grpc 1.72.0 → 1.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +23 -6
- data/include/grpc/event_engine/event_engine.h +125 -8
- data/include/grpc/event_engine/internal/write_event.h +34 -0
- data/include/grpc/impl/channel_arg_names.h +17 -9
- data/include/grpc/impl/compression_types.h +3 -2
- data/include/grpc/impl/slice_type.h +1 -1
- data/include/grpc/support/json.h +3 -21
- data/include/grpc/support/port_platform.h +8 -5
- data/src/core/call/call_filters.h +28 -19
- data/src/core/call/call_spine.h +2 -0
- data/src/core/call/metadata.h +17 -0
- data/src/core/channelz/channel_trace.cc +50 -42
- data/src/core/channelz/channel_trace.h +35 -4
- data/src/core/channelz/channelz.cc +338 -125
- data/src/core/channelz/channelz.h +276 -34
- data/src/core/channelz/channelz_registry.cc +322 -117
- data/src/core/channelz/channelz_registry.h +179 -21
- data/src/core/channelz/ztrace_collector.h +315 -0
- data/src/core/client_channel/client_channel.cc +30 -29
- data/src/core/client_channel/client_channel_filter.cc +21 -20
- data/src/core/client_channel/client_channel_filter.h +0 -2
- data/src/core/client_channel/connector.h +0 -3
- data/src/core/client_channel/global_subchannel_pool.cc +68 -7
- data/src/core/client_channel/global_subchannel_pool.h +37 -4
- data/src/core/client_channel/subchannel.cc +7 -9
- data/src/core/client_channel/subchannel.h +2 -8
- data/src/core/client_channel/subchannel_pool_interface.cc +5 -6
- data/src/core/client_channel/subchannel_pool_interface.h +11 -1
- data/src/core/config/config_vars.cc +11 -1
- data/src/core/config/config_vars.h +8 -0
- data/src/core/config/core_configuration.cc +50 -11
- data/src/core/config/core_configuration.h +89 -7
- data/src/core/credentials/call/external/aws_request_signer.cc +3 -2
- data/src/core/credentials/call/external/url_external_account_credentials.cc +2 -2
- data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +1 -1
- data/src/core/credentials/call/jwt/jwt_verifier.cc +4 -4
- data/src/core/credentials/call/oauth2/oauth2_credentials.cc +4 -2
- data/src/core/credentials/transport/alts/alts_security_connector.cc +9 -8
- data/src/core/credentials/transport/google_default/google_default_credentials.cc +3 -3
- data/src/core/credentials/transport/ssl/ssl_credentials.cc +2 -2
- data/src/core/credentials/transport/ssl/ssl_security_connector.cc +41 -11
- data/src/core/credentials/transport/ssl/ssl_security_connector.h +2 -1
- data/src/core/credentials/transport/tls/ssl_utils.cc +18 -0
- data/src/core/credentials/transport/tls/ssl_utils.h +5 -0
- data/src/core/credentials/transport/tls/tls_security_connector.cc +2 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +6 -3
- data/src/core/ext/filters/http/message_compress/compression_filter.h +34 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.h +14 -3
- data/src/core/ext/transport/chttp2/chttp2_plugin.cc +40 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +11 -112
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +3 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +33 -962
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +5 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +129 -47
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +0 -3
- data/src/core/ext/transport/chttp2/transport/flow_control.h +18 -0
- data/src/core/ext/transport/chttp2/transport/frame.cc +213 -105
- data/src/core/ext/transport/chttp2/transport/frame.h +78 -6
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +10 -0
- data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +5 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +11 -4
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +3 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +7 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +26 -0
- data/src/core/ext/transport/chttp2/transport/http2_status.h +358 -1
- data/src/core/ext/transport/chttp2/transport/http2_ztrace_collector.h +252 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +29 -5
- data/src/core/ext/transport/chttp2/transport/internal_channel_arg_names.h +24 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +36 -21
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +6 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +60 -49
- data/src/core/ext/transport/inproc/inproc_transport.cc +7 -2
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +6 -2
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +28 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +24 -67
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +29 -31
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +20 -0
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +8 -22
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +64 -66
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +4 -95
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +28 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +8 -36
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +4 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +8 -44
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +12 -40
- data/src/core/ext/upb-gen/google/api/http.upb.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +193 -20
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +59 -21
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +4 -22
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +113 -53
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +20 -14
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +154 -0
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +40 -2
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +8 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +0 -36
- data/src/core/ext/upb-gen/validate/validate.upb.h +12 -0
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +0 -18
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +8 -0
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +0 -54
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +20 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +4 -0
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +200 -101
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +152 -77
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +524 -255
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +66 -34
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +54 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +46 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +256 -126
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +50 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +55 -28
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +34 -18
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +414 -206
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +831 -413
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +143 -73
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +1132 -557
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +255 -127
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +363 -178
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +227 -114
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +596 -295
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +271 -137
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +56 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +45 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +438 -217
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +441 -221
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +55 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +619 -303
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +70 -36
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +97 -49
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +97 -51
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +147 -76
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +230 -116
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +277 -138
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +388 -197
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +304 -153
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +173 -90
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +90 -47
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +98 -51
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +196 -99
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +237 -118
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +418 -210
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +194 -99
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +2003 -973
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +101 -53
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +352 -176
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +79 -42
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +67 -37
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +88 -47
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +80 -43
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +86 -46
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +55 -32
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +91 -49
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +105 -55
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +775 -379
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +134 -68
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +189 -96
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +116 -61
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +160 -82
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +75 -39
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +1161 -570
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +55 -29
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +390 -194
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +126 -65
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +498 -246
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +74 -38
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +221 -110
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +68 -36
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +378 -187
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +100 -52
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +257 -129
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +44 -24
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +68 -35
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +59 -32
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +65 -34
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +72 -38
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +52 -29
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +51 -28
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +67 -35
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +110 -56
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +30 -16
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +143 -72
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +61 -32
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +85 -45
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +61 -33
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +272 -133
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +315 -154
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +64 -33
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +26 -15
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +1106 -508
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +28 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +23 -13
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +69 -35
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +51 -26
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +32 -17
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +161 -79
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +84 -42
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +26 -14
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +50 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +538 -261
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +86 -43
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +49 -26
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +27 -15
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +87 -44
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +30 -17
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +36 -20
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +42 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +76 -39
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +45 -24
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +58 -32
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +207 -103
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +95 -49
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +60 -31
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +67 -36
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -1
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +7 -22
- data/src/core/handshaker/security/legacy_secure_endpoint.cc +596 -0
- data/src/core/handshaker/security/secure_endpoint.cc +769 -312
- data/src/core/handshaker/security/secure_endpoint.h +17 -0
- data/src/core/handshaker/security/security_handshaker.cc +3 -3
- data/src/core/lib/address_utils/sockaddr_utils.cc +5 -5
- data/src/core/lib/channel/channel_args.h +4 -0
- data/src/core/lib/channel/channel_stack.cc +29 -0
- data/src/core/lib/channel/channel_stack.h +9 -0
- data/src/core/lib/channel/promise_based_filter.h +707 -299
- data/src/core/lib/debug/trace_flags.cc +2 -2
- data/src/core/lib/debug/trace_flags.h +1 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +6 -2
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +4 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +14 -6
- data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -1
- data/src/core/lib/event_engine/extensions/blocking_dns.h +46 -0
- data/src/core/lib/event_engine/extensions/channelz.h +62 -0
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +3 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -7
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +28 -22
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +22 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +15 -15
- data/src/core/lib/event_engine/query_extensions.h +10 -21
- data/src/core/lib/event_engine/tcp_socket_utils.cc +10 -9
- data/src/core/lib/event_engine/utils.cc +34 -0
- data/src/core/lib/event_engine/utils.h +3 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -2
- data/src/core/lib/event_engine/windows/windows_endpoint.h +9 -2
- data/src/core/lib/experiments/experiments.cc +198 -51
- data/src/core/lib/experiments/experiments.h +78 -35
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/ev_poll_posix.cc +4 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +11 -8
- data/src/core/lib/iomgr/fork_posix.cc +0 -7
- data/src/core/lib/iomgr/iomgr.cc +0 -3
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +3 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +37 -47
- data/src/core/lib/iomgr/resolve_address_posix.h +15 -0
- data/src/core/lib/iomgr/resolve_address_windows.cc +22 -45
- data/src/core/lib/iomgr/resolve_address_windows.h +15 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +14 -6
- data/src/core/lib/iomgr/tcp_posix.cc +14 -12
- data/src/core/lib/iomgr/tcp_server_windows.cc +14 -2
- data/src/core/lib/promise/detail/promise_like.h +24 -0
- data/src/core/lib/promise/detail/seq_state.h +741 -0
- data/src/core/lib/promise/map.h +22 -5
- data/src/core/lib/promise/promise.h +2 -0
- data/src/core/lib/promise/seq.h +2 -0
- data/src/core/lib/promise/sleep.cc +6 -3
- data/src/core/lib/promise/try_seq.h +2 -0
- data/src/core/lib/resource_quota/memory_quota.cc +9 -0
- data/src/core/lib/resource_quota/memory_quota.h +1 -3
- data/src/core/lib/slice/slice_buffer.h +6 -0
- data/src/core/lib/surface/call.cc +4 -0
- data/src/core/lib/surface/channel_create.cc +61 -1
- data/src/core/lib/surface/init.cc +2 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/status_conversion.cc +7 -34
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +3 -0
- data/src/core/load_balancing/backend_metric_parser.cc +12 -18
- data/src/core/load_balancing/grpclb/grpclb.cc +2 -2
- data/src/core/load_balancing/health_check_client.cc +2 -4
- data/src/core/load_balancing/oob_backend_metric.cc +2 -4
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +3 -3
- data/src/core/load_balancing/rls/rls.cc +6 -5
- data/src/core/load_balancing/round_robin/round_robin.cc +2 -3
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +4 -4
- data/src/core/load_balancing/weighted_target/weighted_target.cc +3 -9
- data/src/core/load_balancing/xds/xds_override_host.cc +55 -34
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -0
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/resolver/xds/xds_resolver.cc +2 -1
- data/src/core/server/add_port.cc +87 -0
- data/src/core/server/server.cc +48 -53
- data/src/core/server/server.h +3 -5
- data/src/core/telemetry/call_tracer.cc +2 -2
- data/src/core/telemetry/call_tracer.h +1 -1
- data/src/core/{ext/transport/chttp2/transport → telemetry}/context_list_entry.h +3 -3
- data/src/core/telemetry/default_tcp_tracer.cc +26 -0
- data/src/core/telemetry/default_tcp_tracer.h +44 -0
- data/src/core/telemetry/stats.h +0 -5
- data/src/core/telemetry/stats_data.cc +376 -334
- data/src/core/telemetry/stats_data.h +260 -166
- data/src/core/telemetry/tcp_tracer.cc +38 -0
- data/src/core/telemetry/tcp_tracer.h +14 -16
- data/src/core/transport/auth_context.cc +0 -1
- data/src/core/transport/auth_context.h +0 -1
- data/src/core/transport/endpoint_transport.h +90 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.cc +61 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.h +57 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +33 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +3 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +76 -22
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +8 -2
- data/src/core/tsi/ssl_transport_security.cc +189 -71
- data/src/core/tsi/ssl_transport_security.h +6 -1
- data/src/core/tsi/transport_security.h +3 -0
- data/src/core/tsi/transport_security_grpc.h +7 -3
- data/src/core/tsi/transport_security_interface.h +30 -25
- data/src/core/util/backoff.cc +7 -14
- data/src/core/util/backoff.h +0 -1
- data/src/core/util/dual_ref_counted.h +48 -0
- data/src/core/util/function_signature.h +66 -0
- data/src/core/util/gcp_metadata_query.cc +3 -2
- data/src/core/util/http_client/httpcli_security_connector.cc +2 -1
- data/src/core/util/json/json_object_loader.h +3 -3
- data/src/core/util/latent_see.cc +28 -2
- data/src/core/util/latent_see.h +11 -23
- data/src/core/util/linux/env.cc +3 -1
- data/src/core/util/ref_counted_ptr.h +26 -0
- data/src/core/util/shared_bit_gen.cc +21 -0
- data/src/core/util/shared_bit_gen.h +44 -0
- data/src/core/util/single_set_ptr.h +35 -4
- data/src/core/util/uri.cc +75 -17
- data/src/core/util/uri.h +13 -8
- data/src/core/xds/grpc/xds_common_types_parser.cc +1 -9
- data/src/core/xds/grpc/xds_http_filter_registry.cc +1 -3
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +10 -17
- data/src/core/xds/grpc/xds_metadata_parser.cc +40 -64
- data/src/core/xds/grpc/xds_metadata_parser.h +0 -2
- data/src/core/xds/grpc/xds_route_config_parser.cc +55 -77
- data/src/core/xds/xds_client/xds_client.cc +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +2 -6
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +2 -2
- data/third_party/abseil-cpp/absl/algorithm/container.h +79 -48
- data/third_party/abseil-cpp/absl/base/attributes.h +66 -16
- data/third_party/abseil-cpp/absl/base/call_once.h +8 -5
- data/third_party/abseil-cpp/absl/base/config.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +17 -56
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +14 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +5 -1
- data/third_party/abseil-cpp/absl/base/internal/tracing.cc +39 -0
- data/third_party/abseil-cpp/absl/base/internal/tracing.h +81 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -10
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +12 -0
- data/third_party/abseil-cpp/absl/base/macros.h +35 -4
- data/third_party/abseil-cpp/absl/base/nullability.h +72 -16
- data/third_party/abseil-cpp/absl/base/optimization.h +8 -12
- data/third_party/abseil-cpp/absl/base/options.h +5 -2
- data/third_party/abseil-cpp/absl/base/policy_checks.h +2 -0
- data/third_party/abseil-cpp/absl/container/btree_map.h +889 -0
- data/third_party/abseil-cpp/absl/container/btree_set.h +824 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +2 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +17 -3
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +17 -3
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +2 -1
- data/third_party/abseil-cpp/absl/container/internal/btree.h +3046 -0
- data/third_party/abseil-cpp/absl/container/internal/btree_container.h +763 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +9 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +4 -2
- data/third_party/abseil-cpp/absl/container/internal/layout.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +142 -114
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +397 -231
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +56 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +21 -7
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +4 -2
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +17 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +7 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +9 -6
- data/third_party/abseil-cpp/absl/debugging/leak_check.cc +73 -0
- data/third_party/abseil-cpp/absl/debugging/leak_check.h +150 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +3 -2
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +48 -9
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +1 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +7 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +14 -12
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +12 -4
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -5
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +4 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +3 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +13 -12
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +9 -4
- data/third_party/abseil-cpp/absl/hash/hash.h +26 -2
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +17 -17
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +196 -91
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +2 -4
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +27 -22
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +102 -80
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +90 -38
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +80 -48
- data/third_party/abseil-cpp/absl/log/internal/proto.cc +0 -3
- data/third_party/abseil-cpp/absl/log/internal/proto.h +25 -15
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.cc +115 -0
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.h +107 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.cc +8 -1
- data/third_party/abseil-cpp/absl/log/log_sink_registry.h +5 -2
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +16 -6
- data/third_party/abseil-cpp/absl/numeric/int128.h +15 -3
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +6 -4
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +6 -3
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +2 -1
- data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +10 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.h +4 -2
- data/third_party/abseil-cpp/absl/random/exponential_distribution.h +1 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +3 -1
- data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +5 -2
- data/third_party/abseil-cpp/absl/random/internal/platform.h +12 -12
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +56 -5
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +2 -2
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +0 -1
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +1 -4
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +4 -3
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +2 -3
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +1 -2
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +2 -0
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +5 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.cc +8 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +1 -1
- data/third_party/abseil-cpp/absl/status/status.h +1 -1
- data/third_party/abseil-cpp/absl/strings/ascii.cc +41 -26
- data/third_party/abseil-cpp/absl/strings/ascii.h +48 -8
- data/third_party/abseil-cpp/absl/strings/charconv.cc +4 -7
- data/third_party/abseil-cpp/absl/strings/charset.h +3 -4
- data/third_party/abseil-cpp/absl/strings/cord.h +5 -19
- data/third_party/abseil-cpp/absl/strings/escaping.cc +56 -48
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +48 -15
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +35 -0
- data/third_party/abseil-cpp/absl/strings/match.h +21 -11
- data/third_party/abseil-cpp/absl/strings/numbers.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/str_cat.h +11 -0
- data/third_party/abseil-cpp/absl/strings/str_split.h +18 -1
- data/third_party/abseil-cpp/absl/strings/string_view.h +20 -19
- data/third_party/abseil-cpp/absl/strings/strip.h +11 -8
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +16 -10
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +6 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -1
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +38 -12
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +10 -2
- data/third_party/abseil-cpp/absl/synchronization/notification.h +11 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +6 -51
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +3 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -4
- data/third_party/abseil-cpp/absl/time/time.h +84 -23
- data/third_party/abseil-cpp/absl/types/internal/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/optional.h +4 -2
- data/third_party/abseil-cpp/absl/types/span.h +85 -43
- data/third_party/boringssl-with-bazel/src/crypto/aes/aes.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +19 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +79 -48
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +11 -19
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +0 -35
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +31 -47
- data/third_party/boringssl-with-bazel/src/crypto/bn/div.cc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/exponentiation.cc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/sqrt.cc +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aeseax.cc +289 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +179 -102
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cms/cms.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +28 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +11 -9
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +27 -61
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +112 -122
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +23 -35
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +47 -63
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +60 -68
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +23 -42
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +29 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +16 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +15 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +101 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +96 -187
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +24 -512
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +58 -80
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +29 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +27 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +7 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +27 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +102 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +1 -78
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +40 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +57 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +4 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +37 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +28 -39
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/fips_known_values.inc +1345 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +335 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/fips_known_values.inc +411 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +265 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +19 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +121 -138
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +96 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +8 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fips_known_values.inc +674 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +235 -60
- data/third_party/boringssl-with-bazel/src/crypto/fuzzer_mode.cc +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +39 -30
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +8 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +19 -17
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +134 -136
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +25 -21
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +36 -52
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +97 -79
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/{sysrand_internal.h → internal.h} +22 -4
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +15 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +16 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +10 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +10 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +64 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +16 -32
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +576 -567
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +16 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -54
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cms.h +146 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +23 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +10 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +291 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +0 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +32 -26
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +49 -49
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +253 -50
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +12 -12
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +7 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -1
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +24 -32
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +93 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +18 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +83 -7
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +173 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +5 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +28 -15
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +31 -7
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +13 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +7 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +2 -5
- data/third_party/upb/upb/hash/common.c +310 -189
- data/third_party/upb/upb/hash/common.h +44 -43
- data/third_party/upb/upb/hash/int_table.h +29 -5
- data/third_party/upb/upb/hash/str_table.h +6 -0
- data/third_party/upb/upb/mem/arena.c +180 -57
- data/third_party/upb/upb/mem/arena.h +10 -0
- data/third_party/upb/upb/mem/internal/arena.h +62 -24
- data/third_party/upb/upb/message/accessors.c +1 -5
- data/third_party/upb/upb/message/array.c +7 -6
- data/third_party/upb/upb/message/array.h +4 -4
- data/third_party/upb/upb/message/internal/accessors.h +3 -3
- data/third_party/upb/upb/message/internal/extension.c +0 -12
- data/third_party/upb/upb/message/internal/extension.h +0 -4
- data/third_party/upb/upb/message/internal/iterator.h +3 -3
- data/third_party/upb/upb/message/internal/map.h +75 -20
- data/third_party/upb/upb/message/internal/map_sorter.h +10 -2
- data/third_party/upb/upb/message/internal/message.h +53 -5
- data/third_party/upb/upb/message/map.c +68 -20
- data/third_party/upb/upb/message/map.h +8 -1
- data/third_party/upb/upb/message/map_gencode_util.h +3 -45
- data/third_party/upb/upb/message/map_sorter.c +32 -8
- data/third_party/upb/upb/message/merge.h +3 -3
- data/third_party/upb/upb/message/message.c +120 -14
- data/third_party/upb/upb/message/message.h +17 -8
- data/third_party/upb/upb/mini_descriptor/build_enum.c +15 -5
- data/third_party/upb/upb/mini_descriptor/decode.c +18 -2
- data/third_party/upb/upb/mini_descriptor/link.c +4 -0
- data/third_party/upb/upb/mini_table/extension.h +8 -1
- data/third_party/upb/upb/mini_table/extension_registry.c +1 -1
- data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
- data/third_party/upb/upb/mini_table/internal/extension.h +24 -1
- data/third_party/upb/upb/mini_table/internal/field.h +4 -4
- data/third_party/upb/upb/mini_table/internal/message.h +1 -1
- data/third_party/upb/upb/port/def.inc +32 -16
- data/third_party/upb/upb/port/undef.inc +1 -0
- data/third_party/upb/upb/reflection/def_pool.h +2 -2
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +3 -3
- data/third_party/upb/upb/reflection/enum_def.c +4 -4
- data/third_party/upb/upb/reflection/enum_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/enum_value_def.c +9 -8
- data/third_party/upb/upb/reflection/extension_range.c +1 -2
- data/third_party/upb/upb/reflection/field_def.c +3 -5
- data/third_party/upb/upb/reflection/field_def.h +1 -1
- data/third_party/upb/upb/reflection/file_def.c +4 -5
- data/third_party/upb/upb/reflection/internal/def_builder.h +35 -10
- data/third_party/upb/upb/reflection/internal/enum_value_def.h +1 -1
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message_def.c +4 -7
- data/third_party/upb/upb/reflection/message_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/method_def.c +1 -1
- data/third_party/upb/upb/reflection/oneof_def.c +3 -3
- data/third_party/upb/upb/reflection/service_def.c +2 -5
- data/third_party/upb/upb/text/encode.c +16 -0
- data/third_party/upb/upb/text/internal/encode.h +2 -1
- data/third_party/upb/upb/wire/decode.c +104 -72
- data/third_party/upb/upb/wire/encode.c +37 -13
- data/third_party/upb/upb/wire/internal/decode_fast.c +2 -2
- data/third_party/upb/upb/wire/internal/decode_fast.h +4 -0
- metadata +43 -7
- data/src/core/lib/iomgr/executor.cc +0 -441
- data/src/core/lib/iomgr/executor.h +0 -119
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +0 -89
|
@@ -24,9 +24,6 @@
|
|
|
24
24
|
|
|
25
25
|
#include <cstdlib>
|
|
26
26
|
|
|
27
|
-
#include "src/core/lib/surface/init.h"
|
|
28
|
-
#include "src/core/tsi/transport_security_interface.h"
|
|
29
|
-
|
|
30
27
|
// TODO(jboeuf): refactor inet_ntop into a portability header.
|
|
31
28
|
// Note: for whomever reads this and tries to refactor this, this
|
|
32
29
|
// can't be in grpc, it has to be in gpr.
|
|
@@ -53,22 +50,35 @@
|
|
|
53
50
|
#include <openssl/x509v3.h>
|
|
54
51
|
|
|
55
52
|
#include <memory>
|
|
53
|
+
#include <optional>
|
|
56
54
|
#include <string>
|
|
57
55
|
|
|
58
56
|
#include "absl/log/check.h"
|
|
59
57
|
#include "absl/log/log.h"
|
|
60
58
|
#include "absl/strings/match.h"
|
|
59
|
+
#include "absl/strings/numbers.h"
|
|
61
60
|
#include "absl/strings/str_cat.h"
|
|
61
|
+
#include "absl/strings/str_split.h"
|
|
62
62
|
#include "absl/strings/string_view.h"
|
|
63
63
|
#include "src/core/credentials/transport/tls/grpc_tls_crl_provider.h"
|
|
64
|
+
#include "src/core/credentials/transport/tls/ssl_utils.h"
|
|
65
|
+
#include "src/core/lib/surface/init.h"
|
|
64
66
|
#include "src/core/tsi/ssl/key_logging/ssl_key_logging.h"
|
|
65
67
|
#include "src/core/tsi/ssl/session_cache/ssl_session_cache.h"
|
|
66
68
|
#include "src/core/tsi/ssl_transport_security_utils.h"
|
|
67
69
|
#include "src/core/tsi/ssl_types.h"
|
|
68
70
|
#include "src/core/tsi/transport_security.h"
|
|
71
|
+
#include "src/core/tsi/transport_security_interface.h"
|
|
69
72
|
#include "src/core/util/crash.h"
|
|
73
|
+
#include "src/core/util/env.h"
|
|
74
|
+
#include "src/core/util/sync.h"
|
|
70
75
|
#include "src/core/util/useful.h"
|
|
71
76
|
|
|
77
|
+
// Name of the environment variable controlling OpenSSL cleanup timeout.
|
|
78
|
+
// This variable allows users to specify the timeout (in seconds) for OpenSSL
|
|
79
|
+
// resource cleanup during gRPC shutdown. If not set, a default timeout is used.
|
|
80
|
+
#define GRPC_ARG_OPENSSL_CLEANUP_TIMEOUT_ENV "grpc.openssl_cleanup_timeout"
|
|
81
|
+
|
|
72
82
|
// --- Constants. ---
|
|
73
83
|
|
|
74
84
|
#define TSI_SSL_MAX_BIO_WRITE_ATTEMPTS 100
|
|
@@ -146,9 +156,97 @@ struct tsi_ssl_frame_protector {
|
|
|
146
156
|
unsigned char* buffer;
|
|
147
157
|
size_t buffer_size;
|
|
148
158
|
size_t buffer_offset;
|
|
159
|
+
// Ensures that protect, protect_flush, and unprotect are not called
|
|
160
|
+
// concurrently.
|
|
161
|
+
gpr_mu mu;
|
|
149
162
|
};
|
|
150
163
|
// --- Library Initialization. ---
|
|
151
164
|
|
|
165
|
+
namespace {
|
|
166
|
+
// Builds the alpn protocol name list according to rfc 7301.
|
|
167
|
+
// OpenSSL requires <const char**> for the input to the alpn methods.
|
|
168
|
+
tsi_result BuildAlpnProtocolNameList(const char** alpn_protocols,
|
|
169
|
+
uint16_t num_alpn_protocols,
|
|
170
|
+
unsigned char** protocol_name_list,
|
|
171
|
+
size_t* protocol_name_list_length) {
|
|
172
|
+
uint16_t i;
|
|
173
|
+
unsigned char* current;
|
|
174
|
+
*protocol_name_list = nullptr;
|
|
175
|
+
*protocol_name_list_length = 0;
|
|
176
|
+
if (num_alpn_protocols == 0) return TSI_INVALID_ARGUMENT;
|
|
177
|
+
for (i = 0; i < num_alpn_protocols; i++) {
|
|
178
|
+
size_t length =
|
|
179
|
+
alpn_protocols[i] == nullptr ? 0 : strlen(alpn_protocols[i]);
|
|
180
|
+
if (length == 0 || length > 255) {
|
|
181
|
+
LOG(ERROR) << "Invalid protocol name length: " << length;
|
|
182
|
+
return TSI_INVALID_ARGUMENT;
|
|
183
|
+
}
|
|
184
|
+
*protocol_name_list_length += length + 1;
|
|
185
|
+
}
|
|
186
|
+
*protocol_name_list =
|
|
187
|
+
static_cast<unsigned char*>(gpr_malloc(*protocol_name_list_length));
|
|
188
|
+
if (*protocol_name_list == nullptr) return TSI_OUT_OF_RESOURCES;
|
|
189
|
+
current = *protocol_name_list;
|
|
190
|
+
for (i = 0; i < num_alpn_protocols; i++) {
|
|
191
|
+
size_t length = strlen(alpn_protocols[i]);
|
|
192
|
+
*(current++) = static_cast<uint8_t>(length); // max checked above.
|
|
193
|
+
memcpy(current, alpn_protocols[i], length);
|
|
194
|
+
current += length;
|
|
195
|
+
}
|
|
196
|
+
// Safety check.
|
|
197
|
+
if ((current < *protocol_name_list) ||
|
|
198
|
+
(static_cast<uintptr_t>(current - *protocol_name_list) !=
|
|
199
|
+
*protocol_name_list_length)) {
|
|
200
|
+
return TSI_INTERNAL_ERROR;
|
|
201
|
+
}
|
|
202
|
+
return TSI_OK;
|
|
203
|
+
}
|
|
204
|
+
|
|
205
|
+
// Helper method to negotiate the protocol between a client and a server. With
|
|
206
|
+
// this callback, the server is given preference when selecting a protocol to
|
|
207
|
+
// negotiate. The input of this function are in accordance to OpenSSL methods.
|
|
208
|
+
int SelectProtocolListServerSideFirst(const unsigned char** negotiated_protocol,
|
|
209
|
+
unsigned char* negotiated_protocol_len,
|
|
210
|
+
const unsigned char* client_list,
|
|
211
|
+
size_t client_list_len,
|
|
212
|
+
const unsigned char* server_list,
|
|
213
|
+
size_t server_list_len) {
|
|
214
|
+
const unsigned char* server_current = server_list;
|
|
215
|
+
while (static_cast<unsigned int>(server_current - server_list) <
|
|
216
|
+
server_list_len) {
|
|
217
|
+
unsigned char server_current_len = *(server_current++);
|
|
218
|
+
const unsigned char* client_current = client_list;
|
|
219
|
+
while ((client_current >= client_list) &&
|
|
220
|
+
static_cast<uintptr_t>(client_current - client_list) <
|
|
221
|
+
client_list_len) {
|
|
222
|
+
unsigned char client_current_len = *(client_current++);
|
|
223
|
+
if ((server_current_len == client_current_len) &&
|
|
224
|
+
!memcmp(server_current, client_current, client_current_len)) {
|
|
225
|
+
*negotiated_protocol = client_current;
|
|
226
|
+
*negotiated_protocol_len = client_current_len;
|
|
227
|
+
return SSL_TLSEXT_ERR_OK;
|
|
228
|
+
}
|
|
229
|
+
client_current += client_current_len;
|
|
230
|
+
}
|
|
231
|
+
server_current += server_current_len;
|
|
232
|
+
}
|
|
233
|
+
return SSL_TLSEXT_ERR_NOACK;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
237
|
+
int ServerHandshakerFactoryAlpnCallback(SSL* /*ssl*/, const unsigned char** out,
|
|
238
|
+
unsigned char* outlen,
|
|
239
|
+
const unsigned char* in,
|
|
240
|
+
unsigned int inlen, void* arg) {
|
|
241
|
+
tsi_ssl_server_handshaker_factory* factory =
|
|
242
|
+
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
|
243
|
+
return SelectProtocolListServerSideFirst(out, outlen, in, inlen,
|
|
244
|
+
factory->alpn_protocol_list,
|
|
245
|
+
factory->alpn_protocol_list_length);
|
|
246
|
+
}
|
|
247
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
248
|
+
} // namespace
|
|
249
|
+
|
|
152
250
|
static gpr_once g_init_openssl_once = GPR_ONCE_INIT;
|
|
153
251
|
static int g_ssl_ctx_ex_factory_index = -1;
|
|
154
252
|
static int g_ssl_ctx_ex_crl_provider_index = -1;
|
|
@@ -193,7 +291,27 @@ static void init_openssl(void) {
|
|
|
193
291
|
// OPENSSL registers an exit handler to clean up global objects, which
|
|
194
292
|
// otherwise may happen before gRPC removes all references to OPENSSL. Below
|
|
195
293
|
// exit handler is guaranteed to run after OPENSSL's.
|
|
196
|
-
std::atexit([]() {
|
|
294
|
+
std::atexit([]() {
|
|
295
|
+
// Retrieve the OpenSSL cleanup timeout from the environment variable.
|
|
296
|
+
// This allows users to override the default cleanup timeout for OpenSSL
|
|
297
|
+
// resource deallocation during gRPC shutdown.
|
|
298
|
+
std::optional<std::string> env =
|
|
299
|
+
grpc_core::GetEnv(GRPC_ARG_OPENSSL_CLEANUP_TIMEOUT_ENV);
|
|
300
|
+
int timeout_sec = 2;
|
|
301
|
+
if (env.has_value()) {
|
|
302
|
+
int parsed_timeout_sec = 0;
|
|
303
|
+
if (absl::SimpleAtoi(*env, &parsed_timeout_sec)) {
|
|
304
|
+
timeout_sec = parsed_timeout_sec;
|
|
305
|
+
} else {
|
|
306
|
+
GRPC_TRACE_LOG(tsi, ERROR)
|
|
307
|
+
<< "Invalid value [" << (*env) << "] for "
|
|
308
|
+
<< GRPC_ARG_OPENSSL_CLEANUP_TIMEOUT_ENV
|
|
309
|
+
<< " environment variable. Using default value of 2 seconds.";
|
|
310
|
+
}
|
|
311
|
+
}
|
|
312
|
+
|
|
313
|
+
grpc_wait_for_shutdown_with_timeout(absl::Seconds(timeout_sec));
|
|
314
|
+
});
|
|
197
315
|
#else
|
|
198
316
|
SSL_library_init();
|
|
199
317
|
SSL_load_error_strings();
|
|
@@ -856,43 +974,6 @@ tsi_result tsi_ssl_extract_x509_subject_names_from_pem_cert(
|
|
|
856
974
|
return result;
|
|
857
975
|
}
|
|
858
976
|
|
|
859
|
-
// Builds the alpn protocol name list according to rfc 7301.
|
|
860
|
-
static tsi_result build_alpn_protocol_name_list(
|
|
861
|
-
const char** alpn_protocols, uint16_t num_alpn_protocols,
|
|
862
|
-
unsigned char** protocol_name_list, size_t* protocol_name_list_length) {
|
|
863
|
-
uint16_t i;
|
|
864
|
-
unsigned char* current;
|
|
865
|
-
*protocol_name_list = nullptr;
|
|
866
|
-
*protocol_name_list_length = 0;
|
|
867
|
-
if (num_alpn_protocols == 0) return TSI_INVALID_ARGUMENT;
|
|
868
|
-
for (i = 0; i < num_alpn_protocols; i++) {
|
|
869
|
-
size_t length =
|
|
870
|
-
alpn_protocols[i] == nullptr ? 0 : strlen(alpn_protocols[i]);
|
|
871
|
-
if (length == 0 || length > 255) {
|
|
872
|
-
LOG(ERROR) << "Invalid protocol name length: " << length;
|
|
873
|
-
return TSI_INVALID_ARGUMENT;
|
|
874
|
-
}
|
|
875
|
-
*protocol_name_list_length += length + 1;
|
|
876
|
-
}
|
|
877
|
-
*protocol_name_list =
|
|
878
|
-
static_cast<unsigned char*>(gpr_malloc(*protocol_name_list_length));
|
|
879
|
-
if (*protocol_name_list == nullptr) return TSI_OUT_OF_RESOURCES;
|
|
880
|
-
current = *protocol_name_list;
|
|
881
|
-
for (i = 0; i < num_alpn_protocols; i++) {
|
|
882
|
-
size_t length = strlen(alpn_protocols[i]);
|
|
883
|
-
*(current++) = static_cast<uint8_t>(length); // max checked above.
|
|
884
|
-
memcpy(current, alpn_protocols[i], length);
|
|
885
|
-
current += length;
|
|
886
|
-
}
|
|
887
|
-
// Safety check.
|
|
888
|
-
if ((current < *protocol_name_list) ||
|
|
889
|
-
(static_cast<uintptr_t>(current - *protocol_name_list) !=
|
|
890
|
-
*protocol_name_list_length)) {
|
|
891
|
-
return TSI_INTERNAL_ERROR;
|
|
892
|
-
}
|
|
893
|
-
return TSI_OK;
|
|
894
|
-
}
|
|
895
|
-
|
|
896
977
|
// This callback is invoked when the CRL has been verified and will soft-fail
|
|
897
978
|
// errors in verification depending on certain error types.
|
|
898
979
|
static int verify_cb(int ok, X509_STORE_CTX* ctx) {
|
|
@@ -958,7 +1039,7 @@ static int RootCertExtractCallback(X509_STORE_CTX* ctx, void* /*arg*/) {
|
|
|
958
1039
|
}
|
|
959
1040
|
|
|
960
1041
|
// Free the old root and save the new one. There should not be an old root,
|
|
961
|
-
// but if renegotiation is not disabled (required by
|
|
1042
|
+
// but if renegotiation is not disabled (required by RFC9113, Section
|
|
962
1043
|
// 9.2.1), it is possible that this callback run multiple times for a single
|
|
963
1044
|
// connection. gRPC does not always disable renegotiation. See
|
|
964
1045
|
// https://github.com/grpc/grpc/issues/35368
|
|
@@ -1299,11 +1380,13 @@ static tsi_result ssl_protector_protect(tsi_frame_protector* self,
|
|
|
1299
1380
|
size_t* protected_output_frames_size) {
|
|
1300
1381
|
tsi_ssl_frame_protector* impl =
|
|
1301
1382
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1302
|
-
|
|
1303
|
-
|
|
1383
|
+
gpr_mu_lock(&impl->mu);
|
|
1384
|
+
tsi_result result = grpc_core::SslProtectorProtect(
|
|
1304
1385
|
unprotected_bytes, impl->buffer_size, impl->buffer_offset, impl->buffer,
|
|
1305
1386
|
impl->ssl, impl->network_io, unprotected_bytes_size,
|
|
1306
1387
|
protected_output_frames, protected_output_frames_size);
|
|
1388
|
+
gpr_mu_unlock(&impl->mu);
|
|
1389
|
+
return result;
|
|
1307
1390
|
}
|
|
1308
1391
|
|
|
1309
1392
|
static tsi_result ssl_protector_protect_flush(
|
|
@@ -1311,10 +1394,13 @@ static tsi_result ssl_protector_protect_flush(
|
|
|
1311
1394
|
size_t* protected_output_frames_size, size_t* still_pending_size) {
|
|
1312
1395
|
tsi_ssl_frame_protector* impl =
|
|
1313
1396
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1314
|
-
|
|
1397
|
+
gpr_mu_lock(&impl->mu);
|
|
1398
|
+
tsi_result result = grpc_core::SslProtectorProtectFlush(
|
|
1315
1399
|
impl->buffer_offset, impl->buffer, impl->ssl, impl->network_io,
|
|
1316
1400
|
protected_output_frames, protected_output_frames_size,
|
|
1317
1401
|
still_pending_size);
|
|
1402
|
+
gpr_mu_unlock(&impl->mu);
|
|
1403
|
+
return result;
|
|
1318
1404
|
}
|
|
1319
1405
|
|
|
1320
1406
|
static tsi_result ssl_protector_unprotect(
|
|
@@ -1323,9 +1409,12 @@ static tsi_result ssl_protector_unprotect(
|
|
|
1323
1409
|
size_t* unprotected_bytes_size) {
|
|
1324
1410
|
tsi_ssl_frame_protector* impl =
|
|
1325
1411
|
reinterpret_cast<tsi_ssl_frame_protector*>(self);
|
|
1326
|
-
|
|
1412
|
+
gpr_mu_lock(&impl->mu);
|
|
1413
|
+
tsi_result result = grpc_core::SslProtectorUnprotect(
|
|
1327
1414
|
protected_frames_bytes, impl->ssl, impl->network_io,
|
|
1328
1415
|
protected_frames_bytes_size, unprotected_bytes, unprotected_bytes_size);
|
|
1416
|
+
gpr_mu_unlock(&impl->mu);
|
|
1417
|
+
return result;
|
|
1329
1418
|
}
|
|
1330
1419
|
|
|
1331
1420
|
static void ssl_protector_destroy(tsi_frame_protector* self) {
|
|
@@ -1334,6 +1423,7 @@ static void ssl_protector_destroy(tsi_frame_protector* self) {
|
|
|
1334
1423
|
if (impl->buffer != nullptr) gpr_free(impl->buffer);
|
|
1335
1424
|
if (impl->ssl != nullptr) SSL_free(impl->ssl);
|
|
1336
1425
|
if (impl->network_io != nullptr) BIO_free(impl->network_io);
|
|
1426
|
+
gpr_mu_destroy(&impl->mu);
|
|
1337
1427
|
gpr_free(self);
|
|
1338
1428
|
}
|
|
1339
1429
|
|
|
@@ -1539,6 +1629,7 @@ static tsi_result ssl_handshaker_result_create_frame_protector(
|
|
|
1539
1629
|
impl->ssl = nullptr;
|
|
1540
1630
|
protector_impl->network_io = impl->network_io;
|
|
1541
1631
|
impl->network_io = nullptr;
|
|
1632
|
+
gpr_mu_init(&protector_impl->mu);
|
|
1542
1633
|
protector_impl->base.vtable = &frame_protector_vtable;
|
|
1543
1634
|
*protector = &protector_impl->base;
|
|
1544
1635
|
return TSI_OK;
|
|
@@ -1888,12 +1979,11 @@ static void tsi_ssl_handshaker_resume_session(
|
|
|
1888
1979
|
}
|
|
1889
1980
|
}
|
|
1890
1981
|
|
|
1891
|
-
static tsi_result create_tsi_ssl_handshaker(
|
|
1892
|
-
|
|
1893
|
-
|
|
1894
|
-
|
|
1895
|
-
|
|
1896
|
-
tsi_handshaker** handshaker) {
|
|
1982
|
+
static tsi_result create_tsi_ssl_handshaker(
|
|
1983
|
+
SSL_CTX* ctx, int is_client, const char* server_name_indication,
|
|
1984
|
+
size_t network_bio_buf_size, size_t ssl_bio_buf_size,
|
|
1985
|
+
std::optional<std::string> alpn_preferred_protocol_raw_list,
|
|
1986
|
+
tsi_ssl_handshaker_factory* factory, tsi_handshaker** handshaker) {
|
|
1897
1987
|
SSL* ssl = SSL_new(ctx);
|
|
1898
1988
|
BIO* network_io = nullptr;
|
|
1899
1989
|
BIO* ssl_io = nullptr;
|
|
@@ -1915,6 +2005,42 @@ static tsi_result create_tsi_ssl_handshaker(SSL_CTX* ctx, int is_client,
|
|
|
1915
2005
|
return TSI_OUT_OF_RESOURCES;
|
|
1916
2006
|
}
|
|
1917
2007
|
SSL_set_bio(ssl, ssl_io, ssl_io);
|
|
2008
|
+
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
2009
|
+
if (alpn_preferred_protocol_raw_list.has_value()) {
|
|
2010
|
+
size_t num_preferred_protocols = 0;
|
|
2011
|
+
const char** preferred_protocols = ParseAlpnStringIntoArray(
|
|
2012
|
+
alpn_preferred_protocol_raw_list.value(), &num_preferred_protocols);
|
|
2013
|
+
if (preferred_protocols != nullptr) {
|
|
2014
|
+
unsigned char* preferred_protocol_byte_list = nullptr;
|
|
2015
|
+
size_t preferred_protocol_byte_list_length = 0;
|
|
2016
|
+
tsi_result result = BuildAlpnProtocolNameList(
|
|
2017
|
+
preferred_protocols, num_preferred_protocols,
|
|
2018
|
+
&preferred_protocol_byte_list, &preferred_protocol_byte_list_length);
|
|
2019
|
+
for (size_t i = 0; i < num_preferred_protocols; i++) {
|
|
2020
|
+
gpr_free(const_cast<char*>(preferred_protocols[i]));
|
|
2021
|
+
}
|
|
2022
|
+
gpr_free(preferred_protocols);
|
|
2023
|
+
if (result != TSI_OK) {
|
|
2024
|
+
LOG(ERROR) << "Building alpn list failed with error "
|
|
2025
|
+
<< tsi_result_to_string(result);
|
|
2026
|
+
if (preferred_protocol_byte_list != nullptr) {
|
|
2027
|
+
gpr_free(preferred_protocol_byte_list);
|
|
2028
|
+
}
|
|
2029
|
+
return TSI_INTERNAL_ERROR;
|
|
2030
|
+
}
|
|
2031
|
+
if (is_client) {
|
|
2032
|
+
if (SSL_set_alpn_protos(ssl, preferred_protocol_byte_list,
|
|
2033
|
+
static_cast<unsigned int>(
|
|
2034
|
+
preferred_protocol_byte_list_length))) {
|
|
2035
|
+
LOG(ERROR) << "Could not set alpn protocol list to session.";
|
|
2036
|
+
gpr_free(preferred_protocol_byte_list);
|
|
2037
|
+
return TSI_INTERNAL_ERROR;
|
|
2038
|
+
}
|
|
2039
|
+
gpr_free(preferred_protocol_byte_list);
|
|
2040
|
+
}
|
|
2041
|
+
}
|
|
2042
|
+
}
|
|
2043
|
+
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
1918
2044
|
if (is_client) {
|
|
1919
2045
|
int ssl_result;
|
|
1920
2046
|
SSL_set_connect_state(ssl);
|
|
@@ -1998,10 +2124,13 @@ static int select_protocol_list(const unsigned char** out,
|
|
|
1998
2124
|
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker(
|
|
1999
2125
|
tsi_ssl_client_handshaker_factory* factory,
|
|
2000
2126
|
const char* server_name_indication, size_t network_bio_buf_size,
|
|
2001
|
-
size_t ssl_bio_buf_size,
|
|
2127
|
+
size_t ssl_bio_buf_size,
|
|
2128
|
+
std::optional<std::string> alpn_preferred_protocol_list,
|
|
2129
|
+
tsi_handshaker** handshaker) {
|
|
2002
2130
|
return create_tsi_ssl_handshaker(
|
|
2003
2131
|
factory->ssl_context, 1, server_name_indication, network_bio_buf_size,
|
|
2004
|
-
ssl_bio_buf_size, &factory->base,
|
|
2132
|
+
ssl_bio_buf_size, alpn_preferred_protocol_list, &factory->base,
|
|
2133
|
+
handshaker);
|
|
2005
2134
|
}
|
|
2006
2135
|
|
|
2007
2136
|
void tsi_ssl_client_handshaker_factory_unref(
|
|
@@ -2049,7 +2178,7 @@ tsi_result tsi_ssl_server_handshaker_factory_create_handshaker(
|
|
|
2049
2178
|
// because of SNI in ssl_server_handshaker_factory_servername_callback.
|
|
2050
2179
|
return create_tsi_ssl_handshaker(factory->ssl_contexts[0], 0, nullptr,
|
|
2051
2180
|
network_bio_buf_size, ssl_bio_buf_size,
|
|
2052
|
-
&factory->base, handshaker);
|
|
2181
|
+
std::nullopt, &factory->base, handshaker);
|
|
2053
2182
|
}
|
|
2054
2183
|
|
|
2055
2184
|
void tsi_ssl_server_handshaker_factory_unref(
|
|
@@ -2141,18 +2270,6 @@ static int ssl_server_handshaker_factory_servername_callback(SSL* ssl,
|
|
|
2141
2270
|
return SSL_TLSEXT_ERR_NOACK;
|
|
2142
2271
|
}
|
|
2143
2272
|
|
|
2144
|
-
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
2145
|
-
static int server_handshaker_factory_alpn_callback(
|
|
2146
|
-
SSL* /*ssl*/, const unsigned char** out, unsigned char* outlen,
|
|
2147
|
-
const unsigned char* in, unsigned int inlen, void* arg) {
|
|
2148
|
-
tsi_ssl_server_handshaker_factory* factory =
|
|
2149
|
-
static_cast<tsi_ssl_server_handshaker_factory*>(arg);
|
|
2150
|
-
return select_protocol_list(out, outlen, in, inlen,
|
|
2151
|
-
factory->alpn_protocol_list,
|
|
2152
|
-
factory->alpn_protocol_list_length);
|
|
2153
|
-
}
|
|
2154
|
-
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
2155
|
-
|
|
2156
2273
|
static int server_handshaker_factory_npn_advertised_callback(
|
|
2157
2274
|
SSL* /*ssl*/, const unsigned char** out, unsigned int* outlen, void* arg) {
|
|
2158
2275
|
tsi_ssl_server_handshaker_factory* factory =
|
|
@@ -2168,7 +2285,8 @@ static int server_handshaker_factory_npn_advertised_callback(
|
|
|
2168
2285
|
/// servers at later point of time.
|
|
2169
2286
|
/// It's intended to be used with SSL_CTX_sess_set_new_cb function.
|
|
2170
2287
|
///
|
|
2171
|
-
/// It returns 1 if callback takes ownership over \a session and 0
|
|
2288
|
+
/// It returns 1 if callback takes ownership over \a session and 0
|
|
2289
|
+
/// otherwise.
|
|
2172
2290
|
static int server_handshaker_factory_new_session_callback(
|
|
2173
2291
|
SSL* ssl, SSL_SESSION* session) {
|
|
2174
2292
|
SSL_CTX* ssl_context = SSL_get_SSL_CTX(ssl);
|
|
@@ -2317,7 +2435,7 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
2317
2435
|
}
|
|
2318
2436
|
|
|
2319
2437
|
if (options->num_alpn_protocols != 0) {
|
|
2320
|
-
result =
|
|
2438
|
+
result = BuildAlpnProtocolNameList(
|
|
2321
2439
|
options->alpn_protocols, options->num_alpn_protocols,
|
|
2322
2440
|
&impl->alpn_protocol_list, &impl->alpn_protocol_list_length);
|
|
2323
2441
|
if (result != TSI_OK) {
|
|
@@ -2440,7 +2558,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2440
2558
|
impl->ssl_context_count = options->num_key_cert_pairs;
|
|
2441
2559
|
|
|
2442
2560
|
if (options->num_alpn_protocols > 0) {
|
|
2443
|
-
result =
|
|
2561
|
+
result = BuildAlpnProtocolNameList(
|
|
2444
2562
|
options->alpn_protocols, options->num_alpn_protocols,
|
|
2445
2563
|
&impl->alpn_protocol_list, &impl->alpn_protocol_list_length);
|
|
2446
2564
|
if (result != TSI_OK) {
|
|
@@ -2578,7 +2696,7 @@ tsi_result tsi_create_ssl_server_handshaker_factory_with_options(
|
|
|
2578
2696
|
SSL_CTX_set_tlsext_servername_arg(impl->ssl_contexts[i], impl);
|
|
2579
2697
|
#if TSI_OPENSSL_ALPN_SUPPORT
|
|
2580
2698
|
SSL_CTX_set_alpn_select_cb(impl->ssl_contexts[i],
|
|
2581
|
-
|
|
2699
|
+
ServerHandshakerFactoryAlpnCallback, impl);
|
|
2582
2700
|
#endif // TSI_OPENSSL_ALPN_SUPPORT
|
|
2583
2701
|
SSL_CTX_set_next_protos_advertised_cb(
|
|
2584
2702
|
impl->ssl_contexts[i],
|
|
@@ -222,6 +222,9 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
222
222
|
// extension.
|
|
223
223
|
//- network_bio_buf_size and ssl_bio_buf_size represent BIO pair buffers used in
|
|
224
224
|
// SSL. The buffer size being 0 translates to 17KB in boringSSL.
|
|
225
|
+
//- alpn_preferred_protocol_list is a comma sepparated ordered list of the
|
|
226
|
+
// preferred transport protocols for this handshaker. This will override the
|
|
227
|
+
// value provided by the handshaker factory for protocol negotiation.
|
|
225
228
|
//- handshaker is the address of the handshaker pointer to be created.
|
|
226
229
|
|
|
227
230
|
//- This method returns TSI_OK on success or TSI_INVALID_PARAMETER in the case
|
|
@@ -229,7 +232,9 @@ tsi_result tsi_create_ssl_client_handshaker_factory_with_options(
|
|
|
229
232
|
tsi_result tsi_ssl_client_handshaker_factory_create_handshaker(
|
|
230
233
|
tsi_ssl_client_handshaker_factory* factory,
|
|
231
234
|
const char* server_name_indication, size_t network_bio_buf_size,
|
|
232
|
-
size_t ssl_bio_buf_size,
|
|
235
|
+
size_t ssl_bio_buf_size,
|
|
236
|
+
std::optional<std::string> alpn_preferred_protocol_list,
|
|
237
|
+
tsi_handshaker** handshaker);
|
|
233
238
|
|
|
234
239
|
// Increments reference count of the client handshaker factory.
|
|
235
240
|
tsi_ssl_client_handshaker_factory* tsi_ssl_client_handshaker_factory_ref(
|
|
@@ -28,6 +28,9 @@
|
|
|
28
28
|
// Base for tsi_frame_protector implementations.
|
|
29
29
|
// See transport_security_interface.h for documentation.
|
|
30
30
|
// All methods must be implemented.
|
|
31
|
+
// Implementations must provide the following thread-safety guarantees:
|
|
32
|
+
// - protect and unprotect can be called concurrently,
|
|
33
|
+
// - protect_flush and unprotect can be called concurrently.
|
|
31
34
|
struct tsi_frame_protector_vtable {
|
|
32
35
|
tsi_result (*protect)(tsi_frame_protector* self,
|
|
33
36
|
const unsigned char* unprotected_bytes,
|
|
@@ -37,8 +37,9 @@ tsi_result tsi_handshaker_result_create_zero_copy_grpc_protector(
|
|
|
37
37
|
// - unprotected_slices is the unprotected data to be protected.
|
|
38
38
|
// - protected_slices is the protected output frames. One or more frames
|
|
39
39
|
// may be produced in this protect function.
|
|
40
|
-
// -
|
|
40
|
+
// - Returns TSI_OK in case of success or a specific error code in
|
|
41
41
|
// case of failure.
|
|
42
|
+
// - Can be called concurrently with tsi_zero_copy_grpc_protector_unprotect.
|
|
42
43
|
tsi_result tsi_zero_copy_grpc_protector_protect(
|
|
43
44
|
tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* unprotected_slices,
|
|
44
45
|
grpc_slice_buffer* protected_slices);
|
|
@@ -46,11 +47,12 @@ tsi_result tsi_zero_copy_grpc_protector_protect(
|
|
|
46
47
|
// Outputs unprotected bytes.
|
|
47
48
|
// - protected_slices is the bytes of protected frames.
|
|
48
49
|
// - unprotected_slices is the unprotected output data.
|
|
49
|
-
// -
|
|
50
|
+
// - If min_progress_size is not null, it returns the size of the last
|
|
50
51
|
// incomplete frame which could not be fully unprotected.
|
|
51
|
-
// -
|
|
52
|
+
// - Returns TSI_OK in case of success. Success includes cases where
|
|
52
53
|
// there is not enough data to output in which case unprotected_slices has 0
|
|
53
54
|
// bytes.
|
|
55
|
+
// - Can be called concurrently with tsi_zero_copy_grpc_protector_protect.
|
|
54
56
|
tsi_result tsi_zero_copy_grpc_protector_unprotect(
|
|
55
57
|
tsi_zero_copy_grpc_protector* self, grpc_slice_buffer* protected_slices,
|
|
56
58
|
grpc_slice_buffer* unprotected_slices, int* min_progress_size);
|
|
@@ -63,6 +65,8 @@ tsi_result tsi_zero_copy_grpc_protector_max_frame_size(
|
|
|
63
65
|
tsi_zero_copy_grpc_protector* self, size_t* max_frame_size);
|
|
64
66
|
|
|
65
67
|
// Base for tsi_zero_copy_grpc_protector implementations.
|
|
68
|
+
// Implementations must guarantee that protect and unprotect can be called
|
|
69
|
+
// concurrently.
|
|
66
70
|
struct tsi_zero_copy_grpc_protector_vtable {
|
|
67
71
|
tsi_result (*protect)(tsi_zero_copy_grpc_protector* self,
|
|
68
72
|
grpc_slice_buffer* unprotected_slices,
|
|
@@ -122,47 +122,47 @@ typedef struct tsi_frame_protector tsi_frame_protector;
|
|
|
122
122
|
// - protected_output_frames_size is an input/output parameter used by the
|
|
123
123
|
// caller to specify how many bytes are available in protected_output_frames.
|
|
124
124
|
// As an output, this value indicates the number of bytes written.
|
|
125
|
-
// -
|
|
125
|
+
// - Returns TSI_OK in case of success or a specific error code in
|
|
126
126
|
// case of failure. Note that even if all the input unprotected bytes are
|
|
127
127
|
// consumed, they may not have been processed into the returned protected
|
|
128
128
|
// output frames. The caller should call the protect_flush method
|
|
129
129
|
// to make sure that there are no more protected bytes buffered in the
|
|
130
130
|
// protector.
|
|
131
|
+
//
|
|
132
|
+
// Can be called concurrently with tsi_frame_protector_unprotect. Cannot be
|
|
133
|
+
// called concurrently with tsi_frame_protector_protect_flush.
|
|
131
134
|
|
|
132
135
|
// A typical way to call this method would be:
|
|
133
136
|
|
|
134
137
|
// ------------------------------------------------------------------------
|
|
135
138
|
// unsigned char protected_buffer[4096];
|
|
136
|
-
//
|
|
139
|
+
// uint8_t* cur = protected_buffer;
|
|
140
|
+
// uint8_t* end = cur + sizeof(protected_buffer);
|
|
137
141
|
// tsi_result result = TSI_OK;
|
|
138
142
|
// while (message_size > 0) {
|
|
139
|
-
// size_t protected_buffer_size_to_send =
|
|
143
|
+
// size_t protected_buffer_size_to_send = static_cast<size_t>(end - cur);
|
|
140
144
|
// size_t processed_message_size = message_size;
|
|
141
|
-
// result = tsi_frame_protector_protect(protector,
|
|
142
|
-
//
|
|
143
|
-
// &processed_message_size,
|
|
144
|
-
// protected_buffer,
|
|
145
|
+
// result = tsi_frame_protector_protect(protector, message_bytes,
|
|
146
|
+
// &processed_message_size, cur,
|
|
145
147
|
// &protected_buffer_size_to_send);
|
|
146
148
|
// if (result != TSI_OK) break;
|
|
147
|
-
// send_bytes_to_peer(protected_buffer, protected_buffer_size_to_send);
|
|
148
149
|
// message_bytes += processed_message_size;
|
|
149
150
|
// message_size -= processed_message_size;
|
|
150
|
-
|
|
151
|
-
// //
|
|
152
|
-
// if (message_size == 0) {
|
|
153
|
-
// size_t still_pending_size;
|
|
154
|
-
// do {
|
|
155
|
-
// protected_buffer_size_to_send = protected_buffer_size;
|
|
156
|
-
// result = tsi_frame_protector_protect_flush(
|
|
157
|
-
// protector, protected_buffer,
|
|
158
|
-
// &protected_buffer_size_to_send, &still_pending_size);
|
|
159
|
-
// if (result != TSI_OK) break;
|
|
160
|
-
// send_bytes_to_peer(protected_buffer, protected_buffer_size_to_send);
|
|
161
|
-
// } while (still_pending_size > 0);
|
|
162
|
-
// }
|
|
151
|
+
// cur += protected_buffer_size_to_send;
|
|
152
|
+
// if (cur == end) // Flush the protected buffer.
|
|
163
153
|
// }
|
|
164
|
-
|
|
154
|
+
// size_t still_pending_size;
|
|
155
|
+
// do {
|
|
156
|
+
// size_t protected_buffer_size_to_send = static_cast<size_t>(end - cur);
|
|
157
|
+
// result = tsi_frame_protector_protect_flush(
|
|
158
|
+
// protector, cur, &protected_buffer_size_to_send, &still_pending_size);
|
|
159
|
+
// if (result != TSI_OK) break;
|
|
160
|
+
// cur += protected_buffer_size_to_send;
|
|
161
|
+
// if (cur == end) // Flush the protected buffer.
|
|
162
|
+
// } while (still_pending_size > 0);
|
|
165
163
|
// if (result != TSI_OK) HandleError(result);
|
|
164
|
+
// std::string protected_bytes(reinterpret_cast<const char*>(protected_buffer),
|
|
165
|
+
// cur - protected_buffer);
|
|
166
166
|
// ------------------------------------------------------------------------
|
|
167
167
|
tsi_result tsi_frame_protector_protect(tsi_frame_protector* self,
|
|
168
168
|
const unsigned char* unprotected_bytes,
|
|
@@ -178,6 +178,9 @@ tsi_result tsi_frame_protector_protect(tsi_frame_protector* self,
|
|
|
178
178
|
// caller to specify how many bytes are available in protected_output_frames.
|
|
179
179
|
// - still_pending_bytes is an output parameter indicating the number of bytes
|
|
180
180
|
// that still need to be flushed from the protector.
|
|
181
|
+
//
|
|
182
|
+
// Can be called concurrently with tsi_frame_protector_unprotect. Cannot be
|
|
183
|
+
// called concurrently with tsi_frame_protector_protect.
|
|
181
184
|
tsi_result tsi_frame_protector_protect_flush(
|
|
182
185
|
tsi_frame_protector* self, unsigned char* protected_output_frames,
|
|
183
186
|
size_t* protected_output_frames_size, size_t* still_pending_size);
|
|
@@ -198,12 +201,14 @@ tsi_result tsi_frame_protector_protect_flush(
|
|
|
198
201
|
// is the number of bytes actually written.
|
|
199
202
|
// If *unprotected_bytes_size is unchanged, there may be more data remaining
|
|
200
203
|
// to unprotect, and the caller should call this function again.
|
|
201
|
-
|
|
202
|
-
//
|
|
203
|
-
// there is not enough data to output a frame in which case
|
|
204
|
+
// - Returns TSI_OK in case of success. Success includes cases where there is
|
|
205
|
+
// not enough data to output a frame in which case
|
|
204
206
|
// unprotected_bytes_size will be set to 0 and cases where the internal buffer
|
|
205
207
|
// needs to be read before new protected data can be processed in which case
|
|
206
208
|
// protected_frames_size will be set to 0.
|
|
209
|
+
//
|
|
210
|
+
// Can be called concurrently with tsi_frame_protector_protect or
|
|
211
|
+
// tsi_frame_protector_protect_flush.
|
|
207
212
|
tsi_result tsi_frame_protector_unprotect(
|
|
208
213
|
tsi_frame_protector* self, const unsigned char* protected_frames_bytes,
|
|
209
214
|
size_t* protected_frames_bytes_size, unsigned char* unprotected_bytes,
|
data/src/core/util/backoff.cc
CHANGED
|
@@ -23,29 +23,22 @@
|
|
|
23
23
|
#include <algorithm>
|
|
24
24
|
|
|
25
25
|
#include "src/core/lib/experiments/experiments.h"
|
|
26
|
+
#include "src/core/util/shared_bit_gen.h"
|
|
26
27
|
|
|
27
28
|
namespace grpc_core {
|
|
28
29
|
|
|
29
30
|
BackOff::BackOff(const Options& options) : options_(options) { Reset(); }
|
|
30
31
|
|
|
31
32
|
Duration BackOff::NextAttemptDelay() {
|
|
32
|
-
if (
|
|
33
|
-
|
|
34
|
-
initial_ = false;
|
|
35
|
-
} else {
|
|
36
|
-
current_backoff_ *= options_.multiplier();
|
|
37
|
-
}
|
|
38
|
-
current_backoff_ = std::min(current_backoff_, options_.max_backoff());
|
|
33
|
+
if (initial_) {
|
|
34
|
+
initial_ = false;
|
|
39
35
|
} else {
|
|
40
|
-
|
|
41
|
-
initial_ = false;
|
|
42
|
-
} else {
|
|
43
|
-
current_backoff_ = std::min(current_backoff_ * options_.multiplier(),
|
|
44
|
-
options_.max_backoff());
|
|
45
|
-
}
|
|
36
|
+
current_backoff_ *= options_.multiplier();
|
|
46
37
|
}
|
|
38
|
+
current_backoff_ = std::min(current_backoff_, options_.max_backoff());
|
|
39
|
+
SharedBitGen g;
|
|
47
40
|
const double jitter =
|
|
48
|
-
absl::Uniform(
|
|
41
|
+
absl::Uniform(g, 1 - options_.jitter(), 1 + options_.jitter());
|
|
49
42
|
return current_backoff_ * jitter;
|
|
50
43
|
}
|
|
51
44
|
|