grpc 1.63.0 → 1.72.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3500) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +480 -478
  3. data/include/grpc/compression.h +1 -2
  4. data/include/grpc/credentials.h +1221 -0
  5. data/include/grpc/event_engine/README.md +1 -1
  6. data/include/grpc/event_engine/endpoint_config.h +7 -7
  7. data/include/grpc/event_engine/event_engine.h +83 -20
  8. data/include/grpc/event_engine/extensible.h +5 -2
  9. data/include/grpc/event_engine/internal/memory_allocator_impl.h +4 -4
  10. data/include/grpc/event_engine/internal/slice_cast.h +1 -1
  11. data/include/grpc/event_engine/memory_allocator.h +3 -4
  12. data/include/grpc/event_engine/memory_request.h +19 -2
  13. data/include/grpc/event_engine/slice.h +3 -5
  14. data/include/grpc/event_engine/slice_buffer.h +6 -8
  15. data/include/grpc/grpc.h +8 -2
  16. data/include/grpc/grpc_audit_logging.h +3 -3
  17. data/include/grpc/grpc_crl_provider.h +5 -4
  18. data/include/grpc/grpc_posix.h +1 -2
  19. data/include/grpc/grpc_security.h +1 -1173
  20. data/include/grpc/impl/call.h +2 -2
  21. data/include/grpc/impl/channel_arg_names.h +78 -55
  22. data/include/grpc/impl/grpc_types.h +1 -2
  23. data/include/grpc/impl/slice_type.h +1 -2
  24. data/include/grpc/module.modulemap +2 -0
  25. data/include/grpc/passive_listener.h +62 -0
  26. data/include/grpc/status.h +1 -1
  27. data/include/grpc/support/alloc.h +1 -2
  28. data/include/grpc/support/atm.h +0 -13
  29. data/include/grpc/support/json.h +17 -18
  30. data/include/grpc/support/log.h +37 -64
  31. data/include/grpc/support/metrics.h +21 -6
  32. data/include/grpc/support/port_platform.h +31 -1
  33. data/include/grpc/support/sync_generic.h +2 -4
  34. data/include/grpc/support/sync_posix.h +1 -2
  35. data/include/grpc/support/time.h +1 -2
  36. data/include/grpc/support/workaround_list.h +1 -4
  37. data/src/core/call/call_arena_allocator.cc +27 -0
  38. data/src/core/call/call_arena_allocator.h +91 -0
  39. data/src/core/call/call_destination.h +76 -0
  40. data/src/core/call/call_filters.cc +148 -0
  41. data/src/core/call/call_filters.h +1967 -0
  42. data/src/core/call/call_finalization.h +88 -0
  43. data/src/core/call/call_spine.cc +90 -0
  44. data/src/core/call/call_spine.h +644 -0
  45. data/src/core/call/call_state.cc +39 -0
  46. data/src/core/call/call_state.h +1154 -0
  47. data/src/core/call/client_call.cc +458 -0
  48. data/src/core/call/client_call.h +192 -0
  49. data/src/core/call/custom_metadata.h +30 -0
  50. data/src/core/call/interception_chain.cc +155 -0
  51. data/src/core/call/interception_chain.h +282 -0
  52. data/src/core/call/message.cc +44 -0
  53. data/src/core/call/message.h +70 -0
  54. data/src/core/call/metadata.cc +61 -0
  55. data/src/core/call/metadata.h +201 -0
  56. data/src/core/call/metadata_batch.cc +383 -0
  57. data/src/core/call/metadata_batch.h +1668 -0
  58. data/src/core/call/metadata_compression_traits.h +66 -0
  59. data/src/core/call/metadata_info.cc +73 -0
  60. data/src/core/call/metadata_info.h +85 -0
  61. data/src/core/call/parsed_metadata.cc +35 -0
  62. data/src/core/call/parsed_metadata.h +429 -0
  63. data/src/core/call/request_buffer.cc +224 -0
  64. data/src/core/call/request_buffer.h +192 -0
  65. data/src/core/call/security_context.cc +125 -0
  66. data/src/core/call/security_context.h +114 -0
  67. data/src/core/call/server_call.cc +259 -0
  68. data/src/core/call/server_call.h +169 -0
  69. data/src/core/call/simple_slice_based_metadata.h +53 -0
  70. data/src/core/call/status_util.cc +153 -0
  71. data/src/core/call/status_util.h +80 -0
  72. data/src/core/channelz/channel_trace.cc +180 -0
  73. data/src/core/channelz/channel_trace.h +138 -0
  74. data/src/core/channelz/channelz.cc +670 -0
  75. data/src/core/channelz/channelz.h +402 -0
  76. data/src/core/channelz/channelz_registry.cc +274 -0
  77. data/src/core/channelz/channelz_registry.h +101 -0
  78. data/src/core/client_channel/backup_poller.cc +25 -16
  79. data/src/core/client_channel/client_channel.cc +1423 -0
  80. data/src/core/client_channel/client_channel.h +246 -0
  81. data/src/core/client_channel/client_channel_args.h +21 -0
  82. data/src/core/client_channel/client_channel_factory.cc +2 -2
  83. data/src/core/client_channel/client_channel_factory.h +1 -2
  84. data/src/core/client_channel/client_channel_filter.cc +441 -1045
  85. data/src/core/client_channel/client_channel_filter.h +35 -88
  86. data/src/core/client_channel/client_channel_internal.h +26 -11
  87. data/src/core/client_channel/client_channel_plugin.cc +4 -18
  88. data/src/core/client_channel/client_channel_service_config.cc +3 -4
  89. data/src/core/client_channel/client_channel_service_config.h +13 -15
  90. data/src/core/client_channel/config_selector.h +26 -26
  91. data/src/core/client_channel/connector.h +4 -4
  92. data/src/core/client_channel/direct_channel.cc +83 -0
  93. data/src/core/client_channel/direct_channel.h +101 -0
  94. data/src/core/client_channel/dynamic_filters.cc +19 -17
  95. data/src/core/client_channel/dynamic_filters.h +9 -11
  96. data/src/core/client_channel/global_subchannel_pool.cc +2 -2
  97. data/src/core/client_channel/global_subchannel_pool.h +2 -3
  98. data/src/core/client_channel/lb_metadata.cc +119 -0
  99. data/src/core/client_channel/lb_metadata.h +55 -0
  100. data/src/core/client_channel/load_balanced_call_destination.cc +273 -0
  101. data/src/core/client_channel/load_balanced_call_destination.h +48 -0
  102. data/src/core/client_channel/local_subchannel_pool.cc +6 -7
  103. data/src/core/client_channel/local_subchannel_pool.h +1 -1
  104. data/src/core/client_channel/retry_filter.cc +9 -18
  105. data/src/core/client_channel/retry_filter.h +10 -18
  106. data/src/core/client_channel/retry_filter_legacy_call_data.cc +259 -368
  107. data/src/core/client_channel/retry_filter_legacy_call_data.h +22 -25
  108. data/src/core/client_channel/retry_interceptor.cc +408 -0
  109. data/src/core/client_channel/retry_interceptor.h +157 -0
  110. data/src/core/client_channel/retry_service_config.cc +12 -15
  111. data/src/core/client_channel/retry_service_config.h +23 -12
  112. data/src/core/client_channel/retry_throttle.cc +60 -50
  113. data/src/core/client_channel/retry_throttle.h +16 -11
  114. data/src/core/client_channel/subchannel.cc +339 -254
  115. data/src/core/client_channel/subchannel.h +53 -47
  116. data/src/core/client_channel/subchannel_interface_internal.h +1 -1
  117. data/src/core/client_channel/subchannel_pool_interface.cc +1 -5
  118. data/src/core/client_channel/subchannel_pool_interface.h +4 -7
  119. data/src/core/client_channel/subchannel_stream_client.cc +58 -70
  120. data/src/core/client_channel/subchannel_stream_client.h +15 -19
  121. data/src/core/config/config_vars.cc +152 -0
  122. data/src/core/config/config_vars.h +129 -0
  123. data/src/core/config/config_vars_non_generated.cc +49 -0
  124. data/src/core/config/core_configuration.cc +111 -0
  125. data/src/core/config/core_configuration.h +242 -0
  126. data/src/core/config/load_config.cc +78 -0
  127. data/src/core/config/load_config.h +54 -0
  128. data/src/core/credentials/call/call_credentials.h +157 -0
  129. data/src/core/credentials/call/call_creds_util.cc +97 -0
  130. data/src/core/credentials/call/call_creds_util.h +43 -0
  131. data/src/core/credentials/call/composite/composite_call_credentials.cc +115 -0
  132. data/src/core/credentials/call/composite/composite_call_credentials.h +82 -0
  133. data/src/core/credentials/call/external/aws_external_account_credentials.cc +528 -0
  134. data/src/core/credentials/call/external/aws_external_account_credentials.h +117 -0
  135. data/src/core/credentials/call/external/aws_request_signer.cc +230 -0
  136. data/src/core/credentials/call/external/aws_request_signer.h +72 -0
  137. data/src/core/credentials/call/external/external_account_credentials.cc +641 -0
  138. data/src/core/credentials/call/external/external_account_credentials.h +207 -0
  139. data/src/core/credentials/call/external/file_external_account_credentials.cc +174 -0
  140. data/src/core/credentials/call/external/file_external_account_credentials.h +80 -0
  141. data/src/core/credentials/call/external/url_external_account_credentials.cc +222 -0
  142. data/src/core/credentials/call/external/url_external_account_credentials.h +73 -0
  143. data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +196 -0
  144. data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.h +90 -0
  145. data/src/core/credentials/call/iam/iam_credentials.cc +78 -0
  146. data/src/core/credentials/call/iam/iam_credentials.h +66 -0
  147. data/src/core/credentials/call/json_util.cc +69 -0
  148. data/src/core/credentials/call/json_util.h +43 -0
  149. data/src/core/credentials/call/jwt/json_token.cc +318 -0
  150. data/src/core/credentials/call/jwt/json_token.h +78 -0
  151. data/src/core/credentials/call/jwt/jwt_credentials.cc +181 -0
  152. data/src/core/credentials/call/jwt/jwt_credentials.h +106 -0
  153. data/src/core/credentials/call/jwt/jwt_verifier.cc +988 -0
  154. data/src/core/credentials/call/jwt/jwt_verifier.h +122 -0
  155. data/src/core/credentials/call/oauth2/oauth2_credentials.cc +654 -0
  156. data/src/core/credentials/call/oauth2/oauth2_credentials.h +197 -0
  157. data/src/core/credentials/call/plugin/plugin_credentials.cc +201 -0
  158. data/src/core/credentials/call/plugin/plugin_credentials.h +123 -0
  159. data/src/core/credentials/call/token_fetcher/token_fetcher_credentials.cc +304 -0
  160. data/src/core/credentials/call/token_fetcher/token_fetcher_credentials.h +181 -0
  161. data/src/core/credentials/transport/alts/alts_credentials.cc +116 -0
  162. data/src/core/credentials/transport/alts/alts_credentials.h +127 -0
  163. data/src/core/credentials/transport/alts/alts_security_connector.cc +303 -0
  164. data/src/core/credentials/transport/alts/alts_security_connector.h +78 -0
  165. data/src/core/credentials/transport/alts/check_gcp_environment.cc +71 -0
  166. data/src/core/credentials/transport/alts/check_gcp_environment.h +57 -0
  167. data/src/core/credentials/transport/alts/check_gcp_environment_linux.cc +67 -0
  168. data/src/core/credentials/transport/alts/check_gcp_environment_no_op.cc +32 -0
  169. data/src/core/credentials/transport/alts/check_gcp_environment_windows.cc +101 -0
  170. data/src/core/credentials/transport/alts/grpc_alts_credentials_client_options.cc +123 -0
  171. data/src/core/credentials/transport/alts/grpc_alts_credentials_options.cc +45 -0
  172. data/src/core/credentials/transport/alts/grpc_alts_credentials_options.h +74 -0
  173. data/src/core/credentials/transport/alts/grpc_alts_credentials_server_options.cc +55 -0
  174. data/src/core/credentials/transport/channel_creds_registry.h +126 -0
  175. data/src/core/credentials/transport/channel_creds_registry_init.cc +245 -0
  176. data/src/core/credentials/transport/composite/composite_channel_credentials.cc +68 -0
  177. data/src/core/credentials/transport/composite/composite_channel_credentials.h +89 -0
  178. data/src/core/credentials/transport/fake/fake_credentials.cc +81 -0
  179. data/src/core/credentials/transport/fake/fake_credentials.h +92 -0
  180. data/src/core/credentials/transport/fake/fake_security_connector.cc +314 -0
  181. data/src/core/credentials/transport/fake/fake_security_connector.h +42 -0
  182. data/src/core/credentials/transport/google_default/credentials_generic.cc +38 -0
  183. data/src/core/credentials/transport/google_default/google_default_credentials.cc +442 -0
  184. data/src/core/credentials/transport/google_default/google_default_credentials.h +101 -0
  185. data/src/core/credentials/transport/insecure/insecure_credentials.cc +71 -0
  186. data/src/core/credentials/transport/insecure/insecure_credentials.h +61 -0
  187. data/src/core/credentials/transport/insecure/insecure_security_connector.cc +118 -0
  188. data/src/core/credentials/transport/insecure/insecure_security_connector.h +102 -0
  189. data/src/core/credentials/transport/local/local_credentials.cc +68 -0
  190. data/src/core/credentials/transport/local/local_credentials.h +77 -0
  191. data/src/core/credentials/transport/local/local_security_connector.cc +306 -0
  192. data/src/core/credentials/transport/local/local_security_connector.h +62 -0
  193. data/src/core/credentials/transport/security_connector.cc +123 -0
  194. data/src/core/credentials/transport/security_connector.h +197 -0
  195. data/src/core/credentials/transport/ssl/ssl_credentials.cc +474 -0
  196. data/src/core/credentials/transport/ssl/ssl_credentials.h +144 -0
  197. data/src/core/credentials/transport/ssl/ssl_security_connector.cc +403 -0
  198. data/src/core/credentials/transport/ssl/ssl_security_connector.h +81 -0
  199. data/src/core/credentials/transport/tls/certificate_provider_factory.h +69 -0
  200. data/src/core/credentials/transport/tls/certificate_provider_registry.cc +50 -0
  201. data/src/core/credentials/transport/tls/certificate_provider_registry.h +75 -0
  202. data/src/core/credentials/transport/tls/grpc_tls_certificate_distributor.cc +337 -0
  203. data/src/core/credentials/transport/tls/grpc_tls_certificate_distributor.h +215 -0
  204. data/src/core/credentials/transport/tls/grpc_tls_certificate_match.cc +84 -0
  205. data/src/core/credentials/transport/tls/grpc_tls_certificate_provider.cc +490 -0
  206. data/src/core/credentials/transport/tls/grpc_tls_certificate_provider.h +206 -0
  207. data/src/core/credentials/transport/tls/grpc_tls_certificate_verifier.cc +237 -0
  208. data/src/core/credentials/transport/tls/grpc_tls_certificate_verifier.h +169 -0
  209. data/src/core/credentials/transport/tls/grpc_tls_credentials_options.cc +161 -0
  210. data/src/core/credentials/transport/tls/grpc_tls_credentials_options.h +145 -0
  211. data/src/core/credentials/transport/tls/grpc_tls_crl_provider.cc +257 -0
  212. data/src/core/credentials/transport/tls/grpc_tls_crl_provider.h +129 -0
  213. data/src/core/credentials/transport/tls/load_system_roots.h +35 -0
  214. data/src/core/credentials/transport/tls/load_system_roots_fallback.cc +36 -0
  215. data/src/core/credentials/transport/tls/load_system_roots_supported.cc +165 -0
  216. data/src/core/credentials/transport/tls/load_system_roots_supported.h +44 -0
  217. data/src/core/credentials/transport/tls/load_system_roots_windows.cc +85 -0
  218. data/src/core/credentials/transport/tls/ssl_utils.cc +628 -0
  219. data/src/core/credentials/transport/tls/ssl_utils.h +188 -0
  220. data/src/core/credentials/transport/tls/tls_credentials.cc +170 -0
  221. data/src/core/credentials/transport/tls/tls_credentials.h +75 -0
  222. data/src/core/credentials/transport/tls/tls_security_connector.cc +816 -0
  223. data/src/core/credentials/transport/tls/tls_security_connector.h +285 -0
  224. data/src/core/credentials/transport/tls/tls_utils.cc +127 -0
  225. data/src/core/credentials/transport/tls/tls_utils.h +50 -0
  226. data/src/core/credentials/transport/transport_credentials.cc +158 -0
  227. data/src/core/credentials/transport/transport_credentials.h +182 -0
  228. data/src/core/credentials/transport/xds/xds_credentials.cc +231 -0
  229. data/src/core/credentials/transport/xds/xds_credentials.h +110 -0
  230. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +30 -41
  231. data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +11 -9
  232. data/src/core/ext/filters/backend_metrics/backend_metric_provider.h +7 -0
  233. data/src/core/ext/filters/census/grpc_context.cc +7 -10
  234. data/src/core/ext/filters/channel_idle/idle_filter_state.cc +1 -2
  235. data/src/core/ext/filters/channel_idle/idle_filter_state.h +0 -1
  236. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +53 -53
  237. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +22 -19
  238. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +33 -44
  239. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +13 -12
  240. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +4 -5
  241. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +7 -10
  242. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +198 -0
  243. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +97 -0
  244. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +80 -0
  245. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +86 -0
  246. data/src/core/ext/filters/http/client/http_client_filter.cc +19 -17
  247. data/src/core/ext/filters/http/client/http_client_filter.h +12 -10
  248. data/src/core/ext/filters/http/client_authority_filter.cc +20 -23
  249. data/src/core/ext/filters/http/client_authority_filter.h +13 -10
  250. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -2
  251. data/src/core/ext/filters/http/message_compress/compression_filter.cc +74 -73
  252. data/src/core/ext/filters/http/message_compress/compression_filter.h +33 -24
  253. data/src/core/ext/filters/http/server/http_server_filter.cc +21 -23
  254. data/src/core/ext/filters/http/server/http_server_filter.h +11 -9
  255. data/src/core/ext/filters/message_size/message_size_filter.cc +53 -74
  256. data/src/core/ext/filters/message_size/message_size_filter.h +38 -35
  257. data/src/core/ext/filters/rbac/rbac_filter.cc +21 -26
  258. data/src/core/ext/filters/rbac/rbac_filter.h +13 -12
  259. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +19 -13
  260. data/src/core/ext/filters/rbac/rbac_service_config_parser.h +3 -5
  261. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +27 -34
  262. data/src/core/ext/filters/stateful_session/stateful_session_filter.h +11 -9
  263. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +3 -4
  264. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +8 -10
  265. data/src/core/ext/transport/chttp2/alpn/alpn.cc +4 -5
  266. data/src/core/ext/transport/chttp2/alpn/alpn.h +0 -1
  267. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +88 -121
  268. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +9 -15
  269. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +1014 -387
  270. data/src/core/ext/transport/chttp2/server/chttp2_server.h +225 -12
  271. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +27 -39
  272. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +1 -3
  273. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +10 -12
  274. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -3
  275. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +53 -0
  276. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +70 -0
  277. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +795 -642
  278. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +21 -23
  279. data/src/core/ext/transport/chttp2/transport/context_list_entry.h +4 -5
  280. data/src/core/ext/transport/chttp2/transport/decode_huff.cc +2 -2
  281. data/src/core/ext/transport/chttp2/transport/decode_huff.h +2 -2
  282. data/src/core/ext/transport/chttp2/transport/flow_control.cc +12 -17
  283. data/src/core/ext/transport/chttp2/transport/flow_control.h +7 -12
  284. data/src/core/ext/transport/chttp2/transport/frame.cc +112 -74
  285. data/src/core/ext/transport/chttp2/transport/frame.h +50 -5
  286. data/src/core/ext/transport/chttp2/transport/frame_data.cc +23 -22
  287. data/src/core/ext/transport/chttp2/transport/frame_data.h +3 -5
  288. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -18
  289. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -3
  290. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +16 -21
  291. data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -3
  292. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +25 -23
  293. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +6 -6
  294. data/src/core/ext/transport/chttp2/transport/frame_security.cc +80 -0
  295. data/src/core/ext/transport/chttp2/transport/frame_security.h +44 -0
  296. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +45 -28
  297. data/src/core/ext/transport/chttp2/transport/frame_settings.h +2 -4
  298. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +31 -10
  299. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +4 -4
  300. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +21 -22
  301. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +20 -17
  302. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +10 -10
  303. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +3 -4
  304. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +4 -5
  305. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +8 -11
  306. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +113 -107
  307. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +12 -14
  308. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +45 -20
  309. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +30 -11
  310. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +24 -14
  311. data/src/core/ext/transport/chttp2/transport/http2_settings.h +14 -8
  312. data/src/core/ext/transport/chttp2/transport/http2_status.h +52 -0
  313. data/src/core/ext/transport/chttp2/transport/huffsyms.cc +2 -2
  314. data/src/core/ext/transport/chttp2/transport/internal.h +87 -89
  315. data/src/core/ext/transport/chttp2/transport/legacy_frame.h +1 -0
  316. data/src/core/ext/transport/chttp2/transport/parsing.cc +177 -150
  317. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +4 -5
  318. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +1 -1
  319. data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +6 -9
  320. data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +4 -9
  321. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +35 -21
  322. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +8 -9
  323. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +20 -21
  324. data/src/core/ext/transport/chttp2/transport/stream_lists.h +65 -0
  325. data/src/core/ext/transport/chttp2/transport/varint.cc +6 -6
  326. data/src/core/ext/transport/chttp2/transport/varint.h +2 -3
  327. data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +4 -4
  328. data/src/core/ext/transport/chttp2/transport/write_size_policy.h +2 -3
  329. data/src/core/ext/transport/chttp2/transport/writing.cc +186 -153
  330. data/src/core/ext/transport/inproc/inproc_transport.cc +156 -76
  331. data/src/core/ext/transport/inproc/inproc_transport.h +2 -5
  332. data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +140 -137
  333. data/src/core/ext/transport/inproc/legacy_inproc_transport.h +1 -4
  334. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +46 -15
  335. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.c +40 -18
  336. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.h +10 -4
  337. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +124 -92
  338. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +64 -46
  339. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.h +9 -4
  340. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb.h +50 -15
  341. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.c +44 -22
  342. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.h +10 -4
  343. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +204 -69
  344. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +168 -90
  345. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.h +24 -4
  346. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb.h +11 -5
  347. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.c +14 -4
  348. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.h +7 -4
  349. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb.h +19 -6
  350. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.c +18 -8
  351. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.h +7 -4
  352. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb.h +11 -10
  353. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.c +7 -1
  354. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.h +6 -4
  355. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +14 -13
  356. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +11 -5
  357. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.h +6 -4
  358. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb.h +8 -7
  359. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.c +7 -1
  360. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.h +6 -4
  361. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +230 -167
  362. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +94 -81
  363. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.h +7 -4
  364. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb.h +9 -6
  365. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.c +10 -4
  366. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.h +6 -4
  367. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb.h +9 -8
  368. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.c +7 -1
  369. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.h +5 -4
  370. data/src/core/ext/upb-gen/envoy/annotations/resource.upb.h +18 -8
  371. data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.c +13 -6
  372. data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.h +6 -4
  373. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +117 -60
  374. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +121 -55
  375. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.h +21 -4
  376. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +583 -295
  377. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +286 -170
  378. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.h +29 -4
  379. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +68 -41
  380. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +40 -26
  381. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.h +8 -4
  382. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +802 -416
  383. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +358 -231
  384. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.h +31 -4
  385. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +12 -7
  386. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +11 -5
  387. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.h +6 -4
  388. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +218 -74
  389. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +66 -39
  390. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.h +6 -4
  391. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +147 -57
  392. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +128 -66
  393. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.h +20 -4
  394. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +96 -56
  395. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +76 -42
  396. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.h +13 -4
  397. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb.h +11 -6
  398. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.c +11 -5
  399. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.h +6 -4
  400. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +1020 -227
  401. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +390 -119
  402. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +41 -4
  403. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +121 -79
  404. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +78 -48
  405. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.h +12 -4
  406. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +8 -5
  407. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.c +10 -4
  408. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.h +6 -4
  409. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb.h +9 -6
  410. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.c +10 -4
  411. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.h +6 -4
  412. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb.h +11 -5
  413. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.c +14 -4
  414. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.h +7 -4
  415. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +236 -99
  416. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +129 -62
  417. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.h +19 -4
  418. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +273 -139
  419. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +121 -79
  420. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.h +14 -4
  421. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +13 -5
  422. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +11 -5
  423. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.h +6 -4
  424. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +22 -19
  425. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +15 -9
  426. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.h +6 -4
  427. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +419 -173
  428. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +197 -119
  429. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.h +21 -4
  430. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb.h +10 -7
  431. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.c +14 -4
  432. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.h +7 -4
  433. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb.h +15 -7
  434. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.c +15 -5
  435. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.h +7 -4
  436. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
  437. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
  438. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
  439. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +241 -28
  440. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +77 -19
  441. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +13 -4
  442. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +50 -38
  443. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +27 -17
  444. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.h +7 -4
  445. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb.h +11 -6
  446. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.c +11 -5
  447. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.h +6 -4
  448. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +52 -23
  449. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +37 -19
  450. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.h +9 -4
  451. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +134 -62
  452. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +82 -50
  453. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.h +12 -4
  454. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +305 -61
  455. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +90 -36
  456. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.h +12 -4
  457. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb.h +8 -5
  458. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.c +10 -4
  459. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.h +6 -4
  460. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +267 -172
  461. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +130 -87
  462. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.h +15 -4
  463. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +150 -187
  464. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +85 -76
  465. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +11 -5
  466. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +178 -13
  467. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +46 -14
  468. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.h +6 -4
  469. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb.h +14 -7
  470. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.c +16 -6
  471. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.h +7 -4
  472. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +20 -15
  473. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +15 -9
  474. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.h +6 -4
  475. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +84 -55
  476. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +72 -38
  477. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.h +13 -4
  478. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +70 -22
  479. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.c +71 -29
  480. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.h +15 -4
  481. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +321 -50
  482. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +143 -65
  483. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +18 -4
  484. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +111 -65
  485. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +43 -29
  486. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.h +8 -4
  487. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +1541 -823
  488. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +769 -475
  489. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +67 -4
  490. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +33 -23
  491. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +26 -12
  492. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.h +8 -4
  493. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +103 -38
  494. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +97 -47
  495. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.h +17 -4
  496. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb.h +118 -16
  497. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.c +43 -12
  498. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.h +8 -4
  499. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +9 -6
  500. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +10 -4
  501. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.h +6 -4
  502. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +12 -7
  503. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.c +17 -7
  504. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.h +7 -4
  505. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb.h +10 -7
  506. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.c +10 -4
  507. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.h +6 -4
  508. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +27 -15
  509. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +16 -10
  510. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.h +6 -4
  511. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb.h +8 -5
  512. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.c +10 -4
  513. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.h +6 -4
  514. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +32 -25
  515. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +25 -15
  516. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.h +7 -4
  517. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +5 -6
  518. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +3 -2
  519. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +5 -5
  520. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +26 -17
  521. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +22 -12
  522. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.h +7 -4
  523. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +30 -27
  524. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +20 -14
  525. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.h +6 -4
  526. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +513 -405
  527. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +218 -151
  528. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.h +21 -4
  529. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +5 -4
  530. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.c +7 -1
  531. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.h +6 -4
  532. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +24 -11
  533. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.c +33 -11
  534. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.h +10 -4
  535. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +103 -83
  536. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +54 -40
  537. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.h +8 -4
  538. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +444 -0
  539. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +135 -0
  540. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.h +38 -0
  541. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +72 -29
  542. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +34 -18
  543. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.h +7 -4
  544. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +63 -46
  545. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +29 -19
  546. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.h +7 -4
  547. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +16 -11
  548. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +19 -9
  549. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.h +7 -4
  550. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +604 -395
  551. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +303 -215
  552. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.h +26 -4
  553. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +8 -5
  554. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.c +10 -4
  555. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.h +6 -4
  556. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +83 -10
  557. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +28 -11
  558. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.h +6 -4
  559. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +34 -17
  560. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +40 -18
  561. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.h +10 -4
  562. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +6 -5
  563. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.c +7 -1
  564. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.h +6 -4
  565. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +45 -34
  566. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +22 -16
  567. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.h +6 -4
  568. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +8 -5
  569. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.c +10 -4
  570. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.h +6 -4
  571. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +105 -0
  572. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +51 -0
  573. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.h +32 -0
  574. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +5 -4
  575. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.c +3 -1
  576. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.h +5 -4
  577. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +247 -108
  578. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +109 -63
  579. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.h +14 -4
  580. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +25 -12
  581. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.c +27 -13
  582. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.h +8 -4
  583. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +264 -113
  584. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +119 -80
  585. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.h +12 -4
  586. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +51 -13
  587. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +23 -11
  588. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.h +7 -4
  589. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +82 -44
  590. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +49 -31
  591. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.h +9 -4
  592. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb.h +5 -4
  593. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.c +7 -1
  594. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.h +6 -4
  595. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +476 -163
  596. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +179 -96
  597. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +21 -4
  598. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +24 -14
  599. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +20 -10
  600. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.h +7 -4
  601. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +127 -85
  602. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +73 -51
  603. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.h +10 -4
  604. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +17 -14
  605. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +13 -7
  606. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.h +6 -4
  607. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +16 -6
  608. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.c +26 -8
  609. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.h +9 -4
  610. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
  611. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
  612. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
  613. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +42 -6
  614. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +16 -7
  615. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.h +6 -4
  616. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb.h +10 -9
  617. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.c +23 -1
  618. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.h +10 -4
  619. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +22 -14
  620. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +17 -7
  621. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.h +7 -4
  622. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb.h +13 -5
  623. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.c +11 -5
  624. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.h +6 -4
  625. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +9 -6
  626. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.c +10 -4
  627. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.h +6 -4
  628. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +8 -5
  629. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.c +10 -4
  630. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.h +6 -4
  631. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +23 -16
  632. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +27 -13
  633. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.h +8 -4
  634. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb.h +5 -4
  635. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.c +11 -1
  636. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.h +7 -4
  637. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +51 -10
  638. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.c +30 -9
  639. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.h +7 -4
  640. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +14 -6
  641. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.c +15 -5
  642. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.h +7 -4
  643. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +30 -12
  644. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +32 -14
  645. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.h +9 -4
  646. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +24 -10
  647. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.c +40 -10
  648. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.h +12 -4
  649. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +41 -28
  650. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +37 -15
  651. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.h +10 -4
  652. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +12 -7
  653. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.c +19 -5
  654. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.h +8 -4
  655. data/src/core/ext/upb-gen/envoy/type/v3/http.upb.h +5 -4
  656. data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.c +3 -1
  657. data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.h +5 -4
  658. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb.h +6 -5
  659. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.c +7 -1
  660. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.h +6 -4
  661. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb.h +8 -7
  662. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.c +11 -1
  663. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.h +7 -4
  664. data/src/core/ext/upb-gen/envoy/type/v3/range.upb.h +11 -10
  665. data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.c +15 -1
  666. data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.h +8 -4
  667. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +14 -9
  668. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.c +15 -5
  669. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.h +7 -4
  670. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb.h +5 -4
  671. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.c +3 -1
  672. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.h +5 -4
  673. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb.h +8 -7
  674. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.c +7 -1
  675. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.h +6 -4
  676. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb.h +12 -7
  677. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.c +11 -5
  678. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.h +6 -4
  679. data/src/core/ext/upb-gen/google/api/annotations.upb.h +17 -7
  680. data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.c +5 -2
  681. data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.h +5 -4
  682. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +213 -118
  683. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +139 -74
  684. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.h +18 -4
  685. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +576 -123
  686. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +213 -79
  687. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.h +23 -4
  688. data/src/core/ext/upb-gen/google/api/http.upb.h +81 -67
  689. data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +44 -30
  690. data/src/core/ext/upb-gen/google/api/http.upb_minitable.h +8 -4
  691. data/src/core/ext/upb-gen/google/api/httpbody.upb.h +12 -6
  692. data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.c +10 -4
  693. data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.h +6 -4
  694. data/src/core/ext/upb-gen/google/protobuf/any.upb.h +8 -6
  695. data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.c +7 -1
  696. data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.h +6 -4
  697. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +873 -445
  698. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +465 -292
  699. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +57 -21
  700. data/src/core/ext/upb-gen/google/protobuf/duration.upb.h +8 -6
  701. data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.c +7 -1
  702. data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.h +6 -4
  703. data/src/core/ext/upb-gen/google/protobuf/empty.upb.h +6 -4
  704. data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.c +7 -1
  705. data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.h +6 -4
  706. data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +40 -19
  707. data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.c +32 -14
  708. data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.h +9 -4
  709. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb.h +8 -6
  710. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.c +7 -1
  711. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.h +6 -4
  712. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb.h +15 -13
  713. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.c +39 -1
  714. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.h +14 -4
  715. data/src/core/ext/upb-gen/google/rpc/status.upb.h +12 -6
  716. data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.c +10 -4
  717. data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.h +6 -4
  718. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +27 -19
  719. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.c +15 -5
  720. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.h +7 -4
  721. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +205 -149
  722. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +112 -62
  723. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.h +17 -4
  724. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +14 -8
  725. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +15 -5
  726. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +7 -4
  727. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb.h +8 -6
  728. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.c +11 -1
  729. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.h +7 -4
  730. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +53 -28
  731. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +62 -24
  732. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.h +14 -4
  733. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +36 -29
  734. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +21 -7
  735. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.h +8 -4
  736. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +140 -89
  737. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +77 -39
  738. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.h +14 -4
  739. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb.h +69 -23
  740. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.c +31 -12
  741. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.h +8 -4
  742. data/src/core/ext/upb-gen/udpa/annotations/security.upb.h +19 -9
  743. data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.c +13 -6
  744. data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.h +6 -4
  745. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb.h +6 -5
  746. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.c +4 -1
  747. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.h +5 -4
  748. data/src/core/ext/upb-gen/udpa/annotations/status.upb.h +19 -9
  749. data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.c +13 -6
  750. data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.h +6 -4
  751. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb.h +18 -8
  752. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.c +13 -6
  753. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.h +6 -4
  754. data/src/core/ext/upb-gen/validate/validate.upb.h +632 -540
  755. data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +302 -204
  756. data/src/core/ext/upb-gen/validate/validate.upb_minitable.h +29 -5
  757. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb.h +69 -23
  758. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.c +31 -12
  759. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.h +8 -4
  760. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb.h +19 -9
  761. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.c +13 -6
  762. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.h +6 -4
  763. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb.h +6 -5
  764. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.c +4 -1
  765. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.h +5 -4
  766. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb.h +46 -18
  767. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.c +32 -11
  768. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.h +9 -4
  769. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb.h +18 -8
  770. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.c +13 -6
  771. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.h +6 -4
  772. data/src/core/ext/upb-gen/xds/core/v3/authority.upb.h +6 -5
  773. data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.c +7 -1
  774. data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.h +6 -4
  775. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb.h +9 -6
  776. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.c +10 -4
  777. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.h +6 -4
  778. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +16 -9
  779. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.c +18 -8
  780. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.h +7 -4
  781. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +19 -13
  782. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.c +14 -4
  783. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.h +7 -4
  784. data/src/core/ext/upb-gen/xds/core/v3/extension.upb.h +9 -6
  785. data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.c +10 -4
  786. data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.h +6 -4
  787. data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +19 -14
  788. data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +14 -8
  789. data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.h +6 -4
  790. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +33 -23
  791. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +20 -10
  792. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.h +7 -4
  793. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb.h +11 -8
  794. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.c +10 -4
  795. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.h +6 -4
  796. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +53 -37
  797. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.c +24 -6
  798. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.h +9 -4
  799. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb.h +8 -5
  800. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.c +10 -4
  801. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.h +6 -4
  802. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +16 -13
  803. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +13 -7
  804. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.h +6 -4
  805. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb.h +13 -5
  806. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.c +17 -7
  807. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.h +7 -4
  808. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb.h +5 -4
  809. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.c +7 -1
  810. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.h +6 -4
  811. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +22 -9
  812. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +19 -9
  813. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.h +7 -4
  814. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +101 -44
  815. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +88 -46
  816. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.h +15 -4
  817. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb.h +44 -7
  818. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.c +48 -22
  819. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.h +11 -4
  820. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +9 -6
  821. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.c +14 -4
  822. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.h +7 -4
  823. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +18 -10
  824. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.c +17 -7
  825. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.h +7 -4
  826. data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +17 -8
  827. data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.c +19 -9
  828. data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.h +7 -4
  829. data/src/core/ext/upb-gen/xds/type/v3/range.upb.h +12 -10
  830. data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.c +15 -1
  831. data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.h +8 -4
  832. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb.h +9 -6
  833. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.c +10 -4
  834. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.h +6 -4
  835. data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +2 -1
  836. data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -4
  837. data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +2 -1
  838. data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -4
  839. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +2 -1
  840. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -4
  841. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +13 -11
  842. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -4
  843. data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +2 -1
  844. data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -4
  845. data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +2 -1
  846. data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -4
  847. data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +2 -1
  848. data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -4
  849. data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +2 -1
  850. data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -4
  851. data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +2 -1
  852. data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -4
  853. data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +90 -82
  854. data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -4
  855. data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +2 -1
  856. data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -4
  857. data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +2 -1
  858. data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -4
  859. data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +2 -1
  860. data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -4
  861. data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +63 -61
  862. data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -4
  863. data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +223 -211
  864. data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +10 -4
  865. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +2 -1
  866. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -4
  867. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +419 -393
  868. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +10 -4
  869. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +2 -1
  870. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -4
  871. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +116 -106
  872. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -4
  873. data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +2 -1
  874. data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -4
  875. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +2 -1
  876. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -4
  877. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +2 -1
  878. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -4
  879. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +201 -147
  880. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +35 -4
  881. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +12 -12
  882. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -4
  883. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +2 -1
  884. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -4
  885. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +2 -1
  886. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -4
  887. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +2 -1
  888. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -4
  889. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +175 -165
  890. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -4
  891. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +199 -188
  892. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -4
  893. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +2 -1
  894. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -4
  895. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +2 -1
  896. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -4
  897. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +272 -255
  898. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -4
  899. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +2 -1
  900. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -4
  901. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +2 -1
  902. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -4
  903. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
  904. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
  905. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +31 -20
  906. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +20 -4
  907. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +2 -1
  908. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -4
  909. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +2 -1
  910. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -4
  911. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +2 -1
  912. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -4
  913. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +41 -37
  914. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -4
  915. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +124 -94
  916. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +10 -4
  917. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +2 -1
  918. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -4
  919. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +43 -40
  920. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -4
  921. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +60 -66
  922. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -9
  923. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +75 -56
  924. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -4
  925. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +2 -1
  926. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -4
  927. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +2 -1
  928. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -4
  929. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +2 -1
  930. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -4
  931. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +51 -49
  932. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -4
  933. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +119 -97
  934. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +10 -4
  935. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +2 -1
  936. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -4
  937. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +922 -895
  938. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +15 -4
  939. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +2 -1
  940. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -4
  941. data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +2 -1
  942. data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -4
  943. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +32 -21
  944. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +10 -4
  945. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +20 -18
  946. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -4
  947. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +2 -1
  948. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -4
  949. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +2 -1
  950. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -4
  951. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +2 -1
  952. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -4
  953. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +2 -1
  954. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -4
  955. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +2 -1
  956. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -4
  957. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +17 -19
  958. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -4
  959. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +2 -1
  960. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -4
  961. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +23 -21
  962. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -4
  963. data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +147 -143
  964. data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -4
  965. data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +2 -1
  966. data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -4
  967. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +2 -1
  968. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -4
  969. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +2 -1
  970. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -4
  971. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +87 -0
  972. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +48 -0
  973. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +38 -34
  974. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -4
  975. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +2 -1
  976. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -4
  977. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +2 -1
  978. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -4
  979. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +465 -459
  980. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -4
  981. data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +2 -1
  982. data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -4
  983. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +50 -0
  984. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +33 -0
  985. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +2 -1
  986. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -4
  987. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +96 -88
  988. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +10 -4
  989. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +2 -1
  990. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -4
  991. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +204 -192
  992. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -4
  993. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +21 -18
  994. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -4
  995. data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +2 -1
  996. data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -4
  997. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +2 -1
  998. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -4
  999. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +150 -136
  1000. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +10 -4
  1001. data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +2 -1
  1002. data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -4
  1003. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +25 -23
  1004. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -4
  1005. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +2 -1
  1006. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -4
  1007. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +2 -1
  1008. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -4
  1009. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
  1010. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
  1011. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +28 -20
  1012. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -4
  1013. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +2 -1
  1014. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -4
  1015. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +2 -1
  1016. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -4
  1017. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +2 -1
  1018. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -4
  1019. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +2 -1
  1020. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -4
  1021. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +2 -1
  1022. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -4
  1023. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +2 -1
  1024. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -4
  1025. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +2 -1
  1026. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -4
  1027. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +41 -34
  1028. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -4
  1029. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +2 -1
  1030. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -4
  1031. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +2 -1
  1032. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -4
  1033. data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +2 -1
  1034. data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -4
  1035. data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +2 -1
  1036. data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -4
  1037. data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +2 -1
  1038. data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -4
  1039. data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +2 -1
  1040. data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -4
  1041. data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +2 -1
  1042. data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -4
  1043. data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +2 -1
  1044. data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -4
  1045. data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +2 -1
  1046. data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -4
  1047. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +2 -1
  1048. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -4
  1049. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +2 -1
  1050. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -4
  1051. data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +2 -1
  1052. data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -4
  1053. data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +2 -1
  1054. data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -4
  1055. data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +2 -1
  1056. data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -4
  1057. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +110 -108
  1058. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -4
  1059. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +103 -79
  1060. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +15 -4
  1061. data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +2 -1
  1062. data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -4
  1063. data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +2 -1
  1064. data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -4
  1065. data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +2 -1
  1066. data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -4
  1067. data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +496 -458
  1068. data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -4
  1069. data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +2 -1
  1070. data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -4
  1071. data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +2 -1
  1072. data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -4
  1073. data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +2 -1
  1074. data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -4
  1075. data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +2 -1
  1076. data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -4
  1077. data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +2 -1
  1078. data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -4
  1079. data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +2 -1
  1080. data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -4
  1081. data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +2 -1
  1082. data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -4
  1083. data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +2 -1
  1084. data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -4
  1085. data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +2 -1
  1086. data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -4
  1087. data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +2 -1
  1088. data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -4
  1089. data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +2 -1
  1090. data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -4
  1091. data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +2 -1
  1092. data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -4
  1093. data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +2 -1
  1094. data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -4
  1095. data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +2 -1
  1096. data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -4
  1097. data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +2 -1
  1098. data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -4
  1099. data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +2 -1
  1100. data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -4
  1101. data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +2 -1
  1102. data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -4
  1103. data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +2 -1
  1104. data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -4
  1105. data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +2 -1
  1106. data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -4
  1107. data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +2 -1
  1108. data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -4
  1109. data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +2 -1
  1110. data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -4
  1111. data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +2 -1
  1112. data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -4
  1113. data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +2 -1
  1114. data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -4
  1115. data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +2 -1
  1116. data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -4
  1117. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +2 -1
  1118. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -4
  1119. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +2 -1
  1120. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -4
  1121. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +2 -1
  1122. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -4
  1123. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +2 -1
  1124. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -4
  1125. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +2 -1
  1126. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -4
  1127. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +2 -1
  1128. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -4
  1129. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +2 -1
  1130. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -4
  1131. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +2 -1
  1132. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -4
  1133. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +2 -1
  1134. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -4
  1135. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +2 -1
  1136. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -4
  1137. data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +2 -1
  1138. data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -4
  1139. data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +2 -1
  1140. data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -4
  1141. data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +2 -1
  1142. data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -4
  1143. data/src/core/filter/auth/auth_filters.h +233 -0
  1144. data/src/core/filter/auth/client_auth_filter.cc +310 -0
  1145. data/src/core/filter/auth/server_auth_filter.cc +208 -0
  1146. data/src/core/filter/blackboard.cc +33 -0
  1147. data/src/core/filter/blackboard.h +70 -0
  1148. data/src/core/filter/filter_args.h +112 -0
  1149. data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.cc +81 -0
  1150. data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.h +37 -0
  1151. data/src/core/handshaker/handshaker.cc +188 -0
  1152. data/src/core/handshaker/handshaker.h +170 -0
  1153. data/src/core/handshaker/handshaker_factory.h +89 -0
  1154. data/src/core/handshaker/handshaker_registry.cc +60 -0
  1155. data/src/core/handshaker/handshaker_registry.h +69 -0
  1156. data/src/core/handshaker/http_connect/http_connect_handshaker.cc +357 -0
  1157. data/src/core/handshaker/http_connect/http_connect_handshaker.h +42 -0
  1158. data/src/core/handshaker/http_connect/http_proxy_mapper.cc +296 -0
  1159. data/src/core/handshaker/http_connect/http_proxy_mapper.h +52 -0
  1160. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +57 -0
  1161. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +46 -0
  1162. data/src/core/handshaker/proxy_mapper.h +52 -0
  1163. data/src/core/handshaker/proxy_mapper_registry.cc +70 -0
  1164. data/src/core/handshaker/proxy_mapper_registry.h +74 -0
  1165. data/src/core/handshaker/security/secure_endpoint.cc +578 -0
  1166. data/src/core/handshaker/security/secure_endpoint.h +41 -0
  1167. data/src/core/handshaker/security/security_handshaker.cc +626 -0
  1168. data/src/core/handshaker/security/security_handshaker.h +45 -0
  1169. data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +232 -0
  1170. data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.h +39 -0
  1171. data/src/core/lib/address_utils/parse_address.cc +33 -44
  1172. data/src/core/lib/address_utils/parse_address.h +1 -3
  1173. data/src/core/lib/address_utils/sockaddr_utils.cc +22 -19
  1174. data/src/core/lib/address_utils/sockaddr_utils.h +0 -2
  1175. data/src/core/lib/channel/channel_args.cc +33 -39
  1176. data/src/core/lib/channel/channel_args.h +91 -59
  1177. data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
  1178. data/src/core/lib/channel/channel_args_preconditioning.h +2 -3
  1179. data/src/core/lib/channel/channel_stack.cc +19 -81
  1180. data/src/core/lib/channel/channel_stack.h +28 -65
  1181. data/src/core/lib/channel/channel_stack_builder.cc +2 -2
  1182. data/src/core/lib/channel/channel_stack_builder.h +1 -7
  1183. data/src/core/lib/channel/channel_stack_builder_impl.cc +6 -158
  1184. data/src/core/lib/channel/channel_stack_builder_impl.h +13 -3
  1185. data/src/core/lib/channel/connected_channel.cc +52 -709
  1186. data/src/core/lib/channel/promise_based_filter.cc +258 -333
  1187. data/src/core/lib/channel/promise_based_filter.h +268 -638
  1188. data/src/core/lib/compression/compression.cc +9 -11
  1189. data/src/core/lib/compression/compression_internal.cc +16 -19
  1190. data/src/core/lib/compression/compression_internal.h +5 -8
  1191. data/src/core/lib/compression/message_compress.cc +16 -18
  1192. data/src/core/lib/compression/message_compress.h +1 -2
  1193. data/src/core/lib/debug/trace.cc +48 -67
  1194. data/src/core/lib/debug/trace.h +2 -97
  1195. data/src/core/lib/debug/trace_flags.cc +243 -0
  1196. data/src/core/lib/debug/trace_flags.h +131 -0
  1197. data/src/core/lib/debug/trace_impl.h +125 -0
  1198. data/src/core/lib/event_engine/ares_resolver.cc +171 -100
  1199. data/src/core/lib/event_engine/ares_resolver.h +17 -28
  1200. data/src/core/lib/event_engine/cf_engine/cf_engine.cc +16 -19
  1201. data/src/core/lib/event_engine/cf_engine/cf_engine.h +3 -5
  1202. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +53 -41
  1203. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +6 -10
  1204. data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +3 -5
  1205. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +29 -36
  1206. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +7 -10
  1207. data/src/core/lib/event_engine/channel_args_endpoint_config.cc +8 -12
  1208. data/src/core/lib/event_engine/channel_args_endpoint_config.h +7 -10
  1209. data/src/core/lib/event_engine/common_closures.h +3 -6
  1210. data/src/core/lib/event_engine/default_event_engine.cc +69 -43
  1211. data/src/core/lib/event_engine/default_event_engine.h +27 -37
  1212. data/src/core/lib/event_engine/default_event_engine_factory.cc +15 -22
  1213. data/src/core/lib/event_engine/default_event_engine_factory.h +4 -7
  1214. data/src/core/lib/event_engine/event_engine.cc +37 -9
  1215. data/src/core/lib/event_engine/event_engine_context.h +5 -4
  1216. data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -4
  1217. data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -5
  1218. data/src/core/lib/event_engine/extensions/iomgr_compatible.h +39 -0
  1219. data/src/core/lib/event_engine/extensions/supports_fd.h +27 -6
  1220. data/src/core/lib/event_engine/extensions/supports_win_sockets.h +48 -0
  1221. data/src/core/lib/event_engine/extensions/tcp_trace.h +40 -0
  1222. data/src/core/lib/event_engine/forkable.cc +14 -17
  1223. data/src/core/lib/event_engine/forkable.h +2 -17
  1224. data/src/core/lib/event_engine/grpc_polled_fd.h +4 -8
  1225. data/src/core/lib/event_engine/handle_containers.h +3 -7
  1226. data/src/core/lib/event_engine/memory_allocator_factory.h +3 -7
  1227. data/src/core/lib/event_engine/nameser.h +1 -1
  1228. data/src/core/lib/event_engine/poller.h +3 -6
  1229. data/src/core/lib/event_engine/posix.h +3 -6
  1230. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +32 -80
  1231. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +8 -12
  1232. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +31 -82
  1233. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +4 -8
  1234. data/src/core/lib/event_engine/posix_engine/event_poller.h +3 -7
  1235. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +4 -7
  1236. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -4
  1237. data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +5 -10
  1238. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +7 -10
  1239. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -5
  1240. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +9 -13
  1241. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -5
  1242. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +5 -8
  1243. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -5
  1244. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +116 -115
  1245. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +24 -27
  1246. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +94 -74
  1247. data/src/core/lib/event_engine/posix_engine/posix_engine.h +18 -19
  1248. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +3 -6
  1249. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +30 -35
  1250. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +15 -17
  1251. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +55 -37
  1252. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +7 -7
  1253. data/src/core/lib/event_engine/posix_engine/set_socket_dualstack.cc +64 -0
  1254. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +43 -49
  1255. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +12 -14
  1256. data/src/core/lib/event_engine/posix_engine/timer.cc +9 -12
  1257. data/src/core/lib/event_engine/posix_engine/timer.h +8 -13
  1258. data/src/core/lib/event_engine/posix_engine/timer_heap.cc +4 -7
  1259. data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -4
  1260. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +21 -32
  1261. data/src/core/lib/event_engine/posix_engine/timer_manager.h +8 -13
  1262. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +11 -18
  1263. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +26 -30
  1264. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +5 -8
  1265. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -5
  1266. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +14 -9
  1267. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -5
  1268. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -4
  1269. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -5
  1270. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -4
  1271. data/src/core/lib/event_engine/query_extensions.h +5 -6
  1272. data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +4 -9
  1273. data/src/core/lib/event_engine/resolved_address.cc +10 -11
  1274. data/src/core/lib/event_engine/resolved_address_internal.h +3 -6
  1275. data/src/core/lib/event_engine/shim.cc +13 -22
  1276. data/src/core/lib/event_engine/shim.h +13 -4
  1277. data/src/core/lib/event_engine/slice.cc +7 -11
  1278. data/src/core/lib/event_engine/slice_buffer.cc +4 -8
  1279. data/src/core/lib/event_engine/tcp_socket_utils.cc +27 -34
  1280. data/src/core/lib/event_engine/tcp_socket_utils.h +6 -9
  1281. data/src/core/lib/event_engine/thread_local.cc +4 -6
  1282. data/src/core/lib/event_engine/thread_local.h +3 -5
  1283. data/src/core/lib/event_engine/thread_pool/thread_count.cc +7 -12
  1284. data/src/core/lib/event_engine/thread_pool/thread_count.h +8 -24
  1285. data/src/core/lib/event_engine/thread_pool/thread_pool.h +3 -8
  1286. data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +3 -6
  1287. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +63 -64
  1288. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +13 -20
  1289. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +52 -27
  1290. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +9 -11
  1291. data/src/core/lib/event_engine/time_util.cc +5 -8
  1292. data/src/core/lib/event_engine/time_util.h +3 -7
  1293. data/src/core/lib/event_engine/utils.cc +21 -10
  1294. data/src/core/lib/event_engine/utils.h +11 -8
  1295. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +160 -136
  1296. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +6 -10
  1297. data/src/core/lib/event_engine/windows/iocp.cc +26 -26
  1298. data/src/core/lib/event_engine/windows/iocp.h +4 -7
  1299. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +6 -10
  1300. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
  1301. data/src/core/lib/event_engine/windows/win_socket.cc +60 -40
  1302. data/src/core/lib/event_engine/windows/win_socket.h +13 -14
  1303. data/src/core/lib/event_engine/windows/windows_endpoint.cc +65 -58
  1304. data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
  1305. data/src/core/lib/event_engine/windows/windows_engine.cc +290 -140
  1306. data/src/core/lib/event_engine/windows/windows_engine.h +153 -39
  1307. data/src/core/lib/event_engine/windows/windows_listener.cc +34 -51
  1308. data/src/core/lib/event_engine/windows/windows_listener.h +15 -13
  1309. data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +5 -7
  1310. data/src/core/lib/event_engine/work_queue/basic_work_queue.h +4 -9
  1311. data/src/core/lib/event_engine/work_queue/work_queue.h +3 -7
  1312. data/src/core/lib/experiments/config.cc +59 -32
  1313. data/src/core/lib/experiments/config.h +55 -2
  1314. data/src/core/lib/experiments/experiments.cc +470 -360
  1315. data/src/core/lib/experiments/experiments.h +210 -147
  1316. data/src/core/lib/iomgr/buffer_list.cc +7 -8
  1317. data/src/core/lib/iomgr/buffer_list.h +23 -24
  1318. data/src/core/lib/iomgr/call_combiner.cc +42 -68
  1319. data/src/core/lib/iomgr/call_combiner.h +12 -17
  1320. data/src/core/lib/iomgr/cfstream_handle.cc +14 -22
  1321. data/src/core/lib/iomgr/cfstream_handle.h +1 -1
  1322. data/src/core/lib/iomgr/closure.cc +2 -2
  1323. data/src/core/lib/iomgr/closure.h +15 -22
  1324. data/src/core/lib/iomgr/combiner.cc +38 -53
  1325. data/src/core/lib/iomgr/combiner.h +2 -6
  1326. data/src/core/lib/iomgr/endpoint.cc +1 -7
  1327. data/src/core/lib/iomgr/endpoint.h +4 -6
  1328. data/src/core/lib/iomgr/endpoint_cfstream.cc +45 -76
  1329. data/src/core/lib/iomgr/endpoint_pair_posix.cc +50 -25
  1330. data/src/core/lib/iomgr/endpoint_pair_windows.cc +56 -22
  1331. data/src/core/lib/iomgr/error.cc +52 -78
  1332. data/src/core/lib/iomgr/error.h +8 -11
  1333. data/src/core/lib/iomgr/error_cfstream.cc +1 -3
  1334. data/src/core/lib/iomgr/ev_apple.cc +16 -24
  1335. data/src/core/lib/iomgr/ev_epoll1_linux.cc +94 -127
  1336. data/src/core/lib/iomgr/ev_poll_posix.cc +75 -62
  1337. data/src/core/lib/iomgr/ev_posix.cc +68 -60
  1338. data/src/core/lib/iomgr/ev_posix.h +9 -12
  1339. data/src/core/lib/iomgr/event_engine_shims/closure.cc +11 -16
  1340. data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -3
  1341. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +36 -56
  1342. data/src/core/lib/iomgr/event_engine_shims/endpoint.h +1 -2
  1343. data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +10 -16
  1344. data/src/core/lib/iomgr/event_engine_shims/tcp_client.h +1 -2
  1345. data/src/core/lib/iomgr/exec_ctx.cc +15 -25
  1346. data/src/core/lib/iomgr/exec_ctx.h +21 -142
  1347. data/src/core/lib/iomgr/executor.cc +60 -70
  1348. data/src/core/lib/iomgr/executor.h +2 -2
  1349. data/src/core/lib/iomgr/fork_posix.cc +11 -15
  1350. data/src/core/lib/iomgr/fork_windows.cc +3 -2
  1351. data/src/core/lib/iomgr/internal_errqueue.cc +5 -6
  1352. data/src/core/lib/iomgr/iocp_windows.cc +16 -15
  1353. data/src/core/lib/iomgr/iocp_windows.h +0 -1
  1354. data/src/core/lib/iomgr/iomgr.cc +19 -26
  1355. data/src/core/lib/iomgr/iomgr.h +0 -1
  1356. data/src/core/lib/iomgr/iomgr_internal.cc +1 -2
  1357. data/src/core/lib/iomgr/iomgr_internal.h +0 -1
  1358. data/src/core/lib/iomgr/iomgr_posix.cc +2 -1
  1359. data/src/core/lib/iomgr/iomgr_windows.cc +7 -6
  1360. data/src/core/lib/iomgr/lockfree_event.cc +12 -21
  1361. data/src/core/lib/iomgr/lockfree_event.h +1 -2
  1362. data/src/core/lib/iomgr/nameser.h +1 -1
  1363. data/src/core/lib/iomgr/polling_entity.cc +18 -17
  1364. data/src/core/lib/iomgr/pollset.cc +2 -2
  1365. data/src/core/lib/iomgr/pollset.h +0 -3
  1366. data/src/core/lib/iomgr/pollset_set.cc +2 -2
  1367. data/src/core/lib/iomgr/pollset_set_windows.cc +0 -1
  1368. data/src/core/lib/iomgr/pollset_windows.cc +2 -6
  1369. data/src/core/lib/iomgr/pollset_windows.h +0 -1
  1370. data/src/core/lib/iomgr/port.h +2 -2
  1371. data/src/core/lib/iomgr/python_util.h +1 -2
  1372. data/src/core/lib/iomgr/resolve_address.cc +4 -7
  1373. data/src/core/lib/iomgr/resolve_address.h +3 -6
  1374. data/src/core/lib/iomgr/resolve_address_impl.h +0 -1
  1375. data/src/core/lib/iomgr/resolve_address_posix.cc +12 -23
  1376. data/src/core/lib/iomgr/resolve_address_windows.cc +9 -14
  1377. data/src/core/lib/iomgr/resolved_address.h +0 -1
  1378. data/src/core/lib/iomgr/sockaddr_utils_posix.cc +5 -6
  1379. data/src/core/lib/iomgr/socket_factory_posix.cc +1 -1
  1380. data/src/core/lib/iomgr/socket_factory_posix.h +1 -2
  1381. data/src/core/lib/iomgr/socket_mutator.cc +3 -5
  1382. data/src/core/lib/iomgr/socket_mutator.h +2 -4
  1383. data/src/core/lib/iomgr/socket_utils.h +0 -1
  1384. data/src/core/lib/iomgr/socket_utils_common_posix.cc +46 -52
  1385. data/src/core/lib/iomgr/socket_utils_linux.cc +1 -3
  1386. data/src/core/lib/iomgr/socket_utils_posix.cc +23 -14
  1387. data/src/core/lib/iomgr/socket_utils_posix.h +13 -4
  1388. data/src/core/lib/iomgr/socket_utils_windows.cc +1 -3
  1389. data/src/core/lib/iomgr/socket_windows.cc +11 -14
  1390. data/src/core/lib/iomgr/socket_windows.h +1 -2
  1391. data/src/core/lib/iomgr/tcp_client.cc +2 -2
  1392. data/src/core/lib/iomgr/tcp_client.h +1 -2
  1393. data/src/core/lib/iomgr/tcp_client_cfstream.cc +20 -29
  1394. data/src/core/lib/iomgr/tcp_client_posix.cc +33 -49
  1395. data/src/core/lib/iomgr/tcp_client_posix.h +1 -1
  1396. data/src/core/lib/iomgr/tcp_client_windows.cc +9 -12
  1397. data/src/core/lib/iomgr/tcp_posix.cc +176 -217
  1398. data/src/core/lib/iomgr/tcp_posix.h +10 -4
  1399. data/src/core/lib/iomgr/tcp_server.cc +2 -2
  1400. data/src/core/lib/iomgr/tcp_server.h +3 -4
  1401. data/src/core/lib/iomgr/tcp_server_posix.cc +71 -83
  1402. data/src/core/lib/iomgr/tcp_server_utils_posix.h +0 -1
  1403. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +14 -21
  1404. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +13 -14
  1405. data/src/core/lib/iomgr/tcp_server_windows.cc +58 -55
  1406. data/src/core/lib/iomgr/tcp_windows.cc +38 -66
  1407. data/src/core/lib/iomgr/timer.cc +2 -2
  1408. data/src/core/lib/iomgr/timer.h +2 -3
  1409. data/src/core/lib/iomgr/timer_generic.cc +73 -106
  1410. data/src/core/lib/iomgr/timer_generic.h +0 -1
  1411. data/src/core/lib/iomgr/timer_heap.cc +4 -6
  1412. data/src/core/lib/iomgr/timer_manager.cc +28 -53
  1413. data/src/core/lib/iomgr/timer_manager.h +0 -1
  1414. data/src/core/lib/iomgr/unix_sockets_posix.cc +5 -6
  1415. data/src/core/lib/iomgr/unix_sockets_posix.h +1 -3
  1416. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +2 -4
  1417. data/src/core/lib/iomgr/vsock.cc +5 -8
  1418. data/src/core/lib/iomgr/vsock.h +1 -3
  1419. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -4
  1420. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +16 -9
  1421. data/src/core/lib/promise/activity.cc +6 -5
  1422. data/src/core/lib/promise/activity.h +86 -34
  1423. data/src/core/lib/promise/all_ok.h +83 -9
  1424. data/src/core/lib/promise/arena_promise.h +1 -3
  1425. data/src/core/lib/promise/cancel_callback.h +34 -6
  1426. data/src/core/lib/promise/context.h +18 -9
  1427. data/src/core/lib/promise/detail/basic_seq.h +33 -20
  1428. data/src/core/lib/promise/detail/join_state.h +555 -812
  1429. data/src/core/lib/promise/detail/promise_factory.h +122 -46
  1430. data/src/core/lib/promise/detail/promise_like.h +48 -13
  1431. data/src/core/lib/promise/detail/seq_state.h +1378 -2254
  1432. data/src/core/lib/promise/detail/status.h +36 -14
  1433. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +1 -2
  1434. data/src/core/lib/promise/for_each.h +108 -41
  1435. data/src/core/lib/promise/if.h +67 -35
  1436. data/src/core/lib/promise/interceptor_list.h +31 -45
  1437. data/src/core/lib/promise/latch.h +39 -46
  1438. data/src/core/lib/promise/loop.h +83 -27
  1439. data/src/core/lib/promise/map.h +248 -21
  1440. data/src/core/lib/promise/observable.h +181 -0
  1441. data/src/core/lib/promise/party.cc +331 -154
  1442. data/src/core/lib/promise/party.h +395 -396
  1443. data/src/core/lib/promise/pipe.h +45 -68
  1444. data/src/core/lib/promise/poll.h +124 -41
  1445. data/src/core/lib/promise/prioritized_race.h +16 -22
  1446. data/src/core/lib/promise/promise.h +14 -9
  1447. data/src/core/lib/promise/race.h +12 -15
  1448. data/src/core/lib/promise/seq.h +98 -70
  1449. data/src/core/lib/promise/sleep.cc +7 -8
  1450. data/src/core/lib/promise/sleep.h +17 -5
  1451. data/src/core/lib/promise/status_flag.h +190 -56
  1452. data/src/core/lib/promise/try_join.h +156 -25
  1453. data/src/core/lib/promise/try_seq.h +152 -89
  1454. data/src/core/lib/resource_quota/api.cc +4 -7
  1455. data/src/core/lib/resource_quota/api.h +3 -5
  1456. data/src/core/lib/resource_quota/arena.cc +64 -87
  1457. data/src/core/lib/resource_quota/arena.h +224 -210
  1458. data/src/core/lib/resource_quota/connection_quota.cc +8 -10
  1459. data/src/core/lib/resource_quota/connection_quota.h +7 -4
  1460. data/src/core/lib/resource_quota/memory_quota.cc +100 -97
  1461. data/src/core/lib/resource_quota/memory_quota.h +31 -25
  1462. data/src/core/lib/resource_quota/periodic_update.cc +5 -5
  1463. data/src/core/lib/resource_quota/periodic_update.h +1 -3
  1464. data/src/core/lib/resource_quota/resource_quota.cc +2 -2
  1465. data/src/core/lib/resource_quota/resource_quota.h +6 -8
  1466. data/src/core/lib/resource_quota/thread_quota.cc +4 -4
  1467. data/src/core/lib/resource_quota/thread_quota.h +3 -4
  1468. data/src/core/lib/security/authorization/audit_logging.cc +10 -12
  1469. data/src/core/lib/security/authorization/audit_logging.h +3 -5
  1470. data/src/core/lib/security/authorization/authorization_engine.h +1 -1
  1471. data/src/core/lib/security/authorization/authorization_policy_provider.h +5 -7
  1472. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +3 -4
  1473. data/src/core/lib/security/authorization/evaluate_args.cc +15 -20
  1474. data/src/core/lib/security/authorization/evaluate_args.h +5 -7
  1475. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +4 -5
  1476. data/src/core/lib/security/authorization/grpc_authorization_engine.h +1 -3
  1477. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +25 -41
  1478. data/src/core/lib/security/authorization/grpc_server_authz_filter.h +17 -16
  1479. data/src/core/lib/security/authorization/matchers.cc +5 -8
  1480. data/src/core/lib/security/authorization/matchers.h +4 -6
  1481. data/src/core/lib/security/authorization/rbac_policy.cc +3 -3
  1482. data/src/core/lib/security/authorization/rbac_policy.h +5 -8
  1483. data/src/core/lib/security/authorization/stdout_logger.cc +7 -7
  1484. data/src/core/lib/security/authorization/stdout_logger.h +2 -3
  1485. data/src/core/lib/slice/percent_encoding.cc +4 -6
  1486. data/src/core/lib/slice/slice.cc +13 -15
  1487. data/src/core/lib/slice/slice.h +14 -11
  1488. data/src/core/lib/slice/slice_buffer.cc +20 -21
  1489. data/src/core/lib/slice/slice_buffer.h +4 -6
  1490. data/src/core/lib/slice/slice_internal.h +4 -7
  1491. data/src/core/lib/slice/slice_refcount.h +7 -15
  1492. data/src/core/lib/slice/slice_string_helpers.cc +3 -3
  1493. data/src/core/lib/slice/slice_string_helpers.h +1 -3
  1494. data/src/core/lib/surface/byte_buffer.cc +2 -4
  1495. data/src/core/lib/surface/byte_buffer_reader.cc +5 -7
  1496. data/src/core/lib/surface/call.cc +218 -4007
  1497. data/src/core/lib/surface/call.h +180 -103
  1498. data/src/core/lib/surface/call_details.cc +5 -5
  1499. data/src/core/lib/surface/call_log_batch.cc +7 -11
  1500. data/src/core/lib/surface/call_test_only.h +2 -4
  1501. data/src/core/lib/surface/call_utils.cc +231 -0
  1502. data/src/core/lib/surface/call_utils.h +492 -0
  1503. data/src/core/lib/surface/channel.cc +53 -59
  1504. data/src/core/lib/surface/channel.h +23 -22
  1505. data/src/core/lib/surface/channel_create.cc +31 -15
  1506. data/src/core/lib/surface/channel_create.h +3 -3
  1507. data/src/core/lib/surface/channel_init.cc +274 -271
  1508. data/src/core/lib/surface/channel_init.h +180 -121
  1509. data/src/core/lib/surface/channel_stack_type.cc +2 -2
  1510. data/src/core/lib/surface/completion_queue.cc +195 -171
  1511. data/src/core/lib/surface/completion_queue.h +4 -14
  1512. data/src/core/lib/surface/completion_queue_factory.cc +8 -9
  1513. data/src/core/lib/surface/completion_queue_factory.h +1 -2
  1514. data/src/core/lib/surface/connection_context.cc +77 -0
  1515. data/src/core/lib/surface/connection_context.h +156 -0
  1516. data/src/core/lib/surface/event_string.cc +9 -3
  1517. data/src/core/lib/surface/event_string.h +1 -2
  1518. data/src/core/lib/surface/filter_stack_call.cc +1167 -0
  1519. data/src/core/lib/surface/filter_stack_call.h +366 -0
  1520. data/src/core/lib/surface/init.cc +76 -33
  1521. data/src/core/lib/surface/init.h +5 -0
  1522. data/src/core/lib/surface/init_internally.cc +2 -2
  1523. data/src/core/lib/surface/init_internally.h +13 -2
  1524. data/src/core/lib/surface/lame_client.cc +21 -27
  1525. data/src/core/lib/surface/lame_client.h +9 -13
  1526. data/src/core/lib/surface/legacy_channel.cc +89 -69
  1527. data/src/core/lib/surface/legacy_channel.h +16 -27
  1528. data/src/core/lib/surface/metadata_array.cc +6 -7
  1529. data/src/core/lib/surface/validate_metadata.cc +4 -6
  1530. data/src/core/lib/surface/validate_metadata.h +3 -6
  1531. data/src/core/lib/surface/version.cc +3 -4
  1532. data/src/core/lib/transport/bdp_estimator.cc +14 -20
  1533. data/src/core/lib/transport/bdp_estimator.h +12 -18
  1534. data/src/core/lib/transport/call_final_info.cc +2 -2
  1535. data/src/core/lib/transport/call_final_info.h +3 -4
  1536. data/src/core/lib/transport/connectivity_state.cc +44 -54
  1537. data/src/core/lib/transport/connectivity_state.h +5 -11
  1538. data/src/core/lib/transport/error_utils.cc +68 -16
  1539. data/src/core/lib/transport/error_utils.h +4 -6
  1540. data/src/core/lib/transport/status_conversion.cc +17 -15
  1541. data/src/core/lib/transport/status_conversion.h +7 -7
  1542. data/src/core/lib/transport/timeout_encoding.cc +26 -27
  1543. data/src/core/lib/transport/timeout_encoding.h +3 -4
  1544. data/src/core/lib/transport/transport.cc +7 -14
  1545. data/src/core/lib/transport/transport.h +110 -99
  1546. data/src/core/lib/transport/transport_framing_endpoint_extension.h +47 -0
  1547. data/src/core/lib/transport/transport_op_string.cc +3 -6
  1548. data/src/core/load_balancing/address_filtering.cc +2 -4
  1549. data/src/core/load_balancing/address_filtering.h +2 -3
  1550. data/src/core/load_balancing/backend_metric_parser.cc +22 -30
  1551. data/src/core/load_balancing/backend_metric_parser.h +0 -2
  1552. data/src/core/load_balancing/child_policy_handler.cc +42 -46
  1553. data/src/core/load_balancing/child_policy_handler.h +2 -3
  1554. data/src/core/load_balancing/delegating_helper.h +6 -8
  1555. data/src/core/load_balancing/endpoint_list.cc +28 -22
  1556. data/src/core/load_balancing/endpoint_list.h +39 -28
  1557. data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +35 -36
  1558. data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +21 -7
  1559. data/src/core/load_balancing/grpclb/grpclb.cc +202 -254
  1560. data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +2 -3
  1561. data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.h +1 -2
  1562. data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +3 -5
  1563. data/src/core/load_balancing/grpclb/grpclb_client_stats.h +4 -7
  1564. data/src/core/load_balancing/grpclb/load_balancer_api.cc +7 -11
  1565. data/src/core/load_balancing/grpclb/load_balancer_api.h +3 -6
  1566. data/src/core/load_balancing/health_check_client.cc +78 -131
  1567. data/src/core/load_balancing/health_check_client.h +1 -1
  1568. data/src/core/load_balancing/health_check_client_internal.h +13 -15
  1569. data/src/core/load_balancing/lb_policy.cc +11 -16
  1570. data/src/core/load_balancing/lb_policy.h +76 -51
  1571. data/src/core/load_balancing/lb_policy_factory.h +3 -4
  1572. data/src/core/load_balancing/lb_policy_registry.cc +17 -17
  1573. data/src/core/load_balancing/lb_policy_registry.h +3 -4
  1574. data/src/core/load_balancing/oob_backend_metric.cc +22 -29
  1575. data/src/core/load_balancing/oob_backend_metric.h +1 -1
  1576. data/src/core/load_balancing/oob_backend_metric_internal.h +6 -8
  1577. data/src/core/load_balancing/outlier_detection/outlier_detection.cc +193 -249
  1578. data/src/core/load_balancing/outlier_detection/outlier_detection.h +8 -9
  1579. data/src/core/load_balancing/pick_first/pick_first.cc +434 -452
  1580. data/src/core/load_balancing/priority/priority.cc +115 -159
  1581. data/src/core/load_balancing/ring_hash/ring_hash.cc +285 -240
  1582. data/src/core/load_balancing/ring_hash/ring_hash.h +9 -17
  1583. data/src/core/load_balancing/rls/rls.cc +483 -576
  1584. data/src/core/load_balancing/rls/rls.h +97 -1
  1585. data/src/core/load_balancing/round_robin/round_robin.cc +93 -114
  1586. data/src/core/load_balancing/subchannel_interface.h +15 -5
  1587. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +11 -12
  1588. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +3 -4
  1589. data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +180 -196
  1590. data/src/core/load_balancing/weighted_target/weighted_target.cc +87 -131
  1591. data/src/core/load_balancing/weighted_target/weighted_target.h +1 -1
  1592. data/src/core/load_balancing/xds/cds.cc +75 -103
  1593. data/src/core/load_balancing/xds/xds_cluster_impl.cc +202 -180
  1594. data/src/core/load_balancing/xds/xds_cluster_manager.cc +63 -104
  1595. data/src/core/load_balancing/xds/xds_override_host.cc +168 -277
  1596. data/src/core/load_balancing/xds/xds_override_host.h +5 -6
  1597. data/src/core/load_balancing/xds/xds_wrr_locality.cc +46 -59
  1598. data/src/core/plugin_registry/grpc_plugin_registry.cc +14 -17
  1599. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +7 -5
  1600. data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +101 -79
  1601. data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +1 -2
  1602. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +3 -5
  1603. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +6 -9
  1604. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +153 -134
  1605. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +176 -161
  1606. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +7 -18
  1607. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_posix.cc +1 -1
  1608. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +2 -2
  1609. data/src/core/resolver/dns/dns_resolver_plugin.cc +11 -13
  1610. data/src/core/resolver/dns/dns_resolver_plugin.h +1 -1
  1611. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +66 -78
  1612. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +2 -3
  1613. data/src/core/resolver/dns/event_engine/service_config_helper.cc +8 -10
  1614. data/src/core/resolver/dns/native/dns_resolver.cc +22 -32
  1615. data/src/core/resolver/dns/native/dns_resolver.h +1 -1
  1616. data/src/core/resolver/endpoint_addresses.cc +5 -8
  1617. data/src/core/resolver/endpoint_addresses.h +3 -1
  1618. data/src/core/resolver/fake/fake_resolver.cc +20 -23
  1619. data/src/core/resolver/fake/fake_resolver.h +8 -10
  1620. data/src/core/resolver/google_c2p/google_c2p_resolver.cc +38 -43
  1621. data/src/core/resolver/polling_resolver.cc +44 -63
  1622. data/src/core/resolver/polling_resolver.h +9 -11
  1623. data/src/core/resolver/resolver.cc +3 -7
  1624. data/src/core/resolver/resolver.h +2 -8
  1625. data/src/core/resolver/resolver_factory.h +2 -3
  1626. data/src/core/resolver/resolver_registry.cc +14 -15
  1627. data/src/core/resolver/resolver_registry.h +2 -3
  1628. data/src/core/resolver/sockaddr/sockaddr_resolver.cc +6 -8
  1629. data/src/core/resolver/xds/xds_config.cc +95 -0
  1630. data/src/core/resolver/xds/xds_config.h +108 -0
  1631. data/src/core/resolver/xds/xds_dependency_manager.cc +268 -344
  1632. data/src/core/resolver/xds/xds_dependency_manager.h +39 -94
  1633. data/src/core/resolver/xds/xds_resolver.cc +205 -232
  1634. data/src/core/resolver/xds/xds_resolver_attributes.h +6 -3
  1635. data/src/core/server/server.cc +2192 -0
  1636. data/src/core/server/server.h +718 -0
  1637. data/src/core/server/server_call_tracer_filter.cc +113 -0
  1638. data/src/core/server/server_call_tracer_filter.h +28 -0
  1639. data/src/core/server/server_config_selector.h +82 -0
  1640. data/src/core/server/server_config_selector_filter.cc +168 -0
  1641. data/src/core/server/server_config_selector_filter.h +33 -0
  1642. data/src/core/server/server_interface.h +45 -0
  1643. data/src/core/server/xds_channel_stack_modifier.cc +107 -0
  1644. data/src/core/server/xds_channel_stack_modifier.h +62 -0
  1645. data/src/core/server/xds_server_config_fetcher.cc +1318 -0
  1646. data/src/core/service_config/service_config.h +3 -6
  1647. data/src/core/service_config/service_config_call_data.h +20 -19
  1648. data/src/core/service_config/service_config_channel_arg_filter.cc +24 -33
  1649. data/src/core/service_config/service_config_impl.cc +12 -14
  1650. data/src/core/service_config/service_config_impl.h +6 -9
  1651. data/src/core/service_config/service_config_parser.cc +4 -9
  1652. data/src/core/service_config/service_config_parser.h +2 -4
  1653. data/src/core/telemetry/call_tracer.cc +384 -0
  1654. data/src/core/telemetry/call_tracer.h +264 -0
  1655. data/src/core/telemetry/histogram_view.cc +69 -0
  1656. data/src/core/telemetry/histogram_view.h +36 -0
  1657. data/src/core/telemetry/metrics.cc +198 -0
  1658. data/src/core/telemetry/metrics.h +575 -0
  1659. data/src/core/telemetry/stats.cc +67 -0
  1660. data/src/core/telemetry/stats.h +62 -0
  1661. data/src/core/telemetry/stats_data.cc +1004 -0
  1662. data/src/core/telemetry/stats_data.h +747 -0
  1663. data/src/core/telemetry/tcp_tracer.h +149 -0
  1664. data/src/core/transport/auth_context.cc +236 -0
  1665. data/src/core/transport/auth_context.h +140 -0
  1666. data/src/core/tsi/alts/crypt/aes_gcm.cc +4 -8
  1667. data/src/core/tsi/alts/crypt/gsec.cc +2 -4
  1668. data/src/core/tsi/alts/crypt/gsec.h +3 -5
  1669. data/src/core/tsi/alts/frame_protector/alts_counter.cc +2 -4
  1670. data/src/core/tsi/alts/frame_protector/alts_counter.h +2 -4
  1671. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +2 -4
  1672. data/src/core/tsi/alts/frame_protector/alts_crypter.h +1 -3
  1673. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +16 -19
  1674. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +0 -1
  1675. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.cc +1 -2
  1676. data/src/core/tsi/alts/frame_protector/alts_record_protocol_crypter_common.h +1 -2
  1677. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +2 -3
  1678. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +2 -3
  1679. data/src/core/tsi/alts/frame_protector/frame_handler.cc +11 -13
  1680. data/src/core/tsi/alts/frame_protector/frame_handler.h +0 -1
  1681. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +80 -84
  1682. data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +1 -2
  1683. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +5 -6
  1684. data/src/core/tsi/alts/handshaker/alts_shared_resource.h +2 -3
  1685. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +90 -90
  1686. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +2 -3
  1687. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +6 -5
  1688. data/src/core/tsi/alts/handshaker/alts_tsi_utils.h +1 -2
  1689. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +17 -24
  1690. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +4 -6
  1691. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +17 -19
  1692. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +0 -1
  1693. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +12 -14
  1694. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +0 -1
  1695. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol.h +1 -2
  1696. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +16 -14
  1697. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +3 -6
  1698. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +0 -1
  1699. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +13 -16
  1700. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +0 -1
  1701. data/src/core/tsi/fake_transport_security.cc +36 -34
  1702. data/src/core/tsi/local_transport_security.cc +9 -11
  1703. data/src/core/tsi/local_transport_security.h +1 -2
  1704. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +13 -15
  1705. data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +7 -10
  1706. data/src/core/tsi/ssl/session_cache/ssl_session.h +3 -5
  1707. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +16 -17
  1708. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +8 -10
  1709. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +4 -7
  1710. data/src/core/tsi/ssl_transport_security.cc +155 -132
  1711. data/src/core/tsi/ssl_transport_security.h +5 -8
  1712. data/src/core/tsi/ssl_transport_security_utils.cc +86 -32
  1713. data/src/core/tsi/ssl_transport_security_utils.h +13 -5
  1714. data/src/core/tsi/ssl_types.h +0 -1
  1715. data/src/core/tsi/transport_security.cc +3 -9
  1716. data/src/core/tsi/transport_security.h +0 -3
  1717. data/src/core/tsi/transport_security_grpc.cc +2 -2
  1718. data/src/core/tsi/transport_security_grpc.h +1 -2
  1719. data/src/core/tsi/transport_security_interface.h +2 -7
  1720. data/src/core/util/alloc.cc +69 -0
  1721. data/src/core/util/alloc.h +28 -0
  1722. data/src/core/util/atomic_utils.h +47 -0
  1723. data/src/core/util/avl.h +324 -0
  1724. data/src/core/util/backoff.cc +57 -0
  1725. data/src/core/util/backoff.h +86 -0
  1726. data/src/core/util/bitset.h +224 -0
  1727. data/src/core/util/check_class_size.h +48 -0
  1728. data/src/core/util/chunked_vector.h +256 -0
  1729. data/src/core/util/construct_destruct.h +41 -0
  1730. data/src/core/util/cpp_impl_of.h +49 -0
  1731. data/src/core/util/crash.cc +40 -0
  1732. data/src/core/util/crash.h +36 -0
  1733. data/src/core/util/debug_location.h +106 -0
  1734. data/src/core/util/directory_reader.h +48 -0
  1735. data/src/core/util/down_cast.h +48 -0
  1736. data/src/core/util/dual_ref_counted.h +376 -0
  1737. data/src/core/util/dump_args.cc +54 -0
  1738. data/src/core/util/dump_args.h +114 -0
  1739. data/src/core/util/env.h +52 -0
  1740. data/src/core/util/event_log.cc +87 -0
  1741. data/src/core/util/event_log.h +79 -0
  1742. data/src/core/util/examine_stack.cc +43 -0
  1743. data/src/core/util/examine_stack.h +44 -0
  1744. data/src/core/util/fork.cc +241 -0
  1745. data/src/core/util/fork.h +98 -0
  1746. data/src/core/util/gcp_metadata_query.cc +132 -0
  1747. data/src/core/util/gcp_metadata_query.h +86 -0
  1748. data/src/core/util/gethostname.h +26 -0
  1749. data/src/core/util/gethostname_fallback.cc +30 -0
  1750. data/src/core/util/gethostname_host_name_max.cc +39 -0
  1751. data/src/core/util/gethostname_sysconf.cc +39 -0
  1752. data/src/core/util/glob.cc +70 -0
  1753. data/src/core/util/glob.h +29 -0
  1754. data/src/core/util/gpr_time.cc +266 -0
  1755. data/src/core/util/grpc_if_nametoindex.h +29 -0
  1756. data/src/core/util/grpc_if_nametoindex_posix.cc +41 -0
  1757. data/src/core/util/grpc_if_nametoindex_unsupported.cc +36 -0
  1758. data/src/core/util/host_port.cc +114 -0
  1759. data/src/core/util/host_port.h +57 -0
  1760. data/src/core/util/http_client/format_request.cc +134 -0
  1761. data/src/core/util/http_client/format_request.h +37 -0
  1762. data/src/core/util/http_client/httpcli.cc +427 -0
  1763. data/src/core/util/http_client/httpcli.h +279 -0
  1764. data/src/core/util/http_client/httpcli_security_connector.cc +210 -0
  1765. data/src/core/util/http_client/httpcli_ssl_credentials.h +38 -0
  1766. data/src/core/util/http_client/parser.cc +447 -0
  1767. data/src/core/util/http_client/parser.h +126 -0
  1768. data/src/core/util/if_list.h +4530 -0
  1769. data/src/core/util/iphone/cpu.cc +43 -0
  1770. data/src/core/util/json/json.h +29 -0
  1771. data/src/core/util/json/json_args.h +34 -0
  1772. data/src/core/util/json/json_channel_args.h +42 -0
  1773. data/src/core/util/json/json_object_loader.cc +215 -0
  1774. data/src/core/util/json/json_object_loader.h +644 -0
  1775. data/src/core/util/json/json_reader.cc +953 -0
  1776. data/src/core/util/json/json_reader.h +33 -0
  1777. data/src/core/util/json/json_util.cc +101 -0
  1778. data/src/core/util/json/json_util.h +163 -0
  1779. data/src/core/util/json/json_writer.cc +337 -0
  1780. data/src/core/util/json/json_writer.h +33 -0
  1781. data/src/core/util/latent_see.cc +163 -0
  1782. data/src/core/util/latent_see.h +334 -0
  1783. data/src/core/util/linux/cpu.cc +86 -0
  1784. data/src/core/util/linux/env.cc +61 -0
  1785. data/src/core/util/load_file.cc +87 -0
  1786. data/src/core/util/load_file.h +33 -0
  1787. data/src/core/util/log.cc +127 -0
  1788. data/src/core/util/lru_cache.h +122 -0
  1789. data/src/core/util/manual_constructor.h +145 -0
  1790. data/src/core/util/match.h +74 -0
  1791. data/src/core/util/matchers.cc +336 -0
  1792. data/src/core/util/matchers.h +162 -0
  1793. data/src/core/util/memory.h +52 -0
  1794. data/src/core/util/mpscq.cc +108 -0
  1795. data/src/core/util/mpscq.h +98 -0
  1796. data/src/core/util/msys/tmpfile.cc +57 -0
  1797. data/src/core/util/no_destruct.h +95 -0
  1798. data/src/core/util/notification.h +66 -0
  1799. data/src/core/util/orphanable.h +153 -0
  1800. data/src/core/util/overload.h +59 -0
  1801. data/src/core/util/packed_table.h +40 -0
  1802. data/src/core/util/per_cpu.cc +34 -0
  1803. data/src/core/util/per_cpu.h +102 -0
  1804. data/src/core/util/posix/cpu.cc +83 -0
  1805. data/src/core/util/posix/directory_reader.cc +82 -0
  1806. data/src/core/util/posix/env.cc +47 -0
  1807. data/src/core/util/posix/stat.cc +54 -0
  1808. data/src/core/util/posix/string.cc +71 -0
  1809. data/src/core/util/posix/sync.cc +157 -0
  1810. data/src/core/util/posix/thd.cc +243 -0
  1811. data/src/core/util/posix/time.cc +122 -0
  1812. data/src/core/util/posix/tmpfile.cc +71 -0
  1813. data/src/core/util/random_early_detection.cc +33 -0
  1814. data/src/core/util/random_early_detection.h +61 -0
  1815. data/src/core/util/ref_counted.h +403 -0
  1816. data/src/core/util/ref_counted_ptr.h +443 -0
  1817. data/src/core/util/ref_counted_string.cc +42 -0
  1818. data/src/core/util/ref_counted_string.h +159 -0
  1819. data/src/core/util/ring_buffer.h +122 -0
  1820. data/src/core/util/single_set_ptr.h +89 -0
  1821. data/src/core/util/sorted_pack.h +89 -0
  1822. data/src/core/util/spinlock.h +51 -0
  1823. data/src/core/util/stat.h +35 -0
  1824. data/src/core/util/status_helper.cc +450 -0
  1825. data/src/core/util/status_helper.h +143 -0
  1826. data/src/core/util/strerror.cc +40 -0
  1827. data/src/core/util/strerror.h +29 -0
  1828. data/src/core/util/string.cc +341 -0
  1829. data/src/core/util/string.h +110 -0
  1830. data/src/core/util/sync.cc +123 -0
  1831. data/src/core/util/sync.h +199 -0
  1832. data/src/core/util/sync_abseil.cc +106 -0
  1833. data/src/core/util/table.h +471 -0
  1834. data/src/core/util/tchar.cc +49 -0
  1835. data/src/core/util/tchar.h +33 -0
  1836. data/src/core/util/thd.h +193 -0
  1837. data/src/core/util/time.cc +240 -0
  1838. data/src/core/util/time.h +385 -0
  1839. data/src/core/util/time_averaged_stats.cc +60 -0
  1840. data/src/core/util/time_averaged_stats.h +79 -0
  1841. data/src/core/util/time_precise.cc +167 -0
  1842. data/src/core/util/time_precise.h +68 -0
  1843. data/src/core/util/time_util.cc +80 -0
  1844. data/src/core/util/time_util.h +41 -0
  1845. data/src/core/util/tmpfile.h +31 -0
  1846. data/src/core/util/type_list.h +88 -0
  1847. data/src/core/util/unique_ptr_with_bitset.h +86 -0
  1848. data/src/core/util/unique_type_name.h +123 -0
  1849. data/src/core/util/upb_utils.h +43 -0
  1850. data/src/core/util/uri.cc +378 -0
  1851. data/src/core/util/uri.h +112 -0
  1852. data/src/core/util/useful.h +153 -0
  1853. data/src/core/util/uuid_v4.cc +37 -0
  1854. data/src/core/util/uuid_v4.h +35 -0
  1855. data/src/core/util/validation_errors.cc +73 -0
  1856. data/src/core/util/validation_errors.h +144 -0
  1857. data/src/core/util/wait_for_single_owner.h +62 -0
  1858. data/src/core/util/windows/cpu.cc +34 -0
  1859. data/src/core/util/windows/directory_reader.cc +79 -0
  1860. data/src/core/util/windows/env.cc +56 -0
  1861. data/src/core/util/windows/stat.cc +50 -0
  1862. data/src/core/util/windows/string.cc +68 -0
  1863. data/src/core/util/windows/string_util.cc +53 -0
  1864. data/src/core/util/windows/sync.cc +121 -0
  1865. data/src/core/util/windows/thd.cc +182 -0
  1866. data/src/core/util/windows/time.cc +104 -0
  1867. data/src/core/util/windows/tmpfile.cc +66 -0
  1868. data/src/core/util/work_serializer.cc +298 -0
  1869. data/src/core/util/work_serializer.h +81 -0
  1870. data/src/core/util/xxhash_inline.h +29 -0
  1871. data/src/core/xds/grpc/certificate_provider_store.cc +148 -0
  1872. data/src/core/xds/grpc/certificate_provider_store.h +132 -0
  1873. data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +136 -0
  1874. data/src/core/xds/grpc/file_watcher_certificate_provider_factory.h +80 -0
  1875. data/src/core/xds/grpc/xds_audit_logger_registry.cc +123 -0
  1876. data/src/core/xds/grpc/xds_audit_logger_registry.h +67 -0
  1877. data/src/core/xds/grpc/xds_bootstrap_grpc.cc +238 -0
  1878. data/src/core/xds/grpc/xds_bootstrap_grpc.h +167 -0
  1879. data/src/core/xds/grpc/xds_certificate_provider.cc +216 -0
  1880. data/src/core/xds/grpc/xds_certificate_provider.h +116 -0
  1881. data/src/core/xds/grpc/xds_client_grpc.cc +445 -0
  1882. data/src/core/xds/grpc/xds_client_grpc.h +117 -0
  1883. data/src/core/xds/grpc/xds_cluster.cc +79 -0
  1884. data/src/core/xds/grpc/xds_cluster.h +135 -0
  1885. data/src/core/xds/grpc/xds_cluster_parser.cc +773 -0
  1886. data/src/core/xds/grpc/xds_cluster_parser.h +61 -0
  1887. data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +137 -0
  1888. data/src/core/xds/grpc/xds_cluster_specifier_plugin.h +96 -0
  1889. data/src/core/xds/grpc/xds_common_types.cc +103 -0
  1890. data/src/core/xds/grpc/xds_common_types.h +90 -0
  1891. data/src/core/xds/grpc/xds_common_types_parser.cc +501 -0
  1892. data/src/core/xds/grpc/xds_common_types_parser.h +77 -0
  1893. data/src/core/xds/grpc/xds_endpoint.cc +96 -0
  1894. data/src/core/xds/grpc/xds_endpoint.h +128 -0
  1895. data/src/core/xds/grpc/xds_endpoint_parser.cc +475 -0
  1896. data/src/core/xds/grpc/xds_endpoint_parser.h +47 -0
  1897. data/src/core/xds/grpc/xds_health_status.cc +73 -0
  1898. data/src/core/xds/grpc/xds_health_status.h +89 -0
  1899. data/src/core/xds/grpc/xds_http_fault_filter.cc +247 -0
  1900. data/src/core/xds/grpc/xds_http_fault_filter.h +63 -0
  1901. data/src/core/xds/grpc/xds_http_filter.h +134 -0
  1902. data/src/core/xds/grpc/xds_http_filter_registry.cc +122 -0
  1903. data/src/core/xds/grpc/xds_http_filter_registry.h +104 -0
  1904. data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +141 -0
  1905. data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +61 -0
  1906. data/src/core/xds/grpc/xds_http_rbac_filter.cc +609 -0
  1907. data/src/core/xds/grpc/xds_http_rbac_filter.h +63 -0
  1908. data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +230 -0
  1909. data/src/core/xds/grpc/xds_http_stateful_session_filter.h +63 -0
  1910. data/src/core/xds/grpc/xds_lb_policy_registry.cc +365 -0
  1911. data/src/core/xds/grpc/xds_lb_policy_registry.h +70 -0
  1912. data/src/core/xds/grpc/xds_listener.cc +173 -0
  1913. data/src/core/xds/grpc/xds_listener.h +203 -0
  1914. data/src/core/xds/grpc/xds_listener_parser.cc +1000 -0
  1915. data/src/core/xds/grpc/xds_listener_parser.h +60 -0
  1916. data/src/core/xds/grpc/xds_metadata.cc +62 -0
  1917. data/src/core/xds/grpc/xds_metadata.h +158 -0
  1918. data/src/core/xds/grpc/xds_metadata_parser.cc +197 -0
  1919. data/src/core/xds/grpc/xds_metadata_parser.h +35 -0
  1920. data/src/core/xds/grpc/xds_route_config.cc +276 -0
  1921. data/src/core/xds/grpc/xds_route_config.h +220 -0
  1922. data/src/core/xds/grpc/xds_route_config_parser.cc +960 -0
  1923. data/src/core/xds/grpc/xds_route_config_parser.h +77 -0
  1924. data/src/core/xds/grpc/xds_routing.cc +297 -0
  1925. data/src/core/xds/grpc/xds_routing.h +112 -0
  1926. data/src/core/xds/grpc/xds_server_grpc.cc +193 -0
  1927. data/src/core/xds/grpc/xds_server_grpc.h +76 -0
  1928. data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
  1929. data/src/core/xds/grpc/xds_transport_grpc.cc +392 -0
  1930. data/src/core/xds/grpc/xds_transport_grpc.h +151 -0
  1931. data/src/core/xds/xds_client/lrs_client.cc +1281 -0
  1932. data/src/core/xds/xds_client/lrs_client.h +394 -0
  1933. data/src/core/xds/xds_client/xds_api.cc +130 -0
  1934. data/src/core/xds/xds_client/xds_api.h +34 -0
  1935. data/src/core/xds/xds_client/xds_backend_metric_propagation.cc +63 -0
  1936. data/src/core/xds/xds_client/xds_backend_metric_propagation.h +59 -0
  1937. data/src/core/xds/xds_client/xds_bootstrap.cc +47 -0
  1938. data/src/core/xds/xds_client/xds_bootstrap.h +110 -0
  1939. data/src/core/xds/xds_client/xds_channel_args.h +32 -0
  1940. data/src/core/xds/xds_client/xds_client.cc +2017 -0
  1941. data/src/core/xds/xds_client/xds_client.h +442 -0
  1942. data/src/core/xds/xds_client/xds_locality.h +102 -0
  1943. data/src/core/xds/xds_client/xds_metrics.h +41 -0
  1944. data/src/core/xds/xds_client/xds_resource_type.h +95 -0
  1945. data/src/core/xds/xds_client/xds_resource_type_impl.h +92 -0
  1946. data/src/core/xds/xds_client/xds_transport.h +104 -0
  1947. data/src/ruby/bin/math_pb.rb +1 -22
  1948. data/src/ruby/ext/grpc/extconf.rb +2 -1
  1949. data/src/ruby/ext/grpc/rb_byte_buffer.c +3 -3
  1950. data/src/ruby/ext/grpc/rb_call.c +15 -8
  1951. data/src/ruby/ext/grpc/rb_call_credentials.c +39 -32
  1952. data/src/ruby/ext/grpc/rb_call_credentials.h +1 -0
  1953. data/src/ruby/ext/grpc/rb_channel.c +42 -36
  1954. data/src/ruby/ext/grpc/rb_channel_args.c +4 -4
  1955. data/src/ruby/ext/grpc/rb_channel_credentials.c +5 -5
  1956. data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -2
  1957. data/src/ruby/ext/grpc/rb_completion_queue.c +18 -36
  1958. data/src/ruby/ext/grpc/rb_completion_queue.h +7 -1
  1959. data/src/ruby/ext/grpc/rb_compression_options.c +9 -10
  1960. data/src/ruby/ext/grpc/rb_event_thread.c +9 -9
  1961. data/src/ruby/ext/grpc/rb_grpc.c +16 -16
  1962. data/src/ruby/ext/grpc/rb_grpc.h +8 -1
  1963. data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +136 -144
  1964. data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +205 -216
  1965. data/src/ruby/ext/grpc/rb_server.c +47 -27
  1966. data/src/ruby/ext/grpc/rb_server_credentials.c +4 -3
  1967. data/src/ruby/ext/grpc/rb_server_credentials.h +2 -2
  1968. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +5 -5
  1969. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +1 -2
  1970. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +5 -4
  1971. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +2 -2
  1972. data/src/ruby/lib/grpc/generic/active_call.rb +8 -5
  1973. data/src/ruby/lib/grpc/logconfig.rb +13 -0
  1974. data/src/ruby/lib/grpc/version.rb +1 -1
  1975. data/src/ruby/pb/grpc/health/v1/health_pb.rb +1 -22
  1976. data/src/ruby/pb/grpc/testing/duplicate/echo_duplicate_services_pb.rb +5 -5
  1977. data/src/ruby/pb/grpc/testing/metrics_pb.rb +10 -19
  1978. data/src/ruby/pb/grpc/testing/metrics_services_pb.rb +5 -5
  1979. data/src/ruby/pb/src/proto/grpc/testing/empty_pb.rb +1 -22
  1980. data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +1 -22
  1981. data/src/ruby/pb/src/proto/grpc/testing/test_pb.rb +1 -22
  1982. data/src/ruby/spec/call_spec.rb +53 -40
  1983. data/src/ruby/spec/channel_spec.rb +4 -2
  1984. data/src/ruby/spec/client_server_spec.rb +148 -507
  1985. data/src/ruby/spec/generic/active_call_spec.rb +64 -86
  1986. data/src/ruby/spec/generic/client_stub_spec.rb +20 -20
  1987. data/src/ruby/spec/logconfig_spec.rb +30 -0
  1988. data/src/ruby/spec/support/services.rb +3 -0
  1989. data/third_party/abseil-cpp/absl/algorithm/container.h +57 -18
  1990. data/third_party/abseil-cpp/absl/base/attributes.h +84 -0
  1991. data/third_party/abseil-cpp/absl/base/config.h +32 -51
  1992. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +0 -16
  1993. data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +3 -1
  1994. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +13 -3
  1995. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -12
  1996. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +4 -4
  1997. data/third_party/abseil-cpp/absl/base/macros.h +48 -0
  1998. data/third_party/abseil-cpp/absl/base/no_destructor.h +35 -40
  1999. data/third_party/abseil-cpp/absl/base/nullability.h +33 -7
  2000. data/third_party/abseil-cpp/absl/base/optimization.h +11 -0
  2001. data/third_party/abseil-cpp/absl/base/options.h +1 -1
  2002. data/third_party/abseil-cpp/absl/base/prefetch.h +1 -1
  2003. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +68 -12
  2004. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +60 -6
  2005. data/third_party/abseil-cpp/absl/container/hash_container_defaults.h +45 -0
  2006. data/third_party/abseil-cpp/absl/container/inlined_vector.h +13 -0
  2007. data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +20 -11
  2008. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +15 -16
  2009. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +34 -1
  2010. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +68 -1
  2011. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +50 -0
  2012. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +22 -7
  2013. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +26 -8
  2014. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +39 -35
  2015. data/third_party/abseil-cpp/absl/container/internal/layout.h +190 -74
  2016. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +8 -6
  2017. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +334 -71
  2018. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1299 -458
  2019. data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +19 -17
  2020. data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +4 -3
  2021. data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +2 -1
  2022. data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_arm_combined.cc +12 -8
  2023. data/third_party/abseil-cpp/absl/crc/internal/crc_non_temporal_memcpy.cc +1 -1
  2024. data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +11 -7
  2025. data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +18 -17
  2026. data/third_party/abseil-cpp/absl/debugging/internal/bounded_utf8_length_sequence.h +126 -0
  2027. data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.cc +258 -0
  2028. data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.h +55 -0
  2029. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1057 -86
  2030. data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +3 -0
  2031. data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.cc +925 -0
  2032. data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.h +42 -0
  2033. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +43 -16
  2034. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +8 -7
  2035. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +10 -7
  2036. data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.cc +70 -0
  2037. data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.h +47 -0
  2038. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +11 -0
  2039. data/third_party/abseil-cpp/absl/flags/flag.h +2 -0
  2040. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +117 -30
  2041. data/third_party/abseil-cpp/absl/flags/internal/flag.h +192 -30
  2042. data/third_party/abseil-cpp/absl/flags/reflection.cc +10 -0
  2043. data/third_party/abseil-cpp/absl/functional/any_invocable.h +13 -3
  2044. data/third_party/abseil-cpp/absl/functional/bind_front.h +3 -2
  2045. data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +7 -7
  2046. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +9 -9
  2047. data/third_party/abseil-cpp/absl/hash/internal/hash.cc +1 -1
  2048. data/third_party/abseil-cpp/absl/hash/internal/hash.h +13 -3
  2049. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +60 -28
  2050. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +4 -0
  2051. data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +3 -3
  2052. data/third_party/abseil-cpp/absl/log/check.h +209 -0
  2053. data/third_party/abseil-cpp/absl/log/globals.h +28 -15
  2054. data/third_party/abseil-cpp/absl/log/internal/check_impl.h +150 -0
  2055. data/third_party/abseil-cpp/absl/log/internal/check_op.cc +138 -0
  2056. data/third_party/abseil-cpp/absl/log/internal/check_op.h +462 -0
  2057. data/third_party/abseil-cpp/absl/log/internal/conditions.h +2 -2
  2058. data/third_party/abseil-cpp/absl/log/internal/log_impl.h +23 -23
  2059. data/third_party/abseil-cpp/absl/log/internal/log_message.cc +104 -47
  2060. data/third_party/abseil-cpp/absl/log/internal/log_message.h +23 -4
  2061. data/third_party/abseil-cpp/absl/log/internal/nullstream.h +1 -10
  2062. data/third_party/abseil-cpp/absl/log/internal/strip.h +36 -0
  2063. data/third_party/abseil-cpp/absl/log/log.h +5 -1
  2064. data/third_party/abseil-cpp/absl/log/log_sink.h +11 -4
  2065. data/third_party/abseil-cpp/absl/log/vlog_is_on.h +3 -3
  2066. data/third_party/abseil-cpp/absl/meta/type_traits.h +138 -42
  2067. data/third_party/abseil-cpp/absl/numeric/int128.cc +0 -3
  2068. data/third_party/abseil-cpp/absl/numeric/int128.h +35 -5
  2069. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +14 -0
  2070. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +18 -0
  2071. data/third_party/abseil-cpp/absl/numeric/internal/bits.h +6 -2
  2072. data/third_party/abseil-cpp/absl/random/beta_distribution.h +8 -8
  2073. data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +9 -7
  2074. data/third_party/abseil-cpp/absl/random/distributions.h +11 -11
  2075. data/third_party/abseil-cpp/absl/random/seed_sequences.h +2 -0
  2076. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +61 -2
  2077. data/third_party/abseil-cpp/absl/status/status.cc +0 -4
  2078. data/third_party/abseil-cpp/absl/status/status.h +4 -4
  2079. data/third_party/abseil-cpp/absl/status/statusor.h +108 -142
  2080. data/third_party/abseil-cpp/absl/strings/ascii.cc +32 -71
  2081. data/third_party/abseil-cpp/absl/strings/cord.cc +20 -15
  2082. data/third_party/abseil-cpp/absl/strings/cord.h +68 -7
  2083. data/third_party/abseil-cpp/absl/strings/escaping.cc +96 -21
  2084. data/third_party/abseil-cpp/absl/strings/escaping.h +25 -8
  2085. data/third_party/abseil-cpp/absl/strings/has_absl_stringify.h +1 -0
  2086. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +10 -0
  2087. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +29 -9
  2088. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +2 -2
  2089. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +19 -13
  2090. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +23 -13
  2091. data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +24 -24
  2092. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +12 -7
  2093. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +9 -4
  2094. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +5 -2
  2095. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +23 -2
  2096. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +5 -1
  2097. data/third_party/abseil-cpp/absl/strings/numbers.cc +107 -333
  2098. data/third_party/abseil-cpp/absl/strings/numbers.h +12 -151
  2099. data/third_party/abseil-cpp/absl/strings/str_cat.cc +49 -142
  2100. data/third_party/abseil-cpp/absl/strings/str_cat.h +70 -85
  2101. data/third_party/abseil-cpp/absl/strings/str_format.h +1 -1
  2102. data/third_party/abseil-cpp/absl/strings/str_join.h +19 -5
  2103. data/third_party/abseil-cpp/absl/strings/str_split.h +2 -2
  2104. data/third_party/abseil-cpp/absl/strings/string_view.h +3 -2
  2105. data/third_party/abseil-cpp/absl/strings/substitute.cc +4 -0
  2106. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -2
  2107. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +5 -0
  2108. data/third_party/abseil-cpp/absl/synchronization/mutex.h +5 -4
  2109. data/third_party/abseil-cpp/absl/time/civil_time.h +2 -2
  2110. data/third_party/abseil-cpp/absl/time/clock.cc +15 -1
  2111. data/third_party/abseil-cpp/absl/time/duration.cc +58 -53
  2112. data/third_party/abseil-cpp/absl/time/format.cc +2 -1
  2113. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
  2114. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +0 -29
  2115. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +3 -3
  2116. data/third_party/abseil-cpp/absl/time/time.h +73 -29
  2117. data/third_party/abseil-cpp/absl/types/compare.h +505 -0
  2118. data/third_party/abseil-cpp/absl/types/internal/optional.h +2 -2
  2119. data/third_party/abseil-cpp/absl/types/internal/variant.h +55 -67
  2120. data/third_party/abseil-cpp/absl/types/optional.h +15 -18
  2121. data/third_party/abseil-cpp/absl/types/span.h +3 -2
  2122. data/third_party/abseil-cpp/absl/types/variant.h +19 -24
  2123. data/third_party/abseil-cpp/absl/utility/utility.h +3 -41
  2124. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +243 -0
  2125. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +53 -0
  2126. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +47 -0
  2127. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +42 -0
  2128. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +109 -0
  2129. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +43 -0
  2130. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +424 -0
  2131. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +239 -0
  2132. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +193 -0
  2133. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +32 -0
  2134. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +415 -0
  2135. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +206 -0
  2136. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +224 -0
  2137. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +172 -0
  2138. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +109 -0
  2139. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +355 -0
  2140. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +61 -0
  2141. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +56 -0
  2142. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +63 -0
  2143. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +52 -0
  2144. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
  2145. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +241 -0
  2146. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +932 -0
  2147. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +669 -0
  2148. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +164 -0
  2149. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +276 -0
  2150. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +84 -0
  2151. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +229 -0
  2152. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +434 -0
  2153. data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +119 -0
  2154. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +658 -0
  2155. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +268 -0
  2156. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +511 -0
  2157. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +50 -0
  2158. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +193 -0
  2159. data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +292 -0
  2160. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +152 -0
  2161. data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
  2162. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +446 -0
  2163. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +59 -0
  2164. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +147 -0
  2165. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +133 -0
  2166. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +169 -0
  2167. data/third_party/boringssl-with-bazel/src/crypto/bn/bn_asn1.cc +57 -0
  2168. data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +423 -0
  2169. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +118 -0
  2170. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +53 -0
  2171. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +266 -0
  2172. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +702 -0
  2173. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +912 -0
  2174. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
  2175. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +156 -0
  2176. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +224 -0
  2177. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +36 -32
  2178. data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
  2179. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesctrhmac.cc +279 -0
  2180. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +845 -0
  2181. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_chacha20poly1305.cc +341 -0
  2182. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_des.cc +198 -0
  2183. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
  2184. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc2.cc +417 -0
  2185. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
  2186. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_tls.cc +599 -0
  2187. data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
  2188. data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +240 -0
  2189. data/third_party/boringssl-with-bazel/src/crypto/cipher/tls_cbc.cc +476 -0
  2190. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +631 -0
  2191. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
  2192. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +73 -0
  2193. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +53 -0
  2194. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +60 -0
  2195. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +59 -0
  2196. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +92 -0
  2197. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +39 -0
  2198. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +53 -0
  2199. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +150 -0
  2200. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
  2201. data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +287 -0
  2202. data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +181 -0
  2203. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +2154 -0
  2204. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +18 -0
  2205. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
  2206. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
  2207. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +529 -0
  2208. data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +829 -0
  2209. data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
  2210. data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
  2211. data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +442 -0
  2212. data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +306 -0
  2213. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +951 -0
  2214. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +379 -0
  2215. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -13
  2216. data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +570 -0
  2217. data/third_party/boringssl-with-bazel/src/crypto/ec/ec_derive.cc +96 -0
  2218. data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +510 -0
  2219. data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +78 -0
  2220. data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
  2221. data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +357 -0
  2222. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +95 -0
  2223. data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +810 -0
  2224. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
  2225. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +379 -0
  2226. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +471 -0
  2227. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +440 -0
  2228. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +20 -55
  2229. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +153 -0
  2230. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +142 -0
  2231. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +279 -0
  2232. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +230 -0
  2233. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +286 -0
  2234. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +103 -0
  2235. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +225 -0
  2236. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +236 -0
  2237. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +609 -0
  2238. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +198 -0
  2239. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +109 -0
  2240. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +237 -0
  2241. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +98 -0
  2242. data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +342 -0
  2243. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +216 -0
  2244. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +114 -0
  2245. data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +141 -0
  2246. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +191 -0
  2247. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +1281 -0
  2248. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cbc.cc.inc +130 -0
  2249. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cfb.cc.inc +166 -0
  2250. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
  2251. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +604 -0
  2252. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm_nohw.cc.inc +302 -0
  2253. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +450 -75
  2254. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +208 -0
  2255. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +84 -0
  2256. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
  2257. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +89 -0
  2258. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +282 -0
  2259. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +729 -0
  2260. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +269 -0
  2261. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +554 -0
  2262. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +374 -0
  2263. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +225 -0
  2264. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +159 -0
  2265. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +191 -0
  2266. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +825 -0
  2267. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +87 -0
  2268. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +1227 -0
  2269. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +300 -0
  2270. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +339 -0
  2271. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +582 -0
  2272. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +52 -151
  2273. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +108 -0
  2274. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +430 -0
  2275. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +222 -0
  2276. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +698 -0
  2277. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +980 -0
  2278. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +260 -0
  2279. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +142 -0
  2280. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
  2281. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +320 -0
  2282. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +459 -0
  2283. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +295 -0
  2284. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +672 -0
  2285. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +1242 -0
  2286. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +409 -0
  2287. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -68
  2288. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +288 -0
  2289. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +26 -22
  2290. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +203 -0
  2291. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +443 -0
  2292. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -15
  2293. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +250 -0
  2294. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +178 -0
  2295. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
  2296. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
  2297. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +226 -0
  2298. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
  2299. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +986 -0
  2300. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +501 -0
  2301. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +439 -0
  2302. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +104 -0
  2303. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
  2304. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +306 -0
  2305. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +1163 -0
  2306. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
  2307. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +741 -0
  2308. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +87 -25
  2309. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +749 -0
  2310. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
  2311. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +179 -0
  2312. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +284 -0
  2313. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +269 -0
  2314. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +255 -0
  2315. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +221 -0
  2316. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +88 -0
  2317. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +278 -0
  2318. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +41 -24
  2319. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +28 -0
  2320. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +112 -0
  2321. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +215 -0
  2322. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +70 -0
  2323. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/keccak.cc.inc +279 -0
  2324. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
  2325. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
  2326. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +214 -0
  2327. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +19 -104
  2328. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +483 -0
  2329. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +147 -0
  2330. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
  2331. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +379 -0
  2332. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +983 -0
  2333. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +1296 -0
  2334. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +129 -0
  2335. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +1042 -0
  2336. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +36 -36
  2337. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +327 -0
  2338. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +109 -74
  2339. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +390 -0
  2340. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +299 -0
  2341. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +473 -0
  2342. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/address.h +119 -0
  2343. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.cc.inc +169 -0
  2344. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
  2345. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.cc.inc +161 -0
  2346. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
  2347. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/params.h +78 -0
  2348. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
  2349. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
  2350. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
  2351. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.cc.inc +171 -0
  2352. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
  2353. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
  2354. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +180 -0
  2355. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +1095 -0
  2356. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +2185 -0
  2357. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
  2358. data/third_party/boringssl-with-bazel/src/crypto/internal.h +366 -459
  2359. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +14 -14
  2360. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +869 -0
  2361. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
  2362. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +309 -0
  2363. data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +194 -0
  2364. data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +37 -0
  2365. data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +243 -0
  2366. data/third_party/boringssl-with-bazel/src/crypto/mem.cc +583 -0
  2367. data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +90 -0
  2368. data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +152 -0
  2369. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +519 -0
  2370. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +18 -57
  2371. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +80 -0
  2372. data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
  2373. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +149 -0
  2374. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +254 -0
  2375. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +741 -0
  2376. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +45 -0
  2377. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +208 -0
  2378. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +141 -0
  2379. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +22 -0
  2380. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +22 -0
  2381. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
  2382. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +193 -0
  2383. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +526 -0
  2384. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -54
  2385. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +275 -0
  2386. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +487 -0
  2387. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +1304 -0
  2388. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
  2389. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +314 -0
  2390. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +310 -0
  2391. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +850 -0
  2392. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
  2393. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +262 -0
  2394. data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +65 -0
  2395. data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +194 -0
  2396. data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
  2397. data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +60 -0
  2398. data/third_party/boringssl-with-bazel/src/crypto/rand/getrandom_fillin.h +64 -0
  2399. data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
  2400. data/third_party/boringssl-with-bazel/src/crypto/rand/passive.cc +178 -0
  2401. data/third_party/boringssl-with-bazel/src/crypto/rand/rand.cc +77 -0
  2402. data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
  2403. data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
  2404. data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +328 -0
  2405. data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +102 -0
  2406. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +56 -0
  2407. data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +59 -0
  2408. data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
  2409. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_asn1.cc +283 -0
  2410. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +531 -0
  2411. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
  2412. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
  2413. data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
  2414. data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
  2415. data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
  2416. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +79 -0
  2417. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +113 -0
  2418. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
  2419. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
  2420. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +496 -0
  2421. data/third_party/boringssl-with-bazel/src/crypto/thread.cc +68 -0
  2422. data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +51 -0
  2423. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +151 -0
  2424. data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +240 -0
  2425. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
  2426. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +1656 -0
  2427. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +685 -0
  2428. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +1263 -0
  2429. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +52 -0
  2430. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +97 -0
  2431. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +74 -0
  2432. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +136 -0
  2433. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +542 -0
  2434. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +355 -0
  2435. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +227 -0
  2436. data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
  2437. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +37 -0
  2438. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +17 -62
  2439. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +185 -0
  2440. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +796 -0
  2441. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +364 -0
  2442. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +103 -0
  2443. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +203 -0
  2444. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +287 -0
  2445. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +79 -0
  2446. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +181 -0
  2447. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +31 -0
  2448. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +593 -0
  2449. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +95 -0
  2450. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +102 -0
  2451. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +374 -0
  2452. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +444 -0
  2453. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +557 -0
  2454. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +73 -0
  2455. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +114 -0
  2456. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +228 -0
  2457. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +79 -0
  2458. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +164 -0
  2459. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +81 -0
  2460. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +304 -0
  2461. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +514 -0
  2462. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +89 -0
  2463. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +101 -0
  2464. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +109 -0
  2465. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +183 -0
  2466. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +590 -0
  2467. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +131 -0
  2468. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +1342 -0
  2469. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +47 -0
  2470. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +186 -0
  2471. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +238 -0
  2472. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +66 -0
  2473. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +44 -0
  2474. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +139 -0
  2475. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +554 -0
  2476. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +164 -0
  2477. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +257 -0
  2478. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +198 -0
  2479. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +118 -0
  2480. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +147 -0
  2481. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +249 -0
  2482. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +1600 -0
  2483. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +440 -0
  2484. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +235 -0
  2485. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +365 -0
  2486. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +67 -0
  2487. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +91 -0
  2488. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +107 -0
  2489. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +318 -0
  2490. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +55 -0
  2491. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +342 -0
  2492. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +36 -0
  2493. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +492 -0
  2494. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +170 -0
  2495. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +74 -0
  2496. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +51 -0
  2497. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +34 -0
  2498. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +28 -0
  2499. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +506 -0
  2500. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +169 -0
  2501. data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +1529 -0
  2502. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
  2503. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
  2504. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +16 -76
  2505. data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
  2506. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +37 -63
  2507. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
  2508. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +248 -328
  2509. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +32 -55
  2510. data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
  2511. data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
  2512. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +98 -97
  2513. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
  2514. data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
  2515. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +28 -130
  2516. data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
  2517. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
  2518. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +43 -20
  2519. data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
  2520. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
  2521. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
  2522. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
  2523. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
  2524. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
  2525. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +35 -25
  2526. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
  2527. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
  2528. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
  2529. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +34 -56
  2530. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -56
  2531. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +27 -61
  2532. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
  2533. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
  2534. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
  2535. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +31 -72
  2536. data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
  2537. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
  2538. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
  2539. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +26 -107
  2540. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +39 -70
  2541. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +14 -55
  2542. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +28 -110
  2543. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +146 -0
  2544. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
  2545. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
  2546. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +21 -19
  2547. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
  2548. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
  2549. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
  2550. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
  2551. data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
  2552. data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
  2553. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
  2554. data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +130 -0
  2555. data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +222 -0
  2556. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +30 -69
  2557. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +15 -57
  2558. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
  2559. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
  2560. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
  2561. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
  2562. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
  2563. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +88 -117
  2564. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
  2565. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
  2566. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
  2567. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
  2568. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
  2569. data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
  2570. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +32 -23
  2571. data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
  2572. data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
  2573. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +23 -63
  2574. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
  2575. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +15 -15
  2576. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +15 -95
  2577. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
  2578. data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +174 -0
  2579. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +60 -32
  2580. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
  2581. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +723 -369
  2582. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +15 -114
  2583. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +23 -58
  2584. data/third_party/boringssl-with-bazel/src/include/openssl/target.h +36 -23
  2585. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +15 -57
  2586. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
  2587. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +29 -158
  2588. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
  2589. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
  2590. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +2951 -2520
  2591. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
  2592. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
  2593. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
  2594. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +15 -14
  2595. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +684 -441
  2596. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +129 -168
  2597. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +177 -127
  2598. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +21 -127
  2599. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +112 -97
  2600. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +456 -222
  2601. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +57 -56
  2602. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +736 -530
  2603. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +67 -74
  2604. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +78 -160
  2605. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +283 -332
  2606. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +242 -324
  2607. data/third_party/boringssl-with-bazel/src/ssl/internal.h +1220 -648
  2608. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +88 -170
  2609. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +29 -160
  2610. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +39 -113
  2611. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +103 -111
  2612. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +52 -145
  2613. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +22 -24
  2614. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +155 -521
  2615. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +239 -373
  2616. data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +609 -0
  2617. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +15 -111
  2618. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +129 -33
  2619. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +289 -389
  2620. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +147 -169
  2621. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +104 -247
  2622. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +17 -91
  2623. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +109 -157
  2624. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +48 -28
  2625. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +104 -301
  2626. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -176
  2627. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +79 -69
  2628. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +187 -88
  2629. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +296 -163
  2630. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +290 -116
  2631. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +64 -117
  2632. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +55 -157
  2633. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
  2634. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
  2635. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
  2636. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
  2637. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
  2638. data/third_party/upb/upb/base/internal/log2.h +3 -1
  2639. data/third_party/upb/upb/base/string_view.h +11 -1
  2640. data/third_party/upb/upb/hash/common.c +5 -1
  2641. data/third_party/upb/upb/json/decode.c +60 -13
  2642. data/third_party/upb/upb/json/decode.h +25 -3
  2643. data/third_party/upb/upb/json/encode.c +2 -2
  2644. data/third_party/upb/upb/lex/round_trip.c +10 -0
  2645. data/third_party/upb/upb/mem/alloc.h +5 -0
  2646. data/third_party/upb/upb/mem/arena.c +355 -125
  2647. data/third_party/upb/upb/mem/arena.h +66 -19
  2648. data/third_party/upb/upb/mem/arena.hpp +9 -21
  2649. data/third_party/upb/upb/mem/internal/arena.h +10 -9
  2650. data/third_party/upb/upb/message/accessors.c +6 -7
  2651. data/third_party/upb/upb/message/accessors.h +227 -376
  2652. data/third_party/upb/upb/message/array.c +26 -3
  2653. data/third_party/upb/upb/message/array.h +17 -9
  2654. data/third_party/upb/upb/message/compat.c +13 -16
  2655. data/third_party/upb/upb/message/compat.h +7 -6
  2656. data/third_party/upb/upb/message/copy.c +56 -48
  2657. data/third_party/upb/upb/message/internal/accessors.h +748 -57
  2658. data/third_party/upb/upb/message/internal/array.h +23 -15
  2659. data/third_party/upb/upb/message/internal/extension.c +34 -31
  2660. data/third_party/upb/upb/message/internal/extension.h +29 -16
  2661. data/third_party/upb/upb/message/internal/iterator.c +58 -0
  2662. data/third_party/upb/upb/message/internal/iterator.h +29 -0
  2663. data/third_party/upb/upb/message/internal/map.h +17 -3
  2664. data/third_party/upb/upb/message/internal/map_sorter.h +4 -4
  2665. data/third_party/upb/upb/message/internal/message.c +64 -29
  2666. data/third_party/upb/upb/message/internal/message.h +165 -24
  2667. data/third_party/upb/upb/message/internal/tagged_ptr.h +5 -5
  2668. data/third_party/upb/upb/message/internal/types.h +41 -1
  2669. data/third_party/upb/upb/message/map.c +25 -0
  2670. data/third_party/upb/upb/message/map.h +11 -7
  2671. data/third_party/upb/upb/message/map_sorter.c +20 -8
  2672. data/third_party/upb/upb/message/merge.c +38 -0
  2673. data/third_party/upb/upb/message/merge.h +26 -0
  2674. data/third_party/upb/upb/message/message.c +166 -35
  2675. data/third_party/upb/upb/message/message.h +74 -3
  2676. data/third_party/upb/upb/message/tagged_ptr.h +4 -8
  2677. data/third_party/upb/upb/message/value.h +35 -0
  2678. data/third_party/upb/upb/mini_descriptor/build_enum.c +4 -4
  2679. data/third_party/upb/upb/mini_descriptor/build_enum.h +6 -14
  2680. data/third_party/upb/upb/mini_descriptor/decode.c +114 -137
  2681. data/third_party/upb/upb/mini_descriptor/decode.h +4 -3
  2682. data/third_party/upb/upb/mini_descriptor/internal/encode.hpp +1 -1
  2683. data/third_party/upb/upb/mini_descriptor/link.c +23 -21
  2684. data/third_party/upb/upb/mini_table/enum.h +2 -4
  2685. data/third_party/upb/upb/mini_table/extension.h +4 -12
  2686. data/third_party/upb/upb/mini_table/extension_registry.c +41 -11
  2687. data/third_party/upb/upb/mini_table/extension_registry.h +30 -6
  2688. data/third_party/upb/upb/mini_table/field.h +12 -38
  2689. data/third_party/upb/upb/mini_table/file.h +6 -19
  2690. data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
  2691. data/third_party/upb/upb/mini_table/internal/extension.h +18 -9
  2692. data/third_party/upb/upb/mini_table/internal/field.h +23 -23
  2693. data/third_party/upb/upb/mini_table/internal/file.h +7 -7
  2694. data/third_party/upb/upb/mini_table/internal/message.c +21 -1
  2695. data/third_party/upb/upb/mini_table/internal/message.h +80 -36
  2696. data/third_party/upb/upb/mini_table/internal/sub.h +9 -4
  2697. data/third_party/upb/upb/mini_table/message.c +21 -13
  2698. data/third_party/upb/upb/mini_table/message.h +23 -22
  2699. data/third_party/upb/upb/mini_table/sub.h +4 -12
  2700. data/third_party/upb/upb/port/atomic.h +134 -7
  2701. data/third_party/upb/upb/port/def.inc +238 -40
  2702. data/third_party/upb/upb/port/undef.inc +18 -1
  2703. data/third_party/upb/upb/reflection/common.h +1 -11
  2704. data/third_party/upb/upb/reflection/def.hpp +39 -0
  2705. data/third_party/upb/upb/reflection/def_pool.c +10 -3
  2706. data/third_party/upb/upb/reflection/def_pool.h +2 -2
  2707. data/third_party/upb/upb/reflection/descriptor_bootstrap.h +19 -0
  2708. data/third_party/upb/upb/reflection/enum_def.c +5 -1
  2709. data/third_party/upb/upb/reflection/enum_def.h +1 -0
  2710. data/third_party/upb/upb/reflection/enum_value_def.c +3 -8
  2711. data/third_party/upb/upb/reflection/field_def.c +72 -46
  2712. data/third_party/upb/upb/reflection/field_def.h +4 -0
  2713. data/third_party/upb/upb/reflection/file_def.c +42 -9
  2714. data/third_party/upb/upb/reflection/file_def.h +3 -0
  2715. data/third_party/upb/upb/reflection/internal/def_builder.c +1 -1
  2716. data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
  2717. data/third_party/upb/upb/reflection/message.c +45 -25
  2718. data/third_party/upb/upb/reflection/message.h +5 -3
  2719. data/third_party/upb/upb/reflection/message_def.c +14 -9
  2720. data/third_party/upb/upb/reflection/method_def.h +8 -7
  2721. data/third_party/upb/upb/reflection/service_def.h +6 -5
  2722. data/third_party/upb/upb/text/encode.c +53 -401
  2723. data/third_party/upb/upb/text/encode.h +1 -11
  2724. data/third_party/upb/upb/text/internal/encode.c +199 -0
  2725. data/third_party/upb/upb/text/internal/encode.h +244 -0
  2726. data/third_party/upb/upb/text/options.h +22 -0
  2727. data/third_party/upb/upb/wire/decode.c +219 -138
  2728. data/third_party/upb/upb/wire/decode.h +19 -4
  2729. data/third_party/upb/upb/wire/encode.c +160 -84
  2730. data/third_party/upb/upb/wire/encode.h +14 -1
  2731. data/third_party/upb/upb/wire/eps_copy_input_stream.h +21 -23
  2732. data/third_party/upb/upb/wire/internal/decode_fast.c +28 -29
  2733. data/third_party/upb/upb/wire/internal/decoder.h +4 -11
  2734. data/third_party/upb/upb/wire/internal/reader.h +3 -3
  2735. data/third_party/upb/upb/wire/reader.c +1 -2
  2736. data/third_party/upb/upb/wire/reader.h +4 -8
  2737. data/third_party/utf8_range/utf8_range.c +15 -275
  2738. data/third_party/utf8_range/utf8_range_neon.inc +117 -0
  2739. data/third_party/utf8_range/utf8_range_sse.inc +272 -0
  2740. data/third_party/zlib/deflate.c +40 -15
  2741. data/third_party/zlib/deflate.h +33 -2
  2742. data/third_party/zlib/gzguts.h +2 -6
  2743. data/third_party/zlib/inflate.c +1 -1
  2744. data/third_party/zlib/inftrees.c +3 -3
  2745. data/third_party/zlib/inftrees.h +2 -2
  2746. data/third_party/zlib/trees.c +18 -4
  2747. data/third_party/zlib/zconf.h +1 -9
  2748. data/third_party/zlib/zlib.h +12 -12
  2749. data/third_party/zlib/zutil.h +4 -25
  2750. metadata +872 -764
  2751. data/include/grpc/grpc_cronet.h +0 -37
  2752. data/src/core/client_channel/client_channel_channelz.cc +0 -93
  2753. data/src/core/client_channel/client_channel_channelz.h +0 -85
  2754. data/src/core/client_channel/config_selector.cc +0 -60
  2755. data/src/core/client_channel/http_proxy_mapper.cc +0 -304
  2756. data/src/core/client_channel/http_proxy_mapper.h +0 -53
  2757. data/src/core/ext/filters/deadline/deadline_filter.cc +0 -407
  2758. data/src/core/ext/filters/deadline/deadline_filter.h +0 -85
  2759. data/src/core/ext/filters/server_config_selector/server_config_selector.h +0 -83
  2760. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.cc +0 -171
  2761. data/src/core/ext/filters/server_config_selector/server_config_selector_filter.h +0 -33
  2762. data/src/core/ext/gcp/metadata_query.cc +0 -136
  2763. data/src/core/ext/gcp/metadata_query.h +0 -87
  2764. data/src/core/ext/transport/chttp2/transport/http_trace.cc +0 -19
  2765. data/src/core/ext/transport/chttp2/transport/http_trace.h +0 -24
  2766. data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +0 -44
  2767. data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +0 -67
  2768. data/src/core/ext/transport/inproc/inproc_plugin.cc +0 -23
  2769. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -419
  2770. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -81
  2771. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -30
  2772. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -400
  2773. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -106
  2774. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -33
  2775. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -104
  2776. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -32
  2777. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -66
  2778. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -47
  2779. data/src/core/ext/xds/certificate_provider_store.cc +0 -155
  2780. data/src/core/ext/xds/certificate_provider_store.h +0 -134
  2781. data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +0 -138
  2782. data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +0 -82
  2783. data/src/core/ext/xds/upb_utils.h +0 -45
  2784. data/src/core/ext/xds/xds_api.cc +0 -572
  2785. data/src/core/ext/xds/xds_api.h +0 -189
  2786. data/src/core/ext/xds/xds_audit_logger_registry.cc +0 -123
  2787. data/src/core/ext/xds/xds_audit_logger_registry.h +0 -68
  2788. data/src/core/ext/xds/xds_bootstrap.cc +0 -38
  2789. data/src/core/ext/xds/xds_bootstrap.h +0 -88
  2790. data/src/core/ext/xds/xds_bootstrap_grpc.cc +0 -397
  2791. data/src/core/ext/xds/xds_bootstrap_grpc.h +0 -197
  2792. data/src/core/ext/xds/xds_certificate_provider.cc +0 -217
  2793. data/src/core/ext/xds/xds_certificate_provider.h +0 -116
  2794. data/src/core/ext/xds/xds_channel_args.h +0 -32
  2795. data/src/core/ext/xds/xds_channel_stack_modifier.cc +0 -107
  2796. data/src/core/ext/xds/xds_channel_stack_modifier.h +0 -64
  2797. data/src/core/ext/xds/xds_client.cc +0 -2303
  2798. data/src/core/ext/xds/xds_client.h +0 -391
  2799. data/src/core/ext/xds/xds_client_grpc.cc +0 -410
  2800. data/src/core/ext/xds/xds_client_grpc.h +0 -110
  2801. data/src/core/ext/xds/xds_client_stats.cc +0 -173
  2802. data/src/core/ext/xds/xds_client_stats.h +0 -258
  2803. data/src/core/ext/xds/xds_cluster.cc +0 -795
  2804. data/src/core/ext/xds/xds_cluster.h +0 -145
  2805. data/src/core/ext/xds/xds_cluster_specifier_plugin.cc +0 -140
  2806. data/src/core/ext/xds/xds_cluster_specifier_plugin.h +0 -97
  2807. data/src/core/ext/xds/xds_common_types.cc +0 -509
  2808. data/src/core/ext/xds/xds_common_types.h +0 -108
  2809. data/src/core/ext/xds/xds_endpoint.cc +0 -517
  2810. data/src/core/ext/xds/xds_endpoint.h +0 -150
  2811. data/src/core/ext/xds/xds_health_status.cc +0 -75
  2812. data/src/core/ext/xds/xds_health_status.h +0 -91
  2813. data/src/core/ext/xds/xds_http_fault_filter.cc +0 -238
  2814. data/src/core/ext/xds/xds_http_fault_filter.h +0 -58
  2815. data/src/core/ext/xds/xds_http_filters.cc +0 -117
  2816. data/src/core/ext/xds/xds_http_filters.h +0 -182
  2817. data/src/core/ext/xds/xds_http_rbac_filter.cc +0 -588
  2818. data/src/core/ext/xds/xds_http_rbac_filter.h +0 -58
  2819. data/src/core/ext/xds/xds_http_stateful_session_filter.cc +0 -218
  2820. data/src/core/ext/xds/xds_http_stateful_session_filter.h +0 -58
  2821. data/src/core/ext/xds/xds_lb_policy_registry.cc +0 -371
  2822. data/src/core/ext/xds/xds_lb_policy_registry.h +0 -71
  2823. data/src/core/ext/xds/xds_listener.cc +0 -1142
  2824. data/src/core/ext/xds/xds_listener.h +0 -236
  2825. data/src/core/ext/xds/xds_metrics.h +0 -39
  2826. data/src/core/ext/xds/xds_resource_type.h +0 -98
  2827. data/src/core/ext/xds/xds_resource_type_impl.h +0 -88
  2828. data/src/core/ext/xds/xds_route_config.cc +0 -1198
  2829. data/src/core/ext/xds/xds_route_config.h +0 -253
  2830. data/src/core/ext/xds/xds_routing.cc +0 -264
  2831. data/src/core/ext/xds/xds_routing.h +0 -106
  2832. data/src/core/ext/xds/xds_server_config_fetcher.cc +0 -1393
  2833. data/src/core/ext/xds/xds_transport.h +0 -89
  2834. data/src/core/ext/xds/xds_transport_grpc.cc +0 -350
  2835. data/src/core/ext/xds/xds_transport_grpc.h +0 -139
  2836. data/src/core/lib/avl/avl.h +0 -325
  2837. data/src/core/lib/backoff/backoff.cc +0 -47
  2838. data/src/core/lib/backoff/backoff.h +0 -89
  2839. data/src/core/lib/backoff/random_early_detection.cc +0 -33
  2840. data/src/core/lib/backoff/random_early_detection.h +0 -62
  2841. data/src/core/lib/channel/call_finalization.h +0 -88
  2842. data/src/core/lib/channel/call_tracer.cc +0 -364
  2843. data/src/core/lib/channel/call_tracer.h +0 -227
  2844. data/src/core/lib/channel/channel_stack_trace.cc +0 -19
  2845. data/src/core/lib/channel/channel_stack_trace.h +0 -24
  2846. data/src/core/lib/channel/channel_trace.cc +0 -187
  2847. data/src/core/lib/channel/channel_trace.h +0 -138
  2848. data/src/core/lib/channel/channelz.cc +0 -610
  2849. data/src/core/lib/channel/channelz.h +0 -384
  2850. data/src/core/lib/channel/channelz_registry.cc +0 -281
  2851. data/src/core/lib/channel/channelz_registry.h +0 -102
  2852. data/src/core/lib/channel/context.h +0 -77
  2853. data/src/core/lib/channel/metrics.cc +0 -396
  2854. data/src/core/lib/channel/metrics.h +0 -406
  2855. data/src/core/lib/channel/server_call_tracer_filter.cc +0 -113
  2856. data/src/core/lib/channel/server_call_tracer_filter.h +0 -28
  2857. data/src/core/lib/channel/status_util.cc +0 -155
  2858. data/src/core/lib/channel/status_util.h +0 -81
  2859. data/src/core/lib/channel/tcp_tracer.h +0 -144
  2860. data/src/core/lib/config/config_vars.cc +0 -154
  2861. data/src/core/lib/config/config_vars.h +0 -131
  2862. data/src/core/lib/config/config_vars_non_generated.cc +0 -49
  2863. data/src/core/lib/config/core_configuration.cc +0 -111
  2864. data/src/core/lib/config/core_configuration.h +0 -244
  2865. data/src/core/lib/config/load_config.cc +0 -79
  2866. data/src/core/lib/config/load_config.h +0 -55
  2867. data/src/core/lib/debug/event_log.cc +0 -88
  2868. data/src/core/lib/debug/event_log.h +0 -81
  2869. data/src/core/lib/debug/histogram_view.cc +0 -69
  2870. data/src/core/lib/debug/histogram_view.h +0 -37
  2871. data/src/core/lib/debug/stats.cc +0 -68
  2872. data/src/core/lib/debug/stats.h +0 -64
  2873. data/src/core/lib/debug/stats_data.cc +0 -752
  2874. data/src/core/lib/debug/stats_data.h +0 -579
  2875. data/src/core/lib/event_engine/trace.cc +0 -25
  2876. data/src/core/lib/event_engine/trace.h +0 -49
  2877. data/src/core/lib/gpr/alloc.cc +0 -71
  2878. data/src/core/lib/gpr/alloc.h +0 -28
  2879. data/src/core/lib/gpr/android/log.cc +0 -79
  2880. data/src/core/lib/gpr/atm.cc +0 -35
  2881. data/src/core/lib/gpr/iphone/cpu.cc +0 -44
  2882. data/src/core/lib/gpr/linux/cpu.cc +0 -87
  2883. data/src/core/lib/gpr/linux/log.cc +0 -114
  2884. data/src/core/lib/gpr/log.cc +0 -166
  2885. data/src/core/lib/gpr/log_internal.h +0 -55
  2886. data/src/core/lib/gpr/msys/tmpfile.cc +0 -59
  2887. data/src/core/lib/gpr/posix/cpu.cc +0 -84
  2888. data/src/core/lib/gpr/posix/log.cc +0 -111
  2889. data/src/core/lib/gpr/posix/string.cc +0 -72
  2890. data/src/core/lib/gpr/posix/sync.cc +0 -159
  2891. data/src/core/lib/gpr/posix/time.cc +0 -122
  2892. data/src/core/lib/gpr/posix/tmpfile.cc +0 -71
  2893. data/src/core/lib/gpr/spinlock.h +0 -53
  2894. data/src/core/lib/gpr/string.cc +0 -344
  2895. data/src/core/lib/gpr/string.h +0 -112
  2896. data/src/core/lib/gpr/sync.cc +0 -124
  2897. data/src/core/lib/gpr/sync_abseil.cc +0 -110
  2898. data/src/core/lib/gpr/time.cc +0 -269
  2899. data/src/core/lib/gpr/time_precise.cc +0 -168
  2900. data/src/core/lib/gpr/time_precise.h +0 -69
  2901. data/src/core/lib/gpr/tmpfile.h +0 -32
  2902. data/src/core/lib/gpr/useful.h +0 -184
  2903. data/src/core/lib/gpr/windows/cpu.cc +0 -35
  2904. data/src/core/lib/gpr/windows/log.cc +0 -116
  2905. data/src/core/lib/gpr/windows/string.cc +0 -69
  2906. data/src/core/lib/gpr/windows/string_util.cc +0 -55
  2907. data/src/core/lib/gpr/windows/sync.cc +0 -122
  2908. data/src/core/lib/gpr/windows/time.cc +0 -105
  2909. data/src/core/lib/gpr/windows/tmpfile.cc +0 -68
  2910. data/src/core/lib/gprpp/atomic_utils.h +0 -47
  2911. data/src/core/lib/gprpp/bitset.h +0 -225
  2912. data/src/core/lib/gprpp/chunked_vector.h +0 -257
  2913. data/src/core/lib/gprpp/construct_destruct.h +0 -40
  2914. data/src/core/lib/gprpp/cpp_impl_of.h +0 -49
  2915. data/src/core/lib/gprpp/crash.cc +0 -43
  2916. data/src/core/lib/gprpp/crash.h +0 -37
  2917. data/src/core/lib/gprpp/debug_location.h +0 -99
  2918. data/src/core/lib/gprpp/directory_reader.h +0 -48
  2919. data/src/core/lib/gprpp/down_cast.h +0 -49
  2920. data/src/core/lib/gprpp/dual_ref_counted.h +0 -364
  2921. data/src/core/lib/gprpp/env.h +0 -53
  2922. data/src/core/lib/gprpp/examine_stack.cc +0 -43
  2923. data/src/core/lib/gprpp/examine_stack.h +0 -45
  2924. data/src/core/lib/gprpp/fork.cc +0 -242
  2925. data/src/core/lib/gprpp/fork.h +0 -98
  2926. data/src/core/lib/gprpp/host_port.cc +0 -114
  2927. data/src/core/lib/gprpp/host_port.h +0 -57
  2928. data/src/core/lib/gprpp/if_list.h +0 -4530
  2929. data/src/core/lib/gprpp/linux/env.cc +0 -62
  2930. data/src/core/lib/gprpp/load_file.cc +0 -78
  2931. data/src/core/lib/gprpp/load_file.h +0 -34
  2932. data/src/core/lib/gprpp/manual_constructor.h +0 -146
  2933. data/src/core/lib/gprpp/match.h +0 -75
  2934. data/src/core/lib/gprpp/memory.h +0 -53
  2935. data/src/core/lib/gprpp/mpscq.cc +0 -108
  2936. data/src/core/lib/gprpp/mpscq.h +0 -99
  2937. data/src/core/lib/gprpp/no_destruct.h +0 -95
  2938. data/src/core/lib/gprpp/notification.h +0 -67
  2939. data/src/core/lib/gprpp/orphanable.h +0 -153
  2940. data/src/core/lib/gprpp/overload.h +0 -59
  2941. data/src/core/lib/gprpp/packed_table.h +0 -40
  2942. data/src/core/lib/gprpp/per_cpu.cc +0 -35
  2943. data/src/core/lib/gprpp/per_cpu.h +0 -104
  2944. data/src/core/lib/gprpp/posix/directory_reader.cc +0 -82
  2945. data/src/core/lib/gprpp/posix/env.cc +0 -47
  2946. data/src/core/lib/gprpp/posix/stat.cc +0 -54
  2947. data/src/core/lib/gprpp/posix/thd.cc +0 -247
  2948. data/src/core/lib/gprpp/ref_counted.h +0 -394
  2949. data/src/core/lib/gprpp/ref_counted_ptr.h +0 -445
  2950. data/src/core/lib/gprpp/ref_counted_string.cc +0 -44
  2951. data/src/core/lib/gprpp/ref_counted_string.h +0 -161
  2952. data/src/core/lib/gprpp/single_set_ptr.h +0 -87
  2953. data/src/core/lib/gprpp/sorted_pack.h +0 -89
  2954. data/src/core/lib/gprpp/stat.h +0 -36
  2955. data/src/core/lib/gprpp/status_helper.cc +0 -453
  2956. data/src/core/lib/gprpp/status_helper.h +0 -190
  2957. data/src/core/lib/gprpp/strerror.cc +0 -41
  2958. data/src/core/lib/gprpp/strerror.h +0 -29
  2959. data/src/core/lib/gprpp/sync.h +0 -200
  2960. data/src/core/lib/gprpp/table.h +0 -452
  2961. data/src/core/lib/gprpp/tchar.cc +0 -49
  2962. data/src/core/lib/gprpp/tchar.h +0 -33
  2963. data/src/core/lib/gprpp/thd.h +0 -195
  2964. data/src/core/lib/gprpp/time.cc +0 -242
  2965. data/src/core/lib/gprpp/time.h +0 -385
  2966. data/src/core/lib/gprpp/time_averaged_stats.cc +0 -60
  2967. data/src/core/lib/gprpp/time_averaged_stats.h +0 -79
  2968. data/src/core/lib/gprpp/time_util.cc +0 -81
  2969. data/src/core/lib/gprpp/time_util.h +0 -42
  2970. data/src/core/lib/gprpp/type_list.h +0 -32
  2971. data/src/core/lib/gprpp/unique_type_name.h +0 -104
  2972. data/src/core/lib/gprpp/uuid_v4.cc +0 -37
  2973. data/src/core/lib/gprpp/uuid_v4.h +0 -36
  2974. data/src/core/lib/gprpp/validation_errors.cc +0 -65
  2975. data/src/core/lib/gprpp/validation_errors.h +0 -134
  2976. data/src/core/lib/gprpp/windows/directory_reader.cc +0 -81
  2977. data/src/core/lib/gprpp/windows/env.cc +0 -56
  2978. data/src/core/lib/gprpp/windows/stat.cc +0 -50
  2979. data/src/core/lib/gprpp/windows/thd.cc +0 -182
  2980. data/src/core/lib/gprpp/work_serializer.cc +0 -558
  2981. data/src/core/lib/gprpp/work_serializer.h +0 -107
  2982. data/src/core/lib/gprpp/xxhash_inline.h +0 -29
  2983. data/src/core/lib/handshaker/proxy_mapper.h +0 -53
  2984. data/src/core/lib/handshaker/proxy_mapper_registry.cc +0 -71
  2985. data/src/core/lib/handshaker/proxy_mapper_registry.h +0 -75
  2986. data/src/core/lib/http/format_request.cc +0 -137
  2987. data/src/core/lib/http/format_request.h +0 -38
  2988. data/src/core/lib/http/httpcli.cc +0 -392
  2989. data/src/core/lib/http/httpcli.h +0 -268
  2990. data/src/core/lib/http/httpcli_security_connector.cc +0 -213
  2991. data/src/core/lib/http/httpcli_ssl_credentials.h +0 -39
  2992. data/src/core/lib/http/parser.cc +0 -451
  2993. data/src/core/lib/http/parser.h +0 -130
  2994. data/src/core/lib/iomgr/ev_windows.cc +0 -30
  2995. data/src/core/lib/iomgr/gethostname.h +0 -26
  2996. data/src/core/lib/iomgr/gethostname_fallback.cc +0 -30
  2997. data/src/core/lib/iomgr/gethostname_host_name_max.cc +0 -40
  2998. data/src/core/lib/iomgr/gethostname_sysconf.cc +0 -40
  2999. data/src/core/lib/iomgr/grpc_if_nametoindex.h +0 -30
  3000. data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +0 -43
  3001. data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +0 -39
  3002. data/src/core/lib/json/json.h +0 -30
  3003. data/src/core/lib/json/json_args.h +0 -34
  3004. data/src/core/lib/json/json_channel_args.h +0 -42
  3005. data/src/core/lib/json/json_object_loader.cc +0 -216
  3006. data/src/core/lib/json/json_object_loader.h +0 -645
  3007. data/src/core/lib/json/json_reader.cc +0 -956
  3008. data/src/core/lib/json/json_reader.h +0 -34
  3009. data/src/core/lib/json/json_util.cc +0 -101
  3010. data/src/core/lib/json/json_util.h +0 -164
  3011. data/src/core/lib/json/json_writer.cc +0 -339
  3012. data/src/core/lib/json/json_writer.h +0 -33
  3013. data/src/core/lib/matchers/matchers.cc +0 -330
  3014. data/src/core/lib/matchers/matchers.h +0 -163
  3015. data/src/core/lib/promise/trace.cc +0 -20
  3016. data/src/core/lib/promise/trace.h +0 -24
  3017. data/src/core/lib/resource_quota/trace.cc +0 -19
  3018. data/src/core/lib/resource_quota/trace.h +0 -24
  3019. data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +0 -70
  3020. data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +0 -50
  3021. data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +0 -76
  3022. data/src/core/lib/security/context/security_context.cc +0 -329
  3023. data/src/core/lib/security/context/security_context.h +0 -181
  3024. data/src/core/lib/security/credentials/alts/alts_credentials.cc +0 -117
  3025. data/src/core/lib/security/credentials/alts/alts_credentials.h +0 -123
  3026. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +0 -72
  3027. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +0 -57
  3028. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +0 -68
  3029. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +0 -34
  3030. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +0 -103
  3031. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +0 -125
  3032. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +0 -46
  3033. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +0 -74
  3034. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +0 -56
  3035. data/src/core/lib/security/credentials/call_creds_util.cc +0 -97
  3036. data/src/core/lib/security/credentials/call_creds_util.h +0 -43
  3037. data/src/core/lib/security/credentials/channel_creds_registry.h +0 -127
  3038. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +0 -240
  3039. data/src/core/lib/security/credentials/composite/composite_credentials.cc +0 -171
  3040. data/src/core/lib/security/credentials/composite/composite_credentials.h +0 -133
  3041. data/src/core/lib/security/credentials/credentials.cc +0 -160
  3042. data/src/core/lib/security/credentials/credentials.h +0 -299
  3043. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +0 -532
  3044. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +0 -105
  3045. data/src/core/lib/security/credentials/external/aws_request_signer.cc +0 -231
  3046. data/src/core/lib/security/credentials/external/aws_request_signer.h +0 -72
  3047. data/src/core/lib/security/credentials/external/external_account_credentials.cc +0 -607
  3048. data/src/core/lib/security/credentials/external/external_account_credentials.h +0 -139
  3049. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -138
  3050. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +0 -59
  3051. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +0 -247
  3052. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +0 -75
  3053. data/src/core/lib/security/credentials/fake/fake_credentials.cc +0 -105
  3054. data/src/core/lib/security/credentials/fake/fake_credentials.h +0 -123
  3055. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +0 -40
  3056. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -447
  3057. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +0 -99
  3058. data/src/core/lib/security/credentials/iam/iam_credentials.cc +0 -83
  3059. data/src/core/lib/security/credentials/iam/iam_credentials.h +0 -65
  3060. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +0 -71
  3061. data/src/core/lib/security/credentials/insecure/insecure_credentials.h +0 -61
  3062. data/src/core/lib/security/credentials/jwt/json_token.cc +0 -321
  3063. data/src/core/lib/security/credentials/jwt/json_token.h +0 -80
  3064. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +0 -188
  3065. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +0 -106
  3066. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -995
  3067. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +0 -124
  3068. data/src/core/lib/security/credentials/local/local_credentials.cc +0 -69
  3069. data/src/core/lib/security/credentials/local/local_credentials.h +0 -77
  3070. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +0 -753
  3071. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +0 -220
  3072. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -215
  3073. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +0 -125
  3074. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +0 -486
  3075. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -145
  3076. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +0 -338
  3077. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +0 -216
  3078. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +0 -86
  3079. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +0 -421
  3080. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +0 -205
  3081. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +0 -241
  3082. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +0 -170
  3083. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +0 -163
  3084. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +0 -144
  3085. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +0 -262
  3086. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +0 -133
  3087. data/src/core/lib/security/credentials/tls/tls_credentials.cc +0 -174
  3088. data/src/core/lib/security/credentials/tls/tls_credentials.h +0 -73
  3089. data/src/core/lib/security/credentials/tls/tls_utils.cc +0 -129
  3090. data/src/core/lib/security/credentials/tls/tls_utils.h +0 -51
  3091. data/src/core/lib/security/credentials/xds/xds_credentials.cc +0 -228
  3092. data/src/core/lib/security/credentials/xds/xds_credentials.h +0 -112
  3093. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +0 -308
  3094. data/src/core/lib/security/security_connector/alts/alts_security_connector.h +0 -78
  3095. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +0 -314
  3096. data/src/core/lib/security/security_connector/fake/fake_security_connector.h +0 -42
  3097. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +0 -120
  3098. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +0 -103
  3099. data/src/core/lib/security/security_connector/load_system_roots.h +0 -36
  3100. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +0 -36
  3101. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +0 -167
  3102. data/src/core/lib/security/security_connector/load_system_roots_supported.h +0 -45
  3103. data/src/core/lib/security/security_connector/load_system_roots_windows.cc +0 -87
  3104. data/src/core/lib/security/security_connector/local/local_security_connector.cc +0 -306
  3105. data/src/core/lib/security/security_connector/local/local_security_connector.h +0 -62
  3106. data/src/core/lib/security/security_connector/security_connector.cc +0 -127
  3107. data/src/core/lib/security/security_connector/security_connector.h +0 -200
  3108. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +0 -407
  3109. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +0 -82
  3110. data/src/core/lib/security/security_connector/ssl_utils.cc +0 -628
  3111. data/src/core/lib/security/security_connector/ssl_utils.h +0 -191
  3112. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +0 -829
  3113. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +0 -286
  3114. data/src/core/lib/security/transport/auth_filters.h +0 -140
  3115. data/src/core/lib/security/transport/client_auth_filter.cc +0 -227
  3116. data/src/core/lib/security/transport/secure_endpoint.cc +0 -565
  3117. data/src/core/lib/security/transport/secure_endpoint.h +0 -43
  3118. data/src/core/lib/security/transport/security_handshaker.cc +0 -682
  3119. data/src/core/lib/security/transport/security_handshaker.h +0 -47
  3120. data/src/core/lib/security/transport/server_auth_filter.cc +0 -224
  3121. data/src/core/lib/security/transport/tsi_error.cc +0 -31
  3122. data/src/core/lib/security/transport/tsi_error.h +0 -30
  3123. data/src/core/lib/security/util/json_util.cc +0 -71
  3124. data/src/core/lib/security/util/json_util.h +0 -43
  3125. data/src/core/lib/slice/slice_refcount.cc +0 -20
  3126. data/src/core/lib/surface/api_trace.cc +0 -25
  3127. data/src/core/lib/surface/api_trace.h +0 -53
  3128. data/src/core/lib/surface/call_trace.h +0 -24
  3129. data/src/core/lib/surface/server.cc +0 -2030
  3130. data/src/core/lib/surface/server.h +0 -555
  3131. data/src/core/lib/surface/server_interface.h +0 -43
  3132. data/src/core/lib/surface/wait_for_cq_end_op.cc +0 -75
  3133. data/src/core/lib/surface/wait_for_cq_end_op.h +0 -72
  3134. data/src/core/lib/transport/batch_builder.cc +0 -170
  3135. data/src/core/lib/transport/batch_builder.h +0 -476
  3136. data/src/core/lib/transport/call_filters.cc +0 -471
  3137. data/src/core/lib/transport/call_filters.h +0 -1799
  3138. data/src/core/lib/transport/call_size_estimator.cc +0 -41
  3139. data/src/core/lib/transport/call_size_estimator.h +0 -52
  3140. data/src/core/lib/transport/call_spine.cc +0 -107
  3141. data/src/core/lib/transport/call_spine.h +0 -434
  3142. data/src/core/lib/transport/custom_metadata.h +0 -30
  3143. data/src/core/lib/transport/endpoint_info_handshaker.cc +0 -80
  3144. data/src/core/lib/transport/endpoint_info_handshaker.h +0 -37
  3145. data/src/core/lib/transport/handshaker.cc +0 -229
  3146. data/src/core/lib/transport/handshaker.h +0 -165
  3147. data/src/core/lib/transport/handshaker_factory.h +0 -73
  3148. data/src/core/lib/transport/handshaker_registry.cc +0 -61
  3149. data/src/core/lib/transport/handshaker_registry.h +0 -69
  3150. data/src/core/lib/transport/http2_errors.h +0 -41
  3151. data/src/core/lib/transport/http_connect_handshaker.cc +0 -400
  3152. data/src/core/lib/transport/http_connect_handshaker.h +0 -42
  3153. data/src/core/lib/transport/message.cc +0 -45
  3154. data/src/core/lib/transport/message.h +0 -61
  3155. data/src/core/lib/transport/metadata.cc +0 -37
  3156. data/src/core/lib/transport/metadata.h +0 -78
  3157. data/src/core/lib/transport/metadata_batch.cc +0 -376
  3158. data/src/core/lib/transport/metadata_batch.h +0 -1518
  3159. data/src/core/lib/transport/metadata_compression_traits.h +0 -67
  3160. data/src/core/lib/transport/metadata_info.cc +0 -55
  3161. data/src/core/lib/transport/metadata_info.h +0 -85
  3162. data/src/core/lib/transport/parsed_metadata.cc +0 -35
  3163. data/src/core/lib/transport/parsed_metadata.h +0 -432
  3164. data/src/core/lib/transport/simple_slice_based_metadata.h +0 -54
  3165. data/src/core/lib/transport/tcp_connect_handshaker.cc +0 -244
  3166. data/src/core/lib/transport/tcp_connect_handshaker.h +0 -39
  3167. data/src/core/lib/uri/uri_parser.cc +0 -372
  3168. data/src/core/lib/uri/uri_parser.h +0 -101
  3169. data/src/core/resolver/binder/binder_resolver.cc +0 -154
  3170. data/src/core/resolver/xds/xds_resolver_trace.cc +0 -25
  3171. data/src/core/resolver/xds/xds_resolver_trace.h +0 -30
  3172. data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +0 -44
  3173. data/third_party/boringssl-with-bazel/err_data.c +0 -1512
  3174. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +0 -284
  3175. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -95
  3176. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -89
  3177. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -84
  3178. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -151
  3179. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -85
  3180. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +0 -465
  3181. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +0 -279
  3182. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +0 -235
  3183. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -74
  3184. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +0 -457
  3185. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +0 -245
  3186. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +0 -259
  3187. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +0 -214
  3188. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -183
  3189. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -397
  3190. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -103
  3191. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -98
  3192. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -105
  3193. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -94
  3194. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +0 -241
  3195. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +0 -973
  3196. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +0 -708
  3197. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -212
  3198. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +0 -317
  3199. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -126
  3200. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +0 -268
  3201. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +0 -475
  3202. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +0 -731
  3203. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +0 -309
  3204. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +0 -544
  3205. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +0 -92
  3206. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -235
  3207. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +0 -319
  3208. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
  3209. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +0 -480
  3210. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -102
  3211. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -189
  3212. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +0 -133
  3213. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +0 -169
  3214. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +0 -57
  3215. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +0 -465
  3216. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -158
  3217. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -53
  3218. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +0 -266
  3219. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +0 -718
  3220. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -926
  3221. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +0 -155
  3222. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -224
  3223. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
  3224. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
  3225. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +0 -284
  3226. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +0 -841
  3227. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +0 -341
  3228. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +0 -246
  3229. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -86
  3230. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +0 -463
  3231. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -89
  3232. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +0 -598
  3233. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +0 -237
  3234. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +0 -514
  3235. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +0 -647
  3236. data/third_party/boringssl-with-bazel/src/crypto/conf/conf_def.h +0 -122
  3237. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +0 -75
  3238. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -55
  3239. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -62
  3240. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -61
  3241. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +0 -93
  3242. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +0 -41
  3243. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -54
  3244. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -148
  3245. data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +0 -292
  3246. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +0 -242
  3247. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +0 -2157
  3248. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +0 -18
  3249. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +0 -523
  3250. data/third_party/boringssl-with-bazel/src/crypto/des/des.c +0 -871
  3251. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -165
  3252. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +0 -480
  3253. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -265
  3254. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +0 -981
  3255. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +0 -420
  3256. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +0 -572
  3257. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +0 -96
  3258. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +0 -508
  3259. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -78
  3260. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
  3261. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +0 -265
  3262. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +0 -91
  3263. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +0 -882
  3264. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +0 -509
  3265. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +0 -547
  3266. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +0 -483
  3267. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +0 -308
  3268. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +0 -275
  3269. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +0 -302
  3270. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +0 -103
  3271. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +0 -224
  3272. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +0 -232
  3273. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +0 -646
  3274. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +0 -211
  3275. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +0 -109
  3276. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +0 -236
  3277. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
  3278. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +0 -381
  3279. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +0 -209
  3280. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -156
  3281. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -237
  3282. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -106
  3283. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +0 -1281
  3284. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +0 -242
  3285. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +0 -124
  3286. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -275
  3287. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +0 -310
  3288. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -541
  3289. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +0 -428
  3290. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +0 -267
  3291. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +0 -201
  3292. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -234
  3293. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +0 -909
  3294. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +0 -87
  3295. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +0 -1276
  3296. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -397
  3297. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +0 -328
  3298. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +0 -624
  3299. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c +0 -146
  3300. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +0 -532
  3301. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +0 -222
  3302. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +0 -744
  3303. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -1070
  3304. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +0 -355
  3305. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +0 -137
  3306. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +0 -363
  3307. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +0 -499
  3308. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +0 -287
  3309. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +0 -717
  3310. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +0 -1463
  3311. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.c +0 -446
  3312. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.c +0 -322
  3313. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +0 -245
  3314. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +0 -489
  3315. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +0 -288
  3316. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +0 -304
  3317. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.c +0 -267
  3318. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +0 -1043
  3319. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +0 -553
  3320. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +0 -491
  3321. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +0 -104
  3322. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +0 -359
  3323. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +0 -1163
  3324. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +0 -637
  3325. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +0 -749
  3326. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +0 -169
  3327. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +0 -336
  3328. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +0 -269
  3329. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +0 -255
  3330. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -264
  3331. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +0 -130
  3332. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +0 -372
  3333. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -32
  3334. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +0 -112
  3335. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +0 -256
  3336. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +0 -240
  3337. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
  3338. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +0 -284
  3339. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +0 -164
  3340. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +0 -200
  3341. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +0 -196
  3342. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +0 -743
  3343. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +0 -302
  3344. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -428
  3345. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +0 -87
  3346. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +0 -90
  3347. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +0 -220
  3348. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +0 -197
  3349. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +0 -67
  3350. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +0 -64
  3351. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -493
  3352. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -328
  3353. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -241
  3354. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +0 -423
  3355. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +0 -1038
  3356. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +0 -1337
  3357. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +0 -119
  3358. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +0 -1064
  3359. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +0 -331
  3360. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +0 -439
  3361. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +0 -359
  3362. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +0 -537
  3363. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +0 -211
  3364. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +0 -799
  3365. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +0 -2234
  3366. data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +0 -70
  3367. data/third_party/boringssl-with-bazel/src/crypto/keccak/keccak.c +0 -279
  3368. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +0 -844
  3369. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +0 -350
  3370. data/third_party/boringssl-with-bazel/src/crypto/mem.c +0 -600
  3371. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +0 -564
  3372. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
  3373. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -243
  3374. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -294
  3375. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -789
  3376. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
  3377. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -248
  3378. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -182
  3379. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -64
  3380. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -64
  3381. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +0 -193
  3382. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -523
  3383. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +0 -316
  3384. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -527
  3385. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +0 -1352
  3386. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +0 -314
  3387. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +0 -308
  3388. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +0 -847
  3389. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +0 -261
  3390. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +0 -57
  3391. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -44
  3392. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +0 -52
  3393. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +0 -34
  3394. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +0 -158
  3395. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +0 -74
  3396. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +0 -38
  3397. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +0 -95
  3398. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
  3399. data/third_party/boringssl-with-bazel/src/crypto/refcount.c +0 -59
  3400. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -77
  3401. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +0 -324
  3402. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +0 -570
  3403. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
  3404. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +0 -79
  3405. data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
  3406. data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
  3407. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
  3408. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
  3409. data/third_party/boringssl-with-bazel/src/crypto/spx/internal.h +0 -79
  3410. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
  3411. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
  3412. data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
  3413. data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -139
  3414. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
  3415. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
  3416. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
  3417. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
  3418. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
  3419. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
  3420. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +0 -534
  3421. data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
  3422. data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -51
  3423. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -150
  3424. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +0 -236
  3425. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +0 -1668
  3426. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +0 -687
  3427. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +0 -1267
  3428. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -94
  3429. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -136
  3430. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -116
  3431. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -178
  3432. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -585
  3433. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +0 -407
  3434. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -269
  3435. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -79
  3436. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +0 -227
  3437. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +0 -786
  3438. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +0 -397
  3439. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -145
  3440. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +0 -245
  3441. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -329
  3442. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -121
  3443. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.c +0 -221
  3444. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.c +0 -73
  3445. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.c +0 -634
  3446. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.c +0 -135
  3447. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.c +0 -141
  3448. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.c +0 -416
  3449. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +0 -477
  3450. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +0 -598
  3451. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.c +0 -112
  3452. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.c +0 -154
  3453. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.c +0 -270
  3454. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.c +0 -122
  3455. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +0 -211
  3456. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.c +0 -121
  3457. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +0 -342
  3458. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.c +0 -555
  3459. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.c +0 -81
  3460. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.c +0 -142
  3461. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.c +0 -150
  3462. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.c +0 -224
  3463. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.c +0 -624
  3464. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.c +0 -170
  3465. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.c +0 -1357
  3466. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -89
  3467. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -227
  3468. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -280
  3469. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -108
  3470. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -86
  3471. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -181
  3472. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -609
  3473. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +0 -206
  3474. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +0 -299
  3475. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +0 -240
  3476. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +0 -164
  3477. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +0 -189
  3478. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -291
  3479. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -1655
  3480. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +0 -440
  3481. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +0 -277
  3482. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +0 -407
  3483. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -109
  3484. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -133
  3485. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -149
  3486. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -356
  3487. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -97
  3488. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +0 -384
  3489. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -78
  3490. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +0 -527
  3491. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -210
  3492. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -116
  3493. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -93
  3494. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -79
  3495. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -70
  3496. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +0 -549
  3497. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +0 -209
  3498. data/third_party/boringssl-with-bazel/src/include/openssl/kyber.h +0 -136
  3499. data/third_party/boringssl-with-bazel/src/include/openssl/pki/certificate.h +0 -83
  3500. data/third_party/boringssl-with-bazel/src/include/openssl/pki/signature_verify_cache.h +0 -41
data/third_party/boringssl-with-bazel/src/ssl/internal.h CHANGED
@@ -1,143 +1,18 @@
1
- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
- * All rights reserved.
3
- *
4
- * This package is an SSL implementation written
5
- * by Eric Young (eay@cryptsoft.com).
6
- * The implementation was written so as to conform with Netscapes SSL.
7
- *
8
- * This library is free for commercial and non-commercial use as long as
9
- * the following conditions are aheared to. The following conditions
10
- * apply to all code found in this distribution, be it the RC4, RSA,
11
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
- * included with this distribution is covered by the same copyright terms
13
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
- *
15
- * Copyright remains Eric Young's, and as such any Copyright notices in
16
- * the code are not to be removed.
17
- * If this package is used in a product, Eric Young should be given attribution
18
- * as the author of the parts of the library used.
19
- * This can be in the form of a textual message at program startup or
20
- * in documentation (online or textual) provided with the package.
21
- *
22
- * Redistribution and use in source and binary forms, with or without
23
- * modification, are permitted provided that the following conditions
24
- * are met:
25
- * 1. Redistributions of source code must retain the copyright
26
- * notice, this list of conditions and the following disclaimer.
27
- * 2. Redistributions in binary form must reproduce the above copyright
28
- * notice, this list of conditions and the following disclaimer in the
29
- * documentation and/or other materials provided with the distribution.
30
- * 3. All advertising materials mentioning features or use of this software
31
- * must display the following acknowledgement:
32
- * "This product includes cryptographic software written by
33
- * Eric Young (eay@cryptsoft.com)"
34
- * The word 'cryptographic' can be left out if the rouines from the library
35
- * being used are not cryptographic related :-).
36
- * 4. If you include any Windows specific code (or a derivative thereof) from
37
- * the apps directory (application code) you must include an acknowledgement:
38
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
- *
40
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
- * SUCH DAMAGE.
51
- *
52
- * The licence and distribution terms for any publically available version or
53
- * derivative of this code cannot be changed. i.e. this code cannot simply be
54
- * copied and put under another distribution licence
55
- * [including the GNU Public Licence.]
56
- */
57
- /* ====================================================================
58
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
- *
60
- * Redistribution and use in source and binary forms, with or without
61
- * modification, are permitted provided that the following conditions
62
- * are met:
63
- *
64
- * 1. Redistributions of source code must retain the above copyright
65
- * notice, this list of conditions and the following disclaimer.
66
- *
67
- * 2. Redistributions in binary form must reproduce the above copyright
68
- * notice, this list of conditions and the following disclaimer in
69
- * the documentation and/or other materials provided with the
70
- * distribution.
71
- *
72
- * 3. All advertising materials mentioning features or use of this
73
- * software must display the following acknowledgment:
74
- * "This product includes software developed by the OpenSSL Project
75
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
- *
77
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
- * endorse or promote products derived from this software without
79
- * prior written permission. For written permission, please contact
80
- * openssl-core@openssl.org.
81
- *
82
- * 5. Products derived from this software may not be called "OpenSSL"
83
- * nor may "OpenSSL" appear in their names without prior written
84
- * permission of the OpenSSL Project.
85
- *
86
- * 6. Redistributions of any form whatsoever must retain the following
87
- * acknowledgment:
88
- * "This product includes software developed by the OpenSSL Project
89
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
- *
91
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
- * OF THE POSSIBILITY OF SUCH DAMAGE.
103
- * ====================================================================
104
- *
105
- * This product includes cryptographic software written by Eric Young
106
- * (eay@cryptsoft.com). This product includes software written by Tim
107
- * Hudson (tjh@cryptsoft.com).
108
- *
109
- */
110
- /* ====================================================================
111
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
- * ECC cipher suite support in OpenSSL originally developed by
113
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114
- */
115
- /* ====================================================================
116
- * Copyright 2005 Nokia. All rights reserved.
117
- *
118
- * The portions of the attached software ("Contribution") is developed by
119
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120
- * license.
121
- *
122
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124
- * support (see RFC 4279) to OpenSSL.
125
- *
126
- * No patent licenses or other rights except those expressly stated in
127
- * the OpenSSL open source license shall be deemed granted or received
128
- * expressly, by implication, estoppel, or otherwise.
129
- *
130
- * No assurances are provided by Nokia that the Contribution does not
131
- * infringe the patent or other intellectual property rights of any third
132
- * party or that the license provides you with all the necessary rights
133
- * to make use of the Contribution.
134
- *
135
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139
- * OTHERWISE.
140
- */
1
+ // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2
+ // Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
3
+ // Copyright 2005 Nokia. All rights reserved.
4
+ //
5
+ // Licensed under the Apache License, Version 2.0 (the "License");
6
+ // you may not use this file except in compliance with the License.
7
+ // You may obtain a copy of the License at
8
+ //
9
+ // https://www.apache.org/licenses/LICENSE-2.0
10
+ //
11
+ // Unless required by applicable law or agreed to in writing, software
12
+ // distributed under the License is distributed on an "AS IS" BASIS,
13
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ // See the License for the specific language governing permissions and
15
+ // limitations under the License.
141
16
 
142
17
  #ifndef OPENSSL_HEADER_SSL_INTERNAL_H
143
18
  #define OPENSSL_HEADER_SSL_INTERNAL_H
@@ -146,9 +21,13 @@
146
21
 
147
22
  #include <stdlib.h>
148
23
 
24
+ #include <algorithm>
25
+ #include <atomic>
26
+ #include <bitset>
149
27
  #include <initializer_list>
150
28
  #include <limits>
151
29
  #include <new>
30
+ #include <string_view>
152
31
  #include <type_traits>
153
32
  #include <utility>
154
33
 
@@ -165,6 +44,7 @@
165
44
  #include "../crypto/err/internal.h"
166
45
  #include "../crypto/internal.h"
167
46
  #include "../crypto/lhash/internal.h"
47
+ #include "../crypto/spake2plus/internal.h"
168
48
 
169
49
 
170
50
  #if defined(OPENSSL_WINDOWS)
@@ -192,7 +72,7 @@ struct SSL_X509_METHOD;
192
72
  //
193
73
  // Note: unlike |new|, this does not support non-public constructors.
194
74
  template <typename T, typename... Args>
195
- T *New(Args &&... args) {
75
+ T *New(Args &&...args) {
196
76
  void *t = OPENSSL_malloc(sizeof(T));
197
77
  if (t == nullptr) {
198
78
  return nullptr;
@@ -223,27 +103,10 @@ struct DeleterImpl<T, std::enable_if_t<T::kAllowUniquePtr>> {
223
103
  // MakeUnique behaves like |std::make_unique| but returns nullptr on allocation
224
104
  // error.
225
105
  template <typename T, typename... Args>
226
- UniquePtr<T> MakeUnique(Args &&... args) {
106
+ UniquePtr<T> MakeUnique(Args &&...args) {
227
107
  return UniquePtr<T>(New<T>(std::forward<Args>(args)...));
228
108
  }
229
109
 
230
- #if defined(BORINGSSL_ALLOW_CXX_RUNTIME)
231
- #define HAS_VIRTUAL_DESTRUCTOR
232
- #define PURE_VIRTUAL = 0
233
- #else
234
- // HAS_VIRTUAL_DESTRUCTOR should be declared in any base class which defines a
235
- // virtual destructor. This avoids a dependency on |_ZdlPv| and prevents the
236
- // class from being used with |delete|.
237
- #define HAS_VIRTUAL_DESTRUCTOR \
238
- void operator delete(void *) { abort(); }
239
-
240
- // PURE_VIRTUAL should be used instead of = 0 when defining pure-virtual
241
- // functions. This avoids a dependency on |__cxa_pure_virtual| but loses
242
- // compile-time checking.
243
- #define PURE_VIRTUAL \
244
- { abort(); }
245
- #endif
246
-
247
110
  // Array<T> is an owning array of elements of |T|.
248
111
  template <typename T>
249
112
  class Array {
@@ -267,8 +130,14 @@ class Array {
267
130
  size_t size() const { return size_; }
268
131
  bool empty() const { return size_ == 0; }
269
132
 
270
- const T &operator[](size_t i) const { return data_[i]; }
271
- T &operator[](size_t i) { return data_[i]; }
133
+ const T &operator[](size_t i) const {
134
+ BSSL_CHECK(i < size_);
135
+ return data_[i];
136
+ }
137
+ T &operator[](size_t i) {
138
+ BSSL_CHECK(i < size_);
139
+ return data_[i];
140
+ }
272
141
 
273
142
  T *begin() { return data_; }
274
143
  const T *begin() const { return data_; }
@@ -280,9 +149,7 @@ class Array {
280
149
  // Reset releases the current contents of the array and takes ownership of the
281
150
  // raw pointer supplied by the caller.
282
151
  void Reset(T *new_data, size_t new_size) {
283
- for (size_t i = 0; i < size_; i++) {
284
- data_[i].~T();
285
- }
152
+ std::destroy_n(data_, size_);
286
153
  OPENSSL_free(data_);
287
154
  data_ = new_data;
288
155
  size_ = new_size;
@@ -298,38 +165,35 @@ class Array {
298
165
  }
299
166
 
300
167
  // Init replaces the array with a newly-allocated array of |new_size|
301
- // default-constructed copies of |T|. It returns true on success and false on
302
- // error.
303
- //
304
- // Note that if |T| is a primitive type like |uint8_t|, it is uninitialized.
305
- bool Init(size_t new_size) {
306
- Reset();
307
- if (new_size == 0) {
308
- return true;
309
- }
310
-
311
- if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
312
- OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
168
+ // value-constructed copies of |T|. It returns true on success and false on
169
+ // error. If |T| is a primitive type like |uint8_t|, value-construction means
170
+ // it will be zero-initialized.
171
+ [[nodiscard]] bool Init(size_t new_size) {
172
+ if (!InitUninitialized(new_size)) {
313
173
  return false;
314
174
  }
315
- data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
316
- if (data_ == nullptr) {
175
+ std::uninitialized_value_construct_n(data_, size_);
176
+ return true;
177
+ }
178
+
179
+ // InitForOverwrite behaves like |Init| but it default-constructs each element
180
+ // instead. This means that, if |T| is a primitive type, the array will be
181
+ // uninitialized and thus must be filled in by the caller.
182
+ [[nodiscard]] bool InitForOverwrite(size_t new_size) {
183
+ if (!InitUninitialized(new_size)) {
317
184
  return false;
318
185
  }
319
- size_ = new_size;
320
- for (size_t i = 0; i < size_; i++) {
321
- new (&data_[i]) T;
322
- }
186
+ std::uninitialized_default_construct_n(data_, size_);
323
187
  return true;
324
188
  }
325
189
 
326
190
  // CopyFrom replaces the array with a newly-allocated copy of |in|. It returns
327
191
  // true on success and false on error.
328
- bool CopyFrom(Span<const T> in) {
329
- if (!Init(in.size())) {
192
+ [[nodiscard]] bool CopyFrom(Span<const T> in) {
193
+ if (!InitUninitialized(in.size())) {
330
194
  return false;
331
195
  }
332
- OPENSSL_memcpy(data_, in.data(), sizeof(T) * in.size());
196
+ std::uninitialized_copy(in.begin(), in.end(), data_);
333
197
  return true;
334
198
  }
335
199
 
@@ -339,75 +203,103 @@ class Array {
339
203
  if (new_size > size_) {
340
204
  abort();
341
205
  }
342
- for (size_t i = new_size; i < size_; i++) {
343
- data_[i].~T();
344
- }
206
+ std::destroy_n(data_ + new_size, size_ - new_size);
345
207
  size_ = new_size;
346
208
  }
347
209
 
348
210
  private:
211
+ // InitUninitialized replaces the array with a newly-allocated array of
212
+ // |new_size| elements, but whose constructor has not yet run. On success, the
213
+ // elements must be constructed before returning control to the caller.
214
+ bool InitUninitialized(size_t new_size) {
215
+ Reset();
216
+ if (new_size == 0) {
217
+ return true;
218
+ }
219
+
220
+ if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
221
+ OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
222
+ return false;
223
+ }
224
+ data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
225
+ if (data_ == nullptr) {
226
+ return false;
227
+ }
228
+ size_ = new_size;
229
+ return true;
230
+ }
231
+
349
232
  T *data_ = nullptr;
350
233
  size_t size_ = 0;
351
234
  };
352
235
 
353
- // GrowableArray<T> is an array that owns elements of |T|, backed by an
354
- // Array<T>. When necessary, pushing will automatically trigger a resize.
355
- //
356
- // Note, for simplicity, this class currently differs from |std::vector| in that
357
- // |T| must be efficiently default-constructible. Allocated elements beyond the
358
- // end of the array are constructed and destructed.
236
+ // Vector<T> is a resizable array of elements of |T|.
359
237
  template <typename T>
360
- class GrowableArray {
238
+ class Vector {
361
239
  public:
362
- GrowableArray() = default;
363
- GrowableArray(const GrowableArray &) = delete;
364
- GrowableArray(GrowableArray &&other) { *this = std::move(other); }
365
- ~GrowableArray() {}
366
-
367
- GrowableArray &operator=(const GrowableArray &) = delete;
368
- GrowableArray &operator=(GrowableArray &&other) {
369
- size_ = other.size_;
370
- other.size_ = 0;
371
- array_ = std::move(other.array_);
240
+ Vector() = default;
241
+ Vector(const Vector &) = delete;
242
+ Vector(Vector &&other) { *this = std::move(other); }
243
+ ~Vector() { clear(); }
244
+
245
+ Vector &operator=(const Vector &) = delete;
246
+ Vector &operator=(Vector &&other) {
247
+ clear();
248
+ std::swap(data_, other.data_);
249
+ std::swap(size_, other.size_);
250
+ std::swap(capacity_, other.capacity_);
372
251
  return *this;
373
252
  }
374
253
 
375
- const T *data() const { return array_.data(); }
376
- T *data() { return array_.data(); }
254
+ const T *data() const { return data_; }
255
+ T *data() { return data_; }
377
256
  size_t size() const { return size_; }
378
257
  bool empty() const { return size_ == 0; }
379
258
 
380
- const T &operator[](size_t i) const { return array_[i]; }
381
- T &operator[](size_t i) { return array_[i]; }
259
+ const T &operator[](size_t i) const {
260
+ BSSL_CHECK(i < size_);
261
+ return data_[i];
262
+ }
263
+ T &operator[](size_t i) {
264
+ BSSL_CHECK(i < size_);
265
+ return data_[i];
266
+ }
382
267
 
383
- T *begin() { return array_.data(); }
384
- const T *begin() const { return array_.data(); }
385
- T *end() { return array_.data() + size_; }
386
- const T *end() const { return array_.data() + size_; }
268
+ T *begin() { return data_; }
269
+ const T *begin() const { return data_; }
270
+ T *end() { return data_ + size_; }
271
+ const T *end() const { return data_ + size_; }
387
272
 
388
273
  void clear() {
274
+ std::destroy_n(data_, size_);
275
+ OPENSSL_free(data_);
276
+ data_ = nullptr;
389
277
  size_ = 0;
390
- array_.Reset();
278
+ capacity_ = 0;
391
279
  }
392
280
 
393
281
  // Push adds |elem| at the end of the internal array, growing if necessary. It
394
282
  // returns false when allocation fails.
395
- bool Push(T elem) {
283
+ [[nodiscard]] bool Push(T elem) {
396
284
  if (!MaybeGrow()) {
397
285
  return false;
398
286
  }
399
- array_[size_] = std::move(elem);
287
+ new (&data_[size_]) T(std::move(elem));
400
288
  size_++;
401
289
  return true;
402
290
  }
403
291
 
404
292
  // CopyFrom replaces the contents of the array with a copy of |in|. It returns
405
293
  // true on success and false on allocation error.
406
- bool CopyFrom(Span<const T> in) {
407
- if (!array_.CopyFrom(in)) {
294
+ [[nodiscard]] bool CopyFrom(Span<const T> in) {
295
+ Array<T> copy;
296
+ if (!copy.CopyFrom(in)) {
408
297
  return false;
409
298
  }
410
- size_ = in.size();
299
+
300
+ clear();
301
+ copy.Release(&data_, &size_);
302
+ capacity_ = size_;
411
303
  return true;
412
304
  }
413
305
 
@@ -415,39 +307,249 @@ class GrowableArray {
415
307
  // If there is no room for one more element, creates a new backing array with
416
308
  // double the size of the old one and copies elements over.
417
309
  bool MaybeGrow() {
418
- if (array_.size() == 0) {
419
- return array_.Init(kDefaultSize);
420
- }
421
310
  // No need to grow if we have room for one more T.
422
- if (size_ < array_.size()) {
311
+ if (size_ < capacity_) {
423
312
  return true;
424
313
  }
425
- // Double the array's size if it's safe to do so.
426
- if (array_.size() > std::numeric_limits<size_t>::max() / 2) {
314
+ size_t new_capacity = kDefaultSize;
315
+ if (capacity_ > 0) {
316
+ // Double the array's size if it's safe to do so.
317
+ if (capacity_ > std::numeric_limits<size_t>::max() / 2) {
318
+ OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
319
+ return false;
320
+ }
321
+ new_capacity = capacity_ * 2;
322
+ }
323
+ if (new_capacity > std::numeric_limits<size_t>::max() / sizeof(T)) {
427
324
  OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
428
325
  return false;
429
326
  }
430
- Array<T> new_array;
431
- if (!new_array.Init(array_.size() * 2)) {
327
+ T *new_data =
328
+ reinterpret_cast<T *>(OPENSSL_malloc(new_capacity * sizeof(T)));
329
+ if (new_data == nullptr) {
432
330
  return false;
433
331
  }
434
- for (size_t i = 0; i < array_.size(); i++) {
435
- new_array[i] = std::move(array_[i]);
436
- }
437
- array_ = std::move(new_array);
438
-
332
+ size_t new_size = size_;
333
+ std::uninitialized_move(begin(), end(), new_data);
334
+ clear();
335
+ data_ = new_data;
336
+ size_ = new_size;
337
+ capacity_ = new_capacity;
439
338
  return true;
440
339
  }
441
340
 
442
- // |size_| is the number of elements stored in this GrowableArray.
341
+ // data_ is a pointer to |capacity_| objects of size |T|, the first |size_| of
342
+ // which are constructed.
343
+ T *data_ = nullptr;
344
+ // |size_| is the number of elements stored in this Vector.
443
345
  size_t size_ = 0;
444
- // |array_| is the backing array. Note that |array_.size()| is this
445
- // GrowableArray's current capacity and that |size_ <= array_.size()|.
446
- Array<T> array_;
346
+ // |capacity_| is the number of elements allocated in this Vector.
347
+ size_t capacity_ = 0;
447
348
  // |kDefaultSize| is the default initial size of the backing array.
448
349
  static constexpr size_t kDefaultSize = 16;
449
350
  };
450
351
 
352
+ // A PackedSize is an integer that can store values from 0 to N, represented as
353
+ // a minimal-width integer.
354
+ template <size_t N>
355
+ using PackedSize = std::conditional_t<
356
+ N <= 0xff, uint8_t,
357
+ std::conditional_t<N <= 0xffff, uint16_t,
358
+ std::conditional_t<N <= 0xffffffff, uint32_t, size_t>>>;
359
+
360
+ // An InplaceVector is like a Vector, but stores up to N elements inline in the
361
+ // object. It is inspired by std::inplace_vector in C++26.
362
+ template <typename T, size_t N>
363
+ class InplaceVector {
364
+ public:
365
+ InplaceVector() = default;
366
+ InplaceVector(const InplaceVector &other) { *this = other; }
367
+ InplaceVector(InplaceVector &&other) { *this = std::move(other); }
368
+ ~InplaceVector() { clear(); }
369
+ InplaceVector &operator=(const InplaceVector &other) {
370
+ if (this != &other) {
371
+ CopyFrom(other);
372
+ }
373
+ return *this;
374
+ }
375
+ InplaceVector &operator=(InplaceVector &&other) {
376
+ clear();
377
+ std::uninitialized_move(other.begin(), other.end(), data());
378
+ size_ = other.size();
379
+ return *this;
380
+ }
381
+
382
+ const T *data() const { return reinterpret_cast<const T *>(storage_); }
383
+ T *data() { return reinterpret_cast<T *>(storage_); }
384
+ size_t size() const { return size_; }
385
+ static constexpr size_t capacity() { return N; }
386
+ bool empty() const { return size_ == 0; }
387
+
388
+ const T &operator[](size_t i) const {
389
+ BSSL_CHECK(i < size_);
390
+ return data()[i];
391
+ }
392
+ T &operator[](size_t i) {
393
+ BSSL_CHECK(i < size_);
394
+ return data()[i];
395
+ }
396
+
397
+ T *begin() { return data(); }
398
+ const T *begin() const { return data(); }
399
+ T *end() { return data() + size_; }
400
+ const T *end() const { return data() + size_; }
401
+
402
+ void clear() { Shrink(0); }
403
+
404
+ // Shrink resizes the vector to |new_size|, which must not be larger than the
405
+ // current size. Unlike |Resize|, this can be called when |T| is not
406
+ // default-constructible.
407
+ void Shrink(size_t new_size) {
408
+ BSSL_CHECK(new_size <= size_);
409
+ std::destroy_n(data() + new_size, size_ - new_size);
410
+ size_ = static_cast<PackedSize<N>>(new_size);
411
+ }
412
+
413
+ // TryResize resizes the vector to |new_size| and returns true, or returns
414
+ // false if |new_size| is too large. Any newly-added elements are
415
+ // value-initialized.
416
+ [[nodiscard]] bool TryResize(size_t new_size) {
417
+ if (new_size <= size_) {
418
+ Shrink(new_size);
419
+ return true;
420
+ }
421
+ if (new_size > capacity()) {
422
+ return false;
423
+ }
424
+ std::uninitialized_value_construct_n(data() + size_, new_size - size_);
425
+ size_ = static_cast<PackedSize<N>>(new_size);
426
+ return true;
427
+ }
428
+
429
+ // TryResizeForOverwrite behaves like |TryResize|, but newly-added elements
430
+ // are default-initialized, so POD types may contain uninitialized values that
431
+ // the caller is responsible for filling in.
432
+ [[nodiscard]] bool TryResizeForOverwrite(size_t new_size) {
433
+ if (new_size <= size_) {
434
+ Shrink(new_size);
435
+ return true;
436
+ }
437
+ if (new_size > capacity()) {
438
+ return false;
439
+ }
440
+ std::uninitialized_default_construct_n(data() + size_, new_size - size_);
441
+ size_ = static_cast<PackedSize<N>>(new_size);
442
+ return true;
443
+ }
444
+
445
+ // TryCopyFrom sets the vector to a copy of |in| and returns true, or returns
446
+ // false if |in| is too large.
447
+ [[nodiscard]] bool TryCopyFrom(Span<const T> in) {
448
+ if (in.size() > capacity()) {
449
+ return false;
450
+ }
451
+ clear();
452
+ std::uninitialized_copy(in.begin(), in.end(), data());
453
+ size_ = in.size();
454
+ return true;
455
+ }
456
+
457
+ // TryPushBack appends |val| to the vector and returns a pointer to the
458
+ // newly-inserted value, or nullptr if the vector is at capacity.
459
+ [[nodiscard]] T *TryPushBack(T val) {
460
+ if (size() >= capacity()) {
461
+ return nullptr;
462
+ }
463
+ T *ret = &data()[size_];
464
+ new (ret) T(std::move(val));
465
+ size_++;
466
+ return ret;
467
+ }
468
+
469
+ // The following methods behave like their |Try*| counterparts, but abort the
470
+ // program on failure.
471
+ void Resize(size_t size) { BSSL_CHECK(TryResize(size)); }
472
+ void ResizeForOverwrite(size_t size) {
473
+ BSSL_CHECK(TryResizeForOverwrite(size));
474
+ }
475
+ void CopyFrom(Span<const T> in) { BSSL_CHECK(TryCopyFrom(in)); }
476
+ T &PushBack(T val) {
477
+ T *ret = TryPushBack(std::move(val));
478
+ BSSL_CHECK(ret != nullptr);
479
+ return *ret;
480
+ }
481
+
482
+ template <typename Pred>
483
+ void EraseIf(Pred pred) {
484
+ // See if anything needs to be erased at all. This avoids a self-move.
485
+ auto iter = std::find_if(begin(), end(), pred);
486
+ if (iter == end()) {
487
+ return;
488
+ }
489
+
490
+ // Elements before the first to be erased may be left as-is.
491
+ size_t new_size = iter - begin();
492
+ // Swap all subsequent elements in if they are to be kept.
493
+ for (size_t i = new_size + 1; i < size(); i++) {
494
+ if (!pred((*this)[i])) {
495
+ (*this)[new_size] = std::move((*this)[i]);
496
+ new_size++;
497
+ }
498
+ }
499
+
500
+ Shrink(new_size);
501
+ }
502
+
503
+ private:
504
+ alignas(T) char storage_[sizeof(T[N])];
505
+ PackedSize<N> size_ = 0;
506
+ };
507
+
508
+ // An MRUQueue maintains a queue of up to |N| objects of type |T|. If the queue
509
+ // is at capacity, adding to the queue pops the least recently added element.
510
+ template <typename T, size_t N>
511
+ class MRUQueue {
512
+ public:
513
+ static constexpr bool kAllowUniquePtr = true;
514
+
515
+ MRUQueue() = default;
516
+
517
+ // If we ever need to make this type movable, we could. (The defaults almost
518
+ // work except we need |start_| to be reset when moved-from.)
519
+ MRUQueue(const MRUQueue &other) = delete;
520
+ MRUQueue &operator=(const MRUQueue &other) = delete;
521
+
522
+ bool empty() const { return size() == 0; }
523
+ size_t size() const { return storage_.size(); }
524
+
525
+ T &operator[](size_t i) {
526
+ BSSL_CHECK(i < size());
527
+ return storage_[(start_ + i) % N];
528
+ }
529
+ const T &operator[](size_t i) const {
530
+ return (*const_cast<MRUQueue *>(this))[i];
531
+ }
532
+
533
+ void Clear() {
534
+ storage_.clear();
535
+ start_ = 0;
536
+ }
537
+
538
+ void PushBack(T t) {
539
+ if (storage_.size() < N) {
540
+ assert(start_ == 0);
541
+ storage_.PushBack(std::move(t));
542
+ } else {
543
+ (*this)[0] = std::move(t);
544
+ start_ = (start_ + 1) % N;
545
+ }
546
+ }
547
+
548
+ private:
549
+ InplaceVector<T, N> storage_;
550
+ PackedSize<N> start_ = 0;
551
+ };
552
+
451
553
  // CBBFinishArray behaves like |CBB_finish| but stores the result in an Array.
452
554
  OPENSSL_EXPORT bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out);
453
555
 
@@ -460,7 +562,7 @@ template <typename T, typename Name>
460
562
  inline size_t GetAllNames(const char **out, size_t max_out,
461
563
  Span<const char *const> fixed_names, Name(T::*name),
462
564
  Span<const T> objects) {
463
- auto span = bssl::MakeSpan(out, max_out);
565
+ auto span = bssl::Span(out, max_out);
464
566
  for (size_t i = 0; !span.empty() && i < fixed_names.size(); i++) {
465
567
  span[0] = fixed_names[i];
466
568
  span = span.subspan(1);
@@ -472,6 +574,48 @@ inline size_t GetAllNames(const char **out, size_t max_out,
472
574
  return fixed_names.size() + objects.size();
473
575
  }
474
576
 
577
+ // RefCounted is a common base for ref-counted types. This is an instance of the
578
+ // C++ curiously-recurring template pattern, so a type Foo must subclass
579
+ // RefCounted<Foo>. It additionally must friend RefCounted<Foo> to allow calling
580
+ // the destructor.
581
+ template <typename Derived>
582
+ class RefCounted {
583
+ public:
584
+ RefCounted(const RefCounted &) = delete;
585
+ RefCounted &operator=(const RefCounted &) = delete;
586
+
587
+ // These methods are intentionally named differently from `bssl::UpRef` to
588
+ // avoid a collision. Only the implementations of `FOO_up_ref` and `FOO_free`
589
+ // should call these.
590
+ void UpRefInternal() { CRYPTO_refcount_inc(&references_); }
591
+ void DecRefInternal() {
592
+ if (CRYPTO_refcount_dec_and_test_zero(&references_)) {
593
+ Derived *d = static_cast<Derived *>(this);
594
+ d->~Derived();
595
+ OPENSSL_free(d);
596
+ }
597
+ }
598
+
599
+ protected:
600
+ // Ensure that only `Derived`, which must inherit from `RefCounted<Derived>`,
601
+ // can call the constructor. This catches bugs where someone inherited from
602
+ // the wrong base.
603
+ class CheckSubClass {
604
+ private:
605
+ friend Derived;
606
+ CheckSubClass() = default;
607
+ };
608
+ RefCounted(CheckSubClass) {
609
+ static_assert(std::is_base_of<RefCounted, Derived>::value,
610
+ "Derived must subclass RefCounted<Derived>");
611
+ }
612
+
613
+ ~RefCounted() = default;
614
+
615
+ private:
616
+ CRYPTO_refcount_t references_ = 1;
617
+ };
618
+
475
619
 
476
620
  // Protocol versions.
477
621
  //
@@ -520,6 +664,11 @@ bool ssl_add_supported_versions(const SSL_HANDSHAKE *hs, CBB *cbb,
520
664
  bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
521
665
  uint16_t *out_version, const CBS *peer_versions);
522
666
 
667
+ // ssl_has_final_version returns whether |ssl| has determined the final version.
668
+ // This may be used to distinguish the predictive 0-RTT version from the final
669
+ // one.
670
+ bool ssl_has_final_version(const SSL *ssl);
671
+
523
672
  // ssl_protocol_version returns |ssl|'s protocol version. It is an error to
524
673
  // call this function before the version is determined.
525
674
  uint16_t ssl_protocol_version(const SSL *ssl);
@@ -554,13 +703,14 @@ BSSL_NAMESPACE_BEGIN
554
703
  #define SSL_kGENERIC 0x00000008u
555
704
 
556
705
  // Bits for |algorithm_auth| (server authentication).
557
- #define SSL_aRSA 0x00000001u
558
- #define SSL_aECDSA 0x00000002u
706
+ #define SSL_aRSA_SIGN 0x00000001u
707
+ #define SSL_aRSA_DECRYPT 0x00000002u
708
+ #define SSL_aECDSA 0x00000004u
559
709
  // SSL_aPSK is set for both PSK and ECDHE_PSK.
560
- #define SSL_aPSK 0x00000004u
561
- #define SSL_aGENERIC 0x00000008u
710
+ #define SSL_aPSK 0x00000008u
711
+ #define SSL_aGENERIC 0x00000010u
562
712
 
563
- #define SSL_aCERT (SSL_aRSA | SSL_aECDSA)
713
+ #define SSL_aCERT (SSL_aRSA_SIGN | SSL_aRSA_DECRYPT | SSL_aECDSA)
564
714
 
565
715
  // Bits for |algorithm_enc| (symmetric encryption).
566
716
  #define SSL_3DES 0x00000001u
@@ -643,7 +793,7 @@ Span<const SSL_CIPHER> AllCiphers();
643
793
  bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
644
794
  size_t *out_mac_secret_len,
645
795
  size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
646
- uint16_t version, bool is_dtls);
796
+ uint16_t version);
647
797
 
648
798
  // ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
649
799
  // |cipher|.
@@ -661,8 +811,9 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
661
811
  bool strict);
662
812
 
663
813
  // ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
664
- // values suitable for use with |key| in TLS 1.2 and below.
665
- uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key);
814
+ // values suitable for use with |key| in TLS 1.2 and below. |sign_ok| indicates
815
+ // whether |key| may be used for signing.
816
+ uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key, bool sign_ok);
666
817
 
667
818
  // ssl_cipher_uses_certificate_auth returns whether |cipher| authenticates the
668
819
  // server and, optionally, the client with a certificate.
@@ -681,12 +832,11 @@ bool ssl_cipher_requires_server_key_exchange(const SSL_CIPHER *cipher);
681
832
  size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher);
682
833
 
683
834
  // ssl_choose_tls13_cipher returns an |SSL_CIPHER| corresponding with the best
684
- // available from |cipher_suites| compatible with |version|, |group_id|, and
685
- // |policy|. It returns NULL if there isn't a compatible cipher. |has_aes_hw|
686
- // indicates if the choice should be made as if support for AES in hardware
687
- // is available.
835
+ // available from |cipher_suites| compatible with |version| and |policy|. It
836
+ // returns NULL if there isn't a compatible cipher. |has_aes_hw| indicates if
837
+ // the choice should be made as if support for AES in hardware is available.
688
838
  const SSL_CIPHER *ssl_choose_tls13_cipher(CBS cipher_suites, bool has_aes_hw,
689
- uint16_t version, uint16_t group_id,
839
+ uint16_t version,
690
840
  enum ssl_compliance_policy_t policy);
691
841
 
692
842
  // ssl_tls13_cipher_meets_policy returns true if |cipher_id| is acceptable given
@@ -704,7 +854,7 @@ OPENSSL_EXPORT bool ssl_cipher_is_deprecated(const SSL_CIPHER *cipher);
704
854
  // buffer and running hash.
705
855
  class SSLTranscript {
706
856
  public:
707
- SSLTranscript();
857
+ explicit SSLTranscript(bool is_dtls);
708
858
  ~SSLTranscript();
709
859
 
710
860
  SSLTranscript(SSLTranscript &&other) = default;
@@ -735,8 +885,8 @@ class SSLTranscript {
735
885
  bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
736
886
 
737
887
  Span<const uint8_t> buffer() const {
738
- return MakeConstSpan(reinterpret_cast<const uint8_t *>(buffer_->data),
739
- buffer_->length);
888
+ return Span(reinterpret_cast<const uint8_t *>(buffer_->data),
889
+ buffer_->length);
740
890
  }
741
891
 
742
892
  // FreeBuffer releases the handshake buffer. Subsequent calls to
@@ -767,17 +917,30 @@ class SSLTranscript {
767
917
  bool from_server) const;
768
918
 
769
919
  private:
920
+ // HashBuffer initializes |ctx| to use |digest| and writes the contents of
921
+ // |buffer_| to |ctx|. If this SSLTranscript is for DTLS 1.3, the appropriate
922
+ // bytes in |buffer_| will be skipped when hashing the buffer.
923
+ bool HashBuffer(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
924
+
925
+ // AddToBufferOrHash directly adds the contents of |in| to |buffer_| and/or
926
+ // |hash_|.
927
+ bool AddToBufferOrHash(Span<const uint8_t> in);
928
+
770
929
  // buffer_, if non-null, contains the handshake transcript.
771
930
  UniquePtr<BUF_MEM> buffer_;
772
931
  // hash, if initialized with an |EVP_MD|, maintains the handshake hash.
773
932
  ScopedEVP_MD_CTX hash_;
933
+ // is_dtls_ indicates whether this is a transcript for a DTLS connection.
934
+ bool is_dtls_ : 1;
935
+ // version_ contains the version for the connection (if known).
936
+ uint16_t version_ = 0;
774
937
  };
775
938
 
776
939
  // tls1_prf computes the PRF function for |ssl|. It fills |out|, using |secret|
777
940
  // as the secret and |label| as the label. |seed1| and |seed2| are concatenated
778
941
  // to form the seed parameter. It returns true on success and false on failure.
779
942
  bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
780
- Span<const uint8_t> secret, Span<const char> label,
943
+ Span<const uint8_t> secret, std::string_view label,
781
944
  Span<const uint8_t> seed1, Span<const uint8_t> seed2);
782
945
 
783
946
 
@@ -787,7 +950,7 @@ bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
787
950
  // encrypt an SSL connection.
788
951
  class SSLAEADContext {
789
952
  public:
790
- SSLAEADContext(uint16_t version, bool is_dtls, const SSL_CIPHER *cipher);
953
+ explicit SSLAEADContext(const SSL_CIPHER *cipher);
791
954
  ~SSLAEADContext();
792
955
  static constexpr bool kAllowUniquePtr = true;
793
956
 
@@ -795,38 +958,23 @@ class SSLAEADContext {
795
958
  SSLAEADContext &operator=(const SSLAEADContext &&) = delete;
796
959
 
797
960
  // CreateNullCipher creates an |SSLAEADContext| for the null cipher.
798
- static UniquePtr<SSLAEADContext> CreateNullCipher(bool is_dtls);
961
+ static UniquePtr<SSLAEADContext> CreateNullCipher();
799
962
 
800
963
  // Create creates an |SSLAEADContext| using the supplied key material. It
801
964
  // returns nullptr on error. Only one of |Open| or |Seal| may be used with the
802
- // resulting object, depending on |direction|. |version| is the normalized
803
- // protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
965
+ // resulting object, depending on |direction|. |version| is the wire version.
804
966
  static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
805
- uint16_t version, bool is_dtls,
967
+ uint16_t version,
806
968
  const SSL_CIPHER *cipher,
807
969
  Span<const uint8_t> enc_key,
808
970
  Span<const uint8_t> mac_key,
809
971
  Span<const uint8_t> fixed_iv);
810
972
 
811
973
  // CreatePlaceholderForQUIC creates a placeholder |SSLAEADContext| for the
812
- // given cipher and version. The resulting object can be queried for various
813
- // properties but cannot encrypt or decrypt data.
974
+ // given cipher. The resulting object can be queried for various properties
975
+ // but cannot encrypt or decrypt data.
814
976
  static UniquePtr<SSLAEADContext> CreatePlaceholderForQUIC(
815
- uint16_t version, const SSL_CIPHER *cipher);
816
-
817
- // SetVersionIfNullCipher sets the version the SSLAEADContext for the null
818
- // cipher, to make version-specific determinations in the record layer prior
819
- // to a cipher being selected.
820
- void SetVersionIfNullCipher(uint16_t version);
821
-
822
- // ProtocolVersion returns the protocol version associated with this
823
- // SSLAEADContext. It can only be called once |version_| has been set to a
824
- // valid value.
825
- uint16_t ProtocolVersion() const;
826
-
827
- // RecordVersion returns the record version that should be used with this
828
- // SSLAEADContext for record construction and crypto.
829
- uint16_t RecordVersion() const;
977
+ const SSL_CIPHER *cipher);
830
978
 
831
979
  const SSL_CIPHER *cipher() const { return cipher_; }
832
980
 
@@ -839,6 +987,10 @@ class SSLAEADContext {
839
987
  // MaxOverhead returns the maximum overhead of calling |Seal|.
840
988
  size_t MaxOverhead() const;
841
989
 
990
+ // MaxSealInputLen returns the maximum length for |Seal| that can fit in
991
+ // |max_out| output bytes, or zero if no input may fit.
992
+ size_t MaxSealInputLen(size_t max_out) const;
993
+
842
994
  // SuffixLen calculates the suffix length written by |SealScatter| and writes
843
995
  // it to |*out_suffix_len|. It returns true on success and false on error.
844
996
  // |in_len| and |extra_in_len| should equal the argument of the same names
@@ -900,12 +1052,8 @@ class SSLAEADContext {
900
1052
  ScopedEVP_AEAD_CTX ctx_;
901
1053
  // fixed_nonce_ contains any bytes of the nonce that are fixed for all
902
1054
  // records.
903
- uint8_t fixed_nonce_[12];
904
- uint8_t fixed_nonce_len_ = 0, variable_nonce_len_ = 0;
905
- // version_ is the wire version that should be used with this AEAD.
906
- uint16_t version_;
907
- // is_dtls_ is whether DTLS is being used with this AEAD.
908
- bool is_dtls_;
1055
+ InplaceVector<uint8_t, 12> fixed_nonce_;
1056
+ uint8_t variable_nonce_len_ = 0;
909
1057
  // variable_nonce_included_in_record_ is true if the variable nonce
910
1058
  // for a record is included as a prefix before the ciphertext.
911
1059
  bool variable_nonce_included_in_record_ : 1;
@@ -926,20 +1074,122 @@ class SSLAEADContext {
926
1074
 
927
1075
  // DTLS replay bitmap.
928
1076
 
929
- // DTLS1_BITMAP maintains a sliding window of 64 sequence numbers to detect
930
- // replayed packets. It should be initialized by zeroing every field.
931
- struct DTLS1_BITMAP {
932
- // map is a bit mask of the last 64 sequence numbers. Bit
933
- // |1<<i| corresponds to |max_seq_num - i|.
934
- uint64_t map = 0;
935
- // max_seq_num is the largest sequence number seen so far as a 64-bit
1077
+ // DTLSReplayBitmap maintains a sliding window of sequence numbers to detect
1078
+ // replayed packets.
1079
+ class DTLSReplayBitmap {
1080
+ public:
1081
+ // ShouldDiscard returns true if |seq_num| has been seen in
1082
+ // |bitmap| or is stale. Otherwise it returns false.
1083
+ bool ShouldDiscard(uint64_t seqnum) const;
1084
+
1085
+ // Record updates the bitmap to record receipt of sequence number
1086
+ // |seq_num|. It slides the window forward if needed. It is an error to call
1087
+ // this function on a stale sequence number.
1088
+ void Record(uint64_t seqnum);
1089
+
1090
+ uint64_t max_seq_num() const { return max_seq_num_; }
1091
+
1092
+ private:
1093
+ // map is a bitset of sequence numbers that have been seen. Bit i corresponds
1094
+ // to |max_seq_num_ - i|.
1095
+ std::bitset<256> map_;
1096
+ // max_seq_num_ is the largest sequence number seen so far as a 64-bit
936
1097
  // integer.
937
- uint64_t max_seq_num = 0;
1098
+ uint64_t max_seq_num_ = 0;
938
1099
  };
939
1100
 
1101
+ // reconstruct_seqnum takes the low order bits of a record sequence number from
1102
+ // the wire and reconstructs the full sequence number. It does so using the
1103
+ // algorithm described in section 4.2.2 of RFC 9147, where |wire_seq| is the
1104
+ // low bits of the sequence number as seen on the wire, |seq_mask| is a bitmask
1105
+ // of 8 or 16 1 bits corresponding to the length of the sequence number on the
1106
+ // wire, and |max_valid_seqnum| is the largest sequence number of a record
1107
+ // successfully deprotected in this epoch. This function returns the sequence
1108
+ // number that is numerically closest to one plus |max_valid_seqnum| that when
1109
+ // bitwise and-ed with |seq_mask| equals |wire_seq|.
1110
+ //
1111
+ // |max_valid_seqnum| must be most 2^48-1, in which case the output will also be
1112
+ // at most 2^48-1.
1113
+ OPENSSL_EXPORT uint64_t reconstruct_seqnum(uint16_t wire_seq, uint64_t seq_mask,
1114
+ uint64_t max_valid_seqnum);
1115
+
940
1116
 
941
1117
  // Record layer.
942
1118
 
1119
+ class DTLSRecordNumber {
1120
+ public:
1121
+ static constexpr uint64_t kMaxSequence = (uint64_t{1} << 48) - 1;
1122
+
1123
+ DTLSRecordNumber() = default;
1124
+ DTLSRecordNumber(uint16_t epoch, uint64_t sequence) {
1125
+ BSSL_CHECK(sequence <= kMaxSequence);
1126
+ combined_ = (uint64_t{epoch} << 48) | sequence;
1127
+ }
1128
+
1129
+ static DTLSRecordNumber FromCombined(uint64_t combined) {
1130
+ return DTLSRecordNumber(combined);
1131
+ }
1132
+
1133
+ bool operator==(DTLSRecordNumber r) const {
1134
+ return combined() == r.combined();
1135
+ }
1136
+ bool operator!=(DTLSRecordNumber r) const { return !((*this) == r); }
1137
+ bool operator<(DTLSRecordNumber r) const { return combined() < r.combined(); }
1138
+
1139
+ uint64_t combined() const { return combined_; }
1140
+ uint16_t epoch() const { return combined_ >> 48; }
1141
+ uint64_t sequence() const { return combined_ & kMaxSequence; }
1142
+
1143
+ bool HasNext() const { return sequence() < kMaxSequence; }
1144
+ DTLSRecordNumber Next() const {
1145
+ BSSL_CHECK(HasNext());
1146
+ // This will not overflow into the epoch.
1147
+ return DTLSRecordNumber::FromCombined(combined_ + 1);
1148
+ }
1149
+
1150
+ private:
1151
+ explicit DTLSRecordNumber(uint64_t combined) : combined_(combined) {}
1152
+
1153
+ uint64_t combined_ = 0;
1154
+ };
1155
+
1156
+ class RecordNumberEncrypter {
1157
+ public:
1158
+ static constexpr bool kAllowUniquePtr = true;
1159
+ static constexpr size_t kMaxKeySize = 32;
1160
+
1161
+ // Create returns a DTLS 1.3 record number encrypter for |traffic_secret|, or
1162
+ // nullptr on error.
1163
+ static UniquePtr<RecordNumberEncrypter> Create(
1164
+ const SSL_CIPHER *cipher, Span<const uint8_t> traffic_secret);
1165
+
1166
+ virtual ~RecordNumberEncrypter() = default;
1167
+ virtual size_t KeySize() = 0;
1168
+ virtual bool SetKey(Span<const uint8_t> key) = 0;
1169
+ virtual bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) = 0;
1170
+ };
1171
+
1172
+ struct DTLSReadEpoch {
1173
+ static constexpr bool kAllowUniquePtr = true;
1174
+
1175
+ // TODO(davidben): This could be made slightly more compact if |bitmap| stored
1176
+ // a DTLSRecordNumber.
1177
+ uint16_t epoch = 0;
1178
+ UniquePtr<SSLAEADContext> aead;
1179
+ UniquePtr<RecordNumberEncrypter> rn_encrypter;
1180
+ DTLSReplayBitmap bitmap;
1181
+ };
1182
+
1183
+ struct DTLSWriteEpoch {
1184
+ static constexpr bool kAllowUniquePtr = true;
1185
+
1186
+ uint16_t epoch() const { return next_record.epoch(); }
1187
+
1188
+ DTLSRecordNumber next_record;
1189
+ UniquePtr<SSLAEADContext> aead;
1190
+ UniquePtr<RecordNumberEncrypter> rn_encrypter;
1191
+ };
1192
+
943
1193
  // ssl_record_prefix_len returns the length of the prefix before the ciphertext
944
1194
  // of a record for |ssl|.
945
1195
  //
@@ -984,23 +1234,17 @@ enum ssl_open_record_t tls_open_record(SSL *ssl, uint8_t *out_type,
984
1234
 
985
1235
  // dtls_open_record implements |tls_open_record| for DTLS. It only returns
986
1236
  // |ssl_open_record_partial| if |in| was empty and sets |*out_consumed| to
987
- // zero. The caller should read one packet and try again.
1237
+ // zero. The caller should read one packet and try again. On success,
1238
+ // |*out_number| is set to the record number of the record.
988
1239
  enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
1240
+ DTLSRecordNumber *out_number,
989
1241
  Span<uint8_t> *out,
990
1242
  size_t *out_consumed,
991
1243
  uint8_t *out_alert, Span<uint8_t> in);
992
1244
 
993
- // ssl_seal_align_prefix_len returns the length of the prefix before the start
994
- // of the bulk of the ciphertext when sealing a record with |ssl|. Callers may
995
- // use this to align buffers.
996
- //
997
- // Note when TLS 1.0 CBC record-splitting is enabled, this includes the one byte
998
- // record and is the offset into second record's ciphertext. Thus sealing a
999
- // small record may result in a smaller output than this value.
1000
- //
1001
- // TODO(davidben): Is this alignment valuable? Record-splitting makes this a
1002
- // mess.
1003
- size_t ssl_seal_align_prefix_len(const SSL *ssl);
1245
+ // ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
1246
+ // state needs record-splitting and zero otherwise.
1247
+ bool ssl_needs_record_splitting(const SSL *ssl);
1004
1248
 
1005
1249
  // tls_seal_record seals a new record of type |type| and body |in| and writes it
1006
1250
  // to |out|. At most |max_out| bytes will be written. It returns true on success
@@ -1008,7 +1252,7 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
1008
1252
  // 1/n-1 record splitting and may write two records concatenated.
1009
1253
  //
1010
1254
  // For a large record, the bulk of the ciphertext will begin
1011
- // |ssl_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
1255
+ // |tls_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
1012
1256
  // improve performance. It writes at most |in_len| + |SSL_max_seal_overhead|
1013
1257
  // bytes to |out|.
1014
1258
  //
@@ -1016,26 +1260,30 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
1016
1260
  bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
1017
1261
  uint8_t type, const uint8_t *in, size_t in_len);
1018
1262
 
1019
- enum dtls1_use_epoch_t {
1020
- dtls1_use_previous_epoch,
1021
- dtls1_use_current_epoch,
1022
- };
1263
+ // dtls_record_header_write_len returns the length of the record header that
1264
+ // will be written at |epoch|.
1265
+ size_t dtls_record_header_write_len(const SSL *ssl, uint16_t epoch);
1023
1266
 
1024
1267
  // dtls_max_seal_overhead returns the maximum overhead, in bytes, of sealing a
1025
1268
  // record.
1026
- size_t dtls_max_seal_overhead(const SSL *ssl, enum dtls1_use_epoch_t use_epoch);
1269
+ size_t dtls_max_seal_overhead(const SSL *ssl, uint16_t epoch);
1027
1270
 
1028
1271
  // dtls_seal_prefix_len returns the number of bytes of prefix to reserve in
1029
1272
  // front of the plaintext when sealing a record in-place.
1030
- size_t dtls_seal_prefix_len(const SSL *ssl, enum dtls1_use_epoch_t use_epoch);
1273
+ size_t dtls_seal_prefix_len(const SSL *ssl, uint16_t epoch);
1274
+
1275
+ // dtls_seal_max_input_len returns the maximum number of input bytes that can
1276
+ // fit in a record of up to |max_out| bytes, or zero if none may fit.
1277
+ size_t dtls_seal_max_input_len(const SSL *ssl, uint16_t epoch, size_t max_out);
1031
1278
 
1032
- // dtls_seal_record implements |tls_seal_record| for DTLS. |use_epoch| selects
1033
- // which epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out|
1034
- // may alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
1035
- // ahead of |out|.
1036
- bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
1037
- uint8_t type, const uint8_t *in, size_t in_len,
1038
- enum dtls1_use_epoch_t use_epoch);
1279
+ // dtls_seal_record implements |tls_seal_record| for DTLS. |epoch| selects which
1280
+ // epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out| may
1281
+ // alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
1282
+ // ahead of |out|. On success, |*out_number| is set to the record number of the
1283
+ // record.
1284
+ bool dtls_seal_record(SSL *ssl, DTLSRecordNumber *out_number, uint8_t *out,
1285
+ size_t *out_len, size_t max_out, uint8_t type,
1286
+ const uint8_t *in, size_t in_len, uint16_t epoch);
1039
1287
 
1040
1288
  // ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
1041
1289
  // state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
@@ -1047,9 +1295,6 @@ enum ssl_open_record_t ssl_process_alert(SSL *ssl, uint8_t *out_alert,
1047
1295
 
1048
1296
  // Private key operations.
1049
1297
 
1050
- // ssl_has_private_key returns whether |hs| has a private key configured.
1051
- bool ssl_has_private_key(const SSL_HANDSHAKE *hs);
1052
-
1053
1298
  // ssl_private_key_* perform the corresponding operation on
1054
1299
  // |SSL_PRIVATE_KEY_METHOD|. If there is a custom private key configured, they
1055
1300
  // call the corresponding function or |complete| depending on whether there is a
@@ -1066,10 +1311,10 @@ enum ssl_private_key_result_t ssl_private_key_decrypt(SSL_HANDSHAKE *hs,
1066
1311
  size_t max_out,
1067
1312
  Span<const uint8_t> in);
1068
1313
 
1069
- // ssl_private_key_supports_signature_algorithm returns whether |hs|'s private
1070
- // key supports |sigalg|.
1071
- bool ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
1072
- uint16_t sigalg);
1314
+ // ssl_pkey_supports_algorithm returns whether |pkey| may be used to sign
1315
+ // |sigalg|.
1316
+ bool ssl_pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey,
1317
+ uint16_t sigalg, bool is_verify);
1073
1318
 
1074
1319
  // ssl_public_key_verify verifies that the |signature| is valid for the public
1075
1320
  // key |pkey| and input |in|, using the signature algorithm |sigalg|.
@@ -1093,32 +1338,30 @@ class SSLKeyShare {
1093
1338
  public:
1094
1339
  virtual ~SSLKeyShare() {}
1095
1340
  static constexpr bool kAllowUniquePtr = true;
1096
- HAS_VIRTUAL_DESTRUCTOR
1097
1341
 
1098
1342
  // Create returns a SSLKeyShare instance for use with group |group_id| or
1099
1343
  // nullptr on error.
1100
1344
  static UniquePtr<SSLKeyShare> Create(uint16_t group_id);
1101
1345
 
1102
1346
  // GroupID returns the group ID.
1103
- virtual uint16_t GroupID() const PURE_VIRTUAL;
1347
+ virtual uint16_t GroupID() const = 0;
1104
1348
 
1105
1349
  // Generate generates a keypair and writes the public key to |out_public_key|.
1106
1350
  // It returns true on success and false on error.
1107
- virtual bool Generate(CBB *out_public_key) PURE_VIRTUAL;
1351
+ virtual bool Generate(CBB *out_public_key) = 0;
1108
1352
 
1109
1353
  // Encap generates an ephemeral, symmetric secret and encapsulates it with
1110
1354
  // |peer_key|. On success, it returns true, writes the encapsulated secret to
1111
1355
  // |out_ciphertext|, and sets |*out_secret| to the shared secret. On failure,
1112
1356
  // it returns false and sets |*out_alert| to an alert to send to the peer.
1113
1357
  virtual bool Encap(CBB *out_ciphertext, Array<uint8_t> *out_secret,
1114
- uint8_t *out_alert,
1115
- Span<const uint8_t> peer_key) PURE_VIRTUAL;
1358
+ uint8_t *out_alert, Span<const uint8_t> peer_key) = 0;
1116
1359
 
1117
1360
  // Decap decapsulates the symmetric secret in |ciphertext|. On success, it
1118
1361
  // returns true and sets |*out_secret| to the shared secret. On failure, it
1119
1362
  // returns false and sets |*out_alert| to an alert to send to the peer.
1120
1363
  virtual bool Decap(Array<uint8_t> *out_secret, uint8_t *out_alert,
1121
- Span<const uint8_t> ciphertext) PURE_VIRTUAL;
1364
+ Span<const uint8_t> ciphertext) = 0;
1122
1365
 
1123
1366
  // SerializePrivateKey writes the private key to |out|, returning true if
1124
1367
  // successful and false otherwise. It should be called after |Generate|.
@@ -1198,21 +1441,13 @@ bool dtls_has_unprocessed_handshake_data(const SSL *ssl);
1198
1441
  // tls_flush_pending_hs_data flushes any handshake plaintext data.
1199
1442
  bool tls_flush_pending_hs_data(SSL *ssl);
1200
1443
 
1201
- struct DTLS_OUTGOING_MESSAGE {
1202
- DTLS_OUTGOING_MESSAGE() {}
1203
- DTLS_OUTGOING_MESSAGE(const DTLS_OUTGOING_MESSAGE &) = delete;
1204
- DTLS_OUTGOING_MESSAGE &operator=(const DTLS_OUTGOING_MESSAGE &) = delete;
1205
-
1206
- void Clear();
1207
-
1208
- Array<uint8_t> data;
1209
- uint16_t epoch = 0;
1210
- bool is_ccs = false;
1211
- };
1212
-
1213
1444
  // dtls_clear_outgoing_messages releases all buffered outgoing messages.
1214
1445
  void dtls_clear_outgoing_messages(SSL *ssl);
1215
1446
 
1447
+ // dtls_clear_unused_write_epochs releases any write epochs that are no longer
1448
+ // needed.
1449
+ void dtls_clear_unused_write_epochs(SSL *ssl);
1450
+
1216
1451
 
1217
1452
  // Callbacks.
1218
1453
 
@@ -1239,11 +1474,9 @@ class SSLBuffer {
1239
1474
  bool empty() const { return size_ == 0; }
1240
1475
  size_t cap() const { return cap_; }
1241
1476
 
1242
- Span<uint8_t> span() { return MakeSpan(data(), size()); }
1477
+ Span<uint8_t> span() { return Span(data(), size()); }
1243
1478
 
1244
- Span<uint8_t> remaining() {
1245
- return MakeSpan(data() + size(), cap() - size());
1246
- }
1479
+ Span<uint8_t> remaining() { return Span(data() + size(), cap() - size()); }
1247
1480
 
1248
1481
  // Clear releases the buffer.
1249
1482
  void Clear();
@@ -1278,9 +1511,6 @@ class SSLBuffer {
1278
1511
  uint16_t cap_ = 0;
1279
1512
  // inline_buf_ is a static buffer for short reads.
1280
1513
  uint8_t inline_buf_[SSL3_RT_HEADER_LENGTH];
1281
- // buf_allocated_ is true if |buf_| points to allocated data and must be freed
1282
- // or false if it points into |inline_buf_|.
1283
- bool buf_allocated_ = false;
1284
1514
  };
1285
1515
 
1286
1516
  // ssl_read_buffer_extend_to extends the read buffer to the desired length. For
@@ -1307,10 +1537,6 @@ int ssl_write_buffer_flush(SSL *ssl);
1307
1537
 
1308
1538
  // Certificate functions.
1309
1539
 
1310
- // ssl_has_certificate returns whether a certificate and private key are
1311
- // configured.
1312
- bool ssl_has_certificate(const SSL_HANDSHAKE *hs);
1313
-
1314
1540
  // ssl_parse_cert_chain parses a certificate list from |cbs| in the format used
1315
1541
  // by a TLS Certificate message. On success, it advances |cbs| and returns
1316
1542
  // true. Otherwise, it returns false and sets |*out_alert| to an alert to send
@@ -1328,11 +1554,6 @@ bool ssl_parse_cert_chain(uint8_t *out_alert,
1328
1554
  uint8_t *out_leaf_sha256, CBS *cbs,
1329
1555
  CRYPTO_BUFFER_POOL *pool);
1330
1556
 
1331
- // ssl_add_cert_chain adds |hs->ssl|'s certificate chain to |cbb| in the format
1332
- // used by a TLS Certificate message. If there is no certificate chain, it emits
1333
- // an empty certificate list. It returns true on success and false on error.
1334
- bool ssl_add_cert_chain(SSL_HANDSHAKE *hs, CBB *cbb);
1335
-
1336
1557
  enum ssl_key_usage_t {
1337
1558
  key_usage_digital_signature = 0,
1338
1559
  key_usage_encipherment = 2,
@@ -1344,37 +1565,51 @@ enum ssl_key_usage_t {
1344
1565
  OPENSSL_EXPORT bool ssl_cert_check_key_usage(const CBS *in,
1345
1566
  enum ssl_key_usage_t bit);
1346
1567
 
1568
+ // ssl_cert_extract_issuer parses the DER-encoded, X.509 certificate in |in|
1569
+ // and extracts the issuer. On success it returns true and the DER encoded
1570
+ // issuer is in |out_dn|, otherwise it returns false.
1571
+ OPENSSL_EXPORT bool ssl_cert_extract_issuer(const CBS *in, CBS *out_dn);
1572
+
1573
+ // ssl_cert_matches_issuer parses the DER-encoded, X.509 certificate in |in|
1574
+ // and returns true if its issuer is an exact match for the DER encoded
1575
+ // distinguished name in |dn|
1576
+ bool ssl_cert_matches_issuer(const CBS *in, const CBS *dn);
1577
+
1347
1578
  // ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
1348
1579
  // certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
1349
1580
  // nullptr and pushes to the error queue.
1350
1581
  UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
1351
1582
 
1352
- // ssl_parse_client_CA_list parses a CA list from |cbs| in the format used by a
1353
- // TLS CertificateRequest message. On success, it returns a newly-allocated
1354
- // |CRYPTO_BUFFER| list and advances |cbs|. Otherwise, it returns nullptr and
1355
- // sets |*out_alert| to an alert to send to the peer.
1356
- UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
1357
- uint8_t *out_alert,
1358
- CBS *cbs);
1583
+ // SSL_parse_CA_list parses a CA list from |cbs| in the format used by a TLS
1584
+ // CertificateRequest message and Certificate Authorities extension. On success,
1585
+ // it returns a newly-allocated |CRYPTO_BUFFER| list and advances
1586
+ // |cbs|. Otherwise, it returns nullptr and sets |*out_alert| to an alert to
1587
+ // send to the peer.
1588
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
1589
+ uint8_t *out_alert,
1590
+ CBS *cbs);
1359
1591
 
1360
- // ssl_has_client_CAs returns there are configured CAs.
1592
+ // ssl_has_client_CAs returns whether there are configured CAs.
1361
1593
  bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
1362
1594
 
1363
1595
  // ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
1364
1596
  // used by a TLS CertificateRequest message. It returns true on success and
1365
1597
  // false on error.
1366
- bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
1598
+ bool ssl_add_client_CA_list(const SSL_HANDSHAKE *hs, CBB *cbb);
1599
+
1600
+ // ssl_has_CA_names returns whether there are configured CA names.
1601
+ bool ssl_has_CA_names(const SSL_CONFIG *cfg);
1602
+
1603
+ // ssl_add_CA_names adds the configured CA_names list to |cbb| in the format
1604
+ // used by a TLS Certificate Authorities extension. It returns true on success
1605
+ // and false on error.
1606
+ bool ssl_add_CA_names(const SSL_HANDSHAKE *hs, CBB *cbb);
1367
1607
 
1368
1608
  // ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
1369
1609
  // a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
1370
1610
  // an error on the error queue.
1371
1611
  bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
1372
- const CRYPTO_BUFFER *leaf);
1373
-
1374
- // ssl_on_certificate_selected is called once the certificate has been selected.
1375
- // It finalizes the certificate and initializes |hs->local_pubkey|. It returns
1376
- // true on success and false on error.
1377
- bool ssl_on_certificate_selected(SSL_HANDSHAKE *hs);
1612
+ const CRYPTO_BUFFER *leaf);
1378
1613
 
1379
1614
 
1380
1615
  // TLS 1.3 key derivation.
@@ -1426,7 +1661,7 @@ bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
1426
1661
  // |exporter_secret|.
1427
1662
  bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
1428
1663
  Span<const uint8_t> secret,
1429
- Span<const char> label,
1664
+ std::string_view label,
1430
1665
  Span<const uint8_t> context);
1431
1666
 
1432
1667
  // tls13_finished_mac calculates the MAC of the handshake transcript to verify
@@ -1439,7 +1674,8 @@ bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
1439
1674
  // tls13_derive_session_psk calculates the PSK for this session based on the
1440
1675
  // resumption master secret and |nonce|. It returns true on success, and false
1441
1676
  // on failure.
1442
- bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce);
1677
+ bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce,
1678
+ bool is_dtls);
1443
1679
 
1444
1680
  // tls13_write_psk_binder calculates the PSK binder value over |transcript| and
1445
1681
  // |msg|, and replaces the last bytes of |msg| with the resulting value. It
@@ -1584,44 +1820,162 @@ size_t ssl_ech_extension_body_length(const EVP_HPKE_AEAD *aead, size_t enc_len,
1584
1820
  bool ssl_encrypt_client_hello(SSL_HANDSHAKE *hs, Span<const uint8_t> enc);
1585
1821
 
1586
1822
 
1587
- // Delegated credentials.
1823
+ // Credentials.
1588
1824
 
1589
- // This structure stores a delegated credential (DC) as defined by
1590
- // draft-ietf-tls-subcerts-03.
1591
- struct DC {
1592
- static constexpr bool kAllowUniquePtr = true;
1593
- ~DC();
1825
+ enum class SSLCredentialType {
1826
+ kX509,
1827
+ kDelegated,
1828
+ kSPAKE2PlusV1Client,
1829
+ kSPAKE2PlusV1Server,
1830
+ };
1831
+
1832
+ BSSL_NAMESPACE_END
1833
+
1834
+ // SSL_CREDENTIAL is exported to C, so it must be defined outside the namespace.
1835
+ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
1836
+ explicit ssl_credential_st(bssl::SSLCredentialType type);
1837
+ ssl_credential_st(const ssl_credential_st &) = delete;
1838
+ ssl_credential_st &operator=(const ssl_credential_st &) = delete;
1839
+
1840
+ // Dup returns a copy of the credential, or nullptr on error. The |ex_data|
1841
+ // values are not copied. This is only used on the legacy credential, whose
1842
+ // |ex_data| is inaccessible.
1843
+ bssl::UniquePtr<SSL_CREDENTIAL> Dup() const;
1844
+
1845
+ // ClearCertAndKey erases any certificate and private key on the credential.
1846
+ void ClearCertAndKey();
1847
+
1848
+ // UsesX509 returns true if the credential type uses an X.509 certificate.
1849
+ bool UsesX509() const;
1850
+
1851
+ // UsesPrivateKey returns true if the credential type uses an asymmetric
1852
+ // private key.
1853
+ bool UsesPrivateKey() const;
1854
+
1855
+ // IsComplete returns whether all required fields in the credential have been
1856
+ // filled in.
1857
+ bool IsComplete() const;
1858
+
1859
+ // SetLeafCert sets the leaf certificate to |leaf|, leaving the remaining
1860
+ // certificates unmodified. It returns true on success and false on error. If
1861
+ // |discard_key_on_mismatch| is true and the private key is inconsistent with
1862
+ // the new leaf certificate, it is silently discarded.
1863
+ bool SetLeafCert(bssl::UniquePtr<CRYPTO_BUFFER> leaf,
1864
+ bool discard_key_on_mismatch);
1865
+
1866
+ // ClearIntermediateCerts clears intermediate certificates in the certificate
1867
+ // chain, while preserving the leaf.
1868
+ void ClearIntermediateCerts();
1869
+
1870
+ // AppendIntermediateCert appends |cert| to the certificate chain. If there is
1871
+ // no leaf certificate configured, it leaves a placeholder null in |chain|. It
1872
+ // returns one on success and zero on error.
1873
+ bool AppendIntermediateCert(bssl::UniquePtr<CRYPTO_BUFFER> cert);
1874
+
1875
+ // ChainContainsIssuer returns true if |dn| is a byte for byte match with the
1876
+ // issuer of any certificate in |chain|, false otherwise.
1877
+ bool ChainContainsIssuer(bssl::Span<const uint8_t> dn) const;
1878
+
1879
+ // type is the credential type and determines which other fields apply.
1880
+ bssl::SSLCredentialType type;
1881
+
1882
+ // pubkey is the cached public key of the credential. Unlike |privkey|, it is
1883
+ // always present and is extracted from the certificate, delegated credential,
1884
+ // etc.
1885
+ bssl::UniquePtr<EVP_PKEY> pubkey;
1886
+
1887
+ // privkey is the private key of the credential. It may be omitted in favor of
1888
+ // |key_method|.
1889
+ bssl::UniquePtr<EVP_PKEY> privkey;
1890
+
1891
+ // key_method, if non-null, is a set of callbacks to call for private key
1892
+ // operations.
1893
+ const SSL_PRIVATE_KEY_METHOD *key_method = nullptr;
1894
+
1895
+ // sigalgs, if non-empty, is the set of signature algorithms supported by the
1896
+ // private key in decreasing order of preference. If empty, the default list
1897
+ // is used.
1898
+ //
1899
+ // In delegated credentials, this field is not configurable and is instead
1900
+ // computed from the dc_cert_verify_algorithm field.
1901
+ bssl::Array<uint16_t> sigalgs;
1902
+
1903
+ // chain contains the certificate chain, with the leaf at the beginning. The
1904
+ // first element of |chain| may be nullptr to indicate that the leaf
1905
+ // certificate has not yet been set.
1906
+ // If |chain| != nullptr -> len(chain) >= 1
1907
+ // If |chain[0]| == nullptr -> len(chain) >= 2.
1908
+ // |chain[1..]| != nullptr
1909
+ bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain;
1910
+
1911
+ // dc is the DelegatedCredential structure, if this is a delegated credential.
1912
+ bssl::UniquePtr<CRYPTO_BUFFER> dc;
1913
+
1914
+ // dc_algorithm is the signature scheme of the signature over the delegated
1915
+ // credential itself, made by the end-entity certificate's public key.
1916
+ uint16_t dc_algorithm = 0;
1917
+
1918
+ // Signed certificate timestamp list to be sent to the client, if requested
1919
+ bssl::UniquePtr<CRYPTO_BUFFER> signed_cert_timestamp_list;
1920
+
1921
+ // OCSP response to be sent to the client, if requested.
1922
+ bssl::UniquePtr<CRYPTO_BUFFER> ocsp_response;
1923
+
1924
+ // SPAKE2+-specific information.
1925
+ bssl::Array<uint8_t> pake_context;
1926
+ bssl::Array<uint8_t> client_identity;
1927
+ bssl::Array<uint8_t> server_identity;
1928
+ bssl::Array<uint8_t> password_verifier_w0;
1929
+ bssl::Array<uint8_t> password_verifier_w1; // server-only
1930
+ bssl::Array<uint8_t> registration_record; // client-only
1931
+ mutable std::atomic<uint32_t> pake_limit;
1594
1932
 
1595
- // Dup returns a copy of this DC and takes references to |raw| and |pkey|.
1596
- UniquePtr<DC> Dup();
1933
+ // Checks whether there are still permitted PAKE attempts remaining, without
1934
+ // changing the counter.
1935
+ bool HasPAKEAttempts() const;
1597
1936
 
1598
- // Parse parses the delegated credential stored in |in|. If successful it
1599
- // returns the parsed structure, otherwise it returns |nullptr| and sets
1600
- // |*out_alert|.
1601
- static UniquePtr<DC> Parse(CRYPTO_BUFFER *in, uint8_t *out_alert);
1937
+ // Atomically decrement |pake_limit|. Return true if successful and false if
1938
+ // |pake_limit| is already zero.
1939
+ bool ClaimPAKEAttempt() const;
1602
1940
 
1603
- // raw is the delegated credential encoded as specified in draft-ietf-tls-
1604
- // subcerts-03.
1605
- UniquePtr<CRYPTO_BUFFER> raw;
1941
+ // Atomically increment |pake_limit|. This must be paired with a
1942
+ // |ClaimPAKEAttempt| call.
1943
+ void RestorePAKEAttempt() const;
1606
1944
 
1607
- // expected_cert_verify_algorithm is the signature scheme of the DC public
1608
- // key.
1609
- uint16_t expected_cert_verify_algorithm = 0;
1945
+ CRYPTO_EX_DATA ex_data;
1610
1946
 
1611
- // pkey is the public key parsed from |public_key|.
1612
- UniquePtr<EVP_PKEY> pkey;
1947
+ // must_match_issuer is a flag indicating that this credential should be
1948
+ // considered only when it matches a peer request for a particular issuer via
1949
+ // a negotiation mechanism (such as the certificate_authorities extension).
1950
+ bool must_match_issuer = false;
1613
1951
 
1614
1952
  private:
1615
- friend DC* New<DC>();
1616
- DC();
1953
+ friend RefCounted;
1954
+ ~ssl_credential_st();
1617
1955
  };
1618
1956
 
1619
- // ssl_signing_with_dc returns true if the peer has indicated support for
1620
- // delegated credentials and this host has sent a delegated credential in
1621
- // response. If this is true then we've committed to using the DC in the
1622
- // handshake.
1623
- bool ssl_signing_with_dc(const SSL_HANDSHAKE *hs);
1957
+ BSSL_NAMESPACE_BEGIN
1958
+
1959
+ // ssl_get_full_credential_list computes |hs|'s full credential list, including
1960
+ // the legacy credential. On success, it writes it to |*out| and returns true.
1961
+ // Otherwise, it returns false. The credential list may be empty, in which case
1962
+ // this function will successfully output an empty array.
1963
+ //
1964
+ // This function should be called at most once during the handshake and is
1965
+ // intended to be used for certificate-based credentials. It runs the
1966
+ // auto-chaining logic as part of finishing the legacy credential. Other uses of
1967
+ // the credential list (e.g. PAKE credentials) should iterate over
1968
+ // |hs->config->cert->credentials|.
1969
+ //
1970
+ // The pointers in the result are only valid until |hs| is next mutated.
1971
+ bool ssl_get_full_credential_list(SSL_HANDSHAKE *hs,
1972
+ Array<SSL_CREDENTIAL *> *out);
1624
1973
 
1974
+ // ssl_credential_matches_requested_issuers returns true if |cred| is a
1975
+ // usable match for any requested issuers in |hs|, and false with an error
1976
+ // otherwise.
1977
+ bool ssl_credential_matches_requested_issuers(SSL_HANDSHAKE *hs,
1978
+ const SSL_CREDENTIAL *cred);
1625
1979
 
1626
1980
  // Handshake functions.
1627
1981
 
@@ -1661,7 +2015,7 @@ enum tls12_server_hs_state_t {
1661
2015
  state12_start_accept = 0,
1662
2016
  state12_read_client_hello,
1663
2017
  state12_read_client_hello_after_ech,
1664
- state12_select_certificate,
2018
+ state12_cert_callback,
1665
2019
  state12_tls13,
1666
2020
  state12_select_parameters,
1667
2021
  state12_send_server_hello,
@@ -1745,6 +2099,14 @@ struct SSL_HANDSHAKE_HINTS {
1745
2099
  bool ignore_ticket = false;
1746
2100
  };
1747
2101
 
2102
+ struct SSLPAKEShare {
2103
+ static constexpr bool kAllowUniquePtr = true;
2104
+ uint16_t named_pake;
2105
+ Array<uint8_t> client_identity;
2106
+ Array<uint8_t> server_identity;
2107
+ Array<uint8_t> pake_message;
2108
+ };
2109
+
1748
2110
  struct SSL_HANDSHAKE {
1749
2111
  explicit SSL_HANDSHAKE(SSL *ssl);
1750
2112
  ~SSL_HANDSHAKE();
@@ -1776,18 +2138,13 @@ struct SSL_HANDSHAKE {
1776
2138
  // |SSL_OP_NO_*| and |SSL_CTX_set_max_proto_version| APIs.
1777
2139
  uint16_t max_version = 0;
1778
2140
 
1779
- private:
1780
- size_t hash_len_ = 0;
1781
- uint8_t secret_[SSL_MAX_MD_SIZE] = {0};
1782
- uint8_t early_traffic_secret_[SSL_MAX_MD_SIZE] = {0};
1783
- uint8_t client_handshake_secret_[SSL_MAX_MD_SIZE] = {0};
1784
- uint8_t server_handshake_secret_[SSL_MAX_MD_SIZE] = {0};
1785
- uint8_t client_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
1786
- uint8_t server_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
1787
- uint8_t expected_client_finished_[SSL_MAX_MD_SIZE] = {0};
1788
-
1789
- public:
1790
- void ResizeSecrets(size_t hash_len);
2141
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> secret;
2142
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> early_traffic_secret;
2143
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_handshake_secret;
2144
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_handshake_secret;
2145
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_traffic_secret_0;
2146
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_traffic_secret_0;
2147
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> expected_client_finished;
1791
2148
 
1792
2149
  // GetClientHello, on the server, returns either the normal ClientHello
1793
2150
  // message or the ClientHelloInner if it has been serialized to
@@ -1800,29 +2157,6 @@ struct SSL_HANDSHAKE {
1800
2157
  // SSL_HANDSHAKE.
1801
2158
  bool GetClientHello(SSLMessage *out_msg, SSL_CLIENT_HELLO *out_client_hello);
1802
2159
 
1803
- Span<uint8_t> secret() { return MakeSpan(secret_, hash_len_); }
1804
- Span<const uint8_t> secret() const {
1805
- return MakeConstSpan(secret_, hash_len_);
1806
- }
1807
- Span<uint8_t> early_traffic_secret() {
1808
- return MakeSpan(early_traffic_secret_, hash_len_);
1809
- }
1810
- Span<uint8_t> client_handshake_secret() {
1811
- return MakeSpan(client_handshake_secret_, hash_len_);
1812
- }
1813
- Span<uint8_t> server_handshake_secret() {
1814
- return MakeSpan(server_handshake_secret_, hash_len_);
1815
- }
1816
- Span<uint8_t> client_traffic_secret_0() {
1817
- return MakeSpan(client_traffic_secret_0_, hash_len_);
1818
- }
1819
- Span<uint8_t> server_traffic_secret_0() {
1820
- return MakeSpan(server_traffic_secret_0_, hash_len_);
1821
- }
1822
- Span<uint8_t> expected_client_finished() {
1823
- return MakeSpan(expected_client_finished_, hash_len_);
1824
- }
1825
-
1826
2160
  union {
1827
2161
  // sent is a bitset where the bits correspond to elements of kExtensions
1828
2162
  // in extensions.cc. Each bit is set if that extension was sent in a
@@ -1863,7 +2197,8 @@ struct SSL_HANDSHAKE {
1863
2197
 
1864
2198
  // dtls_cookie is the value of the cookie in DTLS HelloVerifyRequest. If
1865
2199
  // empty, either none was received or HelloVerifyRequest contained an empty
1866
- // cookie.
2200
+ // cookie. Check the received_hello_verify_request field to distinguish an
2201
+ // empty cookie from no HelloVerifyRequest message being received.
1867
2202
  Array<uint8_t> dtls_cookie;
1868
2203
 
1869
2204
  // ech_client_outer contains the outer ECH extension to send in the
@@ -1896,7 +2231,8 @@ struct SSL_HANDSHAKE {
1896
2231
  Array<uint16_t> peer_supported_group_list;
1897
2232
 
1898
2233
  // peer_delegated_credential_sigalgs are the signature algorithms the peer
1899
- // supports with delegated credentials.
2234
+ // supports with delegated credentials, or empty if the peer does not support
2235
+ // delegated credentials.
1900
2236
  Array<uint16_t> peer_delegated_credential_sigalgs;
1901
2237
 
1902
2238
  // peer_key is the peer's ECDH key for a TLS 1.2 client.
@@ -1926,8 +2262,8 @@ struct SSL_HANDSHAKE {
1926
2262
  // server when using a TLS 1.2 PSK key exchange.
1927
2263
  UniquePtr<char> peer_psk_identity_hint;
1928
2264
 
1929
- // ca_names, on the client, contains the list of CAs received in a
1930
- // CertificateRequest message.
2265
+ // ca_names contains the list of CAs received via the Certificate Authorities
2266
+ // extension in our peer's CertificateRequest or ClientHello message
1931
2267
  UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names;
1932
2268
 
1933
2269
  // cached_x509_ca_names contains a cache of parsed versions of the elements of
@@ -1939,8 +2275,8 @@ struct SSL_HANDSHAKE {
1939
2275
  // received in a CertificateRequest message.
1940
2276
  Array<uint8_t> certificate_types;
1941
2277
 
1942
- // local_pubkey is the public key we are authenticating as.
1943
- UniquePtr<EVP_PKEY> local_pubkey;
2278
+ // credential is the credential we are using for the handshake.
2279
+ UniquePtr<SSL_CREDENTIAL> credential;
1944
2280
 
1945
2281
  // peer_pubkey is the public key parsed from the peer's leaf certificate.
1946
2282
  UniquePtr<EVP_PKEY> peer_pubkey;
@@ -2006,10 +2342,6 @@ struct SSL_HANDSHAKE {
2006
2342
  // ocsp_stapling_requested is true if a client requested OCSP stapling.
2007
2343
  bool ocsp_stapling_requested : 1;
2008
2344
 
2009
- // delegated_credential_requested is true if the peer indicated support for
2010
- // the delegated credential extension.
2011
- bool delegated_credential_requested : 1;
2012
-
2013
2345
  // should_ack_sni is used by a server and indicates that the SNI extension
2014
2346
  // should be echoed in the ServerHello.
2015
2347
  bool should_ack_sni : 1;
@@ -2033,6 +2365,10 @@ struct SSL_HANDSHAKE {
2033
2365
  // the handshake.
2034
2366
  bool can_early_write : 1;
2035
2367
 
2368
+ // is_early_version is true if the protocol version configured is not
2369
+ // necessarily the final version and is just the predicted 0-RTT version.
2370
+ bool is_early_version : 1;
2371
+
2036
2372
  // next_proto_neg_seen is one of NPN was negotiated.
2037
2373
  bool next_proto_neg_seen : 1;
2038
2374
 
@@ -2074,6 +2410,10 @@ struct SSL_HANDSHAKE {
2074
2410
  // handshake.
2075
2411
  bool channel_id_negotiated : 1;
2076
2412
 
2413
+ // received_hello_verify_request is true if we received a HelloVerifyRequest
2414
+ // message from the server.
2415
+ bool received_hello_verify_request : 1;
2416
+
2077
2417
  // client_version is the value sent or received in the ClientHello version.
2078
2418
  uint16_t client_version = 0;
2079
2419
 
@@ -2085,15 +2425,30 @@ struct SSL_HANDSHAKE {
2085
2425
  // record layer.
2086
2426
  uint16_t early_data_written = 0;
2087
2427
 
2428
+ // signature_algorithm is the signature algorithm to be used in signing with
2429
+ // the selected credential, or zero if not applicable or not yet selected.
2430
+ uint16_t signature_algorithm = 0;
2431
+
2088
2432
  // ech_config_id is the ECH config sent by the client.
2089
2433
  uint8_t ech_config_id = 0;
2090
2434
 
2091
2435
  // session_id is the session ID in the ClientHello.
2092
- uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
2093
- uint8_t session_id_len = 0;
2436
+ InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
2094
2437
 
2095
2438
  // grease_seed is the entropy for GREASE values.
2096
2439
  uint8_t grease_seed[ssl_grease_last_index + 1] = {0};
2440
+
2441
+ // pake_share is the PAKE message received over the wire, if any.
2442
+ UniquePtr<SSLPAKEShare> pake_share;
2443
+
2444
+ // pake_share_bytes are the bytes of the PAKEShare to send, if any.
2445
+ Array<uint8_t> pake_share_bytes;
2446
+
2447
+ // pake_prover is the PAKE context for a client.
2448
+ UniquePtr<spake2plus::Prover> pake_prover;
2449
+
2450
+ // pake_verifier is the PAKE context for a server.
2451
+ UniquePtr<spake2plus::Verifier> pake_verifier;
2097
2452
  };
2098
2453
 
2099
2454
  // kMaxTickets is the maximum number of tickets to send immediately after the
@@ -2126,10 +2481,9 @@ const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
2126
2481
  const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
2127
2482
  const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
2128
2483
 
2129
- // tls13_add_key_update queues a KeyUpdate message on |ssl|. The
2130
- // |update_requested| argument must be one of |SSL_KEY_UPDATE_REQUESTED| or
2131
- // |SSL_KEY_UPDATE_NOT_REQUESTED|.
2132
- bool tls13_add_key_update(SSL *ssl, int update_requested);
2484
+ // tls13_add_key_update queues a KeyUpdate message on |ssl|. |request_type| must
2485
+ // be one of |SSL_KEY_UPDATE_REQUESTED| or |SSL_KEY_UPDATE_NOT_REQUESTED|.
2486
+ bool tls13_add_key_update(SSL *ssl, int request_type);
2133
2487
 
2134
2488
  // tls13_post_handshake processes a post-handshake message. It returns true on
2135
2489
  // success and false on failure.
@@ -2167,6 +2521,10 @@ bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
2167
2521
  // a single key share of the specified group.
2168
2522
  bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id);
2169
2523
 
2524
+ // ssl_setup_pake_shares computes the client PAKE shares and saves them in |hs|.
2525
+ // It returns true on success and false on failure.
2526
+ bool ssl_setup_pake_shares(SSL_HANDSHAKE *hs);
2527
+
2170
2528
  bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
2171
2529
  Array<uint8_t> *out_secret,
2172
2530
  uint8_t *out_alert, CBS *contents);
@@ -2174,8 +2532,13 @@ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
2174
2532
  Span<const uint8_t> *out_peer_key,
2175
2533
  uint8_t *out_alert,
2176
2534
  const SSL_CLIENT_HELLO *client_hello);
2535
+ bool ssl_ext_pake_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
2177
2536
  bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
2178
2537
 
2538
+ bool ssl_ext_pake_parse_serverhello(SSL_HANDSHAKE *hs,
2539
+ Array<uint8_t> *out_secret,
2540
+ uint8_t *out_alert, CBS *contents);
2541
+
2179
2542
  bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
2180
2543
  uint8_t *out_alert,
2181
2544
  CBS *contents);
@@ -2239,6 +2602,11 @@ bool ssl_is_valid_alpn_list(Span<const uint8_t> in);
2239
2602
  bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
2240
2603
  Span<const uint8_t> protocol);
2241
2604
 
2605
+ // ssl_alpn_list_contains_protocol returns whether |list|, a serialized ALPN
2606
+ // protocol list, contains |protocol|.
2607
+ bool ssl_alpn_list_contains_protocol(Span<const uint8_t> list,
2608
+ Span<const uint8_t> protocol);
2609
+
2242
2610
  // ssl_negotiate_alpn negotiates the ALPN extension, if applicable. It returns
2243
2611
  // true on successful negotiation or if nothing was negotiated. It returns false
2244
2612
  // and sets |*out_alert| to an alert on error.
@@ -2287,8 +2655,14 @@ enum ssl_verify_result_t ssl_reverify_peer_cert(SSL_HANDSHAKE *hs,
2287
2655
  bool send_alert);
2288
2656
 
2289
2657
  enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
2658
+
2659
+ // ssl_send_finished adds a Finished message to the current flight of messages.
2660
+ // It returns true on success and false on error.
2290
2661
  bool ssl_send_finished(SSL_HANDSHAKE *hs);
2291
- bool ssl_output_cert_chain(SSL_HANDSHAKE *hs);
2662
+
2663
+ // ssl_send_tls12_certificate adds a TLS 1.2 Certificate message to the current
2664
+ // flight of messages. It returns true on success and false on error.
2665
+ bool ssl_send_tls12_certificate(SSL_HANDSHAKE *hs);
2292
2666
 
2293
2667
  // ssl_handshake_session returns the |SSL_SESSION| corresponding to the current
2294
2668
  // handshake. Note, in TLS 1.2 resumptions, this session is immutable.
@@ -2309,12 +2683,6 @@ bool ssl_log_secret(const SSL *ssl, const char *label,
2309
2683
 
2310
2684
  // ClientHello functions.
2311
2685
 
2312
- // ssl_client_hello_init parses |body| as a ClientHello message, excluding the
2313
- // message header, and writes the result to |*out|. It returns true on success
2314
- // and false on error. This function is exported for testing.
2315
- OPENSSL_EXPORT bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
2316
- Span<const uint8_t> body);
2317
-
2318
2686
  bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
2319
2687
  SSL_CLIENT_HELLO *out);
2320
2688
 
@@ -2348,28 +2716,20 @@ bool tls1_parse_peer_sigalgs(SSL_HANDSHAKE *hs, const CBS *sigalgs);
2348
2716
  bool tls1_get_legacy_signature_algorithm(uint16_t *out, const EVP_PKEY *pkey);
2349
2717
 
2350
2718
  // tls1_choose_signature_algorithm sets |*out| to a signature algorithm for use
2351
- // with |hs|'s private key based on the peer's preferences and the algorithms
2352
- // supported. It returns true on success and false on error.
2353
- bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs, uint16_t *out);
2354
-
2355
- // tls1_get_peer_verify_algorithms returns the signature schemes for which the
2356
- // peer indicated support.
2357
- //
2358
- // NOTE: The related function |SSL_get0_peer_verify_algorithms| only has
2359
- // well-defined behavior during the callbacks set by |SSL_CTX_set_cert_cb| and
2360
- // |SSL_CTX_set_client_cert_cb|, or when the handshake is paused because of
2361
- // them.
2362
- Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs);
2719
+ // with |cred| based on the peer's preferences and the algorithms supported. It
2720
+ // returns true on success and false on error.
2721
+ bool tls1_choose_signature_algorithm(SSL_HANDSHAKE *hs,
2722
+ const SSL_CREDENTIAL *cred, uint16_t *out);
2363
2723
 
2364
2724
  // tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
2365
2725
  // peer signature to |out|. It returns true on success and false on error.
2366
2726
  bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out);
2367
2727
 
2368
2728
  // tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
2369
- // signature. It returns true on success and false on error, setting
2729
+ // signature from |pkey|. It returns true on success and false on error, setting
2370
2730
  // |*out_alert| to an alert to send.
2371
2731
  bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
2372
- uint16_t sigalg);
2732
+ uint16_t sigalg, EVP_PKEY *pkey);
2373
2733
 
2374
2734
 
2375
2735
  // Underdocumented functions.
@@ -2387,42 +2747,36 @@ struct CERT {
2387
2747
  explicit CERT(const SSL_X509_METHOD *x509_method);
2388
2748
  ~CERT();
2389
2749
 
2390
- UniquePtr<EVP_PKEY> privatekey;
2391
-
2392
- // chain contains the certificate chain, with the leaf at the beginning. The
2393
- // first element of |chain| may be NULL to indicate that the leaf certificate
2394
- // has not yet been set.
2395
- // If |chain| != NULL -> len(chain) >= 1
2396
- // If |chain[0]| == NULL -> len(chain) >= 2.
2397
- // |chain[1..]| != NULL
2398
- UniquePtr<STACK_OF(CRYPTO_BUFFER)> chain;
2399
-
2400
- // x509_chain may contain a parsed copy of |chain[1..]|. This is only used as
2401
- // a cache in order to implement “get0” functions that return a non-owning
2402
- // pointer to the certificate chain.
2403
- STACK_OF(X509) *x509_chain = nullptr;
2404
-
2405
- // x509_leaf may contain a parsed copy of the first element of |chain|. This
2406
- // is only used as a cache in order to implement “get0” functions that return
2407
- // a non-owning pointer to the certificate chain.
2408
- X509 *x509_leaf = nullptr;
2750
+ bool is_valid() const { return legacy_credential != nullptr; }
2409
2751
 
2410
- // x509_stash contains the last |X509| object append to the chain. This is a
2411
- // workaround for some third-party code that continue to use an |X509| object
2412
- // even after passing ownership with an “add0” function.
2413
- X509 *x509_stash = nullptr;
2752
+ // credentials is the list of credentials to select between. Elements of this
2753
+ // array immutable.
2754
+ Vector<UniquePtr<SSL_CREDENTIAL>> credentials;
2414
2755
 
2415
- // key_method, if non-NULL, is a set of callbacks to call for private key
2416
- // operations.
2417
- const SSL_PRIVATE_KEY_METHOD *key_method = nullptr;
2756
+ // legacy_credential is the credential configured by the legacy
2757
+ // non-credential-based APIs. If IsComplete() returns true, it is appended to
2758
+ // the list of credentials.
2759
+ UniquePtr<SSL_CREDENTIAL> legacy_credential;
2418
2760
 
2419
2761
  // x509_method contains pointers to functions that might deal with |X509|
2420
2762
  // compatibility, or might be a no-op, depending on the application.
2421
2763
  const SSL_X509_METHOD *x509_method = nullptr;
2422
2764
 
2423
- // sigalgs, if non-empty, is the set of signature algorithms supported by
2424
- // |privatekey| in decreasing order of preference.
2425
- Array<uint16_t> sigalgs;
2765
+ // x509_chain may contain a parsed copy of |chain[1..]| from the legacy
2766
+ // credential. This is only used as a cache in order to implement “get0”
2767
+ // functions that return a non-owning pointer to the certificate chain.
2768
+ STACK_OF(X509) *x509_chain = nullptr;
2769
+
2770
+ // x509_leaf may contain a parsed copy of the first element of |chain| from
2771
+ // the legacy credential. This is only used as a cache in order to implement
2772
+ // “get0” functions that return a non-owning pointer to the certificate chain.
2773
+ X509 *x509_leaf = nullptr;
2774
+
2775
+ // x509_stash contains the last |X509| object append to the legacy
2776
+ // credential's chain. This is a workaround for some third-party code that
2777
+ // continue to use an |X509| object even after passing ownership with an
2778
+ // “add0” function.
2779
+ X509 *x509_stash = nullptr;
2426
2780
 
2427
2781
  // Certificate setup callback: if set is called whenever a
2428
2782
  // certificate may be required (client or server). the callback
@@ -2437,29 +2791,9 @@ struct CERT {
2437
2791
  // store is used instead.
2438
2792
  X509_STORE *verify_store = nullptr;
2439
2793
 
2440
- // Signed certificate timestamp list to be sent to the client, if requested
2441
- UniquePtr<CRYPTO_BUFFER> signed_cert_timestamp_list;
2442
-
2443
- // OCSP response to be sent to the client, if requested.
2444
- UniquePtr<CRYPTO_BUFFER> ocsp_response;
2445
-
2446
2794
  // sid_ctx partitions the session space within a shared session cache or
2447
2795
  // ticket key. Only sessions with a matching value will be accepted.
2448
- uint8_t sid_ctx_length = 0;
2449
- uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
2450
-
2451
- // Delegated credentials.
2452
-
2453
- // dc is the delegated credential to send to the peer (if requested).
2454
- UniquePtr<DC> dc = nullptr;
2455
-
2456
- // dc_privatekey is used instead of |privatekey| or |key_method| to
2457
- // authenticate the host if a delegated credential is used in the handshake.
2458
- UniquePtr<EVP_PKEY> dc_privatekey = nullptr;
2459
-
2460
- // dc_key_method, if not NULL, is used instead of |dc_privatekey| to
2461
- // authenticate the host.
2462
- const SSL_PRIVATE_KEY_METHOD *dc_key_method = nullptr;
2796
+ InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
2463
2797
  };
2464
2798
 
2465
2799
  // |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
@@ -2508,25 +2842,37 @@ struct SSL_PROTOCOL_METHOD {
2508
2842
  // add_change_cipher_spec adds a ChangeCipherSpec record to the pending
2509
2843
  // flight. It returns true on success and false on error.
2510
2844
  bool (*add_change_cipher_spec)(SSL *ssl);
2511
- // flush_flight flushes the pending flight to the transport. It returns one on
2512
- // success and <= 0 on error.
2513
- int (*flush_flight)(SSL *ssl);
2845
+ // finish_flight marks the pending flight as finished and ready to send.
2846
+ // |flush| must be called to write it.
2847
+ void (*finish_flight)(SSL *ssl);
2848
+ // schedule_ack schedules a DTLS 1.3 ACK to be sent, without an ACK delay.
2849
+ // |flush| must be called to write it.
2850
+ void (*schedule_ack)(SSL *ssl);
2851
+ // flush writes any scheduled data to the transport. It returns one on success
2852
+ // and <= 0 on error.
2853
+ int (*flush)(SSL *ssl);
2514
2854
  // on_handshake_complete is called when the handshake is complete.
2515
2855
  void (*on_handshake_complete)(SSL *ssl);
2516
2856
  // set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
2517
- // |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
2518
- // is the original secret. This function returns true on success and false on
2519
- // error.
2857
+ // |level|. In QUIC, |aead_ctx| is a placeholder object. In TLS 1.3,
2858
+ // |traffic_secret| is the original traffic secret. This function returns true
2859
+ // on success and false on error.
2860
+ //
2861
+ // TODO(crbug.com/371998381): Take the traffic secrets as input and let the
2862
+ // function create the SSLAEADContext.
2520
2863
  bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
2521
2864
  UniquePtr<SSLAEADContext> aead_ctx,
2522
- Span<const uint8_t> secret_for_quic);
2865
+ Span<const uint8_t> traffic_secret);
2523
2866
  // set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
2524
- // |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
2525
- // is the original secret. This function returns true on success and false on
2526
- // error.
2867
+ // |level|. In QUIC, |aead_ctx| is a placeholder object In TLS 1.3,
2868
+ // |traffic_secret| is the original traffic secret. This function returns true
2869
+ // on success and false on error.
2870
+ //
2871
+ // TODO(crbug.com/371998381): Take the traffic secrets as input and let the
2872
+ // function create the SSLAEADContext.
2527
2873
  bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
2528
2874
  UniquePtr<SSLAEADContext> aead_ctx,
2529
- Span<const uint8_t> secret_for_quic);
2875
+ Span<const uint8_t> traffic_secret);
2530
2876
  };
2531
2877
 
2532
2878
  // The following wrappers call |open_*| but handle |read_shutdown| correctly.
@@ -2552,10 +2898,10 @@ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
2552
2898
  Span<uint8_t> in);
2553
2899
 
2554
2900
  struct SSL_X509_METHOD {
2555
- // check_client_CA_list returns one if |names| is a good list of X.509
2556
- // distinguished names and zero otherwise. This is used to ensure that we can
2557
- // reject unparsable values at handshake time when using crypto/x509.
2558
- bool (*check_client_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
2901
+ // check_CA_list returns one if |names| is a good list of X.509 distinguished
2902
+ // names and zero otherwise. This is used to ensure that we can reject
2903
+ // unparsable values at handshake time when using crypto/x509.
2904
+ bool (*check_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
2559
2905
 
2560
2906
  // cert_clear frees and NULLs all X509 certificate-related state.
2561
2907
  void (*cert_clear)(CERT *cert);
@@ -2716,8 +3062,14 @@ struct SSL3_STATE {
2716
3062
  // needs re-doing when in SSL_accept or SSL_connect
2717
3063
  int rwstate = SSL_ERROR_NONE;
2718
3064
 
2719
- enum ssl_encryption_level_t read_level = ssl_encryption_initial;
2720
- enum ssl_encryption_level_t write_level = ssl_encryption_initial;
3065
+ enum ssl_encryption_level_t quic_read_level = ssl_encryption_initial;
3066
+ enum ssl_encryption_level_t quic_write_level = ssl_encryption_initial;
3067
+
3068
+ // version is the protocol version, or zero if the version has not yet been
3069
+ // set. In clients offering 0-RTT, this version will initially be set to the
3070
+ // early version, then switched to the final version. To distinguish these
3071
+ // cases, use |ssl_has_final_version|.
3072
+ uint16_t version = 0;
2721
3073
 
2722
3074
  // early_data_skipped is the amount of early data that has been skipped by the
2723
3075
  // record layer.
@@ -2740,10 +3092,6 @@ struct SSL3_STATE {
2740
3092
  // messages when 0RTT is rejected.
2741
3093
  bool skip_early_data : 1;
2742
3094
 
2743
- // have_version is true if the connection's final version is known. Otherwise
2744
- // the version has not been negotiated yet.
2745
- bool have_version : 1;
2746
-
2747
3095
  // v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
2748
3096
  // and future messages should use the record layer.
2749
3097
  bool v2_hello_done : 1;
@@ -2763,18 +3111,16 @@ struct SSL3_STATE {
2763
3111
  // session_reused indicates whether a session was resumed.
2764
3112
  bool session_reused : 1;
2765
3113
 
2766
- // delegated_credential_used is whether we presented a delegated credential to
2767
- // the peer.
2768
- bool delegated_credential_used : 1;
2769
-
2770
3114
  bool send_connection_binding : 1;
2771
3115
 
2772
3116
  // channel_id_valid is true if, on the server, the client has negotiated a
2773
3117
  // Channel ID and the |channel_id| field is filled in.
2774
3118
  bool channel_id_valid : 1;
2775
3119
 
2776
- // key_update_pending is true if we have a KeyUpdate acknowledgment
2777
- // outstanding.
3120
+ // key_update_pending is true if we are in the process of sending a KeyUpdate
3121
+ // message. As a DoS mitigation (and a requirement in DTLS), we never send
3122
+ // more than one KeyUpdate at once. In DTLS, this tracks whether there is an
3123
+ // unACKed KeyUpdate.
2778
3124
  bool key_update_pending : 1;
2779
3125
 
2780
3126
  // early_data_accepted is true if early data was accepted by the server.
@@ -2831,18 +3177,13 @@ struct SSL3_STATE {
2831
3177
  // one.
2832
3178
  UniquePtr<SSL_HANDSHAKE> hs;
2833
3179
 
2834
- uint8_t write_traffic_secret[SSL_MAX_MD_SIZE] = {0};
2835
- uint8_t read_traffic_secret[SSL_MAX_MD_SIZE] = {0};
2836
- uint8_t exporter_secret[SSL_MAX_MD_SIZE] = {0};
2837
- uint8_t write_traffic_secret_len = 0;
2838
- uint8_t read_traffic_secret_len = 0;
2839
- uint8_t exporter_secret_len = 0;
3180
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> write_traffic_secret;
3181
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> read_traffic_secret;
3182
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> exporter_secret;
2840
3183
 
2841
3184
  // Connection binding to prevent renegotiation attacks
2842
- uint8_t previous_client_finished[12] = {0};
2843
- uint8_t previous_client_finished_len = 0;
2844
- uint8_t previous_server_finished_len = 0;
2845
- uint8_t previous_server_finished[12] = {0};
3185
+ InplaceVector<uint8_t, 12> previous_client_finished;
3186
+ InplaceVector<uint8_t, 12> previous_server_finished;
2846
3187
 
2847
3188
  uint8_t send_alert[2] = {0};
2848
3189
 
@@ -2885,13 +3226,67 @@ struct SSL3_STATE {
2885
3226
  };
2886
3227
 
2887
3228
  // lengths of messages
2888
- #define DTLS1_RT_HEADER_LENGTH 13
3229
+ #define DTLS1_RT_MAX_HEADER_LENGTH 13
3230
+
3231
+ // DTLS_PLAINTEXT_RECORD_HEADER_LENGTH is the length of the DTLS record header
3232
+ // for plaintext records (in DTLS 1.3) or DTLS versions <= 1.2.
3233
+ #define DTLS_PLAINTEXT_RECORD_HEADER_LENGTH 13
3234
+
3235
+ // DTLS1_3_RECORD_HEADER_LENGTH is the length of the DTLS 1.3 record header
3236
+ // sent by BoringSSL for encrypted records. Note that received encrypted DTLS
3237
+ // 1.3 records might have a different length header.
3238
+ #define DTLS1_3_RECORD_HEADER_WRITE_LENGTH 5
3239
+
3240
+ static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS_PLAINTEXT_RECORD_HEADER_LENGTH,
3241
+ "DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
3242
+ "record header lengths");
3243
+ static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS1_3_RECORD_HEADER_WRITE_LENGTH,
3244
+ "DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
3245
+ "record header lengths");
2889
3246
 
2890
3247
  #define DTLS1_HM_HEADER_LENGTH 12
2891
3248
 
2892
- #define DTLS1_CCS_HEADER_LENGTH 1
3249
+ // A DTLSMessageBitmap maintains a list of bits which may be marked to indicate
3250
+ // a portion of a message was received or ACKed.
3251
+ class DTLSMessageBitmap {
3252
+ public:
3253
+ // A Range represents a range of bits from |start|, inclusive, to |end|,
3254
+ // exclusive.
3255
+ struct Range {
3256
+ size_t start = 0;
3257
+ size_t end = 0;
3258
+
3259
+ bool empty() const { return start == end; }
3260
+ size_t size() const { return end - start; }
3261
+ bool operator==(const Range &r) const {
3262
+ return start == r.start && end == r.end;
3263
+ }
3264
+ bool operator!=(const Range &r) const { return !(*this == r); }
3265
+ };
3266
+
3267
+ // Init initializes the structure with |num_bits| unmarked bits, from zero
3268
+ // to |num_bits - 1|.
3269
+ bool Init(size_t num_bits);
3270
+
3271
+ // MarkRange marks the bits from |start|, inclusive, to |end|, exclusive.
3272
+ void MarkRange(size_t start, size_t end);
3273
+
3274
+ // NextUnmarkedRange returns the next range of unmarked bits, starting from
3275
+ // |start|, inclusive. If all bits after |start| are marked, it returns an
3276
+ // empty range.
3277
+ Range NextUnmarkedRange(size_t start) const;
2893
3278
 
2894
- #define DTLS1_AL_HEADER_LENGTH 2
3279
+ // IsComplete returns whether every bit in the bitmask has been marked.
3280
+ bool IsComplete() const { return bytes_.empty(); }
3281
+
3282
+ private:
3283
+ // bytes_ contains the unmarked bits. We maintain an invariant: if |bytes_| is
3284
+ // not empty, some bit is unset.
3285
+ Array<uint8_t> bytes_;
3286
+ // first_unmarked_byte_ is the index of first byte in |bytes_| that is not
3287
+ // 0xff. This is maintained to amortize checking if the message is complete.
3288
+ size_t first_unmarked_byte_ = 0;
3289
+ };
2895
3290
 
2896
3291
  struct hm_header_st {
2897
3292
  uint8_t type;
@@ -2901,28 +3296,47 @@ struct hm_header_st {
2901
3296
  uint32_t frag_len;
2902
3297
  };
2903
3298
 
2904
- // An hm_fragment is an incoming DTLS message, possibly not yet assembled.
2905
- struct hm_fragment {
3299
+ // An DTLSIncomingMessage is an incoming DTLS message, possibly not yet
3300
+ // assembled.
3301
+ struct DTLSIncomingMessage {
2906
3302
  static constexpr bool kAllowUniquePtr = true;
2907
3303
 
2908
- hm_fragment() {}
2909
- hm_fragment(const hm_fragment &) = delete;
2910
- hm_fragment &operator=(const hm_fragment &) = delete;
2911
-
2912
- ~hm_fragment();
3304
+ Span<uint8_t> msg() { return Span(data).subspan(DTLS1_HM_HEADER_LENGTH); }
3305
+ Span<const uint8_t> msg() const {
3306
+ return Span(data).subspan(DTLS1_HM_HEADER_LENGTH);
3307
+ }
3308
+ size_t msg_len() const { return msg().size(); }
2913
3309
 
2914
3310
  // type is the type of the message.
2915
3311
  uint8_t type = 0;
2916
3312
  // seq is the sequence number of this message.
2917
3313
  uint16_t seq = 0;
2918
- // msg_len is the length of the message body.
2919
- uint32_t msg_len = 0;
2920
- // data is a pointer to the message, including message header. It has length
2921
- // |DTLS1_HM_HEADER_LENGTH| + |msg_len|.
2922
- uint8_t *data = nullptr;
2923
- // reassembly is a bitmask of |msg_len| bits corresponding to which parts of
2924
- // the message have been received. It is NULL if the message is complete.
2925
- uint8_t *reassembly = nullptr;
3314
+ // data contains the message, including the message header of length
3315
+ // |DTLS1_HM_HEADER_LENGTH|.
3316
+ Array<uint8_t> data;
3317
+ // reassembly tracks which parts of the message have been received.
3318
+ DTLSMessageBitmap reassembly;
3319
+ };
3320
+
3321
+ struct DTLSOutgoingMessage {
3322
+ size_t msg_len() const {
3323
+ assert(!is_ccs);
3324
+ assert(data.size() >= DTLS1_HM_HEADER_LENGTH);
3325
+ return data.size() - DTLS1_HM_HEADER_LENGTH;
3326
+ }
3327
+
3328
+ bool IsFullyAcked() const {
3329
+ // ACKs only exist in DTLS 1.3, which does not send ChangeCipherSpec.
3330
+ return !is_ccs && acked.IsComplete();
3331
+ }
3332
+
3333
+ Array<uint8_t> data;
3334
+ uint16_t epoch = 0;
3335
+ bool is_ccs = false;
3336
+ // acked tracks which bits of the message have been ACKed by the peer. If
3337
+ // |msg_len| is zero, it tracks one bit for whether the header has been
3338
+ // received.
3339
+ DTLSMessageBitmap acked;
2926
3340
  };
2927
3341
 
2928
3342
  struct OPENSSL_timeval {
@@ -2930,12 +3344,111 @@ struct OPENSSL_timeval {
2930
3344
  uint32_t tv_usec;
2931
3345
  };
2932
3346
 
3347
+ struct DTLSTimer {
3348
+ public:
3349
+ static constexpr uint64_t kNever = UINT64_MAX;
3350
+
3351
+ // StartMicroseconds schedules the timer to expire the specified number of
3352
+ // microseconds from |now|.
3353
+ void StartMicroseconds(OPENSSL_timeval now, uint64_t microseconds);
3354
+
3355
+ // Stop disables the timer.
3356
+ void Stop();
3357
+
3358
+ // IsExpired returns true if the timer was set and is expired at time |now|.
3359
+ bool IsExpired(OPENSSL_timeval now) const;
3360
+
3361
+ // IsSet returns true if the timer is scheduled or expired, and false if it is
3362
+ // stopped.
3363
+ bool IsSet() const;
3364
+
3365
+ // MicrosecondsRemaining returns the time remaining, in microseconds, at
3366
+ // |now|, or |kNever| if the timer is unset.
3367
+ uint64_t MicrosecondsRemaining(OPENSSL_timeval now) const;
3368
+
3369
+ private:
3370
+ // expire_time_ is the time when the timer expires, or zero if the timer is
3371
+ // unset.
3372
+ //
3373
+ // TODO(crbug.com/366284846): This is an extremely inconvenient time
3374
+ // representation. Switch libssl to something like a 64-bit count of
3375
+ // microseconds. While it's decidedly past 1970 now, zero is a less obviously
3376
+ // sound distinguished value for the monotonic clock, so maybe we should use a
3377
+ // different distinguished time, like |INT64_MAX| in the microseconds
3378
+ // representation.
3379
+ OPENSSL_timeval expire_time_ = {0, 0};
3380
+ };
3381
+
3382
+ // DTLS_MAX_EXTRA_WRITE_EPOCHS is the maximum number of additional write epochs
3383
+ // that DTLS may need to retain.
3384
+ //
3385
+ // The maximum is, as a DTLS 1.3 server, immediately after sending Finished. At
3386
+ // this point, the current epoch is the application write keys (epoch 3), but we
3387
+ // may have ServerHello (epoch 0) and EncryptedExtensions (epoch 1) to
3388
+ // retransmit. KeyUpdate does not increase this count. If the server were to
3389
+ // initiate KeyUpdate from this state, it would not apply the new epoch until
3390
+ // the client's ACKs have caught up. At that point, epochs 0 and 1 can be
3391
+ // discarded.
3392
+ #define DTLS_MAX_EXTRA_WRITE_EPOCHS 2
3393
+
3394
+ // DTLS_MAX_ACK_BUFFER is the maximum number of records worth of data we'll keep
3395
+ // track of with DTLS 1.3 ACKs. When we exceed this value, information about
3396
+ // stale records will be dropped. This will not break the connection but may
3397
+ // cause ACKs to perform worse and retransmit unnecessary information.
3398
+ #define DTLS_MAX_ACK_BUFFER 32
3399
+
3400
+ // A DTLSSentRecord records information about a record we sent. Each record
3401
+ // covers all bytes from |first_msg_start| (inclusive) of |first_msg| to
3402
+ // |last_msg_end| (exclusive) of |last_msg|. Messages are referenced by index
3403
+ // into |outgoing_messages|. |last_msg_end| may be |outgoing_messages.size()| if
3404
+ // |last_msg_end| is zero.
3405
+ //
3406
+ // When the message is empty, |first_msg_start| and |last_msg_end| are
3407
+ // maintained as if there is a single bit in the message representing the
3408
+ // header. See |acked| in DTLSOutgoingMessage.
3409
+ struct DTLSSentRecord {
3410
+ DTLSRecordNumber number;
3411
+ PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> first_msg = 0;
3412
+ PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> last_msg = 0;
3413
+ uint32_t first_msg_start = 0;
3414
+ uint32_t last_msg_end = 0;
3415
+ };
3416
+
3417
+ enum class QueuedKeyUpdate {
3418
+ kNone,
3419
+ kUpdateNotRequested,
3420
+ kUpdateRequested,
3421
+ };
3422
+
3423
+ // DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS is how long to retain the previous read
3424
+ // epoch in DTLS 1.3. This value is set based on the following:
3425
+ //
3426
+ // - Section 4.2.1 of RFC 9147 recommends retaining past read epochs for the
3427
+ // default TCP MSL. This accommodates packet reordering with KeyUpdate.
3428
+ //
3429
+ // - Section 5.8.1 of RFC 9147 requires being capable of ACKing the client's
3430
+ // final flight for at least twice the default MSL. That requires retaining
3431
+ // epoch 2 after the handshake.
3432
+ //
3433
+ // - Section 4 of RFC 9293 defines the MSL to be two minutes.
3434
+ #define DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS (4 * 60)
3435
+
3436
+ struct DTLSPrevReadEpoch {
3437
+ static constexpr bool kAllowUniquePtr = true;
3438
+ DTLSReadEpoch epoch;
3439
+ // expire is the expiration time of the read epoch, expressed as a POSIX
3440
+ // timestamp in seconds.
3441
+ uint64_t expire;
3442
+ };
3443
+
2933
3444
  struct DTLS1_STATE {
2934
3445
  static constexpr bool kAllowUniquePtr = true;
2935
3446
 
2936
3447
  DTLS1_STATE();
2937
3448
  ~DTLS1_STATE();
2938
3449
 
3450
+ bool Init();
3451
+
2939
3452
  // has_change_cipher_spec is true if we have received a ChangeCipherSpec from
2940
3453
  // the peer in this epoch.
2941
3454
  bool has_change_cipher_spec : 1;
@@ -2950,31 +3463,63 @@ struct DTLS1_STATE {
2950
3463
  // peer sent the final flight.
2951
3464
  bool flight_has_reply : 1;
2952
3465
 
2953
- // The current data and handshake epoch. This is initially undefined, and
2954
- // starts at zero once the initial handshake is completed.
2955
- uint16_t r_epoch = 0;
2956
- uint16_t w_epoch = 0;
3466
+ // handshake_write_overflow and handshake_read_overflow are true if
3467
+ // handshake_write_seq and handshake_read_seq, respectively have overflowed.
3468
+ bool handshake_write_overflow : 1;
3469
+ bool handshake_read_overflow : 1;
2957
3470
 
2958
- // records being received in the current epoch
2959
- DTLS1_BITMAP bitmap;
3471
+ // sending_flight and sending_ack are true if we are in the process of sending
3472
+ // a handshake flight and ACK, respectively.
3473
+ bool sending_flight : 1;
3474
+ bool sending_ack : 1;
3475
+
3476
+ // queued_key_update, if not kNone, indicates we've queued a KeyUpdate message
3477
+ // to send after the current flight is ACKed.
3478
+ QueuedKeyUpdate queued_key_update : 2;
2960
3479
 
2961
3480
  uint16_t handshake_write_seq = 0;
2962
3481
  uint16_t handshake_read_seq = 0;
2963
3482
 
2964
- // save last sequence number for retransmissions
2965
- uint64_t last_write_sequence = 0;
2966
- UniquePtr<SSLAEADContext> last_aead_write_ctx;
3483
+ // read_epoch is the current read epoch.
3484
+ DTLSReadEpoch read_epoch;
3485
+
3486
+ // next_read_epoch is the next read epoch in DTLS 1.3. It will become
3487
+ // current once a record is received from it.
3488
+ UniquePtr<DTLSReadEpoch> next_read_epoch;
3489
+
3490
+ // prev_read_epoch is the previous read epoch in DTLS 1.3.
3491
+ UniquePtr<DTLSPrevReadEpoch> prev_read_epoch;
3492
+
3493
+ // write_epoch is the current DTLS write epoch. Non-retransmit records will
3494
+ // generally use this epoch.
3495
+ // TODO(crbug.com/381113363): 0-RTT will be the exception, when implemented.
3496
+ DTLSWriteEpoch write_epoch;
3497
+
3498
+ // extra_write_epochs is the collection available write epochs.
3499
+ InplaceVector<UniquePtr<DTLSWriteEpoch>, DTLS_MAX_EXTRA_WRITE_EPOCHS>
3500
+ extra_write_epochs;
2967
3501
 
2968
3502
  // incoming_messages is a ring buffer of incoming handshake messages that have
2969
3503
  // yet to be processed. The front of the ring buffer is message number
2970
3504
  // |handshake_read_seq|, at position |handshake_read_seq| %
2971
3505
  // |SSL_MAX_HANDSHAKE_FLIGHT|.
2972
- UniquePtr<hm_fragment> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
3506
+ UniquePtr<DTLSIncomingMessage> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
2973
3507
 
2974
3508
  // outgoing_messages is the queue of outgoing messages from the last handshake
2975
3509
  // flight.
2976
- DTLS_OUTGOING_MESSAGE outgoing_messages[SSL_MAX_HANDSHAKE_FLIGHT];
2977
- uint8_t outgoing_messages_len = 0;
3510
+ InplaceVector<DTLSOutgoingMessage, SSL_MAX_HANDSHAKE_FLIGHT>
3511
+ outgoing_messages;
3512
+
3513
+ // sent_records is a queue of records we sent, for processing ACKs. To save
3514
+ // memory in the steady state, the structure is stored on the heap and dropped
3515
+ // when empty.
3516
+ UniquePtr<MRUQueue<DTLSSentRecord, DTLS_MAX_ACK_BUFFER>> sent_records;
3517
+
3518
+ // records_to_ack is a queue of received records that we should ACK. This is
3519
+ // not stored on the heap because, in the steady state, DTLS 1.3 does not
3520
+ // necessarily empty this list. (We probably could drop records from here once
3521
+ // they are sufficiently old.)
3522
+ MRUQueue<DTLSRecordNumber, DTLS_MAX_ACK_BUFFER> records_to_ack;
2978
3523
 
2979
3524
  // outgoing_written is the number of outgoing messages that have been
2980
3525
  // written.
@@ -2989,12 +3534,15 @@ struct DTLS1_STATE {
2989
3534
  // the last time it was reset.
2990
3535
  unsigned num_timeouts = 0;
2991
3536
 
2992
- // Indicates when the last handshake msg or heartbeat sent will
2993
- // timeout.
2994
- struct OPENSSL_timeval next_timeout = {0, 0};
3537
+ // retransmit_timer tracks when to schedule the next DTLS retransmit if we do
3538
+ // not hear from the peer.
3539
+ DTLSTimer retransmit_timer;
3540
+
3541
+ // ack_timer tracks when to send an ACK.
3542
+ DTLSTimer ack_timer;
2995
3543
 
2996
3544
  // timeout_duration_ms is the timeout duration in milliseconds.
2997
- unsigned timeout_duration_ms = 0;
3545
+ uint32_t timeout_duration_ms = 0;
2998
3546
  };
2999
3547
 
3000
3548
  // An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
@@ -3060,6 +3608,13 @@ struct SSL_CONFIG {
3060
3608
  // |client_CA|.
3061
3609
  STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
3062
3610
 
3611
+ // For client side, keep the list of CA distinguished names we can use
3612
+ // for the Certificate Authorities extension.
3613
+ // TODO(bbe) having this separate from the client side (above) is mildly
3614
+ // silly, but OpenSSL has *_client_CA API's for this exposed, and for the
3615
+ // moment we are not crossing those streams.
3616
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
3617
+
3063
3618
  Array<uint16_t> supported_group_list; // our list
3064
3619
 
3065
3620
  // channel_id_private is the client's Channel ID private key, or null if
@@ -3072,7 +3627,7 @@ struct SSL_CONFIG {
3072
3627
 
3073
3628
  // alps_configs contains the list of supported protocols to use with ALPS,
3074
3629
  // along with their corresponding ALPS values.
3075
- GrowableArray<ALPSConfig> alps_configs;
3630
+ Vector<ALPSConfig> alps_configs;
3076
3631
 
3077
3632
  // Contains the QUIC transport params that this endpoint will send.
3078
3633
  Array<uint8_t> quic_transport_params;
@@ -3092,9 +3647,9 @@ struct SSL_CONFIG {
3092
3647
  // structure for the client to use when negotiating ECH.
3093
3648
  Array<uint8_t> client_ech_config_list;
3094
3649
 
3095
- // tls13_cipher_policy limits the set of ciphers that can be selected when
3650
+ // compliance_policy limits the set of ciphers that can be selected when
3096
3651
  // negotiating a TLS 1.3 connection.
3097
- enum ssl_compliance_policy_t tls13_cipher_policy = ssl_compliance_policy_none;
3652
+ enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
3098
3653
 
3099
3654
  // verify_mode is a bitmask of |SSL_VERIFY_*| values.
3100
3655
  uint8_t verify_mode = SSL_VERIFY_NONE;
@@ -3168,18 +3723,21 @@ struct SSL_CONFIG {
3168
3723
  static const size_t kMaxEarlyDataAccepted = 14336;
3169
3724
 
3170
3725
  UniquePtr<CERT> ssl_cert_dup(CERT *cert);
3171
- void ssl_cert_clear_certs(CERT *cert);
3172
3726
  bool ssl_set_cert(CERT *cert, UniquePtr<CRYPTO_BUFFER> buffer);
3173
3727
  bool ssl_is_key_type_supported(int key_type);
3174
3728
  // ssl_compare_public_and_private_key returns true if |pubkey| is the public
3175
3729
  // counterpart to |privkey|. Otherwise it returns false and pushes a helpful
3176
3730
  // message on the error queue.
3177
3731
  bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
3178
- const EVP_PKEY *privkey);
3179
- bool ssl_cert_check_private_key(const CERT *cert, const EVP_PKEY *privkey);
3732
+ const EVP_PKEY *privkey);
3180
3733
  bool ssl_get_new_session(SSL_HANDSHAKE *hs);
3734
+
3735
+ // ssl_encrypt_ticket encrypt a ticket for |session| and writes the result to
3736
+ // |out|. It returns true on success and false on error. If, on success, nothing
3737
+ // was written to |out|, the caller should skip sending a ticket.
3181
3738
  bool ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
3182
3739
  const SSL_SESSION *session);
3740
+
3183
3741
  bool ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
3184
3742
 
3185
3743
  // ssl_session_new returns a newly-allocated blank |SSL_SESSION| or nullptr on
@@ -3200,6 +3758,20 @@ OPENSSL_EXPORT UniquePtr<SSL_SESSION> SSL_SESSION_parse(
3200
3758
  // error.
3201
3759
  OPENSSL_EXPORT bool ssl_session_serialize(const SSL_SESSION *in, CBB *cbb);
3202
3760
 
3761
+ enum class SSLSessionType {
3762
+ // The session is not resumable.
3763
+ kNotResumable,
3764
+ // The session uses a TLS 1.2 session ID.
3765
+ kID,
3766
+ // The session uses a TLS 1.2 ticket.
3767
+ kTicket,
3768
+ // The session uses a TLS 1.3 pre-shared key.
3769
+ kPreSharedKey,
3770
+ };
3771
+
3772
+ // ssl_session_get_type returns the type of |session|.
3773
+ SSLSessionType ssl_session_get_type(const SSL_SESSION *session);
3774
+
3203
3775
  // ssl_session_is_context_valid returns whether |session|'s session ID context
3204
3776
  // matches the one set on |hs|.
3205
3777
  bool ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
@@ -3284,13 +3856,15 @@ bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
3284
3856
  bool tls_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
3285
3857
  bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
3286
3858
  bool tls_add_change_cipher_spec(SSL *ssl);
3287
- int tls_flush_flight(SSL *ssl);
3859
+ int tls_flush(SSL *ssl);
3288
3860
 
3289
3861
  bool dtls1_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
3290
3862
  bool dtls1_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
3291
3863
  bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
3292
3864
  bool dtls1_add_change_cipher_spec(SSL *ssl);
3293
- int dtls1_flush_flight(SSL *ssl);
3865
+ void dtls1_finish_flight(SSL *ssl);
3866
+ void dtls1_schedule_ack(SSL *ssl);
3867
+ int dtls1_flush(SSL *ssl);
3294
3868
 
3295
3869
  // ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
3296
3870
  // the pending flight. It returns true on success and false on error.
@@ -3300,6 +3874,9 @@ bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
3300
3874
  // on success and false on allocation failure.
3301
3875
  bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
3302
3876
 
3877
+ ssl_open_record_t dtls1_process_ack(SSL *ssl, uint8_t *out_alert,
3878
+ DTLSRecordNumber ack_record_number,
3879
+ Span<const uint8_t> data);
3303
3880
  ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
3304
3881
  size_t *out_consumed, uint8_t *out_alert,
3305
3882
  Span<uint8_t> in);
@@ -3313,21 +3890,29 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
3313
3890
  // dtls1_write_record sends a record. It returns one on success and <= 0 on
3314
3891
  // error.
3315
3892
  int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
3316
- enum dtls1_use_epoch_t use_epoch);
3893
+ uint16_t epoch);
3317
3894
 
3318
- int dtls1_retransmit_outgoing_messages(SSL *ssl);
3319
3895
  bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
3320
3896
  CBS *out_body);
3321
- bool dtls1_check_timeout_num(SSL *ssl);
3322
3897
 
3323
- void dtls1_start_timer(SSL *ssl);
3898
+ // DTLS1_MTU_TIMEOUTS is the maximum number of retransmit timeouts to expire
3899
+ // before starting to decrease the MTU.
3900
+ #define DTLS1_MTU_TIMEOUTS 2
3901
+
3902
+ // DTLS1_MAX_TIMEOUTS is the maximum number of retransmit timeouts to expire
3903
+ // before failing the DTLS handshake.
3904
+ #define DTLS1_MAX_TIMEOUTS 12
3905
+
3324
3906
  void dtls1_stop_timer(SSL *ssl);
3325
- bool dtls1_is_timer_expired(SSL *ssl);
3907
+
3326
3908
  unsigned int dtls1_min_mtu(void);
3327
3909
 
3328
3910
  bool dtls1_new(SSL *ssl);
3329
3911
  void dtls1_free(SSL *ssl);
3330
3912
 
3913
+ bool dtls1_process_handshake_fragments(SSL *ssl, uint8_t *out_alert,
3914
+ DTLSRecordNumber record_number,
3915
+ Span<const uint8_t> record);
3331
3916
  bool dtls1_get_message(const SSL *ssl, SSLMessage *out);
3332
3917
  ssl_open_record_t dtls1_open_handshake(SSL *ssl, size_t *out_consumed,
3333
3918
  uint8_t *out_alert, Span<uint8_t> in);
@@ -3346,8 +3931,11 @@ bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
3346
3931
 
3347
3932
  bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
3348
3933
  evp_aead_direction_t direction);
3349
- int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
3350
- Span<const uint8_t> premaster);
3934
+
3935
+ // tls1_generate_master_secret computes the master secret from |premaster| and
3936
+ // writes it to |out|. |out| must have size |SSL3_MASTER_SECRET_SIZE|.
3937
+ bool tls1_generate_master_secret(SSL_HANDSHAKE *hs, Span<uint8_t> out,
3938
+ Span<const uint8_t> premaster);
3351
3939
 
3352
3940
  // tls1_get_grouplist returns the locally-configured group preference list.
3353
3941
  Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *ssl);
@@ -3426,9 +4014,7 @@ bool ssl_can_write(const SSL *ssl);
3426
4014
  // ssl_can_read returns wheter |ssl| is allowed to read.
3427
4015
  bool ssl_can_read(const SSL *ssl);
3428
4016
 
3429
- void ssl_get_current_time(const SSL *ssl, struct OPENSSL_timeval *out_clock);
3430
- void ssl_ctx_get_current_time(const SSL_CTX *ctx,
3431
- struct OPENSSL_timeval *out_clock);
4017
+ OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx);
3432
4018
 
3433
4019
  // ssl_reset_error_state resets state for |SSL_get_error|.
3434
4020
  void ssl_reset_error_state(SSL *ssl);
@@ -3459,7 +4045,7 @@ struct ssl_method_st {
3459
4045
  const bssl::SSL_X509_METHOD *x509_method;
3460
4046
  };
3461
4047
 
3462
- struct ssl_ctx_st {
4048
+ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
3463
4049
  explicit ssl_ctx_st(const SSL_METHOD *ssl_method);
3464
4050
  ssl_ctx_st(const ssl_ctx_st &) = delete;
3465
4051
  ssl_ctx_st &operator=(const ssl_ctx_st &) = delete;
@@ -3529,8 +4115,6 @@ struct ssl_ctx_st {
3529
4115
  SSL_SESSION *(*get_session_cb)(SSL *ssl, const uint8_t *data, int len,
3530
4116
  int *copy) = nullptr;
3531
4117
 
3532
- CRYPTO_refcount_t references = 1;
3533
-
3534
4118
  // if defined, these override the X509_verify_cert() calls
3535
4119
  int (*app_verify_callback)(X509_STORE_CTX *store_ctx, void *arg) = nullptr;
3536
4120
  void *app_verify_arg = nullptr;
@@ -3561,6 +4145,8 @@ struct ssl_ctx_st {
3561
4145
  // |client_CA|.
3562
4146
  STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
3563
4147
 
4148
+ // What we put in client hello in the CA extension.
4149
+ bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
3564
4150
 
3565
4151
  // Default values to use in SSL structures follow (these are copied by
3566
4152
  // SSL_new)
@@ -3670,7 +4256,7 @@ struct ssl_ctx_st {
3670
4256
  bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
3671
4257
 
3672
4258
  // Defined compression algorithms for certificates.
3673
- bssl::GrowableArray<bssl::CertCompressionAlg> cert_compression_algs;
4259
+ bssl::Vector<bssl::CertCompressionAlg> cert_compression_algs;
3674
4260
 
3675
4261
  // Supported group values inherited by SSL structure
3676
4262
  bssl::Array<uint16_t> supported_group_list;
@@ -3706,9 +4292,9 @@ struct ssl_ctx_st {
3706
4292
  int (*legacy_ocsp_callback)(SSL *ssl, void *arg) = nullptr;
3707
4293
  void *legacy_ocsp_callback_arg = nullptr;
3708
4294
 
3709
- // tls13_cipher_policy limits the set of ciphers that can be selected when
4295
+ // compliance_policy limits the set of ciphers that can be selected when
3710
4296
  // negotiating a TLS 1.3 connection.
3711
- enum ssl_compliance_policy_t tls13_cipher_policy = ssl_compliance_policy_none;
4297
+ enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
3712
4298
 
3713
4299
  // verify_sigalgs, if not empty, is the set of signature algorithms
3714
4300
  // accepted from the peer in decreasing order of preference.
@@ -3767,8 +4353,8 @@ struct ssl_ctx_st {
3767
4353
  bool aes_hw_override_value : 1;
3768
4354
 
3769
4355
  private:
4356
+ friend RefCounted;
3770
4357
  ~ssl_ctx_st();
3771
- friend OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *);
3772
4358
  };
3773
4359
 
3774
4360
  struct ssl_st {
@@ -3787,9 +4373,6 @@ struct ssl_st {
3787
4373
  // that instead, and skip the null check.)
3788
4374
  bssl::UniquePtr<bssl::SSL_CONFIG> config;
3789
4375
 
3790
- // version is the protocol version.
3791
- uint16_t version = 0;
3792
-
3793
4376
  uint16_t max_send_fragment = 0;
3794
4377
 
3795
4378
  // There are 2 BIO's even though they are normally both the same. This is so
@@ -3815,11 +4398,9 @@ struct ssl_st {
3815
4398
  // session info
3816
4399
 
3817
4400
  // initial_timeout_duration_ms is the default DTLS timeout duration in
3818
- // milliseconds. It's used to initialize the timer any time it's restarted.
3819
- //
3820
- // RFC 6347 states that implementations SHOULD use an initial timer value of 1
3821
- // second.
3822
- unsigned initial_timeout_duration_ms = 1000;
4401
+ // milliseconds. It's used to initialize the timer any time it's restarted. We
4402
+ // default to RFC 9147's recommendation for real-time applications, 400ms.
4403
+ uint32_t initial_timeout_duration_ms = 400;
3823
4404
 
3824
4405
  // session is the configured session to be offered by the client. This session
3825
4406
  // is immutable.
@@ -3860,13 +4441,11 @@ struct ssl_st {
3860
4441
  bool enable_early_data : 1;
3861
4442
  };
3862
4443
 
3863
- struct ssl_session_st {
4444
+ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
3864
4445
  explicit ssl_session_st(const bssl::SSL_X509_METHOD *method);
3865
4446
  ssl_session_st(const ssl_session_st &) = delete;
3866
4447
  ssl_session_st &operator=(const ssl_session_st &) = delete;
3867
4448
 
3868
- CRYPTO_refcount_t references = 1;
3869
-
3870
4449
  // ssl_version is the (D)TLS version that established the session.
3871
4450
  uint16_t ssl_version = 0;
3872
4451
 
@@ -3882,17 +4461,14 @@ struct ssl_session_st {
3882
4461
  // session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
3883
4462
  // the caller, but it stores the resumption secret when stored on |SSL|
3884
4463
  // objects.
3885
- uint8_t secret_length = 0;
3886
- uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
4464
+ bssl::InplaceVector<uint8_t, SSL_MAX_MASTER_KEY_LENGTH> secret;
4465
+
4466
+ bssl::InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
3887
4467
 
3888
- // session_id - valid?
3889
- uint8_t session_id_length = 0;
3890
- uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
3891
4468
  // this is used to determine whether the session is being reused in
3892
4469
  // the appropriate context. It is up to the application to set this,
3893
4470
  // via SSL_new
3894
- uint8_t sid_ctx_length = 0;
3895
- uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
4471
+ bssl::InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
3896
4472
 
3897
4473
  bssl::UniquePtr<char> psk_identity;
3898
4474
 
@@ -3955,8 +4531,7 @@ struct ssl_session_st {
3955
4531
  // original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
3956
4532
  // SHA-2, depending on TLS version) for the original, full handshake that
3957
4533
  // created a session. This is used by Channel IDs during resumption.
3958
- uint8_t original_handshake_hash[EVP_MAX_MD_SIZE] = {0};
3959
- uint8_t original_handshake_hash_len = 0;
4534
+ bssl::InplaceVector<uint8_t, SSL_MAX_MD_SIZE> original_handshake_hash;
3960
4535
 
3961
4536
  uint32_t ticket_lifetime_hint = 0; // Session lifetime hint in seconds
3962
4537
 
@@ -4009,21 +4584,18 @@ struct ssl_session_st {
4009
4584
  bssl::Array<uint8_t> quic_early_data_context;
4010
4585
 
4011
4586
  private:
4587
+ friend RefCounted;
4012
4588
  ~ssl_session_st();
4013
- friend OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *);
4014
4589
  };
4015
4590
 
4016
- struct ssl_ech_keys_st {
4017
- ssl_ech_keys_st() = default;
4018
- ssl_ech_keys_st(const ssl_ech_keys_st &) = delete;
4019
- ssl_ech_keys_st &operator=(const ssl_ech_keys_st &) = delete;
4591
+ struct ssl_ech_keys_st : public bssl::RefCounted<ssl_ech_keys_st> {
4592
+ ssl_ech_keys_st() : RefCounted(CheckSubClass()) {}
4020
4593
 
4021
- bssl::GrowableArray<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
4022
- CRYPTO_refcount_t references = 1;
4594
+ bssl::Vector<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
4023
4595
 
4024
4596
  private:
4597
+ friend RefCounted;
4025
4598
  ~ssl_ech_keys_st() = default;
4026
- friend OPENSSL_EXPORT void SSL_ECH_KEYS_free(SSL_ECH_KEYS *);
4027
4599
  };
4028
4600
 
4029
4601
  #endif // OPENSSL_HEADER_SSL_INTERNAL_H