grpc 1.67.0 → 1.72.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3236) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +378 -397
  3. data/include/grpc/compression.h +1 -2
  4. data/include/grpc/credentials.h +1 -2
  5. data/include/grpc/event_engine/endpoint_config.h +7 -7
  6. data/include/grpc/event_engine/event_engine.h +56 -14
  7. data/include/grpc/event_engine/extensible.h +2 -2
  8. data/include/grpc/event_engine/internal/memory_allocator_impl.h +4 -4
  9. data/include/grpc/event_engine/memory_allocator.h +3 -4
  10. data/include/grpc/event_engine/memory_request.h +4 -5
  11. data/include/grpc/event_engine/slice.h +3 -4
  12. data/include/grpc/event_engine/slice_buffer.h +6 -7
  13. data/include/grpc/grpc.h +1 -2
  14. data/include/grpc/grpc_audit_logging.h +3 -3
  15. data/include/grpc/grpc_crl_provider.h +4 -4
  16. data/include/grpc/grpc_posix.h +1 -2
  17. data/include/grpc/grpc_security.h +1 -2
  18. data/include/grpc/impl/call.h +2 -2
  19. data/include/grpc/impl/channel_arg_names.h +72 -50
  20. data/include/grpc/impl/grpc_types.h +1 -2
  21. data/include/grpc/impl/slice_type.h +1 -2
  22. data/include/grpc/passive_listener.h +2 -2
  23. data/include/grpc/status.h +1 -1
  24. data/include/grpc/support/alloc.h +1 -2
  25. data/include/grpc/support/atm.h +0 -13
  26. data/include/grpc/support/json.h +17 -18
  27. data/include/grpc/support/log.h +1 -2
  28. data/include/grpc/support/metrics.h +7 -3
  29. data/include/grpc/support/port_platform.h +6 -1
  30. data/include/grpc/support/sync_posix.h +1 -2
  31. data/include/grpc/support/time.h +1 -2
  32. data/include/grpc/support/workaround_list.h +1 -4
  33. data/src/core/call/call_arena_allocator.cc +27 -0
  34. data/src/core/call/call_arena_allocator.h +91 -0
  35. data/src/core/call/call_destination.h +76 -0
  36. data/src/core/call/call_filters.cc +148 -0
  37. data/src/core/call/call_filters.h +1967 -0
  38. data/src/core/call/call_finalization.h +88 -0
  39. data/src/core/call/call_spine.cc +90 -0
  40. data/src/core/call/call_spine.h +644 -0
  41. data/src/core/call/call_state.cc +39 -0
  42. data/src/core/call/call_state.h +1154 -0
  43. data/src/core/call/client_call.cc +458 -0
  44. data/src/core/call/client_call.h +192 -0
  45. data/src/core/call/custom_metadata.h +30 -0
  46. data/src/core/call/interception_chain.cc +155 -0
  47. data/src/core/call/interception_chain.h +282 -0
  48. data/src/core/call/message.cc +44 -0
  49. data/src/core/call/message.h +70 -0
  50. data/src/core/call/metadata.cc +61 -0
  51. data/src/core/call/metadata.h +201 -0
  52. data/src/core/call/metadata_batch.cc +383 -0
  53. data/src/core/call/metadata_batch.h +1668 -0
  54. data/src/core/call/metadata_compression_traits.h +66 -0
  55. data/src/core/call/metadata_info.cc +73 -0
  56. data/src/core/call/metadata_info.h +85 -0
  57. data/src/core/call/parsed_metadata.cc +35 -0
  58. data/src/core/call/parsed_metadata.h +429 -0
  59. data/src/core/call/request_buffer.cc +224 -0
  60. data/src/core/call/request_buffer.h +192 -0
  61. data/src/core/call/security_context.cc +125 -0
  62. data/src/core/call/security_context.h +114 -0
  63. data/src/core/call/server_call.cc +259 -0
  64. data/src/core/call/server_call.h +169 -0
  65. data/src/core/call/simple_slice_based_metadata.h +53 -0
  66. data/src/core/call/status_util.cc +153 -0
  67. data/src/core/call/status_util.h +80 -0
  68. data/src/core/channelz/channel_trace.cc +5 -6
  69. data/src/core/channelz/channel_trace.h +5 -7
  70. data/src/core/channelz/channelz.cc +7 -8
  71. data/src/core/channelz/channelz.h +11 -32
  72. data/src/core/channelz/channelz_registry.cc +6 -14
  73. data/src/core/channelz/channelz_registry.h +4 -5
  74. data/src/core/client_channel/backup_poller.cc +21 -11
  75. data/src/core/client_channel/client_channel.cc +66 -65
  76. data/src/core/client_channel/client_channel.h +10 -7
  77. data/src/core/client_channel/client_channel_args.h +21 -0
  78. data/src/core/client_channel/client_channel_factory.cc +2 -2
  79. data/src/core/client_channel/client_channel_factory.h +1 -2
  80. data/src/core/client_channel/client_channel_filter.cc +91 -175
  81. data/src/core/client_channel/client_channel_filter.h +23 -21
  82. data/src/core/client_channel/client_channel_internal.h +3 -4
  83. data/src/core/client_channel/client_channel_plugin.cc +3 -4
  84. data/src/core/client_channel/client_channel_service_config.cc +3 -4
  85. data/src/core/client_channel/client_channel_service_config.h +9 -11
  86. data/src/core/client_channel/config_selector.h +6 -9
  87. data/src/core/client_channel/connector.h +3 -3
  88. data/src/core/client_channel/direct_channel.cc +6 -6
  89. data/src/core/client_channel/direct_channel.h +1 -1
  90. data/src/core/client_channel/dynamic_filters.cc +10 -9
  91. data/src/core/client_channel/dynamic_filters.h +8 -8
  92. data/src/core/client_channel/global_subchannel_pool.cc +2 -2
  93. data/src/core/client_channel/global_subchannel_pool.h +2 -3
  94. data/src/core/client_channel/lb_metadata.cc +7 -8
  95. data/src/core/client_channel/lb_metadata.h +6 -7
  96. data/src/core/client_channel/load_balanced_call_destination.cc +7 -8
  97. data/src/core/client_channel/load_balanced_call_destination.h +1 -2
  98. data/src/core/client_channel/local_subchannel_pool.cc +2 -3
  99. data/src/core/client_channel/local_subchannel_pool.h +1 -1
  100. data/src/core/client_channel/retry_filter.cc +6 -8
  101. data/src/core/client_channel/retry_filter.h +5 -8
  102. data/src/core/client_channel/retry_filter_legacy_call_data.cc +62 -62
  103. data/src/core/client_channel/retry_filter_legacy_call_data.h +22 -23
  104. data/src/core/client_channel/retry_interceptor.cc +408 -0
  105. data/src/core/client_channel/retry_interceptor.h +157 -0
  106. data/src/core/client_channel/retry_service_config.cc +8 -10
  107. data/src/core/client_channel/retry_service_config.h +20 -9
  108. data/src/core/client_channel/retry_throttle.cc +60 -50
  109. data/src/core/client_channel/retry_throttle.h +16 -11
  110. data/src/core/client_channel/subchannel.cc +62 -99
  111. data/src/core/client_channel/subchannel.h +22 -22
  112. data/src/core/client_channel/subchannel_interface_internal.h +1 -1
  113. data/src/core/client_channel/subchannel_pool_interface.cc +1 -3
  114. data/src/core/client_channel/subchannel_pool_interface.h +2 -3
  115. data/src/core/client_channel/subchannel_stream_client.cc +20 -21
  116. data/src/core/client_channel/subchannel_stream_client.h +13 -15
  117. data/src/core/config/config_vars.cc +152 -0
  118. data/src/core/config/config_vars.h +129 -0
  119. data/src/core/config/config_vars_non_generated.cc +49 -0
  120. data/src/core/config/core_configuration.cc +111 -0
  121. data/src/core/config/core_configuration.h +242 -0
  122. data/src/core/config/load_config.cc +78 -0
  123. data/src/core/config/load_config.h +54 -0
  124. data/src/core/credentials/call/call_credentials.h +157 -0
  125. data/src/core/credentials/call/call_creds_util.cc +97 -0
  126. data/src/core/credentials/call/call_creds_util.h +43 -0
  127. data/src/core/credentials/call/composite/composite_call_credentials.cc +115 -0
  128. data/src/core/credentials/call/composite/composite_call_credentials.h +82 -0
  129. data/src/core/credentials/call/external/aws_external_account_credentials.cc +528 -0
  130. data/src/core/credentials/call/external/aws_external_account_credentials.h +117 -0
  131. data/src/core/credentials/call/external/aws_request_signer.cc +230 -0
  132. data/src/core/credentials/call/external/aws_request_signer.h +72 -0
  133. data/src/core/credentials/call/external/external_account_credentials.cc +641 -0
  134. data/src/core/credentials/call/external/external_account_credentials.h +207 -0
  135. data/src/core/credentials/call/external/file_external_account_credentials.cc +174 -0
  136. data/src/core/credentials/call/external/file_external_account_credentials.h +80 -0
  137. data/src/core/credentials/call/external/url_external_account_credentials.cc +222 -0
  138. data/src/core/credentials/call/external/url_external_account_credentials.h +73 -0
  139. data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +196 -0
  140. data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.h +90 -0
  141. data/src/core/credentials/call/iam/iam_credentials.cc +78 -0
  142. data/src/core/credentials/call/iam/iam_credentials.h +66 -0
  143. data/src/core/credentials/call/json_util.cc +69 -0
  144. data/src/core/credentials/call/json_util.h +43 -0
  145. data/src/core/credentials/call/jwt/json_token.cc +318 -0
  146. data/src/core/credentials/call/jwt/json_token.h +78 -0
  147. data/src/core/credentials/call/jwt/jwt_credentials.cc +181 -0
  148. data/src/core/credentials/call/jwt/jwt_credentials.h +106 -0
  149. data/src/core/credentials/call/jwt/jwt_verifier.cc +988 -0
  150. data/src/core/credentials/call/jwt/jwt_verifier.h +122 -0
  151. data/src/core/credentials/call/oauth2/oauth2_credentials.cc +654 -0
  152. data/src/core/credentials/call/oauth2/oauth2_credentials.h +197 -0
  153. data/src/core/credentials/call/plugin/plugin_credentials.cc +201 -0
  154. data/src/core/credentials/call/plugin/plugin_credentials.h +123 -0
  155. data/src/core/credentials/call/token_fetcher/token_fetcher_credentials.cc +304 -0
  156. data/src/core/credentials/call/token_fetcher/token_fetcher_credentials.h +181 -0
  157. data/src/core/credentials/transport/alts/alts_credentials.cc +116 -0
  158. data/src/core/credentials/transport/alts/alts_credentials.h +127 -0
  159. data/src/core/credentials/transport/alts/alts_security_connector.cc +303 -0
  160. data/src/core/credentials/transport/alts/alts_security_connector.h +78 -0
  161. data/src/core/credentials/transport/alts/check_gcp_environment.cc +71 -0
  162. data/src/core/credentials/transport/alts/check_gcp_environment.h +57 -0
  163. data/src/core/credentials/transport/alts/check_gcp_environment_linux.cc +67 -0
  164. data/src/core/credentials/transport/alts/check_gcp_environment_no_op.cc +32 -0
  165. data/src/core/credentials/transport/alts/check_gcp_environment_windows.cc +101 -0
  166. data/src/core/credentials/transport/alts/grpc_alts_credentials_client_options.cc +123 -0
  167. data/src/core/credentials/transport/alts/grpc_alts_credentials_options.cc +45 -0
  168. data/src/core/credentials/transport/alts/grpc_alts_credentials_options.h +74 -0
  169. data/src/core/credentials/transport/alts/grpc_alts_credentials_server_options.cc +55 -0
  170. data/src/core/credentials/transport/channel_creds_registry.h +126 -0
  171. data/src/core/credentials/transport/channel_creds_registry_init.cc +245 -0
  172. data/src/core/credentials/transport/composite/composite_channel_credentials.cc +68 -0
  173. data/src/core/credentials/transport/composite/composite_channel_credentials.h +89 -0
  174. data/src/core/credentials/transport/fake/fake_credentials.cc +81 -0
  175. data/src/core/credentials/transport/fake/fake_credentials.h +92 -0
  176. data/src/core/credentials/transport/fake/fake_security_connector.cc +314 -0
  177. data/src/core/credentials/transport/fake/fake_security_connector.h +42 -0
  178. data/src/core/credentials/transport/google_default/credentials_generic.cc +38 -0
  179. data/src/core/credentials/transport/google_default/google_default_credentials.cc +442 -0
  180. data/src/core/credentials/transport/google_default/google_default_credentials.h +101 -0
  181. data/src/core/credentials/transport/insecure/insecure_credentials.cc +71 -0
  182. data/src/core/credentials/transport/insecure/insecure_credentials.h +61 -0
  183. data/src/core/credentials/transport/insecure/insecure_security_connector.cc +118 -0
  184. data/src/core/credentials/transport/insecure/insecure_security_connector.h +102 -0
  185. data/src/core/credentials/transport/local/local_credentials.cc +68 -0
  186. data/src/core/credentials/transport/local/local_credentials.h +77 -0
  187. data/src/core/credentials/transport/local/local_security_connector.cc +306 -0
  188. data/src/core/credentials/transport/local/local_security_connector.h +62 -0
  189. data/src/core/credentials/transport/security_connector.cc +123 -0
  190. data/src/core/credentials/transport/security_connector.h +197 -0
  191. data/src/core/credentials/transport/ssl/ssl_credentials.cc +474 -0
  192. data/src/core/credentials/transport/ssl/ssl_credentials.h +144 -0
  193. data/src/core/credentials/transport/ssl/ssl_security_connector.cc +403 -0
  194. data/src/core/credentials/transport/ssl/ssl_security_connector.h +81 -0
  195. data/src/core/credentials/transport/tls/certificate_provider_factory.h +69 -0
  196. data/src/core/credentials/transport/tls/certificate_provider_registry.cc +50 -0
  197. data/src/core/credentials/transport/tls/certificate_provider_registry.h +75 -0
  198. data/src/core/credentials/transport/tls/grpc_tls_certificate_distributor.cc +337 -0
  199. data/src/core/credentials/transport/tls/grpc_tls_certificate_distributor.h +215 -0
  200. data/src/core/credentials/transport/tls/grpc_tls_certificate_match.cc +84 -0
  201. data/src/core/credentials/transport/tls/grpc_tls_certificate_provider.cc +490 -0
  202. data/src/core/credentials/transport/tls/grpc_tls_certificate_provider.h +206 -0
  203. data/src/core/credentials/transport/tls/grpc_tls_certificate_verifier.cc +237 -0
  204. data/src/core/credentials/transport/tls/grpc_tls_certificate_verifier.h +169 -0
  205. data/src/core/credentials/transport/tls/grpc_tls_credentials_options.cc +161 -0
  206. data/src/core/credentials/transport/tls/grpc_tls_credentials_options.h +145 -0
  207. data/src/core/credentials/transport/tls/grpc_tls_crl_provider.cc +257 -0
  208. data/src/core/credentials/transport/tls/grpc_tls_crl_provider.h +129 -0
  209. data/src/core/credentials/transport/tls/load_system_roots.h +35 -0
  210. data/src/core/credentials/transport/tls/load_system_roots_fallback.cc +36 -0
  211. data/src/core/credentials/transport/tls/load_system_roots_supported.cc +165 -0
  212. data/src/core/credentials/transport/tls/load_system_roots_supported.h +44 -0
  213. data/src/core/credentials/transport/tls/load_system_roots_windows.cc +85 -0
  214. data/src/core/credentials/transport/tls/ssl_utils.cc +628 -0
  215. data/src/core/credentials/transport/tls/ssl_utils.h +188 -0
  216. data/src/core/credentials/transport/tls/tls_credentials.cc +170 -0
  217. data/src/core/credentials/transport/tls/tls_credentials.h +75 -0
  218. data/src/core/credentials/transport/tls/tls_security_connector.cc +816 -0
  219. data/src/core/credentials/transport/tls/tls_security_connector.h +285 -0
  220. data/src/core/credentials/transport/tls/tls_utils.cc +127 -0
  221. data/src/core/credentials/transport/tls/tls_utils.h +50 -0
  222. data/src/core/credentials/transport/transport_credentials.cc +158 -0
  223. data/src/core/credentials/transport/transport_credentials.h +182 -0
  224. data/src/core/credentials/transport/xds/xds_credentials.cc +231 -0
  225. data/src/core/credentials/transport/xds/xds_credentials.h +110 -0
  226. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +14 -21
  227. data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +7 -8
  228. data/src/core/ext/filters/census/grpc_context.cc +1 -2
  229. data/src/core/ext/filters/channel_idle/idle_filter_state.cc +1 -2
  230. data/src/core/ext/filters/channel_idle/idle_filter_state.h +0 -1
  231. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +25 -24
  232. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +6 -8
  233. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +19 -23
  234. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +7 -9
  235. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +4 -5
  236. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +4 -7
  237. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +56 -25
  238. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +35 -20
  239. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +3 -4
  240. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +3 -4
  241. data/src/core/ext/filters/http/client/http_client_filter.cc +13 -13
  242. data/src/core/ext/filters/http/client/http_client_filter.h +5 -6
  243. data/src/core/ext/filters/http/client_authority_filter.cc +15 -19
  244. data/src/core/ext/filters/http/client_authority_filter.h +6 -7
  245. data/src/core/ext/filters/http/http_filters_plugin.cc +1 -2
  246. data/src/core/ext/filters/http/message_compress/compression_filter.cc +43 -33
  247. data/src/core/ext/filters/http/message_compress/compression_filter.h +20 -18
  248. data/src/core/ext/filters/http/server/http_server_filter.cc +15 -15
  249. data/src/core/ext/filters/http/server/http_server_filter.h +4 -5
  250. data/src/core/ext/filters/message_size/message_size_filter.cc +27 -33
  251. data/src/core/ext/filters/message_size/message_size_filter.h +22 -25
  252. data/src/core/ext/filters/rbac/rbac_filter.cc +8 -15
  253. data/src/core/ext/filters/rbac/rbac_filter.h +6 -8
  254. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +17 -11
  255. data/src/core/ext/filters/rbac/rbac_service_config_parser.h +2 -4
  256. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +13 -13
  257. data/src/core/ext/filters/stateful_session/stateful_session_filter.h +6 -8
  258. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +3 -4
  259. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +5 -7
  260. data/src/core/ext/transport/chttp2/alpn/alpn.cc +1 -2
  261. data/src/core/ext/transport/chttp2/alpn/alpn.h +1 -2
  262. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +24 -29
  263. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +7 -7
  264. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +765 -189
  265. data/src/core/ext/transport/chttp2/server/chttp2_server.h +195 -15
  266. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
  267. data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -3
  268. data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
  269. data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -2
  270. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +53 -0
  271. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +70 -0
  272. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +277 -193
  273. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -13
  274. data/src/core/ext/transport/chttp2/transport/context_list_entry.h +4 -5
  275. data/src/core/ext/transport/chttp2/transport/decode_huff.h +4 -4
  276. data/src/core/ext/transport/chttp2/transport/flow_control.cc +4 -6
  277. data/src/core/ext/transport/chttp2/transport/flow_control.h +5 -7
  278. data/src/core/ext/transport/chttp2/transport/frame.cc +109 -70
  279. data/src/core/ext/transport/chttp2/transport/frame.h +52 -7
  280. data/src/core/ext/transport/chttp2/transport/frame_data.cc +19 -13
  281. data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -4
  282. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +11 -13
  283. data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -2
  284. data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -4
  285. data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -2
  286. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +10 -8
  287. data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -2
  288. data/src/core/ext/transport/chttp2/transport/frame_security.cc +80 -0
  289. data/src/core/ext/transport/chttp2/transport/frame_security.h +44 -0
  290. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +28 -12
  291. data/src/core/ext/transport/chttp2/transport/frame_settings.h +3 -4
  292. data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +21 -3
  293. data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -2
  294. data/src/core/ext/transport/chttp2/transport/hpack_constants.h +2 -2
  295. data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +10 -11
  296. data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +8 -10
  297. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -2
  298. data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +4 -5
  299. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +2 -4
  300. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +7 -9
  301. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +38 -39
  302. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +10 -13
  303. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +1 -3
  304. data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +4 -6
  305. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +22 -12
  306. data/src/core/ext/transport/chttp2/transport/http2_settings.h +14 -8
  307. data/src/core/ext/transport/chttp2/transport/http2_status.h +52 -0
  308. data/src/core/ext/transport/chttp2/transport/internal.h +58 -112
  309. data/src/core/ext/transport/chttp2/transport/legacy_frame.h +1 -0
  310. data/src/core/ext/transport/chttp2/transport/parsing.cc +90 -42
  311. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +4 -4
  312. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +3 -3
  313. data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +4 -4
  314. data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +5 -7
  315. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +6 -7
  316. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +4 -6
  317. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +5 -3
  318. data/src/core/ext/transport/chttp2/transport/stream_lists.h +65 -0
  319. data/src/core/ext/transport/chttp2/transport/varint.cc +6 -6
  320. data/src/core/ext/transport/chttp2/transport/varint.h +1 -2
  321. data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +2 -2
  322. data/src/core/ext/transport/chttp2/transport/write_size_policy.h +3 -4
  323. data/src/core/ext/transport/chttp2/transport/writing.cc +40 -45
  324. data/src/core/ext/transport/inproc/inproc_transport.cc +8 -11
  325. data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +28 -25
  326. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +35 -4
  327. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.c +25 -18
  328. data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.h +10 -4
  329. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +101 -69
  330. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +52 -46
  331. data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.h +9 -4
  332. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb.h +39 -4
  333. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.c +29 -22
  334. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.h +10 -4
  335. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +154 -19
  336. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +111 -90
  337. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.h +24 -4
  338. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb.h +10 -4
  339. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.c +8 -4
  340. data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.h +7 -4
  341. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb.h +17 -4
  342. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.c +12 -8
  343. data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.h +7 -4
  344. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb.h +5 -4
  345. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.c +4 -1
  346. data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.h +6 -4
  347. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +11 -10
  348. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +8 -5
  349. data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.h +6 -4
  350. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb.h +5 -4
  351. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.c +4 -1
  352. data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.h +6 -4
  353. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +165 -134
  354. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +88 -83
  355. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.h +7 -4
  356. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb.h +7 -4
  357. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.c +7 -4
  358. data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.h +6 -4
  359. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb.h +5 -4
  360. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.c +7 -1
  361. data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.h +5 -4
  362. data/src/core/ext/upb-gen/envoy/annotations/resource.upb.h +7 -6
  363. data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.c +10 -6
  364. data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.h +6 -4
  365. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +87 -30
  366. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +73 -55
  367. data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.h +21 -4
  368. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +397 -220
  369. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +197 -172
  370. data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.h +28 -4
  371. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +58 -31
  372. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +31 -26
  373. data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.h +8 -4
  374. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +535 -326
  375. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +259 -230
  376. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.h +30 -4
  377. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +9 -4
  378. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +8 -5
  379. data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.h +6 -4
  380. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +114 -62
  381. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +44 -41
  382. data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.h +6 -4
  383. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +116 -26
  384. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +83 -66
  385. data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.h +20 -4
  386. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +73 -33
  387. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +52 -42
  388. data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.h +13 -4
  389. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb.h +9 -4
  390. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.c +8 -5
  391. data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.h +6 -4
  392. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +405 -190
  393. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +192 -135
  394. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +36 -4
  395. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +100 -58
  396. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +57 -48
  397. data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.h +12 -4
  398. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +7 -4
  399. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.c +7 -4
  400. data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.h +6 -4
  401. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb.h +7 -4
  402. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.c +7 -4
  403. data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.h +6 -4
  404. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb.h +10 -4
  405. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.c +8 -4
  406. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.h +7 -4
  407. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +128 -63
  408. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +76 -60
  409. data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.h +19 -4
  410. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +192 -104
  411. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +89 -78
  412. data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.h +14 -4
  413. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +12 -4
  414. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +8 -5
  415. data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.h +6 -4
  416. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +19 -16
  417. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +12 -9
  418. data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.h +6 -4
  419. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +304 -118
  420. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +138 -114
  421. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.h +21 -4
  422. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb.h +7 -4
  423. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.c +8 -4
  424. data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.h +7 -4
  425. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb.h +12 -4
  426. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.c +9 -5
  427. data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.h +7 -4
  428. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
  429. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
  430. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
  431. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +235 -22
  432. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +71 -19
  433. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +13 -4
  434. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +43 -31
  435. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +21 -17
  436. data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.h +7 -4
  437. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb.h +9 -4
  438. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.c +8 -5
  439. data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.h +6 -4
  440. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +45 -16
  441. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +25 -19
  442. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.h +9 -4
  443. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +89 -45
  444. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +57 -48
  445. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.h +12 -4
  446. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +68 -28
  447. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +36 -28
  448. data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.h +11 -4
  449. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb.h +7 -4
  450. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.c +7 -4
  451. data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.h +6 -4
  452. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +222 -143
  453. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +99 -87
  454. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.h +15 -4
  455. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +127 -164
  456. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +67 -79
  457. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +11 -5
  458. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +112 -4
  459. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +41 -16
  460. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.h +6 -4
  461. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb.h +11 -4
  462. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.c +10 -6
  463. data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.h +7 -4
  464. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +15 -10
  465. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +12 -9
  466. data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.h +6 -4
  467. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +66 -37
  468. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +48 -38
  469. data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.h +13 -4
  470. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +53 -5
  471. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.c +41 -29
  472. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.h +15 -4
  473. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +258 -16
  474. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +108 -65
  475. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +18 -4
  476. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +102 -56
  477. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +34 -29
  478. data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.h +8 -4
  479. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +1289 -615
  480. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +582 -465
  481. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +67 -4
  482. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +27 -17
  483. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +17 -12
  484. data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.h +8 -4
  485. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +72 -7
  486. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +61 -47
  487. data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.h +17 -4
  488. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb.h +9 -4
  489. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.c +11 -7
  490. data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.h +7 -4
  491. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +7 -4
  492. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +7 -4
  493. data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.h +6 -4
  494. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +9 -4
  495. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.c +11 -7
  496. data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.h +7 -4
  497. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb.h +7 -4
  498. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.c +7 -4
  499. data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.h +6 -4
  500. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +23 -11
  501. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +13 -10
  502. data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.h +6 -4
  503. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb.h +7 -4
  504. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.c +7 -4
  505. data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.h +6 -4
  506. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +26 -19
  507. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +19 -15
  508. data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.h +7 -4
  509. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +5 -6
  510. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +3 -2
  511. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +5 -5
  512. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +20 -11
  513. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +16 -12
  514. data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.h +7 -4
  515. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +23 -20
  516. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +17 -14
  517. data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.h +6 -4
  518. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +402 -310
  519. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +168 -150
  520. data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.h +21 -4
  521. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +5 -4
  522. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.c +4 -1
  523. data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.h +6 -4
  524. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +17 -4
  525. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.c +18 -11
  526. data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.h +10 -4
  527. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +85 -65
  528. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +45 -40
  529. data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.h +8 -4
  530. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +36 -23
  531. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +23 -17
  532. data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.h +9 -4
  533. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +40 -29
  534. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +23 -19
  535. data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.h +7 -4
  536. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +55 -38
  537. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +23 -19
  538. data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.h +7 -4
  539. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +12 -7
  540. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +13 -9
  541. data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.h +7 -4
  542. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +488 -295
  543. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +240 -216
  544. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.h +26 -4
  545. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +7 -4
  546. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.c +7 -4
  547. data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.h +6 -4
  548. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +77 -4
  549. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +25 -11
  550. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.h +6 -4
  551. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +24 -7
  552. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +25 -18
  553. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.h +10 -4
  554. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +5 -4
  555. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.c +4 -1
  556. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.h +6 -4
  557. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +38 -27
  558. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +19 -16
  559. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.h +6 -4
  560. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +7 -4
  561. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.c +7 -4
  562. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.h +6 -4
  563. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +105 -0
  564. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +51 -0
  565. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.h +32 -0
  566. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +5 -4
  567. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.c +3 -1
  568. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.h +5 -4
  569. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +143 -88
  570. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +70 -60
  571. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.h +13 -4
  572. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +17 -4
  573. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.c +18 -13
  574. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.h +8 -4
  575. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +229 -78
  576. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +98 -80
  577. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.h +12 -4
  578. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +49 -11
  579. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +17 -11
  580. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.h +7 -4
  581. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +66 -28
  582. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +37 -31
  583. data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.h +9 -4
  584. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb.h +5 -4
  585. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.c +4 -1
  586. data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.h +6 -4
  587. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +440 -127
  588. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +137 -96
  589. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +21 -4
  590. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +20 -10
  591. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +14 -10
  592. data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.h +7 -4
  593. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +107 -65
  594. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +58 -51
  595. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.h +10 -4
  596. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +14 -11
  597. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +10 -7
  598. data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.h +6 -4
  599. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +14 -4
  600. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.c +14 -8
  601. data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.h +9 -4
  602. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
  603. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
  604. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
  605. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +40 -4
  606. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +13 -7
  607. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.h +6 -4
  608. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb.h +5 -4
  609. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.c +8 -1
  610. data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.h +10 -4
  611. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +18 -10
  612. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +11 -7
  613. data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.h +7 -4
  614. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb.h +12 -4
  615. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.c +8 -5
  616. data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.h +6 -4
  617. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +7 -4
  618. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.c +7 -4
  619. data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.h +6 -4
  620. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +7 -4
  621. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.c +7 -4
  622. data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.h +6 -4
  623. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +18 -11
  624. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +18 -13
  625. data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.h +8 -4
  626. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb.h +5 -4
  627. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.c +5 -1
  628. data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.h +7 -4
  629. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +14 -4
  630. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.c +12 -8
  631. data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.h +7 -4
  632. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +12 -4
  633. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.c +9 -5
  634. data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.h +7 -4
  635. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +22 -4
  636. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +20 -14
  637. data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.h +9 -4
  638. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +18 -4
  639. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.c +19 -10
  640. data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.h +12 -4
  641. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +28 -15
  642. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +22 -15
  643. data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.h +10 -4
  644. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +9 -4
  645. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.c +10 -5
  646. data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.h +8 -4
  647. data/src/core/ext/upb-gen/envoy/type/v3/http.upb.h +5 -4
  648. data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.c +3 -1
  649. data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.h +5 -4
  650. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb.h +5 -4
  651. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.c +4 -1
  652. data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.h +6 -4
  653. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb.h +5 -4
  654. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.c +5 -1
  655. data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.h +7 -4
  656. data/src/core/ext/upb-gen/envoy/type/v3/range.upb.h +5 -4
  657. data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.c +6 -1
  658. data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.h +8 -4
  659. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +9 -4
  660. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.c +9 -5
  661. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.h +7 -4
  662. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb.h +5 -4
  663. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.c +3 -1
  664. data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.h +5 -4
  665. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb.h +5 -4
  666. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.c +4 -1
  667. data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.h +6 -4
  668. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb.h +9 -4
  669. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.c +8 -5
  670. data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.h +6 -4
  671. data/src/core/ext/upb-gen/google/api/annotations.upb.h +7 -6
  672. data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.c +5 -2
  673. data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.h +5 -4
  674. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +168 -89
  675. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +89 -74
  676. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.h +18 -4
  677. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +162 -84
  678. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +98 -80
  679. data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.h +21 -4
  680. data/src/core/ext/upb-gen/google/api/http.upb.h +69 -55
  681. data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +35 -30
  682. data/src/core/ext/upb-gen/google/api/http.upb_minitable.h +8 -4
  683. data/src/core/ext/upb-gen/google/api/httpbody.upb.h +10 -4
  684. data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.c +7 -4
  685. data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.h +6 -4
  686. data/src/core/ext/upb-gen/google/protobuf/any.upb.h +6 -4
  687. data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.c +4 -1
  688. data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.h +6 -4
  689. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +529 -305
  690. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +337 -290
  691. data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +56 -21
  692. data/src/core/ext/upb-gen/google/protobuf/duration.upb.h +6 -4
  693. data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.c +4 -1
  694. data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.h +6 -4
  695. data/src/core/ext/upb-gen/google/protobuf/empty.upb.h +6 -4
  696. data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.c +4 -1
  697. data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.h +6 -4
  698. data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +34 -13
  699. data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.c +20 -14
  700. data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.h +9 -4
  701. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb.h +6 -4
  702. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.c +4 -1
  703. data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.h +6 -4
  704. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb.h +6 -4
  705. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.c +12 -1
  706. data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.h +14 -4
  707. data/src/core/ext/upb-gen/google/rpc/status.upb.h +10 -4
  708. data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.c +7 -4
  709. data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.h +6 -4
  710. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +21 -13
  711. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.c +9 -5
  712. data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.h +7 -4
  713. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +170 -114
  714. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +76 -62
  715. data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.h +17 -4
  716. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +10 -4
  717. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +9 -5
  718. data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +7 -4
  719. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb.h +6 -4
  720. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.c +5 -1
  721. data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.h +7 -4
  722. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +35 -10
  723. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +35 -24
  724. data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.h +14 -4
  725. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +32 -25
  726. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +12 -7
  727. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.h +8 -4
  728. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +125 -74
  729. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +50 -39
  730. data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.h +14 -4
  731. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb.h +15 -14
  732. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.c +22 -12
  733. data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.h +8 -4
  734. data/src/core/ext/upb-gen/udpa/annotations/security.upb.h +7 -6
  735. data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.c +10 -6
  736. data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.h +6 -4
  737. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb.h +5 -4
  738. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.c +4 -1
  739. data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.h +5 -4
  740. data/src/core/ext/upb-gen/udpa/annotations/status.upb.h +7 -6
  741. data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.c +10 -6
  742. data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.h +6 -4
  743. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb.h +7 -6
  744. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.c +10 -6
  745. data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.h +6 -4
  746. data/src/core/ext/upb-gen/validate/validate.upb.h +457 -374
  747. data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +233 -204
  748. data/src/core/ext/upb-gen/validate/validate.upb_minitable.h +29 -5
  749. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb.h +15 -14
  750. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.c +22 -12
  751. data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.h +8 -4
  752. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb.h +7 -6
  753. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.c +10 -6
  754. data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.h +6 -4
  755. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb.h +5 -4
  756. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.c +4 -1
  757. data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.h +5 -4
  758. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb.h +11 -10
  759. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.c +20 -11
  760. data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.h +9 -4
  761. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb.h +7 -6
  762. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.c +10 -6
  763. data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.h +6 -4
  764. data/src/core/ext/upb-gen/xds/core/v3/authority.upb.h +5 -4
  765. data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.c +4 -1
  766. data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.h +6 -4
  767. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb.h +7 -4
  768. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.c +7 -4
  769. data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.h +6 -4
  770. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +11 -4
  771. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.c +12 -8
  772. data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.h +7 -4
  773. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +19 -13
  774. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.c +8 -4
  775. data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.h +7 -4
  776. data/src/core/ext/upb-gen/xds/core/v3/extension.upb.h +7 -4
  777. data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.c +7 -4
  778. data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.h +6 -4
  779. data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +16 -11
  780. data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +11 -8
  781. data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.h +6 -4
  782. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +26 -16
  783. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +14 -10
  784. data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.h +7 -4
  785. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb.h +7 -4
  786. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.c +7 -4
  787. data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.h +6 -4
  788. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +47 -31
  789. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.c +12 -6
  790. data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.h +9 -4
  791. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb.h +7 -4
  792. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.c +7 -4
  793. data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.h +6 -4
  794. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +14 -11
  795. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +10 -7
  796. data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.h +6 -4
  797. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb.h +12 -4
  798. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.c +11 -7
  799. data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.h +7 -4
  800. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb.h +5 -4
  801. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.c +4 -1
  802. data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.h +6 -4
  803. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +20 -7
  804. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +13 -9
  805. data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.h +7 -4
  806. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +83 -26
  807. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +58 -46
  808. data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.h +15 -4
  809. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb.h +41 -4
  810. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.c +30 -22
  811. data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.h +11 -4
  812. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +7 -4
  813. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.c +8 -4
  814. data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.h +7 -4
  815. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +12 -4
  816. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.c +11 -7
  817. data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.h +7 -4
  818. data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +13 -4
  819. data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.c +13 -9
  820. data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.h +7 -4
  821. data/src/core/ext/upb-gen/xds/type/v3/range.upb.h +6 -4
  822. data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.c +6 -1
  823. data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.h +8 -4
  824. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb.h +7 -4
  825. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.c +7 -4
  826. data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.h +6 -4
  827. data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +2 -1
  828. data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -4
  829. data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +2 -1
  830. data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -4
  831. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +2 -1
  832. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -4
  833. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +13 -11
  834. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -4
  835. data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +2 -1
  836. data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -4
  837. data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +2 -1
  838. data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -4
  839. data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +2 -1
  840. data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -4
  841. data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +2 -1
  842. data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -4
  843. data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +2 -1
  844. data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -4
  845. data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +8 -5
  846. data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -4
  847. data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +2 -1
  848. data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -4
  849. data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +2 -1
  850. data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -4
  851. data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +2 -1
  852. data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -4
  853. data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +2 -1
  854. data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -4
  855. data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +2 -1
  856. data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -4
  857. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +2 -1
  858. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -4
  859. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +420 -414
  860. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -4
  861. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +2 -1
  862. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -4
  863. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +2 -1
  864. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -4
  865. data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +2 -1
  866. data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -4
  867. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +2 -1
  868. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -4
  869. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +2 -1
  870. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -4
  871. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +163 -154
  872. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +10 -4
  873. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +2 -1
  874. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -4
  875. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +2 -1
  876. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -4
  877. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +2 -1
  878. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -4
  879. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +2 -1
  880. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -4
  881. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +2 -1
  882. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -4
  883. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +2 -1
  884. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -4
  885. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +2 -1
  886. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -4
  887. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +2 -1
  888. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -4
  889. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +272 -262
  890. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -4
  891. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +2 -1
  892. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -4
  893. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +2 -1
  894. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -4
  895. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
  896. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
  897. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +31 -20
  898. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +20 -4
  899. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +2 -1
  900. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -4
  901. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +2 -1
  902. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -4
  903. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +2 -1
  904. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -4
  905. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +2 -1
  906. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -4
  907. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +2 -1
  908. data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -4
  909. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +2 -1
  910. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -4
  911. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +2 -1
  912. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -4
  913. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +60 -66
  914. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -9
  915. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +75 -64
  916. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -4
  917. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +2 -1
  918. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -4
  919. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +2 -1
  920. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -4
  921. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +2 -1
  922. data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -4
  923. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +51 -49
  924. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -4
  925. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +119 -101
  926. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +10 -4
  927. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +2 -1
  928. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -4
  929. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +919 -899
  930. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +15 -4
  931. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +2 -1
  932. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -4
  933. data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +2 -1
  934. data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -4
  935. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +2 -1
  936. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -4
  937. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +2 -1
  938. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -4
  939. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +2 -1
  940. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -4
  941. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +2 -1
  942. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -4
  943. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +2 -1
  944. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -4
  945. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +2 -1
  946. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -4
  947. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +2 -1
  948. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -4
  949. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +17 -19
  950. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -4
  951. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +2 -1
  952. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -4
  953. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +2 -1
  954. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -4
  955. data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +2 -1
  956. data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -4
  957. data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +2 -1
  958. data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -4
  959. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +2 -1
  960. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -4
  961. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +2 -1
  962. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -4
  963. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +2 -1
  964. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +5 -4
  965. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +35 -34
  966. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -4
  967. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +2 -1
  968. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -4
  969. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +2 -1
  970. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -4
  971. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +462 -458
  972. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -4
  973. data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +2 -1
  974. data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -4
  975. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +50 -0
  976. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +33 -0
  977. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +2 -1
  978. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -4
  979. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +97 -96
  980. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -4
  981. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +2 -1
  982. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -4
  983. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +204 -192
  984. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -4
  985. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +21 -18
  986. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -4
  987. data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +2 -1
  988. data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -4
  989. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +2 -1
  990. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -4
  991. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +150 -136
  992. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +10 -4
  993. data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +2 -1
  994. data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -4
  995. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +25 -23
  996. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -4
  997. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +2 -1
  998. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -4
  999. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +2 -1
  1000. data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -4
  1001. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
  1002. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
  1003. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +28 -20
  1004. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -4
  1005. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +2 -1
  1006. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -4
  1007. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +2 -1
  1008. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -4
  1009. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +2 -1
  1010. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -4
  1011. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +2 -1
  1012. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -4
  1013. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +2 -1
  1014. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -4
  1015. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +2 -1
  1016. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -4
  1017. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +2 -1
  1018. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -4
  1019. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +2 -1
  1020. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -4
  1021. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +2 -1
  1022. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -4
  1023. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +2 -1
  1024. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -4
  1025. data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +2 -1
  1026. data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -4
  1027. data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +2 -1
  1028. data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -4
  1029. data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +2 -1
  1030. data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -4
  1031. data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +2 -1
  1032. data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -4
  1033. data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +2 -1
  1034. data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -4
  1035. data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +2 -1
  1036. data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -4
  1037. data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +2 -1
  1038. data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -4
  1039. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +2 -1
  1040. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -4
  1041. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +2 -1
  1042. data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -4
  1043. data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +2 -1
  1044. data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -4
  1045. data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +2 -1
  1046. data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -4
  1047. data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +2 -1
  1048. data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -4
  1049. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +2 -1
  1050. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -4
  1051. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +2 -1
  1052. data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +5 -4
  1053. data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +2 -1
  1054. data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -4
  1055. data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +2 -1
  1056. data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -4
  1057. data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +2 -1
  1058. data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -4
  1059. data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +497 -484
  1060. data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +5 -4
  1061. data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +2 -1
  1062. data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -4
  1063. data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +2 -1
  1064. data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -4
  1065. data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +2 -1
  1066. data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -4
  1067. data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +2 -1
  1068. data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -4
  1069. data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +2 -1
  1070. data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -4
  1071. data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +2 -1
  1072. data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -4
  1073. data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +2 -1
  1074. data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -4
  1075. data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +2 -1
  1076. data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -4
  1077. data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +2 -1
  1078. data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -4
  1079. data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +2 -1
  1080. data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -4
  1081. data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +2 -1
  1082. data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -4
  1083. data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +2 -1
  1084. data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -4
  1085. data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +2 -1
  1086. data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -4
  1087. data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +2 -1
  1088. data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -4
  1089. data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +2 -1
  1090. data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -4
  1091. data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +2 -1
  1092. data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -4
  1093. data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +2 -1
  1094. data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -4
  1095. data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +2 -1
  1096. data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -4
  1097. data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +2 -1
  1098. data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -4
  1099. data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +2 -1
  1100. data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -4
  1101. data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +2 -1
  1102. data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -4
  1103. data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +2 -1
  1104. data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -4
  1105. data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +2 -1
  1106. data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -4
  1107. data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +2 -1
  1108. data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -4
  1109. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +2 -1
  1110. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -4
  1111. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +2 -1
  1112. data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -4
  1113. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +2 -1
  1114. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -4
  1115. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +2 -1
  1116. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -4
  1117. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +2 -1
  1118. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -4
  1119. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +2 -1
  1120. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -4
  1121. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +2 -1
  1122. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -4
  1123. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +2 -1
  1124. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -4
  1125. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +2 -1
  1126. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -4
  1127. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +2 -1
  1128. data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -4
  1129. data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +2 -1
  1130. data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -4
  1131. data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +2 -1
  1132. data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -4
  1133. data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +2 -1
  1134. data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -4
  1135. data/src/core/filter/auth/auth_filters.h +233 -0
  1136. data/src/core/filter/auth/client_auth_filter.cc +310 -0
  1137. data/src/core/filter/auth/server_auth_filter.cc +208 -0
  1138. data/src/core/filter/blackboard.cc +33 -0
  1139. data/src/core/filter/blackboard.h +70 -0
  1140. data/src/core/filter/filter_args.h +112 -0
  1141. data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.cc +4 -5
  1142. data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.h +1 -1
  1143. data/src/core/handshaker/handshaker.cc +8 -22
  1144. data/src/core/handshaker/handshaker.h +8 -10
  1145. data/src/core/handshaker/handshaker_registry.cc +1 -2
  1146. data/src/core/handshaker/handshaker_registry.h +2 -2
  1147. data/src/core/handshaker/http_connect/http_connect_handshaker.cc +17 -16
  1148. data/src/core/handshaker/http_connect/http_connect_handshaker.h +1 -1
  1149. data/src/core/handshaker/http_connect/http_proxy_mapper.cc +38 -41
  1150. data/src/core/handshaker/http_connect/http_proxy_mapper.h +7 -8
  1151. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +57 -0
  1152. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +46 -0
  1153. data/src/core/handshaker/proxy_mapper.h +6 -7
  1154. data/src/core/handshaker/proxy_mapper_registry.cc +7 -8
  1155. data/src/core/handshaker/proxy_mapper_registry.h +6 -7
  1156. data/src/core/handshaker/security/secure_endpoint.cc +14 -16
  1157. data/src/core/handshaker/security/secure_endpoint.h +2 -3
  1158. data/src/core/handshaker/security/security_handshaker.cc +19 -27
  1159. data/src/core/handshaker/security/security_handshaker.h +4 -5
  1160. data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +16 -15
  1161. data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.h +1 -1
  1162. data/src/core/lib/address_utils/parse_address.cc +3 -4
  1163. data/src/core/lib/address_utils/parse_address.h +2 -4
  1164. data/src/core/lib/address_utils/sockaddr_utils.cc +4 -6
  1165. data/src/core/lib/address_utils/sockaddr_utils.h +1 -3
  1166. data/src/core/lib/channel/channel_args.cc +17 -19
  1167. data/src/core/lib/channel/channel_args.h +68 -51
  1168. data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
  1169. data/src/core/lib/channel/channel_args_preconditioning.h +4 -4
  1170. data/src/core/lib/channel/channel_stack.cc +5 -4
  1171. data/src/core/lib/channel/channel_stack.h +18 -19
  1172. data/src/core/lib/channel/channel_stack_builder.cc +2 -2
  1173. data/src/core/lib/channel/channel_stack_builder.h +3 -4
  1174. data/src/core/lib/channel/channel_stack_builder_impl.cc +6 -8
  1175. data/src/core/lib/channel/channel_stack_builder_impl.h +15 -3
  1176. data/src/core/lib/channel/connected_channel.cc +12 -14
  1177. data/src/core/lib/channel/promise_based_filter.cc +42 -33
  1178. data/src/core/lib/channel/promise_based_filter.h +101 -147
  1179. data/src/core/lib/compression/compression.cc +5 -6
  1180. data/src/core/lib/compression/compression_internal.cc +14 -16
  1181. data/src/core/lib/compression/compression_internal.h +6 -8
  1182. data/src/core/lib/compression/message_compress.cc +3 -6
  1183. data/src/core/lib/debug/trace.cc +5 -6
  1184. data/src/core/lib/debug/trace_flags.cc +6 -6
  1185. data/src/core/lib/debug/trace_flags.h +2 -2
  1186. data/src/core/lib/debug/trace_impl.h +2 -2
  1187. data/src/core/lib/event_engine/ares_resolver.cc +20 -26
  1188. data/src/core/lib/event_engine/ares_resolver.h +13 -20
  1189. data/src/core/lib/event_engine/cf_engine/cf_engine.cc +4 -8
  1190. data/src/core/lib/event_engine/cf_engine/cf_engine.h +3 -5
  1191. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +7 -9
  1192. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +6 -10
  1193. data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +2 -4
  1194. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +11 -13
  1195. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +5 -9
  1196. data/src/core/lib/event_engine/channel_args_endpoint_config.cc +7 -10
  1197. data/src/core/lib/event_engine/channel_args_endpoint_config.h +7 -9
  1198. data/src/core/lib/event_engine/common_closures.h +5 -7
  1199. data/src/core/lib/event_engine/default_event_engine.cc +69 -41
  1200. data/src/core/lib/event_engine/default_event_engine.h +27 -36
  1201. data/src/core/lib/event_engine/default_event_engine_factory.cc +14 -20
  1202. data/src/core/lib/event_engine/default_event_engine_factory.h +5 -7
  1203. data/src/core/lib/event_engine/event_engine.cc +4 -6
  1204. data/src/core/lib/event_engine/extensions/can_track_errors.h +4 -6
  1205. data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +3 -6
  1206. data/src/core/lib/event_engine/extensions/iomgr_compatible.h +39 -0
  1207. data/src/core/lib/event_engine/extensions/supports_fd.h +22 -7
  1208. data/src/core/lib/event_engine/extensions/supports_win_sockets.h +48 -0
  1209. data/src/core/lib/event_engine/extensions/tcp_trace.h +3 -6
  1210. data/src/core/lib/event_engine/forkable.cc +5 -7
  1211. data/src/core/lib/event_engine/forkable.h +4 -6
  1212. data/src/core/lib/event_engine/grpc_polled_fd.h +5 -8
  1213. data/src/core/lib/event_engine/handle_containers.h +4 -7
  1214. data/src/core/lib/event_engine/memory_allocator_factory.h +5 -8
  1215. data/src/core/lib/event_engine/nameser.h +1 -1
  1216. data/src/core/lib/event_engine/poller.h +4 -6
  1217. data/src/core/lib/event_engine/posix.h +2 -4
  1218. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +14 -62
  1219. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +6 -9
  1220. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +21 -71
  1221. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +6 -9
  1222. data/src/core/lib/event_engine/posix_engine/event_poller.h +5 -8
  1223. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +6 -9
  1224. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +4 -6
  1225. data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +6 -10
  1226. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +4 -7
  1227. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +3 -6
  1228. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -10
  1229. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +4 -7
  1230. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
  1231. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +4 -7
  1232. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +35 -29
  1233. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +10 -13
  1234. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +54 -37
  1235. data/src/core/lib/event_engine/posix_engine/posix_engine.h +18 -20
  1236. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +5 -7
  1237. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +10 -14
  1238. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +14 -15
  1239. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +32 -10
  1240. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +7 -6
  1241. data/src/core/lib/event_engine/posix_engine/set_socket_dualstack.cc +64 -0
  1242. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +13 -28
  1243. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +9 -12
  1244. data/src/core/lib/event_engine/posix_engine/timer.cc +8 -10
  1245. data/src/core/lib/event_engine/posix_engine/timer.h +9 -13
  1246. data/src/core/lib/event_engine/posix_engine/timer_heap.cc +4 -7
  1247. data/src/core/lib/event_engine/posix_engine/timer_heap.h +4 -6
  1248. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +8 -11
  1249. data/src/core/lib/event_engine/posix_engine/timer_manager.h +9 -13
  1250. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +9 -15
  1251. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +27 -30
  1252. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +7 -10
  1253. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +4 -7
  1254. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +16 -11
  1255. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +4 -7
  1256. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +4 -6
  1257. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +4 -7
  1258. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +4 -6
  1259. data/src/core/lib/event_engine/query_extensions.h +4 -6
  1260. data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +5 -9
  1261. data/src/core/lib/event_engine/resolved_address.cc +7 -8
  1262. data/src/core/lib/event_engine/resolved_address_internal.h +2 -4
  1263. data/src/core/lib/event_engine/shim.cc +11 -20
  1264. data/src/core/lib/event_engine/shim.h +13 -4
  1265. data/src/core/lib/event_engine/slice.cc +5 -9
  1266. data/src/core/lib/event_engine/slice_buffer.cc +3 -6
  1267. data/src/core/lib/event_engine/tcp_socket_utils.cc +9 -18
  1268. data/src/core/lib/event_engine/tcp_socket_utils.h +8 -10
  1269. data/src/core/lib/event_engine/thread_local.cc +2 -4
  1270. data/src/core/lib/event_engine/thread_local.h +2 -4
  1271. data/src/core/lib/event_engine/thread_pool/thread_count.cc +4 -8
  1272. data/src/core/lib/event_engine/thread_pool/thread_count.h +9 -24
  1273. data/src/core/lib/event_engine/thread_pool/thread_pool.h +4 -8
  1274. data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +4 -7
  1275. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +27 -23
  1276. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +11 -14
  1277. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +7 -9
  1278. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +7 -9
  1279. data/src/core/lib/event_engine/time_util.cc +4 -6
  1280. data/src/core/lib/event_engine/time_util.h +3 -6
  1281. data/src/core/lib/event_engine/utils.cc +21 -9
  1282. data/src/core/lib/event_engine/utils.h +12 -8
  1283. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +7 -12
  1284. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +6 -10
  1285. data/src/core/lib/event_engine/windows/iocp.cc +6 -9
  1286. data/src/core/lib/event_engine/windows/iocp.h +3 -6
  1287. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +6 -10
  1288. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
  1289. data/src/core/lib/event_engine/windows/win_socket.cc +17 -9
  1290. data/src/core/lib/event_engine/windows/win_socket.h +9 -9
  1291. data/src/core/lib/event_engine/windows/windows_endpoint.cc +35 -29
  1292. data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
  1293. data/src/core/lib/event_engine/windows/windows_engine.cc +55 -15
  1294. data/src/core/lib/event_engine/windows/windows_engine.h +18 -15
  1295. data/src/core/lib/event_engine/windows/windows_listener.cc +9 -13
  1296. data/src/core/lib/event_engine/windows/windows_listener.h +15 -13
  1297. data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +5 -7
  1298. data/src/core/lib/event_engine/work_queue/basic_work_queue.h +5 -9
  1299. data/src/core/lib/event_engine/work_queue/work_queue.h +4 -7
  1300. data/src/core/lib/experiments/config.cc +9 -12
  1301. data/src/core/lib/experiments/config.h +1 -2
  1302. data/src/core/lib/experiments/experiments.cc +442 -174
  1303. data/src/core/lib/experiments/experiments.h +187 -86
  1304. data/src/core/lib/iomgr/buffer_list.cc +4 -5
  1305. data/src/core/lib/iomgr/buffer_list.h +23 -23
  1306. data/src/core/lib/iomgr/call_combiner.cc +2 -4
  1307. data/src/core/lib/iomgr/call_combiner.h +6 -8
  1308. data/src/core/lib/iomgr/cfstream_handle.cc +2 -6
  1309. data/src/core/lib/iomgr/cfstream_handle.h +1 -1
  1310. data/src/core/lib/iomgr/closure.cc +2 -2
  1311. data/src/core/lib/iomgr/closure.h +7 -10
  1312. data/src/core/lib/iomgr/combiner.cc +4 -7
  1313. data/src/core/lib/iomgr/combiner.h +2 -3
  1314. data/src/core/lib/iomgr/endpoint.h +1 -2
  1315. data/src/core/lib/iomgr/endpoint_cfstream.cc +2 -4
  1316. data/src/core/lib/iomgr/endpoint_pair_posix.cc +45 -20
  1317. data/src/core/lib/iomgr/endpoint_pair_windows.cc +44 -10
  1318. data/src/core/lib/iomgr/error.cc +34 -52
  1319. data/src/core/lib/iomgr/error.h +6 -8
  1320. data/src/core/lib/iomgr/error_cfstream.cc +1 -3
  1321. data/src/core/lib/iomgr/ev_apple.cc +3 -4
  1322. data/src/core/lib/iomgr/ev_epoll1_linux.cc +20 -10
  1323. data/src/core/lib/iomgr/ev_poll_posix.cc +16 -5
  1324. data/src/core/lib/iomgr/ev_posix.cc +4 -6
  1325. data/src/core/lib/iomgr/ev_posix.h +1 -2
  1326. data/src/core/lib/iomgr/event_engine_shims/closure.cc +3 -5
  1327. data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -2
  1328. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +11 -14
  1329. data/src/core/lib/iomgr/event_engine_shims/endpoint.h +2 -2
  1330. data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +2 -4
  1331. data/src/core/lib/iomgr/exec_ctx.cc +5 -12
  1332. data/src/core/lib/iomgr/exec_ctx.h +7 -140
  1333. data/src/core/lib/iomgr/executor.cc +6 -19
  1334. data/src/core/lib/iomgr/executor.h +1 -1
  1335. data/src/core/lib/iomgr/fork_posix.cc +5 -7
  1336. data/src/core/lib/iomgr/fork_windows.cc +2 -2
  1337. data/src/core/lib/iomgr/internal_errqueue.cc +2 -3
  1338. data/src/core/lib/iomgr/iocp_windows.cc +4 -6
  1339. data/src/core/lib/iomgr/iomgr.cc +7 -9
  1340. data/src/core/lib/iomgr/iomgr.h +1 -2
  1341. data/src/core/lib/iomgr/iomgr_internal.cc +1 -2
  1342. data/src/core/lib/iomgr/iomgr_internal.h +1 -2
  1343. data/src/core/lib/iomgr/iomgr_posix.cc +2 -1
  1344. data/src/core/lib/iomgr/iomgr_windows.cc +4 -3
  1345. data/src/core/lib/iomgr/lockfree_event.cc +3 -4
  1346. data/src/core/lib/iomgr/nameser.h +1 -1
  1347. data/src/core/lib/iomgr/polling_entity.cc +5 -11
  1348. data/src/core/lib/iomgr/pollset_set_windows.cc +1 -2
  1349. data/src/core/lib/iomgr/pollset_windows.cc +2 -2
  1350. data/src/core/lib/iomgr/port.h +2 -2
  1351. data/src/core/lib/iomgr/resolve_address.cc +3 -4
  1352. data/src/core/lib/iomgr/resolve_address.h +4 -6
  1353. data/src/core/lib/iomgr/resolve_address_impl.h +1 -2
  1354. data/src/core/lib/iomgr/resolve_address_posix.cc +6 -9
  1355. data/src/core/lib/iomgr/resolve_address_posix.h +2 -2
  1356. data/src/core/lib/iomgr/resolve_address_windows.cc +8 -12
  1357. data/src/core/lib/iomgr/resolve_address_windows.h +2 -2
  1358. data/src/core/lib/iomgr/resolved_address.h +1 -2
  1359. data/src/core/lib/iomgr/sockaddr_utils_posix.cc +3 -5
  1360. data/src/core/lib/iomgr/socket_mutator.cc +1 -1
  1361. data/src/core/lib/iomgr/socket_mutator.h +1 -2
  1362. data/src/core/lib/iomgr/socket_utils.h +1 -2
  1363. data/src/core/lib/iomgr/socket_utils_common_posix.cc +6 -7
  1364. data/src/core/lib/iomgr/socket_utils_linux.cc +1 -1
  1365. data/src/core/lib/iomgr/socket_utils_posix.cc +23 -13
  1366. data/src/core/lib/iomgr/socket_utils_posix.h +12 -2
  1367. data/src/core/lib/iomgr/socket_utils_windows.cc +1 -1
  1368. data/src/core/lib/iomgr/socket_windows.cc +3 -5
  1369. data/src/core/lib/iomgr/socket_windows.h +1 -2
  1370. data/src/core/lib/iomgr/tcp_client_cfstream.cc +13 -16
  1371. data/src/core/lib/iomgr/tcp_client_posix.cc +16 -22
  1372. data/src/core/lib/iomgr/tcp_client_posix.h +1 -1
  1373. data/src/core/lib/iomgr/tcp_client_windows.cc +6 -8
  1374. data/src/core/lib/iomgr/tcp_posix.cc +70 -45
  1375. data/src/core/lib/iomgr/tcp_posix.h +10 -2
  1376. data/src/core/lib/iomgr/tcp_server.h +2 -2
  1377. data/src/core/lib/iomgr/tcp_server_posix.cc +19 -15
  1378. data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -3
  1379. data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +4 -9
  1380. data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -6
  1381. data/src/core/lib/iomgr/tcp_server_windows.cc +38 -30
  1382. data/src/core/lib/iomgr/tcp_windows.cc +4 -6
  1383. data/src/core/lib/iomgr/timer.h +2 -2
  1384. data/src/core/lib/iomgr/timer_generic.cc +9 -11
  1385. data/src/core/lib/iomgr/timer_heap.cc +2 -3
  1386. data/src/core/lib/iomgr/timer_manager.cc +5 -15
  1387. data/src/core/lib/iomgr/timer_manager.h +1 -2
  1388. data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -4
  1389. data/src/core/lib/iomgr/unix_sockets_posix.h +3 -4
  1390. data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +0 -2
  1391. data/src/core/lib/iomgr/vsock.cc +2 -4
  1392. data/src/core/lib/iomgr/vsock.h +3 -4
  1393. data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -2
  1394. data/src/core/lib/iomgr/wakeup_fd_pipe.cc +13 -6
  1395. data/src/core/lib/promise/activity.cc +4 -4
  1396. data/src/core/lib/promise/activity.h +43 -24
  1397. data/src/core/lib/promise/all_ok.h +71 -4
  1398. data/src/core/lib/promise/arena_promise.h +2 -4
  1399. data/src/core/lib/promise/cancel_callback.h +4 -4
  1400. data/src/core/lib/promise/context.h +7 -8
  1401. data/src/core/lib/promise/detail/basic_seq.h +33 -19
  1402. data/src/core/lib/promise/detail/join_state.h +20 -73
  1403. data/src/core/lib/promise/detail/promise_factory.h +92 -33
  1404. data/src/core/lib/promise/detail/promise_like.h +34 -15
  1405. data/src/core/lib/promise/detail/seq_state.h +285 -500
  1406. data/src/core/lib/promise/detail/status.h +5 -5
  1407. data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +2 -3
  1408. data/src/core/lib/promise/for_each.h +23 -15
  1409. data/src/core/lib/promise/if.h +56 -28
  1410. data/src/core/lib/promise/interceptor_list.h +12 -14
  1411. data/src/core/lib/promise/latch.h +15 -9
  1412. data/src/core/lib/promise/loop.h +73 -22
  1413. data/src/core/lib/promise/map.h +230 -21
  1414. data/src/core/lib/promise/observable.h +3 -4
  1415. data/src/core/lib/promise/party.cc +119 -84
  1416. data/src/core/lib/promise/party.h +286 -65
  1417. data/src/core/lib/promise/pipe.h +15 -17
  1418. data/src/core/lib/promise/poll.h +40 -23
  1419. data/src/core/lib/promise/prioritized_race.h +17 -23
  1420. data/src/core/lib/promise/promise.h +8 -10
  1421. data/src/core/lib/promise/race.h +6 -14
  1422. data/src/core/lib/promise/seq.h +58 -45
  1423. data/src/core/lib/promise/sleep.cc +6 -6
  1424. data/src/core/lib/promise/sleep.h +19 -6
  1425. data/src/core/lib/promise/status_flag.h +51 -17
  1426. data/src/core/lib/promise/try_join.h +124 -10
  1427. data/src/core/lib/promise/try_seq.h +84 -59
  1428. data/src/core/lib/resource_quota/api.cc +4 -6
  1429. data/src/core/lib/resource_quota/api.h +2 -3
  1430. data/src/core/lib/resource_quota/arena.cc +3 -4
  1431. data/src/core/lib/resource_quota/arena.h +91 -5
  1432. data/src/core/lib/resource_quota/connection_quota.cc +2 -2
  1433. data/src/core/lib/resource_quota/connection_quota.h +9 -6
  1434. data/src/core/lib/resource_quota/memory_quota.cc +73 -60
  1435. data/src/core/lib/resource_quota/memory_quota.h +25 -17
  1436. data/src/core/lib/resource_quota/periodic_update.cc +4 -4
  1437. data/src/core/lib/resource_quota/periodic_update.h +2 -4
  1438. data/src/core/lib/resource_quota/resource_quota.h +7 -8
  1439. data/src/core/lib/resource_quota/thread_quota.cc +2 -2
  1440. data/src/core/lib/resource_quota/thread_quota.h +5 -6
  1441. data/src/core/lib/security/authorization/audit_logging.cc +5 -6
  1442. data/src/core/lib/security/authorization/audit_logging.h +5 -6
  1443. data/src/core/lib/security/authorization/authorization_engine.h +3 -3
  1444. data/src/core/lib/security/authorization/authorization_policy_provider.h +3 -4
  1445. data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -1
  1446. data/src/core/lib/security/authorization/evaluate_args.cc +8 -10
  1447. data/src/core/lib/security/authorization/evaluate_args.h +7 -8
  1448. data/src/core/lib/security/authorization/grpc_authorization_engine.cc +2 -3
  1449. data/src/core/lib/security/authorization/grpc_authorization_engine.h +2 -3
  1450. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +6 -11
  1451. data/src/core/lib/security/authorization/grpc_server_authz_filter.h +9 -10
  1452. data/src/core/lib/security/authorization/matchers.cc +2 -4
  1453. data/src/core/lib/security/authorization/matchers.h +5 -7
  1454. data/src/core/lib/security/authorization/rbac_policy.cc +3 -3
  1455. data/src/core/lib/security/authorization/rbac_policy.h +6 -8
  1456. data/src/core/lib/security/authorization/stdout_logger.cc +4 -4
  1457. data/src/core/lib/security/authorization/stdout_logger.h +4 -4
  1458. data/src/core/lib/slice/percent_encoding.cc +2 -4
  1459. data/src/core/lib/slice/slice.cc +4 -6
  1460. data/src/core/lib/slice/slice.h +11 -7
  1461. data/src/core/lib/slice/slice_buffer.cc +7 -8
  1462. data/src/core/lib/slice/slice_buffer.h +5 -6
  1463. data/src/core/lib/slice/slice_internal.h +3 -5
  1464. data/src/core/lib/slice/slice_refcount.h +2 -3
  1465. data/src/core/lib/slice/slice_string_helpers.h +1 -2
  1466. data/src/core/lib/surface/byte_buffer.cc +1 -2
  1467. data/src/core/lib/surface/byte_buffer_reader.cc +3 -5
  1468. data/src/core/lib/surface/call.cc +42 -46
  1469. data/src/core/lib/surface/call.h +10 -11
  1470. data/src/core/lib/surface/call_log_batch.cc +3 -5
  1471. data/src/core/lib/surface/call_test_only.h +1 -2
  1472. data/src/core/lib/surface/call_utils.cc +21 -64
  1473. data/src/core/lib/surface/call_utils.h +70 -26
  1474. data/src/core/lib/surface/channel.cc +7 -16
  1475. data/src/core/lib/surface/channel.h +16 -17
  1476. data/src/core/lib/surface/channel_create.cc +2 -3
  1477. data/src/core/lib/surface/channel_create.h +2 -3
  1478. data/src/core/lib/surface/channel_init.cc +5 -7
  1479. data/src/core/lib/surface/channel_init.h +6 -8
  1480. data/src/core/lib/surface/completion_queue.cc +99 -80
  1481. data/src/core/lib/surface/completion_queue.h +4 -5
  1482. data/src/core/lib/surface/completion_queue_factory.cc +1 -2
  1483. data/src/core/lib/surface/connection_context.cc +77 -0
  1484. data/src/core/lib/surface/connection_context.h +156 -0
  1485. data/src/core/lib/surface/event_string.cc +9 -3
  1486. data/src/core/lib/surface/event_string.h +2 -2
  1487. data/src/core/lib/surface/filter_stack_call.cc +60 -51
  1488. data/src/core/lib/surface/filter_stack_call.h +18 -20
  1489. data/src/core/lib/surface/init.cc +46 -21
  1490. data/src/core/lib/surface/init.h +5 -0
  1491. data/src/core/lib/surface/init_internally.h +13 -2
  1492. data/src/core/lib/surface/lame_client.cc +11 -12
  1493. data/src/core/lib/surface/lame_client.h +4 -5
  1494. data/src/core/lib/surface/legacy_channel.cc +47 -42
  1495. data/src/core/lib/surface/legacy_channel.h +8 -9
  1496. data/src/core/lib/surface/metadata_array.cc +1 -2
  1497. data/src/core/lib/surface/validate_metadata.cc +3 -4
  1498. data/src/core/lib/surface/validate_metadata.h +2 -4
  1499. data/src/core/lib/surface/version.cc +2 -2
  1500. data/src/core/lib/transport/bdp_estimator.cc +2 -3
  1501. data/src/core/lib/transport/bdp_estimator.h +3 -5
  1502. data/src/core/lib/transport/call_final_info.cc +2 -2
  1503. data/src/core/lib/transport/call_final_info.h +3 -3
  1504. data/src/core/lib/transport/connectivity_state.cc +11 -13
  1505. data/src/core/lib/transport/connectivity_state.h +7 -10
  1506. data/src/core/lib/transport/error_utils.cc +68 -15
  1507. data/src/core/lib/transport/error_utils.h +6 -7
  1508. data/src/core/lib/transport/status_conversion.cc +16 -14
  1509. data/src/core/lib/transport/status_conversion.h +6 -5
  1510. data/src/core/lib/transport/timeout_encoding.cc +22 -22
  1511. data/src/core/lib/transport/timeout_encoding.h +4 -5
  1512. data/src/core/lib/transport/transport.cc +4 -7
  1513. data/src/core/lib/transport/transport.h +24 -21
  1514. data/src/core/lib/transport/transport_framing_endpoint_extension.h +47 -0
  1515. data/src/core/lib/transport/transport_op_string.cc +5 -6
  1516. data/src/core/load_balancing/address_filtering.cc +2 -4
  1517. data/src/core/load_balancing/address_filtering.h +4 -5
  1518. data/src/core/load_balancing/backend_metric_data.h +2 -2
  1519. data/src/core/load_balancing/backend_metric_parser.cc +22 -30
  1520. data/src/core/load_balancing/backend_metric_parser.h +1 -3
  1521. data/src/core/load_balancing/child_policy_handler.cc +5 -6
  1522. data/src/core/load_balancing/child_policy_handler.h +4 -5
  1523. data/src/core/load_balancing/delegating_helper.h +7 -8
  1524. data/src/core/load_balancing/endpoint_list.cc +18 -10
  1525. data/src/core/load_balancing/endpoint_list.h +26 -21
  1526. data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +12 -11
  1527. data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +5 -6
  1528. data/src/core/load_balancing/grpclb/grpclb.cc +42 -62
  1529. data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +1 -2
  1530. data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +2 -3
  1531. data/src/core/load_balancing/grpclb/grpclb_client_stats.h +5 -7
  1532. data/src/core/load_balancing/grpclb/load_balancer_api.cc +4 -6
  1533. data/src/core/load_balancing/grpclb/load_balancer_api.h +4 -6
  1534. data/src/core/load_balancing/health_check_client.cc +36 -68
  1535. data/src/core/load_balancing/health_check_client.h +3 -3
  1536. data/src/core/load_balancing/health_check_client_internal.h +15 -16
  1537. data/src/core/load_balancing/lb_policy.cc +4 -6
  1538. data/src/core/load_balancing/lb_policy.h +17 -27
  1539. data/src/core/load_balancing/lb_policy_factory.h +4 -5
  1540. data/src/core/load_balancing/lb_policy_registry.cc +13 -12
  1541. data/src/core/load_balancing/lb_policy_registry.h +4 -5
  1542. data/src/core/load_balancing/oob_backend_metric.cc +14 -16
  1543. data/src/core/load_balancing/oob_backend_metric.h +3 -3
  1544. data/src/core/load_balancing/oob_backend_metric_internal.h +8 -9
  1545. data/src/core/load_balancing/outlier_detection/outlier_detection.cc +88 -94
  1546. data/src/core/load_balancing/outlier_detection/outlier_detection.h +6 -7
  1547. data/src/core/load_balancing/pick_first/pick_first.cc +78 -997
  1548. data/src/core/load_balancing/priority/priority.cc +20 -27
  1549. data/src/core/load_balancing/ring_hash/ring_hash.cc +223 -173
  1550. data/src/core/load_balancing/ring_hash/ring_hash.h +7 -15
  1551. data/src/core/load_balancing/rls/rls.cc +159 -256
  1552. data/src/core/load_balancing/rls/rls.h +97 -1
  1553. data/src/core/load_balancing/round_robin/round_robin.cc +23 -34
  1554. data/src/core/load_balancing/subchannel_interface.h +13 -6
  1555. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +8 -8
  1556. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +4 -5
  1557. data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +35 -48
  1558. data/src/core/load_balancing/weighted_target/weighted_target.cc +19 -29
  1559. data/src/core/load_balancing/xds/cds.cc +37 -45
  1560. data/src/core/load_balancing/xds/xds_cluster_impl.cc +58 -64
  1561. data/src/core/load_balancing/xds/xds_cluster_manager.cc +20 -30
  1562. data/src/core/load_balancing/xds/xds_override_host.cc +59 -108
  1563. data/src/core/load_balancing/xds/xds_override_host.h +3 -4
  1564. data/src/core/load_balancing/xds/xds_wrr_locality.cc +21 -24
  1565. data/src/core/plugin_registry/grpc_plugin_registry.cc +3 -7
  1566. data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +3 -3
  1567. data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +25 -30
  1568. data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +2 -3
  1569. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +4 -6
  1570. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -4
  1571. data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +8 -11
  1572. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +15 -19
  1573. data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +7 -6
  1574. data/src/core/resolver/dns/dns_resolver_plugin.cc +4 -5
  1575. data/src/core/resolver/dns/dns_resolver_plugin.h +1 -1
  1576. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +19 -26
  1577. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +3 -4
  1578. data/src/core/resolver/dns/event_engine/service_config_helper.cc +3 -5
  1579. data/src/core/resolver/dns/event_engine/service_config_helper.h +2 -2
  1580. data/src/core/resolver/dns/native/dns_resolver.cc +11 -12
  1581. data/src/core/resolver/dns/native/dns_resolver.h +1 -1
  1582. data/src/core/resolver/endpoint_addresses.cc +1 -3
  1583. data/src/core/resolver/endpoint_addresses.h +2 -3
  1584. data/src/core/resolver/fake/fake_resolver.cc +17 -19
  1585. data/src/core/resolver/fake/fake_resolver.h +9 -10
  1586. data/src/core/resolver/google_c2p/google_c2p_resolver.cc +21 -25
  1587. data/src/core/resolver/polling_resolver.cc +8 -13
  1588. data/src/core/resolver/polling_resolver.h +10 -11
  1589. data/src/core/resolver/resolver.h +4 -5
  1590. data/src/core/resolver/resolver_factory.h +4 -5
  1591. data/src/core/resolver/resolver_registry.cc +6 -5
  1592. data/src/core/resolver/resolver_registry.h +4 -5
  1593. data/src/core/resolver/sockaddr/sockaddr_resolver.cc +5 -6
  1594. data/src/core/resolver/xds/xds_config.cc +7 -8
  1595. data/src/core/resolver/xds/xds_config.h +3 -4
  1596. data/src/core/resolver/xds/xds_dependency_manager.cc +200 -191
  1597. data/src/core/resolver/xds/xds_dependency_manager.h +29 -20
  1598. data/src/core/resolver/xds/xds_resolver.cc +98 -141
  1599. data/src/core/resolver/xds/xds_resolver_attributes.h +2 -3
  1600. data/src/core/server/server.cc +376 -92
  1601. data/src/core/server/server.h +228 -82
  1602. data/src/core/server/server_call_tracer_filter.cc +15 -12
  1603. data/src/core/server/server_call_tracer_filter.h +1 -1
  1604. data/src/core/server/server_config_selector.h +6 -7
  1605. data/src/core/server/server_config_selector_filter.cc +17 -22
  1606. data/src/core/server/xds_channel_stack_modifier.cc +3 -3
  1607. data/src/core/server/xds_channel_stack_modifier.h +5 -6
  1608. data/src/core/server/xds_server_config_fetcher.cc +121 -188
  1609. data/src/core/service_config/service_config.h +3 -5
  1610. data/src/core/service_config/service_config_call_data.h +5 -6
  1611. data/src/core/service_config/service_config_channel_arg_filter.cc +16 -26
  1612. data/src/core/service_config/service_config_impl.cc +7 -9
  1613. data/src/core/service_config/service_config_impl.h +4 -6
  1614. data/src/core/service_config/service_config_parser.cc +1 -2
  1615. data/src/core/service_config/service_config_parser.h +2 -4
  1616. data/src/core/telemetry/call_tracer.cc +12 -15
  1617. data/src/core/telemetry/call_tracer.h +13 -13
  1618. data/src/core/telemetry/histogram_view.cc +3 -3
  1619. data/src/core/telemetry/histogram_view.h +1 -2
  1620. data/src/core/telemetry/metrics.cc +47 -27
  1621. data/src/core/telemetry/metrics.h +30 -21
  1622. data/src/core/telemetry/stats.cc +1 -2
  1623. data/src/core/telemetry/stats.h +2 -4
  1624. data/src/core/telemetry/stats_data.cc +187 -2
  1625. data/src/core/telemetry/stats_data.h +124 -4
  1626. data/src/core/telemetry/tcp_tracer.h +92 -87
  1627. data/src/core/transport/auth_context.cc +236 -0
  1628. data/src/core/transport/auth_context.h +140 -0
  1629. data/src/core/tsi/alts/crypt/aes_gcm.cc +5 -8
  1630. data/src/core/tsi/alts/crypt/gsec.cc +2 -3
  1631. data/src/core/tsi/alts/crypt/gsec.h +3 -4
  1632. data/src/core/tsi/alts/frame_protector/alts_counter.cc +1 -2
  1633. data/src/core/tsi/alts/frame_protector/alts_counter.h +3 -4
  1634. data/src/core/tsi/alts/frame_protector/alts_crypter.cc +1 -2
  1635. data/src/core/tsi/alts/frame_protector/alts_crypter.h +2 -3
  1636. data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +4 -5
  1637. data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +1 -2
  1638. data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +1 -1
  1639. data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
  1640. data/src/core/tsi/alts/frame_protector/frame_handler.cc +4 -6
  1641. data/src/core/tsi/alts/frame_protector/frame_handler.h +1 -2
  1642. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +14 -15
  1643. data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +2 -3
  1644. data/src/core/tsi/alts/handshaker/alts_shared_resource.h +1 -1
  1645. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +33 -31
  1646. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
  1647. data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -3
  1648. data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -2
  1649. data/src/core/tsi/alts/handshaker/transport_security_common_api.h +3 -3
  1650. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +3 -5
  1651. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +1 -2
  1652. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +2 -3
  1653. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +1 -2
  1654. data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +3 -5
  1655. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +3 -4
  1656. data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +1 -2
  1657. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +3 -5
  1658. data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +1 -2
  1659. data/src/core/tsi/fake_transport_security.cc +9 -7
  1660. data/src/core/tsi/local_transport_security.cc +4 -6
  1661. data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +4 -5
  1662. data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +8 -10
  1663. data/src/core/tsi/ssl/session_cache/ssl_session.h +4 -5
  1664. data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -5
  1665. data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +7 -8
  1666. data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -4
  1667. data/src/core/tsi/ssl_transport_security.cc +30 -18
  1668. data/src/core/tsi/ssl_transport_security.h +6 -8
  1669. data/src/core/tsi/ssl_transport_security_utils.cc +1 -3
  1670. data/src/core/tsi/ssl_transport_security_utils.h +3 -5
  1671. data/src/core/tsi/ssl_types.h +1 -2
  1672. data/src/core/tsi/transport_security.cc +2 -3
  1673. data/src/core/tsi/transport_security.h +1 -2
  1674. data/src/core/tsi/transport_security_interface.h +3 -4
  1675. data/src/core/util/alloc.cc +2 -5
  1676. data/src/core/util/atomic_utils.h +47 -0
  1677. data/src/core/util/avl.h +324 -0
  1678. data/src/core/util/backoff.cc +57 -0
  1679. data/src/core/util/backoff.h +86 -0
  1680. data/src/core/util/bitset.h +224 -0
  1681. data/src/core/util/check_class_size.h +48 -0
  1682. data/src/core/util/chunked_vector.h +256 -0
  1683. data/src/core/util/construct_destruct.h +41 -0
  1684. data/src/core/util/cpp_impl_of.h +49 -0
  1685. data/src/core/util/crash.cc +40 -0
  1686. data/src/core/util/crash.h +36 -0
  1687. data/src/core/util/debug_location.h +106 -0
  1688. data/src/core/util/directory_reader.h +48 -0
  1689. data/src/core/util/down_cast.h +48 -0
  1690. data/src/core/util/dual_ref_counted.h +376 -0
  1691. data/src/core/util/dump_args.cc +54 -0
  1692. data/src/core/util/dump_args.h +114 -0
  1693. data/src/core/util/env.h +52 -0
  1694. data/src/core/util/event_log.cc +87 -0
  1695. data/src/core/util/event_log.h +79 -0
  1696. data/src/core/util/examine_stack.cc +43 -0
  1697. data/src/core/util/examine_stack.h +44 -0
  1698. data/src/core/util/fork.cc +241 -0
  1699. data/src/core/util/fork.h +98 -0
  1700. data/src/core/util/gcp_metadata_query.cc +9 -12
  1701. data/src/core/util/gcp_metadata_query.h +2 -3
  1702. data/src/core/util/gethostname.h +26 -0
  1703. data/src/core/util/gethostname_fallback.cc +30 -0
  1704. data/src/core/util/gethostname_host_name_max.cc +39 -0
  1705. data/src/core/util/gethostname_sysconf.cc +39 -0
  1706. data/src/core/util/glob.h +29 -0
  1707. data/src/core/util/gpr_time.cc +266 -0
  1708. data/src/core/util/grpc_if_nametoindex.h +29 -0
  1709. data/src/core/util/grpc_if_nametoindex_posix.cc +41 -0
  1710. data/src/core/util/grpc_if_nametoindex_unsupported.cc +36 -0
  1711. data/src/core/util/host_port.cc +114 -0
  1712. data/src/core/util/host_port.h +57 -0
  1713. data/src/core/util/http_client/format_request.cc +2 -5
  1714. data/src/core/util/http_client/format_request.h +1 -2
  1715. data/src/core/util/http_client/httpcli.cc +91 -40
  1716. data/src/core/util/http_client/httpcli.h +26 -19
  1717. data/src/core/util/http_client/httpcli_security_connector.cc +14 -17
  1718. data/src/core/util/http_client/httpcli_ssl_credentials.h +2 -3
  1719. data/src/core/util/http_client/parser.cc +2 -4
  1720. data/src/core/util/http_client/parser.h +1 -3
  1721. data/src/core/util/if_list.h +4530 -0
  1722. data/src/core/util/iphone/cpu.cc +1 -2
  1723. data/src/core/util/json/json.h +1 -2
  1724. data/src/core/util/json/json_channel_args.h +2 -2
  1725. data/src/core/util/json/json_object_loader.cc +7 -8
  1726. data/src/core/util/json/json_object_loader.h +20 -21
  1727. data/src/core/util/json/json_reader.cc +6 -9
  1728. data/src/core/util/json/json_reader.h +0 -1
  1729. data/src/core/util/json/json_util.cc +4 -4
  1730. data/src/core/util/json/json_util.h +1 -2
  1731. data/src/core/util/json/json_writer.cc +4 -6
  1732. data/src/core/util/latent_see.cc +100 -70
  1733. data/src/core/util/latent_see.h +45 -20
  1734. data/src/core/util/linux/cpu.cc +4 -6
  1735. data/src/core/util/linux/env.cc +61 -0
  1736. data/src/core/util/load_file.cc +87 -0
  1737. data/src/core/util/load_file.h +33 -0
  1738. data/src/core/util/log.cc +10 -13
  1739. data/src/core/util/lru_cache.h +31 -13
  1740. data/src/core/util/manual_constructor.h +145 -0
  1741. data/src/core/util/match.h +74 -0
  1742. data/src/core/util/matchers.cc +336 -0
  1743. data/src/core/util/matchers.h +162 -0
  1744. data/src/core/util/memory.h +52 -0
  1745. data/src/core/util/mpscq.cc +108 -0
  1746. data/src/core/util/mpscq.h +98 -0
  1747. data/src/core/util/msys/tmpfile.cc +3 -4
  1748. data/src/core/util/no_destruct.h +95 -0
  1749. data/src/core/util/notification.h +66 -0
  1750. data/src/core/util/orphanable.h +153 -0
  1751. data/src/core/util/overload.h +59 -0
  1752. data/src/core/util/packed_table.h +40 -0
  1753. data/src/core/util/per_cpu.cc +34 -0
  1754. data/src/core/util/per_cpu.h +102 -0
  1755. data/src/core/util/posix/cpu.cc +3 -5
  1756. data/src/core/util/posix/directory_reader.cc +82 -0
  1757. data/src/core/util/posix/env.cc +47 -0
  1758. data/src/core/util/posix/stat.cc +54 -0
  1759. data/src/core/util/posix/string.cc +2 -3
  1760. data/src/core/util/posix/sync.cc +2 -5
  1761. data/src/core/util/posix/thd.cc +243 -0
  1762. data/src/core/util/posix/time.cc +3 -5
  1763. data/src/core/util/posix/tmpfile.cc +4 -6
  1764. data/src/core/util/random_early_detection.cc +33 -0
  1765. data/src/core/util/random_early_detection.h +61 -0
  1766. data/src/core/util/ref_counted.h +403 -0
  1767. data/src/core/util/ref_counted_ptr.h +443 -0
  1768. data/src/core/util/ref_counted_string.cc +42 -0
  1769. data/src/core/util/ref_counted_string.h +159 -0
  1770. data/src/core/util/ring_buffer.h +4 -5
  1771. data/src/core/util/single_set_ptr.h +89 -0
  1772. data/src/core/util/sorted_pack.h +89 -0
  1773. data/src/core/util/spinlock.h +1 -2
  1774. data/src/core/util/stat.h +35 -0
  1775. data/src/core/util/status_helper.cc +450 -0
  1776. data/src/core/util/status_helper.h +143 -0
  1777. data/src/core/util/strerror.cc +40 -0
  1778. data/src/core/util/strerror.h +29 -0
  1779. data/src/core/util/string.cc +6 -9
  1780. data/src/core/util/string.h +1 -3
  1781. data/src/core/util/sync.cc +3 -5
  1782. data/src/core/util/sync.h +199 -0
  1783. data/src/core/util/sync_abseil.cc +4 -7
  1784. data/src/core/util/table.h +471 -0
  1785. data/src/core/util/tchar.cc +49 -0
  1786. data/src/core/util/tchar.h +33 -0
  1787. data/src/core/util/thd.h +193 -0
  1788. data/src/core/util/time.cc +174 -204
  1789. data/src/core/util/time.h +385 -0
  1790. data/src/core/util/time_averaged_stats.cc +60 -0
  1791. data/src/core/util/time_averaged_stats.h +79 -0
  1792. data/src/core/util/time_precise.cc +2 -4
  1793. data/src/core/util/time_precise.h +0 -1
  1794. data/src/core/util/time_util.cc +80 -0
  1795. data/src/core/util/time_util.h +41 -0
  1796. data/src/core/util/tmpfile.h +0 -1
  1797. data/src/core/util/type_list.h +88 -0
  1798. data/src/core/util/unique_type_name.h +123 -0
  1799. data/src/core/util/uri.cc +378 -0
  1800. data/src/core/util/uri.h +112 -0
  1801. data/src/core/util/useful.h +13 -15
  1802. data/src/core/util/uuid_v4.cc +37 -0
  1803. data/src/core/util/uuid_v4.h +35 -0
  1804. data/src/core/util/validation_errors.cc +73 -0
  1805. data/src/core/util/validation_errors.h +144 -0
  1806. data/src/core/util/wait_for_single_owner.h +62 -0
  1807. data/src/core/util/windows/cpu.cc +1 -1
  1808. data/src/core/util/windows/directory_reader.cc +79 -0
  1809. data/src/core/util/windows/env.cc +56 -0
  1810. data/src/core/util/windows/stat.cc +50 -0
  1811. data/src/core/util/windows/string.cc +2 -3
  1812. data/src/core/util/windows/string_util.cc +5 -7
  1813. data/src/core/util/windows/sync.cc +1 -3
  1814. data/src/core/util/windows/thd.cc +182 -0
  1815. data/src/core/util/windows/time.cc +1 -4
  1816. data/src/core/util/windows/tmpfile.cc +4 -5
  1817. data/src/core/util/work_serializer.cc +298 -0
  1818. data/src/core/util/work_serializer.h +81 -0
  1819. data/src/core/util/xxhash_inline.h +29 -0
  1820. data/src/core/xds/grpc/certificate_provider_store.cc +16 -22
  1821. data/src/core/xds/grpc/certificate_provider_store.h +12 -13
  1822. data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +8 -9
  1823. data/src/core/xds/grpc/file_watcher_certificate_provider_factory.h +7 -8
  1824. data/src/core/xds/grpc/xds_audit_logger_registry.cc +5 -6
  1825. data/src/core/xds/grpc/xds_audit_logger_registry.h +3 -4
  1826. data/src/core/xds/grpc/xds_bootstrap_grpc.cc +23 -24
  1827. data/src/core/xds/grpc/xds_bootstrap_grpc.h +6 -6
  1828. data/src/core/xds/grpc/xds_certificate_provider.cc +18 -19
  1829. data/src/core/xds/grpc/xds_certificate_provider.h +10 -11
  1830. data/src/core/xds/grpc/xds_client_grpc.cc +74 -50
  1831. data/src/core/xds/grpc/xds_client_grpc.h +17 -9
  1832. data/src/core/xds/grpc/xds_cluster.cc +9 -4
  1833. data/src/core/xds/grpc/xds_cluster.h +34 -8
  1834. data/src/core/xds/grpc/xds_cluster_parser.cc +131 -50
  1835. data/src/core/xds/grpc/xds_cluster_parser.h +6 -2
  1836. data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +9 -11
  1837. data/src/core/xds/grpc/xds_cluster_specifier_plugin.h +5 -6
  1838. data/src/core/xds/grpc/xds_common_types.cc +3 -4
  1839. data/src/core/xds/grpc/xds_common_types.h +6 -7
  1840. data/src/core/xds/grpc/xds_common_types_parser.cc +68 -34
  1841. data/src/core/xds/grpc/xds_common_types_parser.h +15 -9
  1842. data/src/core/xds/grpc/xds_endpoint.cc +3 -4
  1843. data/src/core/xds/grpc/xds_endpoint.h +7 -5
  1844. data/src/core/xds/grpc/xds_endpoint_parser.cc +92 -56
  1845. data/src/core/xds/grpc/xds_endpoint_parser.h +1 -2
  1846. data/src/core/xds/grpc/xds_health_status.cc +4 -4
  1847. data/src/core/xds/grpc/xds_health_status.h +4 -4
  1848. data/src/core/xds/grpc/xds_http_fault_filter.cc +24 -28
  1849. data/src/core/xds/grpc/xds_http_fault_filter.h +8 -8
  1850. data/src/core/xds/grpc/xds_http_filter.h +6 -7
  1851. data/src/core/xds/grpc/xds_http_filter_registry.cc +9 -10
  1852. data/src/core/xds/grpc/xds_http_filter_registry.h +6 -7
  1853. data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +12 -13
  1854. data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +6 -6
  1855. data/src/core/xds/grpc/xds_http_rbac_filter.cc +71 -61
  1856. data/src/core/xds/grpc/xds_http_rbac_filter.h +8 -8
  1857. data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +15 -16
  1858. data/src/core/xds/grpc/xds_http_stateful_session_filter.h +8 -8
  1859. data/src/core/xds/grpc/xds_lb_policy_registry.cc +9 -11
  1860. data/src/core/xds/grpc/xds_lb_policy_registry.h +4 -5
  1861. data/src/core/xds/grpc/xds_listener.cc +5 -8
  1862. data/src/core/xds/grpc/xds_listener.h +11 -12
  1863. data/src/core/xds/grpc/xds_listener_parser.cc +62 -58
  1864. data/src/core/xds/grpc/xds_listener_parser.h +3 -3
  1865. data/src/core/xds/grpc/xds_metadata.cc +5 -5
  1866. data/src/core/xds/grpc/xds_metadata.h +34 -3
  1867. data/src/core/xds/grpc/xds_metadata_parser.cc +102 -48
  1868. data/src/core/xds/grpc/xds_metadata_parser.h +1 -2
  1869. data/src/core/xds/grpc/xds_route_config.cc +12 -18
  1870. data/src/core/xds/grpc/xds_route_config.h +12 -13
  1871. data/src/core/xds/grpc/xds_route_config_parser.cc +125 -129
  1872. data/src/core/xds/grpc/xds_route_config_parser.h +8 -11
  1873. data/src/core/xds/grpc/xds_routing.cc +8 -10
  1874. data/src/core/xds/grpc/xds_routing.h +7 -9
  1875. data/src/core/xds/grpc/xds_server_grpc.cc +83 -51
  1876. data/src/core/xds/grpc/xds_server_grpc.h +28 -15
  1877. data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
  1878. data/src/core/xds/grpc/xds_transport_grpc.cc +101 -57
  1879. data/src/core/xds/grpc/xds_transport_grpc.h +33 -20
  1880. data/src/core/xds/xds_client/lrs_client.cc +1281 -0
  1881. data/src/core/xds/xds_client/lrs_client.h +394 -0
  1882. data/src/core/xds/xds_client/xds_api.cc +28 -465
  1883. data/src/core/xds/xds_client/xds_api.h +6 -161
  1884. data/src/core/xds/xds_client/xds_backend_metric_propagation.cc +63 -0
  1885. data/src/core/xds/xds_client/xds_backend_metric_propagation.h +59 -0
  1886. data/src/core/xds/xds_client/xds_bootstrap.cc +12 -3
  1887. data/src/core/xds/xds_client/xds_bootstrap.h +25 -3
  1888. data/src/core/xds/xds_client/xds_client.cc +1086 -1296
  1889. data/src/core/xds/xds_client/xds_client.h +170 -115
  1890. data/src/core/xds/xds_client/xds_locality.h +102 -0
  1891. data/src/core/xds/xds_client/xds_metrics.h +2 -2
  1892. data/src/core/xds/xds_client/xds_resource_type.h +7 -10
  1893. data/src/core/xds/xds_client/xds_resource_type_impl.h +15 -11
  1894. data/src/core/xds/xds_client/xds_transport.h +29 -14
  1895. data/src/ruby/ext/grpc/extconf.rb +2 -1
  1896. data/src/ruby/ext/grpc/rb_byte_buffer.c +3 -3
  1897. data/src/ruby/ext/grpc/rb_call.c +5 -5
  1898. data/src/ruby/ext/grpc/rb_call_credentials.c +5 -6
  1899. data/src/ruby/ext/grpc/rb_channel.c +6 -7
  1900. data/src/ruby/ext/grpc/rb_channel_args.c +3 -3
  1901. data/src/ruby/ext/grpc/rb_channel_credentials.c +5 -6
  1902. data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -2
  1903. data/src/ruby/ext/grpc/rb_completion_queue.c +3 -4
  1904. data/src/ruby/ext/grpc/rb_compression_options.c +6 -7
  1905. data/src/ruby/ext/grpc/rb_event_thread.c +4 -5
  1906. data/src/ruby/ext/grpc/rb_grpc.c +3 -4
  1907. data/src/ruby/ext/grpc/rb_grpc.h +2 -3
  1908. data/src/ruby/ext/grpc/rb_server.c +6 -6
  1909. data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
  1910. data/src/ruby/ext/grpc/rb_server_credentials.h +1 -2
  1911. data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +5 -6
  1912. data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +1 -2
  1913. data/src/ruby/ext/grpc/rb_xds_server_credentials.c +4 -4
  1914. data/src/ruby/ext/grpc/rb_xds_server_credentials.h +1 -2
  1915. data/src/ruby/lib/grpc/version.rb +1 -1
  1916. data/src/ruby/spec/generic/client_stub_spec.rb +20 -20
  1917. data/third_party/abseil-cpp/absl/algorithm/container.h +57 -18
  1918. data/third_party/abseil-cpp/absl/base/attributes.h +84 -0
  1919. data/third_party/abseil-cpp/absl/base/config.h +32 -51
  1920. data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +0 -16
  1921. data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +3 -1
  1922. data/third_party/abseil-cpp/absl/base/internal/spinlock.h +13 -3
  1923. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -12
  1924. data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +4 -4
  1925. data/third_party/abseil-cpp/absl/base/macros.h +48 -0
  1926. data/third_party/abseil-cpp/absl/base/no_destructor.h +35 -40
  1927. data/third_party/abseil-cpp/absl/base/nullability.h +33 -7
  1928. data/third_party/abseil-cpp/absl/base/optimization.h +11 -0
  1929. data/third_party/abseil-cpp/absl/base/options.h +1 -1
  1930. data/third_party/abseil-cpp/absl/base/prefetch.h +1 -1
  1931. data/third_party/abseil-cpp/absl/container/flat_hash_map.h +68 -12
  1932. data/third_party/abseil-cpp/absl/container/flat_hash_set.h +60 -6
  1933. data/third_party/abseil-cpp/absl/container/hash_container_defaults.h +45 -0
  1934. data/third_party/abseil-cpp/absl/container/inlined_vector.h +13 -0
  1935. data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +20 -11
  1936. data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +15 -16
  1937. data/third_party/abseil-cpp/absl/container/internal/container_memory.h +34 -1
  1938. data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +68 -1
  1939. data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +50 -0
  1940. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +22 -7
  1941. data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +26 -8
  1942. data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +39 -35
  1943. data/third_party/abseil-cpp/absl/container/internal/layout.h +190 -74
  1944. data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +8 -6
  1945. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +334 -71
  1946. data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1299 -458
  1947. data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +19 -17
  1948. data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +4 -3
  1949. data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +2 -1
  1950. data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_arm_combined.cc +12 -8
  1951. data/third_party/abseil-cpp/absl/crc/internal/crc_non_temporal_memcpy.cc +1 -1
  1952. data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +11 -7
  1953. data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +18 -17
  1954. data/third_party/abseil-cpp/absl/debugging/internal/bounded_utf8_length_sequence.h +126 -0
  1955. data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.cc +258 -0
  1956. data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.h +55 -0
  1957. data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1057 -86
  1958. data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +3 -0
  1959. data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.cc +925 -0
  1960. data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.h +42 -0
  1961. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +43 -16
  1962. data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +8 -7
  1963. data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +10 -7
  1964. data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.cc +70 -0
  1965. data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.h +47 -0
  1966. data/third_party/abseil-cpp/absl/flags/commandlineflag.h +11 -0
  1967. data/third_party/abseil-cpp/absl/flags/flag.h +2 -0
  1968. data/third_party/abseil-cpp/absl/flags/internal/flag.cc +117 -30
  1969. data/third_party/abseil-cpp/absl/flags/internal/flag.h +192 -30
  1970. data/third_party/abseil-cpp/absl/flags/reflection.cc +10 -0
  1971. data/third_party/abseil-cpp/absl/functional/any_invocable.h +13 -3
  1972. data/third_party/abseil-cpp/absl/functional/bind_front.h +3 -2
  1973. data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +7 -7
  1974. data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +9 -9
  1975. data/third_party/abseil-cpp/absl/hash/internal/hash.cc +1 -1
  1976. data/third_party/abseil-cpp/absl/hash/internal/hash.h +13 -3
  1977. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +60 -28
  1978. data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +4 -0
  1979. data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +3 -3
  1980. data/third_party/abseil-cpp/absl/log/globals.h +28 -15
  1981. data/third_party/abseil-cpp/absl/log/internal/check_op.cc +20 -0
  1982. data/third_party/abseil-cpp/absl/log/internal/check_op.h +63 -21
  1983. data/third_party/abseil-cpp/absl/log/internal/conditions.h +2 -2
  1984. data/third_party/abseil-cpp/absl/log/internal/log_impl.h +23 -23
  1985. data/third_party/abseil-cpp/absl/log/internal/log_message.cc +104 -47
  1986. data/third_party/abseil-cpp/absl/log/internal/log_message.h +23 -4
  1987. data/third_party/abseil-cpp/absl/log/internal/nullstream.h +1 -10
  1988. data/third_party/abseil-cpp/absl/log/internal/strip.h +36 -0
  1989. data/third_party/abseil-cpp/absl/log/log.h +5 -1
  1990. data/third_party/abseil-cpp/absl/log/log_sink.h +11 -4
  1991. data/third_party/abseil-cpp/absl/log/vlog_is_on.h +3 -3
  1992. data/third_party/abseil-cpp/absl/meta/type_traits.h +138 -42
  1993. data/third_party/abseil-cpp/absl/numeric/int128.cc +0 -3
  1994. data/third_party/abseil-cpp/absl/numeric/int128.h +35 -5
  1995. data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +14 -0
  1996. data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +18 -0
  1997. data/third_party/abseil-cpp/absl/numeric/internal/bits.h +6 -2
  1998. data/third_party/abseil-cpp/absl/random/beta_distribution.h +8 -8
  1999. data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +9 -7
  2000. data/third_party/abseil-cpp/absl/random/distributions.h +11 -11
  2001. data/third_party/abseil-cpp/absl/random/seed_sequences.h +2 -0
  2002. data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +61 -2
  2003. data/third_party/abseil-cpp/absl/status/status.cc +0 -4
  2004. data/third_party/abseil-cpp/absl/status/status.h +4 -4
  2005. data/third_party/abseil-cpp/absl/status/statusor.h +108 -142
  2006. data/third_party/abseil-cpp/absl/strings/ascii.cc +32 -71
  2007. data/third_party/abseil-cpp/absl/strings/cord.cc +20 -15
  2008. data/third_party/abseil-cpp/absl/strings/cord.h +68 -7
  2009. data/third_party/abseil-cpp/absl/strings/escaping.cc +96 -21
  2010. data/third_party/abseil-cpp/absl/strings/escaping.h +25 -8
  2011. data/third_party/abseil-cpp/absl/strings/has_absl_stringify.h +1 -0
  2012. data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +10 -0
  2013. data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +29 -9
  2014. data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +2 -2
  2015. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +19 -13
  2016. data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +23 -13
  2017. data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +24 -24
  2018. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +12 -7
  2019. data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +9 -4
  2020. data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +5 -2
  2021. data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +23 -2
  2022. data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +5 -1
  2023. data/third_party/abseil-cpp/absl/strings/numbers.cc +107 -333
  2024. data/third_party/abseil-cpp/absl/strings/numbers.h +12 -151
  2025. data/third_party/abseil-cpp/absl/strings/str_cat.cc +49 -142
  2026. data/third_party/abseil-cpp/absl/strings/str_cat.h +70 -85
  2027. data/third_party/abseil-cpp/absl/strings/str_format.h +1 -1
  2028. data/third_party/abseil-cpp/absl/strings/str_join.h +19 -5
  2029. data/third_party/abseil-cpp/absl/strings/str_split.h +2 -2
  2030. data/third_party/abseil-cpp/absl/strings/string_view.h +3 -2
  2031. data/third_party/abseil-cpp/absl/strings/substitute.cc +4 -0
  2032. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -2
  2033. data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +5 -0
  2034. data/third_party/abseil-cpp/absl/synchronization/mutex.h +5 -4
  2035. data/third_party/abseil-cpp/absl/time/civil_time.h +2 -2
  2036. data/third_party/abseil-cpp/absl/time/clock.cc +15 -1
  2037. data/third_party/abseil-cpp/absl/time/duration.cc +58 -53
  2038. data/third_party/abseil-cpp/absl/time/format.cc +2 -1
  2039. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
  2040. data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +0 -29
  2041. data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +3 -3
  2042. data/third_party/abseil-cpp/absl/time/time.h +73 -29
  2043. data/third_party/abseil-cpp/absl/types/compare.h +505 -0
  2044. data/third_party/abseil-cpp/absl/types/internal/optional.h +2 -2
  2045. data/third_party/abseil-cpp/absl/types/internal/variant.h +55 -67
  2046. data/third_party/abseil-cpp/absl/types/optional.h +15 -18
  2047. data/third_party/abseil-cpp/absl/types/span.h +3 -2
  2048. data/third_party/abseil-cpp/absl/types/variant.h +19 -24
  2049. data/third_party/abseil-cpp/absl/utility/utility.h +3 -41
  2050. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +243 -0
  2051. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +53 -0
  2052. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +47 -0
  2053. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +42 -0
  2054. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +109 -0
  2055. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +43 -0
  2056. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +424 -0
  2057. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +239 -0
  2058. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +193 -0
  2059. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +32 -0
  2060. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +415 -0
  2061. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +206 -0
  2062. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +224 -0
  2063. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +172 -0
  2064. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +109 -0
  2065. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +355 -0
  2066. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +61 -0
  2067. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +56 -0
  2068. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +63 -0
  2069. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +52 -0
  2070. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
  2071. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +241 -0
  2072. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +932 -0
  2073. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +669 -0
  2074. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +164 -0
  2075. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +276 -0
  2076. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +84 -0
  2077. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +229 -0
  2078. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +434 -0
  2079. data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +19 -13
  2080. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +658 -0
  2081. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +268 -0
  2082. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +511 -0
  2083. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +50 -0
  2084. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +193 -0
  2085. data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +292 -0
  2086. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +152 -0
  2087. data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
  2088. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +446 -0
  2089. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +59 -0
  2090. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +147 -0
  2091. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +133 -0
  2092. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +169 -0
  2093. data/third_party/boringssl-with-bazel/src/crypto/bn/bn_asn1.cc +57 -0
  2094. data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +423 -0
  2095. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +118 -0
  2096. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +53 -0
  2097. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +266 -0
  2098. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +702 -0
  2099. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +912 -0
  2100. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
  2101. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +156 -0
  2102. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +224 -0
  2103. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +18 -18
  2104. data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
  2105. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesctrhmac.cc +279 -0
  2106. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +845 -0
  2107. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_chacha20poly1305.cc +341 -0
  2108. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_des.cc +198 -0
  2109. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
  2110. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc2.cc +417 -0
  2111. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
  2112. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_tls.cc +599 -0
  2113. data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
  2114. data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +240 -0
  2115. data/third_party/boringssl-with-bazel/src/crypto/cipher/tls_cbc.cc +476 -0
  2116. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +631 -0
  2117. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
  2118. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +73 -0
  2119. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +53 -0
  2120. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +60 -0
  2121. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +59 -0
  2122. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +92 -0
  2123. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +39 -0
  2124. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +53 -0
  2125. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +150 -0
  2126. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
  2127. data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +287 -0
  2128. data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +181 -0
  2129. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +2154 -0
  2130. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +18 -0
  2131. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
  2132. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
  2133. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +529 -0
  2134. data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +829 -0
  2135. data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
  2136. data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
  2137. data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +442 -0
  2138. data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +306 -0
  2139. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +951 -0
  2140. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +379 -0
  2141. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -15
  2142. data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +570 -0
  2143. data/third_party/boringssl-with-bazel/src/crypto/ec/ec_derive.cc +96 -0
  2144. data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +510 -0
  2145. data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +78 -0
  2146. data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
  2147. data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +357 -0
  2148. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +95 -0
  2149. data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +810 -0
  2150. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
  2151. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +379 -0
  2152. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +471 -0
  2153. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +440 -0
  2154. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +13 -55
  2155. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +153 -0
  2156. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +142 -0
  2157. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +279 -0
  2158. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +230 -0
  2159. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +286 -0
  2160. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +103 -0
  2161. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +225 -0
  2162. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +236 -0
  2163. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +609 -0
  2164. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +198 -0
  2165. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +109 -0
  2166. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +237 -0
  2167. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +98 -0
  2168. data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +342 -0
  2169. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +216 -0
  2170. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +114 -0
  2171. data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +141 -0
  2172. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +191 -0
  2173. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +1281 -0
  2174. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cbc.cc.inc +130 -0
  2175. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cfb.cc.inc +166 -0
  2176. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
  2177. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +604 -0
  2178. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm_nohw.cc.inc +302 -0
  2179. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +419 -70
  2180. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +208 -0
  2181. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +84 -0
  2182. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
  2183. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +89 -0
  2184. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +282 -0
  2185. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +665 -25
  2186. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +269 -0
  2187. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +554 -0
  2188. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +374 -0
  2189. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +225 -0
  2190. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +159 -0
  2191. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +191 -0
  2192. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +825 -0
  2193. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +87 -0
  2194. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +1227 -0
  2195. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +300 -0
  2196. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +339 -0
  2197. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +582 -0
  2198. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -134
  2199. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +108 -0
  2200. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +430 -0
  2201. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +222 -0
  2202. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +698 -0
  2203. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +980 -0
  2204. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +260 -0
  2205. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +142 -0
  2206. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
  2207. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +320 -0
  2208. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +459 -0
  2209. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +295 -0
  2210. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +672 -0
  2211. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +1242 -0
  2212. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +409 -0
  2213. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -65
  2214. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +288 -0
  2215. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +26 -22
  2216. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +203 -0
  2217. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +443 -0
  2218. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -15
  2219. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +250 -0
  2220. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +178 -0
  2221. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
  2222. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
  2223. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +226 -0
  2224. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
  2225. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +986 -0
  2226. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +501 -0
  2227. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +439 -0
  2228. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +104 -0
  2229. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
  2230. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +306 -0
  2231. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +1163 -0
  2232. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
  2233. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +741 -0
  2234. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +22 -17
  2235. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +749 -0
  2236. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
  2237. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +179 -0
  2238. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +284 -0
  2239. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +269 -0
  2240. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +255 -0
  2241. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +221 -0
  2242. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +88 -0
  2243. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +278 -0
  2244. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +13 -13
  2245. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +28 -0
  2246. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +112 -0
  2247. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +215 -0
  2248. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +70 -0
  2249. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/keccak.cc.inc +279 -0
  2250. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
  2251. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
  2252. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +214 -0
  2253. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +18 -24
  2254. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +483 -0
  2255. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +147 -0
  2256. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
  2257. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +379 -0
  2258. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +983 -0
  2259. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +1296 -0
  2260. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +129 -0
  2261. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +1042 -0
  2262. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +34 -34
  2263. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +327 -0
  2264. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +43 -57
  2265. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +390 -0
  2266. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +299 -0
  2267. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +473 -0
  2268. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/address.h +119 -0
  2269. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.cc.inc +169 -0
  2270. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
  2271. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.cc.inc +161 -0
  2272. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
  2273. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/params.h +78 -0
  2274. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
  2275. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
  2276. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
  2277. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.cc.inc +171 -0
  2278. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
  2279. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
  2280. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +180 -0
  2281. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +1095 -0
  2282. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +2185 -0
  2283. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
  2284. data/third_party/boringssl-with-bazel/src/crypto/internal.h +262 -445
  2285. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +13 -13
  2286. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +869 -0
  2287. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
  2288. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +309 -0
  2289. data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +194 -0
  2290. data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +37 -0
  2291. data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +243 -0
  2292. data/third_party/boringssl-with-bazel/src/crypto/mem.cc +583 -0
  2293. data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +90 -0
  2294. data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +97 -1042
  2295. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +519 -0
  2296. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +14 -56
  2297. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +80 -0
  2298. data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
  2299. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +149 -0
  2300. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +254 -0
  2301. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +741 -0
  2302. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +45 -0
  2303. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +208 -0
  2304. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +141 -0
  2305. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +22 -0
  2306. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +22 -0
  2307. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
  2308. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +193 -0
  2309. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +526 -0
  2310. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +13 -54
  2311. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +275 -0
  2312. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +487 -0
  2313. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +1304 -0
  2314. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
  2315. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +314 -0
  2316. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +310 -0
  2317. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +850 -0
  2318. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
  2319. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +262 -0
  2320. data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +65 -0
  2321. data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +194 -0
  2322. data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
  2323. data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +60 -0
  2324. data/third_party/boringssl-with-bazel/src/crypto/rand/getrandom_fillin.h +64 -0
  2325. data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
  2326. data/third_party/boringssl-with-bazel/src/crypto/rand/passive.cc +178 -0
  2327. data/third_party/boringssl-with-bazel/src/crypto/rand/rand.cc +77 -0
  2328. data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
  2329. data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
  2330. data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +328 -0
  2331. data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +102 -0
  2332. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +56 -0
  2333. data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +59 -0
  2334. data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
  2335. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_asn1.cc +283 -0
  2336. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +531 -0
  2337. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
  2338. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
  2339. data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
  2340. data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
  2341. data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
  2342. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +79 -0
  2343. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +113 -0
  2344. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
  2345. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
  2346. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +496 -0
  2347. data/third_party/boringssl-with-bazel/src/crypto/thread.cc +68 -0
  2348. data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +51 -0
  2349. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +151 -0
  2350. data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +240 -0
  2351. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
  2352. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +1656 -0
  2353. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +685 -0
  2354. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +1263 -0
  2355. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +52 -0
  2356. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +97 -0
  2357. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +74 -0
  2358. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +136 -0
  2359. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +542 -0
  2360. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +355 -0
  2361. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +227 -0
  2362. data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
  2363. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +37 -0
  2364. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +13 -57
  2365. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +185 -0
  2366. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +796 -0
  2367. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +364 -0
  2368. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +103 -0
  2369. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +203 -0
  2370. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +287 -0
  2371. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +79 -0
  2372. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +181 -0
  2373. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +31 -0
  2374. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +593 -0
  2375. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +95 -0
  2376. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +102 -0
  2377. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +374 -0
  2378. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +444 -0
  2379. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +557 -0
  2380. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +73 -0
  2381. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +114 -0
  2382. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +228 -0
  2383. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +79 -0
  2384. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +164 -0
  2385. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +81 -0
  2386. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +304 -0
  2387. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +514 -0
  2388. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +89 -0
  2389. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +101 -0
  2390. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +109 -0
  2391. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +183 -0
  2392. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +590 -0
  2393. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +131 -0
  2394. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +1342 -0
  2395. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +47 -0
  2396. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +186 -0
  2397. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +238 -0
  2398. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +66 -0
  2399. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +44 -0
  2400. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +139 -0
  2401. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +554 -0
  2402. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +164 -0
  2403. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +257 -0
  2404. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +198 -0
  2405. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +118 -0
  2406. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +147 -0
  2407. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +249 -0
  2408. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +1600 -0
  2409. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +440 -0
  2410. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +235 -0
  2411. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +365 -0
  2412. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +67 -0
  2413. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +91 -0
  2414. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +107 -0
  2415. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +318 -0
  2416. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +55 -0
  2417. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +342 -0
  2418. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +36 -0
  2419. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +492 -0
  2420. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +170 -0
  2421. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +74 -0
  2422. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +51 -0
  2423. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +34 -0
  2424. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +28 -0
  2425. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +506 -0
  2426. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +169 -0
  2427. data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +1529 -0
  2428. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
  2429. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
  2430. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +16 -76
  2431. data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
  2432. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +23 -62
  2433. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
  2434. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +248 -328
  2435. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +24 -55
  2436. data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
  2437. data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
  2438. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +13 -55
  2439. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
  2440. data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
  2441. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -121
  2442. data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
  2443. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
  2444. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +31 -16
  2445. data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
  2446. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
  2447. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
  2448. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
  2449. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
  2450. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
  2451. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +25 -14
  2452. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
  2453. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
  2454. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
  2455. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -55
  2456. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -56
  2457. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +17 -58
  2458. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
  2459. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
  2460. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
  2461. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +31 -72
  2462. data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
  2463. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
  2464. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
  2465. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -107
  2466. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +14 -56
  2467. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +13 -55
  2468. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +13 -107
  2469. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +13 -13
  2470. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
  2471. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
  2472. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +13 -13
  2473. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
  2474. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
  2475. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
  2476. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
  2477. data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
  2478. data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
  2479. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
  2480. data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +20 -26
  2481. data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +13 -37
  2482. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +27 -69
  2483. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +13 -55
  2484. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
  2485. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
  2486. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
  2487. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
  2488. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
  2489. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +22 -60
  2490. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
  2491. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
  2492. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
  2493. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
  2494. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
  2495. data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
  2496. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -13
  2497. data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
  2498. data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
  2499. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +23 -63
  2500. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
  2501. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +13 -13
  2502. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +15 -95
  2503. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
  2504. data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +174 -0
  2505. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +24 -32
  2506. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
  2507. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +358 -290
  2508. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +15 -114
  2509. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +13 -55
  2510. data/third_party/boringssl-with-bazel/src/include/openssl/target.h +23 -13
  2511. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +15 -57
  2512. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
  2513. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -156
  2514. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
  2515. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
  2516. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +14 -61
  2517. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
  2518. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
  2519. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
  2520. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +15 -14
  2521. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +680 -434
  2522. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +129 -174
  2523. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +176 -131
  2524. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +21 -127
  2525. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +107 -104
  2526. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +311 -312
  2527. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +54 -47
  2528. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +673 -475
  2529. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +66 -73
  2530. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +61 -153
  2531. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +199 -332
  2532. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +89 -213
  2533. data/third_party/boringssl-with-bazel/src/ssl/internal.h +961 -536
  2534. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +47 -157
  2535. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +29 -159
  2536. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +18 -112
  2537. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +103 -196
  2538. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +52 -145
  2539. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +15 -20
  2540. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +117 -157
  2541. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +229 -365
  2542. data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +218 -32
  2543. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +13 -109
  2544. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +34 -33
  2545. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +194 -350
  2546. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +38 -83
  2547. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +101 -236
  2548. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +17 -91
  2549. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +109 -157
  2550. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +44 -30
  2551. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +66 -195
  2552. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -176
  2553. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +58 -42
  2554. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +147 -95
  2555. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +251 -180
  2556. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +237 -108
  2557. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +64 -117
  2558. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +52 -134
  2559. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
  2560. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
  2561. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
  2562. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
  2563. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
  2564. data/third_party/upb/upb/base/internal/log2.h +3 -1
  2565. data/third_party/upb/upb/base/string_view.h +10 -0
  2566. data/third_party/upb/upb/hash/common.c +5 -1
  2567. data/third_party/upb/upb/json/decode.c +59 -13
  2568. data/third_party/upb/upb/json/decode.h +25 -3
  2569. data/third_party/upb/upb/json/encode.c +2 -2
  2570. data/third_party/upb/upb/lex/round_trip.c +10 -0
  2571. data/third_party/upb/upb/mem/alloc.h +5 -0
  2572. data/third_party/upb/upb/mem/arena.c +306 -141
  2573. data/third_party/upb/upb/mem/arena.h +56 -11
  2574. data/third_party/upb/upb/mem/arena.hpp +9 -21
  2575. data/third_party/upb/upb/mem/internal/arena.h +4 -6
  2576. data/third_party/upb/upb/message/accessors.c +2 -4
  2577. data/third_party/upb/upb/message/accessors.h +219 -379
  2578. data/third_party/upb/upb/message/compat.c +11 -14
  2579. data/third_party/upb/upb/message/compat.h +4 -3
  2580. data/third_party/upb/upb/message/copy.c +46 -37
  2581. data/third_party/upb/upb/message/internal/accessors.h +717 -36
  2582. data/third_party/upb/upb/message/internal/extension.c +29 -25
  2583. data/third_party/upb/upb/message/internal/extension.h +21 -5
  2584. data/third_party/upb/upb/message/internal/iterator.c +58 -0
  2585. data/third_party/upb/upb/message/internal/iterator.h +29 -0
  2586. data/third_party/upb/upb/message/internal/map.h +2 -3
  2587. data/third_party/upb/upb/message/internal/map_sorter.h +3 -2
  2588. data/third_party/upb/upb/message/internal/message.c +57 -39
  2589. data/third_party/upb/upb/message/internal/message.h +162 -31
  2590. data/third_party/upb/upb/message/map_sorter.c +20 -8
  2591. data/third_party/upb/upb/message/merge.c +38 -0
  2592. data/third_party/upb/upb/message/merge.h +26 -0
  2593. data/third_party/upb/upb/message/message.c +90 -38
  2594. data/third_party/upb/upb/message/message.h +64 -12
  2595. data/third_party/upb/upb/message/value.h +35 -0
  2596. data/third_party/upb/upb/mini_descriptor/build_enum.c +1 -1
  2597. data/third_party/upb/upb/mini_descriptor/decode.c +104 -138
  2598. data/third_party/upb/upb/mini_descriptor/decode.h +4 -3
  2599. data/third_party/upb/upb/mini_descriptor/internal/encode.hpp +1 -1
  2600. data/third_party/upb/upb/mini_descriptor/link.c +7 -3
  2601. data/third_party/upb/upb/mini_table/extension_registry.c +41 -11
  2602. data/third_party/upb/upb/mini_table/extension_registry.h +30 -6
  2603. data/third_party/upb/upb/mini_table/internal/extension.h +9 -0
  2604. data/third_party/upb/upb/mini_table/internal/message.c +21 -1
  2605. data/third_party/upb/upb/mini_table/internal/message.h +40 -20
  2606. data/third_party/upb/upb/mini_table/internal/sub.h +5 -0
  2607. data/third_party/upb/upb/mini_table/message.c +21 -13
  2608. data/third_party/upb/upb/mini_table/message.h +11 -1
  2609. data/third_party/upb/upb/port/atomic.h +134 -7
  2610. data/third_party/upb/upb/port/def.inc +229 -37
  2611. data/third_party/upb/upb/port/undef.inc +17 -0
  2612. data/third_party/upb/upb/reflection/common.h +1 -11
  2613. data/third_party/upb/upb/reflection/def.hpp +13 -1
  2614. data/third_party/upb/upb/reflection/def_pool.c +10 -3
  2615. data/third_party/upb/upb/reflection/descriptor_bootstrap.h +19 -0
  2616. data/third_party/upb/upb/reflection/field_def.c +11 -22
  2617. data/third_party/upb/upb/reflection/field_def.h +1 -0
  2618. data/third_party/upb/upb/reflection/file_def.c +12 -5
  2619. data/third_party/upb/upb/reflection/internal/def_builder.c +1 -1
  2620. data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
  2621. data/third_party/upb/upb/reflection/message.c +27 -19
  2622. data/third_party/upb/upb/reflection/message.h +5 -3
  2623. data/third_party/upb/upb/text/encode.c +51 -406
  2624. data/third_party/upb/upb/text/encode.h +1 -11
  2625. data/third_party/upb/upb/text/internal/encode.c +199 -0
  2626. data/third_party/upb/upb/text/internal/encode.h +244 -0
  2627. data/third_party/upb/upb/text/options.h +22 -0
  2628. data/third_party/upb/upb/wire/decode.c +130 -83
  2629. data/third_party/upb/upb/wire/decode.h +8 -3
  2630. data/third_party/upb/upb/wire/encode.c +113 -55
  2631. data/third_party/upb/upb/wire/encode.h +5 -0
  2632. data/third_party/upb/upb/wire/eps_copy_input_stream.h +18 -20
  2633. data/third_party/upb/upb/wire/internal/decode_fast.c +3 -0
  2634. data/third_party/upb/upb/wire/internal/decoder.h +4 -11
  2635. data/third_party/utf8_range/utf8_range.c +15 -275
  2636. data/third_party/utf8_range/utf8_range_neon.inc +117 -0
  2637. data/third_party/utf8_range/utf8_range_sse.inc +272 -0
  2638. data/third_party/zlib/deflate.c +40 -15
  2639. data/third_party/zlib/deflate.h +33 -2
  2640. data/third_party/zlib/gzguts.h +2 -6
  2641. data/third_party/zlib/inflate.c +1 -1
  2642. data/third_party/zlib/inftrees.c +3 -3
  2643. data/third_party/zlib/inftrees.h +2 -2
  2644. data/third_party/zlib/trees.c +18 -4
  2645. data/third_party/zlib/zconf.h +1 -9
  2646. data/third_party/zlib/zlib.h +12 -12
  2647. data/third_party/zlib/zutil.h +4 -25
  2648. metadata +648 -599
  2649. data/include/grpc/grpc_cronet.h +0 -37
  2650. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -419
  2651. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -84
  2652. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -30
  2653. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -400
  2654. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -118
  2655. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -33
  2656. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -107
  2657. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -32
  2658. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -66
  2659. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -47
  2660. data/src/core/lib/avl/avl.h +0 -325
  2661. data/src/core/lib/backoff/backoff.cc +0 -44
  2662. data/src/core/lib/backoff/backoff.h +0 -87
  2663. data/src/core/lib/backoff/random_early_detection.cc +0 -33
  2664. data/src/core/lib/backoff/random_early_detection.h +0 -62
  2665. data/src/core/lib/channel/call_finalization.h +0 -88
  2666. data/src/core/lib/channel/status_util.cc +0 -155
  2667. data/src/core/lib/channel/status_util.h +0 -80
  2668. data/src/core/lib/config/config_vars.cc +0 -152
  2669. data/src/core/lib/config/config_vars.h +0 -129
  2670. data/src/core/lib/config/config_vars_non_generated.cc +0 -49
  2671. data/src/core/lib/config/core_configuration.cc +0 -111
  2672. data/src/core/lib/config/core_configuration.h +0 -243
  2673. data/src/core/lib/config/load_config.cc +0 -79
  2674. data/src/core/lib/config/load_config.h +0 -55
  2675. data/src/core/lib/debug/event_log.cc +0 -87
  2676. data/src/core/lib/debug/event_log.h +0 -81
  2677. data/src/core/lib/gprpp/atomic_utils.h +0 -47
  2678. data/src/core/lib/gprpp/bitset.h +0 -225
  2679. data/src/core/lib/gprpp/chunked_vector.h +0 -257
  2680. data/src/core/lib/gprpp/construct_destruct.h +0 -40
  2681. data/src/core/lib/gprpp/cpp_impl_of.h +0 -49
  2682. data/src/core/lib/gprpp/crash.cc +0 -41
  2683. data/src/core/lib/gprpp/crash.h +0 -37
  2684. data/src/core/lib/gprpp/debug_location.h +0 -106
  2685. data/src/core/lib/gprpp/directory_reader.h +0 -48
  2686. data/src/core/lib/gprpp/down_cast.h +0 -48
  2687. data/src/core/lib/gprpp/dual_ref_counted.h +0 -377
  2688. data/src/core/lib/gprpp/dump_args.cc +0 -54
  2689. data/src/core/lib/gprpp/dump_args.h +0 -117
  2690. data/src/core/lib/gprpp/env.h +0 -53
  2691. data/src/core/lib/gprpp/examine_stack.cc +0 -43
  2692. data/src/core/lib/gprpp/examine_stack.h +0 -45
  2693. data/src/core/lib/gprpp/fork.cc +0 -241
  2694. data/src/core/lib/gprpp/fork.h +0 -98
  2695. data/src/core/lib/gprpp/glob.h +0 -29
  2696. data/src/core/lib/gprpp/host_port.cc +0 -115
  2697. data/src/core/lib/gprpp/host_port.h +0 -57
  2698. data/src/core/lib/gprpp/if_list.h +0 -4530
  2699. data/src/core/lib/gprpp/linux/env.cc +0 -62
  2700. data/src/core/lib/gprpp/load_file.cc +0 -76
  2701. data/src/core/lib/gprpp/load_file.h +0 -34
  2702. data/src/core/lib/gprpp/manual_constructor.h +0 -146
  2703. data/src/core/lib/gprpp/match.h +0 -75
  2704. data/src/core/lib/gprpp/memory.h +0 -52
  2705. data/src/core/lib/gprpp/mpscq.cc +0 -108
  2706. data/src/core/lib/gprpp/mpscq.h +0 -99
  2707. data/src/core/lib/gprpp/no_destruct.h +0 -95
  2708. data/src/core/lib/gprpp/notification.h +0 -67
  2709. data/src/core/lib/gprpp/orphanable.h +0 -153
  2710. data/src/core/lib/gprpp/overload.h +0 -59
  2711. data/src/core/lib/gprpp/packed_table.h +0 -40
  2712. data/src/core/lib/gprpp/per_cpu.cc +0 -34
  2713. data/src/core/lib/gprpp/per_cpu.h +0 -103
  2714. data/src/core/lib/gprpp/posix/directory_reader.cc +0 -82
  2715. data/src/core/lib/gprpp/posix/env.cc +0 -47
  2716. data/src/core/lib/gprpp/posix/stat.cc +0 -55
  2717. data/src/core/lib/gprpp/posix/thd.cc +0 -246
  2718. data/src/core/lib/gprpp/ref_counted.h +0 -403
  2719. data/src/core/lib/gprpp/ref_counted_ptr.h +0 -445
  2720. data/src/core/lib/gprpp/ref_counted_string.cc +0 -43
  2721. data/src/core/lib/gprpp/ref_counted_string.h +0 -161
  2722. data/src/core/lib/gprpp/single_set_ptr.h +0 -89
  2723. data/src/core/lib/gprpp/sorted_pack.h +0 -89
  2724. data/src/core/lib/gprpp/stat.h +0 -36
  2725. data/src/core/lib/gprpp/status_helper.cc +0 -433
  2726. data/src/core/lib/gprpp/status_helper.h +0 -162
  2727. data/src/core/lib/gprpp/strerror.cc +0 -41
  2728. data/src/core/lib/gprpp/strerror.h +0 -29
  2729. data/src/core/lib/gprpp/sync.h +0 -199
  2730. data/src/core/lib/gprpp/table.h +0 -488
  2731. data/src/core/lib/gprpp/tchar.cc +0 -49
  2732. data/src/core/lib/gprpp/tchar.h +0 -33
  2733. data/src/core/lib/gprpp/thd.h +0 -194
  2734. data/src/core/lib/gprpp/time.cc +0 -241
  2735. data/src/core/lib/gprpp/time.h +0 -379
  2736. data/src/core/lib/gprpp/time_averaged_stats.cc +0 -60
  2737. data/src/core/lib/gprpp/time_averaged_stats.h +0 -79
  2738. data/src/core/lib/gprpp/time_util.cc +0 -81
  2739. data/src/core/lib/gprpp/time_util.h +0 -41
  2740. data/src/core/lib/gprpp/type_list.h +0 -32
  2741. data/src/core/lib/gprpp/unique_type_name.h +0 -124
  2742. data/src/core/lib/gprpp/uuid_v4.cc +0 -37
  2743. data/src/core/lib/gprpp/uuid_v4.h +0 -36
  2744. data/src/core/lib/gprpp/validation_errors.cc +0 -74
  2745. data/src/core/lib/gprpp/validation_errors.h +0 -145
  2746. data/src/core/lib/gprpp/windows/directory_reader.cc +0 -79
  2747. data/src/core/lib/gprpp/windows/env.cc +0 -56
  2748. data/src/core/lib/gprpp/windows/stat.cc +0 -51
  2749. data/src/core/lib/gprpp/windows/thd.cc +0 -184
  2750. data/src/core/lib/gprpp/work_serializer.cc +0 -543
  2751. data/src/core/lib/gprpp/work_serializer.h +0 -106
  2752. data/src/core/lib/gprpp/xxhash_inline.h +0 -29
  2753. data/src/core/lib/iomgr/gethostname.h +0 -26
  2754. data/src/core/lib/iomgr/gethostname_fallback.cc +0 -30
  2755. data/src/core/lib/iomgr/gethostname_host_name_max.cc +0 -40
  2756. data/src/core/lib/iomgr/gethostname_sysconf.cc +0 -40
  2757. data/src/core/lib/iomgr/grpc_if_nametoindex.h +0 -30
  2758. data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +0 -42
  2759. data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +0 -37
  2760. data/src/core/lib/matchers/matchers.cc +0 -330
  2761. data/src/core/lib/matchers/matchers.h +0 -163
  2762. data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +0 -70
  2763. data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +0 -50
  2764. data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +0 -76
  2765. data/src/core/lib/security/context/security_context.cc +0 -333
  2766. data/src/core/lib/security/context/security_context.h +0 -204
  2767. data/src/core/lib/security/credentials/alts/alts_credentials.cc +0 -116
  2768. data/src/core/lib/security/credentials/alts/alts_credentials.h +0 -123
  2769. data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +0 -72
  2770. data/src/core/lib/security/credentials/alts/check_gcp_environment.h +0 -57
  2771. data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +0 -68
  2772. data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +0 -33
  2773. data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +0 -102
  2774. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +0 -124
  2775. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +0 -45
  2776. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +0 -74
  2777. data/src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc +0 -55
  2778. data/src/core/lib/security/credentials/call_creds_util.cc +0 -96
  2779. data/src/core/lib/security/credentials/call_creds_util.h +0 -43
  2780. data/src/core/lib/security/credentials/channel_creds_registry.h +0 -127
  2781. data/src/core/lib/security/credentials/channel_creds_registry_init.cc +0 -242
  2782. data/src/core/lib/security/credentials/composite/composite_credentials.cc +0 -169
  2783. data/src/core/lib/security/credentials/composite/composite_credentials.h +0 -135
  2784. data/src/core/lib/security/credentials/credentials.cc +0 -163
  2785. data/src/core/lib/security/credentials/credentials.h +0 -299
  2786. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +0 -531
  2787. data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +0 -116
  2788. data/src/core/lib/security/credentials/external/aws_request_signer.cc +0 -231
  2789. data/src/core/lib/security/credentials/external/aws_request_signer.h +0 -72
  2790. data/src/core/lib/security/credentials/external/external_account_credentials.cc +0 -644
  2791. data/src/core/lib/security/credentials/external/external_account_credentials.h +0 -209
  2792. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -176
  2793. data/src/core/lib/security/credentials/external/file_external_account_credentials.h +0 -79
  2794. data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +0 -223
  2795. data/src/core/lib/security/credentials/external/url_external_account_credentials.h +0 -72
  2796. data/src/core/lib/security/credentials/fake/fake_credentials.cc +0 -105
  2797. data/src/core/lib/security/credentials/fake/fake_credentials.h +0 -125
  2798. data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +0 -196
  2799. data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.h +0 -90
  2800. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +0 -39
  2801. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +0 -433
  2802. data/src/core/lib/security/credentials/google_default/google_default_credentials.h +0 -99
  2803. data/src/core/lib/security/credentials/iam/iam_credentials.cc +0 -80
  2804. data/src/core/lib/security/credentials/iam/iam_credentials.h +0 -67
  2805. data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +0 -71
  2806. data/src/core/lib/security/credentials/insecure/insecure_credentials.h +0 -61
  2807. data/src/core/lib/security/credentials/jwt/json_token.cc +0 -321
  2808. data/src/core/lib/security/credentials/jwt/json_token.h +0 -79
  2809. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +0 -184
  2810. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +0 -108
  2811. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -991
  2812. data/src/core/lib/security/credentials/jwt/jwt_verifier.h +0 -123
  2813. data/src/core/lib/security/credentials/local/local_credentials.cc +0 -68
  2814. data/src/core/lib/security/credentials/local/local_credentials.h +0 -77
  2815. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +0 -655
  2816. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +0 -198
  2817. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -203
  2818. data/src/core/lib/security/credentials/plugin/plugin_credentials.h +0 -125
  2819. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +0 -476
  2820. data/src/core/lib/security/credentials/ssl/ssl_credentials.h +0 -146
  2821. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +0 -338
  2822. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +0 -216
  2823. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +0 -86
  2824. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +0 -412
  2825. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +0 -204
  2826. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +0 -239
  2827. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +0 -170
  2828. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +0 -162
  2829. data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +0 -145
  2830. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +0 -260
  2831. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +0 -132
  2832. data/src/core/lib/security/credentials/tls/tls_credentials.cc +0 -171
  2833. data/src/core/lib/security/credentials/tls/tls_credentials.h +0 -73
  2834. data/src/core/lib/security/credentials/tls/tls_utils.cc +0 -128
  2835. data/src/core/lib/security/credentials/tls/tls_utils.h +0 -50
  2836. data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +0 -298
  2837. data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +0 -176
  2838. data/src/core/lib/security/credentials/xds/xds_credentials.cc +0 -231
  2839. data/src/core/lib/security/credentials/xds/xds_credentials.h +0 -112
  2840. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +0 -305
  2841. data/src/core/lib/security/security_connector/alts/alts_security_connector.h +0 -78
  2842. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +0 -316
  2843. data/src/core/lib/security/security_connector/fake/fake_security_connector.h +0 -42
  2844. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +0 -120
  2845. data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +0 -103
  2846. data/src/core/lib/security/security_connector/load_system_roots.h +0 -35
  2847. data/src/core/lib/security/security_connector/load_system_roots_fallback.cc +0 -36
  2848. data/src/core/lib/security/security_connector/load_system_roots_supported.cc +0 -167
  2849. data/src/core/lib/security/security_connector/load_system_roots_supported.h +0 -44
  2850. data/src/core/lib/security/security_connector/load_system_roots_windows.cc +0 -86
  2851. data/src/core/lib/security/security_connector/local/local_security_connector.cc +0 -302
  2852. data/src/core/lib/security/security_connector/local/local_security_connector.h +0 -62
  2853. data/src/core/lib/security/security_connector/security_connector.cc +0 -125
  2854. data/src/core/lib/security/security_connector/security_connector.h +0 -198
  2855. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +0 -405
  2856. data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +0 -82
  2857. data/src/core/lib/security/security_connector/ssl_utils.cc +0 -630
  2858. data/src/core/lib/security/security_connector/ssl_utils.h +0 -190
  2859. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +0 -818
  2860. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +0 -286
  2861. data/src/core/lib/security/transport/auth_filters.h +0 -145
  2862. data/src/core/lib/security/transport/client_auth_filter.cc +0 -221
  2863. data/src/core/lib/security/transport/server_auth_filter.cc +0 -216
  2864. data/src/core/lib/security/util/json_util.cc +0 -70
  2865. data/src/core/lib/security/util/json_util.h +0 -43
  2866. data/src/core/lib/surface/client_call.cc +0 -429
  2867. data/src/core/lib/surface/client_call.h +0 -179
  2868. data/src/core/lib/surface/server_call.cc +0 -223
  2869. data/src/core/lib/surface/server_call.h +0 -168
  2870. data/src/core/lib/transport/call_arena_allocator.cc +0 -27
  2871. data/src/core/lib/transport/call_arena_allocator.h +0 -92
  2872. data/src/core/lib/transport/call_destination.h +0 -76
  2873. data/src/core/lib/transport/call_filters.cc +0 -254
  2874. data/src/core/lib/transport/call_filters.h +0 -1532
  2875. data/src/core/lib/transport/call_spine.cc +0 -132
  2876. data/src/core/lib/transport/call_spine.h +0 -418
  2877. data/src/core/lib/transport/call_state.cc +0 -39
  2878. data/src/core/lib/transport/call_state.h +0 -957
  2879. data/src/core/lib/transport/custom_metadata.h +0 -30
  2880. data/src/core/lib/transport/http2_errors.h +0 -41
  2881. data/src/core/lib/transport/interception_chain.cc +0 -147
  2882. data/src/core/lib/transport/interception_chain.h +0 -244
  2883. data/src/core/lib/transport/message.cc +0 -44
  2884. data/src/core/lib/transport/message.h +0 -61
  2885. data/src/core/lib/transport/metadata.cc +0 -61
  2886. data/src/core/lib/transport/metadata.h +0 -113
  2887. data/src/core/lib/transport/metadata_batch.cc +0 -376
  2888. data/src/core/lib/transport/metadata_batch.h +0 -1601
  2889. data/src/core/lib/transport/metadata_compression_traits.h +0 -67
  2890. data/src/core/lib/transport/metadata_info.cc +0 -55
  2891. data/src/core/lib/transport/metadata_info.h +0 -85
  2892. data/src/core/lib/transport/parsed_metadata.cc +0 -35
  2893. data/src/core/lib/transport/parsed_metadata.h +0 -431
  2894. data/src/core/lib/transport/simple_slice_based_metadata.h +0 -54
  2895. data/src/core/lib/uri/uri_parser.cc +0 -371
  2896. data/src/core/lib/uri/uri_parser.h +0 -101
  2897. data/src/core/resolver/binder/binder_resolver.cc +0 -153
  2898. data/src/core/util/atm.cc +0 -35
  2899. data/src/core/xds/xds_client/xds_client_stats.cc +0 -164
  2900. data/src/core/xds/xds_client/xds_client_stats.h +0 -258
  2901. data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +0 -44
  2902. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +0 -284
  2903. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -95
  2904. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -89
  2905. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -84
  2906. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -151
  2907. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -85
  2908. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +0 -465
  2909. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +0 -279
  2910. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +0 -235
  2911. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -74
  2912. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +0 -457
  2913. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +0 -245
  2914. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +0 -259
  2915. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +0 -214
  2916. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -183
  2917. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -397
  2918. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -103
  2919. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -98
  2920. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -105
  2921. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -94
  2922. data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +0 -241
  2923. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +0 -973
  2924. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +0 -708
  2925. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -212
  2926. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +0 -317
  2927. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -126
  2928. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +0 -268
  2929. data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +0 -479
  2930. data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +0 -726
  2931. data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +0 -309
  2932. data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +0 -544
  2933. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +0 -92
  2934. data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -235
  2935. data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +0 -334
  2936. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
  2937. data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +0 -480
  2938. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -102
  2939. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -189
  2940. data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +0 -133
  2941. data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +0 -169
  2942. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +0 -57
  2943. data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +0 -465
  2944. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -158
  2945. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -53
  2946. data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +0 -266
  2947. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +0 -718
  2948. data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -911
  2949. data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +0 -156
  2950. data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -224
  2951. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
  2952. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
  2953. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +0 -284
  2954. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +0 -841
  2955. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +0 -348
  2956. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +0 -228
  2957. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -90
  2958. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +0 -455
  2959. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -94
  2960. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +0 -598
  2961. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +0 -280
  2962. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +0 -514
  2963. data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +0 -672
  2964. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +0 -75
  2965. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -55
  2966. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -62
  2967. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -61
  2968. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +0 -93
  2969. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +0 -41
  2970. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -54
  2971. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -151
  2972. data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +0 -326
  2973. data/third_party/boringssl-with-bazel/src/crypto/crypto.c +0 -188
  2974. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +0 -2157
  2975. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +0 -18
  2976. data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +0 -523
  2977. data/third_party/boringssl-with-bazel/src/crypto/des/des.c +0 -871
  2978. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -165
  2979. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +0 -480
  2980. data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -266
  2981. data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
  2982. data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
  2983. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +0 -997
  2984. data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +0 -419
  2985. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +0 -572
  2986. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +0 -96
  2987. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +0 -508
  2988. data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -78
  2989. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
  2990. data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +0 -411
  2991. data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +0 -91
  2992. data/third_party/boringssl-with-bazel/src/crypto/err/err.c +0 -903
  2993. data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +0 -430
  2994. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +0 -547
  2995. data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +0 -483
  2996. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.c +0 -137
  2997. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.c +0 -120
  2998. data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +0 -338
  2999. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +0 -274
  3000. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +0 -332
  3001. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +0 -100
  3002. data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +0 -224
  3003. data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +0 -232
  3004. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +0 -646
  3005. data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +0 -241
  3006. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +0 -106
  3007. data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +0 -236
  3008. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
  3009. data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +0 -381
  3010. data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +0 -209
  3011. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -156
  3012. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -236
  3013. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c.inc +0 -127
  3014. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c.inc +0 -1281
  3015. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c.inc +0 -242
  3016. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c.inc +0 -124
  3017. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -279
  3018. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c.inc +0 -310
  3019. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c.inc +0 -541
  3020. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c.inc +0 -428
  3021. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c.inc +0 -267
  3022. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c.inc +0 -201
  3023. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c.inc +0 -234
  3024. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c.inc +0 -876
  3025. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c.inc +0 -87
  3026. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c.inc +0 -1320
  3027. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c.inc +0 -397
  3028. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c.inc +0 -331
  3029. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c.inc +0 -624
  3030. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c.inc +0 -146
  3031. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c.inc +0 -532
  3032. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c.inc +0 -222
  3033. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c.inc +0 -744
  3034. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c.inc +0 -1077
  3035. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c.inc +0 -354
  3036. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c.inc +0 -137
  3037. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c.inc +0 -363
  3038. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c.inc +0 -499
  3039. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c.inc +0 -287
  3040. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c.inc +0 -717
  3041. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c.inc +0 -1464
  3042. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.c.inc +0 -446
  3043. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.c.inc +0 -322
  3044. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c.inc +0 -245
  3045. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c.inc +0 -489
  3046. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c.inc +0 -288
  3047. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c.inc +0 -304
  3048. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.c.inc +0 -267
  3049. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c.inc +0 -1043
  3050. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c.inc +0 -561
  3051. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c.inc +0 -491
  3052. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c.inc +0 -104
  3053. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c.inc +0 -359
  3054. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c.inc +0 -1163
  3055. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c.inc +0 -734
  3056. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c.inc +0 -749
  3057. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c.inc +0 -173
  3058. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c.inc +0 -336
  3059. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c.inc +0 -269
  3060. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c.inc +0 -255
  3061. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c.inc +0 -264
  3062. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c.inc +0 -130
  3063. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c.inc +0 -317
  3064. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -29
  3065. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c.inc +0 -112
  3066. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c.inc +0 -256
  3067. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c.inc +0 -240
  3068. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
  3069. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c.inc +0 -284
  3070. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c.inc +0 -164
  3071. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c.inc +0 -200
  3072. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c.inc +0 -196
  3073. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c.inc +0 -743
  3074. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c.inc +0 -302
  3075. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -428
  3076. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c.inc +0 -87
  3077. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c.inc +0 -90
  3078. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c.inc +0 -220
  3079. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c.inc +0 -479
  3080. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c.inc +0 -241
  3081. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c.inc +0 -420
  3082. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c.inc +0 -1038
  3083. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c.inc +0 -1351
  3084. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c.inc +0 -121
  3085. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c.inc +0 -1038
  3086. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c.inc +0 -328
  3087. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c.inc +0 -439
  3088. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c.inc +0 -359
  3089. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c.inc +0 -543
  3090. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c.inc +0 -218
  3091. data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +0 -1092
  3092. data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +0 -2234
  3093. data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +0 -70
  3094. data/third_party/boringssl-with-bazel/src/crypto/keccak/keccak.c +0 -279
  3095. data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +0 -845
  3096. data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +0 -350
  3097. data/third_party/boringssl-with-bazel/src/crypto/mem.c +0 -613
  3098. data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +0 -73
  3099. data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.c +0 -1687
  3100. data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +0 -90
  3101. data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +0 -564
  3102. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
  3103. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -243
  3104. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -294
  3105. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -789
  3106. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
  3107. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -250
  3108. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -183
  3109. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -64
  3110. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -64
  3111. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +0 -193
  3112. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -523
  3113. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +0 -316
  3114. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -527
  3115. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +0 -1352
  3116. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +0 -314
  3117. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +0 -308
  3118. data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +0 -847
  3119. data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +0 -261
  3120. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +0 -65
  3121. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/fork_detect.c +0 -195
  3122. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -44
  3123. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +0 -60
  3124. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getrandom_fillin.h +0 -64
  3125. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +0 -42
  3126. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +0 -174
  3127. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +0 -77
  3128. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +0 -37
  3129. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +0 -46
  3130. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/urandom.c +0 -328
  3131. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +0 -102
  3132. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
  3133. data/third_party/boringssl-with-bazel/src/crypto/refcount.c +0 -59
  3134. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -79
  3135. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +0 -324
  3136. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +0 -570
  3137. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
  3138. data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +0 -79
  3139. data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
  3140. data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
  3141. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
  3142. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
  3143. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
  3144. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
  3145. data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
  3146. data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
  3147. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
  3148. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
  3149. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
  3150. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
  3151. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
  3152. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
  3153. data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +0 -534
  3154. data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
  3155. data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -51
  3156. data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -150
  3157. data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +0 -236
  3158. data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +0 -1668
  3159. data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +0 -687
  3160. data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +0 -1267
  3161. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -94
  3162. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -136
  3163. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -116
  3164. data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -178
  3165. data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -585
  3166. data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +0 -400
  3167. data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -269
  3168. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -79
  3169. data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +0 -227
  3170. data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +0 -786
  3171. data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +0 -401
  3172. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -145
  3173. data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +0 -245
  3174. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -329
  3175. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -121
  3176. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.c +0 -221
  3177. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.c +0 -73
  3178. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.c +0 -634
  3179. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.c +0 -135
  3180. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.c +0 -141
  3181. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.c +0 -416
  3182. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +0 -482
  3183. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +0 -598
  3184. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.c +0 -112
  3185. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.c +0 -154
  3186. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.c +0 -270
  3187. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.c +0 -122
  3188. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +0 -211
  3189. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.c +0 -121
  3190. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +0 -344
  3191. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.c +0 -555
  3192. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.c +0 -81
  3193. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.c +0 -142
  3194. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.c +0 -150
  3195. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.c +0 -224
  3196. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.c +0 -624
  3197. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.c +0 -170
  3198. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.c +0 -1390
  3199. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -89
  3200. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -227
  3201. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -280
  3202. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -108
  3203. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -86
  3204. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -181
  3205. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -599
  3206. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +0 -206
  3207. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +0 -299
  3208. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +0 -240
  3209. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +0 -160
  3210. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +0 -189
  3211. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -291
  3212. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -1638
  3213. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +0 -440
  3214. data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +0 -277
  3215. data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +0 -407
  3216. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -109
  3217. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -133
  3218. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -149
  3219. data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -356
  3220. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -97
  3221. data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +0 -384
  3222. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -78
  3223. data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +0 -527
  3224. data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -210
  3225. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -116
  3226. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -93
  3227. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -79
  3228. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -70
  3229. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +0 -544
  3230. data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +0 -209
  3231. data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.c +0 -1514
  3232. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
  3233. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
  3234. data/third_party/upb/upb/message/internal/compare_unknown.c +0 -289
  3235. data/third_party/upb/upb/message/internal/compare_unknown.h +0 -49
  3236. /data/src/core/{lib/gprpp → util}/glob.cc +0 -0
data/third_party/boringssl-with-bazel/src/ssl/internal.h CHANGED
@@ -1,143 +1,18 @@
1
- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
- * All rights reserved.
3
- *
4
- * This package is an SSL implementation written
5
- * by Eric Young (eay@cryptsoft.com).
6
- * The implementation was written so as to conform with Netscapes SSL.
7
- *
8
- * This library is free for commercial and non-commercial use as long as
9
- * the following conditions are aheared to. The following conditions
10
- * apply to all code found in this distribution, be it the RC4, RSA,
11
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
- * included with this distribution is covered by the same copyright terms
13
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
- *
15
- * Copyright remains Eric Young's, and as such any Copyright notices in
16
- * the code are not to be removed.
17
- * If this package is used in a product, Eric Young should be given attribution
18
- * as the author of the parts of the library used.
19
- * This can be in the form of a textual message at program startup or
20
- * in documentation (online or textual) provided with the package.
21
- *
22
- * Redistribution and use in source and binary forms, with or without
23
- * modification, are permitted provided that the following conditions
24
- * are met:
25
- * 1. Redistributions of source code must retain the copyright
26
- * notice, this list of conditions and the following disclaimer.
27
- * 2. Redistributions in binary form must reproduce the above copyright
28
- * notice, this list of conditions and the following disclaimer in the
29
- * documentation and/or other materials provided with the distribution.
30
- * 3. All advertising materials mentioning features or use of this software
31
- * must display the following acknowledgement:
32
- * "This product includes cryptographic software written by
33
- * Eric Young (eay@cryptsoft.com)"
34
- * The word 'cryptographic' can be left out if the rouines from the library
35
- * being used are not cryptographic related :-).
36
- * 4. If you include any Windows specific code (or a derivative thereof) from
37
- * the apps directory (application code) you must include an acknowledgement:
38
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
- *
40
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
- * SUCH DAMAGE.
51
- *
52
- * The licence and distribution terms for any publically available version or
53
- * derivative of this code cannot be changed. i.e. this code cannot simply be
54
- * copied and put under another distribution licence
55
- * [including the GNU Public Licence.]
56
- */
57
- /* ====================================================================
58
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
59
- *
60
- * Redistribution and use in source and binary forms, with or without
61
- * modification, are permitted provided that the following conditions
62
- * are met:
63
- *
64
- * 1. Redistributions of source code must retain the above copyright
65
- * notice, this list of conditions and the following disclaimer.
66
- *
67
- * 2. Redistributions in binary form must reproduce the above copyright
68
- * notice, this list of conditions and the following disclaimer in
69
- * the documentation and/or other materials provided with the
70
- * distribution.
71
- *
72
- * 3. All advertising materials mentioning features or use of this
73
- * software must display the following acknowledgment:
74
- * "This product includes software developed by the OpenSSL Project
75
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
- *
77
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
- * endorse or promote products derived from this software without
79
- * prior written permission. For written permission, please contact
80
- * openssl-core@openssl.org.
81
- *
82
- * 5. Products derived from this software may not be called "OpenSSL"
83
- * nor may "OpenSSL" appear in their names without prior written
84
- * permission of the OpenSSL Project.
85
- *
86
- * 6. Redistributions of any form whatsoever must retain the following
87
- * acknowledgment:
88
- * "This product includes software developed by the OpenSSL Project
89
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
- *
91
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
- * OF THE POSSIBILITY OF SUCH DAMAGE.
103
- * ====================================================================
104
- *
105
- * This product includes cryptographic software written by Eric Young
106
- * (eay@cryptsoft.com). This product includes software written by Tim
107
- * Hudson (tjh@cryptsoft.com).
108
- *
109
- */
110
- /* ====================================================================
111
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
- * ECC cipher suite support in OpenSSL originally developed by
113
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114
- */
115
- /* ====================================================================
116
- * Copyright 2005 Nokia. All rights reserved.
117
- *
118
- * The portions of the attached software ("Contribution") is developed by
119
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120
- * license.
121
- *
122
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124
- * support (see RFC 4279) to OpenSSL.
125
- *
126
- * No patent licenses or other rights except those expressly stated in
127
- * the OpenSSL open source license shall be deemed granted or received
128
- * expressly, by implication, estoppel, or otherwise.
129
- *
130
- * No assurances are provided by Nokia that the Contribution does not
131
- * infringe the patent or other intellectual property rights of any third
132
- * party or that the license provides you with all the necessary rights
133
- * to make use of the Contribution.
134
- *
135
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139
- * OTHERWISE.
140
- */
1
+ // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2
+ // Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
3
+ // Copyright 2005 Nokia. All rights reserved.
4
+ //
5
+ // Licensed under the Apache License, Version 2.0 (the "License");
6
+ // you may not use this file except in compliance with the License.
7
+ // You may obtain a copy of the License at
8
+ //
9
+ // https://www.apache.org/licenses/LICENSE-2.0
10
+ //
11
+ // Unless required by applicable law or agreed to in writing, software
12
+ // distributed under the License is distributed on an "AS IS" BASIS,
13
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ // See the License for the specific language governing permissions and
15
+ // limitations under the License.
141
16
 
142
17
  #ifndef OPENSSL_HEADER_SSL_INTERNAL_H
143
18
  #define OPENSSL_HEADER_SSL_INTERNAL_H
@@ -147,15 +22,16 @@
147
22
  #include <stdlib.h>
148
23
 
149
24
  #include <algorithm>
25
+ #include <atomic>
150
26
  #include <bitset>
151
27
  #include <initializer_list>
152
28
  #include <limits>
153
29
  #include <new>
30
+ #include <string_view>
154
31
  #include <type_traits>
155
32
  #include <utility>
156
33
 
157
34
  #include <openssl/aead.h>
158
- #include <openssl/aes.h>
159
35
  #include <openssl/curve25519.h>
160
36
  #include <openssl/err.h>
161
37
  #include <openssl/hpke.h>
@@ -168,6 +44,7 @@
168
44
  #include "../crypto/err/internal.h"
169
45
  #include "../crypto/internal.h"
170
46
  #include "../crypto/lhash/internal.h"
47
+ #include "../crypto/spake2plus/internal.h"
171
48
 
172
49
 
173
50
  #if defined(OPENSSL_WINDOWS)
@@ -195,7 +72,7 @@ struct SSL_X509_METHOD;
195
72
  //
196
73
  // Note: unlike |new|, this does not support non-public constructors.
197
74
  template <typename T, typename... Args>
198
- T *New(Args &&... args) {
75
+ T *New(Args &&...args) {
199
76
  void *t = OPENSSL_malloc(sizeof(T));
200
77
  if (t == nullptr) {
201
78
  return nullptr;
@@ -226,7 +103,7 @@ struct DeleterImpl<T, std::enable_if_t<T::kAllowUniquePtr>> {
226
103
  // MakeUnique behaves like |std::make_unique| but returns nullptr on allocation
227
104
  // error.
228
105
  template <typename T, typename... Args>
229
- UniquePtr<T> MakeUnique(Args &&... args) {
106
+ UniquePtr<T> MakeUnique(Args &&...args) {
230
107
  return UniquePtr<T>(New<T>(std::forward<Args>(args)...));
231
108
  }
232
109
 
@@ -253,8 +130,14 @@ class Array {
253
130
  size_t size() const { return size_; }
254
131
  bool empty() const { return size_ == 0; }
255
132
 
256
- const T &operator[](size_t i) const { return data_[i]; }
257
- T &operator[](size_t i) { return data_[i]; }
133
+ const T &operator[](size_t i) const {
134
+ BSSL_CHECK(i < size_);
135
+ return data_[i];
136
+ }
137
+ T &operator[](size_t i) {
138
+ BSSL_CHECK(i < size_);
139
+ return data_[i];
140
+ }
258
141
 
259
142
  T *begin() { return data_; }
260
143
  const T *begin() const { return data_; }
@@ -266,9 +149,7 @@ class Array {
266
149
  // Reset releases the current contents of the array and takes ownership of the
267
150
  // raw pointer supplied by the caller.
268
151
  void Reset(T *new_data, size_t new_size) {
269
- for (size_t i = 0; i < size_; i++) {
270
- data_[i].~T();
271
- }
152
+ std::destroy_n(data_, size_);
272
153
  OPENSSL_free(data_);
273
154
  data_ = new_data;
274
155
  size_ = new_size;
@@ -284,38 +165,35 @@ class Array {
284
165
  }
285
166
 
286
167
  // Init replaces the array with a newly-allocated array of |new_size|
287
- // default-constructed copies of |T|. It returns true on success and false on
288
- // error.
289
- //
290
- // Note that if |T| is a primitive type like |uint8_t|, it is uninitialized.
291
- bool Init(size_t new_size) {
292
- Reset();
293
- if (new_size == 0) {
294
- return true;
295
- }
296
-
297
- if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
298
- OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
168
+ // value-constructed copies of |T|. It returns true on success and false on
169
+ // error. If |T| is a primitive type like |uint8_t|, value-construction means
170
+ // it will be zero-initialized.
171
+ [[nodiscard]] bool Init(size_t new_size) {
172
+ if (!InitUninitialized(new_size)) {
299
173
  return false;
300
174
  }
301
- data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
302
- if (data_ == nullptr) {
175
+ std::uninitialized_value_construct_n(data_, size_);
176
+ return true;
177
+ }
178
+
179
+ // InitForOverwrite behaves like |Init| but it default-constructs each element
180
+ // instead. This means that, if |T| is a primitive type, the array will be
181
+ // uninitialized and thus must be filled in by the caller.
182
+ [[nodiscard]] bool InitForOverwrite(size_t new_size) {
183
+ if (!InitUninitialized(new_size)) {
303
184
  return false;
304
185
  }
305
- size_ = new_size;
306
- for (size_t i = 0; i < size_; i++) {
307
- new (&data_[i]) T;
308
- }
186
+ std::uninitialized_default_construct_n(data_, size_);
309
187
  return true;
310
188
  }
311
189
 
312
190
  // CopyFrom replaces the array with a newly-allocated copy of |in|. It returns
313
191
  // true on success and false on error.
314
- bool CopyFrom(Span<const T> in) {
315
- if (!Init(in.size())) {
192
+ [[nodiscard]] bool CopyFrom(Span<const T> in) {
193
+ if (!InitUninitialized(in.size())) {
316
194
  return false;
317
195
  }
318
- std::copy(in.begin(), in.end(), data_);
196
+ std::uninitialized_copy(in.begin(), in.end(), data_);
319
197
  return true;
320
198
  }
321
199
 
@@ -325,75 +203,103 @@ class Array {
325
203
  if (new_size > size_) {
326
204
  abort();
327
205
  }
328
- for (size_t i = new_size; i < size_; i++) {
329
- data_[i].~T();
330
- }
206
+ std::destroy_n(data_ + new_size, size_ - new_size);
331
207
  size_ = new_size;
332
208
  }
333
209
 
334
210
  private:
211
+ // InitUninitialized replaces the array with a newly-allocated array of
212
+ // |new_size| elements, but whose constructor has not yet run. On success, the
213
+ // elements must be constructed before returning control to the caller.
214
+ bool InitUninitialized(size_t new_size) {
215
+ Reset();
216
+ if (new_size == 0) {
217
+ return true;
218
+ }
219
+
220
+ if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
221
+ OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
222
+ return false;
223
+ }
224
+ data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
225
+ if (data_ == nullptr) {
226
+ return false;
227
+ }
228
+ size_ = new_size;
229
+ return true;
230
+ }
231
+
335
232
  T *data_ = nullptr;
336
233
  size_t size_ = 0;
337
234
  };
338
235
 
339
- // GrowableArray<T> is an array that owns elements of |T|, backed by an
340
- // Array<T>. When necessary, pushing will automatically trigger a resize.
341
- //
342
- // Note, for simplicity, this class currently differs from |std::vector| in that
343
- // |T| must be efficiently default-constructible. Allocated elements beyond the
344
- // end of the array are constructed and destructed.
236
+ // Vector<T> is a resizable array of elements of |T|.
345
237
  template <typename T>
346
- class GrowableArray {
238
+ class Vector {
347
239
  public:
348
- GrowableArray() = default;
349
- GrowableArray(const GrowableArray &) = delete;
350
- GrowableArray(GrowableArray &&other) { *this = std::move(other); }
351
- ~GrowableArray() {}
352
-
353
- GrowableArray &operator=(const GrowableArray &) = delete;
354
- GrowableArray &operator=(GrowableArray &&other) {
355
- size_ = other.size_;
356
- other.size_ = 0;
357
- array_ = std::move(other.array_);
240
+ Vector() = default;
241
+ Vector(const Vector &) = delete;
242
+ Vector(Vector &&other) { *this = std::move(other); }
243
+ ~Vector() { clear(); }
244
+
245
+ Vector &operator=(const Vector &) = delete;
246
+ Vector &operator=(Vector &&other) {
247
+ clear();
248
+ std::swap(data_, other.data_);
249
+ std::swap(size_, other.size_);
250
+ std::swap(capacity_, other.capacity_);
358
251
  return *this;
359
252
  }
360
253
 
361
- const T *data() const { return array_.data(); }
362
- T *data() { return array_.data(); }
254
+ const T *data() const { return data_; }
255
+ T *data() { return data_; }
363
256
  size_t size() const { return size_; }
364
257
  bool empty() const { return size_ == 0; }
365
258
 
366
- const T &operator[](size_t i) const { return array_[i]; }
367
- T &operator[](size_t i) { return array_[i]; }
259
+ const T &operator[](size_t i) const {
260
+ BSSL_CHECK(i < size_);
261
+ return data_[i];
262
+ }
263
+ T &operator[](size_t i) {
264
+ BSSL_CHECK(i < size_);
265
+ return data_[i];
266
+ }
368
267
 
369
- T *begin() { return array_.data(); }
370
- const T *begin() const { return array_.data(); }
371
- T *end() { return array_.data() + size_; }
372
- const T *end() const { return array_.data() + size_; }
268
+ T *begin() { return data_; }
269
+ const T *begin() const { return data_; }
270
+ T *end() { return data_ + size_; }
271
+ const T *end() const { return data_ + size_; }
373
272
 
374
273
  void clear() {
274
+ std::destroy_n(data_, size_);
275
+ OPENSSL_free(data_);
276
+ data_ = nullptr;
375
277
  size_ = 0;
376
- array_.Reset();
278
+ capacity_ = 0;
377
279
  }
378
280
 
379
281
  // Push adds |elem| at the end of the internal array, growing if necessary. It
380
282
  // returns false when allocation fails.
381
- bool Push(T elem) {
283
+ [[nodiscard]] bool Push(T elem) {
382
284
  if (!MaybeGrow()) {
383
285
  return false;
384
286
  }
385
- array_[size_] = std::move(elem);
287
+ new (&data_[size_]) T(std::move(elem));
386
288
  size_++;
387
289
  return true;
388
290
  }
389
291
 
390
292
  // CopyFrom replaces the contents of the array with a copy of |in|. It returns
391
293
  // true on success and false on allocation error.
392
- bool CopyFrom(Span<const T> in) {
393
- if (!array_.CopyFrom(in)) {
294
+ [[nodiscard]] bool CopyFrom(Span<const T> in) {
295
+ Array<T> copy;
296
+ if (!copy.CopyFrom(in)) {
394
297
  return false;
395
298
  }
396
- size_ = in.size();
299
+
300
+ clear();
301
+ copy.Release(&data_, &size_);
302
+ capacity_ = size_;
397
303
  return true;
398
304
  }
399
305
 
@@ -401,39 +307,249 @@ class GrowableArray {
401
307
  // If there is no room for one more element, creates a new backing array with
402
308
  // double the size of the old one and copies elements over.
403
309
  bool MaybeGrow() {
404
- if (array_.size() == 0) {
405
- return array_.Init(kDefaultSize);
406
- }
407
310
  // No need to grow if we have room for one more T.
408
- if (size_ < array_.size()) {
311
+ if (size_ < capacity_) {
409
312
  return true;
410
313
  }
411
- // Double the array's size if it's safe to do so.
412
- if (array_.size() > std::numeric_limits<size_t>::max() / 2) {
314
+ size_t new_capacity = kDefaultSize;
315
+ if (capacity_ > 0) {
316
+ // Double the array's size if it's safe to do so.
317
+ if (capacity_ > std::numeric_limits<size_t>::max() / 2) {
318
+ OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
319
+ return false;
320
+ }
321
+ new_capacity = capacity_ * 2;
322
+ }
323
+ if (new_capacity > std::numeric_limits<size_t>::max() / sizeof(T)) {
413
324
  OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
414
325
  return false;
415
326
  }
416
- Array<T> new_array;
417
- if (!new_array.Init(array_.size() * 2)) {
327
+ T *new_data =
328
+ reinterpret_cast<T *>(OPENSSL_malloc(new_capacity * sizeof(T)));
329
+ if (new_data == nullptr) {
418
330
  return false;
419
331
  }
420
- for (size_t i = 0; i < array_.size(); i++) {
421
- new_array[i] = std::move(array_[i]);
422
- }
423
- array_ = std::move(new_array);
424
-
332
+ size_t new_size = size_;
333
+ std::uninitialized_move(begin(), end(), new_data);
334
+ clear();
335
+ data_ = new_data;
336
+ size_ = new_size;
337
+ capacity_ = new_capacity;
425
338
  return true;
426
339
  }
427
340
 
428
- // |size_| is the number of elements stored in this GrowableArray.
341
+ // data_ is a pointer to |capacity_| objects of size |T|, the first |size_| of
342
+ // which are constructed.
343
+ T *data_ = nullptr;
344
+ // |size_| is the number of elements stored in this Vector.
429
345
  size_t size_ = 0;
430
- // |array_| is the backing array. Note that |array_.size()| is this
431
- // GrowableArray's current capacity and that |size_ <= array_.size()|.
432
- Array<T> array_;
346
+ // |capacity_| is the number of elements allocated in this Vector.
347
+ size_t capacity_ = 0;
433
348
  // |kDefaultSize| is the default initial size of the backing array.
434
349
  static constexpr size_t kDefaultSize = 16;
435
350
  };
436
351
 
352
+ // A PackedSize is an integer that can store values from 0 to N, represented as
353
+ // a minimal-width integer.
354
+ template <size_t N>
355
+ using PackedSize = std::conditional_t<
356
+ N <= 0xff, uint8_t,
357
+ std::conditional_t<N <= 0xffff, uint16_t,
358
+ std::conditional_t<N <= 0xffffffff, uint32_t, size_t>>>;
359
+
360
+ // An InplaceVector is like a Vector, but stores up to N elements inline in the
361
+ // object. It is inspired by std::inplace_vector in C++26.
362
+ template <typename T, size_t N>
363
+ class InplaceVector {
364
+ public:
365
+ InplaceVector() = default;
366
+ InplaceVector(const InplaceVector &other) { *this = other; }
367
+ InplaceVector(InplaceVector &&other) { *this = std::move(other); }
368
+ ~InplaceVector() { clear(); }
369
+ InplaceVector &operator=(const InplaceVector &other) {
370
+ if (this != &other) {
371
+ CopyFrom(other);
372
+ }
373
+ return *this;
374
+ }
375
+ InplaceVector &operator=(InplaceVector &&other) {
376
+ clear();
377
+ std::uninitialized_move(other.begin(), other.end(), data());
378
+ size_ = other.size();
379
+ return *this;
380
+ }
381
+
382
+ const T *data() const { return reinterpret_cast<const T *>(storage_); }
383
+ T *data() { return reinterpret_cast<T *>(storage_); }
384
+ size_t size() const { return size_; }
385
+ static constexpr size_t capacity() { return N; }
386
+ bool empty() const { return size_ == 0; }
387
+
388
+ const T &operator[](size_t i) const {
389
+ BSSL_CHECK(i < size_);
390
+ return data()[i];
391
+ }
392
+ T &operator[](size_t i) {
393
+ BSSL_CHECK(i < size_);
394
+ return data()[i];
395
+ }
396
+
397
+ T *begin() { return data(); }
398
+ const T *begin() const { return data(); }
399
+ T *end() { return data() + size_; }
400
+ const T *end() const { return data() + size_; }
401
+
402
+ void clear() { Shrink(0); }
403
+
404
+ // Shrink resizes the vector to |new_size|, which must not be larger than the
405
+ // current size. Unlike |Resize|, this can be called when |T| is not
406
+ // default-constructible.
407
+ void Shrink(size_t new_size) {
408
+ BSSL_CHECK(new_size <= size_);
409
+ std::destroy_n(data() + new_size, size_ - new_size);
410
+ size_ = static_cast<PackedSize<N>>(new_size);
411
+ }
412
+
413
+ // TryResize resizes the vector to |new_size| and returns true, or returns
414
+ // false if |new_size| is too large. Any newly-added elements are
415
+ // value-initialized.
416
+ [[nodiscard]] bool TryResize(size_t new_size) {
417
+ if (new_size <= size_) {
418
+ Shrink(new_size);
419
+ return true;
420
+ }
421
+ if (new_size > capacity()) {
422
+ return false;
423
+ }
424
+ std::uninitialized_value_construct_n(data() + size_, new_size - size_);
425
+ size_ = static_cast<PackedSize<N>>(new_size);
426
+ return true;
427
+ }
428
+
429
+ // TryResizeForOverwrite behaves like |TryResize|, but newly-added elements
430
+ // are default-initialized, so POD types may contain uninitialized values that
431
+ // the caller is responsible for filling in.
432
+ [[nodiscard]] bool TryResizeForOverwrite(size_t new_size) {
433
+ if (new_size <= size_) {
434
+ Shrink(new_size);
435
+ return true;
436
+ }
437
+ if (new_size > capacity()) {
438
+ return false;
439
+ }
440
+ std::uninitialized_default_construct_n(data() + size_, new_size - size_);
441
+ size_ = static_cast<PackedSize<N>>(new_size);
442
+ return true;
443
+ }
444
+
445
+ // TryCopyFrom sets the vector to a copy of |in| and returns true, or returns
446
+ // false if |in| is too large.
447
+ [[nodiscard]] bool TryCopyFrom(Span<const T> in) {
448
+ if (in.size() > capacity()) {
449
+ return false;
450
+ }
451
+ clear();
452
+ std::uninitialized_copy(in.begin(), in.end(), data());
453
+ size_ = in.size();
454
+ return true;
455
+ }
456
+
457
+ // TryPushBack appends |val| to the vector and returns a pointer to the
458
+ // newly-inserted value, or nullptr if the vector is at capacity.
459
+ [[nodiscard]] T *TryPushBack(T val) {
460
+ if (size() >= capacity()) {
461
+ return nullptr;
462
+ }
463
+ T *ret = &data()[size_];
464
+ new (ret) T(std::move(val));
465
+ size_++;
466
+ return ret;
467
+ }
468
+
469
+ // The following methods behave like their |Try*| counterparts, but abort the
470
+ // program on failure.
471
+ void Resize(size_t size) { BSSL_CHECK(TryResize(size)); }
472
+ void ResizeForOverwrite(size_t size) {
473
+ BSSL_CHECK(TryResizeForOverwrite(size));
474
+ }
475
+ void CopyFrom(Span<const T> in) { BSSL_CHECK(TryCopyFrom(in)); }
476
+ T &PushBack(T val) {
477
+ T *ret = TryPushBack(std::move(val));
478
+ BSSL_CHECK(ret != nullptr);
479
+ return *ret;
480
+ }
481
+
482
+ template <typename Pred>
483
+ void EraseIf(Pred pred) {
484
+ // See if anything needs to be erased at all. This avoids a self-move.
485
+ auto iter = std::find_if(begin(), end(), pred);
486
+ if (iter == end()) {
487
+ return;
488
+ }
489
+
490
+ // Elements before the first to be erased may be left as-is.
491
+ size_t new_size = iter - begin();
492
+ // Swap all subsequent elements in if they are to be kept.
493
+ for (size_t i = new_size + 1; i < size(); i++) {
494
+ if (!pred((*this)[i])) {
495
+ (*this)[new_size] = std::move((*this)[i]);
496
+ new_size++;
497
+ }
498
+ }
499
+
500
+ Shrink(new_size);
501
+ }
502
+
503
+ private:
504
+ alignas(T) char storage_[sizeof(T[N])];
505
+ PackedSize<N> size_ = 0;
506
+ };
507
+
508
+ // An MRUQueue maintains a queue of up to |N| objects of type |T|. If the queue
509
+ // is at capacity, adding to the queue pops the least recently added element.
510
+ template <typename T, size_t N>
511
+ class MRUQueue {
512
+ public:
513
+ static constexpr bool kAllowUniquePtr = true;
514
+
515
+ MRUQueue() = default;
516
+
517
+ // If we ever need to make this type movable, we could. (The defaults almost
518
+ // work except we need |start_| to be reset when moved-from.)
519
+ MRUQueue(const MRUQueue &other) = delete;
520
+ MRUQueue &operator=(const MRUQueue &other) = delete;
521
+
522
+ bool empty() const { return size() == 0; }
523
+ size_t size() const { return storage_.size(); }
524
+
525
+ T &operator[](size_t i) {
526
+ BSSL_CHECK(i < size());
527
+ return storage_[(start_ + i) % N];
528
+ }
529
+ const T &operator[](size_t i) const {
530
+ return (*const_cast<MRUQueue *>(this))[i];
531
+ }
532
+
533
+ void Clear() {
534
+ storage_.clear();
535
+ start_ = 0;
536
+ }
537
+
538
+ void PushBack(T t) {
539
+ if (storage_.size() < N) {
540
+ assert(start_ == 0);
541
+ storage_.PushBack(std::move(t));
542
+ } else {
543
+ (*this)[0] = std::move(t);
544
+ start_ = (start_ + 1) % N;
545
+ }
546
+ }
547
+
548
+ private:
549
+ InplaceVector<T, N> storage_;
550
+ PackedSize<N> start_ = 0;
551
+ };
552
+
437
553
  // CBBFinishArray behaves like |CBB_finish| but stores the result in an Array.
438
554
  OPENSSL_EXPORT bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out);
439
555
 
@@ -446,7 +562,7 @@ template <typename T, typename Name>
446
562
  inline size_t GetAllNames(const char **out, size_t max_out,
447
563
  Span<const char *const> fixed_names, Name(T::*name),
448
564
  Span<const T> objects) {
449
- auto span = bssl::MakeSpan(out, max_out);
565
+ auto span = bssl::Span(out, max_out);
450
566
  for (size_t i = 0; !span.empty() && i < fixed_names.size(); i++) {
451
567
  span[0] = fixed_names[i];
452
568
  span = span.subspan(1);
@@ -548,6 +664,11 @@ bool ssl_add_supported_versions(const SSL_HANDSHAKE *hs, CBB *cbb,
548
664
  bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
549
665
  uint16_t *out_version, const CBS *peer_versions);
550
666
 
667
+ // ssl_has_final_version returns whether |ssl| has determined the final version.
668
+ // This may be used to distinguish the predictive 0-RTT version from the final
669
+ // one.
670
+ bool ssl_has_final_version(const SSL *ssl);
671
+
551
672
  // ssl_protocol_version returns |ssl|'s protocol version. It is an error to
552
673
  // call this function before the version is determined.
553
674
  uint16_t ssl_protocol_version(const SSL *ssl);
@@ -672,7 +793,7 @@ Span<const SSL_CIPHER> AllCiphers();
672
793
  bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
673
794
  size_t *out_mac_secret_len,
674
795
  size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
675
- uint16_t version, bool is_dtls);
796
+ uint16_t version);
676
797
 
677
798
  // ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
678
799
  // |cipher|.
@@ -733,7 +854,7 @@ OPENSSL_EXPORT bool ssl_cipher_is_deprecated(const SSL_CIPHER *cipher);
733
854
  // buffer and running hash.
734
855
  class SSLTranscript {
735
856
  public:
736
- SSLTranscript();
857
+ explicit SSLTranscript(bool is_dtls);
737
858
  ~SSLTranscript();
738
859
 
739
860
  SSLTranscript(SSLTranscript &&other) = default;
@@ -764,8 +885,8 @@ class SSLTranscript {
764
885
  bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
765
886
 
766
887
  Span<const uint8_t> buffer() const {
767
- return MakeConstSpan(reinterpret_cast<const uint8_t *>(buffer_->data),
768
- buffer_->length);
888
+ return Span(reinterpret_cast<const uint8_t *>(buffer_->data),
889
+ buffer_->length);
769
890
  }
770
891
 
771
892
  // FreeBuffer releases the handshake buffer. Subsequent calls to
@@ -796,37 +917,40 @@ class SSLTranscript {
796
917
  bool from_server) const;
797
918
 
798
919
  private:
920
+ // HashBuffer initializes |ctx| to use |digest| and writes the contents of
921
+ // |buffer_| to |ctx|. If this SSLTranscript is for DTLS 1.3, the appropriate
922
+ // bytes in |buffer_| will be skipped when hashing the buffer.
923
+ bool HashBuffer(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
924
+
925
+ // AddToBufferOrHash directly adds the contents of |in| to |buffer_| and/or
926
+ // |hash_|.
927
+ bool AddToBufferOrHash(Span<const uint8_t> in);
928
+
799
929
  // buffer_, if non-null, contains the handshake transcript.
800
930
  UniquePtr<BUF_MEM> buffer_;
801
931
  // hash, if initialized with an |EVP_MD|, maintains the handshake hash.
802
932
  ScopedEVP_MD_CTX hash_;
933
+ // is_dtls_ indicates whether this is a transcript for a DTLS connection.
934
+ bool is_dtls_ : 1;
935
+ // version_ contains the version for the connection (if known).
936
+ uint16_t version_ = 0;
803
937
  };
804
938
 
805
939
  // tls1_prf computes the PRF function for |ssl|. It fills |out|, using |secret|
806
940
  // as the secret and |label| as the label. |seed1| and |seed2| are concatenated
807
941
  // to form the seed parameter. It returns true on success and false on failure.
808
942
  bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
809
- Span<const uint8_t> secret, Span<const char> label,
943
+ Span<const uint8_t> secret, std::string_view label,
810
944
  Span<const uint8_t> seed1, Span<const uint8_t> seed2);
811
945
 
812
946
 
813
947
  // Encryption layer.
814
948
 
815
- class RecordNumberEncrypter {
816
- public:
817
- virtual ~RecordNumberEncrypter() = default;
818
- static constexpr bool kAllowUniquePtr = true;
819
-
820
- virtual size_t KeySize() = 0;
821
- virtual bool SetKey(Span<const uint8_t> key) = 0;
822
- virtual bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) = 0;
823
- };
824
-
825
949
  // SSLAEADContext contains information about an AEAD that is being used to
826
950
  // encrypt an SSL connection.
827
951
  class SSLAEADContext {
828
952
  public:
829
- SSLAEADContext(uint16_t version, bool is_dtls, const SSL_CIPHER *cipher);
953
+ explicit SSLAEADContext(const SSL_CIPHER *cipher);
830
954
  ~SSLAEADContext();
831
955
  static constexpr bool kAllowUniquePtr = true;
832
956
 
@@ -834,38 +958,23 @@ class SSLAEADContext {
834
958
  SSLAEADContext &operator=(const SSLAEADContext &&) = delete;
835
959
 
836
960
  // CreateNullCipher creates an |SSLAEADContext| for the null cipher.
837
- static UniquePtr<SSLAEADContext> CreateNullCipher(bool is_dtls);
961
+ static UniquePtr<SSLAEADContext> CreateNullCipher();
838
962
 
839
963
  // Create creates an |SSLAEADContext| using the supplied key material. It
840
964
  // returns nullptr on error. Only one of |Open| or |Seal| may be used with the
841
- // resulting object, depending on |direction|. |version| is the normalized
842
- // protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
965
+ // resulting object, depending on |direction|. |version| is the wire version.
843
966
  static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
844
- uint16_t version, bool is_dtls,
967
+ uint16_t version,
845
968
  const SSL_CIPHER *cipher,
846
969
  Span<const uint8_t> enc_key,
847
970
  Span<const uint8_t> mac_key,
848
971
  Span<const uint8_t> fixed_iv);
849
972
 
850
973
  // CreatePlaceholderForQUIC creates a placeholder |SSLAEADContext| for the
851
- // given cipher and version. The resulting object can be queried for various
852
- // properties but cannot encrypt or decrypt data.
974
+ // given cipher. The resulting object can be queried for various properties
975
+ // but cannot encrypt or decrypt data.
853
976
  static UniquePtr<SSLAEADContext> CreatePlaceholderForQUIC(
854
- uint16_t version, const SSL_CIPHER *cipher);
855
-
856
- // SetVersionIfNullCipher sets the version the SSLAEADContext for the null
857
- // cipher, to make version-specific determinations in the record layer prior
858
- // to a cipher being selected.
859
- void SetVersionIfNullCipher(uint16_t version);
860
-
861
- // ProtocolVersion returns the protocol version associated with this
862
- // SSLAEADContext. It can only be called once |version_| has been set to a
863
- // valid value.
864
- uint16_t ProtocolVersion() const;
865
-
866
- // RecordVersion returns the record version that should be used with this
867
- // SSLAEADContext for record construction and crypto.
868
- uint16_t RecordVersion() const;
977
+ const SSL_CIPHER *cipher);
869
978
 
870
979
  const SSL_CIPHER *cipher() const { return cipher_; }
871
980
 
@@ -878,6 +987,10 @@ class SSLAEADContext {
878
987
  // MaxOverhead returns the maximum overhead of calling |Seal|.
879
988
  size_t MaxOverhead() const;
880
989
 
990
+ // MaxSealInputLen returns the maximum length for |Seal| that can fit in
991
+ // |max_out| output bytes, or zero if no input may fit.
992
+ size_t MaxSealInputLen(size_t max_out) const;
993
+
881
994
  // SuffixLen calculates the suffix length written by |SealScatter| and writes
882
995
  // it to |*out_suffix_len|. It returns true on success and false on error.
883
996
  // |in_len| and |extra_in_len| should equal the argument of the same names
@@ -927,17 +1040,6 @@ class SSLAEADContext {
927
1040
 
928
1041
  bool GetIV(const uint8_t **out_iv, size_t *out_iv_len) const;
929
1042
 
930
- RecordNumberEncrypter *GetRecordNumberEncrypter() {
931
- return rn_encrypter_.get();
932
- }
933
-
934
- // GenerateRecordNumberMask computes the mask used for DTLS 1.3 record number
935
- // encryption (RFC 9147 section 4.2.3), writing it to |out|. The |out| buffer
936
- // must be sized to AES_BLOCK_SIZE. The |sample| buffer must be at least 16
937
- // bytes, as required by the AES and ChaCha20 cipher suites in RFC 9147. Extra
938
- // bytes in |sample| will be ignored.
939
- bool GenerateRecordNumberMask(Span<uint8_t> out, Span<const uint8_t> sample);
940
-
941
1043
  private:
942
1044
  // GetAdditionalData returns the additional data, writing into |storage| if
943
1045
  // necessary.
@@ -946,19 +1048,12 @@ class SSLAEADContext {
946
1048
  uint64_t seqnum, size_t plaintext_len,
947
1049
  Span<const uint8_t> header);
948
1050
 
949
- void CreateRecordNumberEncrypter();
950
-
951
1051
  const SSL_CIPHER *cipher_;
952
1052
  ScopedEVP_AEAD_CTX ctx_;
953
1053
  // fixed_nonce_ contains any bytes of the nonce that are fixed for all
954
1054
  // records.
955
- uint8_t fixed_nonce_[12];
956
- uint8_t fixed_nonce_len_ = 0, variable_nonce_len_ = 0;
957
- // version_ is the wire version that should be used with this AEAD.
958
- uint16_t version_;
959
- UniquePtr<RecordNumberEncrypter> rn_encrypter_;
960
- // is_dtls_ is whether DTLS is being used with this AEAD.
961
- bool is_dtls_;
1055
+ InplaceVector<uint8_t, 12> fixed_nonce_;
1056
+ uint8_t variable_nonce_len_ = 0;
962
1057
  // variable_nonce_included_in_record_ is true if the variable nonce
963
1058
  // for a record is included as a prefix before the ciphertext.
964
1059
  bool variable_nonce_included_in_record_ : 1;
@@ -976,57 +1071,31 @@ class SSLAEADContext {
976
1071
  bool ad_is_header_ : 1;
977
1072
  };
978
1073
 
979
- class AESRecordNumberEncrypter : public RecordNumberEncrypter {
980
- public:
981
- bool SetKey(Span<const uint8_t> key) override;
982
- bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) override;
983
1074
 
984
- private:
985
- AES_KEY key_;
986
- };
1075
+ // DTLS replay bitmap.
987
1076
 
988
- class AES128RecordNumberEncrypter : public AESRecordNumberEncrypter {
1077
+ // DTLSReplayBitmap maintains a sliding window of sequence numbers to detect
1078
+ // replayed packets.
1079
+ class DTLSReplayBitmap {
989
1080
  public:
990
- size_t KeySize() override;
991
- };
1081
+ // ShouldDiscard returns true if |seq_num| has been seen in
1082
+ // |bitmap| or is stale. Otherwise it returns false.
1083
+ bool ShouldDiscard(uint64_t seqnum) const;
992
1084
 
993
- class AES256RecordNumberEncrypter : public AESRecordNumberEncrypter {
994
- public:
995
- size_t KeySize() override;
996
- };
1085
+ // Record updates the bitmap to record receipt of sequence number
1086
+ // |seq_num|. It slides the window forward if needed. It is an error to call
1087
+ // this function on a stale sequence number.
1088
+ void Record(uint64_t seqnum);
997
1089
 
998
- class ChaChaRecordNumberEncrypter : public RecordNumberEncrypter {
999
- public:
1000
- size_t KeySize() override;
1001
- bool SetKey(Span<const uint8_t> key) override;
1002
- bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) override;
1090
+ uint64_t max_seq_num() const { return max_seq_num_; }
1003
1091
 
1004
1092
  private:
1005
- static const size_t kKeySize = 32;
1006
- uint8_t key_[kKeySize];
1007
- };
1008
-
1009
- #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
1010
- class NullRecordNumberEncrypter : public RecordNumberEncrypter {
1011
- public:
1012
- size_t KeySize() override;
1013
- bool SetKey(Span<const uint8_t> key) override;
1014
- bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) override;
1015
- };
1016
- #endif // BORINGSSL_UNSAFE_FUZZER_MODE
1017
-
1018
-
1019
- // DTLS replay bitmap.
1020
-
1021
- // DTLS1_BITMAP maintains a sliding window of 64 sequence numbers to detect
1022
- // replayed packets. It should be initialized by zeroing every field.
1023
- struct DTLS1_BITMAP {
1024
1093
  // map is a bitset of sequence numbers that have been seen. Bit i corresponds
1025
- // to |max_seq_num - i|.
1026
- std::bitset<256> map;
1027
- // max_seq_num is the largest sequence number seen so far as a 64-bit
1094
+ // to |max_seq_num_ - i|.
1095
+ std::bitset<256> map_;
1096
+ // max_seq_num_ is the largest sequence number seen so far as a 64-bit
1028
1097
  // integer.
1029
- uint64_t max_seq_num = 0;
1098
+ uint64_t max_seq_num_ = 0;
1030
1099
  };
1031
1100
 
1032
1101
  // reconstruct_seqnum takes the low order bits of a record sequence number from
@@ -1038,11 +1107,89 @@ struct DTLS1_BITMAP {
1038
1107
  // successfully deprotected in this epoch. This function returns the sequence
1039
1108
  // number that is numerically closest to one plus |max_valid_seqnum| that when
1040
1109
  // bitwise and-ed with |seq_mask| equals |wire_seq|.
1110
+ //
1111
+ // |max_valid_seqnum| must be most 2^48-1, in which case the output will also be
1112
+ // at most 2^48-1.
1041
1113
  OPENSSL_EXPORT uint64_t reconstruct_seqnum(uint16_t wire_seq, uint64_t seq_mask,
1042
1114
  uint64_t max_valid_seqnum);
1043
1115
 
1116
+
1044
1117
  // Record layer.
1045
1118
 
1119
+ class DTLSRecordNumber {
1120
+ public:
1121
+ static constexpr uint64_t kMaxSequence = (uint64_t{1} << 48) - 1;
1122
+
1123
+ DTLSRecordNumber() = default;
1124
+ DTLSRecordNumber(uint16_t epoch, uint64_t sequence) {
1125
+ BSSL_CHECK(sequence <= kMaxSequence);
1126
+ combined_ = (uint64_t{epoch} << 48) | sequence;
1127
+ }
1128
+
1129
+ static DTLSRecordNumber FromCombined(uint64_t combined) {
1130
+ return DTLSRecordNumber(combined);
1131
+ }
1132
+
1133
+ bool operator==(DTLSRecordNumber r) const {
1134
+ return combined() == r.combined();
1135
+ }
1136
+ bool operator!=(DTLSRecordNumber r) const { return !((*this) == r); }
1137
+ bool operator<(DTLSRecordNumber r) const { return combined() < r.combined(); }
1138
+
1139
+ uint64_t combined() const { return combined_; }
1140
+ uint16_t epoch() const { return combined_ >> 48; }
1141
+ uint64_t sequence() const { return combined_ & kMaxSequence; }
1142
+
1143
+ bool HasNext() const { return sequence() < kMaxSequence; }
1144
+ DTLSRecordNumber Next() const {
1145
+ BSSL_CHECK(HasNext());
1146
+ // This will not overflow into the epoch.
1147
+ return DTLSRecordNumber::FromCombined(combined_ + 1);
1148
+ }
1149
+
1150
+ private:
1151
+ explicit DTLSRecordNumber(uint64_t combined) : combined_(combined) {}
1152
+
1153
+ uint64_t combined_ = 0;
1154
+ };
1155
+
1156
+ class RecordNumberEncrypter {
1157
+ public:
1158
+ static constexpr bool kAllowUniquePtr = true;
1159
+ static constexpr size_t kMaxKeySize = 32;
1160
+
1161
+ // Create returns a DTLS 1.3 record number encrypter for |traffic_secret|, or
1162
+ // nullptr on error.
1163
+ static UniquePtr<RecordNumberEncrypter> Create(
1164
+ const SSL_CIPHER *cipher, Span<const uint8_t> traffic_secret);
1165
+
1166
+ virtual ~RecordNumberEncrypter() = default;
1167
+ virtual size_t KeySize() = 0;
1168
+ virtual bool SetKey(Span<const uint8_t> key) = 0;
1169
+ virtual bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) = 0;
1170
+ };
1171
+
1172
+ struct DTLSReadEpoch {
1173
+ static constexpr bool kAllowUniquePtr = true;
1174
+
1175
+ // TODO(davidben): This could be made slightly more compact if |bitmap| stored
1176
+ // a DTLSRecordNumber.
1177
+ uint16_t epoch = 0;
1178
+ UniquePtr<SSLAEADContext> aead;
1179
+ UniquePtr<RecordNumberEncrypter> rn_encrypter;
1180
+ DTLSReplayBitmap bitmap;
1181
+ };
1182
+
1183
+ struct DTLSWriteEpoch {
1184
+ static constexpr bool kAllowUniquePtr = true;
1185
+
1186
+ uint16_t epoch() const { return next_record.epoch(); }
1187
+
1188
+ DTLSRecordNumber next_record;
1189
+ UniquePtr<SSLAEADContext> aead;
1190
+ UniquePtr<RecordNumberEncrypter> rn_encrypter;
1191
+ };
1192
+
1046
1193
  // ssl_record_prefix_len returns the length of the prefix before the ciphertext
1047
1194
  // of a record for |ssl|.
1048
1195
  //
@@ -1087,8 +1234,10 @@ enum ssl_open_record_t tls_open_record(SSL *ssl, uint8_t *out_type,
1087
1234
 
1088
1235
  // dtls_open_record implements |tls_open_record| for DTLS. It only returns
1089
1236
  // |ssl_open_record_partial| if |in| was empty and sets |*out_consumed| to
1090
- // zero. The caller should read one packet and try again.
1237
+ // zero. The caller should read one packet and try again. On success,
1238
+ // |*out_number| is set to the record number of the record.
1091
1239
  enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
1240
+ DTLSRecordNumber *out_number,
1092
1241
  Span<uint8_t> *out,
1093
1242
  size_t *out_consumed,
1094
1243
  uint8_t *out_alert, Span<uint8_t> in);
@@ -1123,13 +1272,18 @@ size_t dtls_max_seal_overhead(const SSL *ssl, uint16_t epoch);
1123
1272
  // front of the plaintext when sealing a record in-place.
1124
1273
  size_t dtls_seal_prefix_len(const SSL *ssl, uint16_t epoch);
1125
1274
 
1275
+ // dtls_seal_max_input_len returns the maximum number of input bytes that can
1276
+ // fit in a record of up to |max_out| bytes, or zero if none may fit.
1277
+ size_t dtls_seal_max_input_len(const SSL *ssl, uint16_t epoch, size_t max_out);
1278
+
1126
1279
  // dtls_seal_record implements |tls_seal_record| for DTLS. |epoch| selects which
1127
1280
  // epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out| may
1128
1281
  // alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
1129
- // ahead of |out|.
1130
- bool dtls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
1131
- uint8_t type, const uint8_t *in, size_t in_len,
1132
- uint16_t epoch);
1282
+ // ahead of |out|. On success, |*out_number| is set to the record number of the
1283
+ // record.
1284
+ bool dtls_seal_record(SSL *ssl, DTLSRecordNumber *out_number, uint8_t *out,
1285
+ size_t *out_len, size_t max_out, uint8_t type,
1286
+ const uint8_t *in, size_t in_len, uint16_t epoch);
1133
1287
 
1134
1288
  // ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
1135
1289
  // state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
@@ -1201,8 +1355,7 @@ class SSLKeyShare {
1201
1355
  // |out_ciphertext|, and sets |*out_secret| to the shared secret. On failure,
1202
1356
  // it returns false and sets |*out_alert| to an alert to send to the peer.
1203
1357
  virtual bool Encap(CBB *out_ciphertext, Array<uint8_t> *out_secret,
1204
- uint8_t *out_alert,
1205
- Span<const uint8_t> peer_key) = 0;
1358
+ uint8_t *out_alert, Span<const uint8_t> peer_key) = 0;
1206
1359
 
1207
1360
  // Decap decapsulates the symmetric secret in |ciphertext|. On success, it
1208
1361
  // returns true and sets |*out_secret| to the shared secret. On failure, it
@@ -1288,21 +1441,13 @@ bool dtls_has_unprocessed_handshake_data(const SSL *ssl);
1288
1441
  // tls_flush_pending_hs_data flushes any handshake plaintext data.
1289
1442
  bool tls_flush_pending_hs_data(SSL *ssl);
1290
1443
 
1291
- struct DTLS_OUTGOING_MESSAGE {
1292
- DTLS_OUTGOING_MESSAGE() {}
1293
- DTLS_OUTGOING_MESSAGE(const DTLS_OUTGOING_MESSAGE &) = delete;
1294
- DTLS_OUTGOING_MESSAGE &operator=(const DTLS_OUTGOING_MESSAGE &) = delete;
1295
-
1296
- void Clear();
1297
-
1298
- Array<uint8_t> data;
1299
- uint16_t epoch = 0;
1300
- bool is_ccs = false;
1301
- };
1302
-
1303
1444
  // dtls_clear_outgoing_messages releases all buffered outgoing messages.
1304
1445
  void dtls_clear_outgoing_messages(SSL *ssl);
1305
1446
 
1447
+ // dtls_clear_unused_write_epochs releases any write epochs that are no longer
1448
+ // needed.
1449
+ void dtls_clear_unused_write_epochs(SSL *ssl);
1450
+
1306
1451
 
1307
1452
  // Callbacks.
1308
1453
 
@@ -1329,11 +1474,9 @@ class SSLBuffer {
1329
1474
  bool empty() const { return size_ == 0; }
1330
1475
  size_t cap() const { return cap_; }
1331
1476
 
1332
- Span<uint8_t> span() { return MakeSpan(data(), size()); }
1477
+ Span<uint8_t> span() { return Span(data(), size()); }
1333
1478
 
1334
- Span<uint8_t> remaining() {
1335
- return MakeSpan(data() + size(), cap() - size());
1336
- }
1479
+ Span<uint8_t> remaining() { return Span(data() + size(), cap() - size()); }
1337
1480
 
1338
1481
  // Clear releases the buffer.
1339
1482
  void Clear();
@@ -1368,9 +1511,6 @@ class SSLBuffer {
1368
1511
  uint16_t cap_ = 0;
1369
1512
  // inline_buf_ is a static buffer for short reads.
1370
1513
  uint8_t inline_buf_[SSL3_RT_HEADER_LENGTH];
1371
- // buf_allocated_ is true if |buf_| points to allocated data and must be freed
1372
- // or false if it points into |inline_buf_|.
1373
- bool buf_allocated_ = false;
1374
1514
  };
1375
1515
 
1376
1516
  // ssl_read_buffer_extend_to extends the read buffer to the desired length. For
@@ -1425,32 +1565,51 @@ enum ssl_key_usage_t {
1425
1565
  OPENSSL_EXPORT bool ssl_cert_check_key_usage(const CBS *in,
1426
1566
  enum ssl_key_usage_t bit);
1427
1567
 
1568
+ // ssl_cert_extract_issuer parses the DER-encoded, X.509 certificate in |in|
1569
+ // and extracts the issuer. On success it returns true and the DER encoded
1570
+ // issuer is in |out_dn|, otherwise it returns false.
1571
+ OPENSSL_EXPORT bool ssl_cert_extract_issuer(const CBS *in, CBS *out_dn);
1572
+
1573
+ // ssl_cert_matches_issuer parses the DER-encoded, X.509 certificate in |in|
1574
+ // and returns true if its issuer is an exact match for the DER encoded
1575
+ // distinguished name in |dn|
1576
+ bool ssl_cert_matches_issuer(const CBS *in, const CBS *dn);
1577
+
1428
1578
  // ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
1429
1579
  // certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
1430
1580
  // nullptr and pushes to the error queue.
1431
1581
  UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
1432
1582
 
1433
- // ssl_parse_client_CA_list parses a CA list from |cbs| in the format used by a
1434
- // TLS CertificateRequest message. On success, it returns a newly-allocated
1435
- // |CRYPTO_BUFFER| list and advances |cbs|. Otherwise, it returns nullptr and
1436
- // sets |*out_alert| to an alert to send to the peer.
1437
- UniquePtr<STACK_OF(CRYPTO_BUFFER)> ssl_parse_client_CA_list(SSL *ssl,
1438
- uint8_t *out_alert,
1439
- CBS *cbs);
1583
+ // SSL_parse_CA_list parses a CA list from |cbs| in the format used by a TLS
1584
+ // CertificateRequest message and Certificate Authorities extension. On success,
1585
+ // it returns a newly-allocated |CRYPTO_BUFFER| list and advances
1586
+ // |cbs|. Otherwise, it returns nullptr and sets |*out_alert| to an alert to
1587
+ // send to the peer.
1588
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
1589
+ uint8_t *out_alert,
1590
+ CBS *cbs);
1440
1591
 
1441
- // ssl_has_client_CAs returns there are configured CAs.
1592
+ // ssl_has_client_CAs returns whether there are configured CAs.
1442
1593
  bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
1443
1594
 
1444
1595
  // ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
1445
1596
  // used by a TLS CertificateRequest message. It returns true on success and
1446
1597
  // false on error.
1447
- bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
1598
+ bool ssl_add_client_CA_list(const SSL_HANDSHAKE *hs, CBB *cbb);
1599
+
1600
+ // ssl_has_CA_names returns whether there are configured CA names.
1601
+ bool ssl_has_CA_names(const SSL_CONFIG *cfg);
1602
+
1603
+ // ssl_add_CA_names adds the configured CA_names list to |cbb| in the format
1604
+ // used by a TLS Certificate Authorities extension. It returns true on success
1605
+ // and false on error.
1606
+ bool ssl_add_CA_names(const SSL_HANDSHAKE *hs, CBB *cbb);
1448
1607
 
1449
1608
  // ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
1450
1609
  // a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
1451
1610
  // an error on the error queue.
1452
1611
  bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
1453
- const CRYPTO_BUFFER *leaf);
1612
+ const CRYPTO_BUFFER *leaf);
1454
1613
 
1455
1614
 
1456
1615
  // TLS 1.3 key derivation.
@@ -1502,7 +1661,7 @@ bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
1502
1661
  // |exporter_secret|.
1503
1662
  bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
1504
1663
  Span<const uint8_t> secret,
1505
- Span<const char> label,
1664
+ std::string_view label,
1506
1665
  Span<const uint8_t> context);
1507
1666
 
1508
1667
  // tls13_finished_mac calculates the MAC of the handshake transcript to verify
@@ -1666,6 +1825,8 @@ bool ssl_encrypt_client_hello(SSL_HANDSHAKE *hs, Span<const uint8_t> enc);
1666
1825
  enum class SSLCredentialType {
1667
1826
  kX509,
1668
1827
  kDelegated,
1828
+ kSPAKE2PlusV1Client,
1829
+ kSPAKE2PlusV1Server,
1669
1830
  };
1670
1831
 
1671
1832
  BSSL_NAMESPACE_END
@@ -1677,7 +1838,7 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
1677
1838
  ssl_credential_st &operator=(const ssl_credential_st &) = delete;
1678
1839
 
1679
1840
  // Dup returns a copy of the credential, or nullptr on error. The |ex_data|
1680
- // values are not copied. This is only used on the default credential, whose
1841
+ // values are not copied. This is only used on the legacy credential, whose
1681
1842
  // |ex_data| is inaccessible.
1682
1843
  bssl::UniquePtr<SSL_CREDENTIAL> Dup() const;
1683
1844
 
@@ -1711,6 +1872,10 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
1711
1872
  // returns one on success and zero on error.
1712
1873
  bool AppendIntermediateCert(bssl::UniquePtr<CRYPTO_BUFFER> cert);
1713
1874
 
1875
+ // ChainContainsIssuer returns true if |dn| is a byte for byte match with the
1876
+ // issuer of any certificate in |chain|, false otherwise.
1877
+ bool ChainContainsIssuer(bssl::Span<const uint8_t> dn) const;
1878
+
1714
1879
  // type is the credential type and determines which other fields apply.
1715
1880
  bssl::SSLCredentialType type;
1716
1881
 
@@ -1756,8 +1921,34 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
1756
1921
  // OCSP response to be sent to the client, if requested.
1757
1922
  bssl::UniquePtr<CRYPTO_BUFFER> ocsp_response;
1758
1923
 
1924
+ // SPAKE2+-specific information.
1925
+ bssl::Array<uint8_t> pake_context;
1926
+ bssl::Array<uint8_t> client_identity;
1927
+ bssl::Array<uint8_t> server_identity;
1928
+ bssl::Array<uint8_t> password_verifier_w0;
1929
+ bssl::Array<uint8_t> password_verifier_w1; // server-only
1930
+ bssl::Array<uint8_t> registration_record; // client-only
1931
+ mutable std::atomic<uint32_t> pake_limit;
1932
+
1933
+ // Checks whether there are still permitted PAKE attempts remaining, without
1934
+ // changing the counter.
1935
+ bool HasPAKEAttempts() const;
1936
+
1937
+ // Atomically decrement |pake_limit|. Return true if successful and false if
1938
+ // |pake_limit| is already zero.
1939
+ bool ClaimPAKEAttempt() const;
1940
+
1941
+ // Atomically increment |pake_limit|. This must be paired with a
1942
+ // |ClaimPAKEAttempt| call.
1943
+ void RestorePAKEAttempt() const;
1944
+
1759
1945
  CRYPTO_EX_DATA ex_data;
1760
1946
 
1947
+ // must_match_issuer is a flag indicating that this credential should be
1948
+ // considered only when it matches a peer request for a particular issuer via
1949
+ // a negotiation mechanism (such as the certificate_authorities extension).
1950
+ bool must_match_issuer = false;
1951
+
1761
1952
  private:
1762
1953
  friend RefCounted;
1763
1954
  ~ssl_credential_st();
@@ -1765,14 +1956,26 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
1765
1956
 
1766
1957
  BSSL_NAMESPACE_BEGIN
1767
1958
 
1768
- // ssl_get_credential_list computes |hs|'s credential list. On success, it
1769
- // writes it to |*out| and returns true. Otherwise, it returns false. The
1770
- // credential list may be empty, in which case this function will successfully
1771
- // return an empty array.
1959
+ // ssl_get_full_credential_list computes |hs|'s full credential list, including
1960
+ // the legacy credential. On success, it writes it to |*out| and returns true.
1961
+ // Otherwise, it returns false. The credential list may be empty, in which case
1962
+ // this function will successfully output an empty array.
1963
+ //
1964
+ // This function should be called at most once during the handshake and is
1965
+ // intended to be used for certificate-based credentials. It runs the
1966
+ // auto-chaining logic as part of finishing the legacy credential. Other uses of
1967
+ // the credential list (e.g. PAKE credentials) should iterate over
1968
+ // |hs->config->cert->credentials|.
1772
1969
  //
1773
1970
  // The pointers in the result are only valid until |hs| is next mutated.
1774
- bool ssl_get_credential_list(SSL_HANDSHAKE *hs, Array<SSL_CREDENTIAL *> *out);
1971
+ bool ssl_get_full_credential_list(SSL_HANDSHAKE *hs,
1972
+ Array<SSL_CREDENTIAL *> *out);
1775
1973
 
1974
+ // ssl_credential_matches_requested_issuers returns true if |cred| is a
1975
+ // usable match for any requested issuers in |hs|, and false with an error
1976
+ // otherwise.
1977
+ bool ssl_credential_matches_requested_issuers(SSL_HANDSHAKE *hs,
1978
+ const SSL_CREDENTIAL *cred);
1776
1979
 
1777
1980
  // Handshake functions.
1778
1981
 
@@ -1896,6 +2099,14 @@ struct SSL_HANDSHAKE_HINTS {
1896
2099
  bool ignore_ticket = false;
1897
2100
  };
1898
2101
 
2102
+ struct SSLPAKEShare {
2103
+ static constexpr bool kAllowUniquePtr = true;
2104
+ uint16_t named_pake;
2105
+ Array<uint8_t> client_identity;
2106
+ Array<uint8_t> server_identity;
2107
+ Array<uint8_t> pake_message;
2108
+ };
2109
+
1899
2110
  struct SSL_HANDSHAKE {
1900
2111
  explicit SSL_HANDSHAKE(SSL *ssl);
1901
2112
  ~SSL_HANDSHAKE();
@@ -1927,18 +2138,13 @@ struct SSL_HANDSHAKE {
1927
2138
  // |SSL_OP_NO_*| and |SSL_CTX_set_max_proto_version| APIs.
1928
2139
  uint16_t max_version = 0;
1929
2140
 
1930
- private:
1931
- size_t hash_len_ = 0;
1932
- uint8_t secret_[SSL_MAX_MD_SIZE] = {0};
1933
- uint8_t early_traffic_secret_[SSL_MAX_MD_SIZE] = {0};
1934
- uint8_t client_handshake_secret_[SSL_MAX_MD_SIZE] = {0};
1935
- uint8_t server_handshake_secret_[SSL_MAX_MD_SIZE] = {0};
1936
- uint8_t client_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
1937
- uint8_t server_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
1938
- uint8_t expected_client_finished_[SSL_MAX_MD_SIZE] = {0};
1939
-
1940
- public:
1941
- void ResizeSecrets(size_t hash_len);
2141
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> secret;
2142
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> early_traffic_secret;
2143
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_handshake_secret;
2144
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_handshake_secret;
2145
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_traffic_secret_0;
2146
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_traffic_secret_0;
2147
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> expected_client_finished;
1942
2148
 
1943
2149
  // GetClientHello, on the server, returns either the normal ClientHello
1944
2150
  // message or the ClientHelloInner if it has been serialized to
@@ -1951,29 +2157,6 @@ struct SSL_HANDSHAKE {
1951
2157
  // SSL_HANDSHAKE.
1952
2158
  bool GetClientHello(SSLMessage *out_msg, SSL_CLIENT_HELLO *out_client_hello);
1953
2159
 
1954
- Span<uint8_t> secret() { return MakeSpan(secret_, hash_len_); }
1955
- Span<const uint8_t> secret() const {
1956
- return MakeConstSpan(secret_, hash_len_);
1957
- }
1958
- Span<uint8_t> early_traffic_secret() {
1959
- return MakeSpan(early_traffic_secret_, hash_len_);
1960
- }
1961
- Span<uint8_t> client_handshake_secret() {
1962
- return MakeSpan(client_handshake_secret_, hash_len_);
1963
- }
1964
- Span<uint8_t> server_handshake_secret() {
1965
- return MakeSpan(server_handshake_secret_, hash_len_);
1966
- }
1967
- Span<uint8_t> client_traffic_secret_0() {
1968
- return MakeSpan(client_traffic_secret_0_, hash_len_);
1969
- }
1970
- Span<uint8_t> server_traffic_secret_0() {
1971
- return MakeSpan(server_traffic_secret_0_, hash_len_);
1972
- }
1973
- Span<uint8_t> expected_client_finished() {
1974
- return MakeSpan(expected_client_finished_, hash_len_);
1975
- }
1976
-
1977
2160
  union {
1978
2161
  // sent is a bitset where the bits correspond to elements of kExtensions
1979
2162
  // in extensions.cc. Each bit is set if that extension was sent in a
@@ -2014,7 +2197,8 @@ struct SSL_HANDSHAKE {
2014
2197
 
2015
2198
  // dtls_cookie is the value of the cookie in DTLS HelloVerifyRequest. If
2016
2199
  // empty, either none was received or HelloVerifyRequest contained an empty
2017
- // cookie.
2200
+ // cookie. Check the received_hello_verify_request field to distinguish an
2201
+ // empty cookie from no HelloVerifyRequest message being received.
2018
2202
  Array<uint8_t> dtls_cookie;
2019
2203
 
2020
2204
  // ech_client_outer contains the outer ECH extension to send in the
@@ -2078,8 +2262,8 @@ struct SSL_HANDSHAKE {
2078
2262
  // server when using a TLS 1.2 PSK key exchange.
2079
2263
  UniquePtr<char> peer_psk_identity_hint;
2080
2264
 
2081
- // ca_names, on the client, contains the list of CAs received in a
2082
- // CertificateRequest message.
2265
+ // ca_names contains the list of CAs received via the Certificate Authorities
2266
+ // extension in our peer's CertificateRequest or ClientHello message
2083
2267
  UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names;
2084
2268
 
2085
2269
  // cached_x509_ca_names contains a cache of parsed versions of the elements of
@@ -2181,6 +2365,10 @@ struct SSL_HANDSHAKE {
2181
2365
  // the handshake.
2182
2366
  bool can_early_write : 1;
2183
2367
 
2368
+ // is_early_version is true if the protocol version configured is not
2369
+ // necessarily the final version and is just the predicted 0-RTT version.
2370
+ bool is_early_version : 1;
2371
+
2184
2372
  // next_proto_neg_seen is one of NPN was negotiated.
2185
2373
  bool next_proto_neg_seen : 1;
2186
2374
 
@@ -2222,6 +2410,10 @@ struct SSL_HANDSHAKE {
2222
2410
  // handshake.
2223
2411
  bool channel_id_negotiated : 1;
2224
2412
 
2413
+ // received_hello_verify_request is true if we received a HelloVerifyRequest
2414
+ // message from the server.
2415
+ bool received_hello_verify_request : 1;
2416
+
2225
2417
  // client_version is the value sent or received in the ClientHello version.
2226
2418
  uint16_t client_version = 0;
2227
2419
 
@@ -2241,11 +2433,22 @@ struct SSL_HANDSHAKE {
2241
2433
  uint8_t ech_config_id = 0;
2242
2434
 
2243
2435
  // session_id is the session ID in the ClientHello.
2244
- uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
2245
- uint8_t session_id_len = 0;
2436
+ InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
2246
2437
 
2247
2438
  // grease_seed is the entropy for GREASE values.
2248
2439
  uint8_t grease_seed[ssl_grease_last_index + 1] = {0};
2440
+
2441
+ // pake_share is the PAKE message received over the wire, if any.
2442
+ UniquePtr<SSLPAKEShare> pake_share;
2443
+
2444
+ // pake_share_bytes are the bytes of the PAKEShare to send, if any.
2445
+ Array<uint8_t> pake_share_bytes;
2446
+
2447
+ // pake_prover is the PAKE context for a client.
2448
+ UniquePtr<spake2plus::Prover> pake_prover;
2449
+
2450
+ // pake_verifier is the PAKE context for a server.
2451
+ UniquePtr<spake2plus::Verifier> pake_verifier;
2249
2452
  };
2250
2453
 
2251
2454
  // kMaxTickets is the maximum number of tickets to send immediately after the
@@ -2278,10 +2481,9 @@ const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
2278
2481
  const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
2279
2482
  const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
2280
2483
 
2281
- // tls13_add_key_update queues a KeyUpdate message on |ssl|. The
2282
- // |update_requested| argument must be one of |SSL_KEY_UPDATE_REQUESTED| or
2283
- // |SSL_KEY_UPDATE_NOT_REQUESTED|.
2284
- bool tls13_add_key_update(SSL *ssl, int update_requested);
2484
+ // tls13_add_key_update queues a KeyUpdate message on |ssl|. |request_type| must
2485
+ // be one of |SSL_KEY_UPDATE_REQUESTED| or |SSL_KEY_UPDATE_NOT_REQUESTED|.
2486
+ bool tls13_add_key_update(SSL *ssl, int request_type);
2285
2487
 
2286
2488
  // tls13_post_handshake processes a post-handshake message. It returns true on
2287
2489
  // success and false on failure.
@@ -2319,6 +2521,10 @@ bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
2319
2521
  // a single key share of the specified group.
2320
2522
  bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id);
2321
2523
 
2524
+ // ssl_setup_pake_shares computes the client PAKE shares and saves them in |hs|.
2525
+ // It returns true on success and false on failure.
2526
+ bool ssl_setup_pake_shares(SSL_HANDSHAKE *hs);
2527
+
2322
2528
  bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
2323
2529
  Array<uint8_t> *out_secret,
2324
2530
  uint8_t *out_alert, CBS *contents);
@@ -2326,8 +2532,13 @@ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
2326
2532
  Span<const uint8_t> *out_peer_key,
2327
2533
  uint8_t *out_alert,
2328
2534
  const SSL_CLIENT_HELLO *client_hello);
2535
+ bool ssl_ext_pake_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
2329
2536
  bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
2330
2537
 
2538
+ bool ssl_ext_pake_parse_serverhello(SSL_HANDSHAKE *hs,
2539
+ Array<uint8_t> *out_secret,
2540
+ uint8_t *out_alert, CBS *contents);
2541
+
2331
2542
  bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
2332
2543
  uint8_t *out_alert,
2333
2544
  CBS *contents);
@@ -2472,12 +2683,6 @@ bool ssl_log_secret(const SSL *ssl, const char *label,
2472
2683
 
2473
2684
  // ClientHello functions.
2474
2685
 
2475
- // ssl_client_hello_init parses |body| as a ClientHello message, excluding the
2476
- // message header, and writes the result to |*out|. It returns true on success
2477
- // and false on error. This function is exported for testing.
2478
- OPENSSL_EXPORT bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
2479
- Span<const uint8_t> body);
2480
-
2481
2686
  bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
2482
2687
  SSL_CLIENT_HELLO *out);
2483
2688
 
@@ -2542,32 +2747,32 @@ struct CERT {
2542
2747
  explicit CERT(const SSL_X509_METHOD *x509_method);
2543
2748
  ~CERT();
2544
2749
 
2545
- bool is_valid() const { return default_credential != nullptr; }
2750
+ bool is_valid() const { return legacy_credential != nullptr; }
2546
2751
 
2547
2752
  // credentials is the list of credentials to select between. Elements of this
2548
2753
  // array immutable.
2549
- GrowableArray<UniquePtr<SSL_CREDENTIAL>> credentials;
2754
+ Vector<UniquePtr<SSL_CREDENTIAL>> credentials;
2550
2755
 
2551
- // default_credential is the credential configured by the legacy,
2756
+ // legacy_credential is the credential configured by the legacy
2552
2757
  // non-credential-based APIs. If IsComplete() returns true, it is appended to
2553
2758
  // the list of credentials.
2554
- UniquePtr<SSL_CREDENTIAL> default_credential;
2759
+ UniquePtr<SSL_CREDENTIAL> legacy_credential;
2555
2760
 
2556
2761
  // x509_method contains pointers to functions that might deal with |X509|
2557
2762
  // compatibility, or might be a no-op, depending on the application.
2558
2763
  const SSL_X509_METHOD *x509_method = nullptr;
2559
2764
 
2560
- // x509_chain may contain a parsed copy of |chain[1..]| from the default
2765
+ // x509_chain may contain a parsed copy of |chain[1..]| from the legacy
2561
2766
  // credential. This is only used as a cache in order to implement “get0”
2562
2767
  // functions that return a non-owning pointer to the certificate chain.
2563
2768
  STACK_OF(X509) *x509_chain = nullptr;
2564
2769
 
2565
2770
  // x509_leaf may contain a parsed copy of the first element of |chain| from
2566
- // the default credential. This is only used as a cache in order to implement
2771
+ // the legacy credential. This is only used as a cache in order to implement
2567
2772
  // “get0” functions that return a non-owning pointer to the certificate chain.
2568
2773
  X509 *x509_leaf = nullptr;
2569
2774
 
2570
- // x509_stash contains the last |X509| object append to the default
2775
+ // x509_stash contains the last |X509| object append to the legacy
2571
2776
  // credential's chain. This is a workaround for some third-party code that
2572
2777
  // continue to use an |X509| object even after passing ownership with an
2573
2778
  // “add0” function.
@@ -2588,8 +2793,7 @@ struct CERT {
2588
2793
 
2589
2794
  // sid_ctx partitions the session space within a shared session cache or
2590
2795
  // ticket key. Only sessions with a matching value will be accepted.
2591
- uint8_t sid_ctx_length = 0;
2592
- uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
2796
+ InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
2593
2797
  };
2594
2798
 
2595
2799
  // |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
@@ -2638,25 +2842,37 @@ struct SSL_PROTOCOL_METHOD {
2638
2842
  // add_change_cipher_spec adds a ChangeCipherSpec record to the pending
2639
2843
  // flight. It returns true on success and false on error.
2640
2844
  bool (*add_change_cipher_spec)(SSL *ssl);
2641
- // flush_flight flushes the pending flight to the transport. It returns one on
2642
- // success and <= 0 on error.
2643
- int (*flush_flight)(SSL *ssl);
2845
+ // finish_flight marks the pending flight as finished and ready to send.
2846
+ // |flush| must be called to write it.
2847
+ void (*finish_flight)(SSL *ssl);
2848
+ // schedule_ack schedules a DTLS 1.3 ACK to be sent, without an ACK delay.
2849
+ // |flush| must be called to write it.
2850
+ void (*schedule_ack)(SSL *ssl);
2851
+ // flush writes any scheduled data to the transport. It returns one on success
2852
+ // and <= 0 on error.
2853
+ int (*flush)(SSL *ssl);
2644
2854
  // on_handshake_complete is called when the handshake is complete.
2645
2855
  void (*on_handshake_complete)(SSL *ssl);
2646
2856
  // set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
2647
- // |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
2648
- // is the original secret. This function returns true on success and false on
2649
- // error.
2857
+ // |level|. In QUIC, |aead_ctx| is a placeholder object. In TLS 1.3,
2858
+ // |traffic_secret| is the original traffic secret. This function returns true
2859
+ // on success and false on error.
2860
+ //
2861
+ // TODO(crbug.com/371998381): Take the traffic secrets as input and let the
2862
+ // function create the SSLAEADContext.
2650
2863
  bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
2651
2864
  UniquePtr<SSLAEADContext> aead_ctx,
2652
- Span<const uint8_t> secret_for_quic);
2865
+ Span<const uint8_t> traffic_secret);
2653
2866
  // set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
2654
- // |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
2655
- // is the original secret. This function returns true on success and false on
2656
- // error.
2867
+ // |level|. In QUIC, |aead_ctx| is a placeholder object In TLS 1.3,
2868
+ // |traffic_secret| is the original traffic secret. This function returns true
2869
+ // on success and false on error.
2870
+ //
2871
+ // TODO(crbug.com/371998381): Take the traffic secrets as input and let the
2872
+ // function create the SSLAEADContext.
2657
2873
  bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
2658
2874
  UniquePtr<SSLAEADContext> aead_ctx,
2659
- Span<const uint8_t> secret_for_quic);
2875
+ Span<const uint8_t> traffic_secret);
2660
2876
  };
2661
2877
 
2662
2878
  // The following wrappers call |open_*| but handle |read_shutdown| correctly.
@@ -2682,10 +2898,10 @@ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
2682
2898
  Span<uint8_t> in);
2683
2899
 
2684
2900
  struct SSL_X509_METHOD {
2685
- // check_client_CA_list returns one if |names| is a good list of X.509
2686
- // distinguished names and zero otherwise. This is used to ensure that we can
2687
- // reject unparsable values at handshake time when using crypto/x509.
2688
- bool (*check_client_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
2901
+ // check_CA_list returns one if |names| is a good list of X.509 distinguished
2902
+ // names and zero otherwise. This is used to ensure that we can reject
2903
+ // unparsable values at handshake time when using crypto/x509.
2904
+ bool (*check_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
2689
2905
 
2690
2906
  // cert_clear frees and NULLs all X509 certificate-related state.
2691
2907
  void (*cert_clear)(CERT *cert);
@@ -2846,8 +3062,14 @@ struct SSL3_STATE {
2846
3062
  // needs re-doing when in SSL_accept or SSL_connect
2847
3063
  int rwstate = SSL_ERROR_NONE;
2848
3064
 
2849
- enum ssl_encryption_level_t read_level = ssl_encryption_initial;
2850
- enum ssl_encryption_level_t write_level = ssl_encryption_initial;
3065
+ enum ssl_encryption_level_t quic_read_level = ssl_encryption_initial;
3066
+ enum ssl_encryption_level_t quic_write_level = ssl_encryption_initial;
3067
+
3068
+ // version is the protocol version, or zero if the version has not yet been
3069
+ // set. In clients offering 0-RTT, this version will initially be set to the
3070
+ // early version, then switched to the final version. To distinguish these
3071
+ // cases, use |ssl_has_final_version|.
3072
+ uint16_t version = 0;
2851
3073
 
2852
3074
  // early_data_skipped is the amount of early data that has been skipped by the
2853
3075
  // record layer.
@@ -2870,10 +3092,6 @@ struct SSL3_STATE {
2870
3092
  // messages when 0RTT is rejected.
2871
3093
  bool skip_early_data : 1;
2872
3094
 
2873
- // have_version is true if the connection's final version is known. Otherwise
2874
- // the version has not been negotiated yet.
2875
- bool have_version : 1;
2876
-
2877
3095
  // v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
2878
3096
  // and future messages should use the record layer.
2879
3097
  bool v2_hello_done : 1;
@@ -2899,8 +3117,10 @@ struct SSL3_STATE {
2899
3117
  // Channel ID and the |channel_id| field is filled in.
2900
3118
  bool channel_id_valid : 1;
2901
3119
 
2902
- // key_update_pending is true if we have a KeyUpdate acknowledgment
2903
- // outstanding.
3120
+ // key_update_pending is true if we are in the process of sending a KeyUpdate
3121
+ // message. As a DoS mitigation (and a requirement in DTLS), we never send
3122
+ // more than one KeyUpdate at once. In DTLS, this tracks whether there is an
3123
+ // unACKed KeyUpdate.
2904
3124
  bool key_update_pending : 1;
2905
3125
 
2906
3126
  // early_data_accepted is true if early data was accepted by the server.
@@ -2957,18 +3177,13 @@ struct SSL3_STATE {
2957
3177
  // one.
2958
3178
  UniquePtr<SSL_HANDSHAKE> hs;
2959
3179
 
2960
- uint8_t write_traffic_secret[SSL_MAX_MD_SIZE] = {0};
2961
- uint8_t read_traffic_secret[SSL_MAX_MD_SIZE] = {0};
2962
- uint8_t exporter_secret[SSL_MAX_MD_SIZE] = {0};
2963
- uint8_t write_traffic_secret_len = 0;
2964
- uint8_t read_traffic_secret_len = 0;
2965
- uint8_t exporter_secret_len = 0;
3180
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> write_traffic_secret;
3181
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> read_traffic_secret;
3182
+ InplaceVector<uint8_t, SSL_MAX_MD_SIZE> exporter_secret;
2966
3183
 
2967
3184
  // Connection binding to prevent renegotiation attacks
2968
- uint8_t previous_client_finished[12] = {0};
2969
- uint8_t previous_client_finished_len = 0;
2970
- uint8_t previous_server_finished_len = 0;
2971
- uint8_t previous_server_finished[12] = {0};
3185
+ InplaceVector<uint8_t, 12> previous_client_finished;
3186
+ InplaceVector<uint8_t, 12> previous_server_finished;
2972
3187
 
2973
3188
  uint8_t send_alert[2] = {0};
2974
3189
 
@@ -3031,9 +3246,47 @@ static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS1_3_RECORD_HEADER_WRITE_LENGTH,
3031
3246
 
3032
3247
  #define DTLS1_HM_HEADER_LENGTH 12
3033
3248
 
3034
- #define DTLS1_CCS_HEADER_LENGTH 1
3249
+ // A DTLSMessageBitmap maintains a list of bits which may be marked to indicate
3250
+ // a portion of a message was received or ACKed.
3251
+ class DTLSMessageBitmap {
3252
+ public:
3253
+ // A Range represents a range of bits from |start|, inclusive, to |end|,
3254
+ // exclusive.
3255
+ struct Range {
3256
+ size_t start = 0;
3257
+ size_t end = 0;
3258
+
3259
+ bool empty() const { return start == end; }
3260
+ size_t size() const { return end - start; }
3261
+ bool operator==(const Range &r) const {
3262
+ return start == r.start && end == r.end;
3263
+ }
3264
+ bool operator!=(const Range &r) const { return !(*this == r); }
3265
+ };
3266
+
3267
+ // Init initializes the structure with |num_bits| unmarked bits, from zero
3268
+ // to |num_bits - 1|.
3269
+ bool Init(size_t num_bits);
3035
3270
 
3036
- #define DTLS1_AL_HEADER_LENGTH 2
3271
+ // MarkRange marks the bits from |start|, inclusive, to |end|, exclusive.
3272
+ void MarkRange(size_t start, size_t end);
3273
+
3274
+ // NextUnmarkedRange returns the next range of unmarked bits, starting from
3275
+ // |start|, inclusive. If all bits after |start| are marked, it returns an
3276
+ // empty range.
3277
+ Range NextUnmarkedRange(size_t start) const;
3278
+
3279
+ // IsComplete returns whether every bit in the bitmask has been marked.
3280
+ bool IsComplete() const { return bytes_.empty(); }
3281
+
3282
+ private:
3283
+ // bytes_ contains the unmarked bits. We maintain an invariant: if |bytes_| is
3284
+ // not empty, some bit is unset.
3285
+ Array<uint8_t> bytes_;
3286
+ // first_unmarked_byte_ is the index of first byte in |bytes_| that is not
3287
+ // 0xff. This is maintained to amortize checking if the message is complete.
3288
+ size_t first_unmarked_byte_ = 0;
3289
+ };
3037
3290
 
3038
3291
  struct hm_header_st {
3039
3292
  uint8_t type;
@@ -3043,28 +3296,47 @@ struct hm_header_st {
3043
3296
  uint32_t frag_len;
3044
3297
  };
3045
3298
 
3046
- // An hm_fragment is an incoming DTLS message, possibly not yet assembled.
3047
- struct hm_fragment {
3299
+ // An DTLSIncomingMessage is an incoming DTLS message, possibly not yet
3300
+ // assembled.
3301
+ struct DTLSIncomingMessage {
3048
3302
  static constexpr bool kAllowUniquePtr = true;
3049
3303
 
3050
- hm_fragment() {}
3051
- hm_fragment(const hm_fragment &) = delete;
3052
- hm_fragment &operator=(const hm_fragment &) = delete;
3053
-
3054
- ~hm_fragment();
3304
+ Span<uint8_t> msg() { return Span(data).subspan(DTLS1_HM_HEADER_LENGTH); }
3305
+ Span<const uint8_t> msg() const {
3306
+ return Span(data).subspan(DTLS1_HM_HEADER_LENGTH);
3307
+ }
3308
+ size_t msg_len() const { return msg().size(); }
3055
3309
 
3056
3310
  // type is the type of the message.
3057
3311
  uint8_t type = 0;
3058
3312
  // seq is the sequence number of this message.
3059
3313
  uint16_t seq = 0;
3060
- // msg_len is the length of the message body.
3061
- uint32_t msg_len = 0;
3062
- // data is a pointer to the message, including message header. It has length
3063
- // |DTLS1_HM_HEADER_LENGTH| + |msg_len|.
3064
- uint8_t *data = nullptr;
3065
- // reassembly is a bitmask of |msg_len| bits corresponding to which parts of
3066
- // the message have been received. It is NULL if the message is complete.
3067
- uint8_t *reassembly = nullptr;
3314
+ // data contains the message, including the message header of length
3315
+ // |DTLS1_HM_HEADER_LENGTH|.
3316
+ Array<uint8_t> data;
3317
+ // reassembly tracks which parts of the message have been received.
3318
+ DTLSMessageBitmap reassembly;
3319
+ };
3320
+
3321
+ struct DTLSOutgoingMessage {
3322
+ size_t msg_len() const {
3323
+ assert(!is_ccs);
3324
+ assert(data.size() >= DTLS1_HM_HEADER_LENGTH);
3325
+ return data.size() - DTLS1_HM_HEADER_LENGTH;
3326
+ }
3327
+
3328
+ bool IsFullyAcked() const {
3329
+ // ACKs only exist in DTLS 1.3, which does not send ChangeCipherSpec.
3330
+ return !is_ccs && acked.IsComplete();
3331
+ }
3332
+
3333
+ Array<uint8_t> data;
3334
+ uint16_t epoch = 0;
3335
+ bool is_ccs = false;
3336
+ // acked tracks which bits of the message have been ACKed by the peer. If
3337
+ // |msg_len| is zero, it tracks one bit for whether the header has been
3338
+ // received.
3339
+ DTLSMessageBitmap acked;
3068
3340
  };
3069
3341
 
3070
3342
  struct OPENSSL_timeval {
@@ -3072,12 +3344,111 @@ struct OPENSSL_timeval {
3072
3344
  uint32_t tv_usec;
3073
3345
  };
3074
3346
 
3347
+ struct DTLSTimer {
3348
+ public:
3349
+ static constexpr uint64_t kNever = UINT64_MAX;
3350
+
3351
+ // StartMicroseconds schedules the timer to expire the specified number of
3352
+ // microseconds from |now|.
3353
+ void StartMicroseconds(OPENSSL_timeval now, uint64_t microseconds);
3354
+
3355
+ // Stop disables the timer.
3356
+ void Stop();
3357
+
3358
+ // IsExpired returns true if the timer was set and is expired at time |now|.
3359
+ bool IsExpired(OPENSSL_timeval now) const;
3360
+
3361
+ // IsSet returns true if the timer is scheduled or expired, and false if it is
3362
+ // stopped.
3363
+ bool IsSet() const;
3364
+
3365
+ // MicrosecondsRemaining returns the time remaining, in microseconds, at
3366
+ // |now|, or |kNever| if the timer is unset.
3367
+ uint64_t MicrosecondsRemaining(OPENSSL_timeval now) const;
3368
+
3369
+ private:
3370
+ // expire_time_ is the time when the timer expires, or zero if the timer is
3371
+ // unset.
3372
+ //
3373
+ // TODO(crbug.com/366284846): This is an extremely inconvenient time
3374
+ // representation. Switch libssl to something like a 64-bit count of
3375
+ // microseconds. While it's decidedly past 1970 now, zero is a less obviously
3376
+ // sound distinguished value for the monotonic clock, so maybe we should use a
3377
+ // different distinguished time, like |INT64_MAX| in the microseconds
3378
+ // representation.
3379
+ OPENSSL_timeval expire_time_ = {0, 0};
3380
+ };
3381
+
3382
+ // DTLS_MAX_EXTRA_WRITE_EPOCHS is the maximum number of additional write epochs
3383
+ // that DTLS may need to retain.
3384
+ //
3385
+ // The maximum is, as a DTLS 1.3 server, immediately after sending Finished. At
3386
+ // this point, the current epoch is the application write keys (epoch 3), but we
3387
+ // may have ServerHello (epoch 0) and EncryptedExtensions (epoch 1) to
3388
+ // retransmit. KeyUpdate does not increase this count. If the server were to
3389
+ // initiate KeyUpdate from this state, it would not apply the new epoch until
3390
+ // the client's ACKs have caught up. At that point, epochs 0 and 1 can be
3391
+ // discarded.
3392
+ #define DTLS_MAX_EXTRA_WRITE_EPOCHS 2
3393
+
3394
+ // DTLS_MAX_ACK_BUFFER is the maximum number of records worth of data we'll keep
3395
+ // track of with DTLS 1.3 ACKs. When we exceed this value, information about
3396
+ // stale records will be dropped. This will not break the connection but may
3397
+ // cause ACKs to perform worse and retransmit unnecessary information.
3398
+ #define DTLS_MAX_ACK_BUFFER 32
3399
+
3400
+ // A DTLSSentRecord records information about a record we sent. Each record
3401
+ // covers all bytes from |first_msg_start| (inclusive) of |first_msg| to
3402
+ // |last_msg_end| (exclusive) of |last_msg|. Messages are referenced by index
3403
+ // into |outgoing_messages|. |last_msg_end| may be |outgoing_messages.size()| if
3404
+ // |last_msg_end| is zero.
3405
+ //
3406
+ // When the message is empty, |first_msg_start| and |last_msg_end| are
3407
+ // maintained as if there is a single bit in the message representing the
3408
+ // header. See |acked| in DTLSOutgoingMessage.
3409
+ struct DTLSSentRecord {
3410
+ DTLSRecordNumber number;
3411
+ PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> first_msg = 0;
3412
+ PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> last_msg = 0;
3413
+ uint32_t first_msg_start = 0;
3414
+ uint32_t last_msg_end = 0;
3415
+ };
3416
+
3417
+ enum class QueuedKeyUpdate {
3418
+ kNone,
3419
+ kUpdateNotRequested,
3420
+ kUpdateRequested,
3421
+ };
3422
+
3423
+ // DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS is how long to retain the previous read
3424
+ // epoch in DTLS 1.3. This value is set based on the following:
3425
+ //
3426
+ // - Section 4.2.1 of RFC 9147 recommends retaining past read epochs for the
3427
+ // default TCP MSL. This accommodates packet reordering with KeyUpdate.
3428
+ //
3429
+ // - Section 5.8.1 of RFC 9147 requires being capable of ACKing the client's
3430
+ // final flight for at least twice the default MSL. That requires retaining
3431
+ // epoch 2 after the handshake.
3432
+ //
3433
+ // - Section 4 of RFC 9293 defines the MSL to be two minutes.
3434
+ #define DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS (4 * 60)
3435
+
3436
+ struct DTLSPrevReadEpoch {
3437
+ static constexpr bool kAllowUniquePtr = true;
3438
+ DTLSReadEpoch epoch;
3439
+ // expire is the expiration time of the read epoch, expressed as a POSIX
3440
+ // timestamp in seconds.
3441
+ uint64_t expire;
3442
+ };
3443
+
3075
3444
  struct DTLS1_STATE {
3076
3445
  static constexpr bool kAllowUniquePtr = true;
3077
3446
 
3078
3447
  DTLS1_STATE();
3079
3448
  ~DTLS1_STATE();
3080
3449
 
3450
+ bool Init();
3451
+
3081
3452
  // has_change_cipher_spec is true if we have received a ChangeCipherSpec from
3082
3453
  // the peer in this epoch.
3083
3454
  bool has_change_cipher_spec : 1;
@@ -3092,36 +3463,63 @@ struct DTLS1_STATE {
3092
3463
  // peer sent the final flight.
3093
3464
  bool flight_has_reply : 1;
3094
3465
 
3095
- // The current data and handshake epoch. This is initially undefined, and
3096
- // starts at zero once the initial handshake is completed.
3097
- uint16_t r_epoch = 0;
3098
- uint16_t w_epoch = 0;
3466
+ // handshake_write_overflow and handshake_read_overflow are true if
3467
+ // handshake_write_seq and handshake_read_seq, respectively have overflowed.
3468
+ bool handshake_write_overflow : 1;
3469
+ bool handshake_read_overflow : 1;
3099
3470
 
3100
- // records being received in the current epoch
3101
- DTLS1_BITMAP bitmap;
3471
+ // sending_flight and sending_ack are true if we are in the process of sending
3472
+ // a handshake flight and ACK, respectively.
3473
+ bool sending_flight : 1;
3474
+ bool sending_ack : 1;
3475
+
3476
+ // queued_key_update, if not kNone, indicates we've queued a KeyUpdate message
3477
+ // to send after the current flight is ACKed.
3478
+ QueuedKeyUpdate queued_key_update : 2;
3102
3479
 
3103
3480
  uint16_t handshake_write_seq = 0;
3104
3481
  uint16_t handshake_read_seq = 0;
3105
3482
 
3106
- // save last sequence number for retransmissions
3107
- uint64_t last_write_sequence = 0;
3108
- UniquePtr<SSLAEADContext> last_aead_write_ctx;
3483
+ // read_epoch is the current read epoch.
3484
+ DTLSReadEpoch read_epoch;
3485
+
3486
+ // next_read_epoch is the next read epoch in DTLS 1.3. It will become
3487
+ // current once a record is received from it.
3488
+ UniquePtr<DTLSReadEpoch> next_read_epoch;
3109
3489
 
3490
+ // prev_read_epoch is the previous read epoch in DTLS 1.3.
3491
+ UniquePtr<DTLSPrevReadEpoch> prev_read_epoch;
3110
3492
 
3111
- // In DTLS 1.3, this contains the write AEAD for the initial encryption level.
3112
- // TODO(crbug.com/boringssl/715): Drop this when it is no longer needed.
3113
- UniquePtr<SSLAEADContext> initial_aead_write_ctx;
3493
+ // write_epoch is the current DTLS write epoch. Non-retransmit records will
3494
+ // generally use this epoch.
3495
+ // TODO(crbug.com/381113363): 0-RTT will be the exception, when implemented.
3496
+ DTLSWriteEpoch write_epoch;
3497
+
3498
+ // extra_write_epochs is the collection available write epochs.
3499
+ InplaceVector<UniquePtr<DTLSWriteEpoch>, DTLS_MAX_EXTRA_WRITE_EPOCHS>
3500
+ extra_write_epochs;
3114
3501
 
3115
3502
  // incoming_messages is a ring buffer of incoming handshake messages that have
3116
3503
  // yet to be processed. The front of the ring buffer is message number
3117
3504
  // |handshake_read_seq|, at position |handshake_read_seq| %
3118
3505
  // |SSL_MAX_HANDSHAKE_FLIGHT|.
3119
- UniquePtr<hm_fragment> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
3506
+ UniquePtr<DTLSIncomingMessage> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
3120
3507
 
3121
3508
  // outgoing_messages is the queue of outgoing messages from the last handshake
3122
3509
  // flight.
3123
- DTLS_OUTGOING_MESSAGE outgoing_messages[SSL_MAX_HANDSHAKE_FLIGHT];
3124
- uint8_t outgoing_messages_len = 0;
3510
+ InplaceVector<DTLSOutgoingMessage, SSL_MAX_HANDSHAKE_FLIGHT>
3511
+ outgoing_messages;
3512
+
3513
+ // sent_records is a queue of records we sent, for processing ACKs. To save
3514
+ // memory in the steady state, the structure is stored on the heap and dropped
3515
+ // when empty.
3516
+ UniquePtr<MRUQueue<DTLSSentRecord, DTLS_MAX_ACK_BUFFER>> sent_records;
3517
+
3518
+ // records_to_ack is a queue of received records that we should ACK. This is
3519
+ // not stored on the heap because, in the steady state, DTLS 1.3 does not
3520
+ // necessarily empty this list. (We probably could drop records from here once
3521
+ // they are sufficiently old.)
3522
+ MRUQueue<DTLSRecordNumber, DTLS_MAX_ACK_BUFFER> records_to_ack;
3125
3523
 
3126
3524
  // outgoing_written is the number of outgoing messages that have been
3127
3525
  // written.
@@ -3136,12 +3534,15 @@ struct DTLS1_STATE {
3136
3534
  // the last time it was reset.
3137
3535
  unsigned num_timeouts = 0;
3138
3536
 
3139
- // Indicates when the last handshake msg or heartbeat sent will
3140
- // timeout.
3141
- struct OPENSSL_timeval next_timeout = {0, 0};
3537
+ // retransmit_timer tracks when to schedule the next DTLS retransmit if we do
3538
+ // not hear from the peer.
3539
+ DTLSTimer retransmit_timer;
3540
+
3541
+ // ack_timer tracks when to send an ACK.
3542
+ DTLSTimer ack_timer;
3142
3543
 
3143
3544
  // timeout_duration_ms is the timeout duration in milliseconds.
3144
- unsigned timeout_duration_ms = 0;
3545
+ uint32_t timeout_duration_ms = 0;
3145
3546
  };
3146
3547
 
3147
3548
  // An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
@@ -3207,6 +3608,13 @@ struct SSL_CONFIG {
3207
3608
  // |client_CA|.
3208
3609
  STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
3209
3610
 
3611
+ // For client side, keep the list of CA distinguished names we can use
3612
+ // for the Certificate Authorities extension.
3613
+ // TODO(bbe) having this separate from the client side (above) is mildly
3614
+ // silly, but OpenSSL has *_client_CA API's for this exposed, and for the
3615
+ // moment we are not crossing those streams.
3616
+ UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
3617
+
3210
3618
  Array<uint16_t> supported_group_list; // our list
3211
3619
 
3212
3620
  // channel_id_private is the client's Channel ID private key, or null if
@@ -3219,7 +3627,7 @@ struct SSL_CONFIG {
3219
3627
 
3220
3628
  // alps_configs contains the list of supported protocols to use with ALPS,
3221
3629
  // along with their corresponding ALPS values.
3222
- GrowableArray<ALPSConfig> alps_configs;
3630
+ Vector<ALPSConfig> alps_configs;
3223
3631
 
3224
3632
  // Contains the QUIC transport params that this endpoint will send.
3225
3633
  Array<uint8_t> quic_transport_params;
@@ -3239,9 +3647,9 @@ struct SSL_CONFIG {
3239
3647
  // structure for the client to use when negotiating ECH.
3240
3648
  Array<uint8_t> client_ech_config_list;
3241
3649
 
3242
- // tls13_cipher_policy limits the set of ciphers that can be selected when
3650
+ // compliance_policy limits the set of ciphers that can be selected when
3243
3651
  // negotiating a TLS 1.3 connection.
3244
- enum ssl_compliance_policy_t tls13_cipher_policy = ssl_compliance_policy_none;
3652
+ enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
3245
3653
 
3246
3654
  // verify_mode is a bitmask of |SSL_VERIFY_*| values.
3247
3655
  uint8_t verify_mode = SSL_VERIFY_NONE;
@@ -3304,15 +3712,6 @@ struct SSL_CONFIG {
3304
3712
  // alps_use_new_codepoint if set indicates we use new ALPS extension codepoint
3305
3713
  // to negotiate and convey application settings.
3306
3714
  bool alps_use_new_codepoint : 1;
3307
-
3308
- // check_client_certificate_type indicates whether the client, in TLS 1.2 and
3309
- // below, will check its certificate against the server's requested
3310
- // certificate types.
3311
- bool check_client_certificate_type : 1;
3312
-
3313
- // check_ecdsa_curve indicates whether the server, in TLS 1.2 and below, will
3314
- // check its certificate against the client's supported ECDSA curves.
3315
- bool check_ecdsa_curve : 1;
3316
3715
  };
3317
3716
 
3318
3717
  // From RFC 8446, used in determining PSK modes.
@@ -3330,10 +3729,15 @@ bool ssl_is_key_type_supported(int key_type);
3330
3729
  // counterpart to |privkey|. Otherwise it returns false and pushes a helpful
3331
3730
  // message on the error queue.
3332
3731
  bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
3333
- const EVP_PKEY *privkey);
3732
+ const EVP_PKEY *privkey);
3334
3733
  bool ssl_get_new_session(SSL_HANDSHAKE *hs);
3734
+
3735
+ // ssl_encrypt_ticket encrypt a ticket for |session| and writes the result to
3736
+ // |out|. It returns true on success and false on error. If, on success, nothing
3737
+ // was written to |out|, the caller should skip sending a ticket.
3335
3738
  bool ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
3336
3739
  const SSL_SESSION *session);
3740
+
3337
3741
  bool ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
3338
3742
 
3339
3743
  // ssl_session_new returns a newly-allocated blank |SSL_SESSION| or nullptr on
@@ -3354,6 +3758,20 @@ OPENSSL_EXPORT UniquePtr<SSL_SESSION> SSL_SESSION_parse(
3354
3758
  // error.
3355
3759
  OPENSSL_EXPORT bool ssl_session_serialize(const SSL_SESSION *in, CBB *cbb);
3356
3760
 
3761
+ enum class SSLSessionType {
3762
+ // The session is not resumable.
3763
+ kNotResumable,
3764
+ // The session uses a TLS 1.2 session ID.
3765
+ kID,
3766
+ // The session uses a TLS 1.2 ticket.
3767
+ kTicket,
3768
+ // The session uses a TLS 1.3 pre-shared key.
3769
+ kPreSharedKey,
3770
+ };
3771
+
3772
+ // ssl_session_get_type returns the type of |session|.
3773
+ SSLSessionType ssl_session_get_type(const SSL_SESSION *session);
3774
+
3357
3775
  // ssl_session_is_context_valid returns whether |session|'s session ID context
3358
3776
  // matches the one set on |hs|.
3359
3777
  bool ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
@@ -3438,13 +3856,15 @@ bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
3438
3856
  bool tls_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
3439
3857
  bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
3440
3858
  bool tls_add_change_cipher_spec(SSL *ssl);
3441
- int tls_flush_flight(SSL *ssl);
3859
+ int tls_flush(SSL *ssl);
3442
3860
 
3443
3861
  bool dtls1_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
3444
3862
  bool dtls1_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
3445
3863
  bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
3446
3864
  bool dtls1_add_change_cipher_spec(SSL *ssl);
3447
- int dtls1_flush_flight(SSL *ssl);
3865
+ void dtls1_finish_flight(SSL *ssl);
3866
+ void dtls1_schedule_ack(SSL *ssl);
3867
+ int dtls1_flush(SSL *ssl);
3448
3868
 
3449
3869
  // ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
3450
3870
  // the pending flight. It returns true on success and false on error.
@@ -3454,6 +3874,9 @@ bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
3454
3874
  // on success and false on allocation failure.
3455
3875
  bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
3456
3876
 
3877
+ ssl_open_record_t dtls1_process_ack(SSL *ssl, uint8_t *out_alert,
3878
+ DTLSRecordNumber ack_record_number,
3879
+ Span<const uint8_t> data);
3457
3880
  ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
3458
3881
  size_t *out_consumed, uint8_t *out_alert,
3459
3882
  Span<uint8_t> in);
@@ -3469,19 +3892,27 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
3469
3892
  int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
3470
3893
  uint16_t epoch);
3471
3894
 
3472
- int dtls1_retransmit_outgoing_messages(SSL *ssl);
3473
3895
  bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
3474
3896
  CBS *out_body);
3475
- bool dtls1_check_timeout_num(SSL *ssl);
3476
3897
 
3477
- void dtls1_start_timer(SSL *ssl);
3898
+ // DTLS1_MTU_TIMEOUTS is the maximum number of retransmit timeouts to expire
3899
+ // before starting to decrease the MTU.
3900
+ #define DTLS1_MTU_TIMEOUTS 2
3901
+
3902
+ // DTLS1_MAX_TIMEOUTS is the maximum number of retransmit timeouts to expire
3903
+ // before failing the DTLS handshake.
3904
+ #define DTLS1_MAX_TIMEOUTS 12
3905
+
3478
3906
  void dtls1_stop_timer(SSL *ssl);
3479
- bool dtls1_is_timer_expired(SSL *ssl);
3907
+
3480
3908
  unsigned int dtls1_min_mtu(void);
3481
3909
 
3482
3910
  bool dtls1_new(SSL *ssl);
3483
3911
  void dtls1_free(SSL *ssl);
3484
3912
 
3913
+ bool dtls1_process_handshake_fragments(SSL *ssl, uint8_t *out_alert,
3914
+ DTLSRecordNumber record_number,
3915
+ Span<const uint8_t> record);
3485
3916
  bool dtls1_get_message(const SSL *ssl, SSLMessage *out);
3486
3917
  ssl_open_record_t dtls1_open_handshake(SSL *ssl, size_t *out_consumed,
3487
3918
  uint8_t *out_alert, Span<uint8_t> in);
@@ -3500,8 +3931,11 @@ bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
3500
3931
 
3501
3932
  bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
3502
3933
  evp_aead_direction_t direction);
3503
- int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
3504
- Span<const uint8_t> premaster);
3934
+
3935
+ // tls1_generate_master_secret computes the master secret from |premaster| and
3936
+ // writes it to |out|. |out| must have size |SSL3_MASTER_SECRET_SIZE|.
3937
+ bool tls1_generate_master_secret(SSL_HANDSHAKE *hs, Span<uint8_t> out,
3938
+ Span<const uint8_t> premaster);
3505
3939
 
3506
3940
  // tls1_get_grouplist returns the locally-configured group preference list.
3507
3941
  Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *ssl);
@@ -3580,9 +4014,7 @@ bool ssl_can_write(const SSL *ssl);
3580
4014
  // ssl_can_read returns wheter |ssl| is allowed to read.
3581
4015
  bool ssl_can_read(const SSL *ssl);
3582
4016
 
3583
- void ssl_get_current_time(const SSL *ssl, struct OPENSSL_timeval *out_clock);
3584
- void ssl_ctx_get_current_time(const SSL_CTX *ctx,
3585
- struct OPENSSL_timeval *out_clock);
4017
+ OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx);
3586
4018
 
3587
4019
  // ssl_reset_error_state resets state for |SSL_get_error|.
3588
4020
  void ssl_reset_error_state(SSL *ssl);
@@ -3713,6 +4145,8 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
3713
4145
  // |client_CA|.
3714
4146
  STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
3715
4147
 
4148
+ // What we put in client hello in the CA extension.
4149
+ bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
3716
4150
 
3717
4151
  // Default values to use in SSL structures follow (these are copied by
3718
4152
  // SSL_new)
@@ -3822,7 +4256,7 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
3822
4256
  bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
3823
4257
 
3824
4258
  // Defined compression algorithms for certificates.
3825
- bssl::GrowableArray<bssl::CertCompressionAlg> cert_compression_algs;
4259
+ bssl::Vector<bssl::CertCompressionAlg> cert_compression_algs;
3826
4260
 
3827
4261
  // Supported group values inherited by SSL structure
3828
4262
  bssl::Array<uint16_t> supported_group_list;
@@ -3858,9 +4292,9 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
3858
4292
  int (*legacy_ocsp_callback)(SSL *ssl, void *arg) = nullptr;
3859
4293
  void *legacy_ocsp_callback_arg = nullptr;
3860
4294
 
3861
- // tls13_cipher_policy limits the set of ciphers that can be selected when
4295
+ // compliance_policy limits the set of ciphers that can be selected when
3862
4296
  // negotiating a TLS 1.3 connection.
3863
- enum ssl_compliance_policy_t tls13_cipher_policy = ssl_compliance_policy_none;
4297
+ enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
3864
4298
 
3865
4299
  // verify_sigalgs, if not empty, is the set of signature algorithms
3866
4300
  // accepted from the peer in decreasing order of preference.
@@ -3939,9 +4373,6 @@ struct ssl_st {
3939
4373
  // that instead, and skip the null check.)
3940
4374
  bssl::UniquePtr<bssl::SSL_CONFIG> config;
3941
4375
 
3942
- // version is the protocol version.
3943
- uint16_t version = 0;
3944
-
3945
4376
  uint16_t max_send_fragment = 0;
3946
4377
 
3947
4378
  // There are 2 BIO's even though they are normally both the same. This is so
@@ -3967,11 +4398,9 @@ struct ssl_st {
3967
4398
  // session info
3968
4399
 
3969
4400
  // initial_timeout_duration_ms is the default DTLS timeout duration in
3970
- // milliseconds. It's used to initialize the timer any time it's restarted.
3971
- //
3972
- // RFC 6347 states that implementations SHOULD use an initial timer value of 1
3973
- // second.
3974
- unsigned initial_timeout_duration_ms = 1000;
4401
+ // milliseconds. It's used to initialize the timer any time it's restarted. We
4402
+ // default to RFC 9147's recommendation for real-time applications, 400ms.
4403
+ uint32_t initial_timeout_duration_ms = 400;
3975
4404
 
3976
4405
  // session is the configured session to be offered by the client. This session
3977
4406
  // is immutable.
@@ -4032,17 +4461,14 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
4032
4461
  // session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
4033
4462
  // the caller, but it stores the resumption secret when stored on |SSL|
4034
4463
  // objects.
4035
- uint8_t secret_length = 0;
4036
- uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
4464
+ bssl::InplaceVector<uint8_t, SSL_MAX_MASTER_KEY_LENGTH> secret;
4465
+
4466
+ bssl::InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
4037
4467
 
4038
- // session_id - valid?
4039
- uint8_t session_id_length = 0;
4040
- uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
4041
4468
  // this is used to determine whether the session is being reused in
4042
4469
  // the appropriate context. It is up to the application to set this,
4043
4470
  // via SSL_new
4044
- uint8_t sid_ctx_length = 0;
4045
- uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
4471
+ bssl::InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
4046
4472
 
4047
4473
  bssl::UniquePtr<char> psk_identity;
4048
4474
 
@@ -4105,8 +4531,7 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
4105
4531
  // original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
4106
4532
  // SHA-2, depending on TLS version) for the original, full handshake that
4107
4533
  // created a session. This is used by Channel IDs during resumption.
4108
- uint8_t original_handshake_hash[EVP_MAX_MD_SIZE] = {0};
4109
- uint8_t original_handshake_hash_len = 0;
4534
+ bssl::InplaceVector<uint8_t, SSL_MAX_MD_SIZE> original_handshake_hash;
4110
4535
 
4111
4536
  uint32_t ticket_lifetime_hint = 0; // Session lifetime hint in seconds
4112
4537
 
@@ -4166,7 +4591,7 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
4166
4591
  struct ssl_ech_keys_st : public bssl::RefCounted<ssl_ech_keys_st> {
4167
4592
  ssl_ech_keys_st() : RefCounted(CheckSubClass()) {}
4168
4593
 
4169
- bssl::GrowableArray<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
4594
+ bssl::Vector<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
4170
4595
 
4171
4596
  private:
4172
4597
  friend RefCounted;