extend local credentials to support tcp loopback

CMakeLists.txt

@@ -456,7 +456,13 @@ add_dependencies(buildtests_c h2_full+trace_test)
 add_dependencies(buildtests_c h2_full+workarounds_test)
 add_dependencies(buildtests_c h2_http_proxy_test)
 if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
-add_dependencies(buildtests_c h2_local_test)
+add_dependencies(buildtests_c h2_local_ipv4_test)
+endif()
+if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
+add_dependencies(buildtests_c h2_local_ipv6_test)
+endif()
+if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
+add_dependencies(buildtests_c h2_local_uds_test)
 endif()
 add_dependencies(buildtests_c h2_oauth2_test)
 add_dependencies(buildtests_c h2_proxy_test)
@@ -1784,6 +1790,7 @@ add_library(grpc_test_util
   src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc
   test/core/end2end/cq_verifier.cc
   test/core/end2end/fixtures/http_proxy_fixture.cc
+  test/core/end2end/fixtures/local_util.cc
   test/core/end2end/fixtures/proxy.cc
   test/core/iomgr/endpoint_tests.cc
   test/core/util/debugger_macros.cc
@@ -2104,6 +2111,7 @@ add_library(grpc_test_util_unsecure
   src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc
   test/core/end2end/cq_verifier.cc
   test/core/end2end/fixtures/http_proxy_fixture.cc
+  test/core/end2end/fixtures/local_util.cc
   test/core/end2end/fixtures/proxy.cc
   test/core/iomgr/endpoint_tests.cc
   test/core/util/debugger_macros.cc
@@ -17028,12 +17036,88 @@ endif (gRPC_BUILD_TESTS)
 if (gRPC_BUILD_TESTS)
 if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
 
-add_executable(h2_local_test
-  test/core/end2end/fixtures/h2_local.cc
+add_executable(h2_local_ipv4_test
+  test/core/end2end/fixtures/h2_local_ipv4.cc
+)
+
+
+target_include_directories(h2_local_ipv4_test
+  PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+  PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+  PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+  PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+  PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+  PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+  PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+  PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+  PRIVATE ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
+  PRIVATE ${_gRPC_NANOPB_INCLUDE_DIR}
+)
+
+target_link_libraries(h2_local_ipv4_test
+  ${_gRPC_ALLTARGETS_LIBRARIES}
+  end2end_tests
+  grpc_test_util
+  grpc
+  gpr_test_util
+  gpr
+)
+
+  # avoid dependency on libstdc++
+  if (_gRPC_CORE_NOSTDCXX_FLAGS)
+    set_target_properties(h2_local_ipv4_test PROPERTIES LINKER_LANGUAGE C)
+    target_compile_options(h2_local_ipv4_test PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${_gRPC_CORE_NOSTDCXX_FLAGS}>)
+  endif()
+
+endif()
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
+
+add_executable(h2_local_ipv6_test
+  test/core/end2end/fixtures/h2_local_ipv6.cc
+)
+
+
+target_include_directories(h2_local_ipv6_test
+  PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
+  PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+  PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
+  PRIVATE ${_gRPC_PROTOBUF_INCLUDE_DIR}
+  PRIVATE ${_gRPC_ZLIB_INCLUDE_DIR}
+  PRIVATE ${_gRPC_BENCHMARK_INCLUDE_DIR}
+  PRIVATE ${_gRPC_CARES_INCLUDE_DIR}
+  PRIVATE ${_gRPC_GFLAGS_INCLUDE_DIR}
+  PRIVATE ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
+  PRIVATE ${_gRPC_NANOPB_INCLUDE_DIR}
+)
+
+target_link_libraries(h2_local_ipv6_test
+  ${_gRPC_ALLTARGETS_LIBRARIES}
+  end2end_tests
+  grpc_test_util
+  grpc
+  gpr_test_util
+  gpr
+)
+
+  # avoid dependency on libstdc++
+  if (_gRPC_CORE_NOSTDCXX_FLAGS)
+    set_target_properties(h2_local_ipv6_test PROPERTIES LINKER_LANGUAGE C)
+    target_compile_options(h2_local_ipv6_test PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${_gRPC_CORE_NOSTDCXX_FLAGS}>)
+  endif()
+
+endif()
+endif (gRPC_BUILD_TESTS)
+if (gRPC_BUILD_TESTS)
+if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
+
+add_executable(h2_local_uds_test
+  test/core/end2end/fixtures/h2_local_uds.cc
 )
 
 
-target_include_directories(h2_local_test
+target_include_directories(h2_local_uds_test
   PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
   PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
   PRIVATE ${_gRPC_SSL_INCLUDE_DIR}
@@ -17046,7 +17130,7 @@ target_include_directories(h2_local_test
   PRIVATE ${_gRPC_NANOPB_INCLUDE_DIR}
 )
 
-target_link_libraries(h2_local_test
+target_link_libraries(h2_local_uds_test
   ${_gRPC_ALLTARGETS_LIBRARIES}
   end2end_tests
   grpc_test_util
@@ -17057,8 +17141,8 @@ target_link_libraries(h2_local_test
 
   # avoid dependency on libstdc++
   if (_gRPC_CORE_NOSTDCXX_FLAGS)
-    set_target_properties(h2_local_test PROPERTIES LINKER_LANGUAGE C)
-    target_compile_options(h2_local_test PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${_gRPC_CORE_NOSTDCXX_FLAGS}>)
+    set_target_properties(h2_local_uds_test PROPERTIES LINKER_LANGUAGE C)
+    target_compile_options(h2_local_uds_test PRIVATE $<$<COMPILE_LANGUAGE:CXX>:${_gRPC_CORE_NOSTDCXX_FLAGS}>)
   endif()
 
 endif()

Makefile

@@ -1324,7 +1324,9 @@ h2_full+pipe_test: $(BINDIR)/$(CONFIG)/h2_full+pipe_test
 h2_full+trace_test: $(BINDIR)/$(CONFIG)/h2_full+trace_test
 h2_full+workarounds_test: $(BINDIR)/$(CONFIG)/h2_full+workarounds_test
 h2_http_proxy_test: $(BINDIR)/$(CONFIG)/h2_http_proxy_test
-h2_local_test: $(BINDIR)/$(CONFIG)/h2_local_test
+h2_local_ipv4_test: $(BINDIR)/$(CONFIG)/h2_local_ipv4_test
+h2_local_ipv6_test: $(BINDIR)/$(CONFIG)/h2_local_ipv6_test
+h2_local_uds_test: $(BINDIR)/$(CONFIG)/h2_local_uds_test
 h2_oauth2_test: $(BINDIR)/$(CONFIG)/h2_oauth2_test
 h2_proxy_test: $(BINDIR)/$(CONFIG)/h2_proxy_test
 h2_sockpair_test: $(BINDIR)/$(CONFIG)/h2_sockpair_test
@@ -1582,7 +1584,9 @@ buildtests_c: privatelibs_c \
   $(BINDIR)/$(CONFIG)/h2_full+trace_test \
   $(BINDIR)/$(CONFIG)/h2_full+workarounds_test \
   $(BINDIR)/$(CONFIG)/h2_http_proxy_test \
-  $(BINDIR)/$(CONFIG)/h2_local_test \
+  $(BINDIR)/$(CONFIG)/h2_local_ipv4_test \
+  $(BINDIR)/$(CONFIG)/h2_local_ipv6_test \
+  $(BINDIR)/$(CONFIG)/h2_local_uds_test \
   $(BINDIR)/$(CONFIG)/h2_oauth2_test \
   $(BINDIR)/$(CONFIG)/h2_proxy_test \
   $(BINDIR)/$(CONFIG)/h2_sockpair_test \
@@ -4268,6 +4272,7 @@ LIBGRPC_TEST_UTIL_SRC = \
     src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \
     test/core/end2end/cq_verifier.cc \
     test/core/end2end/fixtures/http_proxy_fixture.cc \
+    test/core/end2end/fixtures/local_util.cc \
     test/core/end2end/fixtures/proxy.cc \
     test/core/iomgr/endpoint_tests.cc \
     test/core/util/debugger_macros.cc \
@@ -4574,6 +4579,7 @@ LIBGRPC_TEST_UTIL_UNSECURE_SRC = \
     src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc \
     test/core/end2end/cq_verifier.cc \
     test/core/end2end/fixtures/http_proxy_fixture.cc \
+    test/core/end2end/fixtures/local_util.cc \
     test/core/end2end/fixtures/proxy.cc \
     test/core/iomgr/endpoint_tests.cc \
     test/core/util/debugger_macros.cc \
@@ -23711,34 +23717,98 @@ endif
 endif
 
 
-H2_LOCAL_TEST_SRC = \
-    test/core/end2end/fixtures/h2_local.cc \
+H2_LOCAL_IPV4_TEST_SRC = \
+    test/core/end2end/fixtures/h2_local_ipv4.cc \
 
-H2_LOCAL_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(H2_LOCAL_TEST_SRC))))
+H2_LOCAL_IPV4_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(H2_LOCAL_IPV4_TEST_SRC))))
 ifeq ($(NO_SECURE),true)
 
 # You can't build secure targets if you don't have OpenSSL.
 
-$(BINDIR)/$(CONFIG)/h2_local_test: openssl_dep_error
+$(BINDIR)/$(CONFIG)/h2_local_ipv4_test: openssl_dep_error
 
 else
 
 
 
-$(BINDIR)/$(CONFIG)/h2_local_test: $(H2_LOCAL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+$(BINDIR)/$(CONFIG)/h2_local_ipv4_test: $(H2_LOCAL_IPV4_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
 	$(E) "[LD]      Linking $@"
 	$(Q) mkdir -p `dirname $@`
-	$(Q) $(LD) $(LDFLAGS) $(H2_LOCAL_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBS) $(LDLIBS_SECURE) -o $(BINDIR)/$(CONFIG)/h2_local_test
+	$(Q) $(LD) $(LDFLAGS) $(H2_LOCAL_IPV4_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBS) $(LDLIBS_SECURE) -o $(BINDIR)/$(CONFIG)/h2_local_ipv4_test
 
 endif
 
-$(OBJDIR)/$(CONFIG)/test/core/end2end/fixtures/h2_local.o:  $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+$(OBJDIR)/$(CONFIG)/test/core/end2end/fixtures/h2_local_ipv4.o:  $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
 
-deps_h2_local_test: $(H2_LOCAL_TEST_OBJS:.o=.dep)
+deps_h2_local_ipv4_test: $(H2_LOCAL_IPV4_TEST_OBJS:.o=.dep)
 
 ifneq ($(NO_SECURE),true)
 ifneq ($(NO_DEPS),true)
--include $(H2_LOCAL_TEST_OBJS:.o=.dep)
+-include $(H2_LOCAL_IPV4_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+H2_LOCAL_IPV6_TEST_SRC = \
+    test/core/end2end/fixtures/h2_local_ipv6.cc \
+
+H2_LOCAL_IPV6_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(H2_LOCAL_IPV6_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/h2_local_ipv6_test: openssl_dep_error
+
+else
+
+
+
+$(BINDIR)/$(CONFIG)/h2_local_ipv6_test: $(H2_LOCAL_IPV6_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+	$(E) "[LD]      Linking $@"
+	$(Q) mkdir -p `dirname $@`
+	$(Q) $(LD) $(LDFLAGS) $(H2_LOCAL_IPV6_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBS) $(LDLIBS_SECURE) -o $(BINDIR)/$(CONFIG)/h2_local_ipv6_test
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/end2end/fixtures/h2_local_ipv6.o:  $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+
+deps_h2_local_ipv6_test: $(H2_LOCAL_IPV6_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(H2_LOCAL_IPV6_TEST_OBJS:.o=.dep)
+endif
+endif
+
+
+H2_LOCAL_UDS_TEST_SRC = \
+    test/core/end2end/fixtures/h2_local_uds.cc \
+
+H2_LOCAL_UDS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(H2_LOCAL_UDS_TEST_SRC))))
+ifeq ($(NO_SECURE),true)
+
+# You can't build secure targets if you don't have OpenSSL.
+
+$(BINDIR)/$(CONFIG)/h2_local_uds_test: openssl_dep_error
+
+else
+
+
+
+$(BINDIR)/$(CONFIG)/h2_local_uds_test: $(H2_LOCAL_UDS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+	$(E) "[LD]      Linking $@"
+	$(Q) mkdir -p `dirname $@`
+	$(Q) $(LD) $(LDFLAGS) $(H2_LOCAL_UDS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LDLIBS) $(LDLIBS_SECURE) -o $(BINDIR)/$(CONFIG)/h2_local_uds_test
+
+endif
+
+$(OBJDIR)/$(CONFIG)/test/core/end2end/fixtures/h2_local_uds.o:  $(LIBDIR)/$(CONFIG)/libend2end_tests.a $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr_test_util.a $(LIBDIR)/$(CONFIG)/libgpr.a
+
+deps_h2_local_uds_test: $(H2_LOCAL_UDS_TEST_OBJS:.o=.dep)
+
+ifneq ($(NO_SECURE),true)
+ifneq ($(NO_DEPS),true)
+-include $(H2_LOCAL_UDS_TEST_OBJS:.o=.dep)
 endif
 endif
 

build.yaml

@@ -900,6 +900,7 @@ filegroups:
   - src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h
   - test/core/end2end/cq_verifier.h
   - test/core/end2end/fixtures/http_proxy_fixture.h
+  - test/core/end2end/fixtures/local_util.h
   - test/core/end2end/fixtures/proxy.h
   - test/core/iomgr/endpoint_tests.h
   - test/core/util/debugger_macros.h
@@ -920,6 +921,7 @@ filegroups:
   - src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc
   - test/core/end2end/cq_verifier.cc
   - test/core/end2end/fixtures/http_proxy_fixture.cc
+  - test/core/end2end/fixtures/local_util.cc
   - test/core/end2end/fixtures/proxy.cc
   - test/core/iomgr/endpoint_tests.cc
   - test/core/util/debugger_macros.cc

gRPC-Core.podspec

@@ -1207,6 +1207,7 @@ Pod::Spec.new do |s|
                       'test/core/security/oauth2_utils.cc',
                       'test/core/end2end/cq_verifier.cc',
                       'test/core/end2end/fixtures/http_proxy_fixture.cc',
+                      'test/core/end2end/fixtures/local_util.cc',
                       'test/core/end2end/fixtures/proxy.cc',
                       'test/core/iomgr/endpoint_tests.cc',
                       'test/core/util/debugger_macros.cc',
@@ -1233,6 +1234,7 @@ Pod::Spec.new do |s|
                       'test/core/security/oauth2_utils.h',
                       'test/core/end2end/cq_verifier.h',
                       'test/core/end2end/fixtures/http_proxy_fixture.h',
+                      'test/core/end2end/fixtures/local_util.h',
                       'test/core/end2end/fixtures/proxy.h',
                       'test/core/iomgr/endpoint_tests.h',
                       'test/core/util/debugger_macros.h',

grpc.gyp

@@ -617,6 +617,7 @@
         'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc',
         'test/core/end2end/cq_verifier.cc',
         'test/core/end2end/fixtures/http_proxy_fixture.cc',
+        'test/core/end2end/fixtures/local_util.cc',
         'test/core/end2end/fixtures/proxy.cc',
         'test/core/iomgr/endpoint_tests.cc',
         'test/core/util/debugger_macros.cc',
@@ -857,6 +858,7 @@
         'src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc',
         'test/core/end2end/cq_verifier.cc',
         'test/core/end2end/fixtures/http_proxy_fixture.cc',
+        'test/core/end2end/fixtures/local_util.cc',
         'test/core/end2end/fixtures/proxy.cc',
         'test/core/iomgr/endpoint_tests.cc',
         'test/core/util/debugger_macros.cc',

include/grpc/grpc_security_constants.h

@@ -106,10 +106,10 @@ typedef enum {
 } grpc_ssl_client_certificate_request_type;
 
 /**
- * Type of local connection for which local channel/server credentials will be
- * applied. It only supports UDS for now.
+ * Type of local connections for which local channel/server credentials will be
+ * applied. It supports UDS and local TCP connections.
  */
-typedef enum { UDS = 0 } grpc_local_connect_type;
+typedef enum { UDS = 0, LOCAL_TCP } grpc_local_connect_type;
 
 #ifdef __cplusplus
 }

src/core/lib/http/httpcli_security_connector.cc

@@ -85,7 +85,7 @@ class grpc_httpcli_ssl_channel_security_connector final
     return handshaker_factory_;
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* /*auth_context*/,
                   grpc_closure* on_peer_checked) override {
     grpc_error* error = GRPC_ERROR_NONE;

src/core/lib/security/security_connector/alts/alts_security_connector.cc

@@ -48,7 +48,7 @@ void alts_set_rpc_protocol_versions(
                                          GRPC_PROTOCOL_VERSION_MIN_MINOR);
 }
 
-void atls_check_peer(tsi_peer peer,
+void alts_check_peer(tsi_peer peer,
                      grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                      grpc_closure* on_peer_checked) {
   *auth_context =
@@ -93,10 +93,10 @@ class grpc_alts_channel_security_connector final
         handshake_manager, grpc_security_handshaker_create(handshaker, this));
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
-    atls_check_peer(peer, auth_context, on_peer_checked);
+    alts_check_peer(peer, auth_context, on_peer_checked);
   }
 
   int cmp(const grpc_security_connector* other_sc) const override {
@@ -151,10 +151,10 @@ class grpc_alts_server_security_connector final
         handshake_manager, grpc_security_handshaker_create(handshaker, this));
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
-    atls_check_peer(peer, auth_context, on_peer_checked);
+    alts_check_peer(peer, auth_context, on_peer_checked);
   }
 
   int cmp(const grpc_security_connector* other) const override {

src/core/lib/security/security_connector/fake/fake_security_connector.cc

@@ -71,7 +71,7 @@ class grpc_fake_channel_security_connector final
     if (target_name_override_ != nullptr) gpr_free(target_name_override_);
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override;
 
@@ -250,7 +250,8 @@ end:
 }
 
 void grpc_fake_channel_security_connector::check_peer(
-    tsi_peer peer, grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
+    tsi_peer peer, grpc_endpoint* ep,
+    grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
     grpc_closure* on_peer_checked) {
   fake_check_peer(this, peer, auth_context, on_peer_checked);
   fake_secure_name_check();
@@ -265,7 +266,7 @@ class grpc_fake_server_security_connector
                                        std::move(server_creds)) {}
   ~grpc_fake_server_security_connector() override = default;
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
     fake_check_peer(this, peer, auth_context, on_peer_checked);

src/core/lib/security/security_connector/local/local_security_connector.cc

@@ -32,12 +32,16 @@
 #include "src/core/lib/channel/channel_args.h"
 #include "src/core/lib/gprpp/ref_counted_ptr.h"
 #include "src/core/lib/iomgr/pollset.h"
+#include "src/core/lib/iomgr/resolve_address.h"
+#include "src/core/lib/iomgr/sockaddr.h"
+#include "src/core/lib/iomgr/sockaddr_utils.h"
+#include "src/core/lib/iomgr/socket_utils.h"
+#include "src/core/lib/iomgr/unix_sockets_posix.h"
 #include "src/core/lib/security/credentials/local/local_credentials.h"
 #include "src/core/lib/security/transport/security_handshaker.h"
 #include "src/core/tsi/local_transport_security.h"
 
 #define GRPC_UDS_URI_PATTERN "unix:"
-#define GRPC_UDS_URL_SCHEME "unix"
 #define GRPC_LOCAL_TRANSPORT_SECURITY_TYPE "local"
 
 namespace {
@@ -55,18 +59,59 @@ grpc_core::RefCountedPtr<grpc_auth_context> local_auth_context_create() {
 }
 
 void local_check_peer(grpc_security_connector* sc, tsi_peer peer,
+                      grpc_endpoint* ep,
                       grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
-                      grpc_closure* on_peer_checked) {
+                      grpc_closure* on_peer_checked,
+                      grpc_local_connect_type type) {
+  int fd = grpc_endpoint_get_fd(ep);
+  grpc_resolved_address resolved_addr;
+  memset(&resolved_addr, 0, sizeof(resolved_addr));
+  resolved_addr.len = GRPC_MAX_SOCKADDR_SIZE;
+  bool is_endpoint_local = false;
+  if (getsockname(fd, reinterpret_cast<grpc_sockaddr*>(resolved_addr.addr),
+                  &resolved_addr.len) == 0) {
+    grpc_resolved_address addr_normalized;
+    grpc_resolved_address* addr =
+        grpc_sockaddr_is_v4mapped(&resolved_addr, &addr_normalized)
+            ? &addr_normalized
+            : &resolved_addr;
+    grpc_sockaddr* sock_addr = reinterpret_cast<grpc_sockaddr*>(&addr->addr);
+    // UDS
+    if (type == UDS && grpc_is_unix_socket(addr)) {
+      is_endpoint_local = true;
+      // IPV4
+    } else if (type == LOCAL_TCP && sock_addr->sa_family == GRPC_AF_INET) {
+      const grpc_sockaddr_in* addr4 =
+          reinterpret_cast<const grpc_sockaddr_in*>(sock_addr);
+      if (grpc_htonl(addr4->sin_addr.s_addr) == INADDR_LOOPBACK) {
+        is_endpoint_local = true;
+      }
+      // IPv6
+    } else if (type == LOCAL_TCP && sock_addr->sa_family == GRPC_AF_INET6) {
+      const grpc_sockaddr_in6* addr6 =
+          reinterpret_cast<const grpc_sockaddr_in6*>(addr);
+      if (memcmp(&addr6->sin6_addr, &in6addr_loopback,
+                 sizeof(in6addr_loopback)) == 0) {
+        is_endpoint_local = true;
+      }
+    }
+  }
+  grpc_error* error = GRPC_ERROR_NONE;
+  if (!is_endpoint_local) {
+    error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
+        "Endpoint is neither UDS or TCP loopback address.");
+    GRPC_CLOSURE_SCHED(on_peer_checked, error);
+    return;
+  }
   /* Create an auth context which is necessary to pass the santiy check in
-   * {client, server}_auth_filter that verifies if the pepp's auth context is
+   * {client, server}_auth_filter that verifies if the peer's auth context is
    * obtained during handshakes. The auth context is only checked for its
    * existence and not actually used.
    */
   *auth_context = local_auth_context_create();
-  grpc_error* error = *auth_context != nullptr
-                          ? GRPC_ERROR_NONE
-                          : GRPC_ERROR_CREATE_FROM_STATIC_STRING(
-                                "Could not create local auth context");
+  error = *auth_context != nullptr ? GRPC_ERROR_NONE
+                                   : GRPC_ERROR_CREATE_FROM_STATIC_STRING(
+                                         "Could not create local auth context");
   GRPC_CLOSURE_SCHED(on_peer_checked, error);
 }
 
@@ -77,8 +122,7 @@ class grpc_local_channel_security_connector final
       grpc_core::RefCountedPtr<grpc_channel_credentials> channel_creds,
       grpc_core::RefCountedPtr<grpc_call_credentials> request_metadata_creds,
       const char* target_name)
-      : grpc_channel_security_connector(GRPC_UDS_URL_SCHEME,
-                                        std::move(channel_creds),
+      : grpc_channel_security_connector(nullptr, std::move(channel_creds),
                                         std::move(request_metadata_creds)),
         target_name_(gpr_strdup(target_name)) {}
 
@@ -102,10 +146,13 @@ class grpc_local_channel_security_connector final
     return strcmp(target_name_, other->target_name_);
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
-    local_check_peer(this, peer, auth_context, on_peer_checked);
+    grpc_local_credentials* creds =
+        reinterpret_cast<grpc_local_credentials*>(mutable_channel_creds());
+    local_check_peer(this, peer, ep, auth_context, on_peer_checked,
+                     creds->connect_type());
   }
 
   bool check_call_host(const char* host, grpc_auth_context* auth_context,
@@ -134,8 +181,7 @@ class grpc_local_server_security_connector final
  public:
   grpc_local_server_security_connector(
       grpc_core::RefCountedPtr<grpc_server_credentials> server_creds)
-      : grpc_server_security_connector(GRPC_UDS_URL_SCHEME,
-                                       std::move(server_creds)) {}
+      : grpc_server_security_connector(nullptr, std::move(server_creds)) {}
   ~grpc_local_server_security_connector() override = default;
 
   void add_handshakers(grpc_pollset_set* interested_parties,
@@ -147,10 +193,13 @@ class grpc_local_server_security_connector final
         handshake_manager, grpc_security_handshaker_create(handshaker, this));
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
-    local_check_peer(this, peer, auth_context, on_peer_checked);
+    grpc_local_server_credentials* creds =
+        static_cast<grpc_local_server_credentials*>(mutable_server_creds());
+    local_check_peer(this, peer, ep, auth_context, on_peer_checked,
+                     creds->connect_type());
   }
 
   int cmp(const grpc_security_connector* other) const override {
@@ -171,23 +220,18 @@ grpc_local_channel_security_connector_create(
         "Invalid arguments to grpc_local_channel_security_connector_create()");
     return nullptr;
   }
-  // Check if local_connect_type is UDS. Only UDS is supported for now.
+  // Perform sanity check on UDS address. For TCP local connection, the check
+  // will be done during check_peer procedure.
   grpc_local_credentials* creds =
       static_cast<grpc_local_credentials*>(channel_creds.get());
-  if (creds->connect_type() != UDS) {
-    gpr_log(GPR_ERROR,
-            "Invalid local channel type to "
-            "grpc_local_channel_security_connector_create()");
-    return nullptr;
-  }
-  // Check if target_name is a valid UDS address.
   const grpc_arg* server_uri_arg =
       grpc_channel_args_find(args, GRPC_ARG_SERVER_URI);
   const char* server_uri_str = grpc_channel_arg_get_string(server_uri_arg);
-  if (strncmp(GRPC_UDS_URI_PATTERN, server_uri_str,
+  if (creds->connect_type() == UDS &&
+      strncmp(GRPC_UDS_URI_PATTERN, server_uri_str,
               strlen(GRPC_UDS_URI_PATTERN)) != 0) {
     gpr_log(GPR_ERROR,
-            "Invalid target_name to "
+            "Invalid UDS target name to "
             "grpc_local_channel_security_connector_create()");
     return nullptr;
   }
@@ -204,15 +248,6 @@ grpc_local_server_security_connector_create(
         "Invalid arguments to grpc_local_server_security_connector_create()");
     return nullptr;
   }
-  // Check if local_connect_type is UDS. Only UDS is supported for now.
-  const grpc_local_server_credentials* creds =
-      static_cast<const grpc_local_server_credentials*>(server_creds.get());
-  if (creds->connect_type() != UDS) {
-    gpr_log(GPR_ERROR,
-            "Invalid local server type to "
-            "grpc_local_server_security_connector_create()");
-    return nullptr;
-  }
   return grpc_core::MakeRefCounted<grpc_local_server_security_connector>(
       std::move(server_creds));
 }

src/core/lib/security/security_connector/security_connector.h

@@ -56,7 +56,8 @@ class grpc_security_connector
   /* Check the peer. Callee takes ownership of the peer object.
      When done, sets *auth_context and invokes on_peer_checked. */
   virtual void check_peer(
-      tsi_peer peer, grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
+      tsi_peer peer, grpc_endpoint* ep,
+      grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
       grpc_closure* on_peer_checked) GRPC_ABSTRACT;
 
   /* Compares two security connectors. */

src/core/lib/security/security_connector/ssl/ssl_security_connector.cc

@@ -146,7 +146,7 @@ class grpc_ssl_channel_security_connector final
                                grpc_security_handshaker_create(tsi_hs, this));
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
     const char* target_name = overridden_target_name_ != nullptr
@@ -299,7 +299,7 @@ class grpc_ssl_server_security_connector
                                grpc_security_handshaker_create(tsi_hs, this));
   }
 
-  void check_peer(tsi_peer peer,
+  void check_peer(tsi_peer peer, grpc_endpoint* ep,
                   grpc_core::RefCountedPtr<grpc_auth_context>* auth_context,
                   grpc_closure* on_peer_checked) override {
     grpc_error* error = ssl_check_peer(nullptr, &peer, auth_context);

src/core/lib/security/transport/security_handshaker.cc

@@ -231,7 +231,8 @@ static grpc_error* check_peer_locked(security_handshaker* h) {
     return grpc_set_tsi_error_result(
         GRPC_ERROR_CREATE_FROM_STATIC_STRING("Peer extraction failed"), result);
   }
-  h->connector->check_peer(peer, &h->auth_context, &h->on_peer_checked);
+  h->connector->check_peer(peer, h->args->endpoint, &h->auth_context,
+                           &h->on_peer_checked);
   return GRPC_ERROR_NONE;
 }
 

test/core/end2end/BUILD

@@ -70,6 +70,19 @@ grpc_cc_library(
     ],
 )
 
+grpc_cc_library(
+    name = "local_util",
+    srcs = ["fixtures/local_util.cc"],
+    hdrs = ["fixtures/local_util.h",
+            "end2end_tests.h"],
+    language = "C++",
+    deps = [
+        "//:gpr",
+        "//:grpc",
+        "//test/core/util:grpc_test_util",
+  ],
+)
+
 grpc_cc_test(
     name = "bad_server_response_test",
     srcs = ["bad_server_response_test.cc"],

test/core/end2end/fixtures/h2_local_ipv4.cc

@@ -0,0 +1,72 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <unistd.h>
+
+#include <grpc/support/string_util.h>
+
+#include "src/core/lib/gpr/host_port.h"
+#include "test/core/end2end/end2end_tests.h"
+#include "test/core/end2end/fixtures/local_util.h"
+#include "test/core/util/port.h"
+#include "test/core/util/test_config.h"
+
+static grpc_end2end_test_fixture chttp2_create_fixture_fullstack_ipv4(
+    grpc_channel_args* client_args, grpc_channel_args* server_args) {
+  grpc_end2end_test_fixture f =
+      grpc_end2end_local_chttp2_create_fixture_fullstack();
+  int port = grpc_pick_unused_port_or_die();
+  gpr_join_host_port(
+      &static_cast<grpc_end2end_local_fullstack_fixture_data*>(f.fixture_data)
+           ->localaddr,
+      "127.0.0.1", port);
+  return f;
+}
+
+static void chttp2_init_client_fullstack_ipv4(grpc_end2end_test_fixture* f,
+                                              grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_client_fullstack(f, client_args, LOCAL_TCP);
+}
+
+static void chttp2_init_server_fullstack_ipv4(grpc_end2end_test_fixture* f,
+                                              grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_server_fullstack(f, client_args, LOCAL_TCP);
+}
+
+/* All test configurations */
+static grpc_end2end_test_config configs[] = {
+    {"chttp2/fullstack_local_ipv4",
+     FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION |
+         FEATURE_MASK_SUPPORTS_CLIENT_CHANNEL |
+         FEATURE_MASK_SUPPORTS_AUTHORITY_HEADER |
+         FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS,
+     nullptr, chttp2_create_fixture_fullstack_ipv4,
+     chttp2_init_client_fullstack_ipv4, chttp2_init_server_fullstack_ipv4,
+     grpc_end2end_local_chttp2_tear_down_fullstack}};
+
+int main(int argc, char** argv) {
+  size_t i;
+  grpc::testing::TestEnvironment env(argc, argv);
+  grpc_end2end_tests_pre_init();
+  grpc_init();
+  for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
+    grpc_end2end_tests(argc, argv, configs[i]);
+  }
+  grpc_shutdown();
+  return 0;
+}

test/core/end2end/fixtures/h2_local_ipv6.cc

@@ -0,0 +1,72 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <unistd.h>
+
+#include <grpc/support/string_util.h>
+
+#include "src/core/lib/gpr/host_port.h"
+#include "test/core/end2end/end2end_tests.h"
+#include "test/core/end2end/fixtures/local_util.h"
+#include "test/core/util/port.h"
+#include "test/core/util/test_config.h"
+
+static grpc_end2end_test_fixture chttp2_create_fixture_fullstack_ipv6(
+    grpc_channel_args* client_args, grpc_channel_args* server_args) {
+  grpc_end2end_test_fixture f =
+      grpc_end2end_local_chttp2_create_fixture_fullstack();
+  int port = grpc_pick_unused_port_or_die();
+  gpr_join_host_port(
+      &static_cast<grpc_end2end_local_fullstack_fixture_data*>(f.fixture_data)
+           ->localaddr,
+      "[::1]", port);
+  return f;
+}
+
+static void chttp2_init_client_fullstack_ipv6(grpc_end2end_test_fixture* f,
+                                              grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_client_fullstack(f, client_args, LOCAL_TCP);
+}
+
+static void chttp2_init_server_fullstack_ipv6(grpc_end2end_test_fixture* f,
+                                              grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_server_fullstack(f, client_args, LOCAL_TCP);
+}
+
+/* All test configurations */
+static grpc_end2end_test_config configs[] = {
+    {"chttp2/fullstack_local_ipv6",
+     FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION |
+         FEATURE_MASK_SUPPORTS_CLIENT_CHANNEL |
+         FEATURE_MASK_SUPPORTS_AUTHORITY_HEADER |
+         FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS,
+     nullptr, chttp2_create_fixture_fullstack_ipv6,
+     chttp2_init_client_fullstack_ipv6, chttp2_init_server_fullstack_ipv6,
+     grpc_end2end_local_chttp2_tear_down_fullstack}};
+
+int main(int argc, char** argv) {
+  size_t i;
+  grpc::testing::TestEnvironment env(argc, argv);
+  grpc_end2end_tests_pre_init();
+  grpc_init();
+  for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
+    grpc_end2end_tests(argc, argv, configs[i]);
+  }
+  grpc_shutdown();
+  return 0;
+}

test/core/end2end/fixtures/h2_local_uds.cc

@@ -0,0 +1,71 @@
+/*
+ *
+ * Copyright 2015 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include <unistd.h>
+
+#include <grpc/support/string_util.h>
+
+#include "test/core/end2end/end2end_tests.h"
+#include "test/core/end2end/fixtures/local_util.h"
+#include "test/core/util/test_config.h"
+
+static int unique = 1;
+
+static grpc_end2end_test_fixture chttp2_create_fixture_fullstack_uds(
+    grpc_channel_args* client_args, grpc_channel_args* server_args) {
+  grpc_end2end_test_fixture f =
+      grpc_end2end_local_chttp2_create_fixture_fullstack();
+  gpr_asprintf(
+      &static_cast<grpc_end2end_local_fullstack_fixture_data*>(f.fixture_data)
+           ->localaddr,
+      "unix:/tmp/grpc_fullstack_test.%d.%d", getpid(), unique++);
+  return f;
+}
+
+static void chttp2_init_client_fullstack_uds(grpc_end2end_test_fixture* f,
+                                             grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_client_fullstack(f, client_args, UDS);
+}
+
+static void chttp2_init_server_fullstack_uds(grpc_end2end_test_fixture* f,
+                                             grpc_channel_args* client_args) {
+  grpc_end2end_local_chttp2_init_server_fullstack(f, client_args, UDS);
+}
+
+/* All test configurations */
+static grpc_end2end_test_config configs[] = {
+    {"chttp2/fullstack_local_uds",
+     FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION |
+         FEATURE_MASK_SUPPORTS_CLIENT_CHANNEL |
+         FEATURE_MASK_SUPPORTS_AUTHORITY_HEADER |
+         FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS,
+     nullptr, chttp2_create_fixture_fullstack_uds,
+     chttp2_init_client_fullstack_uds, chttp2_init_server_fullstack_uds,
+     grpc_end2end_local_chttp2_tear_down_fullstack}};
+
+int main(int argc, char** argv) {
+  size_t i;
+  grpc::testing::TestEnvironment env(argc, argv);
+  grpc_end2end_tests_pre_init();
+  grpc_init();
+  for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
+    grpc_end2end_tests(argc, argv, configs[i]);
+  }
+  grpc_shutdown();
+  return 0;
+}

test/core/end2end/fixtures/local_util.cc

@@ -1,6 +1,6 @@
 /*
  *
- * Copyright 2015 gRPC authors.
+ * Copyright 2018 gRPC authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,11 +16,7 @@
  *
  */
 
-#include "test/core/end2end/end2end_tests.h"
-
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
+#include "test/core/end2end/fixtures/local_util.h"
 
 #include <grpc/support/alloc.h>
 #include <grpc/support/log.h>
@@ -34,39 +30,28 @@
 #include "src/core/lib/gpr/host_port.h"
 #include "src/core/lib/gpr/string.h"
 #include "src/core/lib/security/credentials/credentials.h"
-#include "src/core/lib/surface/channel.h"
 #include "src/core/lib/surface/server.h"
 #include "test/core/util/port.h"
 #include "test/core/util/test_config.h"
 
-typedef struct fullstack_fixture_data {
-  char* localaddr;
-} fullstack_fixture_data;
-
-static int unique = 1;
-
-static grpc_end2end_test_fixture chttp2_create_fixture_fullstack(
-    grpc_channel_args* client_args, grpc_channel_args* server_args) {
+grpc_end2end_test_fixture grpc_end2end_local_chttp2_create_fixture_fullstack() {
   grpc_end2end_test_fixture f;
-  fullstack_fixture_data* ffd = static_cast<fullstack_fixture_data*>(
-      gpr_malloc(sizeof(fullstack_fixture_data)));
+  grpc_end2end_local_fullstack_fixture_data* ffd =
+      static_cast<grpc_end2end_local_fullstack_fixture_data*>(
+          gpr_malloc(sizeof(grpc_end2end_local_fullstack_fixture_data)));
   memset(&f, 0, sizeof(f));
-
-  gpr_asprintf(&ffd->localaddr, "unix:/tmp/grpc_fullstack_test.%d.%d", getpid(),
-               unique++);
-
   f.fixture_data = ffd;
   f.cq = grpc_completion_queue_create_for_next(nullptr);
   f.shutdown_cq = grpc_completion_queue_create_for_pluck(nullptr);
-
   return f;
 }
 
-void chttp2_init_client_fullstack(grpc_end2end_test_fixture* f,
-                                  grpc_channel_args* client_args) {
-  grpc_channel_credentials* creds = grpc_local_credentials_create(UDS);
-  fullstack_fixture_data* ffd =
-      static_cast<fullstack_fixture_data*>(f->fixture_data);
+void grpc_end2end_local_chttp2_init_client_fullstack(
+    grpc_end2end_test_fixture* f, grpc_channel_args* client_args,
+    grpc_local_connect_type type) {
+  grpc_channel_credentials* creds = grpc_local_credentials_create(type);
+  grpc_end2end_local_fullstack_fixture_data* ffd =
+      static_cast<grpc_end2end_local_fullstack_fixture_data*>(f->fixture_data);
   f->client =
       grpc_secure_channel_create(creds, ffd->localaddr, client_args, nullptr);
   GPR_ASSERT(f->client != nullptr);
@@ -98,11 +83,12 @@ static void process_auth_failure(void* state, grpc_auth_context* ctx,
   cb(user_data, nullptr, 0, nullptr, 0, GRPC_STATUS_UNAUTHENTICATED, nullptr);
 }
 
-void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f,
-                                  grpc_channel_args* server_args) {
-  grpc_server_credentials* creds = grpc_local_server_credentials_create(UDS);
-  fullstack_fixture_data* ffd =
-      static_cast<fullstack_fixture_data*>(f->fixture_data);
+void grpc_end2end_local_chttp2_init_server_fullstack(
+    grpc_end2end_test_fixture* f, grpc_channel_args* server_args,
+    grpc_local_connect_type type) {
+  grpc_server_credentials* creds = grpc_local_server_credentials_create(type);
+  grpc_end2end_local_fullstack_fixture_data* ffd =
+      static_cast<grpc_end2end_local_fullstack_fixture_data*>(f->fixture_data);
   if (f->server) {
     grpc_server_destroy(f->server);
   }
@@ -119,36 +105,10 @@ void chttp2_init_server_fullstack(grpc_end2end_test_fixture* f,
   grpc_server_start(f->server);
 }
 
-void chttp2_tear_down_fullstack(grpc_end2end_test_fixture* f) {
-  fullstack_fixture_data* ffd =
-      static_cast<fullstack_fixture_data*>(f->fixture_data);
+void grpc_end2end_local_chttp2_tear_down_fullstack(
+    grpc_end2end_test_fixture* f) {
+  grpc_end2end_local_fullstack_fixture_data* ffd =
+      static_cast<grpc_end2end_local_fullstack_fixture_data*>(f->fixture_data);
   gpr_free(ffd->localaddr);
   gpr_free(ffd);
 }
-
-/* All test configurations */
-static grpc_end2end_test_config configs[] = {
-    {"chttp2/fullstack_local",
-     FEATURE_MASK_SUPPORTS_DELAYED_CONNECTION |
-         FEATURE_MASK_SUPPORTS_CLIENT_CHANNEL |
-         FEATURE_MASK_SUPPORTS_AUTHORITY_HEADER |
-         FEATURE_MASK_SUPPORTS_PER_CALL_CREDENTIALS,
-     nullptr, chttp2_create_fixture_fullstack, chttp2_init_client_fullstack,
-     chttp2_init_server_fullstack, chttp2_tear_down_fullstack},
-};
-
-int main(int argc, char** argv) {
-  size_t i;
-
-  grpc::testing::TestEnvironment env(argc, argv);
-  grpc_end2end_tests_pre_init();
-  grpc_init();
-
-  for (i = 0; i < sizeof(configs) / sizeof(*configs); i++) {
-    grpc_end2end_tests(argc, argv, configs[i]);
-  }
-
-  grpc_shutdown();
-
-  return 0;
-}

test/core/end2end/fixtures/local_util.h

@@ -0,0 +1,41 @@
+/*
+ *
+ * Copyright 2018 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "test/core/end2end/end2end_tests.h"
+
+#include <grpc/grpc_security.h>
+
+#include "src/core/lib/surface/channel.h"
+
+typedef struct grpc_end2end_local_fullstack_fixture_data {
+  char* localaddr;
+} grpc_end2end_local_fullstack_fixture_data;
+
+/* Utility functions shared by h2_local tests. */
+grpc_end2end_test_fixture grpc_end2end_local_chttp2_create_fixture_fullstack();
+
+void grpc_end2end_local_chttp2_init_client_fullstack(
+    grpc_end2end_test_fixture* f, grpc_channel_args* client_args,
+    grpc_local_connect_type type);
+
+void grpc_end2end_local_chttp2_init_server_fullstack(
+    grpc_end2end_test_fixture* f, grpc_channel_args* server_args,
+    grpc_local_connect_type type);
+
+void grpc_end2end_local_chttp2_tear_down_fullstack(
+    grpc_end2end_test_fixture* f);

test/core/end2end/gen_build_yaml.py

@@ -74,7 +74,9 @@ END2END_FIXTURES = {
     'h2_sockpair+trace': socketpair_unsecure_fixture_options._replace(
         ci_mac=False, tracing=True, large_writes=False, exclude_iomgrs=['uv']),
     'h2_ssl': default_secure_fixture_options,
-    'h2_local': local_fixture_options,
+    'h2_local_uds': local_fixture_options,
+    'h2_local_ipv4': local_fixture_options,
+    'h2_local_ipv6': local_fixture_options,
     'h2_ssl_proxy': default_secure_fixture_options._replace(
         includes_proxy=True, ci_mac=False, exclude_iomgrs=['uv']),
     'h2_uds': uds_fixture_options,

test/core/end2end/generate_tests.bzl

@@ -85,7 +85,9 @@ END2END_FIXTURES = {
         client_channel = False,
     ),
     "h2_ssl": _fixture_options(secure = True),
-    "h2_local": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
+    "h2_local_uds": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
+    "h2_local_ipv4": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
+    "h2_local_ipv6": _fixture_options(secure = True, dns_resolver = False, _platforms = ["linux", "mac", "posix"]),
     "h2_ssl_proxy": _fixture_options(includes_proxy = True, secure = True),
     "h2_uds": _fixture_options(
         dns_resolver = False,
@@ -376,6 +378,7 @@ def grpc_end2end_tests():
             ":ssl_test_data",
             ":http_proxy",
             ":proxy",
+            ":local_util",
         ],
     )
 
@@ -426,6 +429,7 @@ def grpc_end2end_nosec_tests():
             ":ssl_test_data",
             ":http_proxy",
             ":proxy",
+            ":local_util",
         ],
     )
 

tools/run_tests/generated/sources_and_headers.json

@@ -6241,9 +6241,45 @@
     "headers": [], 
     "is_filegroup": false, 
     "language": "c", 
-    "name": "h2_local_test", 
+    "name": "h2_local_ipv4_test", 
     "src": [
-      "test/core/end2end/fixtures/h2_local.cc"
+      "test/core/end2end/fixtures/h2_local_ipv4.cc"
+    ], 
+    "third_party": false, 
+    "type": "target"
+  }, 
+  {
+    "deps": [
+      "end2end_tests", 
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "is_filegroup": false, 
+    "language": "c", 
+    "name": "h2_local_ipv6_test", 
+    "src": [
+      "test/core/end2end/fixtures/h2_local_ipv6.cc"
+    ], 
+    "third_party": false, 
+    "type": "target"
+  }, 
+  {
+    "deps": [
+      "end2end_tests", 
+      "gpr", 
+      "gpr_test_util", 
+      "grpc", 
+      "grpc_test_util"
+    ], 
+    "headers": [], 
+    "is_filegroup": false, 
+    "language": "c", 
+    "name": "h2_local_uds_test", 
+    "src": [
+      "test/core/end2end/fixtures/h2_local_uds.cc"
     ], 
     "third_party": false, 
     "type": "target"
@@ -10683,6 +10719,7 @@
       "src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h", 
       "test/core/end2end/cq_verifier.h", 
       "test/core/end2end/fixtures/http_proxy_fixture.h", 
+      "test/core/end2end/fixtures/local_util.h", 
       "test/core/end2end/fixtures/proxy.h", 
       "test/core/iomgr/endpoint_tests.h", 
       "test/core/util/debugger_macros.h", 
@@ -10710,6 +10747,8 @@
       "test/core/end2end/cq_verifier.h", 
       "test/core/end2end/fixtures/http_proxy_fixture.cc", 
       "test/core/end2end/fixtures/http_proxy_fixture.h", 
+      "test/core/end2end/fixtures/local_util.cc", 
+      "test/core/end2end/fixtures/local_util.h", 
       "test/core/end2end/fixtures/proxy.cc", 
       "test/core/end2end/fixtures/proxy.h", 
       "test/core/iomgr/endpoint_tests.cc",