grpc 1.72.0 → 1.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +23 -6
- data/include/grpc/event_engine/event_engine.h +125 -8
- data/include/grpc/event_engine/internal/write_event.h +34 -0
- data/include/grpc/impl/channel_arg_names.h +17 -9
- data/include/grpc/impl/compression_types.h +3 -2
- data/include/grpc/impl/slice_type.h +1 -1
- data/include/grpc/support/json.h +3 -21
- data/include/grpc/support/port_platform.h +8 -5
- data/src/core/call/call_filters.h +28 -19
- data/src/core/call/call_spine.h +2 -0
- data/src/core/call/metadata.h +17 -0
- data/src/core/channelz/channel_trace.cc +50 -42
- data/src/core/channelz/channel_trace.h +35 -4
- data/src/core/channelz/channelz.cc +338 -125
- data/src/core/channelz/channelz.h +276 -34
- data/src/core/channelz/channelz_registry.cc +322 -117
- data/src/core/channelz/channelz_registry.h +179 -21
- data/src/core/channelz/ztrace_collector.h +315 -0
- data/src/core/client_channel/client_channel.cc +30 -29
- data/src/core/client_channel/client_channel_filter.cc +21 -20
- data/src/core/client_channel/client_channel_filter.h +0 -2
- data/src/core/client_channel/connector.h +0 -3
- data/src/core/client_channel/global_subchannel_pool.cc +68 -7
- data/src/core/client_channel/global_subchannel_pool.h +37 -4
- data/src/core/client_channel/subchannel.cc +7 -9
- data/src/core/client_channel/subchannel.h +2 -8
- data/src/core/client_channel/subchannel_pool_interface.cc +5 -6
- data/src/core/client_channel/subchannel_pool_interface.h +11 -1
- data/src/core/config/config_vars.cc +11 -1
- data/src/core/config/config_vars.h +8 -0
- data/src/core/config/core_configuration.cc +50 -11
- data/src/core/config/core_configuration.h +89 -7
- data/src/core/credentials/call/external/aws_request_signer.cc +3 -2
- data/src/core/credentials/call/external/url_external_account_credentials.cc +2 -2
- data/src/core/credentials/call/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +1 -1
- data/src/core/credentials/call/jwt/jwt_verifier.cc +4 -4
- data/src/core/credentials/call/oauth2/oauth2_credentials.cc +4 -2
- data/src/core/credentials/transport/alts/alts_security_connector.cc +9 -8
- data/src/core/credentials/transport/google_default/google_default_credentials.cc +3 -3
- data/src/core/credentials/transport/ssl/ssl_credentials.cc +2 -2
- data/src/core/credentials/transport/ssl/ssl_security_connector.cc +41 -11
- data/src/core/credentials/transport/ssl/ssl_security_connector.h +2 -1
- data/src/core/credentials/transport/tls/ssl_utils.cc +18 -0
- data/src/core/credentials/transport/tls/ssl_utils.h +5 -0
- data/src/core/credentials/transport/tls/tls_security_connector.cc +2 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +6 -3
- data/src/core/ext/filters/http/message_compress/compression_filter.h +34 -4
- data/src/core/ext/filters/http/server/http_server_filter.cc +1 -1
- data/src/core/ext/filters/http/server/http_server_filter.h +14 -3
- data/src/core/ext/transport/chttp2/chttp2_plugin.cc +40 -0
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +11 -112
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +3 -0
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +33 -962
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +5 -1
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +129 -47
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +0 -3
- data/src/core/ext/transport/chttp2/transport/flow_control.h +18 -0
- data/src/core/ext/transport/chttp2/transport/frame.cc +213 -105
- data/src/core/ext/transport/chttp2/transport/frame.h +78 -6
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +10 -0
- data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +15 -3
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +5 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +2 -0
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +11 -4
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +3 -1
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +19 -1
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +4 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +7 -0
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -0
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +26 -0
- data/src/core/ext/transport/chttp2/transport/http2_status.h +358 -1
- data/src/core/ext/transport/chttp2/transport/http2_ztrace_collector.h +252 -0
- data/src/core/ext/transport/chttp2/transport/internal.h +29 -5
- data/src/core/ext/transport/chttp2/transport/internal_channel_arg_names.h +24 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +36 -21
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +10 -9
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +6 -0
- data/src/core/ext/transport/chttp2/transport/writing.cc +60 -49
- data/src/core/ext/transport/inproc/inproc_transport.cc +7 -2
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +6 -2
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +12 -22
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +28 -22
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +24 -67
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +29 -31
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +2 -2
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +20 -0
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +8 -22
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +0 -23
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +64 -66
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +4 -95
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +28 -0
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +12 -0
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +8 -36
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +8 -0
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +4 -0
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +4 -0
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +8 -44
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +12 -40
- data/src/core/ext/upb-gen/google/api/http.upb.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +193 -20
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +59 -21
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +4 -22
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +113 -53
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +20 -14
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +154 -0
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +40 -2
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +4 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +8 -0
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +0 -18
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +0 -36
- data/src/core/ext/upb-gen/validate/validate.upb.h +12 -0
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +0 -18
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +8 -0
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +0 -54
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +20 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +4 -0
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +4 -0
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +200 -101
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +152 -77
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +524 -255
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +66 -34
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +54 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +46 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +256 -126
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +50 -28
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +55 -28
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +34 -18
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +414 -206
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +831 -413
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +143 -73
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +1132 -557
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +255 -127
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +363 -178
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +227 -114
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +596 -295
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +271 -137
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +56 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +45 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +438 -217
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +441 -221
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +55 -30
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +619 -303
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +70 -36
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +47 -25
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +97 -49
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +97 -51
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +147 -76
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +230 -116
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +277 -138
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +388 -197
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +304 -153
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +173 -90
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +90 -47
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +98 -51
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +196 -99
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +237 -118
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +418 -210
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +194 -99
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +2003 -973
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +101 -53
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +352 -176
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +79 -42
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +67 -37
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +63 -34
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +88 -47
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +80 -43
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +86 -46
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +55 -32
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +91 -49
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +105 -55
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +775 -379
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +134 -68
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +189 -96
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +116 -61
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +160 -82
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +75 -39
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +1161 -570
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +52 -28
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +55 -29
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +390 -194
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +126 -65
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +498 -246
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +74 -38
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +221 -110
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +68 -36
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +378 -187
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +100 -52
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +257 -129
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +44 -24
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +68 -35
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +59 -32
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +65 -34
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +72 -38
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +57 -31
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +52 -29
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +51 -28
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +89 -47
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +67 -35
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +112 -58
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +110 -56
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +123 -62
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +59 -31
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +30 -16
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +143 -72
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +61 -32
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +51 -27
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +85 -45
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +44 -23
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +61 -33
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +272 -133
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +315 -154
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +64 -33
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +35 -19
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +26 -15
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +1106 -508
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +10 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +28 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +23 -13
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +69 -35
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +51 -26
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +32 -17
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +161 -79
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +84 -42
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +48 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +26 -14
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +50 -26
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +538 -261
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +86 -43
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +49 -26
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +27 -15
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +87 -44
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +37 -20
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +30 -17
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +62 -33
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +36 -19
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +36 -20
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +42 -23
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +76 -39
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +45 -24
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +41 -23
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +53 -29
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +29 -16
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +58 -32
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +207 -103
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +95 -49
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +38 -20
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +60 -31
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +67 -36
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +31 -17
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -1
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +7 -22
- data/src/core/handshaker/security/legacy_secure_endpoint.cc +596 -0
- data/src/core/handshaker/security/secure_endpoint.cc +769 -312
- data/src/core/handshaker/security/secure_endpoint.h +17 -0
- data/src/core/handshaker/security/security_handshaker.cc +3 -3
- data/src/core/lib/address_utils/sockaddr_utils.cc +5 -5
- data/src/core/lib/channel/channel_args.h +4 -0
- data/src/core/lib/channel/channel_stack.cc +29 -0
- data/src/core/lib/channel/channel_stack.h +9 -0
- data/src/core/lib/channel/promise_based_filter.h +707 -299
- data/src/core/lib/debug/trace_flags.cc +2 -2
- data/src/core/lib/debug/trace_flags.h +1 -1
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +6 -2
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +4 -4
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +14 -6
- data/src/core/lib/event_engine/default_event_engine_factory.cc +1 -1
- data/src/core/lib/event_engine/extensions/blocking_dns.h +46 -0
- data/src/core/lib/event_engine/extensions/channelz.h +62 -0
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -2
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +3 -0
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +6 -7
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +28 -22
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +22 -0
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +15 -15
- data/src/core/lib/event_engine/query_extensions.h +10 -21
- data/src/core/lib/event_engine/tcp_socket_utils.cc +10 -9
- data/src/core/lib/event_engine/utils.cc +34 -0
- data/src/core/lib/event_engine/utils.h +3 -0
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +2 -2
- data/src/core/lib/event_engine/windows/windows_endpoint.h +9 -2
- data/src/core/lib/experiments/experiments.cc +198 -51
- data/src/core/lib/experiments/experiments.h +78 -35
- data/src/core/lib/iomgr/combiner.cc +3 -2
- data/src/core/lib/iomgr/ev_poll_posix.cc +4 -0
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +11 -8
- data/src/core/lib/iomgr/fork_posix.cc +0 -7
- data/src/core/lib/iomgr/iomgr.cc +0 -3
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +3 -0
- data/src/core/lib/iomgr/resolve_address_posix.cc +37 -47
- data/src/core/lib/iomgr/resolve_address_posix.h +15 -0
- data/src/core/lib/iomgr/resolve_address_windows.cc +22 -45
- data/src/core/lib/iomgr/resolve_address_windows.h +15 -2
- data/src/core/lib/iomgr/tcp_client_posix.cc +14 -6
- data/src/core/lib/iomgr/tcp_posix.cc +14 -12
- data/src/core/lib/iomgr/tcp_server_windows.cc +14 -2
- data/src/core/lib/promise/detail/promise_like.h +24 -0
- data/src/core/lib/promise/detail/seq_state.h +741 -0
- data/src/core/lib/promise/map.h +22 -5
- data/src/core/lib/promise/promise.h +2 -0
- data/src/core/lib/promise/seq.h +2 -0
- data/src/core/lib/promise/sleep.cc +6 -3
- data/src/core/lib/promise/try_seq.h +2 -0
- data/src/core/lib/resource_quota/memory_quota.cc +9 -0
- data/src/core/lib/resource_quota/memory_quota.h +1 -3
- data/src/core/lib/slice/slice_buffer.h +6 -0
- data/src/core/lib/surface/call.cc +4 -0
- data/src/core/lib/surface/channel_create.cc +61 -1
- data/src/core/lib/surface/init.cc +2 -2
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/status_conversion.cc +7 -34
- data/src/core/lib/transport/transport.cc +2 -2
- data/src/core/lib/transport/transport.h +3 -0
- data/src/core/load_balancing/backend_metric_parser.cc +12 -18
- data/src/core/load_balancing/grpclb/grpclb.cc +2 -2
- data/src/core/load_balancing/health_check_client.cc +2 -4
- data/src/core/load_balancing/oob_backend_metric.cc +2 -4
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +4 -3
- data/src/core/load_balancing/pick_first/pick_first.cc +3 -3
- data/src/core/load_balancing/rls/rls.cc +6 -5
- data/src/core/load_balancing/round_robin/round_robin.cc +2 -3
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +4 -4
- data/src/core/load_balancing/weighted_target/weighted_target.cc +3 -9
- data/src/core/load_balancing/xds/xds_override_host.cc +55 -34
- data/src/core/plugin_registry/grpc_plugin_registry.cc +2 -0
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +2 -1
- data/src/core/resolver/xds/xds_resolver.cc +2 -1
- data/src/core/server/add_port.cc +87 -0
- data/src/core/server/server.cc +48 -53
- data/src/core/server/server.h +3 -5
- data/src/core/telemetry/call_tracer.cc +2 -2
- data/src/core/telemetry/call_tracer.h +1 -1
- data/src/core/{ext/transport/chttp2/transport → telemetry}/context_list_entry.h +3 -3
- data/src/core/telemetry/default_tcp_tracer.cc +26 -0
- data/src/core/telemetry/default_tcp_tracer.h +44 -0
- data/src/core/telemetry/stats.h +0 -5
- data/src/core/telemetry/stats_data.cc +376 -334
- data/src/core/telemetry/stats_data.h +260 -166
- data/src/core/telemetry/tcp_tracer.cc +38 -0
- data/src/core/telemetry/tcp_tracer.h +14 -16
- data/src/core/transport/auth_context.cc +0 -1
- data/src/core/transport/auth_context.h +0 -1
- data/src/core/transport/endpoint_transport.h +90 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.cc +61 -0
- data/src/core/transport/endpoint_transport_client_channel_factory.h +57 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +33 -1
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +3 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +76 -22
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +8 -2
- data/src/core/tsi/ssl_transport_security.cc +189 -71
- data/src/core/tsi/ssl_transport_security.h +6 -1
- data/src/core/tsi/transport_security.h +3 -0
- data/src/core/tsi/transport_security_grpc.h +7 -3
- data/src/core/tsi/transport_security_interface.h +30 -25
- data/src/core/util/backoff.cc +7 -14
- data/src/core/util/backoff.h +0 -1
- data/src/core/util/dual_ref_counted.h +48 -0
- data/src/core/util/function_signature.h +66 -0
- data/src/core/util/gcp_metadata_query.cc +3 -2
- data/src/core/util/http_client/httpcli_security_connector.cc +2 -1
- data/src/core/util/json/json_object_loader.h +3 -3
- data/src/core/util/latent_see.cc +28 -2
- data/src/core/util/latent_see.h +11 -23
- data/src/core/util/linux/env.cc +3 -1
- data/src/core/util/ref_counted_ptr.h +26 -0
- data/src/core/util/shared_bit_gen.cc +21 -0
- data/src/core/util/shared_bit_gen.h +44 -0
- data/src/core/util/single_set_ptr.h +35 -4
- data/src/core/util/uri.cc +75 -17
- data/src/core/util/uri.h +13 -8
- data/src/core/xds/grpc/xds_common_types_parser.cc +1 -9
- data/src/core/xds/grpc/xds_http_filter_registry.cc +1 -3
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +10 -17
- data/src/core/xds/grpc/xds_metadata_parser.cc +40 -64
- data/src/core/xds/grpc/xds_metadata_parser.h +0 -2
- data/src/core/xds/grpc/xds_route_config_parser.cc +55 -77
- data/src/core/xds/xds_client/xds_client.cc +1 -1
- data/src/ruby/ext/grpc/extconf.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/generic/client_stub_spec.rb +2 -6
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/third_party/abseil-cpp/absl/algorithm/algorithm.h +2 -2
- data/third_party/abseil-cpp/absl/algorithm/container.h +79 -48
- data/third_party/abseil-cpp/absl/base/attributes.h +66 -16
- data/third_party/abseil-cpp/absl/base/call_once.h +8 -5
- data/third_party/abseil-cpp/absl/base/config.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +17 -56
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +1 -1
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +14 -0
- data/third_party/abseil-cpp/absl/base/internal/thread_identity.h +5 -1
- data/third_party/abseil-cpp/absl/base/internal/tracing.cc +39 -0
- data/third_party/abseil-cpp/absl/base/internal/tracing.h +81 -0
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -10
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +12 -0
- data/third_party/abseil-cpp/absl/base/macros.h +35 -4
- data/third_party/abseil-cpp/absl/base/nullability.h +72 -16
- data/third_party/abseil-cpp/absl/base/optimization.h +8 -12
- data/third_party/abseil-cpp/absl/base/options.h +5 -2
- data/third_party/abseil-cpp/absl/base/policy_checks.h +2 -0
- data/third_party/abseil-cpp/absl/container/btree_map.h +889 -0
- data/third_party/abseil-cpp/absl/container/btree_set.h +824 -0
- data/third_party/abseil-cpp/absl/container/fixed_array.h +2 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +17 -3
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +17 -3
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +2 -1
- data/third_party/abseil-cpp/absl/container/internal/btree.h +3046 -0
- data/third_party/abseil-cpp/absl/container/internal/btree_container.h +763 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +9 -0
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +1 -0
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +4 -2
- data/third_party/abseil-cpp/absl/container/internal/layout.h +1 -1
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +142 -114
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +397 -231
- data/third_party/abseil-cpp/absl/crc/internal/cpu_detect.cc +56 -0
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +21 -7
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +4 -2
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +1 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +17 -1
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +7 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_riscv-inl.inc +9 -6
- data/third_party/abseil-cpp/absl/debugging/leak_check.cc +73 -0
- data/third_party/abseil-cpp/absl/debugging/leak_check.h +150 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +3 -2
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +48 -9
- data/third_party/abseil-cpp/absl/flags/commandlineflag.cc +1 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +7 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +14 -12
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +12 -4
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +16 -5
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.cc +4 -0
- data/third_party/abseil-cpp/absl/flags/internal/private_handle_accessor.h +3 -0
- data/third_party/abseil-cpp/absl/flags/internal/program_name.cc +13 -12
- data/third_party/abseil-cpp/absl/flags/usage_config.cc +9 -4
- data/third_party/abseil-cpp/absl/hash/hash.h +26 -2
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +17 -17
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +196 -91
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +2 -4
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +27 -22
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +102 -80
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +90 -38
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +80 -48
- data/third_party/abseil-cpp/absl/log/internal/proto.cc +0 -3
- data/third_party/abseil-cpp/absl/log/internal/proto.h +25 -15
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.cc +115 -0
- data/third_party/abseil-cpp/absl/log/internal/structured_proto.h +107 -0
- data/third_party/abseil-cpp/absl/log/internal/vlog_config.cc +8 -1
- data/third_party/abseil-cpp/absl/log/log_sink_registry.h +5 -2
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +2 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +16 -6
- data/third_party/abseil-cpp/absl/numeric/int128.h +15 -3
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +6 -4
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +6 -3
- data/third_party/abseil-cpp/absl/random/bernoulli_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +3 -1
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +2 -1
- data/third_party/abseil-cpp/absl/random/discrete_distribution.cc +10 -0
- data/third_party/abseil-cpp/absl/random/discrete_distribution.h +4 -2
- data/third_party/abseil-cpp/absl/random/exponential_distribution.h +1 -0
- data/third_party/abseil-cpp/absl/random/gaussian_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/distribution_caller.h +3 -1
- data/third_party/abseil-cpp/absl/random/internal/iostream_state_saver.h +5 -2
- data/third_party/abseil-cpp/absl/random/internal/platform.h +12 -12
- data/third_party/abseil-cpp/absl/random/internal/randen_detect.cc +56 -5
- data/third_party/abseil-cpp/absl/random/internal/randen_engine.h +2 -1
- data/third_party/abseil-cpp/absl/random/internal/uniform_helper.h +2 -2
- data/third_party/abseil-cpp/absl/random/internal/wide_multiply.h +0 -1
- data/third_party/abseil-cpp/absl/random/log_uniform_int_distribution.h +1 -4
- data/third_party/abseil-cpp/absl/random/poisson_distribution.h +4 -3
- data/third_party/abseil-cpp/absl/random/seed_gen_exception.cc +2 -3
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +1 -2
- data/third_party/abseil-cpp/absl/random/uniform_int_distribution.h +2 -1
- data/third_party/abseil-cpp/absl/random/uniform_real_distribution.h +2 -0
- data/third_party/abseil-cpp/absl/random/zipf_distribution.h +5 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.cc +8 -4
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +1 -1
- data/third_party/abseil-cpp/absl/status/status.h +1 -1
- data/third_party/abseil-cpp/absl/strings/ascii.cc +41 -26
- data/third_party/abseil-cpp/absl/strings/ascii.h +48 -8
- data/third_party/abseil-cpp/absl/strings/charconv.cc +4 -7
- data/third_party/abseil-cpp/absl/strings/charset.h +3 -4
- data/third_party/abseil-cpp/absl/strings/cord.h +5 -19
- data/third_party/abseil-cpp/absl/strings/escaping.cc +56 -48
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +48 -15
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +3 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +35 -0
- data/third_party/abseil-cpp/absl/strings/match.h +21 -11
- data/third_party/abseil-cpp/absl/strings/numbers.cc +2 -1
- data/third_party/abseil-cpp/absl/strings/str_cat.h +11 -0
- data/third_party/abseil-cpp/absl/strings/str_split.h +18 -1
- data/third_party/abseil-cpp/absl/strings/string_view.h +20 -19
- data/third_party/abseil-cpp/absl/strings/strip.h +11 -8
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +16 -10
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +6 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +5 -1
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +38 -12
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +10 -2
- data/third_party/abseil-cpp/absl/synchronization/notification.h +11 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +6 -51
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +3 -3
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +2 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +3 -2
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +6 -4
- data/third_party/abseil-cpp/absl/time/time.h +84 -23
- data/third_party/abseil-cpp/absl/types/internal/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/optional.h +4 -2
- data/third_party/abseil-cpp/absl/types/span.h +85 -43
- data/third_party/boringssl-with-bazel/src/crypto/aes/aes.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +15 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +19 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +79 -48
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +11 -19
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +3 -7
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +0 -35
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +0 -3
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +31 -47
- data/third_party/boringssl-with-bazel/src/crypto/bn/div.cc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/exponentiation.cc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/sqrt.cc +93 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aeseax.cc +289 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +179 -102
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cms/cms.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +28 -5
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +11 -9
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +0 -6
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +13 -14
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +27 -61
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +16 -8
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +112 -122
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +23 -35
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +47 -63
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +60 -68
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +11 -17
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +10 -11
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +23 -42
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +29 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +16 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +5 -4
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +15 -6
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +101 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +96 -187
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +24 -512
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +58 -80
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +29 -45
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +27 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +7 -16
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +27 -48
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +34 -34
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +102 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +3 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +1 -78
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +10 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +15 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +40 -53
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +57 -76
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +4 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +37 -52
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +28 -39
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +6 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/fips_known_values.inc +1345 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +335 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/fips_known_values.inc +411 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +265 -33
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +19 -26
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +121 -138
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +96 -83
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +8 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fips_known_values.inc +674 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +235 -60
- data/third_party/boringssl-with-bazel/src/crypto/fuzzer_mode.cc +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +39 -30
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +2 -8
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +8 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +22 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +19 -17
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +134 -136
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -8
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +25 -21
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +36 -52
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +97 -79
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/{sysrand_internal.h → internal.h} +22 -4
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +1 -5
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +3 -5
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +8 -12
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +15 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +16 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +18 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +10 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +9 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +10 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +64 -85
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +16 -32
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +576 -567
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +16 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +6 -54
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +8 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +7 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/cms.h +146 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +23 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +4 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +10 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +19 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +2 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +291 -40
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +0 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +9 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +1 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +7 -4
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +2 -0
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +32 -26
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +49 -49
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +253 -50
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +12 -12
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +7 -5
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +2 -1
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +24 -32
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +93 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +6 -12
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +18 -4
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +83 -7
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +173 -19
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +5 -18
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +28 -15
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +1 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +31 -7
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +13 -1
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +7 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +13 -11
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +2 -5
- data/third_party/upb/upb/hash/common.c +310 -189
- data/third_party/upb/upb/hash/common.h +44 -43
- data/third_party/upb/upb/hash/int_table.h +29 -5
- data/third_party/upb/upb/hash/str_table.h +6 -0
- data/third_party/upb/upb/mem/arena.c +180 -57
- data/third_party/upb/upb/mem/arena.h +10 -0
- data/third_party/upb/upb/mem/internal/arena.h +62 -24
- data/third_party/upb/upb/message/accessors.c +1 -5
- data/third_party/upb/upb/message/array.c +7 -6
- data/third_party/upb/upb/message/array.h +4 -4
- data/third_party/upb/upb/message/internal/accessors.h +3 -3
- data/third_party/upb/upb/message/internal/extension.c +0 -12
- data/third_party/upb/upb/message/internal/extension.h +0 -4
- data/third_party/upb/upb/message/internal/iterator.h +3 -3
- data/third_party/upb/upb/message/internal/map.h +75 -20
- data/third_party/upb/upb/message/internal/map_sorter.h +10 -2
- data/third_party/upb/upb/message/internal/message.h +53 -5
- data/third_party/upb/upb/message/map.c +68 -20
- data/third_party/upb/upb/message/map.h +8 -1
- data/third_party/upb/upb/message/map_gencode_util.h +3 -45
- data/third_party/upb/upb/message/map_sorter.c +32 -8
- data/third_party/upb/upb/message/merge.h +3 -3
- data/third_party/upb/upb/message/message.c +120 -14
- data/third_party/upb/upb/message/message.h +17 -8
- data/third_party/upb/upb/mini_descriptor/build_enum.c +15 -5
- data/third_party/upb/upb/mini_descriptor/decode.c +18 -2
- data/third_party/upb/upb/mini_descriptor/link.c +4 -0
- data/third_party/upb/upb/mini_table/extension.h +8 -1
- data/third_party/upb/upb/mini_table/extension_registry.c +1 -1
- data/third_party/upb/upb/mini_table/internal/enum.h +1 -1
- data/third_party/upb/upb/mini_table/internal/extension.h +24 -1
- data/third_party/upb/upb/mini_table/internal/field.h +4 -4
- data/third_party/upb/upb/mini_table/internal/message.h +1 -1
- data/third_party/upb/upb/port/def.inc +32 -16
- data/third_party/upb/upb/port/undef.inc +1 -0
- data/third_party/upb/upb/reflection/def_pool.h +2 -2
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +3 -3
- data/third_party/upb/upb/reflection/enum_def.c +4 -4
- data/third_party/upb/upb/reflection/enum_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/enum_value_def.c +9 -8
- data/third_party/upb/upb/reflection/extension_range.c +1 -2
- data/third_party/upb/upb/reflection/field_def.c +3 -5
- data/third_party/upb/upb/reflection/field_def.h +1 -1
- data/third_party/upb/upb/reflection/file_def.c +4 -5
- data/third_party/upb/upb/reflection/internal/def_builder.h +35 -10
- data/third_party/upb/upb/reflection/internal/enum_value_def.h +1 -1
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message_def.c +4 -7
- data/third_party/upb/upb/reflection/message_reserved_range.c +1 -1
- data/third_party/upb/upb/reflection/method_def.c +1 -1
- data/third_party/upb/upb/reflection/oneof_def.c +3 -3
- data/third_party/upb/upb/reflection/service_def.c +2 -5
- data/third_party/upb/upb/text/encode.c +16 -0
- data/third_party/upb/upb/text/internal/encode.h +2 -1
- data/third_party/upb/upb/wire/decode.c +104 -72
- data/third_party/upb/upb/wire/encode.c +37 -13
- data/third_party/upb/upb/wire/internal/decode_fast.c +2 -2
- data/third_party/upb/upb/wire/internal/decode_fast.h +4 -0
- metadata +43 -7
- data/src/core/lib/iomgr/executor.cc +0 -441
- data/src/core/lib/iomgr/executor.h +0 -119
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +0 -89
|
@@ -255,9 +255,7 @@ OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx) {
|
|
|
255
255
|
}
|
|
256
256
|
}
|
|
257
257
|
|
|
258
|
-
#if defined(
|
|
259
|
-
return {1234, 1234};
|
|
260
|
-
#elif defined(OPENSSL_WINDOWS)
|
|
258
|
+
#if defined(OPENSSL_WINDOWS)
|
|
261
259
|
struct _timeb time;
|
|
262
260
|
_ftime(&time);
|
|
263
261
|
if (time.time < 0) {
|
|
@@ -334,8 +332,9 @@ void SSL_set_handoff_mode(SSL *ssl, bool on) {
|
|
|
334
332
|
bool SSL_get_traffic_secrets(const SSL *ssl,
|
|
335
333
|
Span<const uint8_t> *out_read_traffic_secret,
|
|
336
334
|
Span<const uint8_t> *out_write_traffic_secret) {
|
|
337
|
-
// This API is not well-defined for DTLS
|
|
338
|
-
//
|
|
335
|
+
// This API is not well-defined for DTLS, where multiple epochs may be alive
|
|
336
|
+
// at once. Callers should use |SSL_get_dtls_*_traffic_secret| instead. In
|
|
337
|
+
// QUIC, the application is already handed the traffic secret.
|
|
339
338
|
if (SSL_is_dtls(ssl) || SSL_is_quic(ssl)) {
|
|
340
339
|
OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
|
341
340
|
return false;
|
|
@@ -401,7 +400,8 @@ ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method)
|
|
|
401
400
|
handoff(false),
|
|
402
401
|
enable_early_data(false),
|
|
403
402
|
aes_hw_override(false),
|
|
404
|
-
aes_hw_override_value(false)
|
|
403
|
+
aes_hw_override_value(false),
|
|
404
|
+
resumption_across_names_enabled(false) {
|
|
405
405
|
CRYPTO_MUTEX_init(&lock);
|
|
406
406
|
CRYPTO_new_ex_data(&ex_data);
|
|
407
407
|
}
|
|
@@ -478,7 +478,8 @@ ssl_st::ssl_st(SSL_CTX *ctx_arg)
|
|
|
478
478
|
max_cert_list(ctx->max_cert_list),
|
|
479
479
|
server(false),
|
|
480
480
|
quiet_shutdown(ctx->quiet_shutdown),
|
|
481
|
-
enable_early_data(ctx->enable_early_data)
|
|
481
|
+
enable_early_data(ctx->enable_early_data),
|
|
482
|
+
resumption_across_names_enabled(ctx->resumption_across_names_enabled) {
|
|
482
483
|
CRYPTO_new_ex_data(&ex_data);
|
|
483
484
|
}
|
|
484
485
|
|
|
@@ -531,6 +532,14 @@ SSL *SSL_new(SSL_CTX *ctx) {
|
|
|
531
532
|
return nullptr;
|
|
532
533
|
}
|
|
533
534
|
|
|
535
|
+
if (ctx->requested_trust_anchors) {
|
|
536
|
+
ssl->config->requested_trust_anchors.emplace();
|
|
537
|
+
if (!ssl->config->requested_trust_anchors->CopyFrom(
|
|
538
|
+
*ctx->requested_trust_anchors)) {
|
|
539
|
+
return nullptr;
|
|
540
|
+
}
|
|
541
|
+
}
|
|
542
|
+
|
|
534
543
|
if (ctx->psk_identity_hint) {
|
|
535
544
|
ssl->config->psk_identity_hint.reset(
|
|
536
545
|
OPENSSL_strdup(ctx->psk_identity_hint.get()));
|
|
@@ -571,7 +580,7 @@ SSL_CONFIG::SSL_CONFIG(SSL *ssl_arg)
|
|
|
571
580
|
jdk11_workaround(false),
|
|
572
581
|
quic_use_legacy_codepoint(false),
|
|
573
582
|
permute_extensions(false),
|
|
574
|
-
alps_use_new_codepoint(
|
|
583
|
+
alps_use_new_codepoint(true) {
|
|
575
584
|
assert(ssl);
|
|
576
585
|
}
|
|
577
586
|
|
|
@@ -2805,17 +2814,8 @@ int SSL_get_ivs(const SSL *ssl, const uint8_t **out_read_iv,
|
|
|
2805
2814
|
|
|
2806
2815
|
uint64_t SSL_get_read_sequence(const SSL *ssl) {
|
|
2807
2816
|
if (SSL_is_dtls(ssl)) {
|
|
2808
|
-
// TODO(crbug.com/42290608): This API
|
|
2809
|
-
//
|
|
2810
|
-
// In DTLS 1.2, right at an epoch transition, |read_epoch| may not have
|
|
2811
|
-
// received any records. We will then return that sequence 0 is the highest
|
|
2812
|
-
// received, but it's really -1, which is not representable. This is mostly
|
|
2813
|
-
// moot because, after the handshake, we will never be in the state.
|
|
2814
|
-
//
|
|
2815
|
-
// In DTLS 1.3, epochs do not transition until the first record comes in.
|
|
2816
|
-
// This avoids the DTLS 1.2 problem but introduces a different problem:
|
|
2817
|
-
// during a KeyUpdate (which may occur in the steady state), both epochs are
|
|
2818
|
-
// live. We'll likely need a new API for DTLS offload.
|
|
2817
|
+
// TODO(crbug.com/42290608): This API should not be implemented for DTLS or
|
|
2818
|
+
// QUIC. In QUIC we do not maintain a sequence number.
|
|
2819
2819
|
const DTLSReadEpoch *read_epoch = &ssl->d1->read_epoch;
|
|
2820
2820
|
return DTLSRecordNumber(read_epoch->epoch, read_epoch->bitmap.max_seq_num())
|
|
2821
2821
|
.combined();
|
|
@@ -2824,6 +2824,10 @@ uint64_t SSL_get_read_sequence(const SSL *ssl) {
|
|
|
2824
2824
|
}
|
|
2825
2825
|
|
|
2826
2826
|
uint64_t SSL_get_write_sequence(const SSL *ssl) {
|
|
2827
|
+
// TODO(crbug.com/42290608): This API should not be implemented for DTLS or
|
|
2828
|
+
// QUIC. In QUIC we do not maintain a sequence number. In DTLS, this API isn't
|
|
2829
|
+
// harmful per se, but the caller already needs to use a DTLS-specific API on
|
|
2830
|
+
// the read side.
|
|
2827
2831
|
if (SSL_is_dtls(ssl)) {
|
|
2828
2832
|
return ssl->d1->write_epoch.next_record.combined();
|
|
2829
2833
|
}
|
|
@@ -2831,6 +2835,109 @@ uint64_t SSL_get_write_sequence(const SSL *ssl) {
|
|
|
2831
2835
|
return ssl->s3->write_sequence;
|
|
2832
2836
|
}
|
|
2833
2837
|
|
|
2838
|
+
int SSL_is_dtls_handshake_idle(const SSL *ssl) {
|
|
2839
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2840
|
+
|
|
2841
|
+
return !SSL_in_init(ssl) &&
|
|
2842
|
+
// No unacknowledged messages in DTLS 1.3. In DTLS 1.2, there no ACKs
|
|
2843
|
+
// and we currently never clear |outgoing_messages| on the side that
|
|
2844
|
+
// speaks last.
|
|
2845
|
+
(ssl_protocol_version(ssl) < TLS1_3_VERSION ||
|
|
2846
|
+
ssl->d1->outgoing_messages.empty()) &&
|
|
2847
|
+
// No partial or out-of-order messages.
|
|
2848
|
+
std::all_of(std::begin(ssl->d1->incoming_messages),
|
|
2849
|
+
std::end(ssl->d1->incoming_messages),
|
|
2850
|
+
[](const auto &msg) { return msg == nullptr; }) &&
|
|
2851
|
+
// Not trying to send a KeyUpdate.
|
|
2852
|
+
!ssl->s3->key_update_pending &&
|
|
2853
|
+
ssl->d1->queued_key_update == bssl::QueuedKeyUpdate::kNone;
|
|
2854
|
+
}
|
|
2855
|
+
|
|
2856
|
+
uint32_t SSL_get_dtls_handshake_read_seq(const SSL *ssl) {
|
|
2857
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2858
|
+
return ssl->d1->handshake_read_overflow
|
|
2859
|
+
? uint32_t{0x10000}
|
|
2860
|
+
: uint32_t{ssl->d1->handshake_read_seq};
|
|
2861
|
+
}
|
|
2862
|
+
|
|
2863
|
+
uint32_t SSL_get_dtls_handshake_write_seq(const SSL *ssl) {
|
|
2864
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2865
|
+
return ssl->d1->handshake_write_overflow
|
|
2866
|
+
? uint32_t{0x10000}
|
|
2867
|
+
: uint32_t{ssl->d1->handshake_write_seq};
|
|
2868
|
+
}
|
|
2869
|
+
|
|
2870
|
+
uint16_t SSL_get_dtls_read_epoch(const SSL *ssl) {
|
|
2871
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2872
|
+
// Return the highest available epoch.
|
|
2873
|
+
return ssl->d1->next_read_epoch ? ssl->d1->next_read_epoch->epoch
|
|
2874
|
+
: ssl->d1->read_epoch.epoch;
|
|
2875
|
+
}
|
|
2876
|
+
|
|
2877
|
+
uint16_t SSL_get_dtls_write_epoch(const SSL *ssl) {
|
|
2878
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2879
|
+
return ssl->d1->write_epoch.epoch();
|
|
2880
|
+
}
|
|
2881
|
+
|
|
2882
|
+
uint64_t SSL_get_dtls_read_sequence(const SSL *ssl, uint16_t epoch) {
|
|
2883
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2884
|
+
const DTLSReadEpoch *read_epoch = dtls_get_read_epoch(ssl, epoch);
|
|
2885
|
+
if (read_epoch == nullptr) {
|
|
2886
|
+
return UINT64_MAX;
|
|
2887
|
+
}
|
|
2888
|
+
uint64_t max_seq_num = read_epoch->bitmap.max_seq_num();
|
|
2889
|
+
assert(max_seq_num <= DTLSRecordNumber::kMaxSequence);
|
|
2890
|
+
if (read_epoch->bitmap.ShouldDiscard(max_seq_num)) {
|
|
2891
|
+
// Increment to get to an available sequence number.
|
|
2892
|
+
max_seq_num++;
|
|
2893
|
+
} else {
|
|
2894
|
+
// If |max_seq_num| was available, the bitmap must have been empty.
|
|
2895
|
+
assert(max_seq_num == 0);
|
|
2896
|
+
}
|
|
2897
|
+
return max_seq_num;
|
|
2898
|
+
}
|
|
2899
|
+
|
|
2900
|
+
uint64_t SSL_get_dtls_write_sequence(const SSL *ssl, uint16_t epoch) {
|
|
2901
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2902
|
+
const DTLSWriteEpoch *write_epoch = dtls_get_write_epoch(ssl, epoch);
|
|
2903
|
+
if (write_epoch == nullptr) {
|
|
2904
|
+
return UINT64_MAX;
|
|
2905
|
+
}
|
|
2906
|
+
return write_epoch->next_record.sequence();
|
|
2907
|
+
}
|
|
2908
|
+
|
|
2909
|
+
template <typename EpochState>
|
|
2910
|
+
static int get_dtls_traffic_secret(
|
|
2911
|
+
const SSL *ssl, EpochState *(*get_epoch)(const SSL *, uint16_t),
|
|
2912
|
+
const uint8_t **out_data, size_t *out_len, uint16_t epoch) {
|
|
2913
|
+
BSSL_CHECK(SSL_is_dtls(ssl));
|
|
2914
|
+
// This function only applies to encrypted DTLS 1.3 epochs.
|
|
2915
|
+
if (epoch == 0 || ssl->s3->version == 0 ||
|
|
2916
|
+
ssl_protocol_version(ssl) < TLS1_3_VERSION) {
|
|
2917
|
+
return 0;
|
|
2918
|
+
}
|
|
2919
|
+
const EpochState *epoch_state = get_epoch(ssl, epoch);
|
|
2920
|
+
if (epoch_state == nullptr) {
|
|
2921
|
+
return 0;
|
|
2922
|
+
}
|
|
2923
|
+
assert(!epoch_state->traffic_secret.empty());
|
|
2924
|
+
*out_data = epoch_state->traffic_secret.data();
|
|
2925
|
+
*out_len = epoch_state->traffic_secret.size();
|
|
2926
|
+
return 1;
|
|
2927
|
+
}
|
|
2928
|
+
|
|
2929
|
+
int SSL_get_dtls_read_traffic_secret(const SSL *ssl, const uint8_t **out_data,
|
|
2930
|
+
size_t *out_len, uint16_t epoch) {
|
|
2931
|
+
return get_dtls_traffic_secret(ssl, dtls_get_read_epoch, out_data, out_len,
|
|
2932
|
+
epoch);
|
|
2933
|
+
}
|
|
2934
|
+
|
|
2935
|
+
int SSL_get_dtls_write_traffic_secret(const SSL *ssl, const uint8_t **out_data,
|
|
2936
|
+
size_t *out_len, uint16_t epoch) {
|
|
2937
|
+
return get_dtls_traffic_secret(ssl, dtls_get_write_epoch, out_data, out_len,
|
|
2938
|
+
epoch);
|
|
2939
|
+
}
|
|
2940
|
+
|
|
2834
2941
|
uint16_t SSL_get_peer_signature_algorithm(const SSL *ssl) {
|
|
2835
2942
|
SSL_SESSION *session = SSL_get_session(ssl);
|
|
2836
2943
|
if (session == NULL) {
|
|
@@ -3288,3 +3395,50 @@ int SSL_set_compliance_policy(SSL *ssl, enum ssl_compliance_policy_t policy) {
|
|
|
3288
3395
|
enum ssl_compliance_policy_t SSL_get_compliance_policy(const SSL *ssl) {
|
|
3289
3396
|
return ssl->config->compliance_policy;
|
|
3290
3397
|
}
|
|
3398
|
+
|
|
3399
|
+
int SSL_peer_matched_trust_anchor(const SSL *ssl) {
|
|
3400
|
+
return ssl->s3->hs != nullptr && ssl->s3->hs->peer_matched_trust_anchor;
|
|
3401
|
+
}
|
|
3402
|
+
|
|
3403
|
+
void SSL_get0_peer_available_trust_anchors(const SSL *ssl, const uint8_t **out,
|
|
3404
|
+
size_t *out_len) {
|
|
3405
|
+
Span<const uint8_t> ret;
|
|
3406
|
+
if (SSL_HANDSHAKE *hs = ssl->s3->hs.get(); hs != nullptr) {
|
|
3407
|
+
ret = hs->peer_available_trust_anchors;
|
|
3408
|
+
}
|
|
3409
|
+
*out = ret.data();
|
|
3410
|
+
*out_len = ret.size();
|
|
3411
|
+
}
|
|
3412
|
+
|
|
3413
|
+
int SSL_CTX_set1_requested_trust_anchors(SSL_CTX *ctx, const uint8_t *ids,
|
|
3414
|
+
size_t ids_len) {
|
|
3415
|
+
auto span = Span(ids, ids_len);
|
|
3416
|
+
if (!ssl_is_valid_trust_anchor_list(span)) {
|
|
3417
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TRUST_ANCHOR_LIST);
|
|
3418
|
+
return 0;
|
|
3419
|
+
}
|
|
3420
|
+
Array<uint8_t> copy;
|
|
3421
|
+
if (!copy.CopyFrom(span)) {
|
|
3422
|
+
return 0;
|
|
3423
|
+
}
|
|
3424
|
+
ctx->requested_trust_anchors = std::move(copy);
|
|
3425
|
+
return 1;
|
|
3426
|
+
}
|
|
3427
|
+
|
|
3428
|
+
int SSL_set1_requested_trust_anchors(SSL *ssl, const uint8_t *ids,
|
|
3429
|
+
size_t ids_len) {
|
|
3430
|
+
if (!ssl->config) {
|
|
3431
|
+
return 0;
|
|
3432
|
+
}
|
|
3433
|
+
auto span = Span(ids, ids_len);
|
|
3434
|
+
if (!ssl_is_valid_trust_anchor_list(span)) {
|
|
3435
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_TRUST_ANCHOR_LIST);
|
|
3436
|
+
return 0;
|
|
3437
|
+
}
|
|
3438
|
+
Array<uint8_t> copy;
|
|
3439
|
+
if (!copy.CopyFrom(span)) {
|
|
3440
|
+
return 0;
|
|
3441
|
+
}
|
|
3442
|
+
ssl->config->requested_trust_anchors = std::move(copy);
|
|
3443
|
+
return 1;
|
|
3444
|
+
}
|
|
@@ -272,10 +272,10 @@ bool ssl_public_key_verify(SSL *ssl, Span<const uint8_t> signature,
|
|
|
272
272
|
}
|
|
273
273
|
bool ok = EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
|
|
274
274
|
in.data(), in.size());
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
275
|
+
if (CRYPTO_fuzzer_mode_enabled()) {
|
|
276
|
+
ok = true;
|
|
277
|
+
ERR_clear_error();
|
|
278
|
+
}
|
|
279
279
|
return ok;
|
|
280
280
|
}
|
|
281
281
|
|
|
@@ -519,18 +519,6 @@ int SSL_is_signature_algorithm_rsa_pss(uint16_t sigalg) {
|
|
|
519
519
|
return alg != nullptr && alg->is_rsa_pss;
|
|
520
520
|
}
|
|
521
521
|
|
|
522
|
-
static int compare_uint16_t(const void *p1, const void *p2) {
|
|
523
|
-
uint16_t u1 = *((const uint16_t *)p1);
|
|
524
|
-
uint16_t u2 = *((const uint16_t *)p2);
|
|
525
|
-
if (u1 < u2) {
|
|
526
|
-
return -1;
|
|
527
|
-
} else if (u1 > u2) {
|
|
528
|
-
return 1;
|
|
529
|
-
} else {
|
|
530
|
-
return 0;
|
|
531
|
-
}
|
|
532
|
-
}
|
|
533
|
-
|
|
534
522
|
static bool sigalgs_unique(Span<const uint16_t> in_sigalgs) {
|
|
535
523
|
if (in_sigalgs.size() < 2) {
|
|
536
524
|
return true;
|
|
@@ -541,8 +529,7 @@ static bool sigalgs_unique(Span<const uint16_t> in_sigalgs) {
|
|
|
541
529
|
return false;
|
|
542
530
|
}
|
|
543
531
|
|
|
544
|
-
|
|
545
|
-
|
|
532
|
+
std::sort(sigalgs.begin(), sigalgs.end());
|
|
546
533
|
for (size_t i = 1; i < sigalgs.size(); i++) {
|
|
547
534
|
if (sigalgs[i - 1] == sigalgs[i]) {
|
|
548
535
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_SIGNATURE_ALGORITHM);
|
|
@@ -364,21 +364,21 @@ static int ssl_encrypt_ticket_with_cipher_ctx(SSL_HANDSHAKE *hs, CBB *out,
|
|
|
364
364
|
}
|
|
365
365
|
|
|
366
366
|
size_t total = 0;
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
371
|
-
|
|
372
|
-
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
367
|
+
if (CRYPTO_fuzzer_mode_enabled()) {
|
|
368
|
+
OPENSSL_memcpy(ptr, session_buf, session_len);
|
|
369
|
+
total = session_len;
|
|
370
|
+
} else {
|
|
371
|
+
int len;
|
|
372
|
+
if (!EVP_EncryptUpdate(ctx.get(), ptr + total, &len, session_buf,
|
|
373
|
+
session_len)) {
|
|
374
|
+
return 0;
|
|
375
|
+
}
|
|
376
|
+
total += len;
|
|
377
|
+
if (!EVP_EncryptFinal_ex(ctx.get(), ptr + total, &len)) {
|
|
378
|
+
return 0;
|
|
379
|
+
}
|
|
380
|
+
total += len;
|
|
379
381
|
}
|
|
380
|
-
total += len;
|
|
381
|
-
#endif
|
|
382
382
|
if (!CBB_did_write(out, total)) {
|
|
383
383
|
return 0;
|
|
384
384
|
}
|
|
@@ -815,7 +815,8 @@ ssl_session_st::ssl_session_st(const SSL_X509_METHOD *method)
|
|
|
815
815
|
ticket_age_add_valid(false),
|
|
816
816
|
is_server(false),
|
|
817
817
|
is_quic(false),
|
|
818
|
-
has_application_settings(false)
|
|
818
|
+
has_application_settings(false),
|
|
819
|
+
is_resumable_across_names(false) {
|
|
819
820
|
CRYPTO_new_ex_data(&ex_data);
|
|
820
821
|
time = ::time(nullptr);
|
|
821
822
|
}
|
|
@@ -1000,6 +1001,10 @@ void SSL_SESSION_get0_peer_sha256(const SSL_SESSION *session,
|
|
|
1000
1001
|
}
|
|
1001
1002
|
}
|
|
1002
1003
|
|
|
1004
|
+
int SSL_SESSION_is_resumable_across_names(const SSL_SESSION *session) {
|
|
1005
|
+
return session->is_resumable_across_names;
|
|
1006
|
+
}
|
|
1007
|
+
|
|
1003
1008
|
int SSL_SESSION_early_data_capable(const SSL_SESSION *session) {
|
|
1004
1009
|
return ssl_session_protocol_version(session) >= TLS1_3_VERSION &&
|
|
1005
1010
|
session->ticket_max_early_data != 0;
|
|
@@ -1197,6 +1202,14 @@ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl,
|
|
|
1197
1202
|
return ctx->get_session_cb;
|
|
1198
1203
|
}
|
|
1199
1204
|
|
|
1205
|
+
void SSL_CTX_set_resumption_across_names_enabled(SSL_CTX *ctx, int enabled) {
|
|
1206
|
+
ctx->resumption_across_names_enabled = !!enabled;
|
|
1207
|
+
}
|
|
1208
|
+
|
|
1209
|
+
void SSL_set_resumption_across_names_enabled(SSL *ssl, int enabled) {
|
|
1210
|
+
ssl->resumption_across_names_enabled = !!enabled;
|
|
1211
|
+
}
|
|
1212
|
+
|
|
1200
1213
|
void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,
|
|
1201
1214
|
int type, int value)) {
|
|
1202
1215
|
ctx->info_callback = cb;
|
|
@@ -199,7 +199,7 @@ int SSL_generate_key_block(const SSL *ssl, uint8_t *out, size_t out_len) {
|
|
|
199
199
|
return generate_key_block(ssl, Span(out, out_len), SSL_get_session(ssl));
|
|
200
200
|
}
|
|
201
201
|
|
|
202
|
-
int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
|
|
202
|
+
int SSL_export_keying_material(const SSL *ssl, uint8_t *out, size_t out_len,
|
|
203
203
|
const char *label, size_t label_len,
|
|
204
204
|
const uint8_t *context, size_t context_len,
|
|
205
205
|
int use_context) {
|
|
@@ -197,7 +197,8 @@ bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
|
197
197
|
return false;
|
|
198
198
|
}
|
|
199
199
|
|
|
200
|
-
|
|
200
|
+
const bool is_leaf = sk_CRYPTO_BUFFER_num(certs.get()) == 0;
|
|
201
|
+
if (is_leaf) {
|
|
201
202
|
pkey = ssl_cert_parse_pubkey(&certificate);
|
|
202
203
|
if (!pkey) {
|
|
203
204
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
|
@@ -234,8 +235,13 @@ bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
|
234
235
|
SSLExtension sct(
|
|
235
236
|
TLSEXT_TYPE_certificate_timestamp,
|
|
236
237
|
!ssl->server && hs->config->signed_cert_timestamps_enabled);
|
|
238
|
+
SSLExtension trust_anchors(
|
|
239
|
+
TLSEXT_TYPE_trust_anchors,
|
|
240
|
+
!ssl->server && is_leaf &&
|
|
241
|
+
hs->config->requested_trust_anchors.has_value());
|
|
237
242
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
238
|
-
if (!ssl_parse_extensions(&extensions, &alert,
|
|
243
|
+
if (!ssl_parse_extensions(&extensions, &alert,
|
|
244
|
+
{&status_request, &sct, &trust_anchors},
|
|
239
245
|
/*ignore_unknown=*/false)) {
|
|
240
246
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
241
247
|
return false;
|
|
@@ -280,6 +286,15 @@ bool tls13_process_certificate(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
|
280
286
|
}
|
|
281
287
|
}
|
|
282
288
|
}
|
|
289
|
+
|
|
290
|
+
if (trust_anchors.present) {
|
|
291
|
+
if (CBS_len(&trust_anchors.data) != 0) {
|
|
292
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_PARSING_EXTENSION);
|
|
293
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
|
|
294
|
+
return false;
|
|
295
|
+
}
|
|
296
|
+
hs->peer_matched_trust_anchor = true;
|
|
297
|
+
}
|
|
283
298
|
}
|
|
284
299
|
|
|
285
300
|
// Store a null certificate list rather than an empty one if the peer didn't
|
|
@@ -378,9 +393,9 @@ bool tls13_process_finished(SSL_HANDSHAKE *hs, const SSLMessage &msg,
|
|
|
378
393
|
|
|
379
394
|
bool finished_ok =
|
|
380
395
|
CBS_mem_equal(&msg.body, verify_data.data(), verify_data.size());
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
396
|
+
if (CRYPTO_fuzzer_mode_enabled()) {
|
|
397
|
+
finished_ok = true;
|
|
398
|
+
}
|
|
384
399
|
if (!finished_ok) {
|
|
385
400
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
|
|
386
401
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
|
|
@@ -472,6 +487,16 @@ bool tls13_add_certificate(SSL_HANDSHAKE *hs) {
|
|
|
472
487
|
}
|
|
473
488
|
}
|
|
474
489
|
|
|
490
|
+
if (hs->matched_peer_trust_anchor) {
|
|
491
|
+
// Let the peer know we matched a requested trust anchor.
|
|
492
|
+
CBB empty_contents;
|
|
493
|
+
if (!CBB_add_u16(&extensions, TLSEXT_TYPE_trust_anchors) || //
|
|
494
|
+
!CBB_add_u16_length_prefixed(&extensions, &empty_contents) || //
|
|
495
|
+
!CBB_flush(&extensions)) {
|
|
496
|
+
return false;
|
|
497
|
+
}
|
|
498
|
+
}
|
|
499
|
+
|
|
475
500
|
for (size_t i = 1; i < sk_CRYPTO_BUFFER_num(cred->chain.get()); i++) {
|
|
476
501
|
CRYPTO_BUFFER *cert_buf = sk_CRYPTO_BUFFER_value(cred->chain.get(), i);
|
|
477
502
|
CBB child;
|
|
@@ -642,8 +667,7 @@ bool tls13_add_key_update(SSL *ssl, int request_type) {
|
|
|
642
667
|
}
|
|
643
668
|
|
|
644
669
|
// In DTLS, the actual key update is deferred until KeyUpdate is ACKed.
|
|
645
|
-
if (!SSL_is_dtls(ssl) &&
|
|
646
|
-
!tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
|
|
670
|
+
if (!SSL_is_dtls(ssl) && !tls13_rotate_traffic_key(ssl, evp_aead_seal)) {
|
|
647
671
|
return false;
|
|
648
672
|
}
|
|
649
673
|
|
|
@@ -1189,8 +1189,9 @@ UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl, CBS *body) {
|
|
|
1189
1189
|
}
|
|
1190
1190
|
|
|
1191
1191
|
SSLExtension early_data(TLSEXT_TYPE_early_data);
|
|
1192
|
+
SSLExtension flags(TLSEXT_TYPE_tls_flags);
|
|
1192
1193
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
1193
|
-
if (!ssl_parse_extensions(&extensions, &alert, {&early_data},
|
|
1194
|
+
if (!ssl_parse_extensions(&extensions, &alert, {&early_data, &flags},
|
|
1194
1195
|
/*ignore_unknown=*/true)) {
|
|
1195
1196
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
1196
1197
|
return nullptr;
|
|
@@ -1213,6 +1214,17 @@ UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl, CBS *body) {
|
|
|
1213
1214
|
}
|
|
1214
1215
|
}
|
|
1215
1216
|
|
|
1217
|
+
if (flags.present) {
|
|
1218
|
+
SSLFlags parsed;
|
|
1219
|
+
if (!ssl_parse_flags_extension_request(&flags.data, &parsed, &alert)) {
|
|
1220
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
1221
|
+
return nullptr;
|
|
1222
|
+
}
|
|
1223
|
+
if (parsed & kSSLFlagResumptionAcrossNames) {
|
|
1224
|
+
session->is_resumable_across_names = true;
|
|
1225
|
+
}
|
|
1226
|
+
}
|
|
1227
|
+
|
|
1216
1228
|
// Historically, OpenSSL filled in fake session IDs for ticket-based sessions.
|
|
1217
1229
|
// Envoy's tests depend on this, although perhaps they shouldn't.
|
|
1218
1230
|
session->session_id.ResizeForOverwrite(SHA256_DIGEST_LENGTH);
|
|
@@ -296,7 +296,6 @@ class ChaChaRecordNumberEncrypter : public RecordNumberEncrypter {
|
|
|
296
296
|
uint8_t key_[kKeySize];
|
|
297
297
|
};
|
|
298
298
|
|
|
299
|
-
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
|
|
300
299
|
class NullRecordNumberEncrypter : public RecordNumberEncrypter {
|
|
301
300
|
public:
|
|
302
301
|
size_t KeySize() override { return 0; }
|
|
@@ -306,7 +305,6 @@ class NullRecordNumberEncrypter : public RecordNumberEncrypter {
|
|
|
306
305
|
return true;
|
|
307
306
|
}
|
|
308
307
|
};
|
|
309
|
-
#endif // BORINGSSL_UNSAFE_FUZZER_MODE
|
|
310
308
|
|
|
311
309
|
} // namespace
|
|
312
310
|
|
|
@@ -314,10 +312,9 @@ UniquePtr<RecordNumberEncrypter> RecordNumberEncrypter::Create(
|
|
|
314
312
|
const SSL_CIPHER *cipher, Span<const uint8_t> traffic_secret) {
|
|
315
313
|
const EVP_MD *digest = ssl_get_handshake_digest(TLS1_3_VERSION, cipher);
|
|
316
314
|
UniquePtr<RecordNumberEncrypter> ret;
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
if (cipher->algorithm_enc == SSL_AES128GCM) {
|
|
315
|
+
if (CRYPTO_fuzzer_mode_enabled()) {
|
|
316
|
+
ret = MakeUnique<NullRecordNumberEncrypter>();
|
|
317
|
+
} else if (cipher->algorithm_enc == SSL_AES128GCM) {
|
|
321
318
|
ret = MakeUnique<AES128RecordNumberEncrypter>();
|
|
322
319
|
} else if (cipher->algorithm_enc == SSL_AES256GCM) {
|
|
323
320
|
ret = MakeUnique<AES256RecordNumberEncrypter>();
|
|
@@ -326,7 +323,6 @@ UniquePtr<RecordNumberEncrypter> RecordNumberEncrypter::Create(
|
|
|
326
323
|
} else {
|
|
327
324
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
328
325
|
}
|
|
329
|
-
#endif // BORINGSSL_UNSAFE_FUZZER_MODE
|
|
330
326
|
if (ret == nullptr) {
|
|
331
327
|
return nullptr;
|
|
332
328
|
}
|
|
@@ -474,7 +470,7 @@ bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce,
|
|
|
474
470
|
|
|
475
471
|
static const char kTLS13LabelExportKeying[] = "exporter";
|
|
476
472
|
|
|
477
|
-
bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
|
|
473
|
+
bool tls13_export_keying_material(const SSL *ssl, Span<uint8_t> out,
|
|
478
474
|
Span<const uint8_t> secret,
|
|
479
475
|
std::string_view label,
|
|
480
476
|
Span<const uint8_t> context) {
|
|
@@ -628,9 +624,9 @@ bool tls13_verify_psk_binder(const SSL_HANDSHAKE *hs,
|
|
|
628
624
|
bool binder_ok =
|
|
629
625
|
CBS_len(&binder) == verify_data_len &&
|
|
630
626
|
CRYPTO_memcmp(CBS_data(&binder), verify_data, verify_data_len) == 0;
|
|
631
|
-
|
|
632
|
-
|
|
633
|
-
|
|
627
|
+
if (CRYPTO_fuzzer_mode_enabled()) {
|
|
628
|
+
binder_ok = true;
|
|
629
|
+
}
|
|
634
630
|
if (!binder_ok) {
|
|
635
631
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
|
|
636
632
|
return false;
|
|
@@ -192,6 +192,7 @@ static bool add_new_session_tickets(SSL_HANDSHAKE *hs, bool *out_sent_tickets) {
|
|
|
192
192
|
session->ticket_max_early_data =
|
|
193
193
|
SSL_is_quic(ssl) ? 0xffffffff : kMaxEarlyDataAccepted;
|
|
194
194
|
}
|
|
195
|
+
session->is_resumable_across_names = ssl->resumption_across_names_enabled;
|
|
195
196
|
|
|
196
197
|
static_assert(kMaxTickets < 256, "Too many tickets");
|
|
197
198
|
assert(i < 256);
|
|
@@ -230,6 +231,14 @@ static bool add_new_session_tickets(SSL_HANDSHAKE *hs, bool *out_sent_tickets) {
|
|
|
230
231
|
}
|
|
231
232
|
}
|
|
232
233
|
|
|
234
|
+
SSLFlags flags = 0;
|
|
235
|
+
if (session->is_resumable_across_names) {
|
|
236
|
+
flags |= kSSLFlagResumptionAcrossNames;
|
|
237
|
+
}
|
|
238
|
+
if (!ssl_add_flags_extension(&extensions, flags)) {
|
|
239
|
+
return false;
|
|
240
|
+
}
|
|
241
|
+
|
|
233
242
|
// Add a fake extension. See RFC 8701.
|
|
234
243
|
if (!CBB_add_u16(&extensions,
|
|
235
244
|
ssl_get_grease_value(hs, ssl_grease_ticket_extension)) ||
|
|
@@ -711,7 +720,8 @@ static enum ssl_hs_wait_t do_send_hello_retry_request(SSL_HANDSHAKE *hs) {
|
|
|
711
720
|
ScopedCBB cbb;
|
|
712
721
|
CBB body, session_id, extensions;
|
|
713
722
|
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_SERVER_HELLO) ||
|
|
714
|
-
!CBB_add_u16(&body,
|
|
723
|
+
!CBB_add_u16(&body,
|
|
724
|
+
SSL_is_dtls(ssl) ? DTLS1_2_VERSION : TLS1_2_VERSION) ||
|
|
715
725
|
!CBB_add_bytes(&body, kHelloRetryRequest, SSL3_RANDOM_SIZE) ||
|
|
716
726
|
!CBB_add_u8_length_prefixed(&body, &session_id) ||
|
|
717
727
|
!CBB_add_bytes(&session_id, hs->session_id.data(),
|
|
@@ -907,15 +917,12 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
907
917
|
}
|
|
908
918
|
}
|
|
909
919
|
|
|
910
|
-
uint16_t server_hello_version = TLS1_2_VERSION;
|
|
911
|
-
if (SSL_is_dtls(ssl)) {
|
|
912
|
-
server_hello_version = DTLS1_2_VERSION;
|
|
913
|
-
}
|
|
914
920
|
Array<uint8_t> server_hello;
|
|
915
921
|
ScopedCBB cbb;
|
|
916
922
|
CBB body, extensions, session_id;
|
|
917
923
|
if (!ssl->method->init_message(ssl, cbb.get(), &body, SSL3_MT_SERVER_HELLO) ||
|
|
918
|
-
!CBB_add_u16(&body,
|
|
924
|
+
!CBB_add_u16(&body,
|
|
925
|
+
SSL_is_dtls(ssl) ? DTLS1_2_VERSION : TLS1_2_VERSION) ||
|
|
919
926
|
!CBB_add_bytes(&body, ssl->s3->server_random,
|
|
920
927
|
sizeof(ssl->s3->server_random)) ||
|
|
921
928
|
!CBB_add_u8_length_prefixed(&body, &session_id) ||
|
|
@@ -979,11 +986,6 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
979
986
|
if (!ssl->s3->session_reused && !hs->pake_verifier) {
|
|
980
987
|
// Determine whether to request a client certificate.
|
|
981
988
|
hs->cert_request = !!(hs->config->verify_mode & SSL_VERIFY_PEER);
|
|
982
|
-
// Only request a certificate if Channel ID isn't negotiated.
|
|
983
|
-
if ((hs->config->verify_mode & SSL_VERIFY_PEER_IF_NO_OBC) &&
|
|
984
|
-
hs->channel_id_negotiated) {
|
|
985
|
-
hs->cert_request = false;
|
|
986
|
-
}
|
|
987
989
|
}
|
|
988
990
|
|
|
989
991
|
// Send a CertificateRequest, if necessary.
|
|
@@ -47,14 +47,11 @@ static const uint8_t kMaxWarningAlerts = 4;
|
|
|
47
47
|
// ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
|
|
48
48
|
// state needs record-splitting and zero otherwise.
|
|
49
49
|
bool ssl_needs_record_splitting(const SSL *ssl) {
|
|
50
|
-
|
|
51
|
-
|
|
50
|
+
return !CRYPTO_fuzzer_mode_enabled() &&
|
|
51
|
+
!ssl->s3->aead_write_ctx->is_null_cipher() &&
|
|
52
52
|
ssl_protocol_version(ssl) < TLS1_1_VERSION &&
|
|
53
53
|
(ssl->mode & SSL_MODE_CBC_RECORD_SPLITTING) != 0 &&
|
|
54
54
|
SSL_CIPHER_is_block_cipher(ssl->s3->aead_write_ctx->cipher());
|
|
55
|
-
#else
|
|
56
|
-
return false;
|
|
57
|
-
#endif
|
|
58
55
|
}
|
|
59
56
|
|
|
60
57
|
size_t ssl_record_prefix_len(const SSL *ssl) {
|