Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity
The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#) https://grpc.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29010 Commits
274 Branches
377 Tags
1.2 GiB
Tag: Branch: Tree: aae4ca01a3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'aae4ca01a3'
${ noResults }
grpc/test/core/handshake/client_ssl.cc

324 lines
10 KiB
Raw Normal View History Unescape

Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
/*
*
auto-fix most of licenses
8 years ago
* Copyright 2016 gRPC authors.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* http://www.apache.org/licenses/LICENSE-2.0
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
*/
Improve Node and libuv testing and test coverage Allow Node tests to run with or without UV, change default version to 7, add some portability tests. Also make some more core tests work with libuv
8 years ago
#include "src/core/lib/iomgr/port.h"
// This test won't work except with posix sockets enabled
#ifdef GRPC_POSIX_SOCKET
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
#include <arpa/inet.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <stdlib.h>
#include <string.h>
Fix memory leak detected by ASAN and clang-format variance.
8 years ago
#include <sys/socket.h>
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
#include <unistd.h>
#include <grpc/grpc.h>
#include <grpc/grpc_security.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#include <grpc/support/thd.h>
#include "src/core/lib/iomgr/load_file.h"
#include "test/core/util/port.h"
#include "test/core/util/test_config.h"
Update include paths
8 years ago
#define SSL_CERT_PATH "src/core/tsi/test_creds/server1.pem"
#define SSL_KEY_PATH "src/core/tsi/test_creds/server1.key"
#define SSL_CA_PATH "src/core/tsi/test_creds/ca.pem"
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Arguments for TLS server thread.
typedef struct {
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
int socket;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
char *alpn_preferred;
} server_args;
Expand wildcard IP addresses on servers.
9 years ago
// Based on https://wiki.openssl.org/index.php/Simple_TLS_Server.
// Pick an arbitrary unused port and return it in *out_port. Return
// an fd>=0 on success.
static int create_socket(int *out_port) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
int s;
struct sockaddr_in addr;
Expand wildcard IP addresses on servers.
9 years ago
socklen_t addr_len;
*out_port = -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
addr.sin_family = AF_INET;
Expand wildcard IP addresses on servers.
9 years ago
addr.sin_port = 0;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
addr.sin_addr.s_addr = htonl(INADDR_ANY);
s = socket(AF_INET, SOCK_STREAM, 0);
if (s < 0) {
perror("Unable to create socket");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
perror("Unable to bind");
Expand wildcard IP addresses on servers.
9 years ago
gpr_log(GPR_ERROR, "%s", "Unable to bind to any port");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
close(s);
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
if (listen(s, 1) < 0) {
perror("Unable to listen");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
close(s);
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
Expand wildcard IP addresses on servers.
9 years ago
addr_len = sizeof(addr);
if (getsockname(s, (struct sockaddr *)&addr, &addr_len) != 0 ||
addr_len > sizeof(addr)) {
perror("getsockname");
gpr_log(GPR_ERROR, "%s", "Unable to get socket local address");
close(s);
return -1;
}
*out_port = ntohs(addr.sin_port);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
return s;
}
// Server callback during ALPN negotiation. See man page for
// SSL_CTX_set_alpn_select_cb.
static int alpn_select_cb(SSL *ssl, const uint8_t **out, uint8_t *out_len,
const uint8_t *in, unsigned in_len, void *arg) {
const uint8_t *alpn_preferred = (const uint8_t *)arg;
*out = alpn_preferred;
*out_len = (uint8_t)strlen((char *)alpn_preferred);
// Validate that the ALPN list includes "h2" and "grpc-exp", that "grpc-exp"
// precedes "h2".
bool grpc_exp_seen = false;
bool h2_seen = false;
const char *inp = (const char *)in;
Fixing msan issue in client_ssl.c See this error (somehow triggered by a new version of boringssl): https://grpc-testing.appspot.com/job/gRPC_pull_requests_msan_c/1154/testReport/junit/(root)/c_linux_msan/bins_msan_handshake_client_GRPC_POLL_STRATEGY_poll_cv/ In the alpn callback, in_len is the size of the in buffer and not the number of alpn elements.
8 years ago
const char *in_end = inp + in_len;
while (inp < in_end) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
const size_t length = (size_t)*inp++;
if (length == strlen("grpc-exp") && strncmp(inp, "grpc-exp", length) == 0) {
grpc_exp_seen = true;
GPR_ASSERT(!h2_seen);
}
if (length == strlen("h2") && strncmp(inp, "h2", length) == 0) {
h2_seen = true;
GPR_ASSERT(grpc_exp_seen);
}
inp += length;
}
Fixing msan issue in client_ssl.c See this error (somehow triggered by a new version of boringssl): https://grpc-testing.appspot.com/job/gRPC_pull_requests_msan_c/1154/testReport/junit/(root)/c_linux_msan/bins_msan_handshake_client_GRPC_POLL_STRATEGY_poll_cv/ In the alpn callback, in_len is the size of the in buffer and not the number of alpn elements.
8 years ago
GPR_ASSERT(inp == in_end);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(grpc_exp_seen);
GPR_ASSERT(h2_seen);
return SSL_TLSEXT_ERR_OK;
}
// Minimal TLS server. This is largely based on the example at
// https://wiki.openssl.org/index.php/Simple_TLS_Server and the gRPC core
Update include paths
8 years ago
// internals in src/core/tsi/ssl_transport_security.c.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
static void server_thread(void *arg) {
const server_args *args = (server_args *)arg;
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
const SSL_METHOD *method = TLSv1_2_server_method();
SSL_CTX *ctx = SSL_CTX_new(method);
if (!ctx) {
perror("Unable to create SSL context");
ERR_print_errors_fp(stderr);
abort();
}
// Load key pair.
if (SSL_CTX_use_certificate_file(ctx, SSL_CERT_PATH, SSL_FILETYPE_PEM) < 0) {
ERR_print_errors_fp(stderr);
abort();
}
if (SSL_CTX_use_PrivateKey_file(ctx, SSL_KEY_PATH, SSL_FILETYPE_PEM) < 0) {
ERR_print_errors_fp(stderr);
abort();
}
// Set the cipher list to match the one expressed in
Update include paths
8 years ago
// src/core/tsi/ssl_transport_security.c.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
const char *cipher_list =
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-"
"SHA384:ECDHE-RSA-AES256-GCM-SHA384";
if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
ERR_print_errors_fp(stderr);
gpr_log(GPR_ERROR, "Couldn't set server cipher list.");
abort();
}
// Register the ALPN selection callback.
SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, args->alpn_preferred);
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
// bind/listen/accept at TCP layer.
const int sock = args->socket;
gpr_log(GPR_INFO, "Server listening");
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
struct sockaddr_in addr;
socklen_t len = sizeof(addr);
const int client = accept(sock, (struct sockaddr *)&addr, &len);
if (client < 0) {
perror("Unable to accept");
abort();
}
// Establish a SSL* and accept at SSL layer.
SSL *ssl = SSL_new(ctx);
GPR_ASSERT(ssl);
SSL_set_fd(ssl, client);
if (SSL_accept(ssl) <= 0) {
ERR_print_errors_fp(stderr);
gpr_log(GPR_ERROR, "Handshake failed.");
} else {
gpr_log(GPR_INFO, "Handshake successful.");
}
// Wait until the client drops its connection.
char buf;
Fix memory leak detected by ASAN and clang-format variance.
8 years ago
while (SSL_read(ssl, &buf, sizeof(buf)) > 0)
;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
SSL_free(ssl);
close(client);
close(sock);
SSL_CTX_free(ctx);
EVP_cleanup();
}
// This test launches a minimal TLS server on a separate thread and then
// establishes a TLS handshake via the core library to the server. The TLS
// server validates ALPN aspects of the handshake and supplies the protocol
// specified in the server_alpn_preferred argument to the client.
static bool client_ssl_test(char *server_alpn_preferred) {
bool success = true;
grpc_init();
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
// Find a port we can bind to. Retries added to handle flakes in port server
// and port picking.
int port = -1;
int server_socket = -1;
Up retry count to try and counter flakiness
8 years ago
int socket_retries = 30;
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
while (server_socket == -1 && socket_retries-- > 0) {
Expand wildcard IP addresses on servers.
9 years ago
server_socket = create_socket(&port);
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
if (server_socket == -1) {
sleep(1);
}
}
Expand wildcard IP addresses on servers.
9 years ago
GPR_ASSERT(server_socket > 0 && port > 0);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Launch the TLS server thread.
gpr_thd_options thdopt = gpr_thd_options_default();
gpr_thd_id thdid;
gpr_thd_options_set_joinable(&thdopt);
rename all test core files to cc and a lot of C++ style conversions
7 years ago
server_args args = {server_socket, server_alpn_preferred};
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(gpr_thd_new(&thdid, server_thread, &args, &thdopt));
// Load key pair and establish client SSL credentials.
grpc_ssl_pem_key_cert_pair pem_key_cert_pair;
Convert new files
8 years ago
grpc_slice ca_slice, cert_slice, key_slice;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_CA_PATH, 1, &ca_slice)));
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_CERT_PATH, 1, &cert_slice)));
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_KEY_PATH, 1, &key_slice)));
s/GPR_SLICE/GRPC_SLICE/g
8 years ago
const char *ca_cert = (const char *)GRPC_SLICE_START_PTR(ca_slice);
pem_key_cert_pair.private_key = (const char *)GRPC_SLICE_START_PTR(key_slice);
pem_key_cert_pair.cert_chain = (const char *)GRPC_SLICE_START_PTR(cert_slice);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
grpc_channel_credentials *ssl_creds =
grpc_ssl_credentials_create(ca_cert, &pem_key_cert_pair, NULL);
// Establish a channel pointing at the TLS server. Since the gRPC runtime is
// lazy, this won't necessarily establish a connection yet.
char *target;
gpr_asprintf(&target, "127.0.0.1:%d", port);
rename all test core files to cc and a lot of C++ style conversions
7 years ago
grpc_arg ssl_name_override = {
GRPC_ARG_STRING,
const_cast<char *>(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG),
{const_cast<char *>("foo.test.google.fr")}};
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
grpc_channel_args grpc_args;
grpc_args.num_args = 1;
grpc_args.args = &ssl_name_override;
Fix memory leak detected by ASAN and clang-format variance.
8 years ago
grpc_channel *channel =
grpc_secure_channel_create(ssl_creds, target, &grpc_args, NULL);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(channel);
gpr_free(target);
// Initially the channel will be idle, the
// grpc_channel_check_connectivity_state triggers an attempt to connect.
GPR_ASSERT(grpc_channel_check_connectivity_state(
channel, 1 /* try_to_connect */) == GRPC_CHANNEL_IDLE);
// Wait a bounded number of times for the channel to be ready. When the
// channel is ready, the initial TLS handshake will have successfully
// completed and we know that the client's ALPN list satisfied the server.
int retries = 10;
grpc_connectivity_state state = GRPC_CHANNEL_IDLE;
Updates C Core
8 years ago
grpc_completion_queue *cq = grpc_completion_queue_create_for_next(NULL);
Change Core to use the new completion_queue_create API
8 years ago
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
while (state != GRPC_CHANNEL_READY && retries-- > 0) {
grpc_channel_watch_connectivity_state(
Replace timeout/scaling macros with functions.
8 years ago
channel, state, grpc_timeout_seconds_to_deadline(3), cq, NULL);
gpr_timespec cq_deadline = grpc_timeout_seconds_to_deadline(5);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
grpc_event ev = grpc_completion_queue_next(cq, cq_deadline, NULL);
GPR_ASSERT(ev.type == GRPC_OP_COMPLETE);
state =
grpc_channel_check_connectivity_state(channel, 0 /* try_to_connect */);
}
grpc_completion_queue_destroy(cq);
if (retries < 0) {
success = false;
}
grpc_channel_destroy(channel);
grpc_channel_credentials_release(ssl_creds);
Convert new files
8 years ago
grpc_slice_unref(cert_slice);
grpc_slice_unref(key_slice);
grpc_slice_unref(ca_slice);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
gpr_thd_join(thdid);
grpc_shutdown();
return success;
}
int main(int argc, char *argv[]) {
// Handshake succeeeds when the server has grpc-exp as the ALPN preference.
rename all test core files to cc and a lot of C++ style conversions
7 years ago
GPR_ASSERT(client_ssl_test(const_cast<char *>("grpc-exp")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Handshake succeeeds when the server has h2 as the ALPN preference. This
// covers legacy gRPC servers which don't support grpc-exp.
rename all test core files to cc and a lot of C++ style conversions
7 years ago
GPR_ASSERT(client_ssl_test(const_cast<char *>("h2")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Handshake fails when the server uses a fake protocol as its ALPN
// preference. This validates the client is correctly validating ALPN returns
// and sanity checks the client_ssl_test.
rename all test core files to cc and a lot of C++ style conversions
7 years ago
GPR_ASSERT(!client_ssl_test(const_cast<char *>("foo")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
return 0;
}
Improve Node and libuv testing and test coverage Allow Node tests to run with or without UV, change default version to 7, add some portability tests. Also make some more core tests work with libuv
8 years ago
#else /* GRPC_POSIX_SOCKET */
int main(int argc, char **argv) { return 1; }
#endif /* GRPC_POSIX_SOCKET */