Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #2947 from jboeuf/grpc_security_abi

Browse Source 
First draft at addressing #1799 for grpc_security.
pull/3103/head
Craig Tiller 9 years ago
parent 1c3b213306 5cc1e2ec4b
commit 08348334e5
32 changed files with 158 additions and 128 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      include/grpc/grpc.h
  2. 25
      include/grpc/grpc_security.h
  3. 3
      src/core/security/client_auth_filter.c
  4. 35
      src/core/security/credentials.c
  5. 6
      src/core/security/google_default_credentials.c
  6. 4
      src/core/surface/secure_channel_create.c
  7. 21
      src/cpp/client/secure_credentials.cc
  8. 2
      src/cpp/server/secure_server_credentials.cc
  9. 8
      src/csharp/ext/grpc_csharp_ext.c
  10. 2
      src/node/ext/channel.cc
  11. 11
      src/node/ext/credentials.cc
  12. 7
      src/node/ext/server_credentials.cc
  13. 7
      src/objective-c/GRPCClient/private/GRPCSecureChannel.m
  14. 2
      src/php/ext/grpc/channel.c
  15. 6
      src/php/ext/grpc/credentials.c
  16. 2
      src/php/ext/grpc/server_credentials.c
  17. 3
      src/python/grpcio/grpc/_adapter/_c/types/channel.c
  18. 20
      src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
  19. 2
      src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c
  20. 2
      src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd
  21. 2
      src/ruby/ext/grpc/rb_channel.c
  22. 11
      src/ruby/ext/grpc/rb_credentials.c
  23. 5
      src/ruby/ext/grpc/rb_server_credentials.c
  24. 3
      test/core/end2end/fixtures/chttp2_fake_security.c
  25. 7
      test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c
  26. 7
      test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c
  27. 13
      test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c
  28. 9
      test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c
  29. 6
      test/core/end2end/tests/request_response_with_payload_and_call_creds.c
  30. 4
      test/core/fling/server.c
  31. 42
      test/core/security/credentials_test.c
  32. 6
      test/core/security/fetch_oauth2.c

3
include/grpc/grpc.h
Unescape View File

@ -214,8 +214,7 @@ typedef struct grpc_metadata {
/** The following fields are reserved for grpc internal use.
There is no need to initialize them, and they will be set to garbage
during
calls to grpc. */
during calls to grpc. */
struct {
void *obfuscated[4];
} internal_data;

25
include/grpc/grpc_security.h
Unescape View File

@ -89,16 +89,18 @@ typedef struct {
key and certificate chain. This parameter can be NULL if the client does
not have such a key/cert pair. */
grpc_credentials *grpc_ssl_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair);
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
void *reserved);
/* Creates a composite credentials object. */
grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
grpc_credentials *creds2);
grpc_credentials *creds2,
void *reserved);
/* Creates a compute engine credentials object.
WARNING: Do NOT use this credentials to connect to a non-google service as
this could result in an oauth2 token leak. */
grpc_credentials *grpc_compute_engine_credentials_create(void);
grpc_credentials *grpc_compute_engine_credentials_create(void *reserved);
extern const gpr_timespec grpc_max_auth_token_lifetime;
@ -112,7 +114,8 @@ extern const gpr_timespec grpc_max_auth_token_lifetime;
account credentials. It should not exceed grpc_max_auth_token_lifetime
or will be cropped to this value. */
grpc_credentials *grpc_service_account_credentials_create(
const char *json_key, const char *scope, gpr_timespec token_lifetime);
const char *json_key, const char *scope, gpr_timespec token_lifetime,
void *reserved);
/* Creates a JWT credentials object. May return NULL if the input is invalid.
- json_key is the JSON key string containing the client's private key.
@ -120,7 +123,7 @@ grpc_credentials *grpc_service_account_credentials_create(
this credentials. It should not exceed grpc_max_auth_token_lifetime or
will be cropped to this value. */
grpc_credentials *grpc_service_account_jwt_access_credentials_create(
const char *json_key, gpr_timespec token_lifetime);
const char *json_key, gpr_timespec token_lifetime, void *reserved);
/* Creates an Oauth2 Refresh Token credentials object. May return NULL if the
input is invalid.
@ -129,23 +132,25 @@ grpc_credentials *grpc_service_account_jwt_access_credentials_create(
- json_refresh_token is the JSON string containing the refresh token itself
along with a client_id and client_secret. */
grpc_credentials *grpc_refresh_token_credentials_create(
const char *json_refresh_token);
const char *json_refresh_token, void *reserved);
/* Creates an Oauth2 Access Token credentials with an access token that was
aquired by an out of band mechanism. */
grpc_credentials *grpc_access_token_credentials_create(
const char *access_token);
const char *access_token, void *reserved);
/* Creates an IAM credentials object. */
grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
const char *authority_selector);
const char *authority_selector,
void *reserved);
/* --- Secure channel creation. --- */
/* Creates a secure channel using the passed-in credentials. */
grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
const char *target,
const grpc_channel_args *args);
const grpc_channel_args *args,
void *reserved);
/* --- grpc_server_credentials object. ---
@ -171,7 +176,7 @@ void grpc_server_credentials_release(grpc_server_credentials *creds);
NULL. */
grpc_server_credentials *grpc_ssl_server_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs, int force_client_auth);
size_t num_key_cert_pairs, int force_client_auth, void *reserved);
/* --- Server-side secure ports. --- */

3
src/core/security/client_auth_filter.c
Unescape View File

@ -153,7 +153,8 @@ static void send_security_metadata(grpc_call_element *elem,
}
if (channel_creds_has_md && call_creds_has_md) {
calld->creds = grpc_composite_credentials_create(channel_creds, ctx->creds);
calld->creds =
grpc_composite_credentials_create(channel_creds, ctx->creds, NULL);
if (calld->creds == NULL) {
bubble_up_error(elem, GRPC_STATUS_INVALID_ARGUMENT,
"Incompatible credentials set on channel and call.");

35
src/core/security/credentials.c
Unescape View File

@ -298,8 +298,10 @@ static void ssl_build_server_config(
}
grpc_credentials *grpc_ssl_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair) {
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair,
void *reserved) {
grpc_ssl_credentials *c = gpr_malloc(sizeof(grpc_ssl_credentials));
GPR_ASSERT(reserved == NULL);
memset(c, 0, sizeof(grpc_ssl_credentials));
c->base.type = GRPC_CREDENTIALS_TYPE_SSL;
c->base.vtable = &ssl_vtable;
@ -310,9 +312,11 @@ grpc_credentials *grpc_ssl_credentials_create(
grpc_server_credentials *grpc_ssl_server_credentials_create(
const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs, int force_client_auth) {
size_t num_key_cert_pairs, int force_client_auth, void *reserved) {
grpc_ssl_server_credentials *c =
gpr_malloc(sizeof(grpc_ssl_server_credentials));
GPR_ASSERT(reserved == NULL);
memset(c, 0, sizeof(grpc_ssl_credentials));
memset(c, 0, sizeof(grpc_ssl_server_credentials));
c->base.type = GRPC_CREDENTIALS_TYPE_SSL;
c->base.vtable = &ssl_server_vtable;
@ -430,7 +434,8 @@ grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
}
grpc_credentials *grpc_service_account_jwt_access_credentials_create(
const char *json_key, gpr_timespec token_lifetime) {
const char *json_key, gpr_timespec token_lifetime, void *reserved) {
GPR_ASSERT(reserved == NULL);
return grpc_service_account_jwt_access_credentials_create_from_auth_json_key(
grpc_auth_json_key_create_from_string(json_key), token_lifetime);
}
@ -635,9 +640,10 @@ static void compute_engine_fetch_oauth2(
metadata_req);
}
grpc_credentials *grpc_compute_engine_credentials_create(void) {
grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
grpc_oauth2_token_fetcher_credentials *c =
gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
GPR_ASSERT(reserved == NULL);
init_oauth2_token_fetcher(c, compute_engine_fetch_oauth2);
c->base.vtable = &compute_engine_vtable;
return &c->base;
@ -693,10 +699,11 @@ static void service_account_fetch_oauth2(
}
grpc_credentials *grpc_service_account_credentials_create(
const char *json_key, const char *scope, gpr_timespec token_lifetime) {
const char *json_key, const char *scope, gpr_timespec token_lifetime,
void *reserved) {
grpc_service_account_credentials *c;
grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key);
GPR_ASSERT(reserved == NULL);
if (scope == NULL || (strlen(scope) == 0) ||
!grpc_auth_json_key_is_valid(&key)) {
gpr_log(GPR_ERROR,
@ -766,7 +773,8 @@ grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token(
}
grpc_credentials *grpc_refresh_token_credentials_create(
const char *json_refresh_token) {
const char *json_refresh_token, void *reserved) {
GPR_ASSERT(reserved == NULL);
return grpc_refresh_token_credentials_create_from_auth_refresh_token(
grpc_auth_refresh_token_create_from_string(json_refresh_token));
}
@ -867,11 +875,12 @@ static grpc_credentials_vtable access_token_vtable = {
access_token_has_request_metadata_only, access_token_get_request_metadata,
NULL};
grpc_credentials *grpc_access_token_credentials_create(
const char *access_token) {
grpc_credentials *grpc_access_token_credentials_create(const char *access_token,
void *reserved) {
grpc_access_token_credentials *c =
gpr_malloc(sizeof(grpc_access_token_credentials));
char *token_md_value;
GPR_ASSERT(reserved == NULL);
memset(c, 0, sizeof(grpc_access_token_credentials));
c->base.type = GRPC_CREDENTIALS_TYPE_OAUTH2;
c->base.vtable = &access_token_vtable;
@ -1101,12 +1110,14 @@ static grpc_credentials_array get_creds_array(grpc_credentials **creds_addr) {
}
grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
grpc_credentials *creds2) {
grpc_credentials *creds2,
void *reserved) {
size_t i;
size_t creds_array_byte_size;
grpc_credentials_array creds1_array;
grpc_credentials_array creds2_array;
grpc_composite_credentials *c;
GPR_ASSERT(reserved == NULL);
GPR_ASSERT(creds1 != NULL);
GPR_ASSERT(creds2 != NULL);
c = gpr_malloc(sizeof(grpc_composite_credentials));
@ -1209,8 +1220,10 @@ static grpc_credentials_vtable iam_vtable = {
iam_get_request_metadata, NULL};
grpc_credentials *grpc_iam_credentials_create(const char *token,
const char *authority_selector) {
const char *authority_selector,
void *reserved) {
grpc_iam_credentials *c;
GPR_ASSERT(reserved == NULL);
GPR_ASSERT(token != NULL);
GPR_ASSERT(authority_selector != NULL);
c = gpr_malloc(sizeof(grpc_iam_credentials));

6
src/core/security/google_default_credentials.c
Unescape View File

@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) {
int need_compute_engine_creds = is_stack_running_on_compute_engine();
compute_engine_detection_done = 1;
if (need_compute_engine_creds) {
result = grpc_compute_engine_credentials_create();
result = grpc_compute_engine_credentials_create(NULL);
}
}
@ -202,9 +202,9 @@ end:
if (!serving_cached_credentials && result != NULL) {
/* Blend with default ssl credentials and add a global reference so that it
can be cached and re-served. */
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
default_credentials = grpc_credentials_ref(
grpc_composite_credentials_create(ssl_creds, result));
grpc_composite_credentials_create(ssl_creds, result, NULL));
GPR_ASSERT(default_credentials != NULL);
grpc_credentials_unref(ssl_creds);
grpc_credentials_unref(result);

4
src/core/surface/secure_channel_create.c
Unescape View File

@ -185,7 +185,8 @@ static const grpc_subchannel_factory_vtable subchannel_factory_vtable = {
- perform handshakes */
grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
const char *target,
const grpc_channel_args *args) {
const grpc_channel_args *args,
void *reserved) {
grpc_channel *channel;
grpc_arg connector_arg;
grpc_channel_args *args_copy;
@ -198,6 +199,7 @@ grpc_channel *grpc_secure_channel_create(grpc_credentials *creds,
const grpc_channel_filter *filters[MAX_FILTERS];
int n = 0;
GPR_ASSERT(reserved == NULL);
if (grpc_find_security_connector_in_args(args) != NULL) {
gpr_log(GPR_ERROR, "Cannot set security context in channel args.");
return grpc_lame_client_channel_create(

21
src/cpp/client/secure_credentials.cc
Unescape View File

@ -46,7 +46,8 @@ std::shared_ptr<grpc::Channel> SecureCredentials::CreateChannel(
args.SetChannelArgs(&channel_args);
return CreateChannelInternal(
args.GetSslTargetNameOverride(),
grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args));
grpc_secure_channel_create(c_creds_, target.c_str(), &channel_args,
nullptr));
}
bool SecureCredentials::ApplyToCall(grpc_call* call) {
@ -75,14 +76,14 @@ std::shared_ptr<Credentials> SslCredentials(
grpc_credentials* c_creds = grpc_ssl_credentials_create(
options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(),
options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair);
options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair, nullptr);
return WrapCredentials(c_creds);
}
// Builds credentials for use when running in GCE
std::shared_ptr<Credentials> ComputeEngineCredentials() {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(grpc_compute_engine_credentials_create());
return WrapCredentials(grpc_compute_engine_credentials_create(nullptr));
}
// Builds service account credentials.
@ -99,7 +100,7 @@ std::shared_ptr<Credentials> ServiceAccountCredentials(
gpr_timespec lifetime =
gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
return WrapCredentials(grpc_service_account_credentials_create(
json_key.c_str(), scope.c_str(), lifetime));
json_key.c_str(), scope.c_str(), lifetime, nullptr));
}
// Builds JWT credentials.
@ -114,15 +115,15 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
gpr_timespec lifetime =
gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
return WrapCredentials(grpc_service_account_jwt_access_credentials_create(
json_key.c_str(), lifetime));
json_key.c_str(), lifetime, nullptr));
}
// Builds refresh token credentials.
std::shared_ptr<Credentials> RefreshTokenCredentials(
const grpc::string& json_refresh_token) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(
grpc_refresh_token_credentials_create(json_refresh_token.c_str()));
return WrapCredentials(grpc_refresh_token_credentials_create(
json_refresh_token.c_str(), nullptr));
}
// Builds access token credentials.
@ -130,7 +131,7 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
const grpc::string& access_token) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(
grpc_access_token_credentials_create(access_token.c_str()));
grpc_access_token_credentials_create(access_token.c_str(), nullptr));
}
// Builds IAM credentials.
@ -139,7 +140,7 @@ std::shared_ptr<Credentials> IAMCredentials(
const grpc::string& authority_selector) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(grpc_iam_credentials_create(
authorization_token.c_str(), authority_selector.c_str()));
authorization_token.c_str(), authority_selector.c_str(), nullptr));
}
// Combines two credentials objects into a composite credentials.
@ -154,7 +155,7 @@ std::shared_ptr<Credentials> CompositeCredentials(
SecureCredentials* s2 = creds2->AsSecureCredentials();
if (s1 && s2) {
return WrapCredentials(grpc_composite_credentials_create(
s1->GetRawCreds(), s2->GetRawCreds()));
s1->GetRawCreds(), s2->GetRawCreds(), nullptr));
}
return nullptr;
}

2
src/cpp/server/secure_server_credentials.cc
Unescape View File

@ -52,7 +52,7 @@ std::shared_ptr<ServerCredentials> SslServerCredentials(
grpc_server_credentials* c_creds = grpc_ssl_server_credentials_create(
options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(),
&pem_key_cert_pairs[0], pem_key_cert_pairs.size(),
options.force_client_auth);
options.force_client_auth, nullptr);
return std::shared_ptr<ServerCredentials>(
new SecureServerCredentials(c_creds));
}

8
src/csharp/ext/grpc_csharp_ext.c
Unescape View File

@ -837,11 +837,11 @@ grpcsharp_ssl_credentials_create(const char *pem_root_certs,
if (key_cert_pair_cert_chain || key_cert_pair_private_key) {
key_cert_pair.cert_chain = key_cert_pair_cert_chain;
key_cert_pair.private_key = key_cert_pair_private_key;
return grpc_ssl_credentials_create(pem_root_certs, &key_cert_pair);
return grpc_ssl_credentials_create(pem_root_certs, &key_cert_pair, NULL);
} else {
GPR_ASSERT(!key_cert_pair_cert_chain);
GPR_ASSERT(!key_cert_pair_private_key);
return grpc_ssl_credentials_create(pem_root_certs, NULL);
return grpc_ssl_credentials_create(pem_root_certs, NULL, NULL);
}
}
@ -852,7 +852,7 @@ GPR_EXPORT void GPR_CALLTYPE grpcsharp_credentials_release(grpc_credentials *cre
GPR_EXPORT grpc_channel *GPR_CALLTYPE
grpcsharp_secure_channel_create(grpc_credentials *creds, const char *target,
const grpc_channel_args *args) {
return grpc_secure_channel_create(creds, target, args);
return grpc_secure_channel_create(creds, target, args, NULL);
}
GPR_EXPORT grpc_server_credentials *GPR_CALLTYPE
@ -876,7 +876,7 @@ grpcsharp_ssl_server_credentials_create(
}
creds = grpc_ssl_server_credentials_create(pem_root_certs, key_cert_pairs,
num_key_cert_pairs,
force_client_auth);
force_client_auth, NULL);
gpr_free(key_cert_pairs);
return creds;
}

2
src/node/ext/channel.cc
Unescape View File

@ -161,7 +161,7 @@ NAN_METHOD(Channel::New) {
NULL);
} else {
wrapped_channel =
grpc_secure_channel_create(creds, *host, channel_args_ptr);
grpc_secure_channel_create(creds, *host, channel_args_ptr, NULL);
}
if (channel_args_ptr != NULL) {
free(channel_args_ptr->args);

11
src/node/ext/credentials.cc
Unescape View File

@ -156,7 +156,8 @@ NAN_METHOD(Credentials::CreateSsl) {
"createSSl's third argument must be a Buffer if provided");
}
grpc_credentials *creds = grpc_ssl_credentials_create(
root_certs, key_cert_pair.private_key == NULL ? NULL : &key_cert_pair);
root_certs, key_cert_pair.private_key == NULL ? NULL : &key_cert_pair,
NULL);
if (creds == NULL) {
NanReturnNull();
}
@ -176,7 +177,7 @@ NAN_METHOD(Credentials::CreateComposite) {
Credentials *creds1 = ObjectWrap::Unwrap<Credentials>(args[0]->ToObject());
Credentials *creds2 = ObjectWrap::Unwrap<Credentials>(args[1]->ToObject());
grpc_credentials *creds = grpc_composite_credentials_create(
creds1->wrapped_credentials, creds2->wrapped_credentials);
creds1->wrapped_credentials, creds2->wrapped_credentials, NULL);
if (creds == NULL) {
NanReturnNull();
}
@ -185,7 +186,7 @@ NAN_METHOD(Credentials::CreateComposite) {
NAN_METHOD(Credentials::CreateGce) {
NanScope();
grpc_credentials *creds = grpc_compute_engine_credentials_create();
grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
if (creds == NULL) {
NanReturnNull();
}
@ -202,8 +203,8 @@ NAN_METHOD(Credentials::CreateIam) {
}
NanUtf8String auth_token(args[0]);
NanUtf8String auth_selector(args[1]);
grpc_credentials *creds = grpc_iam_credentials_create(*auth_token,
*auth_selector);
grpc_credentials *creds =
grpc_iam_credentials_create(*auth_token, *auth_selector, NULL);
if (creds == NULL) {
NanReturnNull();
}

7
src/node/ext/server_credentials.cc
Unescape View File

@ -178,11 +178,8 @@ NAN_METHOD(ServerCredentials::CreateSsl) {
key_cert_pairs[i].cert_chain = ::node::Buffer::Data(
pair_obj->Get(cert_key));
}
grpc_server_credentials *creds =
grpc_ssl_server_credentials_create(root_certs,
key_cert_pairs,
key_cert_pair_count,
force_client_auth);
grpc_server_credentials *creds = grpc_ssl_server_credentials_create(
root_certs, key_cert_pairs, key_cert_pair_count, force_client_auth, NULL);
delete key_cert_pairs;
if (creds == NULL) {
NanReturnNull();

7
src/objective-c/GRPCClient/private/GRPCSecureChannel.m
Unescape View File

@ -49,7 +49,7 @@ static grpc_credentials *CertificatesAtPath(NSString *path, NSError **errorPtr)
// Passing NULL to grpc_ssl_credentials_create produces behavior we don't want, so return.
return NULL;
}
return grpc_ssl_credentials_create(contentInASCII.bytes, NULL);
return grpc_ssl_credentials_create(contentInASCII.bytes, NULL, NULL);
}
@implementation GRPCSecureChannel
@ -101,8 +101,9 @@ static grpc_credentials *CertificatesAtPath(NSString *path, NSError **errorPtr)
- (instancetype)initWithHost:(NSString *)host
credentials:(grpc_credentials *)credentials
args:(grpc_channel_args *)args {
return (self =
[super initWithChannel:grpc_secure_channel_create(credentials, host.UTF8String, args)]);
return (self = [super
initWithChannel:grpc_secure_channel_create(
credentials, host.UTF8String, args, NULL)]);
}
// TODO(jcanizales): GRPCSecureChannel and GRPCUnsecuredChannel are just convenience initializers

2
src/php/ext/grpc/channel.c
Unescape View File

@ -169,7 +169,7 @@ PHP_METHOD(Channel, __construct) {
} else {
gpr_log(GPR_DEBUG, "Initialized secure channel");
channel->wrapped =
grpc_secure_channel_create(creds->wrapped, target, &args);
grpc_secure_channel_create(creds->wrapped, target, &args, NULL);
}
efree(args.args);
}

6
src/php/ext/grpc/credentials.c
Unescape View File

@ -130,7 +130,7 @@ PHP_METHOD(Credentials, createSsl) {
}
grpc_credentials *creds = grpc_ssl_credentials_create(
pem_root_certs,
pem_key_cert_pair.private_key == NULL ? NULL : &pem_key_cert_pair);
pem_key_cert_pair.private_key == NULL ? NULL : &pem_key_cert_pair, NULL);
zval *creds_object = grpc_php_wrap_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}
@ -160,7 +160,7 @@ PHP_METHOD(Credentials, createComposite) {
(wrapped_grpc_credentials *)zend_object_store_get_object(
cred2_obj TSRMLS_CC);
grpc_credentials *creds =
grpc_composite_credentials_create(cred1->wrapped, cred2->wrapped);
grpc_composite_credentials_create(cred1->wrapped, cred2->wrapped, NULL);
zval *creds_object = grpc_php_wrap_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}
@ -170,7 +170,7 @@ PHP_METHOD(Credentials, createComposite) {
* @return Credentials The new GCE credentials object
*/
PHP_METHOD(Credentials, createGce) {
grpc_credentials *creds = grpc_compute_engine_credentials_create();
grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
zval *creds_object = grpc_php_wrap_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}

2
src/php/ext/grpc/server_credentials.c
Unescape View File

@ -118,7 +118,7 @@ PHP_METHOD(ServerCredentials, createSsl) {
/* TODO: add a force_client_auth field in ServerCredentials and pass it as
* the last parameter. */
grpc_server_credentials *creds = grpc_ssl_server_credentials_create(
pem_root_certs, &pem_key_cert_pair, 1, 0);
pem_root_certs, &pem_key_cert_pair, 1, 0, NULL);
zval *creds_object = grpc_php_wrap_server_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}

3
src/python/grpcio/grpc/_adapter/_c/types/channel.c
Unescape View File

@ -106,7 +106,8 @@ Channel *pygrpc_Channel_new(
}
self = (Channel *)type->tp_alloc(type, 0);
if (creds) {
self->c_chan = grpc_secure_channel_create(creds->c_creds, target, &c_args);
self->c_chan =
grpc_secure_channel_create(creds->c_creds, target, &c_args, NULL);
} else {
self->c_chan = grpc_insecure_channel_create(target, &c_args, NULL);
}

20
src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
Unescape View File

@ -135,9 +135,10 @@ ClientCredentials *pygrpc_ClientCredentials_ssl(
if (private_key && cert_chain) {
key_cert_pair.private_key = private_key;
key_cert_pair.cert_chain = cert_chain;
self->c_creds = grpc_ssl_credentials_create(root_certs, &key_cert_pair);
self->c_creds =
grpc_ssl_credentials_create(root_certs, &key_cert_pair, NULL);
} else {
self->c_creds = grpc_ssl_credentials_create(root_certs, NULL);
self->c_creds = grpc_ssl_credentials_create(root_certs, NULL, NULL);
}
if (!self->c_creds) {
Py_DECREF(self);
@ -159,8 +160,8 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
return NULL;
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_composite_credentials_create(
creds1->c_creds, creds2->c_creds);
self->c_creds =
grpc_composite_credentials_create(creds1->c_creds, creds2->c_creds, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError, "couldn't create composite credentials");
@ -172,7 +173,7 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
ClientCredentials *pygrpc_ClientCredentials_compute_engine(
PyTypeObject *type, PyObject *ignored) {
ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_compute_engine_credentials_create();
self->c_creds = grpc_compute_engine_credentials_create(NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@ -195,7 +196,7 @@ ClientCredentials *pygrpc_ClientCredentials_service_account(
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_service_account_credentials_create(
json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime));
json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@ -218,7 +219,7 @@ ClientCredentials *pygrpc_ClientCredentials_jwt(
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_service_account_jwt_access_credentials_create(
json_key, pygrpc_cast_double_to_gpr_timespec(lifetime));
json_key, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError, "couldn't create JWT credentials");
@ -237,7 +238,8 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token(
return NULL;
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_refresh_token_credentials_create(json_refresh_token);
self->c_creds =
grpc_refresh_token_credentials_create(json_refresh_token, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@ -259,7 +261,7 @@ ClientCredentials *pygrpc_ClientCredentials_iam(
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds = grpc_iam_credentials_create(authorization_token,
authority_selector);
authority_selector, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError, "couldn't create IAM credentials");

2
src/python/grpcio/grpc/_adapter/_c/types/server_credentials.c
Unescape View File

@ -131,7 +131,7 @@ ServerCredentials *pygrpc_ServerCredentials_ssl(
/* TODO: Add a force_client_auth parameter in the python object and pass it
here as the last arg. */
self->c_creds = grpc_ssl_server_credentials_create(
root_certs, key_cert_pairs, num_key_cert_pairs, 0);
root_certs, key_cert_pairs, num_key_cert_pairs, 0, NULL);
gpr_free(key_cert_pairs);
return self;
}

2
src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd
Unescape View File

@ -332,7 +332,7 @@ cdef extern from "grpc/grpc_security.h":
grpc_server_credentials *grpc_ssl_server_credentials_create(
const char *pem_root_certs,
grpc_ssl_pem_key_cert_pair *pem_key_cert_pairs,
size_t num_key_cert_pairs);
size_t num_key_cert_pairs)
void grpc_server_credentials_release(grpc_server_credentials *creds)
int grpc_server_add_secure_http2_port(grpc_server *server, const char *addr,

2
src/ruby/ext/grpc/rb_channel.c
Unescape View File

@ -150,7 +150,7 @@ static VALUE grpc_rb_channel_init(int argc, VALUE *argv, VALUE self) {
ch = grpc_insecure_channel_create(target_chars, &args, NULL);
} else {
creds = grpc_rb_get_wrapped_credentials(credentials);
ch = grpc_secure_channel_create(creds, target_chars, &args);
ch = grpc_secure_channel_create(creds, target_chars, &args, NULL);
}
if (args.args != NULL) {
xfree(args.args); /* Allocated by grpc_rb_hash_convert_to_channel_args */

11
src/ruby/ext/grpc/rb_credentials.c
Unescape View File

@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) {
Creates the default credential instances. */
static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) {
grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials);
wrapper->wrapped = grpc_compute_engine_credentials_create();
wrapper->wrapped = grpc_compute_engine_credentials_create(NULL);
if (wrapper->wrapped == NULL) {
rb_raise(rb_eRuntimeError,
"could not create composite engine credentials, not sure why");
@ -181,8 +181,8 @@ static VALUE grpc_rb_composite_credentials_create(VALUE self, VALUE other) {
TypedData_Get_Struct(other, grpc_rb_credentials,
&grpc_rb_credentials_data_type, other_wrapper);
wrapper = ALLOC(grpc_rb_credentials);
wrapper->wrapped = grpc_composite_credentials_create(self_wrapper->wrapped,
other_wrapper->wrapped);
wrapper->wrapped = grpc_composite_credentials_create(
self_wrapper->wrapped, other_wrapper->wrapped, NULL);
if (wrapper->wrapped == NULL) {
rb_raise(rb_eRuntimeError,
"could not create composite credentials, not sure why");
@ -234,12 +234,13 @@ static VALUE grpc_rb_credentials_init(int argc, VALUE *argv, VALUE self) {
return Qnil;
}
if (pem_private_key == Qnil && pem_cert_chain == Qnil) {
creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL);
creds =
grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs), NULL, NULL);
} else {
key_cert_pair.private_key = RSTRING_PTR(pem_private_key);
key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain);
creds = grpc_ssl_credentials_create(RSTRING_PTR(pem_root_certs),
&key_cert_pair);
&key_cert_pair, NULL);
}
if (creds == NULL) {
rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why");

5
src/ruby/ext/grpc/rb_server_credentials.c
Unescape View File

@ -178,10 +178,11 @@ static VALUE grpc_rb_server_credentials_init(VALUE self, VALUE pem_root_certs,
key_cert_pair.cert_chain = RSTRING_PTR(pem_cert_chain);
/* TODO Add a force_client_auth parameter and pass it here. */
if (pem_root_certs == Qnil) {
creds = grpc_ssl_server_credentials_create(NULL, &key_cert_pair, 1, 0);
creds =
grpc_ssl_server_credentials_create(NULL, &key_cert_pair, 1, 0, NULL);
} else {
creds = grpc_ssl_server_credentials_create(RSTRING_PTR(pem_root_certs),
&key_cert_pair, 1, 0);
&key_cert_pair, 1, 0, NULL);
}
if (creds == NULL) {
rb_raise(rb_eRuntimeError, "could not create a credentials, not sure why");

3
test/core/end2end/fixtures/chttp2_fake_security.c
Unescape View File

@ -77,7 +77,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f,
grpc_channel_args *client_args,
grpc_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args);
f->client =
grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL);
GPR_ASSERT(f->client != NULL);
grpc_credentials_release(creds);
}

7
test/core/end2end/fixtures/chttp2_simple_ssl_fullstack.c
Unescape View File

@ -80,7 +80,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f,
grpc_channel_args *client_args,
grpc_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args);
f->client =
grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL);
GPR_ASSERT(f->client != NULL);
grpc_credentials_release(creds);
}
@ -108,7 +109,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) {
static void chttp2_init_client_simple_ssl_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *client_args) {
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
grpc_arg ssl_name_override = {GRPC_ARG_STRING,
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
{"foo.test.google.fr"}};
@ -135,7 +136,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack(
grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0);
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL);
if (fail_server_auth_check(server_args)) {
grpc_auth_metadata_processor processor = {process_auth_failure, NULL};
grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor);

7
test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_poll.c
Unescape View File

@ -80,7 +80,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f,
grpc_channel_args *client_args,
grpc_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args);
f->client =
grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL);
GPR_ASSERT(f->client != NULL);
grpc_credentials_release(creds);
}
@ -108,7 +109,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) {
static void chttp2_init_client_simple_ssl_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *client_args) {
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
grpc_arg ssl_name_override = {GRPC_ARG_STRING,
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
{"foo.test.google.fr"}};
@ -135,7 +136,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack(
grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0);
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL);
if (fail_server_auth_check(server_args)) {
grpc_auth_metadata_processor processor = {process_auth_failure, NULL};
grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor);

13
test/core/end2end/fixtures/chttp2_simple_ssl_fullstack_with_proxy.c
Unescape View File

@ -58,7 +58,7 @@ static grpc_server *create_proxy_server(const char *port) {
grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0);
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL);
GPR_ASSERT(grpc_server_add_secure_http2_port(s, port, ssl_creds));
grpc_server_credentials_release(ssl_creds);
return s;
@ -66,14 +66,14 @@ static grpc_server *create_proxy_server(const char *port) {
static grpc_channel *create_proxy_client(const char *target) {
grpc_channel *channel;
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
grpc_arg ssl_name_override = {GRPC_ARG_STRING,
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
{"foo.test.google.fr"}};
grpc_channel_args client_args;
client_args.num_args = 1;
client_args.args = &ssl_name_override;
channel = grpc_secure_channel_create(ssl_creds, target, &client_args);
channel = grpc_secure_channel_create(ssl_creds, target, &client_args, NULL);
grpc_credentials_release(ssl_creds);
return channel;
}
@ -109,7 +109,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f,
grpc_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client = grpc_secure_channel_create(
creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args);
creds, grpc_end2end_proxy_get_client_target(ffd->proxy), client_args,
NULL);
GPR_ASSERT(f->client != NULL);
grpc_credentials_release(creds);
}
@ -137,7 +138,7 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) {
static void chttp2_init_client_simple_ssl_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *client_args) {
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
grpc_arg ssl_name_override = {GRPC_ARG_STRING,
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
{"foo.test.google.fr"}};
@ -164,7 +165,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack(
grpc_ssl_pem_key_cert_pair pem_cert_key_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0);
grpc_ssl_server_credentials_create(NULL, &pem_cert_key_pair, 1, 0, NULL);
if (fail_server_auth_check(server_args)) {
grpc_auth_metadata_processor processor = {process_auth_failure, NULL};
grpc_server_credentials_set_auth_metadata_processor(ssl_creds, processor);

9
test/core/end2end/fixtures/chttp2_simple_ssl_with_oauth2_fullstack.c
Unescape View File

@ -113,7 +113,8 @@ static void chttp2_init_client_secure_fullstack(grpc_end2end_test_fixture *f,
grpc_channel_args *client_args,
grpc_credentials *creds) {
fullstack_secure_fixture_data *ffd = f->fixture_data;
f->client = grpc_secure_channel_create(creds, ffd->localaddr, client_args);
f->client =
grpc_secure_channel_create(creds, ffd->localaddr, client_args, NULL);
GPR_ASSERT(f->client != NULL);
grpc_credentials_release(creds);
}
@ -142,11 +143,11 @@ void chttp2_tear_down_secure_fullstack(grpc_end2end_test_fixture *f) {
static void chttp2_init_client_simple_ssl_with_oauth2_secure_fullstack(
grpc_end2end_test_fixture *f, grpc_channel_args *client_args) {
grpc_credentials *ssl_creds =
grpc_ssl_credentials_create(test_root_cert, NULL);
grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
grpc_credentials *oauth2_creds =
grpc_md_only_test_credentials_create("Authorization", oauth2_md, 1);
grpc_credentials *ssl_oauth2_creds =
grpc_composite_credentials_create(ssl_creds, oauth2_creds);
grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
grpc_arg ssl_name_override = {GRPC_ARG_STRING,
GRPC_SSL_TARGET_NAME_OVERRIDE_ARG,
{"foo.test.google.fr"}};
@ -175,7 +176,7 @@ static void chttp2_init_server_simple_ssl_secure_fullstack(
grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0);
grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0, NULL);
grpc_auth_metadata_processor processor;
processor.state = NULL;
if (fail_server_auth_check(server_args)) {

6
test/core/end2end/tests/request_response_with_payload_and_call_creds.c
Unescape View File

@ -190,7 +190,7 @@ static void request_response_with_payload_and_call_creds(
c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq,
"/foo", "foo.test.google.fr", deadline, NULL);
GPR_ASSERT(c);
creds = grpc_iam_credentials_create(iam_token, iam_selector);
creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
switch (mode) {
@ -199,7 +199,7 @@ static void request_response_with_payload_and_call_creds(
case OVERRIDE:
grpc_credentials_release(creds);
creds = grpc_iam_credentials_create(overridden_iam_token,
overridden_iam_selector);
overridden_iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
break;
@ -421,7 +421,7 @@ static void test_request_with_server_rejecting_client_creds(
"/foo", "foo.test.google.fr", deadline, NULL);
GPR_ASSERT(c);
creds = grpc_iam_credentials_create(iam_token, iam_selector);
creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
grpc_credentials_release(creds);

4
test/core/fling/server.c
Unescape View File

@ -215,8 +215,8 @@ int main(int argc, char **argv) {
if (secure) {
grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {test_server1_key,
test_server1_cert};
grpc_server_credentials *ssl_creds =
grpc_ssl_server_credentials_create(NULL, &pem_key_cert_pair, 1, 0);
grpc_server_credentials *ssl_creds = grpc_ssl_server_credentials_create(
NULL, &pem_key_cert_pair, 1, 0, NULL);
server = grpc_server_create(NULL, NULL);
GPR_ASSERT(grpc_server_add_secure_http2_port(server, addr, ssl_creds));
grpc_server_credentials_release(ssl_creds);

42
test/core/security/credentials_test.c
Unescape View File

@ -329,7 +329,7 @@ static void check_iam_metadata(void *user_data, grpc_credentials_md *md_elems,
static void test_iam_creds(void) {
grpc_credentials *creds = grpc_iam_credentials_create(
test_iam_authorization_token, test_iam_authority_selector);
test_iam_authorization_token, test_iam_authority_selector, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
grpc_credentials_get_request_metadata(creds, NULL, test_service_url,
@ -349,7 +349,7 @@ static void check_access_token_metadata(void *user_data,
}
static void test_access_token_creds(void) {
grpc_credentials *creds = grpc_access_token_credentials_create("blah");
grpc_credentials *creds = grpc_access_token_credentials_create("blah", NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
GPR_ASSERT(strcmp(creds->type, GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
@ -371,12 +371,12 @@ static void check_ssl_oauth2_composite_metadata(
static void test_ssl_oauth2_composite_creds(void) {
grpc_credentials *ssl_creds =
grpc_ssl_credentials_create(test_root_cert, NULL);
grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
const grpc_credentials_array *creds_array;
grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create(
"Authorization", test_oauth2_bearer_token, 0);
grpc_credentials *composite_creds =
grpc_composite_credentials_create(ssl_creds, oauth2_creds);
grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
grpc_credentials_unref(ssl_creds);
grpc_credentials_unref(oauth2_creds);
GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) ==
@ -395,13 +395,13 @@ static void test_ssl_oauth2_composite_creds(void) {
}
void test_ssl_fake_transport_security_composite_creds_failure(void) {
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL);
grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
grpc_credentials *fake_transport_security_creds =
grpc_fake_transport_security_credentials_create();
/* 2 connector credentials: should not work. */
GPR_ASSERT(grpc_composite_credentials_create(
ssl_creds, fake_transport_security_creds) == NULL);
ssl_creds, fake_transport_security_creds, NULL) == NULL);
grpc_credentials_unref(ssl_creds);
grpc_credentials_unref(fake_transport_security_creds);
}
@ -422,16 +422,16 @@ static void check_ssl_oauth2_iam_composite_metadata(
static void test_ssl_oauth2_iam_composite_creds(void) {
grpc_credentials *ssl_creds =
grpc_ssl_credentials_create(test_root_cert, NULL);
grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
const grpc_credentials_array *creds_array;
grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create(
"Authorization", test_oauth2_bearer_token, 0);
grpc_credentials *aux_creds =
grpc_composite_credentials_create(ssl_creds, oauth2_creds);
grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
grpc_credentials *iam_creds = grpc_iam_credentials_create(
test_iam_authorization_token, test_iam_authority_selector);
test_iam_authorization_token, test_iam_authority_selector, NULL);
grpc_credentials *composite_creds =
grpc_composite_credentials_create(aux_creds, iam_creds);
grpc_composite_credentials_create(aux_creds, iam_creds, NULL);
grpc_credentials_unref(ssl_creds);
grpc_credentials_unref(oauth2_creds);
grpc_credentials_unref(aux_creds);
@ -524,7 +524,7 @@ static int httpcli_get_should_not_be_called(
static void test_compute_engine_creds_success(void) {
grpc_credentials *compute_engine_creds =
grpc_compute_engine_credentials_create();
grpc_compute_engine_credentials_create(NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds));
@ -548,7 +548,7 @@ static void test_compute_engine_creds_success(void) {
static void test_compute_engine_creds_failure(void) {
grpc_credentials *compute_engine_creds =
grpc_compute_engine_credentials_create();
grpc_compute_engine_credentials_create(NULL);
grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override,
httpcli_post_should_not_be_called);
GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
@ -605,7 +605,7 @@ static int refresh_token_httpcli_post_failure(
static void test_refresh_token_creds_success(void) {
grpc_credentials *refresh_token_creds =
grpc_refresh_token_credentials_create(test_refresh_token_str);
grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds));
@ -629,7 +629,7 @@ static void test_refresh_token_creds_success(void) {
static void test_refresh_token_creds_failure(void) {
grpc_credentials *refresh_token_creds =
grpc_refresh_token_credentials_create(test_refresh_token_str);
grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
refresh_token_httpcli_post_failure);
GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
@ -731,7 +731,7 @@ static void test_service_account_creds_success(void) {
char *json_key_string = test_json_key_str();
grpc_credentials *service_account_creds =
grpc_service_account_credentials_create(json_key_string, test_scope,
grpc_max_auth_token_lifetime);
grpc_max_auth_token_lifetime, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
@ -761,8 +761,8 @@ static void test_service_account_creds_success(void) {
static void test_service_account_creds_http_failure(void) {
char *json_key_string = test_json_key_str();
grpc_credentials *service_account_creds =
grpc_service_account_credentials_create(json_key_string, test_scope,
grpc_max_auth_token_lifetime);
grpc_service_account_credentials_create(
json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
@ -781,8 +781,8 @@ static void test_service_account_creds_http_failure(void) {
static void test_service_account_creds_signing_failure(void) {
char *json_key_string = test_json_key_str();
grpc_credentials *service_account_creds =
grpc_service_account_credentials_create(json_key_string, test_scope,
grpc_max_auth_token_lifetime);
grpc_service_account_credentials_create(
json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
@ -828,7 +828,7 @@ static void test_jwt_creds_success(void) {
char *json_key_string = test_json_key_str();
grpc_credentials *jwt_creds =
grpc_service_account_jwt_access_credentials_create(
json_key_string, grpc_max_auth_token_lifetime);
json_key_string, grpc_max_auth_token_lifetime, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds));
@ -861,7 +861,7 @@ static void test_jwt_creds_signing_failure(void) {
char *json_key_string = test_json_key_str();
grpc_credentials *jwt_creds =
grpc_service_account_jwt_access_credentials_create(
json_key_string, grpc_max_auth_token_lifetime);
json_key_string, grpc_max_auth_token_lifetime, NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds));

6
test/core/security/fetch_oauth2.c
Unescape View File

@ -56,7 +56,7 @@ static grpc_credentials *create_service_account_creds(
}
return grpc_service_account_credentials_create(
(const char *)GPR_SLICE_START_PTR(json_key), scope,
grpc_max_auth_token_lifetime);
grpc_max_auth_token_lifetime, NULL);
}
static grpc_credentials *create_refresh_token_creds(
@ -69,7 +69,7 @@ static grpc_credentials *create_refresh_token_creds(
exit(1);
}
return grpc_refresh_token_credentials_create(
(const char *)GPR_SLICE_START_PTR(refresh_token));
(const char *)GPR_SLICE_START_PTR(refresh_token), NULL);
}
int main(int argc, char **argv) {
@ -112,7 +112,7 @@ int main(int argc, char **argv) {
"Ignoring json key and scope to get a token from the GCE "
"metadata server.");
}
creds = grpc_compute_engine_credentials_create();
creds = grpc_compute_engine_credentials_create(NULL);
if (creds == NULL) {
gpr_log(GPR_ERROR, "Could not create gce credentials.");
exit(1);

Write Preview
Loading…
Cancel
Save