grpc 1.69.0 → 1.71.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1235) hide show
  1. checksums.yaml +4 -4
  2. data/Makefile +249 -283
  3. data/include/grpc/event_engine/endpoint_config.h +5 -5
  4. data/include/grpc/event_engine/event_engine.h +44 -5
  5. data/include/grpc/status.h +1 -1
  6. data/include/grpc/support/atm.h +0 -13
  7. data/include/grpc/support/json.h +16 -16
  8. data/src/core/call/request_buffer.cc +224 -0
  9. data/src/core/call/request_buffer.h +192 -0
  10. data/src/core/channelz/channelz.cc +2 -2
  11. data/src/core/channelz/channelz.h +3 -22
  12. data/src/core/channelz/channelz_registry.cc +0 -7
  13. data/src/core/client_channel/client_channel.cc +18 -29
  14. data/src/core/client_channel/client_channel.h +2 -2
  15. data/src/core/client_channel/client_channel_args.h +21 -0
  16. data/src/core/client_channel/client_channel_filter.cc +54 -131
  17. data/src/core/client_channel/client_channel_filter.h +11 -9
  18. data/src/core/client_channel/client_channel_plugin.cc +2 -1
  19. data/src/core/client_channel/client_channel_service_config.cc +1 -1
  20. data/src/core/client_channel/client_channel_service_config.h +5 -5
  21. data/src/core/client_channel/direct_channel.cc +1 -1
  22. data/src/core/client_channel/direct_channel.h +1 -1
  23. data/src/core/client_channel/lb_metadata.cc +7 -8
  24. data/src/core/client_channel/lb_metadata.h +3 -3
  25. data/src/core/client_channel/load_balanced_call_destination.cc +4 -4
  26. data/src/core/client_channel/retry_filter.cc +1 -1
  27. data/src/core/client_channel/retry_filter.h +1 -1
  28. data/src/core/client_channel/retry_filter_legacy_call_data.cc +10 -12
  29. data/src/core/client_channel/retry_filter_legacy_call_data.h +7 -7
  30. data/src/core/client_channel/retry_interceptor.cc +408 -0
  31. data/src/core/client_channel/retry_interceptor.h +157 -0
  32. data/src/core/client_channel/retry_service_config.cc +1 -1
  33. data/src/core/client_channel/retry_service_config.h +16 -3
  34. data/src/core/client_channel/retry_throttle.cc +33 -18
  35. data/src/core/client_channel/retry_throttle.h +3 -3
  36. data/src/core/client_channel/subchannel.cc +43 -76
  37. data/src/core/client_channel/subchannel.h +4 -4
  38. data/src/core/client_channel/subchannel_stream_client.cc +0 -1
  39. data/src/core/client_channel/subchannel_stream_client.h +3 -3
  40. data/src/core/config/config_vars.cc +1 -0
  41. data/src/core/config/config_vars.h +1 -0
  42. data/src/core/config/load_config.cc +3 -2
  43. data/src/core/config/load_config.h +1 -1
  44. data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +4 -11
  45. data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +7 -7
  46. data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +1 -1
  47. data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +8 -15
  48. data/src/core/ext/filters/fault_injection/fault_injection_filter.h +6 -6
  49. data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +1 -1
  50. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +0 -7
  51. data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +6 -6
  52. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +1 -1
  53. data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +1 -1
  54. data/src/core/ext/filters/http/client/http_client_filter.cc +1 -6
  55. data/src/core/ext/filters/http/client/http_client_filter.h +4 -4
  56. data/src/core/ext/filters/http/client_authority_filter.cc +6 -11
  57. data/src/core/ext/filters/http/client_authority_filter.h +6 -6
  58. data/src/core/ext/filters/http/message_compress/compression_filter.cc +18 -22
  59. data/src/core/ext/filters/http/message_compress/compression_filter.h +18 -13
  60. data/src/core/ext/filters/http/server/http_server_filter.cc +3 -8
  61. data/src/core/ext/filters/http/server/http_server_filter.h +4 -4
  62. data/src/core/ext/filters/message_size/message_size_filter.cc +13 -25
  63. data/src/core/ext/filters/message_size/message_size_filter.h +20 -21
  64. data/src/core/ext/filters/rbac/rbac_filter.cc +0 -7
  65. data/src/core/ext/filters/rbac/rbac_filter.h +6 -6
  66. data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +3 -3
  67. data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +1 -6
  68. data/src/core/ext/filters/stateful_session/stateful_session_filter.h +4 -4
  69. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +1 -1
  70. data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +2 -2
  71. data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +1 -2
  72. data/src/core/ext/transport/chttp2/client/chttp2_connector.h +4 -3
  73. data/src/core/ext/transport/chttp2/server/chttp2_server.cc +612 -100
  74. data/src/core/ext/transport/chttp2/server/chttp2_server.h +189 -13
  75. data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +1 -1
  76. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +2 -2
  77. data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +4 -4
  78. data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +85 -59
  79. data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +7 -7
  80. data/src/core/ext/transport/chttp2/transport/flow_control.cc +1 -1
  81. data/src/core/ext/transport/chttp2/transport/flow_control.h +3 -3
  82. data/src/core/ext/transport/chttp2/transport/frame.cc +2 -2
  83. data/src/core/ext/transport/chttp2/transport/frame.h +5 -5
  84. data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +8 -8
  85. data/src/core/ext/transport/chttp2/transport/frame_security.cc +1 -3
  86. data/src/core/ext/transport/chttp2/transport/frame_settings.cc +5 -5
  87. data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +2 -2
  88. data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +32 -31
  89. data/src/core/ext/transport/chttp2/transport/hpack_parser.h +6 -7
  90. data/src/core/ext/transport/chttp2/transport/http2_settings.cc +3 -3
  91. data/src/core/ext/transport/chttp2/transport/http2_settings.h +2 -2
  92. data/src/core/ext/transport/chttp2/transport/internal.h +19 -8
  93. data/src/core/ext/transport/chttp2/transport/parsing.cc +14 -14
  94. data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +1 -1
  95. data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +2 -2
  96. data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +2 -2
  97. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +2 -2
  98. data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +2 -2
  99. data/src/core/ext/transport/chttp2/transport/stream_lists.cc +1 -0
  100. data/src/core/ext/transport/chttp2/transport/varint.cc +4 -4
  101. data/src/core/ext/transport/chttp2/transport/writing.cc +16 -22
  102. data/src/core/ext/transport/inproc/inproc_transport.cc +1 -3
  103. data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +15 -10
  104. data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +3 -1
  105. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +16 -0
  106. data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +3 -2
  107. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +66 -36
  108. data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +19 -17
  109. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +116 -0
  110. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +31 -5
  111. data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +2 -0
  112. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +97 -6
  113. data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +17 -11
  114. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
  115. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
  116. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
  117. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +228 -21
  118. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +65 -17
  119. data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +6 -0
  120. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +7 -106
  121. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +7 -28
  122. data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +0 -2
  123. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +85 -0
  124. data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +25 -3
  125. data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +2 -1
  126. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +152 -0
  127. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +40 -10
  128. data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +2 -0
  129. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +253 -4
  130. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +70 -13
  131. data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +4 -0
  132. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +0 -2
  133. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +0 -1
  134. data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +0 -1
  135. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +16 -0
  136. data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +3 -2
  137. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +60 -0
  138. data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +13 -2
  139. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +0 -1
  140. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +0 -1
  141. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +102 -24
  142. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +28 -19
  143. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +37 -7
  144. data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +7 -5
  145. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +251 -18
  146. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +41 -16
  147. data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +2 -0
  148. data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +2 -1
  149. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
  150. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
  151. data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
  152. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +33 -0
  153. data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +7 -4
  154. data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +11 -10
  155. data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +6 -4
  156. data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +418 -413
  157. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +161 -153
  158. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -0
  159. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +270 -261
  160. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
  161. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
  162. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +29 -19
  163. data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +15 -0
  164. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +58 -65
  165. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +0 -5
  166. data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +73 -63
  167. data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +49 -48
  168. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +117 -100
  169. data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -0
  170. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +917 -898
  171. data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +10 -0
  172. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +15 -18
  173. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +33 -33
  174. data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +460 -457
  175. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +16 -19
  176. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +95 -95
  177. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +202 -191
  178. data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +19 -17
  179. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +148 -135
  180. data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
  181. data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +23 -22
  182. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
  183. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
  184. data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +26 -19
  185. data/src/core/filter/blackboard.cc +2 -2
  186. data/src/core/filter/filter_args.h +112 -0
  187. data/src/core/handshaker/handshaker.cc +0 -3
  188. data/src/core/handshaker/http_connect/http_connect_handshaker.cc +4 -6
  189. data/src/core/handshaker/http_connect/http_proxy_mapper.cc +31 -32
  190. data/src/core/handshaker/http_connect/http_proxy_mapper.h +4 -4
  191. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +5 -5
  192. data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +5 -5
  193. data/src/core/handshaker/proxy_mapper.h +4 -4
  194. data/src/core/handshaker/proxy_mapper_registry.cc +5 -6
  195. data/src/core/handshaker/proxy_mapper_registry.h +4 -4
  196. data/src/core/handshaker/security/secure_endpoint.cc +2 -2
  197. data/src/core/handshaker/security/security_handshaker.cc +3 -5
  198. data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +6 -4
  199. data/src/core/lib/channel/channel_args.cc +13 -13
  200. data/src/core/lib/channel/channel_args.h +8 -8
  201. data/src/core/lib/channel/connected_channel.cc +1 -1
  202. data/src/core/lib/channel/promise_based_filter.cc +9 -9
  203. data/src/core/lib/channel/promise_based_filter.h +84 -159
  204. data/src/core/lib/compression/compression.cc +3 -2
  205. data/src/core/lib/compression/compression_internal.cc +9 -9
  206. data/src/core/lib/compression/compression_internal.h +3 -3
  207. data/src/core/lib/debug/trace_flags.cc +5 -2
  208. data/src/core/lib/debug/trace_flags.h +2 -1
  209. data/src/core/lib/event_engine/ares_resolver.cc +9 -11
  210. data/src/core/lib/event_engine/ares_resolver.h +6 -10
  211. data/src/core/lib/event_engine/cf_engine/cf_engine.cc +2 -4
  212. data/src/core/lib/event_engine/cf_engine/cf_engine.h +2 -4
  213. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +6 -7
  214. data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +2 -4
  215. data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +2 -4
  216. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +3 -7
  217. data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +2 -4
  218. data/src/core/lib/event_engine/channel_args_endpoint_config.cc +5 -7
  219. data/src/core/lib/event_engine/channel_args_endpoint_config.h +6 -7
  220. data/src/core/lib/event_engine/common_closures.h +2 -4
  221. data/src/core/lib/event_engine/default_event_engine.cc +62 -33
  222. data/src/core/lib/event_engine/default_event_engine.h +24 -33
  223. data/src/core/lib/event_engine/default_event_engine_factory.cc +6 -12
  224. data/src/core/lib/event_engine/default_event_engine_factory.h +2 -4
  225. data/src/core/lib/event_engine/event_engine.cc +2 -4
  226. data/src/core/lib/event_engine/extensions/can_track_errors.h +2 -4
  227. data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +2 -4
  228. data/src/core/lib/event_engine/extensions/supports_fd.h +2 -4
  229. data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -4
  230. data/src/core/lib/event_engine/forkable.cc +2 -4
  231. data/src/core/lib/event_engine/forkable.h +2 -4
  232. data/src/core/lib/event_engine/grpc_polled_fd.h +2 -4
  233. data/src/core/lib/event_engine/handle_containers.h +2 -4
  234. data/src/core/lib/event_engine/memory_allocator_factory.h +2 -4
  235. data/src/core/lib/event_engine/poller.h +2 -4
  236. data/src/core/lib/event_engine/posix.h +2 -4
  237. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +4 -50
  238. data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +2 -4
  239. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +4 -51
  240. data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +2 -4
  241. data/src/core/lib/event_engine/posix_engine/event_poller.h +2 -4
  242. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +2 -4
  243. data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +2 -4
  244. data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +2 -4
  245. data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +2 -4
  246. data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +2 -4
  247. data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +2 -4
  248. data/src/core/lib/event_engine/posix_engine/lockfree_event.h +2 -4
  249. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +2 -4
  250. data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +2 -4
  251. data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +20 -10
  252. data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +2 -4
  253. data/src/core/lib/event_engine/posix_engine/posix_engine.cc +9 -6
  254. data/src/core/lib/event_engine/posix_engine/posix_engine.h +2 -6
  255. data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +2 -4
  256. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +3 -5
  257. data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +2 -4
  258. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +2 -4
  259. data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +2 -4
  260. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +5 -6
  261. data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +2 -4
  262. data/src/core/lib/event_engine/posix_engine/timer.cc +4 -6
  263. data/src/core/lib/event_engine/posix_engine/timer.h +4 -6
  264. data/src/core/lib/event_engine/posix_engine/timer_heap.cc +2 -4
  265. data/src/core/lib/event_engine/posix_engine/timer_heap.h +2 -4
  266. data/src/core/lib/event_engine/posix_engine/timer_manager.cc +5 -7
  267. data/src/core/lib/event_engine/posix_engine/timer_manager.h +4 -6
  268. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +4 -8
  269. data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +24 -25
  270. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +2 -4
  271. data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +2 -4
  272. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +2 -4
  273. data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +2 -4
  274. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +2 -4
  275. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +2 -4
  276. data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +2 -4
  277. data/src/core/lib/event_engine/query_extensions.h +2 -4
  278. data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +2 -4
  279. data/src/core/lib/event_engine/resolved_address.cc +2 -4
  280. data/src/core/lib/event_engine/resolved_address_internal.h +2 -4
  281. data/src/core/lib/event_engine/shim.cc +2 -4
  282. data/src/core/lib/event_engine/shim.h +2 -4
  283. data/src/core/lib/event_engine/slice.cc +2 -4
  284. data/src/core/lib/event_engine/slice_buffer.cc +2 -4
  285. data/src/core/lib/event_engine/tcp_socket_utils.cc +6 -8
  286. data/src/core/lib/event_engine/tcp_socket_utils.h +5 -7
  287. data/src/core/lib/event_engine/thread_local.cc +2 -4
  288. data/src/core/lib/event_engine/thread_local.h +2 -4
  289. data/src/core/lib/event_engine/thread_pool/thread_count.cc +2 -4
  290. data/src/core/lib/event_engine/thread_pool/thread_count.h +4 -18
  291. data/src/core/lib/event_engine/thread_pool/thread_pool.h +2 -4
  292. data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +2 -4
  293. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +3 -5
  294. data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +2 -4
  295. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +2 -4
  296. data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +2 -4
  297. data/src/core/lib/event_engine/time_util.cc +2 -4
  298. data/src/core/lib/event_engine/time_util.h +2 -4
  299. data/src/core/lib/event_engine/utils.cc +2 -4
  300. data/src/core/lib/event_engine/utils.h +2 -4
  301. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +2 -4
  302. data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +2 -4
  303. data/src/core/lib/event_engine/windows/iocp.cc +2 -4
  304. data/src/core/lib/event_engine/windows/iocp.h +2 -4
  305. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +2 -4
  306. data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
  307. data/src/core/lib/event_engine/windows/win_socket.cc +2 -4
  308. data/src/core/lib/event_engine/windows/win_socket.h +2 -4
  309. data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -4
  310. data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
  311. data/src/core/lib/event_engine/windows/windows_engine.cc +3 -4
  312. data/src/core/lib/event_engine/windows/windows_engine.h +2 -4
  313. data/src/core/lib/event_engine/windows/windows_listener.cc +2 -4
  314. data/src/core/lib/event_engine/windows/windows_listener.h +2 -4
  315. data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +2 -4
  316. data/src/core/lib/event_engine/work_queue/basic_work_queue.h +2 -4
  317. data/src/core/lib/event_engine/work_queue/work_queue.h +2 -4
  318. data/src/core/lib/experiments/experiments.cc +147 -207
  319. data/src/core/lib/experiments/experiments.h +79 -96
  320. data/src/core/lib/iomgr/buffer_list.h +22 -21
  321. data/src/core/lib/iomgr/cfstream_handle.cc +0 -2
  322. data/src/core/lib/iomgr/closure.h +1 -4
  323. data/src/core/lib/iomgr/combiner.cc +0 -1
  324. data/src/core/lib/iomgr/error.cc +2 -2
  325. data/src/core/lib/iomgr/event_engine_shims/closure.cc +0 -1
  326. data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +1 -3
  327. data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +0 -1
  328. data/src/core/lib/iomgr/exec_ctx.cc +1 -7
  329. data/src/core/lib/iomgr/exec_ctx.h +1 -132
  330. data/src/core/lib/iomgr/executor.cc +0 -11
  331. data/src/core/lib/iomgr/resolve_address_posix.cc +0 -2
  332. data/src/core/lib/iomgr/resolve_address_windows.cc +0 -2
  333. data/src/core/lib/iomgr/socket_utils_posix.cc +3 -2
  334. data/src/core/lib/iomgr/tcp_posix.cc +3 -2
  335. data/src/core/lib/iomgr/tcp_server_posix.cc +1 -3
  336. data/src/core/lib/iomgr/tcp_server_windows.cc +0 -1
  337. data/src/core/lib/iomgr/timer_manager.cc +1 -9
  338. data/src/core/lib/promise/activity.cc +2 -0
  339. data/src/core/lib/promise/activity.h +33 -12
  340. data/src/core/lib/promise/detail/join_state.h +16 -68
  341. data/src/core/lib/promise/detail/promise_factory.h +85 -25
  342. data/src/core/lib/promise/detail/promise_like.h +16 -19
  343. data/src/core/lib/promise/detail/seq_state.h +102 -315
  344. data/src/core/lib/promise/for_each.h +14 -5
  345. data/src/core/lib/promise/if.h +48 -20
  346. data/src/core/lib/promise/interceptor_list.h +9 -9
  347. data/src/core/lib/promise/latch.h +14 -6
  348. data/src/core/lib/promise/loop.h +58 -18
  349. data/src/core/lib/promise/map.h +145 -49
  350. data/src/core/lib/promise/party.cc +84 -15
  351. data/src/core/lib/promise/party.h +229 -32
  352. data/src/core/lib/promise/pipe.h +12 -12
  353. data/src/core/lib/promise/poll.h +8 -5
  354. data/src/core/lib/promise/prioritized_race.h +16 -22
  355. data/src/core/lib/promise/promise.h +2 -3
  356. data/src/core/lib/promise/race.h +4 -12
  357. data/src/core/lib/promise/seq.h +41 -6
  358. data/src/core/lib/promise/sleep.cc +3 -3
  359. data/src/core/lib/promise/sleep.h +15 -1
  360. data/src/core/lib/promise/status_flag.h +19 -3
  361. data/src/core/lib/promise/try_join.h +119 -5
  362. data/src/core/lib/promise/try_seq.h +39 -12
  363. data/src/core/lib/resource_quota/arena.h +87 -0
  364. data/src/core/lib/resource_quota/connection_quota.h +4 -0
  365. data/src/core/lib/resource_quota/memory_quota.cc +53 -49
  366. data/src/core/lib/resource_quota/memory_quota.h +4 -4
  367. data/src/core/lib/security/authorization/evaluate_args.cc +3 -3
  368. data/src/core/lib/security/authorization/evaluate_args.h +3 -3
  369. data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +0 -7
  370. data/src/core/lib/security/authorization/grpc_server_authz_filter.h +6 -6
  371. data/src/core/lib/security/authorization/matchers.h +3 -3
  372. data/src/core/lib/security/authorization/rbac_policy.cc +1 -1
  373. data/src/core/lib/security/authorization/rbac_policy.h +3 -3
  374. data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -2
  375. data/src/core/lib/security/credentials/external/external_account_credentials.cc +1 -3
  376. data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +0 -1
  377. data/src/core/lib/security/credentials/google_default/credentials_generic.cc +1 -1
  378. data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +2 -2
  379. data/src/core/lib/security/credentials/iam/iam_credentials.cc +1 -1
  380. data/src/core/lib/security/credentials/iam/iam_credentials.h +2 -2
  381. data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +1 -2
  382. data/src/core/lib/security/credentials/jwt/jwt_credentials.h +2 -2
  383. data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -1
  384. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +4 -4
  385. data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +3 -3
  386. data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +0 -1
  387. data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -2
  388. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +12 -13
  389. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +14 -14
  390. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +23 -15
  391. data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +3 -3
  392. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +0 -1
  393. data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +1 -2
  394. data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -2
  395. data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +4 -5
  396. data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +4 -4
  397. data/src/core/lib/security/credentials/xds/xds_credentials.cc +2 -1
  398. data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +1 -1
  399. data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +3 -3
  400. data/src/core/lib/security/security_connector/local/local_security_connector.cc +1 -1
  401. data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +9 -9
  402. data/src/core/lib/security/security_connector/tls/tls_security_connector.h +13 -13
  403. data/src/core/lib/security/transport/auth_filters.h +95 -7
  404. data/src/core/lib/security/transport/client_auth_filter.cc +96 -6
  405. data/src/core/lib/security/transport/server_auth_filter.cc +0 -8
  406. data/src/core/lib/slice/slice_buffer.cc +2 -2
  407. data/src/core/lib/slice/slice_buffer.h +2 -2
  408. data/src/core/lib/surface/call.cc +0 -4
  409. data/src/core/lib/surface/call.h +4 -3
  410. data/src/core/lib/surface/call_utils.cc +2 -2
  411. data/src/core/lib/surface/call_utils.h +10 -4
  412. data/src/core/lib/surface/channel.cc +6 -14
  413. data/src/core/lib/surface/channel.h +3 -3
  414. data/src/core/lib/surface/channel_init.cc +1 -1
  415. data/src/core/lib/surface/client_call.cc +56 -41
  416. data/src/core/lib/surface/client_call.h +7 -2
  417. data/src/core/lib/surface/completion_queue.cc +10 -49
  418. data/src/core/lib/surface/event_string.cc +7 -1
  419. data/src/core/lib/surface/filter_stack_call.cc +2 -4
  420. data/src/core/lib/surface/filter_stack_call.h +1 -1
  421. data/src/core/lib/surface/init.cc +17 -12
  422. data/src/core/lib/surface/init_internally.h +13 -2
  423. data/src/core/lib/surface/legacy_channel.cc +10 -8
  424. data/src/core/lib/surface/legacy_channel.h +2 -2
  425. data/src/core/lib/surface/server_call.cc +116 -84
  426. data/src/core/lib/surface/server_call.h +2 -0
  427. data/src/core/lib/surface/version.cc +2 -2
  428. data/src/core/lib/transport/call_filters.cc +10 -4
  429. data/src/core/lib/transport/call_filters.h +108 -59
  430. data/src/core/lib/transport/call_spine.cc +12 -49
  431. data/src/core/lib/transport/call_spine.h +174 -7
  432. data/src/core/lib/transport/call_state.h +140 -47
  433. data/src/core/lib/transport/connectivity_state.cc +8 -9
  434. data/src/core/lib/transport/connectivity_state.h +2 -4
  435. data/src/core/lib/transport/http2_errors.h +5 -3
  436. data/src/core/lib/transport/interception_chain.cc +8 -0
  437. data/src/core/lib/transport/interception_chain.h +36 -7
  438. data/src/core/lib/transport/metadata.h +88 -0
  439. data/src/core/lib/transport/metadata_batch.cc +2 -2
  440. data/src/core/lib/transport/metadata_batch.h +79 -18
  441. data/src/core/lib/transport/timeout_encoding.cc +15 -15
  442. data/src/core/lib/transport/timeout_encoding.h +3 -2
  443. data/src/core/lib/transport/transport.cc +0 -1
  444. data/src/core/lib/transport/transport.h +12 -7
  445. data/src/core/load_balancing/backend_metric_parser.cc +21 -28
  446. data/src/core/load_balancing/endpoint_list.cc +11 -1
  447. data/src/core/load_balancing/endpoint_list.h +20 -13
  448. data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +1 -6
  449. data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +4 -4
  450. data/src/core/load_balancing/grpclb/grpclb.cc +21 -38
  451. data/src/core/load_balancing/health_check_client.cc +16 -48
  452. data/src/core/load_balancing/health_check_client_internal.h +7 -7
  453. data/src/core/load_balancing/lb_policy.cc +4 -6
  454. data/src/core/load_balancing/lb_policy.h +4 -12
  455. data/src/core/load_balancing/lb_policy_registry.cc +10 -8
  456. data/src/core/load_balancing/outlier_detection/outlier_detection.cc +57 -68
  457. data/src/core/load_balancing/outlier_detection/outlier_detection.h +4 -3
  458. data/src/core/load_balancing/pick_first/pick_first.cc +110 -77
  459. data/src/core/load_balancing/priority/priority.cc +8 -13
  460. data/src/core/load_balancing/ring_hash/ring_hash.cc +210 -158
  461. data/src/core/load_balancing/ring_hash/ring_hash.h +4 -11
  462. data/src/core/load_balancing/rls/rls.cc +105 -194
  463. data/src/core/load_balancing/rls/rls.h +97 -1
  464. data/src/core/load_balancing/round_robin/round_robin.cc +14 -19
  465. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +4 -4
  466. data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +2 -2
  467. data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +20 -29
  468. data/src/core/load_balancing/weighted_target/weighted_target.cc +7 -15
  469. data/src/core/load_balancing/xds/cds.cc +11 -15
  470. data/src/core/load_balancing/xds/xds_cluster_impl.cc +15 -18
  471. data/src/core/load_balancing/xds/xds_cluster_manager.cc +10 -18
  472. data/src/core/load_balancing/xds/xds_override_host.cc +45 -92
  473. data/src/core/load_balancing/xds/xds_wrr_locality.cc +10 -12
  474. data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +11 -11
  475. data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +10 -15
  476. data/src/core/resolver/dns/native/dns_resolver.cc +1 -1
  477. data/src/core/resolver/fake/fake_resolver.cc +10 -11
  478. data/src/core/resolver/fake/fake_resolver.h +2 -2
  479. data/src/core/resolver/google_c2p/google_c2p_resolver.cc +9 -12
  480. data/src/core/resolver/polling_resolver.cc +2 -5
  481. data/src/core/resolver/polling_resolver.h +3 -3
  482. data/src/core/resolver/resolver_registry.cc +4 -3
  483. data/src/core/resolver/xds/xds_config.cc +6 -6
  484. data/src/core/resolver/xds/xds_config.h +2 -2
  485. data/src/core/resolver/xds/xds_dependency_manager.cc +190 -183
  486. data/src/core/resolver/xds/xds_dependency_manager.h +28 -18
  487. data/src/core/resolver/xds/xds_resolver.cc +81 -122
  488. data/src/core/server/server.cc +353 -95
  489. data/src/core/server/server.h +214 -65
  490. data/src/core/server/server_call_tracer_filter.cc +3 -7
  491. data/src/core/server/server_config_selector_filter.cc +8 -15
  492. data/src/core/server/xds_server_config_fetcher.cc +93 -159
  493. data/src/core/service_config/service_config_channel_arg_filter.cc +7 -19
  494. data/src/core/service_config/service_config_impl.cc +3 -3
  495. data/src/core/telemetry/call_tracer.cc +8 -8
  496. data/src/core/telemetry/call_tracer.h +6 -5
  497. data/src/core/telemetry/metrics.cc +3 -3
  498. data/src/core/telemetry/metrics.h +2 -8
  499. data/src/core/telemetry/tcp_tracer.h +32 -32
  500. data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +3 -3
  501. data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +14 -14
  502. data/src/core/tsi/fake_transport_security.cc +5 -0
  503. data/src/core/util/backoff.cc +15 -4
  504. data/src/core/util/dump_args.h +1 -9
  505. data/src/core/util/env.h +3 -4
  506. data/src/core/util/examine_stack.cc +2 -2
  507. data/src/core/util/examine_stack.h +3 -4
  508. data/src/core/util/gpr_time.cc +0 -2
  509. data/src/core/util/http_client/httpcli.cc +69 -22
  510. data/src/core/util/http_client/httpcli.h +18 -8
  511. data/src/core/util/http_client/httpcli_security_connector.cc +2 -2
  512. data/src/core/util/json/json_channel_args.h +2 -1
  513. data/src/core/util/json/json_object_loader.cc +4 -4
  514. data/src/core/util/json/json_object_loader.h +12 -12
  515. data/src/core/util/json/json_reader.cc +4 -4
  516. data/src/core/util/json/json_writer.cc +3 -3
  517. data/src/core/util/latent_see.cc +3 -3
  518. data/src/core/util/latent_see.h +2 -2
  519. data/src/core/util/linux/env.cc +3 -4
  520. data/src/core/util/lru_cache.h +4 -4
  521. data/src/core/util/match.h +7 -7
  522. data/src/core/util/matchers.cc +1 -2
  523. data/src/core/util/matchers.h +7 -12
  524. data/src/core/util/posix/env.cc +2 -2
  525. data/src/core/util/posix/sync.cc +0 -1
  526. data/src/core/util/posix/time.cc +0 -1
  527. data/src/core/util/ref_counted.h +1 -0
  528. data/src/core/util/ref_counted_ptr.h +1 -1
  529. data/src/core/util/ring_buffer.h +4 -5
  530. data/src/core/util/status_helper.cc +16 -20
  531. data/src/core/util/status_helper.h +5 -5
  532. data/src/core/util/sync_abseil.cc +0 -1
  533. data/src/core/util/table.h +6 -21
  534. data/src/core/util/time.cc +1 -1
  535. data/src/core/util/time.h +3 -3
  536. data/src/core/util/time_precise.cc +0 -1
  537. data/src/core/util/type_list.h +56 -0
  538. data/src/core/util/uri.cc +6 -4
  539. data/src/core/util/uri.h +7 -0
  540. data/src/core/util/useful.h +13 -15
  541. data/src/core/util/validation_errors.cc +5 -5
  542. data/src/core/util/wait_for_single_owner.h +62 -0
  543. data/src/core/util/windows/env.cc +3 -3
  544. data/src/core/util/windows/sync.cc +0 -1
  545. data/src/core/util/windows/time.cc +0 -1
  546. data/src/core/util/work_serializer.cc +27 -267
  547. data/src/core/util/work_serializer.h +3 -27
  548. data/src/core/xds/grpc/certificate_provider_store.cc +12 -17
  549. data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +2 -2
  550. data/src/core/xds/grpc/xds_audit_logger_registry.cc +1 -1
  551. data/src/core/xds/grpc/xds_bootstrap_grpc.cc +11 -14
  552. data/src/core/xds/grpc/xds_bootstrap_grpc.h +2 -2
  553. data/src/core/xds/grpc/xds_certificate_provider.cc +15 -15
  554. data/src/core/xds/grpc/xds_client_grpc.cc +7 -8
  555. data/src/core/xds/grpc/xds_cluster.h +4 -4
  556. data/src/core/xds/grpc/xds_cluster_parser.cc +26 -26
  557. data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +4 -4
  558. data/src/core/xds/grpc/xds_common_types.cc +2 -2
  559. data/src/core/xds/grpc/xds_common_types.h +4 -4
  560. data/src/core/xds/grpc/xds_common_types_parser.cc +29 -31
  561. data/src/core/xds/grpc/xds_common_types_parser.h +8 -7
  562. data/src/core/xds/grpc/xds_endpoint.cc +3 -4
  563. data/src/core/xds/grpc/xds_endpoint_parser.cc +68 -37
  564. data/src/core/xds/grpc/xds_health_status.cc +4 -4
  565. data/src/core/xds/grpc/xds_health_status.h +4 -3
  566. data/src/core/xds/grpc/xds_http_fault_filter.cc +18 -20
  567. data/src/core/xds/grpc/xds_http_fault_filter.h +4 -3
  568. data/src/core/xds/grpc/xds_http_filter.h +3 -3
  569. data/src/core/xds/grpc/xds_http_filter_registry.cc +7 -7
  570. data/src/core/xds/grpc/xds_http_filter_registry.h +3 -3
  571. data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +7 -7
  572. data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +4 -3
  573. data/src/core/xds/grpc/xds_http_rbac_filter.cc +30 -23
  574. data/src/core/xds/grpc/xds_http_rbac_filter.h +4 -3
  575. data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +10 -10
  576. data/src/core/xds/grpc/xds_http_stateful_session_filter.h +4 -3
  577. data/src/core/xds/grpc/xds_lb_policy_registry.cc +4 -4
  578. data/src/core/xds/grpc/xds_listener.cc +4 -6
  579. data/src/core/xds/grpc/xds_listener.h +10 -10
  580. data/src/core/xds/grpc/xds_listener_parser.cc +58 -51
  581. data/src/core/xds/grpc/xds_listener_parser.h +2 -1
  582. data/src/core/xds/grpc/xds_metadata.cc +5 -5
  583. data/src/core/xds/grpc/xds_metadata.h +8 -0
  584. data/src/core/xds/grpc/xds_metadata_parser.cc +65 -52
  585. data/src/core/xds/grpc/xds_route_config.cc +9 -15
  586. data/src/core/xds/grpc/xds_route_config.h +9 -9
  587. data/src/core/xds/grpc/xds_route_config_parser.cc +114 -116
  588. data/src/core/xds/grpc/xds_route_config_parser.h +4 -4
  589. data/src/core/xds/grpc/xds_routing.cc +6 -6
  590. data/src/core/xds/grpc/xds_routing.h +5 -5
  591. data/src/core/xds/grpc/xds_server_grpc.cc +22 -1
  592. data/src/core/xds/grpc/xds_server_grpc.h +5 -2
  593. data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
  594. data/src/core/xds/grpc/xds_transport_grpc.cc +5 -6
  595. data/src/core/xds/xds_client/lrs_client.cc +71 -83
  596. data/src/core/xds/xds_client/lrs_client.h +8 -8
  597. data/src/core/xds/xds_client/xds_api.cc +5 -228
  598. data/src/core/xds/xds_client/xds_api.h +1 -133
  599. data/src/core/xds/xds_client/xds_bootstrap.cc +11 -1
  600. data/src/core/xds/xds_client/xds_bootstrap.h +7 -0
  601. data/src/core/xds/xds_client/xds_client.cc +1030 -704
  602. data/src/core/xds/xds_client/xds_client.h +135 -29
  603. data/src/core/xds/xds_client/xds_resource_type.h +2 -3
  604. data/src/core/xds/xds_client/xds_resource_type_impl.h +13 -8
  605. data/src/ruby/ext/grpc/extconf.rb +1 -0
  606. data/src/ruby/lib/grpc/version.rb +1 -1
  607. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_bitstr.c → a_bitstr.cc} +16 -57
  608. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +53 -0
  609. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +47 -0
  610. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +42 -0
  611. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +109 -0
  612. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +43 -0
  613. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_int.c → a_int.cc} +15 -56
  614. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_mbstr.c → a_mbstr.cc} +22 -62
  615. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_object.c → a_object.cc} +14 -56
  616. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +32 -0
  617. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strex.c → a_strex.cc} +13 -55
  618. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_strnid.c → a_strnid.cc} +20 -59
  619. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_time.c → a_time.cc} +41 -76
  620. data/third_party/boringssl-with-bazel/src/crypto/asn1/{a_type.c → a_type.cc} +17 -59
  621. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +109 -0
  622. data/third_party/boringssl-with-bazel/src/crypto/asn1/{asn1_lib.c → asn1_lib.cc} +17 -59
  623. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +61 -0
  624. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +56 -0
  625. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +63 -0
  626. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +52 -0
  627. data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
  628. data/third_party/boringssl-with-bazel/src/crypto/asn1/{posix_time.c → posix_time.cc} +14 -14
  629. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_dec.c → tasn_dec.cc} +17 -58
  630. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_enc.c → tasn_enc.cc} +22 -61
  631. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +164 -0
  632. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_new.c → tasn_new.cc} +20 -61
  633. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +84 -0
  634. data/third_party/boringssl-with-bazel/src/crypto/asn1/{tasn_utl.c → tasn_utl.cc} +26 -65
  635. data/third_party/boringssl-with-bazel/src/crypto/base64/{base64.c → base64.cc} +22 -67
  636. data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +19 -13
  637. data/third_party/boringssl-with-bazel/src/crypto/bio/{bio.c → bio.cc} +45 -113
  638. data/third_party/boringssl-with-bazel/src/crypto/bio/{bio_mem.c → bio_mem.cc} +21 -62
  639. data/third_party/boringssl-with-bazel/src/crypto/bio/{connect.c → connect.cc} +40 -73
  640. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +50 -0
  641. data/third_party/boringssl-with-bazel/src/crypto/bio/{fd.c → fd.cc} +14 -56
  642. data/third_party/boringssl-with-bazel/src/crypto/bio/{file.c → file.cc} +17 -59
  643. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +152 -0
  644. data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
  645. data/third_party/boringssl-with-bazel/src/crypto/bio/{pair.c → pair.cc} +37 -71
  646. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +59 -0
  647. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +147 -0
  648. data/third_party/boringssl-with-bazel/src/crypto/bio/{socket_helper.c → socket_helper.cc} +13 -13
  649. data/third_party/boringssl-with-bazel/src/crypto/blake2/{blake2.c → blake2.cc} +14 -14
  650. data/third_party/boringssl-with-bazel/src/crypto/{bn_extra/bn_asn1.c → bn/bn_asn1.cc} +13 -13
  651. data/third_party/boringssl-with-bazel/src/crypto/{bn_extra/convert.c → bn/convert.cc} +34 -76
  652. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +118 -0
  653. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +53 -0
  654. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{ber.c → ber.cc} +13 -13
  655. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbb.c → cbb.cc} +45 -61
  656. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{cbs.c → cbs.cc} +42 -41
  657. data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
  658. data/third_party/boringssl-with-bazel/src/crypto/bytestring/{unicode.c → unicode.cc} +13 -13
  659. data/third_party/boringssl-with-bazel/src/crypto/chacha/{chacha.c → chacha.cc} +13 -13
  660. data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +18 -18
  661. data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
  662. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/e_aesctrhmac.c → cipher/e_aesctrhmac.cc} +18 -23
  663. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/e_aesgcmsiv.c → cipher/e_aesgcmsiv.cc} +42 -38
  664. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/e_chacha20poly1305.c → cipher/e_chacha20poly1305.cc} +13 -20
  665. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_des.cc +198 -0
  666. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
  667. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/e_rc2.c → cipher/e_rc2.cc} +50 -88
  668. data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
  669. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/e_tls.c → cipher/e_tls.cc} +14 -13
  670. data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
  671. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra → cipher}/internal.h +29 -69
  672. data/third_party/boringssl-with-bazel/src/crypto/{cipher_extra/tls_cbc.c → cipher/tls_cbc.cc} +13 -51
  673. data/third_party/boringssl-with-bazel/src/crypto/conf/{conf.c → conf.cc} +31 -72
  674. data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
  675. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_apple.c → cpu_aarch64_apple.cc} +14 -14
  676. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_fuchsia.c → cpu_aarch64_fuchsia.cc} +14 -14
  677. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_linux.c → cpu_aarch64_linux.cc} +14 -14
  678. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_openbsd.c → cpu_aarch64_openbsd.cc} +17 -17
  679. data/third_party/boringssl-with-bazel/src/crypto/{cpu_aarch64_sysreg.c → cpu_aarch64_sysreg.cc} +15 -14
  680. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +41 -0
  681. data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_freebsd.c → cpu_arm_freebsd.cc} +15 -15
  682. data/third_party/boringssl-with-bazel/src/crypto/{cpu_arm_linux.c → cpu_arm_linux.cc} +17 -17
  683. data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
  684. data/third_party/boringssl-with-bazel/src/crypto/{cpu_intel.c → cpu_intel.cc} +60 -99
  685. data/third_party/boringssl-with-bazel/src/crypto/{crypto.c → crypto.cc} +18 -23
  686. data/third_party/boringssl-with-bazel/src/crypto/curve25519/{curve25519.c → curve25519.cc} +40 -43
  687. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +18 -0
  688. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
  689. data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
  690. data/third_party/boringssl-with-bazel/src/crypto/curve25519/{spake25519.c → spake25519.cc} +34 -28
  691. data/third_party/boringssl-with-bazel/src/crypto/des/{des.c → des.cc} +13 -55
  692. data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
  693. data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
  694. data/third_party/boringssl-with-bazel/src/crypto/{dh_extra/params.c → dh/params.cc} +13 -51
  695. data/third_party/boringssl-with-bazel/src/crypto/{digest_extra/digest_extra.c → digest/digest_extra.cc} +126 -86
  696. data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa.c → dsa.cc} +166 -212
  697. data/third_party/boringssl-with-bazel/src/crypto/dsa/{dsa_asn1.c → dsa_asn1.cc} +13 -53
  698. data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -15
  699. data/third_party/boringssl-with-bazel/src/crypto/{ec_extra/ec_asn1.c → ec/ec_asn1.cc} +59 -61
  700. data/third_party/boringssl-with-bazel/src/crypto/{ec_extra/ec_derive.c → ec/ec_derive.cc} +13 -13
  701. data/third_party/boringssl-with-bazel/src/crypto/{ec_extra/hash_to_curve.c → ec/hash_to_curve.cc} +79 -77
  702. data/third_party/boringssl-with-bazel/src/crypto/{ec_extra → ec}/internal.h +13 -13
  703. data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
  704. data/third_party/boringssl-with-bazel/src/crypto/{ecdsa_extra/ecdsa_asn1.c → ecdsa/ecdsa_asn1.cc} +32 -86
  705. data/third_party/boringssl-with-bazel/src/crypto/engine/{engine.c → engine.cc} +24 -20
  706. data/third_party/boringssl-with-bazel/src/crypto/err/{err.c → err.cc} +41 -134
  707. data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
  708. data/third_party/boringssl-with-bazel/src/crypto/evp/{evp.c → evp.cc} +37 -88
  709. data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_asn1.c → evp_asn1.cc} +122 -198
  710. data/third_party/boringssl-with-bazel/src/crypto/evp/{evp_ctx.c → evp_ctx.cc} +20 -63
  711. data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +13 -55
  712. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh.c → p_dh.cc} +38 -22
  713. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dh_asn1.c → p_dh_asn1.cc} +51 -29
  714. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_dsa_asn1.c → p_dsa_asn1.cc} +75 -134
  715. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec.c → p_ec.cc} +31 -75
  716. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ec_asn1.c → p_ec_asn1.cc} +36 -82
  717. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519.c → p_ed25519.cc} +34 -31
  718. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_ed25519_asn1.c → p_ed25519_asn1.cc} +26 -25
  719. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_hkdf.c → p_hkdf.cc} +30 -26
  720. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa.c → p_rsa.cc} +54 -91
  721. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_rsa_asn1.c → p_rsa_asn1.cc} +26 -69
  722. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519.c → p_x25519.cc} +34 -31
  723. data/third_party/boringssl-with-bazel/src/crypto/evp/{p_x25519_asn1.c → p_x25519_asn1.cc} +30 -29
  724. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +98 -0
  725. data/third_party/boringssl-with-bazel/src/crypto/evp/{print.c → print.cc} +17 -56
  726. data/third_party/boringssl-with-bazel/src/crypto/evp/{scrypt.c → scrypt.cc} +20 -13
  727. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +114 -0
  728. data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +141 -0
  729. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +191 -0
  730. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{aes_nohw.c.inc → aes_nohw.cc.inc} +13 -13
  731. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes/cbc.c.inc → aes/cbc.cc.inc} +13 -47
  732. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes/cfb.c.inc → aes/cfb.cc.inc} +13 -47
  733. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
  734. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes/gcm.c.inc → aes/gcm.cc.inc} +175 -314
  735. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes/gcm_nohw.c.inc → aes/gcm_nohw.cc.inc} +13 -13
  736. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +419 -70
  737. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/{key_wrap.c.inc → key_wrap.cc.inc} +14 -48
  738. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +84 -0
  739. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
  740. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{modes/polyval.c.inc → aes/polyval.cc.inc} +14 -15
  741. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/{bcm.c → bcm.cc} +116 -113
  742. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +665 -25
  743. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{add.c.inc → add.cc.inc} +14 -55
  744. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/{x86_64-gcc.c.inc → x86_64-gcc.cc.inc} +19 -6
  745. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bn.c.inc → bn.cc.inc} +25 -79
  746. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{bytes.c.inc → bytes.cc.inc} +13 -55
  747. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{cmp.c.inc → cmp.cc.inc} +13 -55
  748. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{ctx.c.inc → ctx.cc.inc} +20 -63
  749. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div.c.inc → div.cc.inc} +42 -93
  750. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{div_extra.c.inc → div_extra.cc.inc} +13 -13
  751. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{exponentiation.c.inc → exponentiation.cc.inc} +38 -131
  752. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd.c.inc → gcd.cc.inc} +16 -113
  753. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{gcd_extra.c.inc → gcd_extra.cc.inc} +45 -37
  754. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{generic.c.inc → generic.cc.inc} +13 -55
  755. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -134
  756. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +108 -0
  757. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery.c.inc → montgomery.cc.inc} +24 -126
  758. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{montgomery_inv.c.inc → montgomery_inv.cc.inc} +13 -13
  759. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{mul.c.inc → mul.cc.inc} +24 -70
  760. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{prime.c.inc → prime.cc.inc} +44 -141
  761. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{random.c.inc → random.cc.inc} +13 -107
  762. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{rsaz_exp.c.inc → rsaz_exp.cc.inc} +18 -13
  763. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
  764. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{shift.c.inc → shift.cc.inc} +16 -59
  765. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/{sqrt.c.inc → sqrt.cc.inc} +13 -53
  766. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{aead.c.inc → aead.cc.inc} +30 -22
  767. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{cipher.c.inc → cipher.cc.inc} +20 -65
  768. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aes.c.inc → e_aes.cc.inc} +113 -335
  769. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/{e_aesccm.c.inc → e_aesccm.cc.inc} +21 -58
  770. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -65
  771. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/{cmac.c.inc → cmac.cc.inc} +19 -53
  772. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +26 -22
  773. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{check.c.inc → check.cc.inc} +13 -55
  774. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/{dh.c.inc → dh.cc.inc} +28 -74
  775. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -15
  776. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/{digest.c.inc → digest.cc.inc} +30 -68
  777. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +178 -0
  778. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
  779. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
  780. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/{digestsign.c.inc → digestsign.cc.inc} +14 -55
  781. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
  782. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec.c.inc → ec.cc.inc} +24 -81
  783. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_key.c.inc → ec_key.cc.inc} +26 -86
  784. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{ec_montgomery.c.inc → ec_montgomery.cc.inc} +14 -66
  785. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{felem.c.inc → felem.cc.inc} +13 -13
  786. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
  787. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{oct.c.inc → oct.cc.inc} +19 -72
  788. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p224-64.c.inc → p224-64.cc.inc} +13 -13
  789. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
  790. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256-nistz.c.inc → p256-nistz.cc.inc} +37 -30
  791. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +22 -17
  792. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{p256.c.inc → p256.cc.inc} +13 -13
  793. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
  794. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{scalar.c.inc → scalar.cc.inc} +21 -15
  795. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple.c.inc → simple.cc.inc} +14 -66
  796. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{simple_mul.c.inc → simple_mul.cc.inc} +13 -13
  797. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{util.c.inc → util.cc.inc} +13 -13
  798. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/{wnaf.c.inc → wnaf.cc.inc} +38 -81
  799. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +88 -0
  800. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/{ecdsa.c.inc → ecdsa.cc.inc} +19 -58
  801. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +13 -13
  802. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +28 -0
  803. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/{hkdf.c.inc → hkdf.cc.inc} +13 -13
  804. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/{hmac.c.inc → hmac.cc.inc} +16 -57
  805. data/third_party/boringssl-with-bazel/src/crypto/{keccak → fipsmodule/keccak}/internal.h +13 -13
  806. data/third_party/boringssl-with-bazel/src/crypto/{keccak/keccak.c → fipsmodule/keccak/keccak.cc.inc} +14 -14
  807. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
  808. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
  809. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{ctrdrbg.c.inc → ctrdrbg.cc.inc} +22 -28
  810. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +18 -24
  811. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/{rand.c.inc → rand.cc.inc} +34 -30
  812. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +147 -0
  813. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
  814. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{padding.c.inc → padding.cc.inc} +32 -73
  815. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa.c.inc → rsa.cc.inc} +93 -148
  816. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/{rsa_impl.c.inc → rsa_impl.cc.inc} +82 -137
  817. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{fips.c.inc → fips.cc.inc} +26 -18
  818. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/{self_check.c.inc → self_check.cc.inc} +68 -64
  819. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +34 -34
  820. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/{service_indicator.c.inc → service_indicator.cc.inc} +23 -24
  821. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +43 -57
  822. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha1.c.inc → sha1.cc.inc} +39 -88
  823. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha256.c.inc → sha256.cc.inc} +50 -110
  824. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/{sha512.c.inc → sha512.cc.inc} +61 -131
  825. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/address.h +119 -0
  826. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.cc.inc +169 -0
  827. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
  828. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.cc.inc +161 -0
  829. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
  830. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/params.h +78 -0
  831. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
  832. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
  833. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
  834. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.cc.inc +171 -0
  835. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
  836. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
  837. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/{kdf.c.inc → kdf.cc.inc} +13 -51
  838. data/third_party/boringssl-with-bazel/src/crypto/hpke/{hpke.c → hpke.cc} +19 -16
  839. data/third_party/boringssl-with-bazel/src/crypto/hrss/{hrss.c → hrss.cc} +73 -122
  840. data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
  841. data/third_party/boringssl-with-bazel/src/crypto/internal.h +242 -442
  842. data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +13 -13
  843. data/third_party/boringssl-with-bazel/src/crypto/kyber/{kyber.c → kyber.cc} +52 -28
  844. data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
  845. data/third_party/boringssl-with-bazel/src/crypto/lhash/{lhash.c → lhash.cc} +21 -62
  846. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md4/md4.c.inc → md4/md4.cc} +21 -67
  847. data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +37 -0
  848. data/third_party/boringssl-with-bazel/src/crypto/{fipsmodule/md5/md5.c.inc → md5/md5.cc} +17 -58
  849. data/third_party/boringssl-with-bazel/src/crypto/{mem.c → mem.cc} +47 -77
  850. data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +90 -0
  851. data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +97 -1042
  852. data/third_party/boringssl-with-bazel/src/crypto/obj/{obj.c → obj.cc} +40 -85
  853. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +14 -56
  854. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +80 -0
  855. data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
  856. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +149 -0
  857. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_info.c → pem_info.cc} +20 -60
  858. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_lib.c → pem_lib.cc} +59 -107
  859. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +45 -0
  860. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pk8.c → pem_pk8.cc} +13 -55
  861. data/third_party/boringssl-with-bazel/src/crypto/pem/{pem_pkey.c → pem_pkey.cc} +13 -55
  862. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +22 -0
  863. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +22 -0
  864. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
  865. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7.c → pkcs7.cc} +17 -17
  866. data/third_party/boringssl-with-bazel/src/crypto/pkcs7/{pkcs7_x509.c → pkcs7_x509.cc} +40 -37
  867. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +13 -54
  868. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{p5_pbev2.c → p5_pbev2.cc} +13 -54
  869. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8.c → pkcs8.cc} +170 -210
  870. data/third_party/boringssl-with-bazel/src/crypto/pkcs8/{pkcs8_x509.c → pkcs8_x509.cc} +101 -149
  871. data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
  872. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305.c → poly1305.cc} +15 -15
  873. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_arm.c → poly1305_arm.cc} +16 -14
  874. data/third_party/boringssl-with-bazel/src/crypto/poly1305/{poly1305_vec.c → poly1305_vec.cc} +26 -23
  875. data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
  876. data/third_party/boringssl-with-bazel/src/crypto/pool/{pool.c → pool.cc} +24 -23
  877. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/deterministic.c → rand/deterministic.cc} +14 -14
  878. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/fork_detect.c → rand/fork_detect.cc} +23 -24
  879. data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
  880. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/getentropy.c → rand/getentropy.cc} +13 -13
  881. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra → rand}/getrandom_fillin.h +13 -13
  882. data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
  883. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/passive.c → rand/passive.cc} +34 -30
  884. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/rand_extra.c → rand/rand.cc} +13 -13
  885. data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
  886. data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
  887. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/urandom.c → rand/urandom.cc} +19 -19
  888. data/third_party/boringssl-with-bazel/src/crypto/{rand_extra/windows.c → rand/windows.cc} +13 -13
  889. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +56 -0
  890. data/third_party/boringssl-with-bazel/src/crypto/{refcount.c → refcount.cc} +13 -13
  891. data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
  892. data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra/rsa_asn1.c → rsa/rsa_asn1.cc} +13 -54
  893. data/third_party/boringssl-with-bazel/src/crypto/{rsa_extra/rsa_crypt.c → rsa/rsa_crypt.cc} +94 -133
  894. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
  895. data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
  896. data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
  897. data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
  898. data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
  899. data/third_party/boringssl-with-bazel/src/crypto/siphash/{siphash.c → siphash.cc} +13 -13
  900. data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +113 -0
  901. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
  902. data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
  903. data/third_party/boringssl-with-bazel/src/crypto/stack/{stack.c → stack.cc} +23 -61
  904. data/third_party/boringssl-with-bazel/src/crypto/thread.cc +68 -0
  905. data/third_party/boringssl-with-bazel/src/crypto/{thread_none.c → thread_none.cc} +13 -13
  906. data/third_party/boringssl-with-bazel/src/crypto/{thread_pthread.c → thread_pthread.cc} +21 -20
  907. data/third_party/boringssl-with-bazel/src/crypto/{thread_win.c → thread_win.cc} +33 -29
  908. data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
  909. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{pmbtoken.c → pmbtoken.cc} +159 -171
  910. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{trust_token.c → trust_token.cc} +32 -34
  911. data/third_party/boringssl-with-bazel/src/crypto/trust_token/{voprf.c → voprf.cc} +178 -182
  912. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +52 -0
  913. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +97 -0
  914. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +74 -0
  915. data/third_party/boringssl-with-bazel/src/crypto/x509/{algorithm.c → algorithm.cc} +14 -56
  916. data/third_party/boringssl-with-bazel/src/crypto/x509/{asn1_gen.c → asn1_gen.cc} +19 -62
  917. data/third_party/boringssl-with-bazel/src/crypto/x509/{by_dir.c → by_dir.cc} +32 -77
  918. data/third_party/boringssl-with-bazel/src/crypto/x509/{by_file.c → by_file.cc} +13 -55
  919. data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
  920. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +37 -0
  921. data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +13 -57
  922. data/third_party/boringssl-with-bazel/src/crypto/x509/{name_print.c → name_print.cc} +13 -55
  923. data/third_party/boringssl-with-bazel/src/crypto/x509/{policy.c → policy.cc} +200 -190
  924. data/third_party/boringssl-with-bazel/src/crypto/x509/{rsa_pss.c → rsa_pss.cc} +59 -96
  925. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +103 -0
  926. data/third_party/boringssl-with-bazel/src/crypto/x509/{t_req.c → t_req.cc} +13 -55
  927. data/third_party/boringssl-with-bazel/src/crypto/x509/{t_x509.c → t_x509.cc} +13 -55
  928. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +79 -0
  929. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_akey.c → v3_akey.cc} +17 -57
  930. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +31 -0
  931. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_alt.c → v3_alt.cc} +17 -58
  932. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +95 -0
  933. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +102 -0
  934. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_conf.c → v3_conf.cc} +18 -60
  935. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_cpols.c → v3_cpols.cc} +60 -98
  936. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_crld.c → v3_crld.cc} +16 -57
  937. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +73 -0
  938. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +114 -0
  939. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_genn.c → v3_genn.cc} +20 -62
  940. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +79 -0
  941. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_info.c → v3_info.cc} +20 -67
  942. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +81 -0
  943. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_lib.c → v3_lib.cc} +23 -63
  944. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ncons.c → v3_ncons.cc} +15 -56
  945. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_ocsp.c → v3_ocsp.cc} +17 -9
  946. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +101 -0
  947. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_pmaps.c → v3_pmaps.cc} +15 -56
  948. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_prn.c → v3_prn.cc} +15 -56
  949. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_purp.c → v3_purp.cc} +29 -63
  950. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +131 -0
  951. data/third_party/boringssl-with-bazel/src/crypto/x509/{v3_utl.c → v3_utl.cc} +30 -78
  952. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +47 -0
  953. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_att.c → x509_att.cc} +16 -57
  954. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_cmp.c → x509_cmp.cc} +13 -55
  955. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +66 -0
  956. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +44 -0
  957. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_ext.c → x509_ext.cc} +13 -55
  958. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_lu.c → x509_lu.cc} +20 -65
  959. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_obj.c → x509_obj.cc} +13 -55
  960. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_req.c → x509_req.cc} +13 -55
  961. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_set.c → x509_set.cc} +13 -55
  962. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_trs.c → x509_trs.cc} +13 -55
  963. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_txt.c → x509_txt.cc} +13 -55
  964. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_v3.c → x509_v3.cc} +15 -57
  965. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vfy.c → x509_vfy.cc} +229 -267
  966. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509_vpm.c → x509_vpm.cc} +68 -68
  967. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509cset.c → x509cset.cc} +13 -55
  968. data/third_party/boringssl-with-bazel/src/crypto/x509/{x509name.c → x509name.cc} +13 -55
  969. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +67 -0
  970. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +91 -0
  971. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +107 -0
  972. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_all.c → x_all.cc} +23 -61
  973. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +55 -0
  974. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_crl.c → x_crl.cc} +19 -61
  975. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +36 -0
  976. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_name.c → x_name.cc} +52 -87
  977. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_pubkey.c → x_pubkey.cc} +17 -57
  978. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +74 -0
  979. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +51 -0
  980. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +34 -0
  981. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +28 -0
  982. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509.c → x_x509.cc} +61 -99
  983. data/third_party/boringssl-with-bazel/src/crypto/x509/{x_x509a.c → x_x509a.cc} +17 -57
  984. data/third_party/boringssl-with-bazel/src/gen/crypto/{err_data.c → err_data.cc} +468 -453
  985. data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
  986. data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
  987. data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +13 -51
  988. data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
  989. data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +23 -62
  990. data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
  991. data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +248 -328
  992. data/third_party/boringssl-with-bazel/src/include/openssl/base.h +24 -55
  993. data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
  994. data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
  995. data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +13 -55
  996. data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
  997. data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
  998. data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +14 -121
  999. data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
  1000. data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
  1001. data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +31 -16
  1002. data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
  1003. data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
  1004. data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
  1005. data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
  1006. data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
  1007. data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
  1008. data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +25 -14
  1009. data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
  1010. data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
  1011. data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
  1012. data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -55
  1013. data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -56
  1014. data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +17 -58
  1015. data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
  1016. data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
  1017. data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
  1018. data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +31 -72
  1019. data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
  1020. data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
  1021. data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
  1022. data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -107
  1023. data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +14 -56
  1024. data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +13 -55
  1025. data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +13 -107
  1026. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +13 -13
  1027. data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
  1028. data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
  1029. data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +13 -13
  1030. data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
  1031. data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
  1032. data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
  1033. data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
  1034. data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
  1035. data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
  1036. data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
  1037. data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +20 -26
  1038. data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +13 -37
  1039. data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +27 -69
  1040. data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +13 -55
  1041. data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
  1042. data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
  1043. data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
  1044. data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
  1045. data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
  1046. data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +22 -60
  1047. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
  1048. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
  1049. data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
  1050. data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
  1051. data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
  1052. data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
  1053. data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -13
  1054. data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
  1055. data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
  1056. data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +23 -63
  1057. data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
  1058. data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +13 -13
  1059. data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +15 -95
  1060. data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
  1061. data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +174 -0
  1062. data/third_party/boringssl-with-bazel/src/include/openssl/span.h +24 -32
  1063. data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
  1064. data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +358 -290
  1065. data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +15 -114
  1066. data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +13 -55
  1067. data/third_party/boringssl-with-bazel/src/include/openssl/target.h +23 -13
  1068. data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +15 -57
  1069. data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
  1070. data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -156
  1071. data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
  1072. data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
  1073. data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +14 -61
  1074. data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
  1075. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
  1076. data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
  1077. data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +15 -14
  1078. data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +680 -434
  1079. data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +129 -174
  1080. data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +176 -131
  1081. data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +21 -127
  1082. data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +107 -104
  1083. data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +311 -312
  1084. data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +54 -47
  1085. data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +677 -475
  1086. data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +66 -73
  1087. data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +61 -153
  1088. data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +198 -331
  1089. data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +88 -212
  1090. data/third_party/boringssl-with-bazel/src/ssl/internal.h +949 -531
  1091. data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +47 -157
  1092. data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +29 -159
  1093. data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +18 -112
  1094. data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +103 -196
  1095. data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +52 -145
  1096. data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +15 -20
  1097. data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +117 -157
  1098. data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +229 -365
  1099. data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +216 -31
  1100. data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +13 -109
  1101. data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +34 -33
  1102. data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +194 -350
  1103. data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +38 -83
  1104. data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +101 -236
  1105. data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +17 -91
  1106. data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +109 -157
  1107. data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +44 -30
  1108. data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +66 -195
  1109. data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -176
  1110. data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +58 -42
  1111. data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +146 -94
  1112. data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +251 -180
  1113. data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +236 -107
  1114. data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +64 -117
  1115. data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +52 -134
  1116. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
  1117. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
  1118. data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
  1119. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
  1120. data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
  1121. metadata +357 -348
  1122. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -426
  1123. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -87
  1124. data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -32
  1125. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -408
  1126. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -124
  1127. data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -38
  1128. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -108
  1129. data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -33
  1130. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -67
  1131. data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -48
  1132. data/src/core/util/atm.cc +0 -34
  1133. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -95
  1134. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -89
  1135. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -84
  1136. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -151
  1137. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -85
  1138. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -74
  1139. data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -183
  1140. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -103
  1141. data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -98
  1142. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -105
  1143. data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -94
  1144. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -212
  1145. data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -126
  1146. data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +0 -92
  1147. data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
  1148. data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -102
  1149. data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -189
  1150. data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -158
  1151. data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -53
  1152. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
  1153. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
  1154. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +0 -228
  1155. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -90
  1156. data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -94
  1157. data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +0 -41
  1158. data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +0 -18
  1159. data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -165
  1160. data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
  1161. data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
  1162. data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
  1163. data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
  1164. data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -156
  1165. data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -236
  1166. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c.inc +0 -127
  1167. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c.inc +0 -124
  1168. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c.inc +0 -146
  1169. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c.inc +0 -304
  1170. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c.inc +0 -130
  1171. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -29
  1172. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
  1173. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c.inc +0 -196
  1174. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -428
  1175. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c.inc +0 -87
  1176. data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c.inc +0 -241
  1177. data/third_party/boringssl-with-bazel/src/crypto/mldsa/internal.h +0 -73
  1178. data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.c +0 -1687
  1179. data/third_party/boringssl-with-bazel/src/crypto/mlkem/internal.h +0 -90
  1180. data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
  1181. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -243
  1182. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
  1183. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -64
  1184. data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -64
  1185. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -44
  1186. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +0 -42
  1187. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/sysrand_internal.h +0 -37
  1188. data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +0 -46
  1189. data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
  1190. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -79
  1191. data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
  1192. data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
  1193. data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
  1194. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
  1195. data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
  1196. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
  1197. data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
  1198. data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
  1199. data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
  1200. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
  1201. data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
  1202. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
  1203. data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
  1204. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
  1205. data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
  1206. data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
  1207. data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -94
  1208. data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -136
  1209. data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -116
  1210. data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -79
  1211. data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -145
  1212. data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -121
  1213. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.c +0 -73
  1214. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.c +0 -135
  1215. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.c +0 -141
  1216. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.c +0 -112
  1217. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.c +0 -154
  1218. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.c +0 -122
  1219. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.c +0 -121
  1220. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.c +0 -142
  1221. data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.c +0 -170
  1222. data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -89
  1223. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -108
  1224. data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -86
  1225. data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -109
  1226. data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -133
  1227. data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -149
  1228. data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -97
  1229. data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -78
  1230. data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -116
  1231. data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -93
  1232. data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -79
  1233. data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -70
  1234. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -129
  1235. data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
data/third_party/boringssl-with-bazel/src/ssl/handoff.cc CHANGED
@@ -1,16 +1,16 @@
1
- /* Copyright (c) 2018, Google Inc.
2
- *
3
- * Permission to use, copy, modify, and/or distribute this software for any
4
- * purpose with or without fee is hereby granted, provided that the above
5
- * copyright notice and this permission notice appear in all copies.
6
- *
7
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
1
+ // Copyright 2018 The BoringSSL Authors
2
+ //
3
+ // Licensed under the Apache License, Version 2.0 (the "License");
4
+ // you may not use this file except in compliance with the License.
5
+ // You may obtain a copy of the License at
6
+ //
7
+ // https://www.apache.org/licenses/LICENSE-2.0
8
+ //
9
+ // Unless required by applicable law or agreed to in writing, software
10
+ // distributed under the License is distributed on an "AS IS" BASIS,
11
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ // See the License for the specific language governing permissions and
13
+ // limitations under the License.
14
14
 
15
15
  #include <openssl/ssl.h>
16
16
 
@@ -47,7 +47,7 @@ static bool serialize_features(CBB *out) {
47
47
  return false;
48
48
  }
49
49
  Span<const SSL_CIPHER> all_ciphers = AllCiphers();
50
- for (const SSL_CIPHER& cipher : all_ciphers) {
50
+ for (const SSL_CIPHER &cipher : all_ciphers) {
51
51
  if (!CBB_add_u16(&ciphers, static_cast<uint16_t>(cipher.id))) {
52
52
  return false;
53
53
  }
@@ -56,7 +56,7 @@ static bool serialize_features(CBB *out) {
56
56
  if (!CBB_add_asn1(out, &groups, CBS_ASN1_OCTETSTRING)) {
57
57
  return false;
58
58
  }
59
- for (const NamedGroup& g : NamedGroups()) {
59
+ for (const NamedGroup &g : NamedGroups()) {
60
60
  if (!CBB_add_u16(&groups, g.group_id)) {
61
61
  return false;
62
62
  }
@@ -78,8 +78,8 @@ static bool serialize_features(CBB *out) {
78
78
  bool SSL_serialize_handoff(const SSL *ssl, CBB *out,
79
79
  SSL_CLIENT_HELLO *out_hello) {
80
80
  const SSL3_STATE *const s3 = ssl->s3;
81
- if (!ssl->server ||
82
- s3->hs == nullptr ||
81
+ if (!ssl->server || //
82
+ s3->hs == nullptr || //
83
83
  s3->rwstate != SSL_ERROR_HANDOFF) {
84
84
  return false;
85
85
  }
@@ -94,10 +94,10 @@ bool SSL_serialize_handoff(const SSL *ssl, CBB *out,
94
94
  !CBB_add_asn1_octet_string(&seq,
95
95
  reinterpret_cast<uint8_t *>(s3->hs_buf->data),
96
96
  s3->hs_buf->length) ||
97
- !serialize_features(&seq) ||
98
- !CBB_flush(out) ||
97
+ !serialize_features(&seq) || !CBB_flush(out) ||
99
98
  !ssl->method->get_message(ssl, &msg) ||
100
- !ssl_client_hello_init(ssl, out_hello, msg.body)) {
99
+ !SSL_parse_client_hello(ssl, out_hello, CBS_data(&msg.body),
100
+ CBS_len(&msg.body))) {
101
101
  return false;
102
102
  }
103
103
 
@@ -106,9 +106,7 @@ bool SSL_serialize_handoff(const SSL *ssl, CBB *out,
106
106
 
107
107
  bool SSL_decline_handoff(SSL *ssl) {
108
108
  const SSL3_STATE *const s3 = ssl->s3;
109
- if (!ssl->server ||
110
- s3->hs == nullptr ||
111
- s3->rwstate != SSL_ERROR_HANDOFF) {
109
+ if (!ssl->server || s3->hs == nullptr || s3->rwstate != SSL_ERROR_HANDOFF) {
112
110
  return false;
113
111
  }
114
112
 
@@ -176,7 +174,7 @@ static bool apply_remote_features(SSL *ssl, CBS *in) {
176
174
  return false;
177
175
  }
178
176
  Array<uint16_t> supported_groups;
179
- if (!supported_groups.Init(CBS_len(&groups) / 2)) {
177
+ if (!supported_groups.InitForOverwrite(CBS_len(&groups) / 2)) {
180
178
  return false;
181
179
  }
182
180
  size_t idx = 0;
@@ -190,7 +188,7 @@ static bool apply_remote_features(SSL *ssl, CBS *in) {
190
188
  Span<const uint16_t> configured_groups =
191
189
  tls1_get_grouplist(ssl->s3->hs.get());
192
190
  Array<uint16_t> new_configured_groups;
193
- if (!new_configured_groups.Init(configured_groups.size())) {
191
+ if (!new_configured_groups.InitForOverwrite(configured_groups.size())) {
194
192
  return false;
195
193
  }
196
194
  idx = 0;
@@ -329,18 +327,18 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
329
327
  const uint8_t *write_iv = nullptr;
330
328
  if ((type == handback_after_session_resumption ||
331
329
  type == handback_after_handshake) &&
332
- ssl->version == TLS1_VERSION &&
330
+ ssl->s3->version == TLS1_VERSION &&
333
331
  SSL_CIPHER_is_block_cipher(s3->aead_write_ctx->cipher()) &&
334
332
  !s3->aead_write_ctx->GetIV(&write_iv, &write_iv_len)) {
335
333
  return false;
336
334
  }
337
335
  size_t read_iv_len = 0;
338
336
  const uint8_t *read_iv = nullptr;
339
- if (type == handback_after_handshake &&
340
- ssl->version == TLS1_VERSION &&
341
- SSL_CIPHER_is_block_cipher(s3->aead_read_ctx->cipher()) &&
337
+ if (type == handback_after_handshake && //
338
+ ssl->s3->version == TLS1_VERSION && //
339
+ SSL_CIPHER_is_block_cipher(s3->aead_read_ctx->cipher()) && //
342
340
  !s3->aead_read_ctx->GetIV(&read_iv, &read_iv_len)) {
343
- return false;
341
+ return false;
344
342
  }
345
343
 
346
344
  // TODO(mab): make sure everything is serialized.
@@ -423,18 +421,18 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
423
421
  } else {
424
422
  return false;
425
423
  }
426
- if (!CBB_add_asn1_octet_string(&seq, hs->client_traffic_secret_0().data(),
427
- hs->client_traffic_secret_0().size()) ||
428
- !CBB_add_asn1_octet_string(&seq, hs->server_traffic_secret_0().data(),
429
- hs->server_traffic_secret_0().size()) ||
430
- !CBB_add_asn1_octet_string(&seq, hs->client_handshake_secret().data(),
431
- hs->client_handshake_secret().size()) ||
432
- !CBB_add_asn1_octet_string(&seq, hs->server_handshake_secret().data(),
433
- hs->server_handshake_secret().size()) ||
434
- !CBB_add_asn1_octet_string(&seq, hs->secret().data(),
435
- hs->secret().size()) ||
436
- !CBB_add_asn1_octet_string(&seq, s3->exporter_secret,
437
- s3->exporter_secret_len) ||
424
+ if (!CBB_add_asn1_octet_string(&seq, hs->client_traffic_secret_0.data(),
425
+ hs->client_traffic_secret_0.size()) ||
426
+ !CBB_add_asn1_octet_string(&seq, hs->server_traffic_secret_0.data(),
427
+ hs->server_traffic_secret_0.size()) ||
428
+ !CBB_add_asn1_octet_string(&seq, hs->client_handshake_secret.data(),
429
+ hs->client_handshake_secret.size()) ||
430
+ !CBB_add_asn1_octet_string(&seq, hs->server_handshake_secret.data(),
431
+ hs->server_handshake_secret.size()) ||
432
+ !CBB_add_asn1_octet_string(&seq, hs->secret.data(),
433
+ hs->secret.size()) ||
434
+ !CBB_add_asn1_octet_string(&seq, s3->exporter_secret.data(),
435
+ s3->exporter_secret.size()) ||
438
436
  !CBB_add_asn1_bool(&seq, s3->used_hello_retry_request) ||
439
437
  !CBB_add_asn1_bool(&seq, hs->accept_psk_mode) ||
440
438
  !CBB_add_asn1_int64(&seq, s3->ticket_age_skew) ||
@@ -443,8 +441,8 @@ bool SSL_serialize_handback(const SSL *ssl, CBB *out) {
443
441
  return false;
444
442
  }
445
443
  if (early_data == early_data_accepted &&
446
- !CBB_add_asn1_octet_string(&seq, hs->early_traffic_secret().data(),
447
- hs->early_traffic_secret().size())) {
444
+ !CBB_add_asn1_octet_string(&seq, hs->early_traffic_secret.data(),
445
+ hs->early_traffic_secret.size())) {
448
446
  return false;
449
447
  }
450
448
 
@@ -470,14 +468,14 @@ static bool CopyExact(Span<uint8_t> out, const CBS *in) {
470
468
  }
471
469
 
472
470
  bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
473
- if (ssl->do_handshake != nullptr ||
471
+ if (ssl->do_handshake != nullptr || //
474
472
  ssl->method->is_dtls) {
475
473
  return false;
476
474
  }
477
475
 
478
476
  SSL3_STATE *const s3 = ssl->s3;
479
477
  uint64_t handback_version, unused_token_binding_param, cipher, type_u64,
480
- alps_codepoint;
478
+ alps_codepoint;
481
479
 
482
480
  CBS seq, read_seq, write_seq, server_rand, client_rand, read_iv, write_iv,
483
481
  next_proto, alpn, hostname, unused_channel_id, transcript, key_share;
@@ -487,10 +485,10 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
487
485
  SSL_SESSION *session = nullptr;
488
486
 
489
487
  CBS handback_cbs(handback);
490
- if (!CBS_get_asn1(&handback_cbs, &seq, CBS_ASN1_SEQUENCE) ||
491
- !CBS_get_asn1_uint64(&seq, &handback_version) ||
492
- handback_version != kHandbackVersion ||
493
- !CBS_get_asn1_uint64(&seq, &type_u64) ||
488
+ if (!CBS_get_asn1(&handback_cbs, &seq, CBS_ASN1_SEQUENCE) || //
489
+ !CBS_get_asn1_uint64(&seq, &handback_version) || //
490
+ handback_version != kHandbackVersion || //
491
+ !CBS_get_asn1_uint64(&seq, &type_u64) || //
494
492
  type_u64 > handback_max_value) {
495
493
  return false;
496
494
  }
@@ -637,9 +635,8 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
637
635
  s3->early_data_reason = ssl_early_data_protocol_version;
638
636
  }
639
637
 
640
- ssl->version = session->ssl_version;
641
- s3->have_version = true;
642
- if (!ssl_method_supports_version(ssl->method, ssl->version) ||
638
+ ssl->s3->version = session->ssl_version;
639
+ if (!ssl_method_supports_version(ssl->method, ssl->s3->version) ||
643
640
  session->cipher != hs->new_cipher ||
644
641
  ssl_protocol_version(ssl) < SSL_CIPHER_get_min_version(session->cipher) ||
645
642
  SSL_CIPHER_get_max_version(session->cipher) < ssl_protocol_version(ssl)) {
@@ -672,8 +669,10 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
672
669
  }
673
670
  s3->session_reused = session_reused;
674
671
  hs->channel_id_negotiated = channel_id_negotiated;
675
- s3->next_proto_negotiated.CopyFrom(next_proto);
676
- s3->alpn_selected.CopyFrom(alpn);
672
+ if (!s3->next_proto_negotiated.CopyFrom(next_proto) ||
673
+ !s3->alpn_selected.CopyFrom(alpn)) {
674
+ return false;
675
+ }
677
676
 
678
677
  const size_t hostname_len = CBS_len(&hostname);
679
678
  if (hostname_len == 0) {
@@ -690,7 +689,6 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
690
689
  hs->wait = ssl_hs_flush;
691
690
  hs->extended_master_secret = extended_master_secret;
692
691
  hs->ticket_expected = ticket_expected;
693
- s3->aead_write_ctx->SetVersionIfNullCipher(ssl->version);
694
692
  hs->cert_request = cert_request;
695
693
 
696
694
  if (type != handback_after_handshake &&
@@ -700,20 +698,17 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
700
698
  return false;
701
699
  }
702
700
  if (type == handback_tls13) {
703
- hs->ResizeSecrets(hs->transcript.DigestLen());
704
- if (!CopyExact(hs->client_traffic_secret_0(), &client_traffic_secret_0) ||
705
- !CopyExact(hs->server_traffic_secret_0(), &server_traffic_secret_0) ||
706
- !CopyExact(hs->client_handshake_secret(), &client_handshake_secret) ||
707
- !CopyExact(hs->server_handshake_secret(), &server_handshake_secret) ||
708
- !CopyExact(hs->secret(), &secret) ||
709
- !CopyExact({s3->exporter_secret, hs->transcript.DigestLen()},
710
- &exporter_secret)) {
701
+ if (!hs->client_traffic_secret_0.TryCopyFrom(client_traffic_secret_0) ||
702
+ !hs->server_traffic_secret_0.TryCopyFrom(server_traffic_secret_0) ||
703
+ !hs->client_handshake_secret.TryCopyFrom(client_handshake_secret) ||
704
+ !hs->server_handshake_secret.TryCopyFrom(server_handshake_secret) ||
705
+ !hs->secret.TryCopyFrom(secret) ||
706
+ !s3->exporter_secret.TryCopyFrom(exporter_secret)) {
711
707
  return false;
712
708
  }
713
- s3->exporter_secret_len = CBS_len(&exporter_secret);
714
709
 
715
710
  if (s3->early_data_accepted &&
716
- !CopyExact(hs->early_traffic_secret(), &early_traffic_secret)) {
711
+ !hs->early_traffic_secret.TryCopyFrom(early_traffic_secret)) {
717
712
  return false;
718
713
  }
719
714
  }
@@ -745,7 +740,7 @@ bool SSL_apply_handback(SSL *ssl, Span<const uint8_t> handback) {
745
740
  // immediately after processing handback.
746
741
  if (!tls13_set_traffic_key(ssl, ssl_encryption_application, evp_aead_seal,
747
742
  hs->new_session.get(),
748
- hs->server_traffic_secret_0())) {
743
+ hs->server_traffic_secret_0)) {
749
744
  return false;
750
745
  }
751
746
  break;
@@ -801,8 +796,8 @@ int SSL_request_handshake_hints(SSL *ssl, const uint8_t *client_hello,
801
796
  CBS cbs, seq;
802
797
  CBS_init(&cbs, capabilities, capabilities_len);
803
798
  UniquePtr<SSL_HANDSHAKE_HINTS> hints = MakeUnique<SSL_HANDSHAKE_HINTS>();
804
- if (hints == nullptr ||
805
- !CBS_get_asn1(&cbs, &seq, CBS_ASN1_SEQUENCE) ||
799
+ if (hints == nullptr || //
800
+ !CBS_get_asn1(&cbs, &seq, CBS_ASN1_SEQUENCE) || //
806
801
  !apply_remote_features(ssl, &seq)) {
807
802
  return 0;
808
803
  }
@@ -886,8 +881,7 @@ int SSL_request_handshake_hints(SSL *ssl, const uint8_t *client_hello,
886
881
  // }
887
882
 
888
883
  // HandshakeHints tags.
889
- static const CBS_ASN1_TAG kServerRandomTLS13Tag =
890
- CBS_ASN1_CONTEXT_SPECIFIC | 0;
884
+ static const CBS_ASN1_TAG kServerRandomTLS13Tag = CBS_ASN1_CONTEXT_SPECIFIC | 0;
891
885
  static const CBS_ASN1_TAG kKeyShareHintTag =
892
886
  CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;
893
887
  static const CBS_ASN1_TAG kSignatureHintTag =
@@ -896,8 +890,7 @@ static const CBS_ASN1_TAG kDecryptedPSKTag = CBS_ASN1_CONTEXT_SPECIFIC | 3;
896
890
  static const CBS_ASN1_TAG kIgnorePSKTag = CBS_ASN1_CONTEXT_SPECIFIC | 4;
897
891
  static const CBS_ASN1_TAG kCompressCertificateTag =
898
892
  CBS_ASN1_CONTEXT_SPECIFIC | 5;
899
- static const CBS_ASN1_TAG kServerRandomTLS12Tag =
900
- CBS_ASN1_CONTEXT_SPECIFIC | 6;
893
+ static const CBS_ASN1_TAG kServerRandomTLS12Tag = CBS_ASN1_CONTEXT_SPECIFIC | 6;
901
894
  static const CBS_ASN1_TAG kECDHEHintTag = CBS_ASN1_CONSTRUCTED | 7;
902
895
  static const CBS_ASN1_TAG kDecryptedTicketTag = CBS_ASN1_CONTEXT_SPECIFIC | 8;
903
896
  static const CBS_ASN1_TAG kRenewTicketTag = CBS_ASN1_CONTEXT_SPECIFIC | 9;
data/third_party/boringssl-with-bazel/src/ssl/handshake.cc CHANGED
@@ -1,114 +1,17 @@
1
- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2
- * All rights reserved.
3
- *
4
- * This package is an SSL implementation written
5
- * by Eric Young (eay@cryptsoft.com).
6
- * The implementation was written so as to conform with Netscapes SSL.
7
- *
8
- * This library is free for commercial and non-commercial use as long as
9
- * the following conditions are aheared to. The following conditions
10
- * apply to all code found in this distribution, be it the RC4, RSA,
11
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12
- * included with this distribution is covered by the same copyright terms
13
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
- *
15
- * Copyright remains Eric Young's, and as such any Copyright notices in
16
- * the code are not to be removed.
17
- * If this package is used in a product, Eric Young should be given attribution
18
- * as the author of the parts of the library used.
19
- * This can be in the form of a textual message at program startup or
20
- * in documentation (online or textual) provided with the package.
21
- *
22
- * Redistribution and use in source and binary forms, with or without
23
- * modification, are permitted provided that the following conditions
24
- * are met:
25
- * 1. Redistributions of source code must retain the copyright
26
- * notice, this list of conditions and the following disclaimer.
27
- * 2. Redistributions in binary form must reproduce the above copyright
28
- * notice, this list of conditions and the following disclaimer in the
29
- * documentation and/or other materials provided with the distribution.
30
- * 3. All advertising materials mentioning features or use of this software
31
- * must display the following acknowledgement:
32
- * "This product includes cryptographic software written by
33
- * Eric Young (eay@cryptsoft.com)"
34
- * The word 'cryptographic' can be left out if the rouines from the library
35
- * being used are not cryptographic related :-).
36
- * 4. If you include any Windows specific code (or a derivative thereof) from
37
- * the apps directory (application code) you must include an acknowledgement:
38
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
- *
40
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
- * SUCH DAMAGE.
51
- *
52
- * The licence and distribution terms for any publically available version or
53
- * derivative of this code cannot be changed. i.e. this code cannot simply be
54
- * copied and put under another distribution licence
55
- * [including the GNU Public Licence.]
56
- */
57
- /* ====================================================================
58
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
59
- *
60
- * Redistribution and use in source and binary forms, with or without
61
- * modification, are permitted provided that the following conditions
62
- * are met:
63
- *
64
- * 1. Redistributions of source code must retain the above copyright
65
- * notice, this list of conditions and the following disclaimer.
66
- *
67
- * 2. Redistributions in binary form must reproduce the above copyright
68
- * notice, this list of conditions and the following disclaimer in
69
- * the documentation and/or other materials provided with the
70
- * distribution.
71
- *
72
- * 3. All advertising materials mentioning features or use of this
73
- * software must display the following acknowledgment:
74
- * "This product includes software developed by the OpenSSL Project
75
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76
- *
77
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78
- * endorse or promote products derived from this software without
79
- * prior written permission. For written permission, please contact
80
- * openssl-core@openssl.org.
81
- *
82
- * 5. Products derived from this software may not be called "OpenSSL"
83
- * nor may "OpenSSL" appear in their names without prior written
84
- * permission of the OpenSSL Project.
85
- *
86
- * 6. Redistributions of any form whatsoever must retain the following
87
- * acknowledgment:
88
- * "This product includes software developed by the OpenSSL Project
89
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90
- *
91
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102
- * OF THE POSSIBILITY OF SUCH DAMAGE.
103
- * ====================================================================
104
- *
105
- * This product includes cryptographic software written by Eric Young
106
- * (eay@cryptsoft.com). This product includes software written by Tim
107
- * Hudson (tjh@cryptsoft.com). */
108
- /* ====================================================================
109
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
110
- * ECC cipher suite support in OpenSSL originally developed by
111
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */
1
+ // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2
+ // Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
3
+ //
4
+ // Licensed under the Apache License, Version 2.0 (the "License");
5
+ // you may not use this file except in compliance with the License.
6
+ // You may obtain a copy of the License at
7
+ //
8
+ // https://www.apache.org/licenses/LICENSE-2.0
9
+ //
10
+ // Unless required by applicable law or agreed to in writing, software
11
+ // distributed under the License is distributed on an "AS IS" BASIS,
12
+ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ // See the License for the specific language governing permissions and
14
+ // limitations under the License.
112
15
 
113
16
  #include <openssl/ssl.h>
114
17
 
@@ -126,6 +29,8 @@ BSSL_NAMESPACE_BEGIN
126
29
 
127
30
  SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
128
31
  : ssl(ssl_arg),
32
+ transcript(SSL_is_dtls(ssl_arg)),
33
+ inner_transcript(SSL_is_dtls(ssl_arg)),
129
34
  ech_is_inner(false),
130
35
  ech_authenticated_reject(false),
131
36
  scts_requested(false),
@@ -140,6 +45,7 @@ SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
140
45
  early_data_offered(false),
141
46
  can_early_read(false),
142
47
  can_early_write(false),
48
+ is_early_version(false),
143
49
  next_proto_neg_seen(false),
144
50
  ticket_expected(false),
145
51
  extended_master_secret(false),
@@ -149,7 +55,8 @@ SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
149
55
  cert_compression_negotiated(false),
150
56
  apply_jdk11_workaround(false),
151
57
  can_release_private_key(false),
152
- channel_id_negotiated(false) {
58
+ channel_id_negotiated(false),
59
+ received_hello_verify_request(false) {
153
60
  assert(ssl);
154
61
 
155
62
  // Draw entropy for all GREASE values at once. This avoids calling
@@ -163,13 +70,6 @@ SSL_HANDSHAKE::~SSL_HANDSHAKE() {
163
70
  ssl->ctx->x509_method->hs_flush_cached_ca_names(this);
164
71
  }
165
72
 
166
- void SSL_HANDSHAKE::ResizeSecrets(size_t hash_len) {
167
- if (hash_len > SSL_MAX_MD_SIZE) {
168
- abort();
169
- }
170
- hash_len_ = hash_len;
171
- }
172
-
173
73
  bool SSL_HANDSHAKE::GetClientHello(SSLMessage *out_msg,
174
74
  SSL_CLIENT_HELLO *out_client_hello) {
175
75
  if (!ech_client_hello_buf.empty()) {
@@ -177,15 +77,17 @@ bool SSL_HANDSHAKE::GetClientHello(SSLMessage *out_msg,
177
77
  out_msg->is_v2_hello = false;
178
78
  out_msg->type = SSL3_MT_CLIENT_HELLO;
179
79
  out_msg->raw = CBS(ech_client_hello_buf);
180
- out_msg->body = MakeConstSpan(ech_client_hello_buf).subspan(4);
80
+ size_t header_len =
81
+ SSL_is_dtls(ssl) ? DTLS1_HM_HEADER_LENGTH : SSL3_HM_HEADER_LENGTH;
82
+ out_msg->body = CBS(Span(ech_client_hello_buf).subspan(header_len));
181
83
  } else if (!ssl->method->get_message(ssl, out_msg)) {
182
84
  // The message has already been read, so this cannot fail.
183
85
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
184
86
  return false;
185
87
  }
186
88
 
187
- if (!ssl_client_hello_init(ssl, out_client_hello, out_msg->body)) {
188
- OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED);
89
+ if (!SSL_parse_client_hello(ssl, out_client_hello, CBS_data(&out_msg->body),
90
+ CBS_len(&out_msg->body))) {
189
91
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
190
92
  return false;
191
93
  }
@@ -301,6 +203,7 @@ bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
301
203
  continue;
302
204
  }
303
205
  OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
206
+ ERR_add_error_dataf("extension %u", unsigned{type});
304
207
  *out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
305
208
  return false;
306
209
  }
@@ -341,10 +244,8 @@ enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs) {
341
244
  sk_CRYPTO_BUFFER_value(prev_session->certs.get(), i);
342
245
  const CRYPTO_BUFFER *new_cert =
343
246
  sk_CRYPTO_BUFFER_value(hs->new_session->certs.get(), i);
344
- if (CRYPTO_BUFFER_len(old_cert) != CRYPTO_BUFFER_len(new_cert) ||
345
- OPENSSL_memcmp(CRYPTO_BUFFER_data(old_cert),
346
- CRYPTO_BUFFER_data(new_cert),
347
- CRYPTO_BUFFER_len(old_cert)) != 0) {
247
+ if (Span(CRYPTO_BUFFER_data(old_cert), CRYPTO_BUFFER_len(old_cert)) !=
248
+ Span(CRYPTO_BUFFER_data(new_cert), CRYPTO_BUFFER_len(new_cert))) {
348
249
  OPENSSL_PUT_ERROR(SSL, SSL_R_SERVER_CERT_CHANGED);
349
250
  ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
350
251
  return ssl_verify_invalid;
@@ -494,18 +395,16 @@ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs) {
494
395
  }
495
396
 
496
397
  // Copy the Finished so we can use it for renegotiation checks.
497
- if (finished_len > sizeof(ssl->s3->previous_client_finished) ||
498
- finished_len > sizeof(ssl->s3->previous_server_finished)) {
398
+ if (finished_len > ssl->s3->previous_client_finished.capacity() ||
399
+ finished_len > ssl->s3->previous_server_finished.capacity()) {
499
400
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
500
401
  return ssl_hs_error;
501
402
  }
502
403
 
503
404
  if (ssl->server) {
504
- OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
505
- ssl->s3->previous_client_finished_len = finished_len;
405
+ ssl->s3->previous_client_finished.CopyFrom(Span(finished, finished_len));
506
406
  } else {
507
- OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
508
- ssl->s3->previous_server_finished_len = finished_len;
407
+ ssl->s3->previous_server_finished.CopyFrom(Span(finished, finished_len));
509
408
  }
510
409
 
511
410
  // The Finished message should be the end of a flight.
@@ -523,38 +422,32 @@ bool ssl_send_finished(SSL_HANDSHAKE *hs) {
523
422
  SSL *const ssl = hs->ssl;
524
423
  const SSL_SESSION *session = ssl_handshake_session(hs);
525
424
 
526
- uint8_t finished[EVP_MAX_MD_SIZE];
425
+ uint8_t finished_buf[EVP_MAX_MD_SIZE];
527
426
  size_t finished_len;
528
- if (!hs->transcript.GetFinishedMAC(finished, &finished_len, session,
427
+ if (!hs->transcript.GetFinishedMAC(finished_buf, &finished_len, session,
529
428
  ssl->server)) {
530
429
  return false;
531
430
  }
431
+ auto finished = Span(finished_buf, finished_len);
532
432
 
533
433
  // Log the master secret, if logging is enabled.
534
- if (!ssl_log_secret(ssl, "CLIENT_RANDOM",
535
- MakeConstSpan(session->secret, session->secret_length))) {
434
+ if (!ssl_log_secret(ssl, "CLIENT_RANDOM", session->secret)) {
536
435
  return false;
537
436
  }
538
437
 
539
438
  // Copy the Finished so we can use it for renegotiation checks.
540
- if (finished_len > sizeof(ssl->s3->previous_client_finished) ||
541
- finished_len > sizeof(ssl->s3->previous_server_finished)) {
439
+ bool ok = ssl->server
440
+ ? ssl->s3->previous_server_finished.TryCopyFrom(finished)
441
+ : ssl->s3->previous_client_finished.TryCopyFrom(finished);
442
+ if (!ok) {
542
443
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
543
- return false;
544
- }
545
-
546
- if (ssl->server) {
547
- OPENSSL_memcpy(ssl->s3->previous_server_finished, finished, finished_len);
548
- ssl->s3->previous_server_finished_len = finished_len;
549
- } else {
550
- OPENSSL_memcpy(ssl->s3->previous_client_finished, finished, finished_len);
551
- ssl->s3->previous_client_finished_len = finished_len;
444
+ return ssl_hs_error;
552
445
  }
553
446
 
554
447
  ScopedCBB cbb;
555
448
  CBB body;
556
449
  if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_FINISHED) ||
557
- !CBB_add_bytes(&body, finished, finished_len) ||
450
+ !CBB_add_bytes(&body, finished.data(), finished.size()) ||
558
451
  !ssl_add_message_cbb(ssl, cbb.get())) {
559
452
  OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
560
453
  return false;
@@ -598,6 +491,16 @@ const SSL_SESSION *ssl_handshake_session(const SSL_HANDSHAKE *hs) {
598
491
  int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
599
492
  SSL *const ssl = hs->ssl;
600
493
  for (;;) {
494
+ // If a timeout during the handshake triggered a DTLS ACK or retransmit, we
495
+ // resolve that first. E.g., if |ssl_hs_private_key_operation| is slow, the
496
+ // ACK timer may fire.
497
+ if (hs->wait != ssl_hs_error && SSL_is_dtls(ssl)) {
498
+ int ret = ssl->method->flush(ssl);
499
+ if (ret <= 0) {
500
+ return ret;
501
+ }
502
+ }
503
+
601
504
  // Resolve the operation the handshake was waiting on. Each condition may
602
505
  // halt the handshake by returning, or continue executing if the handshake
603
506
  // may immediately proceed. Cases which halt the handshake can clear
@@ -609,7 +512,7 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
609
512
  return -1;
610
513
 
611
514
  case ssl_hs_flush: {
612
- int ret = ssl->method->flush_flight(ssl);
515
+ int ret = ssl->method->flush(ssl);
613
516
  if (ret <= 0) {
614
517
  return ret;
615
518
  }
@@ -619,7 +522,7 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
619
522
  case ssl_hs_read_server_hello:
620
523
  case ssl_hs_read_message:
621
524
  case ssl_hs_read_change_cipher_spec: {
622
- if (ssl->quic_method) {
525
+ if (SSL_is_quic(ssl)) {
623
526
  // QUIC has no ChangeCipherSpec messages.
624
527
  assert(hs->wait != ssl_hs_read_change_cipher_spec);
625
528
  // The caller should call |SSL_provide_quic_data|. Clear |hs->wait| so
@@ -687,7 +590,7 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
687
590
  return -1;
688
591
 
689
592
  case ssl_hs_handback: {
690
- int ret = ssl->method->flush_flight(ssl);
593
+ int ret = ssl->method->flush(ssl);
691
594
  if (ret <= 0) {
692
595
  return ret;
693
596
  }
@@ -759,9 +662,14 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
759
662
  *out_early_return = false;
760
663
  return 1;
761
664
  }
665
+ // If the handshake returns |ssl_hs_flush|, implicitly finish the flight.
666
+ // This is a convenience so we do not need to manually insert this
667
+ // throughout the handshake.
668
+ if (hs->wait == ssl_hs_flush) {
669
+ ssl->method->finish_flight(ssl);
670
+ }
762
671
 
763
- // Otherwise, loop to the beginning and resolve what was blocking the
764
- // handshake.
672
+ // Loop to the beginning and resolve what was blocking the handshake.
765
673
  }
766
674
  }
767
675