diff --git a/BUILD b/BUILD index 0298f22bc82..894186b35f2 100644 --- a/BUILD +++ b/BUILD @@ -1243,6 +1243,7 @@ grpc_cc_library( "gpr", "grpc++_base_unsecure", "grpc++_codegen_proto", + "grpc_core_credentials_header", "grpc_public_hdrs", "grpc_security_base", "grpc_unsecure", @@ -2267,6 +2268,7 @@ grpc_cc_library( "exec_ctx", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_public_hdrs", "grpc_trace", "handshaker", @@ -2328,6 +2330,14 @@ grpc_cc_library( ], ) +# TODO(hork): split credentials types into their own source files and targets. +grpc_cc_library( + name = "grpc_core_credentials_header", + hdrs = ["include/grpc/credentials.h"], + language = "c++", + visibility = ["@grpc:core_credentials"], +) + grpc_cc_library( name = "alts_util", srcs = [ @@ -2355,6 +2365,7 @@ grpc_cc_library( deps = [ "alts_upb", "gpr", + "grpc_core_credentials_header", "grpc_public_hdrs", ], ) @@ -2428,6 +2439,7 @@ grpc_cc_library( "grpc", "grpc++_codegen_proto", "grpc_base", + "grpc_core_credentials_header", "grpc_credentials_util", "grpc_health_upb", "grpc_public_hdrs", @@ -2509,6 +2521,7 @@ grpc_cc_library( "exec_ctx", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_health_upb", "grpc_public_hdrs", "grpc_security_base", @@ -3860,6 +3873,7 @@ grpc_cc_library( "exec_ctx", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_public_hdrs", "grpc_security_base", "handshaker", @@ -3929,6 +3943,7 @@ grpc_cc_library( "exec_ctx", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_credentials_util", "grpc_security_base", "grpc_trace", @@ -4017,6 +4032,7 @@ grpc_cc_library( "exec_ctx", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_security_base", "tsi_alts_frame_protector", "tsi_base", @@ -4134,6 +4150,7 @@ grpc_cc_library( "config_vars", "gpr", "grpc_base", + "grpc_core_credentials_header", "grpc_credentials_util", "grpc_public_hdrs", "grpc_security_base", diff --git a/CMakeLists.txt b/CMakeLists.txt index b8ea2f99e2f..0ec682d102a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2694,6 +2694,7 @@ foreach(_hdr include/grpc/byte_buffer_reader.h include/grpc/census.h include/grpc/compression.h + include/grpc/credentials.h include/grpc/event_engine/endpoint_config.h include/grpc/event_engine/event_engine.h include/grpc/event_engine/extensible.h @@ -3395,6 +3396,7 @@ foreach(_hdr include/grpc/byte_buffer_reader.h include/grpc/census.h include/grpc/compression.h + include/grpc/credentials.h include/grpc/event_engine/endpoint_config.h include/grpc/event_engine/event_engine.h include/grpc/event_engine/extensible.h @@ -5452,6 +5454,7 @@ foreach(_hdr include/grpc/byte_buffer.h include/grpc/byte_buffer_reader.h include/grpc/compression.h + include/grpc/credentials.h include/grpc/event_engine/endpoint_config.h include/grpc/event_engine/event_engine.h include/grpc/event_engine/extensible.h diff --git a/Makefile b/Makefile index ac23dd86dc3..30be778e03d 100644 --- a/Makefile +++ b/Makefile @@ -1728,6 +1728,7 @@ PUBLIC_HEADERS_C += \ include/grpc/byte_buffer_reader.h \ include/grpc/census.h \ include/grpc/compression.h \ + include/grpc/credentials.h \ include/grpc/event_engine/endpoint_config.h \ include/grpc/event_engine/event_engine.h \ include/grpc/event_engine/extensible.h \ diff --git a/Package.swift b/Package.swift index 651d0d3822c..ce9e5e1bed5 100644 --- a/Package.swift +++ b/Package.swift @@ -45,6 +45,7 @@ let package = Package( "include/grpc/byte_buffer_reader.h", "include/grpc/census.h", "include/grpc/compression.h", + "include/grpc/credentials.h", "include/grpc/event_engine/endpoint_config.h", "include/grpc/event_engine/event_engine.h", "include/grpc/event_engine/extensible.h", diff --git a/bazel/grpc_build_system.bzl b/bazel/grpc_build_system.bzl index 1da3bac40ab..784547dc230 100644 --- a/bazel/grpc_build_system.bzl +++ b/bazel/grpc_build_system.bzl @@ -102,6 +102,7 @@ def _update_visibility(visibility): "chaotic_good": PRIVATE, "client_channel": PRIVATE, "cli": PRIVATE, + "core_credentials": PRIVATE, "debug_location": PRIVATE, "endpoint_tests": PRIVATE, "exec_ctx": PRIVATE, diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml index 6716d165cec..2084da2d886 100644 --- a/build_autogenerated.yaml +++ b/build_autogenerated.yaml @@ -149,6 +149,7 @@ libs: - include/grpc/byte_buffer_reader.h - include/grpc/census.h - include/grpc/compression.h + - include/grpc/credentials.h - include/grpc/event_engine/endpoint_config.h - include/grpc/event_engine/event_engine.h - include/grpc/event_engine/extensible.h @@ -2136,6 +2137,7 @@ libs: - include/grpc/byte_buffer_reader.h - include/grpc/census.h - include/grpc/compression.h + - include/grpc/credentials.h - include/grpc/event_engine/endpoint_config.h - include/grpc/event_engine/event_engine.h - include/grpc/event_engine/extensible.h @@ -4321,6 +4323,7 @@ libs: - include/grpc/byte_buffer.h - include/grpc/byte_buffer_reader.h - include/grpc/compression.h + - include/grpc/credentials.h - include/grpc/event_engine/endpoint_config.h - include/grpc/event_engine/event_engine.h - include/grpc/event_engine/extensible.h diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec index 46f43b36dfb..1624bceaeb2 100644 --- a/gRPC-Core.podspec +++ b/gRPC-Core.podspec @@ -119,6 +119,7 @@ Pod::Spec.new do |s| 'include/grpc/byte_buffer_reader.h', 'include/grpc/census.h', 'include/grpc/compression.h', + 'include/grpc/credentials.h', 'include/grpc/event_engine/endpoint_config.h', 'include/grpc/event_engine/event_engine.h', 'include/grpc/event_engine/extensible.h', diff --git a/grpc.def b/grpc.def index 41ad2dd61df..154e8eee94d 100644 --- a/grpc.def +++ b/grpc.def @@ -19,6 +19,70 @@ EXPORTS grpc_compression_options_enable_algorithm grpc_compression_options_disable_algorithm grpc_compression_options_is_algorithm_enabled + grpc_service_account_jwt_access_credentials_create + grpc_external_account_credentials_create + grpc_google_refresh_token_credentials_create + grpc_access_token_credentials_create + grpc_google_iam_credentials_create + grpc_sts_credentials_create + grpc_auth_metadata_context_copy + grpc_auth_metadata_context_reset + grpc_metadata_credentials_create_from_plugin + grpc_call_credentials_release + grpc_google_default_credentials_create + grpc_ssl_server_certificate_config_create + grpc_ssl_server_certificate_config_destroy + grpc_ssl_credentials_create + grpc_ssl_credentials_create_ex + grpc_ssl_server_credentials_create + grpc_ssl_server_credentials_create_ex + grpc_ssl_server_credentials_create_options_using_config + grpc_ssl_server_credentials_create_options_using_config_fetcher + grpc_ssl_server_credentials_options_destroy + grpc_ssl_server_credentials_create_with_options + grpc_server_credentials_set_auth_metadata_processor + grpc_composite_call_credentials_create + grpc_google_compute_engine_credentials_create + grpc_composite_channel_credentials_create + grpc_alts_credentials_client_options_create + grpc_alts_credentials_server_options_create + grpc_alts_credentials_client_options_add_target_service_account + grpc_alts_credentials_options_destroy + grpc_alts_credentials_create + grpc_alts_server_credentials_create + grpc_tls_identity_pairs_create + grpc_tls_identity_pairs_add_pair + grpc_tls_identity_pairs_destroy + grpc_tls_certificate_provider_static_data_create + grpc_tls_certificate_provider_file_watcher_create + grpc_tls_certificate_provider_release + grpc_tls_credentials_options_create + grpc_tls_credentials_options_set_min_tls_version + grpc_tls_credentials_options_set_max_tls_version + grpc_tls_credentials_options_copy + grpc_tls_credentials_options_destroy + grpc_tls_credentials_options_set_certificate_provider + grpc_tls_credentials_options_watch_root_certs + grpc_tls_credentials_options_set_root_cert_name + grpc_tls_credentials_options_watch_identity_key_cert_pairs + grpc_tls_credentials_options_set_identity_cert_name + grpc_tls_credentials_options_set_cert_request_type + grpc_tls_credentials_options_set_crl_directory + grpc_tls_credentials_options_set_verify_server_cert + grpc_tls_credentials_options_set_send_client_ca_list + grpc_ssl_session_cache_create_lru + grpc_ssl_session_cache_destroy + grpc_ssl_session_cache_create_channel_arg + grpc_set_ssl_roots_override_callback + grpc_max_auth_token_lifetime + grpc_insecure_credentials_create + grpc_insecure_server_credentials_create + grpc_xds_credentials_create + grpc_xds_server_credentials_create + grpc_local_credentials_create + grpc_local_server_credentials_create + grpc_tls_credentials_options_set_check_call_host + grpc_tls_credentials_options_set_tls_session_key_log_file_path grpc_metadata_array_init grpc_metadata_array_destroy grpc_call_details_init @@ -64,6 +128,7 @@ EXPORTS grpc_call_failed_before_recv_message grpc_call_ref grpc_call_unref + grpc_call_set_credentials grpc_server_request_call grpc_server_register_method grpc_server_request_registered_call @@ -110,74 +175,9 @@ EXPORTS grpc_auth_context_add_property grpc_auth_context_add_cstring_property grpc_auth_context_set_peer_identity_property_name - grpc_ssl_session_cache_create_lru - grpc_ssl_session_cache_destroy - grpc_ssl_session_cache_create_channel_arg - grpc_call_credentials_release - grpc_google_default_credentials_create - grpc_set_ssl_roots_override_callback - grpc_ssl_credentials_create - grpc_ssl_credentials_create_ex - grpc_composite_channel_credentials_create - grpc_composite_call_credentials_create - grpc_google_compute_engine_credentials_create - grpc_max_auth_token_lifetime - grpc_service_account_jwt_access_credentials_create - grpc_external_account_credentials_create - grpc_google_refresh_token_credentials_create - grpc_access_token_credentials_create - grpc_google_iam_credentials_create - grpc_sts_credentials_create - grpc_auth_metadata_context_copy - grpc_auth_metadata_context_reset - grpc_metadata_credentials_create_from_plugin - grpc_ssl_server_certificate_config_create - grpc_ssl_server_certificate_config_destroy - grpc_ssl_server_credentials_create - grpc_ssl_server_credentials_create_ex - grpc_ssl_server_credentials_create_options_using_config - grpc_ssl_server_credentials_create_options_using_config_fetcher - grpc_ssl_server_credentials_options_destroy - grpc_ssl_server_credentials_create_with_options - grpc_call_set_credentials - grpc_server_credentials_set_auth_metadata_processor - grpc_alts_credentials_client_options_create - grpc_alts_credentials_server_options_create - grpc_alts_credentials_client_options_add_target_service_account - grpc_alts_credentials_options_destroy - grpc_alts_credentials_create - grpc_alts_server_credentials_create - grpc_local_credentials_create - grpc_local_server_credentials_create - grpc_tls_identity_pairs_create - grpc_tls_identity_pairs_add_pair - grpc_tls_identity_pairs_destroy - grpc_tls_certificate_provider_static_data_create - grpc_tls_certificate_provider_file_watcher_create - grpc_tls_certificate_provider_release - grpc_tls_credentials_options_create - grpc_tls_credentials_options_set_min_tls_version - grpc_tls_credentials_options_set_max_tls_version - grpc_tls_credentials_options_copy - grpc_tls_credentials_options_destroy - grpc_tls_credentials_options_set_certificate_provider - grpc_tls_credentials_options_watch_root_certs - grpc_tls_credentials_options_set_root_cert_name - grpc_tls_credentials_options_watch_identity_key_cert_pairs - grpc_tls_credentials_options_set_identity_cert_name - grpc_tls_credentials_options_set_cert_request_type - grpc_tls_credentials_options_set_crl_directory - grpc_tls_credentials_options_set_verify_server_cert - grpc_tls_credentials_options_set_send_client_ca_list - grpc_tls_credentials_options_set_check_call_host - grpc_insecure_credentials_create - grpc_insecure_server_credentials_create - grpc_xds_credentials_create - grpc_xds_server_credentials_create grpc_authorization_policy_provider_static_data_create grpc_authorization_policy_provider_file_watcher_create grpc_authorization_policy_provider_release - grpc_tls_credentials_options_set_tls_session_key_log_file_path grpc_slice_ref grpc_slice_unref grpc_slice_copy diff --git a/grpc.gemspec b/grpc.gemspec index 73b32228479..3a986b6d65e 100644 --- a/grpc.gemspec +++ b/grpc.gemspec @@ -51,6 +51,7 @@ Gem::Specification.new do |s| s.files += %w( include/grpc/byte_buffer_reader.h ) s.files += %w( include/grpc/census.h ) s.files += %w( include/grpc/compression.h ) + s.files += %w( include/grpc/credentials.h ) s.files += %w( include/grpc/event_engine/endpoint_config.h ) s.files += %w( include/grpc/event_engine/event_engine.h ) s.files += %w( include/grpc/event_engine/extensible.h ) diff --git a/include/grpc/credentials.h b/include/grpc/credentials.h new file mode 100644 index 00000000000..71d1864dc24 --- /dev/null +++ b/include/grpc/credentials.h @@ -0,0 +1,1223 @@ +/* + * + * Copyright 2024 gRPC authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef GRPC_CREDENTIALS_H +#define GRPC_CREDENTIALS_H + +#include + +#include + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** --- grpc_call_credentials object --- + + A call credentials object represents a way to authenticate on a particular + call. These credentials can be composed with a channel credentials object + so that they are sent with every call on this channel. */ + +typedef struct grpc_call_credentials grpc_call_credentials; +typedef struct grpc_auth_context grpc_auth_context; + +/** Creates a JWT credentials object. May return NULL if the input is invalid. + - json_key is the JSON key string containing the client's private key. + - token_lifetime is the lifetime of each Json Web Token (JWT) created with + this credentials. It should not exceed grpc_max_auth_token_lifetime or + will be cropped to this value. */ +GRPCAPI grpc_call_credentials* +grpc_service_account_jwt_access_credentials_create(const char* json_key, + gpr_timespec token_lifetime, + void* reserved); + +/** Builds External Account credentials. + - json_string is the JSON string containing the credentials options. + - scopes_string contains the scopes to be binded with the credentials. + This API is used for experimental purposes for now and may change in the + future. */ +GRPCAPI grpc_call_credentials* grpc_external_account_credentials_create( + const char* json_string, const char* scopes_string); + +/** Creates an Oauth2 Refresh Token credentials object for connecting to Google. + May return NULL if the input is invalid. + WARNING: Do NOT use this credentials to connect to a non-google service as + this could result in an oauth2 token leak. + - json_refresh_token is the JSON string containing the refresh token itself + along with a client_id and client_secret. */ +GRPCAPI grpc_call_credentials* grpc_google_refresh_token_credentials_create( + const char* json_refresh_token, void* reserved); + +/** Creates an Oauth2 Access Token credentials with an access token that was + acquired by an out of band mechanism. */ +GRPCAPI grpc_call_credentials* grpc_access_token_credentials_create( + const char* access_token, void* reserved); + +/** Creates an IAM credentials object for connecting to Google. */ +GRPCAPI grpc_call_credentials* grpc_google_iam_credentials_create( + const char* authorization_token, const char* authority_selector, + void* reserved); + +/** Options for creating STS Oauth Token Exchange credentials following the IETF + draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. + Optional fields may be set to NULL or empty string. It is the responsibility + of the caller to ensure that the subject and actor tokens are refreshed on + disk at the specified paths. This API is used for experimental purposes for + now and may change in the future. */ +typedef struct { + const char* token_exchange_service_uri; /* Required. */ + const char* resource; /* Optional. */ + const char* audience; /* Optional. */ + const char* scope; /* Optional. */ + const char* requested_token_type; /* Optional. */ + const char* subject_token_path; /* Required. */ + const char* subject_token_type; /* Required. */ + const char* actor_token_path; /* Optional. */ + const char* actor_token_type; /* Optional. */ +} grpc_sts_credentials_options; + +/** Creates an STS credentials following the STS Token Exchanged specifi ed in the + IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. + This API is used for experimental purposes for now and may change in the + future. */ +GRPCAPI grpc_call_credentials* grpc_sts_credentials_create( + const grpc_sts_credentials_options* options, void* reserved); + +/** Context that can be used by metadata credentials plugin in order to create + auth related metadata. */ +typedef struct { + /** The fully qualifed service url. */ + const char* service_url; + + /** The method name of the RPC being called (not fully qualified). + The fully qualified method name can be built from the service_url: + full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */ + const char* method_name; + + /** The auth_context of the channel which gives the server's identity. */ + const grpc_auth_context* channel_auth_context; + + /** Reserved for future use. */ + void* reserved; +} grpc_auth_metadata_context; + +/** Performs a deep copy from \a from to \a to. **/ +GRPCAPI void grpc_auth_metadata_context_copy(grpc_auth_metadata_context* from, + grpc_auth_metadata_context* to); + +/** Releases internal resources held by \a context. **/ +GRPCAPI void grpc_auth_metadata_context_reset( + grpc_auth_metadata_context* context); + +/** Callback function to be called by the metadata credentials plugin + implementation when the metadata is ready. + - user_data is the opaque pointer that was passed in the get_metadata method + of the grpc_metadata_credentials_plugin (see below). + - creds_md is an array of credentials metadata produced by the plugin. It + may be set to NULL in case of an error. + - num_creds_md is the number of items in the creds_md array. + - status must be GRPC_STATUS_OK in case of success or another specific error + code otherwise. + - error_details contains details about the error if any. In case of success + it should be NULL and will be otherwise ignored. */ +typedef void (*grpc_credentials_plugin_metadata_cb)( + void* user_data, const grpc_metadata* creds_md, size_t num_creds_md, + grpc_status_code status, const char* error_details); + +/** Maximum number of metadata entries returnable by a credentials plugin via + a synchronous return. */ +#define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4 + +/** grpc_metadata_credentials plugin is an API user provided structure used to + create grpc_credentials objects that can be set on a channel (composed) or + a call. See grpc_credentials_metadata_create_from_plugin below. + The grpc client stack will call the get_metadata method of the plugin for + every call in scope for the credentials created from it. */ +typedef struct { + /** The implementation of this method has to be non-blocking, but can + be performed synchronously or asynchronously. + + If processing occurs synchronously, returns non-zero and populates + creds_md, num_creds_md, status, and error_details. In this case, + the caller takes ownership of the entries in creds_md and of + error_details. Note that if the plugin needs to return more than + GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX entries in creds_md, it must + return asynchronously. + + If processing occurs asynchronously, returns zero and invokes \a cb + when processing is completed. \a user_data will be passed as the + first parameter of the callback. NOTE: \a cb MUST be invoked in a + different thread, not from the thread in which \a get_metadata() is + invoked. + + \a context is the information that can be used by the plugin to create + auth metadata. */ + int (*get_metadata)( + void* state, grpc_auth_metadata_context context, + grpc_credentials_plugin_metadata_cb cb, void* user_data, + grpc_metadata creds_md[GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX], + size_t* num_creds_md, grpc_status_code* status, + const char** error_details); + + /** Implements debug string of the given plugin. This method returns an + * allocated string that the caller needs to free using gpr_free() */ + char* (*debug_string)(void* state); + + /** Destroys the plugin state. */ + void (*destroy)(void* state); + + /** State that will be set as the first parameter of the methods above. */ + void* state; + + /** Type of credentials that this plugin is implementing. */ + const char* type; +} grpc_metadata_credentials_plugin; + +/** Creates a credentials object from a plugin with a specified minimum security + * level. */ +GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin( + grpc_metadata_credentials_plugin plugin, + grpc_security_level min_security_level, void* reserved); + +/** --- channel credentials --- */ + +/** Releases a call credentials object. + The creator of the credentials object is responsible for its release. */ +GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds); + +/** Creates default credentials to connect to a google gRPC service. + WARNING: Do NOT use this credentials to connect to a non-google service as + this could result in an oauth2 token leak. The security level of the + resulting connection is GRPC_PRIVACY_AND_INTEGRITY. + + If specified, the supplied call credentials object will be attached to the + returned channel credentials object. The call_credentials object must remain + valid throughout the lifetime of the returned grpc_channel_credentials + object. It is expected that the call credentials object was generated + according to the Application Default Credentials mechanism and asserts the + identity of the default service account of the machine. Supplying any other + sort of call credential will result in undefined behavior, up to and + including the sudden and unexpected failure of RPCs. + + If nullptr is supplied, the returned channel credentials object will use a + call credentials object based on the Application Default Credentials + mechanism. +*/ +GRPCAPI grpc_channel_credentials* grpc_google_default_credentials_create( + grpc_call_credentials* call_credentials); + +/** Server certificate config object holds the server's public certificates and + associated private keys, as well as any CA certificates needed for client + certificate validation (if applicable). Create using + grpc_ssl_server_certificate_config_create(). */ +typedef struct grpc_ssl_server_certificate_config + grpc_ssl_server_certificate_config; + +/** Object that holds a private key / certificate chain pair in PEM format. */ +typedef struct { + /** private_key is the NULL-terminated string containing the PEM encoding of + the client's private key. */ + const char* private_key; + + /** cert_chain is the NULL-terminated string containing the PEM encoding of + the client's certificate chain. */ + const char* cert_chain; +} grpc_ssl_pem_key_cert_pair; + +/** Creates a grpc_ssl_server_certificate_config object. + - pem_roots_cert is the NULL-terminated string containing the PEM encoding of + the client root certificates. This parameter may be NULL if the server does + not want the client to be authenticated with SSL. + - pem_key_cert_pairs is an array private key / certificate chains of the + server. This parameter cannot be NULL. + - num_key_cert_pairs indicates the number of items in the private_key_files + and cert_chain_files parameters. It must be at least 1. + - It is the caller's responsibility to free this object via + grpc_ssl_server_certificate_config_destroy(). */ +GRPCAPI grpc_ssl_server_certificate_config* +grpc_ssl_server_certificate_config_create( + const char* pem_root_certs, + const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, + size_t num_key_cert_pairs); + +/** Destroys a grpc_ssl_server_certificate_config object. */ +GRPCAPI void grpc_ssl_server_certificate_config_destroy( + grpc_ssl_server_certificate_config* config); + +/** Callback to retrieve updated SSL server certificates, private keys, and + trusted CAs (for client authentication). + - user_data parameter, if not NULL, contains opaque data to be used by the + callback. + - Use grpc_ssl_server_certificate_config_create to create the config. + - The caller assumes ownership of the config. */ +typedef grpc_ssl_certificate_config_reload_status ( + *grpc_ssl_server_certificate_config_callback)( + void* user_data, grpc_ssl_server_certificate_config** config); + +/** Deprecated in favor of grpc_ssl_verify_peer_options. It will be removed + after all of its call sites are migrated to grpc_ssl_verify_peer_options. + Object that holds additional peer-verification options on a secure + channel. */ +typedef struct { + /** If non-NULL this callback will be invoked with the expected + target_name, the peer's certificate (in PEM format), and whatever + userdata pointer is set below. If a non-zero value is returned by this + callback then it is treated as a verification failure. Invocation of + the callback is blocking, so any implementation should be light-weight. + */ + int (*verify_peer_callback)(const char* target_name, const char* peer_pem, + void* userdata); + /** Arbitrary userdata that will be passed as the last argument to + verify_peer_callback. */ + void* verify_peer_callback_userdata; + /** A destruct callback that will be invoked when the channel is being + cleaned up. The userdata argument will be passed to it. The intent is + to perform any cleanup associated with that userdata. */ + void (*verify_peer_destruct)(void* userdata); +} verify_peer_options; + +/** Object that holds additional peer-verification options on a secure + channel. */ +typedef struct { + /** If non-NULL this callback will be invoked with the expected + target_name, the peer's certificate (in PEM format), and whatever + userdata pointer is set below. If a non-zero value is returned by this + callback then it is treated as a verification failure. Invocation of + the callback is blocking, so any implementation should be light-weight. + */ + int (*verify_peer_callback)(const char* target_name, const char* peer_pem, + void* userdata); + /** Arbitrary userdata that will be passed as the last argument to + verify_peer_callback. */ + void* verify_peer_callback_userdata; + /** A destruct callback that will be invoked when the channel is being + cleaned up. The userdata argument will be passed to it. The intent is + to perform any cleanup associated with that userdata. */ + void (*verify_peer_destruct)(void* userdata); +} grpc_ssl_verify_peer_options; + +/** Deprecated in favor of grpc_ssl_server_credentials_create_ex. It will be + removed after all of its call sites are migrated to + grpc_ssl_server_credentials_create_ex. Creates an SSL credentials object. + The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. + - pem_root_certs is the NULL-terminated string containing the PEM encoding + of the server root certificates. If this parameter is NULL, the + implementation will first try to dereference the file pointed by the + GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, + try to get the roots set by grpc_override_ssl_default_roots. Eventually, + if all these fail, it will try to get the roots from a well-known place on + disk (in the grpc install directory). + + gRPC has implemented root cache if the underlying OpenSSL library supports + it. The gRPC root certificates cache is only applicable on the default + root certificates, which is used when this parameter is nullptr. If user + provides their own pem_root_certs, when creating an SSL credential object, + gRPC would not be able to cache it, and each subchannel will generate a + copy of the root store. So it is recommended to avoid providing large room + pem with pem_root_certs parameter to avoid excessive memory consumption, + particularly on mobile platforms such as iOS. + - pem_key_cert_pair is a pointer on the object containing client's private + key and certificate chain. This parameter can be NULL if the client does + not have such a key/cert pair. + - verify_options is an optional verify_peer_options object which holds + additional options controlling how peer certificates are verified. For + example, you can supply a callback which receives the peer's certificate + with which you can do additional verification. Can be NULL, in which + case verification will retain default behavior. Any settings in + verify_options are copied during this call, so the verify_options + object can be released afterwards. */ +GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create( + const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, + const verify_peer_options* verify_options, void* reserved); + +/* Creates an SSL credentials object. + The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. + - pem_root_certs is the NULL-terminated string containing the PEM encoding + of the server root certificates. If this parameter is NULL, the + implementation will first try to dereference the file pointed by the + GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, + try to get the roots set by grpc_override_ssl_default_roots. Eventually, + if all these fail, it will try to get the roots from a well-known place on + disk (in the grpc install directory). + + gRPC has implemented root cache if the underlying OpenSSL library supports + it. The gRPC root certificates cache is only applicable on the default + root certificates, which is used when this parameter is nullptr. If user + provides their own pem_root_certs, when creating an SSL credential object, + gRPC would not be able to cache it, and each subchannel will generate a + copy of the root store. So it is recommended to avoid providing large room + pem with pem_root_certs parameter to avoid excessive memory consumption, + particularly on mobile platforms such as iOS. + - pem_key_cert_pair is a pointer on the object containing client's private + key and certificate chain. This parameter can be NULL if the client does + not have such a key/cert pair. + - verify_options is an optional verify_peer_options object which holds + additional options controlling how peer certificates are verified. For + example, you can supply a callback which receives the peer's certificate + with which you can do additional verification. Can be NULL, in which + case verification will retain default behavior. Any settings in + verify_options are copied during this call, so the verify_options + object can be released afterwards. */ +GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create_ex( + const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, + const grpc_ssl_verify_peer_options* verify_options, void* reserved); + +/** --- server credentials --- */ + +/** Deprecated in favor of grpc_ssl_server_credentials_create_ex. + Creates an SSL server_credentials object. + - pem_roots_cert is the NULL-terminated string containing the PEM encoding of + the client root certificates. This parameter may be NULL if the server does + not want the client to be authenticated with SSL. + - pem_key_cert_pairs is an array private key / certificate chains of the + server. This parameter cannot be NULL. + - num_key_cert_pairs indicates the number of items in the private_key_files + and cert_chain_files parameters. It should be at least 1. + - force_client_auth, if set to non-zero will force the client to authenticate + with an SSL cert. Note that this option is ignored if pem_root_certs is + NULL. */ +GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create( + const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, + size_t num_key_cert_pairs, int force_client_auth, void* reserved); + +/** Deprecated in favor of grpc_ssl_server_credentials_create_with_options. + Same as grpc_ssl_server_credentials_create method except uses + grpc_ssl_client_certificate_request_type enum to support more ways to + authenticate client certificates.*/ +GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_ex( + const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, + size_t num_key_cert_pairs, + grpc_ssl_client_certificate_request_type client_certificate_request, + void* reserved); + +typedef struct grpc_ssl_server_credentials_options + grpc_ssl_server_credentials_options; + +/** Creates an options object using a certificate config. Use this method when + the certificates and keys of the SSL server will not change during the + server's lifetime. + - Takes ownership of the certificate_config parameter. */ +GRPCAPI grpc_ssl_server_credentials_options* +grpc_ssl_server_credentials_create_options_using_config( + grpc_ssl_client_certificate_request_type client_certificate_request, + grpc_ssl_server_certificate_config* certificate_config); + +/** Creates an options object using a certificate config fetcher. Use this + method to reload the certificates and keys of the SSL server without + interrupting the operation of the server. Initial certificate config will be + fetched during server initialization. + - user_data parameter, if not NULL, contains opaque data which will be passed + to the fetcher (see definition of + grpc_ssl_server_certificate_config_callback). */ +GRPCAPI grpc_ssl_server_credentials_options* +grpc_ssl_server_credentials_create_options_using_config_fetcher( + grpc_ssl_client_certificate_request_type client_certificate_request, + grpc_ssl_server_certificate_config_callback cb, void* user_data); + +/** Destroys a grpc_ssl_server_credentials_options object. */ +GRPCAPI void grpc_ssl_server_credentials_options_destroy( + grpc_ssl_server_credentials_options* options); + +/** Creates an SSL server_credentials object using the provided options struct. + - Takes ownership of the options parameter. */ +GRPCAPI grpc_server_credentials* +grpc_ssl_server_credentials_create_with_options( + grpc_ssl_server_credentials_options* options); + +/** --- Auth Metadata Processing --- */ + +/** Callback function that is called when the metadata processing is done. + - Consumed metadata will be removed from the set of metadata available on the + call. consumed_md may be NULL if no metadata has been consumed. + - Response metadata will be set on the response. response_md may be NULL. + - status is GRPC_STATUS_OK for success or a specific status for an error. + Common error status for auth metadata processing is either + GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or + GRPC_STATUS PERMISSION_DENIED in case of an authorization failure. + - error_details gives details about the error. May be NULL. */ +typedef void (*grpc_process_auth_metadata_done_cb)( + void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md, + const grpc_metadata* response_md, size_t num_response_md, + grpc_status_code status, const char* error_details); + +/** Pluggable server-side metadata processor object. */ +typedef struct { + /** The context object is read/write: it contains the properties of the + channel peer and it is the job of the process function to augment it with + properties derived from the passed-in metadata. + The lifetime of these objects is guaranteed until cb is invoked. */ + void (*process)(void* state, grpc_auth_context* context, + const grpc_metadata* md, size_t num_md, + grpc_process_auth_metadata_done_cb cb, void* user_data); + void (*destroy)(void* state); + void* state; +} grpc_auth_metadata_processor; + +GRPCAPI void grpc_server_credentials_set_auth_metadata_processor( + grpc_server_credentials* creds, grpc_auth_metadata_processor processor); + +/** --- composite credentials --- */ + +/** Creates a composite call credentials object. */ +GRPCAPI grpc_call_credentials* grpc_composite_call_credentials_create( + grpc_call_credentials* creds1, grpc_call_credentials* creds2, + void* reserved); + +/** Creates a compute engine credentials object for connecting to Google. + WARNING: Do NOT use this credentials to connect to a non-google service as + this could result in an oauth2 token leak. */ +GRPCAPI grpc_call_credentials* grpc_google_compute_engine_credentials_create( + void* reserved); + +/** Creates a composite channel credentials object. The security level of + * resulting connection is determined by channel_creds. */ +GRPCAPI grpc_channel_credentials* grpc_composite_channel_credentials_create( + grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds, + void* reserved); + +/** --- ALTS channel/server credentials --- **/ + +/** + * Main interface for ALTS credentials options. The options will contain + * information that will be passed from grpc to TSI layer such as RPC protocol + * versions. ALTS client (channel) and server credentials will have their own + * implementation of this interface. The APIs listed in this header are + * thread-compatible. It is used for experimental purpose for now and subject + * to change. + */ +typedef struct grpc_alts_credentials_options grpc_alts_credentials_options; + +/** + * This method creates a grpc ALTS credentials client options instance. + * It is used for experimental purpose for now and subject to change. + */ +GRPCAPI grpc_alts_credentials_options* +grpc_alts_credentials_client_options_create(void); + +/** + * This method creates a grpc ALTS credentials server options instance. + * It is used for experimental purpose for now and subject to change. + */ +GRPCAPI grpc_alts_credentials_options* +grpc_alts_credentials_server_options_create(void); + +/** + * This method adds a target service account to grpc client's ALTS credentials + * options instance. It is used for experimental purpose for now and subject + * to change. + * + * - options: grpc ALTS credentials options instance. + * - service_account: service account of target endpoint. + */ +GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account( + grpc_alts_credentials_options* options, const char* service_account); + +/** + * This method destroys a grpc_alts_credentials_options instance by + * de-allocating all of its occupied memory. It is used for experimental purpose + * for now and subject to change. + * + * - options: a grpc_alts_credentials_options instance that needs to be + * destroyed. + */ +GRPCAPI void grpc_alts_credentials_options_destroy( + grpc_alts_credentials_options* options); + +/** + * This method creates an ALTS channel credential object. The security + * level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. + * It is used for experimental purpose for now and subject to change. + * + * - options: grpc ALTS credentials options instance for client. + * + * It returns the created ALTS channel credential object. + */ +GRPCAPI grpc_channel_credentials* grpc_alts_credentials_create( + const grpc_alts_credentials_options* options); + +/** + * This method creates an ALTS server credential object. It is used for + * experimental purpose for now and subject to change. + * + * - options: grpc ALTS credentials options instance for server. + * + * It returns the created ALTS server credential object. + */ +GRPCAPI grpc_server_credentials* grpc_alts_server_credentials_create( + const grpc_alts_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * A struct that can be specified by callers to configure underlying TLS + * behaviors. + */ +typedef struct grpc_tls_credentials_options grpc_tls_credentials_options; + +/** --- TLS channel/server credentials --- + * It is used for experimental purpose for now and subject to change. */ + +/** + * EXPERIMENTAL API - Subject to change + * + * A struct provides ways to gain credential data that will be used in the TLS + * handshake. + */ +typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider; + +/** + * EXPERIMENTAL API - Subject to change + * + * A struct that stores the credential data presented to the peer in handshake + * to show local identity. + */ +typedef struct grpc_tls_identity_pairs grpc_tls_identity_pairs; + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates a grpc_tls_identity_pairs that stores a list of identity credential + * data, including identity private key and identity certificate chain. + */ +GRPCAPI grpc_tls_identity_pairs* grpc_tls_identity_pairs_create(); + +/** + * EXPERIMENTAL API - Subject to change + * + * Adds a identity private key and a identity certificate chain to + * grpc_tls_identity_pairs. This function will make an internal copy of + * |private_key| and |cert_chain|. + */ +GRPCAPI void grpc_tls_identity_pairs_add_pair(grpc_tls_identity_pairs* pairs, + const char* private_key, + const char* cert_chain); + +/** + * EXPERIMENTAL API - Subject to change + * + * Destroys a grpc_tls_identity_pairs object. If this object is passed to a + * provider initiation function, the ownership is transferred so this function + * doesn't need to be called. Otherwise the creator of the + * grpc_tls_identity_pairs object is responsible for its destruction. + */ +GRPCAPI void grpc_tls_identity_pairs_destroy(grpc_tls_identity_pairs* pairs); + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates a grpc_tls_certificate_provider that will load credential data from + * static string during initialization. This provider will always return the + * same cert data for all cert names. + * root_certificate and pem_key_cert_pairs can be nullptr, indicating the + * corresponding credential data is not needed. + * This function will make a copy of |root_certificate|. + * The ownership of |pem_key_cert_pairs| is transferred. + */ +GRPCAPI grpc_tls_certificate_provider* +grpc_tls_certificate_provider_static_data_create( + const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs); + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates a grpc_tls_certificate_provider that will watch the credential + * changes on the file system. This provider will always return the up-to-date + * cert data for all the cert names callers set through + * |grpc_tls_credentials_options|. Note that this API only supports one key-cert + * file and hence one set of identity key-cert pair, so SNI(Server Name + * Indication) is not supported. + * - private_key_path is the file path of the private key. This must be set if + * |identity_certificate_path| is set. Otherwise, it could be null if no + * identity credentials are needed. + * - identity_certificate_path is the file path of the identity certificate + * chain. This must be set if |private_key_path| is set. Otherwise, it could + * be null if no identity credentials are needed. + * - root_cert_path is the file path to the root certificate bundle. This + * may be null if no root certs are needed. + * - refresh_interval_sec is the refreshing interval that we will check the + * files for updates. + * It does not take ownership of parameters. + */ +GRPCAPI grpc_tls_certificate_provider* +grpc_tls_certificate_provider_file_watcher_create( + const char* private_key_path, const char* identity_certificate_path, + const char* root_cert_path, unsigned int refresh_interval_sec); + +/** + * EXPERIMENTAL API - Subject to change + * + * Releases a grpc_tls_certificate_provider object. The creator of the + * grpc_tls_certificate_provider object is responsible for its release. + */ +GRPCAPI void grpc_tls_certificate_provider_release( + grpc_tls_certificate_provider* provider); + +/** + * EXPERIMENTAL API - Subject to change + * + * The read-only request information exposed in a verification call. + * Callers should not directly manage the ownership of it. We will make sure it + * is always available inside verify() or cancel() call, and will destroy the + * object at the end of custom verification. + */ +typedef struct grpc_tls_custom_verification_check_request { + /* The target name of the server when the client initiates the connection. */ + /* This field will be nullptr if on the server side. */ + const char* target_name; + /* The information contained in the certificate chain sent from the peer. */ + struct peer_info { + /* The Common Name field on the peer leaf certificate. */ + const char* common_name; + /* The list of Subject Alternative Names on the peer leaf certificate. */ + struct san_names { + char** uri_names; + size_t uri_names_size; + char** dns_names; + size_t dns_names_size; + char** email_names; + size_t email_names_size; + char** ip_names; + size_t ip_names_size; + } san_names; + /* The raw peer leaf certificate. */ + const char* peer_cert; + /* The raw peer certificate chain. Note that it is not always guaranteed to + * get the peer full chain. For more, please refer to + * GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME defined in file + * grpc_security_constants.h. + * TODO(ZhenLian): Consider fixing this in the future. */ + const char* peer_cert_full_chain; + /* The verified root cert subject. + * This value will only be filled if the cryptographic peer certificate + * verification was successful */ + const char* verified_root_cert_subject; + } peer_info; +} grpc_tls_custom_verification_check_request; + +/** + * EXPERIMENTAL API - Subject to change + * + * A callback function provided by gRPC as a parameter of the |verify| function + * in grpc_tls_certificate_verifier_external. If |verify| is expected to be run + * asynchronously, the implementer of |verify| will need to invoke this callback + * with |callback_arg| and proper verification status at the end to bring the + * control back to gRPC C core. + */ +typedef void (*grpc_tls_on_custom_verification_check_done_cb)( + grpc_tls_custom_verification_check_request* request, void* callback_arg, + grpc_status_code status, const char* error_details); + +/** + * EXPERIMENTAL API - Subject to change + * + * The internal verifier type that will be used inside core. + */ +typedef struct grpc_tls_certificate_verifier grpc_tls_certificate_verifier; + +/** + * EXPERIMENTAL API - Subject to change + * + * A struct containing all the necessary functions a custom external verifier + * needs to implement to be able to be converted to an internal verifier. + */ +typedef struct grpc_tls_certificate_verifier_external { + void* user_data; + /** + * A function pointer containing the verification logic that will be + * performed after the TLS handshake is done. It could be processed + * synchronously or asynchronously. + * - If expected to be processed synchronously, the implementer should + * populate the verification result through |sync_status| and + * |sync_error_details|, and then return true. + * - If expected to be processed asynchronously, the implementer should return + * false immediately, and then in the asynchronous thread invoke |callback| + * with the verification result. The implementer MUST NOT invoke the async + * |callback| in the same thread before |verify| returns, otherwise it can + * lead to deadlocks. + * + * user_data: any argument that is passed in the user_data of + * grpc_tls_certificate_verifier_external during construction time + * can be retrieved later here. + * request: request information exposed to the function implementer. + * callback: the callback that the function implementer needs to invoke, if + * return a non-zero value. It is usually invoked when the + * asynchronous verification is done, and serves to bring the + * control back to gRPC. + * callback_arg: A pointer to the internal ExternalVerifier instance. This is + * mainly used as an argument in |callback|, if want to invoke + * |callback| in async mode. + * sync_status: indicates if a connection should be allowed. This should only + * be used if the verification check is done synchronously. + * sync_error_details: the error generated while verifying a connection. This + * should only be used if the verification check is done + * synchronously. the implementation must allocate the + * error string via gpr_malloc() or gpr_strdup(). + * return: return 0 if |verify| is expected to be executed asynchronously, + * otherwise return a non-zero value. + */ + int (*verify)(void* user_data, + grpc_tls_custom_verification_check_request* request, + grpc_tls_on_custom_verification_check_done_cb callback, + void* callback_arg, grpc_status_code* sync_status, + char** sync_error_details); + /** + * A function pointer that cleans up the caller-specified resources when the + * verifier is still running but the whole connection got cancelled. This + * could happen when the verifier is doing some async operations, and the + * whole handshaker object got destroyed because of connection time limit is + * reached, or any other reasons. In such cases, function implementers might + * want to be notified, and properly clean up some resources. + * + * user_data: any argument that is passed in the user_data of + * grpc_tls_certificate_verifier_external during construction time + * can be retrieved later here. + * request: request information exposed to the function implementer. It will + * be the same request object that was passed to verify(), and it + * tells the cancel() which request to cancel. + */ + void (*cancel)(void* user_data, + grpc_tls_custom_verification_check_request* request); + /** + * A function pointer that does some additional destruction work when the + * verifier is destroyed. This is used when the caller wants to associate some + * objects to the lifetime of external_verifier, and destroy them when + * external_verifier got destructed. For example, in C++, the class containing + * user-specified callback functions should not be destroyed before + * external_verifier, since external_verifier will invoke them while being + * used. + * Note that the caller MUST delete the grpc_tls_certificate_verifier_external + * object itself in this function, otherwise it will cause memory leaks. That + * also means the user_data has to carries at least a self pointer, for the + * callers to later delete it in destruct(). + * + * user_data: any argument that is passed in the user_data of + * grpc_tls_certificate_verifier_external during construction time + * can be retrieved later here. + */ + void (*destruct)(void* user_data); +} grpc_tls_certificate_verifier_external; + +/** + * EXPERIMENTAL API - Subject to change + * + * Converts an external verifier to an internal verifier. + * Note that we will not take the ownership of the external_verifier. Callers + * will need to delete external_verifier in its own destruct function. + */ +grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_external_create( + grpc_tls_certificate_verifier_external* external_verifier); + +/** + * EXPERIMENTAL API - Subject to change + * + * Factory function for an internal verifier that won't perform any + * post-handshake verification. Note: using this solely without any other + * authentication mechanisms on the peer identity will leave your applications + * to the MITM(Man-In-The-Middle) attacks. Users should avoid doing so in + * production environments. + */ +grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_no_op_create(); + +/** + * EXPERIMENTAL API - Subject to change + * + * Factory function for an internal verifier that will do the default hostname + * check. + */ +grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_host_name_create(); + +/** + * EXPERIMENTAL API - Subject to change + * + * Releases a grpc_tls_certificate_verifier object. The creator of the + * grpc_tls_certificate_verifier object is responsible for its release. + */ +void grpc_tls_certificate_verifier_release( + grpc_tls_certificate_verifier* verifier); + +/** + * EXPERIMENTAL API - Subject to change + * + * Performs the verification logic of an internal verifier. + * This is typically used when composing the internal verifiers as part of the + * custom verification. + * If |grpc_tls_certificate_verifier_verify| returns true, inspect the + * verification result through request->status and request->error_details. + * Otherwise, inspect through the parameter of |callback|. + */ +int grpc_tls_certificate_verifier_verify( + grpc_tls_certificate_verifier* verifier, + grpc_tls_custom_verification_check_request* request, + grpc_tls_on_custom_verification_check_done_cb callback, void* callback_arg, + grpc_status_code* sync_status, char** sync_error_details); + +/** + * EXPERIMENTAL API - Subject to change + * + * Performs the cancellation logic of an internal verifier. + * This is typically used when composing the internal verifiers as part of the + * custom verification. + */ +void grpc_tls_certificate_verifier_cancel( + grpc_tls_certificate_verifier* verifier, + grpc_tls_custom_verification_check_request* request); + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates an grpc_tls_credentials_options. + */ +GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_create(void); + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates a TLS channel credential object based on the + * grpc_tls_credentials_options specified by callers. The + * grpc_channel_credentials will take the ownership of the |options|. The + * security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. + */ +grpc_channel_credentials* grpc_tls_credentials_create( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * Creates a TLS server credential object based on the + * grpc_tls_credentials_options specified by callers. The + * grpc_server_credentials will take the ownership of the |options|. + */ +grpc_server_credentials* grpc_tls_server_credentials_create( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the minimum TLS version that will be negotiated during the TLS + * handshake. If not set, the underlying SSL library will set it to TLS v1.2. + */ +GRPCAPI void grpc_tls_credentials_options_set_min_tls_version( + grpc_tls_credentials_options* options, grpc_tls_version min_tls_version); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the maximum TLS version that will be negotiated during the TLS + * handshake. If not set, the underlying SSL library will set it to TLS v1.3. + */ +GRPCAPI void grpc_tls_credentials_options_set_max_tls_version( + grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); + +/** + * EXPERIMENTAL API - Subject to change + * + * Copies a grpc_tls_credentials_options. + */ +GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_copy( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * Destroys a grpc_tls_credentials_options. + */ +GRPCAPI void grpc_tls_credentials_options_destroy( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * A struct provides ways to gain credential data that will be used in the TLS + * handshake. + */ +typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider; + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the credential provider in the options. + * The |options| will implicitly take a new ref to the |provider|. + */ +GRPCAPI void grpc_tls_credentials_options_set_certificate_provider( + grpc_tls_credentials_options* options, + grpc_tls_certificate_provider* provider); + +/** + * EXPERIMENTAL API - Subject to change + * + * If set, gRPC stack will keep watching the root certificates with + * name |root_cert_name|. + * If this is not set on the client side, we will use the root certificates + * stored in the default system location, since client side must provide root + * certificates in TLS. + * If this is not set on the server side, we will not watch any root certificate + * updates, and assume no root certificates needed for the server(single-side + * TLS). Default root certs on the server side is not supported. + */ +GRPCAPI void grpc_tls_credentials_options_watch_root_certs( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the name of the root certificates being watched. + * If not set, We will use a default empty string as the root certificate name. + */ +GRPCAPI void grpc_tls_credentials_options_set_root_cert_name( + grpc_tls_credentials_options* options, const char* root_cert_name); + +/** + * EXPERIMENTAL API - Subject to change + * + * If set, gRPC stack will keep watching the identity key-cert pairs + * with name |identity_cert_name|. + * This is required on the server side, and optional on the client side. + */ +GRPCAPI void grpc_tls_credentials_options_watch_identity_key_cert_pairs( + grpc_tls_credentials_options* options); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the name of the identity certificates being watched. + * If not set, We will use a default empty string as the identity certificate + * name. + */ +GRPCAPI void grpc_tls_credentials_options_set_identity_cert_name( + grpc_tls_credentials_options* options, const char* identity_cert_name); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the options of whether to request and/or verify client certs. This shall + * only be called on the server side. + */ +GRPCAPI void grpc_tls_credentials_options_set_cert_request_type( + grpc_tls_credentials_options* options, + grpc_ssl_client_certificate_request_type type); + +/** Deprecated in favor of grpc_tls_credentials_options_set_crl_provider. The + * crl provider interface provides a significantly more flexible approach to + * using CRLs. See gRFC A69 for details. + * EXPERIMENTAL API - Subject to change + * + * If set, gRPC will read all hashed x.509 CRL files in the directory and + * enforce the CRL files on all TLS handshakes. Only supported for OpenSSL + * version > 1.1. + * It is used for experimental purpose for now and subject to change. + */ +GRPCAPI void grpc_tls_credentials_options_set_crl_directory( + grpc_tls_credentials_options* options, const char* crl_directory); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the options of whether to verify server certs on the client side. + * Passing in a non-zero value indicates verifying the certs. + */ +GRPCAPI void grpc_tls_credentials_options_set_verify_server_cert( + grpc_tls_credentials_options* options, int verify_server_cert); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets whether or not a TLS server should send a list of CA names in the + * ServerHello. This list of CA names is read from the server's trust bundle, so + * that the client can use this list as a hint to know which certificate it + * should send to the server. + * + * WARNING: This API is extremely dangerous and should not be used. If the + * server's trust bundle is too large, then the TLS server will be unable to + * form a ServerHello, and hence will be unusable. The definition of "too large" + * depends on the underlying SSL library being used and on the size of the CN + * fields of the certificates in the trust bundle. + */ +GRPCAPI void grpc_tls_credentials_options_set_send_client_ca_list( + grpc_tls_credentials_options* options, bool send_client_ca_list); + +/** --- SSL Session Cache. --- + + A SSL session cache object represents a way to cache client sessions + between connections. Only ticket-based resumption is supported. */ + +typedef struct grpc_ssl_session_cache grpc_ssl_session_cache; + +/** Create LRU cache for client-side SSL sessions with the given capacity. + If capacity is < 1, a default capacity is used instead. */ +GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru( + size_t capacity); + +/** Destroy SSL session cache. */ +GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache); + +/** Create a channel arg with the given cache object. */ +GRPCAPI grpc_arg +grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache); + +/** Callback for getting the SSL roots override from the application. + In case of success, *pem_roots_certs must be set to a NULL terminated string + containing the list of PEM encoded root certificates. The ownership is passed + to the core and freed (laster by the core) with gpr_free. + If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is + set to a valid path, it will override the roots specified this func */ +typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)( + char** pem_root_certs); + +/** Setup a callback to override the default TLS/SSL roots. + This function is not thread-safe and must be called at initialization time + before any ssl credentials are created to have the desired side effect. + If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the + callback will not be called. */ +GRPCAPI void grpc_set_ssl_roots_override_callback( + grpc_ssl_roots_override_callback cb); + +GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void); + +/** --- insecure credentials --- */ + +/** + * EXPERIMENTAL API - Subject to change + * + * This method creates an insecure channel credentials object. + */ +GRPCAPI grpc_channel_credentials* grpc_insecure_credentials_create(); + +/** + * EXPERIMENTAL API - Subject to change + * + * This method creates an insecure server credentials object. + */ +GRPCAPI grpc_server_credentials* grpc_insecure_server_credentials_create(); + +/** + * EXPERIMENTAL API - Subject to change + * + * This method creates an xDS channel credentials object. + * + * Creating a channel with credentials of this type indicates that the channel + * should get credentials configuration from the xDS control plane. + * + * \a fallback_credentials are used if the channel target does not have the + * 'xds:///' scheme or if the xDS control plane does not provide information on + * how to fetch credentials dynamically. Does NOT take ownership of the \a + * fallback_credentials. (Internally takes a ref to the object.) + */ +GRPCAPI grpc_channel_credentials* grpc_xds_credentials_create( + grpc_channel_credentials* fallback_credentials); + +/** + * EXPERIMENTAL API - Subject to change + * + * This method creates an xDS server credentials object. + * + * \a fallback_credentials are used if the xDS control plane does not provide + * information on how to fetch credentials dynamically. + * + * Does NOT take ownership of the \a fallback_credentials. (Internally takes + * a ref to the object.) + */ +GRPCAPI grpc_server_credentials* grpc_xds_server_credentials_create( + grpc_server_credentials* fallback_credentials); + +/** --- Local channel/server credentials --- **/ + +/** + * This method creates a local channel credential object. The security level + * of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY for UDS and + * GRPC_SECURITY_NONE for LOCAL_TCP. It is used for experimental purpose + * for now and subject to change. + * + * - type: local connection type + * + * It returns the created local channel credential object. + */ +GRPCAPI grpc_channel_credentials* grpc_local_credentials_create( + grpc_local_connect_type type); + +/** + * This method creates a local server credential object. It is used for + * experimental purpose for now and subject to change. + * + * - type: local connection type + * + * It returns the created local server credential object. + */ +GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create( + grpc_local_connect_type type); + +/** + * EXPERIMENTAL API - Subject to change + * + * The internal verifier type that will be used inside core. + */ +typedef struct grpc_tls_certificate_verifier grpc_tls_certificate_verifier; + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the verifier in options. The |options| will implicitly take a new ref to + * the |verifier|. If not set on the client side, we will verify server's + * certificates, and check the default hostname. If not set on the server side, + * we will verify client's certificates. + */ +void grpc_tls_credentials_options_set_certificate_verifier( + grpc_tls_credentials_options* options, + grpc_tls_certificate_verifier* verifier); + +/** + * EXPERIMENTAL API - Subject to change + * + * Sets the options of whether to check the hostname of the peer on a per-call + * basis. This is usually used in a combination with virtual hosting at the + * client side, where each individual call on a channel can have a different + * host associated with it. + * This check is intended to verify that the host specified for the individual + * call is covered by the cert that the peer presented. + * The default is a non-zero value, which indicates performing such checks. + */ +GRPCAPI void grpc_tls_credentials_options_set_check_call_host( + grpc_tls_credentials_options* options, int check_call_host); + +/** --- TLS session key logging. --- + * Experimental API to control tls session key logging. Tls session key logging + * is expected to be used only for debugging purposes and never in production. + * Tls session key logging is only enabled when: + * At least one grpc_tls_credentials_options object is assigned a tls session + * key logging file path using the API specified below. + */ + +/** + * EXPERIMENTAL API - Subject to change. + * Configures a grpc_tls_credentials_options object with tls session key + * logging capability. TLS channels using these credentials have tls session + * key logging enabled. + * - options is the grpc_tls_credentials_options object + * - path is a string pointing to the location where TLS session keys would be + * stored. + */ +GRPCAPI void grpc_tls_credentials_options_set_tls_session_key_log_file_path( + grpc_tls_credentials_options* options, const char* path); + +#ifdef __cplusplus +} +#endif + +#endif /* GRPC_CREDENTIALS_H */ diff --git a/include/grpc/grpc.h b/include/grpc/grpc.h index 20527730358..d293907eac0 100644 --- a/include/grpc/grpc.h +++ b/include/grpc/grpc.h @@ -361,6 +361,13 @@ GRPCAPI void grpc_call_ref(grpc_call* call); THREAD SAFETY: grpc_call_unref is thread-compatible */ GRPCAPI void grpc_call_unref(grpc_call* call); +typedef struct grpc_call_credentials grpc_call_credentials; + +/** Sets a credentials to a call. Can only be called on the client side before + grpc_call_start_batch. */ +GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call* call, + grpc_call_credentials* creds); + /** Request notification of a new call. Once a call is received, a notification tagged with \a tag_new is added to \a cq_for_notification. \a call, \a details and \a request_metadata are diff --git a/include/grpc/grpc_crl_provider.h b/include/grpc/grpc_crl_provider.h index 04e8ffa0901..35d6df6f939 100644 --- a/include/grpc/grpc_crl_provider.h +++ b/include/grpc/grpc_crl_provider.h @@ -25,6 +25,7 @@ #include "absl/status/statusor.h" #include "absl/strings/string_view.h" +#include #include #include diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 5524170a2ac..11e08a6f4a1 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -101,1157 +101,6 @@ GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx, GRPCAPI int grpc_auth_context_set_peer_identity_property_name( grpc_auth_context* ctx, const char* name); -/** --- SSL Session Cache. --- - - A SSL session cache object represents a way to cache client sessions - between connections. Only ticket-based resumption is supported. */ - -typedef struct grpc_ssl_session_cache grpc_ssl_session_cache; - -/** Create LRU cache for client-side SSL sessions with the given capacity. - If capacity is < 1, a default capacity is used instead. */ -GRPCAPI grpc_ssl_session_cache* grpc_ssl_session_cache_create_lru( - size_t capacity); - -/** Destroy SSL session cache. */ -GRPCAPI void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache); - -/** Create a channel arg with the given cache object. */ -GRPCAPI grpc_arg -grpc_ssl_session_cache_create_channel_arg(grpc_ssl_session_cache* cache); - -/** --- grpc_call_credentials object. - - A call credentials object represents a way to authenticate on a particular - call. These credentials can be composed with a channel credentials object - so that they are sent with every call on this channel. */ - -typedef struct grpc_call_credentials grpc_call_credentials; - -/** Releases a call credentials object. - The creator of the credentials object is responsible for its release. */ -GRPCAPI void grpc_call_credentials_release(grpc_call_credentials* creds); - -/** Creates default credentials to connect to a google gRPC service. - WARNING: Do NOT use this credentials to connect to a non-google service as - this could result in an oauth2 token leak. The security level of the - resulting connection is GRPC_PRIVACY_AND_INTEGRITY. - - If specified, the supplied call credentials object will be attached to the - returned channel credentials object. The call_credentials object must remain - valid throughout the lifetime of the returned grpc_channel_credentials - object. It is expected that the call credentials object was generated - according to the Application Default Credentials mechanism and asserts the - identity of the default service account of the machine. Supplying any other - sort of call credential will result in undefined behavior, up to and - including the sudden and unexpected failure of RPCs. - - If nullptr is supplied, the returned channel credentials object will use a - call credentials object based on the Application Default Credentials - mechanism. -*/ -GRPCAPI grpc_channel_credentials* grpc_google_default_credentials_create( - grpc_call_credentials* call_credentials); - -/** Callback for getting the SSL roots override from the application. - In case of success, *pem_roots_certs must be set to a NULL terminated string - containing the list of PEM encoded root certificates. The ownership is passed - to the core and freed (laster by the core) with gpr_free. - If this function fails and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is - set to a valid path, it will override the roots specified this func */ -typedef grpc_ssl_roots_override_result (*grpc_ssl_roots_override_callback)( - char** pem_root_certs); - -/** Setup a callback to override the default TLS/SSL roots. - This function is not thread-safe and must be called at initialization time - before any ssl credentials are created to have the desired side effect. - If GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment is set to a valid path, the - callback will not be called. */ -GRPCAPI void grpc_set_ssl_roots_override_callback( - grpc_ssl_roots_override_callback cb); - -/** Object that holds a private key / certificate chain pair in PEM format. */ -typedef struct { - /** private_key is the NULL-terminated string containing the PEM encoding of - the client's private key. */ - const char* private_key; - - /** cert_chain is the NULL-terminated string containing the PEM encoding of - the client's certificate chain. */ - const char* cert_chain; -} grpc_ssl_pem_key_cert_pair; - -/** Deprecated in favor of grpc_ssl_verify_peer_options. It will be removed - after all of its call sites are migrated to grpc_ssl_verify_peer_options. - Object that holds additional peer-verification options on a secure - channel. */ -typedef struct { - /** If non-NULL this callback will be invoked with the expected - target_name, the peer's certificate (in PEM format), and whatever - userdata pointer is set below. If a non-zero value is returned by this - callback then it is treated as a verification failure. Invocation of - the callback is blocking, so any implementation should be light-weight. - */ - int (*verify_peer_callback)(const char* target_name, const char* peer_pem, - void* userdata); - /** Arbitrary userdata that will be passed as the last argument to - verify_peer_callback. */ - void* verify_peer_callback_userdata; - /** A destruct callback that will be invoked when the channel is being - cleaned up. The userdata argument will be passed to it. The intent is - to perform any cleanup associated with that userdata. */ - void (*verify_peer_destruct)(void* userdata); -} verify_peer_options; - -/** Object that holds additional peer-verification options on a secure - channel. */ -typedef struct { - /** If non-NULL this callback will be invoked with the expected - target_name, the peer's certificate (in PEM format), and whatever - userdata pointer is set below. If a non-zero value is returned by this - callback then it is treated as a verification failure. Invocation of - the callback is blocking, so any implementation should be light-weight. - */ - int (*verify_peer_callback)(const char* target_name, const char* peer_pem, - void* userdata); - /** Arbitrary userdata that will be passed as the last argument to - verify_peer_callback. */ - void* verify_peer_callback_userdata; - /** A destruct callback that will be invoked when the channel is being - cleaned up. The userdata argument will be passed to it. The intent is - to perform any cleanup associated with that userdata. */ - void (*verify_peer_destruct)(void* userdata); -} grpc_ssl_verify_peer_options; - -/** Deprecated in favor of grpc_ssl_server_credentials_create_ex. It will be - removed after all of its call sites are migrated to - grpc_ssl_server_credentials_create_ex. Creates an SSL credentials object. - The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. - - pem_root_certs is the NULL-terminated string containing the PEM encoding - of the server root certificates. If this parameter is NULL, the - implementation will first try to dereference the file pointed by the - GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, - try to get the roots set by grpc_override_ssl_default_roots. Eventually, - if all these fail, it will try to get the roots from a well-known place on - disk (in the grpc install directory). - - gRPC has implemented root cache if the underlying OpenSSL library supports - it. The gRPC root certificates cache is only applicable on the default - root certificates, which is used when this parameter is nullptr. If user - provides their own pem_root_certs, when creating an SSL credential object, - gRPC would not be able to cache it, and each subchannel will generate a - copy of the root store. So it is recommended to avoid providing large room - pem with pem_root_certs parameter to avoid excessive memory consumption, - particularly on mobile platforms such as iOS. - - pem_key_cert_pair is a pointer on the object containing client's private - key and certificate chain. This parameter can be NULL if the client does - not have such a key/cert pair. - - verify_options is an optional verify_peer_options object which holds - additional options controlling how peer certificates are verified. For - example, you can supply a callback which receives the peer's certificate - with which you can do additional verification. Can be NULL, in which - case verification will retain default behavior. Any settings in - verify_options are copied during this call, so the verify_options - object can be released afterwards. */ -GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create( - const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, - const verify_peer_options* verify_options, void* reserved); - -/* Creates an SSL credentials object. - The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. - - pem_root_certs is the NULL-terminated string containing the PEM encoding - of the server root certificates. If this parameter is NULL, the - implementation will first try to dereference the file pointed by the - GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable, and if that fails, - try to get the roots set by grpc_override_ssl_default_roots. Eventually, - if all these fail, it will try to get the roots from a well-known place on - disk (in the grpc install directory). - - gRPC has implemented root cache if the underlying OpenSSL library supports - it. The gRPC root certificates cache is only applicable on the default - root certificates, which is used when this parameter is nullptr. If user - provides their own pem_root_certs, when creating an SSL credential object, - gRPC would not be able to cache it, and each subchannel will generate a - copy of the root store. So it is recommended to avoid providing large room - pem with pem_root_certs parameter to avoid excessive memory consumption, - particularly on mobile platforms such as iOS. - - pem_key_cert_pair is a pointer on the object containing client's private - key and certificate chain. This parameter can be NULL if the client does - not have such a key/cert pair. - - verify_options is an optional verify_peer_options object which holds - additional options controlling how peer certificates are verified. For - example, you can supply a callback which receives the peer's certificate - with which you can do additional verification. Can be NULL, in which - case verification will retain default behavior. Any settings in - verify_options are copied during this call, so the verify_options - object can be released afterwards. */ -GRPCAPI grpc_channel_credentials* grpc_ssl_credentials_create_ex( - const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, - const grpc_ssl_verify_peer_options* verify_options, void* reserved); - -/** Creates a composite channel credentials object. The security level of - * resulting connection is determined by channel_creds. */ -GRPCAPI grpc_channel_credentials* grpc_composite_channel_credentials_create( - grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds, - void* reserved); - -/** --- composite credentials. */ - -/** Creates a composite call credentials object. */ -GRPCAPI grpc_call_credentials* grpc_composite_call_credentials_create( - grpc_call_credentials* creds1, grpc_call_credentials* creds2, - void* reserved); - -/** Creates a compute engine credentials object for connecting to Google. - WARNING: Do NOT use this credentials to connect to a non-google service as - this could result in an oauth2 token leak. */ -GRPCAPI grpc_call_credentials* grpc_google_compute_engine_credentials_create( - void* reserved); - -GRPCAPI gpr_timespec grpc_max_auth_token_lifetime(void); - -/** Creates a JWT credentials object. May return NULL if the input is invalid. - - json_key is the JSON key string containing the client's private key. - - token_lifetime is the lifetime of each Json Web Token (JWT) created with - this credentials. It should not exceed grpc_max_auth_token_lifetime or - will be cropped to this value. */ -GRPCAPI grpc_call_credentials* -grpc_service_account_jwt_access_credentials_create(const char* json_key, - gpr_timespec token_lifetime, - void* reserved); - -/** Builds External Account credentials. - - json_string is the JSON string containing the credentials options. - - scopes_string contains the scopes to be binded with the credentials. - This API is used for experimental purposes for now and may change in the - future. */ -GRPCAPI grpc_call_credentials* grpc_external_account_credentials_create( - const char* json_string, const char* scopes_string); - -/** Creates an Oauth2 Refresh Token credentials object for connecting to Google. - May return NULL if the input is invalid. - WARNING: Do NOT use this credentials to connect to a non-google service as - this could result in an oauth2 token leak. - - json_refresh_token is the JSON string containing the refresh token itself - along with a client_id and client_secret. */ -GRPCAPI grpc_call_credentials* grpc_google_refresh_token_credentials_create( - const char* json_refresh_token, void* reserved); - -/** Creates an Oauth2 Access Token credentials with an access token that was - acquired by an out of band mechanism. */ -GRPCAPI grpc_call_credentials* grpc_access_token_credentials_create( - const char* access_token, void* reserved); - -/** Creates an IAM credentials object for connecting to Google. */ -GRPCAPI grpc_call_credentials* grpc_google_iam_credentials_create( - const char* authorization_token, const char* authority_selector, - void* reserved); - -/** Options for creating STS Oauth Token Exchange credentials following the IETF - draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. - Optional fields may be set to NULL or empty string. It is the responsibility - of the caller to ensure that the subject and actor tokens are refreshed on - disk at the specified paths. This API is used for experimental purposes for - now and may change in the future. */ -typedef struct { - const char* token_exchange_service_uri; /* Required. */ - const char* resource; /* Optional. */ - const char* audience; /* Optional. */ - const char* scope; /* Optional. */ - const char* requested_token_type; /* Optional. */ - const char* subject_token_path; /* Required. */ - const char* subject_token_type; /* Required. */ - const char* actor_token_path; /* Optional. */ - const char* actor_token_type; /* Optional. */ -} grpc_sts_credentials_options; - -/** Creates an STS credentials following the STS Token Exchanged specifed in the - IETF draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. - This API is used for experimental purposes for now and may change in the - future. */ -GRPCAPI grpc_call_credentials* grpc_sts_credentials_create( - const grpc_sts_credentials_options* options, void* reserved); - -/** Callback function to be called by the metadata credentials plugin - implementation when the metadata is ready. - - user_data is the opaque pointer that was passed in the get_metadata method - of the grpc_metadata_credentials_plugin (see below). - - creds_md is an array of credentials metadata produced by the plugin. It - may be set to NULL in case of an error. - - num_creds_md is the number of items in the creds_md array. - - status must be GRPC_STATUS_OK in case of success or another specific error - code otherwise. - - error_details contains details about the error if any. In case of success - it should be NULL and will be otherwise ignored. */ -typedef void (*grpc_credentials_plugin_metadata_cb)( - void* user_data, const grpc_metadata* creds_md, size_t num_creds_md, - grpc_status_code status, const char* error_details); - -/** Context that can be used by metadata credentials plugin in order to create - auth related metadata. */ -typedef struct { - /** The fully qualifed service url. */ - const char* service_url; - - /** The method name of the RPC being called (not fully qualified). - The fully qualified method name can be built from the service_url: - full_qualified_method_name = ctx->service_url + '/' + ctx->method_name. */ - const char* method_name; - - /** The auth_context of the channel which gives the server's identity. */ - const grpc_auth_context* channel_auth_context; - - /** Reserved for future use. */ - void* reserved; -} grpc_auth_metadata_context; - -/** Performs a deep copy from \a from to \a to. **/ -GRPCAPI void grpc_auth_metadata_context_copy(grpc_auth_metadata_context* from, - grpc_auth_metadata_context* to); - -/** Releases internal resources held by \a context. **/ -GRPCAPI void grpc_auth_metadata_context_reset( - grpc_auth_metadata_context* context); - -/** Maximum number of metadata entries returnable by a credentials plugin via - a synchronous return. */ -#define GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX 4 - -/** grpc_metadata_credentials plugin is an API user provided structure used to - create grpc_credentials objects that can be set on a channel (composed) or - a call. See grpc_credentials_metadata_create_from_plugin below. - The grpc client stack will call the get_metadata method of the plugin for - every call in scope for the credentials created from it. */ -typedef struct { - /** The implementation of this method has to be non-blocking, but can - be performed synchronously or asynchronously. - - If processing occurs synchronously, returns non-zero and populates - creds_md, num_creds_md, status, and error_details. In this case, - the caller takes ownership of the entries in creds_md and of - error_details. Note that if the plugin needs to return more than - GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX entries in creds_md, it must - return asynchronously. - - If processing occurs asynchronously, returns zero and invokes \a cb - when processing is completed. \a user_data will be passed as the - first parameter of the callback. NOTE: \a cb MUST be invoked in a - different thread, not from the thread in which \a get_metadata() is - invoked. - - \a context is the information that can be used by the plugin to create - auth metadata. */ - int (*get_metadata)( - void* state, grpc_auth_metadata_context context, - grpc_credentials_plugin_metadata_cb cb, void* user_data, - grpc_metadata creds_md[GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX], - size_t* num_creds_md, grpc_status_code* status, - const char** error_details); - - /** Implements debug string of the given plugin. This method returns an - * allocated string that the caller needs to free using gpr_free() */ - char* (*debug_string)(void* state); - - /** Destroys the plugin state. */ - void (*destroy)(void* state); - - /** State that will be set as the first parameter of the methods above. */ - void* state; - - /** Type of credentials that this plugin is implementing. */ - const char* type; -} grpc_metadata_credentials_plugin; - -/** Creates a credentials object from a plugin with a specified minimum security - * level. */ -GRPCAPI grpc_call_credentials* grpc_metadata_credentials_create_from_plugin( - grpc_metadata_credentials_plugin plugin, - grpc_security_level min_security_level, void* reserved); - -/** Server certificate config object holds the server's public certificates and - associated private keys, as well as any CA certificates needed for client - certificate validation (if applicable). Create using - grpc_ssl_server_certificate_config_create(). */ -typedef struct grpc_ssl_server_certificate_config - grpc_ssl_server_certificate_config; - -/** Creates a grpc_ssl_server_certificate_config object. - - pem_roots_cert is the NULL-terminated string containing the PEM encoding of - the client root certificates. This parameter may be NULL if the server does - not want the client to be authenticated with SSL. - - pem_key_cert_pairs is an array private key / certificate chains of the - server. This parameter cannot be NULL. - - num_key_cert_pairs indicates the number of items in the private_key_files - and cert_chain_files parameters. It must be at least 1. - - It is the caller's responsibility to free this object via - grpc_ssl_server_certificate_config_destroy(). */ -GRPCAPI grpc_ssl_server_certificate_config* -grpc_ssl_server_certificate_config_create( - const char* pem_root_certs, - const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, - size_t num_key_cert_pairs); - -/** Destroys a grpc_ssl_server_certificate_config object. */ -GRPCAPI void grpc_ssl_server_certificate_config_destroy( - grpc_ssl_server_certificate_config* config); - -/** Callback to retrieve updated SSL server certificates, private keys, and - trusted CAs (for client authentication). - - user_data parameter, if not NULL, contains opaque data to be used by the - callback. - - Use grpc_ssl_server_certificate_config_create to create the config. - - The caller assumes ownership of the config. */ -typedef grpc_ssl_certificate_config_reload_status ( - *grpc_ssl_server_certificate_config_callback)( - void* user_data, grpc_ssl_server_certificate_config** config); - -/** Deprecated in favor of grpc_ssl_server_credentials_create_ex. - Creates an SSL server_credentials object. - - pem_roots_cert is the NULL-terminated string containing the PEM encoding of - the client root certificates. This parameter may be NULL if the server does - not want the client to be authenticated with SSL. - - pem_key_cert_pairs is an array private key / certificate chains of the - server. This parameter cannot be NULL. - - num_key_cert_pairs indicates the number of items in the private_key_files - and cert_chain_files parameters. It should be at least 1. - - force_client_auth, if set to non-zero will force the client to authenticate - with an SSL cert. Note that this option is ignored if pem_root_certs is - NULL. */ -GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create( - const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, - size_t num_key_cert_pairs, int force_client_auth, void* reserved); - -/** Deprecated in favor of grpc_ssl_server_credentials_create_with_options. - Same as grpc_ssl_server_credentials_create method except uses - grpc_ssl_client_certificate_request_type enum to support more ways to - authenticate client certificates.*/ -GRPCAPI grpc_server_credentials* grpc_ssl_server_credentials_create_ex( - const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, - size_t num_key_cert_pairs, - grpc_ssl_client_certificate_request_type client_certificate_request, - void* reserved); - -typedef struct grpc_ssl_server_credentials_options - grpc_ssl_server_credentials_options; - -/** Creates an options object using a certificate config. Use this method when - the certificates and keys of the SSL server will not change during the - server's lifetime. - - Takes ownership of the certificate_config parameter. */ -GRPCAPI grpc_ssl_server_credentials_options* -grpc_ssl_server_credentials_create_options_using_config( - grpc_ssl_client_certificate_request_type client_certificate_request, - grpc_ssl_server_certificate_config* certificate_config); - -/** Creates an options object using a certificate config fetcher. Use this - method to reload the certificates and keys of the SSL server without - interrupting the operation of the server. Initial certificate config will be - fetched during server initialization. - - user_data parameter, if not NULL, contains opaque data which will be passed - to the fetcher (see definition of - grpc_ssl_server_certificate_config_callback). */ -GRPCAPI grpc_ssl_server_credentials_options* -grpc_ssl_server_credentials_create_options_using_config_fetcher( - grpc_ssl_client_certificate_request_type client_certificate_request, - grpc_ssl_server_certificate_config_callback cb, void* user_data); - -/** Destroys a grpc_ssl_server_credentials_options object. */ -GRPCAPI void grpc_ssl_server_credentials_options_destroy( - grpc_ssl_server_credentials_options* options); - -/** Creates an SSL server_credentials object using the provided options struct. - - Takes ownership of the options parameter. */ -GRPCAPI grpc_server_credentials* -grpc_ssl_server_credentials_create_with_options( - grpc_ssl_server_credentials_options* options); - -/** --- Call specific credentials. --- */ - -/** Sets a credentials to a call. Can only be called on the client side before - grpc_call_start_batch. */ -GRPCAPI grpc_call_error grpc_call_set_credentials(grpc_call* call, - grpc_call_credentials* creds); - -/** --- Auth Metadata Processing --- */ - -/** Callback function that is called when the metadata processing is done. - - Consumed metadata will be removed from the set of metadata available on the - call. consumed_md may be NULL if no metadata has been consumed. - - Response metadata will be set on the response. response_md may be NULL. - - status is GRPC_STATUS_OK for success or a specific status for an error. - Common error status for auth metadata processing is either - GRPC_STATUS_UNAUTHENTICATED in case of an authentication failure or - GRPC_STATUS PERMISSION_DENIED in case of an authorization failure. - - error_details gives details about the error. May be NULL. */ -typedef void (*grpc_process_auth_metadata_done_cb)( - void* user_data, const grpc_metadata* consumed_md, size_t num_consumed_md, - const grpc_metadata* response_md, size_t num_response_md, - grpc_status_code status, const char* error_details); - -/** Pluggable server-side metadata processor object. */ -typedef struct { - /** The context object is read/write: it contains the properties of the - channel peer and it is the job of the process function to augment it with - properties derived from the passed-in metadata. - The lifetime of these objects is guaranteed until cb is invoked. */ - void (*process)(void* state, grpc_auth_context* context, - const grpc_metadata* md, size_t num_md, - grpc_process_auth_metadata_done_cb cb, void* user_data); - void (*destroy)(void* state); - void* state; -} grpc_auth_metadata_processor; - -GRPCAPI void grpc_server_credentials_set_auth_metadata_processor( - grpc_server_credentials* creds, grpc_auth_metadata_processor processor); - -/** --- ALTS channel/server credentials --- **/ - -/** - * Main interface for ALTS credentials options. The options will contain - * information that will be passed from grpc to TSI layer such as RPC protocol - * versions. ALTS client (channel) and server credentials will have their own - * implementation of this interface. The APIs listed in this header are - * thread-compatible. It is used for experimental purpose for now and subject - * to change. - */ -typedef struct grpc_alts_credentials_options grpc_alts_credentials_options; - -/** - * This method creates a grpc ALTS credentials client options instance. - * It is used for experimental purpose for now and subject to change. - */ -GRPCAPI grpc_alts_credentials_options* -grpc_alts_credentials_client_options_create(void); - -/** - * This method creates a grpc ALTS credentials server options instance. - * It is used for experimental purpose for now and subject to change. - */ -GRPCAPI grpc_alts_credentials_options* -grpc_alts_credentials_server_options_create(void); - -/** - * This method adds a target service account to grpc client's ALTS credentials - * options instance. It is used for experimental purpose for now and subject - * to change. - * - * - options: grpc ALTS credentials options instance. - * - service_account: service account of target endpoint. - */ -GRPCAPI void grpc_alts_credentials_client_options_add_target_service_account( - grpc_alts_credentials_options* options, const char* service_account); - -/** - * This method destroys a grpc_alts_credentials_options instance by - * de-allocating all of its occupied memory. It is used for experimental purpose - * for now and subject to change. - * - * - options: a grpc_alts_credentials_options instance that needs to be - * destroyed. - */ -GRPCAPI void grpc_alts_credentials_options_destroy( - grpc_alts_credentials_options* options); - -/** - * This method creates an ALTS channel credential object. The security - * level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. - * It is used for experimental purpose for now and subject to change. - * - * - options: grpc ALTS credentials options instance for client. - * - * It returns the created ALTS channel credential object. - */ -GRPCAPI grpc_channel_credentials* grpc_alts_credentials_create( - const grpc_alts_credentials_options* options); - -/** - * This method creates an ALTS server credential object. It is used for - * experimental purpose for now and subject to change. - * - * - options: grpc ALTS credentials options instance for server. - * - * It returns the created ALTS server credential object. - */ -GRPCAPI grpc_server_credentials* grpc_alts_server_credentials_create( - const grpc_alts_credentials_options* options); - -/** --- Local channel/server credentials --- **/ - -/** - * This method creates a local channel credential object. The security level - * of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY for UDS and - * GRPC_SECURITY_NONE for LOCAL_TCP. It is used for experimental purpose - * for now and subject to change. - * - * - type: local connection type - * - * It returns the created local channel credential object. - */ -GRPCAPI grpc_channel_credentials* grpc_local_credentials_create( - grpc_local_connect_type type); - -/** - * This method creates a local server credential object. It is used for - * experimental purpose for now and subject to change. - * - * - type: local connection type - * - * It returns the created local server credential object. - */ -GRPCAPI grpc_server_credentials* grpc_local_server_credentials_create( - grpc_local_connect_type type); - -/** --- TLS channel/server credentials --- - * It is used for experimental purpose for now and subject to change. */ - -/** - * EXPERIMENTAL API - Subject to change - * - * A struct that can be specified by callers to configure underlying TLS - * behaviors. - */ -typedef struct grpc_tls_credentials_options grpc_tls_credentials_options; - -/** - * EXPERIMENTAL API - Subject to change - * - * A struct provides ways to gain credential data that will be used in the TLS - * handshake. - */ -typedef struct grpc_tls_certificate_provider grpc_tls_certificate_provider; - -/** - * EXPERIMENTAL API - Subject to change - * - * A struct that stores the credential data presented to the peer in handshake - * to show local identity. - */ -typedef struct grpc_tls_identity_pairs grpc_tls_identity_pairs; - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates a grpc_tls_identity_pairs that stores a list of identity credential - * data, including identity private key and identity certificate chain. - */ -GRPCAPI grpc_tls_identity_pairs* grpc_tls_identity_pairs_create(); - -/** - * EXPERIMENTAL API - Subject to change - * - * Adds a identity private key and a identity certificate chain to - * grpc_tls_identity_pairs. This function will make an internal copy of - * |private_key| and |cert_chain|. - */ -GRPCAPI void grpc_tls_identity_pairs_add_pair(grpc_tls_identity_pairs* pairs, - const char* private_key, - const char* cert_chain); - -/** - * EXPERIMENTAL API - Subject to change - * - * Destroys a grpc_tls_identity_pairs object. If this object is passed to a - * provider initiation function, the ownership is transferred so this function - * doesn't need to be called. Otherwise the creator of the - * grpc_tls_identity_pairs object is responsible for its destruction. - */ -GRPCAPI void grpc_tls_identity_pairs_destroy(grpc_tls_identity_pairs* pairs); - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates a grpc_tls_certificate_provider that will load credential data from - * static string during initialization. This provider will always return the - * same cert data for all cert names. - * root_certificate and pem_key_cert_pairs can be nullptr, indicating the - * corresponding credential data is not needed. - * This function will make a copy of |root_certificate|. - * The ownership of |pem_key_cert_pairs| is transferred. - */ -GRPCAPI grpc_tls_certificate_provider* -grpc_tls_certificate_provider_static_data_create( - const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs); - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates a grpc_tls_certificate_provider that will watch the credential - * changes on the file system. This provider will always return the up-to-date - * cert data for all the cert names callers set through - * |grpc_tls_credentials_options|. Note that this API only supports one key-cert - * file and hence one set of identity key-cert pair, so SNI(Server Name - * Indication) is not supported. - * - private_key_path is the file path of the private key. This must be set if - * |identity_certificate_path| is set. Otherwise, it could be null if no - * identity credentials are needed. - * - identity_certificate_path is the file path of the identity certificate - * chain. This must be set if |private_key_path| is set. Otherwise, it could - * be null if no identity credentials are needed. - * - root_cert_path is the file path to the root certificate bundle. This - * may be null if no root certs are needed. - * - refresh_interval_sec is the refreshing interval that we will check the - * files for updates. - * It does not take ownership of parameters. - */ -GRPCAPI grpc_tls_certificate_provider* -grpc_tls_certificate_provider_file_watcher_create( - const char* private_key_path, const char* identity_certificate_path, - const char* root_cert_path, unsigned int refresh_interval_sec); - -/** - * EXPERIMENTAL API - Subject to change - * - * Releases a grpc_tls_certificate_provider object. The creator of the - * grpc_tls_certificate_provider object is responsible for its release. - */ -GRPCAPI void grpc_tls_certificate_provider_release( - grpc_tls_certificate_provider* provider); - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates an grpc_tls_credentials_options. - */ -GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_create(void); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the minimum TLS version that will be negotiated during the TLS - * handshake. If not set, the underlying SSL library will set it to TLS v1.2. - */ -GRPCAPI void grpc_tls_credentials_options_set_min_tls_version( - grpc_tls_credentials_options* options, grpc_tls_version min_tls_version); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the maximum TLS version that will be negotiated during the TLS - * handshake. If not set, the underlying SSL library will set it to TLS v1.3. - */ -GRPCAPI void grpc_tls_credentials_options_set_max_tls_version( - grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); - -/** - * EXPERIMENTAL API - Subject to change - * - * Copies a grpc_tls_credentials_options. - */ -GRPCAPI grpc_tls_credentials_options* grpc_tls_credentials_options_copy( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Destroys a grpc_tls_credentials_options. - */ -GRPCAPI void grpc_tls_credentials_options_destroy( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the credential provider in the options. - * The |options| will implicitly take a new ref to the |provider|. - */ -GRPCAPI void grpc_tls_credentials_options_set_certificate_provider( - grpc_tls_credentials_options* options, - grpc_tls_certificate_provider* provider); - -/** - * EXPERIMENTAL API - Subject to change - * - * If set, gRPC stack will keep watching the root certificates with - * name |root_cert_name|. - * If this is not set on the client side, we will use the root certificates - * stored in the default system location, since client side must provide root - * certificates in TLS. - * If this is not set on the server side, we will not watch any root certificate - * updates, and assume no root certificates needed for the server(single-side - * TLS). Default root certs on the server side is not supported. - */ -GRPCAPI void grpc_tls_credentials_options_watch_root_certs( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the name of the root certificates being watched. - * If not set, We will use a default empty string as the root certificate name. - */ -GRPCAPI void grpc_tls_credentials_options_set_root_cert_name( - grpc_tls_credentials_options* options, const char* root_cert_name); - -/** - * EXPERIMENTAL API - Subject to change - * - * If set, gRPC stack will keep watching the identity key-cert pairs - * with name |identity_cert_name|. - * This is required on the server side, and optional on the client side. - */ -GRPCAPI void grpc_tls_credentials_options_watch_identity_key_cert_pairs( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the name of the identity certificates being watched. - * If not set, We will use a default empty string as the identity certificate - * name. - */ -GRPCAPI void grpc_tls_credentials_options_set_identity_cert_name( - grpc_tls_credentials_options* options, const char* identity_cert_name); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the options of whether to request and/or verify client certs. This shall - * only be called on the server side. - */ -GRPCAPI void grpc_tls_credentials_options_set_cert_request_type( - grpc_tls_credentials_options* options, - grpc_ssl_client_certificate_request_type type); - -/** Deprecated in favor of grpc_tls_credentials_options_set_crl_provider. The - * crl provider interface provides a significantly more flexible approach to - * using CRLs. See gRFC A69 for details. - * EXPERIMENTAL API - Subject to change - * - * If set, gRPC will read all hashed x.509 CRL files in the directory and - * enforce the CRL files on all TLS handshakes. Only supported for OpenSSL - * version > 1.1. - * It is used for experimental purpose for now and subject to change. - */ -GRPCAPI void grpc_tls_credentials_options_set_crl_directory( - grpc_tls_credentials_options* options, const char* crl_directory); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the options of whether to verify server certs on the client side. - * Passing in a non-zero value indicates verifying the certs. - */ -GRPCAPI void grpc_tls_credentials_options_set_verify_server_cert( - grpc_tls_credentials_options* options, int verify_server_cert); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets whether or not a TLS server should send a list of CA names in the - * ServerHello. This list of CA names is read from the server's trust bundle, so - * that the client can use this list as a hint to know which certificate it - * should send to the server. - * - * WARNING: This API is extremely dangerous and should not be used. If the - * server's trust bundle is too large, then the TLS server will be unable to - * form a ServerHello, and hence will be unusable. The definition of "too large" - * depends on the underlying SSL library being used and on the size of the CN - * fields of the certificates in the trust bundle. - */ -GRPCAPI void grpc_tls_credentials_options_set_send_client_ca_list( - grpc_tls_credentials_options* options, bool send_client_ca_list); - -/** - * EXPERIMENTAL API - Subject to change - * - * The read-only request information exposed in a verification call. - * Callers should not directly manage the ownership of it. We will make sure it - * is always available inside verify() or cancel() call, and will destroy the - * object at the end of custom verification. - */ -typedef struct grpc_tls_custom_verification_check_request { - /* The target name of the server when the client initiates the connection. */ - /* This field will be nullptr if on the server side. */ - const char* target_name; - /* The information contained in the certificate chain sent from the peer. */ - struct peer_info { - /* The Common Name field on the peer leaf certificate. */ - const char* common_name; - /* The list of Subject Alternative Names on the peer leaf certificate. */ - struct san_names { - char** uri_names; - size_t uri_names_size; - char** dns_names; - size_t dns_names_size; - char** email_names; - size_t email_names_size; - char** ip_names; - size_t ip_names_size; - } san_names; - /* The raw peer leaf certificate. */ - const char* peer_cert; - /* The raw peer certificate chain. Note that it is not always guaranteed to - * get the peer full chain. For more, please refer to - * GRPC_X509_PEM_CERT_CHAIN_PROPERTY_NAME defined in file - * grpc_security_constants.h. - * TODO(ZhenLian): Consider fixing this in the future. */ - const char* peer_cert_full_chain; - /* The verified root cert subject. - * This value will only be filled if the cryptographic peer certificate - * verification was successful */ - const char* verified_root_cert_subject; - } peer_info; -} grpc_tls_custom_verification_check_request; - -/** - * EXPERIMENTAL API - Subject to change - * - * A callback function provided by gRPC as a parameter of the |verify| function - * in grpc_tls_certificate_verifier_external. If |verify| is expected to be run - * asynchronously, the implementer of |verify| will need to invoke this callback - * with |callback_arg| and proper verification status at the end to bring the - * control back to gRPC C core. - */ -typedef void (*grpc_tls_on_custom_verification_check_done_cb)( - grpc_tls_custom_verification_check_request* request, void* callback_arg, - grpc_status_code status, const char* error_details); - -/** - * EXPERIMENTAL API - Subject to change - * - * The internal verifier type that will be used inside core. - */ -typedef struct grpc_tls_certificate_verifier grpc_tls_certificate_verifier; - -/** - * EXPERIMENTAL API - Subject to change - * - * A struct containing all the necessary functions a custom external verifier - * needs to implement to be able to be converted to an internal verifier. - */ -typedef struct grpc_tls_certificate_verifier_external { - void* user_data; - /** - * A function pointer containing the verification logic that will be - * performed after the TLS handshake is done. It could be processed - * synchronously or asynchronously. - * - If expected to be processed synchronously, the implementer should - * populate the verification result through |sync_status| and - * |sync_error_details|, and then return true. - * - If expected to be processed asynchronously, the implementer should return - * false immediately, and then in the asynchronous thread invoke |callback| - * with the verification result. The implementer MUST NOT invoke the async - * |callback| in the same thread before |verify| returns, otherwise it can - * lead to deadlocks. - * - * user_data: any argument that is passed in the user_data of - * grpc_tls_certificate_verifier_external during construction time - * can be retrieved later here. - * request: request information exposed to the function implementer. - * callback: the callback that the function implementer needs to invoke, if - * return a non-zero value. It is usually invoked when the - * asynchronous verification is done, and serves to bring the - * control back to gRPC. - * callback_arg: A pointer to the internal ExternalVerifier instance. This is - * mainly used as an argument in |callback|, if want to invoke - * |callback| in async mode. - * sync_status: indicates if a connection should be allowed. This should only - * be used if the verification check is done synchronously. - * sync_error_details: the error generated while verifying a connection. This - * should only be used if the verification check is done - * synchronously. the implementation must allocate the - * error string via gpr_malloc() or gpr_strdup(). - * return: return 0 if |verify| is expected to be executed asynchronously, - * otherwise return a non-zero value. - */ - int (*verify)(void* user_data, - grpc_tls_custom_verification_check_request* request, - grpc_tls_on_custom_verification_check_done_cb callback, - void* callback_arg, grpc_status_code* sync_status, - char** sync_error_details); - /** - * A function pointer that cleans up the caller-specified resources when the - * verifier is still running but the whole connection got cancelled. This - * could happen when the verifier is doing some async operations, and the - * whole handshaker object got destroyed because of connection time limit is - * reached, or any other reasons. In such cases, function implementers might - * want to be notified, and properly clean up some resources. - * - * user_data: any argument that is passed in the user_data of - * grpc_tls_certificate_verifier_external during construction time - * can be retrieved later here. - * request: request information exposed to the function implementer. It will - * be the same request object that was passed to verify(), and it - * tells the cancel() which request to cancel. - */ - void (*cancel)(void* user_data, - grpc_tls_custom_verification_check_request* request); - /** - * A function pointer that does some additional destruction work when the - * verifier is destroyed. This is used when the caller wants to associate some - * objects to the lifetime of external_verifier, and destroy them when - * external_verifier got destructed. For example, in C++, the class containing - * user-specified callback functions should not be destroyed before - * external_verifier, since external_verifier will invoke them while being - * used. - * Note that the caller MUST delete the grpc_tls_certificate_verifier_external - * object itself in this function, otherwise it will cause memory leaks. That - * also means the user_data has to carries at least a self pointer, for the - * callers to later delete it in destruct(). - * - * user_data: any argument that is passed in the user_data of - * grpc_tls_certificate_verifier_external during construction time - * can be retrieved later here. - */ - void (*destruct)(void* user_data); -} grpc_tls_certificate_verifier_external; - -/** - * EXPERIMENTAL API - Subject to change - * - * Converts an external verifier to an internal verifier. - * Note that we will not take the ownership of the external_verifier. Callers - * will need to delete external_verifier in its own destruct function. - */ -grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_external_create( - grpc_tls_certificate_verifier_external* external_verifier); - -/** - * EXPERIMENTAL API - Subject to change - * - * Factory function for an internal verifier that won't perform any - * post-handshake verification. Note: using this solely without any other - * authentication mechanisms on the peer identity will leave your applications - * to the MITM(Man-In-The-Middle) attacks. Users should avoid doing so in - * production environments. - */ -grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_no_op_create(); - -/** - * EXPERIMENTAL API - Subject to change - * - * Factory function for an internal verifier that will do the default hostname - * check. - */ -grpc_tls_certificate_verifier* grpc_tls_certificate_verifier_host_name_create(); - -/** - * EXPERIMENTAL API - Subject to change - * - * Releases a grpc_tls_certificate_verifier object. The creator of the - * grpc_tls_certificate_verifier object is responsible for its release. - */ -void grpc_tls_certificate_verifier_release( - grpc_tls_certificate_verifier* verifier); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the verifier in options. The |options| will implicitly take a new ref to - * the |verifier|. If not set on the client side, we will verify server's - * certificates, and check the default hostname. If not set on the server side, - * we will verify client's certificates. - */ -void grpc_tls_credentials_options_set_certificate_verifier( - grpc_tls_credentials_options* options, - grpc_tls_certificate_verifier* verifier); - -/** - * EXPERIMENTAL API - Subject to change - * - * Sets the options of whether to check the hostname of the peer on a per-call - * basis. This is usually used in a combination with virtual hosting at the - * client side, where each individual call on a channel can have a different - * host associated with it. - * This check is intended to verify that the host specified for the individual - * call is covered by the cert that the peer presented. - * The default is a non-zero value, which indicates performing such checks. - */ -GRPCAPI void grpc_tls_credentials_options_set_check_call_host( - grpc_tls_credentials_options* options, int check_call_host); - -/** - * EXPERIMENTAL API - Subject to change - * - * Performs the verification logic of an internal verifier. - * This is typically used when composing the internal verifiers as part of the - * custom verification. - * If |grpc_tls_certificate_verifier_verify| returns true, inspect the - * verification result through request->status and request->error_details. - * Otherwise, inspect through the parameter of |callback|. - */ -int grpc_tls_certificate_verifier_verify( - grpc_tls_certificate_verifier* verifier, - grpc_tls_custom_verification_check_request* request, - grpc_tls_on_custom_verification_check_done_cb callback, void* callback_arg, - grpc_status_code* sync_status, char** sync_error_details); - -/** - * EXPERIMENTAL API - Subject to change - * - * Performs the cancellation logic of an internal verifier. - * This is typically used when composing the internal verifiers as part of the - * custom verification. - */ -void grpc_tls_certificate_verifier_cancel( - grpc_tls_certificate_verifier* verifier, - grpc_tls_custom_verification_check_request* request); - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates a TLS channel credential object based on the - * grpc_tls_credentials_options specified by callers. The - * grpc_channel_credentials will take the ownership of the |options|. The - * security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY. - */ -grpc_channel_credentials* grpc_tls_credentials_create( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * Creates a TLS server credential object based on the - * grpc_tls_credentials_options specified by callers. The - * grpc_server_credentials will take the ownership of the |options|. - */ -grpc_server_credentials* grpc_tls_server_credentials_create( - grpc_tls_credentials_options* options); - -/** - * EXPERIMENTAL API - Subject to change - * - * This method creates an insecure channel credentials object. - */ -GRPCAPI grpc_channel_credentials* grpc_insecure_credentials_create(); - -/** - * EXPERIMENTAL API - Subject to change - * - * This method creates an insecure server credentials object. - */ -GRPCAPI grpc_server_credentials* grpc_insecure_server_credentials_create(); - -/** - * EXPERIMENTAL API - Subject to change - * - * This method creates an xDS channel credentials object. - * - * Creating a channel with credentials of this type indicates that the channel - * should get credentials configuration from the xDS control plane. - * - * \a fallback_credentials are used if the channel target does not have the - * 'xds:///' scheme or if the xDS control plane does not provide information on - * how to fetch credentials dynamically. Does NOT take ownership of the \a - * fallback_credentials. (Internally takes a ref to the object.) - */ -GRPCAPI grpc_channel_credentials* grpc_xds_credentials_create( - grpc_channel_credentials* fallback_credentials); - -/** - * EXPERIMENTAL API - Subject to change - * - * This method creates an xDS server credentials object. - * - * \a fallback_credentials are used if the xDS control plane does not provide - * information on how to fetch credentials dynamically. - * - * Does NOT take ownership of the \a fallback_credentials. (Internally takes - * a ref to the object.) - */ -GRPCAPI grpc_server_credentials* grpc_xds_server_credentials_create( - grpc_server_credentials* fallback_credentials); - /** * EXPERIMENTAL - Subject to change. * An opaque type that is responsible for providing authorization policies to @@ -1302,26 +151,6 @@ grpc_authorization_policy_provider_file_watcher_create( GRPCAPI void grpc_authorization_policy_provider_release( grpc_authorization_policy_provider* provider); -/** --- TLS session key logging. --- - * Experimental API to control tls session key logging. Tls session key logging - * is expected to be used only for debugging purposes and never in production. - * Tls session key logging is only enabled when: - * At least one grpc_tls_credentials_options object is assigned a tls session - * key logging file path using the API specified below. - */ - -/** - * EXPERIMENTAL API - Subject to change. - * Configures a grpc_tls_credentials_options object with tls session key - * logging capability. TLS channels using these credentials have tls session - * key logging enabled. - * - options is the grpc_tls_credentials_options object - * - path is a string pointing to the location where TLS session keys would be - * stored. - */ -GRPCAPI void grpc_tls_credentials_options_set_tls_session_key_log_file_path( - grpc_tls_credentials_options* options, const char* path); - #ifdef __cplusplus } #endif diff --git a/include/grpc/module.modulemap b/include/grpc/module.modulemap index 7adee5b69e5..c9219532826 100644 --- a/include/grpc/module.modulemap +++ b/include/grpc/module.modulemap @@ -6,6 +6,7 @@ header "byte_buffer.h" header "byte_buffer_reader.h" header "census.h" header "compression.h" + header "credentials.h" header "fork.h" header "grpc.h" header "grpc_audit_logging.h" diff --git a/include/grpcpp/security/tls_certificate_provider.h b/include/grpcpp/security/tls_certificate_provider.h index d784292992e..3e7c9523156 100644 --- a/include/grpcpp/security/tls_certificate_provider.h +++ b/include/grpcpp/security/tls_certificate_provider.h @@ -20,6 +20,7 @@ #include #include +#include #include #include #include diff --git a/package.xml b/package.xml index 9288e08446f..6a184f74d73 100644 --- a/package.xml +++ b/package.xml @@ -33,6 +33,7 @@ + diff --git a/src/core/BUILD b/src/core/BUILD index 3ecb922f38b..23040cc5fe8 100644 --- a/src/core/BUILD +++ b/src/core/BUILD @@ -3655,6 +3655,7 @@ grpc_cc_library( "validation_errors", "//:alts_util", "//:gpr", + "//:grpc_core_credentials_header", "//:ref_counted_ptr", ], ) @@ -3808,6 +3809,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:handshaker", "//:iomgr", @@ -3846,6 +3848,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:handshaker", "//:iomgr", @@ -3905,6 +3908,7 @@ grpc_cc_library( "//:gpr", "//:grpc_base", "//:grpc_client_channel", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:handshaker", "//:iomgr", @@ -3948,6 +3952,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:grpc_trace", "//:handshaker", @@ -4004,6 +4009,7 @@ grpc_cc_library( "//:gpr", "//:grpc_alts_credentials", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_jwt_credentials", "//:grpc_public_hdrs", "//:grpc_security_base", @@ -4078,6 +4084,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_credentials_util", "//:grpc_public_hdrs", "//:grpc_security_base", @@ -4117,6 +4124,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:grpc_trace", "//:promise", @@ -4164,6 +4172,7 @@ grpc_cc_library( "//:api_trace", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_credentials_util", "//:grpc_security_base", "//:grpc_trace", @@ -4219,6 +4228,7 @@ grpc_cc_library( "time", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_credentials_util", "//:grpc_security_base", "//:httpcli", @@ -4255,6 +4265,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:handshaker", "//:iomgr", @@ -5143,6 +5154,7 @@ grpc_cc_library( "//:gpr", "//:grpc_base", "//:grpc_client_channel", + "//:grpc_core_credentials_header", "//:grpc_credentials_util", "//:grpc_public_hdrs", "//:grpc_security_base", @@ -5222,6 +5234,7 @@ grpc_cc_library( "//:exec_ctx", "//:gpr", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_public_hdrs", "//:grpc_security_base", "//:grpc_service_config_impl", @@ -5256,6 +5269,7 @@ grpc_cc_library( "//:config", "//:gpr", "//:gpr_platform", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:ref_counted_ptr", ], @@ -6966,6 +6980,7 @@ grpc_cc_library( "//:gpr", "//:gpr_platform", "//:grpc_base", + "//:grpc_core_credentials_header", "//:grpc_security_base", "//:grpc_trace", "//:httpcli", diff --git a/src/core/ext/gcp/metadata_query.cc b/src/core/ext/gcp/metadata_query.cc index 9edbabfde49..212a7639a03 100644 --- a/src/core/ext/gcp/metadata_query.cc +++ b/src/core/ext/gcp/metadata_query.cc @@ -28,6 +28,7 @@ #include "absl/strings/str_format.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/ext/xds/xds_server_config_fetcher.cc b/src/core/ext/xds/xds_server_config_fetcher.cc index 75f4e704aba..a236fd05d75 100644 --- a/src/core/ext/xds/xds_server_config_fetcher.cc +++ b/src/core/ext/xds/xds_server_config_fetcher.cc @@ -38,6 +38,7 @@ #include "absl/types/optional.h" #include "absl/types/variant.h" +#include #include #include #include diff --git a/src/core/lib/http/httpcli_security_connector.cc b/src/core/lib/http/httpcli_security_connector.cc index 28127811b2d..f5acf5bc3ba 100644 --- a/src/core/lib/http/httpcli_security_connector.cc +++ b/src/core/lib/http/httpcli_security_connector.cc @@ -25,6 +25,7 @@ #include "absl/strings/string_view.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/src/core/lib/security/certificate_provider/certificate_provider_factory.h b/src/core/lib/security/certificate_provider/certificate_provider_factory.h index beacb85032e..6d1b36e7b20 100644 --- a/src/core/lib/security/certificate_provider/certificate_provider_factory.h +++ b/src/core/lib/security/certificate_provider/certificate_provider_factory.h @@ -23,6 +23,7 @@ #include "absl/strings/string_view.h" +#include #include #include diff --git a/src/core/lib/security/context/security_context.cc b/src/core/lib/security/context/security_context.cc index 9cdc64bde6d..877adb8c788 100644 --- a/src/core/lib/security/context/security_context.cc +++ b/src/core/lib/security/context/security_context.cc @@ -22,6 +22,7 @@ #include +#include #include #include #include diff --git a/src/core/lib/security/context/security_context.h b/src/core/lib/security/context/security_context.h index bbc38020d4f..1c1b85bfc63 100644 --- a/src/core/lib/security/context/security_context.h +++ b/src/core/lib/security/context/security_context.h @@ -26,6 +26,7 @@ #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/alts/alts_credentials.h b/src/core/lib/security/credentials/alts/alts_credentials.h index 08ee0439666..46a513a0026 100644 --- a/src/core/lib/security/credentials/alts/alts_credentials.h +++ b/src/core/lib/security/credentials/alts/alts_credentials.h @@ -19,6 +19,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H +#include #include #include #include diff --git a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h index 6997beee5de..771beaf543a 100644 --- a/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h +++ b/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h @@ -19,6 +19,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_GRPC_ALTS_CREDENTIALS_OPTIONS_H +#include #include #include diff --git a/src/core/lib/security/credentials/call_creds_util.h b/src/core/lib/security/credentials/call_creds_util.h index 87dcc80fd76..6e95f100f94 100644 --- a/src/core/lib/security/credentials/call_creds_util.h +++ b/src/core/lib/security/credentials/call_creds_util.h @@ -19,6 +19,7 @@ #include +#include #include #include diff --git a/src/core/lib/security/credentials/channel_creds_registry_init.cc b/src/core/lib/security/credentials/channel_creds_registry_init.cc index 557967a54c7..4f19760f377 100644 --- a/src/core/lib/security/credentials/channel_creds_registry_init.cc +++ b/src/core/lib/security/credentials/channel_creds_registry_init.cc @@ -23,6 +23,7 @@ #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/composite/composite_credentials.h b/src/core/lib/security/credentials/composite/composite_credentials.h index 9c1841b311c..230706ed935 100644 --- a/src/core/lib/security/credentials/composite/composite_credentials.h +++ b/src/core/lib/security/credentials/composite/composite_credentials.h @@ -26,6 +26,7 @@ #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/credentials.h b/src/core/lib/security/credentials/credentials.h index 59922c916b8..6a9661c05a6 100644 --- a/src/core/lib/security/credentials/credentials.h +++ b/src/core/lib/security/credentials/credentials.h @@ -26,6 +26,7 @@ #include "absl/status/statusor.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/external/aws_external_account_credentials.cc b/src/core/lib/security/credentials/external/aws_external_account_credentials.cc index 74609f44742..754fd4b3ed0 100644 --- a/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +++ b/src/core/lib/security/credentials/external/aws_external_account_credentials.cc @@ -28,6 +28,7 @@ #include "absl/strings/string_view.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/external/external_account_credentials.cc b/src/core/lib/security/credentials/external/external_account_credentials.cc index 9b027ae49b9..ae3f80e5986 100644 --- a/src/core/lib/security/credentials/external/external_account_credentials.cc +++ b/src/core/lib/security/credentials/external/external_account_credentials.cc @@ -35,6 +35,7 @@ #include "absl/time/clock.h" #include "absl/time/time.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/external/url_external_account_credentials.cc b/src/core/lib/security/credentials/external/url_external_account_credentials.cc index a010be13846..310c7e40170 100644 --- a/src/core/lib/security/credentials/external/url_external_account_credentials.cc +++ b/src/core/lib/security/credentials/external/url_external_account_credentials.cc @@ -27,6 +27,7 @@ #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/fake/fake_credentials.h b/src/core/lib/security/credentials/fake/fake_credentials.h index 8f6d4dfa11b..a18d90d0344 100644 --- a/src/core/lib/security/credentials/fake/fake_credentials.h +++ b/src/core/lib/security/credentials/fake/fake_credentials.h @@ -23,6 +23,7 @@ #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/google_default/google_default_credentials.cc b/src/core/lib/security/credentials/google_default/google_default_credentials.cc index a8cc51d1f72..4291bdf5e62 100644 --- a/src/core/lib/security/credentials/google_default/google_default_credentials.cc +++ b/src/core/lib/security/credentials/google_default/google_default_credentials.cc @@ -28,7 +28,8 @@ #include "absl/strings/string_view.h" #include "absl/types/optional.h" -#include // IWYU pragma: keep +#include +#include #include #include #include diff --git a/src/core/lib/security/credentials/google_default/google_default_credentials.h b/src/core/lib/security/credentials/google_default/google_default_credentials.h index f17105bbdfa..acf2fa6404b 100644 --- a/src/core/lib/security/credentials/google_default/google_default_credentials.h +++ b/src/core/lib/security/credentials/google_default/google_default_credentials.h @@ -20,6 +20,7 @@ #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_GOOGLE_DEFAULT_GOOGLE_DEFAULT_CREDENTIALS_H #include +#include #include #include #include diff --git a/src/core/lib/security/credentials/iam/iam_credentials.h b/src/core/lib/security/credentials/iam/iam_credentials.h index ae2960e8466..e5ed10316dc 100644 --- a/src/core/lib/security/credentials/iam/iam_credentials.h +++ b/src/core/lib/security/credentials/iam/iam_credentials.h @@ -24,6 +24,7 @@ #include "absl/status/statusor.h" #include "absl/types/optional.h" +#include #include #include diff --git a/src/core/lib/security/credentials/insecure/insecure_credentials.h b/src/core/lib/security/credentials/insecure/insecure_credentials.h index 1ccee0bc480..e9bf9327e72 100644 --- a/src/core/lib/security/credentials/insecure/insecure_credentials.h +++ b/src/core/lib/security/credentials/insecure/insecure_credentials.h @@ -19,6 +19,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_INSECURE_INSECURE_CREDENTIALS_H #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_INSECURE_INSECURE_CREDENTIALS_H +#include #include #include #include diff --git a/src/core/lib/security/credentials/jwt/json_token.cc b/src/core/lib/security/credentials/jwt/json_token.cc index 82124dcd59c..ba81ab8dac3 100644 --- a/src/core/lib/security/credentials/jwt/json_token.cc +++ b/src/core/lib/security/credentials/jwt/json_token.cc @@ -33,6 +33,7 @@ #include "absl/status/statusor.h" #include "absl/strings/escaping.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/jwt/jwt_credentials.cc b/src/core/lib/security/credentials/jwt/jwt_credentials.cc index a5691cd2666..98c80150e94 100644 --- a/src/core/lib/security/credentials/jwt/jwt_credentials.cc +++ b/src/core/lib/security/credentials/jwt/jwt_credentials.cc @@ -27,6 +27,7 @@ #include "absl/status/status.h" #include "absl/strings/str_cat.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/jwt/jwt_credentials.h b/src/core/lib/security/credentials/jwt/jwt_credentials.h index 8ca6296f8ea..50df9094d0e 100644 --- a/src/core/lib/security/credentials/jwt/jwt_credentials.h +++ b/src/core/lib/security/credentials/jwt/jwt_credentials.h @@ -29,6 +29,7 @@ #include "absl/time/time.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/local/local_credentials.h b/src/core/lib/security/credentials/local/local_credentials.h index 7a52d9a0d1e..77765bc6242 100644 --- a/src/core/lib/security/credentials/local/local_credentials.h +++ b/src/core/lib/security/credentials/local/local_credentials.h @@ -19,6 +19,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_LOCAL_LOCAL_CREDENTIALS_H #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_LOCAL_LOCAL_CREDENTIALS_H +#include #include #include #include diff --git a/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc b/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc index bbd666e7dd8..842b3f70f08 100644 --- a/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +++ b/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc @@ -33,6 +33,7 @@ #include "absl/strings/str_join.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/oauth2/oauth2_credentials.h b/src/core/lib/security/credentials/oauth2/oauth2_credentials.h index 137818f095a..4bed299f406 100644 --- a/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +++ b/src/core/lib/security/credentials/oauth2/oauth2_credentials.h @@ -26,6 +26,7 @@ #include "absl/status/statusor.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/plugin/plugin_credentials.h b/src/core/lib/security/credentials/plugin/plugin_credentials.h index a3c22fbe278..715d071e14e 100644 --- a/src/core/lib/security/credentials/plugin/plugin_credentials.h +++ b/src/core/lib/security/credentials/plugin/plugin_credentials.h @@ -28,6 +28,7 @@ #include "absl/container/inlined_vector.h" #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/ssl/ssl_credentials.h b/src/core/lib/security/credentials/ssl/ssl_credentials.h index 0dd131ff381..d76009f0666 100644 --- a/src/core/lib/security/credentials/ssl/ssl_credentials.h +++ b/src/core/lib/security/credentials/ssl/ssl_credentials.h @@ -20,6 +20,7 @@ #include +#include #include #include #include diff --git a/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc b/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc index 7744d62de1a..dbe28e1cf98 100644 --- a/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +++ b/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc @@ -18,6 +18,7 @@ #include "absl/status/status.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc b/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc index 5e81d3533bf..03921c540aa 100644 --- a/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +++ b/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc @@ -25,6 +25,7 @@ #include "absl/status/status.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h b/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h index 9734f191fc9..69a9861df22 100644 --- a/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +++ b/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h @@ -23,6 +23,7 @@ #include "absl/base/thread_annotations.h" #include "absl/status/status.h" +#include #include #include #include diff --git a/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h b/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h index 6f56905ae32..b29468239a1 100644 --- a/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +++ b/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h @@ -25,6 +25,7 @@ #include "absl/container/inlined_vector.h" +#include #include #include "src/core/lib/gprpp/ref_counted.h" diff --git a/src/core/lib/security/credentials/tls/tls_credentials.h b/src/core/lib/security/credentials/tls/tls_credentials.h index c79b4b0c554..c72dcd61da8 100644 --- a/src/core/lib/security/credentials/tls/tls_credentials.h +++ b/src/core/lib/security/credentials/tls/tls_credentials.h @@ -19,6 +19,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_CREDENTIALS_H #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_TLS_TLS_CREDENTIALS_H +#include #include #include #include diff --git a/src/core/lib/security/credentials/xds/xds_credentials.h b/src/core/lib/security/credentials/xds/xds_credentials.h index b64def62b6f..09762d30276 100644 --- a/src/core/lib/security/credentials/xds/xds_credentials.h +++ b/src/core/lib/security/credentials/xds/xds_credentials.h @@ -28,6 +28,7 @@ #include "absl/status/status.h" +#include #include #include #include diff --git a/src/core/lib/security/security_connector/alts/alts_security_connector.h b/src/core/lib/security/security_connector/alts/alts_security_connector.h index 25cef39f92f..1f0c13a3618 100644 --- a/src/core/lib/security/security_connector/alts/alts_security_connector.h +++ b/src/core/lib/security/security_connector/alts/alts_security_connector.h @@ -18,6 +18,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_ALTS_SECURITY_CONNECTOR_H #define GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_ALTS_ALTS_SECURITY_CONNECTOR_H +#include #include #include #include diff --git a/src/core/lib/security/security_connector/fake/fake_security_connector.h b/src/core/lib/security/security_connector/fake/fake_security_connector.h index a8823493750..1edc40c0b95 100644 --- a/src/core/lib/security/security_connector/fake/fake_security_connector.h +++ b/src/core/lib/security/security_connector/fake/fake_security_connector.h @@ -18,6 +18,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_FAKE_FAKE_SECURITY_CONNECTOR_H #define GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_FAKE_FAKE_SECURITY_CONNECTOR_H +#include #include #include #include diff --git a/src/core/lib/security/security_connector/insecure/insecure_security_connector.h b/src/core/lib/security/security_connector/insecure/insecure_security_connector.h index 8f78f610eab..c2716de0939 100644 --- a/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +++ b/src/core/lib/security/security_connector/insecure/insecure_security_connector.h @@ -24,6 +24,7 @@ #include "absl/status/status.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/security_connector/local/local_security_connector.h b/src/core/lib/security/security_connector/local/local_security_connector.h index ad39afbcf32..09020552f1c 100644 --- a/src/core/lib/security/security_connector/local/local_security_connector.h +++ b/src/core/lib/security/security_connector/local/local_security_connector.h @@ -18,6 +18,7 @@ #ifndef GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_LOCAL_LOCAL_SECURITY_CONNECTOR_H #define GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_LOCAL_LOCAL_SECURITY_CONNECTOR_H +#include #include #include #include diff --git a/src/core/lib/security/security_connector/security_connector.h b/src/core/lib/security/security_connector/security_connector.h index 1965984866b..f4bf841d042 100644 --- a/src/core/lib/security/security_connector/security_connector.h +++ b/src/core/lib/security/security_connector/security_connector.h @@ -24,6 +24,7 @@ #include "absl/status/status.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/src/core/lib/security/security_connector/ssl/ssl_security_connector.h b/src/core/lib/security/security_connector/ssl/ssl_security_connector.h index f743b6ff3b2..3ce665d587e 100644 --- a/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +++ b/src/core/lib/security/security_connector/ssl/ssl_security_connector.h @@ -20,6 +20,7 @@ #define GRPC_SRC_CORE_LIB_SECURITY_SECURITY_CONNECTOR_SSL_SSL_SECURITY_CONNECTOR_H #include +#include #include #include #include diff --git a/src/core/lib/security/security_connector/ssl_utils.cc b/src/core/lib/security/security_connector/ssl_utils.cc index de302b6476c..41b89093833 100644 --- a/src/core/lib/security/security_connector/ssl_utils.cc +++ b/src/core/lib/security/security_connector/ssl_utils.cc @@ -29,6 +29,7 @@ #include "absl/strings/str_cat.h" #include "absl/strings/str_split.h" +#include #include #include #include diff --git a/src/core/lib/security/security_connector/tls/tls_security_connector.h b/src/core/lib/security/security_connector/tls/tls_security_connector.h index cf6593b4c68..c9293b39943 100644 --- a/src/core/lib/security/security_connector/tls/tls_security_connector.h +++ b/src/core/lib/security/security_connector/tls/tls_security_connector.h @@ -27,6 +27,7 @@ #include "absl/strings/string_view.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/src/core/lib/security/transport/auth_filters.h b/src/core/lib/security/transport/auth_filters.h index ced5319bb55..06b8b6e6fae 100644 --- a/src/core/lib/security/transport/auth_filters.h +++ b/src/core/lib/security/transport/auth_filters.h @@ -21,6 +21,7 @@ #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/lib/security/transport/client_auth_filter.cc b/src/core/lib/security/transport/client_auth_filter.cc index 400087dcedd..1314b7d523b 100644 --- a/src/core/lib/security/transport/client_auth_filter.cc +++ b/src/core/lib/security/transport/client_auth_filter.cc @@ -26,6 +26,7 @@ #include "absl/status/status.h" #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/lib/security/transport/server_auth_filter.cc b/src/core/lib/security/transport/server_auth_filter.cc index f2e403b329f..c36db059b3a 100644 --- a/src/core/lib/security/transport/server_auth_filter.cc +++ b/src/core/lib/security/transport/server_auth_filter.cc @@ -26,6 +26,7 @@ #include "absl/status/status.h" #include "absl/status/statusor.h" +#include #include #include #include diff --git a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc index 98cf9bbec93..ac7372cb464 100644 --- a/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +++ b/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc @@ -24,6 +24,7 @@ #include "upb/mem/arena.hpp" +#include #include #include #include diff --git a/src/cpp/client/create_channel_posix.cc b/src/cpp/client/create_channel_posix.cc index d260f1c68c7..e1d6653ed55 100644 --- a/src/cpp/client/create_channel_posix.cc +++ b/src/cpp/client/create_channel_posix.cc @@ -21,6 +21,7 @@ #include #include +#include #include #include #include diff --git a/src/cpp/common/tls_certificate_provider.cc b/src/cpp/common/tls_certificate_provider.cc index c51c0ea5892..e978a085bee 100644 --- a/src/cpp/common/tls_certificate_provider.cc +++ b/src/cpp/common/tls_certificate_provider.cc @@ -17,6 +17,7 @@ #include #include +#include #include #include #include diff --git a/src/cpp/common/tls_certificate_verifier.cc b/src/cpp/common/tls_certificate_verifier.cc index 093062a6202..9e717d0714a 100644 --- a/src/cpp/common/tls_certificate_verifier.cc +++ b/src/cpp/common/tls_certificate_verifier.cc @@ -22,6 +22,7 @@ #include #include +#include #include #include #include diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc index 56664e501fd..77af87b1280 100644 --- a/src/cpp/common/tls_credentials_options.cc +++ b/src/cpp/common/tls_credentials_options.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include diff --git a/src/cpp/server/server_posix.cc b/src/cpp/server/server_posix.cc index ecc1848a1fc..3491ca58c3c 100644 --- a/src/cpp/server/server_posix.cc +++ b/src/cpp/server/server_posix.cc @@ -16,6 +16,7 @@ // // +#include #include #include #include diff --git a/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.mm b/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.mm index 89679ba2989..28039fd2390 100644 --- a/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.mm +++ b/src/objective-c/GRPCClient/private/GRPCCore/GRPCInsecureChannelFactory.mm @@ -18,6 +18,7 @@ #import "GRPCInsecureChannelFactory.h" +#include #include #import "ChannelArgsUtil.h" diff --git a/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.mm b/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.mm index 8321ac5b35f..1c884b461cc 100644 --- a/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.mm +++ b/src/objective-c/GRPCClient/private/GRPCCore/GRPCSecureChannelFactory.mm @@ -19,6 +19,7 @@ #import "GRPCSecureChannelFactory.h" #import +#include #include #import "ChannelArgsUtil.h" diff --git a/src/php/ext/grpc/call_credentials.h b/src/php/ext/grpc/call_credentials.h index e0cc8638534..e82520802b0 100644 --- a/src/php/ext/grpc/call_credentials.h +++ b/src/php/ext/grpc/call_credentials.h @@ -21,6 +21,7 @@ #include "php_grpc.h" +#include #include /* Class entry for the CallCredentials PHP class */ diff --git a/src/php/ext/grpc/channel.c b/src/php/ext/grpc/channel.c index 8cac73ffd7d..0dca12debfa 100644 --- a/src/php/ext/grpc/channel.c +++ b/src/php/ext/grpc/channel.c @@ -29,6 +29,7 @@ #include #include +#include #include #include #include diff --git a/src/php/ext/grpc/channel_credentials.h b/src/php/ext/grpc/channel_credentials.h index 7c6cf30367d..c790f3e6524 100644 --- a/src/php/ext/grpc/channel_credentials.h +++ b/src/php/ext/grpc/channel_credentials.h @@ -21,6 +21,7 @@ #include "php_grpc.h" +#include #include /* Class entry for the ChannelCredentials PHP class */ diff --git a/src/php/ext/grpc/php_grpc.c b/src/php/ext/grpc/php_grpc.c index 8a0aa075fdf..7541729f15a 100644 --- a/src/php/ext/grpc/php_grpc.c +++ b/src/php/ext/grpc/php_grpc.c @@ -28,6 +28,7 @@ #include "server_credentials.h" #include "completion_queue.h" #include +#include #include #include #include diff --git a/src/php/ext/grpc/server.c b/src/php/ext/grpc/server.c index 2001760e349..ebedb184c72 100644 --- a/src/php/ext/grpc/server.c +++ b/src/php/ext/grpc/server.c @@ -26,6 +26,7 @@ #include #include +#include #include #include #include diff --git a/src/php/ext/grpc/server_credentials.h b/src/php/ext/grpc/server_credentials.h index 6a1af3603ed..91edf262481 100644 --- a/src/php/ext/grpc/server_credentials.h +++ b/src/php/ext/grpc/server_credentials.h @@ -21,6 +21,7 @@ #include "php_grpc.h" +#include #include /* Class entry for the Server_Credentials PHP class */ diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi index 29149e9893a..ce9a1d85e6b 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi @@ -445,6 +445,9 @@ cdef extern from "grpc/grpc.h": grpc_channel *channel, grpc_connectivity_state last_observed_state, gpr_timespec deadline, grpc_completion_queue *cq, void *tag) nogil char *grpc_channel_get_target(grpc_channel *channel) nogil + grpc_channel *grpc_channel_create( + const char *target, grpc_channel_credentials *creds, + const grpc_channel_args *args) nogil void grpc_channel_destroy(grpc_channel *channel) nogil grpc_server *grpc_server_create( @@ -493,17 +496,18 @@ cdef extern from "grpc/grpc.h": grpc_slice grpc_dump_xds_configs() nogil + ctypedef struct grpc_server_credentials: + # We don't care about the internals (and in fact don't know them) + pass -cdef extern from "grpc/grpc_security.h": - - # Declare this as an enum, this is the only way to make it a const in - # cython - enum: GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX +cdef extern from "grpc/grpc_security_constants.h": - ctypedef enum grpc_ssl_roots_override_result: - GRPC_SSL_ROOTS_OVERRIDE_OK - GRPC_SSL_ROOTS_OVERRIDE_FAILED_PERMANENTLY - GRPC_SSL_ROOTS_OVERRIDE_FAILED + ctypedef enum grpc_security_level: + GRPC_SECURITY_MIN + GRPC_SECURITY_NONE = GRPC_SECURITY_MIN + GRPC_INTEGRITY_ONLY + GRPC_PRIVACY_AND_INTEGRITY + GRPC_SECURITY_MAX = GRPC_PRIVACY_AND_INTEGRITY ctypedef enum grpc_ssl_client_certificate_request_type: GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, @@ -512,18 +516,31 @@ cdef extern from "grpc/grpc_security.h": GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY - ctypedef enum grpc_security_level: - GRPC_SECURITY_MIN - GRPC_SECURITY_NONE = GRPC_SECURITY_MIN - GRPC_INTEGRITY_ONLY - GRPC_PRIVACY_AND_INTEGRITY - GRPC_SECURITY_MAX = GRPC_PRIVACY_AND_INTEGRITY + ctypedef enum grpc_ssl_roots_override_result: + GRPC_SSL_ROOTS_OVERRIDE_OK + GRPC_SSL_ROOTS_OVERRIDE_FAILED_PERMANENTLY + GRPC_SSL_ROOTS_OVERRIDE_FAILED ctypedef enum grpc_ssl_certificate_config_reload_status: GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL + ctypedef grpc_ssl_certificate_config_reload_status (*grpc_ssl_server_certificate_config_callback)( + void *user_data, + grpc_ssl_server_certificate_config **config) + + ctypedef struct grpc_auth_property_iterator: + pass + + ctypedef struct grpc_auth_property: + char *name + char *value + size_t value_length + + +cdef extern from "grpc/credentials.h": + ctypedef struct grpc_ssl_server_certificate_config: # We don't care about the internals pass @@ -539,10 +556,6 @@ cdef extern from "grpc/grpc_security.h": void grpc_ssl_server_certificate_config_destroy(grpc_ssl_server_certificate_config *config) - ctypedef grpc_ssl_certificate_config_reload_status (*grpc_ssl_server_certificate_config_callback)( - void *user_data, - grpc_ssl_server_certificate_config **config) - grpc_ssl_server_credentials_options *grpc_ssl_server_credentials_create_options_using_config( grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config *certificate_config) @@ -567,23 +580,12 @@ cdef extern from "grpc/grpc_security.h": # We don't care about the internals (and in fact don't know them) pass - ctypedef struct grpc_ssl_session_cache: - # We don't care about the internals (and in fact don't know them) - pass - ctypedef struct verify_peer_options: # We don't care about the internals (and in fact don't know them) pass - ctypedef void (*grpc_ssl_roots_override_callback)(char **pem_root_certs) - - grpc_ssl_session_cache *grpc_ssl_session_cache_create_lru(size_t capacity) - void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache) - - void grpc_set_ssl_roots_override_callback( - grpc_ssl_roots_override_callback cb) nogil - grpc_channel_credentials *grpc_google_default_credentials_create(grpc_call_credentials* call_credentials) nogil + grpc_channel_credentials *grpc_ssl_credentials_create( const char *pem_root_certs, grpc_ssl_pem_key_cert_pair *pem_key_cert_pair, verify_peer_options *verify_options, void *reserved) nogil @@ -605,33 +607,22 @@ cdef extern from "grpc/grpc_security.h": grpc_call_credentials *grpc_composite_call_credentials_create( grpc_call_credentials *creds1, grpc_call_credentials *creds2, void *reserved) nogil + grpc_call_credentials *grpc_google_compute_engine_credentials_create( void *reserved) nogil + grpc_call_credentials *grpc_service_account_jwt_access_credentials_create( const char *json_key, gpr_timespec token_lifetime, void *reserved) nogil + grpc_call_credentials *grpc_google_refresh_token_credentials_create( const char *json_refresh_token, void *reserved) nogil + grpc_call_credentials *grpc_google_iam_credentials_create( const char *authorization_token, const char *authority_selector, void *reserved) nogil - void grpc_call_credentials_release(grpc_call_credentials *creds) nogil - - grpc_channel *grpc_channel_create( - const char *target, grpc_channel_credentials *creds, - const grpc_channel_args *args) nogil - - ctypedef struct grpc_server_credentials: - # We don't care about the internals (and in fact don't know them) - pass - void grpc_server_credentials_release(grpc_server_credentials *creds) nogil - - int grpc_server_add_http2_port(grpc_server *server, const char *addr, - grpc_server_credentials *creds) nogil - - grpc_call_error grpc_call_set_credentials(grpc_call *call, - grpc_call_credentials *creds) nogil + void grpc_call_credentials_release(grpc_call_credentials *creds) nogil ctypedef struct grpc_auth_context: # We don't care about the internals (and in fact don't know them) @@ -646,6 +637,10 @@ cdef extern from "grpc/grpc_security.h": void *user_data, const grpc_metadata *creds_md, size_t num_creds_md, grpc_status_code status, const char *error_details) nogil + # Declare this as an enum, this is the only way to make it a const in + # cython + enum: GRPC_METADATA_CREDENTIALS_PLUGIN_SYNC_MAX + ctypedef struct grpc_metadata_credentials_plugin: int (*get_metadata)( void *state, grpc_auth_metadata_context context, @@ -660,13 +655,47 @@ cdef extern from "grpc/grpc_security.h": grpc_call_credentials *grpc_metadata_credentials_create_from_plugin( grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void *reserved) nogil - ctypedef struct grpc_auth_property_iterator: + grpc_channel_credentials *grpc_local_credentials_create( + grpc_local_connect_type type) + grpc_server_credentials *grpc_local_server_credentials_create( + grpc_local_connect_type type) + + ctypedef struct grpc_alts_credentials_options: + # We don't care about the internals (and in fact don't know them) pass - ctypedef struct grpc_auth_property: - char *name - char *value - size_t value_length + grpc_channel_credentials *grpc_alts_credentials_create( + const grpc_alts_credentials_options *options) + grpc_server_credentials *grpc_alts_server_credentials_create( + const grpc_alts_credentials_options *options) + + grpc_alts_credentials_options* grpc_alts_credentials_client_options_create() + grpc_alts_credentials_options* grpc_alts_credentials_server_options_create() + void grpc_alts_credentials_options_destroy(grpc_alts_credentials_options *options) + void grpc_alts_credentials_client_options_add_target_service_account(grpc_alts_credentials_options *options, const char *service_account) + + +cdef extern from "grpc/grpc_security.h": + + ctypedef struct grpc_ssl_session_cache: + # We don't care about the internals (and in fact don't know them) + pass + + ctypedef void (*grpc_ssl_roots_override_callback)(char **pem_root_certs) + + grpc_ssl_session_cache *grpc_ssl_session_cache_create_lru(size_t capacity) + void grpc_ssl_session_cache_destroy(grpc_ssl_session_cache* cache) + + void grpc_set_ssl_roots_override_callback( + grpc_ssl_roots_override_callback cb) nogil + + void grpc_server_credentials_release(grpc_server_credentials *creds) nogil + + int grpc_server_add_http2_port(grpc_server *server, const char *addr, + grpc_server_credentials *creds) nogil + + grpc_call_error grpc_call_set_credentials(grpc_call *call, + grpc_call_credentials *creds) nogil grpc_auth_property *grpc_auth_property_iterator_next( grpc_auth_property_iterator *it) @@ -690,26 +719,6 @@ cdef extern from "grpc/grpc_security.h": void grpc_auth_context_release(grpc_auth_context *context) - grpc_channel_credentials *grpc_local_credentials_create( - grpc_local_connect_type type) - grpc_server_credentials *grpc_local_server_credentials_create( - grpc_local_connect_type type) - - ctypedef struct grpc_alts_credentials_options: - # We don't care about the internals (and in fact don't know them) - pass - - grpc_channel_credentials *grpc_alts_credentials_create( - const grpc_alts_credentials_options *options) - grpc_server_credentials *grpc_alts_server_credentials_create( - const grpc_alts_credentials_options *options) - - grpc_alts_credentials_options* grpc_alts_credentials_client_options_create() - grpc_alts_credentials_options* grpc_alts_credentials_server_options_create() - void grpc_alts_credentials_options_destroy(grpc_alts_credentials_options *options) - void grpc_alts_credentials_client_options_add_target_service_account(grpc_alts_credentials_options *options, const char *service_account) - - cdef extern from "grpc/compression.h": diff --git a/src/ruby/ext/grpc/rb_call_credentials.c b/src/ruby/ext/grpc/rb_call_credentials.c index 4d4420cbac4..1afcfbdcc74 100644 --- a/src/ruby/ext/grpc/rb_call_credentials.c +++ b/src/ruby/ext/grpc/rb_call_credentials.c @@ -27,6 +27,7 @@ #include "rb_grpc.h" #include "rb_grpc_imports.generated.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_call_credentials.h b/src/ruby/ext/grpc/rb_call_credentials.h index 35c48f83371..785a773aff3 100644 --- a/src/ruby/ext/grpc/rb_call_credentials.h +++ b/src/ruby/ext/grpc/rb_call_credentials.h @@ -21,6 +21,7 @@ #include +#include #include /* Initializes the ruby CallCredentials class. */ diff --git a/src/ruby/ext/grpc/rb_channel.c b/src/ruby/ext/grpc/rb_channel.c index 165708e6951..48099c258b6 100644 --- a/src/ruby/ext/grpc/rb_channel.c +++ b/src/ruby/ext/grpc/rb_channel.c @@ -32,6 +32,7 @@ #include "rb_server.h" #include "rb_xds_channel_credentials.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_channel_credentials.c b/src/ruby/ext/grpc/rb_channel_credentials.c index 8382fb1f904..e570bfb707f 100644 --- a/src/ruby/ext/grpc/rb_channel_credentials.c +++ b/src/ruby/ext/grpc/rb_channel_credentials.c @@ -26,6 +26,7 @@ #include "rb_grpc.h" #include "rb_grpc_imports.generated.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.c b/src/ruby/ext/grpc/rb_grpc_imports.generated.c index 302dbf49f44..e4607ce6d00 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.c +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.c @@ -42,6 +42,70 @@ grpc_compression_options_init_type grpc_compression_options_init_import; grpc_compression_options_enable_algorithm_type grpc_compression_options_enable_algorithm_import; grpc_compression_options_disable_algorithm_type grpc_compression_options_disable_algorithm_import; grpc_compression_options_is_algorithm_enabled_type grpc_compression_options_is_algorithm_enabled_import; +grpc_service_account_jwt_access_credentials_create_type grpc_service_account_jwt_access_credentials_create_import; +grpc_external_account_credentials_create_type grpc_external_account_credentials_create_import; +grpc_google_refresh_token_credentials_create_type grpc_google_refresh_token_credentials_create_import; +grpc_access_token_credentials_create_type grpc_access_token_credentials_create_import; +grpc_google_iam_credentials_create_type grpc_google_iam_credentials_create_import; +grpc_sts_credentials_create_type grpc_sts_credentials_create_import; +grpc_auth_metadata_context_copy_type grpc_auth_metadata_context_copy_import; +grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_import; +grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; +grpc_call_credentials_release_type grpc_call_credentials_release_import; +grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; +grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; +grpc_ssl_server_certificate_config_destroy_type grpc_ssl_server_certificate_config_destroy_import; +grpc_ssl_credentials_create_type grpc_ssl_credentials_create_import; +grpc_ssl_credentials_create_ex_type grpc_ssl_credentials_create_ex_import; +grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import; +grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import; +grpc_ssl_server_credentials_create_options_using_config_type grpc_ssl_server_credentials_create_options_using_config_import; +grpc_ssl_server_credentials_create_options_using_config_fetcher_type grpc_ssl_server_credentials_create_options_using_config_fetcher_import; +grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credentials_options_destroy_import; +grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; +grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import; +grpc_composite_call_credentials_create_type grpc_composite_call_credentials_create_import; +grpc_google_compute_engine_credentials_create_type grpc_google_compute_engine_credentials_create_import; +grpc_composite_channel_credentials_create_type grpc_composite_channel_credentials_create_import; +grpc_alts_credentials_client_options_create_type grpc_alts_credentials_client_options_create_import; +grpc_alts_credentials_server_options_create_type grpc_alts_credentials_server_options_create_import; +grpc_alts_credentials_client_options_add_target_service_account_type grpc_alts_credentials_client_options_add_target_service_account_import; +grpc_alts_credentials_options_destroy_type grpc_alts_credentials_options_destroy_import; +grpc_alts_credentials_create_type grpc_alts_credentials_create_import; +grpc_alts_server_credentials_create_type grpc_alts_server_credentials_create_import; +grpc_tls_identity_pairs_create_type grpc_tls_identity_pairs_create_import; +grpc_tls_identity_pairs_add_pair_type grpc_tls_identity_pairs_add_pair_import; +grpc_tls_identity_pairs_destroy_type grpc_tls_identity_pairs_destroy_import; +grpc_tls_certificate_provider_static_data_create_type grpc_tls_certificate_provider_static_data_create_import; +grpc_tls_certificate_provider_file_watcher_create_type grpc_tls_certificate_provider_file_watcher_create_import; +grpc_tls_certificate_provider_release_type grpc_tls_certificate_provider_release_import; +grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import; +grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credentials_options_set_min_tls_version_import; +grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; +grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; +grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; +grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; +grpc_tls_credentials_options_watch_root_certs_type grpc_tls_credentials_options_watch_root_certs_import; +grpc_tls_credentials_options_set_root_cert_name_type grpc_tls_credentials_options_set_root_cert_name_import; +grpc_tls_credentials_options_watch_identity_key_cert_pairs_type grpc_tls_credentials_options_watch_identity_key_cert_pairs_import; +grpc_tls_credentials_options_set_identity_cert_name_type grpc_tls_credentials_options_set_identity_cert_name_import; +grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import; +grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import; +grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import; +grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import; +grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import; +grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import; +grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import; +grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import; +grpc_max_auth_token_lifetime_type grpc_max_auth_token_lifetime_import; +grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; +grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; +grpc_xds_credentials_create_type grpc_xds_credentials_create_import; +grpc_xds_server_credentials_create_type grpc_xds_server_credentials_create_import; +grpc_local_credentials_create_type grpc_local_credentials_create_import; +grpc_local_server_credentials_create_type grpc_local_server_credentials_create_import; +grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; +grpc_tls_credentials_options_set_tls_session_key_log_file_path_type grpc_tls_credentials_options_set_tls_session_key_log_file_path_import; grpc_metadata_array_init_type grpc_metadata_array_init_import; grpc_metadata_array_destroy_type grpc_metadata_array_destroy_import; grpc_call_details_init_type grpc_call_details_init_import; @@ -87,6 +151,7 @@ grpc_call_cancel_with_status_type grpc_call_cancel_with_status_import; grpc_call_failed_before_recv_message_type grpc_call_failed_before_recv_message_import; grpc_call_ref_type grpc_call_ref_import; grpc_call_unref_type grpc_call_unref_import; +grpc_call_set_credentials_type grpc_call_set_credentials_import; grpc_server_request_call_type grpc_server_request_call_import; grpc_server_register_method_type grpc_server_register_method_import; grpc_server_request_registered_call_type grpc_server_request_registered_call_import; @@ -133,74 +198,9 @@ grpc_auth_context_release_type grpc_auth_context_release_import; grpc_auth_context_add_property_type grpc_auth_context_add_property_import; grpc_auth_context_add_cstring_property_type grpc_auth_context_add_cstring_property_import; grpc_auth_context_set_peer_identity_property_name_type grpc_auth_context_set_peer_identity_property_name_import; -grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import; -grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import; -grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import; -grpc_call_credentials_release_type grpc_call_credentials_release_import; -grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; -grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import; -grpc_ssl_credentials_create_type grpc_ssl_credentials_create_import; -grpc_ssl_credentials_create_ex_type grpc_ssl_credentials_create_ex_import; -grpc_composite_channel_credentials_create_type grpc_composite_channel_credentials_create_import; -grpc_composite_call_credentials_create_type grpc_composite_call_credentials_create_import; -grpc_google_compute_engine_credentials_create_type grpc_google_compute_engine_credentials_create_import; -grpc_max_auth_token_lifetime_type grpc_max_auth_token_lifetime_import; -grpc_service_account_jwt_access_credentials_create_type grpc_service_account_jwt_access_credentials_create_import; -grpc_external_account_credentials_create_type grpc_external_account_credentials_create_import; -grpc_google_refresh_token_credentials_create_type grpc_google_refresh_token_credentials_create_import; -grpc_access_token_credentials_create_type grpc_access_token_credentials_create_import; -grpc_google_iam_credentials_create_type grpc_google_iam_credentials_create_import; -grpc_sts_credentials_create_type grpc_sts_credentials_create_import; -grpc_auth_metadata_context_copy_type grpc_auth_metadata_context_copy_import; -grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_import; -grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; -grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; -grpc_ssl_server_certificate_config_destroy_type grpc_ssl_server_certificate_config_destroy_import; -grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import; -grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import; -grpc_ssl_server_credentials_create_options_using_config_type grpc_ssl_server_credentials_create_options_using_config_import; -grpc_ssl_server_credentials_create_options_using_config_fetcher_type grpc_ssl_server_credentials_create_options_using_config_fetcher_import; -grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credentials_options_destroy_import; -grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; -grpc_call_set_credentials_type grpc_call_set_credentials_import; -grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import; -grpc_alts_credentials_client_options_create_type grpc_alts_credentials_client_options_create_import; -grpc_alts_credentials_server_options_create_type grpc_alts_credentials_server_options_create_import; -grpc_alts_credentials_client_options_add_target_service_account_type grpc_alts_credentials_client_options_add_target_service_account_import; -grpc_alts_credentials_options_destroy_type grpc_alts_credentials_options_destroy_import; -grpc_alts_credentials_create_type grpc_alts_credentials_create_import; -grpc_alts_server_credentials_create_type grpc_alts_server_credentials_create_import; -grpc_local_credentials_create_type grpc_local_credentials_create_import; -grpc_local_server_credentials_create_type grpc_local_server_credentials_create_import; -grpc_tls_identity_pairs_create_type grpc_tls_identity_pairs_create_import; -grpc_tls_identity_pairs_add_pair_type grpc_tls_identity_pairs_add_pair_import; -grpc_tls_identity_pairs_destroy_type grpc_tls_identity_pairs_destroy_import; -grpc_tls_certificate_provider_static_data_create_type grpc_tls_certificate_provider_static_data_create_import; -grpc_tls_certificate_provider_file_watcher_create_type grpc_tls_certificate_provider_file_watcher_create_import; -grpc_tls_certificate_provider_release_type grpc_tls_certificate_provider_release_import; -grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import; -grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credentials_options_set_min_tls_version_import; -grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; -grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; -grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; -grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; -grpc_tls_credentials_options_watch_root_certs_type grpc_tls_credentials_options_watch_root_certs_import; -grpc_tls_credentials_options_set_root_cert_name_type grpc_tls_credentials_options_set_root_cert_name_import; -grpc_tls_credentials_options_watch_identity_key_cert_pairs_type grpc_tls_credentials_options_watch_identity_key_cert_pairs_import; -grpc_tls_credentials_options_set_identity_cert_name_type grpc_tls_credentials_options_set_identity_cert_name_import; -grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import; -grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import; -grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import; -grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import; -grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; -grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; -grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; -grpc_xds_credentials_create_type grpc_xds_credentials_create_import; -grpc_xds_server_credentials_create_type grpc_xds_server_credentials_create_import; grpc_authorization_policy_provider_static_data_create_type grpc_authorization_policy_provider_static_data_create_import; grpc_authorization_policy_provider_file_watcher_create_type grpc_authorization_policy_provider_file_watcher_create_import; grpc_authorization_policy_provider_release_type grpc_authorization_policy_provider_release_import; -grpc_tls_credentials_options_set_tls_session_key_log_file_path_type grpc_tls_credentials_options_set_tls_session_key_log_file_path_import; grpc_slice_ref_type grpc_slice_ref_import; grpc_slice_unref_type grpc_slice_unref_import; grpc_slice_copy_type grpc_slice_copy_import; @@ -332,6 +332,70 @@ void grpc_rb_load_imports(HMODULE library) { grpc_compression_options_enable_algorithm_import = (grpc_compression_options_enable_algorithm_type) GetProcAddress(library, "grpc_compression_options_enable_algorithm"); grpc_compression_options_disable_algorithm_import = (grpc_compression_options_disable_algorithm_type) GetProcAddress(library, "grpc_compression_options_disable_algorithm"); grpc_compression_options_is_algorithm_enabled_import = (grpc_compression_options_is_algorithm_enabled_type) GetProcAddress(library, "grpc_compression_options_is_algorithm_enabled"); + grpc_service_account_jwt_access_credentials_create_import = (grpc_service_account_jwt_access_credentials_create_type) GetProcAddress(library, "grpc_service_account_jwt_access_credentials_create"); + grpc_external_account_credentials_create_import = (grpc_external_account_credentials_create_type) GetProcAddress(library, "grpc_external_account_credentials_create"); + grpc_google_refresh_token_credentials_create_import = (grpc_google_refresh_token_credentials_create_type) GetProcAddress(library, "grpc_google_refresh_token_credentials_create"); + grpc_access_token_credentials_create_import = (grpc_access_token_credentials_create_type) GetProcAddress(library, "grpc_access_token_credentials_create"); + grpc_google_iam_credentials_create_import = (grpc_google_iam_credentials_create_type) GetProcAddress(library, "grpc_google_iam_credentials_create"); + grpc_sts_credentials_create_import = (grpc_sts_credentials_create_type) GetProcAddress(library, "grpc_sts_credentials_create"); + grpc_auth_metadata_context_copy_import = (grpc_auth_metadata_context_copy_type) GetProcAddress(library, "grpc_auth_metadata_context_copy"); + grpc_auth_metadata_context_reset_import = (grpc_auth_metadata_context_reset_type) GetProcAddress(library, "grpc_auth_metadata_context_reset"); + grpc_metadata_credentials_create_from_plugin_import = (grpc_metadata_credentials_create_from_plugin_type) GetProcAddress(library, "grpc_metadata_credentials_create_from_plugin"); + grpc_call_credentials_release_import = (grpc_call_credentials_release_type) GetProcAddress(library, "grpc_call_credentials_release"); + grpc_google_default_credentials_create_import = (grpc_google_default_credentials_create_type) GetProcAddress(library, "grpc_google_default_credentials_create"); + grpc_ssl_server_certificate_config_create_import = (grpc_ssl_server_certificate_config_create_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_create"); + grpc_ssl_server_certificate_config_destroy_import = (grpc_ssl_server_certificate_config_destroy_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_destroy"); + grpc_ssl_credentials_create_import = (grpc_ssl_credentials_create_type) GetProcAddress(library, "grpc_ssl_credentials_create"); + grpc_ssl_credentials_create_ex_import = (grpc_ssl_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_credentials_create_ex"); + grpc_ssl_server_credentials_create_import = (grpc_ssl_server_credentials_create_type) GetProcAddress(library, "grpc_ssl_server_credentials_create"); + grpc_ssl_server_credentials_create_ex_import = (grpc_ssl_server_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_ex"); + grpc_ssl_server_credentials_create_options_using_config_import = (grpc_ssl_server_credentials_create_options_using_config_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_options_using_config"); + grpc_ssl_server_credentials_create_options_using_config_fetcher_import = (grpc_ssl_server_credentials_create_options_using_config_fetcher_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_options_using_config_fetcher"); + grpc_ssl_server_credentials_options_destroy_import = (grpc_ssl_server_credentials_options_destroy_type) GetProcAddress(library, "grpc_ssl_server_credentials_options_destroy"); + grpc_ssl_server_credentials_create_with_options_import = (grpc_ssl_server_credentials_create_with_options_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_with_options"); + grpc_server_credentials_set_auth_metadata_processor_import = (grpc_server_credentials_set_auth_metadata_processor_type) GetProcAddress(library, "grpc_server_credentials_set_auth_metadata_processor"); + grpc_composite_call_credentials_create_import = (grpc_composite_call_credentials_create_type) GetProcAddress(library, "grpc_composite_call_credentials_create"); + grpc_google_compute_engine_credentials_create_import = (grpc_google_compute_engine_credentials_create_type) GetProcAddress(library, "grpc_google_compute_engine_credentials_create"); + grpc_composite_channel_credentials_create_import = (grpc_composite_channel_credentials_create_type) GetProcAddress(library, "grpc_composite_channel_credentials_create"); + grpc_alts_credentials_client_options_create_import = (grpc_alts_credentials_client_options_create_type) GetProcAddress(library, "grpc_alts_credentials_client_options_create"); + grpc_alts_credentials_server_options_create_import = (grpc_alts_credentials_server_options_create_type) GetProcAddress(library, "grpc_alts_credentials_server_options_create"); + grpc_alts_credentials_client_options_add_target_service_account_import = (grpc_alts_credentials_client_options_add_target_service_account_type) GetProcAddress(library, "grpc_alts_credentials_client_options_add_target_service_account"); + grpc_alts_credentials_options_destroy_import = (grpc_alts_credentials_options_destroy_type) GetProcAddress(library, "grpc_alts_credentials_options_destroy"); + grpc_alts_credentials_create_import = (grpc_alts_credentials_create_type) GetProcAddress(library, "grpc_alts_credentials_create"); + grpc_alts_server_credentials_create_import = (grpc_alts_server_credentials_create_type) GetProcAddress(library, "grpc_alts_server_credentials_create"); + grpc_tls_identity_pairs_create_import = (grpc_tls_identity_pairs_create_type) GetProcAddress(library, "grpc_tls_identity_pairs_create"); + grpc_tls_identity_pairs_add_pair_import = (grpc_tls_identity_pairs_add_pair_type) GetProcAddress(library, "grpc_tls_identity_pairs_add_pair"); + grpc_tls_identity_pairs_destroy_import = (grpc_tls_identity_pairs_destroy_type) GetProcAddress(library, "grpc_tls_identity_pairs_destroy"); + grpc_tls_certificate_provider_static_data_create_import = (grpc_tls_certificate_provider_static_data_create_type) GetProcAddress(library, "grpc_tls_certificate_provider_static_data_create"); + grpc_tls_certificate_provider_file_watcher_create_import = (grpc_tls_certificate_provider_file_watcher_create_type) GetProcAddress(library, "grpc_tls_certificate_provider_file_watcher_create"); + grpc_tls_certificate_provider_release_import = (grpc_tls_certificate_provider_release_type) GetProcAddress(library, "grpc_tls_certificate_provider_release"); + grpc_tls_credentials_options_create_import = (grpc_tls_credentials_options_create_type) GetProcAddress(library, "grpc_tls_credentials_options_create"); + grpc_tls_credentials_options_set_min_tls_version_import = (grpc_tls_credentials_options_set_min_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_min_tls_version"); + grpc_tls_credentials_options_set_max_tls_version_import = (grpc_tls_credentials_options_set_max_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_max_tls_version"); + grpc_tls_credentials_options_copy_import = (grpc_tls_credentials_options_copy_type) GetProcAddress(library, "grpc_tls_credentials_options_copy"); + grpc_tls_credentials_options_destroy_import = (grpc_tls_credentials_options_destroy_type) GetProcAddress(library, "grpc_tls_credentials_options_destroy"); + grpc_tls_credentials_options_set_certificate_provider_import = (grpc_tls_credentials_options_set_certificate_provider_type) GetProcAddress(library, "grpc_tls_credentials_options_set_certificate_provider"); + grpc_tls_credentials_options_watch_root_certs_import = (grpc_tls_credentials_options_watch_root_certs_type) GetProcAddress(library, "grpc_tls_credentials_options_watch_root_certs"); + grpc_tls_credentials_options_set_root_cert_name_import = (grpc_tls_credentials_options_set_root_cert_name_type) GetProcAddress(library, "grpc_tls_credentials_options_set_root_cert_name"); + grpc_tls_credentials_options_watch_identity_key_cert_pairs_import = (grpc_tls_credentials_options_watch_identity_key_cert_pairs_type) GetProcAddress(library, "grpc_tls_credentials_options_watch_identity_key_cert_pairs"); + grpc_tls_credentials_options_set_identity_cert_name_import = (grpc_tls_credentials_options_set_identity_cert_name_type) GetProcAddress(library, "grpc_tls_credentials_options_set_identity_cert_name"); + grpc_tls_credentials_options_set_cert_request_type_import = (grpc_tls_credentials_options_set_cert_request_type_type) GetProcAddress(library, "grpc_tls_credentials_options_set_cert_request_type"); + grpc_tls_credentials_options_set_crl_directory_import = (grpc_tls_credentials_options_set_crl_directory_type) GetProcAddress(library, "grpc_tls_credentials_options_set_crl_directory"); + grpc_tls_credentials_options_set_verify_server_cert_import = (grpc_tls_credentials_options_set_verify_server_cert_type) GetProcAddress(library, "grpc_tls_credentials_options_set_verify_server_cert"); + grpc_tls_credentials_options_set_send_client_ca_list_import = (grpc_tls_credentials_options_set_send_client_ca_list_type) GetProcAddress(library, "grpc_tls_credentials_options_set_send_client_ca_list"); + grpc_ssl_session_cache_create_lru_import = (grpc_ssl_session_cache_create_lru_type) GetProcAddress(library, "grpc_ssl_session_cache_create_lru"); + grpc_ssl_session_cache_destroy_import = (grpc_ssl_session_cache_destroy_type) GetProcAddress(library, "grpc_ssl_session_cache_destroy"); + grpc_ssl_session_cache_create_channel_arg_import = (grpc_ssl_session_cache_create_channel_arg_type) GetProcAddress(library, "grpc_ssl_session_cache_create_channel_arg"); + grpc_set_ssl_roots_override_callback_import = (grpc_set_ssl_roots_override_callback_type) GetProcAddress(library, "grpc_set_ssl_roots_override_callback"); + grpc_max_auth_token_lifetime_import = (grpc_max_auth_token_lifetime_type) GetProcAddress(library, "grpc_max_auth_token_lifetime"); + grpc_insecure_credentials_create_import = (grpc_insecure_credentials_create_type) GetProcAddress(library, "grpc_insecure_credentials_create"); + grpc_insecure_server_credentials_create_import = (grpc_insecure_server_credentials_create_type) GetProcAddress(library, "grpc_insecure_server_credentials_create"); + grpc_xds_credentials_create_import = (grpc_xds_credentials_create_type) GetProcAddress(library, "grpc_xds_credentials_create"); + grpc_xds_server_credentials_create_import = (grpc_xds_server_credentials_create_type) GetProcAddress(library, "grpc_xds_server_credentials_create"); + grpc_local_credentials_create_import = (grpc_local_credentials_create_type) GetProcAddress(library, "grpc_local_credentials_create"); + grpc_local_server_credentials_create_import = (grpc_local_server_credentials_create_type) GetProcAddress(library, "grpc_local_server_credentials_create"); + grpc_tls_credentials_options_set_check_call_host_import = (grpc_tls_credentials_options_set_check_call_host_type) GetProcAddress(library, "grpc_tls_credentials_options_set_check_call_host"); + grpc_tls_credentials_options_set_tls_session_key_log_file_path_import = (grpc_tls_credentials_options_set_tls_session_key_log_file_path_type) GetProcAddress(library, "grpc_tls_credentials_options_set_tls_session_key_log_file_path"); grpc_metadata_array_init_import = (grpc_metadata_array_init_type) GetProcAddress(library, "grpc_metadata_array_init"); grpc_metadata_array_destroy_import = (grpc_metadata_array_destroy_type) GetProcAddress(library, "grpc_metadata_array_destroy"); grpc_call_details_init_import = (grpc_call_details_init_type) GetProcAddress(library, "grpc_call_details_init"); @@ -377,6 +441,7 @@ void grpc_rb_load_imports(HMODULE library) { grpc_call_failed_before_recv_message_import = (grpc_call_failed_before_recv_message_type) GetProcAddress(library, "grpc_call_failed_before_recv_message"); grpc_call_ref_import = (grpc_call_ref_type) GetProcAddress(library, "grpc_call_ref"); grpc_call_unref_import = (grpc_call_unref_type) GetProcAddress(library, "grpc_call_unref"); + grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials"); grpc_server_request_call_import = (grpc_server_request_call_type) GetProcAddress(library, "grpc_server_request_call"); grpc_server_register_method_import = (grpc_server_register_method_type) GetProcAddress(library, "grpc_server_register_method"); grpc_server_request_registered_call_import = (grpc_server_request_registered_call_type) GetProcAddress(library, "grpc_server_request_registered_call"); @@ -423,74 +488,9 @@ void grpc_rb_load_imports(HMODULE library) { grpc_auth_context_add_property_import = (grpc_auth_context_add_property_type) GetProcAddress(library, "grpc_auth_context_add_property"); grpc_auth_context_add_cstring_property_import = (grpc_auth_context_add_cstring_property_type) GetProcAddress(library, "grpc_auth_context_add_cstring_property"); grpc_auth_context_set_peer_identity_property_name_import = (grpc_auth_context_set_peer_identity_property_name_type) GetProcAddress(library, "grpc_auth_context_set_peer_identity_property_name"); - grpc_ssl_session_cache_create_lru_import = (grpc_ssl_session_cache_create_lru_type) GetProcAddress(library, "grpc_ssl_session_cache_create_lru"); - grpc_ssl_session_cache_destroy_import = (grpc_ssl_session_cache_destroy_type) GetProcAddress(library, "grpc_ssl_session_cache_destroy"); - grpc_ssl_session_cache_create_channel_arg_import = (grpc_ssl_session_cache_create_channel_arg_type) GetProcAddress(library, "grpc_ssl_session_cache_create_channel_arg"); - grpc_call_credentials_release_import = (grpc_call_credentials_release_type) GetProcAddress(library, "grpc_call_credentials_release"); - grpc_google_default_credentials_create_import = (grpc_google_default_credentials_create_type) GetProcAddress(library, "grpc_google_default_credentials_create"); - grpc_set_ssl_roots_override_callback_import = (grpc_set_ssl_roots_override_callback_type) GetProcAddress(library, "grpc_set_ssl_roots_override_callback"); - grpc_ssl_credentials_create_import = (grpc_ssl_credentials_create_type) GetProcAddress(library, "grpc_ssl_credentials_create"); - grpc_ssl_credentials_create_ex_import = (grpc_ssl_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_credentials_create_ex"); - grpc_composite_channel_credentials_create_import = (grpc_composite_channel_credentials_create_type) GetProcAddress(library, "grpc_composite_channel_credentials_create"); - grpc_composite_call_credentials_create_import = (grpc_composite_call_credentials_create_type) GetProcAddress(library, "grpc_composite_call_credentials_create"); - grpc_google_compute_engine_credentials_create_import = (grpc_google_compute_engine_credentials_create_type) GetProcAddress(library, "grpc_google_compute_engine_credentials_create"); - grpc_max_auth_token_lifetime_import = (grpc_max_auth_token_lifetime_type) GetProcAddress(library, "grpc_max_auth_token_lifetime"); - grpc_service_account_jwt_access_credentials_create_import = (grpc_service_account_jwt_access_credentials_create_type) GetProcAddress(library, "grpc_service_account_jwt_access_credentials_create"); - grpc_external_account_credentials_create_import = (grpc_external_account_credentials_create_type) GetProcAddress(library, "grpc_external_account_credentials_create"); - grpc_google_refresh_token_credentials_create_import = (grpc_google_refresh_token_credentials_create_type) GetProcAddress(library, "grpc_google_refresh_token_credentials_create"); - grpc_access_token_credentials_create_import = (grpc_access_token_credentials_create_type) GetProcAddress(library, "grpc_access_token_credentials_create"); - grpc_google_iam_credentials_create_import = (grpc_google_iam_credentials_create_type) GetProcAddress(library, "grpc_google_iam_credentials_create"); - grpc_sts_credentials_create_import = (grpc_sts_credentials_create_type) GetProcAddress(library, "grpc_sts_credentials_create"); - grpc_auth_metadata_context_copy_import = (grpc_auth_metadata_context_copy_type) GetProcAddress(library, "grpc_auth_metadata_context_copy"); - grpc_auth_metadata_context_reset_import = (grpc_auth_metadata_context_reset_type) GetProcAddress(library, "grpc_auth_metadata_context_reset"); - grpc_metadata_credentials_create_from_plugin_import = (grpc_metadata_credentials_create_from_plugin_type) GetProcAddress(library, "grpc_metadata_credentials_create_from_plugin"); - grpc_ssl_server_certificate_config_create_import = (grpc_ssl_server_certificate_config_create_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_create"); - grpc_ssl_server_certificate_config_destroy_import = (grpc_ssl_server_certificate_config_destroy_type) GetProcAddress(library, "grpc_ssl_server_certificate_config_destroy"); - grpc_ssl_server_credentials_create_import = (grpc_ssl_server_credentials_create_type) GetProcAddress(library, "grpc_ssl_server_credentials_create"); - grpc_ssl_server_credentials_create_ex_import = (grpc_ssl_server_credentials_create_ex_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_ex"); - grpc_ssl_server_credentials_create_options_using_config_import = (grpc_ssl_server_credentials_create_options_using_config_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_options_using_config"); - grpc_ssl_server_credentials_create_options_using_config_fetcher_import = (grpc_ssl_server_credentials_create_options_using_config_fetcher_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_options_using_config_fetcher"); - grpc_ssl_server_credentials_options_destroy_import = (grpc_ssl_server_credentials_options_destroy_type) GetProcAddress(library, "grpc_ssl_server_credentials_options_destroy"); - grpc_ssl_server_credentials_create_with_options_import = (grpc_ssl_server_credentials_create_with_options_type) GetProcAddress(library, "grpc_ssl_server_credentials_create_with_options"); - grpc_call_set_credentials_import = (grpc_call_set_credentials_type) GetProcAddress(library, "grpc_call_set_credentials"); - grpc_server_credentials_set_auth_metadata_processor_import = (grpc_server_credentials_set_auth_metadata_processor_type) GetProcAddress(library, "grpc_server_credentials_set_auth_metadata_processor"); - grpc_alts_credentials_client_options_create_import = (grpc_alts_credentials_client_options_create_type) GetProcAddress(library, "grpc_alts_credentials_client_options_create"); - grpc_alts_credentials_server_options_create_import = (grpc_alts_credentials_server_options_create_type) GetProcAddress(library, "grpc_alts_credentials_server_options_create"); - grpc_alts_credentials_client_options_add_target_service_account_import = (grpc_alts_credentials_client_options_add_target_service_account_type) GetProcAddress(library, "grpc_alts_credentials_client_options_add_target_service_account"); - grpc_alts_credentials_options_destroy_import = (grpc_alts_credentials_options_destroy_type) GetProcAddress(library, "grpc_alts_credentials_options_destroy"); - grpc_alts_credentials_create_import = (grpc_alts_credentials_create_type) GetProcAddress(library, "grpc_alts_credentials_create"); - grpc_alts_server_credentials_create_import = (grpc_alts_server_credentials_create_type) GetProcAddress(library, "grpc_alts_server_credentials_create"); - grpc_local_credentials_create_import = (grpc_local_credentials_create_type) GetProcAddress(library, "grpc_local_credentials_create"); - grpc_local_server_credentials_create_import = (grpc_local_server_credentials_create_type) GetProcAddress(library, "grpc_local_server_credentials_create"); - grpc_tls_identity_pairs_create_import = (grpc_tls_identity_pairs_create_type) GetProcAddress(library, "grpc_tls_identity_pairs_create"); - grpc_tls_identity_pairs_add_pair_import = (grpc_tls_identity_pairs_add_pair_type) GetProcAddress(library, "grpc_tls_identity_pairs_add_pair"); - grpc_tls_identity_pairs_destroy_import = (grpc_tls_identity_pairs_destroy_type) GetProcAddress(library, "grpc_tls_identity_pairs_destroy"); - grpc_tls_certificate_provider_static_data_create_import = (grpc_tls_certificate_provider_static_data_create_type) GetProcAddress(library, "grpc_tls_certificate_provider_static_data_create"); - grpc_tls_certificate_provider_file_watcher_create_import = (grpc_tls_certificate_provider_file_watcher_create_type) GetProcAddress(library, "grpc_tls_certificate_provider_file_watcher_create"); - grpc_tls_certificate_provider_release_import = (grpc_tls_certificate_provider_release_type) GetProcAddress(library, "grpc_tls_certificate_provider_release"); - grpc_tls_credentials_options_create_import = (grpc_tls_credentials_options_create_type) GetProcAddress(library, "grpc_tls_credentials_options_create"); - grpc_tls_credentials_options_set_min_tls_version_import = (grpc_tls_credentials_options_set_min_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_min_tls_version"); - grpc_tls_credentials_options_set_max_tls_version_import = (grpc_tls_credentials_options_set_max_tls_version_type) GetProcAddress(library, "grpc_tls_credentials_options_set_max_tls_version"); - grpc_tls_credentials_options_copy_import = (grpc_tls_credentials_options_copy_type) GetProcAddress(library, "grpc_tls_credentials_options_copy"); - grpc_tls_credentials_options_destroy_import = (grpc_tls_credentials_options_destroy_type) GetProcAddress(library, "grpc_tls_credentials_options_destroy"); - grpc_tls_credentials_options_set_certificate_provider_import = (grpc_tls_credentials_options_set_certificate_provider_type) GetProcAddress(library, "grpc_tls_credentials_options_set_certificate_provider"); - grpc_tls_credentials_options_watch_root_certs_import = (grpc_tls_credentials_options_watch_root_certs_type) GetProcAddress(library, "grpc_tls_credentials_options_watch_root_certs"); - grpc_tls_credentials_options_set_root_cert_name_import = (grpc_tls_credentials_options_set_root_cert_name_type) GetProcAddress(library, "grpc_tls_credentials_options_set_root_cert_name"); - grpc_tls_credentials_options_watch_identity_key_cert_pairs_import = (grpc_tls_credentials_options_watch_identity_key_cert_pairs_type) GetProcAddress(library, "grpc_tls_credentials_options_watch_identity_key_cert_pairs"); - grpc_tls_credentials_options_set_identity_cert_name_import = (grpc_tls_credentials_options_set_identity_cert_name_type) GetProcAddress(library, "grpc_tls_credentials_options_set_identity_cert_name"); - grpc_tls_credentials_options_set_cert_request_type_import = (grpc_tls_credentials_options_set_cert_request_type_type) GetProcAddress(library, "grpc_tls_credentials_options_set_cert_request_type"); - grpc_tls_credentials_options_set_crl_directory_import = (grpc_tls_credentials_options_set_crl_directory_type) GetProcAddress(library, "grpc_tls_credentials_options_set_crl_directory"); - grpc_tls_credentials_options_set_verify_server_cert_import = (grpc_tls_credentials_options_set_verify_server_cert_type) GetProcAddress(library, "grpc_tls_credentials_options_set_verify_server_cert"); - grpc_tls_credentials_options_set_send_client_ca_list_import = (grpc_tls_credentials_options_set_send_client_ca_list_type) GetProcAddress(library, "grpc_tls_credentials_options_set_send_client_ca_list"); - grpc_tls_credentials_options_set_check_call_host_import = (grpc_tls_credentials_options_set_check_call_host_type) GetProcAddress(library, "grpc_tls_credentials_options_set_check_call_host"); - grpc_insecure_credentials_create_import = (grpc_insecure_credentials_create_type) GetProcAddress(library, "grpc_insecure_credentials_create"); - grpc_insecure_server_credentials_create_import = (grpc_insecure_server_credentials_create_type) GetProcAddress(library, "grpc_insecure_server_credentials_create"); - grpc_xds_credentials_create_import = (grpc_xds_credentials_create_type) GetProcAddress(library, "grpc_xds_credentials_create"); - grpc_xds_server_credentials_create_import = (grpc_xds_server_credentials_create_type) GetProcAddress(library, "grpc_xds_server_credentials_create"); grpc_authorization_policy_provider_static_data_create_import = (grpc_authorization_policy_provider_static_data_create_type) GetProcAddress(library, "grpc_authorization_policy_provider_static_data_create"); grpc_authorization_policy_provider_file_watcher_create_import = (grpc_authorization_policy_provider_file_watcher_create_type) GetProcAddress(library, "grpc_authorization_policy_provider_file_watcher_create"); grpc_authorization_policy_provider_release_import = (grpc_authorization_policy_provider_release_type) GetProcAddress(library, "grpc_authorization_policy_provider_release"); - grpc_tls_credentials_options_set_tls_session_key_log_file_path_import = (grpc_tls_credentials_options_set_tls_session_key_log_file_path_type) GetProcAddress(library, "grpc_tls_credentials_options_set_tls_session_key_log_file_path"); grpc_slice_ref_import = (grpc_slice_ref_type) GetProcAddress(library, "grpc_slice_ref"); grpc_slice_unref_import = (grpc_slice_unref_type) GetProcAddress(library, "grpc_slice_unref"); grpc_slice_copy_import = (grpc_slice_copy_type) GetProcAddress(library, "grpc_slice_copy"); diff --git a/src/ruby/ext/grpc/rb_grpc_imports.generated.h b/src/ruby/ext/grpc/rb_grpc_imports.generated.h index d4e2099eda4..42fb67dface 100644 --- a/src/ruby/ext/grpc/rb_grpc_imports.generated.h +++ b/src/ruby/ext/grpc/rb_grpc_imports.generated.h @@ -27,6 +27,7 @@ #include #include +#include #include #include #include @@ -101,6 +102,198 @@ extern grpc_compression_options_disable_algorithm_type grpc_compression_options_ typedef int(*grpc_compression_options_is_algorithm_enabled_type)(const grpc_compression_options* opts, grpc_compression_algorithm algorithm); extern grpc_compression_options_is_algorithm_enabled_type grpc_compression_options_is_algorithm_enabled_import; #define grpc_compression_options_is_algorithm_enabled grpc_compression_options_is_algorithm_enabled_import +typedef grpc_call_credentials*(*grpc_service_account_jwt_access_credentials_create_type)(const char* json_key, gpr_timespec token_lifetime, void* reserved); +extern grpc_service_account_jwt_access_credentials_create_type grpc_service_account_jwt_access_credentials_create_import; +#define grpc_service_account_jwt_access_credentials_create grpc_service_account_jwt_access_credentials_create_import +typedef grpc_call_credentials*(*grpc_external_account_credentials_create_type)(const char* json_string, const char* scopes_string); +extern grpc_external_account_credentials_create_type grpc_external_account_credentials_create_import; +#define grpc_external_account_credentials_create grpc_external_account_credentials_create_import +typedef grpc_call_credentials*(*grpc_google_refresh_token_credentials_create_type)(const char* json_refresh_token, void* reserved); +extern grpc_google_refresh_token_credentials_create_type grpc_google_refresh_token_credentials_create_import; +#define grpc_google_refresh_token_credentials_create grpc_google_refresh_token_credentials_create_import +typedef grpc_call_credentials*(*grpc_access_token_credentials_create_type)(const char* access_token, void* reserved); +extern grpc_access_token_credentials_create_type grpc_access_token_credentials_create_import; +#define grpc_access_token_credentials_create grpc_access_token_credentials_create_import +typedef grpc_call_credentials*(*grpc_google_iam_credentials_create_type)(const char* authorization_token, const char* authority_selector, void* reserved); +extern grpc_google_iam_credentials_create_type grpc_google_iam_credentials_create_import; +#define grpc_google_iam_credentials_create grpc_google_iam_credentials_create_import +typedef grpc_call_credentials*(*grpc_sts_credentials_create_type)(const grpc_sts_credentials_options* options, void* reserved); +extern grpc_sts_credentials_create_type grpc_sts_credentials_create_import; +#define grpc_sts_credentials_create grpc_sts_credentials_create_import +typedef void(*grpc_auth_metadata_context_copy_type)(grpc_auth_metadata_context* from, grpc_auth_metadata_context* to); +extern grpc_auth_metadata_context_copy_type grpc_auth_metadata_context_copy_import; +#define grpc_auth_metadata_context_copy grpc_auth_metadata_context_copy_import +typedef void(*grpc_auth_metadata_context_reset_type)(grpc_auth_metadata_context* context); +extern grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_import; +#define grpc_auth_metadata_context_reset grpc_auth_metadata_context_reset_import +typedef grpc_call_credentials*(*grpc_metadata_credentials_create_from_plugin_type)(grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void* reserved); +extern grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; +#define grpc_metadata_credentials_create_from_plugin grpc_metadata_credentials_create_from_plugin_import +typedef void(*grpc_call_credentials_release_type)(grpc_call_credentials* creds); +extern grpc_call_credentials_release_type grpc_call_credentials_release_import; +#define grpc_call_credentials_release grpc_call_credentials_release_import +typedef grpc_channel_credentials*(*grpc_google_default_credentials_create_type)(grpc_call_credentials* call_credentials); +extern grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; +#define grpc_google_default_credentials_create grpc_google_default_credentials_create_import +typedef grpc_ssl_server_certificate_config*(*grpc_ssl_server_certificate_config_create_type)(const char* pem_root_certs, const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs); +extern grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; +#define grpc_ssl_server_certificate_config_create grpc_ssl_server_certificate_config_create_import +typedef void(*grpc_ssl_server_certificate_config_destroy_type)(grpc_ssl_server_certificate_config* config); +extern grpc_ssl_server_certificate_config_destroy_type grpc_ssl_server_certificate_config_destroy_import; +#define grpc_ssl_server_certificate_config_destroy grpc_ssl_server_certificate_config_destroy_import +typedef grpc_channel_credentials*(*grpc_ssl_credentials_create_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, const verify_peer_options* verify_options, void* reserved); +extern grpc_ssl_credentials_create_type grpc_ssl_credentials_create_import; +#define grpc_ssl_credentials_create grpc_ssl_credentials_create_import +typedef grpc_channel_credentials*(*grpc_ssl_credentials_create_ex_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, const grpc_ssl_verify_peer_options* verify_options, void* reserved); +extern grpc_ssl_credentials_create_ex_type grpc_ssl_credentials_create_ex_import; +#define grpc_ssl_credentials_create_ex grpc_ssl_credentials_create_ex_import +typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs, int force_client_auth, void* reserved); +extern grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import; +#define grpc_ssl_server_credentials_create grpc_ssl_server_credentials_create_import +typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_ex_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs, grpc_ssl_client_certificate_request_type client_certificate_request, void* reserved); +extern grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import; +#define grpc_ssl_server_credentials_create_ex grpc_ssl_server_credentials_create_ex_import +typedef grpc_ssl_server_credentials_options*(*grpc_ssl_server_credentials_create_options_using_config_type)(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config* certificate_config); +extern grpc_ssl_server_credentials_create_options_using_config_type grpc_ssl_server_credentials_create_options_using_config_import; +#define grpc_ssl_server_credentials_create_options_using_config grpc_ssl_server_credentials_create_options_using_config_import +typedef grpc_ssl_server_credentials_options*(*grpc_ssl_server_credentials_create_options_using_config_fetcher_type)(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config_callback cb, void* user_data); +extern grpc_ssl_server_credentials_create_options_using_config_fetcher_type grpc_ssl_server_credentials_create_options_using_config_fetcher_import; +#define grpc_ssl_server_credentials_create_options_using_config_fetcher grpc_ssl_server_credentials_create_options_using_config_fetcher_import +typedef void(*grpc_ssl_server_credentials_options_destroy_type)(grpc_ssl_server_credentials_options* options); +extern grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credentials_options_destroy_import; +#define grpc_ssl_server_credentials_options_destroy grpc_ssl_server_credentials_options_destroy_import +typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_with_options_type)(grpc_ssl_server_credentials_options* options); +extern grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; +#define grpc_ssl_server_credentials_create_with_options grpc_ssl_server_credentials_create_with_options_import +typedef void(*grpc_server_credentials_set_auth_metadata_processor_type)(grpc_server_credentials* creds, grpc_auth_metadata_processor processor); +extern grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import; +#define grpc_server_credentials_set_auth_metadata_processor grpc_server_credentials_set_auth_metadata_processor_import +typedef grpc_call_credentials*(*grpc_composite_call_credentials_create_type)(grpc_call_credentials* creds1, grpc_call_credentials* creds2, void* reserved); +extern grpc_composite_call_credentials_create_type grpc_composite_call_credentials_create_import; +#define grpc_composite_call_credentials_create grpc_composite_call_credentials_create_import +typedef grpc_call_credentials*(*grpc_google_compute_engine_credentials_create_type)(void* reserved); +extern grpc_google_compute_engine_credentials_create_type grpc_google_compute_engine_credentials_create_import; +#define grpc_google_compute_engine_credentials_create grpc_google_compute_engine_credentials_create_import +typedef grpc_channel_credentials*(*grpc_composite_channel_credentials_create_type)(grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds, void* reserved); +extern grpc_composite_channel_credentials_create_type grpc_composite_channel_credentials_create_import; +#define grpc_composite_channel_credentials_create grpc_composite_channel_credentials_create_import +typedef grpc_alts_credentials_options*(*grpc_alts_credentials_client_options_create_type)(void); +extern grpc_alts_credentials_client_options_create_type grpc_alts_credentials_client_options_create_import; +#define grpc_alts_credentials_client_options_create grpc_alts_credentials_client_options_create_import +typedef grpc_alts_credentials_options*(*grpc_alts_credentials_server_options_create_type)(void); +extern grpc_alts_credentials_server_options_create_type grpc_alts_credentials_server_options_create_import; +#define grpc_alts_credentials_server_options_create grpc_alts_credentials_server_options_create_import +typedef void(*grpc_alts_credentials_client_options_add_target_service_account_type)(grpc_alts_credentials_options* options, const char* service_account); +extern grpc_alts_credentials_client_options_add_target_service_account_type grpc_alts_credentials_client_options_add_target_service_account_import; +#define grpc_alts_credentials_client_options_add_target_service_account grpc_alts_credentials_client_options_add_target_service_account_import +typedef void(*grpc_alts_credentials_options_destroy_type)(grpc_alts_credentials_options* options); +extern grpc_alts_credentials_options_destroy_type grpc_alts_credentials_options_destroy_import; +#define grpc_alts_credentials_options_destroy grpc_alts_credentials_options_destroy_import +typedef grpc_channel_credentials*(*grpc_alts_credentials_create_type)(const grpc_alts_credentials_options* options); +extern grpc_alts_credentials_create_type grpc_alts_credentials_create_import; +#define grpc_alts_credentials_create grpc_alts_credentials_create_import +typedef grpc_server_credentials*(*grpc_alts_server_credentials_create_type)(const grpc_alts_credentials_options* options); +extern grpc_alts_server_credentials_create_type grpc_alts_server_credentials_create_import; +#define grpc_alts_server_credentials_create grpc_alts_server_credentials_create_import +typedef grpc_tls_identity_pairs*(*grpc_tls_identity_pairs_create_type)(); +extern grpc_tls_identity_pairs_create_type grpc_tls_identity_pairs_create_import; +#define grpc_tls_identity_pairs_create grpc_tls_identity_pairs_create_import +typedef void(*grpc_tls_identity_pairs_add_pair_type)(grpc_tls_identity_pairs* pairs, const char* private_key, const char* cert_chain); +extern grpc_tls_identity_pairs_add_pair_type grpc_tls_identity_pairs_add_pair_import; +#define grpc_tls_identity_pairs_add_pair grpc_tls_identity_pairs_add_pair_import +typedef void(*grpc_tls_identity_pairs_destroy_type)(grpc_tls_identity_pairs* pairs); +extern grpc_tls_identity_pairs_destroy_type grpc_tls_identity_pairs_destroy_import; +#define grpc_tls_identity_pairs_destroy grpc_tls_identity_pairs_destroy_import +typedef grpc_tls_certificate_provider*(*grpc_tls_certificate_provider_static_data_create_type)(const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs); +extern grpc_tls_certificate_provider_static_data_create_type grpc_tls_certificate_provider_static_data_create_import; +#define grpc_tls_certificate_provider_static_data_create grpc_tls_certificate_provider_static_data_create_import +typedef grpc_tls_certificate_provider*(*grpc_tls_certificate_provider_file_watcher_create_type)(const char* private_key_path, const char* identity_certificate_path, const char* root_cert_path, unsigned int refresh_interval_sec); +extern grpc_tls_certificate_provider_file_watcher_create_type grpc_tls_certificate_provider_file_watcher_create_import; +#define grpc_tls_certificate_provider_file_watcher_create grpc_tls_certificate_provider_file_watcher_create_import +typedef void(*grpc_tls_certificate_provider_release_type)(grpc_tls_certificate_provider* provider); +extern grpc_tls_certificate_provider_release_type grpc_tls_certificate_provider_release_import; +#define grpc_tls_certificate_provider_release grpc_tls_certificate_provider_release_import +typedef grpc_tls_credentials_options*(*grpc_tls_credentials_options_create_type)(void); +extern grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import; +#define grpc_tls_credentials_options_create grpc_tls_credentials_options_create_import +typedef void(*grpc_tls_credentials_options_set_min_tls_version_type)(grpc_tls_credentials_options* options, grpc_tls_version min_tls_version); +extern grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credentials_options_set_min_tls_version_import; +#define grpc_tls_credentials_options_set_min_tls_version grpc_tls_credentials_options_set_min_tls_version_import +typedef void(*grpc_tls_credentials_options_set_max_tls_version_type)(grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); +extern grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; +#define grpc_tls_credentials_options_set_max_tls_version grpc_tls_credentials_options_set_max_tls_version_import +typedef grpc_tls_credentials_options*(*grpc_tls_credentials_options_copy_type)(grpc_tls_credentials_options* options); +extern grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; +#define grpc_tls_credentials_options_copy grpc_tls_credentials_options_copy_import +typedef void(*grpc_tls_credentials_options_destroy_type)(grpc_tls_credentials_options* options); +extern grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; +#define grpc_tls_credentials_options_destroy grpc_tls_credentials_options_destroy_import +typedef void(*grpc_tls_credentials_options_set_certificate_provider_type)(grpc_tls_credentials_options* options, grpc_tls_certificate_provider* provider); +extern grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; +#define grpc_tls_credentials_options_set_certificate_provider grpc_tls_credentials_options_set_certificate_provider_import +typedef void(*grpc_tls_credentials_options_watch_root_certs_type)(grpc_tls_credentials_options* options); +extern grpc_tls_credentials_options_watch_root_certs_type grpc_tls_credentials_options_watch_root_certs_import; +#define grpc_tls_credentials_options_watch_root_certs grpc_tls_credentials_options_watch_root_certs_import +typedef void(*grpc_tls_credentials_options_set_root_cert_name_type)(grpc_tls_credentials_options* options, const char* root_cert_name); +extern grpc_tls_credentials_options_set_root_cert_name_type grpc_tls_credentials_options_set_root_cert_name_import; +#define grpc_tls_credentials_options_set_root_cert_name grpc_tls_credentials_options_set_root_cert_name_import +typedef void(*grpc_tls_credentials_options_watch_identity_key_cert_pairs_type)(grpc_tls_credentials_options* options); +extern grpc_tls_credentials_options_watch_identity_key_cert_pairs_type grpc_tls_credentials_options_watch_identity_key_cert_pairs_import; +#define grpc_tls_credentials_options_watch_identity_key_cert_pairs grpc_tls_credentials_options_watch_identity_key_cert_pairs_import +typedef void(*grpc_tls_credentials_options_set_identity_cert_name_type)(grpc_tls_credentials_options* options, const char* identity_cert_name); +extern grpc_tls_credentials_options_set_identity_cert_name_type grpc_tls_credentials_options_set_identity_cert_name_import; +#define grpc_tls_credentials_options_set_identity_cert_name grpc_tls_credentials_options_set_identity_cert_name_import +typedef void(*grpc_tls_credentials_options_set_cert_request_type_type)(grpc_tls_credentials_options* options, grpc_ssl_client_certificate_request_type type); +extern grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import; +#define grpc_tls_credentials_options_set_cert_request_type grpc_tls_credentials_options_set_cert_request_type_import +typedef void(*grpc_tls_credentials_options_set_crl_directory_type)(grpc_tls_credentials_options* options, const char* crl_directory); +extern grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import; +#define grpc_tls_credentials_options_set_crl_directory grpc_tls_credentials_options_set_crl_directory_import +typedef void(*grpc_tls_credentials_options_set_verify_server_cert_type)(grpc_tls_credentials_options* options, int verify_server_cert); +extern grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import; +#define grpc_tls_credentials_options_set_verify_server_cert grpc_tls_credentials_options_set_verify_server_cert_import +typedef void(*grpc_tls_credentials_options_set_send_client_ca_list_type)(grpc_tls_credentials_options* options, bool send_client_ca_list); +extern grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import; +#define grpc_tls_credentials_options_set_send_client_ca_list grpc_tls_credentials_options_set_send_client_ca_list_import +typedef grpc_ssl_session_cache*(*grpc_ssl_session_cache_create_lru_type)(size_t capacity); +extern grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import; +#define grpc_ssl_session_cache_create_lru grpc_ssl_session_cache_create_lru_import +typedef void(*grpc_ssl_session_cache_destroy_type)(grpc_ssl_session_cache* cache); +extern grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import; +#define grpc_ssl_session_cache_destroy grpc_ssl_session_cache_destroy_import +typedef grpc_arg(*grpc_ssl_session_cache_create_channel_arg_type)(grpc_ssl_session_cache* cache); +extern grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import; +#define grpc_ssl_session_cache_create_channel_arg grpc_ssl_session_cache_create_channel_arg_import +typedef void(*grpc_set_ssl_roots_override_callback_type)(grpc_ssl_roots_override_callback cb); +extern grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import; +#define grpc_set_ssl_roots_override_callback grpc_set_ssl_roots_override_callback_import +typedef gpr_timespec(*grpc_max_auth_token_lifetime_type)(void); +extern grpc_max_auth_token_lifetime_type grpc_max_auth_token_lifetime_import; +#define grpc_max_auth_token_lifetime grpc_max_auth_token_lifetime_import +typedef grpc_channel_credentials*(*grpc_insecure_credentials_create_type)(); +extern grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; +#define grpc_insecure_credentials_create grpc_insecure_credentials_create_import +typedef grpc_server_credentials*(*grpc_insecure_server_credentials_create_type)(); +extern grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; +#define grpc_insecure_server_credentials_create grpc_insecure_server_credentials_create_import +typedef grpc_channel_credentials*(*grpc_xds_credentials_create_type)(grpc_channel_credentials* fallback_credentials); +extern grpc_xds_credentials_create_type grpc_xds_credentials_create_import; +#define grpc_xds_credentials_create grpc_xds_credentials_create_import +typedef grpc_server_credentials*(*grpc_xds_server_credentials_create_type)(grpc_server_credentials* fallback_credentials); +extern grpc_xds_server_credentials_create_type grpc_xds_server_credentials_create_import; +#define grpc_xds_server_credentials_create grpc_xds_server_credentials_create_import +typedef grpc_channel_credentials*(*grpc_local_credentials_create_type)(grpc_local_connect_type type); +extern grpc_local_credentials_create_type grpc_local_credentials_create_import; +#define grpc_local_credentials_create grpc_local_credentials_create_import +typedef grpc_server_credentials*(*grpc_local_server_credentials_create_type)(grpc_local_connect_type type); +extern grpc_local_server_credentials_create_type grpc_local_server_credentials_create_import; +#define grpc_local_server_credentials_create grpc_local_server_credentials_create_import +typedef void(*grpc_tls_credentials_options_set_check_call_host_type)(grpc_tls_credentials_options* options, int check_call_host); +extern grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; +#define grpc_tls_credentials_options_set_check_call_host grpc_tls_credentials_options_set_check_call_host_import +typedef void(*grpc_tls_credentials_options_set_tls_session_key_log_file_path_type)(grpc_tls_credentials_options* options, const char* path); +extern grpc_tls_credentials_options_set_tls_session_key_log_file_path_type grpc_tls_credentials_options_set_tls_session_key_log_file_path_import; +#define grpc_tls_credentials_options_set_tls_session_key_log_file_path grpc_tls_credentials_options_set_tls_session_key_log_file_path_import typedef void(*grpc_metadata_array_init_type)(grpc_metadata_array* array); extern grpc_metadata_array_init_type grpc_metadata_array_init_import; #define grpc_metadata_array_init grpc_metadata_array_init_import @@ -236,6 +429,9 @@ extern grpc_call_ref_type grpc_call_ref_import; typedef void(*grpc_call_unref_type)(grpc_call* call); extern grpc_call_unref_type grpc_call_unref_import; #define grpc_call_unref grpc_call_unref_import +typedef grpc_call_error(*grpc_call_set_credentials_type)(grpc_call* call, grpc_call_credentials* creds); +extern grpc_call_set_credentials_type grpc_call_set_credentials_import; +#define grpc_call_set_credentials grpc_call_set_credentials_import typedef grpc_call_error(*grpc_server_request_call_type)(grpc_server* server, grpc_call** call, grpc_call_details* details, grpc_metadata_array* request_metadata, grpc_completion_queue* cq_bound_to_call, grpc_completion_queue* cq_for_notification, void* tag_new); extern grpc_server_request_call_type grpc_server_request_call_import; #define grpc_server_request_call grpc_server_request_call_import @@ -374,198 +570,6 @@ extern grpc_auth_context_add_cstring_property_type grpc_auth_context_add_cstring typedef int(*grpc_auth_context_set_peer_identity_property_name_type)(grpc_auth_context* ctx, const char* name); extern grpc_auth_context_set_peer_identity_property_name_type grpc_auth_context_set_peer_identity_property_name_import; #define grpc_auth_context_set_peer_identity_property_name grpc_auth_context_set_peer_identity_property_name_import -typedef grpc_ssl_session_cache*(*grpc_ssl_session_cache_create_lru_type)(size_t capacity); -extern grpc_ssl_session_cache_create_lru_type grpc_ssl_session_cache_create_lru_import; -#define grpc_ssl_session_cache_create_lru grpc_ssl_session_cache_create_lru_import -typedef void(*grpc_ssl_session_cache_destroy_type)(grpc_ssl_session_cache* cache); -extern grpc_ssl_session_cache_destroy_type grpc_ssl_session_cache_destroy_import; -#define grpc_ssl_session_cache_destroy grpc_ssl_session_cache_destroy_import -typedef grpc_arg(*grpc_ssl_session_cache_create_channel_arg_type)(grpc_ssl_session_cache* cache); -extern grpc_ssl_session_cache_create_channel_arg_type grpc_ssl_session_cache_create_channel_arg_import; -#define grpc_ssl_session_cache_create_channel_arg grpc_ssl_session_cache_create_channel_arg_import -typedef void(*grpc_call_credentials_release_type)(grpc_call_credentials* creds); -extern grpc_call_credentials_release_type grpc_call_credentials_release_import; -#define grpc_call_credentials_release grpc_call_credentials_release_import -typedef grpc_channel_credentials*(*grpc_google_default_credentials_create_type)(grpc_call_credentials* call_credentials); -extern grpc_google_default_credentials_create_type grpc_google_default_credentials_create_import; -#define grpc_google_default_credentials_create grpc_google_default_credentials_create_import -typedef void(*grpc_set_ssl_roots_override_callback_type)(grpc_ssl_roots_override_callback cb); -extern grpc_set_ssl_roots_override_callback_type grpc_set_ssl_roots_override_callback_import; -#define grpc_set_ssl_roots_override_callback grpc_set_ssl_roots_override_callback_import -typedef grpc_channel_credentials*(*grpc_ssl_credentials_create_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, const verify_peer_options* verify_options, void* reserved); -extern grpc_ssl_credentials_create_type grpc_ssl_credentials_create_import; -#define grpc_ssl_credentials_create grpc_ssl_credentials_create_import -typedef grpc_channel_credentials*(*grpc_ssl_credentials_create_ex_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pair, const grpc_ssl_verify_peer_options* verify_options, void* reserved); -extern grpc_ssl_credentials_create_ex_type grpc_ssl_credentials_create_ex_import; -#define grpc_ssl_credentials_create_ex grpc_ssl_credentials_create_ex_import -typedef grpc_channel_credentials*(*grpc_composite_channel_credentials_create_type)(grpc_channel_credentials* channel_creds, grpc_call_credentials* call_creds, void* reserved); -extern grpc_composite_channel_credentials_create_type grpc_composite_channel_credentials_create_import; -#define grpc_composite_channel_credentials_create grpc_composite_channel_credentials_create_import -typedef grpc_call_credentials*(*grpc_composite_call_credentials_create_type)(grpc_call_credentials* creds1, grpc_call_credentials* creds2, void* reserved); -extern grpc_composite_call_credentials_create_type grpc_composite_call_credentials_create_import; -#define grpc_composite_call_credentials_create grpc_composite_call_credentials_create_import -typedef grpc_call_credentials*(*grpc_google_compute_engine_credentials_create_type)(void* reserved); -extern grpc_google_compute_engine_credentials_create_type grpc_google_compute_engine_credentials_create_import; -#define grpc_google_compute_engine_credentials_create grpc_google_compute_engine_credentials_create_import -typedef gpr_timespec(*grpc_max_auth_token_lifetime_type)(void); -extern grpc_max_auth_token_lifetime_type grpc_max_auth_token_lifetime_import; -#define grpc_max_auth_token_lifetime grpc_max_auth_token_lifetime_import -typedef grpc_call_credentials*(*grpc_service_account_jwt_access_credentials_create_type)(const char* json_key, gpr_timespec token_lifetime, void* reserved); -extern grpc_service_account_jwt_access_credentials_create_type grpc_service_account_jwt_access_credentials_create_import; -#define grpc_service_account_jwt_access_credentials_create grpc_service_account_jwt_access_credentials_create_import -typedef grpc_call_credentials*(*grpc_external_account_credentials_create_type)(const char* json_string, const char* scopes_string); -extern grpc_external_account_credentials_create_type grpc_external_account_credentials_create_import; -#define grpc_external_account_credentials_create grpc_external_account_credentials_create_import -typedef grpc_call_credentials*(*grpc_google_refresh_token_credentials_create_type)(const char* json_refresh_token, void* reserved); -extern grpc_google_refresh_token_credentials_create_type grpc_google_refresh_token_credentials_create_import; -#define grpc_google_refresh_token_credentials_create grpc_google_refresh_token_credentials_create_import -typedef grpc_call_credentials*(*grpc_access_token_credentials_create_type)(const char* access_token, void* reserved); -extern grpc_access_token_credentials_create_type grpc_access_token_credentials_create_import; -#define grpc_access_token_credentials_create grpc_access_token_credentials_create_import -typedef grpc_call_credentials*(*grpc_google_iam_credentials_create_type)(const char* authorization_token, const char* authority_selector, void* reserved); -extern grpc_google_iam_credentials_create_type grpc_google_iam_credentials_create_import; -#define grpc_google_iam_credentials_create grpc_google_iam_credentials_create_import -typedef grpc_call_credentials*(*grpc_sts_credentials_create_type)(const grpc_sts_credentials_options* options, void* reserved); -extern grpc_sts_credentials_create_type grpc_sts_credentials_create_import; -#define grpc_sts_credentials_create grpc_sts_credentials_create_import -typedef void(*grpc_auth_metadata_context_copy_type)(grpc_auth_metadata_context* from, grpc_auth_metadata_context* to); -extern grpc_auth_metadata_context_copy_type grpc_auth_metadata_context_copy_import; -#define grpc_auth_metadata_context_copy grpc_auth_metadata_context_copy_import -typedef void(*grpc_auth_metadata_context_reset_type)(grpc_auth_metadata_context* context); -extern grpc_auth_metadata_context_reset_type grpc_auth_metadata_context_reset_import; -#define grpc_auth_metadata_context_reset grpc_auth_metadata_context_reset_import -typedef grpc_call_credentials*(*grpc_metadata_credentials_create_from_plugin_type)(grpc_metadata_credentials_plugin plugin, grpc_security_level min_security_level, void* reserved); -extern grpc_metadata_credentials_create_from_plugin_type grpc_metadata_credentials_create_from_plugin_import; -#define grpc_metadata_credentials_create_from_plugin grpc_metadata_credentials_create_from_plugin_import -typedef grpc_ssl_server_certificate_config*(*grpc_ssl_server_certificate_config_create_type)(const char* pem_root_certs, const grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs); -extern grpc_ssl_server_certificate_config_create_type grpc_ssl_server_certificate_config_create_import; -#define grpc_ssl_server_certificate_config_create grpc_ssl_server_certificate_config_create_import -typedef void(*grpc_ssl_server_certificate_config_destroy_type)(grpc_ssl_server_certificate_config* config); -extern grpc_ssl_server_certificate_config_destroy_type grpc_ssl_server_certificate_config_destroy_import; -#define grpc_ssl_server_certificate_config_destroy grpc_ssl_server_certificate_config_destroy_import -typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs, int force_client_auth, void* reserved); -extern grpc_ssl_server_credentials_create_type grpc_ssl_server_credentials_create_import; -#define grpc_ssl_server_credentials_create grpc_ssl_server_credentials_create_import -typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_ex_type)(const char* pem_root_certs, grpc_ssl_pem_key_cert_pair* pem_key_cert_pairs, size_t num_key_cert_pairs, grpc_ssl_client_certificate_request_type client_certificate_request, void* reserved); -extern grpc_ssl_server_credentials_create_ex_type grpc_ssl_server_credentials_create_ex_import; -#define grpc_ssl_server_credentials_create_ex grpc_ssl_server_credentials_create_ex_import -typedef grpc_ssl_server_credentials_options*(*grpc_ssl_server_credentials_create_options_using_config_type)(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config* certificate_config); -extern grpc_ssl_server_credentials_create_options_using_config_type grpc_ssl_server_credentials_create_options_using_config_import; -#define grpc_ssl_server_credentials_create_options_using_config grpc_ssl_server_credentials_create_options_using_config_import -typedef grpc_ssl_server_credentials_options*(*grpc_ssl_server_credentials_create_options_using_config_fetcher_type)(grpc_ssl_client_certificate_request_type client_certificate_request, grpc_ssl_server_certificate_config_callback cb, void* user_data); -extern grpc_ssl_server_credentials_create_options_using_config_fetcher_type grpc_ssl_server_credentials_create_options_using_config_fetcher_import; -#define grpc_ssl_server_credentials_create_options_using_config_fetcher grpc_ssl_server_credentials_create_options_using_config_fetcher_import -typedef void(*grpc_ssl_server_credentials_options_destroy_type)(grpc_ssl_server_credentials_options* options); -extern grpc_ssl_server_credentials_options_destroy_type grpc_ssl_server_credentials_options_destroy_import; -#define grpc_ssl_server_credentials_options_destroy grpc_ssl_server_credentials_options_destroy_import -typedef grpc_server_credentials*(*grpc_ssl_server_credentials_create_with_options_type)(grpc_ssl_server_credentials_options* options); -extern grpc_ssl_server_credentials_create_with_options_type grpc_ssl_server_credentials_create_with_options_import; -#define grpc_ssl_server_credentials_create_with_options grpc_ssl_server_credentials_create_with_options_import -typedef grpc_call_error(*grpc_call_set_credentials_type)(grpc_call* call, grpc_call_credentials* creds); -extern grpc_call_set_credentials_type grpc_call_set_credentials_import; -#define grpc_call_set_credentials grpc_call_set_credentials_import -typedef void(*grpc_server_credentials_set_auth_metadata_processor_type)(grpc_server_credentials* creds, grpc_auth_metadata_processor processor); -extern grpc_server_credentials_set_auth_metadata_processor_type grpc_server_credentials_set_auth_metadata_processor_import; -#define grpc_server_credentials_set_auth_metadata_processor grpc_server_credentials_set_auth_metadata_processor_import -typedef grpc_alts_credentials_options*(*grpc_alts_credentials_client_options_create_type)(void); -extern grpc_alts_credentials_client_options_create_type grpc_alts_credentials_client_options_create_import; -#define grpc_alts_credentials_client_options_create grpc_alts_credentials_client_options_create_import -typedef grpc_alts_credentials_options*(*grpc_alts_credentials_server_options_create_type)(void); -extern grpc_alts_credentials_server_options_create_type grpc_alts_credentials_server_options_create_import; -#define grpc_alts_credentials_server_options_create grpc_alts_credentials_server_options_create_import -typedef void(*grpc_alts_credentials_client_options_add_target_service_account_type)(grpc_alts_credentials_options* options, const char* service_account); -extern grpc_alts_credentials_client_options_add_target_service_account_type grpc_alts_credentials_client_options_add_target_service_account_import; -#define grpc_alts_credentials_client_options_add_target_service_account grpc_alts_credentials_client_options_add_target_service_account_import -typedef void(*grpc_alts_credentials_options_destroy_type)(grpc_alts_credentials_options* options); -extern grpc_alts_credentials_options_destroy_type grpc_alts_credentials_options_destroy_import; -#define grpc_alts_credentials_options_destroy grpc_alts_credentials_options_destroy_import -typedef grpc_channel_credentials*(*grpc_alts_credentials_create_type)(const grpc_alts_credentials_options* options); -extern grpc_alts_credentials_create_type grpc_alts_credentials_create_import; -#define grpc_alts_credentials_create grpc_alts_credentials_create_import -typedef grpc_server_credentials*(*grpc_alts_server_credentials_create_type)(const grpc_alts_credentials_options* options); -extern grpc_alts_server_credentials_create_type grpc_alts_server_credentials_create_import; -#define grpc_alts_server_credentials_create grpc_alts_server_credentials_create_import -typedef grpc_channel_credentials*(*grpc_local_credentials_create_type)(grpc_local_connect_type type); -extern grpc_local_credentials_create_type grpc_local_credentials_create_import; -#define grpc_local_credentials_create grpc_local_credentials_create_import -typedef grpc_server_credentials*(*grpc_local_server_credentials_create_type)(grpc_local_connect_type type); -extern grpc_local_server_credentials_create_type grpc_local_server_credentials_create_import; -#define grpc_local_server_credentials_create grpc_local_server_credentials_create_import -typedef grpc_tls_identity_pairs*(*grpc_tls_identity_pairs_create_type)(); -extern grpc_tls_identity_pairs_create_type grpc_tls_identity_pairs_create_import; -#define grpc_tls_identity_pairs_create grpc_tls_identity_pairs_create_import -typedef void(*grpc_tls_identity_pairs_add_pair_type)(grpc_tls_identity_pairs* pairs, const char* private_key, const char* cert_chain); -extern grpc_tls_identity_pairs_add_pair_type grpc_tls_identity_pairs_add_pair_import; -#define grpc_tls_identity_pairs_add_pair grpc_tls_identity_pairs_add_pair_import -typedef void(*grpc_tls_identity_pairs_destroy_type)(grpc_tls_identity_pairs* pairs); -extern grpc_tls_identity_pairs_destroy_type grpc_tls_identity_pairs_destroy_import; -#define grpc_tls_identity_pairs_destroy grpc_tls_identity_pairs_destroy_import -typedef grpc_tls_certificate_provider*(*grpc_tls_certificate_provider_static_data_create_type)(const char* root_certificate, grpc_tls_identity_pairs* pem_key_cert_pairs); -extern grpc_tls_certificate_provider_static_data_create_type grpc_tls_certificate_provider_static_data_create_import; -#define grpc_tls_certificate_provider_static_data_create grpc_tls_certificate_provider_static_data_create_import -typedef grpc_tls_certificate_provider*(*grpc_tls_certificate_provider_file_watcher_create_type)(const char* private_key_path, const char* identity_certificate_path, const char* root_cert_path, unsigned int refresh_interval_sec); -extern grpc_tls_certificate_provider_file_watcher_create_type grpc_tls_certificate_provider_file_watcher_create_import; -#define grpc_tls_certificate_provider_file_watcher_create grpc_tls_certificate_provider_file_watcher_create_import -typedef void(*grpc_tls_certificate_provider_release_type)(grpc_tls_certificate_provider* provider); -extern grpc_tls_certificate_provider_release_type grpc_tls_certificate_provider_release_import; -#define grpc_tls_certificate_provider_release grpc_tls_certificate_provider_release_import -typedef grpc_tls_credentials_options*(*grpc_tls_credentials_options_create_type)(void); -extern grpc_tls_credentials_options_create_type grpc_tls_credentials_options_create_import; -#define grpc_tls_credentials_options_create grpc_tls_credentials_options_create_import -typedef void(*grpc_tls_credentials_options_set_min_tls_version_type)(grpc_tls_credentials_options* options, grpc_tls_version min_tls_version); -extern grpc_tls_credentials_options_set_min_tls_version_type grpc_tls_credentials_options_set_min_tls_version_import; -#define grpc_tls_credentials_options_set_min_tls_version grpc_tls_credentials_options_set_min_tls_version_import -typedef void(*grpc_tls_credentials_options_set_max_tls_version_type)(grpc_tls_credentials_options* options, grpc_tls_version max_tls_version); -extern grpc_tls_credentials_options_set_max_tls_version_type grpc_tls_credentials_options_set_max_tls_version_import; -#define grpc_tls_credentials_options_set_max_tls_version grpc_tls_credentials_options_set_max_tls_version_import -typedef grpc_tls_credentials_options*(*grpc_tls_credentials_options_copy_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_copy_type grpc_tls_credentials_options_copy_import; -#define grpc_tls_credentials_options_copy grpc_tls_credentials_options_copy_import -typedef void(*grpc_tls_credentials_options_destroy_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_destroy_type grpc_tls_credentials_options_destroy_import; -#define grpc_tls_credentials_options_destroy grpc_tls_credentials_options_destroy_import -typedef void(*grpc_tls_credentials_options_set_certificate_provider_type)(grpc_tls_credentials_options* options, grpc_tls_certificate_provider* provider); -extern grpc_tls_credentials_options_set_certificate_provider_type grpc_tls_credentials_options_set_certificate_provider_import; -#define grpc_tls_credentials_options_set_certificate_provider grpc_tls_credentials_options_set_certificate_provider_import -typedef void(*grpc_tls_credentials_options_watch_root_certs_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_watch_root_certs_type grpc_tls_credentials_options_watch_root_certs_import; -#define grpc_tls_credentials_options_watch_root_certs grpc_tls_credentials_options_watch_root_certs_import -typedef void(*grpc_tls_credentials_options_set_root_cert_name_type)(grpc_tls_credentials_options* options, const char* root_cert_name); -extern grpc_tls_credentials_options_set_root_cert_name_type grpc_tls_credentials_options_set_root_cert_name_import; -#define grpc_tls_credentials_options_set_root_cert_name grpc_tls_credentials_options_set_root_cert_name_import -typedef void(*grpc_tls_credentials_options_watch_identity_key_cert_pairs_type)(grpc_tls_credentials_options* options); -extern grpc_tls_credentials_options_watch_identity_key_cert_pairs_type grpc_tls_credentials_options_watch_identity_key_cert_pairs_import; -#define grpc_tls_credentials_options_watch_identity_key_cert_pairs grpc_tls_credentials_options_watch_identity_key_cert_pairs_import -typedef void(*grpc_tls_credentials_options_set_identity_cert_name_type)(grpc_tls_credentials_options* options, const char* identity_cert_name); -extern grpc_tls_credentials_options_set_identity_cert_name_type grpc_tls_credentials_options_set_identity_cert_name_import; -#define grpc_tls_credentials_options_set_identity_cert_name grpc_tls_credentials_options_set_identity_cert_name_import -typedef void(*grpc_tls_credentials_options_set_cert_request_type_type)(grpc_tls_credentials_options* options, grpc_ssl_client_certificate_request_type type); -extern grpc_tls_credentials_options_set_cert_request_type_type grpc_tls_credentials_options_set_cert_request_type_import; -#define grpc_tls_credentials_options_set_cert_request_type grpc_tls_credentials_options_set_cert_request_type_import -typedef void(*grpc_tls_credentials_options_set_crl_directory_type)(grpc_tls_credentials_options* options, const char* crl_directory); -extern grpc_tls_credentials_options_set_crl_directory_type grpc_tls_credentials_options_set_crl_directory_import; -#define grpc_tls_credentials_options_set_crl_directory grpc_tls_credentials_options_set_crl_directory_import -typedef void(*grpc_tls_credentials_options_set_verify_server_cert_type)(grpc_tls_credentials_options* options, int verify_server_cert); -extern grpc_tls_credentials_options_set_verify_server_cert_type grpc_tls_credentials_options_set_verify_server_cert_import; -#define grpc_tls_credentials_options_set_verify_server_cert grpc_tls_credentials_options_set_verify_server_cert_import -typedef void(*grpc_tls_credentials_options_set_send_client_ca_list_type)(grpc_tls_credentials_options* options, bool send_client_ca_list); -extern grpc_tls_credentials_options_set_send_client_ca_list_type grpc_tls_credentials_options_set_send_client_ca_list_import; -#define grpc_tls_credentials_options_set_send_client_ca_list grpc_tls_credentials_options_set_send_client_ca_list_import -typedef void(*grpc_tls_credentials_options_set_check_call_host_type)(grpc_tls_credentials_options* options, int check_call_host); -extern grpc_tls_credentials_options_set_check_call_host_type grpc_tls_credentials_options_set_check_call_host_import; -#define grpc_tls_credentials_options_set_check_call_host grpc_tls_credentials_options_set_check_call_host_import -typedef grpc_channel_credentials*(*grpc_insecure_credentials_create_type)(); -extern grpc_insecure_credentials_create_type grpc_insecure_credentials_create_import; -#define grpc_insecure_credentials_create grpc_insecure_credentials_create_import -typedef grpc_server_credentials*(*grpc_insecure_server_credentials_create_type)(); -extern grpc_insecure_server_credentials_create_type grpc_insecure_server_credentials_create_import; -#define grpc_insecure_server_credentials_create grpc_insecure_server_credentials_create_import -typedef grpc_channel_credentials*(*grpc_xds_credentials_create_type)(grpc_channel_credentials* fallback_credentials); -extern grpc_xds_credentials_create_type grpc_xds_credentials_create_import; -#define grpc_xds_credentials_create grpc_xds_credentials_create_import -typedef grpc_server_credentials*(*grpc_xds_server_credentials_create_type)(grpc_server_credentials* fallback_credentials); -extern grpc_xds_server_credentials_create_type grpc_xds_server_credentials_create_import; -#define grpc_xds_server_credentials_create grpc_xds_server_credentials_create_import typedef grpc_authorization_policy_provider*(*grpc_authorization_policy_provider_static_data_create_type)(const char* authz_policy, grpc_status_code* code, const char** error_details); extern grpc_authorization_policy_provider_static_data_create_type grpc_authorization_policy_provider_static_data_create_import; #define grpc_authorization_policy_provider_static_data_create grpc_authorization_policy_provider_static_data_create_import @@ -575,9 +579,6 @@ extern grpc_authorization_policy_provider_file_watcher_create_type grpc_authoriz typedef void(*grpc_authorization_policy_provider_release_type)(grpc_authorization_policy_provider* provider); extern grpc_authorization_policy_provider_release_type grpc_authorization_policy_provider_release_import; #define grpc_authorization_policy_provider_release grpc_authorization_policy_provider_release_import -typedef void(*grpc_tls_credentials_options_set_tls_session_key_log_file_path_type)(grpc_tls_credentials_options* options, const char* path); -extern grpc_tls_credentials_options_set_tls_session_key_log_file_path_type grpc_tls_credentials_options_set_tls_session_key_log_file_path_import; -#define grpc_tls_credentials_options_set_tls_session_key_log_file_path grpc_tls_credentials_options_set_tls_session_key_log_file_path_import typedef grpc_slice(*grpc_slice_ref_type)(grpc_slice s); extern grpc_slice_ref_type grpc_slice_ref_import; #define grpc_slice_ref grpc_slice_ref_import diff --git a/src/ruby/ext/grpc/rb_server.c b/src/ruby/ext/grpc/rb_server.c index 387dcff2d27..51ba4a91eb2 100644 --- a/src/ruby/ext/grpc/rb_server.c +++ b/src/ruby/ext/grpc/rb_server.c @@ -29,6 +29,7 @@ #include "rb_server_credentials.h" #include "rb_xds_server_credentials.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_server_credentials.c b/src/ruby/ext/grpc/rb_server_credentials.c index 42c259015cd..73c754d5352 100644 --- a/src/ruby/ext/grpc/rb_server_credentials.c +++ b/src/ruby/ext/grpc/rb_server_credentials.c @@ -23,6 +23,7 @@ #include "rb_grpc.h" #include "rb_grpc_imports.generated.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_server_credentials.h b/src/ruby/ext/grpc/rb_server_credentials.h index bb14b575c05..64b22715d99 100644 --- a/src/ruby/ext/grpc/rb_server_credentials.h +++ b/src/ruby/ext/grpc/rb_server_credentials.h @@ -23,6 +23,7 @@ #include +#include #include /* Initializes the ruby ServerCredentials class. */ diff --git a/src/ruby/ext/grpc/rb_xds_channel_credentials.c b/src/ruby/ext/grpc/rb_xds_channel_credentials.c index db3d6dbdac4..56b08d99287 100644 --- a/src/ruby/ext/grpc/rb_xds_channel_credentials.c +++ b/src/ruby/ext/grpc/rb_xds_channel_credentials.c @@ -27,6 +27,7 @@ #include "rb_grpc.h" #include "rb_grpc_imports.generated.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_xds_server_credentials.c b/src/ruby/ext/grpc/rb_xds_server_credentials.c index 3d4ec5afe53..8186d0eb49e 100644 --- a/src/ruby/ext/grpc/rb_xds_server_credentials.c +++ b/src/ruby/ext/grpc/rb_xds_server_credentials.c @@ -24,6 +24,7 @@ #include "rb_grpc_imports.generated.h" #include "rb_server_credentials.h" +#include #include #include #include diff --git a/src/ruby/ext/grpc/rb_xds_server_credentials.h b/src/ruby/ext/grpc/rb_xds_server_credentials.h index eff00c7dcf5..3ec1ced8e4b 100644 --- a/src/ruby/ext/grpc/rb_xds_server_credentials.h +++ b/src/ruby/ext/grpc/rb_xds_server_credentials.h @@ -23,6 +23,7 @@ #include +#include #include /* Initializes the ruby XdsServerCredentials class. */ diff --git a/test/core/bad_ssl/bad_ssl_test.cc b/test/core/bad_ssl/bad_ssl_test.cc index 5faa7b7bc5a..40b1d87c66b 100644 --- a/test/core/bad_ssl/bad_ssl_test.cc +++ b/test/core/bad_ssl/bad_ssl_test.cc @@ -21,6 +21,7 @@ #include +#include #include #include #include diff --git a/test/core/bad_ssl/servers/alpn.cc b/test/core/bad_ssl/servers/alpn.cc index 14693494cee..049e87f9700 100644 --- a/test/core/bad_ssl/servers/alpn.cc +++ b/test/core/bad_ssl/servers/alpn.cc @@ -20,6 +20,7 @@ #include +#include #include #include #include diff --git a/test/core/bad_ssl/servers/cert.cc b/test/core/bad_ssl/servers/cert.cc index 954c28fca7f..4c6b26a025c 100644 --- a/test/core/bad_ssl/servers/cert.cc +++ b/test/core/bad_ssl/servers/cert.cc @@ -16,6 +16,7 @@ // // +#include #include #include #include diff --git a/test/core/channel/channel_args_test.cc b/test/core/channel/channel_args_test.cc index fd035ccc12d..9e722c67f84 100644 --- a/test/core/channel/channel_args_test.cc +++ b/test/core/channel/channel_args_test.cc @@ -22,6 +22,7 @@ #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/channel/channel_trace_test.cc b/test/core/channel/channel_trace_test.cc index 1a346f3da6c..2396c4a3945 100644 --- a/test/core/channel/channel_trace_test.cc +++ b/test/core/channel/channel_trace_test.cc @@ -24,6 +24,7 @@ #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/channel/channelz_test.cc b/test/core/channel/channelz_test.cc index 3b57b4a6ef7..973af3690eb 100644 --- a/test/core/channel/channelz_test.cc +++ b/test/core/channel/channelz_test.cc @@ -30,6 +30,7 @@ #include "absl/status/statusor.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/end2end/bad_server_response_test.cc b/test/core/end2end/bad_server_response_test.cc index ea613b36fbd..b898c0aa23d 100644 --- a/test/core/end2end/bad_server_response_test.cc +++ b/test/core/end2end/bad_server_response_test.cc @@ -24,6 +24,7 @@ #include #include +#include #include #include #include diff --git a/test/core/end2end/connection_refused_test.cc b/test/core/end2end/connection_refused_test.cc index a670f4ece5d..b3deb41f14f 100644 --- a/test/core/end2end/connection_refused_test.cc +++ b/test/core/end2end/connection_refused_test.cc @@ -20,6 +20,7 @@ #include +#include #include #include #include diff --git a/test/core/end2end/dualstack_socket_test.cc b/test/core/end2end/dualstack_socket_test.cc index db0d1d710a6..4c4c782e3b2 100644 --- a/test/core/end2end/dualstack_socket_test.cc +++ b/test/core/end2end/dualstack_socket_test.cc @@ -42,6 +42,7 @@ #include "absl/strings/str_split.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/test/core/end2end/end2end_test_suites.cc b/test/core/end2end/end2end_test_suites.cc index 625d1a8190a..f1f86668b20 100644 --- a/test/core/end2end/end2end_test_suites.cc +++ b/test/core/end2end/end2end_test_suites.cc @@ -34,6 +34,7 @@ #include "gtest/gtest.h" #include +#include #include #include #include diff --git a/test/core/end2end/end2end_tests.h b/test/core/end2end/end2end_tests.h index 410f3366014..f033f608061 100644 --- a/test/core/end2end/end2end_tests.h +++ b/test/core/end2end/end2end_tests.h @@ -42,6 +42,7 @@ #include #include +#include #include #include #include diff --git a/test/core/end2end/fixtures/h2_oauth2_common.h b/test/core/end2end/fixtures/h2_oauth2_common.h index 57ae5a7d60d..e66f341059a 100644 --- a/test/core/end2end/fixtures/h2_oauth2_common.h +++ b/test/core/end2end/fixtures/h2_oauth2_common.h @@ -17,6 +17,7 @@ #include +#include #include #include #include diff --git a/test/core/end2end/fixtures/h2_ssl_cred_reload_fixture.h b/test/core/end2end/fixtures/h2_ssl_cred_reload_fixture.h index fe6bc5d43dd..5b49fcb39e5 100644 --- a/test/core/end2end/fixtures/h2_ssl_cred_reload_fixture.h +++ b/test/core/end2end/fixtures/h2_ssl_cred_reload_fixture.h @@ -17,6 +17,7 @@ #include +#include #include #include #include diff --git a/test/core/end2end/fixtures/h2_ssl_tls_common.h b/test/core/end2end/fixtures/h2_ssl_tls_common.h index 1a2d8da331d..e026ccbd381 100644 --- a/test/core/end2end/fixtures/h2_ssl_tls_common.h +++ b/test/core/end2end/fixtures/h2_ssl_tls_common.h @@ -17,6 +17,7 @@ #include +#include #include #include #include diff --git a/test/core/end2end/fixtures/h2_tls_common.h b/test/core/end2end/fixtures/h2_tls_common.h index 5fd2972fd0f..0abc56e6d06 100644 --- a/test/core/end2end/fixtures/h2_tls_common.h +++ b/test/core/end2end/fixtures/h2_tls_common.h @@ -26,6 +26,7 @@ #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/test/core/end2end/fixtures/local_util.cc b/test/core/end2end/fixtures/local_util.cc index 7cb814de9e2..2c4059b1973 100644 --- a/test/core/end2end/fixtures/local_util.cc +++ b/test/core/end2end/fixtures/local_util.cc @@ -22,6 +22,7 @@ #include +#include #include #include #include diff --git a/test/core/end2end/fixtures/secure_fixture.h b/test/core/end2end/fixtures/secure_fixture.h index d047e712d21..8a64b49fc75 100644 --- a/test/core/end2end/fixtures/secure_fixture.h +++ b/test/core/end2end/fixtures/secure_fixture.h @@ -20,6 +20,7 @@ #include "absl/functional/any_invocable.h" +#include #include #include #include diff --git a/test/core/end2end/fuzzers/api_fuzzer.cc b/test/core/end2end/fuzzers/api_fuzzer.cc index ab506cc54fc..213c13b427a 100644 --- a/test/core/end2end/fuzzers/api_fuzzer.cc +++ b/test/core/end2end/fuzzers/api_fuzzer.cc @@ -36,6 +36,7 @@ #include "absl/time/time.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/test/core/end2end/fuzzers/server_fuzzer_chttp2.cc b/test/core/end2end/fuzzers/server_fuzzer_chttp2.cc index b01b357825e..f95e2c69e2b 100644 --- a/test/core/end2end/fuzzers/server_fuzzer_chttp2.cc +++ b/test/core/end2end/fuzzers/server_fuzzer_chttp2.cc @@ -12,6 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include #include #include "src/libfuzzer/libfuzzer_macro.h" diff --git a/test/core/end2end/goaway_server_test.cc b/test/core/end2end/goaway_server_test.cc index 0359b71db11..c8e958edc30 100644 --- a/test/core/end2end/goaway_server_test.cc +++ b/test/core/end2end/goaway_server_test.cc @@ -31,6 +31,7 @@ #include "absl/strings/str_cat.h" #include "absl/strings/string_view.h" +#include #include #include #include diff --git a/test/core/end2end/h2_ssl_cert_test.cc b/test/core/end2end/h2_ssl_cert_test.cc index 584bceb7ef6..d1d94e5ac3a 100644 --- a/test/core/end2end/h2_ssl_cert_test.cc +++ b/test/core/end2end/h2_ssl_cert_test.cc @@ -27,6 +27,7 @@ #include "absl/types/optional.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/end2end/h2_ssl_session_reuse_test.cc b/test/core/end2end/h2_ssl_session_reuse_test.cc index 875b9f79e53..55243de78ed 100644 --- a/test/core/end2end/h2_ssl_session_reuse_test.cc +++ b/test/core/end2end/h2_ssl_session_reuse_test.cc @@ -24,6 +24,7 @@ #include "absl/types/optional.h" +#include #include #include #include diff --git a/test/core/end2end/h2_tls_peer_property_external_verifier_test.cc b/test/core/end2end/h2_tls_peer_property_external_verifier_test.cc index 8cc76b5bfe1..958ae061e67 100644 --- a/test/core/end2end/h2_tls_peer_property_external_verifier_test.cc +++ b/test/core/end2end/h2_tls_peer_property_external_verifier_test.cc @@ -24,6 +24,7 @@ #include "absl/types/optional.h" +#include #include #include #include diff --git a/test/core/end2end/invalid_call_argument_test.cc b/test/core/end2end/invalid_call_argument_test.cc index 7f5d2345aa7..deeefe165a0 100644 --- a/test/core/end2end/invalid_call_argument_test.cc +++ b/test/core/end2end/invalid_call_argument_test.cc @@ -24,6 +24,7 @@ #include #include +#include #include #include #include diff --git a/test/core/end2end/multiple_server_queues_test.cc b/test/core/end2end/multiple_server_queues_test.cc index daa8bb3c5fe..025f9f939af 100644 --- a/test/core/end2end/multiple_server_queues_test.cc +++ b/test/core/end2end/multiple_server_queues_test.cc @@ -16,6 +16,7 @@ // // +#include #include #include #include diff --git a/test/core/end2end/no_server_test.cc b/test/core/end2end/no_server_test.cc index 0a785d921ff..c6357f911cd 100644 --- a/test/core/end2end/no_server_test.cc +++ b/test/core/end2end/no_server_test.cc @@ -24,6 +24,7 @@ #include "absl/status/statusor.h" #include "absl/time/time.h" +#include #include #include #include diff --git a/test/core/end2end/tests/call_creds.cc b/test/core/end2end/tests/call_creds.cc index b90f681d0d2..ce6b949085f 100644 --- a/test/core/end2end/tests/call_creds.cc +++ b/test/core/end2end/tests/call_creds.cc @@ -21,6 +21,7 @@ #include "absl/types/optional.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/filters/client_auth_filter_test.cc b/test/core/filters/client_auth_filter_test.cc index 4596cdee59f..bc06504b25f 100644 --- a/test/core/filters/client_auth_filter_test.cc +++ b/test/core/filters/client_auth_filter_test.cc @@ -21,6 +21,7 @@ #include "gmock/gmock.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/handshake/client_ssl.cc b/test/core/handshake/client_ssl.cc index 5540d3084e1..ce5951abacb 100644 --- a/test/core/handshake/client_ssl.cc +++ b/test/core/handshake/client_ssl.cc @@ -51,6 +51,7 @@ #include "absl/strings/str_cat.h" +#include #include #include #include diff --git a/test/core/handshake/server_ssl_common.cc b/test/core/handshake/server_ssl_common.cc index 0f0c4b195b1..b4a0ad1e828 100644 --- a/test/core/handshake/server_ssl_common.cc +++ b/test/core/handshake/server_ssl_common.cc @@ -36,6 +36,7 @@ #include "absl/base/thread_annotations.h" #include "absl/strings/str_cat.h" +#include #include #include #include diff --git a/test/core/handshake/verify_peer_options.cc b/test/core/handshake/verify_peer_options.cc index c9f47d39de6..fae7ffbb5fe 100644 --- a/test/core/handshake/verify_peer_options.cc +++ b/test/core/handshake/verify_peer_options.cc @@ -34,6 +34,7 @@ #include "absl/strings/str_cat.h" +#include #include #include #include diff --git a/test/core/http/httpcli_test.cc b/test/core/http/httpcli_test.cc index 8ed555af61b..7a8f3bf92b3 100644 --- a/test/core/http/httpcli_test.cc +++ b/test/core/http/httpcli_test.cc @@ -34,6 +34,7 @@ #include "absl/time/clock.h" #include "absl/time/time.h" +#include #include #include #include diff --git a/test/core/memory_usage/client.cc b/test/core/memory_usage/client.cc index 3b20c7193ed..61185fe361e 100644 --- a/test/core/memory_usage/client.cc +++ b/test/core/memory_usage/client.cc @@ -31,6 +31,7 @@ #include #include +#include #include #include #include diff --git a/test/core/memory_usage/server.cc b/test/core/memory_usage/server.cc index 7426e8b6a91..a789240f5b3 100644 --- a/test/core/memory_usage/server.cc +++ b/test/core/memory_usage/server.cc @@ -36,6 +36,7 @@ #include "absl/status/status.h" #include +#include #include #include #include diff --git a/test/core/security/alts_credentials_fuzzer.cc b/test/core/security/alts_credentials_fuzzer.cc index a11d362511f..1d47a506061 100644 --- a/test/core/security/alts_credentials_fuzzer.cc +++ b/test/core/security/alts_credentials_fuzzer.cc @@ -18,6 +18,7 @@ #include +#include #include #include #include diff --git a/test/core/security/create_jwt.cc b/test/core/security/create_jwt.cc index c645a30c792..edee063aa16 100644 --- a/test/core/security/create_jwt.cc +++ b/test/core/security/create_jwt.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include diff --git a/test/core/security/credentials_test.cc b/test/core/security/credentials_test.cc index 5afafcf50a3..5ee501d431c 100644 --- a/test/core/security/credentials_test.cc +++ b/test/core/security/credentials_test.cc @@ -31,6 +31,7 @@ #include "absl/strings/str_format.h" #include "absl/strings/str_replace.h" +#include #include #include #include diff --git a/test/core/security/fetch_oauth2.cc b/test/core/security/fetch_oauth2.cc index 49cee158a09..c60c85bbf7f 100644 --- a/test/core/security/fetch_oauth2.cc +++ b/test/core/security/fetch_oauth2.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include diff --git a/test/core/security/grpc_tls_credentials_options_comparator_test.cc b/test/core/security/grpc_tls_credentials_options_comparator_test.cc index 6971f0c20e5..0f1e1e8c828 100644 --- a/test/core/security/grpc_tls_credentials_options_comparator_test.cc +++ b/test/core/security/grpc_tls_credentials_options_comparator_test.cc @@ -24,6 +24,8 @@ #include +#include + #include "src/core/lib/security/credentials/xds/xds_credentials.h" #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" #include "test/core/util/test_config.h" diff --git a/test/core/security/grpc_tls_credentials_options_test.cc b/test/core/security/grpc_tls_credentials_options_test.cc index 0b903ae0c05..f213e987c40 100644 --- a/test/core/security/grpc_tls_credentials_options_test.cc +++ b/test/core/security/grpc_tls_credentials_options_test.cc @@ -21,6 +21,7 @@ #include #include +#include #include #include #include diff --git a/test/core/security/json_token_test.cc b/test/core/security/json_token_test.cc index 5e89cf292aa..97cd240ee13 100644 --- a/test/core/security/json_token_test.cc +++ b/test/core/security/json_token_test.cc @@ -25,6 +25,7 @@ #include "absl/strings/escaping.h" +#include #include #include #include diff --git a/test/core/security/oauth2_utils.cc b/test/core/security/oauth2_utils.cc index 956783d2ff3..a23c7b4d5a1 100644 --- a/test/core/security/oauth2_utils.cc +++ b/test/core/security/oauth2_utils.cc @@ -20,6 +20,7 @@ #include +#include #include #include #include diff --git a/test/core/security/print_google_default_creds_token.cc b/test/core/security/print_google_default_creds_token.cc index a5ade93304c..66ea4a904c0 100644 --- a/test/core/security/print_google_default_creds_token.cc +++ b/test/core/security/print_google_default_creds_token.cc @@ -19,6 +19,7 @@ #include #include +#include #include #include #include diff --git a/test/core/security/security_connector_test.cc b/test/core/security/security_connector_test.cc index cb781d1fd7e..83df36a3968 100644 --- a/test/core/security/security_connector_test.cc +++ b/test/core/security/security_connector_test.cc @@ -23,6 +23,7 @@ #include +#include #include #include #include diff --git a/test/core/security/ssl_server_fuzzer.cc b/test/core/security/ssl_server_fuzzer.cc index 4a8b5e47742..e657550f376 100644 --- a/test/core/security/ssl_server_fuzzer.cc +++ b/test/core/security/ssl_server_fuzzer.cc @@ -16,6 +16,7 @@ // // +#include #include #include #include diff --git a/test/core/security/tls_security_connector_test.cc b/test/core/security/tls_security_connector_test.cc index f1bcc410653..264eb8103db 100644 --- a/test/core/security/tls_security_connector_test.cc +++ b/test/core/security/tls_security_connector_test.cc @@ -24,6 +24,7 @@ #include #include +#include #include #include #include diff --git a/test/core/surface/concurrent_connectivity_test.cc b/test/core/surface/concurrent_connectivity_test.cc index 2b1ee72dc94..3e73c423719 100644 --- a/test/core/surface/concurrent_connectivity_test.cc +++ b/test/core/surface/concurrent_connectivity_test.cc @@ -26,6 +26,7 @@ #include "absl/strings/str_cat.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/surface/num_external_connectivity_watchers_test.cc b/test/core/surface/num_external_connectivity_watchers_test.cc index 40ca9b67385..ec43da2fdad 100644 --- a/test/core/surface/num_external_connectivity_watchers_test.cc +++ b/test/core/surface/num_external_connectivity_watchers_test.cc @@ -22,6 +22,7 @@ #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/surface/sequential_connectivity_test.cc b/test/core/surface/sequential_connectivity_test.cc index 73a053e1196..17f93f194fa 100644 --- a/test/core/surface/sequential_connectivity_test.cc +++ b/test/core/surface/sequential_connectivity_test.cc @@ -24,6 +24,7 @@ #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/surface/server_chttp2_test.cc b/test/core/surface/server_chttp2_test.cc index 3c211a9dd81..3e04c59df8a 100644 --- a/test/core/surface/server_chttp2_test.cc +++ b/test/core/surface/server_chttp2_test.cc @@ -20,6 +20,7 @@ #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/surface/server_test.cc b/test/core/surface/server_test.cc index c3a927a9f8b..a111b836f0f 100644 --- a/test/core/surface/server_test.cc +++ b/test/core/surface/server_test.cc @@ -26,6 +26,7 @@ #include "absl/strings/str_cat.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc b/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc index 0852008863b..3cdb2d9940f 100644 --- a/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc +++ b/test/core/transport/chttp2/remove_stream_from_stalled_lists_test.cc @@ -31,6 +31,7 @@ #include "absl/types/optional.h" #include +#include #include #include #include diff --git a/test/core/transport/chttp2/settings_timeout_test.cc b/test/core/transport/chttp2/settings_timeout_test.cc index 61a45e0790e..7977929d083 100644 --- a/test/core/transport/chttp2/settings_timeout_test.cc +++ b/test/core/transport/chttp2/settings_timeout_test.cc @@ -30,6 +30,7 @@ #include "absl/strings/str_cat.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/transport/chttp2/stream_leak_with_queued_flow_control_update_test.cc b/test/core/transport/chttp2/stream_leak_with_queued_flow_control_update_test.cc index ef8aacabc36..423ed40e584 100644 --- a/test/core/transport/chttp2/stream_leak_with_queued_flow_control_update_test.cc +++ b/test/core/transport/chttp2/stream_leak_with_queued_flow_control_update_test.cc @@ -23,6 +23,7 @@ #include "gtest/gtest.h" #include +#include #include #include #include diff --git a/test/core/transport/chttp2/streams_not_seen_test.cc b/test/core/transport/chttp2/streams_not_seen_test.cc index 7105ec9b912..fe1626d48f4 100644 --- a/test/core/transport/chttp2/streams_not_seen_test.cc +++ b/test/core/transport/chttp2/streams_not_seen_test.cc @@ -38,6 +38,7 @@ #include "absl/types/optional.h" #include "gtest/gtest.h" +#include #include #include #include diff --git a/test/core/transport/chttp2/too_many_pings_test.cc b/test/core/transport/chttp2/too_many_pings_test.cc index cfb2ca8f1e6..474e2edb4b3 100644 --- a/test/core/transport/chttp2/too_many_pings_test.cc +++ b/test/core/transport/chttp2/too_many_pings_test.cc @@ -32,6 +32,7 @@ #include "gtest/gtest.h" #include +#include #include #include #include diff --git a/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc b/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc index e7c50708564..e703c2a1fa8 100644 --- a/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc +++ b/test/core/tsi/alts/handshaker/alts_concurrent_connectivity_test.cc @@ -34,6 +34,7 @@ #include "absl/memory/memory.h" #include "absl/strings/str_cat.h" +#include #include #include #include diff --git a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc index bbacdcfe45f..43502dbb8f2 100644 --- a/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc +++ b/test/core/tsi/alts/handshaker/alts_handshaker_client_test.cc @@ -22,6 +22,7 @@ #include "upb/mem/arena.hpp" +#include #include #include diff --git a/test/core/util/port_server_client.cc b/test/core/util/port_server_client.cc index 8dc073fc7e2..fd651bc29a7 100644 --- a/test/core/util/port_server_client.cc +++ b/test/core/util/port_server_client.cc @@ -30,6 +30,7 @@ #include "absl/status/statusor.h" #include "absl/strings/str_format.h" +#include #include #include #include diff --git a/test/cpp/end2end/grpclb_end2end_test.cc b/test/cpp/end2end/grpclb_end2end_test.cc index 408f45c794b..91be4134f12 100644 --- a/test/cpp/end2end/grpclb_end2end_test.cc +++ b/test/cpp/end2end/grpclb_end2end_test.cc @@ -33,6 +33,7 @@ #include "absl/synchronization/notification.h" #include "absl/types/span.h" +#include #include #include #include diff --git a/test/cpp/end2end/rls_end2end_test.cc b/test/cpp/end2end/rls_end2end_test.cc index 942c183b890..6f52a802f8c 100644 --- a/test/cpp/end2end/rls_end2end_test.cc +++ b/test/cpp/end2end/rls_end2end_test.cc @@ -33,6 +33,7 @@ #include "absl/strings/str_join.h" #include "absl/types/optional.h" +#include #include #include #include diff --git a/test/cpp/end2end/ssl_credentials_test.cc b/test/cpp/end2end/ssl_credentials_test.cc index f8b73ae952e..092fe427aed 100644 --- a/test/cpp/end2end/ssl_credentials_test.cc +++ b/test/cpp/end2end/ssl_credentials_test.cc @@ -26,6 +26,7 @@ #include "absl/synchronization/notification.h" +#include #include #include #include diff --git a/test/cpp/interop/client_helper.cc b/test/cpp/interop/client_helper.cc index 523de360bd6..d9d10f1eeb9 100644 --- a/test/cpp/interop/client_helper.cc +++ b/test/cpp/interop/client_helper.cc @@ -28,6 +28,7 @@ #include "absl/strings/escaping.h" #include "absl/strings/match.h" +#include #include #include #include diff --git a/test/cpp/microbenchmarks/bm_channel.cc b/test/cpp/microbenchmarks/bm_channel.cc index c4b62a304c0..ff9baf59b70 100644 --- a/test/cpp/microbenchmarks/bm_channel.cc +++ b/test/cpp/microbenchmarks/bm_channel.cc @@ -20,6 +20,7 @@ #include +#include #include #include diff --git a/test/cpp/naming/cancel_ares_query_test.cc b/test/cpp/naming/cancel_ares_query_test.cc index c2009ae970a..9b6cacafd49 100644 --- a/test/cpp/naming/cancel_ares_query_test.cc +++ b/test/cpp/naming/cancel_ares_query_test.cc @@ -27,6 +27,7 @@ #include "absl/strings/str_format.h" #include +#include #include #include #include diff --git a/tools/codegen/core/gen_grpc_tls_credentials_options.py b/tools/codegen/core/gen_grpc_tls_credentials_options.py index 1c802bee886..b0a6d01ebbb 100755 --- a/tools/codegen/core/gen_grpc_tls_credentials_options.py +++ b/tools/codegen/core/gen_grpc_tls_credentials_options.py @@ -305,6 +305,7 @@ print( #include "absl/container/inlined_vector.h" +#include #include #include "src/core/lib/gprpp/ref_counted.h" @@ -469,6 +470,8 @@ print( #include +#include + #include "src/core/lib/security/credentials/xds/xds_credentials.h" #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" #include "test/core/util/test_config.h" diff --git a/tools/doxygen/Doxyfile.c++ b/tools/doxygen/Doxyfile.c++ index a6bb91ebf02..6e0f4316174 100644 --- a/tools/doxygen/Doxyfile.c++ +++ b/tools/doxygen/Doxyfile.c++ @@ -880,6 +880,7 @@ include/grpc/byte_buffer.h \ include/grpc/byte_buffer_reader.h \ include/grpc/census.h \ include/grpc/compression.h \ +include/grpc/credentials.h \ include/grpc/event_engine/endpoint_config.h \ include/grpc/event_engine/event_engine.h \ include/grpc/event_engine/extensible.h \ diff --git a/tools/doxygen/Doxyfile.c++.internal b/tools/doxygen/Doxyfile.c++.internal index 68ce1dc0369..45745a6b3c8 100644 --- a/tools/doxygen/Doxyfile.c++.internal +++ b/tools/doxygen/Doxyfile.c++.internal @@ -880,6 +880,7 @@ include/grpc/byte_buffer.h \ include/grpc/byte_buffer_reader.h \ include/grpc/census.h \ include/grpc/compression.h \ +include/grpc/credentials.h \ include/grpc/event_engine/endpoint_config.h \ include/grpc/event_engine/event_engine.h \ include/grpc/event_engine/extensible.h \ diff --git a/tools/doxygen/Doxyfile.core b/tools/doxygen/Doxyfile.core index f9261a2a94f..224d9f2d10b 100644 --- a/tools/doxygen/Doxyfile.core +++ b/tools/doxygen/Doxyfile.core @@ -813,6 +813,7 @@ include/grpc/byte_buffer.h \ include/grpc/byte_buffer_reader.h \ include/grpc/census.h \ include/grpc/compression.h \ +include/grpc/credentials.h \ include/grpc/event_engine/endpoint_config.h \ include/grpc/event_engine/event_engine.h \ include/grpc/event_engine/extensible.h \ diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal index 66d40b201af..73cb5cdb1c6 100644 --- a/tools/doxygen/Doxyfile.core.internal +++ b/tools/doxygen/Doxyfile.core.internal @@ -813,6 +813,7 @@ include/grpc/byte_buffer.h \ include/grpc/byte_buffer_reader.h \ include/grpc/census.h \ include/grpc/compression.h \ +include/grpc/credentials.h \ include/grpc/event_engine/endpoint_config.h \ include/grpc/event_engine/event_engine.h \ include/grpc/event_engine/extensible.h \