24 -33
- data/src/core/service_config/service_config_impl.cc +12 -14
- data/src/core/service_config/service_config_impl.h +6 -9
- data/src/core/service_config/service_config_parser.cc +4 -9
- data/src/core/service_config/service_config_parser.h +2 -4
- data/src/core/telemetry/call_tracer.cc +386 -0
- data/src/core/telemetry/call_tracer.h +264 -0
- data/src/core/telemetry/histogram_view.cc +69 -0
- data/src/core/telemetry/histogram_view.h +36 -0
- data/src/core/telemetry/metrics.cc +180 -0
- data/src/core/telemetry/metrics.h +563 -0
- data/src/core/telemetry/stats.cc +67 -0
- data/src/core/telemetry/stats.h +62 -0
- data/src/core/telemetry/stats_data.cc +931 -0
- data/src/core/telemetry/stats_data.h +705 -0
- data/src/core/telemetry/tcp_tracer.h +143 -0
- data/src/core/tsi/alts/crypt/aes_gcm.cc +4 -8
- data/src/core/tsi/alts/crypt/gsec.cc +2 -4
- data/src/core/tsi/alts/crypt/gsec.h +3 -5
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +2 -4
- data/src/core/tsi/alts/frame_protector/alts_counter.h +2 -4
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +2 -4
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +1 -3
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +16 -19
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +0 -1
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +2 -3
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +2 -3
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +11 -13
- data/src/core/tsi/alts/frame_protector/frame_handler.h +0 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +80 -84
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +5 -6
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +2 -3
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +90 -90
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +6 -5
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -2
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +17 -24
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +4 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +17 -19
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +0 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +12 -14
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +0 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +16 -14
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +3 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +0 -1
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +13 -16
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +0 -1
- data/src/core/tsi/fake_transport_security.cc +36 -34
- data/src/core/tsi/local_transport_security.cc +9 -11
- data/src/core/tsi/local_transport_security.h +1 -2
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +13 -15
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +7 -10
- data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +16 -17
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +8 -10
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +4 -7
- data/src/core/tsi/ssl_transport_security.cc +154 -131
- data/src/core/tsi/ssl_transport_security.h +5 -8
- data/src/core/tsi/ssl_transport_security_utils.cc +86 -32
- data/src/core/tsi/ssl_transport_security_utils.h +13 -5
- data/src/core/tsi/ssl_types.h +0 -1
- data/src/core/tsi/transport_security.cc +3 -9
- data/src/core/tsi/transport_security.h +0 -3
- data/src/core/tsi/transport_security_grpc.cc +2 -2
- data/src/core/tsi/transport_security_grpc.h +1 -2
- data/src/core/tsi/transport_security_interface.h +2 -7
- data/src/core/util/alloc.cc +69 -0
- data/src/core/util/alloc.h +28 -0
- data/src/core/util/atomic_utils.h +47 -0
- data/src/core/util/avl.h +324 -0
- data/src/core/util/backoff.cc +57 -0
- data/src/core/util/backoff.h +86 -0
- data/src/core/util/bitset.h +224 -0
- data/src/core/util/chunked_vector.h +256 -0
- data/src/core/util/construct_destruct.h +41 -0
- data/src/core/util/cpp_impl_of.h +49 -0
- data/src/core/util/crash.cc +40 -0
- data/src/core/util/crash.h +36 -0
- data/src/core/util/debug_location.h +106 -0
- data/src/core/util/directory_reader.h +48 -0
- data/src/core/util/down_cast.h +48 -0
- data/src/core/util/dual_ref_counted.h +376 -0
- data/src/core/util/dump_args.cc +54 -0
- data/src/core/util/dump_args.h +114 -0
- data/src/core/util/env.h +52 -0
- data/src/core/util/event_log.cc +87 -0
- data/src/core/util/event_log.h +79 -0
- data/src/core/util/examine_stack.cc +43 -0
- data/src/core/util/examine_stack.h +44 -0
- data/src/core/util/fork.cc +241 -0
- data/src/core/util/fork.h +98 -0
- data/src/core/util/gcp_metadata_query.cc +132 -0
- data/src/core/util/gcp_metadata_query.h +86 -0
- data/src/core/util/gethostname.h +26 -0
- data/src/core/util/gethostname_fallback.cc +30 -0
- data/src/core/util/gethostname_host_name_max.cc +39 -0
- data/src/core/util/gethostname_sysconf.cc +39 -0
- data/src/core/util/glob.cc +70 -0
- data/src/core/util/glob.h +29 -0
- data/src/core/util/gpr_time.cc +266 -0
- data/src/core/util/grpc_if_nametoindex.h +29 -0
- data/src/core/util/grpc_if_nametoindex_posix.cc +41 -0
- data/src/core/util/grpc_if_nametoindex_unsupported.cc +36 -0
- data/src/core/util/host_port.cc +114 -0
- data/src/core/util/host_port.h +57 -0
- data/src/core/util/http_client/format_request.cc +134 -0
- data/src/core/util/http_client/format_request.h +37 -0
- data/src/core/util/http_client/httpcli.cc +427 -0
- data/src/core/util/http_client/httpcli.h +279 -0
- data/src/core/util/http_client/httpcli_security_connector.cc +210 -0
- data/src/core/util/http_client/httpcli_ssl_credentials.h +38 -0
- data/src/core/util/http_client/parser.cc +447 -0
- data/src/core/util/http_client/parser.h +126 -0
- data/src/core/util/if_list.h +4530 -0
- data/src/core/util/iphone/cpu.cc +43 -0
- data/src/core/util/json/json.h +29 -0
- data/src/core/util/json/json_args.h +34 -0
- data/src/core/util/json/json_channel_args.h +42 -0
- data/src/core/util/json/json_object_loader.cc +215 -0
- data/src/core/util/json/json_object_loader.h +644 -0
- data/src/core/util/json/json_reader.cc +953 -0
- data/src/core/util/json/json_reader.h +33 -0
- data/src/core/util/json/json_util.cc +101 -0
- data/src/core/util/json/json_util.h +163 -0
- data/src/core/util/json/json_writer.cc +337 -0
- data/src/core/util/json/json_writer.h +33 -0
- data/src/core/util/latent_see.cc +163 -0
- data/src/core/util/latent_see.h +334 -0
- data/src/core/util/linux/cpu.cc +86 -0
- data/src/core/util/linux/env.cc +61 -0
- data/src/core/util/load_file.cc +75 -0
- data/src/core/util/load_file.h +33 -0
- data/src/core/util/log.cc +127 -0
- data/src/core/util/lru_cache.h +122 -0
- data/src/core/util/manual_constructor.h +145 -0
- data/src/core/util/match.h +74 -0
- data/src/core/util/matchers.cc +336 -0
- data/src/core/util/matchers.h +162 -0
- data/src/core/util/memory.h +52 -0
- data/src/core/util/mpscq.cc +108 -0
- data/src/core/util/mpscq.h +98 -0
- data/src/core/util/msys/tmpfile.cc +57 -0
- data/src/core/util/no_destruct.h +95 -0
- data/src/core/util/notification.h +66 -0
- data/src/core/util/orphanable.h +153 -0
- data/src/core/util/overload.h +59 -0
- data/src/core/util/packed_table.h +40 -0
- data/src/core/util/per_cpu.cc +34 -0
- data/src/core/util/per_cpu.h +102 -0
- data/src/core/util/posix/cpu.cc +83 -0
- data/src/core/util/posix/directory_reader.cc +82 -0
- data/src/core/util/posix/env.cc +47 -0
- data/src/core/util/posix/stat.cc +54 -0
- data/src/core/util/posix/string.cc +71 -0
- data/src/core/util/posix/sync.cc +157 -0
- data/src/core/util/posix/thd.cc +243 -0
- data/src/core/util/posix/time.cc +122 -0
- data/src/core/util/posix/tmpfile.cc +71 -0
- data/src/core/util/random_early_detection.cc +33 -0
- data/src/core/util/random_early_detection.h +61 -0
- data/src/core/util/ref_counted.h +403 -0
- data/src/core/util/ref_counted_ptr.h +443 -0
- data/src/core/util/ref_counted_string.cc +42 -0
- data/src/core/util/ref_counted_string.h +159 -0
- data/src/core/util/ring_buffer.h +122 -0
- data/src/core/util/single_set_ptr.h +89 -0
- data/src/core/util/sorted_pack.h +89 -0
- data/src/core/util/spinlock.h +51 -0
- data/src/core/util/stat.h +35 -0
- data/src/core/util/status_helper.cc +427 -0
- data/src/core/util/status_helper.h +160 -0
- data/src/core/util/strerror.cc +40 -0
- data/src/core/util/strerror.h +29 -0
- data/src/core/util/string.cc +341 -0
- data/src/core/util/string.h +110 -0
- data/src/core/util/sync.cc +123 -0
- data/src/core/util/sync.h +199 -0
- data/src/core/util/sync_abseil.cc +106 -0
- data/src/core/util/table.h +471 -0
- data/src/core/util/tchar.cc +49 -0
- data/src/core/util/tchar.h +33 -0
- data/src/core/util/thd.h +193 -0
- data/src/core/util/time.cc +240 -0
- data/src/core/util/time.h +385 -0
- data/src/core/util/time_averaged_stats.cc +60 -0
- data/src/core/util/time_averaged_stats.h +79 -0
- data/src/core/util/time_precise.cc +167 -0
- data/src/core/util/time_precise.h +68 -0
- data/src/core/util/time_util.cc +80 -0
- data/src/core/util/time_util.h +41 -0
- data/src/core/util/tmpfile.h +31 -0
- data/src/core/util/type_list.h +88 -0
- data/src/core/util/unique_ptr_with_bitset.h +86 -0
- data/src/core/util/unique_type_name.h +123 -0
- data/src/core/util/upb_utils.h +43 -0
- data/src/core/util/uri.cc +378 -0
- data/src/core/util/uri.h +112 -0
- data/src/core/util/useful.h +153 -0
- data/src/core/util/uuid_v4.cc +37 -0
- data/src/core/util/uuid_v4.h +35 -0
- data/src/core/util/validation_errors.cc +73 -0
- data/src/core/util/validation_errors.h +144 -0
- data/src/core/util/wait_for_single_owner.h +62 -0
- data/src/core/util/windows/cpu.cc +34 -0
- data/src/core/util/windows/directory_reader.cc +79 -0
- data/src/core/util/windows/env.cc +56 -0
- data/src/core/util/windows/stat.cc +50 -0
- data/src/core/util/windows/string.cc +68 -0
- data/src/core/util/windows/string_util.cc +53 -0
- data/src/core/util/windows/sync.cc +121 -0
- data/src/core/util/windows/thd.cc +182 -0
- data/src/core/util/windows/time.cc +104 -0
- data/src/core/util/windows/tmpfile.cc +66 -0
- data/src/core/util/work_serializer.cc +298 -0
- data/src/core/util/work_serializer.h +81 -0
- data/src/core/util/xxhash_inline.h +29 -0
- data/src/core/xds/grpc/certificate_provider_store.cc +148 -0
- data/src/core/xds/grpc/certificate_provider_store.h +132 -0
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +136 -0
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.h +80 -0
- data/src/core/xds/grpc/xds_audit_logger_registry.cc +123 -0
- data/src/core/xds/grpc/xds_audit_logger_registry.h +67 -0
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +235 -0
- data/src/core/xds/grpc/xds_bootstrap_grpc.h +167 -0
- data/src/core/xds/grpc/xds_certificate_provider.cc +216 -0
- data/src/core/xds/grpc/xds_certificate_provider.h +116 -0
- data/src/core/xds/grpc/xds_client_grpc.cc +444 -0
- data/src/core/xds/grpc/xds_client_grpc.h +115 -0
- data/src/core/xds/grpc/xds_cluster.cc +79 -0
- data/src/core/xds/grpc/xds_cluster.h +135 -0
- data/src/core/xds/grpc/xds_cluster_parser.cc +772 -0
- data/src/core/xds/grpc/xds_cluster_parser.h +61 -0
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +137 -0
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.h +96 -0
- data/src/core/xds/grpc/xds_common_types.cc +103 -0
- data/src/core/xds/grpc/xds_common_types.h +90 -0
- data/src/core/xds/grpc/xds_common_types_parser.cc +501 -0
- data/src/core/xds/grpc/xds_common_types_parser.h +77 -0
- data/src/core/xds/grpc/xds_endpoint.cc +96 -0
- data/src/core/xds/grpc/xds_endpoint.h +128 -0
- data/src/core/xds/grpc/xds_endpoint_parser.cc +475 -0
- data/src/core/xds/grpc/xds_endpoint_parser.h +47 -0
- data/src/core/xds/grpc/xds_health_status.cc +73 -0
- data/src/core/xds/grpc/xds_health_status.h +89 -0
- data/src/core/xds/grpc/xds_http_fault_filter.cc +247 -0
- data/src/core/xds/grpc/xds_http_fault_filter.h +63 -0
- data/src/core/xds/grpc/xds_http_filter.h +134 -0
- data/src/core/xds/grpc/xds_http_filter_registry.cc +122 -0
- data/src/core/xds/grpc/xds_http_filter_registry.h +104 -0
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +141 -0
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +61 -0
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +609 -0
- data/src/core/xds/grpc/xds_http_rbac_filter.h +63 -0
- data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +230 -0
- data/src/core/xds/grpc/xds_http_stateful_session_filter.h +63 -0
- data/src/core/xds/grpc/xds_lb_policy_registry.cc +365 -0
- data/src/core/xds/grpc/xds_lb_policy_registry.h +70 -0
- data/src/core/xds/grpc/xds_listener.cc +173 -0
- data/src/core/xds/grpc/xds_listener.h +203 -0
- data/src/core/xds/grpc/xds_listener_parser.cc +1000 -0
- data/src/core/xds/grpc/xds_listener_parser.h +60 -0
- data/src/core/xds/grpc/xds_metadata.cc +62 -0
- data/src/core/xds/grpc/xds_metadata.h +158 -0
- data/src/core/xds/grpc/xds_metadata_parser.cc +197 -0
- data/src/core/xds/grpc/xds_metadata_parser.h +35 -0
- data/src/core/xds/grpc/xds_route_config.cc +276 -0
- data/src/core/xds/grpc/xds_route_config.h +220 -0
- data/src/core/xds/grpc/xds_route_config_parser.cc +960 -0
- data/src/core/xds/grpc/xds_route_config_parser.h +77 -0
- data/src/core/xds/grpc/xds_routing.cc +297 -0
- data/src/core/xds/grpc/xds_routing.h +112 -0
- data/src/core/xds/grpc/xds_server_grpc.cc +181 -0
- data/src/core/xds/grpc/xds_server_grpc.h +66 -0
- data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
- data/src/core/xds/grpc/xds_transport_grpc.cc +392 -0
- data/src/core/xds/grpc/xds_transport_grpc.h +149 -0
- data/src/core/xds/xds_client/lrs_client.cc +1280 -0
- data/src/core/xds/xds_client/lrs_client.h +394 -0
- data/src/core/xds/xds_client/xds_api.cc +130 -0
- data/src/core/xds/xds_client/xds_api.h +34 -0
- data/src/core/xds/xds_client/xds_backend_metric_propagation.cc +63 -0
- data/src/core/xds/xds_client/xds_backend_metric_propagation.h +59 -0
- data/src/core/xds/xds_client/xds_bootstrap.cc +47 -0
- data/src/core/xds/xds_client/xds_bootstrap.h +95 -0
- data/src/core/xds/xds_client/xds_channel_args.h +32 -0
- data/src/core/xds/xds_client/xds_client.cc +2015 -0
- data/src/core/xds/xds_client/xds_client.h +440 -0
- data/src/core/xds/xds_client/xds_locality.h +102 -0
- data/src/core/xds/xds_client/xds_metrics.h +41 -0
- data/src/core/xds/xds_client/xds_resource_type.h +96 -0
- data/src/core/xds/xds_client/xds_resource_type_impl.h +92 -0
- data/src/core/xds/xds_client/xds_transport.h +104 -0
- data/src/ruby/bin/math_pb.rb +1 -22
- data/src/ruby/ext/grpc/extconf.rb +2 -1
- data/src/ruby/ext/grpc/rb_byte_buffer.c +3 -3
- data/src/ruby/ext/grpc/rb_call.c +15 -8
- data/src/ruby/ext/grpc/rb_call_credentials.c +39 -32
- data/src/ruby/ext/grpc/rb_call_credentials.h +1 -0
- data/src/ruby/ext/grpc/rb_channel.c +42 -36
- data/src/ruby/ext/grpc/rb_channel_args.c +4 -4
- data/src/ruby/ext/grpc/rb_channel_credentials.c +5 -5
- data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -2
- data/src/ruby/ext/grpc/rb_completion_queue.c +18 -36
- data/src/ruby/ext/grpc/rb_completion_queue.h +7 -1
- data/src/ruby/ext/grpc/rb_compression_options.c +9 -10
- data/src/ruby/ext/grpc/rb_event_thread.c +9 -9
- data/src/ruby/ext/grpc/rb_grpc.c +16 -16
- data/src/ruby/ext/grpc/rb_grpc.h +8 -1
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +136 -144
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +205 -216
- data/src/ruby/ext/grpc/rb_server.c +47 -27
- data/src/ruby/ext/grpc/rb_server_credentials.c +4 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +2 -2
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +5 -5
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +1 -2
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +5 -4
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +2 -2
- data/src/ruby/lib/grpc/generic/active_call.rb +8 -5
- data/src/ruby/lib/grpc/logconfig.rb +13 -0
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/grpc/health/v1/health_pb.rb +1 -22
- data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +5 -5
- data/src/ruby/pb/grpc/testing/metrics_pb.rb +10 -19
- data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +5 -5
- data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +1 -22
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +1 -22
- data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +1 -22
- data/src/ruby/spec/call_spec.rb +53 -40
- data/src/ruby/spec/channel_spec.rb +4 -2
- data/src/ruby/spec/client_server_spec.rb +148 -507
- data/src/ruby/spec/generic/active_call_spec.rb +64 -86
- data/src/ruby/spec/generic/client_stub_spec.rb +20 -20
- data/src/ruby/spec/logconfig_spec.rb +30 -0
- data/src/ruby/spec/support/services.rb +3 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +57 -18
- data/third_party/abseil-cpp/absl/base/attributes.h +84 -0
- data/third_party/abseil-cpp/absl/base/config.h +32 -51
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +0 -16
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +13 -3
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -12
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +4 -4
- data/third_party/abseil-cpp/absl/base/macros.h +48 -0
- data/third_party/abseil-cpp/absl/base/no_destructor.h +35 -40
- data/third_party/abseil-cpp/absl/base/nullability.h +33 -7
- data/third_party/abseil-cpp/absl/base/optimization.h +11 -0
- data/third_party/abseil-cpp/absl/base/options.h +1 -1
- data/third_party/abseil-cpp/absl/base/prefetch.h +1 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +68 -12
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +60 -6
- data/third_party/abseil-cpp/absl/container/hash_container_defaults.h +45 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +13 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +20 -11
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +15 -16
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +34 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +68 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +22 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +26 -8
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +39 -35
- data/third_party/abseil-cpp/absl/container/internal/layout.h +190 -74
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +8 -6
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +334 -71
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1299 -458
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +19 -17
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +4 -3
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +2 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_arm_combined.cc +12 -8
- data/third_party/abseil-cpp/absl/crc/internal/crc_non_temporal_memcpy.cc +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +11 -7
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +18 -17
- data/third_party/abseil-cpp/absl/debugging/internal/bounded_utf8_length_sequence.h +126 -0
- data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.cc +258 -0
- data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.h +55 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1057 -86
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +3 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.cc +925 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.h +42 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +43 -16
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +8 -7
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +10 -7
- data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.cc +70 -0
- data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.h +47 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +11 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +2 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +117 -30
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +192 -30
- data/third_party/abseil-cpp/absl/flags/reflection.cc +10 -0
- data/third_party/abseil-cpp/absl/functional/any_invocable.h +13 -3
- data/third_party/abseil-cpp/absl/functional/bind_front.h +3 -2
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +7 -7
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +9 -9
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +1 -1
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +13 -3
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +60 -28
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +4 -0
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +3 -3
- data/third_party/abseil-cpp/absl/log/check.h +209 -0
- data/third_party/abseil-cpp/absl/log/globals.h +28 -15
- data/third_party/abseil-cpp/absl/log/internal/check_impl.h +150 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +138 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +462 -0
- data/third_party/abseil-cpp/absl/log/internal/conditions.h +2 -2
- data/third_party/abseil-cpp/absl/log/internal/log_impl.h +23 -23
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +104 -47
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +23 -4
- data/third_party/abseil-cpp/absl/log/internal/nullstream.h +1 -10
- data/third_party/abseil-cpp/absl/log/internal/strip.h +36 -0
- data/third_party/abseil-cpp/absl/log/log.h +5 -1
- data/third_party/abseil-cpp/absl/log/log_sink.h +11 -4
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +3 -3
- data/third_party/abseil-cpp/absl/meta/type_traits.h +138 -42
- data/third_party/abseil-cpp/absl/numeric/int128.cc +0 -3
- data/third_party/abseil-cpp/absl/numeric/int128.h +35 -5
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +14 -0
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +18 -0
- data/third_party/abseil-cpp/absl/numeric/internal/bits.h +6 -2
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +8 -8
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +9 -7
- data/third_party/abseil-cpp/absl/random/distributions.h +11 -11
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +2 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +61 -2
- data/third_party/abseil-cpp/absl/status/status.cc +0 -4
- data/third_party/abseil-cpp/absl/status/status.h +4 -4
- data/third_party/abseil-cpp/absl/status/statusor.h +108 -142
- data/third_party/abseil-cpp/absl/strings/ascii.cc +32 -71
- data/third_party/abseil-cpp/absl/strings/cord.cc +20 -15
- data/third_party/abseil-cpp/absl/strings/cord.h +68 -7
- data/third_party/abseil-cpp/absl/strings/escaping.cc +96 -21
- data/third_party/abseil-cpp/absl/strings/escaping.h +25 -8
- data/third_party/abseil-cpp/absl/strings/has_absl_stringify.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +10 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +29 -9
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +19 -13
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +23 -13
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +24 -24
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +12 -7
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +9 -4
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +5 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +23 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +5 -1
- data/third_party/abseil-cpp/absl/strings/numbers.cc +107 -333
- data/third_party/abseil-cpp/absl/strings/numbers.h +12 -151
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +49 -142
- data/third_party/abseil-cpp/absl/strings/str_cat.h +70 -85
- data/third_party/abseil-cpp/absl/strings/str_format.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_join.h +19 -5
- data/third_party/abseil-cpp/absl/strings/str_split.h +2 -2
- data/third_party/abseil-cpp/absl/strings/string_view.h +3 -2
- data/third_party/abseil-cpp/absl/strings/substitute.cc +4 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -2
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +5 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +5 -4
- data/third_party/abseil-cpp/absl/time/civil_time.h +2 -2
- data/third_party/abseil-cpp/absl/time/clock.cc +15 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +58 -53
- data/third_party/abseil-cpp/absl/time/format.cc +2 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +0 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +3 -3
- data/third_party/abseil-cpp/absl/time/time.h +73 -29
- data/third_party/abseil-cpp/absl/types/compare.h +505 -0
- data/third_party/abseil-cpp/absl/types/internal/optional.h +2 -2
- data/third_party/abseil-cpp/absl/types/internal/variant.h +55 -67
- data/third_party/abseil-cpp/absl/types/optional.h +15 -18
- data/third_party/abseil-cpp/absl/types/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/variant.h +19 -24
- data/third_party/abseil-cpp/absl/utility/utility.h +3 -41
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +243 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +47 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +43 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +424 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +239 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +32 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +415 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +206 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +224 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +355 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +63 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +241 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +932 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +669 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +276 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +84 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +229 -0
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +434 -0
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +119 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +658 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +268 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +511 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +292 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +152 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +446 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +59 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +133 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/bn_asn1.cc +57 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +423 -0
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +118 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +266 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +702 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +912 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +156 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +224 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +36 -32
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesctrhmac.cc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +845 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_chacha20poly1305.cc +341 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_des.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc2.cc +417 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_tls.cc +599 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +240 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/tls_cbc.cc +476 -0
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +631 -0
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +75 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +94 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +151 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +287 -0
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +183 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +2154 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +529 -0
- data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +829 -0
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +442 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +306 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +951 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +570 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_derive.cc +96 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +510 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +357 -0
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +95 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +810 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +471 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +440 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +20 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +153 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +142 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +286 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +103 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +225 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +236 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +609 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +237 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +98 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +342 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +216 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +114 -0
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +141 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +191 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +1281 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cbc.cc.inc +130 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cfb.cc.inc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +604 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm_nohw.cc.inc +302 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +450 -75
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +208 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +84 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +282 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +729 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +269 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +554 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +374 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +225 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +191 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +825 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +1227 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +300 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +339 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +582 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +52 -151
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +108 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +430 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +222 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +698 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +980 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +260 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +142 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +320 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +459 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +295 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +672 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +1242 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +409 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -68
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +288 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +26 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +203 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +443 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +250 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +178 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +226 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +986 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +439 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +306 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +1163 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +741 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +87 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +749 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +284 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +269 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +255 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +221 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +88 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +41 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +112 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +215 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/keccak.cc.inc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +214 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +19 -104
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +483 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +983 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +1296 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +129 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +1042 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +36 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +327 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +109 -74
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +390 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +299 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +473 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/address.h +119 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.cc.inc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.cc.inc +161 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/params.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.cc.inc +171 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +180 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +1095 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +2185 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +346 -456
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +14 -14
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +869 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +309 -0
- data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +194 -0
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +243 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +583 -0
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +90 -0
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +152 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +519 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +18 -57
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +80 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +149 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +254 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +741 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +45 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +208 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +141 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +526 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +275 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +487 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +1304 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +314 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +310 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +850 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +262 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +65 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +194 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +60 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/passive.cc +178 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/rand.cc +77 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +328 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +102 -0
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +59 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_asn1.cc +283 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +531 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +113 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +496 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread.cc +68 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +151 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +240 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +1656 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +685 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +1263 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +97 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +136 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +542 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +355 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +227 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +17 -62
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +185 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +796 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +364 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +103 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +203 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +287 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +181 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +31 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +593 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +95 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +102 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +374 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +444 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +557 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +114 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +228 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +81 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +304 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +514 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +101 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +183 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +590 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +131 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +1342 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +47 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +186 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +238 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +66 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +139 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +554 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +257 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +118 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +249 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +1600 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +440 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +235 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +365 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +67 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +91 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +107 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +342 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +492 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +170 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +506 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +169 -0
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +1529 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +37 -63
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +248 -328
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +32 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +98 -97
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +28 -130
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +43 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +35 -25
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +34 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +27 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +31 -72
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +26 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +39 -70
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +14 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +28 -110
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +146 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +21 -19
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +130 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +222 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +30 -69
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +15 -57
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +88 -117
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +32 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +23 -63
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +15 -95
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +174 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +60 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +723 -369
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +15 -114
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +23 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +36 -23
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +15 -57
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +29 -158
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2951 -2520
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +15 -14
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +684 -441
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +129 -168
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +177 -127
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +21 -127
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +112 -97
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +456 -222
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +57 -56
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +740 -530
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +67 -74
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +78 -160
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +283 -332
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +242 -324
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +1213 -648
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +88 -170
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +29 -160
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +39 -113
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +103 -111
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +52 -145
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +22 -24
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +155 -521
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +239 -373
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +608 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +15 -111
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +129 -33
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +289 -389
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +147 -169
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +104 -247
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +17 -91
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +109 -157
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +48 -28
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +104 -301
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -176
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +79 -69
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +187 -88
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +296 -163
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +290 -116
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +64 -117
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +55 -157
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
- data/third_party/upb/upb/base/string_view.h +1 -1
- data/third_party/upb/upb/json/decode.c +60 -13
- data/third_party/upb/upb/json/decode.h +26 -3
- data/third_party/upb/upb/json/encode.c +2 -2
- data/third_party/upb/upb/lex/round_trip.c +10 -0
- data/third_party/upb/upb/mem/arena.c +80 -4
- data/third_party/upb/upb/mem/arena.h +20 -9
- data/third_party/upb/upb/mem/arena.hpp +5 -1
- data/third_party/upb/upb/mem/internal/arena.h +11 -8
- data/third_party/upb/upb/message/accessors.c +6 -7
- data/third_party/upb/upb/message/accessors.h +186 -376
- data/third_party/upb/upb/message/array.c +26 -3
- data/third_party/upb/upb/message/array.h +17 -9
- data/third_party/upb/upb/message/compat.c +5 -5
- data/third_party/upb/upb/message/compat.h +3 -3
- data/third_party/upb/upb/message/copy.c +23 -20
- data/third_party/upb/upb/message/internal/accessors.h +617 -55
- data/third_party/upb/upb/message/internal/array.h +23 -15
- data/third_party/upb/upb/message/internal/compare_unknown.c +289 -0
- data/third_party/upb/upb/message/internal/compare_unknown.h +49 -0
- data/third_party/upb/upb/message/internal/extension.c +12 -12
- data/third_party/upb/upb/message/internal/extension.h +9 -12
- data/third_party/upb/upb/message/internal/map.h +15 -0
- data/third_party/upb/upb/message/internal/map_sorter.h +4 -5
- data/third_party/upb/upb/message/internal/message.c +22 -6
- data/third_party/upb/upb/message/internal/message.h +11 -0
- data/third_party/upb/upb/message/internal/tagged_ptr.h +5 -5
- data/third_party/upb/upb/message/internal/types.h +41 -1
- data/third_party/upb/upb/message/map.c +25 -0
- data/third_party/upb/upb/message/map.h +11 -7
- data/third_party/upb/upb/message/merge.c +38 -0
- data/third_party/upb/upb/message/merge.h +26 -0
- data/third_party/upb/upb/message/message.c +83 -4
- data/third_party/upb/upb/message/message.h +16 -1
- data/third_party/upb/upb/message/tagged_ptr.h +4 -8
- data/third_party/upb/upb/message/value.h +26 -0
- data/third_party/upb/upb/mini_descriptor/build_enum.c +3 -3
- data/third_party/upb/upb/mini_descriptor/build_enum.h +6 -14
- data/third_party/upb/upb/mini_descriptor/decode.c +19 -3
- data/third_party/upb/upb/mini_descriptor/link.c +23 -21
- data/third_party/upb/upb/mini_table/enum.h +2 -4
- data/third_party/upb/upb/mini_table/extension.h +4 -12
- data/third_party/upb/upb/mini_table/extension_registry.c +18 -0
- data/third_party/upb/upb/mini_table/extension_registry.h +17 -0
- data/third_party/upb/upb/mini_table/field.h +12 -38
- data/third_party/upb/upb/mini_table/file.h +6 -19
- data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
- data/third_party/upb/upb/mini_table/internal/extension.h +18 -9
- data/third_party/upb/upb/mini_table/internal/field.h +23 -23
- data/third_party/upb/upb/mini_table/internal/file.h +7 -7
- data/third_party/upb/upb/mini_table/internal/message.c +21 -1
- data/third_party/upb/upb/mini_table/internal/message.h +80 -36
- data/third_party/upb/upb/mini_table/internal/sub.h +9 -4
- data/third_party/upb/upb/mini_table/message.h +23 -22
- data/third_party/upb/upb/mini_table/sub.h +4 -12
- data/third_party/upb/upb/port/def.inc +108 -12
- data/third_party/upb/upb/port/undef.inc +8 -1
- data/third_party/upb/upb/reflection/common.h +1 -11
- data/third_party/upb/upb/reflection/def.hpp +35 -0
- data/third_party/upb/upb/reflection/def_pool.h +2 -2
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +19 -0
- data/third_party/upb/upb/reflection/enum_def.c +5 -1
- data/third_party/upb/upb/reflection/enum_def.h +1 -0
- data/third_party/upb/upb/reflection/enum_value_def.c +3 -8
- data/third_party/upb/upb/reflection/field_def.c +72 -46
- data/third_party/upb/upb/reflection/field_def.h +4 -0
- data/third_party/upb/upb/reflection/file_def.c +30 -4
- data/third_party/upb/upb/reflection/file_def.h +3 -0
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message.c +26 -9
- data/third_party/upb/upb/reflection/message.h +2 -2
- data/third_party/upb/upb/reflection/message_def.c +14 -9
- data/third_party/upb/upb/reflection/method_def.h +8 -7
- data/third_party/upb/upb/reflection/service_def.h +6 -5
- data/third_party/upb/upb/text/encode.c +53 -389
- data/third_party/upb/upb/text/encode.h +1 -11
- data/third_party/upb/upb/text/internal/encode.c +180 -0
- data/third_party/upb/upb/text/internal/encode.h +240 -0
- data/third_party/upb/upb/text/options.h +22 -0
- data/third_party/upb/upb/wire/decode.c +160 -94
- data/third_party/upb/upb/wire/decode.h +15 -2
- data/third_party/upb/upb/wire/encode.c +89 -48
- data/third_party/upb/upb/wire/encode.h +12 -1
- data/third_party/upb/upb/wire/eps_copy_input_stream.h +3 -3
- data/third_party/upb/upb/wire/internal/decode_fast.c +28 -29
- data/third_party/upb/upb/wire/internal/reader.h +3 -3
- data/third_party/upb/upb/wire/reader.c +1 -2
- data/third_party/upb/upb/wire/reader.h +4 -8
- metadata +737 -639
- data/src/core/client_channel/client_channel_channelz.cc +0 -93
- data/src/core/client_channel/client_channel_channelz.h +0 -85
- data/src/core/client_channel/config_selector.cc +0 -60
- data/src/core/client_channel/http_proxy_mapper.cc +0 -304
- data/src/core/client_channel/http_proxy_mapper.h +0 -53
- data/src/core/ext/filters/deadline/deadline_filter.cc +0 -407
- data/src/core/ext/filters/deadline/deadline_filter.h +0 -85
- data/src/core/ext/filters/server_config_selector/server_config_selector.h +0 -83
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +0 -171
- data/src/core/ext/filters/server_config_selector/server_config_selector_filter.h +0 -33
- data/src/core/ext/gcp/metadata_query.cc +0 -136
- data/src/core/ext/gcp/metadata_query.h +0 -87
- data/src/core/ext/transport/chttp2/transport/http_trace.cc +0 -19
- data/src/core/ext/transport/chttp2/transport/http_trace.h +0 -24
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +0 -44
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +0 -67
- data/src/core/ext/transport/inproc/inproc_plugin.cc +0 -23
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -419
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -81
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -30
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -400
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -106
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -33
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -104
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -32
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -66
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -47
- data/src/core/ext/xds/certificate_provider_store.cc +0 -155
- data/src/core/ext/xds/certificate_provider_store.h +0 -134
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +0 -138
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +0 -82
- data/src/core/ext/xds/upb_utils.h +0 -45
- data/src/core/ext/xds/xds_api.cc +0 -572
- data/src/core/ext/xds/xds_api.h +0 -189
- data/src/core/ext/xds/xds_audit_logger_registry.cc +0 -123
- data/src/core/ext/xds/xds_audit_logger_registry.h +0 -68
- data/src/core/ext/xds/xds_bootstrap.cc +0 -38
- data/src/core/ext/xds/xds_bootstrap.h +0 -88
- data/src/core/ext/xds/xds_bootstrap_grpc.cc +0 -397
- data/src/core/ext/xds/xds_bootstrap_grpc.h +0 -197
- data/src/core/ext/xds/xds_certificate_provider.cc +0 -217
- data/src/core/ext/xds/xds_certificate_provider.h +0 -116
- data/src/core/ext/xds/xds_channel_args.h +0 -32
- data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -107
- data/src/core/ext/xds/xds_channel_stack_modifier.h +0 -64
- data/src/core/ext/xds/xds_client.cc +0 -2303
- data/src/core/ext/xds/xds_client.h +0 -391
- data/src/core/ext/xds/xds_client_grpc.cc +0 -410
- data/src/core/ext/xds/xds_client_grpc.h +0 -110
- data/src/core/ext/xds/xds_client_stats.cc +0 -173
- data/src/core/ext/xds/xds_client_stats.h +0 -258
- data/src/core/ext/xds/xds_cluster.cc +0 -795
- data/src/core/ext/xds/xds_cluster.h +0 -145
- data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +0 -140
- data/src/core/ext/xds/xds_cluster_specifier_plugin.h +0 -97
- data/src/core/ext/xds/xds_common_types.cc +0 -509
- data/src/core/ext/xds/xds_common_types.h +0 -108
- data/src/core/ext/xds/xds_endpoint.cc +0 -517
- data/src/core/ext/xds/xds_endpoint.h +0 -150
- data/src/core/ext/xds/xds_health_status.cc +0 -75
- data/src/core/ext/xds/xds_health_status.h +0 -91
- data/src/core/ext/xds/xds_http_fault_filter.cc +0 -238
- data/src/core/ext/xds/xds_http_fault_filter.h +0 -58
- data/src/core/ext/xds/xds_http_filters.cc +0 -117
- data/src/core/ext/xds/xds_http_filters.h +0 -182
- data/src/core/ext/xds/xds_http_rbac_filter.cc +0 -588
- data/src/core/ext/xds/xds_http_rbac_filter.h +0 -58
- data/src/core/ext/xds/xds_http_stateful_session_filter.cc +0 -218
- data/src/core/ext/xds/xds_http_stateful_session_filter.h +0 -58
- data/src/core/ext/xds/xds_lb_policy_registry.cc +0 -371
- data/src/core/ext/xds/xds_lb_policy_registry.h +0 -71
- data/src/core/ext/xds/xds_listener.cc +0 -1142
- data/src/core/ext/xds/xds_listener.h +0 -236
- data/src/core/ext/xds/xds_metrics.h +0 -39
- data/src/core/ext/xds/xds_resource_type.h +0 -98
- data/src/core/ext/xds/xds_resource_type_impl.h +0 -88
- data/src/core/ext/xds/xds_route_config.cc +0 -1198
- data/src/core/ext/xds/xds_route_config.h +0 -253
- data/src/core/ext/xds/xds_routing.cc +0 -264
- data/src/core/ext/xds/xds_routing.h +0 -106
- data/src/core/ext/xds/xds_server_config_fetcher.cc +0 -1393
- data/src/core/ext/xds/xds_transport.h +0 -89
- data/src/core/ext/xds/xds_transport_grpc.cc +0 -350
- data/src/core/ext/xds/xds_transport_grpc.h +0 -139
- data/src/core/lib/avl/avl.h +0 -325
- data/src/core/lib/backoff/backoff.cc +0 -47
- data/src/core/lib/backoff/backoff.h +0 -89
- data/src/core/lib/backoff/random_early_detection.cc +0 -33
- data/src/core/lib/backoff/random_early_detection.h +0 -62
- data/src/core/lib/channel/call_tracer.cc +0 -364
- data/src/core/lib/channel/call_tracer.h +0 -227
- data/src/core/lib/channel/channel_stack_trace.cc +0 -19
- data/src/core/lib/channel/channel_stack_trace.h +0 -24
- data/src/core/lib/channel/channel_trace.cc +0 -187
- data/src/core/lib/channel/channel_trace.h +0 -138
- data/src/core/lib/channel/channelz.cc +0 -610
- data/src/core/lib/channel/channelz.h +0 -384
- data/src/core/lib/channel/channelz_registry.cc +0 -281
- data/src/core/lib/channel/channelz_registry.h +0 -102
- data/src/core/lib/channel/context.h +0 -77
- data/src/core/lib/channel/metrics.cc +0 -396
- data/src/core/lib/channel/metrics.h +0 -406
- data/src/core/lib/channel/server_call_tracer_filter.cc +0 -113
- data/src/core/lib/channel/server_call_tracer_filter.h +0 -28
- data/src/core/lib/channel/tcp_tracer.h +0 -144
- data/src/core/lib/config/config_vars.cc +0 -154
- data/src/core/lib/config/config_vars.h +0 -131
- data/src/core/lib/config/config_vars_non_generated.cc +0 -49
- data/src/core/lib/config/core_configuration.cc +0 -111
- data/src/core/lib/config/core_configuration.h +0 -244
- data/src/core/lib/config/load_config.cc +0 -79
- data/src/core/lib/config/load_config.h +0 -55
- data/src/core/lib/debug/event_log.cc +0 -88
- data/src/core/lib/debug/event_log.h +0 -81
- data/src/core/lib/debug/histogram_view.cc +0 -69
- data/src/core/lib/debug/histogram_view.h +0 -37
- data/src/core/lib/debug/stats.cc +0 -68
- data/src/core/lib/debug/stats.h +0 -64
- data/src/core/lib/debug/stats_data.cc +0 -752
- data/src/core/lib/debug/stats_data.h +0 -579
- data/src/core/lib/event_engine/trace.cc +0 -25
- data/src/core/lib/event_engine/trace.h +0 -49
- data/src/core/lib/gpr/alloc.cc +0 -71
- data/src/core/lib/gpr/alloc.h +0 -28
- data/src/core/lib/gpr/android/log.cc +0 -79
- data/src/core/lib/gpr/atm.cc +0 -35
- data/src/core/lib/gpr/iphone/cpu.cc +0 -44
- data/src/core/lib/gpr/linux/cpu.cc +0 -87
- data/src/core/lib/gpr/linux/log.cc +0 -114
- data/src/core/lib/gpr/log.cc +0 -166
- data/src/core/lib/gpr/log_internal.h +0 -55
- data/src/core/lib/gpr/msys/tmpfile.cc +0 -59
- data/src/core/lib/gpr/posix/cpu.cc +0 -84
- data/src/core/lib/gpr/posix/log.cc +0 -111
- data/src/core/lib/gpr/posix/string.cc +0 -72
- data/src/core/lib/gpr/posix/sync.cc +0 -159
- data/src/core/lib/gpr/posix/time.cc +0 -122
- data/src/core/lib/gpr/posix/tmpfile.cc +0 -71
- data/src/core/lib/gpr/spinlock.h +0 -53
- data/src/core/lib/gpr/string.cc +0 -344
- data/src/core/lib/gpr/string.h +0 -112
- data/src/core/lib/gpr/sync.cc +0 -124
- data/src/core/lib/gpr/sync_abseil.cc +0 -110
- data/src/core/lib/gpr/time.cc +0 -269
- data/src/core/lib/gpr/time_precise.cc +0 -168
- data/src/core/lib/gpr/time_precise.h +0 -69
- data/src/core/lib/gpr/tmpfile.h +0 -32
- data/src/core/lib/gpr/useful.h +0 -184
- data/src/core/lib/gpr/windows/cpu.cc +0 -35
- data/src/core/lib/gpr/windows/log.cc +0 -116
- data/src/core/lib/gpr/windows/string.cc +0 -69
- data/src/core/lib/gpr/windows/string_util.cc +0 -55
- data/src/core/lib/gpr/windows/sync.cc +0 -122
- data/src/core/lib/gpr/windows/time.cc +0 -105
- data/src/core/lib/gpr/windows/tmpfile.cc +0 -68
- data/src/core/lib/gprpp/atomic_utils.h +0 -47
- data/src/core/lib/gprpp/bitset.h +0 -225
- data/src/core/lib/gprpp/chunked_vector.h +0 -257
- data/src/core/lib/gprpp/construct_destruct.h +0 -40
- data/src/core/lib/gprpp/cpp_impl_of.h +0 -49
- data/src/core/lib/gprpp/crash.cc +0 -43
- data/src/core/lib/gprpp/crash.h +0 -37
- data/src/core/lib/gprpp/debug_location.h +0 -99
- data/src/core/lib/gprpp/directory_reader.h +0 -48
- data/src/core/lib/gprpp/down_cast.h +0 -49
- data/src/core/lib/gprpp/dual_ref_counted.h +0 -364
- data/src/core/lib/gprpp/env.h +0 -53
- data/src/core/lib/gprpp/examine_stack.cc +0 -43
- data/src/core/lib/gprpp/examine_stack.h +0 -45
- data/src/core/lib/gprpp/fork.cc +0 -242
- data/src/core/lib/gprpp/fork.h +0 -98
- data/src/core/lib/gprpp/host_port.cc +0 -114
- data/src/core/lib/gprpp/host_port.h +0 -57
- data/src/core/lib/gprpp/if_list.h +0 -4530
- data/src/core/lib/gprpp/linux/env.cc +0 -62
- data/src/core/lib/gprpp/load_file.cc +0 -78
- data/src/core/lib/gprpp/load_file.h +0 -34
- data/src/core/lib/gprpp/manual_constructor.h +0 -146
- data/src/core/lib/gprpp/match.h +0 -75
- data/src/core/lib/gprpp/memory.h +0 -53
- data/src/core/lib/gprpp/mpscq.cc +0 -108
- data/src/core/lib/gprpp/mpscq.h +0 -99
- data/src/core/lib/gprpp/no_destruct.h +0 -95
- data/src/core/lib/gprpp/notification.h +0 -67
- data/src/core/lib/gprpp/orphanable.h +0 -153
- data/src/core/lib/gprpp/overload.h +0 -59
- data/src/core/lib/gprpp/packed_table.h +0 -40
- data/src/core/lib/gprpp/per_cpu.cc +0 -35
- data/src/core/lib/gprpp/per_cpu.h +0 -104
- data/src/core/lib/gprpp/posix/directory_reader.cc +0 -82
- data/src/core/lib/gprpp/posix/env.cc +0 -47
- data/src/core/lib/gprpp/posix/stat.cc +0 -54
- data/src/core/lib/gprpp/posix/thd.cc +0 -247
- data/src/core/lib/gprpp/ref_counted.h +0 -394
- data/src/core/lib/gprpp/ref_counted_ptr.h +0 -445
- data/src/core/lib/gprpp/ref_counted_string.cc +0 -44
- data/src/core/lib/gprpp/ref_counted_string.h +0 -161
- data/src/core/lib/gprpp/single_set_ptr.h +0 -87
- data/src/core/lib/gprpp/sorted_pack.h +0 -89
- data/src/core/lib/gprpp/stat.h +0 -36
- data/src/core/lib/gprpp/status_helper.cc +0 -453
- data/src/core/lib/gprpp/status_helper.h +0 -190
- data/src/core/lib/gprpp/strerror.cc +0 -41
- data/src/core/lib/gprpp/strerror.h +0 -29
- data/src/core/lib/gprpp/sync.h +0 -200
- data/src/core/lib/gprpp/table.h +0 -452
- data/src/core/lib/gprpp/tchar.cc +0 -49
- data/src/core/lib/gprpp/tchar.h +0 -33
- data/src/core/lib/gprpp/thd.h +0 -195
- data/src/core/lib/gprpp/time.cc +0 -242
- data/src/core/lib/gprpp/time.h +0 -385
- data/src/core/lib/gprpp/time_averaged_stats.cc +0 -60
- data/src/core/lib/gprpp/time_averaged_stats.h +0 -79
- data/src/core/lib/gprpp/time_util.cc +0 -81
- data/src/core/lib/gprpp/time_util.h +0 -42
- data/src/core/lib/gprpp/type_list.h +0 -32
- data/src/core/lib/gprpp/unique_type_name.h +0 -104
- data/src/core/lib/gprpp/uuid_v4.cc +0 -37
- data/src/core/lib/gprpp/uuid_v4.h +0 -36
- data/src/core/lib/gprpp/validation_errors.cc +0 -65
- data/src/core/lib/gprpp/validation_errors.h +0 -134
- data/src/core/lib/gprpp/windows/directory_reader.cc +0 -81
- data/src/core/lib/gprpp/windows/env.cc +0 -56
- data/src/core/lib/gprpp/windows/stat.cc +0 -50
- data/src/core/lib/gprpp/windows/thd.cc +0 -182
- data/src/core/lib/gprpp/work_serializer.cc +0 -558
- data/src/core/lib/gprpp/work_serializer.h +0 -107
- data/src/core/lib/gprpp/xxhash_inline.h +0 -29
- data/src/core/lib/handshaker/proxy_mapper.h +0 -53
- data/src/core/lib/handshaker/proxy_mapper_registry.cc +0 -71
- data/src/core/lib/handshaker/proxy_mapper_registry.h +0 -75
- data/src/core/lib/http/format_request.cc +0 -137
- data/src/core/lib/http/format_request.h +0 -38
- data/src/core/lib/http/httpcli.cc +0 -392
- data/src/core/lib/http/httpcli.h +0 -268
- data/src/core/lib/http/httpcli_security_connector.cc +0 -213
- data/src/core/lib/http/httpcli_ssl_credentials.h +0 -39
- data/src/core/lib/http/parser.cc +0 -451
- data/src/core/lib/http/parser.h +0 -130
- data/src/core/lib/iomgr/ev_windows.cc +0 -30
- data/src/core/lib/iomgr/gethostname.h +0 -26
- data/src/core/lib/iomgr/gethostname_fallback.cc +0 -30
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +0 -40
- data/src/core/lib/iomgr/gethostname_sysconf.cc +0 -40
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +0 -30
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +0 -43
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +0 -39
- data/src/core/lib/json/json.h +0 -30
- data/src/core/lib/json/json_args.h +0 -34
- data/src/core/lib/json/json_channel_args.h +0 -42
- data/src/core/lib/json/json_object_loader.cc +0 -216
- data/src/core/lib/json/json_object_loader.h +0 -645
- data/src/core/lib/json/json_reader.cc +0 -956
- data/src/core/lib/json/json_reader.h +0 -34
- data/src/core/lib/json/json_util.cc +0 -101
- data/src/core/lib/json/json_util.h +0 -164
- data/src/core/lib/json/json_writer.cc +0 -339
- data/src/core/lib/json/json_writer.h +0 -33
- data/src/core/lib/matchers/matchers.cc +0 -330
- data/src/core/lib/matchers/matchers.h +0 -163
- data/src/core/lib/promise/trace.cc +0 -20
- data/src/core/lib/promise/trace.h +0 -24
- data/src/core/lib/resource_quota/trace.cc +0 -19
- data/src/core/lib/resource_quota/trace.h +0 -24
- data/src/core/lib/security/transport/secure_endpoint.cc +0 -565
- data/src/core/lib/security/transport/secure_endpoint.h +0 -43
- data/src/core/lib/security/transport/security_handshaker.cc +0 -682
- data/src/core/lib/security/transport/security_handshaker.h +0 -47
- data/src/core/lib/security/transport/tsi_error.cc +0 -31
- data/src/core/lib/security/transport/tsi_error.h +0 -30
- data/src/core/lib/slice/slice_refcount.cc +0 -20
- data/src/core/lib/surface/api_trace.cc +0 -25
- data/src/core/lib/surface/api_trace.h +0 -53
- data/src/core/lib/surface/call_trace.h +0 -24
- data/src/core/lib/surface/server.cc +0 -2030
- data/src/core/lib/surface/server.h +0 -555
- data/src/core/lib/surface/server_interface.h +0 -43
- data/src/core/lib/surface/wait_for_cq_end_op.cc +0 -75
- data/src/core/lib/surface/wait_for_cq_end_op.h +0 -72
- data/src/core/lib/transport/batch_builder.cc +0 -170
- data/src/core/lib/transport/batch_builder.h +0 -476
- data/src/core/lib/transport/call_size_estimator.cc +0 -41
- data/src/core/lib/transport/call_size_estimator.h +0 -52
- data/src/core/lib/transport/endpoint_info_handshaker.cc +0 -80
- data/src/core/lib/transport/endpoint_info_handshaker.h +0 -37
- data/src/core/lib/transport/handshaker.cc +0 -229
- data/src/core/lib/transport/handshaker.h +0 -165
- data/src/core/lib/transport/handshaker_factory.h +0 -73
- data/src/core/lib/transport/handshaker_registry.cc +0 -61
- data/src/core/lib/transport/handshaker_registry.h +0 -69
- data/src/core/lib/transport/http_connect_handshaker.cc +0 -400
- data/src/core/lib/transport/http_connect_handshaker.h +0 -42
- data/src/core/lib/transport/tcp_connect_handshaker.cc +0 -244
- data/src/core/lib/transport/tcp_connect_handshaker.h +0 -39
- data/src/core/lib/uri/uri_parser.cc +0 -372
- data/src/core/lib/uri/uri_parser.h +0 -101
- data/src/core/resolver/binder/binder_resolver.cc +0 -154
- data/src/core/resolver/xds/xds_resolver_trace.cc +0 -25
- data/src/core/resolver/xds/xds_resolver_trace.h +0 -30
- data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +0 -44
- data/third_party/boringssl-with-bazel/err_data.c +0 -1512
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -95
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -89
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -84
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -151
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +0 -465
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +0 -279
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +0 -235
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -74
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +0 -457
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +0 -259
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +0 -214
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -183
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -397
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -103
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -98
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -105
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -94
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +0 -241
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +0 -973
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +0 -708
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -212
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +0 -317
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -126
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +0 -268
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +0 -475
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +0 -731
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +0 -309
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +0 -544
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +0 -92
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -235
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +0 -319
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +0 -480
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -102
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +0 -169
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +0 -57
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +0 -465
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -158
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +0 -266
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +0 -718
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -926
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +0 -155
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +0 -841
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +0 -341
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +0 -246
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -86
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +0 -463
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -89
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +0 -598
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +0 -237
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +0 -514
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +0 -647
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -122
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +0 -75
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -55
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -62
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +0 -41
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -148
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +0 -292
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +0 -242
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +0 -2157
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +0 -18
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +0 -523
- data/third_party/boringssl-with-bazel/src/crypto/des/des.c +0 -871
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -165
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +0 -480
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -265
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +0 -981
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +0 -420
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +0 -572
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +0 -96
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +0 -508
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -78
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +0 -265
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +0 -91
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +0 -882
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +0 -509
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +0 -547
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +0 -483
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +0 -308
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +0 -275
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +0 -302
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +0 -103
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +0 -232
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +0 -646
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +0 -211
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +0 -109
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +0 -381
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +0 -209
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -156
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -237
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -106
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +0 -1281
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +0 -242
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -275
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +0 -310
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -541
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +0 -428
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +0 -267
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +0 -201
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -234
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +0 -909
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +0 -1276
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -397
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +0 -328
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +0 -624
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c +0 -146
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +0 -532
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +0 -222
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +0 -744
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -1070
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +0 -355
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +0 -137
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +0 -363
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +0 -499
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +0 -717
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +0 -1463
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.c +0 -446
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.c +0 -322
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +0 -489
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +0 -288
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +0 -304
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.c +0 -267
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +0 -1043
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +0 -553
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +0 -491
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +0 -104
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +0 -359
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +0 -1163
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +0 -637
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +0 -749
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +0 -169
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +0 -336
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +0 -269
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +0 -255
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -264
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +0 -130
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +0 -372
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +0 -112
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +0 -256
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +0 -240
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +0 -164
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +0 -200
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +0 -196
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +0 -743
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +0 -302
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -428
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +0 -90
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +0 -220
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +0 -197
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -493
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -328
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -241
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +0 -423
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +0 -1038
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +0 -1337
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +0 -119
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +0 -1064
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +0 -331
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +0 -439
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +0 -359
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +0 -537
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +0 -211
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +0 -799
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +0 -2234
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/keccak/keccak.c +0 -279
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +0 -844
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +0 -350
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +0 -600
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +0 -564
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -243
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -294
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -789
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -248
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -182
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +0 -193
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -523
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +0 -316
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -527
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +0 -1352
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +0 -314
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +0 -308
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +0 -847
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +0 -261
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +0 -57
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +0 -52
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +0 -34
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +0 -158
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +0 -74
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +0 -95
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
- data/third_party/boringssl-with-bazel/src/crypto/refcount.c +0 -59
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -77
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +0 -324
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +0 -570
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/spx/internal.h +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -139
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +0 -534
- data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -51
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +0 -1668
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +0 -687
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +0 -1267
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -94
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -116
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -585
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +0 -407
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -269
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +0 -227
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +0 -786
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +0 -397
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -145
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -329
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.c +0 -221
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.c +0 -73
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.c +0 -634
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.c +0 -141
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.c +0 -416
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +0 -477
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +0 -598
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.c +0 -112
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.c +0 -154
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.c +0 -270
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.c +0 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +0 -211
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.c +0 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +0 -342
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.c +0 -555
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.c +0 -81
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.c +0 -142
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.c +0 -624
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.c +0 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.c +0 -1357
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -89
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -227
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -280
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -108
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -86
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -181
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -609
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +0 -299
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +0 -240
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +0 -164
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -291
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -1655
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +0 -440
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +0 -277
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +0 -407
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -109
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -149
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -356
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -97
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +0 -384
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -78
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +0 -527
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -210
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -116
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +0 -549
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +0 -209
- data/third_party/boringssl-with-bazel/src/include/openssl/kyber.h +0 -136
- data/third_party/boringssl-with-bazel/src/include/openssl/pki/certificate.h +0 -83
- data/third_party/boringssl-with-bazel/src/include/openssl/pki/signature_verify_cache.h +0 -41
|
@@ -1,143 +1,18 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
* the code are not to be removed.
|
|
17
|
-
* If this package is used in a product, Eric Young should be given attribution
|
|
18
|
-
* as the author of the parts of the library used.
|
|
19
|
-
* This can be in the form of a textual message at program startup or
|
|
20
|
-
* in documentation (online or textual) provided with the package.
|
|
21
|
-
*
|
|
22
|
-
* Redistribution and use in source and binary forms, with or without
|
|
23
|
-
* modification, are permitted provided that the following conditions
|
|
24
|
-
* are met:
|
|
25
|
-
* 1. Redistributions of source code must retain the copyright
|
|
26
|
-
* notice, this list of conditions and the following disclaimer.
|
|
27
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
|
28
|
-
* notice, this list of conditions and the following disclaimer in the
|
|
29
|
-
* documentation and/or other materials provided with the distribution.
|
|
30
|
-
* 3. All advertising materials mentioning features or use of this software
|
|
31
|
-
* must display the following acknowledgement:
|
|
32
|
-
* "This product includes cryptographic software written by
|
|
33
|
-
* Eric Young (eay@cryptsoft.com)"
|
|
34
|
-
* The word 'cryptographic' can be left out if the rouines from the library
|
|
35
|
-
* being used are not cryptographic related :-).
|
|
36
|
-
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
37
|
-
* the apps directory (application code) you must include an acknowledgement:
|
|
38
|
-
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
39
|
-
*
|
|
40
|
-
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
41
|
-
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
42
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
43
|
-
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
44
|
-
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
45
|
-
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
46
|
-
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
47
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
48
|
-
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
49
|
-
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
50
|
-
* SUCH DAMAGE.
|
|
51
|
-
*
|
|
52
|
-
* The licence and distribution terms for any publically available version or
|
|
53
|
-
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
54
|
-
* copied and put under another distribution licence
|
|
55
|
-
* [including the GNU Public Licence.]
|
|
56
|
-
*/
|
|
57
|
-
/* ====================================================================
|
|
58
|
-
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
|
59
|
-
*
|
|
60
|
-
* Redistribution and use in source and binary forms, with or without
|
|
61
|
-
* modification, are permitted provided that the following conditions
|
|
62
|
-
* are met:
|
|
63
|
-
*
|
|
64
|
-
* 1. Redistributions of source code must retain the above copyright
|
|
65
|
-
* notice, this list of conditions and the following disclaimer.
|
|
66
|
-
*
|
|
67
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
|
68
|
-
* notice, this list of conditions and the following disclaimer in
|
|
69
|
-
* the documentation and/or other materials provided with the
|
|
70
|
-
* distribution.
|
|
71
|
-
*
|
|
72
|
-
* 3. All advertising materials mentioning features or use of this
|
|
73
|
-
* software must display the following acknowledgment:
|
|
74
|
-
* "This product includes software developed by the OpenSSL Project
|
|
75
|
-
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
76
|
-
*
|
|
77
|
-
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
78
|
-
* endorse or promote products derived from this software without
|
|
79
|
-
* prior written permission. For written permission, please contact
|
|
80
|
-
* openssl-core@openssl.org.
|
|
81
|
-
*
|
|
82
|
-
* 5. Products derived from this software may not be called "OpenSSL"
|
|
83
|
-
* nor may "OpenSSL" appear in their names without prior written
|
|
84
|
-
* permission of the OpenSSL Project.
|
|
85
|
-
*
|
|
86
|
-
* 6. Redistributions of any form whatsoever must retain the following
|
|
87
|
-
* acknowledgment:
|
|
88
|
-
* "This product includes software developed by the OpenSSL Project
|
|
89
|
-
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
90
|
-
*
|
|
91
|
-
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
92
|
-
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
93
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
94
|
-
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
95
|
-
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
96
|
-
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
97
|
-
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
98
|
-
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
99
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
100
|
-
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
101
|
-
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
102
|
-
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
103
|
-
* ====================================================================
|
|
104
|
-
*
|
|
105
|
-
* This product includes cryptographic software written by Eric Young
|
|
106
|
-
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
107
|
-
* Hudson (tjh@cryptsoft.com).
|
|
108
|
-
*
|
|
109
|
-
*/
|
|
110
|
-
/* ====================================================================
|
|
111
|
-
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
|
112
|
-
* ECC cipher suite support in OpenSSL originally developed by
|
|
113
|
-
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
|
114
|
-
*/
|
|
115
|
-
/* ====================================================================
|
|
116
|
-
* Copyright 2005 Nokia. All rights reserved.
|
|
117
|
-
*
|
|
118
|
-
* The portions of the attached software ("Contribution") is developed by
|
|
119
|
-
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
|
120
|
-
* license.
|
|
121
|
-
*
|
|
122
|
-
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
|
123
|
-
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
|
124
|
-
* support (see RFC 4279) to OpenSSL.
|
|
125
|
-
*
|
|
126
|
-
* No patent licenses or other rights except those expressly stated in
|
|
127
|
-
* the OpenSSL open source license shall be deemed granted or received
|
|
128
|
-
* expressly, by implication, estoppel, or otherwise.
|
|
129
|
-
*
|
|
130
|
-
* No assurances are provided by Nokia that the Contribution does not
|
|
131
|
-
* infringe the patent or other intellectual property rights of any third
|
|
132
|
-
* party or that the license provides you with all the necessary rights
|
|
133
|
-
* to make use of the Contribution.
|
|
134
|
-
*
|
|
135
|
-
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
|
136
|
-
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
|
137
|
-
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
|
138
|
-
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
|
139
|
-
* OTHERWISE.
|
|
140
|
-
*/
|
|
1
|
+
// Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
2
|
+
// Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
|
|
3
|
+
// Copyright 2005 Nokia. All rights reserved.
|
|
4
|
+
//
|
|
5
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
// you may not use this file except in compliance with the License.
|
|
7
|
+
// You may obtain a copy of the License at
|
|
8
|
+
//
|
|
9
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
//
|
|
11
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
// See the License for the specific language governing permissions and
|
|
15
|
+
// limitations under the License.
|
|
141
16
|
|
|
142
17
|
#ifndef OPENSSL_HEADER_SSL_INTERNAL_H
|
|
143
18
|
#define OPENSSL_HEADER_SSL_INTERNAL_H
|
|
@@ -146,9 +21,13 @@
|
|
|
146
21
|
|
|
147
22
|
#include <stdlib.h>
|
|
148
23
|
|
|
24
|
+
#include <algorithm>
|
|
25
|
+
#include <atomic>
|
|
26
|
+
#include <bitset>
|
|
149
27
|
#include <initializer_list>
|
|
150
28
|
#include <limits>
|
|
151
29
|
#include <new>
|
|
30
|
+
#include <string_view>
|
|
152
31
|
#include <type_traits>
|
|
153
32
|
#include <utility>
|
|
154
33
|
|
|
@@ -165,6 +44,7 @@
|
|
|
165
44
|
#include "../crypto/err/internal.h"
|
|
166
45
|
#include "../crypto/internal.h"
|
|
167
46
|
#include "../crypto/lhash/internal.h"
|
|
47
|
+
#include "../crypto/spake2plus/internal.h"
|
|
168
48
|
|
|
169
49
|
|
|
170
50
|
#if defined(OPENSSL_WINDOWS)
|
|
@@ -192,7 +72,7 @@ struct SSL_X509_METHOD;
|
|
|
192
72
|
//
|
|
193
73
|
// Note: unlike |new|, this does not support non-public constructors.
|
|
194
74
|
template <typename T, typename... Args>
|
|
195
|
-
T *New(Args &&...
|
|
75
|
+
T *New(Args &&...args) {
|
|
196
76
|
void *t = OPENSSL_malloc(sizeof(T));
|
|
197
77
|
if (t == nullptr) {
|
|
198
78
|
return nullptr;
|
|
@@ -223,27 +103,10 @@ struct DeleterImpl<T, std::enable_if_t<T::kAllowUniquePtr>> {
|
|
|
223
103
|
// MakeUnique behaves like |std::make_unique| but returns nullptr on allocation
|
|
224
104
|
// error.
|
|
225
105
|
template <typename T, typename... Args>
|
|
226
|
-
UniquePtr<T> MakeUnique(Args &&...
|
|
106
|
+
UniquePtr<T> MakeUnique(Args &&...args) {
|
|
227
107
|
return UniquePtr<T>(New<T>(std::forward<Args>(args)...));
|
|
228
108
|
}
|
|
229
109
|
|
|
230
|
-
#if defined(BORINGSSL_ALLOW_CXX_RUNTIME)
|
|
231
|
-
#define HAS_VIRTUAL_DESTRUCTOR
|
|
232
|
-
#define PURE_VIRTUAL = 0
|
|
233
|
-
#else
|
|
234
|
-
// HAS_VIRTUAL_DESTRUCTOR should be declared in any base class which defines a
|
|
235
|
-
// virtual destructor. This avoids a dependency on |_ZdlPv| and prevents the
|
|
236
|
-
// class from being used with |delete|.
|
|
237
|
-
#define HAS_VIRTUAL_DESTRUCTOR \
|
|
238
|
-
void operator delete(void *) { abort(); }
|
|
239
|
-
|
|
240
|
-
// PURE_VIRTUAL should be used instead of = 0 when defining pure-virtual
|
|
241
|
-
// functions. This avoids a dependency on |__cxa_pure_virtual| but loses
|
|
242
|
-
// compile-time checking.
|
|
243
|
-
#define PURE_VIRTUAL \
|
|
244
|
-
{ abort(); }
|
|
245
|
-
#endif
|
|
246
|
-
|
|
247
110
|
// Array<T> is an owning array of elements of |T|.
|
|
248
111
|
template <typename T>
|
|
249
112
|
class Array {
|
|
@@ -267,8 +130,14 @@ class Array {
|
|
|
267
130
|
size_t size() const { return size_; }
|
|
268
131
|
bool empty() const { return size_ == 0; }
|
|
269
132
|
|
|
270
|
-
const T &operator[](size_t i) const {
|
|
271
|
-
|
|
133
|
+
const T &operator[](size_t i) const {
|
|
134
|
+
BSSL_CHECK(i < size_);
|
|
135
|
+
return data_[i];
|
|
136
|
+
}
|
|
137
|
+
T &operator[](size_t i) {
|
|
138
|
+
BSSL_CHECK(i < size_);
|
|
139
|
+
return data_[i];
|
|
140
|
+
}
|
|
272
141
|
|
|
273
142
|
T *begin() { return data_; }
|
|
274
143
|
const T *begin() const { return data_; }
|
|
@@ -280,9 +149,7 @@ class Array {
|
|
|
280
149
|
// Reset releases the current contents of the array and takes ownership of the
|
|
281
150
|
// raw pointer supplied by the caller.
|
|
282
151
|
void Reset(T *new_data, size_t new_size) {
|
|
283
|
-
|
|
284
|
-
data_[i].~T();
|
|
285
|
-
}
|
|
152
|
+
std::destroy_n(data_, size_);
|
|
286
153
|
OPENSSL_free(data_);
|
|
287
154
|
data_ = new_data;
|
|
288
155
|
size_ = new_size;
|
|
@@ -298,38 +165,35 @@ class Array {
|
|
|
298
165
|
}
|
|
299
166
|
|
|
300
167
|
// Init replaces the array with a newly-allocated array of |new_size|
|
|
301
|
-
//
|
|
302
|
-
// error.
|
|
303
|
-
//
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
Reset();
|
|
307
|
-
if (new_size == 0) {
|
|
308
|
-
return true;
|
|
309
|
-
}
|
|
310
|
-
|
|
311
|
-
if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
312
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
168
|
+
// value-constructed copies of |T|. It returns true on success and false on
|
|
169
|
+
// error. If |T| is a primitive type like |uint8_t|, value-construction means
|
|
170
|
+
// it will be zero-initialized.
|
|
171
|
+
[[nodiscard]] bool Init(size_t new_size) {
|
|
172
|
+
if (!InitUninitialized(new_size)) {
|
|
313
173
|
return false;
|
|
314
174
|
}
|
|
315
|
-
data_
|
|
316
|
-
|
|
175
|
+
std::uninitialized_value_construct_n(data_, size_);
|
|
176
|
+
return true;
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
// InitForOverwrite behaves like |Init| but it default-constructs each element
|
|
180
|
+
// instead. This means that, if |T| is a primitive type, the array will be
|
|
181
|
+
// uninitialized and thus must be filled in by the caller.
|
|
182
|
+
[[nodiscard]] bool InitForOverwrite(size_t new_size) {
|
|
183
|
+
if (!InitUninitialized(new_size)) {
|
|
317
184
|
return false;
|
|
318
185
|
}
|
|
319
|
-
size_
|
|
320
|
-
for (size_t i = 0; i < size_; i++) {
|
|
321
|
-
new (&data_[i]) T;
|
|
322
|
-
}
|
|
186
|
+
std::uninitialized_default_construct_n(data_, size_);
|
|
323
187
|
return true;
|
|
324
188
|
}
|
|
325
189
|
|
|
326
190
|
// CopyFrom replaces the array with a newly-allocated copy of |in|. It returns
|
|
327
191
|
// true on success and false on error.
|
|
328
|
-
bool CopyFrom(Span<const T> in) {
|
|
329
|
-
if (!
|
|
192
|
+
[[nodiscard]] bool CopyFrom(Span<const T> in) {
|
|
193
|
+
if (!InitUninitialized(in.size())) {
|
|
330
194
|
return false;
|
|
331
195
|
}
|
|
332
|
-
|
|
196
|
+
std::uninitialized_copy(in.begin(), in.end(), data_);
|
|
333
197
|
return true;
|
|
334
198
|
}
|
|
335
199
|
|
|
@@ -339,75 +203,103 @@ class Array {
|
|
|
339
203
|
if (new_size > size_) {
|
|
340
204
|
abort();
|
|
341
205
|
}
|
|
342
|
-
|
|
343
|
-
data_[i].~T();
|
|
344
|
-
}
|
|
206
|
+
std::destroy_n(data_ + new_size, size_ - new_size);
|
|
345
207
|
size_ = new_size;
|
|
346
208
|
}
|
|
347
209
|
|
|
348
210
|
private:
|
|
211
|
+
// InitUninitialized replaces the array with a newly-allocated array of
|
|
212
|
+
// |new_size| elements, but whose constructor has not yet run. On success, the
|
|
213
|
+
// elements must be constructed before returning control to the caller.
|
|
214
|
+
bool InitUninitialized(size_t new_size) {
|
|
215
|
+
Reset();
|
|
216
|
+
if (new_size == 0) {
|
|
217
|
+
return true;
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
221
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
222
|
+
return false;
|
|
223
|
+
}
|
|
224
|
+
data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
|
|
225
|
+
if (data_ == nullptr) {
|
|
226
|
+
return false;
|
|
227
|
+
}
|
|
228
|
+
size_ = new_size;
|
|
229
|
+
return true;
|
|
230
|
+
}
|
|
231
|
+
|
|
349
232
|
T *data_ = nullptr;
|
|
350
233
|
size_t size_ = 0;
|
|
351
234
|
};
|
|
352
235
|
|
|
353
|
-
//
|
|
354
|
-
// Array<T>. When necessary, pushing will automatically trigger a resize.
|
|
355
|
-
//
|
|
356
|
-
// Note, for simplicity, this class currently differs from |std::vector| in that
|
|
357
|
-
// |T| must be efficiently default-constructible. Allocated elements beyond the
|
|
358
|
-
// end of the array are constructed and destructed.
|
|
236
|
+
// Vector<T> is a resizable array of elements of |T|.
|
|
359
237
|
template <typename T>
|
|
360
|
-
class
|
|
238
|
+
class Vector {
|
|
361
239
|
public:
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
~
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
other.
|
|
371
|
-
|
|
240
|
+
Vector() = default;
|
|
241
|
+
Vector(const Vector &) = delete;
|
|
242
|
+
Vector(Vector &&other) { *this = std::move(other); }
|
|
243
|
+
~Vector() { clear(); }
|
|
244
|
+
|
|
245
|
+
Vector &operator=(const Vector &) = delete;
|
|
246
|
+
Vector &operator=(Vector &&other) {
|
|
247
|
+
clear();
|
|
248
|
+
std::swap(data_, other.data_);
|
|
249
|
+
std::swap(size_, other.size_);
|
|
250
|
+
std::swap(capacity_, other.capacity_);
|
|
372
251
|
return *this;
|
|
373
252
|
}
|
|
374
253
|
|
|
375
|
-
const T *data() const { return
|
|
376
|
-
T *data() { return
|
|
254
|
+
const T *data() const { return data_; }
|
|
255
|
+
T *data() { return data_; }
|
|
377
256
|
size_t size() const { return size_; }
|
|
378
257
|
bool empty() const { return size_ == 0; }
|
|
379
258
|
|
|
380
|
-
const T &operator[](size_t i) const {
|
|
381
|
-
|
|
259
|
+
const T &operator[](size_t i) const {
|
|
260
|
+
BSSL_CHECK(i < size_);
|
|
261
|
+
return data_[i];
|
|
262
|
+
}
|
|
263
|
+
T &operator[](size_t i) {
|
|
264
|
+
BSSL_CHECK(i < size_);
|
|
265
|
+
return data_[i];
|
|
266
|
+
}
|
|
382
267
|
|
|
383
|
-
T *begin() { return
|
|
384
|
-
const T *begin() const { return
|
|
385
|
-
T *end() { return
|
|
386
|
-
const T *end() const { return
|
|
268
|
+
T *begin() { return data_; }
|
|
269
|
+
const T *begin() const { return data_; }
|
|
270
|
+
T *end() { return data_ + size_; }
|
|
271
|
+
const T *end() const { return data_ + size_; }
|
|
387
272
|
|
|
388
273
|
void clear() {
|
|
274
|
+
std::destroy_n(data_, size_);
|
|
275
|
+
OPENSSL_free(data_);
|
|
276
|
+
data_ = nullptr;
|
|
389
277
|
size_ = 0;
|
|
390
|
-
|
|
278
|
+
capacity_ = 0;
|
|
391
279
|
}
|
|
392
280
|
|
|
393
281
|
// Push adds |elem| at the end of the internal array, growing if necessary. It
|
|
394
282
|
// returns false when allocation fails.
|
|
395
|
-
bool Push(T elem) {
|
|
283
|
+
[[nodiscard]] bool Push(T elem) {
|
|
396
284
|
if (!MaybeGrow()) {
|
|
397
285
|
return false;
|
|
398
286
|
}
|
|
399
|
-
|
|
287
|
+
new (&data_[size_]) T(std::move(elem));
|
|
400
288
|
size_++;
|
|
401
289
|
return true;
|
|
402
290
|
}
|
|
403
291
|
|
|
404
292
|
// CopyFrom replaces the contents of the array with a copy of |in|. It returns
|
|
405
293
|
// true on success and false on allocation error.
|
|
406
|
-
bool CopyFrom(Span<const T> in) {
|
|
407
|
-
|
|
294
|
+
[[nodiscard]] bool CopyFrom(Span<const T> in) {
|
|
295
|
+
Array<T> copy;
|
|
296
|
+
if (!copy.CopyFrom(in)) {
|
|
408
297
|
return false;
|
|
409
298
|
}
|
|
410
|
-
|
|
299
|
+
|
|
300
|
+
clear();
|
|
301
|
+
copy.Release(&data_, &size_);
|
|
302
|
+
capacity_ = size_;
|
|
411
303
|
return true;
|
|
412
304
|
}
|
|
413
305
|
|
|
@@ -415,39 +307,249 @@ class GrowableArray {
|
|
|
415
307
|
// If there is no room for one more element, creates a new backing array with
|
|
416
308
|
// double the size of the old one and copies elements over.
|
|
417
309
|
bool MaybeGrow() {
|
|
418
|
-
if (array_.size() == 0) {
|
|
419
|
-
return array_.Init(kDefaultSize);
|
|
420
|
-
}
|
|
421
310
|
// No need to grow if we have room for one more T.
|
|
422
|
-
if (size_ <
|
|
311
|
+
if (size_ < capacity_) {
|
|
423
312
|
return true;
|
|
424
313
|
}
|
|
425
|
-
|
|
426
|
-
if (
|
|
314
|
+
size_t new_capacity = kDefaultSize;
|
|
315
|
+
if (capacity_ > 0) {
|
|
316
|
+
// Double the array's size if it's safe to do so.
|
|
317
|
+
if (capacity_ > std::numeric_limits<size_t>::max() / 2) {
|
|
318
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
319
|
+
return false;
|
|
320
|
+
}
|
|
321
|
+
new_capacity = capacity_ * 2;
|
|
322
|
+
}
|
|
323
|
+
if (new_capacity > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
427
324
|
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
428
325
|
return false;
|
|
429
326
|
}
|
|
430
|
-
|
|
431
|
-
|
|
327
|
+
T *new_data =
|
|
328
|
+
reinterpret_cast<T *>(OPENSSL_malloc(new_capacity * sizeof(T)));
|
|
329
|
+
if (new_data == nullptr) {
|
|
432
330
|
return false;
|
|
433
331
|
}
|
|
434
|
-
|
|
435
|
-
|
|
436
|
-
|
|
437
|
-
|
|
438
|
-
|
|
332
|
+
size_t new_size = size_;
|
|
333
|
+
std::uninitialized_move(begin(), end(), new_data);
|
|
334
|
+
clear();
|
|
335
|
+
data_ = new_data;
|
|
336
|
+
size_ = new_size;
|
|
337
|
+
capacity_ = new_capacity;
|
|
439
338
|
return true;
|
|
440
339
|
}
|
|
441
340
|
|
|
442
|
-
//
|
|
341
|
+
// data_ is a pointer to |capacity_| objects of size |T|, the first |size_| of
|
|
342
|
+
// which are constructed.
|
|
343
|
+
T *data_ = nullptr;
|
|
344
|
+
// |size_| is the number of elements stored in this Vector.
|
|
443
345
|
size_t size_ = 0;
|
|
444
|
-
// |
|
|
445
|
-
|
|
446
|
-
Array<T> array_;
|
|
346
|
+
// |capacity_| is the number of elements allocated in this Vector.
|
|
347
|
+
size_t capacity_ = 0;
|
|
447
348
|
// |kDefaultSize| is the default initial size of the backing array.
|
|
448
349
|
static constexpr size_t kDefaultSize = 16;
|
|
449
350
|
};
|
|
450
351
|
|
|
352
|
+
// A PackedSize is an integer that can store values from 0 to N, represented as
|
|
353
|
+
// a minimal-width integer.
|
|
354
|
+
template <size_t N>
|
|
355
|
+
using PackedSize = std::conditional_t<
|
|
356
|
+
N <= 0xff, uint8_t,
|
|
357
|
+
std::conditional_t<N <= 0xffff, uint16_t,
|
|
358
|
+
std::conditional_t<N <= 0xffffffff, uint32_t, size_t>>>;
|
|
359
|
+
|
|
360
|
+
// An InplaceVector is like a Vector, but stores up to N elements inline in the
|
|
361
|
+
// object. It is inspired by std::inplace_vector in C++26.
|
|
362
|
+
template <typename T, size_t N>
|
|
363
|
+
class InplaceVector {
|
|
364
|
+
public:
|
|
365
|
+
InplaceVector() = default;
|
|
366
|
+
InplaceVector(const InplaceVector &other) { *this = other; }
|
|
367
|
+
InplaceVector(InplaceVector &&other) { *this = std::move(other); }
|
|
368
|
+
~InplaceVector() { clear(); }
|
|
369
|
+
InplaceVector &operator=(const InplaceVector &other) {
|
|
370
|
+
if (this != &other) {
|
|
371
|
+
CopyFrom(other);
|
|
372
|
+
}
|
|
373
|
+
return *this;
|
|
374
|
+
}
|
|
375
|
+
InplaceVector &operator=(InplaceVector &&other) {
|
|
376
|
+
clear();
|
|
377
|
+
std::uninitialized_move(other.begin(), other.end(), data());
|
|
378
|
+
size_ = other.size();
|
|
379
|
+
return *this;
|
|
380
|
+
}
|
|
381
|
+
|
|
382
|
+
const T *data() const { return reinterpret_cast<const T *>(storage_); }
|
|
383
|
+
T *data() { return reinterpret_cast<T *>(storage_); }
|
|
384
|
+
size_t size() const { return size_; }
|
|
385
|
+
static constexpr size_t capacity() { return N; }
|
|
386
|
+
bool empty() const { return size_ == 0; }
|
|
387
|
+
|
|
388
|
+
const T &operator[](size_t i) const {
|
|
389
|
+
BSSL_CHECK(i < size_);
|
|
390
|
+
return data()[i];
|
|
391
|
+
}
|
|
392
|
+
T &operator[](size_t i) {
|
|
393
|
+
BSSL_CHECK(i < size_);
|
|
394
|
+
return data()[i];
|
|
395
|
+
}
|
|
396
|
+
|
|
397
|
+
T *begin() { return data(); }
|
|
398
|
+
const T *begin() const { return data(); }
|
|
399
|
+
T *end() { return data() + size_; }
|
|
400
|
+
const T *end() const { return data() + size_; }
|
|
401
|
+
|
|
402
|
+
void clear() { Shrink(0); }
|
|
403
|
+
|
|
404
|
+
// Shrink resizes the vector to |new_size|, which must not be larger than the
|
|
405
|
+
// current size. Unlike |Resize|, this can be called when |T| is not
|
|
406
|
+
// default-constructible.
|
|
407
|
+
void Shrink(size_t new_size) {
|
|
408
|
+
BSSL_CHECK(new_size <= size_);
|
|
409
|
+
std::destroy_n(data() + new_size, size_ - new_size);
|
|
410
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
411
|
+
}
|
|
412
|
+
|
|
413
|
+
// TryResize resizes the vector to |new_size| and returns true, or returns
|
|
414
|
+
// false if |new_size| is too large. Any newly-added elements are
|
|
415
|
+
// value-initialized.
|
|
416
|
+
[[nodiscard]] bool TryResize(size_t new_size) {
|
|
417
|
+
if (new_size <= size_) {
|
|
418
|
+
Shrink(new_size);
|
|
419
|
+
return true;
|
|
420
|
+
}
|
|
421
|
+
if (new_size > capacity()) {
|
|
422
|
+
return false;
|
|
423
|
+
}
|
|
424
|
+
std::uninitialized_value_construct_n(data() + size_, new_size - size_);
|
|
425
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
426
|
+
return true;
|
|
427
|
+
}
|
|
428
|
+
|
|
429
|
+
// TryResizeForOverwrite behaves like |TryResize|, but newly-added elements
|
|
430
|
+
// are default-initialized, so POD types may contain uninitialized values that
|
|
431
|
+
// the caller is responsible for filling in.
|
|
432
|
+
[[nodiscard]] bool TryResizeForOverwrite(size_t new_size) {
|
|
433
|
+
if (new_size <= size_) {
|
|
434
|
+
Shrink(new_size);
|
|
435
|
+
return true;
|
|
436
|
+
}
|
|
437
|
+
if (new_size > capacity()) {
|
|
438
|
+
return false;
|
|
439
|
+
}
|
|
440
|
+
std::uninitialized_default_construct_n(data() + size_, new_size - size_);
|
|
441
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
442
|
+
return true;
|
|
443
|
+
}
|
|
444
|
+
|
|
445
|
+
// TryCopyFrom sets the vector to a copy of |in| and returns true, or returns
|
|
446
|
+
// false if |in| is too large.
|
|
447
|
+
[[nodiscard]] bool TryCopyFrom(Span<const T> in) {
|
|
448
|
+
if (in.size() > capacity()) {
|
|
449
|
+
return false;
|
|
450
|
+
}
|
|
451
|
+
clear();
|
|
452
|
+
std::uninitialized_copy(in.begin(), in.end(), data());
|
|
453
|
+
size_ = in.size();
|
|
454
|
+
return true;
|
|
455
|
+
}
|
|
456
|
+
|
|
457
|
+
// TryPushBack appends |val| to the vector and returns a pointer to the
|
|
458
|
+
// newly-inserted value, or nullptr if the vector is at capacity.
|
|
459
|
+
[[nodiscard]] T *TryPushBack(T val) {
|
|
460
|
+
if (size() >= capacity()) {
|
|
461
|
+
return nullptr;
|
|
462
|
+
}
|
|
463
|
+
T *ret = &data()[size_];
|
|
464
|
+
new (ret) T(std::move(val));
|
|
465
|
+
size_++;
|
|
466
|
+
return ret;
|
|
467
|
+
}
|
|
468
|
+
|
|
469
|
+
// The following methods behave like their |Try*| counterparts, but abort the
|
|
470
|
+
// program on failure.
|
|
471
|
+
void Resize(size_t size) { BSSL_CHECK(TryResize(size)); }
|
|
472
|
+
void ResizeForOverwrite(size_t size) {
|
|
473
|
+
BSSL_CHECK(TryResizeForOverwrite(size));
|
|
474
|
+
}
|
|
475
|
+
void CopyFrom(Span<const T> in) { BSSL_CHECK(TryCopyFrom(in)); }
|
|
476
|
+
T &PushBack(T val) {
|
|
477
|
+
T *ret = TryPushBack(std::move(val));
|
|
478
|
+
BSSL_CHECK(ret != nullptr);
|
|
479
|
+
return *ret;
|
|
480
|
+
}
|
|
481
|
+
|
|
482
|
+
template <typename Pred>
|
|
483
|
+
void EraseIf(Pred pred) {
|
|
484
|
+
// See if anything needs to be erased at all. This avoids a self-move.
|
|
485
|
+
auto iter = std::find_if(begin(), end(), pred);
|
|
486
|
+
if (iter == end()) {
|
|
487
|
+
return;
|
|
488
|
+
}
|
|
489
|
+
|
|
490
|
+
// Elements before the first to be erased may be left as-is.
|
|
491
|
+
size_t new_size = iter - begin();
|
|
492
|
+
// Swap all subsequent elements in if they are to be kept.
|
|
493
|
+
for (size_t i = new_size + 1; i < size(); i++) {
|
|
494
|
+
if (!pred((*this)[i])) {
|
|
495
|
+
(*this)[new_size] = std::move((*this)[i]);
|
|
496
|
+
new_size++;
|
|
497
|
+
}
|
|
498
|
+
}
|
|
499
|
+
|
|
500
|
+
Shrink(new_size);
|
|
501
|
+
}
|
|
502
|
+
|
|
503
|
+
private:
|
|
504
|
+
alignas(T) char storage_[sizeof(T[N])];
|
|
505
|
+
PackedSize<N> size_ = 0;
|
|
506
|
+
};
|
|
507
|
+
|
|
508
|
+
// An MRUQueue maintains a queue of up to |N| objects of type |T|. If the queue
|
|
509
|
+
// is at capacity, adding to the queue pops the least recently added element.
|
|
510
|
+
template <typename T, size_t N>
|
|
511
|
+
class MRUQueue {
|
|
512
|
+
public:
|
|
513
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
514
|
+
|
|
515
|
+
MRUQueue() = default;
|
|
516
|
+
|
|
517
|
+
// If we ever need to make this type movable, we could. (The defaults almost
|
|
518
|
+
// work except we need |start_| to be reset when moved-from.)
|
|
519
|
+
MRUQueue(const MRUQueue &other) = delete;
|
|
520
|
+
MRUQueue &operator=(const MRUQueue &other) = delete;
|
|
521
|
+
|
|
522
|
+
bool empty() const { return size() == 0; }
|
|
523
|
+
size_t size() const { return storage_.size(); }
|
|
524
|
+
|
|
525
|
+
T &operator[](size_t i) {
|
|
526
|
+
BSSL_CHECK(i < size());
|
|
527
|
+
return storage_[(start_ + i) % N];
|
|
528
|
+
}
|
|
529
|
+
const T &operator[](size_t i) const {
|
|
530
|
+
return (*const_cast<MRUQueue *>(this))[i];
|
|
531
|
+
}
|
|
532
|
+
|
|
533
|
+
void Clear() {
|
|
534
|
+
storage_.clear();
|
|
535
|
+
start_ = 0;
|
|
536
|
+
}
|
|
537
|
+
|
|
538
|
+
void PushBack(T t) {
|
|
539
|
+
if (storage_.size() < N) {
|
|
540
|
+
assert(start_ == 0);
|
|
541
|
+
storage_.PushBack(std::move(t));
|
|
542
|
+
} else {
|
|
543
|
+
(*this)[0] = std::move(t);
|
|
544
|
+
start_ = (start_ + 1) % N;
|
|
545
|
+
}
|
|
546
|
+
}
|
|
547
|
+
|
|
548
|
+
private:
|
|
549
|
+
InplaceVector<T, N> storage_;
|
|
550
|
+
PackedSize<N> start_ = 0;
|
|
551
|
+
};
|
|
552
|
+
|
|
451
553
|
// CBBFinishArray behaves like |CBB_finish| but stores the result in an Array.
|
|
452
554
|
OPENSSL_EXPORT bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out);
|
|
453
555
|
|
|
@@ -460,7 +562,7 @@ template <typename T, typename Name>
|
|
|
460
562
|
inline size_t GetAllNames(const char **out, size_t max_out,
|
|
461
563
|
Span<const char *const> fixed_names, Name(T::*name),
|
|
462
564
|
Span<const T> objects) {
|
|
463
|
-
auto span = bssl::
|
|
565
|
+
auto span = bssl::Span(out, max_out);
|
|
464
566
|
for (size_t i = 0; !span.empty() && i < fixed_names.size(); i++) {
|
|
465
567
|
span[0] = fixed_names[i];
|
|
466
568
|
span = span.subspan(1);
|
|
@@ -472,6 +574,48 @@ inline size_t GetAllNames(const char **out, size_t max_out,
|
|
|
472
574
|
return fixed_names.size() + objects.size();
|
|
473
575
|
}
|
|
474
576
|
|
|
577
|
+
// RefCounted is a common base for ref-counted types. This is an instance of the
|
|
578
|
+
// C++ curiously-recurring template pattern, so a type Foo must subclass
|
|
579
|
+
// RefCounted<Foo>. It additionally must friend RefCounted<Foo> to allow calling
|
|
580
|
+
// the destructor.
|
|
581
|
+
template <typename Derived>
|
|
582
|
+
class RefCounted {
|
|
583
|
+
public:
|
|
584
|
+
RefCounted(const RefCounted &) = delete;
|
|
585
|
+
RefCounted &operator=(const RefCounted &) = delete;
|
|
586
|
+
|
|
587
|
+
// These methods are intentionally named differently from `bssl::UpRef` to
|
|
588
|
+
// avoid a collision. Only the implementations of `FOO_up_ref` and `FOO_free`
|
|
589
|
+
// should call these.
|
|
590
|
+
void UpRefInternal() { CRYPTO_refcount_inc(&references_); }
|
|
591
|
+
void DecRefInternal() {
|
|
592
|
+
if (CRYPTO_refcount_dec_and_test_zero(&references_)) {
|
|
593
|
+
Derived *d = static_cast<Derived *>(this);
|
|
594
|
+
d->~Derived();
|
|
595
|
+
OPENSSL_free(d);
|
|
596
|
+
}
|
|
597
|
+
}
|
|
598
|
+
|
|
599
|
+
protected:
|
|
600
|
+
// Ensure that only `Derived`, which must inherit from `RefCounted<Derived>`,
|
|
601
|
+
// can call the constructor. This catches bugs where someone inherited from
|
|
602
|
+
// the wrong base.
|
|
603
|
+
class CheckSubClass {
|
|
604
|
+
private:
|
|
605
|
+
friend Derived;
|
|
606
|
+
CheckSubClass() = default;
|
|
607
|
+
};
|
|
608
|
+
RefCounted(CheckSubClass) {
|
|
609
|
+
static_assert(std::is_base_of<RefCounted, Derived>::value,
|
|
610
|
+
"Derived must subclass RefCounted<Derived>");
|
|
611
|
+
}
|
|
612
|
+
|
|
613
|
+
~RefCounted() = default;
|
|
614
|
+
|
|
615
|
+
private:
|
|
616
|
+
CRYPTO_refcount_t references_ = 1;
|
|
617
|
+
};
|
|
618
|
+
|
|
475
619
|
|
|
476
620
|
// Protocol versions.
|
|
477
621
|
//
|
|
@@ -520,6 +664,11 @@ bool ssl_add_supported_versions(const SSL_HANDSHAKE *hs, CBB *cbb,
|
|
|
520
664
|
bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
521
665
|
uint16_t *out_version, const CBS *peer_versions);
|
|
522
666
|
|
|
667
|
+
// ssl_has_final_version returns whether |ssl| has determined the final version.
|
|
668
|
+
// This may be used to distinguish the predictive 0-RTT version from the final
|
|
669
|
+
// one.
|
|
670
|
+
bool ssl_has_final_version(const SSL *ssl);
|
|
671
|
+
|
|
523
672
|
// ssl_protocol_version returns |ssl|'s protocol version. It is an error to
|
|
524
673
|
// call this function before the version is determined.
|
|
525
674
|
uint16_t ssl_protocol_version(const SSL *ssl);
|
|
@@ -554,13 +703,14 @@ BSSL_NAMESPACE_BEGIN
|
|
|
554
703
|
#define SSL_kGENERIC 0x00000008u
|
|
555
704
|
|
|
556
705
|
// Bits for |algorithm_auth| (server authentication).
|
|
557
|
-
#define
|
|
558
|
-
#define
|
|
706
|
+
#define SSL_aRSA_SIGN 0x00000001u
|
|
707
|
+
#define SSL_aRSA_DECRYPT 0x00000002u
|
|
708
|
+
#define SSL_aECDSA 0x00000004u
|
|
559
709
|
// SSL_aPSK is set for both PSK and ECDHE_PSK.
|
|
560
|
-
#define SSL_aPSK
|
|
561
|
-
#define SSL_aGENERIC
|
|
710
|
+
#define SSL_aPSK 0x00000008u
|
|
711
|
+
#define SSL_aGENERIC 0x00000010u
|
|
562
712
|
|
|
563
|
-
#define SSL_aCERT (
|
|
713
|
+
#define SSL_aCERT (SSL_aRSA_SIGN | SSL_aRSA_DECRYPT | SSL_aECDSA)
|
|
564
714
|
|
|
565
715
|
// Bits for |algorithm_enc| (symmetric encryption).
|
|
566
716
|
#define SSL_3DES 0x00000001u
|
|
@@ -643,7 +793,7 @@ Span<const SSL_CIPHER> AllCiphers();
|
|
|
643
793
|
bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
|
|
644
794
|
size_t *out_mac_secret_len,
|
|
645
795
|
size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
|
|
646
|
-
uint16_t version
|
|
796
|
+
uint16_t version);
|
|
647
797
|
|
|
648
798
|
// ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
|
|
649
799
|
// |cipher|.
|
|
@@ -661,8 +811,9 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
|
|
|
661
811
|
bool strict);
|
|
662
812
|
|
|
663
813
|
// ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
|
|
664
|
-
// values suitable for use with |key| in TLS 1.2 and below.
|
|
665
|
-
|
|
814
|
+
// values suitable for use with |key| in TLS 1.2 and below. |sign_ok| indicates
|
|
815
|
+
// whether |key| may be used for signing.
|
|
816
|
+
uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key, bool sign_ok);
|
|
666
817
|
|
|
667
818
|
// ssl_cipher_uses_certificate_auth returns whether |cipher| authenticates the
|
|
668
819
|
// server and, optionally, the client with a certificate.
|
|
@@ -681,12 +832,11 @@ bool ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher);
|
|
|
681
832
|
size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher);
|
|
682
833
|
|
|
683
834
|
// ssl_choose_tls13_cipher returns an |SSL_CIPHER| corresponding with the best
|
|
684
|
-
// available from |cipher_suites| compatible with |version
|
|
685
|
-
//
|
|
686
|
-
//
|
|
687
|
-
// is available.
|
|
835
|
+
// available from |cipher_suites| compatible with |version| and |policy|. It
|
|
836
|
+
// returns NULL if there isn't a compatible cipher. |has_aes_hw| indicates if
|
|
837
|
+
// the choice should be made as if support for AES in hardware is available.
|
|
688
838
|
const SSL_CIPHER *ssl_choose_tls13_cipher(CBS cipher_suites, bool has_aes_hw,
|
|
689
|
-
uint16_t version,
|
|
839
|
+
uint16_t version,
|
|
690
840
|
enum ssl_compliance_policy_t policy);
|
|
691
841
|
|
|
692
842
|
// ssl_tls13_cipher_meets_policy returns true if |cipher_id| is acceptable given
|
|
@@ -704,7 +854,7 @@ OPENSSL_EXPORT bool ssl_cipher_is_deprecated(const SSL_CIPHER *cipher);
|
|
|
704
854
|
// buffer and running hash.
|
|
705
855
|
class SSLTranscript {
|
|
706
856
|
public:
|
|
707
|
-
SSLTranscript();
|
|
857
|
+
explicit SSLTranscript(bool is_dtls);
|
|
708
858
|
~SSLTranscript();
|
|
709
859
|
|
|
710
860
|
SSLTranscript(SSLTranscript &&other) = default;
|
|
@@ -735,8 +885,8 @@ class SSLTranscript {
|
|
|
735
885
|
bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
|
|
736
886
|
|
|
737
887
|
Span<const uint8_t> buffer() const {
|
|
738
|
-
return
|
|
739
|
-
|
|
888
|
+
return Span(reinterpret_cast<const uint8_t *>(buffer_->data),
|
|
889
|
+
buffer_->length);
|
|
740
890
|
}
|
|
741
891
|
|
|
742
892
|
// FreeBuffer releases the handshake buffer. Subsequent calls to
|
|
@@ -767,17 +917,30 @@ class SSLTranscript {
|
|
|
767
917
|
bool from_server) const;
|
|
768
918
|
|
|
769
919
|
private:
|
|
920
|
+
// HashBuffer initializes |ctx| to use |digest| and writes the contents of
|
|
921
|
+
// |buffer_| to |ctx|. If this SSLTranscript is for DTLS 1.3, the appropriate
|
|
922
|
+
// bytes in |buffer_| will be skipped when hashing the buffer.
|
|
923
|
+
bool HashBuffer(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
|
|
924
|
+
|
|
925
|
+
// AddToBufferOrHash directly adds the contents of |in| to |buffer_| and/or
|
|
926
|
+
// |hash_|.
|
|
927
|
+
bool AddToBufferOrHash(Span<const uint8_t> in);
|
|
928
|
+
|
|
770
929
|
// buffer_, if non-null, contains the handshake transcript.
|
|
771
930
|
UniquePtr<BUF_MEM> buffer_;
|
|
772
931
|
// hash, if initialized with an |EVP_MD|, maintains the handshake hash.
|
|
773
932
|
ScopedEVP_MD_CTX hash_;
|
|
933
|
+
// is_dtls_ indicates whether this is a transcript for a DTLS connection.
|
|
934
|
+
bool is_dtls_ : 1;
|
|
935
|
+
// version_ contains the version for the connection (if known).
|
|
936
|
+
uint16_t version_ = 0;
|
|
774
937
|
};
|
|
775
938
|
|
|
776
939
|
// tls1_prf computes the PRF function for |ssl|. It fills |out|, using |secret|
|
|
777
940
|
// as the secret and |label| as the label. |seed1| and |seed2| are concatenated
|
|
778
941
|
// to form the seed parameter. It returns true on success and false on failure.
|
|
779
942
|
bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
|
|
780
|
-
Span<const uint8_t> secret,
|
|
943
|
+
Span<const uint8_t> secret, std::string_view label,
|
|
781
944
|
Span<const uint8_t> seed1, Span<const uint8_t> seed2);
|
|
782
945
|
|
|
783
946
|
|
|
@@ -787,7 +950,7 @@ bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
|
|
|
787
950
|
// encrypt an SSL connection.
|
|
788
951
|
class SSLAEADContext {
|
|
789
952
|
public:
|
|
790
|
-
SSLAEADContext(
|
|
953
|
+
explicit SSLAEADContext(const SSL_CIPHER *cipher);
|
|
791
954
|
~SSLAEADContext();
|
|
792
955
|
static constexpr bool kAllowUniquePtr = true;
|
|
793
956
|
|
|
@@ -795,38 +958,23 @@ class SSLAEADContext {
|
|
|
795
958
|
SSLAEADContext &operator=(const SSLAEADContext &&) = delete;
|
|
796
959
|
|
|
797
960
|
// CreateNullCipher creates an |SSLAEADContext| for the null cipher.
|
|
798
|
-
static UniquePtr<SSLAEADContext> CreateNullCipher(
|
|
961
|
+
static UniquePtr<SSLAEADContext> CreateNullCipher();
|
|
799
962
|
|
|
800
963
|
// Create creates an |SSLAEADContext| using the supplied key material. It
|
|
801
964
|
// returns nullptr on error. Only one of |Open| or |Seal| may be used with the
|
|
802
|
-
// resulting object, depending on |direction|. |version| is the
|
|
803
|
-
// protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
|
|
965
|
+
// resulting object, depending on |direction|. |version| is the wire version.
|
|
804
966
|
static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
|
|
805
|
-
uint16_t version,
|
|
967
|
+
uint16_t version,
|
|
806
968
|
const SSL_CIPHER *cipher,
|
|
807
969
|
Span<const uint8_t> enc_key,
|
|
808
970
|
Span<const uint8_t> mac_key,
|
|
809
971
|
Span<const uint8_t> fixed_iv);
|
|
810
972
|
|
|
811
973
|
// CreatePlaceholderForQUIC creates a placeholder |SSLAEADContext| for the
|
|
812
|
-
// given cipher
|
|
813
|
-
//
|
|
974
|
+
// given cipher. The resulting object can be queried for various properties
|
|
975
|
+
// but cannot encrypt or decrypt data.
|
|
814
976
|
static UniquePtr<SSLAEADContext> CreatePlaceholderForQUIC(
|
|
815
|
-
|
|
816
|
-
|
|
817
|
-
// SetVersionIfNullCipher sets the version the SSLAEADContext for the null
|
|
818
|
-
// cipher, to make version-specific determinations in the record layer prior
|
|
819
|
-
// to a cipher being selected.
|
|
820
|
-
void SetVersionIfNullCipher(uint16_t version);
|
|
821
|
-
|
|
822
|
-
// ProtocolVersion returns the protocol version associated with this
|
|
823
|
-
// SSLAEADContext. It can only be called once |version_| has been set to a
|
|
824
|
-
// valid value.
|
|
825
|
-
uint16_t ProtocolVersion() const;
|
|
826
|
-
|
|
827
|
-
// RecordVersion returns the record version that should be used with this
|
|
828
|
-
// SSLAEADContext for record construction and crypto.
|
|
829
|
-
uint16_t RecordVersion() const;
|
|
977
|
+
const SSL_CIPHER *cipher);
|
|
830
978
|
|
|
831
979
|
const SSL_CIPHER *cipher() const { return cipher_; }
|
|
832
980
|
|
|
@@ -839,6 +987,10 @@ class SSLAEADContext {
|
|
|
839
987
|
// MaxOverhead returns the maximum overhead of calling |Seal|.
|
|
840
988
|
size_t MaxOverhead() const;
|
|
841
989
|
|
|
990
|
+
// MaxSealInputLen returns the maximum length for |Seal| that can fit in
|
|
991
|
+
// |max_out| output bytes, or zero if no input may fit.
|
|
992
|
+
size_t MaxSealInputLen(size_t max_out) const;
|
|
993
|
+
|
|
842
994
|
// SuffixLen calculates the suffix length written by |SealScatter| and writes
|
|
843
995
|
// it to |*out_suffix_len|. It returns true on success and false on error.
|
|
844
996
|
// |in_len| and |extra_in_len| should equal the argument of the same names
|
|
@@ -900,12 +1052,8 @@ class SSLAEADContext {
|
|
|
900
1052
|
ScopedEVP_AEAD_CTX ctx_;
|
|
901
1053
|
// fixed_nonce_ contains any bytes of the nonce that are fixed for all
|
|
902
1054
|
// records.
|
|
903
|
-
uint8_t fixed_nonce_
|
|
904
|
-
uint8_t
|
|
905
|
-
// version_ is the wire version that should be used with this AEAD.
|
|
906
|
-
uint16_t version_;
|
|
907
|
-
// is_dtls_ is whether DTLS is being used with this AEAD.
|
|
908
|
-
bool is_dtls_;
|
|
1055
|
+
InplaceVector<uint8_t, 12> fixed_nonce_;
|
|
1056
|
+
uint8_t variable_nonce_len_ = 0;
|
|
909
1057
|
// variable_nonce_included_in_record_ is true if the variable nonce
|
|
910
1058
|
// for a record is included as a prefix before the ciphertext.
|
|
911
1059
|
bool variable_nonce_included_in_record_ : 1;
|
|
@@ -926,20 +1074,122 @@ class SSLAEADContext {
|
|
|
926
1074
|
|
|
927
1075
|
// DTLS replay bitmap.
|
|
928
1076
|
|
|
929
|
-
//
|
|
930
|
-
// replayed packets.
|
|
931
|
-
|
|
932
|
-
|
|
933
|
-
// |
|
|
934
|
-
|
|
935
|
-
|
|
1077
|
+
// DTLSReplayBitmap maintains a sliding window of sequence numbers to detect
|
|
1078
|
+
// replayed packets.
|
|
1079
|
+
class DTLSReplayBitmap {
|
|
1080
|
+
public:
|
|
1081
|
+
// ShouldDiscard returns true if |seq_num| has been seen in
|
|
1082
|
+
// |bitmap| or is stale. Otherwise it returns false.
|
|
1083
|
+
bool ShouldDiscard(uint64_t seqnum) const;
|
|
1084
|
+
|
|
1085
|
+
// Record updates the bitmap to record receipt of sequence number
|
|
1086
|
+
// |seq_num|. It slides the window forward if needed. It is an error to call
|
|
1087
|
+
// this function on a stale sequence number.
|
|
1088
|
+
void Record(uint64_t seqnum);
|
|
1089
|
+
|
|
1090
|
+
uint64_t max_seq_num() const { return max_seq_num_; }
|
|
1091
|
+
|
|
1092
|
+
private:
|
|
1093
|
+
// map is a bitset of sequence numbers that have been seen. Bit i corresponds
|
|
1094
|
+
// to |max_seq_num_ - i|.
|
|
1095
|
+
std::bitset<256> map_;
|
|
1096
|
+
// max_seq_num_ is the largest sequence number seen so far as a 64-bit
|
|
936
1097
|
// integer.
|
|
937
|
-
uint64_t
|
|
1098
|
+
uint64_t max_seq_num_ = 0;
|
|
938
1099
|
};
|
|
939
1100
|
|
|
1101
|
+
// reconstruct_seqnum takes the low order bits of a record sequence number from
|
|
1102
|
+
// the wire and reconstructs the full sequence number. It does so using the
|
|
1103
|
+
// algorithm described in section 4.2.2 of RFC 9147, where |wire_seq| is the
|
|
1104
|
+
// low bits of the sequence number as seen on the wire, |seq_mask| is a bitmask
|
|
1105
|
+
// of 8 or 16 1 bits corresponding to the length of the sequence number on the
|
|
1106
|
+
// wire, and |max_valid_seqnum| is the largest sequence number of a record
|
|
1107
|
+
// successfully deprotected in this epoch. This function returns the sequence
|
|
1108
|
+
// number that is numerically closest to one plus |max_valid_seqnum| that when
|
|
1109
|
+
// bitwise and-ed with |seq_mask| equals |wire_seq|.
|
|
1110
|
+
//
|
|
1111
|
+
// |max_valid_seqnum| must be most 2^48-1, in which case the output will also be
|
|
1112
|
+
// at most 2^48-1.
|
|
1113
|
+
OPENSSL_EXPORT uint64_t reconstruct_seqnum(uint16_t wire_seq, uint64_t seq_mask,
|
|
1114
|
+
uint64_t max_valid_seqnum);
|
|
1115
|
+
|
|
940
1116
|
|
|
941
1117
|
// Record layer.
|
|
942
1118
|
|
|
1119
|
+
class DTLSRecordNumber {
|
|
1120
|
+
public:
|
|
1121
|
+
static constexpr uint64_t kMaxSequence = (uint64_t{1} << 48) - 1;
|
|
1122
|
+
|
|
1123
|
+
DTLSRecordNumber() = default;
|
|
1124
|
+
DTLSRecordNumber(uint16_t epoch, uint64_t sequence) {
|
|
1125
|
+
BSSL_CHECK(sequence <= kMaxSequence);
|
|
1126
|
+
combined_ = (uint64_t{epoch} << 48) | sequence;
|
|
1127
|
+
}
|
|
1128
|
+
|
|
1129
|
+
static DTLSRecordNumber FromCombined(uint64_t combined) {
|
|
1130
|
+
return DTLSRecordNumber(combined);
|
|
1131
|
+
}
|
|
1132
|
+
|
|
1133
|
+
bool operator==(DTLSRecordNumber r) const {
|
|
1134
|
+
return combined() == r.combined();
|
|
1135
|
+
}
|
|
1136
|
+
bool operator!=(DTLSRecordNumber r) const { return !((*this) == r); }
|
|
1137
|
+
bool operator<(DTLSRecordNumber r) const { return combined() < r.combined(); }
|
|
1138
|
+
|
|
1139
|
+
uint64_t combined() const { return combined_; }
|
|
1140
|
+
uint16_t epoch() const { return combined_ >> 48; }
|
|
1141
|
+
uint64_t sequence() const { return combined_ & kMaxSequence; }
|
|
1142
|
+
|
|
1143
|
+
bool HasNext() const { return sequence() < kMaxSequence; }
|
|
1144
|
+
DTLSRecordNumber Next() const {
|
|
1145
|
+
BSSL_CHECK(HasNext());
|
|
1146
|
+
// This will not overflow into the epoch.
|
|
1147
|
+
return DTLSRecordNumber::FromCombined(combined_ + 1);
|
|
1148
|
+
}
|
|
1149
|
+
|
|
1150
|
+
private:
|
|
1151
|
+
explicit DTLSRecordNumber(uint64_t combined) : combined_(combined) {}
|
|
1152
|
+
|
|
1153
|
+
uint64_t combined_ = 0;
|
|
1154
|
+
};
|
|
1155
|
+
|
|
1156
|
+
class RecordNumberEncrypter {
|
|
1157
|
+
public:
|
|
1158
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1159
|
+
static constexpr size_t kMaxKeySize = 32;
|
|
1160
|
+
|
|
1161
|
+
// Create returns a DTLS 1.3 record number encrypter for |traffic_secret|, or
|
|
1162
|
+
// nullptr on error.
|
|
1163
|
+
static UniquePtr<RecordNumberEncrypter> Create(
|
|
1164
|
+
const SSL_CIPHER *cipher, Span<const uint8_t> traffic_secret);
|
|
1165
|
+
|
|
1166
|
+
virtual ~RecordNumberEncrypter() = default;
|
|
1167
|
+
virtual size_t KeySize() = 0;
|
|
1168
|
+
virtual bool SetKey(Span<const uint8_t> key) = 0;
|
|
1169
|
+
virtual bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) = 0;
|
|
1170
|
+
};
|
|
1171
|
+
|
|
1172
|
+
struct DTLSReadEpoch {
|
|
1173
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1174
|
+
|
|
1175
|
+
// TODO(davidben): This could be made slightly more compact if |bitmap| stored
|
|
1176
|
+
// a DTLSRecordNumber.
|
|
1177
|
+
uint16_t epoch = 0;
|
|
1178
|
+
UniquePtr<SSLAEADContext> aead;
|
|
1179
|
+
UniquePtr<RecordNumberEncrypter> rn_encrypter;
|
|
1180
|
+
DTLSReplayBitmap bitmap;
|
|
1181
|
+
};
|
|
1182
|
+
|
|
1183
|
+
struct DTLSWriteEpoch {
|
|
1184
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1185
|
+
|
|
1186
|
+
uint16_t epoch() const { return next_record.epoch(); }
|
|
1187
|
+
|
|
1188
|
+
DTLSRecordNumber next_record;
|
|
1189
|
+
UniquePtr<SSLAEADContext> aead;
|
|
1190
|
+
UniquePtr<RecordNumberEncrypter> rn_encrypter;
|
|
1191
|
+
};
|
|
1192
|
+
|
|
943
1193
|
// ssl_record_prefix_len returns the length of the prefix before the ciphertext
|
|
944
1194
|
// of a record for |ssl|.
|
|
945
1195
|
//
|
|
@@ -984,23 +1234,17 @@ enum ssl_open_record_t tls_open_record(SSL *ssl, uint8_t *out_type,
|
|
|
984
1234
|
|
|
985
1235
|
// dtls_open_record implements |tls_open_record| for DTLS. It only returns
|
|
986
1236
|
// |ssl_open_record_partial| if |in| was empty and sets |*out_consumed| to
|
|
987
|
-
// zero. The caller should read one packet and try again.
|
|
1237
|
+
// zero. The caller should read one packet and try again. On success,
|
|
1238
|
+
// |*out_number| is set to the record number of the record.
|
|
988
1239
|
enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
1240
|
+
DTLSRecordNumber *out_number,
|
|
989
1241
|
Span<uint8_t> *out,
|
|
990
1242
|
size_t *out_consumed,
|
|
991
1243
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
992
1244
|
|
|
993
|
-
//
|
|
994
|
-
//
|
|
995
|
-
|
|
996
|
-
//
|
|
997
|
-
// Note when TLS 1.0 CBC record-splitting is enabled, this includes the one byte
|
|
998
|
-
// record and is the offset into second record's ciphertext. Thus sealing a
|
|
999
|
-
// small record may result in a smaller output than this value.
|
|
1000
|
-
//
|
|
1001
|
-
// TODO(davidben): Is this alignment valuable? Record-splitting makes this a
|
|
1002
|
-
// mess.
|
|
1003
|
-
size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
1245
|
+
// ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
|
|
1246
|
+
// state needs record-splitting and zero otherwise.
|
|
1247
|
+
bool ssl_needs_record_splitting(const SSL *ssl);
|
|
1004
1248
|
|
|
1005
1249
|
// tls_seal_record seals a new record of type |type| and body |in| and writes it
|
|
1006
1250
|
// to |out|. At most |max_out| bytes will be written. It returns true on success
|
|
@@ -1008,7 +1252,7 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
|
1008
1252
|
// 1/n-1 record splitting and may write two records concatenated.
|
|
1009
1253
|
//
|
|
1010
1254
|
// For a large record, the bulk of the ciphertext will begin
|
|
1011
|
-
// |
|
|
1255
|
+
// |tls_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
|
|
1012
1256
|
// improve performance. It writes at most |in_len| + |SSL_max_seal_overhead|
|
|
1013
1257
|
// bytes to |out|.
|
|
1014
1258
|
//
|
|
@@ -1016,26 +1260,30 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
|
1016
1260
|
bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
|
|
1017
1261
|
uint8_t type, const uint8_t *in, size_t in_len);
|
|
1018
1262
|
|
|
1019
|
-
|
|
1020
|
-
|
|
1021
|
-
|
|
1022
|
-
};
|
|
1263
|
+
// dtls_record_header_write_len returns the length of the record header that
|
|
1264
|
+
// will be written at |epoch|.
|
|
1265
|
+
size_t dtls_record_header_write_len(const SSL *ssl, uint16_t epoch);
|
|
1023
1266
|
|
|
1024
1267
|
// dtls_max_seal_overhead returns the maximum overhead, in bytes, of sealing a
|
|
1025
1268
|
// record.
|
|
1026
|
-
size_t dtls_max_seal_overhead(const SSL *ssl,
|
|
1269
|
+
size_t dtls_max_seal_overhead(const SSL *ssl, uint16_t epoch);
|
|
1027
1270
|
|
|
1028
1271
|
// dtls_seal_prefix_len returns the number of bytes of prefix to reserve in
|
|
1029
1272
|
// front of the plaintext when sealing a record in-place.
|
|
1030
|
-
size_t dtls_seal_prefix_len(const SSL *ssl,
|
|
1273
|
+
size_t dtls_seal_prefix_len(const SSL *ssl, uint16_t epoch);
|
|
1274
|
+
|
|
1275
|
+
// dtls_seal_max_input_len returns the maximum number of input bytes that can
|
|
1276
|
+
// fit in a record of up to |max_out| bytes, or zero if none may fit.
|
|
1277
|
+
size_t dtls_seal_max_input_len(const SSL *ssl, uint16_t epoch, size_t max_out);
|
|
1031
1278
|
|
|
1032
|
-
// dtls_seal_record implements |tls_seal_record| for DTLS. |
|
|
1033
|
-
//
|
|
1034
|
-
//
|
|
1035
|
-
// ahead of |out|.
|
|
1036
|
-
|
|
1037
|
-
|
|
1038
|
-
|
|
1279
|
+
// dtls_seal_record implements |tls_seal_record| for DTLS. |epoch| selects which
|
|
1280
|
+
// epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out| may
|
|
1281
|
+
// alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
|
|
1282
|
+
// ahead of |out|. On success, |*out_number| is set to the record number of the
|
|
1283
|
+
// record.
|
|
1284
|
+
bool dtls_seal_record(SSL *ssl, DTLSRecordNumber *out_number, uint8_t *out,
|
|
1285
|
+
size_t *out_len, size_t max_out, uint8_t type,
|
|
1286
|
+
const uint8_t *in, size_t in_len, uint16_t epoch);
|
|
1039
1287
|
|
|
1040
1288
|
// ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
|
|
1041
1289
|
// state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
|
|
@@ -1047,9 +1295,6 @@ enum ssl_open_record_t ssl_process_alert(SSL *ssl, uint8_t *out_alert,
|
|
|
1047
1295
|
|
|
1048
1296
|
// Private key operations.
|
|
1049
1297
|
|
|
1050
|
-
// ssl_has_private_key returns whether |hs| has a private key configured.
|
|
1051
|
-
bool ssl_has_private_key(const SSL_HANDSHAKE *hs);
|
|
1052
|
-
|
|
1053
1298
|
// ssl_private_key_* perform the corresponding operation on
|
|
1054
1299
|
// |SSL_PRIVATE_KEY_METHOD|. If there is a custom private key configured, they
|
|
1055
1300
|
// call the corresponding function or |complete| depending on whether there is a
|
|
@@ -1066,10 +1311,10 @@ enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,
|
|
|
1066
1311
|
size_t max_out,
|
|
1067
1312
|
Span<const uint8_t> in);
|
|
1068
1313
|
|
|
1069
|
-
//
|
|
1070
|
-
//
|
|
1071
|
-
bool
|
|
1072
|
-
|
|
1314
|
+
// ssl_pkey_supports_algorithm returns whether |pkey| may be used to sign
|
|
1315
|
+
// |sigalg|.
|
|
1316
|
+
bool ssl_pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey,
|
|
1317
|
+
uint16_t sigalg, bool is_verify);
|
|
1073
1318
|
|
|
1074
1319
|
// ssl_public_key_verify verifies that the |signature| is valid for the public
|
|
1075
1320
|
// key |pkey| and input |in|, using the signature algorithm |sigalg|.
|
|
@@ -1093,32 +1338,30 @@ class SSLKeyShare {
|
|
|
1093
1338
|
public:
|
|
1094
1339
|
virtual ~SSLKeyShare() {}
|
|
1095
1340
|
static constexpr bool kAllowUniquePtr = true;
|
|
1096
|
-
HAS_VIRTUAL_DESTRUCTOR
|
|
1097
1341
|
|
|
1098
1342
|
// Create returns a SSLKeyShare instance for use with group |group_id| or
|
|
1099
1343
|
// nullptr on error.
|
|
1100
1344
|
static UniquePtr<SSLKeyShare> Create(uint16_t group_id);
|
|
1101
1345
|
|
|
1102
1346
|
// GroupID returns the group ID.
|
|
1103
|
-
virtual uint16_t GroupID() const
|
|
1347
|
+
virtual uint16_t GroupID() const = 0;
|
|
1104
1348
|
|
|
1105
1349
|
// Generate generates a keypair and writes the public key to |out_public_key|.
|
|
1106
1350
|
// It returns true on success and false on error.
|
|
1107
|
-
virtual bool Generate(CBB *out_public_key)
|
|
1351
|
+
virtual bool Generate(CBB *out_public_key) = 0;
|
|
1108
1352
|
|
|
1109
1353
|
// Encap generates an ephemeral, symmetric secret and encapsulates it with
|
|
1110
1354
|
// |peer_key|. On success, it returns true, writes the encapsulated secret to
|
|
1111
1355
|
// |out_ciphertext|, and sets |*out_secret| to the shared secret. On failure,
|
|
1112
1356
|
// it returns false and sets |*out_alert| to an alert to send to the peer.
|
|
1113
1357
|
virtual bool Encap(CBB *out_ciphertext, Array<uint8_t> *out_secret,
|
|
1114
|
-
uint8_t *out_alert,
|
|
1115
|
-
Span<const uint8_t> peer_key) PURE_VIRTUAL;
|
|
1358
|
+
uint8_t *out_alert, Span<const uint8_t> peer_key) = 0;
|
|
1116
1359
|
|
|
1117
1360
|
// Decap decapsulates the symmetric secret in |ciphertext|. On success, it
|
|
1118
1361
|
// returns true and sets |*out_secret| to the shared secret. On failure, it
|
|
1119
1362
|
// returns false and sets |*out_alert| to an alert to send to the peer.
|
|
1120
1363
|
virtual bool Decap(Array<uint8_t> *out_secret, uint8_t *out_alert,
|
|
1121
|
-
Span<const uint8_t> ciphertext)
|
|
1364
|
+
Span<const uint8_t> ciphertext) = 0;
|
|
1122
1365
|
|
|
1123
1366
|
// SerializePrivateKey writes the private key to |out|, returning true if
|
|
1124
1367
|
// successful and false otherwise. It should be called after |Generate|.
|
|
@@ -1198,21 +1441,13 @@ bool dtls_has_unprocessed_handshake_data(const SSL *ssl);
|
|
|
1198
1441
|
// tls_flush_pending_hs_data flushes any handshake plaintext data.
|
|
1199
1442
|
bool tls_flush_pending_hs_data(SSL *ssl);
|
|
1200
1443
|
|
|
1201
|
-
struct DTLS_OUTGOING_MESSAGE {
|
|
1202
|
-
DTLS_OUTGOING_MESSAGE() {}
|
|
1203
|
-
DTLS_OUTGOING_MESSAGE(const DTLS_OUTGOING_MESSAGE &) = delete;
|
|
1204
|
-
DTLS_OUTGOING_MESSAGE &operator=(const DTLS_OUTGOING_MESSAGE &) = delete;
|
|
1205
|
-
|
|
1206
|
-
void Clear();
|
|
1207
|
-
|
|
1208
|
-
Array<uint8_t> data;
|
|
1209
|
-
uint16_t epoch = 0;
|
|
1210
|
-
bool is_ccs = false;
|
|
1211
|
-
};
|
|
1212
|
-
|
|
1213
1444
|
// dtls_clear_outgoing_messages releases all buffered outgoing messages.
|
|
1214
1445
|
void dtls_clear_outgoing_messages(SSL *ssl);
|
|
1215
1446
|
|
|
1447
|
+
// dtls_clear_unused_write_epochs releases any write epochs that are no longer
|
|
1448
|
+
// needed.
|
|
1449
|
+
void dtls_clear_unused_write_epochs(SSL *ssl);
|
|
1450
|
+
|
|
1216
1451
|
|
|
1217
1452
|
// Callbacks.
|
|
1218
1453
|
|
|
@@ -1239,11 +1474,9 @@ class SSLBuffer {
|
|
|
1239
1474
|
bool empty() const { return size_ == 0; }
|
|
1240
1475
|
size_t cap() const { return cap_; }
|
|
1241
1476
|
|
|
1242
|
-
Span<uint8_t> span() { return
|
|
1477
|
+
Span<uint8_t> span() { return Span(data(), size()); }
|
|
1243
1478
|
|
|
1244
|
-
Span<uint8_t> remaining() {
|
|
1245
|
-
return MakeSpan(data() + size(), cap() - size());
|
|
1246
|
-
}
|
|
1479
|
+
Span<uint8_t> remaining() { return Span(data() + size(), cap() - size()); }
|
|
1247
1480
|
|
|
1248
1481
|
// Clear releases the buffer.
|
|
1249
1482
|
void Clear();
|
|
@@ -1278,9 +1511,6 @@ class SSLBuffer {
|
|
|
1278
1511
|
uint16_t cap_ = 0;
|
|
1279
1512
|
// inline_buf_ is a static buffer for short reads.
|
|
1280
1513
|
uint8_t inline_buf_[SSL3_RT_HEADER_LENGTH];
|
|
1281
|
-
// buf_allocated_ is true if |buf_| points to allocated data and must be freed
|
|
1282
|
-
// or false if it points into |inline_buf_|.
|
|
1283
|
-
bool buf_allocated_ = false;
|
|
1284
1514
|
};
|
|
1285
1515
|
|
|
1286
1516
|
// ssl_read_buffer_extend_to extends the read buffer to the desired length. For
|
|
@@ -1307,10 +1537,6 @@ int ssl_write_buffer_flush(SSL *ssl);
|
|
|
1307
1537
|
|
|
1308
1538
|
// Certificate functions.
|
|
1309
1539
|
|
|
1310
|
-
// ssl_has_certificate returns whether a certificate and private key are
|
|
1311
|
-
// configured.
|
|
1312
|
-
bool ssl_has_certificate(const SSL_HANDSHAKE *hs);
|
|
1313
|
-
|
|
1314
1540
|
// ssl_parse_cert_chain parses a certificate list from |cbs| in the format used
|
|
1315
1541
|
// by a TLS Certificate message. On success, it advances |cbs| and returns
|
|
1316
1542
|
// true. Otherwise, it returns false and sets |*out_alert| to an alert to send
|
|
@@ -1328,11 +1554,6 @@ bool ssl_parse_cert_chain(uint8_t *out_alert,
|
|
|
1328
1554
|
uint8_t *out_leaf_sha256, CBS *cbs,
|
|
1329
1555
|
CRYPTO_BUFFER_POOL *pool);
|
|
1330
1556
|
|
|
1331
|
-
// ssl_add_cert_chain adds |hs->ssl|'s certificate chain to |cbb| in the format
|
|
1332
|
-
// used by a TLS Certificate message. If there is no certificate chain, it emits
|
|
1333
|
-
// an empty certificate list. It returns true on success and false on error.
|
|
1334
|
-
bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1335
|
-
|
|
1336
1557
|
enum ssl_key_usage_t {
|
|
1337
1558
|
key_usage_digital_signature = 0,
|
|
1338
1559
|
key_usage_encipherment = 2,
|
|
@@ -1344,37 +1565,51 @@ enum ssl_key_usage_t {
|
|
|
1344
1565
|
OPENSSL_EXPORT bool ssl_cert_check_key_usage(const CBS *in,
|
|
1345
1566
|
enum ssl_key_usage_t bit);
|
|
1346
1567
|
|
|
1568
|
+
// ssl_cert_extract_issuer parses the DER-encoded, X.509 certificate in |in|
|
|
1569
|
+
// and extracts the issuer. On success it returns true and the DER encoded
|
|
1570
|
+
// issuer is in |out_dn|, otherwise it returns false.
|
|
1571
|
+
OPENSSL_EXPORT bool ssl_cert_extract_issuer(const CBS *in, CBS *out_dn);
|
|
1572
|
+
|
|
1573
|
+
// ssl_cert_matches_issuer parses the DER-encoded, X.509 certificate in |in|
|
|
1574
|
+
// and returns true if its issuer is an exact match for the DER encoded
|
|
1575
|
+
// distinguished name in |dn|
|
|
1576
|
+
bool ssl_cert_matches_issuer(const CBS *in, const CBS *dn);
|
|
1577
|
+
|
|
1347
1578
|
// ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
|
|
1348
1579
|
// certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
|
|
1349
1580
|
// nullptr and pushes to the error queue.
|
|
1350
1581
|
UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
|
|
1351
1582
|
|
|
1352
|
-
//
|
|
1353
|
-
//
|
|
1354
|
-
// |CRYPTO_BUFFER| list and advances
|
|
1355
|
-
// sets |*out_alert| to an alert to
|
|
1356
|
-
|
|
1357
|
-
|
|
1358
|
-
|
|
1583
|
+
// SSL_parse_CA_list parses a CA list from |cbs| in the format used by a TLS
|
|
1584
|
+
// CertificateRequest message and Certificate Authorities extension. On success,
|
|
1585
|
+
// it returns a newly-allocated |CRYPTO_BUFFER| list and advances
|
|
1586
|
+
// |cbs|. Otherwise, it returns nullptr and sets |*out_alert| to an alert to
|
|
1587
|
+
// send to the peer.
|
|
1588
|
+
UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
|
|
1589
|
+
uint8_t *out_alert,
|
|
1590
|
+
CBS *cbs);
|
|
1359
1591
|
|
|
1360
|
-
// ssl_has_client_CAs returns there are configured CAs.
|
|
1592
|
+
// ssl_has_client_CAs returns whether there are configured CAs.
|
|
1361
1593
|
bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
|
|
1362
1594
|
|
|
1363
1595
|
// ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
|
|
1364
1596
|
// used by a TLS CertificateRequest message. It returns true on success and
|
|
1365
1597
|
// false on error.
|
|
1366
|
-
bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1598
|
+
bool ssl_add_client_CA_list(const SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1599
|
+
|
|
1600
|
+
// ssl_has_CA_names returns whether there are configured CA names.
|
|
1601
|
+
bool ssl_has_CA_names(const SSL_CONFIG *cfg);
|
|
1602
|
+
|
|
1603
|
+
// ssl_add_CA_names adds the configured CA_names list to |cbb| in the format
|
|
1604
|
+
// used by a TLS Certificate Authorities extension. It returns true on success
|
|
1605
|
+
// and false on error.
|
|
1606
|
+
bool ssl_add_CA_names(const SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1367
1607
|
|
|
1368
1608
|
// ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
|
|
1369
1609
|
// a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
|
|
1370
1610
|
// an error on the error queue.
|
|
1371
1611
|
bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
|
|
1372
|
-
|
|
1373
|
-
|
|
1374
|
-
// ssl_on_certificate_selected is called once the certificate has been selected.
|
|
1375
|
-
// It finalizes the certificate and initializes |hs->local_pubkey|. It returns
|
|
1376
|
-
// true on success and false on error.
|
|
1377
|
-
bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
|
|
1612
|
+
const CRYPTO_BUFFER *leaf);
|
|
1378
1613
|
|
|
1379
1614
|
|
|
1380
1615
|
// TLS 1.3 key derivation.
|
|
@@ -1426,7 +1661,7 @@ bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
|
|
|
1426
1661
|
// |exporter_secret|.
|
|
1427
1662
|
bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
|
|
1428
1663
|
Span<const uint8_t> secret,
|
|
1429
|
-
|
|
1664
|
+
std::string_view label,
|
|
1430
1665
|
Span<const uint8_t> context);
|
|
1431
1666
|
|
|
1432
1667
|
// tls13_finished_mac calculates the MAC of the handshake transcript to verify
|
|
@@ -1439,7 +1674,8 @@ bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
|
|
|
1439
1674
|
// tls13_derive_session_psk calculates the PSK for this session based on the
|
|
1440
1675
|
// resumption master secret and |nonce|. It returns true on success, and false
|
|
1441
1676
|
// on failure.
|
|
1442
|
-
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce
|
|
1677
|
+
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce,
|
|
1678
|
+
bool is_dtls);
|
|
1443
1679
|
|
|
1444
1680
|
// tls13_write_psk_binder calculates the PSK binder value over |transcript| and
|
|
1445
1681
|
// |msg|, and replaces the last bytes of |msg| with the resulting value. It
|
|
@@ -1584,44 +1820,155 @@ size_t ssl_ech_extension_body_length(const EVP_HPKE_AEAD *aead, size_t enc_len,
|
|
|
1584
1820
|
bool ssl_encrypt_client_hello(SSL_HANDSHAKE *hs, Span<const uint8_t> enc);
|
|
1585
1821
|
|
|
1586
1822
|
|
|
1587
|
-
//
|
|
1823
|
+
// Credentials.
|
|
1588
1824
|
|
|
1589
|
-
|
|
1590
|
-
|
|
1591
|
-
|
|
1592
|
-
|
|
1593
|
-
|
|
1825
|
+
enum class SSLCredentialType {
|
|
1826
|
+
kX509,
|
|
1827
|
+
kDelegated,
|
|
1828
|
+
kSPAKE2PlusV1Client,
|
|
1829
|
+
kSPAKE2PlusV1Server,
|
|
1830
|
+
};
|
|
1831
|
+
|
|
1832
|
+
BSSL_NAMESPACE_END
|
|
1833
|
+
|
|
1834
|
+
// SSL_CREDENTIAL is exported to C, so it must be defined outside the namespace.
|
|
1835
|
+
struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
|
|
1836
|
+
explicit ssl_credential_st(bssl::SSLCredentialType type);
|
|
1837
|
+
ssl_credential_st(const ssl_credential_st &) = delete;
|
|
1838
|
+
ssl_credential_st &operator=(const ssl_credential_st &) = delete;
|
|
1839
|
+
|
|
1840
|
+
// Dup returns a copy of the credential, or nullptr on error. The |ex_data|
|
|
1841
|
+
// values are not copied. This is only used on the legacy credential, whose
|
|
1842
|
+
// |ex_data| is inaccessible.
|
|
1843
|
+
bssl::UniquePtr<SSL_CREDENTIAL> Dup() const;
|
|
1844
|
+
|
|
1845
|
+
// ClearCertAndKey erases any certificate and private key on the credential.
|
|
1846
|
+
void ClearCertAndKey();
|
|
1847
|
+
|
|
1848
|
+
// UsesX509 returns true if the credential type uses an X.509 certificate.
|
|
1849
|
+
bool UsesX509() const;
|
|
1850
|
+
|
|
1851
|
+
// UsesPrivateKey returns true if the credential type uses an asymmetric
|
|
1852
|
+
// private key.
|
|
1853
|
+
bool UsesPrivateKey() const;
|
|
1854
|
+
|
|
1855
|
+
// IsComplete returns whether all required fields in the credential have been
|
|
1856
|
+
// filled in.
|
|
1857
|
+
bool IsComplete() const;
|
|
1858
|
+
|
|
1859
|
+
// SetLeafCert sets the leaf certificate to |leaf|, leaving the remaining
|
|
1860
|
+
// certificates unmodified. It returns true on success and false on error. If
|
|
1861
|
+
// |discard_key_on_mismatch| is true and the private key is inconsistent with
|
|
1862
|
+
// the new leaf certificate, it is silently discarded.
|
|
1863
|
+
bool SetLeafCert(bssl::UniquePtr<CRYPTO_BUFFER> leaf,
|
|
1864
|
+
bool discard_key_on_mismatch);
|
|
1865
|
+
|
|
1866
|
+
// ClearIntermediateCerts clears intermediate certificates in the certificate
|
|
1867
|
+
// chain, while preserving the leaf.
|
|
1868
|
+
void ClearIntermediateCerts();
|
|
1869
|
+
|
|
1870
|
+
// AppendIntermediateCert appends |cert| to the certificate chain. If there is
|
|
1871
|
+
// no leaf certificate configured, it leaves a placeholder null in |chain|. It
|
|
1872
|
+
// returns one on success and zero on error.
|
|
1873
|
+
bool AppendIntermediateCert(bssl::UniquePtr<CRYPTO_BUFFER> cert);
|
|
1874
|
+
|
|
1875
|
+
// ChainContainsIssuer returns true if |dn| is a byte for byte match with the
|
|
1876
|
+
// issuer of any certificate in |chain|, false otherwise.
|
|
1877
|
+
bool ChainContainsIssuer(bssl::Span<const uint8_t> dn) const;
|
|
1878
|
+
|
|
1879
|
+
// type is the credential type and determines which other fields apply.
|
|
1880
|
+
bssl::SSLCredentialType type;
|
|
1881
|
+
|
|
1882
|
+
// pubkey is the cached public key of the credential. Unlike |privkey|, it is
|
|
1883
|
+
// always present and is extracted from the certificate, delegated credential,
|
|
1884
|
+
// etc.
|
|
1885
|
+
bssl::UniquePtr<EVP_PKEY> pubkey;
|
|
1886
|
+
|
|
1887
|
+
// privkey is the private key of the credential. It may be omitted in favor of
|
|
1888
|
+
// |key_method|.
|
|
1889
|
+
bssl::UniquePtr<EVP_PKEY> privkey;
|
|
1890
|
+
|
|
1891
|
+
// key_method, if non-null, is a set of callbacks to call for private key
|
|
1892
|
+
// operations.
|
|
1893
|
+
const SSL_PRIVATE_KEY_METHOD *key_method = nullptr;
|
|
1894
|
+
|
|
1895
|
+
// sigalgs, if non-empty, is the set of signature algorithms supported by the
|
|
1896
|
+
// private key in decreasing order of preference. If empty, the default list
|
|
1897
|
+
// is used.
|
|
1898
|
+
//
|
|
1899
|
+
// In delegated credentials, this field is not configurable and is instead
|
|
1900
|
+
// computed from the dc_cert_verify_algorithm field.
|
|
1901
|
+
bssl::Array<uint16_t> sigalgs;
|
|
1902
|
+
|
|
1903
|
+
// chain contains the certificate chain, with the leaf at the beginning. The
|
|
1904
|
+
// first element of |chain| may be nullptr to indicate that the leaf
|
|
1905
|
+
// certificate has not yet been set.
|
|
1906
|
+
// If |chain| != nullptr -> len(chain) >= 1
|
|
1907
|
+
// If |chain[0]| == nullptr -> len(chain) >= 2.
|
|
1908
|
+
// |chain[1..]| != nullptr
|
|
1909
|
+
bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain;
|
|
1910
|
+
|
|
1911
|
+
// dc is the DelegatedCredential structure, if this is a delegated credential.
|
|
1912
|
+
bssl::UniquePtr<CRYPTO_BUFFER> dc;
|
|
1913
|
+
|
|
1914
|
+
// dc_algorithm is the signature scheme of the signature over the delegated
|
|
1915
|
+
// credential itself, made by the end-entity certificate's public key.
|
|
1916
|
+
uint16_t dc_algorithm = 0;
|
|
1917
|
+
|
|
1918
|
+
// Signed certificate timestamp list to be sent to the client, if requested
|
|
1919
|
+
bssl::UniquePtr<CRYPTO_BUFFER> signed_cert_timestamp_list;
|
|
1594
1920
|
|
|
1595
|
-
//
|
|
1596
|
-
UniquePtr<
|
|
1921
|
+
// OCSP response to be sent to the client, if requested.
|
|
1922
|
+
bssl::UniquePtr<CRYPTO_BUFFER> ocsp_response;
|
|
1923
|
+
|
|
1924
|
+
// SPAKE2+-specific information.
|
|
1925
|
+
bssl::Array<uint8_t> pake_context;
|
|
1926
|
+
bssl::Array<uint8_t> client_identity;
|
|
1927
|
+
bssl::Array<uint8_t> server_identity;
|
|
1928
|
+
bssl::Array<uint8_t> password_verifier_w0;
|
|
1929
|
+
bssl::Array<uint8_t> password_verifier_w1; // server-only
|
|
1930
|
+
bssl::Array<uint8_t> registration_record; // client-only
|
|
1931
|
+
mutable std::atomic<uint32_t> pake_limit;
|
|
1597
1932
|
|
|
1598
|
-
//
|
|
1599
|
-
//
|
|
1600
|
-
|
|
1601
|
-
static UniquePtr<DC> Parse(CRYPTO_BUFFER *in, uint8_t *out_alert);
|
|
1933
|
+
// Checks whether there are still permitted PAKE attempts remaining, without
|
|
1934
|
+
// changing the counter.
|
|
1935
|
+
bool HasPAKEAttempts() const;
|
|
1602
1936
|
|
|
1603
|
-
//
|
|
1604
|
-
//
|
|
1605
|
-
|
|
1937
|
+
// Atomically decrement |pake_limit|. Return true if successful and false if
|
|
1938
|
+
// |pake_limit| is already zero.
|
|
1939
|
+
bool ClaimPAKEAttempt() const;
|
|
1606
1940
|
|
|
1607
|
-
//
|
|
1608
|
-
//
|
|
1609
|
-
|
|
1941
|
+
// Atomically increment |pake_limit|. This must be paired with a
|
|
1942
|
+
// |ClaimPAKEAttempt| call.
|
|
1943
|
+
void RestorePAKEAttempt() const;
|
|
1610
1944
|
|
|
1611
|
-
|
|
1612
|
-
|
|
1945
|
+
CRYPTO_EX_DATA ex_data;
|
|
1946
|
+
|
|
1947
|
+
// must_match_issuer is a flag indicating that this credential should be
|
|
1948
|
+
// considered only when it matches a peer request for a particular issuer via
|
|
1949
|
+
// a negotiation mechanism (such as the certificate_authorities extension).
|
|
1950
|
+
bool must_match_issuer = false;
|
|
1613
1951
|
|
|
1614
1952
|
private:
|
|
1615
|
-
friend
|
|
1616
|
-
|
|
1953
|
+
friend RefCounted;
|
|
1954
|
+
~ssl_credential_st();
|
|
1617
1955
|
};
|
|
1618
1956
|
|
|
1619
|
-
|
|
1620
|
-
|
|
1621
|
-
//
|
|
1622
|
-
//
|
|
1623
|
-
|
|
1957
|
+
BSSL_NAMESPACE_BEGIN
|
|
1958
|
+
|
|
1959
|
+
// ssl_get_credential_list computes |hs|'s credential list. On success, it
|
|
1960
|
+
// writes it to |*out| and returns true. Otherwise, it returns false. The
|
|
1961
|
+
// credential list may be empty, in which case this function will successfully
|
|
1962
|
+
// return an empty array.
|
|
1963
|
+
//
|
|
1964
|
+
// The pointers in the result are only valid until |hs| is next mutated.
|
|
1965
|
+
bool ssl_get_credential_list(SSL_HANDSHAKE *hs, Array<SSL_CREDENTIAL *> *out);
|
|
1624
1966
|
|
|
1967
|
+
// ssl_credential_matches_requested_issuers returns true if |cred| is a
|
|
1968
|
+
// usable match for any requested issuers in |hs|, and false with an error
|
|
1969
|
+
// otherwise.
|
|
1970
|
+
bool ssl_credential_matches_requested_issuers(SSL_HANDSHAKE *hs,
|
|
1971
|
+
const SSL_CREDENTIAL *cred);
|
|
1625
1972
|
|
|
1626
1973
|
// Handshake functions.
|
|
1627
1974
|
|
|
@@ -1661,7 +2008,7 @@ enum tls12_server_hs_state_t {
|
|
|
1661
2008
|
state12_start_accept = 0,
|
|
1662
2009
|
state12_read_client_hello,
|
|
1663
2010
|
state12_read_client_hello_after_ech,
|
|
1664
|
-
|
|
2011
|
+
state12_cert_callback,
|
|
1665
2012
|
state12_tls13,
|
|
1666
2013
|
state12_select_parameters,
|
|
1667
2014
|
state12_send_server_hello,
|
|
@@ -1745,6 +2092,14 @@ struct SSL_HANDSHAKE_HINTS {
|
|
|
1745
2092
|
bool ignore_ticket = false;
|
|
1746
2093
|
};
|
|
1747
2094
|
|
|
2095
|
+
struct SSLPAKEShare {
|
|
2096
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
2097
|
+
uint16_t named_pake;
|
|
2098
|
+
Array<uint8_t> client_identity;
|
|
2099
|
+
Array<uint8_t> server_identity;
|
|
2100
|
+
Array<uint8_t> pake_message;
|
|
2101
|
+
};
|
|
2102
|
+
|
|
1748
2103
|
struct SSL_HANDSHAKE {
|
|
1749
2104
|
explicit SSL_HANDSHAKE(SSL *ssl);
|
|
1750
2105
|
~SSL_HANDSHAKE();
|
|
@@ -1776,18 +2131,13 @@ struct SSL_HANDSHAKE {
|
|
|
1776
2131
|
// |SSL_OP_NO_*| and |SSL_CTX_set_max_proto_version| APIs.
|
|
1777
2132
|
uint16_t max_version = 0;
|
|
1778
2133
|
|
|
1779
|
-
|
|
1780
|
-
|
|
1781
|
-
uint8_t
|
|
1782
|
-
uint8_t
|
|
1783
|
-
uint8_t
|
|
1784
|
-
uint8_t
|
|
1785
|
-
uint8_t
|
|
1786
|
-
uint8_t server_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
|
|
1787
|
-
uint8_t expected_client_finished_[SSL_MAX_MD_SIZE] = {0};
|
|
1788
|
-
|
|
1789
|
-
public:
|
|
1790
|
-
void ResizeSecrets(size_t hash_len);
|
|
2134
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> secret;
|
|
2135
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> early_traffic_secret;
|
|
2136
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_handshake_secret;
|
|
2137
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_handshake_secret;
|
|
2138
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_traffic_secret_0;
|
|
2139
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_traffic_secret_0;
|
|
2140
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> expected_client_finished;
|
|
1791
2141
|
|
|
1792
2142
|
// GetClientHello, on the server, returns either the normal ClientHello
|
|
1793
2143
|
// message or the ClientHelloInner if it has been serialized to
|
|
@@ -1800,29 +2150,6 @@ struct SSL_HANDSHAKE {
|
|
|
1800
2150
|
// SSL_HANDSHAKE.
|
|
1801
2151
|
bool GetClientHello(SSLMessage *out_msg, SSL_CLIENT_HELLO *out_client_hello);
|
|
1802
2152
|
|
|
1803
|
-
Span<uint8_t> secret() { return MakeSpan(secret_, hash_len_); }
|
|
1804
|
-
Span<const uint8_t> secret() const {
|
|
1805
|
-
return MakeConstSpan(secret_, hash_len_);
|
|
1806
|
-
}
|
|
1807
|
-
Span<uint8_t> early_traffic_secret() {
|
|
1808
|
-
return MakeSpan(early_traffic_secret_, hash_len_);
|
|
1809
|
-
}
|
|
1810
|
-
Span<uint8_t> client_handshake_secret() {
|
|
1811
|
-
return MakeSpan(client_handshake_secret_, hash_len_);
|
|
1812
|
-
}
|
|
1813
|
-
Span<uint8_t> server_handshake_secret() {
|
|
1814
|
-
return MakeSpan(server_handshake_secret_, hash_len_);
|
|
1815
|
-
}
|
|
1816
|
-
Span<uint8_t> client_traffic_secret_0() {
|
|
1817
|
-
return MakeSpan(client_traffic_secret_0_, hash_len_);
|
|
1818
|
-
}
|
|
1819
|
-
Span<uint8_t> server_traffic_secret_0() {
|
|
1820
|
-
return MakeSpan(server_traffic_secret_0_, hash_len_);
|
|
1821
|
-
}
|
|
1822
|
-
Span<uint8_t> expected_client_finished() {
|
|
1823
|
-
return MakeSpan(expected_client_finished_, hash_len_);
|
|
1824
|
-
}
|
|
1825
|
-
|
|
1826
2153
|
union {
|
|
1827
2154
|
// sent is a bitset where the bits correspond to elements of kExtensions
|
|
1828
2155
|
// in extensions.cc. Each bit is set if that extension was sent in a
|
|
@@ -1863,7 +2190,8 @@ struct SSL_HANDSHAKE {
|
|
|
1863
2190
|
|
|
1864
2191
|
// dtls_cookie is the value of the cookie in DTLS HelloVerifyRequest. If
|
|
1865
2192
|
// empty, either none was received or HelloVerifyRequest contained an empty
|
|
1866
|
-
// cookie.
|
|
2193
|
+
// cookie. Check the received_hello_verify_request field to distinguish an
|
|
2194
|
+
// empty cookie from no HelloVerifyRequest message being received.
|
|
1867
2195
|
Array<uint8_t> dtls_cookie;
|
|
1868
2196
|
|
|
1869
2197
|
// ech_client_outer contains the outer ECH extension to send in the
|
|
@@ -1896,7 +2224,8 @@ struct SSL_HANDSHAKE {
|
|
|
1896
2224
|
Array<uint16_t> peer_supported_group_list;
|
|
1897
2225
|
|
|
1898
2226
|
// peer_delegated_credential_sigalgs are the signature algorithms the peer
|
|
1899
|
-
// supports with delegated credentials
|
|
2227
|
+
// supports with delegated credentials, or empty if the peer does not support
|
|
2228
|
+
// delegated credentials.
|
|
1900
2229
|
Array<uint16_t> peer_delegated_credential_sigalgs;
|
|
1901
2230
|
|
|
1902
2231
|
// peer_key is the peer's ECDH key for a TLS 1.2 client.
|
|
@@ -1926,8 +2255,8 @@ struct SSL_HANDSHAKE {
|
|
|
1926
2255
|
// server when using a TLS 1.2 PSK key exchange.
|
|
1927
2256
|
UniquePtr<char> peer_psk_identity_hint;
|
|
1928
2257
|
|
|
1929
|
-
// ca_names
|
|
1930
|
-
// CertificateRequest message
|
|
2258
|
+
// ca_names contains the list of CAs received via the Certificate Authorities
|
|
2259
|
+
// extension in our peer's CertificateRequest or ClientHello message
|
|
1931
2260
|
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names;
|
|
1932
2261
|
|
|
1933
2262
|
// cached_x509_ca_names contains a cache of parsed versions of the elements of
|
|
@@ -1939,8 +2268,8 @@ struct SSL_HANDSHAKE {
|
|
|
1939
2268
|
// received in a CertificateRequest message.
|
|
1940
2269
|
Array<uint8_t> certificate_types;
|
|
1941
2270
|
|
|
1942
|
-
//
|
|
1943
|
-
UniquePtr<
|
|
2271
|
+
// credential is the credential we are using for the handshake.
|
|
2272
|
+
UniquePtr<SSL_CREDENTIAL> credential;
|
|
1944
2273
|
|
|
1945
2274
|
// peer_pubkey is the public key parsed from the peer's leaf certificate.
|
|
1946
2275
|
UniquePtr<EVP_PKEY> peer_pubkey;
|
|
@@ -2006,10 +2335,6 @@ struct SSL_HANDSHAKE {
|
|
|
2006
2335
|
// ocsp_stapling_requested is true if a client requested OCSP stapling.
|
|
2007
2336
|
bool ocsp_stapling_requested : 1;
|
|
2008
2337
|
|
|
2009
|
-
// delegated_credential_requested is true if the peer indicated support for
|
|
2010
|
-
// the delegated credential extension.
|
|
2011
|
-
bool delegated_credential_requested : 1;
|
|
2012
|
-
|
|
2013
2338
|
// should_ack_sni is used by a server and indicates that the SNI extension
|
|
2014
2339
|
// should be echoed in the ServerHello.
|
|
2015
2340
|
bool should_ack_sni : 1;
|
|
@@ -2033,6 +2358,10 @@ struct SSL_HANDSHAKE {
|
|
|
2033
2358
|
// the handshake.
|
|
2034
2359
|
bool can_early_write : 1;
|
|
2035
2360
|
|
|
2361
|
+
// is_early_version is true if the protocol version configured is not
|
|
2362
|
+
// necessarily the final version and is just the predicted 0-RTT version.
|
|
2363
|
+
bool is_early_version : 1;
|
|
2364
|
+
|
|
2036
2365
|
// next_proto_neg_seen is one of NPN was negotiated.
|
|
2037
2366
|
bool next_proto_neg_seen : 1;
|
|
2038
2367
|
|
|
@@ -2074,6 +2403,10 @@ struct SSL_HANDSHAKE {
|
|
|
2074
2403
|
// handshake.
|
|
2075
2404
|
bool channel_id_negotiated : 1;
|
|
2076
2405
|
|
|
2406
|
+
// received_hello_verify_request is true if we received a HelloVerifyRequest
|
|
2407
|
+
// message from the server.
|
|
2408
|
+
bool received_hello_verify_request : 1;
|
|
2409
|
+
|
|
2077
2410
|
// client_version is the value sent or received in the ClientHello version.
|
|
2078
2411
|
uint16_t client_version = 0;
|
|
2079
2412
|
|
|
@@ -2085,15 +2418,30 @@ struct SSL_HANDSHAKE {
|
|
|
2085
2418
|
// record layer.
|
|
2086
2419
|
uint16_t early_data_written = 0;
|
|
2087
2420
|
|
|
2421
|
+
// signature_algorithm is the signature algorithm to be used in signing with
|
|
2422
|
+
// the selected credential, or zero if not applicable or not yet selected.
|
|
2423
|
+
uint16_t signature_algorithm = 0;
|
|
2424
|
+
|
|
2088
2425
|
// ech_config_id is the ECH config sent by the client.
|
|
2089
2426
|
uint8_t ech_config_id = 0;
|
|
2090
2427
|
|
|
2091
2428
|
// session_id is the session ID in the ClientHello.
|
|
2092
|
-
uint8_t
|
|
2093
|
-
uint8_t session_id_len = 0;
|
|
2429
|
+
InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
|
|
2094
2430
|
|
|
2095
2431
|
// grease_seed is the entropy for GREASE values.
|
|
2096
2432
|
uint8_t grease_seed[ssl_grease_last_index + 1] = {0};
|
|
2433
|
+
|
|
2434
|
+
// pake_share is the PAKE message received over the wire, if any.
|
|
2435
|
+
UniquePtr<SSLPAKEShare> pake_share;
|
|
2436
|
+
|
|
2437
|
+
// pake_share_bytes are the bytes of the PAKEShare to send, if any.
|
|
2438
|
+
Array<uint8_t> pake_share_bytes;
|
|
2439
|
+
|
|
2440
|
+
// pake_prover is the PAKE context for a client.
|
|
2441
|
+
UniquePtr<spake2plus::Prover> pake_prover;
|
|
2442
|
+
|
|
2443
|
+
// pake_verifier is the PAKE context for a server.
|
|
2444
|
+
UniquePtr<spake2plus::Verifier> pake_verifier;
|
|
2097
2445
|
};
|
|
2098
2446
|
|
|
2099
2447
|
// kMaxTickets is the maximum number of tickets to send immediately after the
|
|
@@ -2126,10 +2474,9 @@ const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
|
|
|
2126
2474
|
const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
|
|
2127
2475
|
const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
|
|
2128
2476
|
|
|
2129
|
-
// tls13_add_key_update queues a KeyUpdate message on |ssl|.
|
|
2130
|
-
//
|
|
2131
|
-
|
|
2132
|
-
bool tls13_add_key_update(SSL *ssl, int update_requested);
|
|
2477
|
+
// tls13_add_key_update queues a KeyUpdate message on |ssl|. |request_type| must
|
|
2478
|
+
// be one of |SSL_KEY_UPDATE_REQUESTED| or |SSL_KEY_UPDATE_NOT_REQUESTED|.
|
|
2479
|
+
bool tls13_add_key_update(SSL *ssl, int request_type);
|
|
2133
2480
|
|
|
2134
2481
|
// tls13_post_handshake processes a post-handshake message. It returns true on
|
|
2135
2482
|
// success and false on failure.
|
|
@@ -2167,6 +2514,10 @@ bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
|
|
|
2167
2514
|
// a single key share of the specified group.
|
|
2168
2515
|
bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id);
|
|
2169
2516
|
|
|
2517
|
+
// ssl_setup_pake_shares computes the client PAKE shares and saves them in |hs|.
|
|
2518
|
+
// It returns true on success and false on failure.
|
|
2519
|
+
bool ssl_setup_pake_shares(SSL_HANDSHAKE *hs);
|
|
2520
|
+
|
|
2170
2521
|
bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2171
2522
|
Array<uint8_t> *out_secret,
|
|
2172
2523
|
uint8_t *out_alert, CBS *contents);
|
|
@@ -2174,8 +2525,13 @@ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
|
|
|
2174
2525
|
Span<const uint8_t> *out_peer_key,
|
|
2175
2526
|
uint8_t *out_alert,
|
|
2176
2527
|
const SSL_CLIENT_HELLO *client_hello);
|
|
2528
|
+
bool ssl_ext_pake_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
2177
2529
|
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
2178
2530
|
|
|
2531
|
+
bool ssl_ext_pake_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2532
|
+
Array<uint8_t> *out_secret,
|
|
2533
|
+
uint8_t *out_alert, CBS *contents);
|
|
2534
|
+
|
|
2179
2535
|
bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2180
2536
|
uint8_t *out_alert,
|
|
2181
2537
|
CBS *contents);
|
|
@@ -2239,6 +2595,11 @@ bool ssl_is_valid_alpn_list(Span<const uint8_t> in);
|
|
|
2239
2595
|
bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
|
|
2240
2596
|
Span<const uint8_t> protocol);
|
|
2241
2597
|
|
|
2598
|
+
// ssl_alpn_list_contains_protocol returns whether |list|, a serialized ALPN
|
|
2599
|
+
// protocol list, contains |protocol|.
|
|
2600
|
+
bool ssl_alpn_list_contains_protocol(Span<const uint8_t> list,
|
|
2601
|
+
Span<const uint8_t> protocol);
|
|
2602
|
+
|
|
2242
2603
|
// ssl_negotiate_alpn negotiates the ALPN extension, if applicable. It returns
|
|
2243
2604
|
// true on successful negotiation or if nothing was negotiated. It returns false
|
|
2244
2605
|
// and sets |*out_alert| to an alert on error.
|
|
@@ -2287,8 +2648,14 @@ enum ssl_verify_result_t ssl_reverify_peer_cert(SSL_HANDSHAKE *hs,
|
|
|
2287
2648
|
bool send_alert);
|
|
2288
2649
|
|
|
2289
2650
|
enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
|
|
2651
|
+
|
|
2652
|
+
// ssl_send_finished adds a Finished message to the current flight of messages.
|
|
2653
|
+
// It returns true on success and false on error.
|
|
2290
2654
|
bool ssl_send_finished(SSL_HANDSHAKE *hs);
|
|
2291
|
-
|
|
2655
|
+
|
|
2656
|
+
// ssl_send_tls12_certificate adds a TLS 1.2 Certificate message to the current
|
|
2657
|
+
// flight of messages. It returns true on success and false on error.
|
|
2658
|
+
bool ssl_send_tls12_certificate(SSL_HANDSHAKE *hs);
|
|
2292
2659
|
|
|
2293
2660
|
// ssl_handshake_session returns the |SSL_SESSION| corresponding to the current
|
|
2294
2661
|
// handshake. Note, in TLS 1.2 resumptions, this session is immutable.
|
|
@@ -2309,12 +2676,6 @@ bool ssl_log_secret(const SSL *ssl, const char *label,
|
|
|
2309
2676
|
|
|
2310
2677
|
// ClientHello functions.
|
|
2311
2678
|
|
|
2312
|
-
// ssl_client_hello_init parses |body| as a ClientHello message, excluding the
|
|
2313
|
-
// message header, and writes the result to |*out|. It returns true on success
|
|
2314
|
-
// and false on error. This function is exported for testing.
|
|
2315
|
-
OPENSSL_EXPORT bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
2316
|
-
Span<const uint8_t> body);
|
|
2317
|
-
|
|
2318
2679
|
bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
|
|
2319
2680
|
SSL_CLIENT_HELLO *out);
|
|
2320
2681
|
|
|
@@ -2348,28 +2709,20 @@ bool tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *sigalgs);
|
|
|
2348
2709
|
bool tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey);
|
|
2349
2710
|
|
|
2350
2711
|
// tls1_choose_signature_algorithm sets |*out| to a signature algorithm for use
|
|
2351
|
-
// with |
|
|
2352
|
-
//
|
|
2353
|
-
bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs,
|
|
2354
|
-
|
|
2355
|
-
// tls1_get_peer_verify_algorithms returns the signature schemes for which the
|
|
2356
|
-
// peer indicated support.
|
|
2357
|
-
//
|
|
2358
|
-
// NOTE: The related function |SSL_get0_peer_verify_algorithms| only has
|
|
2359
|
-
// well-defined behavior during the callbacks set by |SSL_CTX_set_cert_cb| and
|
|
2360
|
-
// |SSL_CTX_set_client_cert_cb|, or when the handshake is paused because of
|
|
2361
|
-
// them.
|
|
2362
|
-
Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs);
|
|
2712
|
+
// with |cred| based on the peer's preferences and the algorithms supported. It
|
|
2713
|
+
// returns true on success and false on error.
|
|
2714
|
+
bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs,
|
|
2715
|
+
const SSL_CREDENTIAL *cred, uint16_t *out);
|
|
2363
2716
|
|
|
2364
2717
|
// tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
|
|
2365
2718
|
// peer signature to |out|. It returns true on success and false on error.
|
|
2366
2719
|
bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out);
|
|
2367
2720
|
|
|
2368
2721
|
// tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
|
|
2369
|
-
// signature
|
|
2722
|
+
// signature from |pkey|. It returns true on success and false on error, setting
|
|
2370
2723
|
// |*out_alert| to an alert to send.
|
|
2371
2724
|
bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
2372
|
-
uint16_t sigalg);
|
|
2725
|
+
uint16_t sigalg, EVP_PKEY *pkey);
|
|
2373
2726
|
|
|
2374
2727
|
|
|
2375
2728
|
// Underdocumented functions.
|
|
@@ -2387,42 +2740,36 @@ struct CERT {
|
|
|
2387
2740
|
explicit CERT(const SSL_X509_METHOD *x509_method);
|
|
2388
2741
|
~CERT();
|
|
2389
2742
|
|
|
2390
|
-
|
|
2391
|
-
|
|
2392
|
-
// chain contains the certificate chain, with the leaf at the beginning. The
|
|
2393
|
-
// first element of |chain| may be NULL to indicate that the leaf certificate
|
|
2394
|
-
// has not yet been set.
|
|
2395
|
-
// If |chain| != NULL -> len(chain) >= 1
|
|
2396
|
-
// If |chain[0]| == NULL -> len(chain) >= 2.
|
|
2397
|
-
// |chain[1..]| != NULL
|
|
2398
|
-
UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain;
|
|
2399
|
-
|
|
2400
|
-
// x509_chain may contain a parsed copy of |chain[1..]|. This is only used as
|
|
2401
|
-
// a cache in order to implement “get0” functions that return a non-owning
|
|
2402
|
-
// pointer to the certificate chain.
|
|
2403
|
-
STACK_OF(X509) *x509_chain = nullptr;
|
|
2404
|
-
|
|
2405
|
-
// x509_leaf may contain a parsed copy of the first element of |chain|. This
|
|
2406
|
-
// is only used as a cache in order to implement “get0” functions that return
|
|
2407
|
-
// a non-owning pointer to the certificate chain.
|
|
2408
|
-
X509 *x509_leaf = nullptr;
|
|
2743
|
+
bool is_valid() const { return legacy_credential != nullptr; }
|
|
2409
2744
|
|
|
2410
|
-
//
|
|
2411
|
-
//
|
|
2412
|
-
|
|
2413
|
-
X509 *x509_stash = nullptr;
|
|
2745
|
+
// credentials is the list of credentials to select between. Elements of this
|
|
2746
|
+
// array immutable.
|
|
2747
|
+
Vector<UniquePtr<SSL_CREDENTIAL>> credentials;
|
|
2414
2748
|
|
|
2415
|
-
//
|
|
2416
|
-
//
|
|
2417
|
-
|
|
2749
|
+
// legacy_credential is the credential configured by the legacy
|
|
2750
|
+
// non-credential-based APIs. If IsComplete() returns true, it is appended to
|
|
2751
|
+
// the list of credentials.
|
|
2752
|
+
UniquePtr<SSL_CREDENTIAL> legacy_credential;
|
|
2418
2753
|
|
|
2419
2754
|
// x509_method contains pointers to functions that might deal with |X509|
|
|
2420
2755
|
// compatibility, or might be a no-op, depending on the application.
|
|
2421
2756
|
const SSL_X509_METHOD *x509_method = nullptr;
|
|
2422
2757
|
|
|
2423
|
-
//
|
|
2424
|
-
//
|
|
2425
|
-
|
|
2758
|
+
// x509_chain may contain a parsed copy of |chain[1..]| from the legacy
|
|
2759
|
+
// credential. This is only used as a cache in order to implement “get0”
|
|
2760
|
+
// functions that return a non-owning pointer to the certificate chain.
|
|
2761
|
+
STACK_OF(X509) *x509_chain = nullptr;
|
|
2762
|
+
|
|
2763
|
+
// x509_leaf may contain a parsed copy of the first element of |chain| from
|
|
2764
|
+
// the legacy credential. This is only used as a cache in order to implement
|
|
2765
|
+
// “get0” functions that return a non-owning pointer to the certificate chain.
|
|
2766
|
+
X509 *x509_leaf = nullptr;
|
|
2767
|
+
|
|
2768
|
+
// x509_stash contains the last |X509| object append to the legacy
|
|
2769
|
+
// credential's chain. This is a workaround for some third-party code that
|
|
2770
|
+
// continue to use an |X509| object even after passing ownership with an
|
|
2771
|
+
// “add0” function.
|
|
2772
|
+
X509 *x509_stash = nullptr;
|
|
2426
2773
|
|
|
2427
2774
|
// Certificate setup callback: if set is called whenever a
|
|
2428
2775
|
// certificate may be required (client or server). the callback
|
|
@@ -2437,29 +2784,9 @@ struct CERT {
|
|
|
2437
2784
|
// store is used instead.
|
|
2438
2785
|
X509_STORE *verify_store = nullptr;
|
|
2439
2786
|
|
|
2440
|
-
// Signed certificate timestamp list to be sent to the client, if requested
|
|
2441
|
-
UniquePtr<CRYPTO_BUFFER> signed_cert_timestamp_list;
|
|
2442
|
-
|
|
2443
|
-
// OCSP response to be sent to the client, if requested.
|
|
2444
|
-
UniquePtr<CRYPTO_BUFFER> ocsp_response;
|
|
2445
|
-
|
|
2446
2787
|
// sid_ctx partitions the session space within a shared session cache or
|
|
2447
2788
|
// ticket key. Only sessions with a matching value will be accepted.
|
|
2448
|
-
uint8_t
|
|
2449
|
-
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
|
|
2450
|
-
|
|
2451
|
-
// Delegated credentials.
|
|
2452
|
-
|
|
2453
|
-
// dc is the delegated credential to send to the peer (if requested).
|
|
2454
|
-
UniquePtr<DC> dc = nullptr;
|
|
2455
|
-
|
|
2456
|
-
// dc_privatekey is used instead of |privatekey| or |key_method| to
|
|
2457
|
-
// authenticate the host if a delegated credential is used in the handshake.
|
|
2458
|
-
UniquePtr<EVP_PKEY> dc_privatekey = nullptr;
|
|
2459
|
-
|
|
2460
|
-
// dc_key_method, if not NULL, is used instead of |dc_privatekey| to
|
|
2461
|
-
// authenticate the host.
|
|
2462
|
-
const SSL_PRIVATE_KEY_METHOD *dc_key_method = nullptr;
|
|
2789
|
+
InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
|
|
2463
2790
|
};
|
|
2464
2791
|
|
|
2465
2792
|
// |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
|
|
@@ -2508,25 +2835,37 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2508
2835
|
// add_change_cipher_spec adds a ChangeCipherSpec record to the pending
|
|
2509
2836
|
// flight. It returns true on success and false on error.
|
|
2510
2837
|
bool (*add_change_cipher_spec)(SSL *ssl);
|
|
2511
|
-
//
|
|
2512
|
-
//
|
|
2513
|
-
|
|
2838
|
+
// finish_flight marks the pending flight as finished and ready to send.
|
|
2839
|
+
// |flush| must be called to write it.
|
|
2840
|
+
void (*finish_flight)(SSL *ssl);
|
|
2841
|
+
// schedule_ack schedules a DTLS 1.3 ACK to be sent, without an ACK delay.
|
|
2842
|
+
// |flush| must be called to write it.
|
|
2843
|
+
void (*schedule_ack)(SSL *ssl);
|
|
2844
|
+
// flush writes any scheduled data to the transport. It returns one on success
|
|
2845
|
+
// and <= 0 on error.
|
|
2846
|
+
int (*flush)(SSL *ssl);
|
|
2514
2847
|
// on_handshake_complete is called when the handshake is complete.
|
|
2515
2848
|
void (*on_handshake_complete)(SSL *ssl);
|
|
2516
2849
|
// set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
|
|
2517
|
-
// |level|. In QUIC, |aead_ctx| is a placeholder object
|
|
2518
|
-
// is the original secret. This function returns true
|
|
2519
|
-
// error.
|
|
2850
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object. In TLS 1.3,
|
|
2851
|
+
// |traffic_secret| is the original traffic secret. This function returns true
|
|
2852
|
+
// on success and false on error.
|
|
2853
|
+
//
|
|
2854
|
+
// TODO(crbug.com/371998381): Take the traffic secrets as input and let the
|
|
2855
|
+
// function create the SSLAEADContext.
|
|
2520
2856
|
bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2521
2857
|
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2522
|
-
Span<const uint8_t>
|
|
2858
|
+
Span<const uint8_t> traffic_secret);
|
|
2523
2859
|
// set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
|
|
2524
|
-
// |level|. In QUIC, |aead_ctx| is a placeholder object
|
|
2525
|
-
// is the original secret. This function returns true
|
|
2526
|
-
// error.
|
|
2860
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object In TLS 1.3,
|
|
2861
|
+
// |traffic_secret| is the original traffic secret. This function returns true
|
|
2862
|
+
// on success and false on error.
|
|
2863
|
+
//
|
|
2864
|
+
// TODO(crbug.com/371998381): Take the traffic secrets as input and let the
|
|
2865
|
+
// function create the SSLAEADContext.
|
|
2527
2866
|
bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2528
2867
|
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2529
|
-
Span<const uint8_t>
|
|
2868
|
+
Span<const uint8_t> traffic_secret);
|
|
2530
2869
|
};
|
|
2531
2870
|
|
|
2532
2871
|
// The following wrappers call |open_*| but handle |read_shutdown| correctly.
|
|
@@ -2552,10 +2891,10 @@ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
|
2552
2891
|
Span<uint8_t> in);
|
|
2553
2892
|
|
|
2554
2893
|
struct SSL_X509_METHOD {
|
|
2555
|
-
//
|
|
2556
|
-
//
|
|
2557
|
-
//
|
|
2558
|
-
bool (*
|
|
2894
|
+
// check_CA_list returns one if |names| is a good list of X.509 distinguished
|
|
2895
|
+
// names and zero otherwise. This is used to ensure that we can reject
|
|
2896
|
+
// unparsable values at handshake time when using crypto/x509.
|
|
2897
|
+
bool (*check_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
|
|
2559
2898
|
|
|
2560
2899
|
// cert_clear frees and NULLs all X509 certificate-related state.
|
|
2561
2900
|
void (*cert_clear)(CERT *cert);
|
|
@@ -2716,8 +3055,14 @@ struct SSL3_STATE {
|
|
|
2716
3055
|
// needs re-doing when in SSL_accept or SSL_connect
|
|
2717
3056
|
int rwstate = SSL_ERROR_NONE;
|
|
2718
3057
|
|
|
2719
|
-
enum ssl_encryption_level_t
|
|
2720
|
-
enum ssl_encryption_level_t
|
|
3058
|
+
enum ssl_encryption_level_t quic_read_level = ssl_encryption_initial;
|
|
3059
|
+
enum ssl_encryption_level_t quic_write_level = ssl_encryption_initial;
|
|
3060
|
+
|
|
3061
|
+
// version is the protocol version, or zero if the version has not yet been
|
|
3062
|
+
// set. In clients offering 0-RTT, this version will initially be set to the
|
|
3063
|
+
// early version, then switched to the final version. To distinguish these
|
|
3064
|
+
// cases, use |ssl_has_final_version|.
|
|
3065
|
+
uint16_t version = 0;
|
|
2721
3066
|
|
|
2722
3067
|
// early_data_skipped is the amount of early data that has been skipped by the
|
|
2723
3068
|
// record layer.
|
|
@@ -2740,10 +3085,6 @@ struct SSL3_STATE {
|
|
|
2740
3085
|
// messages when 0RTT is rejected.
|
|
2741
3086
|
bool skip_early_data : 1;
|
|
2742
3087
|
|
|
2743
|
-
// have_version is true if the connection's final version is known. Otherwise
|
|
2744
|
-
// the version has not been negotiated yet.
|
|
2745
|
-
bool have_version : 1;
|
|
2746
|
-
|
|
2747
3088
|
// v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
|
|
2748
3089
|
// and future messages should use the record layer.
|
|
2749
3090
|
bool v2_hello_done : 1;
|
|
@@ -2763,18 +3104,16 @@ struct SSL3_STATE {
|
|
|
2763
3104
|
// session_reused indicates whether a session was resumed.
|
|
2764
3105
|
bool session_reused : 1;
|
|
2765
3106
|
|
|
2766
|
-
// delegated_credential_used is whether we presented a delegated credential to
|
|
2767
|
-
// the peer.
|
|
2768
|
-
bool delegated_credential_used : 1;
|
|
2769
|
-
|
|
2770
3107
|
bool send_connection_binding : 1;
|
|
2771
3108
|
|
|
2772
3109
|
// channel_id_valid is true if, on the server, the client has negotiated a
|
|
2773
3110
|
// Channel ID and the |channel_id| field is filled in.
|
|
2774
3111
|
bool channel_id_valid : 1;
|
|
2775
3112
|
|
|
2776
|
-
// key_update_pending is true if we
|
|
2777
|
-
//
|
|
3113
|
+
// key_update_pending is true if we are in the process of sending a KeyUpdate
|
|
3114
|
+
// message. As a DoS mitigation (and a requirement in DTLS), we never send
|
|
3115
|
+
// more than one KeyUpdate at once. In DTLS, this tracks whether there is an
|
|
3116
|
+
// unACKed KeyUpdate.
|
|
2778
3117
|
bool key_update_pending : 1;
|
|
2779
3118
|
|
|
2780
3119
|
// early_data_accepted is true if early data was accepted by the server.
|
|
@@ -2831,18 +3170,13 @@ struct SSL3_STATE {
|
|
|
2831
3170
|
// one.
|
|
2832
3171
|
UniquePtr<SSL_HANDSHAKE> hs;
|
|
2833
3172
|
|
|
2834
|
-
uint8_t
|
|
2835
|
-
uint8_t
|
|
2836
|
-
uint8_t
|
|
2837
|
-
uint8_t write_traffic_secret_len = 0;
|
|
2838
|
-
uint8_t read_traffic_secret_len = 0;
|
|
2839
|
-
uint8_t exporter_secret_len = 0;
|
|
3173
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> write_traffic_secret;
|
|
3174
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> read_traffic_secret;
|
|
3175
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> exporter_secret;
|
|
2840
3176
|
|
|
2841
3177
|
// Connection binding to prevent renegotiation attacks
|
|
2842
|
-
uint8_t
|
|
2843
|
-
uint8_t
|
|
2844
|
-
uint8_t previous_server_finished_len = 0;
|
|
2845
|
-
uint8_t previous_server_finished[12] = {0};
|
|
3178
|
+
InplaceVector<uint8_t, 12> previous_client_finished;
|
|
3179
|
+
InplaceVector<uint8_t, 12> previous_server_finished;
|
|
2846
3180
|
|
|
2847
3181
|
uint8_t send_alert[2] = {0};
|
|
2848
3182
|
|
|
@@ -2885,13 +3219,67 @@ struct SSL3_STATE {
|
|
|
2885
3219
|
};
|
|
2886
3220
|
|
|
2887
3221
|
// lengths of messages
|
|
2888
|
-
#define
|
|
3222
|
+
#define DTLS1_RT_MAX_HEADER_LENGTH 13
|
|
3223
|
+
|
|
3224
|
+
// DTLS_PLAINTEXT_RECORD_HEADER_LENGTH is the length of the DTLS record header
|
|
3225
|
+
// for plaintext records (in DTLS 1.3) or DTLS versions <= 1.2.
|
|
3226
|
+
#define DTLS_PLAINTEXT_RECORD_HEADER_LENGTH 13
|
|
3227
|
+
|
|
3228
|
+
// DTLS1_3_RECORD_HEADER_LENGTH is the length of the DTLS 1.3 record header
|
|
3229
|
+
// sent by BoringSSL for encrypted records. Note that received encrypted DTLS
|
|
3230
|
+
// 1.3 records might have a different length header.
|
|
3231
|
+
#define DTLS1_3_RECORD_HEADER_WRITE_LENGTH 5
|
|
3232
|
+
|
|
3233
|
+
static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS_PLAINTEXT_RECORD_HEADER_LENGTH,
|
|
3234
|
+
"DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
|
|
3235
|
+
"record header lengths");
|
|
3236
|
+
static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS1_3_RECORD_HEADER_WRITE_LENGTH,
|
|
3237
|
+
"DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
|
|
3238
|
+
"record header lengths");
|
|
2889
3239
|
|
|
2890
3240
|
#define DTLS1_HM_HEADER_LENGTH 12
|
|
2891
3241
|
|
|
2892
|
-
|
|
3242
|
+
// A DTLSMessageBitmap maintains a list of bits which may be marked to indicate
|
|
3243
|
+
// a portion of a message was received or ACKed.
|
|
3244
|
+
class DTLSMessageBitmap {
|
|
3245
|
+
public:
|
|
3246
|
+
// A Range represents a range of bits from |start|, inclusive, to |end|,
|
|
3247
|
+
// exclusive.
|
|
3248
|
+
struct Range {
|
|
3249
|
+
size_t start = 0;
|
|
3250
|
+
size_t end = 0;
|
|
3251
|
+
|
|
3252
|
+
bool empty() const { return start == end; }
|
|
3253
|
+
size_t size() const { return end - start; }
|
|
3254
|
+
bool operator==(const Range &r) const {
|
|
3255
|
+
return start == r.start && end == r.end;
|
|
3256
|
+
}
|
|
3257
|
+
bool operator!=(const Range &r) const { return !(*this == r); }
|
|
3258
|
+
};
|
|
3259
|
+
|
|
3260
|
+
// Init initializes the structure with |num_bits| unmarked bits, from zero
|
|
3261
|
+
// to |num_bits - 1|.
|
|
3262
|
+
bool Init(size_t num_bits);
|
|
3263
|
+
|
|
3264
|
+
// MarkRange marks the bits from |start|, inclusive, to |end|, exclusive.
|
|
3265
|
+
void MarkRange(size_t start, size_t end);
|
|
3266
|
+
|
|
3267
|
+
// NextUnmarkedRange returns the next range of unmarked bits, starting from
|
|
3268
|
+
// |start|, inclusive. If all bits after |start| are marked, it returns an
|
|
3269
|
+
// empty range.
|
|
3270
|
+
Range NextUnmarkedRange(size_t start) const;
|
|
2893
3271
|
|
|
2894
|
-
|
|
3272
|
+
// IsComplete returns whether every bit in the bitmask has been marked.
|
|
3273
|
+
bool IsComplete() const { return bytes_.empty(); }
|
|
3274
|
+
|
|
3275
|
+
private:
|
|
3276
|
+
// bytes_ contains the unmarked bits. We maintain an invariant: if |bytes_| is
|
|
3277
|
+
// not empty, some bit is unset.
|
|
3278
|
+
Array<uint8_t> bytes_;
|
|
3279
|
+
// first_unmarked_byte_ is the index of first byte in |bytes_| that is not
|
|
3280
|
+
// 0xff. This is maintained to amortize checking if the message is complete.
|
|
3281
|
+
size_t first_unmarked_byte_ = 0;
|
|
3282
|
+
};
|
|
2895
3283
|
|
|
2896
3284
|
struct hm_header_st {
|
|
2897
3285
|
uint8_t type;
|
|
@@ -2901,28 +3289,47 @@ struct hm_header_st {
|
|
|
2901
3289
|
uint32_t frag_len;
|
|
2902
3290
|
};
|
|
2903
3291
|
|
|
2904
|
-
// An
|
|
2905
|
-
|
|
3292
|
+
// An DTLSIncomingMessage is an incoming DTLS message, possibly not yet
|
|
3293
|
+
// assembled.
|
|
3294
|
+
struct DTLSIncomingMessage {
|
|
2906
3295
|
static constexpr bool kAllowUniquePtr = true;
|
|
2907
3296
|
|
|
2908
|
-
|
|
2909
|
-
|
|
2910
|
-
|
|
2911
|
-
|
|
2912
|
-
|
|
3297
|
+
Span<uint8_t> msg() { return Span(data).subspan(DTLS1_HM_HEADER_LENGTH); }
|
|
3298
|
+
Span<const uint8_t> msg() const {
|
|
3299
|
+
return Span(data).subspan(DTLS1_HM_HEADER_LENGTH);
|
|
3300
|
+
}
|
|
3301
|
+
size_t msg_len() const { return msg().size(); }
|
|
2913
3302
|
|
|
2914
3303
|
// type is the type of the message.
|
|
2915
3304
|
uint8_t type = 0;
|
|
2916
3305
|
// seq is the sequence number of this message.
|
|
2917
3306
|
uint16_t seq = 0;
|
|
2918
|
-
//
|
|
2919
|
-
|
|
2920
|
-
|
|
2921
|
-
//
|
|
2922
|
-
|
|
2923
|
-
|
|
2924
|
-
|
|
2925
|
-
|
|
3307
|
+
// data contains the message, including the message header of length
|
|
3308
|
+
// |DTLS1_HM_HEADER_LENGTH|.
|
|
3309
|
+
Array<uint8_t> data;
|
|
3310
|
+
// reassembly tracks which parts of the message have been received.
|
|
3311
|
+
DTLSMessageBitmap reassembly;
|
|
3312
|
+
};
|
|
3313
|
+
|
|
3314
|
+
struct DTLSOutgoingMessage {
|
|
3315
|
+
size_t msg_len() const {
|
|
3316
|
+
assert(!is_ccs);
|
|
3317
|
+
assert(data.size() >= DTLS1_HM_HEADER_LENGTH);
|
|
3318
|
+
return data.size() - DTLS1_HM_HEADER_LENGTH;
|
|
3319
|
+
}
|
|
3320
|
+
|
|
3321
|
+
bool IsFullyAcked() const {
|
|
3322
|
+
// ACKs only exist in DTLS 1.3, which does not send ChangeCipherSpec.
|
|
3323
|
+
return !is_ccs && acked.IsComplete();
|
|
3324
|
+
}
|
|
3325
|
+
|
|
3326
|
+
Array<uint8_t> data;
|
|
3327
|
+
uint16_t epoch = 0;
|
|
3328
|
+
bool is_ccs = false;
|
|
3329
|
+
// acked tracks which bits of the message have been ACKed by the peer. If
|
|
3330
|
+
// |msg_len| is zero, it tracks one bit for whether the header has been
|
|
3331
|
+
// received.
|
|
3332
|
+
DTLSMessageBitmap acked;
|
|
2926
3333
|
};
|
|
2927
3334
|
|
|
2928
3335
|
struct OPENSSL_timeval {
|
|
@@ -2930,12 +3337,111 @@ struct OPENSSL_timeval {
|
|
|
2930
3337
|
uint32_t tv_usec;
|
|
2931
3338
|
};
|
|
2932
3339
|
|
|
3340
|
+
struct DTLSTimer {
|
|
3341
|
+
public:
|
|
3342
|
+
static constexpr uint64_t kNever = UINT64_MAX;
|
|
3343
|
+
|
|
3344
|
+
// StartMicroseconds schedules the timer to expire the specified number of
|
|
3345
|
+
// microseconds from |now|.
|
|
3346
|
+
void StartMicroseconds(OPENSSL_timeval now, uint64_t microseconds);
|
|
3347
|
+
|
|
3348
|
+
// Stop disables the timer.
|
|
3349
|
+
void Stop();
|
|
3350
|
+
|
|
3351
|
+
// IsExpired returns true if the timer was set and is expired at time |now|.
|
|
3352
|
+
bool IsExpired(OPENSSL_timeval now) const;
|
|
3353
|
+
|
|
3354
|
+
// IsSet returns true if the timer is scheduled or expired, and false if it is
|
|
3355
|
+
// stopped.
|
|
3356
|
+
bool IsSet() const;
|
|
3357
|
+
|
|
3358
|
+
// MicrosecondsRemaining returns the time remaining, in microseconds, at
|
|
3359
|
+
// |now|, or |kNever| if the timer is unset.
|
|
3360
|
+
uint64_t MicrosecondsRemaining(OPENSSL_timeval now) const;
|
|
3361
|
+
|
|
3362
|
+
private:
|
|
3363
|
+
// expire_time_ is the time when the timer expires, or zero if the timer is
|
|
3364
|
+
// unset.
|
|
3365
|
+
//
|
|
3366
|
+
// TODO(crbug.com/366284846): This is an extremely inconvenient time
|
|
3367
|
+
// representation. Switch libssl to something like a 64-bit count of
|
|
3368
|
+
// microseconds. While it's decidedly past 1970 now, zero is a less obviously
|
|
3369
|
+
// sound distinguished value for the monotonic clock, so maybe we should use a
|
|
3370
|
+
// different distinguished time, like |INT64_MAX| in the microseconds
|
|
3371
|
+
// representation.
|
|
3372
|
+
OPENSSL_timeval expire_time_ = {0, 0};
|
|
3373
|
+
};
|
|
3374
|
+
|
|
3375
|
+
// DTLS_MAX_EXTRA_WRITE_EPOCHS is the maximum number of additional write epochs
|
|
3376
|
+
// that DTLS may need to retain.
|
|
3377
|
+
//
|
|
3378
|
+
// The maximum is, as a DTLS 1.3 server, immediately after sending Finished. At
|
|
3379
|
+
// this point, the current epoch is the application write keys (epoch 3), but we
|
|
3380
|
+
// may have ServerHello (epoch 0) and EncryptedExtensions (epoch 1) to
|
|
3381
|
+
// retransmit. KeyUpdate does not increase this count. If the server were to
|
|
3382
|
+
// initiate KeyUpdate from this state, it would not apply the new epoch until
|
|
3383
|
+
// the client's ACKs have caught up. At that point, epochs 0 and 1 can be
|
|
3384
|
+
// discarded.
|
|
3385
|
+
#define DTLS_MAX_EXTRA_WRITE_EPOCHS 2
|
|
3386
|
+
|
|
3387
|
+
// DTLS_MAX_ACK_BUFFER is the maximum number of records worth of data we'll keep
|
|
3388
|
+
// track of with DTLS 1.3 ACKs. When we exceed this value, information about
|
|
3389
|
+
// stale records will be dropped. This will not break the connection but may
|
|
3390
|
+
// cause ACKs to perform worse and retransmit unnecessary information.
|
|
3391
|
+
#define DTLS_MAX_ACK_BUFFER 32
|
|
3392
|
+
|
|
3393
|
+
// A DTLSSentRecord records information about a record we sent. Each record
|
|
3394
|
+
// covers all bytes from |first_msg_start| (inclusive) of |first_msg| to
|
|
3395
|
+
// |last_msg_end| (exclusive) of |last_msg|. Messages are referenced by index
|
|
3396
|
+
// into |outgoing_messages|. |last_msg_end| may be |outgoing_messages.size()| if
|
|
3397
|
+
// |last_msg_end| is zero.
|
|
3398
|
+
//
|
|
3399
|
+
// When the message is empty, |first_msg_start| and |last_msg_end| are
|
|
3400
|
+
// maintained as if there is a single bit in the message representing the
|
|
3401
|
+
// header. See |acked| in DTLSOutgoingMessage.
|
|
3402
|
+
struct DTLSSentRecord {
|
|
3403
|
+
DTLSRecordNumber number;
|
|
3404
|
+
PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> first_msg = 0;
|
|
3405
|
+
PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> last_msg = 0;
|
|
3406
|
+
uint32_t first_msg_start = 0;
|
|
3407
|
+
uint32_t last_msg_end = 0;
|
|
3408
|
+
};
|
|
3409
|
+
|
|
3410
|
+
enum class QueuedKeyUpdate {
|
|
3411
|
+
kNone,
|
|
3412
|
+
kUpdateNotRequested,
|
|
3413
|
+
kUpdateRequested,
|
|
3414
|
+
};
|
|
3415
|
+
|
|
3416
|
+
// DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS is how long to retain the previous read
|
|
3417
|
+
// epoch in DTLS 1.3. This value is set based on the following:
|
|
3418
|
+
//
|
|
3419
|
+
// - Section 4.2.1 of RFC 9147 recommends retaining past read epochs for the
|
|
3420
|
+
// default TCP MSL. This accommodates packet reordering with KeyUpdate.
|
|
3421
|
+
//
|
|
3422
|
+
// - Section 5.8.1 of RFC 9147 requires being capable of ACKing the client's
|
|
3423
|
+
// final flight for at least twice the default MSL. That requires retaining
|
|
3424
|
+
// epoch 2 after the handshake.
|
|
3425
|
+
//
|
|
3426
|
+
// - Section 4 of RFC 9293 defines the MSL to be two minutes.
|
|
3427
|
+
#define DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS (4 * 60)
|
|
3428
|
+
|
|
3429
|
+
struct DTLSPrevReadEpoch {
|
|
3430
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
3431
|
+
DTLSReadEpoch epoch;
|
|
3432
|
+
// expire is the expiration time of the read epoch, expressed as a POSIX
|
|
3433
|
+
// timestamp in seconds.
|
|
3434
|
+
uint64_t expire;
|
|
3435
|
+
};
|
|
3436
|
+
|
|
2933
3437
|
struct DTLS1_STATE {
|
|
2934
3438
|
static constexpr bool kAllowUniquePtr = true;
|
|
2935
3439
|
|
|
2936
3440
|
DTLS1_STATE();
|
|
2937
3441
|
~DTLS1_STATE();
|
|
2938
3442
|
|
|
3443
|
+
bool Init();
|
|
3444
|
+
|
|
2939
3445
|
// has_change_cipher_spec is true if we have received a ChangeCipherSpec from
|
|
2940
3446
|
// the peer in this epoch.
|
|
2941
3447
|
bool has_change_cipher_spec : 1;
|
|
@@ -2950,31 +3456,63 @@ struct DTLS1_STATE {
|
|
|
2950
3456
|
// peer sent the final flight.
|
|
2951
3457
|
bool flight_has_reply : 1;
|
|
2952
3458
|
|
|
2953
|
-
//
|
|
2954
|
-
//
|
|
2955
|
-
|
|
2956
|
-
|
|
3459
|
+
// handshake_write_overflow and handshake_read_overflow are true if
|
|
3460
|
+
// handshake_write_seq and handshake_read_seq, respectively have overflowed.
|
|
3461
|
+
bool handshake_write_overflow : 1;
|
|
3462
|
+
bool handshake_read_overflow : 1;
|
|
2957
3463
|
|
|
2958
|
-
//
|
|
2959
|
-
|
|
3464
|
+
// sending_flight and sending_ack are true if we are in the process of sending
|
|
3465
|
+
// a handshake flight and ACK, respectively.
|
|
3466
|
+
bool sending_flight : 1;
|
|
3467
|
+
bool sending_ack : 1;
|
|
3468
|
+
|
|
3469
|
+
// queued_key_update, if not kNone, indicates we've queued a KeyUpdate message
|
|
3470
|
+
// to send after the current flight is ACKed.
|
|
3471
|
+
QueuedKeyUpdate queued_key_update : 2;
|
|
2960
3472
|
|
|
2961
3473
|
uint16_t handshake_write_seq = 0;
|
|
2962
3474
|
uint16_t handshake_read_seq = 0;
|
|
2963
3475
|
|
|
2964
|
-
//
|
|
2965
|
-
|
|
2966
|
-
|
|
3476
|
+
// read_epoch is the current read epoch.
|
|
3477
|
+
DTLSReadEpoch read_epoch;
|
|
3478
|
+
|
|
3479
|
+
// next_read_epoch is the next read epoch in DTLS 1.3. It will become
|
|
3480
|
+
// current once a record is received from it.
|
|
3481
|
+
UniquePtr<DTLSReadEpoch> next_read_epoch;
|
|
3482
|
+
|
|
3483
|
+
// prev_read_epoch is the previous read epoch in DTLS 1.3.
|
|
3484
|
+
UniquePtr<DTLSPrevReadEpoch> prev_read_epoch;
|
|
3485
|
+
|
|
3486
|
+
// write_epoch is the current DTLS write epoch. Non-retransmit records will
|
|
3487
|
+
// generally use this epoch.
|
|
3488
|
+
// TODO(crbug.com/381113363): 0-RTT will be the exception, when implemented.
|
|
3489
|
+
DTLSWriteEpoch write_epoch;
|
|
3490
|
+
|
|
3491
|
+
// extra_write_epochs is the collection available write epochs.
|
|
3492
|
+
InplaceVector<UniquePtr<DTLSWriteEpoch>, DTLS_MAX_EXTRA_WRITE_EPOCHS>
|
|
3493
|
+
extra_write_epochs;
|
|
2967
3494
|
|
|
2968
3495
|
// incoming_messages is a ring buffer of incoming handshake messages that have
|
|
2969
3496
|
// yet to be processed. The front of the ring buffer is message number
|
|
2970
3497
|
// |handshake_read_seq|, at position |handshake_read_seq| %
|
|
2971
3498
|
// |SSL_MAX_HANDSHAKE_FLIGHT|.
|
|
2972
|
-
UniquePtr<
|
|
3499
|
+
UniquePtr<DTLSIncomingMessage> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
|
|
2973
3500
|
|
|
2974
3501
|
// outgoing_messages is the queue of outgoing messages from the last handshake
|
|
2975
3502
|
// flight.
|
|
2976
|
-
|
|
2977
|
-
|
|
3503
|
+
InplaceVector<DTLSOutgoingMessage, SSL_MAX_HANDSHAKE_FLIGHT>
|
|
3504
|
+
outgoing_messages;
|
|
3505
|
+
|
|
3506
|
+
// sent_records is a queue of records we sent, for processing ACKs. To save
|
|
3507
|
+
// memory in the steady state, the structure is stored on the heap and dropped
|
|
3508
|
+
// when empty.
|
|
3509
|
+
UniquePtr<MRUQueue<DTLSSentRecord, DTLS_MAX_ACK_BUFFER>> sent_records;
|
|
3510
|
+
|
|
3511
|
+
// records_to_ack is a queue of received records that we should ACK. This is
|
|
3512
|
+
// not stored on the heap because, in the steady state, DTLS 1.3 does not
|
|
3513
|
+
// necessarily empty this list. (We probably could drop records from here once
|
|
3514
|
+
// they are sufficiently old.)
|
|
3515
|
+
MRUQueue<DTLSRecordNumber, DTLS_MAX_ACK_BUFFER> records_to_ack;
|
|
2978
3516
|
|
|
2979
3517
|
// outgoing_written is the number of outgoing messages that have been
|
|
2980
3518
|
// written.
|
|
@@ -2989,12 +3527,15 @@ struct DTLS1_STATE {
|
|
|
2989
3527
|
// the last time it was reset.
|
|
2990
3528
|
unsigned num_timeouts = 0;
|
|
2991
3529
|
|
|
2992
|
-
//
|
|
2993
|
-
//
|
|
2994
|
-
|
|
3530
|
+
// retransmit_timer tracks when to schedule the next DTLS retransmit if we do
|
|
3531
|
+
// not hear from the peer.
|
|
3532
|
+
DTLSTimer retransmit_timer;
|
|
3533
|
+
|
|
3534
|
+
// ack_timer tracks when to send an ACK.
|
|
3535
|
+
DTLSTimer ack_timer;
|
|
2995
3536
|
|
|
2996
3537
|
// timeout_duration_ms is the timeout duration in milliseconds.
|
|
2997
|
-
|
|
3538
|
+
uint32_t timeout_duration_ms = 0;
|
|
2998
3539
|
};
|
|
2999
3540
|
|
|
3000
3541
|
// An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
|
|
@@ -3060,6 +3601,13 @@ struct SSL_CONFIG {
|
|
|
3060
3601
|
// |client_CA|.
|
|
3061
3602
|
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
|
|
3062
3603
|
|
|
3604
|
+
// For client side, keep the list of CA distinguished names we can use
|
|
3605
|
+
// for the Certificate Authorities extension.
|
|
3606
|
+
// TODO(bbe) having this separate from the client side (above) is mildly
|
|
3607
|
+
// silly, but OpenSSL has *_client_CA API's for this exposed, and for the
|
|
3608
|
+
// moment we are not crossing those streams.
|
|
3609
|
+
UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
|
|
3610
|
+
|
|
3063
3611
|
Array<uint16_t> supported_group_list; // our list
|
|
3064
3612
|
|
|
3065
3613
|
// channel_id_private is the client's Channel ID private key, or null if
|
|
@@ -3072,7 +3620,7 @@ struct SSL_CONFIG {
|
|
|
3072
3620
|
|
|
3073
3621
|
// alps_configs contains the list of supported protocols to use with ALPS,
|
|
3074
3622
|
// along with their corresponding ALPS values.
|
|
3075
|
-
|
|
3623
|
+
Vector<ALPSConfig> alps_configs;
|
|
3076
3624
|
|
|
3077
3625
|
// Contains the QUIC transport params that this endpoint will send.
|
|
3078
3626
|
Array<uint8_t> quic_transport_params;
|
|
@@ -3092,9 +3640,9 @@ struct SSL_CONFIG {
|
|
|
3092
3640
|
// structure for the client to use when negotiating ECH.
|
|
3093
3641
|
Array<uint8_t> client_ech_config_list;
|
|
3094
3642
|
|
|
3095
|
-
//
|
|
3643
|
+
// compliance_policy limits the set of ciphers that can be selected when
|
|
3096
3644
|
// negotiating a TLS 1.3 connection.
|
|
3097
|
-
enum ssl_compliance_policy_t
|
|
3645
|
+
enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
|
|
3098
3646
|
|
|
3099
3647
|
// verify_mode is a bitmask of |SSL_VERIFY_*| values.
|
|
3100
3648
|
uint8_t verify_mode = SSL_VERIFY_NONE;
|
|
@@ -3168,18 +3716,21 @@ struct SSL_CONFIG {
|
|
|
3168
3716
|
static const size_t kMaxEarlyDataAccepted = 14336;
|
|
3169
3717
|
|
|
3170
3718
|
UniquePtr<CERT> ssl_cert_dup(CERT *cert);
|
|
3171
|
-
void ssl_cert_clear_certs(CERT *cert);
|
|
3172
3719
|
bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer);
|
|
3173
3720
|
bool ssl_is_key_type_supported(int key_type);
|
|
3174
3721
|
// ssl_compare_public_and_private_key returns true if |pubkey| is the public
|
|
3175
3722
|
// counterpart to |privkey|. Otherwise it returns false and pushes a helpful
|
|
3176
3723
|
// message on the error queue.
|
|
3177
3724
|
bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
|
|
3178
|
-
|
|
3179
|
-
bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
|
|
3725
|
+
const EVP_PKEY *privkey);
|
|
3180
3726
|
bool ssl_get_new_session(SSL_HANDSHAKE *hs);
|
|
3727
|
+
|
|
3728
|
+
// ssl_encrypt_ticket encrypt a ticket for |session| and writes the result to
|
|
3729
|
+
// |out|. It returns true on success and false on error. If, on success, nothing
|
|
3730
|
+
// was written to |out|, the caller should skip sending a ticket.
|
|
3181
3731
|
bool ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
|
|
3182
3732
|
const SSL_SESSION *session);
|
|
3733
|
+
|
|
3183
3734
|
bool ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
|
|
3184
3735
|
|
|
3185
3736
|
// ssl_session_new returns a newly-allocated blank |SSL_SESSION| or nullptr on
|
|
@@ -3200,6 +3751,20 @@ OPENSSL_EXPORT UniquePtr<SSL_SESSION> SSL_SESSION_parse(
|
|
|
3200
3751
|
// error.
|
|
3201
3752
|
OPENSSL_EXPORT bool ssl_session_serialize(const SSL_SESSION *in, CBB *cbb);
|
|
3202
3753
|
|
|
3754
|
+
enum class SSLSessionType {
|
|
3755
|
+
// The session is not resumable.
|
|
3756
|
+
kNotResumable,
|
|
3757
|
+
// The session uses a TLS 1.2 session ID.
|
|
3758
|
+
kID,
|
|
3759
|
+
// The session uses a TLS 1.2 ticket.
|
|
3760
|
+
kTicket,
|
|
3761
|
+
// The session uses a TLS 1.3 pre-shared key.
|
|
3762
|
+
kPreSharedKey,
|
|
3763
|
+
};
|
|
3764
|
+
|
|
3765
|
+
// ssl_session_get_type returns the type of |session|.
|
|
3766
|
+
SSLSessionType ssl_session_get_type(const SSL_SESSION *session);
|
|
3767
|
+
|
|
3203
3768
|
// ssl_session_is_context_valid returns whether |session|'s session ID context
|
|
3204
3769
|
// matches the one set on |hs|.
|
|
3205
3770
|
bool ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
|
|
@@ -3284,13 +3849,15 @@ bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
|
3284
3849
|
bool tls_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3285
3850
|
bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
3286
3851
|
bool tls_add_change_cipher_spec(SSL *ssl);
|
|
3287
|
-
int
|
|
3852
|
+
int tls_flush(SSL *ssl);
|
|
3288
3853
|
|
|
3289
3854
|
bool dtls1_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
3290
3855
|
bool dtls1_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3291
3856
|
bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
3292
3857
|
bool dtls1_add_change_cipher_spec(SSL *ssl);
|
|
3293
|
-
|
|
3858
|
+
void dtls1_finish_flight(SSL *ssl);
|
|
3859
|
+
void dtls1_schedule_ack(SSL *ssl);
|
|
3860
|
+
int dtls1_flush(SSL *ssl);
|
|
3294
3861
|
|
|
3295
3862
|
// ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
|
|
3296
3863
|
// the pending flight. It returns true on success and false on error.
|
|
@@ -3300,6 +3867,9 @@ bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
|
|
|
3300
3867
|
// on success and false on allocation failure.
|
|
3301
3868
|
bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
|
|
3302
3869
|
|
|
3870
|
+
ssl_open_record_t dtls1_process_ack(SSL *ssl, uint8_t *out_alert,
|
|
3871
|
+
DTLSRecordNumber ack_record_number,
|
|
3872
|
+
Span<const uint8_t> data);
|
|
3303
3873
|
ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
3304
3874
|
size_t *out_consumed, uint8_t *out_alert,
|
|
3305
3875
|
Span<uint8_t> in);
|
|
@@ -3313,21 +3883,29 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
|
|
|
3313
3883
|
// dtls1_write_record sends a record. It returns one on success and <= 0 on
|
|
3314
3884
|
// error.
|
|
3315
3885
|
int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
|
|
3316
|
-
|
|
3886
|
+
uint16_t epoch);
|
|
3317
3887
|
|
|
3318
|
-
int dtls1_retransmit_outgoing_messages(SSL *ssl);
|
|
3319
3888
|
bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
|
|
3320
3889
|
CBS *out_body);
|
|
3321
|
-
bool dtls1_check_timeout_num(SSL *ssl);
|
|
3322
3890
|
|
|
3323
|
-
|
|
3891
|
+
// DTLS1_MTU_TIMEOUTS is the maximum number of retransmit timeouts to expire
|
|
3892
|
+
// before starting to decrease the MTU.
|
|
3893
|
+
#define DTLS1_MTU_TIMEOUTS 2
|
|
3894
|
+
|
|
3895
|
+
// DTLS1_MAX_TIMEOUTS is the maximum number of retransmit timeouts to expire
|
|
3896
|
+
// before failing the DTLS handshake.
|
|
3897
|
+
#define DTLS1_MAX_TIMEOUTS 12
|
|
3898
|
+
|
|
3324
3899
|
void dtls1_stop_timer(SSL *ssl);
|
|
3325
|
-
|
|
3900
|
+
|
|
3326
3901
|
unsigned int dtls1_min_mtu(void);
|
|
3327
3902
|
|
|
3328
3903
|
bool dtls1_new(SSL *ssl);
|
|
3329
3904
|
void dtls1_free(SSL *ssl);
|
|
3330
3905
|
|
|
3906
|
+
bool dtls1_process_handshake_fragments(SSL *ssl, uint8_t *out_alert,
|
|
3907
|
+
DTLSRecordNumber record_number,
|
|
3908
|
+
Span<const uint8_t> record);
|
|
3331
3909
|
bool dtls1_get_message(const SSL *ssl, SSLMessage *out);
|
|
3332
3910
|
ssl_open_record_t dtls1_open_handshake(SSL *ssl, size_t *out_consumed,
|
|
3333
3911
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
@@ -3346,8 +3924,11 @@ bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
|
|
|
3346
3924
|
|
|
3347
3925
|
bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
|
|
3348
3926
|
evp_aead_direction_t direction);
|
|
3349
|
-
|
|
3350
|
-
|
|
3927
|
+
|
|
3928
|
+
// tls1_generate_master_secret computes the master secret from |premaster| and
|
|
3929
|
+
// writes it to |out|. |out| must have size |SSL3_MASTER_SECRET_SIZE|.
|
|
3930
|
+
bool tls1_generate_master_secret(SSL_HANDSHAKE *hs, Span<uint8_t> out,
|
|
3931
|
+
Span<const uint8_t> premaster);
|
|
3351
3932
|
|
|
3352
3933
|
// tls1_get_grouplist returns the locally-configured group preference list.
|
|
3353
3934
|
Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *ssl);
|
|
@@ -3426,9 +4007,7 @@ bool ssl_can_write(const SSL *ssl);
|
|
|
3426
4007
|
// ssl_can_read returns wheter |ssl| is allowed to read.
|
|
3427
4008
|
bool ssl_can_read(const SSL *ssl);
|
|
3428
4009
|
|
|
3429
|
-
|
|
3430
|
-
void ssl_ctx_get_current_time(const SSL_CTX *ctx,
|
|
3431
|
-
struct OPENSSL_timeval *out_clock);
|
|
4010
|
+
OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx);
|
|
3432
4011
|
|
|
3433
4012
|
// ssl_reset_error_state resets state for |SSL_get_error|.
|
|
3434
4013
|
void ssl_reset_error_state(SSL *ssl);
|
|
@@ -3459,7 +4038,7 @@ struct ssl_method_st {
|
|
|
3459
4038
|
const bssl::SSL_X509_METHOD *x509_method;
|
|
3460
4039
|
};
|
|
3461
4040
|
|
|
3462
|
-
struct ssl_ctx_st {
|
|
4041
|
+
struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
|
|
3463
4042
|
explicit ssl_ctx_st(const SSL_METHOD *ssl_method);
|
|
3464
4043
|
ssl_ctx_st(const ssl_ctx_st &) = delete;
|
|
3465
4044
|
ssl_ctx_st &operator=(const ssl_ctx_st &) = delete;
|
|
@@ -3529,8 +4108,6 @@ struct ssl_ctx_st {
|
|
|
3529
4108
|
SSL_SESSION *(*get_session_cb)(SSL *ssl, const uint8_t *data, int len,
|
|
3530
4109
|
int *copy) = nullptr;
|
|
3531
4110
|
|
|
3532
|
-
CRYPTO_refcount_t references = 1;
|
|
3533
|
-
|
|
3534
4111
|
// if defined, these override the X509_verify_cert() calls
|
|
3535
4112
|
int (*app_verify_callback)(X509_STORE_CTX *store_ctx, void *arg) = nullptr;
|
|
3536
4113
|
void *app_verify_arg = nullptr;
|
|
@@ -3561,6 +4138,8 @@ struct ssl_ctx_st {
|
|
|
3561
4138
|
// |client_CA|.
|
|
3562
4139
|
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
|
|
3563
4140
|
|
|
4141
|
+
// What we put in client hello in the CA extension.
|
|
4142
|
+
bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
|
|
3564
4143
|
|
|
3565
4144
|
// Default values to use in SSL structures follow (these are copied by
|
|
3566
4145
|
// SSL_new)
|
|
@@ -3670,7 +4249,7 @@ struct ssl_ctx_st {
|
|
|
3670
4249
|
bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
|
|
3671
4250
|
|
|
3672
4251
|
// Defined compression algorithms for certificates.
|
|
3673
|
-
bssl::
|
|
4252
|
+
bssl::Vector<bssl::CertCompressionAlg> cert_compression_algs;
|
|
3674
4253
|
|
|
3675
4254
|
// Supported group values inherited by SSL structure
|
|
3676
4255
|
bssl::Array<uint16_t> supported_group_list;
|
|
@@ -3706,9 +4285,9 @@ struct ssl_ctx_st {
|
|
|
3706
4285
|
int (*legacy_ocsp_callback)(SSL *ssl, void *arg) = nullptr;
|
|
3707
4286
|
void *legacy_ocsp_callback_arg = nullptr;
|
|
3708
4287
|
|
|
3709
|
-
//
|
|
4288
|
+
// compliance_policy limits the set of ciphers that can be selected when
|
|
3710
4289
|
// negotiating a TLS 1.3 connection.
|
|
3711
|
-
enum ssl_compliance_policy_t
|
|
4290
|
+
enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
|
|
3712
4291
|
|
|
3713
4292
|
// verify_sigalgs, if not empty, is the set of signature algorithms
|
|
3714
4293
|
// accepted from the peer in decreasing order of preference.
|
|
@@ -3767,8 +4346,8 @@ struct ssl_ctx_st {
|
|
|
3767
4346
|
bool aes_hw_override_value : 1;
|
|
3768
4347
|
|
|
3769
4348
|
private:
|
|
4349
|
+
friend RefCounted;
|
|
3770
4350
|
~ssl_ctx_st();
|
|
3771
|
-
friend OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *);
|
|
3772
4351
|
};
|
|
3773
4352
|
|
|
3774
4353
|
struct ssl_st {
|
|
@@ -3787,9 +4366,6 @@ struct ssl_st {
|
|
|
3787
4366
|
// that instead, and skip the null check.)
|
|
3788
4367
|
bssl::UniquePtr<bssl::SSL_CONFIG> config;
|
|
3789
4368
|
|
|
3790
|
-
// version is the protocol version.
|
|
3791
|
-
uint16_t version = 0;
|
|
3792
|
-
|
|
3793
4369
|
uint16_t max_send_fragment = 0;
|
|
3794
4370
|
|
|
3795
4371
|
// There are 2 BIO's even though they are normally both the same. This is so
|
|
@@ -3815,11 +4391,9 @@ struct ssl_st {
|
|
|
3815
4391
|
// session info
|
|
3816
4392
|
|
|
3817
4393
|
// initial_timeout_duration_ms is the default DTLS timeout duration in
|
|
3818
|
-
// milliseconds. It's used to initialize the timer any time it's restarted.
|
|
3819
|
-
//
|
|
3820
|
-
|
|
3821
|
-
// second.
|
|
3822
|
-
unsigned initial_timeout_duration_ms = 1000;
|
|
4394
|
+
// milliseconds. It's used to initialize the timer any time it's restarted. We
|
|
4395
|
+
// default to RFC 9147's recommendation for real-time applications, 400ms.
|
|
4396
|
+
uint32_t initial_timeout_duration_ms = 400;
|
|
3823
4397
|
|
|
3824
4398
|
// session is the configured session to be offered by the client. This session
|
|
3825
4399
|
// is immutable.
|
|
@@ -3860,13 +4434,11 @@ struct ssl_st {
|
|
|
3860
4434
|
bool enable_early_data : 1;
|
|
3861
4435
|
};
|
|
3862
4436
|
|
|
3863
|
-
struct ssl_session_st {
|
|
4437
|
+
struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
|
|
3864
4438
|
explicit ssl_session_st(const bssl::SSL_X509_METHOD *method);
|
|
3865
4439
|
ssl_session_st(const ssl_session_st &) = delete;
|
|
3866
4440
|
ssl_session_st &operator=(const ssl_session_st &) = delete;
|
|
3867
4441
|
|
|
3868
|
-
CRYPTO_refcount_t references = 1;
|
|
3869
|
-
|
|
3870
4442
|
// ssl_version is the (D)TLS version that established the session.
|
|
3871
4443
|
uint16_t ssl_version = 0;
|
|
3872
4444
|
|
|
@@ -3882,17 +4454,14 @@ struct ssl_session_st {
|
|
|
3882
4454
|
// session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
|
|
3883
4455
|
// the caller, but it stores the resumption secret when stored on |SSL|
|
|
3884
4456
|
// objects.
|
|
3885
|
-
uint8_t
|
|
3886
|
-
|
|
4457
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_MASTER_KEY_LENGTH> secret;
|
|
4458
|
+
|
|
4459
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
|
|
3887
4460
|
|
|
3888
|
-
// session_id - valid?
|
|
3889
|
-
uint8_t session_id_length = 0;
|
|
3890
|
-
uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
|
|
3891
4461
|
// this is used to determine whether the session is being reused in
|
|
3892
4462
|
// the appropriate context. It is up to the application to set this,
|
|
3893
4463
|
// via SSL_new
|
|
3894
|
-
uint8_t
|
|
3895
|
-
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
|
|
4464
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
|
|
3896
4465
|
|
|
3897
4466
|
bssl::UniquePtr<char> psk_identity;
|
|
3898
4467
|
|
|
@@ -3955,8 +4524,7 @@ struct ssl_session_st {
|
|
|
3955
4524
|
// original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
|
|
3956
4525
|
// SHA-2, depending on TLS version) for the original, full handshake that
|
|
3957
4526
|
// created a session. This is used by Channel IDs during resumption.
|
|
3958
|
-
uint8_t
|
|
3959
|
-
uint8_t original_handshake_hash_len = 0;
|
|
4527
|
+
bssl::InplaceVector<uint8_t, EVP_MAX_MD_SIZE> original_handshake_hash;
|
|
3960
4528
|
|
|
3961
4529
|
uint32_t ticket_lifetime_hint = 0; // Session lifetime hint in seconds
|
|
3962
4530
|
|
|
@@ -4009,21 +4577,18 @@ struct ssl_session_st {
|
|
|
4009
4577
|
bssl::Array<uint8_t> quic_early_data_context;
|
|
4010
4578
|
|
|
4011
4579
|
private:
|
|
4580
|
+
friend RefCounted;
|
|
4012
4581
|
~ssl_session_st();
|
|
4013
|
-
friend OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *);
|
|
4014
4582
|
};
|
|
4015
4583
|
|
|
4016
|
-
struct ssl_ech_keys_st {
|
|
4017
|
-
ssl_ech_keys_st()
|
|
4018
|
-
ssl_ech_keys_st(const ssl_ech_keys_st &) = delete;
|
|
4019
|
-
ssl_ech_keys_st &operator=(const ssl_ech_keys_st &) = delete;
|
|
4584
|
+
struct ssl_ech_keys_st : public bssl::RefCounted<ssl_ech_keys_st> {
|
|
4585
|
+
ssl_ech_keys_st() : RefCounted(CheckSubClass()) {}
|
|
4020
4586
|
|
|
4021
|
-
bssl::
|
|
4022
|
-
CRYPTO_refcount_t references = 1;
|
|
4587
|
+
bssl::Vector<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
|
|
4023
4588
|
|
|
4024
4589
|
private:
|
|
4590
|
+
friend RefCounted;
|
|
4025
4591
|
~ssl_ech_keys_st() = default;
|
|
4026
|
-
friend OPENSSL_EXPORT void SSL_ECH_KEYS_free(SSL_ECH_KEYS *);
|
|
4027
4592
|
};
|
|
4028
4593
|
|
|
4029
4594
|
#endif // OPENSSL_HEADER_SSL_INTERNAL_H
|