grpc 1.71.0 → 1.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +96 -76
- data/include/grpc/event_engine/event_engine.h +125 -8
- data/include/grpc/event_engine/internal/write_event.h +34 -0
- data/include/grpc/event_engine/memory_request.h +3 -3
- data/include/grpc/impl/channel_arg_names.h +80 -52
- data/include/grpc/impl/compression_types.h +3 -2
- data/include/grpc/impl/slice_type.h +1 -1
- data/include/grpc/support/json.h +3 -21
- data/include/grpc/support/port_platform.h +8 -5
- data/include/grpc/support/workaround_list.h +1 -4
- data/src/core/{lib/transport → call}/call_arena_allocator.cc +1 -1
- data/src/core/{lib/transport → call}/call_arena_allocator.h +3 -3
- data/src/core/{lib/transport → call}/call_destination.h +4 -4
- data/src/core/{lib/transport → call}/call_filters.cc +2 -2
- data/src/core/{lib/transport → call}/call_filters.h +53 -25
- data/src/core/{lib/channel → call}/call_finalization.h +3 -3
- data/src/core/{lib/transport → call}/call_spine.cc +1 -1
- data/src/core/{lib/transport → call}/call_spine.h +70 -26
- data/src/core/{lib/transport → call}/call_state.cc +1 -1
- data/src/core/{lib/transport → call}/call_state.h +3 -3
- data/src/core/{lib/surface → call}/client_call.cc +9 -7
- data/src/core/{lib/surface → call}/client_call.h +4 -4
- data/src/core/{lib/transport → call}/custom_metadata.h +3 -3
- data/src/core/{lib/transport → call}/interception_chain.cc +5 -5
- data/src/core/{lib/transport → call}/interception_chain.h +7 -7
- data/src/core/{lib/transport → call}/message.cc +1 -1
- data/src/core/{lib/transport → call}/message.h +7 -3
- data/src/core/{lib/transport → call}/metadata.cc +2 -2
- data/src/core/{lib/transport → call}/metadata.h +21 -4
- data/src/core/{lib/transport → call}/metadata_batch.cc +1 -1
- data/src/core/{lib/transport → call}/metadata_batch.h +7 -7
- data/src/core/{lib/transport → call}/metadata_compression_traits.h +3 -3
- data/src/core/{lib/transport → call}/metadata_info.cc +27 -9
- data/src/core/{lib/transport → call}/metadata_info.h +4 -4
- data/src/core/{lib/transport → call}/parsed_metadata.cc +1 -1
- data/src/core/{lib/transport → call}/parsed_metadata.h +3 -3
- data/src/core/call/request_buffer.h +3 -3
- data/src/core/call/security_context.cc +125 -0
- data/src/core/call/security_context.h +114 -0
- data/src/core/{lib/surface → call}/server_call.cc +3 -3
- data/src/core/{lib/surface → call}/server_call.h +5 -5
- data/src/core/{lib/transport → call}/simple_slice_based_metadata.h +4 -4
- data/src/core/{lib/channel → call}/status_util.cc +1 -1
- data/src/core/{lib/channel → call}/status_util.h +3 -3
- data/src/core/channelz/channel_trace.cc +50 -42
- data/src/core/channelz/channel_trace.h +35 -4
- data/src/core/channelz/channelz.cc +338 -125
- data/src/core/channelz/channelz.h +276 -34
- data/src/core/channelz/channelz_registry.cc +322 -117
- data/src/core/channelz/channelz_registry.h +179 -21
- data/src/core/channelz/ztrace_collector.h +315 -0
- data/src/core/client_channel/client_channel.cc +54 -45
- data/src/core/client_channel/client_channel.h +4 -3
- data/src/core/client_channel/client_channel_filter.cc +31 -40
- data/src/core/client_channel/client_channel_filter.h +1 -3
- data/src/core/client_channel/client_channel_internal.h +1 -1
- data/src/core/client_channel/config_selector.h +2 -2
- data/src/core/client_channel/connector.h +0 -3
- data/src/core/client_channel/direct_channel.cc +2 -2
- data/src/core/client_channel/dynamic_filters.cc +0 -1
- data/src/core/client_channel/dynamic_filters.h +0 -1
- data/src/core/client_channel/global_subchannel_pool.cc +68 -7
- data/src/core/client_channel/global_subchannel_pool.h +37 -4
- data/src/core/client_channel/lb_metadata.h +1 -1
- data/src/core/client_channel/load_balanced_call_destination.cc +1 -1
- data/src/core/client_channel/load_balanced_call_destination.h +1 -1
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +43 -41
- data/src/core/client_channel/retry_filter_legacy_call_data.h +6 -6
- data/src/core/client_channel/retry_interceptor.h +1 -1
- data/src/core/client_channel/retry_service_config.cc +1 -1
- data/src/core/client_channel/retry_service_config.h +1 -1
- data/src/core/client_channel/retry_throttle.cc +30 -34
- data/src/core/client_channel/retry_throttle.h +10 -2
- data/src/core/client_channel/subchannel.cc +14 -17
- data/src/core/client_channel/subchannel.h +3 -10
- data/src/core/client_channel/subchannel_pool_interface.cc +5 -6
- data/src/core/client_channel/subchannel_pool_interface.h +11 -1
- data/src/core/client_channel/subchannel_stream_client.cc +14 -11
- data/src/core/client_channel/subchannel_stream_client.h +2 -2
- data/src/core/config/config_vars.cc +11 -1
- data/src/core/config/config_vars.h +8 -0
- data/src/core/config/core_configuration.cc +50 -11
- data/src/core/config/core_configuration.h +91 -9
- data/src/core/credentials/call/call_credentials.h +157 -0
- data/src/core/{lib/security/credentials → credentials/call}/call_creds_util.cc +4 -4
- data/src/core/{lib/security/credentials → credentials/call}/call_creds_util.h +4 -4
- data/src/core/{lib/security/credentials/composite/composite_credentials.cc → credentials/call/composite/composite_call_credentials.cc} +4 -57
- data/src/core/credentials/call/composite/composite_call_credentials.h +82 -0
- data/src/core/{lib/security/credentials → credentials/call}/external/aws_external_account_credentials.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/call}/external/aws_external_account_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/call}/external/aws_request_signer.cc +4 -3
- data/src/core/{lib/security/credentials → credentials/call}/external/aws_request_signer.h +3 -3
- data/src/core/{lib/security/credentials → credentials/call}/external/external_account_credentials.cc +6 -6
- data/src/core/{lib/security/credentials → credentials/call}/external/external_account_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/call}/external/file_external_account_credentials.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/call}/external/file_external_account_credentials.h +4 -4
- data/src/core/{lib/security/credentials → credentials/call}/external/url_external_account_credentials.cc +5 -4
- data/src/core/{lib/security/credentials → credentials/call}/external/url_external_account_credentials.h +4 -4
- data/src/core/{lib/security/credentials → credentials/call}/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +4 -3
- data/src/core/{lib/security/credentials → credentials/call}/gcp_service_account_identity/gcp_service_account_identity_credentials.h +6 -6
- data/src/core/{lib/security/credentials → credentials/call}/iam/iam_credentials.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/call}/iam/iam_credentials.h +4 -4
- data/src/core/{lib/security/util → credentials/call}/json_util.cc +1 -1
- data/src/core/{lib/security/util → credentials/call}/json_util.h +3 -3
- data/src/core/{lib/security/credentials → credentials/call}/jwt/json_token.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/call}/jwt/json_token.h +3 -3
- data/src/core/{lib/security/credentials → credentials/call}/jwt/jwt_credentials.cc +3 -3
- data/src/core/{lib/security/credentials → credentials/call}/jwt/jwt_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/call}/jwt/jwt_verifier.cc +7 -6
- data/src/core/{lib/security/credentials → credentials/call}/jwt/jwt_verifier.h +3 -3
- data/src/core/{lib/security/credentials → credentials/call}/oauth2/oauth2_credentials.cc +8 -5
- data/src/core/{lib/security/credentials → credentials/call}/oauth2/oauth2_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/call}/plugin/plugin_credentials.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/call}/plugin/plugin_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/call}/token_fetcher/token_fetcher_credentials.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/call}/token_fetcher/token_fetcher_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/transport}/alts/alts_credentials.cc +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/alts/alts_credentials.h +5 -5
- data/src/core/{lib/security/security_connector → credentials/transport}/alts/alts_security_connector.cc +13 -12
- data/src/core/{lib/security/security_connector → credentials/transport}/alts/alts_security_connector.h +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/alts/check_gcp_environment.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/check_gcp_environment.h +3 -3
- data/src/core/{lib/security/credentials → credentials/transport}/alts/check_gcp_environment_linux.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/check_gcp_environment_no_op.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/check_gcp_environment_windows.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/grpc_alts_credentials_client_options.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/grpc_alts_credentials_options.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/alts/grpc_alts_credentials_options.h +3 -3
- data/src/core/{lib/security/credentials → credentials/transport}/alts/grpc_alts_credentials_server_options.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/channel_creds_registry.h +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/channel_creds_registry_init.cc +21 -17
- data/src/core/credentials/transport/composite/composite_channel_credentials.cc +68 -0
- data/src/core/{lib/security/credentials/composite/composite_credentials.h → credentials/transport/composite/composite_channel_credentials.h} +6 -51
- data/src/core/{lib/security/credentials → credentials/transport}/fake/fake_credentials.cc +4 -26
- data/src/core/{lib/security/credentials → credentials/transport}/fake/fake_credentials.h +5 -37
- data/src/core/{lib/security/security_connector → credentials/transport}/fake/fake_security_connector.cc +4 -4
- data/src/core/{lib/security/security_connector → credentials/transport}/fake/fake_security_connector.h +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/google_default/credentials_generic.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/transport}/google_default/google_default_credentials.cc +34 -22
- data/src/core/{lib/security/credentials → credentials/transport}/google_default/google_default_credentials.h +5 -5
- data/src/core/{lib/security/credentials → credentials/transport}/insecure/insecure_credentials.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/transport}/insecure/insecure_credentials.h +5 -5
- data/src/core/{lib/security/security_connector → credentials/transport}/insecure/insecure_security_connector.cc +2 -2
- data/src/core/{lib/security/security_connector → credentials/transport}/insecure/insecure_security_connector.h +5 -5
- data/src/core/{lib/security/credentials → credentials/transport}/local/local_credentials.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/transport}/local/local_credentials.h +5 -5
- data/src/core/{lib/security/security_connector → credentials/transport}/local/local_security_connector.cc +4 -4
- data/src/core/{lib/security/security_connector → credentials/transport}/local/local_security_connector.h +4 -4
- data/src/core/{lib/security/security_connector → credentials/transport}/security_connector.cc +2 -2
- data/src/core/{lib/security/security_connector → credentials/transport}/security_connector.h +3 -3
- data/src/core/{lib/security/credentials → credentials/transport}/ssl/ssl_credentials.cc +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/ssl/ssl_credentials.h +6 -6
- data/src/core/{lib/security/security_connector → credentials/transport}/ssl/ssl_security_connector.cc +46 -16
- data/src/core/{lib/security/security_connector → credentials/transport}/ssl/ssl_security_connector.h +6 -5
- data/src/core/{lib/security/certificate_provider → credentials/transport/tls}/certificate_provider_factory.h +3 -3
- data/src/core/{lib/security/certificate_provider → credentials/transport/tls}/certificate_provider_registry.cc +1 -1
- data/src/core/{lib/security/certificate_provider → credentials/transport/tls}/certificate_provider_registry.h +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_distributor.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_distributor.h +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_match.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_provider.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_provider.h +5 -5
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_verifier.cc +2 -2
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_certificate_verifier.h +3 -3
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_credentials_options.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_credentials_options.h +7 -7
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_crl_provider.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/tls/grpc_tls_crl_provider.h +3 -3
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/load_system_roots.h +3 -3
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/load_system_roots_fallback.cc +1 -1
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/load_system_roots_supported.cc +2 -2
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/load_system_roots_supported.h +3 -3
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/load_system_roots_windows.cc +1 -1
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/ssl_utils.cc +21 -3
- data/src/core/{lib/security/security_connector → credentials/transport/tls}/ssl_utils.h +9 -4
- data/src/core/{lib/security/credentials → credentials/transport}/tls/tls_credentials.cc +4 -4
- data/src/core/{lib/security/credentials → credentials/transport}/tls/tls_credentials.h +5 -5
- data/src/core/{lib/security/security_connector → credentials/transport}/tls/tls_security_connector.cc +8 -7
- data/src/core/{lib/security/security_connector → credentials/transport}/tls/tls_security_connector.h +6 -6
- data/src/core/{lib/security/credentials → credentials/transport}/tls/tls_utils.cc +1 -1
- data/src/core/{lib/security/credentials → credentials/transport}/tls/tls_utils.h +3 -3
- data/src/core/{lib/security/credentials/credentials.cc → credentials/transport/transport_credentials.cc} +1 -3
- data/src/core/{lib/security/credentials/credentials.h → credentials/transport/transport_credentials.h} +5 -121
- data/src/core/{lib/security/credentials → credentials/transport}/xds/xds_credentials.cc +5 -5
- data/src/core/{lib/security/credentials → credentials/transport}/xds/xds_credentials.h +6 -6
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +1 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +14 -8
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +2 -2
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +1 -1
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +2 -2
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +1 -1
- data/src/core/ext/filters/http/client/http_client_filter.h +1 -1
- data/src/core/ext/filters/http/client_authority_filter.cc +2 -2
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +1 -1
- data/src/core/ext/filters/http/message_compress/compression_filter.h +35 -5
- data/src/core/ext/filters/http/server/http_server_filter.cc +2 -2
- data/src/core/ext/filters/http/server/http_server_filter.h +14 -3
- data/src/core/ext/filters/message_size/message_size_filter.cc +1 -1
- data/src/core/ext/filters/rbac/rbac_filter.cc +2 -2
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/chttp2_plugin.cc +40 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +14 -115
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +3 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +39 -965
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +10 -2
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +1 -3
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +185 -102
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +0 -3
- data/src/core/ext/transport/chttp2/transport/flow_control.h +18 -0
- data/src/core/ext/transport/chttp2/transport/frame.cc +300 -171
- data/src/core/ext/transport/chttp2/transport/frame.h +113 -5
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +12 -0
- data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +5 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +17 -7
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +3 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +23 -3
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +7 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +4 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +1 -1
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +10 -8
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +28 -2
- data/src/core/ext/transport/chttp2/transport/http2_status.h +409 -0
- data/src/core/ext/transport/chttp2/transport/http2_ztrace_collector.h +252 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +41 -20
- data/src/core/ext/transport/chttp2/transport/internal_channel_arg_names.h +24 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +57 -29
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +6 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +69 -57
- data/src/core/ext/transport/inproc/inproc_transport.cc +8 -3
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +7 -3
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +65 -65
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +28 -28
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +14 -14
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +6 -6
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +133 -133
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +71 -71
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +38 -26
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +228 -240
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +66 -66
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +27 -27
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +338 -350
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +103 -103
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +58 -58
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +14 -14
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +50 -46
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +41 -29
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +16 -16
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +210 -259
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +54 -54
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +58 -54
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +21 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +88 -92
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +17 -17
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +112 -100
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +34 -34
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +16 -12
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +5 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +126 -118
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +39 -39
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +23 -19
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +31 -27
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +10 -10
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +12 -37
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +49 -41
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +16 -16
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +24 -24
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +147 -139
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +46 -46
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +73 -61
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +20 -20
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +3 -3
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +6 -6
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +53 -33
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +14 -14
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +20 -36
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +52 -77
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +10 -10
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +684 -692
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +215 -215
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +17 -13
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +15 -3
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +7 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +19 -15
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +7 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +7 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +16 -16
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +10 -10
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +310 -407
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +96 -96
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +65 -61
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +27 -27
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +19 -19
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +6 -6
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +25 -25
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +34 -34
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +9 -9
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +7 -3
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +322 -294
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +105 -105
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +7 -3
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +23 -23
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +8 -8
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +88 -84
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +28 -28
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +99 -87
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +31 -31
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +32 -24
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +5 -5
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +138 -168
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +43 -43
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +6 -6
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +64 -60
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +26 -26
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +7 -7
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +10 -6
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +11 -7
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +15 -11
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +4 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +93 -133
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +20 -20
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +92 -123
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +27 -27
- data/src/core/ext/upb-gen/google/api/http.upb.h +55 -51
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +22 -22
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +516 -317
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +150 -100
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +5 -0
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +13 -33
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +9 -28
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +199 -142
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +37 -31
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +154 -0
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +40 -2
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +14 -6
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +4 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +21 -40
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +70 -108
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +17 -17
- data/src/core/ext/upb-gen/validate/validate.upb.h +380 -368
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +117 -117
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +9 -28
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +7 -7
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +20 -12
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +27 -84
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +7 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +3 -3
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +1 -1
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +42 -46
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +3 -3
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +4 -0
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +200 -101
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +152 -77
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +524 -255
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +66 -34
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +54 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +46 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +256 -126
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +50 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +55 -28
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +34 -18
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +414 -206
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +831 -413
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +143 -73
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +1132 -557
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +255 -127
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +363 -178
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +227 -114
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +596 -295
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +271 -137
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +56 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +45 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +438 -217
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +441 -221
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +55 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +619 -303
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +70 -36
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +97 -49
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +97 -51
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +147 -76
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +230 -116
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +277 -138
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +388 -197
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +304 -153
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +173 -90
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +90 -47
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +98 -51
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +196 -99
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +237 -118
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +418 -210
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +194 -99
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +2003 -973
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +101 -53
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +352 -176
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +79 -42
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +67 -37
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +88 -47
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +80 -43
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +86 -46
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +55 -32
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +91 -49
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +105 -55
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +775 -379
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +134 -68
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +189 -96
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +116 -61
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +160 -82
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +75 -39
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +1161 -570
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +55 -29
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +390 -194
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +126 -65
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +498 -246
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +74 -38
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +221 -110
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +68 -36
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +378 -187
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +100 -52
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +257 -129
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +44 -24
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +68 -35
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +59 -32
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +65 -34
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +72 -38
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +52 -29
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +51 -28
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +67 -35
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +110 -56
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +30 -16
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +143 -72
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +61 -32
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +85 -45
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +61 -33
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +272 -133
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +315 -154
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +64 -33
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +26 -15
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +1106 -497
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +28 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +23 -13
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +69 -35
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +51 -26
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +32 -17
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +161 -79
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +84 -42
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +26 -14
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +50 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +538 -261
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +86 -43
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +49 -26
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +27 -15
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +87 -44
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +30 -17
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +36 -20
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +42 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +76 -39
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +45 -24
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +58 -32
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +207 -103
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +95 -49
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +60 -31
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +67 -36
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -1
- data/src/core/{lib/security/transport → filter/auth}/auth_filters.h +8 -7
- data/src/core/{lib/security/transport → filter/auth}/client_auth_filter.cc +7 -6
- data/src/core/{lib/security/transport → filter/auth}/server_auth_filter.cc +5 -4
- data/src/core/handshaker/handshaker.cc +0 -8
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +7 -22
- data/src/core/handshaker/security/legacy_secure_endpoint.cc +596 -0
- data/src/core/handshaker/security/secure_endpoint.cc +769 -312
- data/src/core/handshaker/security/secure_endpoint.h +17 -0
- data/src/core/handshaker/security/security_handshaker.cc +4 -4
- data/src/core/handshaker/security/security_handshaker.h +1 -1
- data/src/core/lib/address_utils/sockaddr_utils.cc +5 -5
- data/src/core/lib/channel/channel_args.h +53 -30
- data/src/core/lib/channel/channel_stack.cc +29 -0
- data/src/core/lib/channel/channel_stack.h +10 -2
- data/src/core/lib/channel/channel_stack_builder_impl.cc +1 -1
- data/src/core/lib/channel/connected_channel.cc +2 -2
- data/src/core/lib/channel/promise_based_filter.h +710 -302
- data/src/core/lib/debug/trace_flags.cc +4 -6
- data/src/core/lib/debug/trace_flags.h +2 -3
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +6 -2
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +4 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +14 -6
- data/src/core/lib/event_engine/default_event_engine_factory.cc +6 -6
- data/src/core/lib/event_engine/default_event_engine_factory.h +1 -1
- data/src/core/lib/event_engine/extensions/blocking_dns.h +46 -0
- data/src/core/lib/event_engine/extensions/channelz.h +62 -0
- data/src/core/lib/event_engine/extensions/iomgr_compatible.h +39 -0
- data/src/core/lib/event_engine/extensions/supports_win_sockets.h +48 -0
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +3 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -9
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +28 -22
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +23 -3
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +15 -15
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +26 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +4 -0
- data/src/core/lib/event_engine/posix_engine/set_socket_dualstack.cc +64 -0
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +0 -11
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +10 -2
- data/src/core/lib/event_engine/query_extensions.h +10 -21
- data/src/core/lib/event_engine/shim.cc +9 -16
- data/src/core/lib/event_engine/shim.h +11 -0
- data/src/core/lib/event_engine/tcp_socket_utils.cc +10 -9
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +15 -7
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +2 -1
- data/src/core/lib/event_engine/utils.cc +34 -0
- data/src/core/lib/event_engine/utils.h +3 -0
- data/src/core/lib/event_engine/windows/win_socket.cc +11 -0
- data/src/core/lib/event_engine/windows/win_socket.h +3 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +7 -12
- data/src/core/lib/event_engine/windows/windows_endpoint.h +9 -2
- data/src/core/lib/event_engine/windows/windows_engine.cc +42 -0
- data/src/core/lib/event_engine/windows/windows_engine.h +8 -2
- data/src/core/lib/event_engine/windows/windows_listener.cc +5 -6
- data/src/core/lib/event_engine/windows/windows_listener.h +9 -4
- data/src/core/lib/experiments/experiments.cc +369 -69
- data/src/core/lib/experiments/experiments.h +148 -48
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +43 -16
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +43 -8
- data/src/core/lib/iomgr/error.cc +27 -43
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +13 -1
- data/src/core/lib/iomgr/ev_poll_posix.cc +17 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +11 -8
- data/src/core/lib/iomgr/fork_posix.cc +0 -7
- data/src/core/lib/iomgr/iomgr.cc +0 -3
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +3 -0
- data/src/core/lib/iomgr/polling_entity.cc +2 -7
- data/src/core/lib/iomgr/resolve_address_posix.cc +37 -47
- data/src/core/lib/iomgr/resolve_address_posix.h +15 -0
- data/src/core/lib/iomgr/resolve_address_windows.cc +22 -45
- data/src/core/lib/iomgr/resolve_address_windows.h +15 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/socket_utils_posix.cc +22 -11
- data/src/core/lib/iomgr/socket_utils_posix.h +12 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +8 -9
- data/src/core/lib/iomgr/tcp_client_posix.cc +25 -21
- data/src/core/lib/iomgr/tcp_client_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +72 -43
- data/src/core/lib/iomgr/tcp_posix.h +10 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +9 -1
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +1 -4
- data/src/core/lib/iomgr/tcp_server_windows.cc +41 -18
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +10 -2
- data/src/core/lib/promise/all_ok.h +31 -0
- data/src/core/lib/promise/detail/promise_like.h +24 -0
- data/src/core/lib/promise/detail/seq_state.h +741 -0
- data/src/core/lib/promise/loop.h +8 -5
- data/src/core/lib/promise/map.h +82 -2
- data/src/core/lib/promise/party.h +5 -1
- data/src/core/lib/promise/poll.h +22 -20
- data/src/core/lib/promise/promise.h +4 -2
- data/src/core/lib/promise/seq.h +2 -0
- data/src/core/lib/promise/sleep.cc +6 -3
- data/src/core/lib/promise/status_flag.h +23 -11
- data/src/core/lib/promise/try_seq.h +2 -0
- data/src/core/lib/resource_quota/memory_quota.cc +9 -0
- data/src/core/lib/resource_quota/memory_quota.h +1 -3
- data/src/core/lib/security/authorization/evaluate_args.cc +1 -1
- data/src/core/lib/security/authorization/evaluate_args.h +1 -1
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +1 -1
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +1 -1
- data/src/core/lib/slice/slice.h +6 -0
- data/src/core/lib/slice/slice_buffer.h +6 -0
- data/src/core/lib/surface/call.cc +24 -18
- data/src/core/lib/surface/call_utils.cc +3 -3
- data/src/core/lib/surface/call_utils.h +3 -3
- data/src/core/lib/surface/channel.h +2 -2
- data/src/core/lib/surface/channel_create.cc +61 -1
- data/src/core/lib/surface/channel_init.h +2 -2
- data/src/core/lib/surface/completion_queue.cc +77 -17
- data/src/core/lib/surface/filter_stack_call.cc +40 -27
- data/src/core/lib/surface/filter_stack_call.h +1 -1
- data/src/core/lib/surface/init.cc +4 -5
- data/src/core/lib/surface/lame_client.cc +1 -1
- data/src/core/lib/surface/legacy_channel.cc +27 -23
- data/src/core/lib/surface/legacy_channel.h +1 -1
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/error_utils.cc +65 -11
- data/src/core/lib/transport/error_utils.h +2 -2
- data/src/core/lib/transport/status_conversion.cc +11 -36
- data/src/core/lib/transport/status_conversion.h +5 -4
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +8 -5
- data/src/core/lib/transport/transport_op_string.cc +1 -1
- data/src/core/load_balancing/backend_metric_parser.cc +12 -18
- data/src/core/load_balancing/delegating_helper.h +1 -1
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +1 -1
- data/src/core/load_balancing/grpclb/grpclb.cc +3 -4
- data/src/core/load_balancing/health_check_client.cc +2 -4
- data/src/core/load_balancing/oob_backend_metric.cc +2 -4
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +3 -958
- data/src/core/load_balancing/rls/rls.cc +37 -42
- data/src/core/load_balancing/round_robin/round_robin.cc +2 -3
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +4 -4
- data/src/core/load_balancing/weighted_target/weighted_target.cc +4 -10
- data/src/core/load_balancing/xds/cds.cc +3 -10
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +1 -1
- data/src/core/load_balancing/xds/xds_override_host.cc +55 -34
- data/src/core/plugin_registry/grpc_plugin_registry.cc +4 -0
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +0 -2
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +1 -3
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +4 -0
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +1 -1
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/resolver/xds/xds_dependency_manager.cc +8 -3
- data/src/core/resolver/xds/xds_resolver.cc +4 -3
- data/src/core/server/add_port.cc +87 -0
- data/src/core/server/server.cc +55 -57
- data/src/core/server/server.h +4 -6
- data/src/core/server/server_call_tracer_filter.cc +1 -1
- data/src/core/server/server_config_selector.h +1 -1
- data/src/core/server/server_config_selector_filter.cc +1 -1
- data/src/core/server/xds_server_config_fetcher.cc +5 -5
- data/src/core/service_config/service_config_channel_arg_filter.cc +1 -1
- data/src/core/telemetry/call_tracer.cc +4 -6
- data/src/core/telemetry/call_tracer.h +4 -4
- data/src/core/{ext/transport/chttp2/transport → telemetry}/context_list_entry.h +6 -6
- data/src/core/telemetry/default_tcp_tracer.cc +26 -0
- data/src/core/telemetry/default_tcp_tracer.h +44 -0
- data/src/core/telemetry/metrics.cc +30 -12
- data/src/core/telemetry/metrics.h +15 -3
- data/src/core/telemetry/stats.h +0 -5
- data/src/core/telemetry/stats_data.cc +400 -285
- data/src/core/telemetry/stats_data.h +279 -143
- data/src/core/telemetry/tcp_tracer.cc +38 -0
- data/src/core/telemetry/tcp_tracer.h +103 -99
- data/src/core/{lib/security/context/security_context.cc → transport/auth_context.cc} +1 -97
- data/src/core/{lib/security/context/security_context.h → transport/auth_context.h} +5 -76
- data/src/core/transport/endpoint_transport.h +90 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.cc +61 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.h +57 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +33 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +3 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +76 -22
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -3
- data/src/core/tsi/ssl_transport_security.cc +190 -72
- data/src/core/tsi/ssl_transport_security.h +6 -1
- data/src/core/tsi/transport_security.h +3 -0
- data/src/core/tsi/transport_security_grpc.h +7 -3
- data/src/core/tsi/transport_security_interface.h +30 -25
- data/src/core/util/backoff.cc +7 -14
- data/src/core/util/backoff.h +0 -1
- data/src/core/util/check_class_size.h +48 -0
- data/src/core/util/dual_ref_counted.h +48 -0
- data/src/core/util/function_signature.h +66 -0
- data/src/core/util/gcp_metadata_query.cc +4 -3
- data/src/core/util/http_client/httpcli.cc +3 -3
- data/src/core/util/http_client/httpcli_security_connector.cc +5 -4
- data/src/core/util/json/json_object_loader.h +3 -3
- data/src/core/util/latent_see.cc +28 -2
- data/src/core/util/latent_see.h +11 -23
- data/src/core/util/linux/env.cc +3 -1
- data/src/core/util/load_file.cc +26 -14
- data/src/core/util/ref_counted_ptr.h +26 -0
- data/src/core/util/shared_bit_gen.cc +21 -0
- data/src/core/util/shared_bit_gen.h +44 -0
- data/src/core/util/single_set_ptr.h +35 -4
- data/src/core/util/status_helper.cc +86 -63
- data/src/core/util/status_helper.h +9 -26
- data/src/core/util/uri.cc +75 -17
- data/src/core/util/uri.h +13 -8
- data/src/core/xds/grpc/certificate_provider_store.cc +1 -1
- data/src/core/xds/grpc/certificate_provider_store.h +3 -3
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +3 -3
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.h +1 -1
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +10 -7
- data/src/core/xds/grpc/xds_certificate_provider.cc +1 -1
- data/src/core/xds/grpc/xds_certificate_provider.h +2 -2
- data/src/core/xds/grpc/xds_client_grpc.cc +7 -6
- data/src/core/xds/grpc/xds_client_grpc.h +4 -2
- data/src/core/xds/grpc/xds_cluster.h +3 -3
- data/src/core/xds/grpc/xds_cluster_parser.cc +3 -2
- data/src/core/xds/grpc/xds_common_types_parser.cc +1 -9
- data/src/core/xds/grpc/xds_http_fault_filter.cc +1 -1
- data/src/core/xds/grpc/xds_http_filter.h +1 -1
- data/src/core/xds/grpc/xds_http_filter_registry.cc +1 -3
- data/src/core/xds/grpc/xds_http_filter_registry.h +1 -1
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +10 -17
- data/src/core/xds/grpc/xds_metadata_parser.cc +40 -64
- data/src/core/xds/grpc/xds_metadata_parser.h +0 -2
- data/src/core/xds/grpc/xds_route_config.h +1 -1
- data/src/core/xds/grpc/xds_route_config_parser.cc +56 -78
- data/src/core/xds/grpc/xds_route_config_parser.h +1 -1
- data/src/core/xds/grpc/xds_routing.h +1 -1
- data/src/core/xds/grpc/xds_server_grpc.cc +60 -48
- data/src/core/xds/grpc/xds_server_grpc.h +23 -13
- data/src/core/xds/grpc/xds_server_grpc_interface.h +2 -2
- data/src/core/xds/grpc/xds_transport_grpc.cc +5 -5
- data/src/core/xds/grpc/xds_transport_grpc.h +5 -3
- data/src/core/xds/xds_client/lrs_client.cc +6 -5
- data/src/core/xds/xds_client/lrs_client.h +7 -7
- data/src/core/xds/xds_client/xds_bootstrap.h +16 -1
- data/src/core/xds/xds_client/xds_client.cc +26 -24
- data/src/core/xds/xds_client/xds_client.h +3 -1
- data/src/core/xds/xds_client/xds_resource_type.h +1 -2
- data/src/core/xds/xds_client/xds_transport.h +1 -1
- data/src/ruby/ext/grpc/extconf.rb +2 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +2 -6
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +2 -2
- data/third_party/abseil-cpp/absl/algorithm/container.h +79 -48
- data/third_party/abseil-cpp/absl/base/attributes.h +66 -16
- data/third_party/abseil-cpp/absl/base/call_once.h +8 -5
- data/third_party/abseil-cpp/absl/base/config.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +17 -56
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +14 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +5 -1
- data/third_party/abseil-cpp/absl/base/internal/tracing.cc +39 -0
- data/third_party/abseil-cpp/absl/base/internal/tracing.h +81 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -10
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +12 -0
- data/third_party/abseil-cpp/absl/base/macros.h +35 -4
- data/third_party/abseil-cpp/absl/base/nullability.h +72 -16
- data/third_party/abseil-cpp/absl/base/optimization.h +8 -12
- data/third_party/abseil-cpp/absl/base/options.h +5 -2
- data/third_party/abseil-cpp/absl/base/policy_checks.h +2 -0
- data/third_party/abseil-cpp/absl/container/btree_map.h +889 -0
- data/third_party/abseil-cpp/absl/container/btree_set.h +824 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +2 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +17 -3
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +17 -3
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +2 -1
- data/third_party/abseil-cpp/absl/container/internal/btree.h +3046 -0
- data/third_party/abseil-cpp/absl/container/internal/btree_container.h +763 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +9 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +4 -2
- data/third_party/abseil-cpp/absl/container/internal/layout.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +142 -114
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +397 -231
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +56 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +21 -7
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +4 -2
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +17 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +7 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +9 -6
- data/third_party/abseil-cpp/absl/debugging/leak_check.cc +73 -0
- data/third_party/abseil-cpp/absl/debugging/leak_check.h +150 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +3 -2
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +48 -9
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +1 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +7 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +14 -12
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +12 -4
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -5
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +4 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +3 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +13 -12
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +9 -4
- data/third_party/abseil-cpp/absl/hash/hash.h +26 -2
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +17 -17
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +196 -91
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +2 -4
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +27 -22
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +102 -80
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +90 -38
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +80 -48
- data/third_party/abseil-cpp/absl/log/internal/proto.cc +0 -3
- data/third_party/abseil-cpp/absl/log/internal/proto.h +25 -15
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.cc +115 -0
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.h +107 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.cc +8 -1
- data/third_party/abseil-cpp/absl/log/log_sink_registry.h +5 -2
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +16 -6
- data/third_party/abseil-cpp/absl/numeric/int128.h +15 -3
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +6 -4
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +6 -3
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +2 -1
- data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +10 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.h +4 -2
- data/third_party/abseil-cpp/absl/random/exponential_distribution.h +1 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +3 -1
- data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +5 -2
- data/third_party/abseil-cpp/absl/random/internal/platform.h +12 -12
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +56 -5
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +2 -2
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +0 -1
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +1 -4
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +4 -3
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +2 -3
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +1 -2
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +2 -0
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +5 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.cc +8 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +1 -1
- data/third_party/abseil-cpp/absl/status/status.h +1 -1
- data/third_party/abseil-cpp/absl/strings/ascii.cc +41 -26
- data/third_party/abseil-cpp/absl/strings/ascii.h +48 -8
- data/third_party/abseil-cpp/absl/strings/charconv.cc +4 -7
- data/third_party/abseil-cpp/absl/strings/charset.h +3 -4
- data/third_party/abseil-cpp/absl/strings/cord.h +5 -19
- data/third_party/abseil-cpp/absl/strings/escaping.cc +56 -48
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +48 -15
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +35 -0
- data/third_party/abseil-cpp/absl/strings/match.h +21 -11
- data/third_party/abseil-cpp/absl/strings/numbers.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/str_cat.h +11 -0
- data/third_party/abseil-cpp/absl/strings/str_split.h +18 -1
- data/third_party/abseil-cpp/absl/strings/string_view.h +20 -19
- data/third_party/abseil-cpp/absl/strings/strip.h +11 -8
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +16 -10
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +6 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -1
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +38 -12
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +10 -2
- data/third_party/abseil-cpp/absl/synchronization/notification.h +11 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +6 -51
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +3 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -4
- data/third_party/abseil-cpp/absl/time/time.h +84 -23
- data/third_party/abseil-cpp/absl/types/internal/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/optional.h +4 -2
- data/third_party/abseil-cpp/absl/types/span.h +85 -43
- data/third_party/boringssl-with-bazel/src/crypto/aes/aes.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +19 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +79 -48
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +11 -19
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +0 -35
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +31 -47
- data/third_party/boringssl-with-bazel/src/crypto/bn/div.cc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/exponentiation.cc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/sqrt.cc +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aeseax.cc +289 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +179 -102
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cms/cms.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +0 -1
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +28 -6
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +11 -9
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +1 -3
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +27 -61
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +112 -122
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +23 -35
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +47 -63
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +60 -68
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +23 -42
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +29 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +16 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +15 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +101 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +96 -187
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +24 -512
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +58 -80
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +29 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +27 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +7 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +27 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +102 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +1 -78
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +40 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +57 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +4 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +37 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +28 -39
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/fips_known_values.inc +1345 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +335 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/fips_known_values.inc +411 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +265 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +19 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +121 -138
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +96 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +8 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fips_known_values.inc +674 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +235 -60
- data/third_party/boringssl-with-bazel/src/crypto/fuzzer_mode.cc +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +59 -33
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +8 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +19 -17
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +134 -136
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +25 -21
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +36 -52
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +97 -79
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/{sysrand_internal.h → internal.h} +22 -4
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +15 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +16 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +10 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +10 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +64 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +16 -32
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +576 -567
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +16 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -25
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -54
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cms.h +146 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +23 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +10 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +291 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +0 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +32 -26
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +49 -49
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +256 -57
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +12 -12
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +7 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +3 -2
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +25 -33
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +106 -10
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +18 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +85 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +173 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +5 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +28 -15
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +31 -7
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +14 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +7 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +14 -12
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +2 -5
- data/third_party/upb/upb/base/internal/log2.h +3 -1
- data/third_party/upb/upb/base/string_view.h +10 -0
- data/third_party/upb/upb/hash/common.c +312 -187
- data/third_party/upb/upb/hash/common.h +44 -43
- data/third_party/upb/upb/hash/int_table.h +29 -5
- data/third_party/upb/upb/hash/str_table.h +6 -0
- data/third_party/upb/upb/json/decode.c +2 -2
- data/third_party/upb/upb/json/decode.h +0 -1
- data/third_party/upb/upb/mem/alloc.h +5 -0
- data/third_party/upb/upb/mem/arena.c +437 -160
- data/third_party/upb/upb/mem/arena.h +57 -11
- data/third_party/upb/upb/mem/arena.hpp +4 -20
- data/third_party/upb/upb/mem/internal/arena.h +65 -29
- data/third_party/upb/upb/message/accessors.c +1 -5
- data/third_party/upb/upb/message/accessors.h +41 -0
- data/third_party/upb/upb/message/array.c +7 -6
- data/third_party/upb/upb/message/array.h +4 -4
- data/third_party/upb/upb/message/compat.c +11 -14
- data/third_party/upb/upb/message/compat.h +4 -3
- data/third_party/upb/upb/message/copy.c +35 -30
- data/third_party/upb/upb/message/internal/accessors.h +142 -13
- data/third_party/upb/upb/message/internal/extension.c +16 -25
- data/third_party/upb/upb/message/internal/extension.h +17 -5
- data/third_party/upb/upb/message/internal/iterator.c +58 -0
- data/third_party/upb/upb/message/internal/iterator.h +29 -0
- data/third_party/upb/upb/message/internal/map.h +76 -22
- data/third_party/upb/upb/message/internal/map_sorter.h +13 -4
- data/third_party/upb/upb/message/internal/message.c +48 -29
- data/third_party/upb/upb/message/internal/message.h +203 -25
- data/third_party/upb/upb/message/map.c +68 -20
- data/third_party/upb/upb/message/map.h +8 -1
- data/third_party/upb/upb/message/map_gencode_util.h +3 -45
- data/third_party/upb/upb/message/map_sorter.c +52 -16
- data/third_party/upb/upb/message/merge.h +3 -3
- data/third_party/upb/upb/message/message.c +200 -42
- data/third_party/upb/upb/message/message.h +69 -4
- data/third_party/upb/upb/message/value.h +9 -0
- data/third_party/upb/upb/mini_descriptor/build_enum.c +16 -6
- data/third_party/upb/upb/mini_descriptor/decode.c +115 -138
- data/third_party/upb/upb/mini_descriptor/decode.h +4 -3
- data/third_party/upb/upb/mini_descriptor/internal/encode.hpp +1 -1
- data/third_party/upb/upb/mini_descriptor/link.c +4 -0
- data/third_party/upb/upb/mini_table/extension.h +8 -1
- data/third_party/upb/upb/mini_table/extension_registry.c +25 -13
- data/third_party/upb/upb/mini_table/extension_registry.h +13 -6
- data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
- data/third_party/upb/upb/mini_table/internal/extension.h +24 -1
- data/third_party/upb/upb/mini_table/internal/field.h +4 -4
- data/third_party/upb/upb/mini_table/internal/message.h +1 -1
- data/third_party/upb/upb/mini_table/message.c +21 -13
- data/third_party/upb/upb/port/atomic.h +134 -7
- data/third_party/upb/upb/port/def.inc +163 -45
- data/third_party/upb/upb/port/undef.inc +12 -1
- data/third_party/upb/upb/reflection/def.hpp +5 -1
- data/third_party/upb/upb/reflection/def_pool.c +10 -3
- data/third_party/upb/upb/reflection/def_pool.h +2 -2
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +4 -4
- data/third_party/upb/upb/reflection/enum_def.c +4 -4
- data/third_party/upb/upb/reflection/enum_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/enum_value_def.c +9 -8
- data/third_party/upb/upb/reflection/extension_range.c +1 -2
- data/third_party/upb/upb/reflection/field_def.c +3 -5
- data/third_party/upb/upb/reflection/field_def.h +1 -1
- data/third_party/upb/upb/reflection/file_def.c +16 -10
- data/third_party/upb/upb/reflection/internal/def_builder.c +1 -1
- data/third_party/upb/upb/reflection/internal/def_builder.h +35 -10
- data/third_party/upb/upb/reflection/internal/enum_value_def.h +1 -1
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message.c +19 -16
- data/third_party/upb/upb/reflection/message.h +3 -1
- data/third_party/upb/upb/reflection/message_def.c +4 -7
- data/third_party/upb/upb/reflection/message_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/method_def.c +1 -1
- data/third_party/upb/upb/reflection/oneof_def.c +3 -3
- data/third_party/upb/upb/reflection/service_def.c +2 -5
- data/third_party/upb/upb/text/encode.c +17 -13
- data/third_party/upb/upb/text/internal/encode.c +25 -6
- data/third_party/upb/upb/text/internal/encode.h +6 -1
- data/third_party/upb/upb/wire/decode.c +154 -107
- data/third_party/upb/upb/wire/decode.h +4 -2
- data/third_party/upb/upb/wire/encode.c +114 -55
- data/third_party/upb/upb/wire/encode.h +2 -0
- data/third_party/upb/upb/wire/eps_copy_input_stream.h +18 -20
- data/third_party/upb/upb/wire/internal/decode_fast.c +2 -2
- data/third_party/upb/upb/wire/internal/decode_fast.h +4 -0
- data/third_party/upb/upb/wire/internal/decoder.h +4 -11
- data/third_party/utf8_range/utf8_range.c +15 -275
- data/third_party/utf8_range/utf8_range_neon.inc +117 -0
- data/third_party/utf8_range/utf8_range_sse.inc +272 -0
- data/third_party/zlib/deflate.c +40 -15
- data/third_party/zlib/deflate.h +33 -2
- data/third_party/zlib/gzguts.h +2 -6
- data/third_party/zlib/inflate.c +1 -1
- data/third_party/zlib/inftrees.c +3 -3
- data/third_party/zlib/inftrees.h +2 -2
- data/third_party/zlib/trees.c +18 -4
- data/third_party/zlib/zconf.h +1 -9
- data/third_party/zlib/zlib.h +12 -12
- data/third_party/zlib/zutil.h +4 -25
- metadata +196 -150
- data/include/grpc/grpc_cronet.h +0 -37
- data/src/core/lib/iomgr/executor.cc +0 -441
- data/src/core/lib/iomgr/executor.h +0 -119
- data/src/core/lib/transport/http2_errors.h +0 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +0 -89
- data/third_party/upb/upb/message/internal/compare_unknown.c +0 -289
- data/third_party/upb/upb/message/internal/compare_unknown.h +0 -49
|
@@ -32,6 +32,7 @@
|
|
|
32
32
|
#include <atomic>
|
|
33
33
|
#include <memory>
|
|
34
34
|
#include <optional>
|
|
35
|
+
#include <regex>
|
|
35
36
|
#include <utility>
|
|
36
37
|
|
|
37
38
|
#include "absl/base/thread_annotations.h"
|
|
@@ -40,9 +41,11 @@
|
|
|
40
41
|
#include "absl/status/status.h"
|
|
41
42
|
#include "absl/strings/string_view.h"
|
|
42
43
|
#include "src/core/lib/debug/trace.h"
|
|
44
|
+
#include "src/core/lib/experiments/experiments.h"
|
|
43
45
|
#include "src/core/lib/iomgr/closure.h"
|
|
44
46
|
#include "src/core/lib/iomgr/endpoint.h"
|
|
45
47
|
#include "src/core/lib/iomgr/error.h"
|
|
48
|
+
#include "src/core/lib/iomgr/event_engine_shims/endpoint.h"
|
|
46
49
|
#include "src/core/lib/iomgr/exec_ctx.h"
|
|
47
50
|
#include "src/core/lib/iomgr/iomgr_fwd.h"
|
|
48
51
|
#include "src/core/lib/resource_quota/api.h"
|
|
@@ -63,206 +66,133 @@
|
|
|
63
66
|
static void on_read(void* user_data, grpc_error_handle error);
|
|
64
67
|
static void on_write(void* user_data, grpc_error_handle error);
|
|
65
68
|
|
|
69
|
+
namespace grpc_core {
|
|
66
70
|
namespace {
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
71
|
+
class FrameProtector : public RefCounted<FrameProtector> {
|
|
72
|
+
public:
|
|
73
|
+
FrameProtector(tsi_frame_protector* protector,
|
|
74
|
+
tsi_zero_copy_grpc_protector* zero_copy_protector,
|
|
75
|
+
grpc_slice* leftover_slices, size_t leftover_nslices,
|
|
76
|
+
const ChannelArgs& args)
|
|
77
|
+
: protector_(protector),
|
|
78
|
+
zero_copy_protector_(zero_copy_protector),
|
|
79
|
+
memory_owner_(args.GetObject<ResourceQuota>()
|
|
80
|
+
->memory_quota()
|
|
81
|
+
->CreateMemoryOwner()),
|
|
82
|
+
self_reservation_(memory_owner_.MakeReservation(sizeof(*this))) {
|
|
83
|
+
GRPC_TRACE_LOG(secure_endpoint, INFO)
|
|
84
|
+
<< "FrameProtector: " << this << " protector: " << protector_
|
|
85
|
+
<< " zero_copy_protector: " << zero_copy_protector_
|
|
86
|
+
<< " leftover_nslices: " << leftover_nslices;
|
|
87
|
+
if (leftover_nslices > 0) {
|
|
88
|
+
leftover_bytes_ = std::make_unique<SliceBuffer>();
|
|
89
|
+
for (size_t i = 0; i < leftover_nslices; i++) {
|
|
90
|
+
leftover_bytes_->Append(Slice(CSliceRef(leftover_slices[i])));
|
|
91
|
+
}
|
|
87
92
|
}
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
->CreateMemoryOwner();
|
|
92
|
-
self_reservation = memory_owner.MakeReservation(sizeof(*this));
|
|
93
|
-
if (zero_copy_protector) {
|
|
94
|
-
read_staging_buffer = grpc_empty_slice();
|
|
95
|
-
write_staging_buffer = grpc_empty_slice();
|
|
93
|
+
if (zero_copy_protector_ != nullptr) {
|
|
94
|
+
read_staging_buffer_ = grpc_empty_slice();
|
|
95
|
+
write_staging_buffer_ = grpc_empty_slice();
|
|
96
96
|
} else {
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
97
|
+
read_staging_buffer_ =
|
|
98
|
+
memory_owner_.MakeSlice(MemoryRequest(STAGING_BUFFER_SIZE));
|
|
99
|
+
write_staging_buffer_ =
|
|
100
|
+
memory_owner_.MakeSlice(MemoryRequest(STAGING_BUFFER_SIZE));
|
|
101
101
|
}
|
|
102
|
-
has_posted_reclaimer.store(false, std::memory_order_relaxed);
|
|
103
|
-
min_progress_size = 1;
|
|
104
|
-
grpc_slice_buffer_init(&protector_staging_buffer);
|
|
105
|
-
gpr_ref_init(&ref, 1);
|
|
106
102
|
}
|
|
107
103
|
|
|
108
|
-
~
|
|
109
|
-
tsi_frame_protector_destroy(
|
|
110
|
-
tsi_zero_copy_grpc_protector_destroy(
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
grpc_core::CSliceUnref(read_staging_buffer);
|
|
114
|
-
grpc_core::CSliceUnref(write_staging_buffer);
|
|
115
|
-
grpc_slice_buffer_destroy(&output_buffer);
|
|
116
|
-
grpc_slice_buffer_destroy(&protector_staging_buffer);
|
|
117
|
-
gpr_mu_destroy(&protector_mu);
|
|
104
|
+
~FrameProtector() override {
|
|
105
|
+
tsi_frame_protector_destroy(protector_);
|
|
106
|
+
tsi_zero_copy_grpc_protector_destroy(zero_copy_protector_);
|
|
107
|
+
CSliceUnref(read_staging_buffer_);
|
|
108
|
+
CSliceUnref(write_staging_buffer_);
|
|
118
109
|
}
|
|
119
110
|
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
struct tsi_zero_copy_grpc_protector* zero_copy_protector;
|
|
123
|
-
gpr_mu protector_mu;
|
|
124
|
-
grpc_core::Mutex read_mu;
|
|
125
|
-
grpc_core::Mutex write_mu;
|
|
126
|
-
// saved upper level callbacks and user_data.
|
|
127
|
-
grpc_closure* read_cb = nullptr;
|
|
128
|
-
grpc_closure* write_cb = nullptr;
|
|
129
|
-
grpc_closure on_read;
|
|
130
|
-
grpc_closure on_write;
|
|
131
|
-
grpc_slice_buffer* read_buffer = nullptr;
|
|
132
|
-
grpc_slice_buffer source_buffer;
|
|
133
|
-
// saved handshaker leftover data to unprotect.
|
|
134
|
-
grpc_slice_buffer leftover_bytes;
|
|
135
|
-
// buffers for read and write
|
|
136
|
-
grpc_slice read_staging_buffer ABSL_GUARDED_BY(read_mu);
|
|
137
|
-
grpc_slice write_staging_buffer ABSL_GUARDED_BY(write_mu);
|
|
138
|
-
grpc_slice_buffer output_buffer;
|
|
139
|
-
grpc_core::MemoryOwner memory_owner;
|
|
140
|
-
grpc_core::MemoryAllocator::Reservation self_reservation;
|
|
141
|
-
std::atomic<bool> has_posted_reclaimer;
|
|
142
|
-
int min_progress_size;
|
|
143
|
-
grpc_slice_buffer protector_staging_buffer;
|
|
144
|
-
gpr_refcount ref;
|
|
145
|
-
};
|
|
146
|
-
} // namespace
|
|
147
|
-
|
|
148
|
-
static void destroy(secure_endpoint* ep) { delete ep; }
|
|
111
|
+
Mutex* read_mu() ABSL_LOCK_RETURNED(read_mu_) { return &read_mu_; }
|
|
112
|
+
Mutex* write_mu() ABSL_LOCK_RETURNED(write_mu_) { return &write_mu_; }
|
|
149
113
|
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
gpr_atm val = gpr_atm_no_barrier_load(&ep->ref.count);
|
|
171
|
-
VLOG(2).AtLocation(file, line) << "SECENDP ref " << ep << " : " << reason
|
|
172
|
-
<< " " << val << " -> " << val + 1;
|
|
173
|
-
}
|
|
174
|
-
gpr_ref(&ep->ref);
|
|
175
|
-
}
|
|
176
|
-
#else
|
|
177
|
-
#define SECURE_ENDPOINT_UNREF(ep, reason) secure_endpoint_unref((ep))
|
|
178
|
-
#define SECURE_ENDPOINT_REF(ep, reason) secure_endpoint_ref((ep))
|
|
179
|
-
static void secure_endpoint_unref(secure_endpoint* ep) {
|
|
180
|
-
if (gpr_unref(&ep->ref)) {
|
|
181
|
-
destroy(ep);
|
|
114
|
+
void TraceOp(absl::string_view op, grpc_slice_buffer* slices) {
|
|
115
|
+
if (GRPC_TRACE_FLAG_ENABLED(secure_endpoint)) {
|
|
116
|
+
size_t i;
|
|
117
|
+
if (slices->length < 64) {
|
|
118
|
+
for (i = 0; i < slices->count; i++) {
|
|
119
|
+
char* data =
|
|
120
|
+
grpc_dump_slice(slices->slices[i], GPR_DUMP_HEX | GPR_DUMP_ASCII);
|
|
121
|
+
LOG(INFO) << op << " " << this << ": " << data;
|
|
122
|
+
gpr_free(data);
|
|
123
|
+
}
|
|
124
|
+
} else {
|
|
125
|
+
grpc_slice first = GRPC_SLICE_MALLOC(64);
|
|
126
|
+
grpc_slice_buffer_copy_first_into_buffer(slices, 64,
|
|
127
|
+
GRPC_SLICE_START_PTR(first));
|
|
128
|
+
char* data = grpc_dump_slice(first, GPR_DUMP_HEX | GPR_DUMP_ASCII);
|
|
129
|
+
LOG(INFO) << op << " first:" << this << ": " << data;
|
|
130
|
+
gpr_free(data);
|
|
131
|
+
CSliceUnref(first);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
182
134
|
}
|
|
183
|
-
}
|
|
184
135
|
|
|
185
|
-
|
|
186
|
-
|
|
136
|
+
void MaybePostReclaimer() {
|
|
137
|
+
if (!has_posted_reclaimer_.exchange(true, std::memory_order_relaxed)) {
|
|
138
|
+
memory_owner_.PostReclaimer(
|
|
139
|
+
ReclamationPass::kBenign,
|
|
140
|
+
[self = Ref()](std::optional<ReclamationSweep> sweep) {
|
|
141
|
+
if (sweep.has_value()) {
|
|
142
|
+
GRPC_TRACE_LOG(resource_quota, INFO)
|
|
143
|
+
<< "secure endpoint: benign reclamation to free memory";
|
|
144
|
+
grpc_slice temp_read_slice;
|
|
145
|
+
grpc_slice temp_write_slice;
|
|
187
146
|
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
ep->memory_owner.PostReclaimer(
|
|
193
|
-
grpc_core::ReclamationPass::kBenign,
|
|
194
|
-
[ep](std::optional<grpc_core::ReclamationSweep> sweep) {
|
|
195
|
-
if (sweep.has_value()) {
|
|
196
|
-
GRPC_TRACE_LOG(resource_quota, INFO)
|
|
197
|
-
<< "secure endpoint: benign reclamation to free memory";
|
|
198
|
-
grpc_slice temp_read_slice;
|
|
199
|
-
grpc_slice temp_write_slice;
|
|
200
|
-
|
|
201
|
-
ep->read_mu.Lock();
|
|
202
|
-
temp_read_slice = ep->read_staging_buffer;
|
|
203
|
-
ep->read_staging_buffer = grpc_empty_slice();
|
|
204
|
-
ep->read_mu.Unlock();
|
|
205
|
-
|
|
206
|
-
ep->write_mu.Lock();
|
|
207
|
-
temp_write_slice = ep->write_staging_buffer;
|
|
208
|
-
ep->write_staging_buffer = grpc_empty_slice();
|
|
209
|
-
ep->write_mu.Unlock();
|
|
210
|
-
|
|
211
|
-
grpc_core::CSliceUnref(temp_read_slice);
|
|
212
|
-
grpc_core::CSliceUnref(temp_write_slice);
|
|
213
|
-
ep->has_posted_reclaimer.exchange(false, std::memory_order_relaxed);
|
|
214
|
-
}
|
|
215
|
-
SECURE_ENDPOINT_UNREF(ep, "benign_reclaimer");
|
|
216
|
-
});
|
|
217
|
-
}
|
|
218
|
-
}
|
|
147
|
+
self->read_mu_.Lock();
|
|
148
|
+
temp_read_slice =
|
|
149
|
+
std::exchange(self->read_staging_buffer_, grpc_empty_slice());
|
|
150
|
+
self->read_mu_.Unlock();
|
|
219
151
|
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
ep->read_staging_buffer =
|
|
225
|
-
ep->memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
|
|
226
|
-
*cur = GRPC_SLICE_START_PTR(ep->read_staging_buffer);
|
|
227
|
-
*end = GRPC_SLICE_END_PTR(ep->read_staging_buffer);
|
|
228
|
-
}
|
|
152
|
+
self->write_mu_.Lock();
|
|
153
|
+
temp_write_slice = std::exchange(self->write_staging_buffer_,
|
|
154
|
+
grpc_empty_slice());
|
|
155
|
+
self->write_mu_.Unlock();
|
|
229
156
|
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
VLOG(2) << "READ " << ep << ": " << data;
|
|
237
|
-
gpr_free(data);
|
|
157
|
+
CSliceUnref(temp_read_slice);
|
|
158
|
+
CSliceUnref(temp_write_slice);
|
|
159
|
+
self->has_posted_reclaimer_.store(false,
|
|
160
|
+
std::memory_order_relaxed);
|
|
161
|
+
}
|
|
162
|
+
});
|
|
238
163
|
}
|
|
239
164
|
}
|
|
240
|
-
ep->read_buffer = nullptr;
|
|
241
|
-
grpc_core::ExecCtx::Run(DEBUG_LOCATION, ep->read_cb, error);
|
|
242
|
-
SECURE_ENDPOINT_UNREF(ep, "read");
|
|
243
|
-
}
|
|
244
165
|
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
166
|
+
void FlushReadStagingBuffer(uint8_t** cur, uint8_t** end)
|
|
167
|
+
ABSL_EXCLUSIVE_LOCKS_REQUIRED(read_mu_) {
|
|
168
|
+
grpc_slice_buffer_add_indexed(read_buffer_, read_staging_buffer_);
|
|
169
|
+
read_staging_buffer_ =
|
|
170
|
+
memory_owner_.MakeSlice(MemoryRequest(STAGING_BUFFER_SIZE));
|
|
171
|
+
*cur = GRPC_SLICE_START_PTR(read_staging_buffer_);
|
|
172
|
+
*end = GRPC_SLICE_END_PTR(read_staging_buffer_);
|
|
173
|
+
}
|
|
250
174
|
|
|
251
|
-
{
|
|
252
|
-
|
|
175
|
+
void FinishRead(bool ok) {
|
|
176
|
+
TraceOp("FinishRead", read_buffer_);
|
|
177
|
+
// TODO(yangg) experiment with moving this block after read_cb to see if it
|
|
178
|
+
// helps latency
|
|
179
|
+
source_buffer_.Clear();
|
|
180
|
+
if (!ok) grpc_slice_buffer_reset_and_unref(read_buffer_);
|
|
181
|
+
read_buffer_ = nullptr;
|
|
182
|
+
}
|
|
253
183
|
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
184
|
+
absl::Status Unprotect(absl::Status read_status)
|
|
185
|
+
ABSL_EXCLUSIVE_LOCKS_REQUIRED(read_mu_) {
|
|
186
|
+
GRPC_LATENT_SEE_INNER_SCOPE("unprotect");
|
|
187
|
+
bool keep_looping = false;
|
|
188
|
+
tsi_result result = TSI_OK;
|
|
259
189
|
|
|
260
|
-
uint8_t* cur = GRPC_SLICE_START_PTR(
|
|
261
|
-
uint8_t* end = GRPC_SLICE_END_PTR(
|
|
190
|
+
uint8_t* cur = GRPC_SLICE_START_PTR(read_staging_buffer_);
|
|
191
|
+
uint8_t* end = GRPC_SLICE_END_PTR(read_staging_buffer_);
|
|
262
192
|
|
|
263
|
-
if (!
|
|
264
|
-
grpc_slice_buffer_reset_and_unref(
|
|
265
|
-
} else if (
|
|
193
|
+
if (!read_status.ok()) {
|
|
194
|
+
grpc_slice_buffer_reset_and_unref(read_buffer_);
|
|
195
|
+
} else if (zero_copy_protector_ != nullptr) {
|
|
266
196
|
// Use zero-copy grpc protector to unprotect.
|
|
267
197
|
int min_progress_size = 1;
|
|
268
198
|
// Get the size of the last frame which is not yet fully decrypted.
|
|
@@ -270,18 +200,18 @@ static void on_read(void* user_data, grpc_error_handle error) {
|
|
|
270
200
|
// passed to the TCP layer to indicate the minimum number of
|
|
271
201
|
// bytes that need to be read to make meaningful progress. This would
|
|
272
202
|
// avoid reading of small slices from the network.
|
|
273
|
-
// TODO(vigneshbabu): Set min_progress_size in the regular
|
|
274
|
-
// frame protector code path as well.
|
|
203
|
+
// TODO(vigneshbabu): Set min_progress_size in the regular
|
|
204
|
+
// (non-zero-copy) frame protector code path as well.
|
|
275
205
|
result = tsi_zero_copy_grpc_protector_unprotect(
|
|
276
|
-
|
|
206
|
+
zero_copy_protector_, source_buffer_.c_slice_buffer(), read_buffer_,
|
|
277
207
|
&min_progress_size);
|
|
278
208
|
min_progress_size = std::max(1, min_progress_size);
|
|
279
|
-
|
|
209
|
+
min_progress_size_ = result != TSI_OK ? 1 : min_progress_size;
|
|
280
210
|
} else {
|
|
281
211
|
// Use frame protector to unprotect.
|
|
282
212
|
// TODO(yangg) check error, maybe bail out early
|
|
283
|
-
for (i = 0; i <
|
|
284
|
-
grpc_slice encrypted =
|
|
213
|
+
for (size_t i = 0; i < source_buffer_.Count(); i++) {
|
|
214
|
+
grpc_slice encrypted = source_buffer_.c_slice_buffer()->slices[i];
|
|
285
215
|
uint8_t* message_bytes = GRPC_SLICE_START_PTR(encrypted);
|
|
286
216
|
size_t message_size = GRPC_SLICE_LENGTH(encrypted);
|
|
287
217
|
|
|
@@ -289,11 +219,17 @@ static void on_read(void* user_data, grpc_error_handle error) {
|
|
|
289
219
|
size_t unprotected_buffer_size_written =
|
|
290
220
|
static_cast<size_t>(end - cur);
|
|
291
221
|
size_t processed_message_size = message_size;
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
222
|
+
if (IsTsiFrameProtectorWithoutLocksEnabled()) {
|
|
223
|
+
result = tsi_frame_protector_unprotect(
|
|
224
|
+
protector_, message_bytes, &processed_message_size, cur,
|
|
225
|
+
&unprotected_buffer_size_written);
|
|
226
|
+
} else {
|
|
227
|
+
protector_mu_.Lock();
|
|
228
|
+
result = tsi_frame_protector_unprotect(
|
|
229
|
+
protector_, message_bytes, &processed_message_size, cur,
|
|
230
|
+
&unprotected_buffer_size_written);
|
|
231
|
+
protector_mu_.Unlock();
|
|
232
|
+
}
|
|
297
233
|
if (result != TSI_OK) {
|
|
298
234
|
LOG(ERROR) << "Decryption error: " << tsi_result_to_string(result);
|
|
299
235
|
break;
|
|
@@ -303,152 +239,128 @@ static void on_read(void* user_data, grpc_error_handle error) {
|
|
|
303
239
|
cur += unprotected_buffer_size_written;
|
|
304
240
|
|
|
305
241
|
if (cur == end) {
|
|
306
|
-
|
|
242
|
+
FlushReadStagingBuffer(&cur, &end);
|
|
307
243
|
// Force to enter the loop again to extract buffered bytes in
|
|
308
|
-
// protector. The bytes could be buffered because of running out
|
|
309
|
-
// staging_buffer. If this happens at the end of all slices,
|
|
310
|
-
// another unprotect avoids leaving data in the protector.
|
|
311
|
-
keep_looping =
|
|
244
|
+
// protector. The bytes could be buffered because of running out
|
|
245
|
+
// of staging_buffer. If this happens at the end of all slices,
|
|
246
|
+
// doing another unprotect avoids leaving data in the protector.
|
|
247
|
+
keep_looping = true;
|
|
312
248
|
} else if (unprotected_buffer_size_written > 0) {
|
|
313
|
-
keep_looping =
|
|
249
|
+
keep_looping = true;
|
|
314
250
|
} else {
|
|
315
|
-
keep_looping =
|
|
251
|
+
keep_looping = false;
|
|
316
252
|
}
|
|
317
253
|
}
|
|
318
254
|
if (result != TSI_OK) break;
|
|
319
255
|
}
|
|
320
256
|
|
|
321
|
-
if (cur != GRPC_SLICE_START_PTR(
|
|
257
|
+
if (cur != GRPC_SLICE_START_PTR(read_staging_buffer_)) {
|
|
322
258
|
grpc_slice_buffer_add(
|
|
323
|
-
|
|
259
|
+
read_buffer_,
|
|
324
260
|
grpc_slice_split_head(
|
|
325
|
-
&
|
|
261
|
+
&read_staging_buffer_,
|
|
326
262
|
static_cast<size_t>(
|
|
327
|
-
cur - GRPC_SLICE_START_PTR(
|
|
263
|
+
cur - GRPC_SLICE_START_PTR(read_staging_buffer_))));
|
|
328
264
|
}
|
|
329
265
|
}
|
|
330
|
-
}
|
|
331
266
|
|
|
332
|
-
|
|
333
|
-
|
|
334
|
-
|
|
335
|
-
|
|
336
|
-
}
|
|
267
|
+
if (read_status.ok() && result != TSI_OK) {
|
|
268
|
+
read_status = GRPC_ERROR_CREATE(
|
|
269
|
+
absl::StrCat("Unwrap failed (", tsi_result_to_string(result), ")"));
|
|
270
|
+
}
|
|
337
271
|
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
grpc_slice_buffer_reset_and_unref(&ep->source_buffer);
|
|
272
|
+
GRPC_TRACE_LOG(secure_endpoint, INFO)
|
|
273
|
+
<< "Unprotect: " << this << " read_status: " << read_status;
|
|
341
274
|
|
|
342
|
-
|
|
343
|
-
grpc_slice_buffer_reset_and_unref(ep->read_buffer);
|
|
344
|
-
call_read_cb(
|
|
345
|
-
ep, GRPC_ERROR_CREATE(absl::StrCat("Unwrap failed (",
|
|
346
|
-
tsi_result_to_string(result), ")")));
|
|
347
|
-
return;
|
|
275
|
+
return read_status;
|
|
348
276
|
}
|
|
349
277
|
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
grpc_closure* cb, bool urgent,
|
|
355
|
-
int /*min_progress_size*/) {
|
|
356
|
-
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
|
|
357
|
-
ep->read_cb = cb;
|
|
358
|
-
ep->read_buffer = slices;
|
|
359
|
-
grpc_slice_buffer_reset_and_unref(ep->read_buffer);
|
|
278
|
+
void BeginRead(grpc_slice_buffer* slices) {
|
|
279
|
+
read_buffer_ = slices;
|
|
280
|
+
grpc_slice_buffer_reset_and_unref(read_buffer_);
|
|
281
|
+
}
|
|
360
282
|
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
283
|
+
bool MaybeCompleteReadImmediately() {
|
|
284
|
+
GRPC_TRACE_LOG(secure_endpoint, INFO)
|
|
285
|
+
<< "MaybeCompleteReadImmediately: " << this
|
|
286
|
+
<< " leftover_bytes_: " << leftover_bytes_.get();
|
|
287
|
+
if (leftover_bytes_ != nullptr) {
|
|
288
|
+
grpc_slice_buffer_swap(leftover_bytes_->c_slice_buffer(),
|
|
289
|
+
source_buffer_.c_slice_buffer());
|
|
290
|
+
leftover_bytes_.reset();
|
|
291
|
+
return true;
|
|
292
|
+
}
|
|
293
|
+
return false;
|
|
367
294
|
}
|
|
368
295
|
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
}
|
|
296
|
+
grpc_event_engine::experimental::SliceBuffer* source_buffer() {
|
|
297
|
+
return &source_buffer_;
|
|
298
|
+
}
|
|
372
299
|
|
|
373
|
-
|
|
374
|
-
uint8_t** end)
|
|
375
|
-
ABSL_EXCLUSIVE_LOCKS_REQUIRED(ep->write_mu) {
|
|
376
|
-
grpc_slice_buffer_add_indexed(&ep->output_buffer, ep->write_staging_buffer);
|
|
377
|
-
ep->write_staging_buffer =
|
|
378
|
-
ep->memory_owner.MakeSlice(grpc_core::MemoryRequest(STAGING_BUFFER_SIZE));
|
|
379
|
-
*cur = GRPC_SLICE_START_PTR(ep->write_staging_buffer);
|
|
380
|
-
*end = GRPC_SLICE_END_PTR(ep->write_staging_buffer);
|
|
381
|
-
maybe_post_reclaimer(ep);
|
|
382
|
-
}
|
|
300
|
+
int min_progress_size() const { return min_progress_size_; }
|
|
383
301
|
|
|
384
|
-
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
302
|
+
void FlushWriteStagingBuffer(uint8_t** cur, uint8_t** end)
|
|
303
|
+
ABSL_EXCLUSIVE_LOCKS_REQUIRED(write_mu_) {
|
|
304
|
+
output_buffer_.AppendIndexed(
|
|
305
|
+
grpc_event_engine::experimental::Slice(write_staging_buffer_));
|
|
306
|
+
write_staging_buffer_ =
|
|
307
|
+
memory_owner_.MakeSlice(MemoryRequest(STAGING_BUFFER_SIZE));
|
|
308
|
+
*cur = GRPC_SLICE_START_PTR(write_staging_buffer_);
|
|
309
|
+
*end = GRPC_SLICE_END_PTR(write_staging_buffer_);
|
|
310
|
+
MaybePostReclaimer();
|
|
311
|
+
}
|
|
393
312
|
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
|
|
313
|
+
tsi_result Protect(grpc_slice_buffer* slices, int max_frame_size)
|
|
314
|
+
ABSL_EXCLUSIVE_LOCKS_REQUIRED(write_mu_) {
|
|
315
|
+
GRPC_LATENT_SEE_INNER_SCOPE("protect");
|
|
316
|
+
uint8_t* cur = GRPC_SLICE_START_PTR(write_staging_buffer_);
|
|
317
|
+
uint8_t* end = GRPC_SLICE_END_PTR(write_staging_buffer_);
|
|
400
318
|
|
|
401
|
-
|
|
402
|
-
grpc_core::MutexLock l(&ep->write_mu);
|
|
403
|
-
uint8_t* cur = GRPC_SLICE_START_PTR(ep->write_staging_buffer);
|
|
404
|
-
uint8_t* end = GRPC_SLICE_END_PTR(ep->write_staging_buffer);
|
|
319
|
+
output_buffer_.Clear();
|
|
405
320
|
|
|
406
|
-
|
|
321
|
+
TraceOp("Protect", slices);
|
|
407
322
|
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
char* data =
|
|
411
|
-
grpc_dump_slice(slices->slices[i], GPR_DUMP_HEX | GPR_DUMP_ASCII);
|
|
412
|
-
VLOG(2) << "WRITE " << ep << ": " << data;
|
|
413
|
-
gpr_free(data);
|
|
414
|
-
}
|
|
415
|
-
}
|
|
416
|
-
|
|
417
|
-
if (ep->zero_copy_protector != nullptr) {
|
|
323
|
+
tsi_result result = TSI_OK;
|
|
324
|
+
if (zero_copy_protector_ != nullptr) {
|
|
418
325
|
// Use zero-copy grpc protector to protect.
|
|
419
|
-
result = TSI_OK;
|
|
420
326
|
// Break the input slices into chunks of size = max_frame_size and call
|
|
421
327
|
// tsi_zero_copy_grpc_protector_protect on each chunk. This ensures that
|
|
422
328
|
// the protector cannot create frames larger than the specified
|
|
423
329
|
// max_frame_size.
|
|
424
330
|
while (slices->length > static_cast<size_t>(max_frame_size) &&
|
|
425
331
|
result == TSI_OK) {
|
|
426
|
-
grpc_slice_buffer_move_first(
|
|
427
|
-
|
|
428
|
-
|
|
332
|
+
grpc_slice_buffer_move_first(
|
|
333
|
+
slices, static_cast<size_t>(max_frame_size),
|
|
334
|
+
protector_staging_buffer_.c_slice_buffer());
|
|
429
335
|
result = tsi_zero_copy_grpc_protector_protect(
|
|
430
|
-
|
|
431
|
-
|
|
336
|
+
zero_copy_protector_, protector_staging_buffer_.c_slice_buffer(),
|
|
337
|
+
output_buffer_.c_slice_buffer());
|
|
432
338
|
}
|
|
433
339
|
if (result == TSI_OK && slices->length > 0) {
|
|
434
340
|
result = tsi_zero_copy_grpc_protector_protect(
|
|
435
|
-
|
|
341
|
+
zero_copy_protector_, slices, output_buffer_.c_slice_buffer());
|
|
436
342
|
}
|
|
437
|
-
|
|
343
|
+
protector_staging_buffer_.Clear();
|
|
438
344
|
} else {
|
|
439
345
|
// Use frame protector to protect.
|
|
440
|
-
for (i = 0; i < slices->count; i++) {
|
|
346
|
+
for (size_t i = 0; i < slices->count; i++) {
|
|
441
347
|
grpc_slice plain = slices->slices[i];
|
|
442
348
|
uint8_t* message_bytes = GRPC_SLICE_START_PTR(plain);
|
|
443
349
|
size_t message_size = GRPC_SLICE_LENGTH(plain);
|
|
444
350
|
while (message_size > 0) {
|
|
445
351
|
size_t protected_buffer_size_to_send = static_cast<size_t>(end - cur);
|
|
446
352
|
size_t processed_message_size = message_size;
|
|
447
|
-
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
451
|
-
|
|
353
|
+
if (IsTsiFrameProtectorWithoutLocksEnabled()) {
|
|
354
|
+
result = tsi_frame_protector_protect(
|
|
355
|
+
protector_, message_bytes, &processed_message_size, cur,
|
|
356
|
+
&protected_buffer_size_to_send);
|
|
357
|
+
} else {
|
|
358
|
+
protector_mu_.Lock();
|
|
359
|
+
result = tsi_frame_protector_protect(
|
|
360
|
+
protector_, message_bytes, &processed_message_size, cur,
|
|
361
|
+
&protected_buffer_size_to_send);
|
|
362
|
+
protector_mu_.Unlock();
|
|
363
|
+
}
|
|
452
364
|
if (result != TSI_OK) {
|
|
453
365
|
LOG(ERROR) << "Encryption error: " << tsi_result_to_string(result);
|
|
454
366
|
break;
|
|
@@ -458,7 +370,7 @@ static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
|
|
|
458
370
|
cur += protected_buffer_size_to_send;
|
|
459
371
|
|
|
460
372
|
if (cur == end) {
|
|
461
|
-
|
|
373
|
+
FlushWriteStagingBuffer(&cur, &end);
|
|
462
374
|
}
|
|
463
375
|
}
|
|
464
376
|
if (result != TSI_OK) break;
|
|
@@ -467,32 +379,205 @@ static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
|
|
|
467
379
|
size_t still_pending_size;
|
|
468
380
|
do {
|
|
469
381
|
size_t protected_buffer_size_to_send = static_cast<size_t>(end - cur);
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
382
|
+
if (IsTsiFrameProtectorWithoutLocksEnabled()) {
|
|
383
|
+
result = tsi_frame_protector_protect_flush(
|
|
384
|
+
protector_, cur, &protected_buffer_size_to_send,
|
|
385
|
+
&still_pending_size);
|
|
386
|
+
} else {
|
|
387
|
+
protector_mu_.Lock();
|
|
388
|
+
result = tsi_frame_protector_protect_flush(
|
|
389
|
+
protector_, cur, &protected_buffer_size_to_send,
|
|
390
|
+
&still_pending_size);
|
|
391
|
+
protector_mu_.Unlock();
|
|
392
|
+
}
|
|
475
393
|
if (result != TSI_OK) break;
|
|
476
394
|
cur += protected_buffer_size_to_send;
|
|
477
395
|
if (cur == end) {
|
|
478
|
-
|
|
396
|
+
FlushWriteStagingBuffer(&cur, &end);
|
|
479
397
|
}
|
|
480
398
|
} while (still_pending_size > 0);
|
|
481
|
-
if (cur != GRPC_SLICE_START_PTR(
|
|
482
|
-
|
|
483
|
-
|
|
484
|
-
|
|
485
|
-
&ep->write_staging_buffer,
|
|
399
|
+
if (cur != GRPC_SLICE_START_PTR(write_staging_buffer_)) {
|
|
400
|
+
output_buffer_.Append(
|
|
401
|
+
grpc_event_engine::experimental::Slice(grpc_slice_split_head(
|
|
402
|
+
&write_staging_buffer_,
|
|
486
403
|
static_cast<size_t>(
|
|
487
|
-
cur - GRPC_SLICE_START_PTR(
|
|
404
|
+
cur - GRPC_SLICE_START_PTR(write_staging_buffer_)))));
|
|
488
405
|
}
|
|
489
406
|
}
|
|
490
407
|
}
|
|
408
|
+
// TODO(yangg) do different things according to the error type?
|
|
409
|
+
if (result != TSI_OK) output_buffer_.Clear();
|
|
410
|
+
return result;
|
|
411
|
+
}
|
|
412
|
+
|
|
413
|
+
grpc_event_engine::experimental::SliceBuffer* output_buffer() {
|
|
414
|
+
return &output_buffer_;
|
|
415
|
+
}
|
|
416
|
+
|
|
417
|
+
void Shutdown() { memory_owner_.Reset(); }
|
|
418
|
+
|
|
419
|
+
private:
|
|
420
|
+
struct tsi_frame_protector* const protector_;
|
|
421
|
+
struct tsi_zero_copy_grpc_protector* const zero_copy_protector_;
|
|
422
|
+
Mutex mu_;
|
|
423
|
+
Mutex read_mu_;
|
|
424
|
+
Mutex write_mu_;
|
|
425
|
+
Mutex protector_mu_;
|
|
426
|
+
grpc_slice_buffer* read_buffer_ = nullptr;
|
|
427
|
+
grpc_event_engine::experimental::SliceBuffer source_buffer_;
|
|
428
|
+
// saved handshaker leftover data to unprotect.
|
|
429
|
+
std::unique_ptr<SliceBuffer> leftover_bytes_;
|
|
430
|
+
// buffers for read and write
|
|
431
|
+
grpc_slice read_staging_buffer_ ABSL_GUARDED_BY(read_mu_);
|
|
432
|
+
grpc_slice write_staging_buffer_ ABSL_GUARDED_BY(write_mu_);
|
|
433
|
+
grpc_event_engine::experimental::SliceBuffer output_buffer_;
|
|
434
|
+
MemoryOwner memory_owner_;
|
|
435
|
+
MemoryAllocator::Reservation self_reservation_;
|
|
436
|
+
std::atomic<bool> has_posted_reclaimer_{false};
|
|
437
|
+
int min_progress_size_ = 1;
|
|
438
|
+
SliceBuffer protector_staging_buffer_;
|
|
439
|
+
};
|
|
440
|
+
} // namespace
|
|
441
|
+
} // namespace grpc_core
|
|
442
|
+
|
|
443
|
+
namespace {
|
|
444
|
+
struct secure_endpoint : public grpc_endpoint {
|
|
445
|
+
secure_endpoint(const grpc_endpoint_vtable* vtbl,
|
|
446
|
+
tsi_frame_protector* protector,
|
|
447
|
+
tsi_zero_copy_grpc_protector* zero_copy_protector,
|
|
448
|
+
grpc_core::OrphanablePtr<grpc_endpoint> endpoint,
|
|
449
|
+
grpc_slice* leftover_slices, size_t leftover_nslices,
|
|
450
|
+
const grpc_core::ChannelArgs& args)
|
|
451
|
+
: wrapped_ep(std::move(endpoint)),
|
|
452
|
+
frame_protector(protector, zero_copy_protector, leftover_slices,
|
|
453
|
+
leftover_nslices, args) {
|
|
454
|
+
this->vtable = vtbl;
|
|
455
|
+
GRPC_CLOSURE_INIT(&on_read, ::on_read, this, grpc_schedule_on_exec_ctx);
|
|
456
|
+
GRPC_CLOSURE_INIT(&on_write, ::on_write, this, grpc_schedule_on_exec_ctx);
|
|
457
|
+
gpr_ref_init(&ref, 1);
|
|
458
|
+
}
|
|
459
|
+
|
|
460
|
+
~secure_endpoint() {}
|
|
461
|
+
|
|
462
|
+
grpc_core::OrphanablePtr<grpc_endpoint> wrapped_ep;
|
|
463
|
+
grpc_core::FrameProtector frame_protector;
|
|
464
|
+
// saved upper level callbacks and user_data.
|
|
465
|
+
grpc_closure* read_cb = nullptr;
|
|
466
|
+
grpc_closure* write_cb = nullptr;
|
|
467
|
+
grpc_closure on_read;
|
|
468
|
+
grpc_closure on_write;
|
|
469
|
+
gpr_refcount ref;
|
|
470
|
+
};
|
|
471
|
+
} // namespace
|
|
472
|
+
|
|
473
|
+
static void destroy(secure_endpoint* ep) { delete ep; }
|
|
474
|
+
|
|
475
|
+
#ifndef NDEBUG
|
|
476
|
+
#define SECURE_ENDPOINT_UNREF(ep, reason) \
|
|
477
|
+
secure_endpoint_unref((ep), (reason), __FILE__, __LINE__)
|
|
478
|
+
#define SECURE_ENDPOINT_REF(ep, reason) \
|
|
479
|
+
secure_endpoint_ref((ep), (reason), __FILE__, __LINE__)
|
|
480
|
+
static void secure_endpoint_unref(secure_endpoint* ep, const char* reason,
|
|
481
|
+
const char* file, int line) {
|
|
482
|
+
if (GRPC_TRACE_FLAG_ENABLED(secure_endpoint)) {
|
|
483
|
+
gpr_atm val = gpr_atm_no_barrier_load(&ep->ref.count);
|
|
484
|
+
VLOG(2).AtLocation(file, line) << "SECENDP unref " << ep << " : " << reason
|
|
485
|
+
<< " " << val << " -> " << val - 1;
|
|
486
|
+
}
|
|
487
|
+
if (gpr_unref(&ep->ref)) {
|
|
488
|
+
destroy(ep);
|
|
489
|
+
}
|
|
490
|
+
}
|
|
491
|
+
|
|
492
|
+
static void secure_endpoint_ref(secure_endpoint* ep, const char* reason,
|
|
493
|
+
const char* file, int line) {
|
|
494
|
+
if (GRPC_TRACE_FLAG_ENABLED(secure_endpoint)) {
|
|
495
|
+
gpr_atm val = gpr_atm_no_barrier_load(&ep->ref.count);
|
|
496
|
+
VLOG(2).AtLocation(file, line) << "SECENDP ref " << ep << " : " << reason
|
|
497
|
+
<< " " << val << " -> " << val + 1;
|
|
498
|
+
}
|
|
499
|
+
gpr_ref(&ep->ref);
|
|
500
|
+
}
|
|
501
|
+
#else
|
|
502
|
+
#define SECURE_ENDPOINT_UNREF(ep, reason) secure_endpoint_unref((ep))
|
|
503
|
+
#define SECURE_ENDPOINT_REF(ep, reason) secure_endpoint_ref((ep))
|
|
504
|
+
static void secure_endpoint_unref(secure_endpoint* ep) {
|
|
505
|
+
if (gpr_unref(&ep->ref)) {
|
|
506
|
+
destroy(ep);
|
|
507
|
+
}
|
|
508
|
+
}
|
|
509
|
+
|
|
510
|
+
static void secure_endpoint_ref(secure_endpoint* ep) { gpr_ref(&ep->ref); }
|
|
511
|
+
#endif
|
|
512
|
+
|
|
513
|
+
static void call_read_cb(secure_endpoint* ep, grpc_error_handle error) {
|
|
514
|
+
ep->frame_protector.FinishRead(error.ok());
|
|
515
|
+
grpc_core::ExecCtx::Run(DEBUG_LOCATION, ep->read_cb, error);
|
|
516
|
+
SECURE_ENDPOINT_UNREF(ep, "read");
|
|
517
|
+
}
|
|
518
|
+
|
|
519
|
+
static void on_read(void* user_data, grpc_error_handle error) {
|
|
520
|
+
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(user_data);
|
|
521
|
+
|
|
522
|
+
{
|
|
523
|
+
grpc_core::MutexLock lock(ep->frame_protector.read_mu());
|
|
524
|
+
// If we were shut down after this callback was scheduled with OK
|
|
525
|
+
// status but before it was invoked, we need to treat that as an error.
|
|
526
|
+
if (ep->wrapped_ep == nullptr && error.ok()) {
|
|
527
|
+
error = absl::CancelledError("secure endpoint shutdown");
|
|
528
|
+
}
|
|
529
|
+
error = ep->frame_protector.Unprotect(std::move(error));
|
|
530
|
+
}
|
|
531
|
+
|
|
532
|
+
if (!error.ok()) {
|
|
533
|
+
call_read_cb(
|
|
534
|
+
ep, GRPC_ERROR_CREATE_REFERENCING("Secure read failed", &error, 1));
|
|
535
|
+
return;
|
|
536
|
+
}
|
|
537
|
+
|
|
538
|
+
call_read_cb(ep, absl::OkStatus());
|
|
539
|
+
}
|
|
540
|
+
|
|
541
|
+
static void endpoint_read(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
|
|
542
|
+
grpc_closure* cb, bool urgent,
|
|
543
|
+
int /*min_progress_size*/) {
|
|
544
|
+
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
|
|
545
|
+
ep->read_cb = cb;
|
|
546
|
+
ep->frame_protector.BeginRead(slices);
|
|
547
|
+
|
|
548
|
+
SECURE_ENDPOINT_REF(ep, "read");
|
|
549
|
+
if (ep->frame_protector.MaybeCompleteReadImmediately()) {
|
|
550
|
+
on_read(ep, absl::OkStatus());
|
|
551
|
+
return;
|
|
552
|
+
}
|
|
553
|
+
|
|
554
|
+
grpc_endpoint_read(ep->wrapped_ep.get(),
|
|
555
|
+
ep->frame_protector.source_buffer()->c_slice_buffer(),
|
|
556
|
+
&ep->on_read, urgent,
|
|
557
|
+
ep->frame_protector.min_progress_size());
|
|
558
|
+
}
|
|
559
|
+
|
|
560
|
+
static void on_write(void* user_data, grpc_error_handle error) {
|
|
561
|
+
secure_endpoint* ep = static_cast<secure_endpoint*>(user_data);
|
|
562
|
+
grpc_closure* cb = ep->write_cb;
|
|
563
|
+
ep->write_cb = nullptr;
|
|
564
|
+
SECURE_ENDPOINT_UNREF(ep, "write");
|
|
565
|
+
grpc_core::EnsureRunInExecCtx([cb, error = std::move(error)]() {
|
|
566
|
+
grpc_core::Closure::Run(DEBUG_LOCATION, cb, error);
|
|
567
|
+
});
|
|
568
|
+
}
|
|
569
|
+
|
|
570
|
+
static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
|
|
571
|
+
grpc_closure* cb, void* arg, int max_frame_size) {
|
|
572
|
+
GRPC_LATENT_SEE_INNER_SCOPE("secure_endpoint write");
|
|
573
|
+
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
|
|
574
|
+
tsi_result result;
|
|
575
|
+
{
|
|
576
|
+
grpc_core::MutexLock lock(ep->frame_protector.write_mu());
|
|
577
|
+
result = ep->frame_protector.Protect(slices, max_frame_size);
|
|
491
578
|
}
|
|
492
579
|
|
|
493
580
|
if (result != TSI_OK) {
|
|
494
|
-
// TODO(yangg) do different things according to the error type?
|
|
495
|
-
grpc_slice_buffer_reset_and_unref(&ep->output_buffer);
|
|
496
581
|
grpc_core::ExecCtx::Run(
|
|
497
582
|
DEBUG_LOCATION, cb,
|
|
498
583
|
GRPC_ERROR_CREATE(
|
|
@@ -504,16 +589,17 @@ static void endpoint_write(grpc_endpoint* secure_ep, grpc_slice_buffer* slices,
|
|
|
504
589
|
// output_buffer at any time until the write completes.
|
|
505
590
|
SECURE_ENDPOINT_REF(ep, "write");
|
|
506
591
|
ep->write_cb = cb;
|
|
507
|
-
grpc_endpoint_write(ep->wrapped_ep.get(),
|
|
508
|
-
|
|
592
|
+
grpc_endpoint_write(ep->wrapped_ep.get(),
|
|
593
|
+
ep->frame_protector.output_buffer()->c_slice_buffer(),
|
|
594
|
+
&ep->on_write, arg, max_frame_size);
|
|
509
595
|
}
|
|
510
596
|
|
|
511
597
|
static void endpoint_destroy(grpc_endpoint* secure_ep) {
|
|
512
598
|
secure_endpoint* ep = reinterpret_cast<secure_endpoint*>(secure_ep);
|
|
513
|
-
ep->read_mu
|
|
599
|
+
ep->frame_protector.read_mu()->Lock();
|
|
514
600
|
ep->wrapped_ep.reset();
|
|
515
|
-
ep->
|
|
516
|
-
ep->read_mu
|
|
601
|
+
ep->frame_protector.Shutdown();
|
|
602
|
+
ep->frame_protector.read_mu()->Unlock();
|
|
517
603
|
SECURE_ENDPOINT_UNREF(ep, "destroy");
|
|
518
604
|
}
|
|
519
605
|
|
|
@@ -566,13 +652,384 @@ static const grpc_endpoint_vtable vtable = {endpoint_read,
|
|
|
566
652
|
endpoint_get_fd,
|
|
567
653
|
endpoint_can_track_err};
|
|
568
654
|
|
|
655
|
+
namespace grpc_event_engine::experimental {
|
|
656
|
+
namespace {
|
|
657
|
+
|
|
658
|
+
class SecureEndpoint final : public EventEngine::Endpoint {
|
|
659
|
+
public:
|
|
660
|
+
SecureEndpoint(
|
|
661
|
+
std::unique_ptr<grpc_event_engine::experimental::EventEngine::Endpoint>
|
|
662
|
+
wrapped_ep,
|
|
663
|
+
struct tsi_frame_protector* protector,
|
|
664
|
+
struct tsi_zero_copy_grpc_protector* zero_copy_protector,
|
|
665
|
+
grpc_slice* leftover_slices, size_t leftover_nslices,
|
|
666
|
+
const grpc_core::ChannelArgs& channel_args)
|
|
667
|
+
: impl_(grpc_core::MakeRefCounted<Impl>(
|
|
668
|
+
std::move(wrapped_ep), protector, zero_copy_protector,
|
|
669
|
+
leftover_slices, leftover_nslices, channel_args)) {}
|
|
670
|
+
|
|
671
|
+
~SecureEndpoint() override { impl_->Shutdown(); }
|
|
672
|
+
|
|
673
|
+
bool Read(absl::AnyInvocable<void(absl::Status)> on_read, SliceBuffer* buffer,
|
|
674
|
+
ReadArgs in_args) override {
|
|
675
|
+
return impl_->Read(std::move(on_read), buffer, std::move(in_args));
|
|
676
|
+
}
|
|
677
|
+
|
|
678
|
+
bool Write(absl::AnyInvocable<void(absl::Status)> on_writable,
|
|
679
|
+
SliceBuffer* data, WriteArgs args) override {
|
|
680
|
+
return impl_->Write(std::move(on_writable), data, std::move(args));
|
|
681
|
+
}
|
|
682
|
+
|
|
683
|
+
const EventEngine::ResolvedAddress& GetPeerAddress() const override {
|
|
684
|
+
return impl_->GetPeerAddress();
|
|
685
|
+
}
|
|
686
|
+
|
|
687
|
+
const EventEngine::ResolvedAddress& GetLocalAddress() const override {
|
|
688
|
+
return impl_->GetLocalAddress();
|
|
689
|
+
}
|
|
690
|
+
|
|
691
|
+
void* QueryExtension(absl::string_view id) override {
|
|
692
|
+
return impl_->QueryExtension(id);
|
|
693
|
+
}
|
|
694
|
+
|
|
695
|
+
std::vector<size_t> AllWriteMetrics() override {
|
|
696
|
+
return impl_->AllWriteMetrics();
|
|
697
|
+
}
|
|
698
|
+
|
|
699
|
+
std::optional<absl::string_view> GetMetricName(size_t key) override {
|
|
700
|
+
return impl_->GetMetricName(key);
|
|
701
|
+
}
|
|
702
|
+
|
|
703
|
+
std::optional<size_t> GetMetricKey(absl::string_view name) override {
|
|
704
|
+
return impl_->GetMetricKey(name);
|
|
705
|
+
}
|
|
706
|
+
|
|
707
|
+
private:
|
|
708
|
+
class Impl : public grpc_core::RefCounted<Impl> {
|
|
709
|
+
public:
|
|
710
|
+
Impl(std::unique_ptr<grpc_event_engine::experimental::EventEngine::Endpoint>
|
|
711
|
+
wrapped_ep,
|
|
712
|
+
struct tsi_frame_protector* protector,
|
|
713
|
+
struct tsi_zero_copy_grpc_protector* zero_copy_protector,
|
|
714
|
+
grpc_slice* leftover_slices, size_t leftover_nslices,
|
|
715
|
+
const grpc_core::ChannelArgs& channel_args)
|
|
716
|
+
: frame_protector_(protector, zero_copy_protector, leftover_slices,
|
|
717
|
+
leftover_nslices, channel_args),
|
|
718
|
+
wrapped_ep_(std::move(wrapped_ep)),
|
|
719
|
+
event_engine_(channel_args.GetObjectRef<
|
|
720
|
+
grpc_event_engine::experimental::EventEngine>()),
|
|
721
|
+
large_read_threshold_(std::max(
|
|
722
|
+
1, channel_args.GetInt(GRPC_ARG_DECRYPTION_OFFLOAD_THRESHOLD)
|
|
723
|
+
.value_or(32 * 1024))),
|
|
724
|
+
large_write_threshold_(std::max(
|
|
725
|
+
1, channel_args.GetInt(GRPC_ARG_ENCRYPTION_OFFLOAD_THRESHOLD)
|
|
726
|
+
.value_or(32 * 1024))),
|
|
727
|
+
max_buffered_writes_(std::max(
|
|
728
|
+
0, channel_args
|
|
729
|
+
.GetInt(GRPC_ARG_ENCRYPTION_OFFLOAD_MAX_BUFFERED_WRITES)
|
|
730
|
+
.value_or(1024 * 1024))) {}
|
|
731
|
+
|
|
732
|
+
bool Read(absl::AnyInvocable<void(absl::Status)> on_read,
|
|
733
|
+
SliceBuffer* buffer, ReadArgs args) {
|
|
734
|
+
on_read_ = std::move(on_read);
|
|
735
|
+
frame_protector_.BeginRead(buffer->c_slice_buffer());
|
|
736
|
+
if (frame_protector_.MaybeCompleteReadImmediately()) {
|
|
737
|
+
return MaybeFinishReadImmediately();
|
|
738
|
+
}
|
|
739
|
+
args.set_read_hint_bytes(frame_protector_.min_progress_size());
|
|
740
|
+
bool read_completed_immediately = wrapped_ep_->Read(
|
|
741
|
+
[impl = Ref()](absl::Status status) mutable {
|
|
742
|
+
FinishAsyncRead(std::move(impl), std::move(status));
|
|
743
|
+
},
|
|
744
|
+
frame_protector_.source_buffer(), std::move(args));
|
|
745
|
+
if (read_completed_immediately) return MaybeFinishReadImmediately();
|
|
746
|
+
return false;
|
|
747
|
+
}
|
|
748
|
+
|
|
749
|
+
bool Write(absl::AnyInvocable<void(absl::Status)> on_writable,
|
|
750
|
+
SliceBuffer* data, WriteArgs args) {
|
|
751
|
+
GRPC_LATENT_SEE_INNER_SCOPE("secure_endpoint write");
|
|
752
|
+
tsi_result result;
|
|
753
|
+
frame_protector_.TraceOp("Write", data->c_slice_buffer());
|
|
754
|
+
if (grpc_core::IsSecureEndpointOffloadLargeWritesEnabled()) {
|
|
755
|
+
// If we get a zero length frame, just complete without looking at
|
|
756
|
+
// anything further
|
|
757
|
+
if (data->Length() == 0) return true;
|
|
758
|
+
grpc_core::MutexLock lock(&write_queue_mu_);
|
|
759
|
+
// If there's been a failure observed asynchronously, then fail out with
|
|
760
|
+
// that error.
|
|
761
|
+
if (!writing_.ok()) {
|
|
762
|
+
event_engine_->Run(
|
|
763
|
+
[on_write = std::move(on_writable),
|
|
764
|
+
status = writing_.status()]() mutable { on_write(status); });
|
|
765
|
+
return false;
|
|
766
|
+
}
|
|
767
|
+
// If we're already writing (== encrypting on another thread) we need to
|
|
768
|
+
// queue the writes up to do after that completes.
|
|
769
|
+
// OR if we're not already writing but this write is large, we push it
|
|
770
|
+
// onto the event engine to encrypt later.
|
|
771
|
+
if (*writing_ || data->Length() > large_write_threshold_) {
|
|
772
|
+
// Since we don't call on_write until we've collected pending_writes
|
|
773
|
+
// in the FinishAsyncWrites path, and EventEngine insists that one
|
|
774
|
+
// write finishes before a second begins, we should never see a Write
|
|
775
|
+
// call here with a non-null pending_writes_.
|
|
776
|
+
CHECK(pending_writes_ == nullptr);
|
|
777
|
+
pending_writes_ = std::make_unique<SliceBuffer>(std::move(*data));
|
|
778
|
+
frame_protector_.TraceOp("Pending",
|
|
779
|
+
pending_writes_->c_slice_buffer());
|
|
780
|
+
// Wait for the previous write to finish before considering this one.
|
|
781
|
+
// Note that since EventEngine::Endpoint allows only one outstanding
|
|
782
|
+
// write, this will pause sending until the callback is invoked.
|
|
783
|
+
last_write_args_ = std::move(args);
|
|
784
|
+
on_write_ = std::move(on_writable);
|
|
785
|
+
if (!*writing_) {
|
|
786
|
+
writing_ = true;
|
|
787
|
+
event_engine_->Run([impl = Ref()]() mutable {
|
|
788
|
+
FinishAsyncWrite(std::move(impl));
|
|
789
|
+
});
|
|
790
|
+
}
|
|
791
|
+
return false;
|
|
792
|
+
}
|
|
793
|
+
}
|
|
794
|
+
// A small write: encrypt inline and write to the socket.
|
|
795
|
+
{
|
|
796
|
+
grpc_core::MutexLock lock(frame_protector_.write_mu());
|
|
797
|
+
result = frame_protector_.Protect(data->c_slice_buffer(),
|
|
798
|
+
args.max_frame_size());
|
|
799
|
+
}
|
|
800
|
+
if (result != TSI_OK) {
|
|
801
|
+
event_engine_->Run(
|
|
802
|
+
[on_writable = std::move(on_writable), result]() mutable {
|
|
803
|
+
on_writable(GRPC_ERROR_CREATE(absl::StrCat(
|
|
804
|
+
"Wrap failed (", tsi_result_to_string(result), ")")));
|
|
805
|
+
});
|
|
806
|
+
return false;
|
|
807
|
+
}
|
|
808
|
+
on_write_ = std::move(on_writable);
|
|
809
|
+
frame_protector_.TraceOp(
|
|
810
|
+
"Write", frame_protector_.output_buffer()->c_slice_buffer());
|
|
811
|
+
return wrapped_ep_->Write(
|
|
812
|
+
[impl = Ref()](absl::Status status) mutable {
|
|
813
|
+
auto on_write = std::move(impl->on_write_);
|
|
814
|
+
impl.reset();
|
|
815
|
+
on_write(status);
|
|
816
|
+
},
|
|
817
|
+
frame_protector_.output_buffer(), std::move(args));
|
|
818
|
+
}
|
|
819
|
+
|
|
820
|
+
const EventEngine::ResolvedAddress& GetPeerAddress() const {
|
|
821
|
+
return wrapped_ep_->GetPeerAddress();
|
|
822
|
+
}
|
|
823
|
+
|
|
824
|
+
const EventEngine::ResolvedAddress& GetLocalAddress() const {
|
|
825
|
+
return wrapped_ep_->GetLocalAddress();
|
|
826
|
+
}
|
|
827
|
+
|
|
828
|
+
void* QueryExtension(absl::string_view id) {
|
|
829
|
+
return wrapped_ep_->QueryExtension(id);
|
|
830
|
+
}
|
|
831
|
+
|
|
832
|
+
void Shutdown() {
|
|
833
|
+
std::unique_ptr<EventEngine::Endpoint> wrapped_ep;
|
|
834
|
+
grpc_core::MutexLock write_lock(frame_protector_.write_mu());
|
|
835
|
+
grpc_core::MutexLock read_lock(frame_protector_.read_mu());
|
|
836
|
+
wrapped_ep = std::move(wrapped_ep_);
|
|
837
|
+
frame_protector_.Shutdown();
|
|
838
|
+
}
|
|
839
|
+
|
|
840
|
+
virtual std::vector<size_t> AllWriteMetrics() {
|
|
841
|
+
return wrapped_ep_->AllWriteMetrics();
|
|
842
|
+
}
|
|
843
|
+
|
|
844
|
+
virtual std::optional<absl::string_view> GetMetricName(size_t key) {
|
|
845
|
+
return wrapped_ep_->GetMetricName(key);
|
|
846
|
+
}
|
|
847
|
+
|
|
848
|
+
virtual std::optional<size_t> GetMetricKey(absl::string_view name) {
|
|
849
|
+
return wrapped_ep_->GetMetricKey(name);
|
|
850
|
+
}
|
|
851
|
+
|
|
852
|
+
private:
|
|
853
|
+
bool MaybeFinishReadImmediately() {
|
|
854
|
+
GRPC_LATENT_SEE_INNER_SCOPE("secure_endpoint maybe finish read");
|
|
855
|
+
grpc_core::MutexLock lock(frame_protector_.read_mu());
|
|
856
|
+
// If the read is large, since we got the bytes whilst still calling read,
|
|
857
|
+
// offload the decryption to event engine.
|
|
858
|
+
// That way we can do the decryption off this thread (which is usually
|
|
859
|
+
// under some mutual exclusion device) and publish the bytes using the
|
|
860
|
+
// async callback path.
|
|
861
|
+
// (remember there's at most one outstanding read and write on an
|
|
862
|
+
// EventEngine::Endpoint allowed, so this doesn't risk ordering issues.)
|
|
863
|
+
if (grpc_core::IsSecureEndpointOffloadLargeReadsEnabled() &&
|
|
864
|
+
frame_protector_.source_buffer()->Length() > large_read_threshold_) {
|
|
865
|
+
event_engine_->Run([impl = Ref()]() mutable {
|
|
866
|
+
FinishAsyncRead(std::move(impl), absl::OkStatus());
|
|
867
|
+
});
|
|
868
|
+
return false;
|
|
869
|
+
}
|
|
870
|
+
frame_protector_.TraceOp(
|
|
871
|
+
"Read(Imm)", frame_protector_.source_buffer()->c_slice_buffer());
|
|
872
|
+
auto status = frame_protector_.Unprotect(absl::OkStatus());
|
|
873
|
+
frame_protector_.FinishRead(status.ok());
|
|
874
|
+
if (status.ok()) return true;
|
|
875
|
+
event_engine_->Run([impl = Ref(), status = std::move(status)]() mutable {
|
|
876
|
+
auto on_read = std::move(impl->on_read_);
|
|
877
|
+
impl.reset();
|
|
878
|
+
on_read(status);
|
|
879
|
+
});
|
|
880
|
+
return false;
|
|
881
|
+
}
|
|
882
|
+
|
|
883
|
+
static void FinishAsyncRead(grpc_core::RefCountedPtr<Impl> impl,
|
|
884
|
+
absl::Status status) {
|
|
885
|
+
GRPC_LATENT_SEE_PARENT_SCOPE("secure endpoint finish async read");
|
|
886
|
+
{
|
|
887
|
+
grpc_core::MutexLock lock(impl->frame_protector_.read_mu());
|
|
888
|
+
if (status.ok() && impl->wrapped_ep_ == nullptr) {
|
|
889
|
+
status = absl::CancelledError("secure endpoint shutdown");
|
|
890
|
+
}
|
|
891
|
+
status = impl->frame_protector_.Unprotect(std::move(status));
|
|
892
|
+
}
|
|
893
|
+
if (status.ok()) {
|
|
894
|
+
impl->frame_protector_.TraceOp(
|
|
895
|
+
"Read", impl->frame_protector_.source_buffer()->c_slice_buffer());
|
|
896
|
+
}
|
|
897
|
+
auto on_read = std::move(impl->on_read_);
|
|
898
|
+
impl->frame_protector_.FinishRead(status.ok());
|
|
899
|
+
impl.reset();
|
|
900
|
+
on_read(status);
|
|
901
|
+
}
|
|
902
|
+
|
|
903
|
+
std::string WritingString() ABSL_EXCLUSIVE_LOCKS_REQUIRED(write_queue_mu_) {
|
|
904
|
+
if (!writing_.ok()) return writing_.status().ToString();
|
|
905
|
+
return *writing_ ? "true" : "false";
|
|
906
|
+
}
|
|
907
|
+
|
|
908
|
+
static void FailWrites(grpc_core::RefCountedPtr<Impl> impl,
|
|
909
|
+
absl::Status status)
|
|
910
|
+
ABSL_LOCKS_EXCLUDED(frame_protector_.write_mu(), write_queue_mu_) {
|
|
911
|
+
impl->write_queue_mu_.Lock();
|
|
912
|
+
impl->writing_ = status;
|
|
913
|
+
auto on_write = std::move(impl->on_write_);
|
|
914
|
+
impl->write_queue_mu_.Unlock();
|
|
915
|
+
impl.reset();
|
|
916
|
+
if (on_write != nullptr) on_write(status);
|
|
917
|
+
};
|
|
918
|
+
|
|
919
|
+
static void FinishAsyncWrite(grpc_core::RefCountedPtr<Impl> impl) {
|
|
920
|
+
GRPC_LATENT_SEE_PARENT_SCOPE("secure endpoint finish async write");
|
|
921
|
+
tsi_result result;
|
|
922
|
+
std::unique_ptr<SliceBuffer> data;
|
|
923
|
+
WriteArgs args;
|
|
924
|
+
// If writes complete immediately we'll loop back to here.
|
|
925
|
+
while (true) {
|
|
926
|
+
{
|
|
927
|
+
// Check to see if we've written all the bytes.
|
|
928
|
+
grpc_core::ReleasableMutexLock lock(&impl->write_queue_mu_);
|
|
929
|
+
if (impl->pending_writes_ == nullptr) {
|
|
930
|
+
impl->writing_ = false;
|
|
931
|
+
DCHECK(impl->on_write_ == nullptr);
|
|
932
|
+
lock.Release();
|
|
933
|
+
return;
|
|
934
|
+
}
|
|
935
|
+
// There's more data - grab it under the queue lock.
|
|
936
|
+
data = std::move(impl->pending_writes_);
|
|
937
|
+
impl->frame_protector_.TraceOp("data", data->c_slice_buffer());
|
|
938
|
+
args = std::move(impl->last_write_args_);
|
|
939
|
+
DCHECK(impl->on_write_ != nullptr);
|
|
940
|
+
}
|
|
941
|
+
impl->event_engine_->Run(
|
|
942
|
+
[on_write = std::move(impl->on_write_)]() mutable {
|
|
943
|
+
on_write(absl::OkStatus());
|
|
944
|
+
});
|
|
945
|
+
// Now grab the frame protector write mutex - this is held for some
|
|
946
|
+
// time (we do the encryption inside of it) - so it's a different
|
|
947
|
+
// mutex to the queue mutex above.
|
|
948
|
+
grpc_core::ReleasableMutexLock lock(impl->frame_protector_.write_mu());
|
|
949
|
+
// If the endpoint closed whilst waiting for this callback, then fail
|
|
950
|
+
// out the write and we're done.
|
|
951
|
+
if (impl->wrapped_ep_ == nullptr) {
|
|
952
|
+
lock.Release();
|
|
953
|
+
FailWrites(std::move(impl),
|
|
954
|
+
absl::CancelledError("secure endpoint shutdown"));
|
|
955
|
+
return;
|
|
956
|
+
}
|
|
957
|
+
result = impl->frame_protector_.Protect(data->c_slice_buffer(),
|
|
958
|
+
args.max_frame_size());
|
|
959
|
+
if (result != TSI_OK) {
|
|
960
|
+
lock.Release();
|
|
961
|
+
// Protection failed... fail the write and we're done.
|
|
962
|
+
FailWrites(std::move(impl),
|
|
963
|
+
GRPC_ERROR_CREATE(absl::StrCat(
|
|
964
|
+
"Wrap failed (", tsi_result_to_string(result), ")")));
|
|
965
|
+
return;
|
|
966
|
+
}
|
|
967
|
+
// Write out the protected bytes - returns true if it finishes
|
|
968
|
+
// immediately, in which case we'll loop.
|
|
969
|
+
const bool write_finished_immediately = impl->wrapped_ep_->Write(
|
|
970
|
+
[impl](absl::Status status) mutable {
|
|
971
|
+
// Async completion path: if we completed successfully then loop
|
|
972
|
+
// back into FinishAsyncWrite to see if there's more writing to
|
|
973
|
+
// do.
|
|
974
|
+
if (status.ok()) {
|
|
975
|
+
FinishAsyncWrite(std::move(impl));
|
|
976
|
+
return;
|
|
977
|
+
}
|
|
978
|
+
// Write failed: push the failure up via the callback if it's
|
|
979
|
+
// there.
|
|
980
|
+
FailWrites(std::move(impl), status);
|
|
981
|
+
},
|
|
982
|
+
impl->frame_protector_.output_buffer(), std::move(args));
|
|
983
|
+
if (!write_finished_immediately) break;
|
|
984
|
+
}
|
|
985
|
+
}
|
|
986
|
+
|
|
987
|
+
grpc_core::Mutex write_queue_mu_;
|
|
988
|
+
absl::StatusOr<bool> writing_ ABSL_GUARDED_BY(write_queue_mu_) = false;
|
|
989
|
+
WriteArgs last_write_args_ ABSL_GUARDED_BY(write_queue_mu_);
|
|
990
|
+
std::unique_ptr<SliceBuffer> pending_writes_
|
|
991
|
+
ABSL_GUARDED_BY(write_queue_mu_);
|
|
992
|
+
grpc_core::FrameProtector frame_protector_;
|
|
993
|
+
absl::AnyInvocable<void(absl::Status)> on_read_;
|
|
994
|
+
absl::AnyInvocable<void(absl::Status)> on_write_;
|
|
995
|
+
std::unique_ptr<EventEngine::Endpoint> wrapped_ep_;
|
|
996
|
+
std::shared_ptr<EventEngine> event_engine_;
|
|
997
|
+
const size_t large_read_threshold_;
|
|
998
|
+
const size_t large_write_threshold_;
|
|
999
|
+
const size_t max_buffered_writes_;
|
|
1000
|
+
};
|
|
1001
|
+
|
|
1002
|
+
grpc_core::RefCountedPtr<Impl> impl_;
|
|
1003
|
+
};
|
|
1004
|
+
|
|
1005
|
+
} // namespace
|
|
1006
|
+
} // namespace grpc_event_engine::experimental
|
|
1007
|
+
|
|
569
1008
|
grpc_core::OrphanablePtr<grpc_endpoint> grpc_secure_endpoint_create(
|
|
570
1009
|
struct tsi_frame_protector* protector,
|
|
571
1010
|
struct tsi_zero_copy_grpc_protector* zero_copy_protector,
|
|
572
1011
|
grpc_core::OrphanablePtr<grpc_endpoint> to_wrap,
|
|
573
|
-
grpc_slice* leftover_slices,
|
|
574
|
-
|
|
1012
|
+
grpc_slice* leftover_slices, size_t leftover_nslices,
|
|
1013
|
+
const grpc_core::ChannelArgs& channel_args) {
|
|
1014
|
+
if (!grpc_core::IsEventEngineSecureEndpointEnabled()) {
|
|
1015
|
+
return grpc_legacy_secure_endpoint_create(
|
|
1016
|
+
protector, zero_copy_protector, std::move(to_wrap), leftover_slices,
|
|
1017
|
+
channel_args.ToC().get(), leftover_nslices);
|
|
1018
|
+
}
|
|
1019
|
+
if (grpc_event_engine::experimental::grpc_get_wrapped_event_engine_endpoint(
|
|
1020
|
+
to_wrap.get()) != nullptr) {
|
|
1021
|
+
std::unique_ptr<grpc_event_engine::experimental::EventEngine::Endpoint>
|
|
1022
|
+
event_engine_endpoint = grpc_event_engine::experimental::
|
|
1023
|
+
grpc_take_wrapped_event_engine_endpoint(to_wrap.release());
|
|
1024
|
+
CHECK(event_engine_endpoint != nullptr);
|
|
1025
|
+
return grpc_core::OrphanablePtr<grpc_endpoint>(
|
|
1026
|
+
grpc_event_engine::experimental::grpc_event_engine_endpoint_create(
|
|
1027
|
+
std::make_unique<grpc_event_engine::experimental::SecureEndpoint>(
|
|
1028
|
+
std::move(event_engine_endpoint), protector,
|
|
1029
|
+
zero_copy_protector, leftover_slices, leftover_nslices,
|
|
1030
|
+
channel_args)));
|
|
1031
|
+
}
|
|
575
1032
|
return grpc_core::MakeOrphanable<secure_endpoint>(
|
|
576
1033
|
&vtable, protector, zero_copy_protector, std::move(to_wrap),
|
|
577
|
-
leftover_slices,
|
|
1034
|
+
leftover_slices, leftover_nslices, channel_args);
|
|
578
1035
|
}
|