RubyGems - wearefair-grpc - Versions diffs - 1.3.1.pre.c → 1.4.0.fair - Mend

wearefair-grpc 1.3.1.pre.c → 1.4.0.fair

Files changed (219) hide show

checksums.yaml +4 -4
data/Makefile +418 -126
data/include/grpc/grpc.h +15 -69
data/include/grpc/grpc_security.h +1 -1
data/include/grpc/impl/codegen/compression_types.h +3 -4
data/include/grpc/impl/codegen/gpr_types.h +0 -1
data/include/grpc/impl/codegen/grpc_types.h +69 -3
data/include/grpc/impl/codegen/port_platform.h +6 -0
data/include/grpc/impl/codegen/slice.h +2 -1
data/include/grpc/load_reporting.h +6 -6
data/include/grpc/slice.h +25 -3
data/include/grpc/slice_buffer.h +4 -0
data/src/core/ext/census/context.c +1 -1
data/src/core/ext/census/resource.c +3 -1
data/src/core/ext/filters/client_channel/channel_connectivity.c +1 -1
data/src/core/ext/filters/client_channel/client_channel.c +158 -100
data/src/core/ext/filters/client_channel/client_channel_plugin.c +3 -2
data/src/core/ext/filters/client_channel/lb_policy.c +2 -1
data/src/core/ext/filters/client_channel/lb_policy.h +5 -6
data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.c +153 -0
data/src/core/ext/filters/client_channel/lb_policy/grpclb/client_load_reporting_filter.h +42 -0
data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.c +344 -88
data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.c +133 -0
data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +65 -0
data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.c +47 -5
data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +6 -0
data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.c +19 -8
data/src/core/ext/filters/client_channel/lb_policy/grpclb/proto/grpc/lb/v1/load_balancer.pb.h +63 -34
data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.c +2 -1
data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.c +13 -12
data/src/core/ext/filters/client_channel/lb_policy_factory.c +28 -5
data/src/core/ext/filters/client_channel/lb_policy_factory.h +18 -4
data/src/core/ext/filters/client_channel/parse_address.c +37 -7
data/src/core/ext/filters/client_channel/parse_address.h +11 -8
data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.c +3 -3
data/src/core/ext/filters/client_channel/subchannel.c +19 -16
data/src/core/ext/filters/client_channel/subchannel.h +1 -0
data/src/core/ext/filters/client_channel/uri_parser.c +36 -22
data/src/core/ext/filters/client_channel/uri_parser.h +1 -1
data/src/core/{lib/channel → ext/filters/deadline}/deadline_filter.c +42 -17
data/src/core/{lib/channel → ext/filters/deadline}/deadline_filter.h +8 -9
data/src/core/{lib/channel → ext/filters/http/client}/http_client_filter.c +19 -11
data/src/core/{lib/channel → ext/filters/http/client}/http_client_filter.h +3 -6
data/src/core/ext/filters/http/http_filters_plugin.c +104 -0
data/src/core/{lib/channel/compress_filter.c → ext/filters/http/message_compress/message_compress_filter.c} +124 -23
data/src/core/{lib/channel/compress_filter.h → ext/filters/http/message_compress/message_compress_filter.h} +5 -6
data/src/core/{lib/channel → ext/filters/http/server}/http_server_filter.c +4 -6
data/src/core/{lib/channel → ext/filters/http/server}/http_server_filter.h +3 -3
data/src/core/ext/filters/load_reporting/load_reporting.c +2 -25
data/src/core/ext/filters/load_reporting/load_reporting_filter.c +26 -1
data/src/core/ext/filters/max_age/max_age_filter.c +14 -14
data/src/core/{lib/channel → ext/filters/message_size}/message_size_filter.c +91 -47
data/src/core/{lib/channel → ext/filters/message_size}/message_size_filter.h +3 -3
data/src/core/ext/transport/chttp2/client/insecure/channel_create.c +1 -1
data/src/core/ext/transport/chttp2/server/chttp2_server.c +2 -2
data/src/core/ext/transport/chttp2/transport/bin_decoder.c +2 -2
data/src/core/ext/transport/chttp2/transport/bin_encoder.c +3 -3
data/src/core/ext/transport/chttp2/transport/chttp2_transport.c +296 -172
data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +3 -2
data/src/core/ext/transport/chttp2/transport/frame_data.c +203 -164
data/src/core/ext/transport/chttp2/transport/frame_data.h +8 -14
data/src/core/ext/transport/chttp2/transport/frame_goaway.c +1 -1
data/src/core/ext/transport/chttp2/transport/frame_ping.c +1 -1
data/src/core/ext/transport/chttp2/transport/frame_rst_stream.c +1 -1
data/src/core/ext/transport/chttp2/transport/frame_settings.c +5 -5
data/src/core/ext/transport/chttp2/transport/frame_window_update.c +1 -1
data/src/core/ext/transport/chttp2/transport/hpack_encoder.c +4 -4
data/src/core/ext/transport/chttp2/transport/hpack_parser.c +2 -4
data/src/core/ext/transport/chttp2/transport/hpack_table.c +4 -3
data/src/core/ext/transport/chttp2/transport/internal.h +50 -33
data/src/core/ext/transport/chttp2/transport/parsing.c +10 -11
data/src/core/ext/transport/chttp2/transport/writing.c +32 -13
data/src/core/lib/channel/channel_args.c +28 -9
data/src/core/lib/channel/channel_args.h +5 -1
data/src/core/lib/channel/channel_stack.c +1 -1
data/src/core/lib/channel/channel_stack.h +2 -2
data/src/core/lib/channel/channel_stack_builder.c +13 -1
data/src/core/lib/channel/channel_stack_builder.h +5 -1
data/src/core/lib/channel/connected_channel.c +3 -1
data/src/core/lib/channel/context.h +2 -2
data/src/core/lib/compression/message_compress.c +2 -2
data/src/core/lib/debug/trace.c +13 -6
data/src/core/lib/debug/trace.h +27 -1
data/src/core/lib/http/httpcli.c +1 -1
data/src/core/lib/http/httpcli_security_connector.c +6 -10
data/src/core/lib/http/parser.c +2 -2
data/src/core/lib/http/parser.h +2 -1
data/src/core/lib/iomgr/combiner.c +6 -6
data/src/core/lib/iomgr/combiner.h +2 -1
data/src/core/lib/iomgr/error.c +12 -5
data/src/core/lib/iomgr/error.h +13 -13
data/src/core/lib/iomgr/ev_epoll1_linux.c +984 -0
data/src/core/lib/iomgr/ev_epoll1_linux.h +44 -0
data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.c +2146 -0
data/src/core/lib/iomgr/ev_epoll_limited_pollers_linux.h +43 -0
data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.c +1337 -0
data/src/core/lib/iomgr/ev_epoll_thread_pool_linux.h +43 -0
data/src/core/lib/iomgr/ev_epollex_linux.c +1511 -0
data/src/core/lib/iomgr/ev_epollex_linux.h +43 -0
data/src/core/lib/iomgr/{ev_epoll_linux.c → ev_epollsig_linux.c} +24 -31
data/src/core/lib/iomgr/{ev_epoll_linux.h → ev_epollsig_linux.h} +4 -4
data/src/core/lib/iomgr/ev_poll_posix.c +12 -27
data/src/core/lib/iomgr/ev_poll_posix.h +2 -2
data/src/core/lib/iomgr/ev_posix.c +22 -8
data/src/core/lib/iomgr/ev_posix.h +4 -3
data/src/core/lib/iomgr/exec_ctx.c +5 -0
data/src/core/lib/iomgr/exec_ctx.h +2 -0
data/src/core/lib/iomgr/iomgr.c +4 -0
data/src/core/lib/iomgr/iomgr.h +3 -0
data/src/core/lib/iomgr/is_epollexclusive_available.c +116 -0
data/src/core/lib/iomgr/is_epollexclusive_available.h +41 -0
data/src/core/lib/iomgr/lockfree_event.c +16 -0
data/src/core/lib/iomgr/pollset.h +2 -5
data/src/core/lib/iomgr/pollset_uv.c +1 -1
data/src/core/lib/iomgr/pollset_windows.c +3 -3
data/src/core/lib/iomgr/resource_quota.c +9 -8
data/src/core/lib/iomgr/resource_quota.h +2 -1
data/src/core/lib/iomgr/sockaddr_utils.h +1 -1
data/src/core/lib/iomgr/socket_mutator.h +2 -0
data/src/core/lib/iomgr/sys_epoll_wrapper.h +43 -0
data/src/core/lib/iomgr/tcp_client_posix.c +6 -6
data/src/core/lib/iomgr/tcp_client_uv.c +3 -3
data/src/core/lib/iomgr/tcp_posix.c +7 -7
data/src/core/lib/iomgr/tcp_posix.h +2 -1
data/src/core/lib/iomgr/tcp_server_posix.c +1 -1
data/src/core/lib/iomgr/tcp_uv.c +6 -6
data/src/core/lib/iomgr/tcp_uv.h +2 -1
data/src/core/lib/iomgr/tcp_windows.c +1 -1
data/src/core/lib/iomgr/timer_generic.c +24 -25
data/src/core/lib/iomgr/timer_manager.c +276 -0
data/src/core/lib/iomgr/timer_manager.h +52 -0
data/src/core/lib/iomgr/timer_uv.c +6 -0
data/src/core/lib/iomgr/udp_server.c +42 -9
data/src/core/lib/iomgr/udp_server.h +3 -1
data/src/core/lib/security/credentials/credentials.c +0 -1
data/src/core/lib/security/credentials/fake/fake_credentials.c +23 -0
data/src/core/lib/security/credentials/fake/fake_credentials.h +12 -9
data/src/core/lib/security/credentials/google_default/google_default_credentials.c +1 -1
data/src/core/lib/security/credentials/jwt/jwt_credentials.c +1 -1
data/src/core/lib/security/credentials/oauth2/oauth2_credentials.c +1 -1
data/src/core/lib/security/credentials/ssl/ssl_credentials.c +24 -53
data/src/core/lib/security/transport/client_auth_filter.c +9 -3
data/src/core/lib/security/transport/secure_endpoint.c +7 -7
data/src/core/lib/security/transport/secure_endpoint.h +1 -1
data/src/core/lib/security/transport/security_connector.c +32 -51
data/src/core/lib/security/transport/security_connector.h +10 -14
data/src/core/lib/slice/b64.c +1 -1
data/src/core/lib/slice/percent_encoding.c +3 -3
data/src/core/lib/slice/slice.c +66 -33
data/src/core/lib/slice/slice_buffer.c +25 -6
data/src/core/lib/slice/slice_hash_table.c +33 -35
data/src/core/lib/slice/slice_hash_table.h +7 -12
data/src/core/lib/support/atomic.h +45 -0
data/src/core/lib/support/atomic_with_atm.h +70 -0
data/src/core/lib/support/atomic_with_std.h +48 -0
data/src/core/lib/support/avl.c +14 -14
data/src/core/lib/support/memory.h +74 -0
data/src/core/lib/support/mpscq.c +12 -1
data/src/core/lib/support/mpscq.h +4 -0
data/src/core/lib/support/stack_lockfree.c +3 -36
data/src/core/lib/support/time_posix.c +8 -0
data/src/core/lib/support/tmpfile_posix.c +10 -10
data/src/core/lib/surface/alarm.c +3 -1
data/src/core/lib/surface/api_trace.c +2 -1
data/src/core/lib/surface/api_trace.h +2 -2
data/src/core/lib/surface/byte_buffer_reader.c +1 -1
data/src/core/lib/surface/call.c +65 -22
data/src/core/lib/surface/call.h +4 -2
data/src/core/lib/surface/channel_init.c +2 -19
data/src/core/lib/surface/channel_stack_type.c +18 -0
data/src/core/lib/surface/channel_stack_type.h +2 -0
data/src/core/lib/surface/completion_queue.c +249 -83
data/src/core/lib/surface/completion_queue.h +18 -13
data/src/core/lib/surface/completion_queue_factory.c +24 -9
data/src/core/lib/surface/init.c +1 -52
data/src/core/lib/surface/{lame_client.c → lame_client.cc} +37 -26
data/src/core/lib/surface/server.c +50 -27
data/src/core/lib/surface/server.h +2 -1
data/src/core/lib/surface/version.c +2 -2
data/src/core/lib/transport/bdp_estimator.c +20 -9
data/src/core/lib/transport/bdp_estimator.h +5 -1
data/src/core/lib/transport/byte_stream.c +23 -9
data/src/core/lib/transport/byte_stream.h +15 -6
data/src/core/lib/transport/connectivity_state.c +6 -6
data/src/core/lib/transport/connectivity_state.h +2 -1
data/src/core/lib/transport/service_config.c +6 -13
data/src/core/lib/transport/service_config.h +2 -2
data/src/core/lib/transport/static_metadata.c +403 -389
data/src/core/lib/transport/static_metadata.h +127 -114
data/src/core/plugin_registry/grpc_plugin_registry.c +12 -0
data/src/core/tsi/fake_transport_security.c +5 -4
data/src/core/tsi/ssl_transport_security.c +71 -82
data/src/core/tsi/ssl_transport_security.h +39 -61
data/src/core/tsi/transport_security.c +83 -2
data/src/core/tsi/transport_security.h +27 -2
data/src/core/tsi/transport_security_adapter.c +236 -0
data/src/core/tsi/transport_security_adapter.h +62 -0
data/src/core/tsi/transport_security_interface.h +179 -66
data/src/ruby/ext/grpc/extconf.rb +2 -1
data/src/ruby/ext/grpc/rb_byte_buffer.c +8 -6
data/src/ruby/ext/grpc/rb_call.c +56 -48
data/src/ruby/ext/grpc/rb_call.h +3 -4
data/src/ruby/ext/grpc/rb_call_credentials.c +23 -22
data/src/ruby/ext/grpc/rb_channel.c +45 -29
data/src/ruby/ext/grpc/rb_channel_args.c +11 -9
data/src/ruby/ext/grpc/rb_channel_credentials.c +16 -12
data/src/ruby/ext/grpc/rb_completion_queue.c +7 -9
data/src/ruby/ext/grpc/rb_compression_options.c +7 -6
data/src/ruby/ext/grpc/rb_event_thread.c +10 -12
data/src/ruby/ext/grpc/rb_event_thread.h +1 -2
data/src/ruby/ext/grpc/rb_grpc.c +11 -15
data/src/ruby/ext/grpc/rb_grpc.h +2 -2
data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +14 -6
data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +22 -10
data/src/ruby/ext/grpc/rb_server.c +26 -28
data/src/ruby/lib/grpc/version.rb +1 -1
metadata +40 -18
data/src/ruby/lib/grpc/grpc_c.bundle +0 -0
data/src/ruby/lib/grpc/grpc_c.so +0 -0

data/src/core/lib/security/transport/secure_endpoint.c CHANGED

@@ -75,7 +75,7 @@ typedef struct {
   gpr_refcount ref;
 } secure_endpoint;
-int grpc_trace_secure_endpoint = 0;
+grpc_tracer_flag grpc_trace_secure_endpoint = GRPC_TRACER_INITIALIZER(false);
 static void destroy(grpc_exec_ctx *exec_ctx, secure_endpoint *secure_ep) {
   secure_endpoint *ep = secure_ep;
@@ -130,14 +130,14 @@ static void secure_endpoint_ref(secure_endpoint *ep) { gpr_ref(&ep->ref); }
 static void flush_read_staging_buffer(secure_endpoint *ep, uint8_t **cur,
                                       uint8_t **end) {
   grpc_slice_buffer_add(ep->read_buffer, ep->read_staging_buffer);
-  ep->read_staging_buffer = grpc_slice_malloc(STAGING_BUFFER_SIZE);
+  ep->read_staging_buffer = GRPC_SLICE_MALLOC(STAGING_BUFFER_SIZE);
   *cur = GRPC_SLICE_START_PTR(ep->read_staging_buffer);
   *end = GRPC_SLICE_END_PTR(ep->read_staging_buffer);
 }
 static void call_read_cb(grpc_exec_ctx *exec_ctx, secure_endpoint *ep,
                          grpc_error *error) {
-  if (grpc_trace_secure_endpoint) {
+  if (GRPC_TRACER_ON(grpc_trace_secure_endpoint)) {
     size_t i;
     for (i = 0; i < ep->read_buffer->count; i++) {
       char *data = grpc_dump_slice(ep->read_buffer->slices[i],
@@ -252,7 +252,7 @@ static void endpoint_read(grpc_exec_ctx *exec_ctx, grpc_endpoint *secure_ep,
 static void flush_write_staging_buffer(secure_endpoint *ep, uint8_t **cur,
                                        uint8_t **end) {
   grpc_slice_buffer_add(&ep->output_buffer, ep->write_staging_buffer);
-  ep->write_staging_buffer = grpc_slice_malloc(STAGING_BUFFER_SIZE);
+  ep->write_staging_buffer = GRPC_SLICE_MALLOC(STAGING_BUFFER_SIZE);
   *cur = GRPC_SLICE_START_PTR(ep->write_staging_buffer);
   *end = GRPC_SLICE_END_PTR(ep->write_staging_buffer);
 }
@@ -269,7 +269,7 @@ static void endpoint_write(grpc_exec_ctx *exec_ctx, grpc_endpoint *secure_ep,
   grpc_slice_buffer_reset_and_unref_internal(exec_ctx, &ep->output_buffer);
-  if (grpc_trace_secure_endpoint) {
+  if (GRPC_TRACER_ON(grpc_trace_secure_endpoint)) {
     for (i = 0; i < slices->count; i++) {
       char *data =
           grpc_dump_slice(slices->slices[i], GPR_DUMP_HEX | GPR_DUMP_ASCII);
@@ -415,8 +415,8 @@ grpc_endpoint *grpc_secure_endpoint_create(
     grpc_slice_buffer_add(&ep->leftover_bytes,
                           grpc_slice_ref_internal(leftover_slices[i]));
   }
-  ep->write_staging_buffer = grpc_slice_malloc(STAGING_BUFFER_SIZE);
-  ep->read_staging_buffer = grpc_slice_malloc(STAGING_BUFFER_SIZE);
+  ep->write_staging_buffer = GRPC_SLICE_MALLOC(STAGING_BUFFER_SIZE);
+  ep->read_staging_buffer = GRPC_SLICE_MALLOC(STAGING_BUFFER_SIZE);
   grpc_slice_buffer_init(&ep->output_buffer);
   grpc_slice_buffer_init(&ep->source_buffer);
   ep->read_buffer = NULL;

data/src/core/lib/security/transport/secure_endpoint.h CHANGED

@@ -39,7 +39,7 @@
 struct tsi_frame_protector;
-extern int grpc_trace_secure_endpoint;
+extern grpc_tracer_flag grpc_trace_secure_endpoint;
 /* Takes ownership of protector and to_wrap, and refs leftover_slices. */
 grpc_endpoint *grpc_secure_endpoint_create(

data/src/core/lib/security/transport/security_connector.c CHANGED

@@ -78,9 +78,8 @@ void grpc_set_ssl_roots_override_callback(grpc_ssl_roots_override_callback cb) {
 /* Defines the cipher suites that we accept by default. All these cipher suites
    are compliant with HTTP2. */
-#define GRPC_SSL_CIPHER_SUITES                                            \
-  "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-" \
-  "SHA384:ECDHE-RSA-AES256-GCM-SHA384"
+#define GRPC_SSL_CIPHER_SUITES \
+  "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384"
 static gpr_once cipher_suites_once = GPR_ONCE_INIT;
 static const char *cipher_suites = NULL;
@@ -423,12 +422,8 @@ grpc_channel_security_connector *grpc_fake_channel_security_connector_create(
   c->base.check_call_host = fake_channel_check_call_host;
   c->base.add_handshakers = fake_channel_add_handshakers;
   c->target = gpr_strdup(target);
-  const grpc_arg *expected_target_arg =
-      grpc_channel_args_find(args, GRPC_ARG_FAKE_SECURITY_EXPECTED_TARGETS);
-  if (expected_target_arg != NULL) {
-    GPR_ASSERT(expected_target_arg->type == GRPC_ARG_STRING);
-    c->expected_targets = gpr_strdup(expected_target_arg->value.string);
-  }
+  const char *expected_targets = grpc_fake_transport_get_expected_targets(args);
+  c->expected_targets = gpr_strdup(expected_targets);
   c->is_lb_channel = (grpc_lb_targets_info_find_in_args(args) != NULL);
   return &c->base;
 }
@@ -699,6 +694,7 @@ static grpc_security_connector_vtable ssl_channel_vtable = {
 static grpc_security_connector_vtable ssl_server_vtable = {
     ssl_server_destroy, ssl_server_check_peer};
+/* returns a NULL terminated slice. */
 static grpc_slice compute_default_pem_root_certs_once(void) {
   grpc_slice result = grpc_empty_slice();
@@ -707,7 +703,7 @@ static grpc_slice compute_default_pem_root_certs_once(void) {
       gpr_getenv(GRPC_DEFAULT_SSL_ROOTS_FILE_PATH_ENV_VAR);
   if (default_root_certs_path != NULL) {
     GRPC_LOG_IF_ERROR("load_file",
-                      grpc_load_file(default_root_certs_path, 0, &result));
+                      grpc_load_file(default_root_certs_path, 1, &result));
     gpr_free(default_root_certs_path);
   }
@@ -718,15 +714,18 @@ static grpc_slice compute_default_pem_root_certs_once(void) {
     ovrd_res = ssl_roots_override_cb(&pem_root_certs);
     if (ovrd_res == GRPC_SSL_ROOTS_OVERRIDE_OK) {
       GPR_ASSERT(pem_root_certs != NULL);
-      result = grpc_slice_new(pem_root_certs, strlen(pem_root_certs), gpr_free);
+      result = grpc_slice_from_copied_buffer(
+          pem_root_certs,
+          strlen(pem_root_certs) + 1);  // NULL terminator.
     }
+    gpr_free(pem_root_certs);
   }
   /* Fall back to installed certs if needed. */
   if (GRPC_SLICE_IS_EMPTY(result) &&
       ovrd_res != GRPC_SSL_ROOTS_OVERRIDE_FAIL_PERMANENTLY) {
     GRPC_LOG_IF_ERROR("load_file",
-                      grpc_load_file(installed_roots_path, 0, &result));
+                      grpc_load_file(installed_roots_path, 1, &result));
   }
   return result;
 }
@@ -766,13 +765,14 @@ get_tsi_client_certificate_request_type(
   }
 }
-size_t grpc_get_default_ssl_roots(const unsigned char **pem_root_certs) {
+const char *grpc_get_default_ssl_roots(void) {
   /* TODO(jboeuf@google.com): Maybe revisit the approach which consists in
      loading all the roots once for the lifetime of the process. */
   static gpr_once once = GPR_ONCE_INIT;
   gpr_once_init(&once, init_default_pem_root_certs);
-  *pem_root_certs = GRPC_SLICE_START_PTR(default_pem_root_certs);
-  return GRPC_SLICE_LENGTH(default_pem_root_certs);
+  return GRPC_SLICE_IS_EMPTY(default_pem_root_certs)
+             ? NULL
+             : (const char *)GRPC_SLICE_START_PTR(default_pem_root_certs);
 }
 grpc_security_status grpc_ssl_channel_security_connector_create(
@@ -780,22 +780,16 @@ grpc_security_status grpc_ssl_channel_security_connector_create(
     const grpc_ssl_config *config, const char *target_name,
     const char *overridden_target_name, grpc_channel_security_connector **sc) {
   size_t num_alpn_protocols = grpc_chttp2_num_alpn_versions();
-  const unsigned char **alpn_protocol_strings =
+  const char **alpn_protocol_strings =
       gpr_malloc(sizeof(const char *) * num_alpn_protocols);
-  unsigned char *alpn_protocol_string_lengths =
-      gpr_malloc(sizeof(unsigned char) * num_alpn_protocols);
   tsi_result result = TSI_OK;
   grpc_ssl_channel_security_connector *c;
   size_t i;
-  const unsigned char *pem_root_certs;
-  size_t pem_root_certs_size;
+  const char *pem_root_certs;
   char *port;
   for (i = 0; i < num_alpn_protocols; i++) {
-    alpn_protocol_strings[i] =
-        (const unsigned char *)grpc_chttp2_get_alpn_version_index(i);
-    alpn_protocol_string_lengths[i] =
-        (unsigned char)strlen(grpc_chttp2_get_alpn_version_index(i));
+    alpn_protocol_strings[i] = grpc_chttp2_get_alpn_version_index(i);
   }
   if (config == NULL || target_name == NULL) {
@@ -803,14 +797,13 @@ grpc_security_status grpc_ssl_channel_security_connector_create(
     goto error;
   }
   if (config->pem_root_certs == NULL) {
-    pem_root_certs_size = grpc_get_default_ssl_roots(&pem_root_certs);
-    if (pem_root_certs == NULL || pem_root_certs_size == 0) {
+    pem_root_certs = grpc_get_default_ssl_roots();
+    if (pem_root_certs == NULL) {
       gpr_log(GPR_ERROR, "Could not get default pem root certs.");
       goto error;
     }
   } else {
     pem_root_certs = config->pem_root_certs;
-    pem_root_certs_size = config->pem_root_certs_size;
   }
   c = gpr_zalloc(sizeof(grpc_ssl_channel_security_connector));
@@ -827,11 +820,12 @@ grpc_security_status grpc_ssl_channel_security_connector_create(
   if (overridden_target_name != NULL) {
     c->overridden_target_name = gpr_strdup(overridden_target_name);
   }
+  bool has_key_cert_pair = config->pem_key_cert_pair.private_key != NULL &&
+                           config->pem_key_cert_pair.cert_chain != NULL;
   result = tsi_create_ssl_client_handshaker_factory(
-      config->pem_private_key, config->pem_private_key_size,
-      config->pem_cert_chain, config->pem_cert_chain_size, pem_root_certs,
-      pem_root_certs_size, ssl_cipher_suites(), alpn_protocol_strings,
-      alpn_protocol_string_lengths, (uint16_t)num_alpn_protocols,
+      has_key_cert_pair ? &config->pem_key_cert_pair : NULL, pem_root_certs,
+      ssl_cipher_suites(), alpn_protocol_strings, (uint16_t)num_alpn_protocols,
       &c->handshaker_factory);
   if (result != TSI_OK) {
     gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
@@ -842,12 +836,10 @@ grpc_security_status grpc_ssl_channel_security_connector_create(
   }
   *sc = &c->base;
   gpr_free((void *)alpn_protocol_strings);
-  gpr_free(alpn_protocol_string_lengths);
   return GRPC_SECURITY_OK;
 error:
   gpr_free((void *)alpn_protocol_strings);
-  gpr_free(alpn_protocol_string_lengths);
   return GRPC_SECURITY_ERROR;
 }
@@ -855,19 +847,14 @@ grpc_security_status grpc_ssl_server_security_connector_create(
     grpc_exec_ctx *exec_ctx, const grpc_ssl_server_config *config,
     grpc_server_security_connector **sc) {
   size_t num_alpn_protocols = grpc_chttp2_num_alpn_versions();
-  const unsigned char **alpn_protocol_strings =
+  const char **alpn_protocol_strings =
       gpr_malloc(sizeof(const char *) * num_alpn_protocols);
-  unsigned char *alpn_protocol_string_lengths =
-      gpr_malloc(sizeof(unsigned char) * num_alpn_protocols);
   tsi_result result = TSI_OK;
   grpc_ssl_server_security_connector *c;
   size_t i;
   for (i = 0; i < num_alpn_protocols; i++) {
-    alpn_protocol_strings[i] =
-        (const unsigned char *)grpc_chttp2_get_alpn_version_index(i);
-    alpn_protocol_string_lengths[i] =
-        (unsigned char)strlen(grpc_chttp2_get_alpn_version_index(i));
+    alpn_protocol_strings[i] = grpc_chttp2_get_alpn_version_index(i);
   }
   if (config == NULL || config->num_key_cert_pairs == 0) {
@@ -880,15 +867,11 @@ grpc_security_status grpc_ssl_server_security_connector_create(
   c->base.base.url_scheme = GRPC_SSL_URL_SCHEME;
   c->base.base.vtable = &ssl_server_vtable;
   result = tsi_create_ssl_server_handshaker_factory_ex(
-      (const unsigned char **)config->pem_private_keys,
-      config->pem_private_keys_sizes,
-      (const unsigned char **)config->pem_cert_chains,
-      config->pem_cert_chains_sizes, config->num_key_cert_pairs,
-      config->pem_root_certs, config->pem_root_certs_size,
-      get_tsi_client_certificate_request_type(
-          config->client_certificate_request),
-      ssl_cipher_suites(), alpn_protocol_strings, alpn_protocol_string_lengths,
-      (uint16_t)num_alpn_protocols, &c->handshaker_factory);
+      config->pem_key_cert_pairs, config->num_key_cert_pairs,
+      config->pem_root_certs, get_tsi_client_certificate_request_type(
+                                  config->client_certificate_request),
+      ssl_cipher_suites(), alpn_protocol_strings, (uint16_t)num_alpn_protocols,
+      &c->handshaker_factory);
   if (result != TSI_OK) {
     gpr_log(GPR_ERROR, "Handshaker factory creation failed with %s.",
             tsi_result_to_string(result));
@@ -899,11 +882,9 @@ grpc_security_status grpc_ssl_server_security_connector_create(
   c->base.add_handshakers = ssl_server_add_handshakers;
   *sc = &c->base;
   gpr_free((void *)alpn_protocol_strings);
-  gpr_free(alpn_protocol_string_lengths);
   return GRPC_SECURITY_OK;
 error:
   gpr_free((void *)alpn_protocol_strings);
-  gpr_free(alpn_protocol_string_lengths);
   return GRPC_SECURITY_ERROR;
 }

data/src/core/lib/security/transport/security_connector.h CHANGED

@@ -34,11 +34,14 @@
 #ifndef GRPC_CORE_LIB_SECURITY_TRANSPORT_SECURITY_CONNECTOR_H
 #define GRPC_CORE_LIB_SECURITY_TRANSPORT_SECURITY_CONNECTOR_H
+#include <stdbool.h>
 #include <grpc/grpc_security.h>
 #include "src/core/lib/channel/handshaker.h"
 #include "src/core/lib/iomgr/endpoint.h"
 #include "src/core/lib/iomgr/tcp_server.h"
+#include "src/core/tsi/ssl_transport_security.h"
 #include "src/core/tsi/transport_security_interface.h"
 /* --- status enum. --- */
@@ -184,13 +187,10 @@ grpc_server_security_connector *grpc_fake_server_security_connector_create(
     void);
 /* Config for ssl clients. */
 typedef struct {
-  unsigned char *pem_private_key;
-  size_t pem_private_key_size;
-  unsigned char *pem_cert_chain;
-  size_t pem_cert_chain_size;
-  unsigned char *pem_root_certs;
-  size_t pem_root_certs_size;
+  tsi_ssl_pem_key_cert_pair pem_key_cert_pair;
+  char *pem_root_certs;
 } grpc_ssl_config;
 /* Creates an SSL channel_security_connector.
@@ -211,21 +211,17 @@ grpc_security_status grpc_ssl_channel_security_connector_create(
     const grpc_ssl_config *config, const char *target_name,
     const char *overridden_target_name, grpc_channel_security_connector **sc);
-/* Gets the default ssl roots. */
-size_t grpc_get_default_ssl_roots(const unsigned char **pem_root_certs);
+/* Gets the default ssl roots. Returns NULL if not found. */
+const char *grpc_get_default_ssl_roots(void);
 /* Exposed for TESTING ONLY!. */
 grpc_slice grpc_get_default_ssl_roots_for_testing(void);
 /* Config for ssl servers. */
 typedef struct {
-  unsigned char **pem_private_keys;
-  size_t *pem_private_keys_sizes;
-  unsigned char **pem_cert_chains;
-  size_t *pem_cert_chains_sizes;
+  tsi_ssl_pem_key_cert_pair *pem_key_cert_pairs;
   size_t num_key_cert_pairs;
-  unsigned char *pem_root_certs;
-  size_t pem_root_certs_size;
+  char *pem_root_certs;
   grpc_ssl_client_certificate_request_type client_certificate_request;
 } grpc_ssl_server_config;

data/src/core/lib/slice/b64.c CHANGED

@@ -202,7 +202,7 @@ static int decode_group(const unsigned char *codes, size_t num_codes,
 grpc_slice grpc_base64_decode_with_len(grpc_exec_ctx *exec_ctx, const char *b64,
                                        size_t b64_len, int url_safe) {
-  grpc_slice result = grpc_slice_malloc(b64_len);
+  grpc_slice result = GRPC_SLICE_MALLOC(b64_len);
   unsigned char *current = GRPC_SLICE_START_PTR(result);
   size_t result_size = 0;
   unsigned char codes[4];

data/src/core/lib/slice/percent_encoding.c CHANGED

@@ -71,7 +71,7 @@ grpc_slice grpc_percent_encode_slice(grpc_slice slice,
     return grpc_slice_ref_internal(slice);
   }
   // second pass: actually encode
-  grpc_slice out = grpc_slice_malloc(output_length);
+  grpc_slice out = GRPC_SLICE_MALLOC(output_length);
   uint8_t *q = GRPC_SLICE_START_PTR(out);
   for (p = slice_start; p < slice_end; p++) {
     if (is_unreserved_character(*p, unreserved_bytes)) {
@@ -125,7 +125,7 @@ bool grpc_strict_percent_decode_slice(grpc_slice slice_in,
     return true;
   }
   p = GRPC_SLICE_START_PTR(slice_in);
-  *slice_out = grpc_slice_malloc(out_length);
+  *slice_out = GRPC_SLICE_MALLOC(out_length);
   uint8_t *q = GRPC_SLICE_START_PTR(*slice_out);
   while (p != in_end) {
     if (*p == '%') {
@@ -163,7 +163,7 @@ grpc_slice grpc_permissive_percent_decode_slice(grpc_slice slice_in) {
     return grpc_slice_ref_internal(slice_in);
   }
   p = GRPC_SLICE_START_PTR(slice_in);
-  grpc_slice out = grpc_slice_malloc(out_length);
+  grpc_slice out = GRPC_SLICE_MALLOC(out_length);
   uint8_t *q = GRPC_SLICE_START_PTR(out);
   while (p != in_end) {
     if (*p == '%') {

data/src/core/lib/slice/slice.c CHANGED

@@ -55,6 +55,13 @@ grpc_slice grpc_empty_slice(void) {
   return out;
 }
+grpc_slice grpc_slice_copy(grpc_slice s) {
+  grpc_slice out = GRPC_SLICE_MALLOC(GRPC_SLICE_LENGTH(s));
+  memcpy(GRPC_SLICE_START_PTR(out), GRPC_SLICE_START_PTR(s),
+         GRPC_SLICE_LENGTH(s));
+  return out;
+}
 grpc_slice grpc_slice_ref_internal(grpc_slice slice) {
   if (slice.refcount) {
     slice.refcount->vtable->ref(slice.refcount);
@@ -198,7 +205,7 @@ grpc_slice grpc_slice_new_with_len(void *p, size_t len,
 grpc_slice grpc_slice_from_copied_buffer(const char *source, size_t length) {
   if (length == 0) return grpc_empty_slice();
-  grpc_slice slice = grpc_slice_malloc(length);
+  grpc_slice slice = GRPC_SLICE_MALLOC(length);
   memcpy(GRPC_SLICE_START_PTR(slice), source, length);
   return slice;
 }
@@ -228,35 +235,42 @@ static const grpc_slice_refcount_vtable malloc_vtable = {
     malloc_ref, malloc_unref, grpc_slice_default_eq_impl,
     grpc_slice_default_hash_impl};
+grpc_slice grpc_slice_malloc_large(size_t length) {
+  grpc_slice slice;
+  /* Memory layout used by the slice created here:
+     +-----------+----------------------------------------------------------+
+     | refcount  | bytes                                                    |
+     +-----------+----------------------------------------------------------+
+     refcount is a malloc_refcount
+     bytes is an array of bytes of the requested length
+     Both parts are placed in the same allocation returned from gpr_malloc */
+  malloc_refcount *rc = gpr_malloc(sizeof(malloc_refcount) + length);
+  /* Initial refcount on rc is 1 - and it's up to the caller to release
+     this reference. */
+  gpr_ref_init(&rc->refs, 1);
+  rc->base.vtable = &malloc_vtable;
+  rc->base.sub_refcount = &rc->base;
+  /* Build up the slice to be returned. */
+  /* The slices refcount points back to the allocated block. */
+  slice.refcount = &rc->base;
+  /* The data bytes are placed immediately after the refcount struct */
+  slice.data.refcounted.bytes = (uint8_t *)(rc + 1);
+  /* And the length of the block is set to the requested length */
+  slice.data.refcounted.length = length;
+  return slice;
+}
 grpc_slice grpc_slice_malloc(size_t length) {
   grpc_slice slice;
   if (length > sizeof(slice.data.inlined.bytes)) {
-    /* Memory layout used by the slice created here:
-       +-----------+----------------------------------------------------------+
-       | refcount  | bytes                                                    |
-       +-----------+----------------------------------------------------------+
-       refcount is a malloc_refcount
-       bytes is an array of bytes of the requested length
-       Both parts are placed in the same allocation returned from gpr_malloc */
-    malloc_refcount *rc = gpr_malloc(sizeof(malloc_refcount) + length);
-    /* Initial refcount on rc is 1 - and it's up to the caller to release
-       this reference. */
-    gpr_ref_init(&rc->refs, 1);
-    rc->base.vtable = &malloc_vtable;
-    rc->base.sub_refcount = &rc->base;
-    /* Build up the slice to be returned. */
-    /* The slices refcount points back to the allocated block. */
-    slice.refcount = &rc->base;
-    /* The data bytes are placed immediately after the refcount struct */
-    slice.data.refcounted.bytes = (uint8_t *)(rc + 1);
-    /* And the length of the block is set to the requested length */
-    slice.data.refcounted.length = length;
+    return grpc_slice_malloc_large(length);
   } else {
     /* small slice: just inline the data */
     slice.refcount = NULL;
@@ -306,7 +320,8 @@ grpc_slice grpc_slice_sub(grpc_slice source, size_t begin, size_t end) {
   return subset;
 }
-grpc_slice grpc_slice_split_tail(grpc_slice *source, size_t split) {
+grpc_slice grpc_slice_split_tail_maybe_ref(grpc_slice *source, size_t split,
+                                           grpc_slice_ref_whom ref_whom) {
   grpc_slice tail;
   if (source->refcount == NULL) {
@@ -320,28 +335,46 @@ grpc_slice grpc_slice_split_tail(grpc_slice *source, size_t split) {
   } else {
     size_t tail_length = source->data.refcounted.length - split;
     GPR_ASSERT(source->data.refcounted.length >= split);
-    if (tail_length < sizeof(tail.data.inlined.bytes)) {
+    if (tail_length < sizeof(tail.data.inlined.bytes) &&
+        ref_whom != GRPC_SLICE_REF_TAIL) {
       /* Copy out the bytes - it'll be cheaper than refcounting */
       tail.refcount = NULL;
       tail.data.inlined.length = (uint8_t)tail_length;
       memcpy(tail.data.inlined.bytes, source->data.refcounted.bytes + split,
              tail_length);
+      source->refcount = source->refcount->sub_refcount;
     } else {
       /* Build the result */
-      tail.refcount = source->refcount->sub_refcount;
-      /* Bump the refcount */
-      tail.refcount->vtable->ref(tail.refcount);
+      switch (ref_whom) {
+        case GRPC_SLICE_REF_TAIL:
+          tail.refcount = source->refcount->sub_refcount;
+          source->refcount = &noop_refcount;
+          break;
+        case GRPC_SLICE_REF_HEAD:
+          tail.refcount = &noop_refcount;
+          source->refcount = source->refcount->sub_refcount;
+          break;
+        case GRPC_SLICE_REF_BOTH:
+          tail.refcount = source->refcount->sub_refcount;
+          source->refcount = source->refcount->sub_refcount;
+          /* Bump the refcount */
+          tail.refcount->vtable->ref(tail.refcount);
+          break;
+      }
       /* Point into the source array */
       tail.data.refcounted.bytes = source->data.refcounted.bytes + split;
       tail.data.refcounted.length = tail_length;
     }
-    source->refcount = source->refcount->sub_refcount;
     source->data.refcounted.length = split;
   }
   return tail;
 }
+grpc_slice grpc_slice_split_tail(grpc_slice *source, size_t split) {
+  return grpc_slice_split_tail_maybe_ref(source, split, GRPC_SLICE_REF_BOTH);
+}
 grpc_slice grpc_slice_split_head(grpc_slice *source, size_t split) {
   grpc_slice head;
@@ -459,7 +492,7 @@ int grpc_slice_slice(grpc_slice haystack, grpc_slice needle) {
 }
 grpc_slice grpc_slice_dup(grpc_slice a) {
-  grpc_slice copy = grpc_slice_malloc(GRPC_SLICE_LENGTH(a));
+  grpc_slice copy = GRPC_SLICE_MALLOC(GRPC_SLICE_LENGTH(a));
   memcpy(GRPC_SLICE_START_PTR(copy), GRPC_SLICE_START_PTR(a),
          GRPC_SLICE_LENGTH(a));
   return copy;