Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity
The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#) https://grpc.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32862 Commits
274 Branches
377 Tags
1.2 GiB
Tag: Branch: Tree: f91adce31c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f91adce31c'
${ noResults }
grpc/test/core/handshake/client_ssl.cc

330 lines
10 KiB
Raw Normal View History Unescape

Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
/*
*
auto-fix most of licenses
8 years ago
* Copyright 2016 gRPC authors.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* http://www.apache.org/licenses/LICENSE-2.0
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
auto-fix most of licenses
8 years ago
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*
*/
Improve Node and libuv testing and test coverage Allow Node tests to run with or without UV, change default version to 7, add some portability tests. Also make some more core tests work with libuv
8 years ago
#include "src/core/lib/iomgr/port.h"
// This test won't work except with posix sockets enabled
#ifdef GRPC_POSIX_SOCKET
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
#include <arpa/inet.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <stdlib.h>
#include <string.h>
Fix memory leak detected by ASAN and clang-format variance.
8 years ago
#include <sys/socket.h>
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
#include <unistd.h>
#include <grpc/grpc.h>
#include <grpc/grpc_security.h>
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
Internalize gpr_thd except for id and currentid
7 years ago
C++ize gpr_thread as grpc_core::Thread, make it 2-phase init (construct/Start)
7 years ago
#include "src/core/lib/gprpp/thd.h"
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
#include "src/core/lib/iomgr/load_file.h"
#include "test/core/util/port.h"
#include "test/core/util/test_config.h"
Update include paths
8 years ago
#define SSL_CERT_PATH "src/core/tsi/test_creds/server1.pem"
#define SSL_KEY_PATH "src/core/tsi/test_creds/server1.key"
#define SSL_CA_PATH "src/core/tsi/test_creds/ca.pem"
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Arguments for TLS server thread.
typedef struct {
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
int socket;
Update clang-format to 5.0
7 years ago
char* alpn_preferred;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
} server_args;
Expand wildcard IP addresses on servers.
9 years ago
// Based on https://wiki.openssl.org/index.php/Simple_TLS_Server.
// Pick an arbitrary unused port and return it in *out_port. Return
// an fd>=0 on success.
Update clang-format to 5.0
7 years ago
static int create_socket(int* out_port) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
int s;
struct sockaddr_in addr;
Expand wildcard IP addresses on servers.
9 years ago
socklen_t addr_len;
*out_port = -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
addr.sin_family = AF_INET;
Expand wildcard IP addresses on servers.
9 years ago
addr.sin_port = 0;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
addr.sin_addr.s_addr = htonl(INADDR_ANY);
s = socket(AF_INET, SOCK_STREAM, 0);
if (s < 0) {
perror("Unable to create socket");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
Autofix c casts to c++ casts
7 years ago
if (bind(s, reinterpret_cast<struct sockaddr*>(&addr), sizeof(addr)) < 0) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
perror("Unable to bind");
Expand wildcard IP addresses on servers.
9 years ago
gpr_log(GPR_ERROR, "%s", "Unable to bind to any port");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
close(s);
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
if (listen(s, 1) < 0) {
perror("Unable to listen");
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
close(s);
return -1;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
}
Expand wildcard IP addresses on servers.
9 years ago
addr_len = sizeof(addr);
Run clang fmt
7 years ago
if (getsockname(s, reinterpret_cast<struct sockaddr*>(&addr), &addr_len) !=
0 ||
Expand wildcard IP addresses on servers.
9 years ago
addr_len > sizeof(addr)) {
perror("getsockname");
gpr_log(GPR_ERROR, "%s", "Unable to get socket local address");
close(s);
return -1;
}
*out_port = ntohs(addr.sin_port);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
return s;
}
// Server callback during ALPN negotiation. See man page for
// SSL_CTX_set_alpn_select_cb.
Update clang-format to 5.0
7 years ago
static int alpn_select_cb(SSL* ssl, const uint8_t** out, uint8_t* out_len,
const uint8_t* in, unsigned in_len, void* arg) {
Autofix c casts to c++ casts
7 years ago
const uint8_t* alpn_preferred = static_cast<const uint8_t*>(arg);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
*out = alpn_preferred;
Autofix c casts to c++ casts
7 years ago
*out_len = static_cast<uint8_t>(strlen((char*)alpn_preferred));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Validate that the ALPN list includes "h2" and "grpc-exp", that "grpc-exp"
// precedes "h2".
bool grpc_exp_seen = false;
bool h2_seen = false;
Autofix c casts to c++ casts
7 years ago
const char* inp = reinterpret_cast<const char*>(in);
Update clang-format to 5.0
7 years ago
const char* in_end = inp + in_len;
Fixing msan issue in client_ssl.c See this error (somehow triggered by a new version of boringssl): https://grpc-testing.appspot.com/job/gRPC_pull_requests_msan_c/1154/testReport/junit/(root)/c_linux_msan/bins_msan_handshake_client_GRPC_POLL_STRATEGY_poll_cv/ In the alpn callback, in_len is the size of the in buffer and not the number of alpn elements.
8 years ago
while (inp < in_end) {
Autofix c casts to c++ casts
7 years ago
const size_t length = static_cast<size_t>(*inp++);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
if (length == strlen("grpc-exp") && strncmp(inp, "grpc-exp", length) == 0) {
grpc_exp_seen = true;
GPR_ASSERT(!h2_seen);
}
if (length == strlen("h2") && strncmp(inp, "h2", length) == 0) {
h2_seen = true;
GPR_ASSERT(grpc_exp_seen);
}
inp += length;
}
Fixing msan issue in client_ssl.c See this error (somehow triggered by a new version of boringssl): https://grpc-testing.appspot.com/job/gRPC_pull_requests_msan_c/1154/testReport/junit/(root)/c_linux_msan/bins_msan_handshake_client_GRPC_POLL_STRATEGY_poll_cv/ In the alpn callback, in_len is the size of the in buffer and not the number of alpn elements.
8 years ago
GPR_ASSERT(inp == in_end);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(grpc_exp_seen);
GPR_ASSERT(h2_seen);
return SSL_TLSEXT_ERR_OK;
}
// Minimal TLS server. This is largely based on the example at
// https://wiki.openssl.org/index.php/Simple_TLS_Server and the gRPC core
Update include paths
8 years ago
// internals in src/core/tsi/ssl_transport_security.c.
Update clang-format to 5.0
7 years ago
static void server_thread(void* arg) {
Autofix c casts to c++ casts
7 years ago
const server_args* args = static_cast<server_args*>(arg);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
Update clang-format to 5.0
7 years ago
const SSL_METHOD* method = TLSv1_2_server_method();
SSL_CTX* ctx = SSL_CTX_new(method);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
if (!ctx) {
perror("Unable to create SSL context");
ERR_print_errors_fp(stderr);
abort();
}
// Load key pair.
if (SSL_CTX_use_certificate_file(ctx, SSL_CERT_PATH, SSL_FILETYPE_PEM) < 0) {
ERR_print_errors_fp(stderr);
abort();
}
if (SSL_CTX_use_PrivateKey_file(ctx, SSL_KEY_PATH, SSL_FILETYPE_PEM) < 0) {
ERR_print_errors_fp(stderr);
abort();
}
// Set the cipher list to match the one expressed in
Update include paths
8 years ago
// src/core/tsi/ssl_transport_security.c.
Update clang-format to 5.0
7 years ago
const char* cipher_list =
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-"
"SHA384:ECDHE-RSA-AES256-GCM-SHA384";
if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
ERR_print_errors_fp(stderr);
gpr_log(GPR_ERROR, "Couldn't set server cipher list.");
abort();
}
// Register the ALPN selection callback.
SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, args->alpn_preferred);
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
// bind/listen/accept at TCP layer.
const int sock = args->socket;
gpr_log(GPR_INFO, "Server listening");
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
struct sockaddr_in addr;
socklen_t len = sizeof(addr);
Run clang fmt
7 years ago
const int client =
accept(sock, reinterpret_cast<struct sockaddr*>(&addr), &len);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
if (client < 0) {
perror("Unable to accept");
abort();
}
// Establish a SSL* and accept at SSL layer.
Update clang-format to 5.0
7 years ago
SSL* ssl = SSL_new(ctx);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(ssl);
SSL_set_fd(ssl, client);
if (SSL_accept(ssl) <= 0) {
ERR_print_errors_fp(stderr);
gpr_log(GPR_ERROR, "Handshake failed.");
} else {
gpr_log(GPR_INFO, "Handshake successful.");
}
// Wait until the client drops its connection.
char buf;
Fix memory leak detected by ASAN and clang-format variance.
8 years ago
while (SSL_read(ssl, &buf, sizeof(buf)) > 0)
;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
SSL_free(ssl);
close(client);
close(sock);
SSL_CTX_free(ctx);
EVP_cleanup();
}
// This test launches a minimal TLS server on a separate thread and then
// establishes a TLS handshake via the core library to the server. The TLS
// server validates ALPN aspects of the handshake and supplies the protocol
// specified in the server_alpn_preferred argument to the client.
Update clang-format to 5.0
7 years ago
static bool client_ssl_test(char* server_alpn_preferred) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
bool success = true;
grpc_init();
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
// Find a port we can bind to. Retries added to handle flakes in port server
// and port picking.
int port = -1;
int server_socket = -1;
Up retry count to try and counter flakiness
8 years ago
int socket_retries = 30;
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
while (server_socket == -1 && socket_retries-- > 0) {
Expand wildcard IP addresses on servers.
9 years ago
server_socket = create_socket(&port);
Fix handshake_client bind flakes and build issues. * Add port picking retries to handshake_client. * Track vsprojects for new tests. * Place tests in 'test' build target.
8 years ago
if (server_socket == -1) {
sleep(1);
}
}
Expand wildcard IP addresses on servers.
9 years ago
GPR_ASSERT(server_socket > 0 && port > 0);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Launch the TLS server thread.
rename all test core files to cc and a lot of C++ style conversions
7 years ago
server_args args = {server_socket, server_alpn_preferred};
C++ize gpr_thread as grpc_core::Thread, make it 2-phase init (construct/Start)
7 years ago
bool ok;
grpc_core::Thread thd("grpc_client_ssl_test", server_thread, &args, &ok);
GPR_ASSERT(ok);
thd.Start();
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Load key pair and establish client SSL credentials.
grpc_ssl_pem_key_cert_pair pem_key_cert_pair;
Convert new files
8 years ago
grpc_slice ca_slice, cert_slice, key_slice;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_CA_PATH, 1, &ca_slice)));
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_CERT_PATH, 1, &cert_slice)));
GPR_ASSERT(GRPC_LOG_IF_ERROR("load_file",
grpc_load_file(SSL_KEY_PATH, 1, &key_slice)));
Run clang fmt
7 years ago
const char* ca_cert =
reinterpret_cast<const char*> GRPC_SLICE_START_PTR(ca_slice);
pem_key_cert_pair.private_key =
reinterpret_cast<const char*> GRPC_SLICE_START_PTR(key_slice);
pem_key_cert_pair.cert_chain =
reinterpret_cast<const char*> GRPC_SLICE_START_PTR(cert_slice);
Update clang-format to 5.0
7 years ago
grpc_channel_credentials* ssl_creds =
Enable clang-tidy as a sanity check, fix up all known failures
7 years ago
grpc_ssl_credentials_create(ca_cert, &pem_key_cert_pair, nullptr);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Establish a channel pointing at the TLS server. Since the gRPC runtime is
// lazy, this won't necessarily establish a connection yet.
Update clang-format to 5.0
7 years ago
char* target;
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
gpr_asprintf(&target, "127.0.0.1:%d", port);
rename all test core files to cc and a lot of C++ style conversions
7 years ago
grpc_arg ssl_name_override = {
GRPC_ARG_STRING,
Merge master
7 years ago
const_cast<char*>(GRPC_SSL_TARGET_NAME_OVERRIDE_ARG),
{const_cast<char*>("foo.test.google.fr")}};
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
grpc_channel_args grpc_args;
grpc_args.num_args = 1;
grpc_args.args = &ssl_name_override;
Update clang-format to 5.0
7 years ago
grpc_channel* channel =
Enable clang-tidy as a sanity check, fix up all known failures
7 years ago
grpc_secure_channel_create(ssl_creds, target, &grpc_args, nullptr);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(channel);
gpr_free(target);
// Initially the channel will be idle, the
// grpc_channel_check_connectivity_state triggers an attempt to connect.
GPR_ASSERT(grpc_channel_check_connectivity_state(
channel, 1 /* try_to_connect */) == GRPC_CHANNEL_IDLE);
// Wait a bounded number of times for the channel to be ready. When the
// channel is ready, the initial TLS handshake will have successfully
// completed and we know that the client's ALPN list satisfied the server.
int retries = 10;
grpc_connectivity_state state = GRPC_CHANNEL_IDLE;
Enable clang-tidy as a sanity check, fix up all known failures
7 years ago
grpc_completion_queue* cq = grpc_completion_queue_create_for_next(nullptr);
Change Core to use the new completion_queue_create API
8 years ago
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
while (state != GRPC_CHANNEL_READY && retries-- > 0) {
grpc_channel_watch_connectivity_state(
Enable clang-tidy as a sanity check, fix up all known failures
7 years ago
channel, state, grpc_timeout_seconds_to_deadline(3), cq, nullptr);
Replace timeout/scaling macros with functions.
8 years ago
gpr_timespec cq_deadline = grpc_timeout_seconds_to_deadline(5);
Enable clang-tidy as a sanity check, fix up all known failures
7 years ago
grpc_event ev = grpc_completion_queue_next(cq, cq_deadline, nullptr);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
GPR_ASSERT(ev.type == GRPC_OP_COMPLETE);
state =
grpc_channel_check_connectivity_state(channel, 0 /* try_to_connect */);
}
grpc_completion_queue_destroy(cq);
if (retries < 0) {
success = false;
}
grpc_channel_destroy(channel);
grpc_channel_credentials_release(ssl_creds);
Convert new files
8 years ago
grpc_slice_unref(cert_slice);
grpc_slice_unref(key_slice);
grpc_slice_unref(ca_slice);
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
C++ize gpr_thread as grpc_core::Thread, make it 2-phase init (construct/Start)
7 years ago
thd.Join();
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
grpc_shutdown();
return success;
}
Update clang-format to 5.0
7 years ago
int main(int argc, char* argv[]) {
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Handshake succeeeds when the server has grpc-exp as the ALPN preference.
Merge master
7 years ago
GPR_ASSERT(client_ssl_test(const_cast<char*>("grpc-exp")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Handshake succeeeds when the server has h2 as the ALPN preference. This
// covers legacy gRPC servers which don't support grpc-exp.
Merge master
7 years ago
GPR_ASSERT(client_ssl_test(const_cast<char*>("h2")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
// Handshake fails when the server uses a fake protocol as its ALPN
// preference. This validates the client is correctly validating ALPN returns
// and sanity checks the client_ssl_test.
Merge master
7 years ago
GPR_ASSERT(!client_ssl_test(const_cast<char*>("foo")));
Introduce a grpc-exp ALPN protocol identifier. This patch introduces an additional ALPN protocol, grpc-exp, intended to take preference to h2 and indicate to the server that the connection contains only gRPC traffic. This allows servers and intermediate boxes to distinguish gRPC from other HTTP/2 traffic. The choice of grpc-exp as a protocol identifier indicates that this scheme is currently experimental and should not be relied upon. The protocol is not in the IANA TLS registry. This patch also introduces client/server handshake tests that validate the preferential treatment of grpc-exp in an end-to-end manner.
8 years ago
return 0;
}
Improve Node and libuv testing and test coverage Allow Node tests to run with or without UV, change default version to 7, add some portability tests. Also make some more core tests work with libuv
8 years ago
#else /* GRPC_POSIX_SOCKET */
Update clang-format to 5.0
7 years ago
int main(int argc, char** argv) { return 1; }
Improve Node and libuv testing and test coverage Allow Node tests to run with or without UV, change default version to 7, add some portability tests. Also make some more core tests work with libuv
8 years ago
#endif /* GRPC_POSIX_SOCKET */